release/2.2.7_cvs

420 files changed, 0 insertions, 110734 deletions

diff --git a/crypto/README b/crypto/README
deleted file mode 100644
index 004485eadec0..000000000000
--- a/crypto/README
+++ /dev/null
@@ -1,9 +0,0 @@
-This directory is for the EXACT same use as src/contrib, execpt it
-holds crypto sources. As a consequence of USA law, this makes it export
-controlled, so it has to be kept separate.
-
-Please do not export the contents of this direcory and its
-subdirectories from the USA without the necessary permits.
-
-Mark Murray
-3 May, 1997
diff --git a/crypto/kerberosIV/COPYRIGHT b/crypto/kerberosIV/COPYRIGHT
deleted file mode 100644
index 1ec6394da320..000000000000
--- a/crypto/kerberosIV/COPYRIGHT
+++ /dev/null
@@ -1,166 +0,0 @@
-Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan 
-(Royal Institute of Technology, Stockholm, Sweden).
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions
-are met:
-
-1. Redistributions of source code must retain the above copyright
-   notice, this list of conditions and the following disclaimer.
-
-2. Redistributions in binary form must reproduce the above copyright
-   notice, this list of conditions and the following disclaimer in the
-   documentation and/or other materials provided with the distribution.
-
-3. All advertising materials mentioning features or use of this software
-   must display the following acknowledgement:
-     This product includes software developed by the Kungliga Tekniska
-     Högskolan and its contributors.
-
-4. Neither the name of the Institute nor the names of its contributors
-   may be used to endorse or promote products derived from this software
-   without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
-ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
-FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-SUCH DAMAGE.
-
-
-
-Copyright (C) 1995 Eric Young (eay@mincom.oz.au)
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions
-are met:
-
-1. Redistributions of source code must retain the copyright
-   notice, this list of conditions and the following disclaimer.
-
-2. Redistributions in binary form must reproduce the above copyright
-   notice, this list of conditions and the following disclaimer in the
-   documentation and/or other materials provided with the distribution.
-
-3. All advertising materials mentioning features or use of this software
-   must display the following acknowledgement:
-   This product includes software developed by Eric Young (eay@mincom.oz.au)
-
-THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-SUCH DAMAGE.
-
-
-
-Copyright (c) 1983, 1990 The Regents of the University of California.
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions
-are met:
-
-1. Redistributions of source code must retain the above copyright
-   notice, this list of conditions and the following disclaimer.
-
-2. Redistributions in binary form must reproduce the above copyright
-   notice, this list of conditions and the following disclaimer in the
-   documentation and/or other materials provided with the distribution.
-
-3. All advertising materials mentioning features or use of this software
-   must display the following acknowledgement:
-     This product includes software developed by the University of
-     California, Berkeley and its contributors.
-
-4. Neither the name of the University nor the names of its contributors
-   may be used to endorse or promote products derived from this software
-   without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
-ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
-FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-SUCH DAMAGE.
-
-
-
-Copyright (C) 1990 by the Massachusetts Institute of Technology
-
-Export of this software from the United States of America is assumed
-to require a specific license from the United States Government.
-It is the responsibility of any person or organization contemplating
-export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-
-
-Copyright 1987, 1989 by the Student Information Processing Board
-	of the Massachusetts Institute of Technology
-
-Permission to use, copy, modify, and distribute this software
-and its documentation for any purpose and without fee is
-hereby granted, provided that the above copyright notice
-appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation,
-and that the names of M.I.T. and the M.I.T. S.I.P.B. not be
-used in advertising or publicity pertaining to distribution
-of the software without specific, written prior permission.
-M.I.T. and the M.I.T. S.I.P.B. make no representations about
-the suitability of this software for any purpose.  It is
-provided "as is" without express or implied warranty.
-
-
-
-Copyright 1992 Simmule Turner and Rich Salz.  All rights reserved. 
-
-This software is not subject to any license of the American Telephone 
-and Telegraph Company or of the Regents of the University of California. 
-
-Permission is granted to anyone to use this software for any purpose on
-any computer system, and to alter it and redistribute it freely, subject
-to the following restrictions:
-
-1. The authors are not responsible for the consequences of use of this
-   software, no matter how awful, even if they arise from flaws in it.
-
-2. The origin of this software must not be misrepresented, either by
-   explicit claim or by omission.  Since few users ever read sources,
-   credits must appear in the documentation.
-
-3. Altered versions must be plainly marked as such, and must not be
-   misrepresented as being the original software.  Since few users
-   ever read sources, credits must appear in the documentation.
-
-4. This notice may not be removed or altered.
-
diff --git a/crypto/kerberosIV/ChangeLog b/crypto/kerberosIV/ChangeLog
deleted file mode 100644
index 146748835025..000000000000
--- a/crypto/kerberosIV/ChangeLog
+++ /dev/null
@@ -1,3761 +0,0 @@
-Tue Jun 3 1997
-
-	* Release 0.9.6
-
-	* appl/kx/rxtelnet.in, appl/kx/rxterm.in: new argument '-w
- 	term_emulator' for specifiying which terminal emulator to use.
-  	Based on a patch from <arve@nada.kth.se>.
-
-Mon Jun 2 1997
-
-	* appl/xnlock/Makefile.in, appl/kx/Makefile.in,
- 	lib/auth/Makefile.in: fix the Makefile to do the for loops the
- 	automake way.
-
-Sun Jun 1 1997
-
-	* appl/xnlock/Makefile.in, appl/kx/Makefile.in: do install
- 	correctly even if there are no programs to install
-
-	* configure.in: Check for `h_nerr'.
-
-	* lib/auth/pam/pam.c: Include <security/pam_appl.h> to make it
- 	compile on Solaris 2.6
-
-	lib/sl/sl.c, lib/krb/realm_parse.c, appl/ftp/ftpd/popen.c,
- 	appl/ftp/ftpd/ftpd.c, appl/bsd/login_fbtab.c,
- 	appl/bsd/login_access.c: Initialize the `lasts' to NULL before
- 	calling strtok_r the first time.  With our strtok_r it's not
- 	necessary, but the man-page on SGIs says it should be done.
-
-Fri May 30 1997
-
-	* lib/krb/mk_req.c (krb_mk_req, get_ad_tkt): Support for
- 	multi-realm ticket files by using the best matching TGT to define
- 	the realm of the ticket holder.
-
-
-	* appl/bsd/utmpx_login.c (utmpx_update): Set `ut_id' if we're
- 	using utmpx
-
-	* appl/telnet/telnetd/sys_term.c (start_login): Set `ut_id' if
- 	we're using utmpx
-
-Wed May 28 1997
-
-	* lib/roken/daemon.c: New file.
-
-	* include/protos.H: <sys/types.h> needed on solaris 2.4
-
-Mon May 26 1997
-
-	* appl/bsd/su.c (kerberos): If kerberos password is zero length
- 	immediately try next scheme.
-
-
-	* lib/kafs/afskrb.c (k_afsklog_uid): Token lifetime should be even
- 	if we don't know the proper ViceId.
-
-
-	* Release 0.9.5
-
-	* man/Makefile.in: Install preformatted manual pages with correct
- 	suffix on *BSD.
-
-Sun May 25 1997
-
-	* appl/kpopper/popper.h: Remove XTND, and XTND XMIT. Rename XTND
- 	XOVER to XOVER.
-
-
-	* appl/telnet/telnetd/sys_term.c: Only include <utmp.h> and
- 	<utmpx.h> once
-
-	* fix-export: Also create cat manpages.
-
-	* appl/ftp/ftpd/logwtmp.c: Check for `_PATH_WTMP'
-
-	* appl/telnet/telnetd/sys_term.c: Ditto.
-	Remove stupid macros.
-
-	* appl/ftp/ftp/cmds.c (setpeer): Check for `__unix'.  This is
- 	(apparently) a standard with many representations.
-
-	* appl/ftp/ftpd/ftpcmd.y (SYST): Ditto.
-
-	* appl/ftp/ftpd/ftpd.c (retrieve): file must exist to apply a
- 	command to it.
-
-	* appl/ftp/ftpd/ftpd.c (retrieve): Generalise list of commands and
- 	basename argument.
-
-	* appl/ftp/ftpd/popen.c (ftpd_popen): Try standard binary if the
- 	one in ~ftp fails.
-
-	* appl/telnet/telnetd/sys_term.c: Use `_getpty' if there's one
-
-	* appl/bsd/forkpty.c: Use `_getpty' if there's one
-
-	* configure.in: check for `_getpty'
-
-	* acconfig.h: correct test for IRIX
-
-	* lib/roken/snprintf.c: code for checking the correct functioning
- 	of *nprintf is now #ifdef PARANOIA
-
-	* appl/bsd/rlogind.c: fix logging in wtmp and parsing of winsize
-
-	* appl/bsd/rlogin.c: New option `-p'.
-
-	* lib/des/fcrypt.c: removed `inline' from `des_set_key'
-
-Thu May 22 1997
-
-	* lib/des/md5.c (MD5Final): Made signature compliant with FreeBSD.
-	
-	* lib/des/md5.h: Remove digest from MD5_CTX, it is now an argument
- 	to MD5Final instead.
-
-	* lib/des/fcrypt.c: Also support MD5 style crypt(2).
-
-Tue May 20 1997
-
-	* appl/telnet/telnetd/sys_term.c: utmp stuff now seems to be
- 	compatible with login
-
-	* appl/ftp/ftpd/logwtmp.c: Add support for logging to wtmpx
-
-
-	* (*/)*/Makefile.in:s (install): Avoid redundant multiple
- 	recursion in install targets.
-
-	* Made things compile with socks5-v1.0r1.
-
-
-	* appl/telnet/telnetd/sys_term.c: changed utmp-stuff not to use
- 	ut_id at all
-
-	* appl/bsd/utmpx_login.c: handle case where there's no wtmpx (such
- 	as HP-UX 10)
-
-	* appl/bsd/rlogind.c: Added support for utmpx
-
-Sun May 18 1997
-
-	* lib/roken: removed herror, strchr, and strrchr
-
- 	* lib/krb/dest_tkt.c(dest_tkt): Only use `lstat' iff HAVE_LSTAT
-
-	* lib/krb: snprintf, strdup, strtok_r, and strcasecmp always live
- 	in lib/roken and get linked here when needed.
-
-	* lib/roken: removed strchr, strrchr.
-
-	* appl/telnet/telnet/telnet.c: Always use our own `setupterm' for
- 	compatibility reasons.
-
-	* appl/telnet/telnetd/telnetd.c: Removed <curses.h> and <term.h>.
-  	They doesn't seem to be used and breaks on fujitsu.
-
-	* appl/kx/kx.c: try to give a better error message (than a core
- 	dump :-) when talking to an old kxd.
-
-	* appl/kx/kxd.c, appl/kip/kipd.c, appl/kauth/kauthd.c: corrected
-	fencepost error with KRB_SENDAUTH_VLEN.
-
-	* appl/ftp/common/buffer.c: new file.
-
-	* configure.in: cray hides their bitypes in <bind/bitypes.h>.
-  	Also check for this file.
-
-	* appl/telnet/telnet/telnet_locl.h: moved termios.h before
- 	curses.h.  This was needed to compile on cray, but will probably
- 	break on some other host.
-
-Thu May 15 1997
-
-	* server/kerberos.c: Implement changes to the tcp protocol, while
- 	being compatible with the old protocol.
-
-	* lib/krb/send_to_kdc.c: The old method to signal end of
- 	transmission by closing the sending side of the socket does not
- 	work well through some firewalls. This is now changed so that the
- 	client instead sends the length of the request as a four byte
- 	integer (in network byte order) before sending the data.
-
-Wed May 14 1997
-
-	* appl/telnet/telnetd/sys_term.c: HAVE_UTMPX -> HAVE_UTMPX_H.  Fix
- 	for OSF1.
-
-	* appl/bsd/utmp_login.c: UTMPX_DOES_UTMP_LOGGING -> HAVE_UTMPX_H
-
-	* appl/bsd/sysv_environ.c: Use k_concat rather than snprintf.
-
-Tue May 13 1997
-
-	* kuser/klist.c: updated usage string
-
-	* lib/otp/otp_print.c: make word table and reverse word table
- 	constant
-
-Sun May 11 1997
-
-	* */*: Added some __attribute__ ((format (printf))) and fixes
-	where needed.
-
-	* appl/ftp/common/sockbuf.c: start probing at 4Mb
-
-	* appl/ftp/ftpd/ftpd.c: use MAP_FAILED
-
-	* appl/ftp/ftp/ftp.c: Use MAP_FAILED.
-	(alloc_buffer): new function for allocating a buffer of size
- 	max(BUFSIZ, st.st_blksize) (Based on a patch from
- 	<haba@pdc.kth.se>)
-
-	* appl/ftpd/ftpdcmd.y: hack for reget.
-
-	* appl/kx/kxd.c: Give a error message to old-version kx.
-
-	* replaced vsprintf with vsnprintf.
-	
-	* lib/roken/vsyslog.c: not used. removed.
-	
-	* Changed <sys/bitypes.h> -> <ktypes.h>
-
-	* include/Makefile.in: Added ktypes.h
-
-	* include/sys/Makefile.in: removed bitypes.h
-
-Wed May 7 1997
-
-	* appl/ftp/ftp/ftp.c: Open files in binary mode.
-
-	* appl/ftp/ftpd/ftpd.c (checkaccess): Changed to make absent file
- 	mean `allow'. Added shell matching to names (if fnmatch is
- 	available).
-
-
-	* appl/ftp/ftpd/kauth.c (kauth): Use `DEFAULT_TKT_LIFE'
-
-	* appl/ftp/ftpd/ftpcmd.y, appl/ftp/ftpd/ftpd.c: always cast to
- 	(long) before printing out an `off_t'
-
-	* lib/kdb/print_princ.c (krb_print_principal),
-	  lib/kdb/krb_lib.c (kerb_put_principal),
-	  admin/kdb_edit.c (change_principal),
-	  admin/kdb_util.c (print_time) : gmtime should never return
- 	tm_year > 1900
-
-	* appl/ftp/ftpd/ftpcmd.y: Year 2000 fix
-
-	* appl/telnet/telnetd/telnetd.c: removed code that used `getent'
-
-	* lib/roken/getent.c: removed
-
-Mon May 5 1997
-
-	* appl/ftp/ftpd/ftpd.c: fix for mmap and restart_point
-
-	* kadmin/ksrvutil_get.c (ksrvutil_get): get correct default realm
-
-Sun May 4 1997
-
-	* configure.in (REAL_PICFLAGS): Use `-fPIC' instead of `-fpic',
- 	otherwise it's not possible to make libotp on hpux.
-
-	* configure.in: try sending picflags even when linking a shared
- 	library with $CC
-
-	* lib/roken/getent.c: remove getstr
-
-	* configure.in: removed unneeded REAL_-variables working shared
- 	libraries on *bsd*
-
-	* appl/kip/kip.h: Added <net/if_var.h>
-
-	* */Makefile.in: Use @LDSHARED@
-
-	* configure.in: Fix shared libraries on HP/UX.
-	check for curses.h
- 	check for `getstr' and `cgetstr' in curses
-
-	* appl/telnet/telnet: clean-up
-
-	* lib/kafs/afssys.c: ifdef-out the code that is not used to avoid
- 	referencing `syscall' on AIX.
-
-	* lib/krb/et_list.c: s/WEAK_PRAGMA/PRAGMA_WEAK/
-
-	* aclocal.m4 (AC_HAVE_PRAGMA_WEAK): redirect output
-
-	* lib/roken/snprintf.c: fix for the case of max_sz == 0
-
-	* doc/kth-krb.texi: Add @dircategory and @direntry to enable
- 	`install-info' to install this entry in `dir'.
-
-	* appl/telnet/telnetd/Makefile.in: Don't link with getstr
-
-
-	* lib/auth/sia/krb4_matrix.conf: Fix entries for ses_release and
- 	chk_user.
-
-Sat May 3 1997
-
-	* lib/auth/sia/sia.c: Some cleanup.
-
-Fri May 2 1997
-
-	* configure.in: only link the programs that need it with the
- 	db/dbm library
-
-
-	* lib/auth/sia/sia.c: Merge code for for normal and su
- 	authentication.
-
-
-	* Replaced sprintf with snprintf and asprintf all over the place.
-
-	* lib/roken/snprintf.c: Added asnprintf and vasnprintf
-
-	* lib/roken/snprintf.c: implemented asprintf, vasprintf
-
-	* lib/roken/snprintf.c: new file
-
-Thu May 1 1997
-
-	* lib/kafs/afskrb.c (k_afsklog_all_local_cells): Use `k_concat'
-
-Wed Apr 30 1997
-
-	* lib/krb/{get_host,get_krbrlm,getrealm,realm_parse}.c: Fix some
- 	potential buffer overruns.
-
-	* lib/krb/k_concat.c: Safely concatenate two strings.
-
-Sat Apr 26 1997
-
-	* appl/telnet/libtelnet/kerberos.c: removed stupid #if 0
-
-	* appl/bsd/rlogind.c (send_oob): different default for `last_oob'
- 	to avoid losing first OOB packet
-
-Fri Apr 25 1997
-
-	* appl/voodoo/AuthOption.cpp: provoke the telnetd in turning on
- 	encryption
-
-Wed Apr 23 1997
-
-	* lib/kafs/afskrb.c (realm_of_cell): don't overflow buffer with
- 	result from `gethostbyaddr'
-
-	* lib/krb/name2name.c (krb_name_to_name): new parameter
- 	`phost_size' to disable buffer overflowing.  Changed all callers.
-
-	* lib/krb/k_getsockinst.c: New parameter `inst_size' to disable
- 	buffer overflowing.  Changed all callers.
-
-	* appl/kpopper/Makefile.in: soriasis make stupidity
-
-	* appl/kx/Makefile.in: don't include encdata.c in SOURCES_COMMON,
- 	otherwise DEC make gets upset.
-
-Tue Apr 22 1997
-
-	* lib/krb/k_getsockinst.c: Use same name as in krb_get_phost.
-
-
-	* acconfig.h: hp-ux 10 also has `pututxline' that writes both to
- 	utmp and utmpx.
-
-Sun Apr 20 1997
-
-	* include/win32/config.h: adapted to win95/NT
-
-	* appl/voodoo: Merged in win32-telnet from <d93-jka@nada.kth.se>
-
-	* lib/krb/tkt_string.c: dummy `getuid' function.
-
-	* lib/krb/ticket_memory.c (tf_setup): implement
-
-	* lib/roken/roken.mak, roken.def: new files
-
-	* lib/des/des.def: Removed des_random_{seed,key}
-
-	* lib/krb/dllmain.c: Rewrote `msg'.
-	Better explanation when it fails to spawn `krbmanager'.
-
-	* lib/krb/tf_util.c: backwards `in_tkt' added.
-
-	* lib/krb/in_tkt.c: removed
-
-	* lib/kclient/KClient: Reformatted and fixed.
-
-Sat Apr 19 1997
-
-	* appl/ftp/ftpd/ftpd.c: Incorporate /etc/ftpusers changes from
- 	NetBSD.
-
-	* appl/ftp/ftpd/ftpd.c: Handle oob-stuff better.
-
-Fri Apr 18 1997
-
-	* appl/kpopper/pop_{dropinfo,send,updt}.c: Fix 'From ' line
- 	parsing bug.
-
-	* appl/kpopper/pop_dropinfo.c: Add support for xover.
-
-	* appl/kpopper/pop_xover.c: Add some kind of xover support.
-
-	* appl/kpopper/pop_debug.c: New tiny popper debugging program.
-
-Tue Apr 15 1997
-
-	* lib/krb/kdc_reply.c (kdc_reply_cred): fix sanity checks.
-
-	* appl/bsd/rshd.c: k_afsklog so that remote command gets a token.
-  	fix usage string.
-
-Sat Apr 12 1997
-
-	* appl/bsd/rcp.c (main): Rcp implements encrypted file transfer
- 	without using the kshell service.
-
-
-	* lib/krb/mk_safe.c: Emit new checksum.
-
-	* lib/krb/rd_safe.c: New code to handle both new and old
- 	checksums.
-
-	* lib/des/qud_cksm.c: Fix compatibility with mit deslib.
-
-Fri Apr 11 1997
-
-	* lib/sl/sl.c (sl_match): initialize `partial_cmd'
-
-Sun Apr 6 1997
-
-	* lib/kafs/kafs.h: Ugly addition of `_P'
-
-	* lib/kafs/afssys.c: <sys/socket.h> contains the definition of
- 	`_IOW' on cygwin32.
-
-	* appl/telnet/telnet/utilities.c: <sys/socket.h> needed by
- 	cygwin32
-
-	* doc/Makefile.in: always run $(MAKEINFO).
-	
-	* lib/otp/otp_md.c (sha_finito_little_endian): byte-swap
- 	correctly.
-
-	* include/sys/bitypes.H: Added #ifndef for types
-
-	* configure.in: test for types
-
-	* aclocal.m4: Stolen AC_GROK_TYPES? from heimdal
-
-
-	* appl/ftp/ftp/ftp.c: Fix passive mode.
-
-Sat Apr 5 1997
-
-	* appl/kauth/ksrvtgt.in: New ksrvtgt script.
-
-Fri Apr 4 1997
-
-	* lib/krb/kdc_reply.c: Add some range checking.
-
-
-	* lib/otp/otptest.c: Updated tests from `draft-ietf-otp-01.txt'.
-	Passes verification examples from appendix C.
-
-	* admin/kdb_util.c: All usage strings are now consistent (and even
- 	with the code)!
-
-Thu Apr 3 1997
-
-	* lib/kafs/afssys.c (k_pioctl): Separate syscall functionality and
- 	kerberos convenience routines into afssys.c and afskrb.c. This to
- 	make it possible to use k_pioctl() without linking in all
- 	libraries in the world.
-
-Tue Apr 1 1997
-
-	* appl/telnet/telnet/commands.c: Rename suspend to telnetsuspend,
- 	since Unicos has one of its own.
-
-Sun Mar 30 1997
-
-	* appl/bsd/{rsh,rlogin}.c: Don't look at argv[0].
-
-
-	* man/tenletxr.1: new file
-
-	* appl/kx/rxtelnet.in, appl/kx/rxterm.in, appl/kx/tenletxr.in:
- 	Support `-k'
-
-	* appl/kx/tenletxr.in: new script for running kx in backwards
- 	mode.
-
-	* appl/kx: New version of protocol.
-
-	* appl/kauth: Use err & c:o
-
-	* appl/kauth/encdata.c (read_encrypted): Give better return code
- 	for EOF
-
-
-	* appl/ftp/ftp/krb4.c: Use stdout rather than stderr. Add newlines
- 	to many strings.
-
-	* kuser/kdestroy.c: Use set_progname, make -q equal to -f, remove
- 	bell.
-
-	* lib/roken/warnerr.c: New function set_progname.
-	* aclocal.m4: Invert test of AC_NEED_DECLARATION and rename it to
- 	AC_CHECK_DECLARATION.  Add new function AC_CHECK_VAR, that looks
- 	for a variable, including a declaration.
-
-	* lib/roken/roken.h: Add optional declaration for __progname.
-
-	* lib/roken/*{err,warn}.c: Restructure err and warn functions.
-
-Sat Mar 29 1997
-
-	* appl/telnet/telnet/sys_bsd.c: Maybe-fix for HP-UX 10: Ifdef
- 	SO_OOBINLINE, don't even select for exceptional conditions.
-
-	* lib/otp/otp_md.c: always downcase the seed.
-	byte-swap the SHA result.
-
-Thu Mar 27 1997
-
-	* appl/otp/otp.c: removed bad free of global data
-
-Sun Mar 23 1997
-
-	* configure.in: moved version.h and config.h to include
-
-
-	* acconfig.h: Fix utmp/utmpx stuff on OSF/1.
-
-
-	* appl/bsd/rlogind.c (control): Rewritten to handle the case of
- 	there being no `ws_xpixel' and `ws_ypixel'
-
-	* appl/bsd/rlogin.c (sendwindow): Rewritten to handle the case of
- 	there being no `ws_xpixel' and `ws_ypixel'
-
-	* aclocal.m4 (AC_KRB_STRUCT_WINSIZE): Also test for `ws_xpixel'
- 	and `ws_ypixel'
-
-	* lib/otp/otp.h: Change default global timeout
-
-	* lib/krb/tf_util.c (tf_setup): Also take `pname' and `pinst'
-
-	* appl/telnet/telnetd/sys_term.c, appl/bsd/utmpx_login.c: Do
- 	gettimeofday and then copy the data for the sake of those systems
- 	like SGI that can have different timevals in file and memory.
-
-	* configure.in: Allow `--with-readline'
-
-	* lib/editline/edit_compat.c (readline): strdup data before
- 	returning it.
-
-
-	* appl/telnet/telnetd/state.c: Change size of subbuffer to 2k.
-
-Thu Mar 20 1997
-
-	* lib/krb/decomp_ticket.c: Add some range checking.
-
-	* appl/ftp/ftpd/krb4.c: Check return value from krb_net_write.
-
-	* appl/ftp/ftp/ftp.c: Fix hash mark printing.
-
-Wed Mar 19 1997
-
-	* appl/kauth/kauthd.c: more logging
-
-	* man/kx.1, man/kxd.8: Updated.
-
-	* appl/kx/kx.c, kxd.c: Hacked so that all TCP-connections are kx
- 	-> kxd
-
-
-	* lib/editline/edit_compat.c: BSD libedit comatibility.
-
-Wed Mar 12 1997
-
-	* appl/ftp/ftpd/ftpd.c: Set `byte_count' even when using mmap.
-	Log foreign IP address together with hostname.
-
-Mon Mar 10 1997
-
-	* server/kerberos.c: Fix log file muddle.
-
-Sun Mar 9 1997
-
-	* appl/bsd/kcmd.c (kcmd): check malloc for failure.
-
-Tue Feb 25 1997
-
-	* man/ftpd.8: Documented the `-g' option.
-
-	* appl/ftp/ftpd/ftpd.c: New option `-g umask' for specifying the
- 	umask for anonymous users.
-
-	* appl/ftp/ftpd/ftpd.c: conditionalize SIGURG
-
-	* appl/otp/otp.c: More fixes from Fabien COELHO
- 	<coelho@cri.ensmp.fr>.  Check for current OTP before allowing the
- 	update.
-
-Wed Feb 19 1997
-
-	* appl/otp/otp.c: updated help string
-
-	* appl/bsd/Makefile.in: Fixed installation of suid programs.
-
-	* appl/telnet/libtelnet/kerberos.c: fix some stuff to get
- 	forwarding code to compile
-
-	* lib/otp/otp_db.c: fix for signed char overflow.
-
-
-	* lib/krb/resolve.c: Patch from Jörgen Wahlsten
- 	<wahlsten@pathfinder.com>: Zero out resource record, and send
- 	correct length to dn_expand.
-
-Mon Feb 17 1997
-
-	* lib/roken/roken.h: Check for `_setsid'
-
-	* appl/ftp/ftp/ftp.c: s/__CYGWIN32__/HAVE_H_ERRNO/
-
-	* include/Makefile.in: Generete krb_err.h and kadm_err.h before
- 	linking/copying them
-
-	* aclocal.m4: AC_FIND_FUNC: Add the library at the beginning of
- 	the list.
-
-	* configure.in: Use AC_PROG_RANLIB
-	Always use EMXOMF under OS/2
-	Check for sys/termio.h and _setsid
-
-
-	* configure.in: A preliminary fix for editline.
-
-	* appl/telnet/libtelnet/kerberos.c: Include ticket forwarding
- 	stuff.
-
-	* lib/krb/krb_get_in_tkt.c: Use tf_setup.
-
-	* lib/krb/krb_get_in_tkt.c: New function tf_setup.
-
-Sat Feb 15 1997
-
-	* man/otp.1: updated
-
-	* appl/otp/otp.c: New options `-d' and `-r'.  From Fabien COELHO
- 	<coelho@cri.ensmp.fr>
-
-	* lib/otp/otp.h: Changed default from md4 to md5
-	* lib/otp/otp_db.c (otp_get, otp_simple_get): New functions.
-
-Thu Feb 13 1997
-
-	* appl/kx/rxtelnet.in: allow specification of port number
-
-	* appl/otp/otp.c: Add `-u' option
-
-Sun Feb 9 1997
-
-	* appl/ftp/common/glob.c: Rename FOO -> CHAR_FOO to avoid
- 	collision with symbol in sys/ioctl.h
-
-Fri Feb 7 1997
-
-	* man/kpropd.8: updated
-
-	* appl/bsd/rcmd_util.c: warning needs to know what program is
- 	used.
-
-	* slave/kpropd.c: New explicit flag `-i' for interactive.  Don't
- 	use AI to figure out if we have been started by inetd or not.
-
-Thu Feb 6 1997
-
-	* appl/kx/rxtelnet.in, appl/kx/rxterm.in: Patch for sending -l to
- 	kx.  From <map@stacken.kth.se>
-
-	* kuser/klist.c: corrected alignment of `expired'
-
-	* appl/telnet/telnet/commands.c: replaced lots of \n by \r\n
-
-Mon Feb 3 1997
-
-	* configure.in (socket, gethostbyname, getsockopt, setsockopt):
- 	Better tests.
-	(HAVE_H_ERRNO): New test
-
-	* lib/roken/herror.c (herror): Check HAVE_H_ERRNO
-	lots of other files as well.
-
-Sat Feb 1 1997
-
-	* appl/bsd/rcp.c: Work around the non-working getpw* in cygwin32
-
-	* lib/krb/logging.c: Init function for `std_log´
-
-	* appl/telnet/telnet/utilities.c: Remove `upcase´
-	Check HAVE_SETSOCKOPT
-
-	* appl/telnet/telnet/telnet.c: Use `strupr´ instead of `upcase´
-
-	* appl/telnet/telnet/commands.c, appl/movemail/pop.c,
- 	appl/kauth/rkinit.c, appl/ftp/ftp/ftp.c,
- 	appl/sample/sample_client.c: Ifdef around for the non-existence of
- 	`h_errno' in cygwin32.
-
-	* lib/des/read_pwd.c: work-around for cygwin32
-
-	* appl/telnet/telnet/sys_bsd.c: work-around for cygwin32
-
-Fri Jan 31 1997
-
-	* lib/krb/tf_util.c: gnu-win32 needs to open files with O_BINARY.
-
-Sun Jan 26 1997
-
-	* configure.in: removed duplicate of initgroups and lstat
-	Use AC_KRB_STRUCT_WINSIZE
-
-	* aclocal.m4 (AC_KRB_STRUCT_WINSIZE): New test
-
-	* lib/krb/getaddrs.c: Check for SIOCGIFFLAGS and SIOCGIFADDR
-
-	* appl/bsd/rlogin.c: conditional on SIGWINCH
-
-	* appl/bsd/rcmd_util.c et al: conditional getsockopt
-
-	* configure.in (cygwin32): New target
-	(getsockopt, getsockopt): Test for
-	(herror, hstrerror): Better tests
-
-	* aclocal.m4 (AC_FIND_IF_NOT_BROKEN): Pass arguments to
- 	AC_FIND_FUNC
-
-Thu Jan 23 1997
-
-	* configure.in: Add EXECSUFFIX
-
-	* appl/kx/rxterm.in: rsh -n
-
-	* lib/krb/unparse_name.c (krb_unparse_name_long_r): new function
-
-
-	* lib/auth/sia/sia.c: Fix a bug with ticket filename. Add afs
- 	support.
-
-	* lib/krb/get_host.c: Use KRB_SERVICE.
-
-Wed Jan 22 1997
-
-	* lib/auth/sia/Makefile.in: Add linker magic fix for broken,
- 	conflicting kerberos code in xdm.
-
-Tue Jan 21 1997
-
-	* appl/xnlock/xnlock.c (verify): Change the "LOGOUT" password to
- 	be manageable as X-resource XNlock*logoutPasswd. The password is
- 	stored in UNIX crypt format so that it can be stored in a global
- 	resource file for sites that whish to keep it a secret.
-
-
-	* configure.in: Check for winsize in sys/ioctl.h also.
-
-Sat Jan 18 1997
-
-	* lib/krb/get_default_principal.c: Use principal from
- 	KRB4PRINCIPAL before using uid.
-
-Wed Jan 15 1997
-
-	* appl/telnet/telnet/sys_bsd.c: Use `get_window_size'
-
-	* lib/roken/get_window_size.c: New file
-
-	* appl/bsd/rlogin.c: Use `get_window_size'
-
-	* appl/bsd/forkpty.c, appl/bsd/rlogind.c: conditionalize on
- 	TIOCSWINSZ
-
-	* configure.in: Check for `_scrsize' and `struct winsize'
-
-Tue Jan 14 1997
-
-	* Makefile.in (install-strip, travelkit-strip): New targets.
-
-Thu Jan 9 1997
-
-	* */Makefile.in: Use @foo_prefix@ and @program_transform_name@
- 	Add code to uninstall target
-
-Thu Dec 19 1996
-
-	* configure.in: Set LIBPREFIX
-
-	* config.sub: Add os2 as a system
-
-	* config.guess: Try to recognize i386-pc-os2_emx
-
-	* configure.in: case for *-*-os2_emx
-	NEED_PROTO for `strtok_r'
-	
-	* aclocal.m4: ranlib is apparently calld EMXOMF on OS/2
-	(AC_KRB_PROG_LN_S): New test that uses cp if ln fails
-
-Wed Dec 18 1996
-
-	* appl/bsd/login.c (main): First try to verify password using
- 	standard UNIX method and if it fails try kerberos authentication.
-	
-Sat Dec 14 1996
-
-	* appl/bsd/rcp.c: consider case of no fchmod
-
-	* appl/kpopper/pop_init.c: Use k_getsockinst.
-
-	* lib/roken/{strupr,strlwr,strchr,strrchr,lstat,initgroups,chown,
-	fchown,rcmd}.c: new files
-
-	* appl/kpopper/pop_lower.c: Removed.
-
-	* Makefile.in (travelkit): New target.
-
-Tue Dec 10 1996
-
-	* lib/krb/parse_name.c (kname_parse): Only copy realm if it is
- 	specified.
-
-	* lib/krb/get_host.c (krb_get_host): Treat no realm as local
- 	realm.
-
-Mon Dec 9 1996
-
-	* appl/ftp/ftpd/ftpd.c: Get afs-tokens when logging in with
- 	password.
-
-
-	* slave/kprop.c: flock with K_LOCK_SH
-
-Wed Dec 4 1996
-
-	* appl/telnet/telnet/commands.c: Also export XAUTHORITY
-
-Sun Dec 1 1996
-
-	* kadmin/ksrvutil.c: If realm is not specified, use the local one.
-
-Sat Nov 30 1996
-
-	* appl/kauth/kauthd.c: Use KAUTH_VERSION.  Try to give correct
- 	error messages back to kauth.
-
-	* config.sub, config.guess: Merged in changes from autoconf 2.12
-
-	* appl/bsd/rsh.c: quick hack to make `-n' to the right thing.
-
-	* kadmin/kadm_locl.h: Add prototype for FascistCheck.
-
-Thu Nov 28 1996
-
-	* man/afslog.1: Documented `-createuser'
-
-	* appl/afsutil/aklog.c: removed `cell_of_file' Added option
- 	`-createuser' to run pts to create a foreign principal.
-
-Tue Nov 26 1996
-
-	* lib/otp/otp_challenge.c: Initialize error string and check for
- 	NULL from strdup.
-
-	* lib/roken/mini_inetd.c: Initialize `sin_family'
-
-	* appl/kpopper/pop_init.c: Add `-p' option and make `-a'
- 	auth-style
-
-	* appl/bsd/rshd.c: Add `-p' option.
-
-	* appl/bsd/rlogind.c: Handle `-p' correctly.
-
-	* appl/bsd/login.c: Removed confusing initialization of
- 	`login_timeout'
-
-	* appl/kpopper/pop_dropinfo.c: Remove white-space at the beginning
- 	of UIDL-string.
-
-Sun Nov 24 1996
-
-	* Release 0.9.3
-
-Sat Nov 23 1996
-
-	* kadmin/ksrvutil_get.c: Use `krb_unparse_name_long' Better
- 	defaults.
-
-	* lib/krb/krb.h: Added *_to_key
-
-	* lib/krb/get_svc_in_tkt.c (srvtab_to_key): Make public
-
-	* kadmin/kadmin.c (do_init): `-p' is a synonym for `-u'
-	(do_init): more logical defaults
-	(help): removed old code
-	better error messages
-
-	* lib/krb/get_in_tkt.c (passwd_to_key, passwd_to_afskey): Export
- 	and remove functionality for reading passwords.
-
-	* lib/sl/sl.c: Nicer help output.
-
-	* lib/otp/otp_challenge.c: Initialize `challengep'
-
-	* lib/krb/Makefile.in: Removed get_pw_tkt.c
-
-Fri Nov 22 1996
-
-	* lib/auth/sia/sia.c: Now compiles under Digital UNIX 4.0.
-
-Wed Nov 20 1996
-
-	* lib/auth/pam/pam.c: Chown ticketfile to correct GID.
-
-Tue Nov 19 1996
-
-	* appl/kx/rxtelnet.in: Try to set the screen number as well.
-
-	* Be careful not to thrust `h_length' from gethostby{name,addr}
-
-	* appl/bsd/rcmd_util.c (ip_options_and_die): New function.
-
-	* configure.in: moved headers before functions.
-	call AC_PATH_XTRA_XTRA.
-	Add strchr, index, rindex, and strrchr to AC_CHECK_FUNCS.
-	remove strchr and strrchr, add strtok_r from/to AC_BROKEN.
-
-	* aclocal.m4 (AC_PATH_XTRA_XTRA): New macro.
-
-	* aclocal.m4 (AC_FIND_FUNC, AC_FIND_FUNC_NO_LIBS): Two new
- 	arguments: includes and arguments)
-
-	* configure.in: Need to supply arguments and includes to test for
- 	`res_search' and `dn_expand'
-
-	* lib/kafs/afssys.c (k_setpag): Handle AFS_SYSCALL3
-
-	* Use `k_getpw{nam,uid}' instead of getpw{nam,uid}.
-
-	* Replace lots of `strtok' with `strtok_r'.
-
-	* lib/sl/sl.c: Allow unlimited number of arguments.  Use
- 	`strtok_r' to divide up string into arguments.
-
-	* lib/roken/roken.h: Added `strtok_r'
-
-	* configure.in: Test for `strtok_r'
-
-	* include/Makefile.in: Don't build in ss
-
-	* Makefile.export: Fixed ChangeLog-generation
-
-	* lib/sl/sl.c: Let `readline' to the \n-removal.  Handle empty
- 	lines.  Don't store empty lines in the history.
-
-Mon Nov 18 1996
-
-	* lib/sl/sl.c: Use readline compatible i/o.
-
-
-	* lib/otp/otp_locl.h: Changed location of otp database to /etc
-
-	* appl/otp/Makefile.in: Install otp setuid root.
-
-	* util/Makefile.in: don't build SS
-
-	* lib/sl: New directory.
-
-	* kadmin/kadmin.c: Replaced SS by SL.
-
-Sun Nov 17 1996
-
-	* kadmin/kadm_funcs.c: Improved log messages.
-
-
-	* Use KRB_TICKET_GRANTING_TICKET.
-
-
-	* server/kerberos.c: Don't do any special logging when running as
- 	slave.
-
-
-	* Lots of files: remove unnecessary `(void)'
-
-	* Lots of files: remove unnecessary `register' declaration.
-
-
-	* lib/krb/get_host.c: Only keep list of hosts from requested
- 	realm.
-
-
-	* man/otpprint.1, otp.1: New files.
-
-	* appl/otp/otp.c: `-s' is now default.
-
-	* appl/otp/otp.c: removed count
-
-	* lib/des/destest.c: more general quad_cksum test.
-
-	* lib/otp/otp_print.c (otp_print_stddict_extended,
- 	otp_print_hex_extended): New functions.
-
-	* lib/otp/otptest.c: New file.
-
-
-	* appl/ftp/ftpd/ftpd.c: Change default auth level to what was
- 	formerly known as `user'.
-
-	* appl/ftp/ftpd/ftpd.c: Orthogonalize arguments to -a
-
-
-	* appl/kip/kip.c: Try all addresses we get back from the name
- 	server.
-
-	* kadmin/kpasswd.c: updated to new functions.
-
-	* lib/otp/otp_db.c (otp_db_open): Do a few retries.  Unlock in
- 	case this file cannot be opened.
-
-	* doc/kth-krb.texi: New chapter about OTPs.
-
-	* appl/otp/otpprint.c, appl/otp/otp.c: Use OTP_ALG_DEFAULT.
-  	Consistent language Check return value from des_read_pw_string.
-
-	* lib/otp/otp.h: Add OTP_ALG_DEFAULT
-
-
-	* lib/krb/parse_name.c: New function krb_parse_name
-
-Sat Nov 16 1996
-
-	* appl/bsd/login.c: removed S/Key.
-	Added OTP with option `-a otp'
-	Reorganized verification loop.
-
-	* appl/bsd/Makefile.in (login): Remove skey and add OTP
-
-	* configure.in: Test for `uid_t' and `off_t'
-
-	* appl/telnet/telnetd/telnetd.c: Removed `-s' for securID and
- 	added `-a otp' for OTP.
-
-	* appl/kpopper: removed s/key and added OTP support.  Updated
- 	man-page.
-
-	* lib/otp/otp.h: more fields in the struct and a new function.
-
-	* appl/ftp/ftpd/ftpd.c: Full OTP support.
-
-	* appl/kx/rxterm.in: Add options: -l username, -r args_to_rsh, and
- 	-x args_to_xterm
-
-	* appl/kx/rxtelnet.in: Add options: -l username, -t
- 	args_to_telnet, and -x args_to_xterm
-
-	* man/kx.cat1: regenerated
-
-	* man/kx.1: Added `-l' option.
-
-	* appl/kx/kxd.c: Accept username from `kx'
-
-	* appl/kx/kx.c: Introduced option `-l user' to be able to login as
- 	some other user.
-
-Fri Nov 15 1996
-
-	* appl/kx/kx.c: Print out display and not display_nr
-
-	* lib/auth/Makefile.in: Fix the case with empty SUBDIRS.
-
-	* */Makefile.in: Use $(LN_S) instead of ln -s
-
-	* */Makefile.in: Add @SET_MAKE@
-
-	* doc/latin1.tex: New file.
-
-	* doc/kth-krb.texi: Use latin1.tex to be able to use one letter
- 	that some bear seem to think is important.
-
-	* doc/kth-krb.texi: Added acknowledgements.
-
-	* lib/auth/Makefile.in: Only build relevant subdirectories.
-
-	* configure.in: Set @LIB_AUTH_SUBDIRS@ to the subdirectories of
- 	lib/auth that should be built.
-
-
-	* lib/kafs/afssys.c: Only get tokens for each cell once.
-
-Thu Nov 14 1996
-
-	* man: Added man pages for movemail(1) and kerberos(8).
-
-
-	* kadmin/kadmin_cmds.ct: Add `add' for add_new_key and `passwd'
- 	for change_password.
-
-
-	* lib/krb/logging.c: Now actually compiles!
-
-
-	* config.{guess,sub}: Merge changes from Autoconf
-
-
-	* lib/krb/{recv,send}auth.c: Don't return errno if there is a
- 	system error.
-
-Wed Nov 13 1996
-
-	* util/ss/Makefile.in: Now even compiles with BSD make!
-
-	* appl/kx: Now send the complete display from `kxd' to `kx'.  This
- 	should enable it to work better with Xlibraries that don't support
- 	unix sockets.
-
-	* kuser/klist.c: conditionally include <sys/ioctl.h> and
- 	<sys/ioccom.h> before <kafs.h>
-
-	* lib/krb/resolve.h: Add fallback for `T_TXT'.
-
-	* appl/otp/otp.c: removed print-functionality.
-
-	* appl/otp/otpprint.c: New file.
-
-	* appl/otp/Makefile.in: New program `otpprint'
-
-	* lots of Makefile.in: Now should be possible to build with makes
- 	that have broken VPATH-handling.
-
-	* configure.in: Always replace REAL_SHARED & c:o so that some
- 	libraries may be built as shared.
-	Removed unused AC_SUBST.
-	Only build afskauthlib on irix.
-
-	* lib/auth/afskauthlib/Makefile.in, lib/auth/sia/Makefile.in,
- 	lib/auth/pam/Makefile.in: Always build as a shared library.
-
-	* appl/kx/rxtelnet.in, appl/kx/rxterm.in: export PATH (from
- 	<jas@pdc.kth.se>).
-
-
-	* lib/krb/{pkt_cipher,fgetst}.c: Removed
-
-	* lib/krb/name2name.c: Renamed k_name_to_name to krb_name_to_name
-
-Mon Nov 11 1996
-
-	* appl/telnet/telnetd/sys_term.c: Really remove bad stuff from
- 	environment.
-
-Fri Nov 8 1996
-
-	* appl/bsd/rlogind.c (main): `portnum' should be int.
-
-	* appl/bsd/sysv_environ.c: Use _PATH_ETC_ENVIRONMENT
-
-	* appl/bsd/pathnames.h: _PATH_ETC_ENVIRONMENT: new
-
-	* lib/krb/get_host.c (srv_find_realm): New parameter `service'
-
-
-	* lib/krb/unparse_name.c: New function.
-
-Tue Nov 5 1996
-
-	* lib/auth/pam/pam.c: Add PAM Kerberos module.
-
-Mon Nov 4 1996
-
-	* configure.in: configure in lib/auth/afskauthlib
-
-	* lib/kafs/afssys.c: New function `k_afsklog_uid'.
-
-	* lib/auth/afskauthlib: New library that works like
-	`afskauthlib.so' from Transarc.
-
-
-	*lib/krb/get_host.c, lib/krb/getrealm.c, lib/kafs/afssys.c: Use
- 	dns_lookup().
-	
-	* lib/krb/resolve.c (dns_lookup): Replaced several different
- 	resolver functions with one more generalized.
-
-Sun Nov 3 1996
-
-	* Add check target in lib/krb.
-	
-	* appl/bsd/login.c (main): Sleep 10 seconds before bailing out so
- 	that there is a chance of reading the error message.
-
-	* appl/bsd/rsh.c (main): When invoked as rlogin equivalent change
- 	to real uid before execing rlogin.
-
-Sat Nov 2 1996
-
-	* appl/bsd/utmp_login.c: Do the right thing on systems where
- 	UTMPX_DOES_UTMP_LOGGING is defined.
-
-
-	* lib/krb/krb.h: names for `krb_kuserok' prototype
-
-	* lib/krb/get_host.c: Add tcp/kerberos.REALM as well.
-
-	* appl/bsd/su.c: Replace call to `kuserok' by `krb_kuserok'.
-
-	* lib/otp/otp_parse.c: Add support for parsing extended responses
- 	(draft-ietf-otp-ext-01).
-
-	* lib/otp/otp.h: Define OTP_HEXPREFIX and OTP_WORDPREFIX.
-
-	* appl/otp/otp.c: Add option `-e' for printing responses in
- 	extended mode (according to draft-ietf-otp-ext-01.txt).
-
-
-	* lib/krb/kuserok.c: Function krb_kuserok now takes name,
- 	instance, realm rather than an AUTH_DAT.
-
-Fri Nov 1 1996
-
-	* lib/auth/sia: Add SIA Kerberos module.
-
-
-	* lib/roken/roken.h: Need to include signal.h prior to defining
- 	SIG_ERR.
-
-	* appl/bsd/utmpx_login.c (utmpx_update): Minor restructuring for
- 	simplified maintainability.
-
-	* appl/bsd/utmp_login.c (utmp_login): Even when there are utmpx
- 	files on this system we should also log to the utmp files. If
- 	there are no utmp files we of course don't have to log to them.
-
-
-	* Makefile.export: now generate PROBLEMS and COPYRIGHT as well.
-
-	* PROBLEMS, COPYRIGHT, doc/kth-krb.info: removed
-
-	* doc/kth-krb.texi: Put copyrights in marketing order.
-
-	* appl/kpopper/popper.h: client and ipaddr should be char [] so
- 	that we can store the names there.
-
-	* appl/kpopper/pop_init.c: save copies of addresses that otherwise
- 	get overwritten.
-
-Mon Oct 28 1996
-
-	* lib/krb/send_to_kdc.c (send_recv_it): Use `recv' not `recvfrom'
- 	to make winsock happy.  Also don't care anymore about from which
- 	address we got the answer since we do a `connect'.
-
-	* admin/adm_locl.h, lib/kdb/kdb_locl.h, kadmin/kadm_locl.h,
- 	lib/krb/krb_locl.h, lib/roken/strftime.c, server/kerberos.c: Do
- 	not use #if, use #ifdef.
-
-	* configure.in: Test for `rand' and `getuid'
-
-
-	* slave/kprop.c: Don't terminate on trivial errors in slaves-file.
-
-Sun Oct 27 1996
-
-	* doc/Makefile.in: Install from source directory if necessary.
-
-	* lib/krb/kuserok.c: Do not use `k_getpwnam' in libkrb.
-
-	* configure.in: You can't even use `unset', Ultrix sh does not
- 	have it.
-
-
-	* several files: Check status from des_read_pw_string.
-
-
-	* server/kerberos.c: Make sure all data is recieved on a tcp
- 	socket before trying to reply.
-
-
-	* lib/krb/krb.h: Add <time.h> for `struct tm'
-
-	* appl/kx/Makefile.in: Both kx and kxd requires @XauWriteAuth@
-
-	* configure.in: Fix test for `XauReadAuth'
-
-Fri Oct 25 1996
-
-	* lib/krb/get_host.c (init_hosts): Must ntohs(KRB_PORT) on
- 	machines running backwards.
-
-	* More consistent use of CRLF in telnet and telnetd.
-
-	* Removed redundant -I$(srcsdir)/../../include from compiler args.
-	
-
-	* appl/ftp/ftpd/ftpd.c: New option `-a otp' to allow OTPs but no
- 	ordinary passwords in cleartext.
-
-	* appl/ftp/ftpd/Makefile.in: Link `ftpd' with -lotp
-
-	* lib/Makefile.in: Add otp
-
-	* include/Makefile.in: Add otp.h
-
-	* configure.in: Test for ndbm.h
-	Generate Makefiles in lib/otp and appl/otp
-
-	* appl/otp: New program to set up and generate OTPs.
-	
-	* lib/otp: New library for one-time passwords (RFC1938).
-
-	* lib/krb/get_host.c (srv_find_realm): Added parameter `proto'
-
-	* lib/des/Makefile.in: Add md4 and sha.  run `mdtest' from check.
-
-	* lib/des/md4.h, lib/des/md4.c, lib/des/sha.c, lib/des/sha.h,
- 	lib/des/mdtest.c: New files.
-
-	* appl/kauth/Makefile.in: Make $(libexedir) as well.
-
-Thu Oct 24 1996
-
-	* appl/bsd/rlogind.c (setup_term): Actually set the speed of the
- 	terminal.
-
-	* appl/bsd/rlogin.c (main): Do a `speed_t2int' before putting the
- 	speed in the TERM variable.
-
-	* appl/bsd/rcmd_util.c: New functions: `speed_t2int' and
- 	`int2speed_t'.
-
-	* appl/bsd/bsd_locl.h: Added prototype of `speed_t2int' and
- 	`int2speed_t'.
-
-Sun Oct 20 1996
-
-	* appl/bsd/login.c: Do `getspnam' before change the UID. Also call
- 	`endspent'
-
-	* appl/krbmanager: New program used on PCs by kclient.
-
-	* lib/kclient: New library.
-
-	* lib/des, lib/krb: Added some PC-specific files.
-
-	* doc/kth-krb.info: Regenerated.
-
-	* doc/Makefile.in (kth-krb.info): Some stupid makes don't
- 	understand $<
-	(kth-krb.html): New rule.
-
-	* doc/kth-krb.texi (Compiling from source): Added some references
- 	about Socks.
-
-Sat Oct 19 1996
-
-	* doc/kth-krb.texi: Added text about ``--with-socks''.
-
-	* configure.in: Use `AC_TEST_PACKAGE' for skey and socks.
-
-	* aclocal.m4: Replaced `AC_TEST_SOCKS' and `AC_TEST_SKEY' with the
- 	more general `AC_TEST_PACKAGE'.
-
-Fri Oct 18 1996
-
-	* configure.in: call AC_TEST_SOCKS
-
-	* acconfig.h: SOCKS
-
-	* aclocal.m4: Added AC_TEST_SOCKS
-
-	* lib/krb/send_to_kdc.c (send_to_kdc): Removed unused `f' and
- 	close.
-
-Thu Oct 17 1996
-
-	* man/popper.8: Option `-i'
-
-	* appl/kpopper/pop_send.c: clean-up
-
-	* appl/kpopper/popper.h: Removed old garbage and added SKEY.
-
-	* appl/kpopper/pop_xmit.c: clean up
-
-	* appl/kpopper/pop_user.c: SKEY-support
-
-	* appl/kpopper/pop_pass.c: Added support for spaces in passwords
- 	and S/Key.
-
-	* appl/kpopper/pop_init.c: Moved some variables into struct pop
-	(main): Added support for `-i'
-
-	* appl/kpopper/pop_get_command.c: New command "HELP".
-
-	* appl/kpopper/Makefile.in: Add SKEY-stuff.
-
-	* lib/krb/get_host.c: Use `k_getportbyname(KRB_SERVICE,...)' as a
- 	default instead of KRB_PORT
-
-	* lib/krb/getaddrs.c (k_get_all_addrs): Add
- 	gethostbyname(k_gethostname()) as a fallback.
-
-	* lib/krb/k_getport.c (k_getportbyname): proto can be NULL
-
-	* lib/krb/krb.h: Only include <sys/types.h> if HAVE_SYS_TYPES_H
-
-	* lib/krb/prot.h: KRB_SERVICE: Added
-
-
-	* server/kerberos.c: Replaced linked list with a vector.
-
-Wed Oct 16 1996
-
-	* server/kerberos.c: Add support for TCP connections.
-
-	* lib/krb/send_to_kdc.c: On stream sockets, use krb_net_read
- 	rather than recvfrom.
-
-Mon Oct 14 1996
-	
-	* doc/kth-krb.texi: Only use `kdb_edit' to add the initial
- 	`nisse.admin'.  Add all other users with `kadmin'.
-
-	* doc/kth-krb.info: new file.
-
-	* doc/kth-krb.texi: Added some text about kx and ftp.
-
-	* appl/ftp/ftpd/ftpcmd.y,
-	  util/ss/ct.y,
-	  util/et/error_table.y :
- 	Added code for handling the case of using `bison' and having no
- 	`alloca'.  Alloca is usually never called anyway, so we just use
- 	`malloc'.
-
-	* appl/kx/kxd.c: All static variables are now global and in
- 	common.c.
-	(doit_conn, doit): Turn on TCP_NODELAY.
-	(create_and_write_cookie, suspicious_address): Moved to common.c
-
-	* appl/kx/kx.c (connect_host): Try all addresses of `host'. Turn
- 	on TCP_NODELAY.
-	(doit): prepare for TCP-only hosts.
-	(usage,main): add `-t'
-	(main): Passive mode is possible again.
-
-	* appl/kx/kx.h: More #ifdefs for include files.  Declarations for
- 	global variables.
-
-	* appl/kx/common.c (get_xsockets): Try to chmod
- 	dirname(`X_UNIX_PATH')
-	(get_xsockets): Turn on TCP_NODELAY on TCP connections.
-
-	* doc/Makefile.in: New file
-
-	* Makefile.in: Added `doc' to `SUBDIRS'
-
-	* configure.in: Generate `doc/Makefile'
-
-Sun Oct 13 1996
-
-	* appl/bsd/rcp.c (main): Made rcp AFS aware.
-
-	* lib/krb/kuserok.c (kuserok): Act as if luser@LOCALREALM is
- 	always an entry of .klogin.
-
-Sat Oct 12 1996
-
-	* appl/kx/rxtelnet.in: Start the `xterm' process correctly.
-
-	* lib/des/rnd_keys.c (sumFile): consider the case that `res' is
- 	not longword-aligned.
-
-	* lib/krb/get_host.c (parse_address): `getservbyname' should
- 	really get proto = NULL
-
-	* lib/krb/send_to_kdc.c (krb_udp_port): removed
-	(send_to_kdc): removed `addrlist'
-
-	* lib/krb/send_to_kdc.c: Support not only UDP.
-
-	* lib/krb/get_host.c (krb_get_admhst): Really ask for a admin host
- 	if that's what we want.
-
-Thu Oct 10 1996
-
-	* lib/krb/get_host.c: Simplified some code. Added stub-support for
- 	SRV-records.
-
-Wed Oct 9 1996
-
-	* appl/kx/rxtelnet.in, appl/kx/rxterm.in: PDC are unable to give
- 	correct instructions to their users and therefore we have to add
- 	strange directories to the PATH.
-
-	* appl/kx/rxtelnet.in: Support sending arguments to telnet.
-
-	* appl/kx/rxterm.in: rsh can reside in path or %bindir% support
- 	extra arguments to xterm (from <jas@pdc.kth.se>).
-
-	* appl/kx/rxtelnet.in: Try to find some kind of terminal emulator
- 	for X.
-
-	* appl/kx/rxterm.in, appl/kx/rxtelnet.in: Look for kx in $PATH and
- 	%bindir%.
-
-	* appl/kx/common.c (get_xsockets): `mkdir' the correct directory.
-  	From <jas@pdc.kth.se>
-
-
-	* lib/krb/send_to_kdc.c: Changes to allow other than udp port 750
- 	connections.
-
-	* lib/krb/get_host.c: rewrite of krb_get_{adm,krb}hst.
-
-Sun Oct 6 1996
-
-	* appl/ftp/ftpd/ftpd.c (retrieve): Got rid of `sprintf'.
-
-	* configure.in: Fix order for x libs.  From <jas@pdc.kth.se>.
-  	Check for `fcntl', `alloca', `winsock.h', and `io.h'.
-
-	* lib/krb/krb_locl.h: Check for <io.h> and <winsock.h>
-
-	* lib/krb/krb.h: Check for winsock.h
-
-	* lib/krb/k_flock.c: Better test for `fcntl' with locking.
-
-	* lib/krb/et_list.c: Hopefully correct pragma this time.  From
- 	<jas@pdc.kth.se>
-
-Thu Oct 3 1996
-
-	* lib/krb/klog.c (klog): Do not forget to print the text.
-
-	* lib/krb/log.c (krb_log): Print space after time in log.
-
-Wed Oct 2 1996
-
-	* appl/kpopper/popper.h: Add field msg_id to hold Message-Id for
- 	UIDL command.
-
-	* appl/kpopper/pop_dropinfo.c (pop_dropinfo): Support for UIDL
- 	command. Saves Message-Id to be used as unique id. Everything is
- 	#ifdef:ed UIDL.
-
-	* appl/kpopper/pop_get_command.c: Recognize UIDL command.
-
-	* appl/kpopper/pop_uidl.c (pop_uidl): POP3 UIDL command
- 	implementation.
-
-	* appl/kpopper/Makefile.in: New file pop_uidl.c.
-
-
-	* configure.in: Made some of the tests into macros defined in
- 	aclocal.m4
-
-	* appl/telnet/libtelnet/kerberos.c: Given better error message
- 	when user is not authorized to login.
-
-	* lib/roken/k_getpwuid.c, lib/roken/k_getpwnam.c: Call `endpwent'.
-  	If we are using a BSD-kind of system we should not leave the
- 	shadow password database open.
-
-	* appl/xnlock/xnlock.c: Got rid of all `register' declarations.
-
-	* appl/kx/rxterm.in, appl/kx/rxtelnet.in: Use `set --'
-
-Mon Sep 30 1996
-
-	* lib/roken/k_getpwnam.c, lib/roken_k_getpwuid.c: Call `endspent'
- 	to try to close the shadow password file.
-
-	* appl/ftp/ftpd/ftpd.c (retrieve): Cut the argument to the command
- 	and the first character of the extension.
-
-	* lib/krb/send_to_kdc.c: Sun doesn't have any strerror so we can't
- 	use that here.  We are only printing debug messages anyway, so
- 	just print errno for now.
-
-	* appl/kx/rxtelnet.in: Now using SIGUSR2.
-
-	* appl/kx/kx.c: Now using SIGUSR1 to mean `exit when number of
- 	children goes down to zero'.  SIGUSR2 is `exit when number of
- 	children is equal to zero'.
-
-	* appl/xnlock/xnlock.c: More fixup of old code.
-
-	* appl/ftp/ftpd/ftpd.c: Only call `filename_check' for guest
- 	users.
-
-	* configure.in: Added tests for more header files.  Also added
-	more ifdefs when actually including those files.
-
-	* appl/kx/Makefile.in: Do not build programs if we have no X11.
-	
-Sun Sep 29 1996
-
-	* appl/xnlock/xnlock.c (main): Support for shadow passwords.
-
-	* lib/roken/k_getpwuid.c: New file, better support for shadow
- 	passwords.
-
-
-	* appl/telnet/Makefile.in: Use SET_MAKE
-
-
-	* appl/ftp/ftpd/ftpcmd.y: Remove access to several commands for
- 	anonymous users.
-
-	* lib/krb/get_krbhst.c: Look for kerberos-#.realm.
-
-	* appl/ftp/ftpd/popen.c: Execute files from ~ftp if possible.
-
-	* appl/ftp/ftpd/ftpd.c: Add find site command.
-
-	* appl/ftp/ftpd/ftpd.c: Add special handling of nonexistant files
- 	with extensions {,.tar}{,.gz,Z}.
-
-Sat Sep 28 1996
-
-	* configure.in: Check for sys/times.h, sys/param.h, and
- 	sys/timeb.h
-
-	* lib/des: autoconfed a little to make it compile.
-
-	* lib/roken/roken.h: Add `max', `min', and definitions for broken
- 	syslogs.
-
-	* appl/bsd/bsd_locl.h: Removed SYSLOG-garbage and max.
-
-	* appl/kx/kx.h: Remove prototype of childhandler.
-
-	* appl/kx/common.c: Remove childhandler.  Not common any more.
-
-	* appl/kx/rxterm.in: Send SIGUSR1 to kx before starting xterm.
-
-	* appl/kx/rxtelnet.in: Send USR1 to kx at appropriate moment.
-
-	* appl/kx/kx.c: Die after receiving SIGUSR1 and when number of
- 	children goes to zero.
-
-	* lib/roken/roken.h: Add STDERR_FILENO
-
-	* lib/roken/mini_inetd.c (mini_inetd): Also dup onto stderr.
-
-	* lib/kafs/Makefile.in (afslib.so): Change argument so they work
- 	with `ld' instead of `cc'
-
-	* appl/kx/kxd.c: writeauth.c as separate file.
-
-	* appl/kx/kx.c: `-d' option to disable forking.
-
-	* appl/kx/Makefile.in: Compile and link writeauth.c if necessary.
-  	For some stupid reason $< does not work correctly in BSD make.
-  	Use $(srcdir) instead.
-
-	* appl/ftp/ftp/ftp_locl.h: Only include <roken.h> once.
-
-	* configure.in: Use strange X flags when looking for XauReadAuth.
-  	Add XauWriteAuth if we need to include it.
-
-Fri Sep 27 1996
-
-	* appl/sample: Sample programs work again.
-
-
-	* appl/kx/kxd.c (main): use `mini_inetd'
-
-	* appl/kx/kx.c: Use KX_PORT
-
-	* appl/kx/kx.h: Remove SOMAXCONN and add KX_PORT
-
-	* appl/kauth/kauthd.c (main): use `mini_inetd'
-
-	* appl/ftp/ftpd/ftpd.c: Removed `conn_wait' and use `mini_inetd'
- 	instead.
-
-	* appl/bsd/bsd_locl.h: Prototypes for `get_shell_port' and
- 	`get_login_port'
-
-	* appl/bsd/rcmd_util.c: New file.
-
-	* appl/bsd/Makefile.in: Added rcmd_util.c
-
-	* appl/bsd/rcp.c: Moved `get_shell_port' to rcmd_util.c
-
-	* appl/bsd/rsh.c: Moved `get_shell_port' to rcmd_util.c
-
-	* appl/bsd/rlogind.c (main): Use `mini_inetd'
-
-	* appl/bsd/rshd.c (main): Add support for interactive mode with
- 	`-i'.
-
-	* appl/telnet/telnetd/telnetd.c (main): use `mini_inetd'
-
-	* lib/roken/roken.h: Added prototype for `mini_inetd', and
- 	fallback definitions for SOMAXCONN, STDIN_FILENO, and
- 	STDOUT_FILENO.
-
-	* lib/roken/Makefile.in: Added mini_inetd.o
-
-	* lib/roken/mini_inetd.c: New file.
-
-Thu Sep 26 1996
-
-	* appl/kx/kxd.c (doit): read port number in ascii.
-
-	* appl/kx/kx.c (doit): write port number in ascii.
-
-	* appl/kauth/rkinit.c (doit_host): Check return value from
- 	`read_encrypted'.
-
-	* appl/kauth/kauthd.c (doit): Removed unnecessary sprintf's before
- 	syslog.
-
-	* lib/krb/krb_get_in_tkt.c (krb_get_in_tkt): Return error code
- 	from `tf_create' and not always INTK_ERR.
-
-	* lib/krb/tf_util.c (tf_create): Correct check for return value
- 	from `open'.
-
-	* lib/des/rnd_keys.c (des_rand_data): Try /dev/urandom as well.
-
-Wed Sep 25 1996
-
-	* appl/afsutil/pagsh.c (main): One-of error hopefully fixed this
- 	time.
-
-	* configure.in: Add test for <sys/un.h>
-
-	* kadmin/Makefile.in: Add back $(CRACKLIB)
-
-Mon Sep 16 1996
-
-	* appl/kx/Makefile.in: Create rxterm and rxtelnet at compile time.
-
-	* kstring2key moved to appl/afsutil.
-
-Sun Sep 15 1996
-
-	* appl/kx/kx.c (main): For now always use passive mode.  That's
- 	the only thing that has been tested and not a lot of people are
- 	going to use non-passive anyways.
-
-	* appl/kx/kx.c (connect_host): write display_number in ascii.
-
-	* appl/kx/kxd.c (doit): read display_number in ascii.
-
-	* appl/kx/common.c (get_local_xsocket): Generate the
- 	/tmp/.X11-unix directory with the sticky bit set.
-
-	* configure.in: Generate appl/kx/rxterm and appl/kx/rxtelnet.
-
-	* appl/kx/Makefile.in: Install rxterm and rxtelnet.
-
-	* appl/kx/rxterm.in, appl/kx/rxtelnet.in: New files.
-
-	* appl/kx/common.c (get_local_xsocket): try to bind the socket
- 	instead of checking for existence with lstat.
-
-
-	* appl/kx/kxd.c: Detect remote termination and cleanup on exit.
-
-Sat Sep 14 1996
-
-	* lib/des/rnd_keys.c: Hack for systems that lack setitimer (like
- 	crays).
-
-
-	* appl/kx/kxd.c (doit): Send over the display number and the
- 	authority file actually used to kx.
-	
-	(create_and_write_cookie):  New function to generate and write into a
-	file a local cookie used between this pseudo-server and the
- 	clients on this host.
-	
-	(start_session):  New function to check and remove the local cookie
-	before the data is sent over to `kx'.
-
-	* appl/kx/kx.c (display_num, xauthfile): New variables.  Now `kx'
- 	prints out the values of those two variables and then goes to the
- 	background to enable some script to set these on the other host.
-	
-	(start_session): New function that adds a local cookie before sending
-	the rest of the connection to the local X-server.
-	
-	(main): Also recognize "unix" as a local DISPLAY.
-
-	* appl/kx/kx.h: <X11/Xauth.h> used.
-	(get_local_xsocket): Changed parameter.
-
-	* appl/kx/common.c (get_local_xsocket): Now try to allocate the
- 	first free socket in /tmp/.X11-unix.  Also `mkdir' this directory
- 	first.  Return the number of the display opened.
-
-	* appl/kx/Makefile.in: Added X libraries.
-
-	* lib/des/des.h: Added prototype for `des_rand_data'.
-
-	* lib/des/rnd_keys.c: Made `des_rand_data' non-static.  This
- 	function is useful and now even used.
-
-Wed Sep 11 1996
-
-	* appl/bsd/login.c: Use k_afs_cell_of_file() to get tokens for the
- 	cell of the home catalog rather than the local cell.
-
-	* lib/kafs/afssys.c: Add k_afs_cell_of_file.
-
-Tue Sep 10 1996
-
-	* appl/telnet/telnetd/telnetd.c, appl/telnet/telnetd/sys_term.c:
- 	Removed all convex code.
-
-Mon Sep 9 1996
-
-	* appl/telnet/telnetd/termstat.c: UNICOS5: removed
-
-	* appl/telnet/telnetd/telnetd.c, appl/telnet/telnetd/sys_term.c:
- 	NEWINIT, UNICOS7x, UNICOS5: removed
-	
-	STREAMSPTY: added variable `really_stream' Now able to handle the
- 	case where the OS supports stream ptys but we run out of them and
- 	start using ordinary BSD ones.
-
-	* appl/telnet/telnetd/state.c: UNICOS5: removed
-
-	* appl/telnet/telnetd/pathnames.h: BFTPPATH: removed
-
-	* appl/telnet/telnetd/ext.h, appl/telnet/telnetd/global.c:
-	BFTPDAEMON: removed.
-	UNICOS5: removed.
-	
-	* appl/telnet/telnetd/ext.h: STREAMSPTY: added variable
- 	`really_stream'.
-
-	* lib/krb/stime.c (krb_stime): argument should be `time_t'.
-	lib/krb/krb_locl.h: changed prototype.
-
-Sun Sep 8 1996
-
-	* configure.in: Also generate `appl/sample/Makefile'
-
-	* appl/Makefile.in: Use @SET_MAKE@.
-	Include sample
-
-	* lib/krb/Makefile.in: Add krb_stime, krb_mk_auth, and
- 	krb_check_auth.
-
-	* util/et/compile_et.c (main): Include <foo.h> in foo.c
-
-	* slave/kprop.c: exit with return code == 1 to indicate failure.
-
-	* server/kerberos.c (usage): Fixed usage string.
-
-	* lib/krb/tkt_string.c (tkt_string): Removed bogus extern
- 	declaration of `getuid'.
-
-	* lib/krb/tf_util.c (tf_save_cred): Removed bogus extern
- 	declaration of `lseek'.
-
-	* lib/krb/stime.c (stime): Renamed to `krb_stime'
-
-	* lib/krb/sendauth.c (krb_sendauth): reimplemented using
- 	`krb_mk_auth' and `krb_check_auth'.
-
-	* lib/krb/send_to_kdc.c (send_recv): Removed stupid cast.
-
-	* lib/krb/recvauth.c: Removed KRB_SENDAUTH_VERS
-
-	* lib/krb/prot.h: create_auth_reply: correct prototype.
-  	krb_create_death_packet: ditto.
-	KRB_SENDAUTH_VERS: moved here from sendauth.c and recvauth.c
-
-	* lib/krb/month_sname.c: Made `month_sname' const.
-
-	* lib/krb/mk_req.c: Remove stupid `register'
-
-	* lib/krb/log.c (krb_log): Use `krb_stime'
-
-	* lib/krb/kuserok.c (kuserok): Nightmare Filesystem might return
- 	ESTALE.  Treat it the same way as ENOENT.
-
-	* lib/krb/krb_locl.h: Added prototype for `krb_stime'
-
-	* lib/krb/krb_check_auth.c: New file with `krb_check_auth',
-	implemented for compatibility with CNS.
-	lib/krb/krb_mk_auth.c: Ditto.
-
-	* lib/krb/krb.h: Removed duplicate declarations of `get_request'
- 	and `krb_get_admhst'.
-	Added declarations for `krb_mk_auth' and `krb_check_auth'.
-
-	* lib/krb/kparse.h: removed prototype for `strsave'
-
-	* lib/krb/kparse.c (fGetParameterSet): Use `strdup' instead of
- 	`strsave'.
-	(strsave): Removed.
-
-	* lib/krb/kname_parse.c: Removed stupid `register' declarations.
-
-	* lib/krb/klog.c (klog): Use `krb_stime'
-
-	* lib/krb/get_phost.c: Handle the case where the name has no dots
- 	in it by just returning it as-is.
-
-	* lib/knet/Imakefile, lib/knet/getkdata.c, lib/knet/phost.c,
-	lib/knet/sendkdata.c: removed unused files.
-
-	* lib/kadm/kadm_cli_wrap.c (kadm_init_link): use `k_getportbyname'
-
-	* kadmin/ksrvutil_get.c (get_srvtab_ent): Erase the key if
- 	something goes wrong.  Include realm in the message when writing a
- 	key.
-	(parseinput): New function that removes quotes and backslashes
- 	from input.
-	(ksrvutil_get): Use `parseinput' to read input.
-
-	* kadmin/ksrvutil.c (safe_read_stdin): Correct use of printf.
-  	Removed bogus casts and fflush of stdin.
-	(main): Use `return' instead of `exit'.
-
-	* kadmin/kpasswd.c (main): Use `return' instead of `exit'.
-
-	* kadmin/admin_server.c: exit with return code == 1 to indicate
- 	failure.
-
-	* appl/sample/sample_server.c: Rewrote to use all new functions.
-
-	* appl/sample/sample_client.c: Rewrote to use all new functions.
-
-	* appl/sample/sample.h: new file.
-
-	* appl/sample/Makefile.in: new file.
-
-	* appl/movemail/pop.c (socket_connection): use `k_getportbyname'
-
-	* appl/kpopper/pop_init.c: exit with return code == 1 to indicate
- 	failure.
-
-	* appl/kauth/kauth.c (doexec): new-style definition.  ret should
- 	be a `pid_t'.
-	(main): new-style definition.  Use `prog' instead of `argv[0]'
-
-	* appl/ftp/ftp/extern.h: Removed unused `abortsend'
-
-	* appl/ftp/Makefile.in: Use @SET_MAKE@
-
-	* appl/bsd/rsh.c: get_shell_port: use `k_getportbyname'
-
-	* appl/bsd/rlogin.c: get_login_port: use `k_getportbyname'
-
-	* appl/bsd/kcmd.c: Removed bogus casts to `caddr_t'
-
-	* admin/kstash.c: Removed bogus flushing of stderr.  Replaced lots
- 	of `exit(-1)' by `return 1'
-
-	* admin/kdb_util.c: Removed unused variable `aprinc'.
-	Removed bogus flushing of stderr.
-	Replaced lots of `exit(-1)' by `return 1'.
-
-	* admin/kdb_edit.c, admin/kdb_init.c: use `return' instead of
- 	calling `exit' and use 1, not -1, for failure.
-
-	* Makefile.in: Use @SET_MAKE@
-
-	* aclocal.m4: AC_NEED_PROTO: need macro to determine if we need to
- 	define a prototype for a function.
-
-	* configure.in: Reordered.  Removed unused stuff.  Start using
- 	AC_NEED_PROTO.
-
-	* config.guess: merged in FSF version from 960908.
-
-Tue Sep 3 1996
-
-	* include/protos.H: Added optarg, opterr, optind, optopt and
- 	(fclose under Sunos 4).  Removed these declarations from lots of
-	other files.
-
-	* acconfig.h: Add undefs for h_errno, h_errlist, optarg, optind,
- 	opterr, and optopt.
-
-	* configure.in: Use `AC_NEED_DECLARATION' for h_errno, h_errlist,
- 	optarg, optind, opterr, and optopt.
-
-	* aclocal.m4: New macro `AC_NEED_DECLARATION' to figure out if we
- 	need to have an external declaration of a variable.
-
-Mon Sep 2 1996
-
-	* lib/krb/krb.h: Removed unused `req_act_vno' and `k_log'.
-  	Changed all callers.
-
-	* lib/krb/krb.h: Removed definition of `MAX_HSTNM'.
-
-	* lib/krb/send_to_kdc.c: Removed use of `MAX_HSTNM'.
-
-	* appl/afsutil/pagsh.c: Some reformatting and fixed the off-by-one
- 	args bug.
-
-Sat Aug 31 1996
-
-	* lib/krb/{send_to_kdc.c, getrealm.c}, appl/xnlock/xnlock.c,
- 	appl/kauthkauth.c, appl/bsd/{rshd.c,rlogind.c}: Removed '#if 0'-ed
- 	code.
-
-	* lib/krb/get_in_tkt.c: Removed '#if 0'-ed code and now compiles
- 	with NOENCRYPTION.
-
-	* kadmin/ksrvutil.c: Now compiles with NOENCRYPTION.
-
-	* appl/ftp/ftpd/ftpcmd.y: Throw away passwd after use.
-
-	* appl/ftp/ftpd/ftpd.c: Fixed old comment.
-
-	* slave/kpropd.c: s/sa_len/salen/ Irix has a #define for sa_len.
-	
-	* lib/kdb/krb_dbm.c: If key->dptr is not a `char *' we have to
- 	cast it before adding to it.
-
-	* configure.in: Old test for `sa_len' in `struct sockaddr' fails
- 	on IRIX 6.2.  Try to compile a program refering to that field
- 	instead of grepping for it in <sys/socket.h>.
-
-	* appl/bsd/kcmd.c: Removed old and broken code.
-
-	* configure.in: Check for `gethostname', `uname', and
- 	<sys/utsname.h>
-
-	* lib/krb/k_gethostname.c: Try to use `uname' if we have no
- 	`gethostname'.
-
-	* appl/ftp/ftpd/klogin.c: Incorrect use of `gethostname' replaced
- 	by correct use of `k_gethostname'.
-
-
-	* lib/roken/verify.c: Change name verify_unix_user ->
- 	unix_verify_user in analogy with krb_verify_user.
-
-Fri Aug 30 1996
-
-	* appl/xnlock/Makefile.in: Install man-page.
-
-	* configure.in, */Makefile.in: Replace `-shared' with some other
- 	option when not using gcc.
-
-	* lib/kafs/afssys.c: Do not start by checking if we have AFS in
- 	`k_afsklog'.
-
-	* appl/bsd/rlogin.c: More kludges to make it work with rlogin on
- 	linux: Do not select for an exceptional condition on `rem' after
- 	having received EINVAL.
-	
-	Also rewrote ifndef NOENCRYPTION stuff.
-
-	* appl/bsd/rlogind.c: More kludges to make it work with rlogin on
- 	linux: Only send oob data just after having sent normal data to
- 	make sure we never send two consecutive bytes of oob data.
-
-	Also rewrote ifndef NOENCRYPTION stuff.
-
-Thu Aug 29 1996
-
-	* lib/kafs/Makefile.in: Use `ld' instead of `cc' for linking
- 	afslib.so.  Not everybody has cc.
-
-Wed Aug 28 1996
-
-	* Release 0.9.2a
-
-Mon Aug 26 1996
-
-	* appl/bsd/login.c: Clean-up.  Made static a lot of functions and
- 	variables.  Rewrote some function definitions to ANSI-style.
-
-	* appl/bsd/sysv_environ.c: KRB4_MAILDIR may and may not contain a
- 	trailing slash.  We need to be very careful to make sure the
- 	contents of $MAIL does not contain two, because RMAIL in emacs
- 	uses it and emacs is no friend with double slashing.
-
-
-	* lib/kafs/afssys.c (k_afsklog_all_local_cells): Now should return
- 	correct value.
-
-Sun Aug 25 1996
-
-	* Release 0.9.2.
-
-Sat Aug 24 1996
-
-	* lib/roken/hstrerror.c: Check for h_errlist prototype.
-
-Thu Aug 22 1996
-
-	* lib/krb/send_to_kdc.c, etc/services.append, server/kerberos.c:
- 	Changed `kerberos' to `kerberos-iv' now that it has been
- 	registered with IANA.
-
-	* man/rshd.8, man/rlogind.8: updated documentation of `-a'
-
-	* lib/roken/roken.h: Added declaration of `h_errno'
-
-	* kuser/Makefile.in: Link kdestroy with KRB_KAFS_LIB
-
-	* appl/kauth/kauth.h: Stupid declarations for syslog.
-
-	* appl/kauth/kauthd.c: syslog errors and success.
-
-	* include/protos.H: Removed `h_errno', now in roken.h Declare
- 	`getusershell' under solaris.
-
-	* configure.in, acconfig.h: Figure out if we have to declare
- 	`h_errno'.
-
-	* appl/ftp/ftp/kauth.c: Added support for afs_string_to_key.
-
-Wed Aug 21 1996
-
-	* lib/kafs/afssys.c: Look for AFS database servers in dns also.
-
-	* lib/kafs/afssys.c: Add support for a ~/.TheseCells-file.
-
-Sun Aug 18 1996
-
-	* appl/bsd/rlogind.c: Removed unused `check_all' variable.  Use
- 	`inaddr2str'.
-
-	* appl/bsd/rshd.c: Use `inaddr2str'.
-	
-	* appl/bsd/iruserok.c: Removed potential buffer overrun after
- 	`gethostbyaddr'.
-
-	* lib/roken/inet_aton.c: Some const-ness.
-
-	* lib/roken/Makefile.in: Add `inaddr2str.o'.
-
-	* appl/ftp/ftpd/ftpd.c: Use `inaddr2str'.
-
-	* lib/roken/inaddr2str.c, lib/roken/roken.h: New function
- 	`inaddr2str' to convert an IP address into a verified hostname or
- 	a string of the form x.y.z.a
-
-	* lib/krb/{krb_locl.h, krb.h, k_name_to_name.c, k_getsockinst.c,
- 	getrealm.c}: Some const-ness.
-	
-	* appl/bsd/bsd_locl.h: Removed another prototype for `crypt'.
-
-	* appl/kpopper/popper.h: Some const-ness to get rid of a warning.
-
-	* appl/bsd/rshd.c: Always check reverse mapping.  Removed
- 	`local_domain' and `top_domain'.  Added some const-ness.
-
-Sat Aug 17 1996
-
-	* include/Makefile.in: Removed VPATH.  With it this makefile does
- 	not work correctly.
-
-	* lib/krb/rw.c, lib/krb/krb_locl.h: Changed parameters to
- 	`krb_{get,put}'-functions to void *.
-
-	* include/protos.H: Add `getusershell' in solaris.
-
-	* appl/kauth/kauthd.c, appl/bsd/{rlogin.c,rlogind.c}: Less
- 	warnings because of arguments to `setsockopt'.
-
-	* lib/roken/roken.h: Fixed prototype of `inet_aton'
-
-Wed Aug 14 1996
-
-	* lib/roken/verify.c: Use <crypt.h> if there is one.
-
-	* lib/kafs/Makefile.in: AFS_EXTRA_LIBS is always called
- 	`afslib.so'.  Otherwise some makes get upset when there is no such
- 	library to be made.
-
-	* appl/telnet/telnetd/telnetd.h: <protos.h> are needed to get
- 	prototype for `ptsname'.
-
-	* appl/bsd/rlogind.c, appl/kpopper/pop_dropinfo.c,
-	appl/telnet/libtelnet/{auth.h,enc_des.c,kerberos.c},
-	appl/telnet/telnet/utilities.c, appl/telnet/telnetd/{sys_term.c,
-	telnetd.h, kadmin/admin_server.c, kuser/klist.c,
-	lib/kdb/{krb_cache.c, krb_dbm.c}, lib/krb/{fgetst.c, getst.c,
-	log.c, tf_util.c}: Include type `int' on all definitions and
- 	remove unnecessary `register'.
-
-	* appl/bsd/login_access.c: Fix parameter declaration to
- 	`netgroup_match'.
-
-	* appl/bsd/forkpty.c, include/protos.h: s/__sgi__/__sgi//g
-
-	* admin/kdb_util.c: Use `errno' for error message instead of
- 	uninitialized variable.
-
-Tue Aug 13 1996
-
-	* appl/kauth/rkinit.c: Default port should be the same in kauth
- 	and kauthd.
-
-Sun Aug 11 1996
-
-	* configure.in: Added `AC_REVISION'
-
-	* slave/kpropd.c: Cleaned up structure.  Now returns useful value.
-
-	* lib/roken/verify.c: Broken OSes need declartion of `crypt'.
-
-	* lib/roken/roken.h: Added prototype for `verify_unix_user'.
-
-	* lib/krb/lsb_addr_comp.h: Added prototype for `lsb_time'.
-
-	* lib/krb/{get_admhst.c, get_default_principal.c, get_krbhst.c,
- 	get_krbrlm.c, getrealm.c, realm_parse.c} : Check for buffer
- 	overwrite correctly.
-
-	* lib/krb/rw.c, lib/krb/krb_locl.h: Prepended `krb_' to `get_int',
- 	`put_int', `get_address', `put_address', `put_string',
- 	`get_string', `get_nir', and `put_nir'.  Changed all callers.
-
-	* lib/kdb/krb_db.h: Added prototype for `kerb_delete_principal'
- 	and `kerb_db_delete_principal'.
-
-	* lib/kadm/kadm_cli_wrap.c: Removed unused variable.
-
-	* appl/telnet/telnetd/telnetd.c: Changed bogus `strncpy' to
- 	`strcpy'.
-
-	* appl/bsd/su.c: Fixed error messages from execv.
-
-	* appl/bsd/rlogin.c: Fixed potential buffer overrun when reading
- 	"TERM".
-
-Thu Aug 8 1996
-
-	* appl/telnet/telnet/commands.c, appl/kauth/rkinit.c: Replaced
- 	`herror' by `hstrerror'.
-	
-	* appl/bsd/login.c: chmod the tty so that it is writable for group
- 	tty.
-
-	* configure.in: Use AC_FIND_IF_NOT_BROKEN for herror and
- 	hstrerror.
-
-	* aclocal.m4: New macro `AC_FIND_IF_NOT_BROKEN'
-
-	* config.guess: Add 686
-
-Tue Aug 6 1996
-
-	* lib/krb/getrealm.c: Fallback for `T_TXT'
-
-	* configure.in: Look for `res_search' and `dn_expand' in
- 	libresolv.
-
-Mon Aug 5 1996
-
-	* */Makefile.in: Add Id to those missing it.
-
-	* configure.in: Small fix in comment.
-
-
-	* Release 0.9.1.
-
-
-	* appl/ftp/ftpd/ftpcmd.y: s/timeout/ftpd_timeout/
-
-	* appl/kstring2key/kstring2key.c: `usage' changed to void.
-
-	* lib/krb/mk_req.c: `build_request' changed to void.
-
-	* appl/ftp/ftp/ftp_locl.h: Changed order of includes.
-
-	* appl/bsd/login.c, appl/ftp/ftpd/*: s/timeout/login_timeout/
-
-	* lib/kafs/afssysdefs.h: undef AFS_SYSCALL if we are defining it.
-
-Sun Aug 4 1996
-
-	* lib/kafs/afssys.c: AIX systems will now correctly (I hope)
- 	detect whether AFS is loaded or not. This is currently a bit
- 	kludgy, and involves loading an external shared library,
- 	afslib.so, which can be put in athena/lib or pointed to with
- 	environment variable AFSLIBPATH.  This is only tested on AIX 4
- 	(due to lack of an AIX 3 system).
-
-
-	* lib/krb/getrealm.c: Range-check the result from the DNS.
-
-	* lib/krb/get_krbrlm.c: Try to use the DNS to find out which realm
- 	this host belongs to.
-
-	* kadmin/ksrvutil_get.c: Fixed error message.
-
-
-	* lib/kafs/*: Fix aix/afs brokenness.
-
-	* lib/kadm/kadm_stream.c (stv_string): Range check.
-
-Fri Jul 26 1996
-
-	* appl/ftp/common/{ftp,ruserpass}.c: Less bogus domain name
- 	handling.
-
-Mon Jul 22 1996
-
-	* lib/krb/mk_req.c: Use encrypt_ktext()
-
-	* configure.in, lib/kafs/afssys.c: Add option to exclude AFS
- 	support (this is useful only on AIX systems that doesn't have
- 	AFS).
-
-	* configure.in: Removed configuration from subdirectories.
-
-Sat Jul 13 1996
-
-	* appl/ftp/ftp/extern.h, appl/ftp/ftp/ftp.c: Substitute `struct
- 	fd_set' with `fd_set'.
-
-Mon Jul 8 1996
-
-	* Makefile.in: install should depend on all.
-
-Sun Jul 7 1996
-
-	* appl/bsd/su.c: Allow root to set the uid without entering a
- 	password.
-
-Fri Jul 5 1996
-
-	* lib/krb/getrealm.c: Add automatic dns realm search.
-
-Thu Jul 4 1996
-
-	* lib/krb/log.c (krb_log): Renamed k_log(...) to krb_log(...) for
- 	compatibility with CNS. There is still a #define k_log krb_log.
-
-	* util/et/et_list.c: Hack to resolve _et_list in shared libraries.
-
-Fri Jun 28 1996
-
-	* appl/bsd/rlogin.c (reader): If after a select rlogin fails to
- 	read expected OOB data try to read ordinary data before	continuing.
-
-	* appl/bsd/rlogin.c (oob_real): SunOS5 tty race kludge.
-
-	* appl/bsd/rlogind.c: Cleanup oobdata stuff.
-
-Thu Jun 27 1996
-
-	* appl/bsd/login.c (main): Also check for complete tty name with
- 	`rootterm'.
-
-	* lib/krb/check_time.c: New function `krb_check_tm'.
-
-	* lib/roken/tm2time.c: New function `tm2time', mktime generalized
-	to local timezone and UTC.
-
-	* kadmin, admin: Use `tm2time' and `krb_check_time' instead of
- 	`maketime'.
-
-Tue Jun 25 1996
-
-	* lib/krb/mk_priv.c (krb_mk_priv): Send correct address.
-
-	* appl/kauth/kauthd.c: Set ticket file to some sane default, and
- 	add -i debugging switch.
-
-Mon Jun 24 1996
-
-	* appl/xnlock, appl/kauth, appl/telnet/telnetd: Use BINDIR and not
-	`/usr/athena/bin'.
-
-Wed Jun 19 1996
-
-	* appl/bsd/rlogin.c: consistent usage of oob_real.
-
-	* appl/bsd/rlogind.c: Do not send oob garbage when running
- 	solaris?  Seems that linux is unable to handle the duplicate
- 	urgent data that is the result.
-	
-	* appl/bsd/rlogind.c: Fix usage.
-
-	* appl/bsd/kcmd.c: Don't F_SETOWN.
-
-Mon Jun 17 1996
-
-	* lib/krb/rw.c: Add get_address() and put_address().
-
-
-	* appl/telnet/telnetd/telnetd.c: updated usage
-
-	* appl/bsd/su.c: Replaced getpass by des_read_pw_string
-
-	* appl/bsd/forkpty.c (ptym_open): Removed unused `ptr2'.
-
-	* appl/bsd/rlogind.c: Removed unused functions and made others
- 	static.
-
-Sun Jun 16 1996
-
-	* Release 0.9.
-	
-
-	* appl/ftp/ftpd/ftpd.c: Don't just send data in plain when doing
- 	NLST.
-
-
-	* configure.in: test for setresgid.
-
-	* kadmin/ksrvutil_get.c: Fixed byte manipulations of keys.
-
-Sat Jun 15 1996
-
-	* lib/des/rnd_keys.c (des_rand_data): At least `srandom'.
-
-	* appl/ftp/ftp/cmds.c: Support longer passwords when retrying
- 	login.
-
-	* kadmin/admin_server.c, man/kadmind.8, kth-krb.texi: Reading key
- 	file from file is now the default.  Use `-m' to enter it manually.
-  	`-n' is currently a no-op.
-
-	* appl/ftp/ftpd/ftpd.c: Add S/Key support.
-
-	* appl/ftp/ftpd/Makefile.in: Link with S/Key.
-
-	* appl/ftp/configure.in: Test for S/key.
-	
-	* configure.in, aclocal.m4: Moved skey test
-	to aclocal.m4.
-
-	* appl/bsd/login.c: Correct argument to `skeyaccess'.
-
-Fri Jun 14 1996
-
-	* lib/krb/verify_user.c: New parameter to specify service key
-	instance, NULL means "rcmd".
-
-	* lots of files: All ticket filenames uses `TKT_ROOT'.
-
-	* appl/bsd/rlogind.c: Check for uid == 0 and user != "root".
-
-Tue Jun 11 1996
-
-	* appl/kpopper/pop_init.c(pop_init): Got rid of some old ifdef'ed
-	code.
-
-	* lib/kdb/krb_dbm.c: Add macro for `dbm_delete' for the people
- 	that are ndbm challenged.
-
-Mon Jun 10 1996
-
-	* lib/krb/kname_parse.c: Got rid of duplicate defintions.
-
-	* appl/ftp/ftp/ruserpass.c: Get hostname even if user has no
- 	'.netrc' file.
-
-
-	* lib/kadm, lib/kdb, kadmin: Add database delete operation.
-
-	* lib/krb/kname_parse.c: Allow dots in instances.
-
-
-	* appl/bsd/rlogind.c (logwtmp): Only define `logwtmp' if it does
-	not exist.  Log more garbage.
-
-Sun Jun 9 1996
-
-	* appl/telnet/configure.in: Check for `logwtmp'.
-
-	* appl/ftp/configure.in: Use `AC_FUNC_MMAP'
-
-
-	* appl/bsd/forkpty.c: Removed all ugly pty search stuff from
- 	ptym_open().
-
-	* configure.in: Modified the creation of version.h, now actually
- 	shows up with ident.It is now also slightly more keen on creating
- 	a new version.h.
-
-Sat Jun 8 1996
-
-	* lib/roken/verify.c: <stdio.h> for NULL.
-
-	* appl/xnlock/xnlock.c (leave): Call XCloseDisplay, otherwise
- 	screen saver changes are not updated before closing the X
- 	connection.
-
-
-	* appl/bsd/utmp_login.c: Remove tty-prefix from ut_id; this field
- 	is usually very short.
-
-Fri Jun 7 1996
-
-	* slave/kpropd.c: Add option -m to merge rather then load
- 	database.
-
-Thu Jun 6 1996
-
-	* admin/kdb_util.c: Add a merge operation.  (One day it might be
- 	used to propagate only patches to the database)
-
-Wed Jun 5 1996
-
-	* appl/kpopper: Support both POP3 and KPOP3.
-
-	* appl/xnlock/xnlock.c: Use `verify_unix_user'
-
-	* lib/roken/verify.c: verify_unix_user: New function from xnlock
- 	for checking passwd in `/etc/passwd'.
-
-	* appl/telnet/telnetd/sys_term.c: gettimeofday buglet
-
-
-	* slave/kpropd.c: Rewrite of kpropd.
-
-	* admin/kdb_util.c: Sanity check on input to load_db.
-
-	* slave/kpropd.c: Use default value for fname.
-
-	* slave/kprop.c: Use some sane default values for data_file and
- 	slaves_file.
-
-	* admin/kdb_util.c: If there isn't any database when loading,
- 	create an empty one.
-
-Mon Jun 3 1996
-
-	* appl/telnet/telnetd/sys_term.c: Somewhat changed the way utmpx
- 	entries are created. It should now work on both Solaris and IRIX,
- 	without stale login information.
-
-Sat Jun 1 1996
-
-	* lib/krb/k_gethostname.c (k_gethostname): Fallback.
-
-	* lib/krb/send_to_kdc.c (send_to_kdc),
-	  kadmin/kadm_ser_wrap.c (kadm_ser_init),
-	  slave/kprop.c (prop_to_slaves),
-	  slave/kpropd.c (main): Use `k_getportbyname'.
-
-Fri May 31 1996
-
-	* Lots of files: more #includes ifdefad and cleaned up.
-
-Thu May 30 1996
-
-	* Lots of files: Replaced bcopy/bzero/bcmp with
- 	memcpy/memset/memcmp.
-
-
-	* lib/krb/get_default_principal.c: Use getlogin() if it is the BSD
- 	variant that actually gives some information.
-
-	* lib/krb/create_ticket.c: Write correct address byteorder.
-
-	* lib/kadm/kadm_stream.c,kadm_cli_wrap.c: Don't assume int32_t is
- 	four bytes.
-
-	* kadmin/kpasswd.c: Allow principal without -n.
-
-	* kadmin/kadmin.c: Use krb_get_default_principal.
-
-	* appl/ftp/ftpd/ftpd.c: Fix bare newline bug.
-
-	* appl/bsd/rlogind.c: Add -i and -p options to start rlogind from
- 	command line (for debugging).
-
-	* INSTALL: Rewritten.
-
-Wed May 29 1996
-
-	* appl/ftp/ftp/krb4.c: Handle different sizes of returned
- 	checksum.
-
-
-	* appl/bsd/Makefile.in: Don't install login setuid.
-
-Fri May 24 1996
-
-	* appl/bsd/rsh.c: Don't run away yelling if someone calls you
- 	`remsh'.
-
-Sun May 19 1996
-
-	* lib/krb/kdc_reply.c: Remove unused function decrypt_tkt. Sanity
- 	check on decrypted ticket.
-
-Wed May 15 1996
-
-	* server/kerberos.c: Should work with the new libkrb
-
-	* appl/kip: Support more than one tunnel device.
-
-
-	* lib/krb/*.c: All functions that create or decode kerberos
- 	packets have been rewritten.  Hopefully, everything still
- 	works. This is to eliminate problems with wierd systems, like
- 	Crays, that doesn't have any two or four byte integers. Some of
- 	these changes could be a lot more pretty, and *many* assumptions
- 	that sizeof(int32) == 4 still exist in the rest of the code,
- 	though.
-
-	As a side effect, all packets sent are now in network byte order.
-
-Mon May 13 1996
-
-	* configure.in: Shared libraries for Irix
-
-
-	* Several fixes for UNICOS.
-
-	* appl/ftp/ftp/krb4.c: Allow default data protection level through
- 	a "prot level" in .netrc. This really should be done in a more
- 	useful manner.
-
-Sun May 12 1996
-
-	* appl/xnlock/xnlock.c: Cleaned up user verification code. Now
- 	uses new function krb_verify_user.  Also fixed a few problems with
- 	the password prompt box.
-
-	* lib/krb/verify_user.c: New function krb_verify_user to verify a
- 	user with kerberos.
-
-
-	* appl/kip: New program for forwarding IP packets over kerberised
-	connections using tunnel devices.
-
-	* appl/kauth/kauth.c, kadmin/ksrvutil.c: Use
- 	krb_get_default_principal
-
-	* appl/bsd/rlogind.c: Do not change portnumber to host order if
- 	using kerberos.  This will cause the magic
- 	`reverse-time-if-port-is-less-than' to fail.
-
-	* lib/des/GNUmakefile: Removed file.  This file causes problem
-	when building in the source directory and when using GNU make
-	which prefers this file to the generated Makefile.
-
-	* appl/bsd/login.c: More careful when handling returned value from
- 	`getspnam'.
-
-Sat May 11 1996
-
-	* lib/krb/realm_parse.c: New function to expand a non-complete
- 	realm to its official name, e.g nada -> NADA.KTH.SE.
-
-	* lib/krb/get_default_principal.c: New function to guess the
- 	default principal to use. Looks at any existing ticket file first,
- 	then at uid/logname etc.
-
-
-	* kadmin/kadmin.c: Use kname_parse and allow different instances
- 	and realms.
-
-	* lib/roken/k_getpwnam.c: New function k_getpwnam that should work
- 	with and without shadow passwords.
-
-	* Lots of files: s/getpwnam/k_&/g.
-
-Tue May 7 1996
-
-	* lib/des/des_locl.h: DES library updated to version 3.23,
- 	des_locl.h now includes configure.h to get HAVE_TERMIOS etc.
-
-	* lib/des/des.h: On the alpha define DES_LONG to unsigned int.
-	
-
-	* kuser/kinit.c: Handle passwords longer than 16 characters.
-
-	* appl/xnlock/xnlock.c (GetPasswd): Handle longer passwords than
-	16 characters.
-
-Sun May 5 1996
-
-	* Release 0.8.
-
-
-	* appl/ftp/ftpd/kauth.c: Klist command.
-
-
-	* appl/ftp/ftpd: Removed `-g' from calls to ls.
-
-	* appl/ftp/ftp/cmds.c (setpeer): Fix so that opening a second
-	connection to a specified port works.
-
-	* appl/telnet/telnet: Default is binary.
-
-	* appl: Now build under Ultrix.
-
-	* appl/kx: Now even builds on AIX.
-
-Sat May 4 1996
-
-	* lib/des: Now merged in libdes 3.21 on main branch.
-
-
-	* appl/ftp/ftpd/logwtmp.c: Slightly different functionality. Works
- 	on systems that has more fields in struct utmp such as OSF/1.
-  	Still some questions about Solaris.
-
-	* lib/krb/lsb_addr_comp.c: Now byteorder independent.
-
-
-	* appl/kx: Rewrote kx & kxd to share more code.  They are also now
- 	able to talk both ways.
-
-	* lib/kdb/krb_dbm.c (kerb_db_rename): Now works properly when
-	using berkeley DB.
-
-Thu Apr 25 1996
-
-	* lib/krb/get_krbrlm.c (krb_get_default_realm): New function for
- 	SunOS5 compat.
-
-	* When building shared libraries link libkrb with libdes to be
- 	compatible with SunOS5.
-
-	* Move lib/krb/krb_err.et to lib/kadm since it is only used there,
- 	no longer need to link libkrb against libcom_err.
-	
-Wed Apr 24 1996
-
-	* lib/krb/lsb_addr_comp.h: Renamed ugly lsb_addr_comp.
-
-	* Some porting to UNICOS.
-
-Tue Apr 23 1996
-
-	* Moved some junk from appl/bsd to libroken.
-	
-	* lib/roken/Makefile.in (LIBNAME): Added header file roken.h for
- 	library libroken.a.
-
-
-	* Add kerberized ftp.
-
-	* Add libroken.
-
-Mon Apr 22 1996
-
-	* appl/kauth/kauth.c: When commands are given to kauth, a new
- 	ticket file is used.
-
-Sat Apr 20 1996
-
-	* appl/xnlock/xnlock.c: Fixed a potential overwrite bug. Also
- 	works with more than one screen, only fancy stuff on screen 0,
- 	though.
-
-Fri Apr 19 1996
-
-	* appl/bsd/login.c, su.c, rshd.c, rlogind.c: Syslog and abort when
- 	getpwnam returns uid == 0 but user is not root. This is usually
- 	the result of an attack on NIS (former YP).
-
-Wed Apr 17 1996
-
-	* kadmin/ksrvutil.c (get_key_from_password): Support for
- 	generating AFS keys.  From <flag@it.kth.se>
-
-Sun Apr 14 1996
-
-	* appl/kx: New program for forwarding a X connection.
-
-Mon Apr 8 1996
-
-	* appl/bsd/rsh.c (get_shell_port): Default port number for ekshell
- 	changed from 2106 to 545.
-
-	* appl/bsd/login.c (doremotelogin): Remove terminal speed from the
- 	value of $TERM in the case of an ancient rlogind being used.
-
-Thu Apr 4 1996
-
-	* lib/kafs/afssys.c (k_afsklog): Try to read from
-	/usr/vice/etc/TheseCells for list of cells we should try to obtain
-	tokens for.
-
-	* appl/kauth/kauth.c (renew): Use cell even when renewing.
-	
-	* appl/kauth/kauth.c, appl/xnlock/xnlock.c: Always call k_afsklog
- 	with realm == NULL.
-
-
-	* lib/kafs/afssys.c: More thorough guessing of what realm a cell
- 	belongs to.
-
-Wed Apr 3 1996
-
-	* appl/bsd/login.c: If setuid() failes and not logging in as root,
- 	exit.
-
-Tue Apr 2 1996
-
-	* server/kerberos.c: Set name, inst, and realm to NULL in
- 	APPL_REQUEST, error replies tend to look a bit funny otherwise.
-
-Thu Mar 28 1996
-
-	* appl/bsd/iruserok.c (iruserok): Imported iruserok() FreeBSD.
-
-Tue Mar 26 1996
-
-	* lib/des/Makefile.in: Removed enc_read.c enc_writ.c.
-	
-	* appl/bsd/Makefile.in: New file with the old functions from
- 	libdes.
-
-
-	* appl/bsd/utmp_login.c: Fixed (hopefully) double utmp-entries in
- 	Solaris. Only put entries in one of utmp/utmpx, since they both
- 	get updated by putut*ent() anyway.
-
-Mon Mar 25 1996
-
-	* kuser/klist.c (main): Use verbose option (-v) to list key
- 	version numbers.
-
-
-	* Release 0.7.
-
-Sun Mar 24 1996
-
-	* appl/bsd/rlogin.c (doit): Moved signal junk (as far as possible)
-        to doit().
-
-
-	* configure.in: Check for getmsg with AC_TRY_RUN instead.
-	Otherwise it fails under AIx 3.2.  Now rlogind works on this
-	so-called OS.  Also cache value of berkeley db check.
-
-
-	* lib/kdb/krb_kdb_utils.c: New experimental masterkey generation,
- 	enabled with --enable-random-mkey. This makes kdb_init et al
- 	generate random master keys, based on random input from the
- 	user. This comes in a package with auto-kstash, and possibility to
- 	enter lost master keys as base64.
-
-	Moved default master key file from /.k to
- 	/var/kerberos/master-key, override with --with-mkey=file.
-
-
-	* kadmin/kadmin.c (do_init): Handle the `-t' option to kadmin,
-	meaning do not get a new ticket file.  (From CNS).
-
-Fri Mar 22 1996
-
-	* appl/xnlock/xnlock.c: Removed some dead code, and a few unused
- 	header files.
-
-
-	* kadmin/pw_check.c (kadm_pw_check): If kadm_pw_check()
- 	fails *pw_msg can't be 0! At the very least use the
-	empty string but a descriptive error-message is preferred.
-
-	* libtelnet: add nonbroken signal() function.
-
-Wed Mar 20 1996
-
-	* appl/kpopper/pop_pass.c (pop_pass): Use kuserok to determine if
-	user is allowed to fetch mail.
-
-	* appl/kpopper/*. Got rid of some ugly codes and some warnings.
-
-	* appl/bsd/Makefile.in: signal.o was not included in OBJECTS,
-	which made strange makes not doing what they should.
-
-	* configure.in, appl/kpopper/popper.h, appl/bsd/pathnames.h: Now
- 	should work on systems that do not have mail spool files in
- 	/var/spool/mail.  Looks for MAILDIR or _PATH_MAILDIR, usually from
- 	<paths.h> or <maillock.h>.  Defaults to /var/spool/mail.
-
-Mon Mar 18 1996
-
-	* appl/bsd/bsd_locl.h: TIOCPKT for those systems missing it.
-
-Fri Mar 15 1996
-
-	* lib/kafs/kafs.h: Use <sys/ioctl.h> instead of <sys/ioccom.h>
-
-	* appl/bsd/rshd.c (doit): Don't set environ, send it as an
- 	argument to execle instead.
-
-	* lib/kafs/kafs.h: Find definition of _IOW.
-
-	* configure.in: Check for random.
-
-	* appl/bsd/bsd_locl.h: Including <crypt.h> gives too many conflicts.
-
-	* appl/afsutil/pagsh.c: Check for random.
-
-Thu Mar 14 1996
-
-	* appl/bsd/bsd_locl.h, appl/telnet/telnetd/defs.h: Default values
-	of `TIOCPKT_FLUSHWRITE' & c:o.
-
-	* appl/telnet/telnet{,d}/Makefile.in (telnetd): Change order of
-	linking in libraries.
-
-	* configure.in: Check for interesting functions in libsocket and
-	libnsl and not strange soriasis inventions.
-
-Wed Mar 13 1996
-
-	* appl/bsd/bsd_locl.h (fatal): Only use prototype or iruserok if
-	the function does not exist.
-
-Mon Mar 11 1996
-
-	* lib/krb/krb_err_txt.c (krb_get_err_text): Changed name of
- 	krb_err_msg to krb_get_err_text(int) to be compatible with the CNS
- 	distribution. This function is used for instance by CVS-1.7.
-
-Sun Mar 10 1996
-
-	* configure.in, appl/Makefile.in: removed rkinit
-
-	* etc/inetd.conf.changes, etc/services.append: Added kauth.
-
-	* appl/kauth: Integrated rkinit into kauth.
-	
-	* appl/kauth/kauth.c (main): Only look for principal name if no -p
-	has been given.
-
-	* lots of files: prototypes and other small fixes.
-	
-	* appl/bsd/sysv_shadow.h: spwd multiple defined.
-
-	* appl/bsd/bsd_locl.h: include <crypt.h>
-
-	* configure.in: Added afsutil and rkinit.
-
-	* */Makefile.in: Do cd $$i && $(MAKE).  Otherwise, if cd fails you
-	end up with an infinite recursion.
-
-	* kuser/klist.c (display_tktfile): Another warning removed.
-
-Tue Mar 5 1996
-
-	* appl/bsd/forkpty.c (forkpty): Kludge for Ultrix, rlogind now
- 	works properly also under this system.
-
-
-	* appl/afsutil: New aklog and pagsh
-
-
-	* lib/krb/krb_equiv.c (krb_equiv): Fix bugs with '\\'.
-
-	* lib/des/rnd_keys.c: Include <sys/time.h>.
-
-Mon Mar 4 1996
-
-	* appl/kauth/kauth.c (main): Handle name when given after options.
-
-Sun Mar 3 1996
-
-	* appl/rkinit/rkinit.c (getalladdrs): Check for herror.  Solaris
-	apparently does not have any.
-	(main): Use memset instead of bzero.
-
-	* appl/rkinit/rkinitd.c (decrypt_remote_tkt): bcopy -> memcpy.
-
-	* kuser/kinit.c (main): Corrected lifetime.
-
-	* lib/krb/krb_equiv.c (krb_equiv): Now handles longer lines,
-	continuation lines and addresses of the form 193.10.156.0/24.
-
-
-	* kuser/Makefile.in (kdestroy): Link kdestroy with libkafs.
-
-Wed Feb 28 1996
-
-	* Replaced all occurencies of krb_err_txt[] with new function
- 	krb_err_msg(), that does some sanity checks before indexing
- 	krb_err_txt.
-
-Mon Feb 26 1996
-
-	* appl/telnet/telnetd: Added flags -z to have telnetd log
- 	unauthenticated logins, such as when using an old telnet
- 	client. Unfortunately in most of these cases, the user name is not
- 	known.
-	
-	There should also be a way to tell the difference between bad
- 	authentication (such as with expired tickets) and no attempt to
- 	provide authentication (such as with an old client).
-
-Sun Feb 25 1996
-
-	* kuser/kdestroy.c: Remove afs-tokens as well as tickets, -t flags
- 	added to prevent this.
-
-Thu Feb 22 1996
-
-	* appl/rkinit/rkinitd.c (doit): Use k_getsockinst to make it work
-	correctly for multi-homed hosts.
-
-	* appl/rkinit: New program with rkinit functionality.
-
-	* lib/krb/k_getport.c: Function for finding port in /etc/services
-	with fallback.
-
-	* lib/krb/netread.c,netwrite.c (krb_net_{read,write}): Now correct
-	prototype with void * and size_t.
-
-Wed Feb 21 1996
-
-	* kadmin/new_pwd.c (get_pw_new_pwd): Moved get_pw_new_pwd to
-	seperate file.  Now called both from kadmin and kpasswd.
-
-	* kadmin/pw_check.c (kadm_pw_check): Handle the case of no
-	password provided.  This is really a policy decision.  The server
-	should be able to say `use a client that sends the password'.
-
-	* appl/bsd/rlogind.c (local_domain): MAXHOSTNAMELEN -> MaxHostNameLen.
-
-Sun Feb 18 1996
-
-	* appl/bsd/rcp.c (answer_auth): Made rcp multihome aware.
-
-	* appl/bsd/rlogind.c (do_krb_login): Made rlogind multihome aware.
-
-	* appl/bsd/rshd.c (doit): Made rshd multihome aware.
-
-	* lib/krb/k_getsockinst.c (k_getsockinst): New function to figure
-        out the instance name of interfaces on multihomed hosts. Use this
-        function when making daemons multihome aware.
-
-	* appl/telnet/libtelnet/kerberos.c (kerberos4_is): Made telnetd
-        multihome aware.
-
-Mon Feb 12 1996
-
-	* Release 0.6.
-
-Sun Feb 11 1996
-
-	* lots of files: hacks to make it all compile.
-
-	* configure.in, appl/telnet/configure.in: More broken AIX.
-
-
-	* appl/bsd/bsd_locl.h: Fix for old syslogs (as in Ultrix).
-
-
-	* appl/telnet/libtelnet/encrypt.c: encrypt_verbose by default.
-
-
-	* appl/telnet/libtelnet/kerberos.c: Show difference between
- 	MUTUAL and ONE_WAY KERBEROS4.
-
-	* appl/telnet/libtelnet/encrypt.c:
-	Print message about not encrypting when receiving WONT or DONT encrypt.
-
-
-	* configure.in: Automatic check for HAVE_NEW_DB.
-
-
-	* lib/krb/getaddrs.c (k_get_all_addrs): Fixed for systems with
-        SOCKADDR_HAS_SA_LEN, aka 4.4BSD-based.
-
-	* appl/telnet/telnetd/global.c: Removed some multiple defined
-        variables.
-
-	* appl/bsd/rlogind.c (cleanup): ifndef HAVE_VHANGUP.
-
-	* appl/bsd/sysv_shadow.h: Add DAY and DAY_NOW ifndef.
-
-	* configure.in: Check if `struct sockaddr' has `sa_len'.
-
-Sat Feb 10 1996
-
-	* appl/telnet/telnetd/telnetd.c (recv_ayt): pty -> ourpty.
-
-	* appl/bsd/bsd_locl.h: More include-files: <sys/uio.h> and <userpw.h>
-
-	* appl/kpopper/popper.c (catchSIGHUP): Got rid of some warnings.
-
-	* lib/krb/log.c (new_log): Yet another year 2000.
-
-	* appl/bsd/sysv_environ.c (read_etc_environment): Support setting
-	environment variables from /etc/environment.
-
-	* appl/bsd/bsd_locl.h: <usersec.h>
-
-	* configure.in: check for setpcred, libs.a and <usersec.h>.
-
-	* appl/bsd/login.c (main): setpcred is used on AIX.
-
-	* appl/bsd/rshd.c (doit): Added setpcred for AIX.
-
-	* lib/krb/getaddrs.c: <sys/sockio.h> is sometimes needed.
-
-	* admin/kdb_init.c (main): Now verifies master key.
-
-	* lib/kdb/krb_kdb_utils.c (kdb_get_master_key): Added possibility
-	of asking for verfication.
-
-	* appl/bsd/bsd_locl.h: Try to include <sys/stream.h>
-
-	* appl/telnet/telnetd/utility.c (printsub): Mismatch arguments.
-
-	* lib/krb/send_to_kdc.c (send_to_kdc): Send to all A records and
-	accept an answer from anything we have sent to.
-
-	* appl/kauth/kauth.c (renew): Use strange return types for strange
-	OSes.
-	(doexec): Remove tokens.
-
-	* server/kerberos.c (main): Uses k_get_all_addrs and binds to each
-	of these addresses.
-
-	* kadmin/ksrvutil_get.c (ksrvutil_get): Added support for
-	specifying key to create on command line to get.
-
-Wed Feb 7 1996
-
-	* lib/krb/log.c (k_log): Now using YYYY for years.
-
-	* lib/krb/klog.c (klog): Preparing for the year 2000.
-
-	* kuser/kinit.c (main): Added option -p to get changepw-tickets.
-
-	* lib/krb/getaddrs.c: New file to get all the addresses of all the
-	interfaces on this machine.
-
-Tue Feb 6 1996
-
-	* configure.in: Support for S/Key in login.c. Use --with-skeylib
-        switch to configure. The code assumes that the skeylib.a comes
-        from logdaemon.
-
-	* General support for shadow password files if there is an
-        shadow.h.
-
-	* appl/bsd/su.c: Arrange so that it supports shadow passords.
-
-Sun Feb 4 1996
-
-	* appl/telnet/*: Hacks to make it work on strange OSes.
-
-	* appl/bsd/bsd_locl.h: Check for sys/ptyvar.h
-
-	* appl/telnet/configure.in (telnet_msg): sys/str_tty.h, sys/uio.h
-
-	* configure.in: test for crypt.h and sys/ptyvar.h
-
-	* appl/telnet/telnetd/*.c: pty -> ourpty.
-
-
-	* telnetd: Changes to make more systems work better, specifically
- 	AIX 4. Hopefully this will work on both STREAM and BSD
- 	systems. Not tested on some systems, like CRAY and Linux.
-
-
-	* util/ss/mk_cmds.c: Generating cleaner code.
-
-	* lib/krb/krb_err_txt.c (krb_err_txt): Clarification.
-
-	* kadmin/admin_server.c: Less varnings.
-
-	* appl/xnlock/xnlock.c: Changed some types and added some casts.
-
-	* appl/movemail/movemail.c: Not using syswait.h anymore.
-
-	* appl/xnlock/xnlock.c: God rid of some warnings.
-
-	* util/ss/*.[ch]: cleanup
-
-	* util/et/*.[ch]: cleanup
-
-	* appl/bsd/rcp.c: Less warnings.
-
-	* kadmin/admin_server.c (kadm_listen): Get rid of another warning.
-
-	* kadmin/pw_check.c (kadm_pw_check): Support for letting cracklib
-	check the quality of the password.
-
-	* kadmin/pw_check.h (kadm_pw_check): New argument to
-	kadm_pw_check: list of useful strings to check for.
-
-	* kadmin/kadm_server.c (kadm_ser_cpw): Send a few `useful' strings
-	to kadm_pw_check (name, instance, and realm).
-
-	* kadmin/Makefile.in (kadmind): Linking with -lcrack.
-
-	* configure.in: Support for --with-cracklib and --with-dictpath.
-
-	* kadmin/ksrvutil_get.c: Now seems to be working.
-
-	* kadmin/ksrvutil.h: Some new parameters.
-
-	* kadmin/ksrvutil.c: Some reorganisation and uses a working
-	ksrvutil_get.
-
-	* appl/movemail/movemail.c: Some more include-files.
-
-	* appl/bsd/rlogind.c: Testing for the existence of vhangup.
-
-Wed Jan 31 1996
-
-	* configure.in: Massaged the configure files so that we can build
-        under NEXTSTEP 3.3. Some kludges to prevent cpp bugs and link
-        errors where also neccessary.
-
-Tue Jan 30 1996
-
-        * appl/xnlock/xnlock.c (main): Improved user feedback on password
-        input.
-
-	* appl/xnlock/xnlock.c: Applied patch made by flag@it.kth.se that
-        enables C-u to erase the password field.
-
-	* lib/krb/lifetime.c: configure now creates a version string which
-        is referenced here. Use what and grep version to figure out where,
-        when and by whom binaries where created.
-
-	* appl/bsd/forkpty.c (ptys_open): Call revoke before pty slave is
-        opened. Add revoke using vhangup for those system lacking revoke.
-        Also call vhangup when rlogind exits.
-
-Mon Jan 29 1996
-
-	* lib/krb/send_to_kdc.c (send_to_kdc): Removed kludge for SunOS
-        3.2 and Ultrix 2.2 that prevented multihomed kerberos servers to
-        operate correctly.
-
-	* kadmin/kadmin.c (change_key): Add new subcommand change_key so
-        that it is possible to enter keys in the DB on binary form. Most
-        usefull for sites running AFS.
-
-Fri Jan 26 1996
-
-	* appl/bsd/su.c (koktologin): New option -i root-instance. If you
-        want a user.afs ticket in a root shell and user.afs is on root's
-        ACL then do a "su -i afs".
-
-	* Makefile.in: Rearrange the order of object files to make shared
-        libraries slightly more efficient.
-
-	* appl/kauth/kauth.c (main): Always up case realm. Better error
-        messages on failed exec.
-
-Mon Jan 22 1996
-
-	* appl/bsd/rshd.c (main): New option -P to prevent rshd from using
-        a new PAG. Expert use only!
-
-	* appl/bsd/rlogind.c (doit): Avoid race when setting tty size.
-
-	* appl/bsd/rlogin.c (reader): Use select rather than horrible
-        signal hacks to handle OOB data.
-
-	* appl/bsd/login.c (main) sysv_environ.c (sysv_newenv): Login does
-        now honor the -p switch when invoked by root. This is used by
-        telnetd to export environment variables.
-
-Fri Jan 5 1996
-
-	* appl/bsd/signal.c (signal): New BSD compatible signal
-        function. Most r* applications assume reliable signals.
-
-
-	* appl/bsd/login.c (main): Check HAVE_ULIMIT.
-
-	* appl/bsd/bsd_locl.h: Include sys/ioctl.h.
-
-	* configure.in: Check for ulimit.
-
-	* admin/kdb_edit.c: Flush stdout after printing prompts.
-
-	* appl/kpopper/pop_xmit.c: Remember to include config.h.
-
-Tue Jan 2 1996
-
-	* appl/bsd/login.c (main): New function stty_default to setup
-        default tty settings.
-
-Fri Dec 29 1995
-
-	* appl/kstring2key/kstring2key.c (main): New program that converts
-        passwords to DES keys, either using des_string_to_key or
-        afs_string_to_key.
-
-	* server/kerberos.c: Kerberos server now listen on 2 ports,
-        kerberos/udp and kerberos-sec/udp.
-
-Wed Dec 27 1995
-
-	* appl/bsd/rcp.c (main): Integrated -x option to rcp. This
-        required some real horrible hacks in lib/des/enc_{read,write}.c
-
-	* acconfig.h: Enabled MULTIHOMED_KADMIN in acconfig.h.
-
-	* Add RCSID stuff to telnet files.
-
-Fri Dec 22 1995
-
-	* appl/bsd/login.c (main): The login program does now by default
-	read /etc/default/login, even on non Psoriasis systems. Unifdef
-	SYSV4, this was essentially only for prompting.
-
-Mon Dec 18 1995
-
-	* appl/kpopper/popper.c (main): Integrate default timeout of 120
-        seconds from Qualcomm popper. Timeout is also set able with -T
-        seconds.
-
-
-	* lib/kadm/kadm_cli_wrap.c (kadm_change_pw_plain): If there's no
-	password, don't even send the empty string.
-
-Thu Dec 7 1995
-
-	* lots of files: all debug messages now printed to stderr (from
- 	<lama@pdc.kth.se>)
-
-	* lib/krb/tf_util.c (tf_create): New method for creating a new
- 	ticket file.  Remove the old old and then open with O_CREAT and
- 	O_EXCL.
-
-	* server/kerberos.c, slave/kpropd.c: Some casts to get rid of warnings.
-
-	* configure.in: Added checks for unistd.h, memmove and const.
-
-	* appl/telnet/telnet/commands.c: Changed types of functions to
-	confirm with struct Command.
-
-	* appl/telnet/configure.in: Check for setpgid.
-
-	* appl/bsd/rlogin.c: Get rid of another warning.
-
-	* appl/bsd/bsd_locl.h, appl/telnet/acconfig.h: New synonym for
- 	solaris.
-
-Wed Dec 6 1995
-
-	* (movemail): Now from emacs-19.30. If you have a newish emacs
- 	there is no reason to use this movemail.
-
-	* (kadm): Added support for server side password checks. Hopefully
- 	this is compatible with kerberos 4.10. Old kpasswd:s will give
- 	funny error messages. For examples of checks, see
- 	kadmin/pw_check.c. Since this is mostly political matters,
- 	kadm_pw_check() should probably return KADM_SUCCESS by default.
-
-Mon Nov 27 1995
-
-	* appl/telnet/telnetd/telnetd.c (main): Kludge to fix encryption
-        problem with Mac NCSA telnet 2.6.
-
-
-	* lib/krb/stime.c: Now using YYYY for years.  (2000 is soon here).
-
-	* appl/bsd/rsh.c, rcp.c, rlogin.c: Fixed fallback for port number
- 	(added missing ntohs).
-
-Sun Nov 12 1995
-
-	* (many files): More ANSI/ISO 9899-1990 to the people!  
-	Now actually builds (not including util) with DEC "cc -std1" and
- 	Sun "acc -Xc".  There are still major prototype conflicts, but
- 	there isn't much to do about this.
-
-Sat Oct 28 1995
-
-	* lib/kadm/kadm_cli_wrap.c: Fallback for kerberos and
- 	kerberos_master services.
-
-Fri Oct 27 1995
-
-	* Released version 0.5
-
-
-	* lib/des/read_pwd.c: Redifine TIOCGETP and TIOCSETP so that the
-        same code is used both for posix termios and others.
-
-	* rsh, rlogin: Add environment variable RSTAR_NO_WARN which when
-	set to "yes" make warnings about "rlogin: warning, using standard
-	rlogin: remote host doesn't support Kerberos." go away.
-
-Tue Oct 24 1995
-
-	* admin/kdb_util.c (load_db) lib/kdb/krb_dbm.c (kerb_db_update):
-        Optimized so that it can handle large databases, previously a
-        10000 entry DB would take *many* minutes, this can now be done in
-        under a minute.
-
-Sat Oct 21 1995
-
-	* Changes in server/kerberos.c, kadmin/*.c slave/*.c to support 64
-        bit machines. Source should now be free of 64 bit assumptions.
-
-	* admin/copykey.c (copy_from_key): New functions for copying to
-        and from keys. Neccessary to solve som problems with longs on 64
-        bit machines in kdb_init, kdb_edit, kdb_util and ext_srvtab.
-
-	* lib/kdb/krb_kdb_utils.c (kdb_verify_master_key): More problems
-        with longs on 64 bit machines.
-
-Mon Oct 16 1995
-
-	* appl/bsd/login.c (main): Lots of stuff to support Psoriasis
-        login. Courtesy of gertz@lysator.liu.se.
-
-	* configure.in, all Makefile.in's: Support for Linux shared
-        libraries. Courtesy of svedja@lysator.liu.se.
-
-	* lib/krb/cr_err_reply.c server/kerberos.c: Moved int req_act_vno
-	= KRB_PROT_VERSION; from server kode to libkrb where it really
-	belongs.
-
-        * appl/bsd/forkpty.c (forkpty): New function that allocates master
-        and slave ptys in a portable way. Used by rlogind.
-
-	* appl/telnet/telnetd/sys_term.c (start_login): Under SunOS5 the
-	same utmpx slot got used by sevral sessions. Courtesy of
-	gertz@lysator.liu.se.
-
-Wed Oct 4 1995
-
-	* util/{ss, et}/Makefile.in (LEX): Use flex or lex. Courtesy of
-        svedja@lysator.liu.se.
-
-	* Fix the above Makefiles to work around bugs in Solaris and OSF/1
-        make rules that was triggered by VPATH functionality in the yacc
-        and lex rules.
-
-Mon Oct 2 1995
-
-	* appl/kpopper/pop_log.c (pop_log) appl/kpopper/pop_msg.c (pop_msg):
-	Use stdarg instead of varargs. The code is still broken though,
-	you'll realize	that on a machine with 64 bit pointers and 32 bit 
-	int:s and no vsprintf, let's hope there will be no such beasts ;-).
-
-	* appl/telnet/telnetd/sys_term.c (getptyslave): Not all systems
-	 have (or need) modules ttcompat and pckt so don't flag it as a
-	 fatal error if they don't exist.
-
-Mon Sep 25 1995
-
-	* kadmin/admin_server.c (kadm_listen) kadmind/kadm_ser_wrap.c
-	(kadm_listen): Add kludge for kadmind running on a multihomed
-	server. #ifdef:ed under MULTIHOMED_KADMIN. Change in acconfig.h
-	if you need this feature.
-
-	* appl/Makefile.in (SUBDIRS): Add applications movemail kpopper
-        and xnlock.
-
-Wed Sep 20 1995
-
-	* appl/bsd/rlogin.c (main): New rlogind.c, forkpty() is not
-        implemented yet though.
-
-Wed Sep 13 1995
-
-	* appl/xnlock/Makefile.in: Some stubs for X11 programs in
-        configure.in as well as a kerberized version of xnlock.
-
-	* appl/bsd/{rlogin.c, rsh.c, rcp.c}: Add code to support fallback
-        port numbers if they can not be found using getservbyname.
-
-Tue Sep 12 1995
-
-	* appl/bsd/klogin.c (klogin): Use differnet ticket files for each
-        login so that a malicous user won't be able to destroy our tickets
-        with a failed login attempt.
-
-	* lib/kafs/afssys.c (k_afsklog): First we try afs.cell@REALM, if
-	there is no such thing try afs@CELL instead. There is now two
-	arguments to k_afslog(char *cell, char *realm).
-
-Mon Sep 11 1995
-
-	* kadmin/admin_server.c (kadm_listen): If we are multihomed we
-        need to figure out which local address that is used this time
-        since it is used in "direction" comparison.
-
-Wed Sep 6 1995
-
-	* kadmin/kadm_ser_wrap.c (kadm_ser_init): Fallback to use default
-        port number.
-
-	* lib/krb/send_to_kdc.c (send_to_kdc): Default port number
-        (KRB_PORT) was not in network byte order.
-
-Tue Sep 5 1995
-
-	* lib/krb/send_to_kdc.c (send_recv): Linux clears timeout struct
-        when selecting.
-
-
-Mon Sep 4 1995
-
-	* appl/bsd/rcp.c, appl/bsd/rlogin.c, appl/bsd/rsh.c:
-	Now does fallback if there isn't any entries in /etc/services for
-	klogin/kshell. This also made the code a bit more pretty.
-
-
-	* appl/bsd/login.c: Added support for lots of more struct utmp fields.
-	If there is no ttyslot() use setutent and friends.
-
-	* appl/bsd/Makefile.in, appl/bsd/rlogind.c, appl/bsd/rshd.c:
-	Added extern iruserok().
-
-	* appl/bsd/iruserok.c: Initial revision
-
-	* appl/bsd/bsd_locl.h: Must include sys/filio.h on Psoriasis.
-
-	* appl/bsd/Makefile.in: New install
-
-	* appl/bsd/pathnames.h: Fix default path, rsh and rlogin.
-
-	* appl/bsd/rshd.c: Extend default PATH with bindir to find rcp.
-
-
-	* appl/bsd/login.c (login): If there is no ttyslot use setutent
-	and friends. Added support for lots of more struct utmp fields.
-
-	* server/kerberos.c (main) lib/kafs/afssys.c appl/bsd/bsd_locl.h:
-        Must include sys/filio.h on Psoriasis to find _IOW and FIO* macros.
-
-	* appl/bsd/rlogind.c (doit): Use _PATH_DEFPATH rather than
-        _PATH_DEF.
-
-	* appl/bsd/login.c, su.c (main): Use fallback to bourne shell if
-        running as root.
-
-	* appl/bsd/su.c (main): Update usage message to reflect that '-'
-	option must come after the ordinary options and before login-id.
-
-Sat Sep 2 1995
-
-	* appl/telnet/telnetd/telnetd.c (doit): If remote host name is to
-	long to fit into utmp try to remove domain part if it does match
-	our local domain.
-
-	(main): Add new option -L /bin/login so that it is possible to 
-	specify an alternate login program.
-
-	* appl/telnet/telnet/commands.c (env_init): When exporting
-	variable DISPLAY and if hostname is not the full name, try to get
-	the full name from DNS.
-
-	* appl/telnet/telnet/main.c (main): Option -k realm was broken due
-        to a bogous external declaration.
-
-Fri Sep 1 1995
-
-	* kadmin/kadmin.c (add_new_key): Kadmin now properly sets
-	lifetime, expiration date and attributes in add_new_key command.
-
-Wed Aug 30 1995
-
-	* appl/bsd/su.c (main): Don't handle '-' option with getopt.
-
-	* appl/telnet/telnet/externs.h: Removed protection for multiple
-	inclusions of termio(s).h since it broke definition of termio
-	macro on POSIX systems.
-
-Tue Aug 29 1995
-
-	* lib/krb/lifetime.c (krb_life_to_time): If you want to disable
-	AFS compatible long lifetimes set krb_no_long_lifetimes = 1.
-	
-	Please note that the long lifetimes are 100% compatible up to
-	10h so this should rarely be necessary.
-
-	* lib/krb/krb_equiv.c (krb_equiv): If you don't want to use
-	ipaddress protection of tickets set krb_ignore_ip_address. This
-	makes it possible for an intruder to steal a ticket and then use
-	it from som other machine anywhere on the net.
-
-Mon Aug 28 1995
-
-	* kadmin/kadm_ser_wrap.c (kadm_ser_init): Don't bind to only one
-        local address. Accept request on all interfaces.
-
-	* admin/kdb_edit.c (change_principal): Don't accept illegal
-        dates. Courtesy of gertz@lysator.liu.se.
-
-Sat Aug 26 1995
-
-	* configure.in: AIX specific libraries needed when using standard
-        libc routine getttyent, IBM should be ashamed!
-
-	* lib/krb/recvauth.c (krb_recvauth): Long that should be int32_t
-        problem.
-
-	* Added strdup for su and rlogin.
-
-	* Fix for old syslog macros in appl/bsd/bsd_locl.
-
-Fri Aug 25 1995
-
-	* lib/kdb/krb_dbm.c (kerb_db_rename) admin/kdb_destroy.c: New
-        ifdef HAVE_NEW_DB for new databases residing in one file only.
-
-	* appl/bsd/rlogin.c (oob): Add workaround for Linux.
-
-Mon Aug 21 1995
-
-	* appl/bsd/getpass.c: New routine that reads up to 127 char
-        passwords. Used in su.c and login.c.
-
-Tue Aug 15 1995
-
-	* appl/telnet/telnetd/sys_term.c (login_tty): Ioctl TIOCSCTTY
-        should not be used on HP-UX.
-
-Mon Aug 14 1995
-
-	* appl/bsd/rlogin.c (main): Added dummy rlogind that tells user to
-        rather use telnet.
-
-Thu Aug 10 1995
-
-	* lib/krb/ krb.h, decomp_ticket.c, getrealm.c, get_krbhst.c,
-	get_krbrlm.c, get_admhst.c: 
-
-	Use multiple configuration directories for krb.conf and
-	krb.realms, KRB_CONF and KRB_REALM_TRANS macros substituted with
-	KRB_CNF_FILES and KRB_RLM_FILES. Currently /etc and
-	/etc/kerberosIV are searched. Directory specified by envioronment
-	variable KRBCONFDIR is searched first if set. No hardcoded
-	realmname or kerberos server. Instead use domainname for deafult
-	realm and kerberos.domain as kerberos server if they are not
-	listed in krb.conf and/or krb.realms. In the normal case there
-	should be no need for configuration files if administrators add a
-	CNAME pointing to the kerberos server.
-
-	* appl/bsd/Makefile.in and friends: GNU make should no longer be
-        neccessary unless building with VPATH.
-
-Wed Aug 9 1995
-
-	* appl/bsd/klogin.c (klogin): Old ticket file need to be removed
-	before we call krb_get_pw_in_tkt or we might get a Kerberos intkt
-	error because the wrong user owns the file.
-
-Tue Aug 8 1995
-
-	* configure.in : Telnet.beta2 is now official and has been moved
-        to appl/telnet.
-
-	* appl/bsd/su.c (main): Reenable -K flag, won't work if not
-        PASSWD_FALLBACK is enabled. Cosmetics for Password prompt.
-
-Fri Aug 4 1995
-
-	* appl/bsd/su.c (kerberos): Don't allow su from possibly bogous
-        kerberos server. Controlled by #ifdef KLOGIN_PARANOID.
-
-	* lib/kafs/afssys.c (SIGSYS_handler): Need to reinstall handler on
-        SYSV.
-
-Mon Jul 24 1995
-
-	* lib/kafs/afssys.c (k_afsklog): Use default realm on null argument.
-
-	* appl/bsd/rlogin.c, login.c: New programs.
-
-Fri Jul 21 1995
-
-	* appl/bsd/kcmd.c rsh.c rlogin.c: Use POSIX signals.
-
-	* appl/telnet.95.05.31.NE/telnetd/sys_term.c, telnetd.c: Port to
-        IRIX.
-
-Tue Jul 11 1995
-
-	* admin/kdb_init.c (main): Use new random generator.  Dito in
-	admin/kdb_edit.c. Use master key to initialize random sequence.
-
-Mon Jul 10 1995
-
-	* kadmin/kadmin.c (get_password): Fix for random passwords.
-	Dito for admin/kdb_edit.c
-
-	* appl/kauth/kauth.c (main): Updated for krb distribution, now
-        uses new library libkafs.
-
-	* appl/telnet.beta/telnet/main.c (main): New telnet with
-        encryption hacks from ftp.funet.fi:/pub/unix/security/esrasrc-1.0.
-        Encryption does not currently work though.
-
-Tue Jun 20 1995
-
-	* New library to support AFS. Routines:
-
-	  int k_hasafs(void);
-	  int k_afsklog(...);
-	  int k_setpag(void);
-	  int k_unlog(void);
-	  int k_pioctl(char *, int, struct ViceIoctl *, int);
-
-	  Modified it to support more than one single entry point AFS
-	  syscalls (needed by HPUX and OSF/1 when running DFS). Don't rely
-	  on transarc headers or library code.
-
-	  This has not been tested and will most probably need some
-	  serious violence to get working under AIX. (AIX has since been
-	  fixed to. /bg)
-
-Fri Jun 16 1995
-
-	* lib/krb/krb_equiv.c (krb_equiv): Compare IP adresses using
-        krb_equiv() to allow for hosts with more than one address in files
-        rd_priv.c rd_req.c and rd_safe.c.
-
-	* slave/kpropd.c (main): Fix uninitialized variables and rewind
-        file in kprop.c.
-
-Thu Jun 15 1995
-
-	* appl/bsd/rcp.c (allocbuf): Fix various bugs.
-
-	* slave/kpropd.c (main): Responder uses
-        KPROP_SERVICE_NAME.`hostname' and requestor always uses
-        KPROP_SERVICE_NAME.KRB_MASTER, i.e rcmd.kerberos in kprop/kpropd
-        protocol.
-
-Wed Jun 14 1995
-
-	* appl/bsd/rshd.c (doit): Encryption should now work both ways.
-
-Tue Jun 13 1995
-
-	* appl/bsd/pathnames.h: Fixup paths.
-
-	* server/Makefile.in and friends (install): Install daemons in in
-	libexec and administrator programs in sbin.
-
-
-	* Makefile.in: Joda (d91-jda) added install target
-
-Wed Jun 7 1995
-
-	* lib/krb/k_strerror.c: New function k_strerror() to use instead
-        of the non portable sys_errlist[].
diff --git a/crypto/kerberosIV/Makefile.in b/crypto/kerberosIV/Makefile.in
deleted file mode 100644
index afa77fbec745..000000000000
--- a/crypto/kerberosIV/Makefile.in
+++ /dev/null
@@ -1,70 +0,0 @@
-# $Id: Makefile.in,v 1.30 1997/05/20 18:58:34 bg Exp $
-
-srcdir		= @srcdir@
-prefix		= @prefix@
-VPATH		= @srcdir@
-
-SHELL		= /bin/sh
-INSTALL = @INSTALL@
-INSTALL_PROGRAM = @INSTALL_PROGRAM@
-INSTALL_DATA = @INSTALL_DATA@
-MKINSTALLDIRS = @top_srcdir@/mkinstalldirs
-TRAVELKIT = appl/kauth/kauth kuser/klist appl/telnet/telnet/telnet \
-	    appl/ftp/ftp/ftp appl/kx/kx appl/kx/rxtelnet
-
-@SET_MAKE@
-
-SUBDIRS		= util include lib kuser server slave admin kadmin appl man doc
-
-all:
-	for i in $(SUBDIRS); \
-	do (cd $$i && $(MAKE) $(MFLAGS) all); done
-
-Wall:
-	make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__"
-
-check:
-	cd lib && $(MAKE) $(MFLAGS) check
-
-install:
-	$(MKINSTALLDIRS) $(prefix)
-	for i in $(SUBDIRS); \
-	do (cd $$i && $(MAKE) $(MFLAGS) install); done
-
-install-strip:
-	$(MAKE) INSTALL_PROGRAM='$(INSTALL_PROGRAM) -s' install
-
-uninstall:
-	for i in $(SUBDIRS); \
-	do (cd $$i && $(MAKE) $(MFLAGS) uninstall); done
-
-travelkit:	all
-	$(MKINSTALLDIRS) tmp
-	for i in $(TRAVELKIT); \
-	do $(INSTALL_PROGRAM) $$i tmp; done
-	(cd tmp; tar cf ../travelkit.tar `for i in $(TRAVELKIT); do basename $$i; done`)
-	rm -rf tmp
-
-travelkit-strip:
-	$(MAKE) INSTALL_PROGRAM='$(INSTALL_PROGRAM) -s' travelkit
-
-TAGS:
-	find . -name '*.[chyl]' -print | etags -
-
-clean:
-	for i in $(SUBDIRS); \
-	do (cd $$i && $(MAKE) $(MFLAGS) clean); done
-
-mostlyclean:	clean
-
-distclean:
-	$(MAKE) clean
-	for i in $(SUBDIRS); \
-	do (cd $$i && $(MAKE) $(MFLAGS) distclean); done
-	rm -f Makefile config.status config.cache config.log version.h newversion.h.in version.h.in *~
-
-realclean:
-	for i in $(SUBDIRS); \
-	do (cd $$i && $(MAKE) $(MFLAGS) realclean); done
-
-.PHONY: all install install-strip uninstall travelkit travelkit-strip clean distclean realclean mostlyclean
diff --git a/crypto/kerberosIV/NEWS b/crypto/kerberosIV/NEWS
deleted file mode 100644
index cddbb2291699..000000000000
--- a/crypto/kerberosIV/NEWS
+++ /dev/null
@@ -1,563 +0,0 @@
-Minor changes in release 0.9.6:
-
-* utmp(x) works correctly on systems with utmpx.
-
-* A security-related bug in ftpd fixed.
-
-* Compiles on solaris 2.4, 2.6 and on WinNT/95 with cygwin32 beta18.
-
-* New option `-w' to rxtelnet, rxterm.
-
-Major changes in release 0.9.5:
-
-* We made some changes to be compatible with the other kerberised ftp
-  implementations and this means that an old kerberised ftp client will
-  not be able to talk to a new ftp server.  So try to upgrade your ftp
-  clients and servers at the same time.  The reason for this change is
-  described in more detail below.
-
-* The interpretation of /etc/ftpusers has changed slightly, see
-  ftpusers(5). These changes come from NetBSD.
-
-* The function `des_quad_cksum', which is used by `krb_rd_safe', and
-  `krb_mk_safe', has never been compatible with MIT's DES
-  library. This has now been fixed.
-
-  This fix will however break some programs that used those functions,
-  for instance `ftp'. In this version `krb_rd_safe' is modified to
-  accept checksums of both the new and the old format; `krb_mk_safe'
-  will always emit checksums of the new type *unless* `krb_rd_safe'
-  has detected that the client is using the old checksum (this feature
-  may be removed in some future release).
-
-  If you have programs that use `krb_mk_safe' and `krb_rd_safe' you
-  should upgrade all clients before upgrading your servers. Client is
-  here defined as the program that first calls `krb_rd_safe'.
-
-  If you are using some protocol that talks to more than one client or
-  server in one session, the heuristics to detect which kind of
-  checksum to use might fail.
-
-  The problem with `des_quad_cksum' was just a byte-order problem, so
-  there are no security problems with using the old versions. Thanks
-  to Derrick J Brashear <shadow@DEMENTIA.ORG> for pointing in the
-  right general direction.
-
-* Rewrote kx to work always open TCP connections in the same
-  direction.  This was needed to make it work through NATs and is
-  generally a cleaner way of doing it.  Also added `tenletxr'.
-  Unfortunately the new protocol is not compatible with the old one.
-  The new kx and kxd programs try to figure out if they are talking to
-  old versions.
-
-* Quite a bit of new functionality in otp.  Changed default hash
-  function to `md5'.  Fixed implementation of SHA and added downcasing
-  of seed to conform with `draft-ietf-otp-01.txt'.  All verification
-  examples in the draft now work.
-
-* Fixed buffer overflows.
-
-* Add history/line editing in kadmin and ftp.
-
-* utmp/utmpx and wtmp/wtmpx might work better on strange machines.
-
-* Bug fixes for `rsh -n' and `rcp -x'.
-
-* reget now works in ftp and ftpd.  Passive mode works.  Other minor
-  bug fixes as well.
-
-* New option `-g umask' to ftpd for specifying the umask for anonymous users.
-
-* Fix for `-l' option in rxtelnet and rxterm.
-
-* XOVER support in popper.
-
-* Better support for building shared libraries.
-
-* Better support for talking to the KDC over TCP.  This could make it
-  easier to use brain-damaged firewalls.
-
-* Support FreeBSD-style MD5 /etc/passwd.
-
-* New option `-createuser' to afslog.
-
-* Upgraded to work with socks5-v1.0r1.
-
-* Almost compiles and works on OS/2 with EMX, and Win95/NT with gnu-win32.
-
-* Merged in win32-telnet, see README-WIN32 for more details.
-
-* Possibly fixed telnet bug on HP-UX 10.
-
-* Updated man-pages.
-
-* Support for NetBSD/OpenBSD manual page circus.
-
-* Bug fixes.
-
-Major changes in release 0.9.3:
-
-* kx has been rewritten and is now a lot easier to use.  Two new
-  scripts: rxtelnet and rxterm.  It also works on machines such as
-  Cray where the X-libraries cannot talk unix sockets.
-	
-* experimental OTP (RFC1938).  Included in login, ftpd, and popper.
-
-* authentication modules: PAM for linux, SIA for OSF/1, and
-  afskauthlib for Irix.
-
-* popper now has the UIDL command.
-
-* ftpd can now tar and compress files and directories on the fly, also
-  added a find site command.
-
-* updated documentation and man pages.
-
-* Change kuserok so that it acts as if luser@LOCALREALM is always an
-  entry of .klogin, even when it's not possible to verify that there
-  is no such file or the file is unreadable.
-
-* Support for SRV-records.
-
-* Socks v5 support.
-
-* rcp is AFS-aware.
-
-* allow for other transport mechanisms than udp (useful for firewall
-  tormented souls); as a side effect the format of krb.conf had to
-  become more flexible
-
-* sample programs included.
-
-* work arounds for Linux networking bugs in rlogind and rlogin.
-
-* more portable
-
-* quite a number of improvments/bugfixes
-
-* New platforms: HP-UX 10, Irix 6.2
-
-Major changes in release 0.9.2a:
-
-* fix annoying bug with kauth (et al) returning incorrect error
-
-Major changes in release 0.9.2:
-
-* service `kerberos-iv' and port 750 has been registered with IANA.
-
-* Bugfixes.
-
-  - Compiles with gcc on AIX.
-
-  - Compiles with really old resolvers.
-
-  - ftp works with afs string-to-key.
-
-  - shared libraries should work on Linux/ELF.
-
-  - some potential buffer overruns.
-
-  - general code clean-up.
-
-* Better Cray/UNICOS support.
-
-* New platforms: AIX 4.2, IRIX 6.1, and Linux 2.0
-
-Major changes in release 0.9.1:
-
-* Mostly bugfixes.
-
-  - No hardcoded references to /usr/athena
-
-  - Better Linux support with rlogin
-
-  - Fix for broken handling of NULL password in kadmind (such as with
-    `ksrvutil change')
-
-  - AFS-aware programs should work on AIX systems without AFS
-
-* New platforms: Digital UNIX 4.0 and Fujitsu UXP/V
-
-* New mechanism to determine realm from hostname based on DNS. To find
-  the realm of a.b.c.d it tries to find krb4-realm.a.b.c.d and then
-  krb4-realm.b.c.d and so on. The entry in DNS should be a TXT record
-  with the realm name.
-
-  krb4-realm.pdc.kth.se.  7200    TXT     "NADA.KTH.SE"
-
-Major changes in release 0.9:
-
-* Tested platforms:
-
-Dec Alpha	OSF/1 3.2	with cc -std1
-HP 9000/735	HP/UX 9.05	with gcc
-DEC Pmax	Ultrix 4.4	with gcc (cc does not work)
-IBM RS/6000	AIX 4.1		with xlc (gcc works, cc does not)
-SGI		IRIX 5.3	with cc
-Sun		SunOS 4.1.4	with gcc (cc is not ANSI and does not work)
-Sun		SunOS 5.5	with gcc
-Intel i386	NetBSD 1.2	with gcc
-Intel i386	Linux 1.3.95	with gcc
-Cray J90	Unicos 9	with cc
-
-* Mostly ported to Crays running Unicos 9.
-
-* S/Key-support in ftpd.
-
-* Delete operation supported in kerberos database.
-
-* Cleaner and more portable code.
-
-* Even less bugs than before.
-
-* kpopper now supports the old pop3 protocol and has been renamed to popper.
-
-* rsh can be renamed remsh.
-
-* Experimental program for forwarding IP over a kerberos tunnel.
-
-* Updated to libdes 3.23.
-
-Major changes in release 0.8:
-
-* New programs: ftp & ftpd.
-
-* New programs: kx & kxd.  These programs forward X connections over
-  kerberos-encrypted connections.
-
-* Incorporated version 3.21 of libdes.
-
-* login: No double utmp-entries on Solaris.
-
-* kafs
-
-  * Better guessing of what realm a cell belongs to.
-
-  * Support for authenticating to several cells.  Reads
-    /usr/vice/etc/TheseCells, if present.
-
-* ksrvutil: Support for generating AFS keys.
-
-* login, su, rshd, rlogind: tries to counter possible NIS-attack.
-
-* xnlock: several bug fixes and support for more than one screen.
-
-* Default port number for ekshell changed from 2106 to 545.  kauth
-  port changed from 4711 to 2120.
-
-* Rumored to work on Fujitsu UXP/V and Cray UNICOS.
-
-Major changes in release 0.7:
-
-* New experimental masterkey generation.   Enable with
-  --enable-random-mkey. Also the default place for the master key has
-  moved from /.k to /var/kerberos/master-key. This is customizable
-  with --with-mkey=file. If you don't want you master key to be on the
-  same backup medium as your database, remember to use this flag. All
-  relevant programs still checks for /.k.
-
-* `-t' option to kadmin.
-
-* Kpopper uses kuserok to verify if user is allowed to pop mail.
-
-* Kpopper tries to locate the mail spool directory: /var/mail or
-  /var/spool/mail.
-
-* kauth has ability to get ticket on a remove host with the `-h' option.
-
-* afslog (aklog clone) and pagsh included.
-
-* New format for /etc/krb.equiv.
-
-* Better multi-homed hosts support in kauth, rcp, rlogin, rlogind,
-  rshd, telnet, telnetd.
-
-* rlogind works on ultrix and aix 3.2.
-
-* lots of bug fixes.
-
-Major changes in release 0.6:
-
-* Tested platforms:
-
-DEC/Alpha	OSF3.2
-HP700		HPux 9.x
-Dec/Pmax	Ultrix 4.4	(rlogind not working)
-IBM RS/6000	AIX 3.2		(rlogind not working)
-IBM RS/6000	AIX 4.1
-SGI		Irix 5.3
-Sun		Sunos 4.1.x
-Sun		Sunos 5.4
-386		BSD/OS 2.0.1
-386		NetBSD 1.1
-386		Linux 1.2.13
-
-It is rumored to work to some extent on NextStep 3.3.
-
-* ksrvutil get to create new keys and put them in the database at the
-same time.
-
-* Support for S/Key in login.
-
-* kstring2key: new program to show string to key conversion.
-
-* Kerberos server should now listen on all available network
-interfaces and on both port 88 and 750.
-
-* Timeout in kpopper.
-
-* Support password quality checks in kadmind.  Use --with-crack-lib to
-link kadmind with cracklib.  The patches in cracklib.patch are needed.
-
-* Movemail from emacs 19.30.
-
-* Logging format uses four digits for years.
-
-* Fallback if port numbers are not listed in /etc/services.
-
-
-	* Relesed version 0.5
-
-	* lib/des/read_pwd.c: Redifine TIOCGETP and TIOCSETP so that the
-        same code is used both for posix termios and others.
-
-	* rsh, rlogin: Add environment variable RSTAR_NO_WARN which when
-	set to "yes" make warnings about "rlogin: warning, using standard
-	rlogin: remote host doesn't support Kerberos." go away.
-
-	* admin/kdb_util.c (load_db) lib/kdb/krb_dbm.c (kerb_db_update):
-        Optimized so that it can handle large databases, previously a
-        10000 entry DB would take *many* minutes, this can now be done in
-        under a minute.
-
-	* Changes in server/kerberos.c, kadmin/*.c slave/*.c to support 64
-        bit machines. Source should now be free of 64 bit assumptions.
-
-	* admin/copykey.c (copy_from_key): New functions for copying to
-        and from keys. Neccessary to solve som problems with longs on 64
-        bit machines in kdb_init, kdb_edit, kdb_util and ext_srvtab.
-
-	* lib/kdb/krb_kdb_utils.c (kdb_verify_master_key): More problems
-        with longs on 64 bit machines.
-
-	* appl/bsd/login.c (main): Lots of stuff to support Psoriasis
-        login. Courtesy of gertz@lysator.liu.se.
-
-	* configure.in, all Makefile.in's: Support for Linux shared
-        libraries. Courtesy of svedja@lysator.liu.se.
-
-	* lib/krb/cr_err_reply.c server/kerberos.c: Moved int req_act_vno
-	= KRB_PROT_VERSION; from server kode to libkrb where it really
-	belongs.
-
-        * appl/bsd/forkpty.c (forkpty): New function that allocates master
-        and slave ptys in a portable way. Used by rlogind.
-
-	* appl/telnet/telnetd/sys_term.c (start_login): Under SunOS5 the
-	same utmpx slot got used by sevral sessions. Courtesy of
-	gertz@lysator.liu.se.
-
-	* util/{ss, et}/Makefile.in (LEX): Use flex or lex. Courtesy of
-        svedja@lysator.liu.se.
-
-	* Fix the above Makefiles to work around bugs in Solaris and OSF/1
-        make rules that was triggered by VPATH functionality in the yacc
-        and lex rules.
-
-	* appl/kpopper/pop_log.c (pop_log) appl/kpopper/pop_msg.c (pop_msg):
-	Use stdarg instead of varargs. The code is still broken though,
-	you'll realize	that on a machine with 64 bit pointers and 32 bit 
-	int:s and no vsprintf, let's hope there will be no such beasts ;-).
-
-	* appl/telnet/telnetd/sys_term.c (getptyslave): Not all systems
-	 have (or need) modules ttcompat and pckt so don't flag it as a
-	 fatal error if they don't exist.
-
-	* kadmin/admin_server.c (kadm_listen) kadmind/kadm_ser_wrap.c
-	(kadm_listen): Add kludge for kadmind running on a multihomed
-	server. #ifdef:ed under MULTIHOMED_KADMIN. Change in acconfig.h
-	if you need this feature.
-
-	* appl/Makefile.in (SUBDIRS): Add applications movemail kpopper
-        and xnlock.
-
-	* appl/bsd/rlogin.c (main): New rlogind.c, forkpty() is not
-        implemented yet though.
-
-	* appl/xnlock/Makefile.in: Some stubs for X11 programs in
-        configure.in as well as a kerberized version of xnlock.
-
-	* appl/bsd/{rlogin.c, rsh.c, rcp.c}: Add code to support fallback
-        port numbers if they can not be found using getservbyname.
-
-	* appl/bsd/klogin.c (klogin): Use differnet ticket files for each
-        login so that a malicous user won't be able to destroy our tickets
-        with a failed login attempt.
-
-	* lib/kafs/afssys.c (k_afsklog): First we try afs.cell@REALM, if
-	there is no such thing try afs@CELL instead. There is now two
-	arguments to k_afslog(char *cell, char *realm).
-
-	* kadmin/admin_server.c (kadm_listen): If we are multihomed we
-        need to figure out which local address that is used this time
-        since it is used in "direction" comparison.
-
-	* kadmin/kadm_ser_wrap.c (kadm_ser_init): Fallback to use default
-        port number.
-
-	* lib/krb/send_to_kdc.c (send_to_kdc): Default port number
-        (KRB_PORT) was not in network byte order.
-
-	* lib/krb/send_to_kdc.c (send_recv): Linux clears timeout struct
-        when selecting.
-
-	* appl/bsd/rcp.c, appl/bsd/rlogin.c, appl/bsd/rsh.c:
-	Now does fallback if there isn't any entries in /etc/services for
-	klogin/kshell. This also made the code a bit more pretty.
-
-	* appl/bsd/login.c: Added support for lots of more struct utmp fields.
-	If there is no ttyslot() use setutent and friends.
-
-	* appl/bsd/Makefile.in, appl/bsd/rlogind.c, appl/bsd/rshd.c:
-	Added extern iruserok().
-
-	* appl/bsd/iruserok.c: Initial revision
-
-	* appl/bsd/bsd_locl.h: Must include sys/filio.h on Psoriasis.
-
-	* appl/bsd/Makefile.in: New install
-
-	* appl/bsd/pathnames.h: Fix default path, rsh and rlogin.
-
-	* appl/bsd/rshd.c: Extend default PATH with bindir to find rcp.
-
-	* appl/bsd/login.c (login): If there is no ttyslot use setutent
-	and friends. Added support for lots of more struct utmp fields.
-
-	* server/kerberos.c (main) lib/kafs/afssys.c appl/bsd/bsd_locl.h:
-        Must include sys/filio.h on Psoriasis to find _IOW and FIO* macros.
-
-	* appl/bsd/rlogind.c (doit): Use _PATH_DEFPATH rather than
-        _PATH_DEF.
-
-	* appl/bsd/login.c, su.c (main): Use fallback to bourne shell if
-        running as root.
-
-	* appl/bsd/su.c (main): Update usage message to reflect that '-'
-	option must come after the ordinary options and before login-id.
-
-	* appl/telnet/telnetd/telnetd.c (doit): If remote host name is to
-	long to fit into utmp try to remove domain part if it does match
-	our local domain.
-
-	(main): Add new option -L /bin/login so that it is possible to 
-	specify an alternate login program.
-
-	* appl/telnet/telnet/commands.c (env_init): When exporting
-	variable DISPLAY and if hostname is not the full name, try to get
-	the full name from DNS.
-
-	* appl/telnet/telnet/main.c (main): Option -k realm was broken due
-        to a bogous external declaration.
-
-	* kadmin/kadmin.c (add_new_key): Kadmin now properly sets
-	lifetime, expiration date and attributes in add_new_key command.
-
-	* appl/bsd/su.c (main): Don't handle '-' option with getopt.
-
-	* appl/telnet/telnet/externs.h: Removed protection for multiple
-	inclusions of termio(s).h since it broke definition of termio
-	macro on POSIX systems.
-
-	* lib/krb/lifetime.c (krb_life_to_time): If you want to disable
-	AFS compatible long lifetimes set krb_no_long_lifetimes = 1.
-	
-	Please note that the long lifetimes are 100% compatible up to
-	10h so this should rarely be necessary.
-
-	* lib/krb/krb_equiv.c (krb_equiv): If you don't want to use
-	ipaddress protection of tickets set krb_ignore_ip_address. This
-	makes it possible for an intruder to steal a ticket and then use
-	it from som other machine anywhere on the net.
-
-	* kadmin/kadm_ser_wrap.c (kadm_ser_init): Don't bind to only one
-        local address. Accept request on all interfaces.
-
-	* admin/kdb_edit.c (change_principal): Don't accept illegal
-        dates. Courtesy of gertz@lysator.liu.se.
-
-	* configure.in: AIX specific libraries needed when using standard
-        libc routine getttyent, IBM should be ashamed!
-
-	* lib/krb/recvauth.c (krb_recvauth): Long that should be int32_t
-        problem.
-
-	* Added strdup for su and rlogin.
-
-	* Fix for old syslog macros in appl/bsd/bsd_locl.
-
-	* lib/kdb/krb_dbm.c (kerb_db_rename) admin/kdb_destroy.c: New
-        ifdef HAVE_NEW_DB for new databases residing in one file only.
-
-	* appl/bsd/rlogin.c (oob): Add workaround for Linux.
-
-	* appl/bsd/getpass.c: New routine that reads up to 127 char
-        passwords. Used in su.c and login.c.
-
-	* appl/telnet/telnetd/sys_term.c (login_tty): Ioctl TIOCSCTTY
-        should not be used on HP-UX.
-
-==========================*** Released 0.2? ***=============================
-
-ksrvutil
-  If there is a dot in the about to be added principals name there is
-  no need to ask for instance name.
-
-kerberos & kadmind
-  Logfiles are created with small permissions (600).
-
-krb.conf and krb.realms
- Use domain part as realm name if there is no match in krb.realms.
- Use kerberos.REALMNAME if there is no match in krb.realms.
-
-rlogin
-  The rlogin client is supported both with and without encryption,
-  there is no rlogind yet though.
-
-login
-  There is login program that supports the -f option. Both kerberos
-  and /etc/passwd authentication is enabled.
-
-  Vendors login programs typically have no -f option (needed by
-  telnetd) and also does not know how to verify passwords againts
-  kerberos.
-
-appl/bsd/*
-  Now uses POSIX signals.
-
-kdb_edit, kadmin
-  Generate random passwords if administrator enters empty password.
-
-lib/kafs
-  New library to support AFS. Routines:
-  int k_hasafs(void);
-  int k_afsklog(...); or some other name
-  int k_setpag(void);
-  int k_unlog(void);
-  int k_pioctl(char *, int, struct ViceIoctl *, int);
-
-  Library supports more than one single entry point AFS syscalls
-  (needed be HP/UX and OSF/1 when running DFS). Doesn't rely on
-  transarc headers or library code. Same binaries can be used both on
-  machines running AFS and others.
-
-  This library is used in telnetd, login and the r* programs.
-
-telnet & telnetd
-  Based on telnet.95.05.31.NE but with the encryption hacks from
-  ftp.funet.fi:/pub/unix/security/esrasrc-1.0 added.  This encryption
-  stuff needed some more modifications (done by joda@nada.kth.se)
-  before it was usable. Telnet has also been modified to use GNU
-  autoconf.
-
-Numerous other changes that are long since forgotten.
diff --git a/crypto/kerberosIV/PROBLEMS b/crypto/kerberosIV/PROBLEMS
deleted file mode 100644
index f6eeeef3e858..000000000000
--- a/crypto/kerberosIV/PROBLEMS
+++ /dev/null
@@ -1,74 +0,0 @@
-
-Problems compiling Kerberos
-===========================
-
-Many compilers require a switch to become ANSI compliant. Since kth-krb
-is written in ANSI C it is necessary to specify the name of the compiler
-to be used and the required switch to make it ANSI compliant. This is
-most easily done when running configure using the `env' command. For
-instance to build under HP-UX using the native compiler do:
-
-     datan$ env CC="cc -Ae" ./configure
-
-In general `gcc' works. The following combinations have also been
-verified to successfully compile the distribution:
-
-`HP-UX'
-     `cc -Ae'
-
-`Digital UNIX'
-     `cc -std1'
-
-`AIX'
-     `xlc'
-
-`Solaris 2.x'
-     `cc' (unbundled one)
-
-`IRIX'
-     `cc'
-
-Linux problems
---------------
-
-Some systems have lost `/usr/include/ndbm.h' which is necessary to
-build kth-krb correctly. There is a `ndbm.h.Linux' right next to the
-source distribution.
-
-There has been reports of non-working `libdb' on some Linux
-distributions.  If that happens, use the `--without-berkeley-db' when
-configuring.
-
-HP-UX problems
---------------
-
-The shared library `/usr/lib/libndbm.sl' doesn't exist on all systems.
-To make problems even worse, there is never an archive version for
-static linking either. Therefore, when building "truly portable"
-binaries first install GNU gdbm or Berkeley DB, and make sure that you
-are linking against that library.
-
-Cray problems
--------------
-
-`rlogind' won't work on Crays until `forkpty()' has been ported, in the
-mean time use `telnetd'.
-
-AIX problems
-------------
-
-`gcc' version 2.7.2.1 has a bug which makes it miscompile
-`appl/telnet/telnetd/sys_term.c' (and possibily `appl/bsd/forkpty.c'),
-if used with too much optimization.
-
-C2 problems
------------
-
-The programs that checks passwords works with `passwd', OTP, and
-Kerberos paswords. This is problem if you use C2 security (or use some
-other password database), that normally keeps passwords in some obscure
-place. If you want to use Kerberos with C2 security you will have to
-think about what kind of changes are necessary. See also the discussion
-about Digital's SIA and C2 security, see *Note Digital SIA::.
-
-
diff --git a/crypto/kerberosIV/README b/crypto/kerberosIV/README
deleted file mode 100644
index 064761495f48..000000000000
--- a/crypto/kerberosIV/README
+++ /dev/null
@@ -1,44 +0,0 @@
-This is a severly hacked up version of Eric Young's eBones-p9 kerberos
-version. The DES library has been updated with his 3.23 version and
-numerous patches collected over the years have been applied to both
-the kerberos and DES sources, most notably the CMU patches for extended
-lifetimes that AFS uses. There is also support for AFS built into most
-programs. 
-
-The source has been changed to use ANSI C and POSIX to the largest
-possible extent. The code in util/et and appl/bsd have not been
-updated in this way though (they really need it).
-
-Telnet and telnetd are based on the telnet.95.10.23.NE.tar.Z. Kerberos
-authentication is the default and warnings are issued by telnetd if
-the telnet client does not turn on encryption.
-
-The r* programs in appl/bsd have been updated with newer sources from
-NetBSD and FreeBSD. NOTE: use of telnet is prefered to the use of
-rlogin which is a temporary hack and not an Internet standard (and has
-only been documented quite recently).  Telnet uses kerberos
-authentication to prevent the passing of cleartext passwords and is
-thus superior to rlogin.
-
-The distribution has been configured to primarily use kerberos
-authentication with a fallback to /etc/passwd passwords. This should
-make it easy to do a slow migration to kerberos.  OTP support is also
-included in login, popper, and ftpd.
-
-All programs in this distribution follow these conventions:
-
-/usr/athena/bin:	User programs
-/usr/athena/sbin:	Administrator programs
-/usr/athena/libexec:	Daemons
-/etc:			Configuration files
-/var/log:		Logfiles
-/var/kerberos:		Kerberos database and ACL files
-
-A W3-page is at http://www.pdc.kth.se/kth-krb/
-
-You can get some documentation from ftp://ftp.pdc.kth.se/pub/krb/doc.
-
-Please report bugs and problems to kth-krb-bugs@nada.kth.se
-
-There is a mailing list discussing kerberos at krb4@sics.se, send a
-message to majordomo@sics.se to subscribe.
diff --git a/crypto/kerberosIV/README-WIN32 b/crypto/kerberosIV/README-WIN32
deleted file mode 100644
index ba74c46f2172..000000000000
--- a/crypto/kerberosIV/README-WIN32
+++ /dev/null
@@ -1,30 +0,0 @@
-It should be possible to build several of the libraries and the GUI
-telnet ``voodoo'' on Win95/NT.  In case you don't want to try there
-are binaries available at
-ftp://ftp.pdc.kth.se/pub/krb/binaries/i386-unknown-winnt4.0.
-
-In case you want to build from source and possibly hack some on them
-yourself here's a short guide:
-
-You need to build the libraries (DLLs) first and in this order:
-
-lib/roken
-lib/des
-lib/krb
-lib/kclient
-
-And then the two applications:
-
-appl/krbmanager
-appl/voodoo
-
-In each case there is a Visual-C++ generated makefile with the name
-*.mak in the corresponding directory.  You might be able to load that
-into Microsoft whatever Studio and you might be able to just run nmake
-on them.
-
-Once you have ended up with 4 DLLs and 2 EXEs you only have to place
-them in a directory in your PATH and start voodoo.
-
-In case it doesn't work, you have discovered bugs or added some more
-features the mail address to use is <kth-krb-bugs@nada.kth.se>
diff --git a/crypto/kerberosIV/TODO b/crypto/kerberosIV/TODO
deleted file mode 100644
index 66aa1f13b8c2..000000000000
--- a/crypto/kerberosIV/TODO
+++ /dev/null
@@ -1,42 +0,0 @@
--*- indented-text -*-
-rlogind, rshd, popper, ftpd (telnetd uses nonce?)
-  Add a replay cache.
-
-telnet, rlogin, rsh, rcp
-  Some form of support for ticket forwarding, perhaps only for AFS tickets.
-
-telnet, telnetd
-  Add negotiation for keep-alives.
-
-rlogind
-  Fix utmp logging.
-
-documentation
-  Write more info on:
-  * how to use
-
-rshd
-  Read default environment from /etc/default/login and other files.
-  Encryption without secondary port is bugged, it currently does no
-  encryption. But, nobody uses it anyway.
-
-autoconf
-
-libraries
-  generate archive and shared libraries in some portable way.
-
-k_get_all_addrs
-  for Cray UNICOS
-
-ftpd
-
-kx
-  Compress and recode X protocol?
-
-kip
-  Other kinds of encapsulations?
-  Tunnel device as loadable kernel module.
-  Speed?
-
-BUGS
-  Where?
diff --git a/crypto/kerberosIV/acconfig.h b/crypto/kerberosIV/acconfig.h
deleted file mode 100644
index bb7b7aa83214..000000000000
--- a/crypto/kerberosIV/acconfig.h
+++ /dev/null
@@ -1,282 +0,0 @@
-/* $Id: acconfig.h,v 1.71 1997/06/01 22:32:24 assar Exp $ */
-
-/*  Define this if RETSIGTYPE == void  */
-#undef VOID_RETSIGTYPE
-
-/*  Define this if struct utmp have ut_user  */
-#undef HAVE_UT_USER
-
-/*  Define this if struct utmp have ut_host  */
-#undef HAVE_UT_HOST
-
-/*  Define this if struct utmp have ut_addr  */
-#undef HAVE_UT_ADDR
-
-/*  Define this if struct utmp have ut_type  */
-#undef HAVE_UT_TYPE
-
-/*  Define this if struct utmp have ut_pid  */
-#undef HAVE_UT_PID
-
-/*  Define this if struct utmp have ut_id  */
-#undef HAVE_UT_ID
-
-/*  Define this if struct utmpx have ut_syslen  */
-#undef HAVE_UT_SYSLEN
-
-/*  Define this if struct winsize is declared in sys/termios.h */
-#undef HAVE_STRUCT_WINSIZE
-
-/*  Define this if struct winsize have ws_xpixel */
-#undef HAVE_WS_XPIXEL
-
-/*  Define this if struct winsize have ws_ypixel */
-#undef HAVE_WS_YPIXEL
-
-/*  Define this to be the directory where the dictionary for cracklib */
-/*  resides */
-#undef DICTPATH
-
-/* Define this if you want to use SOCKS v5 */
-#undef SOCKS
-
-/* Define this to the path of the mail spool directory */
-#undef KRB4_MAILDIR
-
-/* Define this if `struct sockaddr' includes sa_len */
-#undef SOCKADDR_HAS_SA_LEN
-
-/* Define this if `struct siaentity' includes ouid */
-#undef SIAENTITY_HAS_OUID
-
-/* Define if getlogin has POSIX flavour, as opposed to BSD */
-#undef POSIX_GETLOGIN
-
-/* Define if getpwnam_r has POSIX flavour */
-#undef POSIX_GETPWNAM_R
-
-/* define if getcwd() is broken (such as in SunOS) */
-#undef BROKEN_GETCWD
-
-/* define if the system is missing a prototype for crypt() */
-#undef NEED_CRYPT_PROTO
-
-/* define if the system is missing a prototype for strtok_r() */
-#undef NEED_STRTOK_R_PROTO
-
-/* define if /bin/ls takes -A */
-#undef HAVE_LS_A
-
-/* define if you have h_errno */
-#undef HAVE_H_ERRNO
-
-/* define if you have h_errlist but not hstrerror */
-#undef HAVE_H_ERRLIST
-
-/* define if you have h_nerr but not hstrerror */
-#undef HAVE_H_NERR
-
-/* define if your system doesn't declare h_errlist */
-#undef HAVE_H_ERRLIST_DECLARATION
-
-/* define if your system doesn't declare h_nerr */
-#undef HAVE_H_NERR_DECLARATION
-
-/* define this if you need a declaration for h_errno */
-#undef HAVE_H_ERRNO_DECLARATION
-
-/* define if you need a declaration for optarg */
-#undef HAVE_OPTARG_DECLARATION
-
-/* define if you need a declaration for optind */
-#undef HAVE_OPTIND_DECLARATION
-
-/* define if you need a declaration for opterr */
-#undef HAVE_OPTERR_DECLARATION
-
-/* define if you need a declaration for optopt */
-#undef HAVE_OPTOPT_DECLARATION
-
-/* define if you need a declaration for __progname */
-#undef HAVE___PROGNAME_DECLARATION
-
-@BOTTOM@
-
-#undef HAVE_INT8_T
-#undef HAVE_INT16_T
-#undef HAVE_INT32_T
-#undef HAVE_INT64_T
-#undef HAVE_U_INT8_T
-#undef HAVE_U_INT16_T
-#undef HAVE_U_INT32_T
-#undef HAVE_U_INT64_T
-
-#define RCSID(msg) \
-static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg }
-
-/*
- * Set ORGANIZATION to be the desired organization string printed
- * by the 'kinit' program.  It may have spaces.
- */
-#define ORGANIZATION "eBones International"
-
-#if 0
-#undef BINDIR 
-#undef LIBDIR
-#undef LIBEXECDIR
-#undef SBINDIR
-#endif
-
-#if 0
-#define KRB_CNF_FILES	{ "/etc/krb.conf",   "/etc/kerberosIV/krb.conf", 0}
-#define KRB_RLM_FILES	{ "/etc/krb.realms", "/etc/kerberosIV/krb.realms", 0}
-#define KRB_EQUIV	"/etc/krb.equiv"
-
-#define KEYFILE		"/etc/srvtab"
-
-#define KRBDIR		"/var/kerberos"
-#define DBM_FILE	KRBDIR "/principal"
-#define DEFAULT_ACL_DIR	KRBDIR
-
-#define KRBLOG		"/var/log/kerberos.log"	/* master server  */
-#define KRBSLAVELOG	"/var/log/kerberos_slave.log" /* slave server  */
-#define KADM_SYSLOG	"/var/log/admin_server.syslog"
-#define K_LOGFIL	"/var/log/kpropd.log"
-#endif
-
-/* Maximum values on all known systems */
-#define MaxHostNameLen (64+4)
-#define MaxPathLen (1024+4)
-
-/*
- * Define NDBM if you are using the 4.3 ndbm library (which is part of
- * libc).  If not defined, 4.2 dbm will be assumed.
- */
-#if defined(HAVE_DBM_FIRSTKEY)
-#define NDBM
-#endif
-
-/* ftp stuff -------------------------------------------------- */
-
-#define KERBEROS
-
-/* telnet stuff ----------------------------------------------- */
-
-/* define this if you have kerberos 4 */
-#undef KRB4
-
-/* define this if you want encryption */
-#undef ENCRYPTION
-
-/* define this if you want authentication */
-#undef AUTHENTICATION
-
-#if defined(ENCRYPTION) && !defined(AUTHENTICATION)
-#define AUTHENTICATION 1
-#endif
-
-/* Set this if you want des encryption */
-#undef DES_ENCRYPTION
-
-/* Set this to the default system lead string for telnetd 
- * can contain %-escapes: %s=sysname, %m=machine, %r=os-release
- * %v=os-version, %t=tty, %h=hostname, %d=date and time
- */
-#undef USE_IM
-
-/* define this if you want diagnostics in telnetd */
-#undef DIAGNOSTICS
-
-/* define this if you want support for broken ENV_{VALUE,VAR} systems  */
-#undef ENV_HACK
-
-/*  */
-#undef OLD_ENVIRON
-
-/* Used with login -p */
-#undef LOGIN_ARGS
-
-/* Define if there are working stream ptys */
-#undef STREAMSPTY
-
-/* set this to a sensible login */
-#ifndef LOGIN_PATH
-#define LOGIN_PATH BINDIR "/login"
-#endif
-
-
-/* ------------------------------------------------------------ */
-
-/*
- * Define this if your ndbm-library really is berkeley db and creates
- * files that ends in .db.
- */
-#undef HAVE_NEW_DB
-
-/* Define this if you have a working getmsg */
-#undef HAVE_GETMSG
-
-/* Define to enable new master key code */
-#undef RANDOM_MKEY
-
-/* Location of the master key file, default value lives in <kdc.h> */
-#undef MKEYFILE
-
-/* Define if you don't want support for afs, might be a good idea on
-   AIX if you don't have afs */
-#undef NO_AFS
-
-/* Define if you have a readline compatible library */
-#undef HAVE_READLINE
-
-#ifdef VOID_RETSIGTYPE
-#define SIGRETURN(x) return
-#else
-#define SIGRETURN(x) return (RETSIGTYPE)(x)
-#endif
-
-/* Define this if your compiler supports '#pragma weak' */
-#undef HAVE_PRAGMA_WEAK
-
-/* Temporary fixes for krb_{rd,mk}_safe */
-#define DES_QUAD_GUESS 0
-#define DES_QUAD_NEW 1
-#define DES_QUAD_OLD 2
-
-/* Set this to one of the constants above to specify default checksum
-   type to emit */
-#undef DES_QUAD_DEFAULT
-
-/*
- * AIX braindamage!
- */
-#if _AIX
-#define _ALL_SOURCE
-#define _POSIX_SOURCE
-/* this is left for hysteric reasons :-) */
-#define unix /* well, ok... */
-#endif
-
-/*
- * SunOS braindamage! (Sun include files are generally braindead)
- */
-#if (defined(sun) || defined(__sun))
-#if defined(__svr4__) || defined(__SVR4)
-#define SunOS 5
-#else
-#define SunOS 4
-#endif
-#endif
-
-#if defined(__sgi) || defined(sgi)
-#if defined(__SYSTYPE_SVR4) || defined(_SYSTYPE_SVR4)
-#define IRIX 5
-#else
-#define IRIX 4
-#endif
-#endif
-
-/* IRIX 4 braindamage */
-#if IRIX == 4 && !defined(__STDC__)
-#define __STDC__ 0
-#endif
diff --git a/crypto/kerberosIV/aclocal.m4 b/crypto/kerberosIV/aclocal.m4
deleted file mode 100644
index 133e19d93e43..000000000000
--- a/crypto/kerberosIV/aclocal.m4
+++ /dev/null
@@ -1,543 +0,0 @@
-dnl
-dnl $Id: aclocal.m4,v 1.38 1997/05/18 18:47:30 assar Exp $
-dnl
-
-dnl
-dnl General tests
-dnl
-
-dnl
-dnl Look for function in any of the specified libraries
-dnl
-
-dnl AC_FIND_FUNC_NO_LIBS(func, libraries, includes, arguments)
-AC_DEFUN(AC_FIND_FUNC_NO_LIBS, [
-
-AC_MSG_CHECKING([for $1])
-AC_CACHE_VAL(ac_cv_funclib_$1,
-[
-if eval "test \"\$ac_cv_func_$1\" != yes" ; then
-	ac_save_LIBS="$LIBS"
-	for ac_lib in "" $2; do
-		if test -n "$ac_lib"; then 
-			ac_lib="-l$ac_lib"
-			LIBS="$ac_lib $ac_save_LIBS"
-		fi
-		AC_TRY_LINK([$3],[$1($4)],eval "if test -n \"$ac_lib\";then ac_cv_funclib_$1=$ac_lib; else ac_cv_funclib_$1=yes; fi";break)
-	done
-	eval "ac_cv_funclib_$1=\${ac_cv_funclib_$1-no}"
-	LIBS="$ac_save_LIBS"
-fi
-])
-
-eval "ac_res=\$ac_cv_funclib_$1"
-
-# autoheader tricks *sigh*
-: << END
-@@@funcs="$funcs $1"@@@
-@@@libs="$libs $2"@@@
-END
-
-changequote(, )dnl
-eval "ac_tr_func=HAVE_`echo $1 | tr '[a-z]' '[A-Z]'`"
-eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr '[a-z]' '[A-Z]'`"
-eval "LIB_$1=$ac_res"
-changequote([, ])dnl
-
-case "$ac_res" in
-	yes)
-	eval "ac_cv_func_$1=yes"
-	eval "LIB_$1="
-	AC_DEFINE_UNQUOTED($ac_tr_func)
-	AC_MSG_RESULT([yes])
-	;;
-	no)
-	eval "ac_cv_func_$1=no"
-	eval "LIB_$1="
-	AC_MSG_RESULT([no])
-	;;
-	*)
-	eval "ac_cv_func_$1=yes"
-	eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes"
-	AC_DEFINE_UNQUOTED($ac_tr_func)
-	AC_DEFINE_UNQUOTED($ac_tr_lib)
-	AC_MSG_RESULT([yes, in $ac_res])
-	;;
-esac
-AC_SUBST(LIB_$1)
-])
-
-dnl AC_FIND_FUNC(func, libraries, includes, arguments)
-AC_DEFUN(AC_FIND_FUNC, [
-AC_FIND_FUNC_NO_LIBS([$1], [$2], [$3], [$4])
-if test -n "$LIB_$1"; then
-	LIBS="$LIB_$1 $LIBS"
-fi
-])
-
-dnl
-dnl Same as AC _REPLACE_FUNCS, just define HAVE_func if found in normal
-dnl libraries 
-
-AC_DEFUN(AC_BROKEN,
-[for ac_func in $1
-do
-AC_CHECK_FUNC($ac_func, [
-changequote(, )dnl
-ac_tr_func=HAVE_`echo $ac_func | tr '[a-z]' '[A-Z]'`
-changequote([, ])dnl
-AC_DEFINE_UNQUOTED($ac_tr_func)],[LIBOBJS="$LIBOBJS ${ac_func}.o"])
-# autoheader tricks *sigh*
-: << END
-@@@funcs="$funcs $1"@@@
-END
-done
-AC_SUBST(LIBOBJS)dnl
-])
-
-dnl
-dnl Mix between AC_FIND_FUNC and AC_BROKEN
-dnl
-
-AC_DEFUN(AC_FIND_IF_NOT_BROKEN,
-[AC_FIND_FUNC([$1], [$2], [$3], [$4])
-if eval "test \"$ac_cv_func_$1\" != yes"; then
-LIBOBJS="$LIBOBJS $1.o"
-fi
-AC_SUBST(LIBOBJS)dnl
-])
-
-dnl
-dnl
-dnl
-
-dnl AC_TEST_PACKAGE(package,header,lib,linkline)
-AC_DEFUN(AC_TEST_PACKAGE,
-[
-AC_MSG_CHECKING(for $1)
-AC_ARG_WITH($1,
-[  --with-$1=dir                use $1 in dir],
-[if test "$with_$1" = "no"; then
-  with_$1=
-fi]
-)
-AC_ARG_WITH($1-lib,
-[  --with-$1-lib=dir            use $1-lib in dir],
-[if test "$withval" = "yes" -o "$withval" = "no"; then
-  AC_MSG_ERROR([No argument for --with-$1-lib])
-elif test "X$with_$1" = "X"; then
-  with_$1=yes
-fi]
-)
-AC_ARG_WITH($1-include,
-[  --with-$1-include=dir        use $1-include in dir],
-[if test "$withval" = "yes" -o "$withval" = "no"; then
-  AC_MSG_ERROR([No argument for --with-$1-include])
-elif test "X$with_$1" = "X"; then
-  with_$1=yes
-fi]
-)
-
-define([foo], translit($1, [a-z], [A-Z]))
-: << END
-@@@syms="$syms foo"@@@
-END
-
-if test -n "$with_$1"; then
-  AC_DEFINE([foo])
-  if test "$with_$1" != "yes"; then
-    $1_dir=$with_$1
-  fi
-dnl Try to find include
-  if test -n "$with_$1_include"; then
-    trydir=$with_$1_include
-  elif test "$with_$1" != "yes"; then
-    trydir="$with_$1 $with_$1/include"
-  else
-    trydir=
-  fi
-  found=
-  for i in $trydir ""; do
-    if test -n "$i"; then
-      if test -f $i/$2; then
-        found=yes; res=$i; break
-      fi
-    else
-      AC_TRY_CPP([#include <$2>], [found=yes; res=$i; break])
-    fi
-  done
-  if test -n "$found"; then
-    $1_include=$res
-  else
-    AC_MSG_ERROR(Cannot find $2)
-  fi
-dnl Try to find lib
-  if test -n "$with_$1_lib"; then
-    trydir=$with_$1_lib
-  elif test "$with_$1" != "yes"; then
-    trydir="$with_$1 $with_$1/lib"
-  else
-    trydir=
-  fi
-  found=
-  for i in $trydir ""; do
-    if test -n "$i"; then
-      if test -f $i/$3; then
-        found=yes; res=$i; break
-      fi
-    else
-      old_LIBS=$LIBS
-      LIBS="$4 $LIBS"
-      AC_TRY_LINK([], [], [found=yes; res=$i; LIBS=$old_LIBS; break])
-      LIBS=$old_LIBS
-    fi
-  done
-  if test -n "$found"; then
-    $1_lib=$res
-  else
-    AC_MSG_ERROR(Cannot find $3)
-  fi
-  AC_MSG_RESULT([headers $$1_include, libraries $$1_lib])
-  AC_DEFINE_UNQUOTED(foo)
-  if test -n "$$1_include"; then
-    foo[INCLUDE]="-I$$1_include"
-  fi
-  AC_SUBST(foo[INCLUDE])
-  if test -n "$$1_lib"; then
-    foo[LIB]="-L$$1_lib"
-  fi
-  foo[LIB]="$foo[LIB] $4"
-  AC_SUBST(foo[LIB])
-else
-  AC_MSG_RESULT(no)
-fi
-undefine([foo])
-])
-
-dnl
-dnl Check if we need the declaration of a variable
-dnl
-
-dnl AC_HAVE_DECLARATION(includes, variable)
-AC_DEFUN(AC_CHECK_DECLARATION, [
-AC_MSG_CHECKING([if $2 is properly declared])
-AC_CACHE_VAL(ac_cv_var_$2_declaration, [
-AC_TRY_COMPILE([$1
-extern struct { int foo; } $2;],
-[$2.foo = 1;],
-eval "ac_cv_var_$2_declaration=no",
-eval "ac_cv_var_$2_declaration=yes")
-])
-
-ac_tr_var=[HAVE_]translit($2, [a-z], [A-Z])[_DECLARATION]
-
-define([foo], [HAVE_]translit($2, [a-z], [A-Z])[_DECLARATION])
-: << END
-@@@syms="$syms foo"@@@
-END
-undefine([foo])
-
-AC_MSG_RESULT($ac_cv_var_$2_declaration)
-if eval "test \"\$ac_cv_var_$2_declaration\" = yes"; then
-	AC_DEFINE_UNQUOTED($ac_tr_var)
-fi
-])
-
-dnl
-dnl
-dnl
-
-dnl AC_CHECK_VAR(includes, variable)
-AC_DEFUN(AC_CHECK_VAR, [
-AC_MSG_CHECKING(for $2)
-AC_CACHE_VAL(ac_cv_var_$2, [
-AC_TRY_LINK([extern int $2;
-int foo() { return $2; }],
-	    [foo()],
-	    ac_cv_var_$2=yes, ac_cv_var_$2=no)
-])
-eval "ac_tr_var=[HAVE_]translit($2,[a-z],[A-Z])"
-
-define([foo], [HAVE_]translit($2, [a-z], [A-Z]))
-: << END
-@@@syms="$syms foo"@@@
-END
-undefine([foo])
-
-AC_MSG_RESULT(`eval echo \\$ac_cv_var_$2`)
-if test `eval echo \\$ac_cv_var_$2` = yes; then
-	AC_DEFINE_UNQUOTED($ac_tr_var)
-	AC_CHECK_DECLARATION([$1],[$2])
-fi
-])
-
-dnl
-dnl Check if we need the prototype for a function
-dnl
-
-dnl AC_NEED_PROTO(includes, function)
-
-AC_DEFUN(AC_NEED_PROTO, [
-AC_CACHE_CHECK([if $2 needs a prototype], ac_cv_func_$2_noproto,
-AC_TRY_COMPILE([$1],
-[struct foo { int foo; } xx;
-extern int $2 (struct foo*);
-$2(&xx);
-],
-eval "ac_cv_func_$2_noproto=yes",
-eval "ac_cv_func_$2_noproto=no"))
-define([foo], [NEED_]translit($2, [a-z], [A-Z])[_PROTO])
-if test "$ac_cv_func_$2_noproto" = yes; then
-	AC_DEFINE(foo)
-fi
-: << END
-@@@syms="$syms foo"@@@
-END
-undefine([foo])
-])
-
-dnl AC_MSG_RESULT($ac_cv_func_$3_proto)
-dnl if eval "test \"\$ac_cv_func_$3_proto\" = yes"; then
-dnl 	AC_DEFINE_UNQUOTED($ac_tr_func)
-dnl fi
-dnl ])
-dnl 
-dnl AC_DEFUN(AC_NEED_PROTO, [
-dnl AC_MSG_CHECKING([if $3 needs a proto])
-dnl AC_CACHE_VAL(ac_cv_func_$3_proto, [
-dnl AC_TRY_COMPILE([$1],
-dnl [$2],
-dnl eval "ac_cv_func_$3_proto=no",
-dnl eval "ac_cv_func_$3_proto=yes")
-dnl ])
-dnl changequote(, )dnl
-dnl eval "ac_tr_func=NEED_`echo $3 | tr '[a-z]' '[A-Z]'`_PROTO"
-dnl changequote([, ])dnl
-dnl 
-dnl define([foo], [NEED_]translit($3, [a-z], [A-Z])[_PROTO])
-dnl : << END
-dnl @@@syms="$syms foo"@@@
-dnl END
-dnl undefine([foo])
-dnl 
-dnl AC_MSG_RESULT($ac_cv_func_$3_proto)
-dnl if eval "test \"\$ac_cv_func_$3_proto\" = yes"; then
-dnl 	AC_DEFINE_UNQUOTED($ac_tr_func)
-dnl fi
-dnl ])
-
-AC_DEFUN(AC_GROK_TYPE, [
-AC_CACHE_VAL(ac_cv_type_$1, 
-AC_TRY_COMPILE([
-#include "confdefs.h"
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_BITYPES_H
-#include <sys/bitypes.h>
-#endif
-#ifdef HAVE_BIND_BITYPES_H
-#include <bind/bitypes.h>
-#endif
-#ifdef HAVE_NETINET_IN6_MACHTYPES_H
-#include <netinet/in6_machtypes.h>
-#endif
-],
-$i x;
-,
-eval ac_cv_type_$1=yes,
-eval ac_cv_type_$1=no))])
-
-
-AC_DEFUN(AC_GROK_TYPES, [
-for i in $1; do
-	AC_MSG_CHECKING(for $i)
-	AC_GROK_TYPE($i)
-	eval ac_res=\$ac_cv_type_$i
-	if test "$ac_res" = yes; then
-		type=HAVE_`echo $i | tr '[a-z]' '[A-Z]'`
-		AC_DEFINE_UNQUOTED($type)
-	fi
-	AC_MSG_RESULT($ac_res)
-done
-])
-
-dnl
-dnl Specific tests
-dnl
-
-dnl
-dnl We prefer byacc or yacc because they do not use `alloca'
-dnl
-
-AC_DEFUN(AC_KRB_PROG_YACC,
-[AC_CHECK_PROGS(YACC, byacc yacc 'bison -y')])
-
-dnl
-dnl Also look for EMXOMF for OS/2
-dnl
-
-AC_DEFUN(AC_KRB_PROG_RANLIB,
-[AC_CHECK_PROGS(RANLIB, ranlib EMXOMF, :)])
-
-dnl
-dnl Better test for ln -s, ln or cp
-dnl
-
-AC_DEFUN(AC_KRB_PROG_LN_S,
-[AC_MSG_CHECKING(for ln -s or something else)
-AC_CACHE_VAL(ac_cv_prog_LN_S,
-[rm -f conftestdata
-if ln -s X conftestdata 2>/dev/null
-then
-  rm -f conftestdata
-  ac_cv_prog_LN_S="ln -s"
-else
-  touch conftestdata1
-  if ln conftestdata1 conftestdata2; then
-    rm -f conftestdata*
-    ac_cv_prog_LN_S=ln
-  else
-    ac_cv_prog_LN_S=cp
-  fi
-fi])dnl
-LN_S="$ac_cv_prog_LN_S"
-AC_MSG_RESULT($ac_cv_prog_LN_S)
-AC_SUBST(LN_S)dnl
-])
-
-dnl
-dnl NEXTSTEP is not posix compliant by default,
-dnl you need a switch -posix to the compiler
-dnl
-
-AC_DEFUN(AC_KRB_SYS_NEXTSTEP, [
-AC_MSG_CHECKING(for NEXTSTEP)
-AC_CACHE_VAL(krb_cv_sys_nextstep,
-AC_EGREP_CPP(yes, 
-[#ifdef NeXT
-	yes
-#endif 
-], krb_cv_sys_nextstep=yes, krb_cv_sys_nextstep=no) )
-if test "$krb_cv_sys_nextstep" = "yes"; then
-  CFLAGS="$CFLAGS -posix"
-  LIBS="$LIBS -posix"
-fi
-AC_MSG_RESULT($krb_cv_sys_nextstep)
-])
-
-dnl
-dnl AIX have a very different syscall convention
-dnl
-AC_DEFUN(AC_KRB_SYS_AIX, [
-AC_MSG_CHECKING(for AIX)
-AC_CACHE_VAL(krb_cv_sys_aix,
-AC_EGREP_CPP(yes, 
-[#ifdef _AIX
-	yes
-#endif 
-], krb_cv_sys_aix=yes, krb_cv_sys_aix=no) )
-AC_MSG_RESULT($krb_cv_sys_aix)
-])
-
-dnl
-dnl test for broken getcwd in (SunOS braindamage)
-dnl
-
-AC_DEFUN(AC_KRB_FUNC_GETCWD_BROKEN, [
-if test "$ac_cv_func_getcwd" = yes; then
-AC_MSG_CHECKING(if getcwd is broken)
-AC_CACHE_VAL(ac_cv_func_getcwd_broken, [
-ac_cv_func_getcwd_broken=no
-
-AC_TRY_RUN([
-#include <errno.h>
-char *getcwd(char*, int);
-
-void *popen(char *cmd, char *mode)
-{
-	errno = ENOTTY;
-	return 0;
-}
-
-int main()
-{
-	char *ret;
-	ret = getcwd(0, 1024);
-	if(ret == 0 && errno == ENOTTY)
-		return 0;
-	return 1;
-}
-], ac_cv_func_getcwd_broken=yes,:,:)
-])
-if test "$ac_cv_func_getcwd_broken" = yes; then
-	AC_DEFINE(BROKEN_GETCWD, 1)dnl
-	LIBOBJS="$LIBOBJS getcwd.o"
-	AC_SUBST(LIBOBJS)dnl
-	AC_MSG_RESULT($ac_cv_func_getcwd_broken)
-else
-	AC_MSG_RESULT([seems ok])
-fi
-fi
-])
-
-
-AC_DEFUN(AC_HAVE_PRAGMA_WEAK, [
-if test "${with_shared}" = "yes"; then
-AC_MSG_CHECKING(for pragma weak)
-AC_CACHE_VAL(ac_have_pragma_weak, [
-ac_have_pragma_weak=no
-cat > conftest_foo.$ac_ext <<'EOF'
-[#]line __oline__ "configure"
-#include "confdefs.h"
-#pragma weak foo = _foo
-int _foo = 17;
-EOF
-cat > conftest_bar.$ac_ext <<'EOF'
-[#]line __oline__ "configure"
-#include "confdefs.h"
-extern int foo;
-
-int t() {
-  return foo;
-}
-
-int main() {
-  return t();
-}
-EOF
-if AC_TRY_EVAL('CC -o conftest $CFLAGS $CPPFLAGS $LDFLAGS conftest_foo.$ac_ext conftest_bar.$ac_ext 1>&AC_FD_CC'); then
-ac_have_pragma_weak=yes
-fi
-rm -rf conftest*
-])
-if test "$ac_have_pragma_weak" = "yes"; then
-	AC_DEFINE(HAVE_PRAGMA_WEAK, 1)dnl
-fi
-AC_MSG_RESULT($ac_have_pragma_weak)
-fi
-])
-
-dnl
-dnl Search for struct winsize
-dnl
-
-AC_DEFUN(AC_KRB_STRUCT_WINSIZE, [
-AC_MSG_CHECKING(for struct winsize)
-AC_CACHE_VAL(ac_cv_struct_winsize, [
-ac_cv_struct_winsize=no
-for i in sys/termios.h sys/ioctl.h; do
-AC_EGREP_HEADER(
-changequote(, )dnl
-struct[ 	]*winsize,dnl
-changequote([,])dnl
-$i, ac_cv_struct_winsize=yes; break)dnl
-done
-])
-if test "$ac_cv_struct_winsize" = "yes"; then
-  AC_DEFINE(HAVE_STRUCT_WINSIZE, 1)dnl
-fi
-AC_MSG_RESULT($ac_cv_struct_winsize)
-AC_EGREP_HEADER(ws_xpixel, termios.h, AC_DEFINE(HAVE_WS_XPIXEL))
-AC_EGREP_HEADER(ws_ypixel, termios.h, AC_DEFINE(HAVE_WS_YPIXEL))
-])
diff --git a/crypto/kerberosIV/admin/Makefile.in b/crypto/kerberosIV/admin/Makefile.in
deleted file mode 100644
index d0b68b1532ef..000000000000
--- a/crypto/kerberosIV/admin/Makefile.in
+++ /dev/null
@@ -1,104 +0,0 @@
-# $Id: Makefile.in,v 1.26 1997/05/04 08:33:50 assar Exp $
-
-SHELL = /bin/sh
-
-srcdir = @srcdir@
-VPATH = @srcdir@
-
-CC = @CC@
-AR = ar
-RANLIB = @RANLIB@
-DEFS = @DEFS@
-CFLAGS = @CFLAGS@
-LD_FLAGS = @LD_FLAGS@
-LIBS = @LIBS@
-LIB_DBM = @LIB_DBM@
-
-INSTALL = @INSTALL@
-INSTALL_PROGRAM = @INSTALL_PROGRAM@
-
-MKINSTALLDIRS = @top_srcdir@/mkinstalldirs
-
-prefix = @prefix@
-exec_prefix = @exec_prefix@
-libdir = @libdir@
-sbindir = @sbindir@
-transform=@program_transform_name@
-EXECSUFFIX=@EXECSUFFIX@
-
-PROGS = ext_srvtab$(EXECSUFFIX) \
-	kdb_destroy$(EXECSUFFIX) \
-	kdb_edit$(EXECSUFFIX) \
-	kdb_init$(EXECSUFFIX) \
-	kdb_util$(EXECSUFFIX) \
-	kstash$(EXECSUFFIX)
-
-SOURCES = ext_srvtab.c kdb_destroy.c kdb_edit.c \
-          kdb_init.c kdb_util.c kstash.c
-
-OBJECTS = ext_srvtab.o kdb_destroy.o kdb_edit.o \
-          kdb_init.o kdb_util.o kstash.o
-
-all: $(PROGS)
-
-Wall:
-	make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__"
-
-.c.o:
-	$(CC) -c $(CPPFLAGS) $(DEFS) -I../include -I$(srcdir) $(CFLAGS) $<
-
-install: all
-	$(MKINSTALLDIRS) $(sbindir)
-	for x in $(PROGS); do \
-	  $(INSTALL_PROGRAM) $$x $(sbindir)/`echo $$x|sed '$(transform)'`; \
-	done
-
-uninstall:
-	for x in $(PROGS); do \
-	  rm -f $(sbindir)/`echo $$x|sed '$(transform)'`; \
-	done
-
-TAGS: $(SOURCES)
-	etags $(SOURCES)
-
-check:
-
-clean:
-	rm -f *.a *.o $(PROGS)
-
-mostlyclean: clean
-
-distclean: clean
-	rm -f Makefile *.tab.c *~
-
-realclean: distclean
-	rm -f TAGS
-
-dist: $(DISTFILES)
-	for file in $(DISTFILES); do \
-	  ln $$file ../`cat ../.fname`/lib \
-	    || cp -p $$file ../`cat ../.fname`/lib; \
-	done
-
-KLIB=-L../lib/kdb -lkdb -L../lib/krb -lkrb -L../lib/des -ldes
-LIBROKEN= -L../lib/roken -lroken
-
-ext_srvtab$(EXECSUFFIX): ext_srvtab.o
-	$(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ ext_srvtab.o $(KLIB) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN)
-
-kdb_destroy$(EXECSUFFIX): kdb_destroy.o
-	$(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ kdb_destroy.o $(KLIB) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN)
-
-kdb_edit$(EXECSUFFIX): kdb_edit.o
-	$(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ kdb_edit.o $(KLIB) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN)
-
-kdb_init$(EXECSUFFIX): kdb_init.o
-	$(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ kdb_init.o $(KLIB) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN)
-
-kdb_util$(EXECSUFFIX): kdb_util.o
-	$(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ kdb_util.o $(KLIB) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN)
-
-kstash$(EXECSUFFIX): kstash.o
-	$(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ kstash.o $(KLIB) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN)
-
-$(OBJECTS): ../include/config.h
diff --git a/crypto/kerberosIV/admin/adm_locl.h b/crypto/kerberosIV/admin/adm_locl.h
deleted file mode 100644
index 6cbd20dfde9a..000000000000
--- a/crypto/kerberosIV/admin/adm_locl.h
+++ /dev/null
@@ -1,91 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* $Id: adm_locl.h,v 1.16 1997/04/20 05:46:14 assar Exp $ */
-
-#ifndef __adm_locl_h
-#define __adm_locl_h
-
-#include "config.h"
-#include "protos.h"
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include <assert.h>
-
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-
-#ifdef TIME_WITH_SYS_TIME
-#include <sys/time.h>
-#include <time.h>
-#elif defined(HAVE_SYS_TIME_H)
-#include <sys/time.h>
-#else
-#include <time.h>
-#endif /* !TIME_WITH_SYS_TIME */
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-#include <signal.h>
-#include <errno.h>
-
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-
-#include <err.h>
-
-#include <roken.h>
-
-#include <des.h>
-#include <krb.h>
-#include <krb_db.h>
-#include <kdc.h>
-#include <kadm.h>
-
-#endif /*  __adm_locl_h */
diff --git a/crypto/kerberosIV/admin/ext_srvtab.c b/crypto/kerberosIV/admin/ext_srvtab.c
deleted file mode 100644
index 9c029219d899..000000000000
--- a/crypto/kerberosIV/admin/ext_srvtab.c
+++ /dev/null
@@ -1,143 +0,0 @@
-/*
- * Copyright 1987, 1988 by the Massachusetts Institute of Technology. 
- *
- * For copying and distribution information, please see the file
- * <mit-copyright.h>. 
- *
- * Description 
- */
-
-#include "adm_locl.h"
-
-RCSID("$Id: ext_srvtab.c,v 1.13 1997/05/02 14:27:33 assar Exp $");
-
-static des_cblock master_key;
-static des_cblock session_key;
-static des_key_schedule master_key_schedule;
-static char realm[REALM_SZ];
-
-static void
-usage(void)
-{
-    fprintf(stderr, 
-	    "Usage: %s [-n] [-r realm] instance [instance ...]\n",
-	    __progname);
-    exit(1);
-}
-
-static void
-StampOutSecrets(void)
-{
-    memset(master_key, 0, sizeof master_key);
-    memset(session_key, 0, sizeof session_key);
-    memset(master_key_schedule, 0, sizeof master_key_schedule);
-}
-
-static void
-Die(void)
-{
-    StampOutSecrets();
-    exit(1);
-}
-
-static void
-FWrite(void *p, int size, int n, FILE *f)
-{
-    if (fwrite(p, size, n, f) != n) {
-	printf("Error writing output file.  Terminating.\n");
-	Die();
-    }
-}
-
-int
-main(int argc, char **argv)
-{
-    FILE *fout;
-    char fname[1024];
-    int fopen_errs = 0;
-    int arg;
-    Principal princs[40];
-    int more; 
-    int prompt = KDB_GET_PROMPT;
-    int n, i;
-    
-    set_progname (argv[0]);
-    memset(realm, 0, sizeof(realm));
-    
-    /* Parse commandline arguments */
-    if (argc < 2)
-	usage();
-    else {
-	for (i = 1; i < argc; i++) {
-	    if (strcmp(argv[i], "-n") == 0)
-		prompt = FALSE;
-	    else if (strcmp(argv[i], "-r") == 0) {
-		if (++i >= argc)
-		    usage();
-		else {
-		    strcpy(realm, argv[i]);
-		    /* 
-		     * This is to humor the broken way commandline
-		     * argument parsing is done.  Later, this
-		     * program ignores everything that starts with -.
-		     */
-		    argv[i][0] = '-';
-		}
-	    }
-	    else if (argv[i][0] == '-')
-		usage();
-	    else
-		if (!k_isinst(argv[i])) {
-		  warnx("bad instance name: %s", argv[i]);
-		  usage();
-	    }
-	}
-    }
-
-    if (kdb_get_master_key (prompt, &master_key, master_key_schedule) != 0)
-      errx (1, "Couldn't read master key.");
-
-    if (kdb_verify_master_key (&master_key, master_key_schedule, stderr) < 0) {
-      exit(1);
-    }
-
-    /* For each arg, search for instances of arg, and produce */
-    /* srvtab file */
-    if (!realm[0])
-	if (krb_get_lrealm(realm, 1) != KSUCCESS)
-	  errx (1, "couldn't get local realm");
-    umask(077);
-
-    for (arg = 1; arg < argc; arg++) {
-	if (argv[arg][0] == '-')
-	    continue;
-	snprintf(fname, sizeof(fname), "%s-new-srvtab", argv[arg]);
-	if ((fout = fopen(fname, "w")) == NULL) {
-	    warn("Couldn't create file '%s'.", fname);
-	    fopen_errs++;
-	    continue;
-	}
-	printf("Generating '%s'....\n", fname);
-	n = kerb_get_principal("*", argv[arg], &princs[0], 40, &more);
-	if (more)
-	    fprintf(stderr, "More than 40 found...\n");
-	for (i = 0; i < n; i++) {
-	    FWrite(princs[i].name, strlen(princs[i].name) + 1, 1, fout);
-	    FWrite(princs[i].instance, strlen(princs[i].instance) + 1,
-		   1, fout);
-	    FWrite(realm, strlen(realm) + 1, 1, fout);
-	    FWrite(&princs[i].key_version,
-		sizeof(princs[i].key_version), 1, fout);
-	    copy_to_key(&princs[i].key_low, &princs[i].key_high, session_key);
-	    kdb_encrypt_key (&session_key, &session_key, 
-			     &master_key, master_key_schedule, DES_DECRYPT);
-	    FWrite(session_key, sizeof session_key, 1, fout);
-	}
-	fclose(fout);
-    }
-
-    StampOutSecrets();
-
-    return fopen_errs;		/* 0 errors if successful */
-
-}
diff --git a/crypto/kerberosIV/admin/kdb_destroy.c b/crypto/kerberosIV/admin/kdb_destroy.c
deleted file mode 100644
index fca339f0dd6b..000000000000
--- a/crypto/kerberosIV/admin/kdb_destroy.c
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * Copyright 1988 by the Massachusetts Institute of Technology.
- *
- * For copying and distribution information, please see the file
- * <mit-copyright.h>.
- *
- * Description.
- */
-
-#include "adm_locl.h"
-
-RCSID("$Id: kdb_destroy.c,v 1.7 1997/03/31 02:25:21 assar Exp $");
-
-int
-main(int argc, char **argv)
-{
-    char    answer[10];		/* user input */
-    char    dbm[256];		/* database path and name */
-    char    dbm1[256];		/* database path and name */
-#ifdef HAVE_NEW_DB
-    char   *file;               /* database file names */
-#else
-    char   *file1, *file2;	/* database file names */
-#endif
-
-    set_progname (argv[0]);
-
-    strcpy(dbm, DBM_FILE);
-#ifdef HAVE_NEW_DB
-    file = strcat(dbm, ".db");
-#else
-    strcpy(dbm1, DBM_FILE);
-    file1 = strcat(dbm, ".dir");
-    file2 = strcat(dbm1, ".pag");
-#endif
-
-    printf("You are about to destroy the Kerberos database ");
-    printf("on this machine.\n");
-    printf("Are you sure you want to do this (y/n)? ");
-    fgets(answer, sizeof(answer), stdin);
-
-    if (answer[0] == 'y' || answer[0] == 'Y') {
-#ifdef HAVE_NEW_DB
-      if (unlink(file) == 0)
-#else
-	if (unlink(file1) == 0 && unlink(file2) == 0)
-#endif
-	  {
-	    warnx ("Database deleted at %s", DBM_FILE);
-	    return 0;
-	  }
-	else
-	    warn ("Database cannot be deleted at %s", DBM_FILE);
-    } else
-        warnx ("Database not deleted at %s", DBM_FILE);
-    return 1;
-}
diff --git a/crypto/kerberosIV/admin/kdb_edit.c b/crypto/kerberosIV/admin/kdb_edit.c
deleted file mode 100644
index 5d07135e9780..000000000000
--- a/crypto/kerberosIV/admin/kdb_edit.c
+++ /dev/null
@@ -1,404 +0,0 @@
-/*
- * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute
- * of Technology.
- *
- * For copying and distribution information, please see the file
- * <mit-copyright.h>.
- *
- * This routine changes the Kerberos encryption keys for principals,
- * i.e., users or services. 
- */
-
-/*
- * exit returns 	 0 ==> success -1 ==> error 
- */
-
-#include "adm_locl.h"
-
-RCSID("$Id: kdb_edit.c,v 1.25 1997/05/07 01:34:05 assar Exp $");
-
-#ifdef DEBUG
-extern  kerb_debug;
-#endif
-
-#define zaptime(foo) memset((foo), 0, sizeof(*(foo)))
-
-static int     nflag = 0;
-static int     debug;
-
-static des_cblock new_key;
-
-static int     i, j;
-static int     more;
-
-static char    input_name[ANAME_SZ];
-static char    input_instance[INST_SZ];
-
-#define	MAX_PRINCIPAL	10
-static Principal principal_data[MAX_PRINCIPAL];
-
-static Principal old_principal;
-static Principal default_princ;
-
-static des_cblock master_key;
-static des_cblock session_key;
-static des_key_schedule master_key_schedule;
-static char pw_str[255];
-static long master_key_version;
-
-static void
-Usage(void)
-{
-    fprintf(stderr, "Usage: %s [-n]\n", __progname);
-    exit(1);
-}
-
-static char *
-n_gets(char *buf, int size)
-{
-    char *p;
-    char *ret;
-    ret = fgets(buf, size, stdin);
-  
-    if (ret && (p = strchr(buf, '\n')))
-	*p = 0;
-    return ret;
-}
-
-
-static int
-change_principal(void)
-{
-    static char temp[255];
-    int     creating = 0;
-    int     editpw = 0;
-    int     changed = 0;
-    long    temp_long;		/* Don't change to int32_t, used by scanf */
-    int     n;
-    struct tm 	*tp, edate;
-
-    fprintf(stdout, "\nPrincipal name: ");
-    fflush(stdout);
-    if (!n_gets(input_name, sizeof(input_name)) || *input_name == '\0')
-	return 0;
-    fprintf(stdout, "Instance: ");
-    fflush(stdout);
-    /* instance can be null */
-    n_gets(input_instance, sizeof(input_instance));
-    j = kerb_get_principal(input_name, input_instance, principal_data,
-			   MAX_PRINCIPAL, &more);
-    if (!j) {
-	fprintf(stdout, "\n\07\07<Not found>, Create [y] ? ");
-	fflush(stdout);
-	n_gets(temp, sizeof(temp));		/* Default case should work, it didn't */
-	if (temp[0] != 'y' && temp[0] != 'Y' && temp[0] != '\0')
-	    return -1;
-	/* make a new principal, fill in defaults */
-	j = 1;
-	creating = 1;
-	strcpy(principal_data[0].name, input_name);
-	strcpy(principal_data[0].instance, input_instance);
-	principal_data[0].old = NULL;
-	principal_data[0].exp_date = default_princ.exp_date;
-	if (strcmp(input_instance, "admin") == 0)
-	  principal_data[0].max_life = 1 + (CLOCK_SKEW/(5*60)); /*5+5 minutes*/
-	else if (strcmp(input_instance, "root") == 0)
-	  principal_data[0].max_life = 96; /* 8 hours */
-	else
-	  principal_data[0].max_life = default_princ.max_life;
-	principal_data[0].attributes = default_princ.attributes;
-	principal_data[0].kdc_key_ver = (unsigned char) master_key_version;
-	principal_data[0].key_version = 0; /* bumped up later */
-    }
-    tp = k_localtime(&principal_data[0].exp_date);
-    snprintf(principal_data[0].exp_date_txt,
-	     sizeof(principal_data[0].exp_date_txt),
-	     "%4d-%02d-%02d",
-	     tp->tm_year + 1900,
-	     tp->tm_mon + 1, tp->tm_mday); /* January is 0, not 1 */
-    for (i = 0; i < j; i++) {
-	for (;;) {
-	    fprintf(stdout,
-		    "\nPrincipal: %s, Instance: %s, kdc_key_ver: %d",
-		    principal_data[i].name, principal_data[i].instance,
-		    principal_data[i].kdc_key_ver);
-	    fflush(stdout);
-	    editpw = 1;
-	    changed = 0;
-	    if (!creating) {
-		/*
-		 * copy the existing data so we can use the old values
-		 * for the qualifier clause of the replace 
-		 */
-		principal_data[i].old = (char *) &old_principal;
-		memcpy(&old_principal, &principal_data[i],
-		       sizeof(old_principal));
-		printf("\nChange password [n] ? ");
-		n_gets(temp, sizeof(temp));
-		if (strcmp("y", temp) && strcmp("Y", temp))
-		    editpw = 0;
-	    }
-	    /* password */
-	    if (editpw) {
-#ifdef NOENCRYPTION
-		placebo_read_pw_string(pw_str, sizeof pw_str,
-		    "\nNew Password: ", TRUE);
-#else
-                if(des_read_pw_string(pw_str, sizeof pw_str,
-			"\nNew Password: ", TRUE))
-		    continue;
-#endif
-		if (   strcmp(pw_str, "RANDOM") == 0
-		    || strcmp(pw_str, "") == 0) {
-		    printf("\nRandom password [y] ? ");
-		    n_gets(temp, sizeof(temp));
-		    if (!strcmp("n", temp) || !strcmp("N", temp)) {
-			/* no, use literal */
-#ifdef NOENCRYPTION
-			memset(new_key, 0, sizeof(des_cblock));
-			new_key[0] = 127;
-#else
-			des_string_to_key(pw_str, &new_key);
-#endif
-			memset(pw_str, 0, sizeof pw_str);	/* "RANDOM" */
-		    } else {
-#ifdef NOENCRYPTION
-			memset(new_key, 0, sizeof(des_cblock));
-			new_key[0] = 127;
-#else
-			des_new_random_key(&new_key);
-#endif
-			memset(pw_str, 0, sizeof pw_str);
-		    }
-		} else if (!strcmp(pw_str, "NULL")) {
-		    printf("\nNull Key [y] ? ");
-		    n_gets(temp, sizeof(temp));
-		    if (!strcmp("n", temp) || !strcmp("N", temp)) {
-			/* no, use literal */
-#ifdef NOENCRYPTION
-			memset(new_key, 0, sizeof(des_cblock));
-			new_key[0] = 127;
-#else
-			des_string_to_key(pw_str, &new_key);
-#endif
-			memset(pw_str, 0, sizeof pw_str);	/* "NULL" */
-		    } else {
-
-			principal_data[i].key_low = 0;
-			principal_data[i].key_high = 0;
-			goto null_key;
-		    }
-		} else {
-#ifdef NOENCRYPTION
-		    memset(new_key, 0, sizeof(des_cblock));
-		    new_key[0] = 127;
-#else
-		    des_string_to_key(pw_str, &new_key);
-#endif
-		    memset(pw_str, 0, sizeof pw_str);
-		}
-
-		/* seal it under the kerberos master key */
-		kdb_encrypt_key (&new_key, &new_key, 
-				 &master_key, master_key_schedule,
-				 DES_ENCRYPT);
-		copy_from_key(new_key,
-			      &principal_data[i].key_low,
-			      &principal_data[i].key_high);
-		memset(new_key, 0, sizeof(new_key));
-	null_key:
-		/* set master key version */
-		principal_data[i].kdc_key_ver =
-		    (unsigned char) master_key_version;
-		/* bump key version # */
-		principal_data[i].key_version++;
-		fprintf(stdout,
-			"\nPrincipal's new key version = %d\n",
-			principal_data[i].key_version);
-		fflush(stdout);
-		changed = 1;
-	    }
-	    /* expiration date */
-	    fprintf(stdout, "Expiration date (enter yyyy-mm-dd) [ %s ] ? ",
-		    principal_data[i].exp_date_txt);
-	    fflush(stdout);
-	    zaptime(&edate);
-	    while (n_gets(temp, sizeof(temp)) && ((n = strlen(temp)) >
-				  sizeof(principal_data[0].exp_date_txt))) {
-	    bad_date:
-		fprintf(stdout, "\07\07Date Invalid\n");
-		fprintf(stdout,
-			"Expiration date (enter yyyy-mm-dd) [ %s ] ? ",
-			principal_data[i].exp_date_txt);
-		fflush(stdout);
-		zaptime(&edate);
-	    }
-
-	    if (*temp) {
-		if (sscanf(temp, "%d-%d-%d", &edate.tm_year,
-			      &edate.tm_mon, &edate.tm_mday) != 3)
-		    goto bad_date;
-		edate.tm_mon--;		/* January is 0, not 1 */
-		edate.tm_hour = 23;	/* nearly midnight at the end of the */
-		edate.tm_min = 59;	/* specified day */
-		if (krb_check_tm (edate))
-		    goto bad_date;
-		edate.tm_year -= 1900;
-		temp_long = tm2time (edate, 1);
-		strcpy(principal_data[i].exp_date_txt, temp);
-		principal_data[i].exp_date = temp_long;
-		changed = 1;
-	    }
-
-	    /* maximum lifetime */
-	    fprintf(stdout, "Max ticket lifetime (*5 minutes) [ %d ] ? ",
-		    principal_data[i].max_life);
-	    fflush(stdout);
-	    while (n_gets(temp, sizeof(temp)) && *temp) {
-		if (sscanf(temp, "%ld", &temp_long) != 1)
-		    goto bad_life;
-		if (temp_long > 255 || (temp_long < 0)) {
-		bad_life:
-		    fprintf(stdout, "\07\07Invalid, choose 0-255\n");
-		    fprintf(stdout,
-			    "Max ticket lifetime (*5 minutes) [ %d ] ? ",
-			    principal_data[i].max_life);
-		    fflush(stdout);
-		    continue;
-		}
-		changed = 1;
-		/* dont clobber */
-		principal_data[i].max_life = (unsigned short) temp_long;
-		break;
-	    }
-
-	    /* attributes */
-	    fprintf(stdout, "Attributes [ %d ] ? ",
-		    principal_data[i].attributes);
-	    fflush(stdout);
-	    while (n_gets(temp, sizeof(temp)) && *temp) {
-		if (sscanf(temp, "%ld", &temp_long) != 1)
-		    goto bad_att;
-		if (temp_long > 65535 || (temp_long < 0)) {
-		bad_att:
-		    fprintf(stdout, "\07\07Invalid, choose 0-65535\n");
-		    fprintf(stdout, "Attributes [ %d ] ? ",
-			    principal_data[i].attributes);
-		    fflush(stdout);
-		    continue;
-		}
-		changed = 1;
-		/* dont clobber */
-		principal_data[i].attributes =
-		    (unsigned short) temp_long;
-		break;
-	    }
-
-	    /*
-	     * remaining fields -- key versions and mod info, should
-	     * not be directly manipulated 
-	     */
-	    if (changed) {
-		if (kerb_put_principal(&principal_data[i], 1)) {
-		    fprintf(stdout,
-			"\nError updating Kerberos database");
-		} else {
-		    fprintf(stdout, "Edit O.K.");
-		}
-	    } else {
-		fprintf(stdout, "Unchanged");
-	    }
-
-
-	    memset(&principal_data[i].key_low, 0, 4);
-	    memset(&principal_data[i].key_high, 0, 4);
-	    fflush(stdout);
-	    break;
-	}
-    }
-    if (more) {
-	fprintf(stdout, "\nThere were more tuples found ");
-	fprintf(stdout, "than there were space for");
-      }
-    return 1;
-}
-
-static void
-cleanup(void)
-{
-
-    memset(master_key, 0, sizeof(master_key));
-    memset(session_key, 0, sizeof(session_key));
-    memset(master_key_schedule, 0, sizeof(master_key_schedule));
-    memset(principal_data, 0, sizeof(principal_data));
-    memset(new_key, 0, sizeof(new_key));
-    memset(pw_str, 0, sizeof(pw_str));
-}
-
-int
-main(int argc, char **argv)
-{
-    /* Local Declarations */
-
-    long    n;
-
-    set_progname (argv[0]);
-
-    while (--argc > 0 && (*++argv)[0] == '-')
-	for (i = 1; argv[0][i] != '\0'; i++) {
-	    switch (argv[0][i]) {
-
-		/* debug flag */
-	    case 'd':
-		debug = 1;
-		continue;
-
-		/* debug flag */
-#ifdef DEBUG
-	    case 'l':
-		kerb_debug |= 1;
-		continue;
-#endif
-	    case 'n':		/* read MKEYFILE for master key */
-		nflag = 1;
-		continue;
-
-	    default:
-		warnx ("illegal flag \"%c\"", argv[0][i]);
-		Usage();	/* Give message and die */
-	    }
-	}
-
-    fprintf(stdout, "Opening database...\n");
-    fflush(stdout);
-    kerb_init();
-    if (argc > 0)
-	if (kerb_db_set_name(*argv) != 0)
-	    errx (1, "Could not open altername database name");
-
-    if (kdb_get_master_key ((nflag == 0) ? KDB_GET_PROMPT : 0, 
-			    &master_key, master_key_schedule) != 0)
-	errx (1, "Couldn't read master key.");
-
-    if ((master_key_version = kdb_verify_master_key(&master_key,
-						    master_key_schedule,
-						    stdout)) < 0)
-      return 1;
-
-    /* Initialize non shared random sequence */
-    des_init_random_number_generator(&master_key);
-
-    /* lookup the default values */
-    n = kerb_get_principal(KERB_DEFAULT_NAME, KERB_DEFAULT_INST,
-			   &default_princ, 1, &more);
-    if (n != 1)
-	errx (1, "Kerberos error on default value lookup, %ld found.", n);
-    fprintf(stdout, "Previous or default values are in [brackets] ,\n");
-    fprintf(stdout, "enter return to leave the same, or new value.\n");
-
-    while (change_principal()) {
-    }
-
-    cleanup();
-    return 0;
-}
diff --git a/crypto/kerberosIV/admin/kdb_init.c b/crypto/kerberosIV/admin/kdb_init.c
deleted file mode 100644
index b9ea009c5d1c..000000000000
--- a/crypto/kerberosIV/admin/kdb_init.c
+++ /dev/null
@@ -1,174 +0,0 @@
-/*
- * Copyright 1987, 1988 by the Massachusetts Institute of Technology. 
- *
- * For copying and distribution information, please see the file
- * <mit-copyright.h>. 
- *
- * program to initialize the database,  reports error if database file
- * already exists. 
- */
-
-#include "adm_locl.h"
-
-RCSID("$Id: kdb_init.c,v 1.23 1997/03/30 17:45:05 assar Exp $");
-
-enum ap_op {
-    NULL_KEY,			/* setup null keys */
-    MASTER_KEY,                 /* use master key as new key */
-    RANDOM_KEY			/* choose a random key */
-};
-
-static des_cblock master_key;
-static des_key_schedule master_key_schedule;
-
-/* use a return code to indicate success or failure.  check the return */
-/* values of the routines called by this routine. */
-
-static int
-add_principal(char *name, char *instance, enum ap_op aap_op, int maxlife)
-{
-    Principal principal;
-    struct tm *tm;
-    des_cblock new_key;
-
-    memset(&principal, 0, sizeof(principal));
-    strncpy(principal.name, name, ANAME_SZ);
-    strncpy(principal.instance, instance, INST_SZ);
-    switch (aap_op) {
-    case NULL_KEY:
-	principal.key_low = 0;
-	principal.key_high = 0;
-	break;
-    case RANDOM_KEY:
-#ifdef NOENCRYPTION
-        memset(new_key, 0, sizeof(des_cblock));
-	new_key[0] = 127;
-#else
-	des_new_random_key(&new_key);
-#endif
-	kdb_encrypt_key (&new_key, &new_key, &master_key, master_key_schedule,
-			 DES_ENCRYPT);
-	copy_from_key(new_key, &principal.key_low, &principal.key_high);
-	memset(new_key, 0, sizeof(new_key));
-	break;
-    case MASTER_KEY:
-	memcpy(new_key, master_key, sizeof (des_cblock));
-	kdb_encrypt_key (&new_key, &new_key, &master_key, master_key_schedule,
-			 DES_ENCRYPT);
-	copy_from_key(new_key, &principal.key_low, &principal.key_high);
-	break;
-    }
-    principal.exp_date = 946702799;	/* Happy new century */
-    strncpy(principal.exp_date_txt, "12/31/99", DATE_SZ);
-    principal.mod_date = time(0);
-
-    tm = k_localtime(&principal.mod_date);
-    principal.attributes = 0;
-    principal.max_life = maxlife;
-
-    principal.kdc_key_ver = 1;
-    principal.key_version = 1;
-
-    strncpy(principal.mod_name, "db_creation", ANAME_SZ);
-    strncpy(principal.mod_instance, "", INST_SZ);
-    principal.old = 0;
-
-    if (kerb_db_put_principal(&principal, 1) != 1)
-        return -1;		/* FAIL */
-    
-    /* let's play it safe */
-    memset(new_key, 0, sizeof (des_cblock));
-    memset(&principal.key_low, 0, 4);
-    memset(&principal.key_high, 0, 4);
-    return 0;
-}
-
-int
-main(int argc, char **argv)
-{
-    char    realm[REALM_SZ];
-    char   *cp;
-    int code;
-    char *database;
-    
-    set_progname (argv[0]);
-
-    if (argc > 3) {
-	fprintf(stderr, "Usage: %s [realm-name] [database-name]\n", argv[0]);
-	return 1;
-    }
-    if (argc == 3) {
-	database = argv[2];
-	--argc;
-    } else
-	database = DBM_FILE;
-
-    /* Do this first, it'll fail if the database exists */
-    if ((code = kerb_db_create(database)) != 0)
-	err (1, "Couldn't create database %s", database);
-    kerb_db_set_name(database);
-
-    if (argc == 2)
-	strncpy(realm, argv[1], REALM_SZ);
-    else {
-        if (krb_get_lrealm(realm, 1) != KSUCCESS)
-		strcpy(realm, KRB_REALM);
-	fprintf(stderr, "Realm name [default  %s ]: ", realm);
-	if (fgets(realm, sizeof(realm), stdin) == NULL)
-	    errx (1, "\nEOF reading realm");
-	if ((cp = strchr(realm, '\n')))
-	    *cp = '\0';
-	if (!*realm)			/* no realm given */
-		if (krb_get_lrealm(realm, 1) != KSUCCESS)
-			strcpy(realm, KRB_REALM);
-    }
-    if (!k_isrealm(realm))
-	errx (1, "Bad kerberos realm name \"%s\"", realm);
-#ifndef RANDOM_MKEY
-    printf("You will be prompted for the database Master Password.\n");
-    printf("It is important that you NOT FORGET this password.\n");
-#else
-    printf("To generate a master key, please enter some random data.\n");
-    printf("You do not have to remember this.\n");
-#endif
-    fflush(stdout);
-
-    if (kdb_get_master_key (KDB_GET_TWICE, &master_key,
-			    master_key_schedule) != 0)
-	errx (1, "Couldn't read master key.");
-
-#ifdef RANDOM_MKEY
-    if(kdb_kstash(&master_key, MKEYFILE) < 0)
-	err (1, "Error writing master key");
-    fprintf(stderr, "Wrote master key to %s\n", MKEYFILE);
-#endif
-
-    /* Initialize non shared random sequence */
-    des_init_random_number_generator(&master_key);
-
-    /* Maximum lifetime for changepw.kerberos (kadmin) tickets, 10 minutes */
-#define ADMLIFE (1 + (CLOCK_SKEW/(5*60)))
-
-    /* Maximum lifetime for ticket granting tickets, 4 days or 21.25h */
-#define TGTLIFE ((krb_life_to_time(0, 162) >= 24*60*60) ? 161 : 255)
-
-    /* This means that default lifetimes have not been initialized */
-#define DEFLIFE 255
-
-#define NOLIFE 0
-
-    if (
-	add_principal(KERB_M_NAME, KERB_M_INST, MASTER_KEY, NOLIFE) ||
-	add_principal(KERB_DEFAULT_NAME, KERB_DEFAULT_INST, NULL_KEY,DEFLIFE)||
-	add_principal(KRB_TICKET_GRANTING_TICKET, realm, RANDOM_KEY, TGTLIFE)||
-	add_principal(PWSERV_NAME, KRB_MASTER, RANDOM_KEY, ADMLIFE) 
-	) {
-      putc ('\n', stderr);
-      errx (1, "couldn't initialize database.");
-    }
-
-    /* play it safe */
-    memset(master_key, 0, sizeof (des_cblock));
-    memset(master_key_schedule, 0, sizeof (des_key_schedule));
-    return 0;
-}
diff --git a/crypto/kerberosIV/admin/kdb_util.c b/crypto/kerberosIV/admin/kdb_util.c
deleted file mode 100644
index b221fddb1e6b..000000000000
--- a/crypto/kerberosIV/admin/kdb_util.c
+++ /dev/null
@@ -1,496 +0,0 @@
-/*
- * Copyright 1987, 1988 by the Massachusetts Institute of Technology.
- * 
- * For copying and distribution information, please see the file
- * <mit-copyright.h>.
- *
- * Kerberos database manipulation utility. This program allows you to
- * dump a kerberos database to an ascii readable file and load this
- * file into the database. Read locking of the database is done during a
- * dump operation. NO LOCKING is done during a load operation. Loads
- * should happen with other processes shutdown. 
- *
- * Written July 9, 1987 by Jeffrey I. Schiller
- */
-
-#include "adm_locl.h"
-
-RCSID("$Id: kdb_util.c,v 1.35 1997/05/07 00:57:45 assar Exp $");
-
-static des_cblock master_key, new_master_key;
-static des_key_schedule master_key_schedule, new_master_key_schedule;
-
-#define zaptime(foo) memset((foo), 0, sizeof(*(foo)))
-
-/* cv_key is a procedure which takes a principle and changes its key, 
-   either for a new method of encrypting the keys, or a new master key.
-   if cv_key is null no transformation of key is done (other than net byte
-   order). */
-
-struct callback_args {
-    void (*cv_key)(Principal *);
-    FILE *output_file;
-};
-
-static void
-print_time(FILE *file, time_t timeval)
-{
-    struct tm *tm;
-    tm = gmtime(&timeval);
-    fprintf(file, " %04d%02d%02d%02d%02d",
-	    tm->tm_year + 1900,
-            tm->tm_mon + 1,
-            tm->tm_mday,
-            tm->tm_hour,
-            tm->tm_min);
-}
-
-static long
-time_explode(char *cp)
-{
-    char wbuf[5];
-    struct tm tp;
-    int local;
-
-    zaptime(&tp);			/* clear out the struct */
-    
-    if (strlen(cp) > 10) {		/* new format */
-	strncpy(wbuf, cp, 4);
-	wbuf[4] = 0;
-	tp.tm_year = atoi(wbuf) - 1900;
-	cp += 4;			/* step over the year */
-	local = 0;			/* GMT */
-    } else {				/* old format: local time, 
-					   year is 2 digits, assuming 19xx */
-	wbuf[0] = *cp++;
-	wbuf[1] = *cp++;
-	wbuf[2] = 0;
-	tp.tm_year = atoi(wbuf);
-	local = 1;			/* local */
-    }
-
-    wbuf[0] = *cp++;
-    wbuf[1] = *cp++;
-    wbuf[2] = 0;
-    tp.tm_mon = atoi(wbuf)-1;
-
-    wbuf[0] = *cp++;
-    wbuf[1] = *cp++;
-    tp.tm_mday = atoi(wbuf);
-    
-    wbuf[0] = *cp++;
-    wbuf[1] = *cp++;
-    tp.tm_hour = atoi(wbuf);
-    
-    wbuf[0] = *cp++;
-    wbuf[1] = *cp++;
-    tp.tm_min = atoi(wbuf);
-
-
-    return(tm2time(tp, local));
-}
-
-static int
-dump_db_1(void *arg, Principal *principal)
-{	    /* replace null strings with "*" */
-    struct callback_args *a = (struct callback_args *)arg;
-    
-    if (principal->instance[0] == '\0') {
-	principal->instance[0] = '*';
-	principal->instance[1] = '\0';
-    }
-    if (principal->mod_name[0] == '\0') {
-	principal->mod_name[0] = '*';
-	principal->mod_name[1] = '\0';
-    }
-    if (principal->mod_instance[0] == '\0') {
-	principal->mod_instance[0] = '*';
-	principal->mod_instance[1] = '\0';
-    }
-    if (a->cv_key != NULL) {
-	(*a->cv_key) (principal);
-    }
-    fprintf(a->output_file, "%s %s %d %d %d %d %x %x",
-	    principal->name,
-	    principal->instance,
-	    principal->max_life,
-	    principal->kdc_key_ver,
-	    principal->key_version,
-	    principal->attributes,
-	    (int)htonl (principal->key_low),
-	    (int)htonl (principal->key_high));
-    print_time(a->output_file, principal->exp_date);
-    print_time(a->output_file, principal->mod_date);
-    fprintf(a->output_file, " %s %s\n",
-	    principal->mod_name,
-	    principal->mod_instance);
-    return 0;
-}
-
-static int
-dump_db (char *db_file, FILE *output_file, void (*cv_key) (Principal *))
-{
-    struct callback_args a;
-
-    a.cv_key = cv_key;
-    a.output_file = output_file;
-    
-    kerb_db_iterate ((k_iter_proc_t)dump_db_1, &a);
-    return fflush(output_file);
-}
-
-static int
-add_file(void *db, FILE *file)
-{
-    int ret;
-    int lineno = 0;
-    char line[1024];
-    unsigned long key[2]; /* yes, long */
-    Principal pr;
-    
-    char exp_date[64], mod_date[64];
-    
-    int life, kkvno, kvno;
-    
-    while(1){
-	memset(&pr, 0, sizeof(pr));
-	errno = 0;
-	if(fgets(line, sizeof(line), file) == NULL){
-	    if(errno != 0)
-	      err (1, "fgets");
-	    break;
-	}
-	lineno++;
-	ret = sscanf(line, "%s %s %d %d %d %hd %lx %lx %s %s %s %s",
-		     pr.name, pr.instance,
-		     &life, &kkvno, &kvno,
-		     &pr.attributes,
-		     &key[0], &key[1],
-		     exp_date, mod_date,
-		     pr.mod_name, pr.mod_instance);
-	if(ret != 12){
-	    warnx("Line %d malformed (ignored)", lineno);
-	    continue;
-	}
-	pr.key_low = ntohl (key[0]);
-	pr.key_high = ntohl (key[1]);
-	pr.max_life = life;
-	pr.kdc_key_ver = kkvno;
-	pr.key_version = kvno;
-	pr.exp_date = time_explode(exp_date);
-	pr.mod_date = time_explode(mod_date);
-	if (pr.instance[0] == '*')
-	    pr.instance[0] = 0;
-	if (pr.mod_name[0] == '*')
-	    pr.mod_name[0] = 0;
-	if (pr.mod_instance[0] == '*')
-	    pr.mod_instance[0] = 0;
-	if (kerb_db_update(db, &pr, 1) != 1) {
-	    warn ("store %s.%s aborted",
-		  pr.name, pr.instance);
-	    return 1;
-	}
-    }
-    return 0;
-}
-
-static void
-load_db (char *db_file, FILE *input_file)
-{
-    long *db;
-    int     temp1;
-    int code;
-    char *temp_db_file;
-
-    temp1 = strlen(db_file)+2;
-    temp_db_file = malloc (temp1);
-    strcpy(temp_db_file, db_file);
-    strcat(temp_db_file, "~");
-
-    /* Create the database */
-    if ((code = kerb_db_create(temp_db_file)) != 0)
-	err (1, "creating temp database %s", temp_db_file);
-    kerb_db_set_name(temp_db_file);
-    db = kerb_db_begin_update();
-    if (db == NULL)
-	err (1, "opening temp database %s", temp_db_file);
-    
-    if(add_file(db, input_file))
-	errx (1, "Load aborted");
-
-    kerb_db_end_update(db);
-    if ((code = kerb_db_rename(temp_db_file, db_file)) != 0)
-        warn("database rename failed");
-    fclose(input_file);
-    free(temp_db_file);
-}
-
-static void
-merge_db(char *db_file, FILE *input_file)
-{
-    void *db;
-    
-    db = kerb_db_begin_update();
-    if(db == NULL)
-        err (1, "Couldn't open database");
-    if(add_file(db, input_file))
-        errx (1, "Merge aborted");
-    kerb_db_end_update(db);
-}
-
-static void
-update_ok_file (char *file_name)
-{
-    /* handle slave locking/failure stuff */
-    char *file_ok;
-    int fd;
-    static char ok[]=".dump_ok";
-
-    asprintf (&file_ok, "%s%s", file_name, ok);
-    if (file_ok == NULL)
-      errx (1, "out of memory");
-    if ((fd = open(file_ok, O_WRONLY|O_CREAT|O_TRUNC, 0400)) < 0)
-        err (1, "Error creating %s", file_ok);
-    free(file_ok);
-    close(fd);
-}
-
-static void
-convert_key_new_master (Principal *p)
-{
-  des_cblock key;
-
-  /* leave null keys alone */
-  if ((p->key_low == 0) && (p->key_high == 0)) return;
-
-  /* move current key to des_cblock for encryption, special case master key
-     since that's changing */
-  if ((strncmp (p->name, KERB_M_NAME, ANAME_SZ) == 0) &&
-      (strncmp (p->instance, KERB_M_INST, INST_SZ) == 0)) {
-    memcpy (key, new_master_key, sizeof(des_cblock));
-    (p->key_version)++;
-  } else {
-    copy_to_key(&p->key_low, &p->key_high, key);
-    kdb_encrypt_key (&key, &key, &master_key, master_key_schedule, DES_DECRYPT);
-  }
-
-  kdb_encrypt_key (&key, &key, &new_master_key, new_master_key_schedule, DES_ENCRYPT);
-
-  copy_from_key(key, &(p->key_low), &(p->key_high));
-  memset(key, 0, sizeof (key));  /* a little paranoia ... */
-
-  (p->kdc_key_ver)++;
-}
-
-static void
-clear_secrets (void)
-{
-  memset(master_key, 0, sizeof (des_cblock));
-  memset(master_key_schedule, 0, sizeof (des_key_schedule));
-  memset(new_master_key, 0, sizeof (des_cblock));
-  memset(new_master_key_schedule, 0, sizeof (des_key_schedule));
-}
-
-static void
-convert_new_master_key (char *db_file, FILE *out)
-{
-#ifdef RANDOM_MKEY
-  errx (1, "Sorry, this function is not available with "
-	"the new master key scheme.");
-#else
-  printf ("\n\nEnter the CURRENT master key.");
-  if (kdb_get_master_key (KDB_GET_PROMPT, &master_key,
-			  master_key_schedule) != 0) {
-    clear_secrets ();
-    errx (1, "Couldn't get master key.");
-  }
-
-  if (kdb_verify_master_key (&master_key, master_key_schedule, stderr) < 0) {
-    clear_secrets ();
-    exit (1);
-  }
-
-  printf ("\n\nNow enter the NEW master key.  Do not forget it!!");
-  if (kdb_get_master_key (KDB_GET_TWICE, &new_master_key,
-			  new_master_key_schedule) != 0) {
-    clear_secrets ();
-    errx (1, "Couldn't get new master key.");
-  }
-
-  dump_db (db_file, out, convert_key_new_master);
-  {
-    char fname[128];
-    snprintf(fname, sizeof(fname), "%s.new", MKEYFILE);
-    kdb_kstash(&new_master_key, fname);
-  }
-#endif /* RANDOM_MKEY */
-}
-
-static void
-convert_key_old_db (Principal *p)
-{
-  des_cblock key;
-
- /* leave null keys alone */
-  if ((p->key_low == 0) && (p->key_high == 0)) return;
-
-  copy_to_key(&p->key_low, &p->key_high, key);
-
-#ifndef NOENCRYPTION
-  des_pcbc_encrypt((des_cblock *)key,(des_cblock *)key,
-	(long)sizeof(des_cblock),master_key_schedule,
-	(des_cblock *)master_key_schedule, DES_DECRYPT);
-#endif
-
-  /* make new key, new style */
-  kdb_encrypt_key (&key, &key, &master_key, master_key_schedule, DES_ENCRYPT);
-
-  copy_from_key(key, &(p->key_low), &(p->key_high));
-  memset(key, 0, sizeof (key));  /* a little paranoia ... */
-}
-
-static void
-convert_old_format_db (char *db_file, FILE *out)
-{
-  des_cblock key_from_db;
-  Principal principal_data[1];
-  int n, more;
-
-  if (kdb_get_master_key (KDB_GET_PROMPT, &master_key,
-			  master_key_schedule) != 0L) {
-    clear_secrets();
-    errx (1, "Couldn't get master key.");
-  }
-
-  /* can't call kdb_verify_master_key because this is an old style db */
-  /* lookup the master key version */
-  n = kerb_get_principal(KERB_M_NAME, KERB_M_INST, principal_data,
-			 1 /* only one please */, &more);
-  if ((n != 1) || more)
-    errx (1, "verify_master_key: Kerberos error on master key lookup, %d found.\n", n);
-
-  /* set up the master key */
-  fprintf(stderr, "Current Kerberos master key version is %d.\n",
-	  principal_data[0].kdc_key_ver);
-
-  /*
-   * now use the master key to decrypt (old style) the key in the db, had better
-   * be the same! 
-   */
-  copy_to_key(&principal_data[0].key_low,
-	      &principal_data[0].key_high,
-	      key_from_db);
-#ifndef NOENCRYPTION
-  des_pcbc_encrypt(&key_from_db,&key_from_db,(long)sizeof(key_from_db),
-	master_key_schedule,(des_cblock *)master_key_schedule, DES_DECRYPT);
-#endif
-  /* the decrypted database key had better equal the master key */
-
-  n = memcmp(master_key, key_from_db, sizeof(master_key));
-  memset(key_from_db, 0, sizeof(key_from_db));
-
-  if (n) {
-    fprintf(stderr, "\n\07\07verify_master_key: Invalid master key, ");
-    fprintf(stderr, "does not match database.\n");
-    exit (1);
-  }
-    
-  fprintf(stderr, "Master key verified.\n");
-
-  dump_db (db_file, out, convert_key_old_db);
-}
-
-int
-main(int argc, char **argv)
-{
-    int ret;
-    FILE   *file;
-    enum {
-	OP_LOAD,
-	OP_MERGE,
-	OP_DUMP,
-	OP_SLAVE_DUMP,
-	OP_NEW_MASTER,
-	OP_CONVERT_OLD_DB
-    }       op;
-    char *file_name;
-    char *db_name;
-
-    set_progname (argv[0]);
-    
-    if (argc != 3 && argc != 4) {
-	fprintf(stderr, "Usage: %s operation file [database name].\n",
-		argv[0]);
-	fprintf(stderr, "Operation is one of: "
-		"load, merge, dump, slave_dump, new_master_key, "
-		"convert_old_db\n");
-	exit(1);
-    }
-    if (argc == 3)
-	db_name = DBM_FILE;
-    else
-	db_name = argv[3];
-    
-    ret = kerb_db_set_name (db_name);
-    
-    /* this makes starting slave servers ~14.3 times easier */
-    if(ret && strcmp(argv[1], "load") == 0)
-       ret = kerb_db_create (db_name);
-
-    if(ret)
-      err (1, "Can't open database");
-
-    if (!strcmp(argv[1], "load"))
-	op = OP_LOAD;
-    else if (!strcmp(argv[1], "merge"))
-	op = OP_MERGE;
-    else if (!strcmp(argv[1], "dump"))
-	op = OP_DUMP;
-    else if (!strcmp(argv[1], "slave_dump"))
-        op = OP_SLAVE_DUMP;
-    else if (!strcmp(argv[1], "new_master_key"))
-        op = OP_NEW_MASTER;
-    else if (!strcmp(argv[1], "convert_old_db"))
-        op = OP_CONVERT_OLD_DB;
-    else {
-        warnx ("%s is an invalid operation.", argv[1]);
-	warnx ("Valid operations are \"load\", \"merge\", "
-	       "\"dump\", \"slave_dump\", \"new_master_key\", "
-	       "and \"convert_old_db\"");
-	return 1;
-    }
-
-    file_name = argv[2];
-    file = fopen(file_name, (op == OP_LOAD || op == OP_MERGE) ? "r" : "w");
-    if (file == NULL)
-        err (1, "open %s", argv[2]);
-
-    switch (op) {
-    case OP_DUMP:
-      if ((dump_db (db_name, file, (void (*)(Principal *)) 0) == EOF) ||
-	  (fclose(file) == EOF))
-	  err (1, "%s", file_name);
-      break;
-    case OP_SLAVE_DUMP:
-      if ((dump_db (db_name, file, (void (*)(Principal *)) 0) == EOF) ||
-	  (fclose(file) == EOF))
-	err (1, "%s", file_name);
-      update_ok_file (file_name);
-      break;
-    case OP_LOAD:
-      load_db (db_name, file);
-      break;
-    case OP_MERGE:
-      merge_db (db_name, file);
-      break;
-    case OP_NEW_MASTER:
-      convert_new_master_key (db_name, file);
-      printf("Don't forget to do a `kdb_util load %s' to reload the database!\n", file_name);
-      break;
-    case OP_CONVERT_OLD_DB:
-      convert_old_format_db (db_name, file);
-      printf("Don't forget to do a `kdb_util load %s' to reload the database!\n", file_name);      
-      break;
-    }
-    return 0;
-}
diff --git a/crypto/kerberosIV/admin/kstash.c b/crypto/kerberosIV/admin/kstash.c
deleted file mode 100644
index 4595de58ef32..000000000000
--- a/crypto/kerberosIV/admin/kstash.c
+++ /dev/null
@@ -1,56 +0,0 @@
-/*
- * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute
- * of Technology 
- *
- * For copying and distribution information, please see the file
- * <mit-copyright.h>.
- *
- * Description.
- */
-
-#include "adm_locl.h"
-
-RCSID("$Id: kstash.c,v 1.10 1997/03/30 17:35:37 assar Exp $");
-
-/* change this later, but krblib_dbm needs it for now */
-
-static des_cblock master_key;
-static des_key_schedule master_key_schedule;
-
-static void 
-clear_secrets(void)
-{
-    memset(master_key_schedule, 0, sizeof(master_key_schedule));
-    memset(master_key, 0, sizeof(master_key));
-}
-
-int
-main(int argc, char **argv)
-{
-    long    n;
-    int ret = 0;
-    set_progname (argv[0]);
-
-    if ((n = kerb_init()))
-        errx(1, "Kerberos db and cache init failed = %ld\n", n);
-
-    if (kdb_get_master_key (KDB_GET_PROMPT, &master_key,
-			    master_key_schedule) != 0) {
-	clear_secrets();
-	errx(1, "Couldn't read master key.");
-    }
-
-    if (kdb_verify_master_key (&master_key, master_key_schedule, stderr) < 0) {
-	clear_secrets();
-	return 1;
-    }
-
-    ret = kdb_kstash(&master_key, MKEYFILE);
-    if(ret < 0)
-        warn("writing master key");
-    else
-	fprintf(stderr, "Wrote master key to %s\n", MKEYFILE);
-    
-    clear_secrets();
-    return ret;
-}
diff --git a/crypto/kerberosIV/appl/Makefile.in b/crypto/kerberosIV/appl/Makefile.in
deleted file mode 100644
index c9512589525f..000000000000
--- a/crypto/kerberosIV/appl/Makefile.in
+++ /dev/null
@@ -1,43 +0,0 @@
-# $Id: Makefile.in,v 1.27 1997/05/20 18:58:37 bg Exp $
-
-srcdir		= @srcdir@
-VPATH		= @srcdir@
-
-SHELL		= /bin/sh
-
-@SET_MAKE@
-
-SUBDIRS		= sample kauth bsd movemail afsutil \
-		  kpopper xnlock kx otp @APPL_KIP_DIR@ ftp telnet
-
-all:
-	for i in $(SUBDIRS); \
-	do (cd $$i && $(MAKE) $(MFLAGS) all); done
-
-Wall:
-	make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__"
-
-install:
-	for i in $(SUBDIRS); \
-	do (cd $$i && $(MAKE) $(MFLAGS) install); done
-
-uninstall:
-	for i in $(SUBDIRS); \
-	do (cd $$i && $(MAKE) $(MFLAGS) uninstall); done
-
-clean:
-	for i in $(SUBDIRS); \
-	do (cd $$i && $(MAKE) $(MFLAGS) clean); done
-
-mostlyclean:	clean
-
-distclean:
-	for i in $(SUBDIRS);\
-	do (cd $$i && $(MAKE) $(MFLAGS) distclean); done
-	rm -f Makefile *~
-
-realclean:
-	for i in $(SUBDIRS); \
-	do (cd $$i && $(MAKE) $(MFLAGS) realclean); done
-
-.PHONY: all install uninstall clean distclean realclean mostlyclean
diff --git a/crypto/kerberosIV/appl/bsd/Makefile.in b/crypto/kerberosIV/appl/bsd/Makefile.in
deleted file mode 100644
index 57a810890094..000000000000
--- a/crypto/kerberosIV/appl/bsd/Makefile.in
+++ /dev/null
@@ -1,135 +0,0 @@
-# $Id: Makefile.in,v 1.56 1997/05/20 20:35:04 assar Exp $
-
-SHELL = /bin/sh
-
-srcdir = @srcdir@
-top_srcdir = @top_srcdir@
-VPATH = @srcdir@
-
-topdir	= ../..
-
-CC = @CC@
-AR = ar
-RANLIB = @RANLIB@
-DEFS = @DEFS@ -DBINDIR='"$(bindir)"'
-CFLAGS = @CFLAGS@
-LD_FLAGS = @LD_FLAGS@
-INSTALL = @INSTALL@
-INSTALL_PROGRAM = @INSTALL_PROGRAM@
-LIBS = @LIBS@
-LIB_DBM = @LIB_DBM@
-MKINSTALLDIRS = @top_srcdir@/mkinstalldirs
-
-prefix = @prefix@
-exec_prefix = @exec_prefix@
-libdir = @libdir@
-libexecdir = @libexecdir@
-bindir = @bindir@
-transform=@program_transform_name@
-EXECSUFFIX=@EXECSUFFIX@
-
-# Beware, these are all setuid root programs
-PROG_SUIDBIN	= rsh$(EXECSUFFIX) \
-		  rcp$(EXECSUFFIX) \
-		  rlogin$(EXECSUFFIX) \
-		  su$(EXECSUFFIX)
-PROG_BIN	= login$(EXECSUFFIX)
-PROG_LIBEXEC	= rshd$(EXECSUFFIX) \
-		  rlogind$(EXECSUFFIX)
-PROGS = $(PROG_SUIDBIN) $(PROG_BIN) $(PROG_LIBEXEC)
-
-SOURCES = rsh.c kcmd.c krcmd.c rlogin.c rcp.c rcp_util.c rshd.c \
-	login.c klogin.c login_access.c su.c rlogind.c iruserok.c \
-	login_fbtab.c forkpty.c sysv_default.c sysv_environ.c sysv_shadow.c \
-	utmp_login.c utmpx_login.c stty_default.c encrypt.c rcmd_util.c tty.c
-
-rsh_OBJS	= rsh.o kcmd.o krcmd.o encrypt.o rcmd_util.o
-rcp_OBJS	= rcp.o rcp_util.o kcmd.o krcmd.o encrypt.o rcmd_util.o
-rlogin_OBJS	= rlogin.o kcmd.o krcmd.o encrypt.o rcmd_util.o
-login_OBJS 	= login.o klogin.o login_fbtab.o login_access.o \
-		  sysv_default.o sysv_environ.o sysv_shadow.o \
-		  utmp_login.o utmpx_login.o stty_default.o tty.o
-su_OBJS		= su.o
-rshd_OBJS	= rshd.o iruserok.o encrypt.o rcmd_util.o
-rlogind_OBJS	= rlogind.o iruserok.o forkpty.o encrypt.o rcmd_util.o tty.o
-
-
-all: $(PROGS) 
-
-Wall:
-	make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__"
-
-.c.o: 
-	$(CC) -c $(CPPFLAGS) $(DEFS) -I../../include -I$(srcdir) $(CFLAGS) $<
-
-install: all
-	$(MKINSTALLDIRS) $(libexecdir)
-	for x in $(PROG_LIBEXEC); do \
-	  $(INSTALL_PROGRAM) $$x $(libexecdir)/`echo $$x| sed '$(transform)'`; \
-	done
-	$(MKINSTALLDIRS) $(bindir)
-	for x in $(PROG_BIN); do \
-	  $(INSTALL_PROGRAM) $$x $(bindir)/`echo $$x| sed '$(transform)'`; \
-	done
-	-for x in $(PROG_SUIDBIN); do \
-	  $(INSTALL_PROGRAM) -o root -m 04555 $$x $(bindir)/`echo $$x| sed '$(transform)'`; \
-	done
-
-uninstall:
-	for x in $(PROG_LIBEXEC); do \
-	  rm -f $(libexecdir)/`echo $$x| sed '$(transform)'`; \
-	done
-	for x in $(PROG_BIN); do \
-	  rm -f $(bindir)/`echo $$x| sed '$(transform)'`; \
-	done
-	for x in $(PROG_SUIDBIN); do \
-	  rm -f $(bindir)/`echo $$x| sed '$(transform)'`; \
-	done
-
-TAGS: $(SOURCES)
-	etags $(SOURCES)
-
-check:
-
-clean:
-	rm -f *.a *.o $(PROGS)
-
-mostlyclean: clean
-
-distclean: clean
-	rm -f Makefile *.tab.c *~
-
-realclean: distclean
-	rm -f TAGS
-
-dist: $(DISTFILES)
-	for file in $(DISTFILES); do \
-	  ln $$file ../`cat ../.fname`/lib \
-	    || cp -p $$file ../`cat ../.fname`/lib; \
-	done
-
-KLIB=-L../../lib/krb -lkrb -L../../lib/des -ldes
-KLIB_AFS=@KRB_KAFS_LIB@ $(KLIB)
-OTPLIB=-L../../lib/otp -lotp
-LIBROKEN=-L../../lib/roken -lroken
-
-rcp$(EXECSUFFIX): $(rcp_OBJS)
-	$(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ $(rcp_OBJS) $(KLIB_AFS) $(LIBROKEN) $(LIBS) $(LIBROKEN)
-
-rsh$(EXECSUFFIX): $(rsh_OBJS)
-	$(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ $(rsh_OBJS) $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN)
-
-rshd$(EXECSUFFIX): $(rshd_OBJS)
-	$(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ $(rshd_OBJS) $(KLIB_AFS) $(LIBROKEN) $(LIBS) $(LIBROKEN)
-
-rlogin$(EXECSUFFIX): $(rlogin_OBJS)
-	$(CC) $(LD_FLAGS) $(LDFLAGS) -o $@  $(rlogin_OBJS) $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN)
-
-rlogind$(EXECSUFFIX): $(rlogind_OBJS)
-	$(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ $(rlogind_OBJS) $(KLIB_AFS) $(LIBROKEN) $(LIBS) $(LIBROKEN)
-
-login$(EXECSUFFIX): $(login_OBJS)
-	$(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ $(login_OBJS) $(OTPLIB) $(KLIB_AFS) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN)
-
-su$(EXECSUFFIX): $(su_OBJS)
-	$(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ $(su_OBJS) $(KLIB_AFS) $(LIBROKEN) $(LIBS) $(LIBROKEN)
diff --git a/crypto/kerberosIV/appl/bsd/README.login b/crypto/kerberosIV/appl/bsd/README.login
deleted file mode 100644
index c0729690a77f..000000000000
--- a/crypto/kerberosIV/appl/bsd/README.login
+++ /dev/null
@@ -1,20 +0,0 @@
-This login has additional functionalities. They are all based on (part of)
-Wietse Venema's logdaemon package.
-
-
-The following defines can be used:
-1) LOGIN_ACCESS to allow access control on a per tty/user combination
-2) LOGALL to log all logins
-
--Guido
-
-This login has some of Berkeley's paranoid/broken (depending on your point
-of view) Kerberos code conditionalized out, so that by default it works like
-klogin does at MIT-LCS.  You can define KLOGIN_PARANOID to re-enable this code.
-This define also controls whether a warning message is printed when logging
-into a system with no krb.conf file, which usually means that Kerberos is
-not configured.
-
--GAWollman
-
-(removed S/Key,	/assar)
diff --git a/crypto/kerberosIV/appl/bsd/bsd_locl.h b/crypto/kerberosIV/appl/bsd/bsd_locl.h
deleted file mode 100644
index d0b37aa56f66..000000000000
--- a/crypto/kerberosIV/appl/bsd/bsd_locl.h
+++ /dev/null
@@ -1,380 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* $Id: bsd_locl.h,v 1.98 1997/05/25 01:14:17 assar Exp $ */
-
-#define LOGALL
-#define KERBEROS
-#define KLOGIN_PARANOID
-#define LOGIN_ACCESS
-#define PASSWD_FALLBACK
-
-#ifdef HAVE_CONFIG_H
-#include "config.h"
-#endif
-
-/* Any better way to test NO_MOTD? */
-#if (SunOS == 5) || defined(__hpux)
-#define NO_MOTD
-#endif
-
-#ifdef HAVE_SHADOW_H
-#define SYSV_SHADOW
-#endif
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include <ctype.h>
-#include <setjmp.h>
-
-#include <stdarg.h>
-
-#include <errno.h>
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef TIME_WITH_SYS_TIME
-#include <sys/time.h>
-#include <time.h>
-#elif defined(HAVE_SYS_TIME_H)
-#include <sys/time.h>
-#else
-#include <time.h>
-#endif
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
-
-#ifndef S_ISTXT
-#ifdef S_ISVTX
-#define S_ISTXT S_ISVTX
-#else
-#define S_ISTXT 0
-#endif
-#endif
-
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-#ifdef HAVE_DIRENT_H
-#include <dirent.h>
-#endif
-#include <signal.h>
-#ifdef HAVE_SYS_RESOURCE_H
-#include <sys/resource.h>
-#endif /* HAVE_SYS_RESOURCE_H */
-#ifdef HAVE_SYS_WAIT_H
-#include <sys/wait.h>
-#endif
-#ifdef HAVE_SYS_PARAM_H
-#include <sys/param.h>
-#endif
-
-#ifndef NCARGS
-#define NCARGS  0x100000 /* (absolute) max # characters in exec arglist */
-#endif
-#ifdef HAVE_PWD_H
-#include <pwd.h>
-#endif
-
-#ifdef HAVE_GRP_H
-#include <grp.h>
-#endif
-#ifdef HAVE_UTIME_H
-#include <utime.h>
-#endif
-
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_NETINET_IN_SYSTM_H
-#include <netinet/in_systm.h>
-#endif
-#ifdef HAVE_NETINET_IP_H
-#include <netinet/ip.h>
-#endif
-#ifdef HAVE_NETINET_TCP_H
-#include <netinet/tcp.h>
-#endif
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-#ifdef HAVE_NETDB_H
-#include <netdb.h>
-#endif
-
-#if defined(HAVE_SYS_IOCTL_H) && SunOS != 4
-#include <sys/ioctl.h>
-#endif
-#ifdef HAVE_SYS_IOCCOM_H
-#include <sys/ioccom.h>
-#endif
-
-#ifdef HAVE_SYS_SOCKIO_H
-#include <sys/sockio.h>
-#endif
-
-#ifdef HAVE_SYS_SELECT_H
-#include <sys/select.h>
-#endif
-
-#ifdef HAVE_SYS_FILIO_H
-#include <sys/filio.h>
-#endif
-
-#ifdef HAVE_SYS_STREAM_H
-#ifdef HAVE_SYS_UIO_H
-#include <sys/uio.h>
-#endif /* HAVE_SYS_UIO_H */
-#include <sys/stream.h>
-#endif /* HAVE_SYS_STREAM_H */
-
-#ifdef HAVE_SYS_PTYVAR_H
-#ifdef HAVE_SYS_PROC_H
-#include <sys/proc.h>
-#endif
-#ifdef HAVE_SYS_TTY_H
-#include <sys/tty.h>
-#endif
-#ifdef HAVE_SYS_PTYIO_H
-#include <sys/ptyio.h>
-#endif
-#include <sys/ptyvar.h>
-#endif /* HAVE_SYS_PTYVAR_H */
-
-/* Cray stuff */
-#ifdef HAVE_UDB_H
-#include <udb.h>
-#endif
-#ifdef HAVE_SYS_CATEGORY_H
-#include <sys/category.h>
-#endif
-
-/* Strange ioctls that are not always defined */
-
-#ifndef TIOCPKT_FLUSHWRITE
-#define TIOCPKT_FLUSHWRITE      0x02
-#endif
- 
-#ifndef TIOCPKT_NOSTOP
-#define TIOCPKT_NOSTOP  0x10
-#endif
- 
-#ifndef TIOCPKT_DOSTOP
-#define TIOCPKT_DOSTOP  0x20
-#endif
-
-#ifndef TIOCPKT
-#define TIOCPKT		_IOW('t', 112, int)   /* pty: set/clear packet mode */
-#endif
-
-#ifdef HAVE_LASTLOG_H
-#include <lastlog.h>
-#endif
-
-#ifdef HAVE_LOGIN_H
-#include <login.h>
-#endif
-
-#ifdef HAVE_TTYENT_H
-#include <ttyent.h>
-#endif
-
-#ifdef HAVE_STROPTS_H
-#include <stropts.h>
-#endif
-
-#ifdef HAVE_UTMP_H
-#include <utmp.h>
-#endif
-#ifndef UT_NAMESIZE
-#define UT_NAMESIZE     sizeof(((struct utmp *)0)->ut_name)
-#endif
-
-#ifdef HAVE_UTMPX_H
-#include <utmpx.h>
-#endif
-
-#ifdef HAVE_USERPW_H
-#include <userpw.h>
-#endif /* HAVE_USERPW_H */
-
-#ifdef HAVE_USERSEC_H
-#include <usersec.h>
-#endif /* HAVE_USERSEC_H */
-
-#ifndef PRIO_PROCESS
-#define PRIO_PROCESS 0
-#endif
-
-#include <err.h>
-
-#include <roken.h>
-
-#ifdef SOCKS
-#include <socks.h>
-#endif
-
-#include <des.h>
-#include <krb.h>
-#include <kafs.h>
-
-int kcmd(int *sock, char **ahost, u_int16_t rport, char *locuser,
-	 char *remuser, char *cmd, int *fd2p, KTEXT ticket,
-	 char *service, char *realm, CREDENTIALS *cred,
-	 Key_schedule schedule, MSG_DAT *msg_data,
-	 struct sockaddr_in *laddr, struct sockaddr_in *faddr,
-	 int32_t authopts);
-
-int krcmd(char **ahost, u_int16_t rport, char *remuser, char *cmd,
-	  int *fd2p, char *realm);
-
-int krcmd_mutual(char **ahost, u_int16_t rport, char *remuser,
-		 char *cmd,int *fd2p, char *realm,
-		 CREDENTIALS *cred, Key_schedule sched);
-
-int klogin(struct passwd *pw, char *instance, char *localhost, char *password);
-
-typedef struct {
-        int cnt;
-        char *buf;
-} BUF;
-
-char *colon(char *cp);
-int okname(char *cp0);
-int susystem(char *s, int userid);
-
-int forkpty(int *amaster, char *name,
-	    struct termios *termp, struct winsize *winp);
-
-#ifndef MODEMASK
-#define	MODEMASK	(S_ISUID|S_ISGID|S_ISTXT|S_IRWXU|S_IRWXG|S_IRWXO)
-#endif
-
-#ifdef HAVE_PATHS_H
-#include <paths.h>
-#endif
-#ifdef HAVE_MAILLOCK_H
-#include <maillock.h>
-#endif
-#include "pathnames.h"
-
-void stty_default (void);
-
-int utmpx_login(char *line, char *user, char *host);
-
-extern char **environ;
-
-void sysv_newenv(int argc, char **argv, struct passwd *pwd,
-		 char *term, int pflag);
-
-int login_access(char *user, char *from);
-#ifndef HAVE_IRUSEROK
-int iruserok(u_int32_t raddr, int superuser, const char *ruser,
-	     const char *luser);
-#endif
-void fatal(int f, const char *msg, int syserr);
-
-extern int LEFT_JUSTIFIED;
-int des_enc_read(int fd,char *buf,int len,des_key_schedule sched,
-	des_cblock *iv);
-int des_enc_write(int fd,char *buf,int len,des_key_schedule sched,
-	des_cblock *iv);
-
-void sysv_defaults(void);
-void utmp_login(char *tty, char *username, char *hostname);
-void sleepexit (int);
-
-#ifndef HAVE_SETPRIORITY
-#define setpriority(which, who, niceval) 0
-#endif
-
-#ifndef HAVE_GETPRIORITY
-#define getpriority(which, who) 0
-#endif
-
-#ifdef HAVE_TERMIOS_H
-#include <termios.h>
-#endif
-
-#ifndef _POSIX_VDISABLE
-#define _POSIX_VDISABLE 0
-#endif /* _POSIX_VDISABLE */
-#if SunOS == 4
-#include <sys/ttold.h>
-#endif
-
-#if defined(_AIX)
-#include <sys/termio.h>
-#endif
-
-#ifndef CEOF
-#define CEOF 04
-#endif
-
-/* concession to Sun */
-#ifndef SIGUSR1
-#define	SIGUSR1	30
-#endif
-
-#ifndef TIOCPKT_WINDOW
-#define TIOCPKT_WINDOW 0x80
-#endif
-
-int get_shell_port(int kerberos, int encryption);
-int get_login_port(int kerberos, int encryption);
-int speed_t2int (speed_t);
-speed_t int2speed_t (int);
-void ip_options_and_die (int sock, struct sockaddr_in *);
-void warning(const char *fmt, ...)
-#ifdef __GNUC__
-__attribute__ ((format (printf, 1, 2)))
-#endif
-;
-
-char *clean_ttyname (char *tty);
-char *make_id (char *tty);
-void prepare_utmp (struct utmp *utmp, char *tty, char *username,
-		   char *hostname);
diff --git a/crypto/kerberosIV/appl/bsd/encrypt.c b/crypto/kerberosIV/appl/bsd/encrypt.c
deleted file mode 100644
index b74f329c4d79..000000000000
--- a/crypto/kerberosIV/appl/bsd/encrypt.c
+++ /dev/null
@@ -1,311 +0,0 @@
-/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au)
- * All rights reserved.
- * 
- * This file is part of an SSL implementation written
- * by Eric Young (eay@mincom.oz.au).
- * The implementation was written so as to conform with Netscapes SSL
- * specification.  This library and applications are
- * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE
- * as long as the following conditions are aheared to.
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.  If this code is used in a product,
- * Eric Young should be given attribution as the author of the parts used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    This product includes software developed by Eric Young (eay@mincom.oz.au)
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "bsd_locl.h"
-
-RCSID("$Id: encrypt.c,v 1.3 1996/04/30 13:50:54 bg Exp $");
-
-#undef BSIZE
-
-/* used in des_read and des_write */
-#define MAXWRITE	(1024*16)
-#define BSIZE		(MAXWRITE+4)
-
-/* replacements for htonl and ntohl since I have no idea what to do
- * when faced with machines with 8 byte longs. */
-#define HDRSIZE 4
-
-#define n2l(c,l)	(l =((u_int32_t)(*((c)++)))<<24, \
-			 l|=((u_int32_t)(*((c)++)))<<16, \
-			 l|=((u_int32_t)(*((c)++)))<< 8, \
-			 l|=((u_int32_t)(*((c)++))))
-
-#define l2n(l,c)	(*((c)++)=(unsigned char)(((l)>>24)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
-			 *((c)++)=(unsigned char)(((l)    )&0xff))
-
-/* This has some uglies in it but it works - even over sockets. */
-extern int errno;
-int des_rw_mode=DES_PCBC_MODE;
-int LEFT_JUSTIFIED = 0;
-
-int
-des_enc_read(int fd, char *buf, int len, struct des_ks_struct *sched, des_cblock *iv)
-{
-  /* data to be unencrypted */
-  int net_num=0;
-  unsigned char net[BSIZE];
-  /* extra unencrypted data 
-   * for when a block of 100 comes in but is des_read one byte at
-   * a time. */
-  static char unnet[BSIZE];
-  static int unnet_start=0;
-  static int unnet_left=0;
-  int i;
-  long num=0,rnum;
-  unsigned char *p;
-
-  /* left over data from last decrypt */
-  if (unnet_left != 0)
-    {
-      if (unnet_left < len)
-	{
-	  /* we still still need more data but will return
-	   * with the number of bytes we have - should always
-	   * check the return value */
-	  memcpy(buf,&(unnet[unnet_start]),unnet_left);
-	  /* eay 26/08/92 I had the next 2 lines
-	   * reversed :-( */
-	  i=unnet_left;
-	  unnet_start=unnet_left=0;
-	}
-      else
-	{
-	  memcpy(buf,&(unnet[unnet_start]),len);
-	  unnet_start+=len;
-	  unnet_left-=len;
-	  i=len;
-	}
-      return(i);
-    }
-
-  /* We need to get more data. */
-  if (len > MAXWRITE) len=MAXWRITE;
-
-  /* first - get the length */
-  net_num=0;
-  while (net_num < HDRSIZE) 
-    {
-      i=read(fd,&(net[net_num]),(unsigned int)HDRSIZE-net_num);
-      if ((i == -1) && (errno == EINTR)) continue;
-      if (i <= 0) return(0);
-      net_num+=i;
-    }
-
-  /* we now have at net_num bytes in net */
-  p=net;
-  num=0;
-  n2l(p,num);
-  /* num should be rounded up to the next group of eight
-   * we make sure that we have read a multiple of 8 bytes from the net.
-   */
-  if ((num > MAXWRITE) || (num < 0)) /* error */
-    return(-1);
-  rnum=(num < 8)?8:((num+7)/8*8);
-
-  net_num=0;
-  while (net_num < rnum)
-    {
-      i=read(fd,&(net[net_num]),(unsigned int)rnum-net_num);
-      if ((i == -1) && (errno == EINTR)) continue;
-      if (i <= 0) return(0);
-      net_num+=i;
-    }
-
-  /* Check if there will be data left over. */
-  if (len < num)
-    {
-      if (des_rw_mode & DES_PCBC_MODE)
-	des_pcbc_encrypt((des_cblock *)net,(des_cblock *)unnet,
-		     num,sched,iv,DES_DECRYPT);
-      else
-	des_cbc_encrypt((des_cblock *)net,(des_cblock *)unnet,
-		    num,sched,iv,DES_DECRYPT);
-      memcpy(buf,unnet,len);
-      unnet_start=len;
-      unnet_left=num-len;
-
-      /* The following line is done because we return num
-       * as the number of bytes read. */
-      num=len;
-    }
-  else
-    {
-      /* >output is a multiple of 8 byes, if len < rnum
-       * >we must be careful.  The user must be aware that this
-       * >routine will write more bytes than he asked for.
-       * >The length of the buffer must be correct.
-       * FIXED - Should be ok now 18-9-90 - eay */
-      if (len < rnum)
-	{
-	  char tmpbuf[BSIZE];
-
-	  if (des_rw_mode & DES_PCBC_MODE)
-	    des_pcbc_encrypt((des_cblock *)net,
-			 (des_cblock *)tmpbuf,
-			 num,sched,iv,DES_DECRYPT);
-	  else
-	    des_cbc_encrypt((des_cblock *)net,
-			(des_cblock *)tmpbuf,
-			num,sched,iv,DES_DECRYPT);
-
-	  /* eay 26/08/92 fix a bug that returned more
-	   * bytes than you asked for (returned len bytes :-( */
-	  if (LEFT_JUSTIFIED || (len >= 8))
-	      memcpy(buf,tmpbuf,num);
-	  else
-	      memcpy(buf,tmpbuf+(8-num),num); /* Right justified */
-	}
-      else if (num >= 8)
-	{
-	  if (des_rw_mode & DES_PCBC_MODE)
-	    des_pcbc_encrypt((des_cblock *)net,
-			 (des_cblock *)buf,num,sched,iv,
-			 DES_DECRYPT);
-	  else
-	    des_cbc_encrypt((des_cblock *)net,
-			(des_cblock *)buf,num,sched,iv,
-			DES_DECRYPT);
-	}
-      else
-	{
-	  if (des_rw_mode & DES_PCBC_MODE)
-	    des_pcbc_encrypt((des_cblock *)net,
-			 (des_cblock *)buf,8,sched,iv,
-			 DES_DECRYPT);
-	  else
-	    des_cbc_encrypt((des_cblock *)net,
-			(des_cblock *)buf,8,sched,iv,
-			DES_DECRYPT);
-	  if (!LEFT_JUSTIFIED)
-	      memcpy(buf, buf+(8-num), num); /* Right justified */
-	}
-    }
-  return(num);
-}
-
-int
-des_enc_write(int fd, char *buf, int len, struct des_ks_struct *sched, des_cblock *iv)
-{
-  long rnum;
-  int i,j,k,outnum;
-  char outbuf[BSIZE+HDRSIZE];
-  char shortbuf[8];
-  char *p;
-  static int start=1;
-
-  /* If we are sending less than 8 bytes, the same char will look
-   * the same if we don't pad it out with random bytes */
-  if (start)
-    {
-      start=0;
-      srand(time(NULL));
-    }
-
-  /* lets recurse if we want to send the data in small chunks */
-  if (len > MAXWRITE)
-    {
-      j=0;
-      for (i=0; i<len; i+=k)
-	{
-	  k=des_enc_write(fd,&(buf[i]),
-			  ((len-i) > MAXWRITE)?MAXWRITE:(len-i),sched,iv);
-	  if (k < 0)
-	    return(k);
-	  else
-	    j+=k;
-	}
-      return(j);
-    }
-
-  /* write length first */
-  p=outbuf;
-  l2n(len,p);
-
-  /* pad short strings */
-  if (len < 8)
-    {
-	if (LEFT_JUSTIFIED)
-	    {
-		p=shortbuf;
-		memcpy(shortbuf,buf,(unsigned int)len);
-		for (i=len; i<8; i++)
-		    shortbuf[i]=rand();
-		rnum=8;
-	    }
-	else
-	    {
-		p=shortbuf;
-		for (i=0; i<8-len; i++)
-		    shortbuf[i]=rand();
-		memcpy(shortbuf + 8 - len, buf, len);
-		rnum=8;
-	    }
-    }
-  else
-    {
-      p=buf;
-      rnum=((len+7)/8*8);	/* round up to nearest eight */
-    }
-
-  if (des_rw_mode & DES_PCBC_MODE)
-    des_pcbc_encrypt((des_cblock *)p,(des_cblock *)&(outbuf[HDRSIZE]),
-		 (long)((len<8)?8:len),sched,iv,DES_ENCRYPT); 
-  else
-    des_cbc_encrypt((des_cblock *)p,(des_cblock *)&(outbuf[HDRSIZE]),
-		(long)((len<8)?8:len),sched,iv,DES_ENCRYPT); 
-
-  /* output */
-  outnum=rnum+HDRSIZE;
-
-  for (j=0; j<outnum; j+=i)
-    {
-      /* eay 26/08/92 I was not doing writing from where we
-       * got upto. */
-      i=write(fd,&(outbuf[j]),(unsigned int)(outnum-j));
-      if (i == -1)
-	{
-	  if (errno == EINTR)
-	    i=0;
-	  else			/* This is really a bad error - very bad
-				 * It will stuff-up both ends. */
-	    return(-1);
-	}
-    }
-
-  return(len);
-}
diff --git a/crypto/kerberosIV/appl/bsd/forkpty.c b/crypto/kerberosIV/appl/bsd/forkpty.c
deleted file mode 100644
index 5c0aaafa40aa..000000000000
--- a/crypto/kerberosIV/appl/bsd/forkpty.c
+++ /dev/null
@@ -1,461 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "bsd_locl.h"
-
-#ifndef HAVE_FORKPTY
-
-RCSID("$Id: forkpty.c,v 1.52 1997/05/25 07:37:01 assar Exp $");
-
-/* Only CRAY is known to have problems with forkpty(). */
-#if defined(CRAY)
-static int forkpty_ok = 0;
-#else
-static int forkpty_ok = 1;
-#endif
-
-#ifndef HAVE_PTSNAME
-static char *ptsname(int fd)
-{
-#ifdef HAVE_TTYNAME
-  return ttyname(fd);
-#else
-  return NULL;
-#endif
-}
-#endif
-
-#ifndef HAVE_GRANTPT
-#define grantpt(fdm) (0)
-#endif
-
-#ifndef HAVE_UNLOCKPT
-#define unlockpt(fdm) (0)
-#endif
-
-#ifndef HAVE_VHANGUP
-#define vhangup() (0)
-#endif
-
-#ifndef HAVE_REVOKE
-static
-void
-revoke(char *line)
-{
-    int slave;
-    RETSIGTYPE (*ofun)();
-
-    if ( (slave = open(line, O_RDWR)) < 0)
-	return;
-    
-    ofun = signal(SIGHUP, SIG_IGN);
-    vhangup();
-    signal(SIGHUP, ofun);
-    /*
-     * Some systems (atleast SunOS4) want to have the slave end open
-     * at all times to prevent a race in the child. Login will close
-     * it so it should really not be a problem. However for the
-     * paranoid we use the close on exec flag so it will only be open
-     * in the parent. Additionally since this will be the controlling
-     * tty of rlogind the final vhangup() in rlogind should hangup all
-     * processes. A working revoke would of course have been prefered
-     * though (sigh).
-     */
-    fcntl(slave, F_SETFD, 1);
-    /* close(slave); */
-}
-#endif
-
-
-static int pty_major, pty_minor;
-
-static void
-pty_scan_start(void)
-{
-    pty_major = -1;
-    pty_minor = 0;
-}
-
-static char *bsd_1 = "0123456789abcdefghijklmnopqrstuv";
-/* there are many more */
-static char *bsd_2 = "pqrstuvwxyzabcdefghijklmnoABCDEFGHIJKLMNOPQRSTUVWXYZ";
-
-static int
-pty_scan_next(char *buf, size_t sz)
-{
-#ifdef CRAY
-    if(++pty_major >= sysconf(_SC_CRAY_NPTY))
-	return -1;
-    snprintf(buf, sz, "/dev/pty/%03d", pty_major);
-#else
-    if(++pty_major == strlen(bsd_1)){
-	pty_major = 0;
-	if(++pty_minor == strlen(bsd_2))
-	    return -1;
-    }
-#ifdef __hpux
-    snprintf(buf, sz, "/dev/ptym/pty%c%c", bsd_2[pty_major], bsd_1[pty_minor]);
-#else
-    snprintf(buf, sz, "/dev/pty%c%c", bsd_2[pty_major], bsd_1[pty_minor]);
-#endif /* __hpux */
-#endif /* CRAY */
-    return 0;
-}
-
-static void
-pty_scan_tty(char *buf, size_t sz)
-{
-#ifdef CRAY
-    snprintf(buf, sz, "/dev/ttyp%03d", pty_major);
-#elif defined(__hpux)
-    snprintf(buf, sz, "/dev/pty/tty%c%c", bsd_2[pty_major], bsd_1[pty_minor]);
-#else
-    snprintf(buf, sz, "/dev/tty%c%c", bsd_2[pty_major], bsd_1[pty_minor]);
-#endif
-}
-
-static int
-ptym_open_streams_flavor(char *pts_name, int *streams_pty)
-{
-    /* Try clone device master ptys */
-    const char *const clone[] = { "/dev/ptc", "/dev/ptmx",
-				  "/dev/ptm", "/dev/ptym/clone", 0 };
-    int	fdm;
-    const char *const *q;
-    
-    for (q = clone; *q; q++) {
-	fdm = open(*q, O_RDWR);
-	if (fdm >= 0)
-	    break;
-    }
-    if (fdm >= 0) {
-	char *ptr1;
-	if ((ptr1 = ptsname(fdm)) != NULL) /* Get slave's name */
-	    strcpy(pts_name, ptr1); /* Return name of slave */  
-	else {
-	    close(fdm);
-	    return(-4);
-	}
-	if (grantpt(fdm) < 0) {	/* Grant access to slave */
-	    close(fdm);
-	    return(-2);
-	}
-	if (unlockpt(fdm) < 0) {	/* Clear slave's lock flag */
-	    close(fdm);
-	    return(-3);
-	}
-	return(fdm);			/* return fd of master */
-    }
-    return -1;
-}
-
-static int
-ptym_open_bsd_flavor(char *pts_name, int *streams_pty)
-{
-    int fdm;
-    char ptm[MaxPathLen];
-
-    pty_scan_start();
-
-    while (pty_scan_next(ptm, sizeof(ptm)) != -1) {
-	fdm = open(ptm, O_RDWR);
-	if (fdm < 0)
-	    continue;
-#if SunOS == 4
-	/* Avoid a bug in SunOS4 ttydriver */
-	if (fdm > 0) {
-	    int pgrp;
-	    if ((ioctl(fdm, TIOCGPGRP, &pgrp) == -1)
-		&& (errno == EIO))
-		/* All fine */;
-	    else {
-		close(fdm);
-		continue;
-	    }
-	}
-#endif
-	pty_scan_tty(pts_name, sizeof(ptm));
-#if CRAY
-	/* this is some magic from the telnet code */
-	{
-	    struct stat sb;
-	    if(stat(pts_name, &sb) < 0) {
-		close(fdm);
-		continue;
-	    }
-	    if(sb.st_uid || sb.st_gid || sb.st_mode != 0600) {
-		chown(pts_name, 0, 0);
-		chmod(pts_name, 0600);
-		close(fdm);
-		fdm = open(ptm, 2);
-		if (fdm < 0)
-		    continue;
-	    }
-	}
-	/*
-	 * Now it should be safe...check for accessability.
-	 */
-	if (access(pts_name, 6) != 0){
-	    /* no tty side to pty so skip it */
-	    close(fdm);
-	    continue;
-	}
-#endif
-	return fdm;	/* All done! */
-    }
-    
-    /* We failed to find BSD style pty */
-    errno = ENOENT;
-    return -1;
-}
-
-/*
- *
- * Open a master pty either using the STREAM flavor or the BSD flavor.
- * Depending on if there are any free ptys in the different classes we
- * need to try both. Normally try STREAMS first and then BSD.
- *
- * Kludge alert: Under HP-UX 10 and perhaps other systems STREAM ptys
- * doesn't get initialized properly so we try them in different order
- * until the problem has been resolved.
- *
- */
-static int
-ptym_open(char *pts_name, size_t pts_name_sz, int *streams_pty)
-{
-    int	fdm;
-
-#ifdef HAVE__GETPTY
-    {
-	char *p = _getpty(&fdm, O_RDWR, 0600, 1);
-	if (p) {
-	    *streams_pty = 1;
-	    strcpy (pts_name, p);
-	    return fdm;
-	}
-    }
-#endif
-
-#ifdef STREAMSPTY
-    fdm = ptym_open_streams_flavor(pts_name, streams_pty);
-    if (fdm >= 0)
-      {
-	*streams_pty = 1;
-	return fdm;
-      }
-#endif
-    
-    fdm = ptym_open_bsd_flavor(pts_name, streams_pty);
-    if (fdm >= 0)
-      {
-	*streams_pty = 0;
-	return fdm;
-      }
-
-#ifndef STREAMSPTY
-    fdm = ptym_open_streams_flavor(pts_name, streams_pty);
-    if (fdm >= 0)
-      {
-	*streams_pty = 1;
-	return fdm;
-      }
-#endif
-    
-    return -1;
-}
-
-static int
-maybe_push_modules(int fd, char **modules)
-{
-#ifdef I_PUSH
-  char **p;
-  int err;
-
-  for(p=modules; *p; p++){
-    err=ioctl(fd, I_FIND, *p);
-    if(err == 1)
-      break;
-    if(err < 0 && errno != EINVAL)
-      return -17;
-    /* module not pushed or does not exist */
-  }
-  /* p points to null or to an already pushed module, now push all
-     modules before this one */
-
-  for(p--; p >= modules; p--){
-    err = ioctl(fd, I_PUSH, *p);
-    if(err < 0 && errno != EINVAL)
-      return -17;
-  }
-#endif
-  return 0;
-}
-
-static int
-ptys_open(int fdm, char *pts_name, int streams_pty)
-{
-    int fds;
-
-    if (streams_pty) {
-	/* Streams style slave ptys */
-	if ( (fds = open(pts_name, O_RDWR)) < 0) {
-	    close(fdm);
-	    return(-5);
-	}
-
-	{
-	  char *ttymodules[] = { "ttcompat", "ldterm", "ptem", NULL };
-	  char *ptymodules[] = { "pckt", NULL };
-	  
-	  if(maybe_push_modules(fds, ttymodules)<0){
-	    close(fdm);
-	    close(fds);
-	    return -6;
-	  }
-	  if(maybe_push_modules(fdm, ptymodules)<0){
-	    close(fdm);
-	    close(fds);
-	    return -7;
-	  }
-	}
-    } else {
-        /* BSD style slave ptys */
-	struct group *grptr;
-	int gid;
-	if ( (grptr = getgrnam("tty")) != NULL)
-	    gid = grptr->gr_gid;
-	else
-	    gid = -1;	/* group tty is not in the group file */
-
-	/* Grant access to slave */
-	chown(pts_name, getuid(), gid);
-	chmod(pts_name, S_IRUSR | S_IWUSR | S_IWGRP);
-
-	if ( (fds = open(pts_name, O_RDWR)) < 0) {
-	    close(fdm);
-	    return(-1);
-	}
-    }
-    return(fds);
-}
-
-int
-forkpty(int *ptrfdm,
-	char *slave_name,
-	struct termios *slave_termios,
-	struct winsize *slave_winsize)
-{
-    int		fdm, fds, streams_pty;
-    pid_t	pid;
-    char	pts_name[20];
-
-    if (!forkpty_ok)
-        fatal(0, "Protocol not yet supported, use telnet", 0);
-
-    if ( (fdm = ptym_open(pts_name, sizeof(pts_name), &streams_pty)) < 0)
-	return -1;
-
-    if (slave_name != NULL)
-	strcpy(slave_name, pts_name);	/* Return name of slave */
-
-    pid = fork();
-    if (pid < 0)
-	return(-1);
-    else if (pid == 0) {		/* Child */
-	if (setsid() < 0)
-	    fatal(0, "setsid() failure", errno);
-
-        revoke(slave_name);
-
-#if defined(NeXT) || defined(ultrix)
-	/* The NeXT is severely broken, this makes things slightly
-	 * better but we still doesn't get a working pty. If there
-	 * where a TIOCSCTTY we could perhaps fix things but... The
-	 * same problem also exists in xterm! */
-	if (setpgrp(0, 0) < 0)
-	    fatal(0, "NeXT kludge failed setpgrp", errno);
-#endif
-
-	/* SVR4 acquires controlling terminal on open() */
-	if ( (fds = ptys_open(fdm, pts_name, streams_pty)) < 0)
-	    return -1;
-	close(fdm);		/* All done with master in child */
-	
-#if	defined(TIOCSCTTY) && !defined(CIBAUD) && !defined(__hpux)
-	/* 44BSD way to acquire controlling terminal */
-	/* !CIBAUD to avoid doing this under SunOS */
-	if (ioctl(fds, TIOCSCTTY, (char *) 0) < 0)
-	    return -1;
-#endif
-#if defined(NeXT)
-	{
-	    int t = open("/dev/tty", O_RDWR);
-	    if (t < 0)
-	        fatal(0, "Failed to open /dev/tty", errno);
-	    close(fds);
-	    fds = t;
-	}
-#endif
-	/* Set slave's termios and window size */
-	if (slave_termios != NULL) {
-	    if (tcsetattr(fds, TCSANOW, slave_termios) < 0)
-		return -1;
-	}
-#ifdef TIOCSWINSZ
-	if (slave_winsize != NULL) {
-	    if (ioctl(fds, TIOCSWINSZ, slave_winsize) < 0)
-		return -1;
-	}
-#endif
-	/* slave becomes stdin/stdout/stderr of child */
-	if (dup2(fds, STDIN_FILENO) != STDIN_FILENO)
-	    return -1;
-	if (dup2(fds, STDOUT_FILENO) != STDOUT_FILENO)
-	    return -1;
-	if (dup2(fds, STDERR_FILENO) != STDERR_FILENO)
-	    return -1;
-	if (fds > STDERR_FILENO)
-	    close(fds);
-	return(0);		/* child returns 0 just like fork() */
-    }
-    else {			/* Parent */
-	*ptrfdm = fdm;	/* Return fd of master */
-	return(pid);	/* Parent returns pid of child */
-    }
-}
-#endif /* HAVE_FORKPTY */
diff --git a/crypto/kerberosIV/appl/bsd/iruserok.c b/crypto/kerberosIV/appl/bsd/iruserok.c
deleted file mode 100644
index 8349d8526ab8..000000000000
--- a/crypto/kerberosIV/appl/bsd/iruserok.c
+++ /dev/null
@@ -1,279 +0,0 @@
-/*
- * Copyright (c) 1983, 1993, 1994
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "bsd_locl.h"
-
-RCSID("$Id: iruserok.c,v 1.15 1997/03/23 04:54:00 assar Exp $");
-
-#ifndef HAVE_IRUSEROK
-
-int     __check_rhosts_file = 1;
-char    *__rcmd_errstr = 0;
-
-/*
- * Returns "true" if match, 0 if no match.
- */
-static
-int
-__icheckhost(u_int32_t raddr, const char *lhost)
-{
-	struct hostent *hp;
-	u_long laddr;
-	char **pp;
-
-	/* Try for raw ip address first. */
-	if (isdigit(*lhost) && (long)(laddr = inet_addr(lhost)) != -1)
-		return (raddr == laddr);
-
-	/* Better be a hostname. */
-	if ((hp = gethostbyname(lhost)) == NULL)
-		return (0);
-
-	/* Spin through ip addresses. */
-	for (pp = hp->h_addr_list; *pp; ++pp)
-	        if (memcmp(&raddr, *pp, sizeof(u_long)) == 0)
-			return (1);
-
-	/* No match. */
-	return (0);
-}
-
-#ifndef HAVE_INNETGR
-static int
-innetgr(const char *netgroup, const char *machine, 
-	const char *user, const char *domain)
-{
-    return 0;
-}
-#endif
-
-/*
- * Returns 0 if ok, -1 if not ok.
- */
-static
-int
-__ivaliduser(FILE *hostf, u_int32_t raddr, const char *luser,
-	     const char *ruser)
-{
-	char *user, *p;
-	int ch;
-	char buf[MaxHostNameLen + 128];		/* host + login */
-	char hname[MaxHostNameLen];
-	struct hostent *hp;
-	/* Presumed guilty until proven innocent. */
-	int userok = 0, hostok = 0;
-#ifdef HAVE_YP_GET_DEFAULT_DOMAIN
-	char *ypdomain;
-
-	if (yp_get_default_domain(&ypdomain))
-		ypdomain = NULL;
-#else
-#define	ypdomain NULL
-#endif
-	/* We need to get the damn hostname back for netgroup matching. */
-	if ((hp = gethostbyaddr((char *)&raddr,
-				sizeof(u_long),
-				AF_INET)) == NULL)
-		return (-1);
-	strncpy(hname, hp->h_name, sizeof(hname));
-	hname[sizeof(hname) - 1] = '\0';
-
-	while (fgets(buf, sizeof(buf), hostf)) {
-		p = buf;
-		/* Skip lines that are too long. */
-		if (strchr(p, '\n') == NULL) {
-			while ((ch = getc(hostf)) != '\n' && ch != EOF);
-			continue;
-		}
-		if (*p == '\n' || *p == '#') {
-			/* comment... */
-			continue;
-		}
-		while (*p != '\n' && *p != ' ' && *p != '\t' && *p != '\0') {
-			*p = isupper(*p) ? tolower(*p) : *p;
-			p++;
-		}
-		if (*p == ' ' || *p == '\t') {
-			*p++ = '\0';
-			while (*p == ' ' || *p == '\t')
-				p++;
-			user = p;
-			while (*p != '\n' && *p != ' ' &&
-			    *p != '\t' && *p != '\0')
-				p++;
-		} else
-			user = p;
-		*p = '\0';
-		/*
-		 * Do +/- and +@/-@ checking. This looks really nasty,
-		 * but it matches SunOS's behavior so far as I can tell.
-		 */
-		switch(buf[0]) {
-		case '+':
-			if (!buf[1]) {     /* '+' matches all hosts */
-				hostok = 1;
-				break;
-			}
-			if (buf[1] == '@')  /* match a host by netgroup */
-				hostok = innetgr((char *)&buf[2],
-					(char *)&hname, NULL, ypdomain);
-			else		/* match a host by addr */
-				hostok = __icheckhost(raddr,(char *)&buf[1]);
-			break;
-		case '-':     /* reject '-' hosts and all their users */
-			if (buf[1] == '@') {
-				if (innetgr((char *)&buf[2],
-					      (char *)&hname, NULL, ypdomain))
-					return(-1);
-			} else {
-				if (__icheckhost(raddr,(char *)&buf[1]))
-					return(-1);
-			}
-			break;
-		default:  /* if no '+' or '-', do a simple match */
-			hostok = __icheckhost(raddr, buf);
-			break;
-		}
-		switch(*user) {
-		case '+':
-			if (!*(user+1)) {      /* '+' matches all users */
-				userok = 1;
-				break;
-			}
-			if (*(user+1) == '@')  /* match a user by netgroup */
-				userok = innetgr(user+2, NULL, (char *)ruser,
-						 ypdomain);
-			else	   /* match a user by direct specification */
-				userok = !(strcmp(ruser, user+1));
-			break;
-		case '-': 		/* if we matched a hostname, */
-			if (hostok) {   /* check for user field rejections */
-				if (!*(user+1))
-					return(-1);
-				if (*(user+1) == '@') {
-					if (innetgr(user+2, NULL,
-						    (char *)ruser, ypdomain))
-						return(-1);
-				} else {
-					if (!strcmp(ruser, user+1))
-						return(-1);
-				}
-			}
-			break;
-		default:	/* no rejections: try to match the user */
-			if (hostok)
-				userok = !(strcmp(ruser,*user ? user : luser));
-			break;
-		}
-		if (hostok && userok)
-			return(0);
-	}
-	return (-1);
-}
-
-/*
- * New .rhosts strategy: We are passed an ip address. We spin through
- * hosts.equiv and .rhosts looking for a match. When the .rhosts only
- * has ip addresses, we don't have to trust a nameserver.  When it
- * contains hostnames, we spin through the list of addresses the nameserver
- * gives us and look for a match.
- *
- * Returns 0 if ok, -1 if not ok.
- */
-int
-iruserok(u_int32_t raddr, int superuser, const char *ruser, const char *luser)
-{
-	char *cp;
-	struct stat sbuf;
-	struct passwd *pwd;
-	FILE *hostf;
-	uid_t uid;
-	int first;
-	char pbuf[MaxPathLen];
-
-	first = 1;
-	hostf = superuser ? NULL : fopen(_PATH_HEQUIV, "r");
-again:
-	if (hostf) {
-		if (__ivaliduser(hostf, raddr, luser, ruser) == 0) {
-			fclose(hostf);
-			return (0);
-		}
-		fclose(hostf);
-	}
-	if (first == 1 && (__check_rhosts_file || superuser)) {
-		first = 0;
-		if ((pwd = k_getpwnam((char*)luser)) == NULL)
-			return (-1);
-		strcpy(pbuf, pwd->pw_dir);
-		strcat(pbuf, "/.rhosts");
-
-		/*
-		 * Change effective uid while opening .rhosts.  If root and
-		 * reading an NFS mounted file system, can't read files that
-		 * are protected read/write owner only.
-		 */
-		uid = geteuid();
-		seteuid(pwd->pw_uid);
-		hostf = fopen(pbuf, "r");
-		seteuid(uid);
-
-		if (hostf == NULL)
-			return (-1);
-		/*
-		 * If not a regular file, or is owned by someone other than
-		 * user or root or if writeable by anyone but the owner, quit.
-		 */
-		cp = NULL;
-		if (lstat(pbuf, &sbuf) < 0)
-			cp = ".rhosts lstat failed";
-		else if (!S_ISREG(sbuf.st_mode))
-			cp = ".rhosts not regular file";
-		else if (fstat(fileno(hostf), &sbuf) < 0)
-			cp = ".rhosts fstat failed";
-		else if (sbuf.st_uid && sbuf.st_uid != pwd->pw_uid)
-			cp = "bad .rhosts owner";
-		else if (sbuf.st_mode & (S_IWGRP|S_IWOTH))
-			cp = ".rhosts writeable by other than owner";
-		/* If there were any problems, quit. */
-		if (cp) {
-			__rcmd_errstr = cp;
-			fclose(hostf);
-			return (-1);
-		}
-		goto again;
-	}
-	return (-1);
-}
-
-#endif /* !HAVE_IRUSEROK */
diff --git a/crypto/kerberosIV/appl/bsd/kcmd.c b/crypto/kerberosIV/appl/bsd/kcmd.c
deleted file mode 100644
index 9fa7ab285aac..000000000000
--- a/crypto/kerberosIV/appl/bsd/kcmd.c
+++ /dev/null
@@ -1,270 +0,0 @@
-/*
- * Copyright (c) 1983, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "bsd_locl.h"
-
-RCSID("$Id: kcmd.c,v 1.19 1997/05/02 14:27:42 assar Exp $");
-
-#define	START_PORT	5120	 /* arbitrary */
-
-static int
-getport(int *alport)
-{
-	struct sockaddr_in sin;
-	int s;
-
-	sin.sin_family = AF_INET;
-	sin.sin_addr.s_addr = INADDR_ANY;
-	s = socket(AF_INET, SOCK_STREAM, 0);
-	if (s < 0)
-		return (-1);
-	for (;;) {
-		sin.sin_port = htons((u_short)*alport);
-		if (bind(s, (struct sockaddr *)&sin, sizeof(sin)) >= 0)
-			return (s);
-		if (errno != EADDRINUSE) {
-			close(s);
-			return (-1);
-		}
-		(*alport)--;
-#ifdef ATHENA_COMPAT
-		if (*alport == IPPORT_RESERVED/2) {
-#else
-		if (*alport == IPPORT_RESERVED) {
-#endif
-			close(s);
-			errno = EAGAIN;		/* close */
-			return (-1);
-		}
-	}
-}
-
-int
-kcmd(int *sock,
-     char **ahost,
-     u_int16_t rport, 
-     char *locuser,
-     char *remuser,
-     char *cmd,
-     int *fd2p,
-     KTEXT ticket,
-     char *service,
-     char *realm,
-     CREDENTIALS *cred,
-     Key_schedule schedule,
-     MSG_DAT *msg_data,
-     struct sockaddr_in *laddr,
-     struct sockaddr_in *faddr,
-     int32_t authopts)
-{
-	int s, timo = 1;
-	pid_t pid;
-	struct sockaddr_in sin, from;
-	char c;
-#ifdef ATHENA_COMPAT
-	int lport = IPPORT_RESERVED - 1;
-#else
-	int lport = START_PORT;
-#endif
-	struct hostent *hp;
-	int rc;
-	char *host_save;
-	int status;
-
-	pid = getpid();
-	hp = gethostbyname(*ahost);
-	if (hp == NULL) {
-		/* fprintf(stderr, "%s: unknown host\n", *ahost); */
-		return (-1);
-	}
-
-	host_save = strdup(hp->h_name);
-	if (host_save == NULL)
-		return -1;
-	*ahost = host_save;
-
-	/* If realm is null, look up from table */
-	if (realm == NULL || realm[0] == '\0')
-		realm = krb_realmofhost(host_save);
-
-	for (;;) {
-		s = getport(&lport);
-		if (s < 0) {
-			if (errno == EAGAIN)
-				warnx("kcmd(socket): All ports in use\n");
-			else
-				warn("kcmd: socket");
-			return (-1);
-		}
-		sin.sin_family = hp->h_addrtype;
-		memcpy (&sin.sin_addr, hp->h_addr, sizeof(sin.sin_addr));
-		sin.sin_port = rport;
-		if (connect(s, (struct sockaddr *)&sin, sizeof(sin)) >= 0)
-			break;
-		close(s);
-		if (errno == EADDRINUSE) {
-			lport--;
-			continue;
-		}
-		/*
-		 * don't wait very long for Kerberos rcmd.
-		 */
-		if (errno == ECONNREFUSED && timo <= 4) {
-			/* sleep(timo); don't wait at all here */
-			timo *= 2;
-			continue;
-		}
-		if (hp->h_addr_list[1] != NULL) {
-			warn ("kcmd: connect (%s)",
-			      inet_ntoa(sin.sin_addr));
-			hp->h_addr_list++;
-			memcpy(&sin.sin_addr,
-			       hp->h_addr_list[0], 
-			       sizeof(sin.sin_addr));
-			fprintf(stderr, "Trying %s...\n",
-				inet_ntoa(sin.sin_addr));
-			continue;
-		}
-		if (errno != ECONNREFUSED)
-			warn ("connect(%s)", hp->h_name);
-		return (-1);
-	}
-	lport--;
-	if (fd2p == 0) {
-		write(s, "", 1);
-		lport = 0;
-	} else {
-		char num[8];
-		int s2 = getport(&lport), s3;
-		int len = sizeof(from);
-
-		if (s2 < 0) {
-			status = -1;
-			goto bad;
-		}
-		listen(s2, 1);
-		snprintf(num, sizeof(num), "%d", lport);
-		if (write(s, num, strlen(num) + 1) != strlen(num) + 1) {
-			warn("kcmd(write): setting up stderr");
-			close(s2);
-			status = -1;
-			goto bad;
-		}
-		{
-		    fd_set fds;
-		    FD_ZERO(&fds);
-		    FD_SET(s, &fds);
-		    FD_SET(s2, &fds);
-		    status = select(FD_SETSIZE, &fds, NULL, NULL, NULL);
-		    if(FD_ISSET(s, &fds)){
-			warnx("kcmd: connection unexpectedly closed.");
-			close(s2);
-			status = -1;
-			goto bad;
-		    }
-		}
-		s3 = accept(s2, (struct sockaddr *)&from, &len);
-		close(s2);
-		if (s3 < 0) {
-			warn ("kcmd: accept");
-			lport = 0;
-			status = -1;
-			goto bad;
-		}
-		
-		*fd2p = s3;
-		from.sin_port = ntohs((u_short)from.sin_port);
-		if (from.sin_family != AF_INET ||
-		    from.sin_port >= IPPORT_RESERVED) {
-			warnx("kcmd(socket): "
-			      "protocol failure in circuit setup.");
-			status = -1;
-			goto bad2;
-		}
-	}
-	/*
-	 * Kerberos-authenticated service.  Don't have to send locuser,
-	 * since its already in the ticket, and we'll extract it on
-	 * the other side.
-	 */
-	/* write(s, locuser, strlen(locuser)+1); */
-
-	/* set up the needed stuff for mutual auth, but only if necessary */
-	if (authopts & KOPT_DO_MUTUAL) {
-		int sin_len;
-		*faddr = sin;
-
-		sin_len = sizeof(struct sockaddr_in);
-		if (getsockname(s, (struct sockaddr *)laddr, &sin_len) < 0) {
-			warn("kcmd(getsockname)");
-			status = -1;
-			goto bad2;
-		}
-	}
-	if ((status = krb_sendauth(authopts, s, ticket, service, *ahost,
-			       realm, (unsigned long) getpid(), msg_data,
-			       cred, schedule,
-			       laddr,
-			       faddr,
-			       "KCMDV0.1")) != KSUCCESS)
-		goto bad2;
-
-	write(s, remuser, strlen(remuser)+1);
-	write(s, cmd, strlen(cmd)+1);
-
-	if ((rc = read(s, &c, 1)) != 1) {
-		if (rc == -1)
-			warn("read(%s)", *ahost);
-		else
-			warnx("kcmd: bad connection with remote host");
-		status = -1;
-		goto bad2;
-	}
-	if (c != '\0') {
-		while (read(s, &c, 1) == 1) {
-			write(2, &c, 1);
-			if (c == '\n')
-				break;
-		}
-		status = -1;
-		goto bad2;
-	}
-	*sock = s;
-	return (KSUCCESS);
-bad2:
-	if (lport)
-		close(*fd2p);
-bad:
-	close(s);
-	return (status);
-}
diff --git a/crypto/kerberosIV/appl/bsd/klogin.c b/crypto/kerberosIV/appl/bsd/klogin.c
deleted file mode 100644
index 321da64cbf9b..000000000000
--- a/crypto/kerberosIV/appl/bsd/klogin.c
+++ /dev/null
@@ -1,184 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993, 1994
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "bsd_locl.h"
-
-RCSID("$Id: klogin.c,v 1.20 1997/05/02 14:27:42 assar Exp $");
-
-#ifdef KERBEROS
-
-#define	VERIFY_SERVICE	"rcmd"
-
-extern int notickets;
-extern char *krbtkfile_env;
-
-static char tkt_location[MaxPathLen];
-
-/*
- * Attempt to log the user in using Kerberos authentication
- *
- * return 0 on success (will be logged in)
- *	  1 if Kerberos failed (try local password in login)
- */
-int
-klogin(struct passwd *pw, char *instance, char *localhost, char *password)
-{
-    int kerror;
-    AUTH_DAT authdata;
-    KTEXT_ST ticket;
-    struct hostent *hp;
-    u_int32_t faddr;
-    char realm[REALM_SZ], savehost[MaxHostNameLen];
-    extern int noticketsdontcomplain;
-
-#ifdef KLOGIN_PARANOID
-    noticketsdontcomplain = 0; /* enable warning message */
-#endif
-    /*
-     * Root logins don't use Kerberos.
-     * If we have a realm, try getting a ticket-granting ticket
-     * and using it to authenticate.  Otherwise, return
-     * failure so that we can try the normal passwd file
-     * for a password.  If that's ok, log the user in
-     * without issuing any tickets.
-     */
-    if (strcmp(pw->pw_name, "root") == 0 ||
-	krb_get_lrealm(realm, 0) != KSUCCESS)
-	return (1);
-
-    noticketsdontcomplain = 0; /* enable warning message */
-
-    /*
-     * get TGT for local realm
-     * tickets are stored in a file named TKT_ROOT plus uid
-     * except for user.root tickets.
-     */
-
-    if (strcmp(instance, "root") != 0)
-	snprintf(tkt_location, sizeof(tkt_location),
-		 "%s%u_%u",
-		TKT_ROOT, (unsigned)pw->pw_uid, (unsigned)getpid());
-    else {
-	snprintf(tkt_location, sizeof(tkt_location),
-		 "%s_root_%d", TKT_ROOT,
-		(unsigned)pw->pw_uid);
-    }
-    krbtkfile_env = tkt_location;
-    krb_set_tkt_string(tkt_location);
-
-    kerror = krb_get_pw_in_tkt(pw->pw_name, instance,
-			       realm, KRB_TICKET_GRANTING_TICKET, realm,
-			       DEFAULT_TKT_LIFE, password);
-
-    /*
-     * If we got a TGT, get a local "rcmd" ticket and check it so as to
-     * ensure that we are not talking to a bogus Kerberos server.
-     *
-     * There are 2 cases where we still allow a login:
-     *	1: the VERIFY_SERVICE doesn't exist in the KDC
-     *	2: local host has no srvtab, as (hopefully) indicated by a
-     *	   return value of RD_AP_UNDEC from krb_rd_req().
-     */
-    if (kerror != INTK_OK) {
-	if (kerror != INTK_BADPW && kerror != KDC_PR_UNKNOWN) {
-	    syslog(LOG_ERR, "Kerberos intkt error: %s",
-		   krb_get_err_text(kerror));
-	    dest_tkt();
-	}
-	return (1);
-    }
-
-    if (chown(TKT_FILE, pw->pw_uid, pw->pw_gid) < 0)
-	syslog(LOG_ERR, "chown tkfile (%s): %m", TKT_FILE);
-
-    strncpy(savehost, krb_get_phost(localhost), sizeof(savehost));
-    savehost[sizeof(savehost)-1] = '\0';
-
-#ifdef KLOGIN_PARANOID
-    /*
-     * if the "VERIFY_SERVICE" doesn't exist in the KDC for this host,
-     * don't allow kerberos login, also log the error condition.
-     */
-
-    kerror = krb_mk_req(&ticket, VERIFY_SERVICE, savehost, realm, 33);
-    if (kerror == KDC_PR_UNKNOWN) {
-	syslog(LOG_NOTICE,
-	       "warning: TGT not verified (%s); %s.%s not registered, or srvtab is wrong?",
-	       krb_get_err_text(kerror), VERIFY_SERVICE, savehost);
-	notickets = 0;
-	return (1);
-    }
-
-    if (kerror != KSUCCESS) {
-	warnx("unable to use TGT: (%s)", krb_get_err_text(kerror));
-	syslog(LOG_NOTICE, "unable to use TGT: (%s)",
-	       krb_get_err_text(kerror));
-	dest_tkt();
-	return (1);
-    }
-
-    if (!(hp = gethostbyname(localhost))) {
-	syslog(LOG_ERR, "couldn't get local host address");
-	dest_tkt();
-	return (1);
-    }
-
-    memcpy(&faddr, hp->h_addr, sizeof(faddr));
-
-    kerror = krb_rd_req(&ticket, VERIFY_SERVICE, savehost, faddr,
-			&authdata, "");
-
-    if (kerror == KSUCCESS) {
-	notickets = 0;
-	return (0);
-    }
-
-    /* undecipherable: probably didn't have a srvtab on the local host */
-    if (kerror == RD_AP_UNDEC) {
-	syslog(LOG_NOTICE, "krb_rd_req: (%s)\n", krb_get_err_text(kerror));
-	dest_tkt();
-	return (1);
-    }
-    /* failed for some other reason */
-    warnx("unable to verify %s ticket: (%s)", VERIFY_SERVICE,
-	  krb_get_err_text(kerror));
-    syslog(LOG_NOTICE, "couldn't verify %s ticket: %s", VERIFY_SERVICE,
-	   krb_get_err_text(kerror));
-    dest_tkt();
-    return (1);
-#else
-    notickets = 0;
-    return (0);
-#endif
-}
-#endif
diff --git a/crypto/kerberosIV/appl/bsd/krcmd.c b/crypto/kerberosIV/appl/bsd/krcmd.c
deleted file mode 100644
index 8c3c6f3c2172..000000000000
--- a/crypto/kerberosIV/appl/bsd/krcmd.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/*
- * Copyright (c) 1989, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "bsd_locl.h"
-
-RCSID("$Id: krcmd.c,v 1.10 1997/03/30 18:20:18 joda Exp $");
-
-#define	SERVICE_NAME	"rcmd"
-
-/*
- * krcmd: simplified version of Athena's "kcmd"
- *	returns a socket attached to the destination, -1 or krb error on error 
- *	if fd2p is non-NULL, another socket is filled in for it
- */
-
-int
-krcmd(char **ahost, u_short rport, char *remuser, char *cmd, int *fd2p, char *realm)
-{
-	int		sock = -1, err = 0;
-	KTEXT_ST	ticket;
-	long		authopts = 0L;
-
-	err = kcmd(
-		&sock,
-		ahost,
-		rport,
-		NULL,	/* locuser not used */
-		remuser,
-		cmd,
-		fd2p,
-		&ticket,
-		SERVICE_NAME,
-		realm,
-		(CREDENTIALS *)  NULL,		/* credentials not used */
-		0,				/* key schedule not used */
-		(MSG_DAT *) NULL,		/* MSG_DAT not used */
-		(struct sockaddr_in *) NULL,	/* local addr not used */
-		(struct sockaddr_in *) NULL,	/* foreign addr not used */
-		authopts
-	);
-
-	if (err > KSUCCESS && err < MAX_KRB_ERRORS) {
-	    warning("krcmd: %s", krb_get_err_text(err));
-	    return(-1);
-	}
-	if (err < 0)
-	    return(-1);
-	return(sock);
-}
-
-int
-krcmd_mutual(char **ahost, u_short rport, char *remuser, char *cmd, int *fd2p, char *realm, CREDENTIALS *cred, Key_schedule sched)
-{
-	int		sock, err;
-	KTEXT_ST	ticket;
-	MSG_DAT		msg_dat;
-	struct sockaddr_in	laddr, faddr;
-	long authopts = KOPT_DO_MUTUAL;
-
-	err = kcmd(
-		&sock,
-		ahost,
-		rport,
-		NULL,	/* locuser not used */
-		remuser,
-		cmd,
-		fd2p,
-		&ticket,
-		SERVICE_NAME,
-		realm,
-		cred,		/* filled in */
-		sched,		/* filled in */
-		&msg_dat,	/* filled in */
-		&laddr,		/* filled in */
-		&faddr,		/* filled in */
-		authopts
-	);
-
-	if (err > KSUCCESS && err < MAX_KRB_ERRORS) {
-	    warnx("krcmd_mutual: %s", krb_get_err_text(err));
-	    return(-1);
-	}
-	
-	if (err < 0)
-	    return (-1);
-	return(sock);
-}
diff --git a/crypto/kerberosIV/appl/bsd/login.c b/crypto/kerberosIV/appl/bsd/login.c
deleted file mode 100644
index c436f8db98bb..000000000000
--- a/crypto/kerberosIV/appl/bsd/login.c
+++ /dev/null
@@ -1,990 +0,0 @@
-/*-
- * Copyright (c) 1980, 1987, 1988, 1991, 1993, 1994
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/*
- * login [ name ]
- * login -h hostname	(for telnetd, etc.)
- * login -f name	(for pre-authenticated login: datakit, xterm, etc.)
- */
-
-#include "bsd_locl.h"
-
-RCSID("$Id: login.c,v 1.104 1997/05/20 20:35:06 assar Exp $");
-
-#include <otp.h>
-
-#include "sysv_default.h"
-#ifdef SYSV_SHADOW
-#include "sysv_shadow.h"
-#endif
-
-static	void	 badlogin (char *);
-static	void	 checknologin (void);
-static	void	 dolastlog (int);
-static	void	 getloginname (int);
-static	int	 rootterm (char *);
-static	char	*stypeof (char *);
-static	RETSIGTYPE	 timedout (int);
-static	int	 doremotelogin (char *);
-void	login_fbtab (char *, uid_t, gid_t);
-#ifdef KERBEROS
-int	klogin (struct passwd *, char *, char *, char *);
-#endif
-
-#define	TTYGRPNAME	"tty"		/* name of group to own ttys */
-
-/*
- * This bounds the time given to login.  Change it in
- * `/etc/default/login'.
- */
-
-static	u_int	login_timeout;
-
-#ifdef KERBEROS
-int	notickets = 1;
-int	noticketsdontcomplain = 1;
-char	*instance;
-char	*krbtkfile_env;
-int	authok;
-#endif
-
-#ifdef HAVE_SHADOW_H
-static  struct spwd *spwd = NULL;
-#endif
-
-static	char    *ttyprompt;
-
-static	struct	passwd *pwd;
-static	int	failures;
-static	char	term[64], *hostname, *username, *tty;
-
-static  char rusername[100], lusername[100];
-
-static int
-change_passwd(struct passwd  *who)
-{
-        int             status;
-        int             pid;
-        int             wpid;
- 
-        switch (pid = fork()) {
-	case -1:
-	    warn("fork /bin/passwd");
-	    sleepexit(1);
-	case 0:
-	    execlp("/bin/passwd", "passwd", who->pw_name, (char *) 0);
-	    _exit(1);
-	default:
-	    while ((wpid = wait(&status)) != -1 && wpid != pid)
-		/* void */ ;
-	    return (status);
-	}
-}
-
-#ifndef NO_MOTD /* message of the day stuff */
-
-jmp_buf motdinterrupt;
-
-static RETSIGTYPE
-sigint(int signo)
-{
-	longjmp(motdinterrupt, 1);
-}
-
-static void
-motd(void)
-{
-	int fd, nchars;
-	RETSIGTYPE (*oldint)();
-	char tbuf[8192];
-
-	if ((fd = open(_PATH_MOTDFILE, O_RDONLY, 0)) < 0)
-		return;
-	oldint = signal(SIGINT, sigint);
-	if (setjmp(motdinterrupt) == 0)
-		while ((nchars = read(fd, tbuf, sizeof(tbuf))) > 0)
-			write(fileno(stdout), tbuf, nchars);
-	signal(SIGINT, oldint);
-	close(fd);
-}
-
-#endif /* !NO_MOTD */
-
-#define AUTH_NONE 0
-#define AUTH_OTP  1
-
-/*
- * getpwnam and try to detect the worst form of NIS attack.
- */
-
-static struct passwd *
-paranoid_getpwnam (char *user)
-{
-	struct passwd *p;
-
-	p = k_getpwnam (user);
-	if (p == NULL)
-		return p;
-	if (p->pw_uid == 0 && strcmp (username, "root") != 0) {
-		syslog (LOG_ALERT,
-			"NIS attack, user %s has uid 0", username);
-		return NULL;
-	}
-	return p;
-}
-
-int
-main(int argc, char **argv)
-{
-	struct group *gr;
-	int ask, ch, cnt, fflag, hflag, pflag, quietlog, nomailcheck;
-	int rootlogin, rval;
-	int rflag;
-	int changepass = 0;
-	uid_t uid;
-	char *domain, *p, passwd[128], *ttyn;
-	char tbuf[MaxPathLen + 2], tname[sizeof(_PATH_TTY) + 10];
-	char localhost[MaxHostNameLen];
-	char full_hostname[MaxHostNameLen];
-	int auth_level = AUTH_NONE;
-	OtpContext otp_ctx;
-	int mask = 022;		/* Default umask (set below) */
-	int maxtrys = 5;	/* Default number of allowed failed logins */
-
-	set_progname(argv[0]);
-
-	openlog("login", LOG_ODELAY, LOG_AUTH);
-
-        /* Read defaults file and set the login timeout period. */
-        sysv_defaults();
-        login_timeout = atoi(default_timeout);
-        maxtrys = atoi(default_maxtrys);
-        if (sscanf(default_umask, "%o", &mask) != 1 || (mask & ~0777))
-                syslog(LOG_WARNING, "bad umask default: %s", default_umask);
-        else
-                umask(mask);
-
-	signal(SIGALRM, timedout);
-	alarm(login_timeout);
-	signal(SIGQUIT, SIG_IGN);
-	signal(SIGINT, SIG_IGN);
-	setpriority(PRIO_PROCESS, 0, 0);
-
-	/*
-	 * -p is used by getty to tell login not to destroy the environment
-	 * -f is used to skip a second login authentication
-	 * -h is used by other servers to pass the name of the remote
-	 *    host to login so that it may be placed in utmp and wtmp
-	 * -r is used by old-style rlogind to execute the autologin protocol
-	 */
-
-	*full_hostname = '\0';
-	domain = NULL;
-	if (k_gethostname(localhost, sizeof(localhost)) < 0)
-		syslog(LOG_ERR, "couldn't get local hostname: %m");
-	else
-		domain = strchr(localhost, '.');
-
-	fflag = hflag = pflag = rflag = 0;
-	uid = getuid();
-	while ((ch = getopt(argc, argv, "a:d:fh:pr:")) != EOF)
-	        switch (ch) {
-		case 'a':
-			if (strcmp (optarg, "none") == 0)
-				auth_level = AUTH_NONE;
-			else if (strcmp (optarg, "otp") == 0)
-				auth_level = AUTH_OTP;
-			else
-				warnx ("bad value for -a: %s", optarg);
-			break;
-		case 'd':
-			break;
-		case 'f':
-			fflag = 1;
-			break;
-		case 'h':
-			if (rflag || hflag) {
-			    printf("Only one of -r and -h allowed\n");
-			    exit(1);
-                        }
-			if (uid)
-				errx(1, "-h option: %s", strerror(EPERM));
-			hflag = 1;
-			strncpy(full_hostname, optarg, sizeof(full_hostname)-1);
-			if (domain && (p = strchr(optarg, '.')) &&
-			    strcasecmp(p, domain) == 0)
-				*p = 0;
-			hostname = optarg;
-			break;
-		case 'p':
-			if (getuid()) {
-				warnx("-p for super-user only.");
-				exit(1);
-                        }
-			pflag = 1;
-			break;
-	        case 'r':
-			if (rflag || hflag) {
-				warnx("Only one of -r and -h allowed\n");
-				exit(1);
-                        }
-			if (getuid()) {
-				warnx("-r for super-user only.");
-				exit(1);
-                        }
-			rflag = 1;
-			strncpy(full_hostname, optarg, sizeof(full_hostname)-1);
-			if (domain && (p = strchr(optarg, '.')) &&
-			    strcasecmp(p, domain) == 0)
-				*p = 0;
-			hostname = optarg;
-			fflag = (doremotelogin(full_hostname) == 0);
-			break;
-		case '?':
-		default:
-			if (!uid)
-				syslog(LOG_ERR, "invalid flag %c", ch);
-			fprintf(stderr,
-				"usage: login [-fp] [-a otp]"
-				"[-h hostname | -r hostname] [username]\n");
-			exit(1);
-		}
-	argc -= optind;
-	argv += optind;
-
-	if (geteuid() != 0) {
-		warnx("only root may use login, use su");
-	        /* Or install login setuid root, which is not necessary */
-		sleep(10);
-		exit(1);
-	}
-        /*
-         * Figure out if we should ask for the username or not. The name
-         * may be given on the command line or via the environment, and
-         * it may even be in the terminal input queue.
-         */
-        if (rflag) {
-                username = lusername;
-                ask = 0;
-	      } else
-        if (*argv && strchr(*argv, '=')) {
-                ask = 1;
-	      } else
-        if (*argv && strcmp(*argv, "-") == 0) {
-                argc--;
-                argv++;
-                ask = 1;
-	      } else
-	if (*argv) {
-		username = *argv;
-		ask = 0;
-                argc--;
-                argv++;
-        } else if ((ttyprompt = getenv("TTYPROMPT")) && *ttyprompt) {
-                getloginname(0);
-                ask = 0;
-	} else
-		ask = 1;
-
-	/* Default tty settings. */
-	stty_default();
-
-	for (cnt = getdtablesize(); cnt > 2; cnt--)
-		close(cnt);
-
-        /*
-         * Determine the tty name. BSD takes the basename, SYSV4 takes
-         * whatever remains after stripping the "/dev/" prefix. The code
-         * below should produce sensible results in either environment.
-         */
-        ttyn = ttyname(STDIN_FILENO);
-        if (ttyn == NULL || *ttyn == '\0') {
-	        snprintf(tname, sizeof(tname), "%s??", _PATH_TTY);
-	        ttyn = tname;
-	}
-        if ((tty = strchr(ttyn + 1, '/')))
-	        ++tty;
-        else
-	        tty = ttyn;
-
-	for (cnt = 0;; ask = 1) {
-	        char prompt[128], ss[256];
-		if (ask) {
-			fflag = 0;
-			getloginname(1);
-		}
-		rootlogin = 0;
-		rval = 1;
-#ifdef	KERBEROS
-		if ((instance = strchr(username, '.')) != NULL) {
-		    if (strcmp(instance, ".root") == 0)
-			rootlogin = 1;
-		    *instance++ = '\0';
-		} else
-		    instance = "";
-#endif
-		if (strlen(username) > UT_NAMESIZE)
-			username[UT_NAMESIZE] = '\0';
-
-		/*
-		 * Note if trying multiple user names; log failures for
-		 * previous user name, but don't bother logging one failure
-		 * for nonexistent name (mistyped username).
-		 */
-		if (failures && strcmp(tbuf, username)) {
-			if (failures > (pwd ? 0 : 1))
-				badlogin(tbuf);
-			failures = 0;
-		}
-		strcpy(tbuf, username);
-
-		pwd = paranoid_getpwnam (username);
-
-		/*
-		 * if we have a valid account name, and it doesn't have a
-		 * password, or the -f option was specified and the caller
-		 * is root or the caller isn't changing their uid, don't
-		 * authenticate.
-		 */
-		if (pwd) {
-			if (pwd->pw_uid == 0)
-				rootlogin = 1;
-
-			if (fflag && (uid == 0 || uid == pwd->pw_uid)) {
-				/* already authenticated */
-				break;
-			} else if (pwd->pw_passwd[0] == '\0') {
-				/* pretend password okay */
-				rval = 0;
-				goto ttycheck;
-			}
-		}
-
-		fflag = 0;
-
-		setpriority(PRIO_PROCESS, 0, -4);
-
-		if (otp_challenge (&otp_ctx, username,
-				   ss, sizeof(ss)) == 0)
-			snprintf (prompt, sizeof(prompt), "%s's %s Password: ",
-				  username, ss);
-		else {
-			if (auth_level == AUTH_NONE)
-				snprintf(prompt, sizeof(prompt), "%s's Password: ",
-					 username);
-			else {
-				char *s;
-
-				rval = 1;
-				s = otp_error(&otp_ctx);
-				if(s)
-					printf ("OTP: %s\n", s);
-				continue;
-			}
-		}
-
-		if (des_read_pw_string (passwd, sizeof(passwd) - 1, prompt, 0))
-			continue;
-		passwd[sizeof(passwd) - 1] = '\0';
-
-		/* Verify it somehow */
-
-		if (otp_verify_user (&otp_ctx, passwd) == 0)
-			rval = 0;
-		else if (pwd == NULL)
-			;
-		else if (auth_level == AUTH_NONE) {
-			uid_t pwd_uid = pwd->pw_uid;
-
-			rval = unix_verify_user (username, passwd);
-
-			if (rval == 0)
-			  {
-			    if (rootlogin && pwd_uid != 0)
-			      rootlogin = 0;
-			  }
-			else
-			  {
-			    rval = klogin(pwd, instance, localhost, passwd);
-			    if (rval != 0 && rootlogin && pwd_uid != 0)
-			      rootlogin = 0;
-			    if (rval == 0)
-			      authok = 1;
-			  }
-		} else {
-			char *s;
-
-			rval = 1;
-			if ((s = otp_error(&otp_ctx)))
-				printf ("OTP: %s\n", s);
-		}
-
-		memset (passwd, 0, sizeof(passwd));
-		setpriority (PRIO_PROCESS, 0, 0);
-
-		/*
-		 * Santa Claus, give me a portable and reentrant getpwnam.
-		 */
-		pwd = paranoid_getpwnam (username);
-
-	ttycheck:
-		/*
-		 * If trying to log in as root without Kerberos,
-		 * but with insecure terminal, refuse the login attempt.
-		 */
-#ifdef KERBEROS
-		if (authok == 0)
-#endif
-		if (pwd && !rval && rootlogin && !rootterm(tty)
-		    && !rootterm(ttyn)) {
-			warnx("%s login refused on this terminal.",
-			      pwd->pw_name);
-			if (hostname)
-				syslog(LOG_NOTICE,
-				       "LOGIN %s REFUSED FROM %s ON TTY %s",
-				       pwd->pw_name, hostname, tty);
-			else
-				syslog(LOG_NOTICE,
-				       "LOGIN %s REFUSED ON TTY %s",
-				       pwd->pw_name, tty);
-			continue;
-		}
-
-		if (rval == 0)
-			break;
-
-		printf("Login incorrect\n");
-		failures++;
-
-                /* max number of attemps and delays taken from defaults file */
-		/* we allow maxtrys tries, but after 2 we start backing off */
-		if (++cnt > 2) {
-			if (cnt >= maxtrys) {
-				badlogin(username);
-				sleepexit(1);
-			}
-			sleep((u_int)((cnt - 2) * atoi(default_sleep)));
-		}
-	}
-
-	/* committed to login -- turn off timeout */
-	alarm(0);
-
-	endpwent();
-
-#if defined(HAVE_GETUDBNAM) && defined(HAVE_SETLIM)
-	{
-	    struct udb *udb;
-	    long t;
-	    const long maxcpu = 46116860184; /* some random constant */
-	    udb = getudbnam(pwd->pw_name);
-	    if(udb == UDB_NULL){
-		    warnx("Failed to get UDB entry.");
-		    exit(1);
-	    }
-	    t = udb->ue_pcpulim[UDBRC_INTER];
-	    if(t == 0 || t > maxcpu)
-		t = CPUUNLIM;
-	    else
-		t *= 100 * CLOCKS_PER_SEC;
-
-	    if(limit(C_PROC, 0, L_CPU, t) < 0)
-		warn("limit C_PROC");
-
-	    t = udb->ue_jcpulim[UDBRC_INTER];
-	    if(t == 0 || t > maxcpu)
-		t = CPUUNLIM;
-	    else
-		t *= 100 * CLOCKS_PER_SEC;
-
-	    if(limit(C_JOBPROCS, 0, L_CPU, t) < 0)
-		warn("limit C_JOBPROCS");
-
-	    nice(udb->ue_nice[UDBRC_INTER]);
-	}
-#endif
-	/* if user not super-user, check for disabled logins */
-	if (!rootlogin)
-		checknologin();
-
-	if (chdir(pwd->pw_dir) < 0) {
-		printf("No home directory %s!\n", pwd->pw_dir);
-		if (chdir("/"))
-			exit(0);
-		pwd->pw_dir = "/";
-		printf("Logging in with home = \"/\".\n");
-	}
-
-	quietlog = access(_PATH_HUSHLOGIN, F_OK) == 0;
-	nomailcheck = access(_PATH_NOMAILCHECK, F_OK) == 0;
-
-#if defined(HAVE_PASSWD_CHANGE) && defined(HAVE_PASSWD_EXPIRE)
-	if (pwd->pw_change || pwd->pw_expire)
-		gettimeofday(&tp, (struct timezone *)NULL);
-
-	if (pwd->pw_change)
-		if (tp.tv_sec >= pwd->pw_change) {
-			printf("Sorry -- your password has expired.\n");
-			changepass=1;
-		} else if (pwd->pw_change - tp.tv_sec <
-		    2 * DAYSPERWEEK * SECSPERDAY && !quietlog)
-			printf("Warning: your password expires on %s",
-			    ctime(&pwd->pw_change));
-	if (pwd->pw_expire)
-		if (tp.tv_sec >= pwd->pw_expire) {
-			printf("Sorry -- your account has expired.\n");
-			sleepexit(1);
-		} else if (pwd->pw_expire - tp.tv_sec <
-		    2 * DAYSPERWEEK * SECSPERDAY && !quietlog)
-			printf("Warning: your account expires on %s",
-			    ctime(&pwd->pw_expire));
-#endif /* defined(HAVE_PASSWD_CHANGE) && defined(HAVE_PASSWD_EXPIRE) */
-
-	/* Nothing else left to fail -- really log in. */
-
-        /*
-         * Update the utmp files, both BSD and SYSV style.
-         */
-        if (utmpx_login(tty, username, hostname ? hostname : "") != 0
-	    && !fflag) {
-                printf("No utmpx entry.  You must exec \"login\" from the lowest level \"sh\".\n");
-                sleepexit(0);
-        }
-	utmp_login(ttyn, username, hostname ? hostname : "");
-	dolastlog(quietlog);
-
-	/*
-	 * Set device protections, depending on what terminal the
-	 * user is logged in. This feature is used on Suns to give
-	 * console users better privacy.
-	 */
-	login_fbtab(tty, pwd->pw_uid, pwd->pw_gid);
-
-	chown(ttyn, pwd->pw_uid,
-	    (gr = getgrnam(TTYGRPNAME)) ? gr->gr_gid : pwd->pw_gid);
-	chmod(ttyn, S_IRUSR | S_IWUSR | S_IWGRP);
-	setgid(pwd->pw_gid);
-
-	initgroups(username, pwd->pw_gid);
-
-	if (*pwd->pw_shell == '\0')
-		pwd->pw_shell = _PATH_BSHELL;
-
-        /*
-         * Set up a new environment. With SYSV, some variables are always
-         * preserved; some varables are never preserved, and some variables
-         * are always clobbered. With BSD, nothing is always preserved, and
-         * some variables are always clobbered. We add code to make sure
-         * that LD_* and IFS are never preserved.
-         */
-	if (term[0] == '\0')
-		strncpy(term, stypeof(tty), sizeof(term));
-        /* set up a somewhat censored environment. */
-        sysv_newenv(argc, argv, pwd, term, pflag);
-#ifdef KERBEROS
-	if (krbtkfile_env)
-	    setenv("KRBTKFILE", krbtkfile_env, 1);
-#endif
-
-	if (tty[sizeof("tty")-1] == 'd')
-		syslog(LOG_INFO, "DIALUP %s, %s", tty, pwd->pw_name);
-
-	/* If fflag is on, assume caller/authenticator has logged root login. */
-	if (rootlogin && fflag == 0)
-		if (hostname)
-			syslog(LOG_NOTICE, "ROOT LOGIN (%s) ON %s FROM %s",
-			    username, tty, hostname);
-		else
-			syslog(LOG_NOTICE, "ROOT LOGIN (%s) ON %s", username, tty);
-
-#ifdef KERBEROS
-	if (!quietlog && notickets == 1 && !noticketsdontcomplain)
-		printf("Warning: no Kerberos tickets issued.\n");
-#endif
-
-#ifdef LOGALL
-	/*
-	 * Syslog each successful login, so we don't have to watch hundreds
-	 * of wtmp or lastlogin files.
-	 */
-	if (hostname) {
-		syslog(LOG_INFO, "login from %s as %s", hostname, pwd->pw_name);
-	} else {
-		syslog(LOG_INFO, "login on %s as %s", tty, pwd->pw_name);
-	}
-#endif
-
-#ifndef NO_MOTD
-        /*
-         * Optionally show the message of the day. System V login leaves
-         * motd and mail stuff up to the shell startup file.
-         */
-	if (!quietlog) {
-	        struct stat st;
-#if 0
-		printf("%s\n\t%s  %s\n\n",
-	    "Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994",
-		    "The Regents of the University of California. ",
-		    "All rights reserved.");
-#endif
-		motd();
-		if(!nomailcheck){
-		    snprintf(tbuf, sizeof(tbuf), "%s/%s", _PATH_MAILDIR, pwd->pw_name);
-		    if (stat(tbuf, &st) == 0 && st.st_size != 0)
-			printf("You have %smail.\n",
-			       (st.st_mtime > st.st_atime) ? "new " : "");
-		}
-	}
-#endif /* NO_MOTD */
-
-#ifdef LOGIN_ACCESS
-	if (login_access(pwd->pw_name, hostname ? full_hostname : tty) == 0) {
-		printf("Permission denied\n");
-		if (hostname)
-			syslog(LOG_NOTICE, "%s LOGIN REFUSED FROM %s",
-				pwd->pw_name, hostname);
-		else
-			syslog(LOG_NOTICE, "%s LOGIN REFUSED ON %s",
-				pwd->pw_name, tty);
-		sleepexit(1);
-	}
-#endif
-
-	signal(SIGALRM, SIG_DFL);
-	signal(SIGQUIT, SIG_DFL);
-	signal(SIGINT, SIG_DFL);
-	signal(SIGTSTP, SIG_IGN);
-
-	tbuf[0] = '-';
-	strcpy(tbuf + 1, (p = strrchr(pwd->pw_shell, '/')) ?
-	       p + 1 : pwd->pw_shell);
-
-#ifdef HAVE_SETLOGIN
-     	if (setlogin(pwd->pw_name) < 0)
-                syslog(LOG_ERR, "setlogin() failure: %m");
-#endif
-
-#ifdef HAVE_SETPCRED
-	if (setpcred (pwd->pw_name, NULL) == -1)
-		syslog(LOG_ERR, "setpcred() failure: %m");
-#endif /* HAVE_SETPCRED */
-
-#if defined(SYSV_SHADOW) && defined(HAVE_GETSPNAM)
-	spwd = getspnam (username);
-	endspent ();
-#endif
-	/* Discard permissions last so can't get killed and drop core. */
-	{
-	    int uid = rootlogin ? 0 : pwd->pw_uid;
-	    if(setuid(uid) != 0){
-		    warn("setuid(%d)", uid);
-		    if(!rootlogin)
-			    exit(1);
-	    }
-	}
-		       
-
-	/*
-         * After dropping privileges and after cleaning up the environment,
-         * optionally run, as the user, /bin/passwd.
-         */
- 
-        if (pwd->pw_passwd[0] == 0 &&
-	    strcasecmp(default_passreq, "YES") == 0) {
-                printf("You don't have a password.  Choose one.\n");
-                if (change_passwd(pwd))
-                        sleepexit(0);
-		changepass = 0;
-        }
-
-#ifdef SYSV_SHADOW
-        if (spwd && sysv_expire(spwd)) {
-                if (change_passwd(pwd))
-                        sleepexit(0);
-		changepass = 0;
-        }
-#endif /* SYSV_SHADOW */
-	if (changepass) {
-		int res;
-		if ((res=system(_PATH_CHPASS)))
-			sleepexit(1);
-	}
-
-	if (k_hasafs()) {
-	    char cell[64];
-	    k_setpag();
-	    if(k_afs_cell_of_file(pwd->pw_dir, cell, sizeof(cell)) == 0)
-		k_afsklog(cell, 0);
-	    k_afsklog(0, 0);
-	}
-
-	execlp(pwd->pw_shell, tbuf, 0);
-	if (getuid() == 0) {
-		warnx("Can't exec %s, trying %s\n", 
-		      pwd->pw_shell, _PATH_BSHELL);
-		execlp(_PATH_BSHELL, tbuf, 0);
-		err(1, "%s", _PATH_BSHELL);
-	}
-	err(1, "%s", pwd->pw_shell);
-	return 1;
-}
-
-#ifdef	KERBEROS
-#define	NBUFSIZ		(UT_NAMESIZE + 1 + 5)	/* .root suffix */
-#else
-#define	NBUFSIZ		(UT_NAMESIZE + 1)
-#endif
-
-static void
-getloginname(int prompt)
-{
-	int ch;
-	char *p;
-	static char nbuf[NBUFSIZ];
-
-	for (;;) {
-                if (prompt)
-                    if (ttyprompt && *ttyprompt)
-                        printf("%s", ttyprompt);
-                    else
-		        printf("login: ");
-		prompt = 1;
-		for (p = nbuf; (ch = getchar()) != '\n'; ) {
-			if (ch == EOF) {
-				badlogin(username);
-				exit(0);
-			}
-			if (p < nbuf + (NBUFSIZ - 1))
-				*p++ = ch;
-		}
-		if (p > nbuf)
-			if (nbuf[0] == '-')
-				warnx("login names may not start with '-'.");
-			else {
-				*p = '\0';
-				username = nbuf;
-				break;
-			}
-	}
-}
-
-static int
-rootterm(char *ttyn)
-{
-#ifndef HAVE_TTYENT_H
-        return (default_console == 0 || strcmp(default_console, ttyname(0)) == 0);
-#else
-	struct ttyent *t;
-
-	return ((t = getttynam(ttyn)) && t->ty_status & TTY_SECURE);
-#endif
-}
-
-static RETSIGTYPE
-timedout(int signo)
-{
-	fprintf(stderr, "Login timed out after %d seconds\n",
-		login_timeout);
-	exit(0);
-}
-
-static void
-checknologin(void)
-{
-	int fd, nchars;
-	char tbuf[8192];
-
-	if ((fd = open(_PATH_NOLOGIN, O_RDONLY, 0)) >= 0) {
-		while ((nchars = read(fd, tbuf, sizeof(tbuf))) > 0)
-			write(fileno(stdout), tbuf, nchars);
-		sleepexit(0);
-	}
-}
-
-static void
-dolastlog(int quiet)
-{
-#if defined(HAVE_LASTLOG_H) || defined(HAVE_LOGIN_H) || defined(SYSV_SHADOW)
-	struct lastlog ll;
-	int fd;
-
-	if ((fd = open(_PATH_LASTLOG, O_RDWR, 0)) >= 0) {
-		lseek(fd, (off_t)pwd->pw_uid * sizeof(ll), SEEK_SET);
-#ifdef SYSV_SHADOW
-                if (read(fd, &ll, sizeof(ll)) == sizeof(ll) &&
-                    ll.ll_time != 0) {
-                        if (pwd->pw_uid && spwd && spwd->sp_inact > 0
-                            && ll.ll_time / (24 * 60 * 60)
-			    + spwd->sp_inact < time(0)) {
-                                printf("Your account has been inactive too long.\n");
-                                sleepexit(1);
-                        }
-                        if (!quiet) {
-                                printf("Last login: %.*s ",
-                                    24-5, ctime(&ll.ll_time));
-                                if (*ll.ll_host != '\0') {
-                                        printf("from %.*s\n",
-                                            (int)sizeof(ll.ll_host),
-					       ll.ll_host);
-                                } else
-                                        printf("on %.*s\n",
-                                            (int)sizeof(ll.ll_line),
-					       ll.ll_line);
-                        }
-                }
-                lseek(fd, (off_t)pwd->pw_uid * sizeof(ll), SEEK_SET);
-#else /* SYSV_SHADOW */
-		if (!quiet) {
-			if (read(fd, &ll, sizeof(ll)) == sizeof(ll) &&
-			    ll.ll_time != 0) {
-				printf("Last login: %.*s ",
-				    24-5, ctime(&ll.ll_time));
-				if (*ll.ll_host != '\0')
-					printf("from %.*s\n",
-					    (int)sizeof(ll.ll_host),
-					    ll.ll_host);
-				else
-					printf("on %.*s\n",
-					    (int)sizeof(ll.ll_line),
-					    ll.ll_line);
-			}
-			lseek(fd, (off_t)pwd->pw_uid * sizeof(ll), SEEK_SET);
-		}
-#endif /* SYSV_SHADOW */
-		memset(&ll, 0, sizeof(ll));
-		time(&ll.ll_time);
-		strncpy(ll.ll_line, tty, sizeof(ll.ll_line));
-		if (hostname)
-			strncpy(ll.ll_host, hostname, sizeof(ll.ll_host));
-		write(fd, &ll, sizeof(ll));
-		close(fd);
-	}
-#endif /* DOLASTLOG */
-}
-
-static void
-badlogin(char *name)
-{
-
-	if (failures == 0)
-		return;
-	if (hostname) {
-		syslog(LOG_NOTICE, "%d LOGIN FAILURE%s FROM %s",
-		    failures, failures > 1 ? "S" : "", hostname);
-		syslog(LOG_AUTHPRIV|LOG_NOTICE,
-		    "%d LOGIN FAILURE%s FROM %s, %s",
-		    failures, failures > 1 ? "S" : "", hostname, name);
-	} else {
-		syslog(LOG_NOTICE, "%d LOGIN FAILURE%s ON %s",
-		    failures, failures > 1 ? "S" : "", tty);
-		syslog(LOG_AUTHPRIV|LOG_NOTICE,
-		    "%d LOGIN FAILURE%s ON %s, %s",
-		    failures, failures > 1 ? "S" : "", tty, name);
-	}
-}
-
-#undef	UNKNOWN
-#define	UNKNOWN	"su"
-
-static char *
-stypeof(char *ttyid)
-{
-    /* TERM is probably a better guess than anything else. */
-    char *term = getenv("TERM");
-
-    if (term != 0 && term[0] != 0)
-	return term;
-
-    {
-#ifndef HAVE_TTYENT_H
-	return UNKNOWN;
-#else
-	struct ttyent *t;
-	return (ttyid && (t = getttynam(ttyid)) ? t->ty_type : UNKNOWN);
-#endif
-    }
-}
-
-static void
-xgetstr(char *buf, int cnt, char *err)
-{
-        char ch;
- 
-        do {
-                if (read(0, &ch, sizeof(ch)) != sizeof(ch))
-                        exit(1);
-                if (--cnt < 0) {
-                        fprintf(stderr, "%s too long\r\n", err);
-                        sleepexit(1);
-                }
-                *buf++ = ch;
-        } while (ch);
-}
-
-/*
- * Some old rlogind's unknowingly pass remuser, locuser and
- * terminal_type/speed so we need to take care of that part of the
- * protocol here. Also, we can't make a getpeername(2) on the socket
- * so we have to trust that rlogind resolved the name correctly.
- */
-
-static int
-doremotelogin(char *host)
-{
-        int code;
-        char *cp;
-
-        xgetstr(rusername, sizeof (rusername), "remuser");
-        xgetstr(lusername, sizeof (lusername), "locuser");
-        xgetstr(term, sizeof(term), "Terminal type");
-	cp = strchr(term, '/');
-	if (cp != 0)
-		*cp = 0;	/* For now ignore speed/bg */
-        pwd = k_getpwnam(lusername);
-        if (pwd == NULL)
-                return(-1);
-        code = ruserok(host, (pwd->pw_uid == 0), rusername, lusername);
-	if (code == 0)
-	  syslog(LOG_NOTICE,
-		 "Warning: An old rlogind accepted login probably from host %s",
-		 host);
-	return(code);
-}
- 
-void
-sleepexit(int eval)
-{
-
-	sleep(5);
-	exit(eval);
-}
diff --git a/crypto/kerberosIV/appl/bsd/login_access.c b/crypto/kerberosIV/appl/bsd/login_access.c
deleted file mode 100644
index 0e017b10cdfd..000000000000
--- a/crypto/kerberosIV/appl/bsd/login_access.c
+++ /dev/null
@@ -1,221 +0,0 @@
- /*
-  * This module implements a simple but effective form of login access
-  * control based on login names and on host (or domain) names, internet
-  * addresses (or network numbers), or on terminal line names in case of
-  * non-networked logins. Diagnostics are reported through syslog(3).
-  *
-  * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands.
-  */
-
-#include "bsd_locl.h"
-
-RCSID("$Id: login_access.c,v 1.15 1997/06/01 03:12:28 assar Exp $");
-
-#ifdef LOGIN_ACCESS
-
- /* Delimiters for fields and for lists of users, ttys or hosts. */
-
-static char fs[] = ":";			/* field separator */
-static char sep[] = ", \t";		/* list-element separator */
-
- /* Constants to be used in assignments only, not in comparisons... */
-
-#define YES             1
-#define NO              0
-
-static int list_match(char *list, char *item, int (*match_fn)(char *, char *));
-static int user_match(char *tok, char *string);
-static int from_match(char *tok, char *string);
-static int string_match(char *tok, char *string);
-
-/* login_access - match username/group and host/tty with access control file */
-
-int login_access(char *user, char *from)
-{
-    FILE   *fp;
-    char    line[BUFSIZ];
-    char   *perm;			/* becomes permission field */
-    char   *users;			/* becomes list of login names */
-    char   *froms;			/* becomes list of terminals or hosts */
-    int     match = NO;
-    int     end;
-    int     lineno = 0;			/* for diagnostics */
-    char   *foo;
-
-    /*
-     * Process the table one line at a time and stop at the first match.
-     * Blank lines and lines that begin with a '#' character are ignored.
-     * Non-comment lines are broken at the ':' character. All fields are
-     * mandatory. The first field should be a "+" or "-" character. A
-     * non-existing table means no access control.
-     */
-
-    if ((fp = fopen(_PATH_LOGACCESS, "r")) != 0) {
-	while (!match && fgets(line, sizeof(line), fp)) {
-	    lineno++;
-	    if (line[end = strlen(line) - 1] != '\n') {
-		syslog(LOG_ERR, "%s: line %d: missing newline or line too long",
-		       _PATH_LOGACCESS, lineno);
-		continue;
-	    }
-	    if (line[0] == '#')
-		continue;			/* comment line */
-	    while (end > 0 && isspace(line[end - 1]))
-		end--;
-	    line[end] = 0;			/* strip trailing whitespace */
-	    if (line[0] == 0)			/* skip blank lines */
-		continue;
-	    foo = NULL;
-	    if (!(perm = strtok_r(line, fs, &foo))
-		|| !(users = strtok_r(NULL, fs, &foo))
-		|| !(froms = strtok_r(NULL, fs, &foo))
-		|| strtok_r(NULL, fs, &foo)) {
-		syslog(LOG_ERR, "%s: line %d: bad field count", 
-		       _PATH_LOGACCESS,
-		       lineno);
-		continue;
-	    }
-	    if (perm[0] != '+' && perm[0] != '-') {
-		syslog(LOG_ERR, "%s: line %d: bad first field", 
-		       _PATH_LOGACCESS,
-		       lineno);
-		continue;
-	    }
-	    match = (list_match(froms, from, from_match)
-		     && list_match(users, user, user_match));
-	}
-	fclose(fp);
-    } else if (errno != ENOENT) {
-	syslog(LOG_ERR, "cannot open %s: %m", _PATH_LOGACCESS);
-    }
-    return (match == 0 || (line[0] == '+'));
-}
-
-/* list_match - match an item against a list of tokens with exceptions */
-
-static int
-list_match(char *list, char *item, int (*match_fn)(char *, char *))
-{
-    char   *tok;
-    int     match = NO;
-    char   *foo = NULL;
-
-    /*
-     * Process tokens one at a time. We have exhausted all possible matches
-     * when we reach an "EXCEPT" token or the end of the list. If we do find
-     * a match, look for an "EXCEPT" list and recurse to determine whether
-     * the match is affected by any exceptions.
-     */
-
-    for (tok = strtok_r(list, sep, &foo);
-	 tok != NULL;
-	 tok = strtok_r(NULL, sep, &foo)) {
-	if (strcasecmp(tok, "EXCEPT") == 0)	/* EXCEPT: give up */
-	    break;
-	if ((match = (*match_fn) (tok, item)) != 0)	/* YES */
-	    break;
-    }
-    /* Process exceptions to matches. */
-
-    if (match != NO) {
-	while ((tok = strtok_r(NULL, sep, &foo)) && strcasecmp(tok, "EXCEPT"))
-	     /* VOID */ ;
-	if (tok == 0 || list_match(NULL, item, match_fn) == NO)
-	    return (match);
-    }
-    return (NO);
-}
-
-/* netgroup_match - match group against machine or user */
-
-static int netgroup_match(char *group, char *machine, char *user)
-{
-#ifdef HAVE_YP_GET_DEFAULT_DOMAIN
-    static char *mydomain = 0;
-
-    if (mydomain == 0)
-	yp_get_default_domain(&mydomain);
-    return (innetgr(group, machine, user, mydomain));
-#else
-    syslog(LOG_ERR, "NIS netgroup support not configured");
-    return 0;
-#endif
-}
-
-/* user_match - match a username against one token */
-
-static int user_match(char *tok, char *string)
-{
-    struct group *group;
-    int     i;
-
-    /*
-     * If a token has the magic value "ALL" the match always succeeds.
-     * Otherwise, return YES if the token fully matches the username, or if
-     * the token is a group that contains the username.
-     */
-
-    if (tok[0] == '@') {			/* netgroup */
-	return (netgroup_match(tok + 1, (char *) 0, string));
-    } else if (string_match(tok, string)) {	/* ALL or exact match */
-	return (YES);
-    } else if ((group = getgrnam(tok)) != 0) { /* try group membership */
-	for (i = 0; group->gr_mem[i]; i++)
-	    if (strcasecmp(string, group->gr_mem[i]) == 0)
-		return (YES);
-    }
-    return (NO);
-}
-
-/* from_match - match a host or tty against a list of tokens */
-
-static int from_match(char *tok, char *string)
-{
-    int     tok_len;
-    int     str_len;
-
-    /*
-     * If a token has the magic value "ALL" the match always succeeds. Return
-     * YES if the token fully matches the string. If the token is a domain
-     * name, return YES if it matches the last fields of the string. If the
-     * token has the magic value "LOCAL", return YES if the string does not
-     * contain a "." character. If the token is a network number, return YES
-     * if it matches the head of the string.
-     */
-
-    if (tok[0] == '@') {			/* netgroup */
-	return (netgroup_match(tok + 1, string, (char *) 0));
-    } else if (string_match(tok, string)) {	/* ALL or exact match */
-	return (YES);
-    } else if (tok[0] == '.') {			/* domain: match last fields */
-	if ((str_len = strlen(string)) > (tok_len = strlen(tok))
-	    && strcasecmp(tok, string + str_len - tok_len) == 0)
-	    return (YES);
-    } else if (strcasecmp(tok, "LOCAL") == 0) {	/* local: no dots */
-	if (strchr(string, '.') == 0)
-	    return (YES);
-    } else if (tok[(tok_len = strlen(tok)) - 1] == '.'	/* network */
-	       && strncmp(tok, string, tok_len) == 0) {
-	return (YES);
-    }
-    return (NO);
-}
-
-/* string_match - match a string against one token */
-
-static int string_match(char *tok, char *string)
-{
-
-    /*
-     * If the token has the magic value "ALL" the match always succeeds.
-     * Otherwise, return YES if the token fully matches the string.
-     */
-
-    if (strcasecmp(tok, "ALL") == 0) {		/* all: always matches */
-	return (YES);
-    } else if (strcasecmp(tok, string) == 0) {	/* try exact match */
-	return (YES);
-    }
-    return (NO);
-}
-#endif /* LOGIN_ACCES */
diff --git a/crypto/kerberosIV/appl/bsd/login_fbtab.c b/crypto/kerberosIV/appl/bsd/login_fbtab.c
deleted file mode 100644
index f7f53aa57c43..000000000000
--- a/crypto/kerberosIV/appl/bsd/login_fbtab.c
+++ /dev/null
@@ -1,144 +0,0 @@
-/************************************************************************
-* Copyright 1995 by Wietse Venema.  All rights reserved.
-*
-* This material was originally written and compiled by Wietse Venema at
-* Eindhoven University of Technology, The Netherlands, in 1990, 1991,
-* 1992, 1993, 1994 and 1995.
-*
-* Redistribution and use in source and binary forms are permitted
-* provided that this entire copyright notice is duplicated in all such
-* copies.
-*
-* This software is provided "as is" and without any expressed or implied
-* warranties, including, without limitation, the implied warranties of
-* merchantibility and fitness for any particular purpose.
-************************************************************************/
-/*
-    SYNOPSIS
-	void login_fbtab(tty, uid, gid)
-	char *tty;
-	uid_t uid;
-	gid_t gid;
-
-    DESCRIPTION
-	This module implements device security as described in the
-	SunOS 4.1.x fbtab(5) and SunOS 5.x logindevperm(4) manual
-	pages. The program first looks for /etc/fbtab. If that file
-	cannot be opened it attempts to process /etc/logindevperm.
-	We expect entries with the folowing format:
-
-	    Comments start with a # and extend to the end of the line.
-
-	    Blank lines or lines with only a comment are ignored.
-
-	    All other lines consist of three fields delimited by
-	    whitespace: a login device (/dev/console), an octal
-	    permission number (0600), and a ":"-delimited list of
-	    devices (/dev/kbd:/dev/mouse). All device names are
-	    absolute paths. A path that ends in "/*" refers to all
-	    directory entries except "." and "..".
-
-	    If the tty argument (relative path) matches a login device
-	    name (absolute path), the permissions of the devices in the
-	    ":"-delimited list are set as specified in the second
-	    field, and their ownership is changed to that of the uid
-	    and gid arguments.
-
-    DIAGNOSTICS
-	Problems are reported via the syslog daemon with severity
-	LOG_ERR.
-
-    BUGS
-
-    AUTHOR
-	Wietse Venema (wietse@wzv.win.tue.nl)
-	Eindhoven University of Technology
-	The Netherlands
- */
-
-#include "bsd_locl.h"
-
-RCSID("$Id: login_fbtab.c,v 1.10 1997/06/01 03:12:54 assar Exp $");
-
-void	login_protect	(char *, char *, int, uid_t, gid_t);
-void	login_fbtab	(char *tty, uid_t uid, gid_t gid);
-
-#define	WSPACE		" \t\n"
-
-/* login_fbtab - apply protections specified in /etc/fbtab or logindevperm */
-
-void
-login_fbtab(char *tty, uid_t uid, gid_t gid)
-{
-    FILE   *fp;
-    char    buf[BUFSIZ];
-    char   *devname;
-    char   *cp;
-    int     prot;
-    char   *table;
-    char   *foo;
-
-    if ((fp = fopen(table = _PATH_FBTAB, "r")) == 0
-    && (fp = fopen(table = _PATH_LOGINDEVPERM, "r")) == 0)
-	return;
-
-    while (fgets(buf, sizeof(buf), fp)) {
-	if ((cp = strchr(buf, '#')) != 0)
-	    *cp = 0;				/* strip comment */
-	foo = NULL;
-	if ((cp = devname = strtok_r(buf, WSPACE, &foo)) == 0)
-	    continue;				/* empty or comment */
-	if (strncmp(devname, "/dev/", 5) != 0
-	       || (cp = strtok_r(NULL, WSPACE, &foo)) == 0
-	       || *cp != '0'
-	       || sscanf(cp, "%o", &prot) == 0
-	       || prot == 0
-	       || (prot & 0777) != prot
-	       || (cp = strtok_r(NULL, WSPACE, &foo)) == 0) {
-	    syslog(LOG_ERR, "%s: bad entry: %s", table, cp ? cp : "(null)");
-	    continue;
-	}
-	if (strcmp(devname + 5, tty) == 0) {
-	    foo = NULL;
-	    for (cp = strtok_r(cp, ":", &foo);
-		 cp;
-		 cp = strtok_r(NULL, ":", &foo)) {
-		login_protect(table, cp, prot, uid, gid);
-	    }
-	}
-    }
-    fclose(fp);
-}
-
-/* login_protect - protect one device entry */
-
-void
-login_protect(char *table, char *path, int mask, uid_t uid, gid_t gid)
-{
-    char    buf[BUFSIZ];
-    int     pathlen = strlen(path);
-    struct dirent *ent;
-    DIR    *dir;
-
-    if (strcmp("/*", path + pathlen - 2) != 0) {
-	if (chmod(path, mask) && errno != ENOENT)
-	    syslog(LOG_ERR, "%s: chmod(%s): %m", table, path);
-	if (chown(path, uid, gid) && errno != ENOENT)
-	    syslog(LOG_ERR, "%s: chown(%s): %m", table, path);
-    } else {
-	strcpy(buf, path);
-	buf[pathlen - 1] = 0;
-	if ((dir = opendir(buf)) == 0) {
-	    syslog(LOG_ERR, "%s: opendir(%s): %m", table, path);
-	} else {
-	    while ((ent = readdir(dir)) != 0) {
-		if (strcmp(ent->d_name, ".") != 0
-		    && strcmp(ent->d_name, "..") != 0) {
-		    strcpy(buf + pathlen - 1, ent->d_name);
-		    login_protect(table, buf, mask, uid, gid);
-		}
-	    }
-	    closedir(dir);
-	}
-    }
-}
diff --git a/crypto/kerberosIV/appl/bsd/pathnames.h b/crypto/kerberosIV/appl/bsd/pathnames.h
deleted file mode 100644
index 3c10bff02404..000000000000
--- a/crypto/kerberosIV/appl/bsd/pathnames.h
+++ /dev/null
@@ -1,191 +0,0 @@
-/*
- * Copyright (c) 1989 The Regents of the University of California.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	from: @(#)pathnames.h	5.2 (Berkeley) 4/9/90
- *	$Id: pathnames.h,v 1.23 1996/11/17 06:36:42 joda Exp $
- */
-
-/******* First fix default path, we stick to _PATH_DEFPATH everywhere */
-
-#if !defined(_PATH_DEFPATH) && defined(_PATH_USERPATH)
-#define _PATH_DEFPATH _PATH_USERPATH
-#endif
-
-#if defined(_PATH_DEFPATH) && !defined(_DEF_PATH)
-#define _DEF_PATH _PATH_DEFPATH
-#endif
-
-#if !defined(_PATH_DEFPATH) && defined(_DEF_PATH)
-#define _PATH_DEFPATH _DEF_PATH
-#endif
-
-#ifndef _PATH_DEFPATH
-#define _PATH_DEFPATH "/usr/ucb:/usr/bin:/bin"
-#define _DEF_PATH _PATH_DEFPATH
-#endif /* !_PATH_DEFPATH */
-
-#ifndef _PATH_DEFSUPATH
-#define _PATH_DEFSUPATH "/usr/sbin:"  _DEF_PATH
-#endif /* _PATH_DEFSUPATH */
-
-/******* Default PATH fixed! */
-
-#undef  _PATH_RLOGIN		/* Redifine rlogin */
-#define	_PATH_RLOGIN	BINDIR  "/rlogin"
-
-#undef _PATH_RSH		/* Redifine rsh */
-#define _PATH_RSH	BINDIR  "/rsh"
-
-#undef _PATH_LOGIN
-#define _PATH_LOGIN	BINDIR "/login"
-
-/******* The rest is fallback defaults */
-
-#ifndef _PATH_DEV
-#define _PATH_DEV "/dev/"
-#endif
-
-#ifndef _PATH_CP
-#define _PATH_CP "/bin/cp"
-#endif /* _PATH_CP */
-
-#ifndef _PATH_SHELLS
-#define _PATH_SHELLS "/etc/shells"
-#endif /* _PATH_SHELLS */
-
-#ifndef _PATH_BSHELL
-#define _PATH_BSHELL "/bin/sh"
-#endif /* _PATH_BSHELL */
-
-#ifndef _PATH_CSHELL
-#define _PATH_CSHELL "/bin/csh"
-#endif /* _PATH_CSHELL */
-
-#ifndef _PATH_NOLOGIN
-#define _PATH_NOLOGIN "/etc/nologin"
-#endif /* _PATH_NOLOGIN */
-
-#ifndef _PATH_TTY
-#define _PATH_TTY "/dev/tty"
-#endif /* _PATH_TTY */
-
-#ifndef _PATH_HUSHLOGIN
-#define _PATH_HUSHLOGIN ".hushlogin"
-#endif /* _PATH_HUSHLOGIN */
-
-#ifndef _PATH_NOMAILCHECK
-#define _PATH_NOMAILCHECK ".nomailcheck"
-#endif /* _PATH_NOMAILCHECK */
-
-#ifndef _PATH_MOTDFILE
-#define _PATH_MOTDFILE "/etc/motd"
-#endif /* _PATH_MOTDFILE */
-
-#ifndef _PATH_LOGACCESS
-#define _PATH_LOGACCESS "/etc/login.access"
-#endif /* _PATH_LOGACCESS */
-
-#ifndef _PATH_HEQUIV
-#define _PATH_HEQUIV "/etc/hosts.equiv"
-#endif
-
-#ifndef _PATH_FBTAB
-#define _PATH_FBTAB "/etc/fbtab"
-#endif /* _PATH_FBTAB */
-
-#ifndef _PATH_LOGINDEVPERM
-#define _PATH_LOGINDEVPERM "/etc/logindevperm"
-#endif /* _PATH_LOGINDEVPERM */
-
-#ifndef _PATH_CHPASS
-#define _PATH_CHPASS "/usr/bin/passwd"
-#endif /* _PATH_CHPASS */
-
-#if defined(__hpux)
-#define __FALLBACK_MAILDIR__ "/usr/mail"
-#else
-#define __FALLBACK_MAILDIR__ "/usr/spool/mail"
-#endif
-
-#ifndef KRB4_MAILDIR
-#ifndef _PATH_MAILDIR
-#ifdef MAILDIR
-#define _PATH_MAILDIR MAILDIR
-#else
-#define _PATH_MAILDIR __FALLBACK_MAILDIR__
-#endif
-#endif /* _PATH_MAILDIR */
-#define KRB4_MAILDIR _PATH_MAILDIR
-#endif
-
-#ifndef _PATH_LASTLOG
-#define _PATH_LASTLOG		"/var/adm/lastlog"
-#endif
-
-#if defined(UTMP_FILE) && !defined(_PATH_UTMP)
-#define _PATH_UTMP UTMP_FILE
-#endif
-
-#ifndef _PATH_UTMP
-#define _PATH_UTMP   "/etc/utmp"
-#endif
-
-#if defined(WTMP_FILE) && !defined(_PATH_WTMP)
-#define _PATH_WTMP WTMP_FILE
-#endif
-
-#ifndef _PATH_WTMP
-#define _PATH_WTMP   "/usr/adm/wtmp"
-#endif
-
-#ifndef _PATH_ETC_DEFAULT_LOGIN
-#define _PATH_ETC_DEFAULT_LOGIN	"/etc/default/login"
-#endif
-
-#ifndef _PATH_ETC_ENVIRONMENT
-#define _PATH_ETC_ENVIRONMENT "/etc/environment"
-#endif
-
-/*
- * NeXT KLUDGE ALERT!!!!!!!!!!!!!!!!!!
- * Some sort of bug in the NEXTSTEP cpp.
- */
-#ifdef NeXT
-#undef  _PATH_DEFSUPATH
-#define _PATH_DEFSUPATH "/usr/sbin:/usr/ucb:/usr/bin:/bin"
-#undef  _PATH_RLOGIN
-#define	_PATH_RLOGIN	"/usr/athena/bin/rlogin"
-#undef  _PATH_RSH
-#define _PATH_RSH	"/usr/athena/bin/rsh"
-#undef  _PATH_LOGIN
-#define _PATH_LOGIN	"/usr/athena/bin/login"
-#endif
diff --git a/crypto/kerberosIV/appl/bsd/rcmd_util.c b/crypto/kerberosIV/appl/bsd/rcmd_util.c
deleted file mode 100644
index 466900954a91..000000000000
--- a/crypto/kerberosIV/appl/bsd/rcmd_util.c
+++ /dev/null
@@ -1,246 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "bsd_locl.h"
-
-RCSID("$Id: rcmd_util.c,v 1.15 1997/05/02 14:27:44 assar Exp $");
-
-int
-get_login_port(int kerberos, int encryption)
-{
-  char *service="login";
-  int port=htons(513);
-
-  if(kerberos && encryption){
-    service="eklogin";
-    port=htons(2105);
-  }
-  
-  if(kerberos && !encryption){
-    service="klogin";
-    port=htons(543);
-  }
-  return k_getportbyname (service, "tcp", port);
-}
-
-int
-get_shell_port(int kerberos, int encryption)
-{
-  char *service="shell";
-  int port=htons(514);
-
-  if(kerberos && encryption){
-    service="ekshell";
-    port=htons(545);
-  }
-  
-  if(kerberos && !encryption){
-    service="kshell";
-    port=htons(544);
-  }
-
-  return k_getportbyname (service, "tcp", port);
-}
-
-/* 
- * On reasonable systems, `cf[gs]et[io]speed' use values of bit/s
- * directly, and the following functions are just identity functions.
- * This is however a slower way of doing those
- * should-be-but-are-not-always idenity functions.  
- */
-
-static struct { int speed; int bps; } conv[] = {
-#ifdef B0
-    {B0, 0},
-#endif
-#ifdef B50
-    {B50, 50},
-#endif
-#ifdef B75
-    {B75, 75},
-#endif
-#ifdef B110
-    {B110, 110},
-#endif
-#ifdef B134
-    {B134, 134},
-#endif
-#ifdef B150
-    {B150, 150},
-#endif
-#ifdef B200
-    {B200, 200},
-#endif
-#ifdef B300
-    {B300, 300},
-#endif
-#ifdef B600
-    {B600, 600},
-#endif
-#ifdef B1200
-    {B1200, 1200},
-#endif
-#ifdef B1800
-    {B1800, 1800},
-#endif
-#ifdef B2400
-    {B2400, 2400},
-#endif
-#ifdef B4800
-    {B4800, 4800},
-#endif
-#ifdef B9600
-    {B9600, 9600},
-#endif
-#ifdef B19200
-    {B19200, 19200},
-#endif
-#ifdef B38400
-    {B38400, 38400},
-#endif
-#ifdef B57600
-    {B57600, 57600},
-#endif
-#ifdef B115200
-    {B115200, 115200},
-#endif
-#ifdef B153600
-    {B153600, 153600},
-#endif
-#ifdef B230400
-    {B230400, 230400},
-#endif
-#ifdef B307200
-    {B307200, 307200},
-#endif
-#ifdef B460800
-    {B460800, 460800},
-#endif
-};
-
-#define N (sizeof(conv)/sizeof(*conv))
-
-int
-speed_t2int (speed_t s)
-{
-  int l, r, m;
-
-  l = 0;
-  r = N - 1;
-  while(l <= r) {
-    m = (l + r) / 2;
-    if (conv[m].speed == s)
-      return conv[m].bps;
-    else if(conv[m].speed < s)
-      l = m + 1;
-    else
-      r = m - 1; 
-  }
-  return -1;
-}
-
-/*
- *
- */
-
-speed_t
-int2speed_t (int i)
-{
-  int l, r, m;
-
-  l = 0;
-  r = N - 1;
-  while(l <= r) {
-    m = (l + r) / 2;
-    if (conv[m].bps == i)
-      return conv[m].speed;
-    else if(conv[m].bps < i)
-      l = m + 1;
-    else
-      r = m - 1;
-  }
-  return -1;
-}
-
-/*
- * If there are any IP options on `sock', die.
- */
-
-void
-ip_options_and_die (int sock, struct sockaddr_in *fromp)
-{
-#if defined(IP_OPTIONS) && defined(HAVE_GETSOCKOPT)
-  u_char optbuf[BUFSIZ/3], *cp;
-  char lbuf[BUFSIZ], *lp;
-  int optsize = sizeof(optbuf), ipproto;
-  struct protoent *ip;
-
-  if ((ip = getprotobyname("ip")) != NULL)
-    ipproto = ip->p_proto;
-  else
-    ipproto = IPPROTO_IP;
-  if (getsockopt(sock, ipproto, IP_OPTIONS,
-		 (void *)optbuf, &optsize) == 0 &&
-      optsize != 0) {
-    lp = lbuf;
-    for (cp = optbuf; optsize > 0; cp++, optsize--, lp += 3)
-      snprintf(lp, sizeof(lbuf) - (lp - lbuf), " %2.2x", *cp);
-    syslog(LOG_NOTICE,
-	   "Connection received from %s using IP options (dead):%s",
-	   inet_ntoa(fromp->sin_addr), lbuf);
-    exit(1);
-  }
-#endif
-}
-
-void
-warning(const char *fmt, ...)
-{
-    char *rstar_no_warn = getenv("RSTAR_NO_WARN");
-    va_list args;
-
-    va_start(args, fmt);
-    if (rstar_no_warn == NULL)
-	rstar_no_warn = "";
-    if (strncmp(rstar_no_warn, "yes", 3) != 0) {
-	/* XXX */
-	fprintf(stderr, "%s: warning, using standard ", __progname);
-	warnx(fmt, args);
-    }
-    va_end(args);
-}
diff --git a/crypto/kerberosIV/appl/bsd/rcp.c b/crypto/kerberosIV/appl/bsd/rcp.c
deleted file mode 100644
index 6dfb4726680a..000000000000
--- a/crypto/kerberosIV/appl/bsd/rcp.c
+++ /dev/null
@@ -1,1019 +0,0 @@
-/*
- * Copyright (c) 1983, 1990, 1992, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "bsd_locl.h"
-
-RCSID("$Id: rcp.c,v 1.43 1997/05/13 09:41:26 bg Exp $");
-
-/* Globals */
-static char	dst_realm_buf[REALM_SZ];
-static char	*dest_realm = NULL;
-static int	use_kerberos = 1;
-
-static int	doencrypt = 0;
-#define	OPTIONS	"dfKk:prtx"
-
-static int errs, rem;
-static struct passwd *pwd;
-static u_short	port;
-static uid_t	userid;
-static int pflag, iamremote, iamrecursive, targetshouldbedirectory;
-
-#define	CMDNEEDS	64
-static char cmd[CMDNEEDS];		/* must hold "rcp -r -p -d\0" */
-
-void rsource(char *name, struct stat *statp);
-
-#define	SERVICE_NAME	"rcmd"
-
-CREDENTIALS cred;
-MSG_DAT msg_data;
-struct sockaddr_in foreign, local;
-Key_schedule schedule;
-
-KTEXT_ST ticket;
-AUTH_DAT kdata;
-
-static void
-send_auth(char *h, char *r)
-{
-    int lslen, fslen, status;
-    long opts;
-
-    lslen = sizeof(struct sockaddr_in);
-    if (getsockname(rem, (struct sockaddr *)&local, &lslen) < 0)
-	err(1, "getsockname");
-    fslen = sizeof(struct sockaddr_in);
-    if (getpeername(rem, (struct sockaddr *)&foreign, &fslen) < 0)
-	err(1, "getpeername");
-    if ((r == NULL) || (*r == '\0'))
-	r = krb_realmofhost(h);
-    opts = KOPT_DO_MUTUAL;
-    if ((status = krb_sendauth(opts, rem, &ticket, SERVICE_NAME, h, r, 
-			       (unsigned long)getpid(), &msg_data, &cred, 
-			       schedule, &local, 
-			       &foreign, "KCMDV0.1")) != KSUCCESS)
-	errx(1, "krb_sendauth failure: %s", krb_get_err_text(status));
-}
-
-static void
-answer_auth(void)
-{
-    int lslen, fslen, status;
-    long opts;
-    char inst[INST_SZ], v[9];
-
-    lslen = sizeof(struct sockaddr_in);
-    if (getsockname(rem, (struct sockaddr *)&local, &lslen) < 0)
-	err(1, "getsockname");
-    fslen = sizeof(struct sockaddr_in);
-    if(getpeername(rem, (struct sockaddr *)&foreign, &fslen) < 0)
-	    err(1, "getperrname");
-    k_getsockinst(rem, inst, sizeof(inst));
-    opts = KOPT_DO_MUTUAL;
-    if ((status = krb_recvauth(opts, rem, &ticket, SERVICE_NAME, inst,
-			       &foreign, &local, 
-			       &kdata, "", schedule, v)) != KSUCCESS)
-	errx(1, "krb_recvauth failure: %s", krb_get_err_text(status));
-}
-
-static int
-des_read(int fd, char *buf, int len)
-{
-    if (doencrypt)
-	return(des_enc_read(fd, buf, len, schedule, 
-			    (iamremote? &kdata.session : &cred.session)));
-    else
-	return(read(fd, buf, len));
-}
-
-static int
-des_write(int fd, char *buf, int len)
-{
-    if (doencrypt)
-	return(des_enc_write(fd, buf, len, schedule, 
-			     (iamremote? &kdata.session : &cred.session)));
-    else
-	return(write(fd, buf, len));
-}
-
-static void run_err(const char *fmt, ...)
-#ifdef __GNUC__
-__attribute__ ((format (printf, 1, 2)))
-#endif
-;
-
-
-static void
-run_err(const char *fmt, ...)
-{
-	char errbuf[1024];
-
-	va_list args;
-	va_start(args, fmt);
-	++errs;
-#define RCPERR "\001rcp: "
-	strcpy (errbuf, RCPERR);
-	vsnprintf (errbuf + strlen(RCPERR), sizeof(errbuf) - strlen(RCPERR),
-		   fmt, args);
-	strcat (errbuf, "\n");
-	des_write (rem, errbuf, strlen(errbuf));
-	if (!iamremote)
-		vwarnx(fmt, args);
-	va_end(args);
-}
-
-static void
-verifydir(char *cp)
-{
-	struct stat stb;
-
-	if (!stat(cp, &stb)) {
-		if (S_ISDIR(stb.st_mode))
-			return;
-		errno = ENOTDIR;
-	}
-	run_err("%s: %s", cp, strerror(errno));
-	exit(1);
-}
-
-#define ROUNDUP(x, y)   ((((x)+((y)-1))/(y))*(y))
-
-static BUF *
-allocbuf(BUF *bp, int fd, int blksize)
-{
-	struct stat stb;
-	size_t size;
-
-	if (fstat(fd, &stb) < 0) {
-		run_err("fstat: %s", strerror(errno));
-		return (0);
-	}
-#ifdef HAVE_ST_BLKSIZE
-	size = ROUNDUP(stb.st_blksize, blksize);
-#else
-	size = blksize;
-#endif
-	if (size == 0)
-		size = blksize;
-	if (bp->cnt >= size)
-		return (bp);
-	if (bp->buf == NULL)
-		bp->buf = malloc(size);
-	else
-		bp->buf = realloc(bp->buf, size);
-	if (bp->buf == NULL) {
-		bp->cnt = 0;
-		run_err("%s", strerror(errno));
-		return (0);
-	}
-	bp->cnt = size;
-	return (bp);
-}
-
-static void
-usage(void)
-{
-	fprintf(stderr, "%s\n\t%s\n",
-	    "usage: rcp [-Kpx] [-k realm] f1 f2",
-	    "or: rcp [-Kprx] [-k realm] f1 ... fn directory");
-	exit(1);
-}
-
-static void
-oldw(const char *s)
-{
-    char *rstar_no_warn = getenv("RSTAR_NO_WARN");
-    if (rstar_no_warn == 0)
-	rstar_no_warn = "";
-    if (strncmp(rstar_no_warn, "yes", 3) != 0)
-	warnx("%s, using standard rcp", s);
-}
-
-static RETSIGTYPE
-lostconn(int signo)
-{
-	if (!iamremote)
-		warnx("lost connection");
-	exit(1);
-}
-
-static int
-response(void)
-{
-	char ch, *cp, resp, rbuf[BUFSIZ];
-
-	if (des_read(rem, &resp, sizeof(resp)) != sizeof(resp))
-		lostconn(0);
-
-	cp = rbuf;
-	switch(resp) {
-	case 0:				/* ok */
-		return (0);
-	default:
-		*cp++ = resp;
-		/* FALLTHROUGH */
-	case 1:				/* error, followed by error msg */
-	case 2:				/* fatal error, "" */
-		do {
-			if (des_read(rem, &ch, sizeof(ch)) != sizeof(ch))
-				lostconn(0);
-			*cp++ = ch;
-		} while (cp < &rbuf[BUFSIZ] && ch != '\n');
-
-		if (!iamremote)
-			write(STDERR_FILENO, rbuf, cp - rbuf);
-		++errs;
-		if (resp == 1)
-			return (-1);
-		exit(1);
-	}
-	/* NOTREACHED */
-}
-
-static void
-source(int argc, char **argv)
-{
-	struct stat stb;
-	static BUF buffer;
-	BUF *bp;
-	off_t i;
-	int amt, fd, haderr, indx, result;
-	char *last, *name, buf[BUFSIZ];
-
-	for (indx = 0; indx < argc; ++indx) {
-                name = argv[indx];
-		if ((fd = open(name, O_RDONLY, 0)) < 0)
-			goto syserr;
-		if (fstat(fd, &stb)) {
-syserr:			run_err("%s: %s", name, strerror(errno));
-			goto next;
-		}
-		switch (stb.st_mode & S_IFMT) {
-		case S_IFREG:
-			break;
-		case S_IFDIR:
-			if (iamrecursive) {
-				rsource(name, &stb);
-				goto next;
-			}
-			/* FALLTHROUGH */
-		default:
-			run_err("%s: not a regular file", name);
-			goto next;
-		}
-		if ((last = strrchr(name, '/')) == NULL)
-			last = name;
-		else
-			++last;
-		if (pflag) {
-			/*
-			 * Make it compatible with possible future
-			 * versions expecting microseconds.
-			 */
-			snprintf(buf, sizeof(buf), "T%ld 0 %ld 0\n",
-			    (long)stb.st_mtime, (long)stb.st_atime);
-			des_write(rem, buf, strlen(buf));
-			if (response() < 0)
-				goto next;
-		}
-		snprintf(buf, sizeof(buf), "C%04o %ld %s\n",
-		    (int)stb.st_mode & MODEMASK, (long) stb.st_size, last);
-		des_write(rem, buf, strlen(buf));
-		if (response() < 0)
-			goto next;
-		if ((bp = allocbuf(&buffer, fd, BUFSIZ)) == NULL) {
-next:			close(fd);
-			continue;
-		}
-
-		/* Keep writing after an error so that we stay sync'd up. */
-		for (haderr = i = 0; i < stb.st_size; i += bp->cnt) {
-			amt = bp->cnt;
-			if (i + amt > stb.st_size)
-				amt = stb.st_size - i;
-			if (!haderr) {
-				result = read(fd, bp->buf, amt);
-				if (result != amt)
-					haderr = result >= 0 ? EIO : errno;
-			}
-			if (haderr)
-				des_write(rem, bp->buf, amt);
-			else {
-				result = des_write(rem, bp->buf, amt);
-				if (result != amt)
-					haderr = result >= 0 ? EIO : errno;
-			}
-		}
-		if (close(fd) && !haderr)
-			haderr = errno;
-		if (!haderr)
-			des_write(rem, "", 1);
-		else
-			run_err("%s: %s", name, strerror(haderr));
-		response();
-	}
-}
-
-void
-rsource(char *name, struct stat *statp)
-{
-	DIR *dirp;
-	struct dirent *dp;
-	char *last, *vect[1], path[MaxPathLen];
-
-	if (!(dirp = opendir(name))) {
-		run_err("%s: %s", name, strerror(errno));
-		return;
-	}
-	last = strrchr(name, '/');
-	if (last == 0)
-		last = name;
-	else
-		last++;
-	if (pflag) {
-		snprintf(path, sizeof(path), "T%ld 0 %ld 0\n",
-		    (long)statp->st_mtime, (long)statp->st_atime);
-		des_write(rem, path, strlen(path));
-		if (response() < 0) {
-			closedir(dirp);
-			return;
-		}
-	}
-	snprintf(path, sizeof(path),
-		 "D%04o %d %s\n", (int)statp->st_mode & MODEMASK, 0, last);
-	des_write(rem, path, strlen(path));
-	if (response() < 0) {
-		closedir(dirp);
-		return;
-	}
-	while ((dp = readdir(dirp))) {
-		if (dp->d_ino == 0)
-			continue;
-		if (!strcmp(dp->d_name, ".") || !strcmp(dp->d_name, ".."))
-			continue;
-		if (strlen(name) + 1 + strlen(dp->d_name) >= MaxPathLen - 1) {
-			run_err("%s/%s: name too long", name, dp->d_name);
-			continue;
-		}
-		if (snprintf(path, sizeof(path),
-			     "%s/%s", name, dp->d_name) >= sizeof(path)) {
-			run_err("%s/%s: name too long", name, dp->d_name);
-			continue;
-		}
-		vect[0] = path;
-		source(1, vect);
-	}
-	closedir(dirp);
-	des_write(rem, "E\n", 2);
-	response();
-}
-
-static int
-kerberos(char **host, char *bp, char *locuser, char *user)
-{
-        int sock = -1, err;
-again:
-	if (use_kerberos) {
-		rem = KSUCCESS;
-		errno = 0;
-		if (dest_realm == NULL)
-			dest_realm = krb_realmofhost(*host);
-
-#if 0
-		rem = krcmd(host, port, user, bp, 0, dest_realm);
-#else
-		err = kcmd(
-		    &sock,
-		    host,
-		    port,
-		    NULL,	/* locuser not used */
-		    user,
-		    bp,
-		    0,
-		    &ticket,
-		    SERVICE_NAME,
-		    dest_realm,
-		    (CREDENTIALS *) NULL, /* credentials not used */
-		    0,		/* key schedule not used */
-		    (MSG_DAT *) NULL, /* MSG_DAT not used */
-		    (struct sockaddr_in *) NULL, /* local addr not used */
-		    (struct sockaddr_in *) NULL, /* foreign addr not used */
-		    0L);	/* authopts */
-		if (err > KSUCCESS && err < MAX_KRB_ERRORS) {
-		    warnx("kcmd: %s", krb_get_err_text(err));
-		    rem = -1;
-		} else if (err < 0)
-		    rem = -1;
-		else
-		    rem = sock;
-#endif
-		if (rem < 0) {
-			use_kerberos = 0;
-			port = get_shell_port(use_kerberos, 0);
-			if (errno == ECONNREFUSED)
-			    oldw("remote host doesn't support Kerberos");
-			else if (errno == ENOENT)
-			    oldw("can't provide Kerberos authentication data");
-			goto again;
-		}
-	} else {
-		if (doencrypt)
-			errx(1,
-			   "the -x option requires Kerberos authentication");
-		if (geteuid() != 0) {
-		    errx(1, "not installed setuid root, "
-			 "only root may use non kerberized rcp");
-		}
-		rem = rcmd(host, port, locuser, user, bp, 0);
-	}
-	return (rem);
-}
-
-static void
-toremote(char *targ, int argc, char **argv)
-{
-	int i, len;
-#ifdef IP_TOS
-	int tos;
-#endif
-	char *bp, *host, *src, *suser, *thost, *tuser;
-
-	*targ++ = 0;
-	if (*targ == 0)
-		targ = ".";
-
-	if ((thost = strchr(argv[argc - 1], '@'))) {
-		/* user@host */
-		*thost++ = 0;
-		tuser = argv[argc - 1];
-		if (*tuser == '\0')
-			tuser = NULL;
-		else if (!okname(tuser))
-			exit(1);
-	} else {
-		thost = argv[argc - 1];
-		tuser = NULL;
-	}
-
-	for (i = 0; i < argc - 1; i++) {
-		src = colon(argv[i]);
-		if (src) {			/* remote to remote */
-			*src++ = 0;
-			if (*src == 0)
-				src = ".";
-			host = strchr(argv[i], '@');
-			len = strlen(_PATH_RSH) + strlen(argv[i]) +
-			    strlen(src) + (tuser ? strlen(tuser) : 0) +
-			    strlen(thost) + strlen(targ) + CMDNEEDS + 20;
-			if (!(bp = malloc(len)))
-				err(1, " ");
-			if (host) {
-				*host++ = 0;
-				suser = argv[i];
-				if (*suser == '\0')
-					suser = pwd->pw_name;
-				else if (!okname(suser))
-					continue;
-				snprintf(bp, len,
-					 "%s %s -l %s -n %s %s '%s%s%s:%s'",
-					 _PATH_RSH, host, suser, cmd, src,
-					 tuser ? tuser : "", tuser ? "@" : "",
-					 thost, targ);
-			} else
-				snprintf(bp, len,
-					 "exec %s %s -n %s %s '%s%s%s:%s'",
-					 _PATH_RSH, argv[i], cmd, src,
-					 tuser ? tuser : "", tuser ? "@" : "",
-					 thost, targ);
-			susystem(bp, userid);
-			free(bp);
-		} else {			/* local to remote */
-			if (rem == -1) {
-				len = strlen(targ) + CMDNEEDS + 20;
-				if (!(bp = malloc(len)))
-					err(1, " ");
-				snprintf(bp, len, "%s -t %s", cmd, targ);
-				host = thost;
-				if (use_kerberos)
-					rem = kerberos(&host, bp,
-#ifdef __CYGWIN32__
-						       tuser,
-#else
-					    pwd->pw_name,
-#endif
-					    tuser ? tuser : pwd->pw_name);
-				else
-					rem = rcmd(&host, port,
-#ifdef __CYGWIN32__
-						   tuser,
-#else
-						   pwd->pw_name,
-#endif
-					    tuser ? tuser : pwd->pw_name,
-					    bp, 0);
-				if (rem < 0)
-					exit(1);
-#if defined(IP_TOS) && defined(HAVE_SETSOCKOPT)
-				tos = IPTOS_THROUGHPUT;
-				if (setsockopt(rem, IPPROTO_IP, IP_TOS,
-				    (void *)&tos, sizeof(int)) < 0)
-					warn("TOS (ignored)");
-#endif /* IP_TOS */
-				if (doencrypt)
-				    send_auth(host, dest_realm);
-				if (response() < 0)
-					exit(1);
-				free(bp);
-				setuid(userid);
-			}
-			source(1, argv+i);
-		}
-	}
-}
-
-static void
-sink(int argc, char **argv)
-{
-	static BUF buffer;
-	struct stat stb;
-	struct timeval tv[2];
-	enum { YES, NO, DISPLAYED } wrerr;
-	BUF *bp;
-	off_t i, j;
-	int amt, count, exists, first, mask, mode, ofd, omode;
-	int setimes, size, targisdir, wrerrno=0;
-	char ch, *cp, *np, *targ, *why, *vect[1], buf[BUFSIZ];
-
-#define	atime	tv[0]
-#define	mtime	tv[1]
-#define	SCREWUP(str)	{ why = str; goto screwup; }
-
-	setimes = targisdir = 0;
-	mask = umask(0);
-	if (!pflag)
-		umask(mask);
-	if (argc != 1) {
-		run_err("ambiguous target");
-		exit(1);
-	}
-	targ = *argv;
-	if (targetshouldbedirectory)
-		verifydir(targ);
-	des_write(rem, "", 1);
-	if (stat(targ, &stb) == 0 && S_ISDIR(stb.st_mode))
-		targisdir = 1;
-	for (first = 1;; first = 0) {
-		cp = buf;
-		if (des_read(rem, cp, 1) <= 0)
-			return;
-		if (*cp++ == '\n')
-			SCREWUP("unexpected <newline>");
-		do {
-			if (des_read(rem, &ch, sizeof(ch)) != sizeof(ch))
-				SCREWUP("lost connection");
-			*cp++ = ch;
-		} while (cp < &buf[BUFSIZ - 1] && ch != '\n');
-		*cp = 0;
-
-		if (buf[0] == '\01' || buf[0] == '\02') {
-			if (iamremote == 0)
-				write(STDERR_FILENO,
-				    buf + 1, strlen(buf + 1));
-			if (buf[0] == '\02')
-				exit(1);
-			++errs;
-			continue;
-		}
-		if (buf[0] == 'E') {
-			des_write(rem, "", 1);
-			return;
-		}
-
-		if (ch == '\n')
-			*--cp = 0;
-
-#define getnum(t) (t) = 0; while (isdigit(*cp)) (t) = (t) * 10 + (*cp++ - '0');
-		cp = buf;
-		if (*cp == 'T') {
-			setimes++;
-			cp++;
-			getnum(mtime.tv_sec);
-			if (*cp++ != ' ')
-				SCREWUP("mtime.sec not delimited");
-			getnum(mtime.tv_usec);
-			if (*cp++ != ' ')
-				SCREWUP("mtime.usec not delimited");
-			getnum(atime.tv_sec);
-			if (*cp++ != ' ')
-				SCREWUP("atime.sec not delimited");
-			getnum(atime.tv_usec);
-			if (*cp++ != '\0')
-				SCREWUP("atime.usec not delimited");
-			des_write(rem, "", 1);
-			continue;
-		}
-		if (*cp != 'C' && *cp != 'D') {
-			/*
-			 * Check for the case "rcp remote:foo\* local:bar".
-			 * In this case, the line "No match." can be returned
-			 * by the shell before the rcp command on the remote is
-			 * executed so the ^Aerror_message convention isn't
-			 * followed.
-			 */
-			if (first) {
-				run_err("%s", cp);
-				exit(1);
-			}
-			SCREWUP("expected control record");
-		}
-		mode = 0;
-		for (++cp; cp < buf + 5; cp++) {
-			if (*cp < '0' || *cp > '7')
-				SCREWUP("bad mode");
-			mode = (mode << 3) | (*cp - '0');
-		}
-		if (*cp++ != ' ')
-			SCREWUP("mode not delimited");
-
-		for (size = 0; isdigit(*cp);)
-			size = size * 10 + (*cp++ - '0');
-		if (*cp++ != ' ')
-			SCREWUP("size not delimited");
-		if (targisdir) {
-			static char *namebuf;
-			static int cursize;
-			size_t need;
-
-			need = strlen(targ) + strlen(cp) + 250;
-			if (need > cursize) {
-				if (!(namebuf = malloc(need)))
-					run_err("%s", strerror(errno));
-			}
-			snprintf(namebuf, need, "%s%s%s", targ,
-			    *targ ? "/" : "", cp);
-			np = namebuf;
-		} else
-			np = targ;
-		exists = stat(np, &stb) == 0;
-		if (buf[0] == 'D') {
-			int mod_flag = pflag;
-			if (exists) {
-				if (!S_ISDIR(stb.st_mode)) {
-					errno = ENOTDIR;
-					goto bad;
-				}
-				if (pflag)
-					chmod(np, mode);
-			} else {
-				/* Handle copying from a read-only directory */
-				mod_flag = 1;
-				if (mkdir(np, mode | S_IRWXU) < 0)
-					goto bad;
-			}
-			vect[0] = np;
-			sink(1, vect);
-			if (setimes) {
-			        struct utimbuf times;
-				times.actime = atime.tv_sec;
-				times.modtime = mtime.tv_sec;
-				setimes = 0;
-				if (utime(np, &times) < 0)
-				    run_err("%s: set times: %s",
-					    np, strerror(errno));
-			}
-			if (mod_flag)
-				chmod(np, mode);
-			continue;
-		}
-		omode = mode;
-		mode |= S_IWRITE;
-		if ((ofd = open(np, O_WRONLY|O_CREAT, mode)) < 0) {
-bad:			run_err("%s: %s", np, strerror(errno));
-			continue;
-		}
-		des_write(rem, "", 1);
-		if ((bp = allocbuf(&buffer, ofd, BUFSIZ)) == NULL) {
-			close(ofd);
-			continue;
-		}
-		cp = bp->buf;
-		wrerr = NO;
-		for (count = i = 0; i < size; i += BUFSIZ) {
-			amt = BUFSIZ;
-			if (i + amt > size)
-				amt = size - i;
-			count += amt;
-			do {
-				j = des_read(rem, cp, amt);
-				if (j <= 0) {
-					run_err("%s", j ? strerror(errno) :
-						"dropped connection");
-					exit(1);
-				}
-				amt -= j;
-				cp += j;
-			} while (amt > 0);
-			if (count == bp->cnt) {
-				/* Keep reading so we stay sync'd up. */
-				if (wrerr == NO) {
-					j = write(ofd, bp->buf, count);
-					if (j != count) {
-						wrerr = YES;
-						wrerrno = j >= 0 ? EIO : errno; 
-					}
-				}
-				count = 0;
-				cp = bp->buf;
-			}
-		}
-		if (count != 0 && wrerr == NO &&
-		    (j = write(ofd, bp->buf, count)) != count) {
-			wrerr = YES;
-			wrerrno = j >= 0 ? EIO : errno; 
-		}
-		if (ftruncate(ofd, size)) {
-			run_err("%s: truncate: %s", np, strerror(errno));
-			wrerr = DISPLAYED;
-		}
-		if (pflag) {
-			if (exists || omode != mode)
-#ifdef HAVE_FCHMOD
-				if (fchmod(ofd, omode))
-#else
-				if (chmod(np, omode))
-#endif
-					run_err("%s: set mode: %s",
-						np, strerror(errno));
-		} else {
-			if (!exists && omode != mode)
-#ifdef HAVE_FCHMOD
-				if (fchmod(ofd, omode & ~mask))
-#else
-				if (chmod(np, omode & ~mask))
-#endif
-					run_err("%s: set mode: %s",
-						np, strerror(errno));
-		}
-		close(ofd);
-		response();
-		if (setimes && wrerr == NO) {
-		        struct utimbuf times;
-			times.actime = atime.tv_sec;
-			times.modtime = mtime.tv_sec;
-			setimes = 0;
-			if (utime(np, &times) < 0) {
-				run_err("%s: set times: %s",
-					np, strerror(errno));
-				wrerr = DISPLAYED;
-			}
-		}
-		switch(wrerr) {
-		case YES:
-			run_err("%s: %s", np, strerror(wrerrno));
-			break;
-		case NO:
-			des_write(rem, "", 1);
-			break;
-		case DISPLAYED:
-			break;
-		}
-	}
-screwup:
-	run_err("protocol error: %s", why);
-	exit(1);
-}
-
-static void
-tolocal(int argc, char **argv)
-{
-	int i, len;
-#ifdef IP_TOS
-	int tos;
-#endif
-	char *bp, *host, *src, *suser;
-
-	for (i = 0; i < argc - 1; i++) {
-		if (!(src = colon(argv[i]))) {		/* Local to local. */
-			len = strlen(_PATH_CP) + strlen(argv[i]) +
-			    strlen(argv[argc - 1]) + 20;
-			if (!(bp = malloc(len)))
-				err(1, " ");
-			snprintf(bp, len, "exec %s%s%s %s %s", _PATH_CP,
-				 iamrecursive ? " -r" : "", pflag ? " -p" : "",
-				 argv[i], argv[argc - 1]);
-			if (susystem(bp, userid))
-				++errs;
-			free(bp);
-			continue;
-		}
-		*src++ = 0;
-		if (*src == 0)
-			src = ".";
-		if ((host = strchr(argv[i], '@')) == NULL) {
-#ifdef __CYGWIN32__
-			errx (1, "Sorry, you need to specify the username");
-#else
-			host = argv[i];
-			suser = pwd->pw_name;
-#endif
-		} else {
-			*host++ = 0;
-			suser = argv[i];
-			if (*suser == '\0')
-#ifdef __CYGWIN32__
-			errx (1, "Sorry, you need to specify the username");
-#else
-				suser = pwd->pw_name;
-#endif
-			else if (!okname(suser))
-				continue;
-		}
-		len = strlen(src) + CMDNEEDS + 20;
-		if ((bp = malloc(len)) == NULL)
-			err(1, " ");
-		snprintf(bp, len, "%s -f %s", cmd, src);
-		rem = 
-		    use_kerberos ? 
-			kerberos(&host, bp,
-#ifndef __CYGWIN32__
-				 pwd->pw_name,
-#else
-				 suser,
-#endif
-				 suser) : 
-			rcmd(&host, port,
-#ifndef __CYGWIN32__
-			     pwd->pw_name,
-#else
-			     suser,
-#endif
-			     suser, bp, 0);
-		free(bp);
-		if (rem < 0) {
-			++errs;
-			continue;
-		}
-		seteuid(userid);
-#if defined(IP_TOS) && defined(HAVE_SETSOCKOPT)
-		tos = IPTOS_THROUGHPUT;
-		if (setsockopt(rem, IPPROTO_IP, IP_TOS, (void *)&tos,
-			       sizeof(int)) < 0)
-			warn("TOS (ignored)");
-#endif /* IP_TOS */
-		if (doencrypt)
-			send_auth(host, dest_realm);
-		sink(1, argv + argc - 1);
-		seteuid(0);
-		close(rem);
-		rem = -1;
-	}
-}
-
-
-int
-main(int argc, char **argv)
-{
-	int ch, fflag, tflag;
-	char *targ;
-
-	set_progname(argv[0]);
-	fflag = tflag = 0;
-	while ((ch = getopt(argc, argv, OPTIONS)) != EOF)
-		switch(ch) {			/* User-visible flags. */
-		case 'K':
-			use_kerberos = 0;
-			break;
-		case 'k':
-			dest_realm = dst_realm_buf;
-			strncpy(dst_realm_buf, optarg, REALM_SZ);
-			break;
-		case 'x':
-			doencrypt = 1;
-			LEFT_JUSTIFIED = 1;
-			break;
-		case 'p':
-			pflag = 1;
-			break;
-		case 'r':
-			iamrecursive = 1;
-			break;
-						/* Server options. */
-		case 'd':
-			targetshouldbedirectory = 1;
-			break;
-		case 'f':			/* "from" */
-			iamremote = 1;
-			fflag = 1;
-			break;
-		case 't':			/* "to" */
-			iamremote = 1;
-			tflag = 1;
-			break;
-		case '?':
-		default:
-			usage();
-		}
-	argc -= optind;
-	argv += optind;
-
-	/* Rcp implements encrypted file transfer without using the
-	 * kshell service, pass 0 for no encryption */
-	port = get_shell_port(use_kerberos, 0);
-
-#ifndef __CYGWIN32__
-	if ((pwd = k_getpwuid(userid = getuid())) == NULL)
-		errx(1, "unknown user %d", (int)userid);
-#endif
-
-	rem = STDIN_FILENO;		/* XXX */
-
-	if (fflag) {			/* Follow "protocol", send data. */
-		if (doencrypt)
-			answer_auth();
-		response();
-		setuid(userid);
-		if (k_hasafs()) {
-		       /* Sometimes we will need cell specific tokens
-			* to be able to read and write files, thus,
-			* the token stuff done in rshd might not
-			* suffice.
-			*/
-			char cell[64];
-			if (k_afs_cell_of_file(pwd->pw_dir,
-					       cell, sizeof(cell)) == 0)
-				k_afsklog(cell, 0);
-			k_afsklog(0, 0);
-		}
-		source(argc, argv);
-		exit(errs);
-	}
-
-	if (tflag) {			/* Receive data. */
-		if (doencrypt)
-			answer_auth();
-		setuid(userid);
-		if (k_hasafs()) {
-			char cell[64];
-			if (k_afs_cell_of_file(pwd->pw_dir,
-					       cell, sizeof(cell)) == 0)
-				k_afsklog(cell, 0);
-			k_afsklog(0, 0);
-		}
-		sink(argc, argv);
-		exit(errs);
-	}
-
-	if (argc < 2)
-		usage();
-	if (argc > 2)
-		targetshouldbedirectory = 1;
-
-	rem = -1;
-	/* Command to be executed on remote system using "rsh". */
-	snprintf(cmd, sizeof(cmd),
-		 "rcp%s%s%s%s", iamrecursive ? " -r" : "",
-		 (doencrypt && use_kerberos ? " -x" : ""),
-		 pflag ? " -p" : "", targetshouldbedirectory ? " -d" : "");
-
-	signal(SIGPIPE, lostconn);
-
-	if ((targ = colon(argv[argc - 1])))	/* Dest is remote host. */
-		toremote(targ, argc, argv);
-	else {
-		tolocal(argc, argv);		/* Dest is local host. */
-		if (targetshouldbedirectory)
-			verifydir(argv[argc - 1]);
-	}
-	exit(errs);
-}
diff --git a/crypto/kerberosIV/appl/bsd/rcp_util.c b/crypto/kerberosIV/appl/bsd/rcp_util.c
deleted file mode 100644
index 6f0c5f06ea06..000000000000
--- a/crypto/kerberosIV/appl/bsd/rcp_util.c
+++ /dev/null
@@ -1,97 +0,0 @@
-/*-
- * Copyright (c) 1992, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "bsd_locl.h"
-
-RCSID("$Id: rcp_util.c,v 1.7 1996/11/17 20:23:05 assar Exp $");
-
-char *
-colon(char *cp)
-{
-	if (*cp == ':')		/* Leading colon is part of file name. */
-		return (0);
-
-	for (; *cp; ++cp) {
-		if (*cp == ':')
-			return (cp);
-		if (*cp == '/')
-			return (0);
-	}
-	return (0);
-}
-
-int
-okname(char *cp0)
-{
-	int c;
-	char *cp;
-
-	cp = cp0;
-	do {
-		c = *cp;
-		if (c & 0200)
-			goto bad;
-		if (!isalpha(c) && !isdigit(c) && c != '_' && c != '-')
-			goto bad;
-	} while (*++cp);
-	return (1);
-
-bad:	warnx("%s: invalid user name", cp0);
-	return (0);
-}
-
-int
-susystem(char *s, int userid)
-{
-        RETSIGTYPE (*istat)(), (*qstat)();
-	int status;
-	pid_t pid;
-
-	pid = fork();
-	switch (pid) {
-	case -1:
-		return (127);
-	
-	case 0:
-		setuid(userid);
-		execl(_PATH_BSHELL, "sh", "-c", s, NULL);
-		_exit(127);
-	}
-	istat = signal(SIGINT, SIG_IGN);
-	qstat = signal(SIGQUIT, SIG_IGN);
-	if (waitpid(pid, &status, 0) < 0)
-		status = -1;
-	signal(SIGINT, istat);
-	signal(SIGQUIT, qstat);
-	return (status);
-}
diff --git a/crypto/kerberosIV/appl/bsd/rlogin.c b/crypto/kerberosIV/appl/bsd/rlogin.c
deleted file mode 100644
index 27aa8f032d37..000000000000
--- a/crypto/kerberosIV/appl/bsd/rlogin.c
+++ /dev/null
@@ -1,707 +0,0 @@
-/*
- * Copyright (c) 1983, 1990, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/*
- * rlogin - remote login
- */
-#include "bsd_locl.h"
-
-RCSID("$Id: rlogin.c,v 1.61 1997/05/25 01:14:47 assar Exp $");
-
-CREDENTIALS cred;
-Key_schedule schedule;
-int use_kerberos = 1, doencrypt;
-char dst_realm_buf[REALM_SZ], *dest_realm = NULL;
-
-#ifndef CCEQ
-#define c2uc(x) ((unsigned char) x)
-#define CCEQ__(val, c)	(c == val ? val != c2uc(_POSIX_VDISABLE) : 0)
-#define CCEQ(val, c) CCEQ__(c2uc(val), c2uc(c))
-#endif
-
-int eight, rem;
-struct termios deftty;
-
-int noescape;
-char escapechar = '~';
-
-struct	winsize winsize;
-
-int parent, rcvcnt;
-char rcvbuf[8 * 1024];
-
-int child;
-
-static void
-echo(char c)
-{
-	char *p;
-	char buf[8];
-
-	p = buf;
-	c &= 0177;
-	*p++ = escapechar;
-	if (c < ' ') {
-		*p++ = '^';
-		*p++ = c + '@';
-	} else if (c == 0177) {
-		*p++ = '^';
-		*p++ = '?';
-	} else
-		*p++ = c;
-	*p++ = '\r';
-	*p++ = '\n';
-	write(STDOUT_FILENO, buf, p - buf);
-}
-
-static void
-mode(int f)
-{
-	struct termios tty;
-
-	switch (f) {
-	case 0:
-		tcsetattr(0, TCSANOW, &deftty);
-		break;
-	case 1:
-		tcgetattr(0, &deftty);
-		tty = deftty;
-		/* This is loosely derived from sys/compat/tty_compat.c. */
-		tty.c_lflag &= ~(ECHO|ICANON|ISIG|IEXTEN);
-		tty.c_iflag &= ~ICRNL;
-		tty.c_oflag &= ~OPOST;
-		tty.c_cc[VMIN] = 1;
-		tty.c_cc[VTIME] = 0;
-		if (eight) {
-			tty.c_iflag &= IXOFF;
-			tty.c_cflag &= ~(CSIZE|PARENB);
-			tty.c_cflag |= CS8;
-		}
-		tcsetattr(0, TCSANOW, &tty);
-		break;
-	default:
-		return;
-	}
-}
-
-static void
-done(int status)
-{
-	int w, wstatus;
-
-	mode(0);
-	if (child > 0) {
-		/* make sure catch_child does not snap it up */
-		signal(SIGCHLD, SIG_DFL);
-		if (kill(child, SIGKILL) >= 0)
-			while ((w = wait(&wstatus)) > 0 && w != child);
-	}
-	exit(status);
-}
-
-static
-RETSIGTYPE
-catch_child(int foo)
-{
-	int status;
-	int pid;
-
-	for (;;) {
-		pid = waitpid(-1, &status, WNOHANG|WUNTRACED);
-		if (pid == 0)
-			return;
-		/* if the child (reader) dies, just quit */
-		if (pid < 0 || (pid == child && !WIFSTOPPED(status)))
-			done(WTERMSIG(status) | WEXITSTATUS(status));
-	}
-	/* NOTREACHED */
-}
-
-/*
- * There is a race in the SunOS5 rlogind. If the slave end has not yet
- * been opened by the child when setting tty size the size is reset to
- * zero when the child opens it. Therefore we send the window update
- * twice.
- */
-
-static int tty_kludge = 1;
-
-/* Return the number of OOB bytes processed. */
-static int
-oob_real(void)
-{
-	struct termios tty;
-	int atmark, n, out, rcvd;
-	char waste[BUFSIZ], mark;
-
-	out = O_RDWR;
-	rcvd = 0;
-	if (recv(rem, &mark, 1, MSG_OOB) < 0) {
-		return -1;
-	}
-	if (mark & TIOCPKT_WINDOW) {
-		/* Let server know about window size changes */
-		kill(parent, SIGUSR1);
-	} else if (tty_kludge) {
-		/* Let server know about window size changes */
-		kill(parent, SIGUSR1);
-		tty_kludge = 0;
-	}
-	if (!eight && (mark & TIOCPKT_NOSTOP)) {
-		tcgetattr(0, &tty);
-		tty.c_iflag &= ~IXON;
-		tcsetattr(0, TCSANOW, &tty);
-	}
-	if (!eight && (mark & TIOCPKT_DOSTOP)) {
-		tcgetattr(0, &tty);
-		tty.c_iflag |= (deftty.c_iflag & IXON);
-		tcsetattr(0, TCSANOW, &tty);
-	}
-	if (mark & TIOCPKT_FLUSHWRITE) {
-#ifdef TCOFLUSH
-		tcflush(1, TCOFLUSH);
-#else
-		ioctl(1, TIOCFLUSH, (char *)&out);
-#endif
-		for (;;) {
-			if (ioctl(rem, SIOCATMARK, &atmark) < 0) {
-			    warn("ioctl");
-			    break;
-			}
-			if (atmark)
-				break;
-			n = read(rem, waste, sizeof (waste));
-			if (n <= 0)
-				break;
-		}
-		/*
-		 * Don't want any pending data to be output, so clear the recv
-		 * buffer.  If we were hanging on a write when interrupted,
-		 * don't want it to restart.  If we were reading, restart
-		 * anyway.
-		 */
-		rcvcnt = 0;
-	}
-
-	/* oob does not do FLUSHREAD (alas!) */
-	return 1;
-}
-
-/* reader: read from remote: line -> 1 */
-static int
-reader(void)
-{
-	int n, remaining;
-	char *bufp;
-	int kludgep = 1;
-
-	bufp = rcvbuf;
-	for (;;) {
-	        fd_set readfds, exceptfds;
-		while ((remaining = rcvcnt - (bufp - rcvbuf)) > 0) {
-			n = write(STDOUT_FILENO, bufp, remaining);
-			if (n < 0) {
-				if (errno != EINTR)
-					return (-1);
-				continue;
-			}
-			bufp += n;
-		}
-		bufp = rcvbuf;
-		rcvcnt = 0;
-
-		FD_ZERO (&readfds);
-		FD_SET (rem, &readfds);
-		FD_ZERO (&exceptfds);
-		if (kludgep)
-		  FD_SET (rem, &exceptfds);
-		if (select(rem+1, &readfds, 0, &exceptfds, 0) == -1) {
-		    if (errno == EINTR)
-			continue; /* Got signal */
-		    else
-			errx(1, "select failed mysteriously");
-		}
-
-		if (!FD_ISSET(rem, &exceptfds) && !FD_ISSET(rem, &readfds)) {
-		    warnx("select: nothing to read?");
-		    continue;
-		  }
-
-		if (FD_ISSET(rem, &exceptfds)) {
-		  int foo = oob_real ();
-		  if (foo >= 1)
-		    continue;	/* First check if there is more OOB data. */
-		  else if (foo < 0)
-		    kludgep = 0;
-		}
-
-		if (!FD_ISSET(rem, &readfds))
-		    continue;	/* Nothing to read. */
-
-		kludgep = 1;
-#ifndef NOENCRYPTION
-		if (doencrypt)
-			rcvcnt = des_enc_read(rem, rcvbuf,
-					      sizeof(rcvbuf),
-					      schedule, &cred.session);
-		else
-#endif
-			rcvcnt = read(rem, rcvbuf, sizeof (rcvbuf));
-		if (rcvcnt == 0)
-			return (0);
-		if (rcvcnt < 0) {
-			if (errno == EINTR)
-				continue;
-			warn("read");
-			return (-1);
-		}
-	}
-}
-
-/*
- * Send the window size to the server via the magic escape
- */
-static void
-sendwindow(void)
-{
-	char obuf[4 + 4 * sizeof (u_int16_t)];
-	unsigned short *p;
-
-	p = (u_int16_t *)(obuf + 4);
-	obuf[0] = 0377;
-	obuf[1] = 0377;
-	obuf[2] = 's';
-	obuf[3] = 's';
-	*p++ = htons(winsize.ws_row);
-	*p++ = htons(winsize.ws_col);
-#ifdef HAVE_WS_XPIXEL
-	*p++ = htons(winsize.ws_xpixel);
-#else
-	*p++ = htons(0);
-#endif	
-#ifdef HAVE_WS_YPIXEL
-	*p++ = htons(winsize.ws_ypixel);
-#else
-	*p++ = htons(0);
-#endif	
-
-#ifndef NOENCRYPTION
-	if(doencrypt)
-		des_enc_write(rem, obuf, sizeof(obuf), schedule,
-			      &cred.session);
-	else
-#endif
-		write(rem, obuf, sizeof(obuf));
-}
-
-static
-RETSIGTYPE
-sigwinch(int foo)
-{
-	struct winsize ws;
-
-	if (get_window_size(0, &ws) == 0 &&
-	    memcmp(&ws, &winsize, sizeof(ws))) {
-		winsize = ws;
-		sendwindow();
-	}
-}
-
-static void
-stop(int all)
-{
-	mode(0);
-	signal(SIGCHLD, SIG_IGN);
-	kill(all ? 0 : getpid(), SIGTSTP);
-	signal(SIGCHLD, catch_child);
-	mode(1);
-#ifdef SIGWINCH
-	kill(SIGWINCH, getpid()); /* check for size changes, if caught */
-#endif
-}
-
-/*
- * writer: write to remote: 0 -> line.
- * ~.				terminate
- * ~^Z				suspend rlogin process.
- * ~<delayed-suspend char>	suspend rlogin process, but leave reader alone.
- */
-static void
-writer(void)
-{
-	int bol, local, n;
-	char c;
-
-	bol = 1;			/* beginning of line */
-	local = 0;
-	for (;;) {
-		n = read(STDIN_FILENO, &c, 1);
-		if (n <= 0) {
-			if (n < 0 && errno == EINTR)
-				continue;
-			break;
-		}
-		/*
-		 * If we're at the beginning of the line and recognize a
-		 * command character, then we echo locally.  Otherwise,
-		 * characters are echo'd remotely.  If the command character
-		 * is doubled, this acts as a force and local echo is
-		 * suppressed.
-		 */
-		if (bol) {
-			bol = 0;
-			if (!noescape && c == escapechar) {
-				local = 1;
-				continue;
-			}
-		} else if (local) {
-			local = 0;
-			if (c == '.' || CCEQ(deftty.c_cc[VEOF], c)) {
-				echo(c);
-				break;
-			}
-			if (CCEQ(deftty.c_cc[VSUSP], c)) {
-				bol = 1;
-				echo(c);
-				stop(1);
-				continue;
-			}
-#ifdef VDSUSP
-			/* Is VDSUSP called something else on Linux?
-			 * Perhaps VDELAY is a better thing? */		
-			if (CCEQ(deftty.c_cc[VDSUSP], c)) {
-				bol = 1;
-				echo(c);
-				stop(0);
-				continue;
-			}
-#endif /* VDSUSP */
-			if (c != escapechar)
-#ifndef NOENCRYPTION
-				if (doencrypt)
-					des_enc_write(rem, &escapechar,1, schedule, &cred.session);
-				else
-#endif
-					write(rem, &escapechar, 1);
-		}
-
-		if (doencrypt) {
-#ifdef NOENCRYPTION
-			if (write(rem, &c, 1) == 0) {
-#else
-			if (des_enc_write(rem, &c, 1, schedule, &cred.session) == 0) {
-#endif
-				warnx("line gone");
-				break;
-			}
-		} else
-			if (write(rem, &c, 1) == 0) {
-				warnx("line gone");
-				break;
-			}
-		bol = CCEQ(deftty.c_cc[VKILL], c) ||
-		    CCEQ(deftty.c_cc[VEOF], c) ||
-		    CCEQ(deftty.c_cc[VINTR], c) ||
-		    CCEQ(deftty.c_cc[VSUSP], c) ||
-		    c == '\r' || c == '\n';
-	}
-}
-
-static
-RETSIGTYPE
-lostpeer(int foo)
-{
-	signal(SIGPIPE, SIG_IGN);
-	warnx("\aconnection closed.\r");
-	done(1);
-}
-
-/*
- * This is called in the parent when the reader process gets the
- * out-of-band (urgent) request to turn on the window-changing
- * protocol. It is signalled from the child(reader).
- */
-static
-RETSIGTYPE
-sigusr1(int foo)
-{
-        /*
-	 * Now we now daemon supports winsize hack,
-	 */
-	sendwindow();
-#ifdef SIGWINCH
-	signal(SIGWINCH, sigwinch); /* so we start to support it */
-#endif
-	SIGRETURN(0);
-}
-
-static void
-doit(void)
-{
-	signal(SIGINT, SIG_IGN);
-	signal(SIGHUP, SIG_IGN);
-	signal(SIGQUIT, SIG_IGN);
-
-	signal(SIGCHLD, catch_child);
-
-	/*
-	 * Child sends parent this signal for window size hack.
-	 */
-	signal(SIGUSR1, sigusr1);
-
-	signal(SIGPIPE, lostpeer);
-
-	mode(1);
-	parent = getpid();
-	child = fork();
-	if (child == -1) {
-	    warn("fork");
-	    done(1);
-	}
-	if (child == 0) {
-	        signal(SIGCHLD, SIG_IGN);
-	        signal(SIGTTOU, SIG_IGN);
-		if (reader() == 0)
-		    errx(1, "connection closed.\r");
-		sleep(1);
-		errx(1, "\aconnection closed.\r");
-	}
-
-	writer();
-	warnx("closed connection.\r");
-	done(0);
-}
-
-static void
-usage(void)
-{
-    fprintf(stderr,
-	    "usage: rlogin [ -%s]%s[-e char] [ -l username ] host\n",
-	    "8DEKLdx", " [-k realm] ");
-    exit(1);
-}
-
-static u_int
-getescape(char *p)
-{
-	long val;
-	int len;
-
-	if ((len = strlen(p)) == 1)	/* use any single char, including '\' */
-		return ((u_int)*p);
-					/* otherwise, \nnn */
-	if (*p == '\\' && len >= 2 && len <= 4) {
-		val = strtol(++p, NULL, 8);
-		for (;;) {
-			if (!*++p)
-				return ((u_int)val);
-			if (*p < '0' || *p > '8')
-				break;
-		}
-	}
-	warnx("illegal option value -- e");
-	usage();
-	return 0;
-}
-
-int
-main(int argc, char **argv)
-{
-	struct passwd *pw;
-	int sv_port, user_port = 0;
-	int argoff, ch, dflag, Dflag, one, uid;
-	char *host, *user, term[1024];
-
-	argoff = dflag = Dflag = 0;
-	one = 1;
-	host = user = NULL;
-
-	set_progname(argv[0]);
-
-	/* handle "rlogin host flags" */
-	if (argc > 2 && argv[1][0] != '-') {
-	    host = argv[1];
-	    argoff = 1;
-	}
-
-#define	OPTIONS	"8DEKLde:k:l:xp:"
-	while ((ch = getopt(argc - argoff, argv + argoff, OPTIONS)) != EOF)
-		switch(ch) {
-		case '8':
-			eight = 1;
-			break;
-		case 'D':
-		        Dflag = 1;
-			break;
-		case 'E':
-			noescape = 1;
-			break;
-		case 'K':
-			use_kerberos = 0;
-			break;
-		case 'd':
-			dflag = 1;
-			break;
-		case 'e':
-			noescape = 0;
-			escapechar = getescape(optarg);
-			break;
-		case 'k':
-			dest_realm = dst_realm_buf;
-			strncpy(dest_realm, optarg, REALM_SZ);
-			break;
-		case 'l':
-			user = optarg;
-			break;
-		case 'x':
-			doencrypt = 1;
-			break;
-		case 'p':
-			user_port = htons(atoi(optarg));
-			break;
-		case '?':
-		default:
-			usage();
-		}
-	optind += argoff;
-	argc -= optind;
-	argv += optind;
-
-	/* if haven't gotten a host yet, do so */
-	if (!host && !(host = *argv++))
-		usage();
-
-	if (*argv)
-		usage();
-
-	if (!(pw = k_getpwuid(uid = getuid())))
-	    errx(1, "unknown user id.");
-	if (!user)
-	    user = pw->pw_name;
-
-
-	if (user_port)
-		sv_port = user_port;
-	else
-		sv_port = get_login_port(use_kerberos, doencrypt);
-
-	{
-	    char *p = getenv("TERM");
-	    struct termios tty;
-	    int i;
-
-	    if (p == NULL)
-		p = "network";
-
-	    if (tcgetattr(0, &tty) == 0
-		&& (i = speed_t2int (cfgetospeed(&tty))) > 0)
-		snprintf (term, sizeof(term),
-			  "%s/%d",
-			  p, i);
-	    else
-		snprintf (term, sizeof(term),
-			  "%s",
-			  p);
-	}
-
-	get_window_size(0, &winsize);
-
-      try_connect:
-	if (use_kerberos) {
-		struct hostent *hp;
-
-		/* Fully qualify hostname (needed for krb_realmofhost). */
-		hp = gethostbyname(host);
-		if (hp != NULL && !(host = strdup(hp->h_name))) {
-		    errno = ENOMEM;
-		    err(1, NULL);
-		}
-
-		rem = KSUCCESS;
-		errno = 0;
-		if (dest_realm == NULL)
-		    dest_realm = krb_realmofhost(host);
-
-		if (doencrypt)
-		    rem = krcmd_mutual(&host, sv_port, user, term, 0,
-				       dest_realm, &cred, schedule);
-		else
-			rem = krcmd(&host, sv_port, user, term, 0,
-			    dest_realm);
-		if (rem < 0) {
-			use_kerberos = 0;
-			if (user_port == 0)
-				sv_port = get_login_port(use_kerberos,
-							 doencrypt);
-			if (errno == ECONNREFUSED)
-			    warning("remote host doesn't support Kerberos");
-			if (errno == ENOENT)
-			  warning("can't provide Kerberos auth data");
-			goto try_connect;
-		}
-	} else {
-		if (doencrypt)
-		    errx(1, "the -x flag requires Kerberos authentication.");
-		if (geteuid() != 0)
-		    errx(1, "not installed setuid root, "
-			 "only root may use non kerberized rlogin");
-		rem = rcmd(&host, sv_port, pw->pw_name, user, term, 0);
-	}
-	
-	if (rem < 0)
-		exit(1);
-
-#ifdef HAVE_SETSOCKOPT
-#ifdef SO_DEBUG
-	if (dflag &&
-	    setsockopt(rem, SOL_SOCKET, SO_DEBUG, (void *)&one,
-		       sizeof(one)) < 0)
-	    warn("setsockopt");
-#endif
-#ifdef TCP_NODELAY
-	if (Dflag &&
-	    setsockopt(rem, IPPROTO_TCP, TCP_NODELAY, (void *)&one,
-		       sizeof(one)) < 0)
-	    warn("setsockopt(TCP_NODELAY)");
-#endif
-#ifdef IP_TOS
-	one = IPTOS_LOWDELAY;
-	if (setsockopt(rem, IPPROTO_IP, IP_TOS, (void *)&one, sizeof(int)) < 0)
-	    warn("setsockopt(IP_TOS)");
-#endif /* IP_TOS */
-#endif /* HAVE_SETSOCKOPT */
-
-	setuid(uid);
-	doit();
-	return 0;
-}
diff --git a/crypto/kerberosIV/appl/bsd/rlogind.c b/crypto/kerberosIV/appl/bsd/rlogind.c
deleted file mode 100644
index c5d807749675..000000000000
--- a/crypto/kerberosIV/appl/bsd/rlogind.c
+++ /dev/null
@@ -1,934 +0,0 @@
-/*-
- * Copyright (c) 1983, 1988, 1989, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/*
- * remote login server:
- *	\0
- *	remuser\0
- *	locuser\0
- *	terminal_type/speed\0
- *	data
- */
-
-#include "bsd_locl.h"
-
-RCSID("$Id: rlogind.c,v 1.100 1997/05/25 01:15:20 assar Exp $");
-
-extern int __check_rhosts_file;
-
-char *INSECURE_MESSAGE =
-"\r\n*** Connection not encrypted! Communication may be eavesdropped. ***"
-"\r\n*** Use telnet or rlogin -x instead! ***\r\n";
-
-#ifndef NOENCRYPTION
-char *SECURE_MESSAGE =
-"This rlogin session is using DES encryption for all transmissions.\r\n";
-#else
-#define	SECURE_MESSAGE INSECURE_MESSAGE
-#endif
-
-AUTH_DAT	*kdata;
-KTEXT		ticket;
-u_char		auth_buf[sizeof(AUTH_DAT)];
-u_char		tick_buf[sizeof(KTEXT_ST)];
-Key_schedule	schedule;
-int		doencrypt, retval, use_kerberos, vacuous;
-
-#define		ARGSTR			"Daip:lnkvxL:"
-
-char	*env[2];
-#define	NMAX 30
-char	lusername[NMAX+1], rusername[NMAX+1];
-static	char term[64] = "TERM=";
-#define	ENVSIZE	(sizeof("TERM=")-1)	/* skip null for concatenation */
-int	keepalive = 1;
-int	check_all = 0;
-int     no_delay = 0;
-
-struct	passwd *pwd;
-
-static const char *new_login = _PATH_LOGIN;
-
-static void	doit (int, struct sockaddr_in *);
-static int	control (int, char *, int);
-static void	protocol (int, int);
-static RETSIGTYPE cleanup (int);
-void	fatal (int, const char *, int);
-static int	do_rlogin (struct sockaddr_in *);
-static void	setup_term (int);
-static int	do_krb_login (struct sockaddr_in *);
-static void	usage (void);
-
-static int
-readstream(int p, char *ibuf, int bufsize)
-{
-#ifndef HAVE_GETMSG
-    return read(p, ibuf, bufsize);
-#else
-    static int flowison = -1;  /* current state of flow: -1 is unknown */
-    static struct strbuf strbufc, strbufd;
-    static unsigned char ctlbuf[BUFSIZ];
-    static int use_read = 1;
-
-    int flags = 0;
-    int ret;
-    struct termios tsp;
-
-    struct iocblk ip;
-    char vstop, vstart;
-    int ixon;
-    int newflow;
-
-    if (use_read)
-	{
-	    ret = read(p, ibuf, bufsize);
-	    if (ret < 0 && errno == EBADMSG)
-		use_read = 0;
-	    else
-		return ret;
-	}
-
-    strbufc.maxlen = BUFSIZ;
-    strbufc.buf = (char *)ctlbuf;
-    strbufd.maxlen = bufsize-1;
-    strbufd.len = 0;
-    strbufd.buf = ibuf+1;
-    ibuf[0] = 0;
-
-    ret = getmsg(p, &strbufc, &strbufd, &flags);
-    if (ret < 0)  /* error of some sort -- probably EAGAIN */
-	return(-1);
-
-    if (strbufc.len <= 0 || ctlbuf[0] == M_DATA) {
-	/* data message */
-	if (strbufd.len > 0) {			/* real data */
-	    return(strbufd.len + 1);	/* count header char */
-	} else {
-	    /* nothing there */
-	    errno = EAGAIN;
-	    return(-1);
-	}
-    }
-
-    /*
-     * It's a control message.  Return 1, to look at the flag we set
-     */
-
-    switch (ctlbuf[0]) {
-    case M_FLUSH:
-	if (ibuf[1] & FLUSHW)
-	    ibuf[0] = TIOCPKT_FLUSHWRITE;
-	return(1);
-
-    case M_IOCTL:
-	memcpy(&ip, (ibuf+1), sizeof(ip));
-
-	switch (ip.ioc_cmd) {
-#ifdef TCSETS
-	case TCSETS:
-	case TCSETSW:
-	case TCSETSF:
-	    memcpy(&tsp,
-		   (ibuf+1 + sizeof(struct iocblk)),
-		   sizeof(tsp));
-	    vstop = tsp.c_cc[VSTOP];
-	    vstart = tsp.c_cc[VSTART];
-	    ixon = tsp.c_iflag & IXON;
-	    break;
-#endif
-	default:
-	    errno = EAGAIN;
-	    return(-1);
-	}
-
-	newflow =  (ixon && (vstart == 021) && (vstop == 023)) ? 1 : 0;
-	if (newflow != flowison) {  /* it's a change */
-	    flowison = newflow;
-	    ibuf[0] = newflow ? TIOCPKT_DOSTOP : TIOCPKT_NOSTOP;
-	    return(1);
-	}
-    }
-
-    /* nothing worth doing anything about */
-    errno = EAGAIN;
-    return(-1);
-#endif
-}
-
-#ifdef HAVE_UTMPX_H
-static int
-logout(const char *line)
-{
-    struct utmpx utmpx, *utxp;
-    int ret = 1;
-
-    setutxent ();
-    memset(&utmpx, 0, sizeof(utmpx));
-    utmpx.ut_type = USER_PROCESS;
-    strncpy(utmpx.ut_line, line, sizeof(utmpx.ut_line));
-    utxp = getutxline(&utmpx);
-    if (utxp) {
-	strcpy(utxp->ut_user, "");
-	utxp->ut_type = DEAD_PROCESS;
-#ifdef _STRUCT___EXIT_STATUS
-	utxp->ut_exit.__e_termination = 0;
-	utxp->ut_exit.__e_exit = 0;
-#elif defined(__osf__) /* XXX */
-	utxp->ut_exit.ut_termination = 0;
-	utxp->ut_exit.ut_exit = 0;
-#else	
-	utxp->ut_exit.e_termination = 0;
-	utxp->ut_exit.e_exit = 0;
-#endif
-	gettimeofday(&utxp->ut_tv, NULL);
-	pututxline(utxp);
-#ifdef WTMPX_FILE
-	updwtmpx(WTMPX_FILE, utxp);
-#else
-	ret = 0;
-#endif
-    }
-    endutxent();
-    return ret;
-}
-#else
-static int
-logout(const char *line)
-{
-    FILE *fp;
-    struct utmp ut;
-    int rval;
-
-    if (!(fp = fopen(_PATH_UTMP, "r+")))
-	return(0);
-    rval = 1;
-    while (fread(&ut, sizeof(struct utmp), 1, fp) == 1) {
-	if (!ut.ut_name[0] ||
-	    strncmp(ut.ut_line, line, sizeof(ut.ut_line)))
-	    continue;
-	memset(ut.ut_name, 0, sizeof(ut.ut_name));
-#ifdef HAVE_UT_HOST
-	memset(ut.ut_host, 0, sizeof(ut.ut_host));
-#endif
-	time(&ut.ut_time);
-	fseek(fp, (long)-sizeof(struct utmp), SEEK_CUR);
-	fwrite(&ut, sizeof(struct utmp), 1, fp);
-	fseek(fp, (long)0, SEEK_CUR);
-	rval = 0;
-    }
-    fclose(fp);
-    return(rval);
-}
-#endif
-
-#ifndef HAVE_LOGWTMP
-static void
-logwtmp(const char *line, const char *name, const char *host)
-{
-    struct utmp ut;
-    struct stat buf;
-    int fd;
-
-    memset (&ut, 0, sizeof(ut));
-    if ((fd = open(_PATH_WTMP, O_WRONLY|O_APPEND, 0)) < 0)
-	return;
-    if (!fstat(fd, &buf)) {
-	strncpy(ut.ut_line, line, sizeof(ut.ut_line));
-	strncpy(ut.ut_name, name, sizeof(ut.ut_name));
-#ifdef HAVE_UT_HOST
-	strncpy(ut.ut_host, host, sizeof(ut.ut_host));
-#endif
-#ifdef HAVE_UT_PID
-	ut.ut_pid = getpid();
-#endif
-#ifdef HAVE_UT_TYPE
-	if(name[0])
-	    ut.ut_type = USER_PROCESS;
-	else
-	    ut.ut_type = DEAD_PROCESS;
-#endif
-	time(&ut.ut_time);
-	if (write(fd, &ut, sizeof(struct utmp)) !=
-	    sizeof(struct utmp))
-	    ftruncate(fd, buf.st_size);
-    }
-    close(fd);
-}
-#endif
-
-int
-main(int argc, char **argv)
-{
-    struct sockaddr_in from;
-    int ch, fromlen, on;
-    int interactive = 0;
-    int portnum = 0;
-
-    set_progname(argv[0]);
-
-    openlog("rlogind", LOG_PID | LOG_CONS, LOG_AUTH);
-
-    opterr = 0;
-    while ((ch = getopt(argc, argv, ARGSTR)) != EOF)
-	switch (ch) {
-	case 'D':
-	    no_delay = 1;
-	    break;
-	case 'a':
-	    break;
-	case 'i':
-	    interactive = 1;
-	    break;
-	case 'p':
-	    portnum = htons(atoi(optarg));
-	    break;
-	case 'l':
-	    __check_rhosts_file = 0;
-	    break;
-	case 'n':
-	    keepalive = 0;
-	    break;
-	case 'k':
-	    use_kerberos = 1;
-	    break;
-	case 'v':
-	    vacuous = 1;
-	    break;
-	case 'x':
-	    doencrypt = 1;
-	    break;
-	case 'L':
-	    new_login = optarg;
-	    break;
-	case '?':
-	default:
-	    usage();
-	    break;
-	}
-    argc -= optind;
-    argv += optind;
-
-    if (use_kerberos && vacuous) {
-	usage();
-	fatal(STDERR_FILENO, "only one of -k and -v allowed", 0);
-    }
-    if (interactive) {
-	if(portnum == 0)
-	    portnum = get_login_port (use_kerberos, doencrypt);
-	mini_inetd (portnum);
-    }
-
-    fromlen = sizeof (from);
-    if (getpeername(0, (struct sockaddr *)&from, &fromlen) < 0) {
-	syslog(LOG_ERR,"Can't get peer name of remote host: %m");
-	fatal(STDERR_FILENO, "Can't get peer name of remote host", 1);
-    }
-    on = 1;
-#ifdef HAVE_SETSOCKOPT
-#ifdef SO_KEEPALIVE
-    if (keepalive &&
-	setsockopt(0, SOL_SOCKET, SO_KEEPALIVE, (void *)&on,
-		   sizeof (on)) < 0)
-	syslog(LOG_WARNING, "setsockopt (SO_KEEPALIVE): %m");
-#endif
-#ifdef TCP_NODELAY
-    if (no_delay &&
-	setsockopt(0, IPPROTO_TCP, TCP_NODELAY, (void *)&on,
-		   sizeof(on)) < 0)
-	syslog(LOG_WARNING, "setsockopt (TCP_NODELAY): %m");
-#endif
-
-#ifdef IP_TOS
-    on = IPTOS_LOWDELAY;
-    if (setsockopt(0, IPPROTO_IP, IP_TOS, (void *)&on, sizeof(int)) < 0)
-	syslog(LOG_WARNING, "setsockopt (IP_TOS): %m");
-#endif
-#endif /* HAVE_SETSOCKOPT */
-    doit(0, &from);
-    return 0;
-}
-
-int	child;
-int	netf;
-char	line[MaxPathLen];
-int	confirmed;
-
-struct winsize win = { 0, 0, 0, 0 };
-
-
-static void
-doit(int f, struct sockaddr_in *fromp)
-{
-    int master, pid, on = 1;
-    int authenticated = 0;
-    char hostname[2 * MaxHostNameLen + 1];
-    char c;
-
-    alarm(60);
-    read(f, &c, 1);
-
-    if (c != 0)
-	exit(1);
-    if (vacuous)
-	fatal(f, "Remote host requires Kerberos authentication", 0);
-
-    alarm(0);
-    inaddr2str (fromp->sin_addr, hostname, sizeof(hostname));
-
-    if (use_kerberos) {
-	retval = do_krb_login(fromp);
-	if (retval == 0)
-	    authenticated++;
-	else if (retval > 0)
-	    fatal(f, krb_get_err_text(retval), 0);
-	write(f, &c, 1);
-	confirmed = 1;		/* we sent the null! */
-    } else {
-	fromp->sin_port = ntohs((u_short)fromp->sin_port);
-	if (fromp->sin_family != AF_INET ||
-	    fromp->sin_port >= IPPORT_RESERVED ||
-	    fromp->sin_port < IPPORT_RESERVED/2) {
-	    syslog(LOG_NOTICE, "Connection from %s on illegal port",
-		   inet_ntoa(fromp->sin_addr));
-	    fatal(f, "Permission denied", 0);
-	}
-	ip_options_and_die (0, fromp);
-	if (do_rlogin(fromp) == 0)
-	    authenticated++;
-    }
-    if (confirmed == 0) {
-	write(f, "", 1);
-	confirmed = 1;		/* we sent the null! */
-    }
-#ifndef NOENCRYPTION
-    if (doencrypt)
-	des_enc_write(f, SECURE_MESSAGE,
-		      strlen(SECURE_MESSAGE),
-		      schedule, &kdata->session);
-    else
-#endif
-	write(f, INSECURE_MESSAGE, strlen(INSECURE_MESSAGE));
-    netf = f;
-
-    pid = forkpty(&master, line, NULL, NULL);
-    if (pid < 0) {
-	if (errno == ENOENT)
-	    fatal(f, "Out of ptys", 0);
-	else
-	    fatal(f, "Forkpty", 1);
-    }
-    if (pid == 0) {
-	if (f > 2)	/* f should always be 0, but... */
-	    close(f);
-	setup_term(0);
-	if (lusername[0] == '-'){
-	    syslog(LOG_ERR, "tried to pass user \"%s\" to login",
-		   lusername);
-	    fatal(STDERR_FILENO, "invalid user", 0);
-	}
-	if (authenticated) {
-	    if (use_kerberos && (pwd->pw_uid == 0))
-		syslog(LOG_INFO|LOG_AUTH,
-		       "ROOT Kerberos login from %s on %s\n",
-		       krb_unparse_name_long(kdata->pname, 
-					     kdata->pinst, 
-					     kdata->prealm), 
-		       hostname);
-		    
-	    execl(new_login, "login", "-p",
-		  "-h", hostname, "-f", "--", lusername, 0);
-	} else
-	    execl(new_login, "login", "-p",
-		  "-h", hostname, "--", lusername, 0);
-	fatal(STDERR_FILENO, new_login, 1);
-	/*NOTREACHED*/
-    }
-    /*
-     * If encrypted, don't turn on NBIO or the des read/write
-     * routines will croak.
-     */
-
-    if (!doencrypt)
-	ioctl(f, FIONBIO, &on);
-    ioctl(master, FIONBIO, &on);
-    ioctl(master, TIOCPKT, &on);
-    signal(SIGTSTP, SIG_IGN);
-    signal(SIGCHLD, cleanup);
-    setsid();
-    protocol(f, master);
-    signal(SIGCHLD, SIG_IGN);
-    cleanup(0);
-}
-
-const char	magic[2] = { 0377, 0377 };
-
-/*
- * Handle a "control" request (signaled by magic being present)
- * in the data stream.  For now, we are only willing to handle
- * window size changes.
- */
-static int
-control(int master, char *cp, int n)
-{
-    struct winsize w;
-    char *p;
-    u_int32_t tmp;
-
-    if (n < 4 + 4 * sizeof (u_int16_t) || cp[2] != 's' || cp[3] != 's')
-	return (0);
-#ifdef TIOCSWINSZ
-    p = cp + 4;
-    p += krb_get_int(p, &tmp, 2, 0);
-    w.ws_row = tmp;
-    p += krb_get_int(p, &tmp, 2, 0);
-    w.ws_col = tmp;
-
-    p += krb_get_int(p, &tmp, 2, 0);
-#ifdef HAVE_WS_XPIXEL
-    w.ws_xpixel = tmp;
-#endif
-    p += krb_get_int(p, &tmp, 2, 0);
-#ifdef HAVE_WS_YPIXEL
-    w.ws_ypixel = tmp;
-#endif
-    ioctl(master, TIOCSWINSZ, &w);
-#endif
-    return p - cp;
-}
-
-static
-void
-send_oob(int fd, char c)
-{
-    static char last_oob = 0xFF;
-
-#if (SunOS == 5) || defined(__hpux)
-    /*
-     * PSoriasis and HP-UX always send TIOCPKT_DOSTOP at startup so we
-     * can avoid sending OOB data and thus not break on Linux by merging
-     * TIOCPKT_DOSTOP into the first TIOCPKT_WINDOW.
-     */
-    static int oob_kludge = 2;
-    if (oob_kludge == 2)
-	{
-	    oob_kludge--;		/* First time send nothing */
-	    return;
-	}
-    else if (oob_kludge == 1)
-	{
-	    oob_kludge--;		/* Second time merge TIOCPKT_WINDOW */
-	    c |= TIOCPKT_WINDOW;
-	}
-#endif
-
-#define	pkcontrol(c) ((c)&(TIOCPKT_FLUSHWRITE|TIOCPKT_NOSTOP|TIOCPKT_DOSTOP))
-    c = pkcontrol(c);
-    /* Multiple OOB data breaks on Linux, avoid it when possible. */
-    if (c != last_oob)
-	send(fd, &c, 1, MSG_OOB);
-    last_oob = c;
-}
-
-/*
- * rlogin "protocol" machine.
- */
-static void
-protocol(int f, int master)
-{
-    char pibuf[1024+1], fibuf[1024], *pbp, *fbp;
-    int pcc = 0, fcc = 0;
-    int cc, nfd, n;
-    char cntl;
-    unsigned char oob_queue = 0;
-
-    /*
-     * Must ignore SIGTTOU, otherwise we'll stop
-     * when we try and set slave pty's window shape
-     * (our controlling tty is the master pty).
-     */
-    signal(SIGTTOU, SIG_IGN);
-
-    send_oob(f, TIOCPKT_WINDOW); /* indicate new rlogin */
-
-    if (f > master)
-	nfd = f + 1;
-    else
-	nfd = master + 1;
-    if (nfd > FD_SETSIZE) {
-	syslog(LOG_ERR, "select mask too small, increase FD_SETSIZE");
-	fatal(f, "internal error (select mask too small)", 0);
-    }
-    for (;;) {
-	fd_set ibits, obits, ebits, *omask;
-
-	FD_ZERO(&ebits);
-	FD_ZERO(&ibits);
-	FD_ZERO(&obits);
-	omask = (fd_set *)NULL;
-	if (fcc) {
-	    FD_SET(master, &obits);
-	    omask = &obits;
-	} else
-	    FD_SET(f, &ibits);
-	if (pcc >= 0)
-	    if (pcc) {
-		FD_SET(f, &obits);
-		omask = &obits;
-	    } else
-		FD_SET(master, &ibits);
-	FD_SET(master, &ebits);
-	if ((n = select(nfd, &ibits, omask, &ebits, 0)) < 0) {
-	    if (errno == EINTR)
-		continue;
-	    fatal(f, "select", 1);
-	}
-	if (n == 0) {
-	    /* shouldn't happen... */
-	    sleep(5);
-	    continue;
-	}
-	if (FD_ISSET(master, &ebits)) {
-	    cc = readstream(master, &cntl, 1);
-	    if (cc == 1 && pkcontrol(cntl)) {
-#if 0				/* Kludge around */
-		send_oob(f, cntl);
-#endif
-		oob_queue = cntl;
-		if (cntl & TIOCPKT_FLUSHWRITE) {
-		    pcc = 0;
-		    FD_CLR(master, &ibits);
-		}
-	    }
-	}
-	if (FD_ISSET(f, &ibits)) {
-#ifndef NOENCRYPTION
-	    if (doencrypt)
-		fcc = des_enc_read(f, fibuf,
-				   sizeof(fibuf),
-				   schedule, &kdata->session);
-	    else
-#endif
-		fcc = read(f, fibuf, sizeof(fibuf));
-	    if (fcc < 0 && errno == EWOULDBLOCK)
-		fcc = 0;
-	    else {
-		char *cp;
-		int left, n;
-
-		if (fcc <= 0)
-		    break;
-		fbp = fibuf;
-
-	    top:
-		for (cp = fibuf; cp < fibuf+fcc-1; cp++)
-		    if (cp[0] == magic[0] &&
-			cp[1] == magic[1]) {
-			left = fcc - (cp-fibuf);
-			n = control(master, cp, left);
-			if (n) {
-			    left -= n;
-			    if (left > 0)
-				memmove(cp, cp+n, left);
-			    fcc -= n;
-			    goto top; /* n^2 */
-			}
-		    }
-		FD_SET(master, &obits);		/* try write */
-	    }
-	}
-
-	if (FD_ISSET(master, &obits) && fcc > 0) {
-	    cc = write(master, fbp, fcc);
-	    if (cc > 0) {
-		fcc -= cc;
-		fbp += cc;
-	    }
-	}
-
-	if (FD_ISSET(master, &ibits)) {
-	    pcc = readstream(master, pibuf, sizeof (pibuf));
-	    pbp = pibuf;
-	    if (pcc < 0 && errno == EWOULDBLOCK)
-		pcc = 0;
-	    else if (pcc <= 0)
-		break;
-	    else if (pibuf[0] == 0) {
-		pbp++, pcc--;
-		if (!doencrypt)
-		    FD_SET(f, &obits);	/* try write */
-	    } else {
-		if (pkcontrol(pibuf[0])) {
-		    oob_queue = pibuf[0];
-#if 0				/* Kludge around */
-		    send_oob(f, pibuf[0]);
-#endif
-		}
-		pcc = 0;
-	    }
-	}
-	if ((FD_ISSET(f, &obits)) && pcc > 0) {
-#ifndef NOENCRYPTION
-	    if (doencrypt)
-		cc = des_enc_write(f, pbp, pcc, schedule, &kdata->session);
-	    else
-#endif
-		cc = write(f, pbp, pcc);
-	    if (cc < 0 && errno == EWOULDBLOCK) {
-		/*
-		 * This happens when we try write after read
-		 * from p, but some old kernels balk at large
-		 * writes even when select returns true.
-		 */
-		if (!FD_ISSET(master, &ibits))
-		    sleep(5);
-		continue;
-	    }
-	    if (cc > 0) {
-		pcc -= cc;
-		pbp += cc;
-		/* Only send urg data when normal data
-		 * has just been sent.
-		 * Linux has deep problems with more
-		 * than one byte of OOB data.
-		 */
-		if (oob_queue) {
-		    send_oob (f, oob_queue);
-		    oob_queue = 0;
-		}
-	    }
-	}
-    }
-}
-
-static RETSIGTYPE
-cleanup(int signo)
-{
-    char *p = clean_ttyname (line);
-
-    if (logout(p) == 0)
-	logwtmp(p, "", "");
-    chmod(line, 0666);
-    chown(line, 0, 0);
-    *p = 'p';
-    chmod(line, 0666);
-    chown(line, 0, 0);
-    shutdown(netf, 2);
-    signal(SIGHUP, SIG_IGN);
-#ifdef HAVE_VHANGUP
-    vhangup();
-#endif /* HAVE_VHANGUP */
-    exit(1);
-}
-
-void
-fatal(int f, const char *msg, int syserr)
-{
-    int len;
-    char buf[BUFSIZ], *bp = buf;
-
-    /*
-     * Prepend binary one to message if we haven't sent
-     * the magic null as confirmation.
-     */
-    if (!confirmed)
-	*bp++ = '\01';		/* error indicator */
-    if (syserr)
-	snprintf(bp, sizeof(buf) - (bp - buf),
-		 "rlogind: %s: %s.\r\n",
-		 msg, strerror(errno));
-    else
-	snprintf(bp, sizeof(buf) - (bp - buf),
-		 "rlogind: %s.\r\n", msg);
-    len = strlen(bp);
-#ifndef NOENCRYPTION
-    if (doencrypt)
-	des_enc_write(f, buf, bp + len - buf, schedule, &kdata->session);
-    else
-#endif
-	write(f, buf, bp + len - buf);
-    exit(1);
-}
-
-static void
-xgetstr(char *buf, int cnt, char *errmsg)
-{
-    char c;
-
-    do {
-	if (read(0, &c, 1) != 1)
-	    exit(1);
-	if (--cnt < 0)
-	    fatal(STDOUT_FILENO, errmsg, 0);
-	*buf++ = c;
-    } while (c != 0);
-}
-
-static int
-do_rlogin(struct sockaddr_in *dest)
-{
-    xgetstr(rusername, sizeof(rusername), "remuser too long");
-    xgetstr(lusername, sizeof(lusername), "locuser too long");
-    xgetstr(term+ENVSIZE, sizeof(term)-ENVSIZE, "Terminal type too long");
-
-    pwd = k_getpwnam(lusername);
-    if (pwd == NULL)
-	return (-1);
-    if (pwd->pw_uid == 0 && strcmp("root", lusername) != 0)
-	{
-	    syslog(LOG_ALERT, "NIS attack, user %s has uid 0", lusername);
-	    return (-1);
-	}
-    return (iruserok(dest->sin_addr.s_addr,
-		     (pwd->pw_uid == 0),
-		     rusername,
-		     lusername));
-}
-
-static void 
-setup_term(int fd)
-{
-    char *cp = strchr(term+ENVSIZE, '/');
-    char *speed;
-    struct termios tt;
-
-    tcgetattr(fd, &tt);
-    if (cp) {
-	int s;
-
-	*cp++ = '\0';
-	speed = cp;
-	cp = strchr(speed, '/');
-	if (cp)
-	    *cp++ = '\0';
-	s = int2speed_t (atoi (speed));
-	if (s > 0) {
-	    cfsetospeed (&tt, s);
-	    cfsetispeed (&tt, s);
-	}
-    }
-
-    tt.c_iflag &= ~INPCK;
-    tt.c_iflag |= ICRNL|IXON;
-    tt.c_oflag |= OPOST|ONLCR;
-#ifdef TAB3
-    tt.c_oflag |= TAB3;
-#endif /* TAB3 */
-#ifdef ONLRET
-    tt.c_oflag &= ~ONLRET;
-#endif /* ONLRET */
-    tt.c_lflag |= (ECHO|ECHOE|ECHOK|ISIG|ICANON);
-    tt.c_cflag &= ~PARENB;
-    tt.c_cflag |= CS8;
-    tt.c_cc[VMIN] = 1;
-    tt.c_cc[VTIME] = 0;
-    tt.c_cc[VEOF] = CEOF;
-    tcsetattr(fd, TCSAFLUSH, &tt);
-
-    env[0] = term;
-    env[1] = 0;
-    environ = env;
-}
-
-#define	VERSION_SIZE	9
-
-/*
- * Do the remote kerberos login to the named host with the
- * given inet address
- *
- * Return 0 on valid authorization
- * Return -1 on valid authentication, no authorization
- * Return >0 for error conditions
- */
-static int
-do_krb_login(struct sockaddr_in *dest)
-{
-    int rc;
-    char instance[INST_SZ], version[VERSION_SIZE];
-    long authopts = 0L;	/* !mutual */
-    struct sockaddr_in faddr;
-
-    kdata = (AUTH_DAT *) auth_buf;
-    ticket = (KTEXT) tick_buf;
-
-    k_getsockinst(0, instance, sizeof(instance));
-
-    if (doencrypt) {
-	rc = sizeof(faddr);
-	if (getsockname(0, (struct sockaddr *)&faddr, &rc))
-	    return (-1);
-	authopts = KOPT_DO_MUTUAL;
-	rc = krb_recvauth(
-			  authopts, 0,
-			  ticket, "rcmd",
-			  instance, dest, &faddr,
-			  kdata, "", schedule, version);
-	des_set_key(&kdata->session, schedule);
-
-    } else
-	rc = krb_recvauth(
-			  authopts, 0,
-			  ticket, "rcmd",
-			  instance, dest, (struct sockaddr_in *) 0,
-			  kdata, "", 0, version);
-
-    if (rc != KSUCCESS)
-	return (rc);
-
-    xgetstr(lusername, sizeof(lusername), "locuser");
-    /* get the "cmd" in the rcmd protocol */
-    xgetstr(term+ENVSIZE, sizeof(term)-ENVSIZE, "Terminal type");
-
-    pwd = k_getpwnam(lusername);
-    if (pwd == NULL)
-	return (-1);
-    if (pwd->pw_uid == 0 && strcmp("root", lusername) != 0)
-	{
-	    syslog(LOG_ALERT, "NIS attack, user %s has uid 0", lusername);
-	    return (-1);
-	}
-
-    /* returns nonzero for no access */
-    if (kuserok(kdata, lusername) != 0)
-	return (-1);
-
-    return (0);
-
-}
-
-static void
-usage(void)
-{
-    syslog(LOG_ERR,
-	   "usage: rlogind [-Dailn] [-p port] [-x] [-L login] [-k | -v]");
-    exit(1);
-}
diff --git a/crypto/kerberosIV/appl/bsd/rsh.c b/crypto/kerberosIV/appl/bsd/rsh.c
deleted file mode 100644
index 329ebf73ffe5..000000000000
--- a/crypto/kerberosIV/appl/bsd/rsh.c
+++ /dev/null
@@ -1,353 +0,0 @@
-/*-
- * Copyright (c) 1983, 1990 The Regents of the University of California.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "bsd_locl.h"
-
-RCSID("$Id: rsh.c,v 1.35 1997/03/30 18:20:22 joda Exp $");
-
-CREDENTIALS cred;
-Key_schedule schedule;
-int use_kerberos = 1, doencrypt;
-char dst_realm_buf[REALM_SZ], *dest_realm;
-
-/*
- * rsh - remote shell
- */
-int rfd2;
-
-static void
-usage(void)
-{
-    fprintf(stderr,
-	    "usage: rsh [-ndKx] [-k realm] [-l login] host [command]\n");
-    exit(1);
-}
-
-static char *
-copyargs(char **argv)
-{
-    int cc;
-    char **ap, *p;
-    char *args;
-
-    cc = 0;
-    for (ap = argv; *ap; ++ap)
-	cc += strlen(*ap) + 1;
-    if (!(args = malloc(cc))) 
-	errx(1, "Out of memory.");
-    for (p = args, ap = argv; *ap; ++ap) {
-	strcpy(p, *ap);
-	for (p = strcpy(p, *ap); *p; ++p);
-	if (ap[1])
-	    *p++ = ' ';
-    }
-    return(args);
-}
-
-static RETSIGTYPE
-sendsig(int signo_)
-{
-    char signo = signo_;
-#ifndef NOENCRYPTION
-    if (doencrypt)
-	des_enc_write(rfd2, &signo, 1, schedule, &cred.session);
-    else
-#endif
-	write(rfd2, &signo, 1);
-}
-
-static void
-talk(int nflag, sigset_t omask, int pid, int rem)
-{
-    int cc, wc;
-    char *bp;
-    fd_set readfrom, ready, rembits;
-    char buf[BUFSIZ];
-
-    if (pid == 0) {
-	if (nflag)
-	    goto done;
-
-	close(rfd2);
-
-    reread:		errno = 0;
-    if ((cc = read(0, buf, sizeof buf)) <= 0)
-	goto done;
-    bp = buf;
-
-    rewrite:	FD_ZERO(&rembits);
-    FD_SET(rem, &rembits);
-    if (select(16, 0, &rembits, 0, 0) < 0) {
-	if (errno != EINTR) 
-	    err(1, "select");
-	goto rewrite;
-    }
-    if (!FD_ISSET(rem, &rembits))
-	goto rewrite;
-#ifndef NOENCRYPTION
-    if (doencrypt)
-	wc = des_enc_write(rem, bp, cc, schedule, &cred.session);
-    else
-#endif
-	wc = write(rem, bp, cc);
-    if (wc < 0) {
-	if (errno == EWOULDBLOCK)
-	    goto rewrite;
-	goto done;
-    }
-    bp += wc;
-    cc -= wc;
-    if (cc == 0)
-	goto reread;
-    goto rewrite;
-    done:
-    shutdown(rem, 1);
-    exit(0);
-    }
-
-    if (sigprocmask(SIG_SETMASK, &omask, 0) != 0)
-	warn("sigprocmask");
-    FD_ZERO(&readfrom);
-    FD_SET(rem, &readfrom);
-    FD_SET(rfd2, &readfrom);
-    do {
-	ready = readfrom;
-	if (select(16, &ready, 0, 0, 0) < 0) {
-	    if (errno != EINTR)
-		err(1, "select");
-	    continue;
-	}
-	if (FD_ISSET(rfd2, &ready)) {
-	    errno = 0;
-#ifndef NOENCRYPTION
-	    if (doencrypt)
-		cc = des_enc_read(rfd2, buf, sizeof buf,
-				  schedule, &cred.session);
-	    else
-#endif
-		cc = read(rfd2, buf, sizeof buf);
-	    if (cc <= 0) {
-		if (errno != EWOULDBLOCK)
-		    FD_CLR(rfd2, &readfrom);
-	    } else
-		write(2, buf, cc);
-	}
-	if (FD_ISSET(rem, &ready)) {
-	    errno = 0;
-#ifndef NOENCRYPTION
-	    if (doencrypt)
-		cc = des_enc_read(rem, buf, sizeof buf,
-				  schedule, &cred.session);
-	    else
-#endif
-		cc = read(rem, buf, sizeof buf);
-	    if (cc <= 0) {
-		if (errno != EWOULDBLOCK)
-		    FD_CLR(rem, &readfrom);
-	    } else
-		write(1, buf, cc);
-	}
-    } while (FD_ISSET(rfd2, &readfrom) || FD_ISSET(rem, &readfrom));
-}
-
-int
-main(int argc, char **argv)
-{
-    struct passwd *pw;
-    int sv_port;
-    sigset_t omask;
-    int argoff, ch, dflag, nflag, nfork, one, pid, rem, uid;
-    char *args, *host, *user, *local_user;
-
-    argoff = dflag = nflag = nfork = 0;
-    one = 1;
-    host = user = NULL;
-    pid = 1;
-
-    set_progname(argv[0]);
-
-    /* handle "rsh host flags" */
-    if (!host && argc > 2 && argv[1][0] != '-') {
-	host = argv[1];
-	argoff = 1;
-    }
-
-#define	OPTIONS	"+8KLde:k:l:nwx"
-    while ((ch = getopt(argc - argoff, argv + argoff, OPTIONS)) != EOF)
-	switch(ch) {
-	case 'K':
-	    use_kerberos = 0;
-	    break;
-	case 'L':	/* -8Lew are ignored to allow rlogin aliases */
-	case 'e':
-	case 'w':
-	case '8':
-	    break;
-	case 'd':
-	    dflag = 1;
-	    break;
-	case 'l':
-	    user = optarg;
-	    break;
-	case 'k':
-	    dest_realm = dst_realm_buf;
-	    strncpy(dest_realm, optarg, REALM_SZ);
-	    break;
-	case 'n':
-	    nflag = nfork = 1;
-	    break;
-	case 'x':
-	    doencrypt = 1;
-	    break;
-	case '?':
-	default:
-	    usage();
-	}
-    optind += argoff;
-
-    /* if haven't gotten a host yet, do so */
-    if (!host && !(host = argv[optind++]))
-	usage();
-
-    /* if no further arguments, must have been called as rlogin. */
-    if (!argv[optind]) {
-	*argv = "rlogin";
-	setuid(getuid());
-	execv(_PATH_RLOGIN, argv);
-	err(1, "can't exec %s", _PATH_RLOGIN);
-    }
-
-    argc -= optind;
-    argv += optind;
-
-#ifndef __CYGWIN32__
-    if (!(pw = k_getpwuid(uid = getuid())))
-	errx(1, "unknown user id.");
-    local_user = pw->pw_name;
-    if (!user)
-	user = local_user;
-#else
-    if (!user)
-	errx(1, "Sorry, you need to specify the username (with -l)");
-    local_user = user;
-#endif
-
-    /* -n must still fork but does not turn of the -n functionality */
-    if (doencrypt)
-	nfork = 0;
-
-    args = copyargs(argv);
-
-    sv_port=get_shell_port(use_kerberos, doencrypt);
-
-try_connect:
-    if (use_kerberos) {
-	rem = KSUCCESS;
-	errno = 0;
-	if (dest_realm == NULL)
-	    dest_realm = krb_realmofhost(host);
-
-	if (doencrypt)
-	    rem = krcmd_mutual(&host, sv_port, user, args,
-			       &rfd2, dest_realm, &cred, schedule);
-	else
-	    rem = krcmd(&host, sv_port, user, args, &rfd2,
-			dest_realm);
-	if (rem < 0) {
-	    if (errno == ECONNREFUSED)
-		warning("remote host doesn't support Kerberos");
-	    if (errno == ENOENT)
-		warning("can't provide Kerberos auth data");
-	    use_kerberos = 0;
-	    sv_port=get_shell_port(use_kerberos, doencrypt);
-	    goto try_connect;
-	}
-    } else {
-	if (doencrypt)
-	    errx(1, "the -x flag requires Kerberos authentication.");
-	if (geteuid() != 0)
-	    errx(1, "not installed setuid root, "
-		 "only root may use non kerberized rsh");
-	rem = rcmd(&host, sv_port, local_user, user, args, &rfd2);
-    }
-
-    if (rem < 0)
-	exit(1);
-
-    if (rfd2 < 0)
-	errx(1, "can't establish stderr.");
-#if defined(SO_DEBUG) && defined(HAVE_SETSOCKOPT)
-    if (dflag) {
-	if (setsockopt(rem, SOL_SOCKET, SO_DEBUG, (void *)&one,
-		       sizeof(one)) < 0)
-	    warn("setsockopt");
-	if (setsockopt(rfd2, SOL_SOCKET, SO_DEBUG, (void *)&one,
-		       sizeof(one)) < 0)
-	    warn("setsockopt");
-    }
-#endif
-
-    setuid(uid);
-    {
-	sigset_t sigmsk;
-	sigemptyset(&sigmsk);
-	sigaddset(&sigmsk, SIGINT);
-	sigaddset(&sigmsk, SIGQUIT);
-	sigaddset(&sigmsk, SIGTERM);
-	if (sigprocmask(SIG_BLOCK, &sigmsk, &omask) != 0)
-	    warn("sigprocmask");
-    }
-    if (signal(SIGINT, SIG_IGN) != SIG_IGN)
-	signal(SIGINT, sendsig);
-    if (signal(SIGQUIT, SIG_IGN) != SIG_IGN)
-	signal(SIGQUIT, sendsig);
-    if (signal(SIGTERM, SIG_IGN) != SIG_IGN)
-	signal(SIGTERM, sendsig);
-
-    if (!nfork) {
-	pid = fork();
-	if (pid < 0)
-	    err(1, "fork");
-    }
-
-    if (!doencrypt) {
-	ioctl(rfd2, FIONBIO, &one);
-	ioctl(rem, FIONBIO, &one);
-    }
-
-    talk(nflag, omask, pid, rem);
-    
-    if (!nflag)
-	kill(pid, SIGKILL);
-    exit(0);
-}
diff --git a/crypto/kerberosIV/appl/bsd/rshd.c b/crypto/kerberosIV/appl/bsd/rshd.c
deleted file mode 100644
index 75ca1df454ba..000000000000
--- a/crypto/kerberosIV/appl/bsd/rshd.c
+++ /dev/null
@@ -1,635 +0,0 @@
-/*-
- * Copyright (c) 1988, 1989, 1992, 1993, 1994
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/*
- * remote shell server:
- *	[port]\0
- *	remuser\0
- *	locuser\0
- *	command\0
- *	data
- */
-
-#include "bsd_locl.h"
-
-RCSID("$Id: rshd.c,v 1.51 1997/05/13 09:42:39 bg Exp $");
-
-extern char *__rcmd_errstr; /* syslog hook from libc/net/rcmd.c. */
-extern int __check_rhosts_file;
-
-static int	keepalive = 1;
-static int	log_success;	/* If TRUE, log all successful accesses */
-static int	new_pag = 1;	/* Put process in new PAG by default */
-static int	no_inetd = 0;
-static int	sent_null;
-
-static void		 doit (struct sockaddr_in *);
-static void		 error (const char *, ...)
-#ifdef __GNUC__
-__attribute__ ((format (printf, 1, 2)))
-#endif
-;
-static void		 usage (void);
-
-#define	VERSION_SIZE	9
-#define SECURE_MESSAGE  "This rsh session is using DES encryption for all transmissions.\r\n"
-#define	OPTIONS		"alnkvxLp:Pi"
-AUTH_DAT authbuf;
-KTEXT_ST tickbuf;
-int	doencrypt, use_kerberos, vacuous;
-Key_schedule	schedule;
-
-int
-main(int argc, char *argv[])
-{
-    struct linger linger;
-    int ch, on = 1, fromlen;
-    struct sockaddr_in from;
-    int portnum = 0;
-
-    set_progname(argv[0]);
-
-    openlog("rshd", LOG_PID | LOG_ODELAY, LOG_DAEMON);
-
-    opterr = 0;
-    while ((ch = getopt(argc, argv, OPTIONS)) != EOF)
-	switch (ch) {
-	case 'a':
-	    break;
-	case 'l':
-	    __check_rhosts_file = 0;
-	    break;
-	case 'n':
-	    keepalive = 0;
-	    break;
-	case 'k':
-	    use_kerberos = 1;
-	    break;
-
-	case 'v':
-	    vacuous = 1;
-	    break;
-
-	case 'x':
-	    doencrypt = 1;
-	    break;
-	case 'L':
-	    log_success = 1;
-	    break;
-	case 'p':
-	    portnum = htons(atoi(optarg));
-	    break;
-	case 'P':
-	    new_pag = 0;
-	    break;
-	case 'i':
-	    no_inetd = 1;
-	    break;
-	case '?':
-	default:
-	    usage();
-	    break;
-	}
-
-    argc -= optind;
-    argv += optind;
-
-    if (use_kerberos && vacuous) {
-	syslog(LOG_ERR, "only one of -k and -v allowed");
-	exit(2);
-    }
-    if (doencrypt && !use_kerberos) {
-	syslog(LOG_ERR, "-k is required for -x");
-	exit(2);
-    }
-
-    if (no_inetd) {
-	if(portnum == 0)
-	    portnum = get_shell_port (use_kerberos, doencrypt);
-	mini_inetd (portnum);
-    }
-
-    fromlen = sizeof (from);
-    if (getpeername(0, (struct sockaddr *)&from, &fromlen) < 0) {
-	syslog(LOG_ERR, "getpeername: %m");
-	_exit(1);
-    }
-#ifdef HAVE_SETSOCKOPT
-#ifdef SO_KEEPALIVE
-    if (keepalive &&
-	setsockopt(0, SOL_SOCKET, SO_KEEPALIVE, (void *)&on,
-		   sizeof(on)) < 0)
-	syslog(LOG_WARNING, "setsockopt (SO_KEEPALIVE): %m");
-#endif
-#ifdef SO_LINGER
-    linger.l_onoff = 1;
-    linger.l_linger = 60;			/* XXX */
-    if (setsockopt(0, SOL_SOCKET, SO_LINGER, (void *)&linger,
-		   sizeof (linger)) < 0)
-	syslog(LOG_WARNING, "setsockopt (SO_LINGER): %m");
-#endif
-#endif /* HAVE_SETSOCKOPT */
-    doit(&from);
-    /* NOTREACHED */
-    return 0;
-}
-
-char	username[20] = "USER=";
-char	homedir[64] = "HOME=";
-char	shell[64] = "SHELL=";
-char	path[100] = "PATH=";
-char	*envinit[] =
-{homedir, shell, path, username, 0};
-
-static void
-xgetstr(char *buf, int cnt, char *err)
-{
-    char c;
-
-    do {
-	if (read(STDIN_FILENO, &c, 1) != 1)
-	    exit(1);
-	*buf++ = c;
-	if (--cnt == 0) {
-	    error("%s too long\n", err);
-	    exit(1);
-	}
-    } while (c != 0);
-}
-
-static void
-doit(struct sockaddr_in *fromp)
-{
-    struct passwd *pwd;
-    u_short port;
-    fd_set ready, readfrom;
-    int cc, nfd, pv[2], pid, s;
-    int one = 1;
-    const char *errorhost = "";
-    char *errorstr;
-    char *cp, sig, buf[BUFSIZ];
-    char cmdbuf[NCARGS+1], locuser[16], remuser[16];
-    char remotehost[2 * MaxHostNameLen + 1];
-
-    AUTH_DAT	*kdata;
-    KTEXT		ticket;
-    char		instance[INST_SZ], version[VERSION_SIZE];
-    struct		sockaddr_in	fromaddr;
-    int		rc;
-    long		authopts;
-    int		pv1[2], pv2[2];
-    fd_set		wready, writeto;
-
-    fromaddr = *fromp;
-
-    signal(SIGINT, SIG_DFL);
-    signal(SIGQUIT, SIG_DFL);
-    signal(SIGTERM, SIG_DFL);
-#ifdef DEBUG
-    { int t = open(_PATH_TTY, 2);
-    if (t >= 0) {
-	ioctl(t, TIOCNOTTY, (char *)0);
-	close(t);
-    }
-    }
-#endif
-    fromp->sin_port = ntohs((u_short)fromp->sin_port);
-    if (fromp->sin_family != AF_INET) {
-	syslog(LOG_ERR, "malformed \"from\" address (af %d)\n",
-	       fromp->sin_family);
-	exit(1);
-    }
-
-
-    if (!use_kerberos) {
-	ip_options_and_die (0, fromp);
-	if (fromp->sin_port >= IPPORT_RESERVED ||
-	    fromp->sin_port < IPPORT_RESERVED/2) {
-	    syslog(LOG_NOTICE|LOG_AUTH,
-		   "Connection from %s on illegal port %u",
-		   inet_ntoa(fromp->sin_addr),
-		   fromp->sin_port);
-	    exit(1);
-	}
-    }
-
-    alarm(60);
-    port = 0;
-    for (;;) {
-	char c;
-	if ((cc = read(STDIN_FILENO, &c, 1)) != 1) {
-	    if (cc < 0)
-		syslog(LOG_NOTICE, "read: %m");
-	    shutdown(0, 1+1);
-	    exit(1);
-	}
-	if (c== 0)
-	    break;
-	port = port * 10 + c - '0';
-    }
-
-    alarm(0);
-    if (port != 0) {
-	int lport = IPPORT_RESERVED - 1;
-	s = rresvport(&lport);
-	if (s < 0) {
-	    syslog(LOG_ERR, "can't get stderr port: %m");
-	    exit(1);
-	}
-	if (!use_kerberos)
-	    if (port >= IPPORT_RESERVED) {
-		syslog(LOG_ERR, "2nd port not reserved\n");
-		exit(1);
-	    }
-	fromp->sin_port = htons(port);
-	if (connect(s, (struct sockaddr *)fromp, sizeof (*fromp)) < 0) {
-	    syslog(LOG_INFO, "connect second port %d: %m", port);
-	    exit(1);
-	}
-    }
-
-    if (vacuous) {
-	error("rshd: remote host requires Kerberos authentication\n");
-	exit(1);
-    }
-
-    errorstr = NULL;
-    inaddr2str (fromp->sin_addr, remotehost, sizeof(remotehost));
-
-    if (use_kerberos) {
-	kdata = &authbuf;
-	ticket = &tickbuf;
-	authopts = 0L;
-	k_getsockinst(0, instance, sizeof(instance));
-	version[VERSION_SIZE - 1] = '\0';
-	if (doencrypt) {
-	    struct sockaddr_in local_addr;
-	    rc = sizeof(local_addr);
-	    if (getsockname(0, (struct sockaddr *)&local_addr,
-			    &rc) < 0) {
-		syslog(LOG_ERR, "getsockname: %m");
-		error("rlogind: getsockname: %m");
-		exit(1);
-	    }
-	    authopts = KOPT_DO_MUTUAL;
-	    rc = krb_recvauth(authopts, 0, ticket,
-			      "rcmd", instance, &fromaddr,
-			      &local_addr, kdata, "", schedule,
-			      version);
-#ifndef NOENCRYPTION
-	    des_set_key(&kdata->session, schedule);
-#else
-	    memset(schedule, 0, sizeof(schedule));
-#endif
-	} else
-	    rc = krb_recvauth(authopts, 0, ticket, "rcmd",
-			      instance, &fromaddr,
-			      (struct sockaddr_in *) 0,
-			      kdata, "", 0, version);
-	if (rc != KSUCCESS) {
-	    error("Kerberos authentication failure: %s\n",
-		  krb_get_err_text(rc));
-	    exit(1);
-	}
-    } else
-	xgetstr(remuser, sizeof(remuser), "remuser");
-
-    xgetstr(locuser, sizeof(locuser), "locuser");
-    xgetstr(cmdbuf, sizeof(cmdbuf), "command");
-    setpwent();
-    pwd = k_getpwnam(locuser);
-    if (pwd == NULL) {
-	syslog(LOG_INFO|LOG_AUTH,
-	       "%s@%s as %s: unknown login. cmd='%.80s'",
-	       remuser, remotehost, locuser, cmdbuf);
-	if (errorstr == NULL)
-	    errorstr = "Login incorrect.\n";
-	goto fail;
-    }
-    if (pwd->pw_uid == 0 && strcmp("root", locuser) != 0)
-	{
-	    syslog(LOG_ALERT, "NIS attack, user %s has uid 0", locuser);
-	    if (errorstr == NULL)
-		errorstr = "Login incorrect.\n";
-	    goto fail;
-	}
-    if (chdir(pwd->pw_dir) < 0) {
-	chdir("/");
-#ifdef notdef
-	syslog(LOG_INFO|LOG_AUTH,
-	       "%s@%s as %s: no home directory. cmd='%.80s'",
-	       remuser, remotehost, locuser, cmdbuf);
-	error("No remote directory.\n");
-	exit(1);
-#endif
-    }
-
-    if (use_kerberos) {
-	if (pwd->pw_passwd != 0 && *pwd->pw_passwd != '\0') {
-	    if (kuserok(kdata, locuser) != 0) {
-		syslog(LOG_INFO|LOG_AUTH,
-		       "Kerberos rsh denied to %s",
-		       krb_unparse_name_long(kdata->pname, 
-					     kdata->pinst, 
-					     kdata->prealm));
-		error("Permission denied.\n");
-		exit(1);
-	    }
-	}
-    } else
-
-	if (errorstr ||
-	    pwd->pw_passwd != 0 && *pwd->pw_passwd != '\0' &&
-	    iruserok(fromp->sin_addr.s_addr, pwd->pw_uid == 0,
-		     remuser, locuser) < 0) {
-	    if (__rcmd_errstr)
-		syslog(LOG_INFO|LOG_AUTH,
-		       "%s@%s as %s: permission denied (%s). cmd='%.80s'",
-		       remuser, remotehost, locuser,
-		       __rcmd_errstr, cmdbuf);
-	    else
-		syslog(LOG_INFO|LOG_AUTH,
-		       "%s@%s as %s: permission denied. cmd='%.80s'",
-		       remuser, remotehost, locuser, cmdbuf);
-		     fail:
-	    if (errorstr == NULL)
-		errorstr = "Permission denied.\n";
-	    error(errorstr, errorhost);
-	    exit(1);
-	}
-
-    if (pwd->pw_uid && !access(_PATH_NOLOGIN, F_OK)) {
-	error("Logins currently disabled.\n");
-	exit(1);
-    }
-
-    write(STDERR_FILENO, "\0", 1);
-    sent_null = 1;
-
-    if (port) {
-	if (pipe(pv) < 0) {
-	    error("Can't make pipe.\n");
-	    exit(1);
-	}
-	if (doencrypt) {
-	    if (pipe(pv1) < 0) {
-		error("Can't make 2nd pipe.\n");
-		exit(1);
-	    }
-	    if (pipe(pv2) < 0) {
-		error("Can't make 3rd pipe.\n");
-		exit(1);
-	    }
-	}
-	pid = fork();
-	if (pid == -1)  {
-	    error("Can't fork; try again.\n");
-	    exit(1);
-	}
-	if (pid) {
-	    if (doencrypt) {
-		static char msg[] = SECURE_MESSAGE;
-		close(pv1[1]);
-		close(pv2[0]);
-#ifndef NOENCRYPTION
-		des_enc_write(s, msg, sizeof(msg) - 1, schedule, &kdata->session);
-#else
-		write(s, msg, sizeof(msg) - 1);
-#endif
-	    } else {
-		close(0);
-		close(1);
-	    }
-	    close(2);
-	    close(pv[1]);
-
-	    FD_ZERO(&readfrom);
-	    FD_SET(s, &readfrom);
-	    FD_SET(pv[0], &readfrom);
-	    if (pv[0] > s)
-		nfd = pv[0];
-	    else
-		nfd = s;
-	    if (doencrypt) {
-		FD_ZERO(&writeto);
-		FD_SET(pv2[1], &writeto);
-		FD_SET(pv1[0], &readfrom);
-		FD_SET(STDIN_FILENO, &readfrom);
-
-		nfd = max(nfd, pv2[1]);
-		nfd = max(nfd, pv1[0]);
-	    } else
-		ioctl(pv[0], FIONBIO, (char *)&one);
-
-	    /* should set s nbio! */
-	    nfd++;
-	    do {
-		ready = readfrom;
-		if (doencrypt) {
-		    wready = writeto;
-		    if (select(nfd, &ready,
-			       &wready, 0,
-			       (struct timeval *) 0) < 0)
-			break;
-		} else
-		    if (select(nfd, &ready, 0,
-			       0, (struct timeval *)0) < 0)
-			break;
-		if (FD_ISSET(s, &ready)) {
-		    int	ret;
-		    if (doencrypt)
-#ifndef NOENCRYPTION
-			ret = des_enc_read(s, &sig, 1, schedule, &kdata->session);
-#else
-		    ret = read(s, &sig, 1);
-#endif
-		    else
-			ret = read(s, &sig, 1);
-		    if (ret <= 0)
-			FD_CLR(s, &readfrom);
-		    else
-			kill(-pid, sig);
-		}
-		if (FD_ISSET(pv[0], &ready)) {
-		    errno = 0;
-		    cc = read(pv[0], buf, sizeof(buf));
-		    if (cc <= 0) {
-			shutdown(s, 1+1);
-			FD_CLR(pv[0], &readfrom);
-		    } else {
-			if (doencrypt)
-#ifndef NOENCRYPTION
-			    des_enc_write(s, buf, cc, schedule, &kdata->session);
-#else
-			write(s, buf, cc);
-#endif
-			else
-			    (void)
-				write(s, buf, cc);
-		    }
-		}
-		if (doencrypt && FD_ISSET(pv1[0], &ready)) {
-		    errno = 0;
-		    cc = read(pv1[0], buf, sizeof(buf));
-		    if (cc <= 0) {
-			shutdown(pv1[0], 1+1);
-			FD_CLR(pv1[0], &readfrom);
-		    } else
-#ifndef NOENCRYPTION
-			des_enc_write(STDOUT_FILENO, buf, cc, schedule, &kdata->session);
-#else
-		    write(STDOUT_FILENO, buf, cc);
-#endif
-		}
-
-		if (doencrypt
-		    && FD_ISSET(STDIN_FILENO, &ready)
-		    && FD_ISSET(pv2[1], &wready)) {
-		    errno = 0;
-#ifndef NOENCRYPTION
-		    cc = des_enc_read(STDIN_FILENO, buf, sizeof(buf), schedule, &kdata->session);
-#else
-		    cc = read(STDIN_FILENO, buf, sizeof(buf));
-#endif
-		    if (cc <= 0) {
-			shutdown(STDIN_FILENO, 0);
-			FD_CLR(STDIN_FILENO, &readfrom);
-			close(pv2[1]);
-			FD_CLR(pv2[1], &writeto);
-		    } else
-			write(pv2[1], buf, cc);
-		}
-
-	    } while (FD_ISSET(s, &readfrom) ||
-		     (doencrypt && FD_ISSET(pv1[0], &readfrom)) ||
-		     FD_ISSET(pv[0], &readfrom));
-	    exit(0);
-	}
-	setsid();
-	close(s);
-	close(pv[0]);
-	if (doencrypt) {
-	    close(pv1[0]);
-	    close(pv2[1]);
-	    dup2(pv1[1], 1);
-	    dup2(pv2[0], 0);
-	    close(pv1[1]);
-	    close(pv2[0]);
-	}
-	dup2(pv[1], 2);
-	close(pv[1]);
-    }
-    if (*pwd->pw_shell == '\0')
-	pwd->pw_shell = _PATH_BSHELL;
-#ifdef HAVE_SETLOGIN
-    if (setlogin(pwd->pw_name) < 0)
-	syslog(LOG_ERR, "setlogin() failed: %m");
-#endif
-
-#ifdef HAVE_SETPCRED
-    if (setpcred (pwd->pw_name, NULL) == -1)
-	syslog(LOG_ERR, "setpcred() failure: %m");
-#endif /* HAVE_SETPCRED */
-    setgid((gid_t)pwd->pw_gid);
-    initgroups(pwd->pw_name, pwd->pw_gid);
-    setuid((uid_t)pwd->pw_uid);
-    strncat(homedir, pwd->pw_dir, sizeof(homedir)-6);
-
-    /* Need to extend path to find rcp */
-    strncat(path, BINDIR, sizeof(path)-1);
-    strncat(path, ":", sizeof(path)-1);
-    strncat(path, _PATH_DEFPATH, sizeof(path)-1);
-    path[sizeof(path)-1] = '\0';
-
-    strncat(shell, pwd->pw_shell, sizeof(shell)-7);
-    strncat(username, pwd->pw_name, sizeof(username)-6);
-    cp = strrchr(pwd->pw_shell, '/');
-    if (cp)
-	cp++;
-    else
-	cp = pwd->pw_shell;
-    endpwent();
-    if (log_success || pwd->pw_uid == 0) {
-	if (use_kerberos)
-	    syslog(LOG_INFO|LOG_AUTH,
-		   "Kerberos shell from %s on %s as %s, cmd='%.80s'",
-		   krb_unparse_name_long(kdata->pname, 
-					 kdata->pinst, 
-					 kdata->prealm),
-		   remotehost, locuser, cmdbuf);
-	else
-	    syslog(LOG_INFO|LOG_AUTH, "%s@%s as %s: cmd='%.80s'",
-		   remuser, remotehost, locuser, cmdbuf);
-    }
-    if (k_hasafs()) {
-	if (new_pag)
-	    k_setpag();	/* Put users process in an new pag */
-	k_afsklog(0, 0);
-    }
-    execle(pwd->pw_shell, cp, "-c", cmdbuf, 0, envinit);
-    err(1, pwd->pw_shell);
-}
-
-/*
- * Report error to client.  Note: can't be used until second socket has
- * connected to client, or older clients will hang waiting for that
- * connection first.
- */
-
-static void
-error(const char *fmt, ...)
-{
-    va_list ap;
-    int len;
-    char *bp, buf[BUFSIZ];
-
-    va_start(ap, fmt);
-    bp = buf;
-    if (sent_null == 0) {
-	*bp++ = 1;
-	len = 1;
-    } else
-	len = 0;
-    len = vsnprintf (bp, sizeof(buf) - len, fmt, ap);
-    write (STDERR_FILENO, buf, len);
-    va_end(ap);
-}
-
-static void
-usage()
-{
-
-    syslog(LOG_ERR,
-	   "usage: rshd [-alnkvxLPi] [-p port]");
-    exit(2);
-}
diff --git a/crypto/kerberosIV/appl/bsd/stty_default.c b/crypto/kerberosIV/appl/bsd/stty_default.c
deleted file mode 100644
index b7112c1b6943..000000000000
--- a/crypto/kerberosIV/appl/bsd/stty_default.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "bsd_locl.h"
-
-RCSID("$Id: stty_default.c,v 1.6 1997/04/01 08:17:17 joda Exp $");
-
-#include <termios.h>
-
-/* HP-UX 9.0 termios doesn't define these */
-#ifndef FLUSHO
-#define	FLUSHO	0
-#endif
-
-#ifndef XTABS
-#define	XTABS	0
-#endif
-
-#ifndef OXTABS
-#define OXTABS	XTABS
-#endif
-
-/* Ultrix... */
-#ifndef ECHOPRT
-#define ECHOPRT	0
-#endif
-
-#ifndef ECHOCTL
-#define ECHOCTL	0
-#endif
-
-#ifndef ECHOKE
-#define ECHOKE	0
-#endif
-
-#ifndef IMAXBEL
-#define IMAXBEL	0
-#endif
-
-#define Ctl(x) ((x) ^ 0100)
-
-void
-stty_default(void)
-{
-    struct	termios termios;
-
-    /*
-     * Finalize the terminal settings. Some systems default to 8 bits,
-     * others to 7, so we should leave that alone.
-     */
-    tcgetattr(0, &termios);
-
-    termios.c_iflag |= (BRKINT|IGNPAR|ICRNL|IXON|IMAXBEL);
-    termios.c_iflag &= ~IXANY;
-
-    termios.c_lflag |= (ISIG|IEXTEN|ICANON|ECHO|ECHOE|ECHOK|ECHOCTL|ECHOKE);
-    termios.c_lflag &= ~(ECHOPRT|TOSTOP|FLUSHO);
-
-    termios.c_oflag |= (OPOST|ONLCR);
-    termios.c_oflag &= ~OXTABS;
-
-    termios.c_cc[VINTR] = Ctl('C');
-    termios.c_cc[VERASE] = Ctl('H');
-    termios.c_cc[VKILL] = Ctl('U');
-    termios.c_cc[VEOF] = Ctl('D');
-
-    termios.c_cc[VSUSP] = Ctl('Z');
-    
-    tcsetattr(0, TCSANOW, &termios);
-}
diff --git a/crypto/kerberosIV/appl/bsd/su.c b/crypto/kerberosIV/appl/bsd/su.c
deleted file mode 100644
index 8c610e1d3036..000000000000
--- a/crypto/kerberosIV/appl/bsd/su.c
+++ /dev/null
@@ -1,452 +0,0 @@
-/*
- * Copyright (c) 1988 The Regents of the University of California.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "bsd_locl.h"
-
-RCSID ("$Id: su.c,v 1.59 1997/05/26 17:45:54 bg Exp $");
-
-#ifdef SYSV_SHADOW
-#include "sysv_shadow.h"
-#endif
-
-static int kerberos (char *username, char *user, int uid);
-static int chshell (char *sh);
-static char *ontty (void);
-static int koktologin (char *name, char *realm, char *toname);
-static int chshell (char *sh);
-
-/* Handle '-' option after all the getopt options */
-#define	ARGSTR	"Kflmi:"
-
-static int use_kerberos = 1;
-static char *root_inst = "root";
-
-int
-main (int argc, char **argv)
-{
-    struct passwd *pwd;
-    char *p, **g;
-    struct group *gr;
-    uid_t ruid;
-    int asme, ch, asthem, fastlogin, prio;
-    enum { UNSET, YES, NO } iscsh = UNSET;
-    char *user, *shell, *avshell, *username, **np;
-    char shellbuf[MaxPathLen], avshellbuf[MaxPathLen];
-
-    set_progname (argv[0]);
-
-    asme = asthem = fastlogin = 0;
-    while ((ch = getopt (argc, argv, ARGSTR)) != EOF)
-	switch ((char) ch) {
-	case 'K':
-	    use_kerberos = 0;
-	    break;
-	case 'f':
-	    fastlogin = 1;
-	    break;
-	case 'l':
-	    asme = 0;
-	    asthem = 1;
-	    break;
-	case 'm':
-	    asme = 1;
-	    asthem = 0;
-	    break;
-	case 'i':
-	    root_inst = optarg;
-	    break;
-	case '?':
-	default:
-	    fprintf (stderr,
-		     "usage: su [-Kflm] [-i root-instance] [-] [login]\n");
-	    exit (1);
-	}
-    /* Don't handle '-' option with getopt */
-    if (optind < argc && strcmp (argv[optind], "-") == 0) {
-	asme = 0;
-	asthem = 1;
-	optind++;
-    }
-    argv += optind;
-
-    if (use_kerberos) {
-	int fd = open (KEYFILE, O_RDONLY);
-
-	if (fd >= 0)
-	    close (fd);
-	else
-	    use_kerberos = 0;
-    }
-    errno = 0;
-    prio = getpriority (PRIO_PROCESS, 0);
-    if (errno)
-	prio = 0;
-    setpriority (PRIO_PROCESS, 0, -2);
-    openlog ("su", LOG_CONS, 0);
-
-    /* get current login name and shell */
-    ruid = getuid ();
-    username = getlogin ();
-    if (username == NULL || (pwd = k_getpwnam (username)) == NULL ||
-	pwd->pw_uid != ruid)
-	pwd = k_getpwuid (ruid);
-    if (pwd == NULL)
-	errx (1, "who are you?");
-    username = strdup (pwd->pw_name);
-    if (asme)
-	if (pwd->pw_shell && *pwd->pw_shell)
-	    shell = strcpy (shellbuf, pwd->pw_shell);
-	else {
-	    shell = _PATH_BSHELL;
-	    iscsh = NO;
-	}
-
-    /* get target login information, default to root */
-    user = *argv ? *argv : "root";
-    np = *argv ? argv : argv - 1;
-
-    pwd = k_getpwnam (user);
-    if (pwd == NULL)
-	errx (1, "unknown login %s", user);
-    if (pwd->pw_uid == 0 && strcmp ("root", user) != 0) {
-	syslog (LOG_ALERT, "NIS attack, user %s has uid 0", user);
-	errx (1, "unknown login %s", user);
-    }
-    if (!use_kerberos || kerberos (username, user, pwd->pw_uid)) {
-#ifndef PASSWD_FALLBACK
-	errx (1, "won't use /etc/passwd authentication");
-#endif
-	/* getpwnam() is not reentrant and kerberos might use it! */
-	pwd = k_getpwnam (user);
-	if (pwd == NULL)
-	    errx (1, "unknown login %s", user);
-	/* only allow those in group zero to su to root. */
-	if (pwd->pw_uid == 0 && (gr = getgrgid ((gid_t) 0)))
-	    for (g = gr->gr_mem;; ++g) {
-		if (!*g) {
-#if 1
-		    /* if group 0 is empty or only 
-		       contains root su is still ok. */
-		    if (gr->gr_mem[0] == 0)
-			break;	/* group 0 is empty */
-		    if (gr->gr_mem[1] == 0 &&
-			strcmp (gr->gr_mem[0], "root") == 0)
-			break;	/* only root in group 0 */
-#endif
-		    errx (1, "you are not in the correct group to su %s.",
-			  user);
-		}
-		if (!strcmp (username, *g))
-		    break;
-	    }
-	/* if target requires a password, verify it */
-	if (ruid && *pwd->pw_passwd) {
-	    char prompt[128];
-	    char passwd[256];
-
-	    snprintf (prompt, sizeof(prompt), "%s's Password: ", pwd->pw_name);
-	    if (des_read_pw_string (passwd, sizeof (passwd),
-				    prompt, 0)) {
-		memset (passwd, 0, sizeof (passwd));
-		exit (1);
-	    }
-	    if (strcmp (pwd->pw_passwd,
-			crypt (passwd, pwd->pw_passwd))) {
-		memset (passwd, 0, sizeof (passwd));
-		syslog (LOG_AUTH | LOG_WARNING,
-			"BAD SU %s to %s%s", username,
-			user, ontty ());
-		errx (1, "Sorry");
-	    }
-	    memset (passwd, 0, sizeof (passwd));
-	}
-    }
-    if (asme) {
-	/* if asme and non-standard target shell, must be root */
-	if (!chshell (pwd->pw_shell) && ruid)
-	    errx (1, "permission denied (shell '%s' not in /etc/shells).",
-		  pwd->pw_shell);
-    } else if (pwd->pw_shell && *pwd->pw_shell) {
-	shell = pwd->pw_shell;
-	iscsh = UNSET;
-    } else {
-	shell = _PATH_BSHELL;
-	iscsh = NO;
-    }
-
-    if ((p = strrchr (shell, '/')) != 0)
-	avshell = p + 1;
-    else
-	avshell = shell;
-
-    /* if we're forking a csh, we want to slightly muck the args */
-    if (iscsh == UNSET)
-	iscsh = strcmp (avshell, "csh") ? NO : YES;
-
-    /* set permissions */
-
-    if (setgid (pwd->pw_gid) < 0)
-	err (1, "setgid");
-    if (initgroups (user, pwd->pw_gid))
-	errx (1, "initgroups failed.");
-
-    if (setuid (pwd->pw_uid) < 0)
-	err (1, "setuid");
-
-    if (!asme) {
-	if (asthem) {
-	    char *k = getenv ("KRBTKFILE");
-	    char *t = getenv ("TERM");
-
-	    environ = malloc (10 * sizeof (char *));
-	    environ[0] = NULL;
-	    setenv ("PATH", _PATH_DEFPATH, 1);
-	    if (t)
-		setenv ("TERM", t, 1);
-	    if (k)
-		setenv ("KRBTKFILE", k, 1);
-	    if (chdir (pwd->pw_dir) < 0)
-		errx (1, "no directory");
-	}
-	if (asthem || pwd->pw_uid)
-	    setenv ("USER", pwd->pw_name, 1);
-	setenv ("HOME", pwd->pw_dir, 1);
-	setenv ("SHELL", shell, 1);
-    }
-    if (iscsh == YES) {
-	if (fastlogin)
-	    *np-- = "-f";
-	if (asme)
-	    *np-- = "-m";
-    }
-    if (asthem) {
-	avshellbuf[0] = '-';
-	strcpy (avshellbuf + 1, avshell);
-	avshell = avshellbuf;
-    } else if (iscsh == YES) {
-	/* csh strips the first character... */
-	avshellbuf[0] = '_';
-	strcpy (avshellbuf + 1, avshell);
-	avshell = avshellbuf;
-    }
-    *np = avshell;
-
-    if (ruid != 0)
-	syslog (LOG_NOTICE | LOG_AUTH, "%s to %s%s",
-		username, user, ontty ());
-
-    setpriority (PRIO_PROCESS, 0, prio);
-
-    if (k_hasafs ()) {
-	int code;
-
-	if (k_setpag () != 0)
-	    warn ("setpag");
-	code = k_afsklog (0, 0);
-	if (code != KSUCCESS && code != KDC_PR_UNKNOWN)
-	    warnx ("afsklog: %s", krb_get_err_text (code));
-    }
-    execv (shell, np);
-    warn ("execv(%s)", shell);
-    if (getuid () == 0) {
-	execv (_PATH_BSHELL, np);
-	warn ("execv(%s)", _PATH_BSHELL);
-    }
-    exit (1);
-}
-
-static int
-chshell (char *sh)
-{
-    char *cp;
-
-    while ((cp = getusershell ()) != NULL)
-	if (!strcmp (cp, sh))
-	    return (1);
-    return (0);
-}
-
-static char *
-ontty (void)
-{
-    char *p;
-    static char buf[MaxPathLen + 4];
-
-    buf[0] = 0;
-    if ((p = ttyname (STDERR_FILENO)) != 0)
-	snprintf (buf, sizeof(buf), " on %s", p);
-    return (buf);
-}
-
-static int
-kerberos (char *username, char *user, int uid)
-{
-    KTEXT_ST ticket;
-    AUTH_DAT authdata;
-    struct hostent *hp;
-    int kerno;
-    u_long faddr;
-    char lrealm[REALM_SZ], krbtkfile[MaxPathLen];
-    char hostname[MaxHostNameLen], savehost[MaxHostNameLen];
-
-    if (krb_get_lrealm (lrealm, 1) != KSUCCESS)
-	return (1);
-    if (koktologin (username, lrealm, user) && !uid) {
-#ifndef PASSWD_FALLBACK
-	warnx ("not in %s's ACL.", user);
-#endif
-	return (1);
-    }
-    snprintf (krbtkfile, sizeof(krbtkfile),
-	      "%s_%s_to_%s_%u", TKT_ROOT, username, user,
-	     (unsigned) getpid ());
-
-    setenv ("KRBTKFILE", krbtkfile, 1);
-    krb_set_tkt_string (krbtkfile);
-    /*
-     * Little trick here -- if we are su'ing to root, we need to get a ticket
-     * for "xxx.root", where xxx represents the name of the person su'ing.
-     * Otherwise (non-root case), we need to get a ticket for "yyy.", where
-     * yyy represents the name of the person being su'd to, and the instance
-     * is null 
-     *
-     * We should have a way to set the ticket lifetime, with a system default
-     * for root. 
-     */
-    {
-	char prompt[128];
-	char passw[256];
-
-	snprintf (prompt, sizeof(prompt),
-		  "%s's Password: ",
-		  krb_unparse_name_long ((uid == 0 ? username : user),
-					 (uid == 0 ? root_inst : ""),
-					 lrealm));
-	if (des_read_pw_string (passw, sizeof (passw), prompt, 0)) {
-	    memset (passw, 0, sizeof (passw));
-	    return (1);
-	}
-	if (strlen(passw) == 0)
-	    return (1);		/* Empty passwords is not allowed */
-	kerno = krb_get_pw_in_tkt ((uid == 0 ? username : user),
-				   (uid == 0 ? root_inst : ""), lrealm,
-				   KRB_TICKET_GRANTING_TICKET,
-				   lrealm,
-				   DEFAULT_TKT_LIFE,
-				   passw);
-	memset (passw, 0, strlen (passw));
-    }
-
-    if (kerno != KSUCCESS) {
-	if (kerno == KDC_PR_UNKNOWN) {
-	    warnx ("principal unknown: %s",
-		   krb_unparse_name_long ((uid == 0 ? username : user),
-					  (uid == 0 ? root_inst : ""),
-					  lrealm));
-	    return (1);
-	}
-	warnx ("unable to su: %s", krb_get_err_text (kerno));
-	syslog (LOG_NOTICE | LOG_AUTH,
-		"BAD SU: %s to %s%s: %s",
-		username, user, ontty (), krb_get_err_text (kerno));
-	return (1);
-    }
-    if (chown (krbtkfile, uid, -1) < 0) {
-	warn ("chown");
-	unlink (krbtkfile);
-	return (1);
-    }
-    setpriority (PRIO_PROCESS, 0, -2);
-
-    if (k_gethostname (hostname, sizeof (hostname)) == -1) {
-	warn ("gethostname");
-	dest_tkt ();
-	return (1);
-    }
-    strncpy (savehost, krb_get_phost (hostname), sizeof (savehost));
-    savehost[sizeof (savehost) - 1] = '\0';
-
-    kerno = krb_mk_req (&ticket, "rcmd", savehost, lrealm, 33);
-
-    if (kerno == KDC_PR_UNKNOWN) {
-	warnx ("Warning: TGT not verified.");
-	syslog (LOG_NOTICE | LOG_AUTH,
-		"%s to %s%s, TGT not verified (%s); "
-		"%s.%s not registered?",
-		username, user, ontty (), krb_get_err_text (kerno),
-		"rcmd", savehost);
-#ifdef KLOGIN_PARANOID
-	/*
-	 * if the "VERIFY_SERVICE" doesn't exist in the KDC for this host, *
-	 * don't allow kerberos login, also log the error condition. 
-	 */
-	warnx ("Trying local password!");
-	return (1);
-#endif
-    } else if (kerno != KSUCCESS) {
-	warnx ("Unable to use TGT: %s", krb_get_err_text (kerno));
-	syslog (LOG_NOTICE | LOG_AUTH, "failed su: %s to %s%s: %s",
-		username, user, ontty (), krb_get_err_text (kerno));
-	dest_tkt ();
-	return (1);
-    } else {
-	if (!(hp = gethostbyname (hostname))) {
-	    warnx ("can't get addr of %s", hostname);
-	    dest_tkt ();
-	    return (1);
-	}
-	memcpy (&faddr, hp->h_addr, sizeof (faddr));
-
-	if ((kerno = krb_rd_req (&ticket, "rcmd", savehost, faddr,
-				 &authdata, "")) != KSUCCESS) {
-	    warnx ("unable to verify rcmd ticket: %s",
-		   krb_get_err_text (kerno));
-	    syslog (LOG_NOTICE | LOG_AUTH,
-		    "failed su: %s to %s%s: %s", username,
-		    user, ontty (), krb_get_err_text (kerno));
-	    dest_tkt ();
-	    return (1);
-	}
-    }
-    fprintf (stderr, "Don't forget to kdestroy before exiting the shell.\n");
-    return (0);
-}
-
-static int
-koktologin (char *name, char *realm, char *toname)
-{
-    return krb_kuserok (name,
-			strcmp (toname, "root") == 0 ? root_inst : "",
-			realm,
-			toname);
-}
diff --git a/crypto/kerberosIV/appl/bsd/sysv_default.c b/crypto/kerberosIV/appl/bsd/sysv_default.c
deleted file mode 100644
index cb36b849454f..000000000000
--- a/crypto/kerberosIV/appl/bsd/sysv_default.c
+++ /dev/null
@@ -1,95 +0,0 @@
-/* Author: Wietse Venema <wietse@wzv.win.tue.nl> */
-
-#include "bsd_locl.h"
-
-RCSID("$Id: sysv_default.c,v 1.9 1997/03/31 01:47:59 assar Exp $");
-
-#include "sysv_default.h"
-
- /*
-  * Default values for stuff that can be read from the defaults file. The
-  * SunOS 5.1 documentation is incomplete and often disagrees with reality.
-  */
-
-static char default_umask_value[] = "022";
-
-char   *default_console	= 0;
-char   *default_altsh	= "YES";
-char   *default_passreq	= "NO";
-char   *default_timezone= 0;
-char   *default_hz	= 0;
-char   *default_path	= _PATH_DEFPATH;
-char   *default_supath	= _PATH_DEFSUPATH;
-char   *default_ulimit	= 0;
-char   *default_timeout	= "60";
-char   *default_umask	= default_umask_value;
-char   *default_sleep	= "4";
-char   *default_maxtrys	= "5";
-
-static struct sysv_default {
-    char  **valptr;
-    char   *prefix;
-    int     prefix_len;
-} defaults[] = {
-    {&default_console,	"CONSOLE=",	sizeof("CONSOLE=") -1},
-    {&default_altsh,	"ALTSHELL=",	sizeof("ALTSHELL=") -1},
-    {&default_passreq,	"PASSREQ=",	sizeof("PASSREQ=") -1},
-    {&default_timezone,	"TIMEZONE=",	sizeof("TIMEZONE=") -1},
-    {&default_hz,	"HZ=",		sizeof("HZ=") -1},
-    {&default_path,	"PATH=",	sizeof("PATH=") -1},
-    {&default_supath,	"SUPATH=",	sizeof("SUPATH=") -1},
-    {&default_ulimit,	"ULIMIT=",	sizeof("ULIMIT=") -1},
-    {&default_timeout,	"TIMEOUT=",	sizeof("TIMEOUT=") -1},
-    {&default_umask,	"UMASK=",	sizeof("UMASK=") -1},
-    {&default_sleep,	"SLEEPTIME=",	sizeof("SLEEPTIME=") -1},
-    {&default_maxtrys,	"MAXTRYS=",	sizeof("MAXTRYS=") -1},
-    {0},
-};
-
-#define trim(s) { \
-	char   *cp = s + strlen(s); \
-	while (cp > s && isspace(cp[-1])) \
-	    cp--; \
-	*cp = 0; \
-}
-
-/* sysv_defaults - read login defaults file */
-
-void
-sysv_defaults()
-{
-    struct sysv_default *dp;
-    FILE   *fp;
-    char    buf[BUFSIZ];
-
-    if ((fp = fopen(_PATH_ETC_DEFAULT_LOGIN, "r"))) {
-
-	/* Stupid quadratic algorithm. */
-
-	while (fgets(buf, sizeof(buf), fp)) {
-
-	    /* Skip comments and blank lines. */
-
-	    if (buf[0] == '#')
-		continue;
-	    trim(buf);
-	    if (buf[0] == 0)
-		continue;
-
-	    /* Assign defaults from file. */
-
-#define STREQN(x,y,l) (x[0] == y[0] && strncmp(x,y,l) == 0)
-
-	    for (dp = defaults; dp->valptr; dp++) {
-		if (STREQN(buf, dp->prefix, dp->prefix_len)) {
-		    if ((*(dp->valptr) = strdup(buf + dp->prefix_len)) == 0) {
-			warnx("Insufficient memory resources - try later.");
-			sleepexit(1);
-		    }
-		    break;
-		}
-	    }
-	}
-	fclose(fp);
-    }
-}
diff --git a/crypto/kerberosIV/appl/bsd/sysv_default.h b/crypto/kerberosIV/appl/bsd/sysv_default.h
deleted file mode 100644
index 00560594d3c9..000000000000
--- a/crypto/kerberosIV/appl/bsd/sysv_default.h
+++ /dev/null
@@ -1,18 +0,0 @@
-/* Author: Wietse Venema <wietse@wzv.win.tue.nl> */
-
-/* $Id: sysv_default.h,v 1.5 1996/10/27 23:51:14 assar Exp $ */
-
-extern char *default_console;
-extern char *default_altsh;
-extern char *default_passreq;
-extern char *default_timezone;
-extern char *default_hz;
-extern char *default_path;
-extern char *default_supath;
-extern char *default_ulimit;
-extern char *default_timeout;
-extern char *default_umask;
-extern char *default_sleep;
-extern char *default_maxtrys;
-
-void sysv_defaults(void);
diff --git a/crypto/kerberosIV/appl/bsd/sysv_environ.c b/crypto/kerberosIV/appl/bsd/sysv_environ.c
deleted file mode 100644
index f5e782d0da38..000000000000
--- a/crypto/kerberosIV/appl/bsd/sysv_environ.c
+++ /dev/null
@@ -1,192 +0,0 @@
-/* Author: Wietse Venema <wietse@wzv.win.tue.nl> */
-
-#include "bsd_locl.h"
-
-RCSID("$Id: sysv_environ.c,v 1.21 1997/05/14 17:34:15 joda Exp $");
-
-#ifdef HAVE_ULIMIT_H
-#include <ulimit.h>
-#endif
-
-#ifndef UL_SETFSIZE
-#define UL_SETFSIZE 2
-#endif
-
-#include "sysv_default.h"
-
-/*
- * Set 
- */
-
-static void
-read_etc_environment (void)
-{
-    FILE *f;
-    char buf[BUFSIZ];
-
-    f = fopen(_PATH_ETC_ENVIRONMENT, "r");
-    if (f) {
-	char *val;
-
-	while (fgets (buf, sizeof(buf), f) != NULL) {
-	    if (buf[0] == '\n' || buf[0] == '#')
-		continue;
-	    buf[strlen(buf) - 1] = '\0';
-	    val = strchr (buf, '=');
-	    if (val == NULL)
-		continue;
-	    *val = '\0';
-	    setenv(buf, val + 1, 1);
-	}
-	fclose (f);
-    }
-}
-
- /*
-  * Environment variables that are preserved (but may still be overruled by
-  * other means). Only TERM and TZ appear to survive (SunOS 5.1). These are
-  * typically inherited from the ttymon process.
-  */
-
-static struct preserved {
-    char   *name;
-    char   *value;
-} preserved[] = {
-    {"TZ", 0},
-    {"TERM", 0},
-    {0},
-};
-
- /*
-  * Environment variables that are not preserved and that cannot be specified
-  * via commandline or stdin. Except for the LD_xxx (runtime linker) stuff,
-  * the list applies to most SYSV systems. The manpage mentions only that
-  * SHELL and PATH are censored. HOME, LOGNAME and MAIL are always
-  * overwritten; they are in the list to make the censoring explicit.
-  */
-
-static struct censored {
-    char   *prefix;
-    int     length;
-} censored[] = {
-  {"SHELL=",	sizeof("SHELL=") - 1},
-     {"HOME=",	sizeof("HOME=") - 1},
-     {"LOGNAME=",	sizeof("LOGNAME=") - 1},
-     {"MAIL=",	sizeof("MAIL=") - 1},
-     {"CDPATH=",	sizeof("CDPATH=") - 1},
-     {"IFS=",	sizeof("IFS=") - 1},
-     {"PATH=",	sizeof("PATH=") - 1},
-    {"LD_",	sizeof("LD_") - 1},
-    {0},
-};
-
-/* sysv_newenv - set up final environment after logging in */
-
-void sysv_newenv(int argc, char **argv, struct passwd *pwd,
-		 char *term, int pflag)
-{
-    unsigned umask_val;
-    long    limit_val;
-    char    buf[BUFSIZ];
-    int     count = 0;
-    struct censored *cp;
-    struct preserved *pp;
-
-    /* Preserve a selection of the environment. */
-
-    for (pp = preserved; pp->name; pp++)
-	pp->value = getenv(pp->name);
-
-    /*
-     * Note: it is a bad idea to assign a static array to the global environ
-     * variable. Reason is that putenv() can run into problems when it tries
-     * to realloc() the environment table. Instead, we just clear environ[0]
-     * and let putenv() work things out.
-     */
-
-    if (!pflag && environ)
-	environ[0] = 0;
-
-    /* Restore preserved environment variables. */
-
-    for (pp = preserved; pp->name; pp++)
-	if (pp->value)
-	    setenv(pp->name, pp->value, 1);
-
-    /* The TERM definition from e.g. rlogind can override an existing one. */
-
-    if (term[0])
-	setenv("TERM", term, 1);
-
-    /*
-     * Environment definitions from the command line overrule existing ones,
-     * but can be overruled by definitions from stdin. Some variables are
-     * censored.
-     * 
-     * Omission: we do not support environment definitions from stdin.
-     */
-
-#define STREQN(x,y,l) (x[0] == y[0] && strncmp(x,y,l) == 0)
-
-    while (argc && *argv) {
-	if (strchr(*argv, '=') == 0) {
-	    snprintf(buf, sizeof(buf), "L%d", count++);
-	    setenv(buf, *argv, 1);
-	} else {
-	    for (cp = censored; cp->prefix; cp++)
-		if (STREQN(*argv, cp->prefix, cp->length))
-		    break;
-	    if (cp->prefix == 0)
-		putenv(*argv);
-	}
-	argc--, argv++;
-    }
-
-    /* PATH is always reset. */
-
-    setenv("PATH", pwd->pw_uid ? default_path : default_supath, 1);
-
-    /* Undocumented: HOME, MAIL and LOGNAME are always reset (SunOS 5.1). */
-
-    setenv("HOME", pwd->pw_dir, 1);
-    {
-	char *sep = "/";
-	if(KRB4_MAILDIR[strlen(KRB4_MAILDIR) - 1] == '/')
-	    sep = "";
-	k_concat(buf, sizeof(buf), KRB4_MAILDIR, sep, pwd->pw_name, NULL);
-    }
-    setenv("MAIL", buf, 1);
-    setenv("LOGNAME", pwd->pw_name, 1);
-    setenv("USER", pwd->pw_name, 1);
-
-    /*
-     * Variables that may be set according to specifications in the defaults
-     * file. HZ and TZ are set only if they are still uninitialized.
-     * 
-     * Extension: when ALTSHELL=YES, we set the SHELL variable even if it is
-     * /bin/sh.
-     */
-
-    if (strcasecmp(default_altsh, "YES") == 0)
-	setenv("SHELL", pwd->pw_shell, 1);
-    if (default_hz)
-	setenv("HZ", default_hz, 0);
-    if (default_timezone)
-	setenv("TZ", default_timezone, 0);
-
-    /* Non-environment stuff. */
-
-    if (default_umask) {
-	if (sscanf(default_umask, "%o", &umask_val) == 1 && umask_val)
-	    umask(umask_val);
-    }
-#ifdef HAVE_ULIMIT
-    if (default_ulimit) {
-	if (sscanf(default_ulimit, "%ld", &limit_val) == 1 && limit_val)
-	    if (ulimit(UL_SETFSIZE, limit_val) < 0)
-	        warn ("ulimit(UL_SETFSIZE, %ld)", limit_val);
-    }
-#endif
-    read_etc_environment();
-}
-
diff --git a/crypto/kerberosIV/appl/bsd/sysv_shadow.c b/crypto/kerberosIV/appl/bsd/sysv_shadow.c
deleted file mode 100644
index 68394414129c..000000000000
--- a/crypto/kerberosIV/appl/bsd/sysv_shadow.c
+++ /dev/null
@@ -1,45 +0,0 @@
-/* Author: Wietse Venema <wietse@wzv.win.tue.nl> */
-
-#include "bsd_locl.h"
-
-RCSID("$Id: sysv_shadow.c,v 1.7 1997/03/23 04:56:05 assar Exp $");
-
-#ifdef SYSV_SHADOW
-
-#include <sysv_shadow.h>
-
-/* sysv_expire - check account and password expiration times */
-
-int
-sysv_expire(struct spwd *spwd)
-{
-    long    today;
-
-    tzset();
-    today = time(0);
-
-    if (spwd->sp_expire > 0) {
-	if (today > spwd->sp_expire) {
-	    printf("Your account has expired.\n");
-	    sleepexit(1);
-	} else if (spwd->sp_expire - today < 14) {
-	    printf("Your account will expire in %d days.\n",
-		   (int)(spwd->sp_expire - today));
-	    return (0);
-	}
-    }
-    if (spwd->sp_max > 0) {
-	if (today > (spwd->sp_lstchg + spwd->sp_max)) {
-	    printf("Your password has expired. Choose a new one.\n");
-	    return (1);
-	} else if (spwd->sp_warn > 0
-	    && (today > (spwd->sp_lstchg + spwd->sp_max - spwd->sp_warn))) {
-	    printf("Your password will expire in %d days.\n",
-		   (int)(spwd->sp_lstchg + spwd->sp_max - today));
-	    return (0);
-	}
-    }
-    return (0);
-}
-
-#endif /* SYSV_SHADOW */
diff --git a/crypto/kerberosIV/appl/bsd/sysv_shadow.h b/crypto/kerberosIV/appl/bsd/sysv_shadow.h
deleted file mode 100644
index 4f07b49a0d23..000000000000
--- a/crypto/kerberosIV/appl/bsd/sysv_shadow.h
+++ /dev/null
@@ -1,5 +0,0 @@
-/* $Id: sysv_shadow.h,v 1.6 1997/03/23 04:55:51 assar Exp $ */
-
-#include <shadow.h>
-
-extern sysv_expire(struct spwd *);
diff --git a/crypto/kerberosIV/appl/bsd/tty.c b/crypto/kerberosIV/appl/bsd/tty.c
deleted file mode 100644
index 3192426a8a54..000000000000
--- a/crypto/kerberosIV/appl/bsd/tty.c
+++ /dev/null
@@ -1,75 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "bsd_locl.h"
-
-RCSID("$Id: tty.c,v 1.2 1997/05/25 01:14:22 assar Exp $");
-
-/*
- * Clean the tty name.  Return a pointer to the cleaned version.
- */
-
-char *
-clean_ttyname (char *tty)
-{
-  char *res = tty;
-
-  if (strncmp (res, _PATH_DEV, strlen(_PATH_DEV)) == 0)
-    res += strlen(_PATH_DEV);
-  if (strncmp (res, "pty/", 4) == 0)
-    res += 4;
-  if (strncmp (res, "ptym/", 5) == 0)
-    res += 5;
-  return res;
-}
-
-/*
- * Generate a name usable as an `ut_id', typically without `tty'.
- */
-
-char *
-make_id (char *tty)
-{
-  char *res = tty;
-  
-  if (strncmp (res, "pts/", 4) == 0)
-    res += 4;
-  if (strncmp (res, "tty", 3) == 0)
-    res += 3;
-  return res;
-}
diff --git a/crypto/kerberosIV/appl/bsd/utmp_login.c b/crypto/kerberosIV/appl/bsd/utmp_login.c
deleted file mode 100644
index da3f96a99047..000000000000
--- a/crypto/kerberosIV/appl/bsd/utmp_login.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "bsd_locl.h"
-
-RCSID("$Id: utmp_login.c,v 1.13 1997/05/20 13:46:21 assar Exp $");
-
-void
-prepare_utmp (struct utmp *utmp, char *tty, char *username, char *hostname)
-{
-    char *ttyx = clean_ttyname (tty);
-
-    memset(utmp, 0, sizeof(*utmp));
-    utmp->ut_time = time(NULL);
-    strncpy(utmp->ut_line, ttyx, sizeof(utmp->ut_line));
-    strncpy(utmp->ut_name, username, sizeof(utmp->ut_name));
-
-# ifdef HAVE_UT_USER
-    strncpy(utmp->ut_user, username, sizeof(utmp->ut_user));
-# endif
-
-# ifdef HAVE_UT_ADDR
-    if (hostname[0]) {
-        struct hostent *he;
-	if ((he = gethostbyname(hostname)))
-	    memcpy(&utmp->ut_addr, he->h_addr_list[0],
-		   sizeof(utmp->ut_addr));
-    }
-# endif
-
-# ifdef HAVE_UT_HOST
-    strncpy(utmp->ut_host, hostname, sizeof(utmp->ut_host));
-# endif
-
-# ifdef HAVE_UT_TYPE
-    utmp->ut_type = USER_PROCESS;
-# endif
-
-# ifdef HAVE_UT_PID
-    utmp->ut_pid = getpid();
-# endif
-
-# ifdef HAVE_UT_ID
-    strncpy(utmp->ut_id, make_id(ttyx), sizeof(utmp->ut_id));
-# endif
-}
-
-#ifdef HAVE_UTMPX_H
-void utmp_login(char *tty, char *username, char *hostname) { return; }
-#else
-
-/* update utmp and wtmp - the BSD way */
-
-void utmp_login(char *tty, char *username, char *hostname)
-{
-    struct utmp utmp;
-    int fd;
-
-    prepare_utmp (&utmp, tty, username, hostname);
-
-#ifdef HAVE_SETUTENT
-    utmpname(_PATH_UTMP);
-    setutent();
-    pututline(&utmp);
-    endutent();
-#else
-
-#ifdef HAVE_TTYSLOT
-    {
-      int ttyno;
-      ttyno = ttyslot();
-      if (ttyno > 0 && (fd = open(_PATH_UTMP, O_WRONLY, 0)) >= 0) {
-	lseek(fd, (long)(ttyno * sizeof(struct utmp)), SEEK_SET);
-	write(fd, &utmp, sizeof(struct utmp));
-	close(fd);
-      }
-    }
-#endif /* HAVE_TTYSLOT */
-#endif /* HAVE_SETUTENT */
-
-    if ((fd = open(_PATH_WTMP, O_WRONLY|O_APPEND, 0)) >= 0) {
-	write(fd, &utmp, sizeof(struct utmp));
-	close(fd);
-    }
-}
-#endif /* !HAVE_UTMPX_H */
diff --git a/crypto/kerberosIV/appl/bsd/utmpx_login.c b/crypto/kerberosIV/appl/bsd/utmpx_login.c
deleted file mode 100644
index 005eca56b30b..000000000000
--- a/crypto/kerberosIV/appl/bsd/utmpx_login.c
+++ /dev/null
@@ -1,88 +0,0 @@
-/* Author: Wietse Venema <wietse@wzv.win.tue.nl> */
-
-#include "bsd_locl.h"
-
-RCSID("$Id: utmpx_login.c,v 1.20 1997/06/01 03:13:15 assar Exp $");
-
-/* utmpx_login - update utmp and wtmp after login */
-
-#ifndef HAVE_UTMPX_H
-int utmpx_login(char *line, char *user, char *host) { return 0; }
-#else
-
-static void
-utmpx_update(struct utmpx *ut, char *line, char *user, char *host)
-{
-    struct timeval tmp;
-    char *clean_tty = clean_ttyname(line);
-
-    strncpy(ut->ut_line, clean_tty, sizeof(ut->ut_line));
-#ifdef HAVE_UT_ID
-    strncpy(ut->ut_id, make_id(clean_tty), sizeof(ut->ut_id));
-#endif
-    strncpy(ut->ut_user, user, sizeof(ut->ut_user));
-    strncpy(ut->ut_host, host, sizeof(ut->ut_host));
-#ifdef HAVE_UT_SYSLEN
-    ut->ut_syslen = strlen(host) + 1;
-    if (ut->ut_syslen > sizeof(ut->ut_host))
-        ut->ut_syslen = sizeof(ut->ut_host);
-#endif
-    ut->ut_type = USER_PROCESS;
-    gettimeofday (&tmp, 0);
-    ut->ut_tv.tv_sec = tmp.tv_sec;
-    ut->ut_tv.tv_usec = tmp.tv_usec;
-    pututxline(ut);
-#ifdef WTMPX_FILE
-    updwtmpx(WTMPX_FILE, ut);
-#elif defined(WTMP_FILE)
-    {
-	struct utmp utmp;
-	int fd;
-
-	prepare_utmp (&utmp, line, user, host);
-	if ((fd = open(_PATH_WTMP, O_WRONLY|O_APPEND, 0)) >= 0) {
-	    write(fd, &utmp, sizeof(struct utmp));
-	    close(fd);
-	}
-    }
-#endif
-}
-
-int
-utmpx_login(char *line, char *user, char *host)
-{
-    struct utmpx *ut;
-    pid_t   mypid = getpid();
-    int     ret = (-1);
-
-    /*
-     * SYSV4 ttymon and login use tty port names with the "/dev/" prefix
-     * stripped off. Rlogind and telnetd, on the other hand, make utmpx
-     * entries with device names like /dev/pts/nnn. We therefore cannot use
-     * getutxline(). Return nonzero if no utmp entry was found with our own
-     * process ID for a login or user process.
-     */
-
-    while ((ut = getutxent())) {
-        /* Try to find a reusable entry */
-	if (ut->ut_pid == mypid
-	    && (   ut->ut_type == INIT_PROCESS
-		|| ut->ut_type == LOGIN_PROCESS
-		|| ut->ut_type == USER_PROCESS)) {
-	    utmpx_update(ut, line, user, host);
-	    ret = 0;
-	    break;
-	}
-    }
-    if (ret == -1) {
-        /* Grow utmpx file by one record. */
-        struct utmpx newut;
-	memset(&newut, 0, sizeof(newut));
-	newut.ut_pid = mypid;
-        utmpx_update(&newut, line, user, host);
-	ret = 0;
-    }
-    endutxent();
-    return (ret);
-}
-#endif /* HAVE_UTMPX_H */
diff --git a/crypto/kerberosIV/appl/ftp/Makefile.in b/crypto/kerberosIV/appl/ftp/Makefile.in
deleted file mode 100644
index 6d0c4207ee48..000000000000
--- a/crypto/kerberosIV/appl/ftp/Makefile.in
+++ /dev/null
@@ -1,41 +0,0 @@
-# $Id: Makefile.in,v 1.9 1997/03/23 13:03:54 assar Exp $
-
-srcdir		= @srcdir@
-top_srcdir	= @top_srcdir@
-VPATH		= @srcdir@
-
-SHELL		= /bin/sh
-
-@SET_MAKE@
-
-CC 	= @CC@
-RANLIB 	= @RANLIB@
-DEFS 	= @DEFS@
-CFLAGS 	= @CFLAGS@
-
-INSTALL = @INSTALL@
-
-prefix 	= @prefix@
-
-SUBDIRS=common ftp ftpd
-
-all:
-	for i in $(SUBDIRS); \
-	do (cd $$i && $(MAKE) $(MFLAGS) all); done
-
-install: all
-	for i in $(SUBDIRS); \
-	do (cd $$i && $(MAKE) $(MFLAGS) install); done
-
-uninstall:
-	for i in $(SUBDIRS); \
-	do (cd $$i && $(MAKE) $(MFLAGS) uninstall); done
-
-clean cleandir:
-	for i in $(SUBDIRS); \
-	do (cd $$i && $(MAKE) $(MFLAGS) clean); done
-
-distclean: 
-	for i in $(SUBDIRS); \
-	do (cd $$i && $(MAKE) $(MFLAGS) distclean); done
-	rm -f Makefile *~
diff --git a/crypto/kerberosIV/appl/ftp/common/Makefile.in b/crypto/kerberosIV/appl/ftp/common/Makefile.in
deleted file mode 100644
index 9ce1aa598bd1..000000000000
--- a/crypto/kerberosIV/appl/ftp/common/Makefile.in
+++ /dev/null
@@ -1,52 +0,0 @@
-# $Id: Makefile.in,v 1.17 1997/05/18 20:00:06 assar Exp $
-
-SHELL		= /bin/sh
-
-srcdir		= @srcdir@
-top_srcdir	= @top_srcdir@
-VPATH		= @srcdir@
-
-CC 	= @CC@
-AR	= ar
-RANLIB 	= @RANLIB@
-DEFS 	= @DEFS@
-CFLAGS 	= @CFLAGS@
-
-INSTALL = @INSTALL@
-
-prefix 	= @prefix@
-
-SOURCES = base64.c glob.c sockbuf.c buffer.c
-OBJECTS = $(libcommon_OBJS)
-
-libcommon_OBJS = base64.o glob.o sockbuf.o buffer.o
-
-LIBNAME = $(LIBPREFIX)common
-LIBEXT = a
-LIBPREFIX = @LIBPREFIX@
-LIB = $(LIBNAME).$(LIBEXT)
-
-all: $(LIB)
-
-.c.o:
-	$(CC) -c $(CFLAGS) -I$(srcdir) -I../../../include $(DEFS) $<
-
-$(LIB): $(libcommon_OBJS)
-	rm -f $@
-	ar cr $@ $(libcommon_OBJS)
-	-$(RANLIB) $@
-
-install:
-
-uninstall:
-
-TAGS: $(SOURCES)
-	etags $(SOURCES)
-
-clean cleandir:
-	rm -f *~ *.o libcommon.a core \#*
-
-distclean: 
-	rm -f Makefile
-
-$(OBJECTS): ../../../include/config.h
diff --git a/crypto/kerberosIV/appl/ftp/common/base64.c b/crypto/kerberosIV/appl/ftp/common/base64.c
deleted file mode 100644
index 648f32dfd4a5..000000000000
--- a/crypto/kerberosIV/appl/ftp/common/base64.c
+++ /dev/null
@@ -1,149 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: base64.c,v 1.6 1997/05/30 17:24:06 assar Exp $");
-#endif
-#include <stdlib.h>
-#include <string.h>
-#include "base64.h"
-
-static char base64[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
-
-static int pos(char c)
-{
-  char *p;
-  for(p = base64; *p; p++)
-    if(*p == c)
-      return p - base64;
-  return -1;
-}
-
-int base64_encode(const void *data, int size, char **str)
-{
-  char *s, *p;
-  int i;
-  int c;
-  unsigned char *q;
-
-  p = s = (char*)malloc(size*4/3+4);
-  q = (unsigned char*)data;
-  i=0;
-  for(i = 0; i < size;){
-    c=q[i++];
-    c*=256;
-    if(i < size)
-      c+=q[i];
-    i++;
-    c*=256;
-    if(i < size)
-      c+=q[i];
-    i++;
-    p[0]=base64[(c&0x00fc0000) >> 18];
-    p[1]=base64[(c&0x0003f000) >> 12];
-    p[2]=base64[(c&0x00000fc0) >> 6];
-    p[3]=base64[(c&0x0000003f) >> 0];
-    if(i > size)
-      p[3]='=';
-    if(i > size+1)
-      p[2]='=';
-    p+=4;
-  }
-  *p=0;
-  *str = s;
-  return strlen(s);
-}
-
-int base64_decode(const char *str, void *data)
-{
-  const char *p;
-  unsigned char *q;
-  int c;
-  int x;
-  int done = 0;
-  q=(unsigned char*)data;
-  for(p=str; *p && !done; p+=4){
-    x = pos(p[0]);
-    if(x >= 0)
-      c = x;
-    else{
-      done = 3;
-      break;
-    }
-    c*=64;
-    
-    x = pos(p[1]);
-    if(x >= 0)
-      c += x;
-    else
-      return -1;
-    c*=64;
-    
-    if(p[2] == '=')
-      done++;
-    else{
-      x = pos(p[2]);
-      if(x >= 0)
-	c += x;
-      else
-	return -1;
-    }
-    c*=64;
-    
-    if(p[3] == '=')
-      done++;
-    else{
-      if(done)
-	return -1;
-      x = pos(p[3]);
-      if(x >= 0)
-	c += x;
-      else
-	return -1;
-    }
-    if(done < 3)
-      *q++=(c&0x00ff0000)>>16;
-      
-    if(done < 2)
-      *q++=(c&0x0000ff00)>>8;
-    if(done < 1)
-      *q++=(c&0x000000ff)>>0;
-  }
-  return q - (unsigned char*)data;
-}
diff --git a/crypto/kerberosIV/appl/ftp/common/base64.h b/crypto/kerberosIV/appl/ftp/common/base64.h
deleted file mode 100644
index fe799a2dccf0..000000000000
--- a/crypto/kerberosIV/appl/ftp/common/base64.h
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* $Id: base64.h,v 1.5 1997/04/01 08:17:19 joda Exp $ */
-
-#ifndef _BASE64_H_
-#define _BASE64_H_
-
-int base64_encode(const void *data, int size, char **str);
-int base64_decode(const char *str, void *data);
-
-#endif
diff --git a/crypto/kerberosIV/appl/ftp/common/buffer.c b/crypto/kerberosIV/appl/ftp/common/buffer.c
deleted file mode 100644
index 5b7829a5da96..000000000000
--- a/crypto/kerberosIV/appl/ftp/common/buffer.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "common.h"
-#include <stdio.h>
-#include "roken.h"
-
-RCSID("$Id: buffer.c,v 1.1 1997/05/18 19:59:24 assar Exp $");
-
-/*
- * Allocate a buffer enough to handle st->st_blksize, if
- * there is such a field, otherwise BUFSIZ.
- */
-
-void *
-alloc_buffer (void *oldbuf, size_t *sz, struct stat *st)
-{
-    size_t new_sz;
-
-    new_sz = BUFSIZ;
-#ifdef HAVE_ST_BLKSIZE
-    if (st)
-	new_sz = max(BUFSIZ, st->st_blksize);
-#endif
-    if(new_sz > *sz) {
-	if (oldbuf)
-	    free (oldbuf);
-	oldbuf = malloc (new_sz);
-	if (oldbuf == NULL) {
-	    warn ("malloc");
-	    *sz = 0;
-	    return NULL;
-	}
-	*sz = new_sz;
-    }
-    return oldbuf;
-}
-
diff --git a/crypto/kerberosIV/appl/ftp/common/common.h b/crypto/kerberosIV/appl/ftp/common/common.h
deleted file mode 100644
index 4ec3149998b0..000000000000
--- a/crypto/kerberosIV/appl/ftp/common/common.h
+++ /dev/null
@@ -1,62 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* $Id: common.h,v 1.9 1997/05/18 19:59:58 assar Exp $ */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-
-#ifndef __COMMON_H__
-#define __COMMON_H__
-
-#include "base64.h"
-
-void set_buffer_size(int, int);
-
-#include <stdlib.h>
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
-
-void *alloc_buffer (void *oldbuf, size_t *sz, struct stat *st);
-
-#endif /* __COMMON_H__ */
diff --git a/crypto/kerberosIV/appl/ftp/common/glob.c b/crypto/kerberosIV/appl/ftp/common/glob.c
deleted file mode 100644
index 8f19d7ca4dab..000000000000
--- a/crypto/kerberosIV/appl/ftp/common/glob.c
+++ /dev/null
@@ -1,835 +0,0 @@
-/*
- * Copyright (c) 1989, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Guido van Rossum.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/*
- * glob(3) -- a superset of the one defined in POSIX 1003.2.
- *
- * The [!...] convention to negate a range is supported (SysV, Posix, ksh).
- *
- * Optional extra services, controlled by flags not defined by POSIX:
- *
- * GLOB_QUOTE:
- *	Escaping convention: \ inhibits any special meaning the following
- *	character might have (except \ at end of string is retained).
- * GLOB_MAGCHAR:
- *	Set in gl_flags if pattern contained a globbing character.
- * GLOB_NOMAGIC:
- *	Same as GLOB_NOCHECK, but it will only append pattern if it did
- *	not contain any magic characters.  [Used in csh style globbing]
- * GLOB_ALTDIRFUNC:
- *	Use alternately specified directory access functions.
- * GLOB_TILDE:
- *	expand ~user/foo to the /home/dir/of/user/foo
- * GLOB_BRACE:
- *	expand {1,2}{a,b} to 1a 1b 2a 2b 
- * gl_matchc:
- *	Number of matches in the current invocation of glob.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-
-#ifdef HAVE_SYS_PARAM_H
-#include <sys/param.h>
-#endif
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
-
-#include <ctype.h>
-#ifdef HAVE_DIRENT_H
-#include <dirent.h>
-#endif
-#include <errno.h>
-#ifdef HAVE_PWD_H
-#include <pwd.h>
-#endif
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#include "glob.h"
-#include "roken.h"
-
-#define	CHAR_DOLLAR		'$'
-#define	CHAR_DOT		'.'
-#define	CHAR_EOS		'\0'
-#define	CHAR_LBRACKET		'['
-#define	CHAR_NOT		'!'
-#define	CHAR_QUESTION		'?'
-#define	CHAR_QUOTE		'\\'
-#define	CHAR_RANGE		'-'
-#define	CHAR_RBRACKET		']'
-#define	CHAR_SEP		'/'
-#define	CHAR_STAR		'*'
-#define	CHAR_TILDE		'~'
-#define	CHAR_UNDERSCORE		'_'
-#define	CHAR_LBRACE		'{'
-#define	CHAR_RBRACE		'}'
-#define	CHAR_SLASH		'/'
-#define	CHAR_COMMA		','
-
-#ifndef DEBUG
-
-#define	M_QUOTE		0x8000
-#define	M_PROTECT	0x4000
-#define	M_MASK		0xffff
-#define	M_ASCII		0x00ff
-
-typedef u_short Char;
-
-#else
-
-#define	M_QUOTE		0x80
-#define	M_PROTECT	0x40
-#define	M_MASK		0xff
-#define	M_ASCII		0x7f
-
-typedef char Char;
-
-#endif
-
-
-#define	CHAR(c)		((Char)((c)&M_ASCII))
-#define	META(c)		((Char)((c)|M_QUOTE))
-#define	M_ALL		META('*')
-#define	M_END		META(']')
-#define	M_NOT		META('!')
-#define	M_ONE		META('?')
-#define	M_RNG		META('-')
-#define	M_SET		META('[')
-#define	ismeta(c)	(((c)&M_QUOTE) != 0)
-
-
-static int	 compare (const void *, const void *);
-static void	 g_Ctoc (const Char *, char *);
-static int	 g_lstat (Char *, struct stat *, glob_t *);
-static DIR	*g_opendir (Char *, glob_t *);
-static Char	*g_strchr (Char *, int);
-#ifdef notdef
-static Char	*g_strcat (Char *, const Char *);
-#endif
-static int	 g_stat (Char *, struct stat *, glob_t *);
-static int	 glob0 (const Char *, glob_t *);
-static int	 glob1 (Char *, glob_t *);
-static int	 glob2 (Char *, Char *, Char *, glob_t *);
-static int	 glob3 (Char *, Char *, Char *, Char *, glob_t *);
-static int	 globextend (const Char *, glob_t *);
-static const Char *	 globtilde (const Char *, Char *, glob_t *);
-static int	 globexp1 (const Char *, glob_t *);
-static int	 globexp2 (const Char *, const Char *, glob_t *, int *);
-static int	 match (Char *, Char *, Char *);
-#ifdef DEBUG
-static void	 qprintf (const char *, Char *);
-#endif
-
-int
-glob(const char *pattern, 
-     int flags, 
-     int (*errfunc)(const char *, int), 
-     glob_t *pglob)
-{
-	const u_char *patnext;
-	int c;
-	Char *bufnext, *bufend, patbuf[MaxPathLen+1];
-
-	patnext = (u_char *) pattern;
-	if (!(flags & GLOB_APPEND)) {
-		pglob->gl_pathc = 0;
-		pglob->gl_pathv = NULL;
-		if (!(flags & GLOB_DOOFFS))
-			pglob->gl_offs = 0;
-	}
-	pglob->gl_flags = flags & ~GLOB_MAGCHAR;
-	pglob->gl_errfunc = errfunc;
-	pglob->gl_matchc = 0;
-
-	bufnext = patbuf;
-	bufend = bufnext + MaxPathLen;
-	if (flags & GLOB_QUOTE) {
-		/* Protect the quoted characters. */
-		while (bufnext < bufend && (c = *patnext++) != CHAR_EOS) 
-			if (c == CHAR_QUOTE) {
-				if ((c = *patnext++) == CHAR_EOS) {
-					c = CHAR_QUOTE;
-					--patnext;
-				}
-				*bufnext++ = c | M_PROTECT;
-			}
-			else
-				*bufnext++ = c;
-	}
-	else 
-	    while (bufnext < bufend && (c = *patnext++) != CHAR_EOS) 
-		    *bufnext++ = c;
-	*bufnext = CHAR_EOS;
-
-	if (flags & GLOB_BRACE)
-	    return globexp1(patbuf, pglob);
-	else
-	    return glob0(patbuf, pglob);
-}
-
-/*
- * Expand recursively a glob {} pattern. When there is no more expansion
- * invoke the standard globbing routine to glob the rest of the magic
- * characters
- */
-static int globexp1(const Char *pattern, glob_t *pglob)
-{
-	const Char* ptr = pattern;
-	int rv;
-
-	/* Protect a single {}, for find(1), like csh */
-	if (pattern[0] == CHAR_LBRACE && pattern[1] == CHAR_RBRACE && pattern[2] == CHAR_EOS)
-		return glob0(pattern, pglob);
-
-	while ((ptr = (const Char *) g_strchr((Char *) ptr, CHAR_LBRACE)) != NULL)
-		if (!globexp2(ptr, pattern, pglob, &rv))
-			return rv;
-
-	return glob0(pattern, pglob);
-}
-
-
-/*
- * Recursive brace globbing helper. Tries to expand a single brace.
- * If it succeeds then it invokes globexp1 with the new pattern.
- * If it fails then it tries to glob the rest of the pattern and returns.
- */
-static int globexp2(const Char *ptr, const Char *pattern, 
-		    glob_t *pglob, int *rv)
-{
-	int     i;
-	Char   *lm, *ls;
-	const Char *pe, *pm, *pl;
-	Char    patbuf[MaxPathLen + 1];
-
-	/* copy part up to the brace */
-	for (lm = patbuf, pm = pattern; pm != ptr; *lm++ = *pm++)
-		continue;
-	ls = lm;
-
-	/* Find the balanced brace */
-	for (i = 0, pe = ++ptr; *pe; pe++)
-		if (*pe == CHAR_LBRACKET) {
-			/* Ignore everything between [] */
-			for (pm = pe++; *pe != CHAR_RBRACKET && *pe != CHAR_EOS; pe++)
-				continue;
-			if (*pe == CHAR_EOS) {
-				/* 
-				 * We could not find a matching CHAR_RBRACKET.
-				 * Ignore and just look for CHAR_RBRACE
-				 */
-				pe = pm;
-			}
-		}
-		else if (*pe == CHAR_LBRACE)
-			i++;
-		else if (*pe == CHAR_RBRACE) {
-			if (i == 0)
-				break;
-			i--;
-		}
-
-	/* Non matching braces; just glob the pattern */
-	if (i != 0 || *pe == CHAR_EOS) {
-		*rv = glob0(patbuf, pglob);
-		return 0;
-	}
-
-	for (i = 0, pl = pm = ptr; pm <= pe; pm++)
-		switch (*pm) {
-		case CHAR_LBRACKET:
-			/* Ignore everything between [] */
-			for (pl = pm++; *pm != CHAR_RBRACKET && *pm != CHAR_EOS; pm++)
-				continue;
-			if (*pm == CHAR_EOS) {
-				/* 
-				 * We could not find a matching CHAR_RBRACKET.
-				 * Ignore and just look for CHAR_RBRACE
-				 */
-				pm = pl;
-			}
-			break;
-
-		case CHAR_LBRACE:
-			i++;
-			break;
-
-		case CHAR_RBRACE:
-			if (i) {
-			    i--;
-			    break;
-			}
-			/* FALLTHROUGH */
-		case CHAR_COMMA:
-			if (i && *pm == CHAR_COMMA)
-				break;
-			else {
-				/* Append the current string */
-				for (lm = ls; (pl < pm); *lm++ = *pl++)
-					continue;
-				/* 
-				 * Append the rest of the pattern after the
-				 * closing brace
-				 */
-				for (pl = pe + 1; (*lm++ = *pl++) != CHAR_EOS;)
-					continue;
-
-				/* Expand the current pattern */
-#ifdef DEBUG
-				qprintf("globexp2:", patbuf);
-#endif
-				*rv = globexp1(patbuf, pglob);
-
-				/* move after the comma, to the next string */
-				pl = pm + 1;
-			}
-			break;
-
-		default:
-			break;
-		}
-	*rv = 0;
-	return 0;
-}
-
-
-
-/*
- * expand tilde from the passwd file.
- */
-static const Char *
-globtilde(const Char *pattern, Char *patbuf, glob_t *pglob)
-{
-	struct passwd *pwd;
-	char *h;
-	const Char *p;
-	Char *b;
-
-	if (*pattern != CHAR_TILDE || !(pglob->gl_flags & GLOB_TILDE))
-		return pattern;
-
-	/* Copy up to the end of the string or / */
-	for (p = pattern + 1, h = (char *) patbuf; *p && *p != CHAR_SLASH; 
-	     *h++ = *p++)
-		continue;
-
-	*h = CHAR_EOS;
-
-	if (((char *) patbuf)[0] == CHAR_EOS) {
-		/* 
-		 * handle a plain ~ or ~/ by expanding $HOME 
-		 * first and then trying the password file
-		 */
-		if ((h = getenv("HOME")) == NULL) {
-			if ((pwd = k_getpwuid(getuid())) == NULL)
-				return pattern;
-			else
-				h = pwd->pw_dir;
-		}
-	}
-	else {
-		/*
-		 * Expand a ~user
-		 */
-		if ((pwd = k_getpwnam((char*) patbuf)) == NULL)
-			return pattern;
-		else
-			h = pwd->pw_dir;
-	}
-
-	/* Copy the home directory */
-	for (b = patbuf; *h; *b++ = *h++)
-		continue;
-	
-	/* Append the rest of the pattern */
-	while ((*b++ = *p++) != CHAR_EOS)
-		continue;
-
-	return patbuf;
-}
-	
-
-/*
- * The main glob() routine: compiles the pattern (optionally processing
- * quotes), calls glob1() to do the real pattern matching, and finally
- * sorts the list (unless unsorted operation is requested).  Returns 0
- * if things went well, nonzero if errors occurred.  It is not an error
- * to find no matches.
- */
-static int
-glob0(const Char *pattern, glob_t *pglob)
-{
-	const Char *qpatnext;
-	int c, err, oldpathc;
-	Char *bufnext, patbuf[MaxPathLen+1];
-
-	qpatnext = globtilde(pattern, patbuf, pglob);
-	oldpathc = pglob->gl_pathc;
-	bufnext = patbuf;
-
-	/* We don't need to check for buffer overflow any more. */
-	while ((c = *qpatnext++) != CHAR_EOS) {
-		switch (c) {
-		case CHAR_LBRACKET:
-			c = *qpatnext;
-			if (c == CHAR_NOT)
-				++qpatnext;
-			if (*qpatnext == CHAR_EOS ||
-			    g_strchr((Char *) qpatnext+1, CHAR_RBRACKET) == NULL) {
-				*bufnext++ = CHAR_LBRACKET;
-				if (c == CHAR_NOT)
-					--qpatnext;
-				break;
-			}
-			*bufnext++ = M_SET;
-			if (c == CHAR_NOT)
-				*bufnext++ = M_NOT;
-			c = *qpatnext++;
-			do {
-				*bufnext++ = CHAR(c);
-				if (*qpatnext == CHAR_RANGE &&
-				    (c = qpatnext[1]) != CHAR_RBRACKET) {
-					*bufnext++ = M_RNG;
-					*bufnext++ = CHAR(c);
-					qpatnext += 2;
-				}
-			} while ((c = *qpatnext++) != CHAR_RBRACKET);
-			pglob->gl_flags |= GLOB_MAGCHAR;
-			*bufnext++ = M_END;
-			break;
-		case CHAR_QUESTION:
-			pglob->gl_flags |= GLOB_MAGCHAR;
-			*bufnext++ = M_ONE;
-			break;
-		case CHAR_STAR:
-			pglob->gl_flags |= GLOB_MAGCHAR;
-			/* collapse adjacent stars to one, 
-			 * to avoid exponential behavior
-			 */
-			if (bufnext == patbuf || bufnext[-1] != M_ALL)
-			    *bufnext++ = M_ALL;
-			break;
-		default:
-			*bufnext++ = CHAR(c);
-			break;
-		}
-	}
-	*bufnext = CHAR_EOS;
-#ifdef DEBUG
-	qprintf("glob0:", patbuf);
-#endif
-
-	if ((err = glob1(patbuf, pglob)) != 0)
-		return(err);
-
-	/*
-	 * If there was no match we are going to append the pattern 
-	 * if GLOB_NOCHECK was specified or if GLOB_NOMAGIC was specified
-	 * and the pattern did not contain any magic characters
-	 * GLOB_NOMAGIC is there just for compatibility with csh.
-	 */
-	if (pglob->gl_pathc == oldpathc && 
-	    ((pglob->gl_flags & GLOB_NOCHECK) || 
-	      ((pglob->gl_flags & GLOB_NOMAGIC) &&
-	       !(pglob->gl_flags & GLOB_MAGCHAR))))
-		return(globextend(pattern, pglob));
-	else if (!(pglob->gl_flags & GLOB_NOSORT)) 
-		qsort(pglob->gl_pathv + pglob->gl_offs + oldpathc,
-		    pglob->gl_pathc - oldpathc, sizeof(char *), compare);
-	return(0);
-}
-
-static int
-compare(const void *p, const void *q)
-{
-	return(strcmp(*(char **)p, *(char **)q));
-}
-
-static int
-glob1(Char *pattern, glob_t *pglob)
-{
-	Char pathbuf[MaxPathLen+1];
-
-	/* A null pathname is invalid -- POSIX 1003.1 sect. 2.4. */
-	if (*pattern == CHAR_EOS)
-		return(0);
-	return(glob2(pathbuf, pathbuf, pattern, pglob));
-}
-
-/*
- * The functions glob2 and glob3 are mutually recursive; there is one level
- * of recursion for each segment in the pattern that contains one or more
- * meta characters.
- */
-
-#ifndef S_ISLNK
-#if defined(S_IFLNK) && defined(S_IFMT)
-#define S_ISLNK(mode) (((mode) & S_IFMT) == S_IFLNK)
-#else
-#define S_ISLNK(mode) 0
-#endif
-#endif
-
-static int
-glob2(Char *pathbuf, Char *pathend, Char *pattern, glob_t *pglob)
-{
-	struct stat sb;
-	Char *p, *q;
-	int anymeta;
-
-	/*
-	 * Loop over pattern segments until end of pattern or until
-	 * segment with meta character found.
-	 */
-	for (anymeta = 0;;) {
-		if (*pattern == CHAR_EOS) {		/* End of pattern? */
-			*pathend = CHAR_EOS;
-			if (g_lstat(pathbuf, &sb, pglob))
-				return(0);
-		
-			if (((pglob->gl_flags & GLOB_MARK) &&
-			    pathend[-1] != CHAR_SEP) && (S_ISDIR(sb.st_mode)
-			    || (S_ISLNK(sb.st_mode) &&
-			    (g_stat(pathbuf, &sb, pglob) == 0) &&
-			    S_ISDIR(sb.st_mode)))) {
-				*pathend++ = CHAR_SEP;
-				*pathend = CHAR_EOS;
-			}
-			++pglob->gl_matchc;
-			return(globextend(pathbuf, pglob));
-		}
-
-		/* Find end of next segment, copy tentatively to pathend. */
-		q = pathend;
-		p = pattern;
-		while (*p != CHAR_EOS && *p != CHAR_SEP) {
-			if (ismeta(*p))
-				anymeta = 1;
-			*q++ = *p++;
-		}
-
-		if (!anymeta) {		/* No expansion, do next segment. */
-			pathend = q;
-			pattern = p;
-			while (*pattern == CHAR_SEP)
-				*pathend++ = *pattern++;
-		} else			/* Need expansion, recurse. */
-			return(glob3(pathbuf, pathend, pattern, p, pglob));
-	}
-	/* CHAR_NOTREACHED */
-}
-
-static int
-glob3(Char *pathbuf, Char *pathend, Char *pattern, Char *restpattern, 
-      glob_t *pglob)
-{
-	struct dirent *dp;
-	DIR *dirp;
-	int err;
-	char buf[MaxPathLen];
-
-	/*
-	 * The readdirfunc declaration can't be prototyped, because it is
-	 * assigned, below, to two functions which are prototyped in glob.h
-	 * and dirent.h as taking pointers to differently typed opaque
-	 * structures.
-	 */
-	struct dirent *(*readdirfunc)(void *);
-
-	*pathend = CHAR_EOS;
-	errno = 0;
-	    
-	if ((dirp = g_opendir(pathbuf, pglob)) == NULL) {
-		/* TODO: don't call for ENOENT or ENOTDIR? */
-		if (pglob->gl_errfunc) {
-			g_Ctoc(pathbuf, buf);
-			if (pglob->gl_errfunc(buf, errno) ||
-			    pglob->gl_flags & GLOB_ERR)
-				return (GLOB_ABEND);
-		}
-		return(0);
-	}
-
-	err = 0;
-
-	/* Search directory for matching names. */
-	if (pglob->gl_flags & GLOB_ALTDIRFUNC)
-		readdirfunc = pglob->gl_readdir;
-	else
-		readdirfunc = (struct dirent *(*)(void *))readdir;
-	while ((dp = (*readdirfunc)(dirp))) {
-		u_char *sc;
-		Char *dc;
-
-		/* Initial CHAR_DOT must be matched literally. */
-		if (dp->d_name[0] == CHAR_DOT && *pattern != CHAR_DOT)
-			continue;
-		for (sc = (u_char *) dp->d_name, dc = pathend; 
-		     (*dc++ = *sc++) != CHAR_EOS;)
-			continue;
-		if (!match(pathend, pattern, restpattern)) {
-			*pathend = CHAR_EOS;
-			continue;
-		}
-		err = glob2(pathbuf, --dc, restpattern, pglob);
-		if (err)
-			break;
-	}
-
-	if (pglob->gl_flags & GLOB_ALTDIRFUNC)
-		(*pglob->gl_closedir)(dirp);
-	else
-		closedir(dirp);
-	return(err);
-}
-
-
-/*
- * Extend the gl_pathv member of a glob_t structure to accomodate a new item,
- * add the new item, and update gl_pathc.
- *
- * This assumes the BSD realloc, which only copies the block when its size
- * crosses a power-of-two boundary; for v7 realloc, this would cause quadratic
- * behavior.
- *
- * Return 0 if new item added, error code if memory couldn't be allocated.
- *
- * Invariant of the glob_t structure:
- *	Either gl_pathc is zero and gl_pathv is NULL; or gl_pathc > 0 and
- *	gl_pathv points to (gl_offs + gl_pathc + 1) items.
- */
-static int
-globextend(const Char *path, glob_t *pglob)
-{
-	char **pathv;
-	int i;
-	u_int newsize;
-	char *copy;
-	const Char *p;
-
-	newsize = sizeof(*pathv) * (2 + pglob->gl_pathc + pglob->gl_offs);
-	pathv = pglob->gl_pathv ? 
-		    realloc(pglob->gl_pathv, newsize) :
-		    malloc(newsize);
-	if (pathv == NULL)
-		return(GLOB_NOSPACE);
-
-	if (pglob->gl_pathv == NULL && pglob->gl_offs > 0) {
-		/* first time around -- clear initial gl_offs items */
-		pathv += pglob->gl_offs;
-		for (i = pglob->gl_offs; --i >= 0; )
-			*--pathv = NULL;
-	}
-	pglob->gl_pathv = pathv;
-
-	for (p = path; *p++;)
-		continue;
-	if ((copy = malloc(p - path)) != NULL) {
-		g_Ctoc(path, copy);
-		pathv[pglob->gl_offs + pglob->gl_pathc++] = copy;
-	}
-	pathv[pglob->gl_offs + pglob->gl_pathc] = NULL;
-	return(copy == NULL ? GLOB_NOSPACE : 0);
-}
-
-
-/*
- * pattern matching function for filenames.  Each occurrence of the *
- * pattern causes a recursion level.
- */
-static int
-match(Char *name, Char *pat, Char *patend)
-{
-	int ok, negate_range;
-	Char c, k;
-
-	while (pat < patend) {
-		c = *pat++;
-		switch (c & M_MASK) {
-		case M_ALL:
-			if (pat == patend)
-				return(1);
-			do 
-			    if (match(name, pat, patend))
-				    return(1);
-			while (*name++ != CHAR_EOS);
-			return(0);
-		case M_ONE:
-			if (*name++ == CHAR_EOS)
-				return(0);
-			break;
-		case M_SET:
-			ok = 0;
-			if ((k = *name++) == CHAR_EOS)
-				return(0);
-			if ((negate_range = ((*pat & M_MASK) == M_NOT)) != CHAR_EOS)
-				++pat;
-			while (((c = *pat++) & M_MASK) != M_END)
-				if ((*pat & M_MASK) == M_RNG) {
-					if (c <= k && k <= pat[1])
-						ok = 1;
-					pat += 2;
-				} else if (c == k)
-					ok = 1;
-			if (ok == negate_range)
-				return(0);
-			break;
-		default:
-			if (*name++ != c)
-				return(0);
-			break;
-		}
-	}
-	return(*name == CHAR_EOS);
-}
-
-/* Free allocated data belonging to a glob_t structure. */
-void
-globfree(glob_t *pglob)
-{
-	int i;
-	char **pp;
-
-	if (pglob->gl_pathv != NULL) {
-		pp = pglob->gl_pathv + pglob->gl_offs;
-		for (i = pglob->gl_pathc; i--; ++pp)
-			if (*pp)
-				free(*pp);
-		free(pglob->gl_pathv);
-	}
-}
-
-static DIR *
-g_opendir(Char *str, glob_t *pglob)
-{
-	char buf[MaxPathLen];
-
-	if (!*str)
-		strcpy(buf, ".");
-	else
-		g_Ctoc(str, buf);
-
-	if (pglob->gl_flags & GLOB_ALTDIRFUNC)
-		return((*pglob->gl_opendir)(buf));
-
-	return(opendir(buf));
-}
-
-static int
-g_lstat(Char *fn, struct stat *sb, glob_t *pglob)
-{
-	char buf[MaxPathLen];
-
-	g_Ctoc(fn, buf);
-	if (pglob->gl_flags & GLOB_ALTDIRFUNC)
-		return((*pglob->gl_lstat)(buf, sb));
-	return(lstat(buf, sb));
-}
-
-static int
-g_stat(Char *fn, struct stat *sb, glob_t *pglob)
-{
-	char buf[MaxPathLen];
-
-	g_Ctoc(fn, buf);
-	if (pglob->gl_flags & GLOB_ALTDIRFUNC)
-		return((*pglob->gl_stat)(buf, sb));
-	return(stat(buf, sb));
-}
-
-static Char *
-g_strchr(Char *str, int ch)
-{
-	do {
-		if (*str == ch)
-			return (str);
-	} while (*str++);
-	return (NULL);
-}
-
-#ifdef notdef
-static Char *
-g_strcat(Char *dst, const Char *src)
-{
-	Char *sdst = dst;
-
-	while (*dst++)
-		continue;
-	--dst;
-	while((*dst++ = *src++) != CHAR_EOS)
-	    continue;
-
-	return (sdst);
-}
-#endif
-
-static void
-g_Ctoc(const Char *str, char *buf)
-{
-	char *dc;
-
-	for (dc = buf; (*dc++ = *str++) != CHAR_EOS;)
-		continue;
-}
-
-#ifdef DEBUG
-static void 
-qprintf(const Char *str, Char *s)
-{
-	Char *p;
-
-	printf("%s:\n", str);
-	for (p = s; *p; p++)
-		printf("%c", CHAR(*p));
-	printf("\n");
-	for (p = s; *p; p++)
-		printf("%c", *p & M_PROTECT ? '"' : ' ');
-	printf("\n");
-	for (p = s; *p; p++)
-		printf("%c", ismeta(*p) ? '_' : ' ');
-	printf("\n");
-}
-#endif
diff --git a/crypto/kerberosIV/appl/ftp/common/glob.h b/crypto/kerberosIV/appl/ftp/common/glob.h
deleted file mode 100644
index bece48a89cd7..000000000000
--- a/crypto/kerberosIV/appl/ftp/common/glob.h
+++ /dev/null
@@ -1,84 +0,0 @@
-/*
- * Copyright (c) 1989, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Guido van Rossum.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)glob.h	8.1 (Berkeley) 6/2/93
- */
-
-#ifndef _GLOB_H_
-#define	_GLOB_H_
-
-struct stat;
-typedef struct {
-	int gl_pathc;		/* Count of total paths so far. */
-	int gl_matchc;		/* Count of paths matching pattern. */
-	int gl_offs;		/* Reserved at beginning of gl_pathv. */
-	int gl_flags;		/* Copy of flags parameter to glob. */
-	char **gl_pathv;	/* List of paths matching pattern. */
-				/* Copy of errfunc parameter to glob. */
-	int (*gl_errfunc) (const char *, int);
-
-	/*
-	 * Alternate filesystem access methods for glob; replacement
-	 * versions of closedir(3), readdir(3), opendir(3), stat(2)
-	 * and lstat(2).
-	 */
-	void (*gl_closedir) (void *);
-	struct dirent *(*gl_readdir) (void *);	
-	void *(*gl_opendir) (const char *);
-	int (*gl_lstat) (const char *, struct stat *);
-	int (*gl_stat) (const char *, struct stat *);
-} glob_t;
-
-#define	GLOB_APPEND	0x0001	/* Append to output from previous call. */
-#define	GLOB_DOOFFS	0x0002	/* Use gl_offs. */
-#define	GLOB_ERR	0x0004	/* Return on error. */
-#define	GLOB_MARK	0x0008	/* Append / to matching directories. */
-#define	GLOB_NOCHECK	0x0010	/* Return pattern itself if nothing matches. */
-#define	GLOB_NOSORT	0x0020	/* Don't sort. */
-
-#define	GLOB_ALTDIRFUNC	0x0040	/* Use alternately specified directory funcs. */
-#define	GLOB_BRACE	0x0080	/* Expand braces ala csh. */
-#define	GLOB_MAGCHAR	0x0100	/* Pattern had globbing characters. */
-#define	GLOB_NOMAGIC	0x0200	/* GLOB_NOCHECK without magic chars (csh). */
-#define	GLOB_QUOTE	0x0400	/* Quote special chars with \. */
-#define	GLOB_TILDE	0x0800	/* Expand tilde names from the passwd file. */
-
-#define	GLOB_NOSPACE	(-1)	/* Malloc call failed. */
-#define	GLOB_ABEND	(-2)	/* Unignored error. */
-
-int	glob (const char *, int, int (*)(const char *, int), glob_t *);
-void	globfree (glob_t *);
-
-#endif /* !_GLOB_H_ */
diff --git a/crypto/kerberosIV/appl/ftp/common/sockbuf.c b/crypto/kerberosIV/appl/ftp/common/sockbuf.c
deleted file mode 100644
index ab8c293f6548..000000000000
--- a/crypto/kerberosIV/appl/ftp/common/sockbuf.c
+++ /dev/null
@@ -1,61 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "common.h"
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-
-RCSID("$Id: sockbuf.c,v 1.2 1997/05/11 10:01:48 assar Exp $");
-
-void
-set_buffer_size(int fd, int read)
-{
-#if defined(SO_RCVBUF) && defined(SO_SNDBUF) && defined(HAVE_SETSOCKOPT)
-    size_t size = 4194304;
-    while(size >= 131072 && 
-	  setsockopt(fd, SOL_SOCKET, read ? SO_RCVBUF : SO_SNDBUF, 
-		     (void *)&size, sizeof(size)) < 0)
-	size /= 2;
-#endif
-}
-
-
diff --git a/crypto/kerberosIV/appl/ftp/ftp/Makefile.in b/crypto/kerberosIV/appl/ftp/ftp/Makefile.in
deleted file mode 100644
index 62bde3b17eab..000000000000
--- a/crypto/kerberosIV/appl/ftp/ftp/Makefile.in
+++ /dev/null
@@ -1,76 +0,0 @@
-# 
-# $Id: Makefile.in,v 1.24 1997/03/23 13:03:55 assar Exp $
-#
-
-SHELL		= /bin/sh
-
-srcdir		= @srcdir@
-top_srcdir	= @top_srcdir@
-VPATH		= @srcdir@
-
-topdir		= ../../..
-
-CC 	= @CC@
-RANLIB 	= @RANLIB@
-DEFS 	= @DEFS@
-CFLAGS 	= @CFLAGS@
-CPPFLAGS= @CPPFLAGS@ -I. -I$(srcdir) -I$(topdir) -I$(top_srcdir) -I$(topdir)/include -I$(top_srcdir)/include -I$(srcdir)/../common  @INCLUDE_readline@
-LD_FLAGS = @LD_FLAGS@
-LIB_tgetent = @LIB_tgetent@
-LIBS	 = @LIBS@ @LIB_readline@
-MKINSTALLDIRS = $(top_srcdir)/mkinstalldirs
-
-INSTALL = @INSTALL@
-INSTALL_PROGRAM = @INSTALL_PROGRAM@
-
-prefix 	= @prefix@
-exec_prefix = @exec_prefix@
-bindir = @bindir@
-libdir = @libdir@
-transform=@program_transform_name@
-EXECSUFFIX=@EXECSUFFIX@
-
-INCTOP = $(topdir)/include
-
-LIBTOP = $(topdir)/lib
-
-PROGS = ftp$(EXECSUFFIX)
-
-ftp_OBJS = cmds.o cmdtab.o ftp.o krb4.o main.o ruserpass.o domacro.o \
-	globals.o kauth.o
-
-ftp_SOURCES = cmds.c cmdtab.c ftp.c krb4.c main.c ruserpass.c \
-	domacro.c globals.c kauth.c
-
-OBJECTS = $(ftp_OBJS)
-SOURCES = $(ftp_SOURCES)
-
-all: $(PROGS)
-
-.c.o:
-	$(CC) -c $(CFLAGS) $(CPPFLAGS) $(DEFS) $<
-
-install: all
-	$(MKINSTALLDIRS) $(bindir)
-	for x in $(PROGS); do \
-	  $(INSTALL_PROGRAM) $$x $(bindir)/`echo $$x | sed '$(transform)'`; \
-	done
-
-uninstall:
-	for x in $(PROGS); do \
-	  rm -f $(bindir)/`echo $$x | sed '$(transform)'`; \
-	done
-
-ftp$(EXECSUFFIX): $(ftp_OBJS) # ../common/libcommon.a
-	$(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ $(ftp_OBJS) -L../common -lcommon -L$(LIBTOP)/krb -lkrb -L$(LIBTOP)/des -ldes -L$(LIBTOP)/roken -lroken $(LIBS) -L$(LIBTOP)/roken -lroken
-
-TAGS: $(SOURCES)
-	etags $(SOURCES)
-
-clean cleandir:
-	rm -f *~ *.o core ftp \#*
-
-distclean: 
-	rm -f Makefile
-
-$(OBJECTS): ../../../include/config.h
diff --git a/crypto/kerberosIV/appl/ftp/ftp/cmds.c b/crypto/kerberosIV/appl/ftp/ftp/cmds.c
deleted file mode 100644
index 5e1980b703e1..000000000000
--- a/crypto/kerberosIV/appl/ftp/ftp/cmds.c
+++ /dev/null
@@ -1,2073 +0,0 @@
-/*
- * Copyright (c) 1985, 1989, 1993, 1994
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/*
- * FTP User Program -- Command Routines.
- */
-
-#include "ftp_locl.h"
-RCSID("$Id: cmds.c,v 1.23 1997/06/01 22:52:37 assar Exp $");
-
-typedef void (*sighand)(int);
-
-jmp_buf	jabort;
-char   *mname;
-char   *home = "/";
-
-/*
- * `Another' gets another argument, and stores the new argc and argv.
- * It reverts to the top level (via main.c's intr()) on EOF/error.
- *
- * Returns false if no new arguments have been added.
- */
-int
-another(int *pargc, char ***pargv, char *prompt)
-{
-	int len = strlen(line), ret;
-
-	if (len >= sizeof(line) - 3) {
-		printf("sorry, arguments too long\n");
-		intr(0);
-	}
-	printf("(%s) ", prompt);
-	line[len++] = ' ';
-	if (fgets(&line[len], sizeof(line) - len, stdin) == NULL)
-		intr(0);
-	len += strlen(&line[len]);
-	if (len > 0 && line[len - 1] == '\n')
-		line[len - 1] = '\0';
-	makeargv();
-	ret = margc > *pargc;
-	*pargc = margc;
-	*pargv = margv;
-	return (ret);
-}
-
-/*
- * Connect to peer server and
- * auto-login, if possible.
- */
-void
-setpeer(int argc, char **argv)
-{
-	char *host;
-	short port;
-	struct servent *sp;
-
-	if (connected) {
-		printf("Already connected to %s, use close first.\n",
-			hostname);
-		code = -1;
-		return;
-	}
-	if (argc < 2)
-		another(&argc, &argv, "to");
-	if (argc < 2 || argc > 3) {
-		printf("usage: %s host-name [port]\n", argv[0]);
-		code = -1;
-		return;
-	}
-	sp = getservbyname("ftp", "tcp");
-	if (sp == NULL)
-		errx(1, "You bastard. You removed ftp/tcp from services");
-	port = sp->s_port;
-	if (argc > 2) {
-		port = atoi(argv[2]);
-		if (port <= 0) {
-			printf("%s: bad port number-- %s\n", argv[1], argv[2]);
-			printf ("usage: %s host-name [port]\n", argv[0]);
-			code = -1;
-			return;
-		}
-		port = htons(port);
-	}
-	host = hookup(argv[1], port);
-	if (host) {
-		int overbose;
-
-		connected = 1;
-		/*
-		 * Set up defaults for FTP.
-		 */
-		strcpy(typename, "ascii"), type = TYPE_A;
-		curtype = TYPE_A;
-		strcpy(formname, "non-print"), form = FORM_N;
-		strcpy(modename, "stream"), mode = MODE_S;
-		strcpy(structname, "file"), stru = STRU_F;
-		strcpy(bytename, "8"), bytesize = 8;
-		if (autologin)
-			login(argv[1]);
-
-#if (defined(unix) || defined(__unix__) || defined(__unix) || defined(_AIX) || defined(_CRAY)) && NBBY == 8
-/*
- * this ifdef is to keep someone form "porting" this to an incompatible
- * system and not checking this out. This way they have to think about it.
- */
-		overbose = verbose;
-		if (debug == 0)
-			verbose = -1;
-		if (command("SYST") == COMPLETE && overbose) {
-			char *cp, c;
-			cp = strchr(reply_string+4, ' ');
-			if (cp == NULL)
-				cp = strchr(reply_string+4, '\r');
-			if (cp) {
-				if (cp[-1] == '.')
-					cp--;
-				c = *cp;
-				*cp = '\0';
-			}
-
-			printf("Remote system type is %s.\n",
-				reply_string+4);
-			if (cp)
-				*cp = c;
-		}
-		if (!strncmp(reply_string, "215 UNIX Type: L8", 17)) {
-			if (proxy)
-				unix_proxy = 1;
-			else
-				unix_server = 1;
-			/*
-			 * Set type to 0 (not specified by user),
-			 * meaning binary by default, but don't bother
-			 * telling server.  We can use binary
-			 * for text files unless changed by the user.
-			 */
-			type = 0;
-			strcpy(typename, "binary");
-			if (overbose)
-			    printf("Using %s mode to transfer files.\n",
-				typename);
-		} else {
-			if (proxy)
-				unix_proxy = 0;
-			else
-				unix_server = 0;
-			if (overbose && 
-			    !strncmp(reply_string, "215 TOPS20", 10))
-				printf(
-"Remember to set tenex mode when transfering binary files from this machine.\n");
-		}
-		verbose = overbose;
-#endif /* unix */
-	}
-}
-
-struct	types {
-	char	*t_name;
-	char	*t_mode;
-	int	t_type;
-	char	*t_arg;
-} types[] = {
-	{ "ascii",	"A",	TYPE_A,	0 },
-	{ "binary",	"I",	TYPE_I,	0 },
-	{ "image",	"I",	TYPE_I,	0 },
-	{ "ebcdic",	"E",	TYPE_E,	0 },
-	{ "tenex",	"L",	TYPE_L,	bytename },
-	{ NULL }
-};
-
-/*
- * Set transfer type.
- */
-void
-settype(int argc, char **argv)
-{
-	struct types *p;
-	int comret;
-
-	if (argc > 2) {
-		char *sep;
-
-		printf("usage: %s [", argv[0]);
-		sep = " ";
-		for (p = types; p->t_name; p++) {
-			printf("%s%s", sep, p->t_name);
-			sep = " | ";
-		}
-		printf(" ]\n");
-		code = -1;
-		return;
-	}
-	if (argc < 2) {
-		printf("Using %s mode to transfer files.\n", typename);
-		code = 0;
-		return;
-	}
-	for (p = types; p->t_name; p++)
-		if (strcmp(argv[1], p->t_name) == 0)
-			break;
-	if (p->t_name == 0) {
-		printf("%s: unknown mode\n", argv[1]);
-		code = -1;
-		return;
-	}
-	if ((p->t_arg != NULL) && (*(p->t_arg) != '\0'))
-		comret = command ("TYPE %s %s", p->t_mode, p->t_arg);
-	else
-		comret = command("TYPE %s", p->t_mode);
-	if (comret == COMPLETE) {
-		strcpy(typename, p->t_name);
-		curtype = type = p->t_type;
-	}
-}
-
-/*
- * Internal form of settype; changes current type in use with server
- * without changing our notion of the type for data transfers.
- * Used to change to and from ascii for listings.
- */
-void
-changetype(int newtype, int show)
-{
-	struct types *p;
-	int comret, oldverbose = verbose;
-
-	if (newtype == 0)
-		newtype = TYPE_I;
-	if (newtype == curtype)
-		return;
-	if (debug == 0 && show == 0)
-		verbose = 0;
-	for (p = types; p->t_name; p++)
-		if (newtype == p->t_type)
-			break;
-	if (p->t_name == 0) {
-		printf("ftp: internal error: unknown type %d\n", newtype);
-		return;
-	}
-	if (newtype == TYPE_L && bytename[0] != '\0')
-		comret = command("TYPE %s %s", p->t_mode, bytename);
-	else
-		comret = command("TYPE %s", p->t_mode);
-	if (comret == COMPLETE)
-		curtype = newtype;
-	verbose = oldverbose;
-}
-
-char *stype[] = {
-	"type",
-	"",
-	0
-};
-
-/*
- * Set binary transfer type.
- */
-/*VARARGS*/
-void
-setbinary(int argc, char **argv)
-{
-
-	stype[1] = "binary";
-	settype(2, stype);
-}
-
-/*
- * Set ascii transfer type.
- */
-/*VARARGS*/
-void
-setascii(int argc, char **argv)
-{
-
-	stype[1] = "ascii";
-	settype(2, stype);
-}
-
-/*
- * Set tenex transfer type.
- */
-/*VARARGS*/
-void
-settenex(int argc, char **argv)
-{
-
-	stype[1] = "tenex";
-	settype(2, stype);
-}
-
-/*
- * Set file transfer mode.
- */
-/*ARGSUSED*/
-void
-setftmode(int argc, char **argv)
-{
-
-	printf("We only support %s mode, sorry.\n", modename);
-	code = -1;
-}
-
-/*
- * Set file transfer format.
- */
-/*ARGSUSED*/
-void
-setform(int argc, char **argv)
-{
-
-	printf("We only support %s format, sorry.\n", formname);
-	code = -1;
-}
-
-/*
- * Set file transfer structure.
- */
-/*ARGSUSED*/
-void
-setstruct(int argc, char **argv)
-{
-
-	printf("We only support %s structure, sorry.\n", structname);
-	code = -1;
-}
-
-/*
- * Send a single file.
- */
-void
-put(int argc, char **argv)
-{
-	char *cmd;
-	int loc = 0;
-	char *oldargv1, *oldargv2;
-
-	if (argc == 2) {
-		argc++;
-		argv[2] = argv[1];
-		loc++;
-	}
-	if (argc < 2 && !another(&argc, &argv, "local-file"))
-		goto usage;
-	if (argc < 3 && !another(&argc, &argv, "remote-file")) {
-usage:
-		printf("usage: %s local-file remote-file\n", argv[0]);
-		code = -1;
-		return;
-	}
-	oldargv1 = argv[1];
-	oldargv2 = argv[2];
-	if (!globulize(&argv[1])) {
-		code = -1;
-		return;
-	}
-	/*
-	 * If "globulize" modifies argv[1], and argv[2] is a copy of
-	 * the old argv[1], make it a copy of the new argv[1].
-	 */
-	if (argv[1] != oldargv1 && argv[2] == oldargv1) {
-		argv[2] = argv[1];
-	}
-	cmd = (argv[0][0] == 'a') ? "APPE" : ((sunique) ? "STOU" : "STOR");
-	if (loc && ntflag) {
-		argv[2] = dotrans(argv[2]);
-	}
-	if (loc && mapflag) {
-		argv[2] = domap(argv[2]);
-	}
-	sendrequest(cmd, argv[1], argv[2],
-	    argv[1] != oldargv1 || argv[2] != oldargv2);
-}
-
-/* ARGSUSED */
-static RETSIGTYPE
-mabort(int signo)
-{
-	int ointer;
-
-	printf("\n");
-	fflush(stdout);
-	if (mflag && fromatty) {
-		ointer = interactive;
-		interactive = 1;
-		if (confirm("Continue with", mname)) {
-			interactive = ointer;
-			longjmp(jabort,0);
-		}
-		interactive = ointer;
-	}
-	mflag = 0;
-	longjmp(jabort,0);
-}
-
-/*
- * Send multiple files.
- */
-void
-mput(int argc, char **argv)
-{
-	int i;
-	RETSIGTYPE (*oldintr)();
-	int ointer;
-	char *tp;
-
-	if (argc < 2 && !another(&argc, &argv, "local-files")) {
-		printf("usage: %s local-files\n", argv[0]);
-		code = -1;
-		return;
-	}
-	mname = argv[0];
-	mflag = 1;
-	oldintr = signal(SIGINT, mabort);
-	setjmp(jabort);
-	if (proxy) {
-		char *cp, *tp2, tmpbuf[MaxPathLen];
-
-		while ((cp = remglob(argv,0)) != NULL) {
-			if (*cp == 0) {
-				mflag = 0;
-				continue;
-			}
-			if (mflag && confirm(argv[0], cp)) {
-				tp = cp;
-				if (mcase) {
-					while (*tp && !islower(*tp)) {
-						tp++;
-					}
-					if (!*tp) {
-						tp = cp;
-						tp2 = tmpbuf;
-						while ((*tp2 = *tp) != '\0') {
-						     if (isupper(*tp2)) {
-						        *tp2 = 'a' + *tp2 - 'A';
-						     }
-						     tp++;
-						     tp2++;
-						}
-					}
-					tp = tmpbuf;
-				}
-				if (ntflag) {
-					tp = dotrans(tp);
-				}
-				if (mapflag) {
-					tp = domap(tp);
-				}
-				sendrequest((sunique) ? "STOU" : "STOR",
-				    cp, tp, cp != tp || !interactive);
-				if (!mflag && fromatty) {
-					ointer = interactive;
-					interactive = 1;
-					if (confirm("Continue with","mput")) {
-						mflag++;
-					}
-					interactive = ointer;
-				}
-			}
-		}
-		signal(SIGINT, oldintr);
-		mflag = 0;
-		return;
-	}
-	for (i = 1; i < argc; i++) {
-		char **cpp;
-		glob_t gl;
-		int flags;
-
-		if (!doglob) {
-			if (mflag && confirm(argv[0], argv[i])) {
-				tp = (ntflag) ? dotrans(argv[i]) : argv[i];
-				tp = (mapflag) ? domap(tp) : tp;
-				sendrequest((sunique) ? "STOU" : "STOR",
-				    argv[i], tp, tp != argv[i] || !interactive);
-				if (!mflag && fromatty) {
-					ointer = interactive;
-					interactive = 1;
-					if (confirm("Continue with","mput")) {
-						mflag++;
-					}
-					interactive = ointer;
-				}
-			}
-			continue;
-		}
-
-		memset(&gl, 0, sizeof(gl));
-		flags = GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE;
-		if (glob(argv[i], flags, NULL, &gl) || gl.gl_pathc == 0) {
-			warnx("%s: not found", argv[i]);
-			globfree(&gl);
-			continue;
-		}
-		for (cpp = gl.gl_pathv; cpp && *cpp != NULL; cpp++) {
-			if (mflag && confirm(argv[0], *cpp)) {
-				tp = (ntflag) ? dotrans(*cpp) : *cpp;
-				tp = (mapflag) ? domap(tp) : tp;
-				sendrequest((sunique) ? "STOU" : "STOR",
-				    *cpp, tp, *cpp != tp || !interactive);
-				if (!mflag && fromatty) {
-					ointer = interactive;
-					interactive = 1;
-					if (confirm("Continue with","mput")) {
-						mflag++;
-					}
-					interactive = ointer;
-				}
-			}
-		}
-		globfree(&gl);
-	}
-	signal(SIGINT, oldintr);
-	mflag = 0;
-}
-
-void
-reget(int argc, char **argv)
-{
-
-	getit(argc, argv, 1, "r+w");
-}
-
-void
-get(int argc, char **argv)
-{
-
-	getit(argc, argv, 0, restart_point ? "r+w" : "w" );
-}
-
-/*
- * Receive one file.
- */
-int
-getit(int argc, char **argv, int restartit, char *mode)
-{
-	int loc = 0;
-	char *oldargv1, *oldargv2;
-
-	if (argc == 2) {
-		argc++;
-		argv[2] = argv[1];
-		loc++;
-	}
-	if (argc < 2 && !another(&argc, &argv, "remote-file"))
-		goto usage;
-	if (argc < 3 && !another(&argc, &argv, "local-file")) {
-usage:
-		printf("usage: %s remote-file [ local-file ]\n", argv[0]);
-		code = -1;
-		return (0);
-	}
-	oldargv1 = argv[1];
-	oldargv2 = argv[2];
-	if (!globulize(&argv[2])) {
-		code = -1;
-		return (0);
-	}
-	if (loc && mcase) {
-		char *tp = argv[1], *tp2, tmpbuf[MaxPathLen];
-
-		while (*tp && !islower(*tp)) {
-			tp++;
-		}
-		if (!*tp) {
-			tp = argv[2];
-			tp2 = tmpbuf;
-			while ((*tp2 = *tp) != '\0') {
-				if (isupper(*tp2)) {
-					*tp2 = 'a' + *tp2 - 'A';
-				}
-				tp++;
-				tp2++;
-			}
-			argv[2] = tmpbuf;
-		}
-	}
-	if (loc && ntflag)
-		argv[2] = dotrans(argv[2]);
-	if (loc && mapflag)
-		argv[2] = domap(argv[2]);
-	if (restartit) {
-		struct stat stbuf;
-		int ret;
-
-		ret = stat(argv[2], &stbuf);
-		if (restartit == 1) {
-			if (ret < 0) {
-				warn("local: %s", argv[2]);
-				return (0);
-			}
-			restart_point = stbuf.st_size;
-		} else {
-			if (ret == 0) {
-				int overbose;
-
-				overbose = verbose;
-				if (debug == 0)
-					verbose = -1;
-				if (command("MDTM %s", argv[1]) == COMPLETE) {
-					int yy, mo, day, hour, min, sec;
-					struct tm *tm;
-					verbose = overbose;
-					sscanf(reply_string,
-					    "%*s %04d%02d%02d%02d%02d%02d",
-					    &yy, &mo, &day, &hour, &min, &sec);
-					tm = gmtime(&stbuf.st_mtime);
-					tm->tm_mon++;
-					if (tm->tm_year > yy%100)
-						return (1);
-					if ((tm->tm_year == yy%100 && 
-					    tm->tm_mon > mo) ||
-					   (tm->tm_mon == mo && 
-					    tm->tm_mday > day) ||
-					   (tm->tm_mday == day && 
-					    tm->tm_hour > hour) ||
-					   (tm->tm_hour == hour && 
-					    tm->tm_min > min) ||
-					   (tm->tm_min == min && 
-					    tm->tm_sec > sec))
-						return (1);
-				} else {
-					printf("%s\n", reply_string);
-					verbose = overbose;
-					return (0);
-				}
-			}
-		}
-	}
-
-	recvrequest("RETR", argv[2], argv[1], mode,
-	    argv[1] != oldargv1 || argv[2] != oldargv2);
-	restart_point = 0;
-	return (0);
-}
-
-/*
- * Get multiple files.
- */
-void
-mget(int argc, char **argv)
-{
-	sighand oldintr;
-	int ch, ointer;
-	char *cp, *tp, *tp2, tmpbuf[MaxPathLen];
-
-	if (argc < 2 && !another(&argc, &argv, "remote-files")) {
-		printf("usage: %s remote-files\n", argv[0]);
-		code = -1;
-		return;
-	}
-	mname = argv[0];
-	mflag = 1;
-	oldintr = signal(SIGINT, mabort);
-	setjmp(jabort);
-	while ((cp = remglob(argv,proxy)) != NULL) {
-		if (*cp == '\0') {
-			mflag = 0;
-			continue;
-		}
-		if (mflag && confirm(argv[0], cp)) {
-			tp = cp;
-			if (mcase) {
-				for (tp2 = tmpbuf; (ch = *tp++);)
-					*tp2++ = isupper(ch) ? tolower(ch) : ch;
-				*tp2 = '\0';
-				tp = tmpbuf;
-			}
-			if (ntflag) {
-				tp = dotrans(tp);
-			}
-			if (mapflag) {
-				tp = domap(tp);
-			}
-			recvrequest("RETR", tp, cp, "w",
-			    tp != cp || !interactive);
-			if (!mflag && fromatty) {
-				ointer = interactive;
-				interactive = 1;
-				if (confirm("Continue with","mget")) {
-					mflag++;
-				}
-				interactive = ointer;
-			}
-		}
-	}
-	signal(SIGINT,oldintr);
-	mflag = 0;
-}
-
-char *
-remglob(char **argv, int doswitch)
-{
-	char temp[16];
-	static char buf[MaxPathLen];
-	static FILE *ftemp = NULL;
-	static char **args;
-	int oldverbose, oldhash;
-	char *cp, *mode;
-
-	if (!mflag) {
-		if (!doglob) {
-			args = NULL;
-		}
-		else {
-			if (ftemp) {
-				fclose(ftemp);
-				ftemp = NULL;
-			}
-		}
-		return (NULL);
-	}
-	if (!doglob) {
-		if (args == NULL)
-			args = argv;
-		if ((cp = *++args) == NULL)
-			args = NULL;
-		return (cp);
-	}
-	if (ftemp == NULL) {
-		strcpy(temp, _PATH_TMP_XXX);
-		mktemp(temp);
-		oldverbose = verbose, verbose = 0;
-		oldhash = hash, hash = 0;
-		if (doswitch) {
-			pswitch(!proxy);
-		}
-		for (mode = "w"; *++argv != NULL; mode = "a")
-			recvrequest ("NLST", temp, *argv, mode, 0);
-		if (doswitch) {
-			pswitch(!proxy);
-		}
-		verbose = oldverbose; hash = oldhash;
-		ftemp = fopen(temp, "r");
-		unlink(temp);
-		if (ftemp == NULL) {
-			printf("can't find list of remote files, oops\n");
-			return (NULL);
-		}
-	}
-	if (fgets(buf, sizeof (buf), ftemp) == NULL) {
-		fclose(ftemp);
-		ftemp = NULL;
-		return (NULL);
-	}
-	if ((cp = strchr(buf, '\n')) != NULL)
-		*cp = '\0';
-	return (buf);
-}
-
-char *
-onoff(int bool)
-{
-
-	return (bool ? "on" : "off");
-}
-
-/*
- * Show status.
- */
-/*ARGSUSED*/
-void
-status(int argc, char **argv)
-{
-	int i;
-
-	if (connected)
-		printf("Connected to %s.\n", hostname);
-	else
-		printf("Not connected.\n");
-	if (!proxy) {
-		pswitch(1);
-		if (connected) {
-			printf("Connected for proxy commands to %s.\n", hostname);
-		}
-		else {
-			printf("No proxy connection.\n");
-		}
-		pswitch(0);
-	}
-	sec_status();
-	printf("Mode: %s; Type: %s; Form: %s; Structure: %s\n",
-		modename, typename, formname, structname);
-	printf("Verbose: %s; Bell: %s; Prompting: %s; Globbing: %s\n", 
-		onoff(verbose), onoff(bell), onoff(interactive),
-		onoff(doglob));
-	printf("Store unique: %s; Receive unique: %s\n", onoff(sunique),
-		onoff(runique));
-	printf("Case: %s; CR stripping: %s\n",onoff(mcase),onoff(crflag));
-	if (ntflag) {
-		printf("Ntrans: (in) %s (out) %s\n", ntin,ntout);
-	}
-	else {
-		printf("Ntrans: off\n");
-	}
-	if (mapflag) {
-		printf("Nmap: (in) %s (out) %s\n", mapin, mapout);
-	}
-	else {
-		printf("Nmap: off\n");
-	}
-	printf("Hash mark printing: %s; Use of PORT cmds: %s\n",
-		onoff(hash), onoff(sendport));
-	if (macnum > 0) {
-		printf("Macros:\n");
-		for (i=0; i<macnum; i++) {
-			printf("\t%s\n",macros[i].mac_name);
-		}
-	}
-	code = 0;
-}
-
-/*
- * Set beep on cmd completed mode.
- */
-/*VARARGS*/
-void
-setbell(int argc, char **argv)
-{
-
-	bell = !bell;
-	printf("Bell mode %s.\n", onoff(bell));
-	code = bell;
-}
-
-/*
- * Turn on packet tracing.
- */
-/*VARARGS*/
-void
-settrace(int argc, char **argv)
-{
-
-	trace = !trace;
-	printf("Packet tracing %s.\n", onoff(trace));
-	code = trace;
-}
-
-/*
- * Toggle hash mark printing during transfers.
- */
-/*VARARGS*/
-void
-sethash(int argc, char **argv)
-{
-
-	hash = !hash;
-	printf("Hash mark printing %s", onoff(hash));
-	code = hash;
-	if (hash)
-		printf(" (%d bytes/hash mark)", 1024);
-	printf(".\n");
-}
-
-/*
- * Turn on printing of server echo's.
- */
-/*VARARGS*/
-void
-setverbose(int argc, char **argv)
-{
-
-	verbose = !verbose;
-	printf("Verbose mode %s.\n", onoff(verbose));
-	code = verbose;
-}
-
-/*
- * Toggle PORT cmd use before each data connection.
- */
-/*VARARGS*/
-void
-setport(int argc, char **argv)
-{
-
-	sendport = !sendport;
-	printf("Use of PORT cmds %s.\n", onoff(sendport));
-	code = sendport;
-}
-
-/*
- * Turn on interactive prompting
- * during mget, mput, and mdelete.
- */
-/*VARARGS*/
-void
-setprompt(int argc, char **argv)
-{
-
-	interactive = !interactive;
-	printf("Interactive mode %s.\n", onoff(interactive));
-	code = interactive;
-}
-
-/*
- * Toggle metacharacter interpretation
- * on local file names.
- */
-/*VARARGS*/
-void
-setglob(int argc, char **argv)
-{
-	
-	doglob = !doglob;
-	printf("Globbing %s.\n", onoff(doglob));
-	code = doglob;
-}
-
-/*
- * Set debugging mode on/off and/or
- * set level of debugging.
- */
-/*VARARGS*/
-void
-setdebug(int argc, char **argv)
-{
-	int val;
-
-	if (argc > 1) {
-		val = atoi(argv[1]);
-		if (val < 0) {
-			printf("%s: bad debugging value.\n", argv[1]);
-			code = -1;
-			return;
-		}
-	} else
-		val = !debug;
-	debug = val;
-	if (debug)
-		options |= SO_DEBUG;
-	else
-		options &= ~SO_DEBUG;
-	printf("Debugging %s (debug=%d).\n", onoff(debug), debug);
-	code = debug > 0;
-}
-
-/*
- * Set current working directory
- * on remote machine.
- */
-void
-cd(int argc, char **argv)
-{
-
-	if (argc < 2 && !another(&argc, &argv, "remote-directory")) {
-		printf("usage: %s remote-directory\n", argv[0]);
-		code = -1;
-		return;
-	}
-	if (command("CWD %s", argv[1]) == ERROR && code == 500) {
-		if (verbose)
-			printf("CWD command not recognized, trying XCWD\n");
-		command("XCWD %s", argv[1]);
-	}
-}
-
-/*
- * Set current working directory
- * on local machine.
- */
-void
-lcd(int argc, char **argv)
-{
-	char buf[MaxPathLen];
-
-	if (argc < 2)
-		argc++, argv[1] = home;
-	if (argc != 2) {
-		printf("usage: %s local-directory\n", argv[0]);
-		code = -1;
-		return;
-	}
-	if (!globulize(&argv[1])) {
-		code = -1;
-		return;
-	}
-	if (chdir(argv[1]) < 0) {
-		warn("local: %s", argv[1]);
-		code = -1;
-		return;
-	}
-	if (getcwd(buf, sizeof(buf)) != NULL)
-		printf("Local directory now %s\n", buf);
-	else
-		warnx("getwd: %s", buf);
-	code = 0;
-}
-
-/*
- * Delete a single file.
- */
-void
-delete(int argc, char **argv)
-{
-
-	if (argc < 2 && !another(&argc, &argv, "remote-file")) {
-		printf("usage: %s remote-file\n", argv[0]);
-		code = -1;
-		return;
-	}
-	command("DELE %s", argv[1]);
-}
-
-/*
- * Delete multiple files.
- */
-void
-mdelete(int argc, char **argv)
-{
-	sighand oldintr;
-	int ointer;
-	char *cp;
-
-	if (argc < 2 && !another(&argc, &argv, "remote-files")) {
-		printf("usage: %s remote-files\n", argv[0]);
-		code = -1;
-		return;
-	}
-	mname = argv[0];
-	mflag = 1;
-	oldintr = signal(SIGINT, mabort);
-	setjmp(jabort);
-	while ((cp = remglob(argv,0)) != NULL) {
-		if (*cp == '\0') {
-			mflag = 0;
-			continue;
-		}
-		if (mflag && confirm(argv[0], cp)) {
-			command("DELE %s", cp);
-			if (!mflag && fromatty) {
-				ointer = interactive;
-				interactive = 1;
-				if (confirm("Continue with", "mdelete")) {
-					mflag++;
-				}
-				interactive = ointer;
-			}
-		}
-	}
-	signal(SIGINT, oldintr);
-	mflag = 0;
-}
-
-/*
- * Rename a remote file.
- */
-void
-renamefile(int argc, char **argv)
-{
-
-	if (argc < 2 && !another(&argc, &argv, "from-name"))
-		goto usage;
-	if (argc < 3 && !another(&argc, &argv, "to-name")) {
-usage:
-		printf("%s from-name to-name\n", argv[0]);
-		code = -1;
-		return;
-	}
-	if (command("RNFR %s", argv[1]) == CONTINUE)
-		command("RNTO %s", argv[2]);
-}
-
-/*
- * Get a directory listing
- * of remote files.
- */
-void
-ls(int argc, char **argv)
-{
-	char *cmd;
-
-	if (argc < 2)
-		argc++, argv[1] = NULL;
-	if (argc < 3)
-		argc++, argv[2] = "-";
-	if (argc > 3) {
-		printf("usage: %s remote-directory local-file\n", argv[0]);
-		code = -1;
-		return;
-	}
-	cmd = argv[0][0] == 'n' ? "NLST" : "LIST";
-	if (strcmp(argv[2], "-") && !globulize(&argv[2])) {
-		code = -1;
-		return;
-	}
-	if (strcmp(argv[2], "-") && *argv[2] != '|')
-		if (!globulize(&argv[2]) || !confirm("output to local-file:", argv[2])) {
-			code = -1;
-			return;
-	}
-	recvrequest(cmd, argv[2], argv[1], "w", 0);
-}
-
-/*
- * Get a directory listing
- * of multiple remote files.
- */
-void
-mls(int argc, char **argv)
-{
-	sighand oldintr;
-	int ointer, i;
-	char *cmd, mode[1], *dest;
-
-	if (argc < 2 && !another(&argc, &argv, "remote-files"))
-		goto usage;
-	if (argc < 3 && !another(&argc, &argv, "local-file")) {
-usage:
-		printf("usage: %s remote-files local-file\n", argv[0]);
-		code = -1;
-		return;
-	}
-	dest = argv[argc - 1];
-	argv[argc - 1] = NULL;
-	if (strcmp(dest, "-") && *dest != '|')
-		if (!globulize(&dest) ||
-		    !confirm("output to local-file:", dest)) {
-			code = -1;
-			return;
-	}
-	cmd = argv[0][1] == 'l' ? "NLST" : "LIST";
-	mname = argv[0];
-	mflag = 1;
-	oldintr = signal(SIGINT, mabort);
-	setjmp(jabort);
-	for (i = 1; mflag && i < argc-1; ++i) {
-		*mode = (i == 1) ? 'w' : 'a';
-		recvrequest(cmd, dest, argv[i], mode, 0);
-		if (!mflag && fromatty) {
-			ointer = interactive;
-			interactive = 1;
-			if (confirm("Continue with", argv[0])) {
-				mflag ++;
-			}
-			interactive = ointer;
-		}
-	}
-	signal(SIGINT, oldintr);
-	mflag = 0;
-}
-
-/*
- * Do a shell escape
- */
-/*ARGSUSED*/
-void
-shell(int argc, char **argv)
-{
-	pid_t pid;
-	RETSIGTYPE (*old1)(), (*old2)();
-	char shellnam[40], *shell, *namep; 
-	int status;
-
-	old1 = signal (SIGINT, SIG_IGN);
-	old2 = signal (SIGQUIT, SIG_IGN);
-	if ((pid = fork()) == 0) {
-		for (pid = 3; pid < 20; pid++)
-			close(pid);
-		signal(SIGINT, SIG_DFL);
-		signal(SIGQUIT, SIG_DFL);
-		shell = getenv("SHELL");
-		if (shell == NULL)
-			shell = _PATH_BSHELL;
-		namep = strrchr(shell,'/');
-		if (namep == NULL)
-			namep = shell;
-		strcpy(shellnam,"-");
-		strcat(shellnam, ++namep);
-		if (strcmp(namep, "sh") != 0)
-			shellnam[0] = '+';
-		if (debug) {
-			printf ("%s\n", shell);
-			fflush (stdout);
-		}
-		if (argc > 1) {
-			execl(shell,shellnam,"-c",altarg,(char *)0);
-		}
-		else {
-			execl(shell,shellnam,(char *)0);
-		}
-		warn("%s", shell);
-		code = -1;
-		exit(1);
-	}
-	if (pid > 0)
-		while (waitpid(-1, &status, 0) != pid)
-			;
-	signal(SIGINT, old1);
-	signal(SIGQUIT, old2);
-	if (pid == -1) {
-		warn("%s", "Try again later");
-		code = -1;
-	}
-	else {
-		code = 0;
-	}
-}
-
-/*
- * Send new user information (re-login)
- */
-void
-user(int argc, char **argv)
-{
-	char acct[80];
-	int n, aflag = 0;
-	char tmp[256];
-
-	if (argc < 2)
-		another(&argc, &argv, "username");
-	if (argc < 2 || argc > 4) {
-		printf("usage: %s username [password] [account]\n", argv[0]);
-		code = -1;
-		return;
-	}
-	n = command("USER %s", argv[1]);
-	if (n == CONTINUE) {
-	    if (argc < 3 ) {
-		des_read_pw_string (tmp,
-				    sizeof(tmp),
-				    "Password: ", 0);
-		argv[2] = tmp;
-		argc++;
-	    }
-	    n = command("PASS %s", argv[2]);
-	}
-	if (n == CONTINUE) {
-		if (argc < 4) {
-			printf("Account: "); fflush(stdout);
-			fgets(acct, sizeof(acct) - 1, stdin);
-			acct[strlen(acct) - 1] = '\0';
-			argv[3] = acct; argc++;
-		}
-		n = command("ACCT %s", argv[3]);
-		aflag++;
-	}
-	if (n != COMPLETE) {
-		fprintf(stdout, "Login failed.\n");
-		return;
-	}
-	if (!aflag && argc == 4) {
-		command("ACCT %s", argv[3]);
-	}
-}
-
-/*
- * Print working directory.
- */
-/*VARARGS*/
-void
-pwd(int argc, char **argv)
-{
-	int oldverbose = verbose;
-
-	/*
-	 * If we aren't verbose, this doesn't do anything!
-	 */
-	verbose = 1;
-	if (command("PWD") == ERROR && code == 500) {
-		printf("PWD command not recognized, trying XPWD\n");
-		command("XPWD");
-	}
-	verbose = oldverbose;
-}
-
-/*
- * Make a directory.
- */
-void
-makedir(int argc, char **argv)
-{
-
-	if (argc < 2 && !another(&argc, &argv, "directory-name")) {
-		printf("usage: %s directory-name\n", argv[0]);
-		code = -1;
-		return;
-	}
-	if (command("MKD %s", argv[1]) == ERROR && code == 500) {
-		if (verbose)
-			printf("MKD command not recognized, trying XMKD\n");
-		command("XMKD %s", argv[1]);
-	}
-}
-
-/*
- * Remove a directory.
- */
-void
-removedir(int argc, char **argv)
-{
-
-	if (argc < 2 && !another(&argc, &argv, "directory-name")) {
-		printf("usage: %s directory-name\n", argv[0]);
-		code = -1;
-		return;
-	}
-	if (command("RMD %s", argv[1]) == ERROR && code == 500) {
-		if (verbose)
-			printf("RMD command not recognized, trying XRMD\n");
-		command("XRMD %s", argv[1]);
-	}
-}
-
-/*
- * Send a line, verbatim, to the remote machine.
- */
-void
-quote(int argc, char **argv)
-{
-
-	if (argc < 2 && !another(&argc, &argv, "command line to send")) {
-		printf("usage: %s line-to-send\n", argv[0]);
-		code = -1;
-		return;
-	}
-	quote1("", argc, argv);
-}
-
-/*
- * Send a SITE command to the remote machine.  The line
- * is sent verbatim to the remote machine, except that the
- * word "SITE" is added at the front.
- */
-void
-site(int argc, char **argv)
-{
-
-	if (argc < 2 && !another(&argc, &argv, "arguments to SITE command")) {
-		printf("usage: %s line-to-send\n", argv[0]);
-		code = -1;
-		return;
-	}
-	quote1("SITE ", argc, argv);
-}
-
-/*
- * Turn argv[1..argc) into a space-separated string, then prepend initial text.
- * Send the result as a one-line command and get response.
- */
-void
-quote1(char *initial, int argc, char **argv)
-{
-	int i, len;
-	char buf[BUFSIZ];		/* must be >= sizeof(line) */
-
-	strcpy(buf, initial);
-	if (argc > 1) {
-		len = strlen(buf);
-		len += strlen(strcpy(&buf[len], argv[1]));
-		for (i = 2; i < argc; i++) {
-			buf[len++] = ' ';
-			len += strlen(strcpy(&buf[len], argv[i]));
-		}
-	}
-	if (command(buf) == PRELIM) {
-		while (getreply(0) == PRELIM)
-			continue;
-	}
-}
-
-void
-do_chmod(int argc, char **argv)
-{
-
-	if (argc < 2 && !another(&argc, &argv, "mode"))
-		goto usage;
-	if (argc < 3 && !another(&argc, &argv, "file-name")) {
-usage:
-		printf("usage: %s mode file-name\n", argv[0]);
-		code = -1;
-		return;
-	}
-	command("SITE CHMOD %s %s", argv[1], argv[2]);
-}
-
-void
-do_umask(int argc, char **argv)
-{
-	int oldverbose = verbose;
-
-	verbose = 1;
-	command(argc == 1 ? "SITE UMASK" : "SITE UMASK %s", argv[1]);
-	verbose = oldverbose;
-}
-
-void
-ftp_idle(int argc, char **argv)
-{
-	int oldverbose = verbose;
-
-	verbose = 1;
-	command(argc == 1 ? "SITE IDLE" : "SITE IDLE %s", argv[1]);
-	verbose = oldverbose;
-}
-
-/*
- * Ask the other side for help.
- */
-void
-rmthelp(int argc, char **argv)
-{
-	int oldverbose = verbose;
-
-	verbose = 1;
-	command(argc == 1 ? "HELP" : "HELP %s", argv[1]);
-	verbose = oldverbose;
-}
-
-/*
- * Terminate session and exit.
- */
-/*VARARGS*/
-void
-quit(int argc, char **argv)
-{
-
-	if (connected)
-		disconnect(0, 0);
-	pswitch(1);
-	if (connected) {
-		disconnect(0, 0);
-	}
-	exit(0);
-}
-
-/*
- * Terminate session, but don't exit.
- */
-void
-disconnect(int argc, char **argv)
-{
-
-	if (!connected)
-		return;
-	command("QUIT");
-	if (cout) {
-		fclose(cout);
-	}
-	cout = NULL;
-	connected = 0;
-	krb4_quit();
-	data = -1;
-	if (!proxy) {
-		macnum = 0;
-	}
-}
-
-int
-confirm(char *cmd, char *file)
-{
-	char line[BUFSIZ];
-
-	if (!interactive)
-		return (1);
-	printf("%s %s? ", cmd, file);
-	fflush(stdout);
-	if (fgets(line, sizeof line, stdin) == NULL)
-		return (0);
-	return (*line != 'n' && *line != 'N');
-}
-
-void
-fatal(char *msg)
-{
-
-	errx(1, "%s", msg);
-}
-
-/*
- * Glob a local file name specification with
- * the expectation of a single return value.
- * Can't control multiple values being expanded
- * from the expression, we return only the first.
- */
-int
-globulize(char **cpp)
-{
-	glob_t gl;
-	int flags;
-
-	if (!doglob)
-		return (1);
-
-	flags = GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE;
-	memset(&gl, 0, sizeof(gl));
-	if (glob(*cpp, flags, NULL, &gl) ||
-	    gl.gl_pathc == 0) {
-		warnx("%s: not found", *cpp);
-		globfree(&gl);
-		return (0);
-	}
-	*cpp = strdup(gl.gl_pathv[0]);	/* XXX - wasted memory */
-	globfree(&gl);
-	return (1);
-}
-
-void
-account(int argc, char **argv)
-{
-	char acct[50];
-
-	if (argc > 1) {
-		++argv;
-		--argc;
-		strncpy(acct,*argv,49);
-		acct[49] = '\0';
-		while (argc > 1) {
-			--argc;
-			++argv;
-			strncat(acct,*argv, 49-strlen(acct));
-		}
-	}
-	else {
-	    des_read_pw_string(acct, sizeof(acct), "Account:", 0);
-	}
-	command("ACCT %s", acct);
-}
-
-jmp_buf abortprox;
-
-static RETSIGTYPE
-proxabort(int sig)
-{
-
-	if (!proxy) {
-		pswitch(1);
-	}
-	if (connected) {
-		proxflag = 1;
-	}
-	else {
-		proxflag = 0;
-	}
-	pswitch(0);
-	longjmp(abortprox,1);
-}
-
-void
-doproxy(int argc, char **argv)
-{
-	struct cmd *c;
-	RETSIGTYPE (*oldintr)();
-
-	if (argc < 2 && !another(&argc, &argv, "command")) {
-		printf("usage: %s command\n", argv[0]);
-		code = -1;
-		return;
-	}
-	c = getcmd(argv[1]);
-	if (c == (struct cmd *) -1) {
-		printf("?Ambiguous command\n");
-		fflush(stdout);
-		code = -1;
-		return;
-	}
-	if (c == 0) {
-		printf("?Invalid command\n");
-		fflush(stdout);
-		code = -1;
-		return;
-	}
-	if (!c->c_proxy) {
-		printf("?Invalid proxy command\n");
-		fflush(stdout);
-		code = -1;
-		return;
-	}
-	if (setjmp(abortprox)) {
-		code = -1;
-		return;
-	}
-	oldintr = signal(SIGINT, proxabort);
-	pswitch(1);
-	if (c->c_conn && !connected) {
-		printf("Not connected\n");
-		fflush(stdout);
-		pswitch(0);
-		signal(SIGINT, oldintr);
-		code = -1;
-		return;
-	}
-	(*c->c_handler)(argc-1, argv+1);
-	if (connected) {
-		proxflag = 1;
-	}
-	else {
-		proxflag = 0;
-	}
-	pswitch(0);
-	signal(SIGINT, oldintr);
-}
-
-void
-setcase(int argc, char **argv)
-{
-
-	mcase = !mcase;
-	printf("Case mapping %s.\n", onoff(mcase));
-	code = mcase;
-}
-
-void
-setcr(int argc, char **argv)
-{
-
-	crflag = !crflag;
-	printf("Carriage Return stripping %s.\n", onoff(crflag));
-	code = crflag;
-}
-
-void
-setntrans(int argc, char **argv)
-{
-	if (argc == 1) {
-		ntflag = 0;
-		printf("Ntrans off.\n");
-		code = ntflag;
-		return;
-	}
-	ntflag++;
-	code = ntflag;
-	strncpy(ntin, argv[1], 16);
-	ntin[16] = '\0';
-	if (argc == 2) {
-		ntout[0] = '\0';
-		return;
-	}
-	strncpy(ntout, argv[2], 16);
-	ntout[16] = '\0';
-}
-
-char *
-dotrans(char *name)
-{
-	static char new[MaxPathLen];
-	char *cp1, *cp2 = new;
-	int i, ostop, found;
-
-	for (ostop = 0; *(ntout + ostop) && ostop < 16; ostop++)
-		continue;
-	for (cp1 = name; *cp1; cp1++) {
-		found = 0;
-		for (i = 0; *(ntin + i) && i < 16; i++) {
-			if (*cp1 == *(ntin + i)) {
-				found++;
-				if (i < ostop) {
-					*cp2++ = *(ntout + i);
-				}
-				break;
-			}
-		}
-		if (!found) {
-			*cp2++ = *cp1;
-		}
-	}
-	*cp2 = '\0';
-	return (new);
-}
-
-void
-setnmap(int argc, char **argv)
-{
-	char *cp;
-
-	if (argc == 1) {
-		mapflag = 0;
-		printf("Nmap off.\n");
-		code = mapflag;
-		return;
-	}
-	if (argc < 3 && !another(&argc, &argv, "mapout")) {
-		printf("Usage: %s [mapin mapout]\n",argv[0]);
-		code = -1;
-		return;
-	}
-	mapflag = 1;
-	code = 1;
-	cp = strchr(altarg, ' ');
-	if (proxy) {
-		while(*++cp == ' ')
-			continue;
-		altarg = cp;
-		cp = strchr(altarg, ' ');
-	}
-	*cp = '\0';
-	strncpy(mapin, altarg, MaxPathLen - 1);
-	while (*++cp == ' ')
-		continue;
-	strncpy(mapout, cp, MaxPathLen - 1);
-}
-
-char *
-domap(char *name)
-{
-	static char new[MaxPathLen];
-	char *cp1 = name, *cp2 = mapin;
-	char *tp[9], *te[9];
-	int i, toks[9], toknum = 0, match = 1;
-
-	for (i=0; i < 9; ++i) {
-		toks[i] = 0;
-	}
-	while (match && *cp1 && *cp2) {
-		switch (*cp2) {
-			case '\\':
-				if (*++cp2 != *cp1) {
-					match = 0;
-				}
-				break;
-			case '$':
-				if (*(cp2+1) >= '1' && (*cp2+1) <= '9') {
-					if (*cp1 != *(++cp2+1)) {
-						toks[toknum = *cp2 - '1']++;
-						tp[toknum] = cp1;
-						while (*++cp1 && *(cp2+1)
-							!= *cp1);
-						te[toknum] = cp1;
-					}
-					cp2++;
-					break;
-				}
-				/* FALLTHROUGH */
-			default:
-				if (*cp2 != *cp1) {
-					match = 0;
-				}
-				break;
-		}
-		if (match && *cp1) {
-			cp1++;
-		}
-		if (match && *cp2) {
-			cp2++;
-		}
-	}
-	if (!match && *cp1) /* last token mismatch */
-	{
-		toks[toknum] = 0;
-	}
-	cp1 = new;
-	*cp1 = '\0';
-	cp2 = mapout;
-	while (*cp2) {
-		match = 0;
-		switch (*cp2) {
-			case '\\':
-				if (*(cp2 + 1)) {
-					*cp1++ = *++cp2;
-				}
-				break;
-			case '[':
-LOOP:
-				if (*++cp2 == '$' && isdigit(*(cp2+1))) { 
-					if (*++cp2 == '0') {
-						char *cp3 = name;
-
-						while (*cp3) {
-							*cp1++ = *cp3++;
-						}
-						match = 1;
-					}
-					else if (toks[toknum = *cp2 - '1']) {
-						char *cp3 = tp[toknum];
-
-						while (cp3 != te[toknum]) {
-							*cp1++ = *cp3++;
-						}
-						match = 1;
-					}
-				}
-				else {
-					while (*cp2 && *cp2 != ',' && 
-					    *cp2 != ']') {
-						if (*cp2 == '\\') {
-							cp2++;
-						}
-						else if (*cp2 == '$' &&
-   						        isdigit(*(cp2+1))) {
-							if (*++cp2 == '0') {
-							   char *cp3 = name;
-
-							   while (*cp3) {
-								*cp1++ = *cp3++;
-							   }
-							}
-							else if (toks[toknum =
-							    *cp2 - '1']) {
-							   char *cp3=tp[toknum];
-
-							   while (cp3 !=
-								  te[toknum]) {
-								*cp1++ = *cp3++;
-							   }
-							}
-						}
-						else if (*cp2) {
-							*cp1++ = *cp2++;
-						}
-					}
-					if (!*cp2) {
-						printf("nmap: unbalanced brackets\n");
-						return (name);
-					}
-					match = 1;
-					cp2--;
-				}
-				if (match) {
-					while (*++cp2 && *cp2 != ']') {
-					      if (*cp2 == '\\' && *(cp2 + 1)) {
-							cp2++;
-					      }
-					}
-					if (!*cp2) {
-						printf("nmap: unbalanced brackets\n");
-						return (name);
-					}
-					break;
-				}
-				switch (*++cp2) {
-					case ',':
-						goto LOOP;
-					case ']':
-						break;
-					default:
-						cp2--;
-						goto LOOP;
-				}
-				break;
-			case '$':
-				if (isdigit(*(cp2 + 1))) {
-					if (*++cp2 == '0') {
-						char *cp3 = name;
-
-						while (*cp3) {
-							*cp1++ = *cp3++;
-						}
-					}
-					else if (toks[toknum = *cp2 - '1']) {
-						char *cp3 = tp[toknum];
-
-						while (cp3 != te[toknum]) {
-							*cp1++ = *cp3++;
-						}
-					}
-					break;
-				}
-				/* intentional drop through */
-			default:
-				*cp1++ = *cp2;
-				break;
-		}
-		cp2++;
-	}
-	*cp1 = '\0';
-	if (!*new) {
-		return (name);
-	}
-	return (new);
-}
-
-void
-setpassive(int argc, char **argv)
-{
-
-	passivemode = !passivemode;
-	printf("Passive mode %s.\n", onoff(passivemode));
-	code = passivemode;
-}
-
-void
-setsunique(int argc, char **argv)
-{
-
-	sunique = !sunique;
-	printf("Store unique %s.\n", onoff(sunique));
-	code = sunique;
-}
-
-void
-setrunique(int argc, char **argv)
-{
-
-	runique = !runique;
-	printf("Receive unique %s.\n", onoff(runique));
-	code = runique;
-}
-
-/* change directory to perent directory */
-void
-cdup(int argc, char **argv)
-{
-
-	if (command("CDUP") == ERROR && code == 500) {
-		if (verbose)
-			printf("CDUP command not recognized, trying XCUP\n");
-		command("XCUP");
-	}
-}
-
-/* restart transfer at specific point */
-void
-restart(int argc, char **argv)
-{
-
-    if (argc != 2)
-	printf("restart: offset not specified\n");
-    else {
-	restart_point = atol(argv[1]);
-	printf("restarting at %ld. %s\n", (long)restart_point,
-	       "execute get, put or append to initiate transfer");
-    }
-}
-
-/* show remote system type */
-void
-syst(int argc, char **argv)
-{
-
-	command("SYST");
-}
-
-void
-macdef(int argc, char **argv)
-{
-	char *tmp;
-	int c;
-
-	if (macnum == 16) {
-		printf("Limit of 16 macros have already been defined\n");
-		code = -1;
-		return;
-	}
-	if (argc < 2 && !another(&argc, &argv, "macro name")) {
-		printf("Usage: %s macro_name\n",argv[0]);
-		code = -1;
-		return;
-	}
-	if (interactive) {
-		printf("Enter macro line by line, terminating it with a null line\n");
-	}
-	strncpy(macros[macnum].mac_name, argv[1], 8);
-	if (macnum == 0) {
-		macros[macnum].mac_start = macbuf;
-	}
-	else {
-		macros[macnum].mac_start = macros[macnum - 1].mac_end + 1;
-	}
-	tmp = macros[macnum].mac_start;
-	while (tmp != macbuf+4096) {
-		if ((c = getchar()) == EOF) {
-			printf("macdef:end of file encountered\n");
-			code = -1;
-			return;
-		}
-		if ((*tmp = c) == '\n') {
-			if (tmp == macros[macnum].mac_start) {
-				macros[macnum++].mac_end = tmp;
-				code = 0;
-				return;
-			}
-			if (*(tmp-1) == '\0') {
-				macros[macnum++].mac_end = tmp - 1;
-				code = 0;
-				return;
-			}
-			*tmp = '\0';
-		}
-		tmp++;
-	}
-	while (1) {
-		while ((c = getchar()) != '\n' && c != EOF)
-			/* LOOP */;
-		if (c == EOF || getchar() == '\n') {
-			printf("Macro not defined - 4k buffer exceeded\n");
-			code = -1;
-			return;
-		}
-	}
-}
-
-/*
- * get size of file on remote machine
- */
-void
-sizecmd(int argc, char **argv)
-{
-
-	if (argc < 2 && !another(&argc, &argv, "filename")) {
-		printf("usage: %s filename\n", argv[0]);
-		code = -1;
-		return;
-	}
-	command("SIZE %s", argv[1]);
-}
-
-/*
- * get last modification time of file on remote machine
- */
-void
-modtime(int argc, char **argv)
-{
-	int overbose;
-
-	if (argc < 2 && !another(&argc, &argv, "filename")) {
-		printf("usage: %s filename\n", argv[0]);
-		code = -1;
-		return;
-	}
-	overbose = verbose;
-	if (debug == 0)
-		verbose = -1;
-	if (command("MDTM %s", argv[1]) == COMPLETE) {
-		int yy, mo, day, hour, min, sec;
-		sscanf(reply_string, "%*s %04d%02d%02d%02d%02d%02d", &yy, &mo,
-			&day, &hour, &min, &sec);
-		/* might want to print this in local time */
-		printf("%s\t%02d/%02d/%04d %02d:%02d:%02d GMT\n", argv[1],
-			mo, day, yy, hour, min, sec);
-	} else
-		printf("%s\n", reply_string);
-	verbose = overbose;
-}
-
-/*
- * show status on reomte machine
- */
-void
-rmtstatus(int argc, char **argv)
-{
-
-	command(argc > 1 ? "STAT %s" : "STAT" , argv[1]);
-}
-
-/*
- * get file if modtime is more recent than current file
- */
-void
-newer(int argc, char **argv)
-{
-
-	if (getit(argc, argv, -1, "w"))
-		printf("Local file \"%s\" is newer than remote file \"%s\"\n",
-			argv[2], argv[1]);
-}
diff --git a/crypto/kerberosIV/appl/ftp/ftp/cmdtab.c b/crypto/kerberosIV/appl/ftp/ftp/cmdtab.c
deleted file mode 100644
index 9567e3c71d3a..000000000000
--- a/crypto/kerberosIV/appl/ftp/ftp/cmdtab.c
+++ /dev/null
@@ -1,193 +0,0 @@
-/*
- * Copyright (c) 1985, 1989, 1993, 1994
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "ftp_locl.h"
-
-/*
- * User FTP -- Command Tables.
- */
-
-char	accounthelp[] =	"send account command to remote server";
-char	appendhelp[] =	"append to a file";
-char	asciihelp[] =	"set ascii transfer type";
-char	beephelp[] =	"beep when command completed";
-char	binaryhelp[] =	"set binary transfer type";
-char	casehelp[] =	"toggle mget upper/lower case id mapping";
-char	cdhelp[] =	"change remote working directory";
-char	cduphelp[] = 	"change remote working directory to parent directory";
-char	chmodhelp[] =	"change file permissions of remote file";
-char	connecthelp[] =	"connect to remote tftp";
-char	crhelp[] =	"toggle carriage return stripping on ascii gets";
-char	deletehelp[] =	"delete remote file";
-char	debughelp[] =	"toggle/set debugging mode";
-char	dirhelp[] =	"list contents of remote directory";
-char	disconhelp[] =	"terminate ftp session";
-char	domachelp[] = 	"execute macro";
-char	formhelp[] =	"set file transfer format";
-char	globhelp[] =	"toggle metacharacter expansion of local file names";
-char	hashhelp[] =	"toggle printing `#' for each buffer transferred";
-char	helphelp[] =	"print local help information";
-char	idlehelp[] =	"get (set) idle timer on remote side";
-char	lcdhelp[] =	"change local working directory";
-char	lshelp[] =	"list contents of remote directory";
-char	macdefhelp[] =  "define a macro";
-char	mdeletehelp[] =	"delete multiple files";
-char	mdirhelp[] =	"list contents of multiple remote directories";
-char	mgethelp[] =	"get multiple files";
-char	mkdirhelp[] =	"make directory on the remote machine";
-char	mlshelp[] =	"list contents of multiple remote directories";
-char	modtimehelp[] = "show last modification time of remote file";
-char	modehelp[] =	"set file transfer mode";
-char	mputhelp[] =	"send multiple files";
-char	newerhelp[] =	"get file if remote file is newer than local file ";
-char	nlisthelp[] =	"nlist contents of remote directory";
-char	nmaphelp[] =	"set templates for default file name mapping";
-char	ntranshelp[] =	"set translation table for default file name mapping";
-char	porthelp[] =	"toggle use of PORT cmd for each data connection";
-char	prompthelp[] =	"force interactive prompting on multiple commands";
-char	proxyhelp[] =	"issue command on alternate connection";
-char	pwdhelp[] =	"print working directory on remote machine";
-char	quithelp[] =	"terminate ftp session and exit";
-char	quotehelp[] =	"send arbitrary ftp command";
-char	receivehelp[] =	"receive file";
-char	regethelp[] =	"get file restarting at end of local file";
-char	remotehelp[] =	"get help from remote server";
-char	renamehelp[] =	"rename file";
-char	restarthelp[]=	"restart file transfer at bytecount";
-char	rmdirhelp[] =	"remove directory on the remote machine";
-char	rmtstatushelp[]="show status of remote machine";
-char	runiquehelp[] = "toggle store unique for local files";
-char	resethelp[] =	"clear queued command replies";
-char	sendhelp[] =	"send one file";
-char	passivehelp[] =	"enter passive transfer mode";
-char	sitehelp[] =	"send site specific command to remote server\n\t\tTry \"rhelp site\" or \"site help\" for more information";
-char	shellhelp[] =	"escape to the shell";
-char	sizecmdhelp[] = "show size of remote file";
-char	statushelp[] =	"show current status";
-char	structhelp[] =	"set file transfer structure";
-char	suniquehelp[] = "toggle store unique on remote machine";
-char	systemhelp[] =  "show remote system type";
-char	tenexhelp[] =	"set tenex file transfer type";
-char	tracehelp[] =	"toggle packet tracing";
-char	typehelp[] =	"set file transfer type";
-char	umaskhelp[] =	"get (set) umask on remote side";
-char	userhelp[] =	"send new user information";
-char	verbosehelp[] =	"toggle verbose mode";
-
-char	prothelp[] = 	"set protection level";
-char	kauthhelp[] = 	"get remote tokens";
-char	klisthelp[] =	"show remote tickets";
-char	aklog[] = 	"obtain remote AFS tokens";
-
-struct cmd cmdtab[] = {
-	{ "!",		shellhelp,	0,	0,	0,	shell },
-	{ "$",		domachelp,	1,	0,	0,	domacro },
-	{ "account",	accounthelp,	0,	1,	1,	account},
-	{ "append",	appendhelp,	1,	1,	1,	put },
-	{ "ascii",	asciihelp,	0,	1,	1,	setascii },
-	{ "bell",	beephelp,	0,	0,	0,	setbell },
-	{ "binary",	binaryhelp,	0,	1,	1,	setbinary },
-	{ "bye",	quithelp,	0,	0,	0,	quit },
-	{ "case",	casehelp,	0,	0,	1,	setcase },
-	{ "cd",		cdhelp,		0,	1,	1,	cd },
-	{ "cdup",	cduphelp,	0,	1,	1,	cdup },
-	{ "chmod",	chmodhelp,	0,	1,	1,	do_chmod },
-	{ "close",	disconhelp,	0,	1,	1,	disconnect },
-	{ "cr",		crhelp,		0,	0,	0,	setcr },
-	{ "delete",	deletehelp,	0,	1,	1,	delete },
-	{ "debug",	debughelp,	0,	0,	0,	setdebug },
-	{ "dir",	dirhelp,	1,	1,	1,	ls },
-	{ "disconnect",	disconhelp,	0,	1,	1,	disconnect },
-	{ "form",	formhelp,	0,	1,	1,	setform },
-	{ "get",	receivehelp,	1,	1,	1,	get },
-	{ "glob",	globhelp,	0,	0,	0,	setglob },
-	{ "hash",	hashhelp,	0,	0,	0,	sethash },
-	{ "help",	helphelp,	0,	0,	1,	help },
-	{ "idle",	idlehelp,	0,	1,	1,	ftp_idle },
-	{ "image",	binaryhelp,	0,	1,	1,	setbinary },
-	{ "lcd",	lcdhelp,	0,	0,	0,	lcd },
-	{ "ls",		lshelp,		1,	1,	1,	ls },
-	{ "macdef",	macdefhelp,	0,	0,	0,	macdef },
-	{ "mdelete",	mdeletehelp,	1,	1,	1,	mdelete },
-	{ "mdir",	mdirhelp,	1,	1,	1,	mls },
-	{ "mget",	mgethelp,	1,	1,	1,	mget },
-	{ "mkdir",	mkdirhelp,	0,	1,	1,	makedir },
-	{ "mls",	mlshelp,	1,	1,	1,	mls },
-	{ "mode",	modehelp,	0,	1,	1,	setftmode },
-	{ "modtime",	modtimehelp,	0,	1,	1,	modtime },
-	{ "mput",	mputhelp,	1,	1,	1,	mput },
-	{ "newer",	newerhelp,	1,	1,	1,	newer },
-	{ "nmap",	nmaphelp,	0,	0,	1,	setnmap },
-	{ "nlist",	nlisthelp,	1,	1,	1,	ls },
-	{ "ntrans",	ntranshelp,	0,	0,	1,	setntrans },
-	{ "open",	connecthelp,	0,	0,	1,	setpeer },
-	{ "passive",	passivehelp,	0,	0,	0,	setpassive },
-	{ "prompt",	prompthelp,	0,	0,	0,	setprompt },
-	{ "proxy",	proxyhelp,	0,	0,	1,	doproxy },
-	{ "sendport",	porthelp,	0,	0,	0,	setport },
-	{ "put",	sendhelp,	1,	1,	1,	put },
-	{ "pwd",	pwdhelp,	0,	1,	1,	pwd },
-	{ "quit",	quithelp,	0,	0,	0,	quit },
-	{ "quote",	quotehelp,	1,	1,	1,	quote },
-	{ "recv",	receivehelp,	1,	1,	1,	get },
-	{ "reget",	regethelp,	1,	1,	1,	reget },
-	{ "rstatus",	rmtstatushelp,	0,	1,	1,	rmtstatus },
-	{ "rhelp",	remotehelp,	0,	1,	1,	rmthelp },
-	{ "rename",	renamehelp,	0,	1,	1,	renamefile },
-	{ "reset",	resethelp,	0,	1,	1,	reset },
-	{ "restart",	restarthelp,	1,	1,	1,	restart },
-	{ "rmdir",	rmdirhelp,	0,	1,	1,	removedir },
-	{ "runique",	runiquehelp,	0,	0,	1,	setrunique },
-	{ "send",	sendhelp,	1,	1,	1,	put },
-	{ "site",	sitehelp,	0,	1,	1,	site },
-	{ "size",	sizecmdhelp,	1,	1,	1,	sizecmd },
-	{ "status",	statushelp,	0,	0,	1,	status },
-	{ "struct",	structhelp,	0,	1,	1,	setstruct },
-	{ "system",	systemhelp,	0,	1,	1,	syst },
-	{ "sunique",	suniquehelp,	0,	0,	1,	setsunique },
-	{ "tenex",	tenexhelp,	0,	1,	1,	settenex },
-	{ "trace",	tracehelp,	0,	0,	0,	settrace },
-	{ "type",	typehelp,	0,	1,	1,	settype },
-	{ "user",	userhelp,	0,	1,	1,	user },
-	{ "umask",	umaskhelp,	0,	1,	1,	do_umask },
-	{ "verbose",	verbosehelp,	0,	0,	0,	setverbose },
-	{ "?",		helphelp,	0,	0,	1,	help },
-
-	{ "prot", 	prothelp, 	0, 	1, 	0,	sec_prot },
-	{ "kauth", 	kauthhelp, 	0, 	1, 	0,	kauth },
-	{ "klist", 	klisthelp, 	0, 	1, 	0,	klist },
-	
-	{ 0 },
-};
-
-int	NCMDS = (sizeof (cmdtab) / sizeof (cmdtab[0])) - 1;
diff --git a/crypto/kerberosIV/appl/ftp/ftp/domacro.c b/crypto/kerberosIV/appl/ftp/ftp/domacro.c
deleted file mode 100644
index f5a89b9f1201..000000000000
--- a/crypto/kerberosIV/appl/ftp/ftp/domacro.c
+++ /dev/null
@@ -1,138 +0,0 @@
-/*
- * Copyright (c) 1985, 1993, 1994
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "ftp_locl.h"
-RCSID("$Id: domacro.c,v 1.5 1996/11/17 20:23:10 assar Exp $");
-
-void
-domacro(int argc, char **argv)
-{
-	int i, j, count = 2, loopflg = 0;
-	char *cp1, *cp2, line2[200];
-	struct cmd *c;
-
-	if (argc < 2 && !another(&argc, &argv, "macro name")) {
-		printf("Usage: %s macro_name.\n", argv[0]);
-		code = -1;
-		return;
-	}
-	for (i = 0; i < macnum; ++i) {
-		if (!strncmp(argv[1], macros[i].mac_name, 9)) {
-			break;
-		}
-	}
-	if (i == macnum) {
-		printf("'%s' macro not found.\n", argv[1]);
-		code = -1;
-		return;
-	}
-	strcpy(line2, line);
-TOP:
-	cp1 = macros[i].mac_start;
-	while (cp1 != macros[i].mac_end) {
-		while (isspace(*cp1)) {
-			cp1++;
-		}
-		cp2 = line;
-		while (*cp1 != '\0') {
-		      switch(*cp1) {
-		   	    case '\\':
-				 *cp2++ = *++cp1;
-				 break;
-			    case '$':
-				 if (isdigit(*(cp1+1))) {
-				    j = 0;
-				    while (isdigit(*++cp1)) {
-					  j = 10*j +  *cp1 - '0';
-				    }
-				    cp1--;
-				    if (argc - 2 >= j) {
-					strcpy(cp2, argv[j+1]);
-					cp2 += strlen(argv[j+1]);
-				    }
-				    break;
-				 }
-				 if (*(cp1+1) == 'i') {
-					loopflg = 1;
-					cp1++;
-					if (count < argc) {
-					   strcpy(cp2, argv[count]);
-					   cp2 += strlen(argv[count]);
-					}
-					break;
-				}
-				/* intentional drop through */
-			    default:
-				*cp2++ = *cp1;
-				break;
-		      }
-		      if (*cp1 != '\0') {
-			 cp1++;
-		      }
-		}
-		*cp2 = '\0';
-		makeargv();
-		c = getcmd(margv[0]);
-		if (c == (struct cmd *)-1) {
-			printf("?Ambiguous command\n");
-			code = -1;
-		}
-		else if (c == 0) {
-			printf("?Invalid command\n");
-			code = -1;
-		}
-		else if (c->c_conn && !connected) {
-			printf("Not connected.\n");
-			code = -1;
-		}
-		else {
-			if (verbose) {
-				printf("%s\n",line);
-			}
-			(*c->c_handler)(margc, margv);
-			if (bell && c->c_bell) {
-				putchar('\007');
-			}
-			strcpy(line, line2);
-			makeargv();
-			argc = margc;
-			argv = margv;
-		}
-		if (cp1 != macros[i].mac_end) {
-			cp1++;
-		}
-	}
-	if (loopflg && ++count < argc) {
-		goto TOP;
-	}
-}
diff --git a/crypto/kerberosIV/appl/ftp/ftp/extern.h b/crypto/kerberosIV/appl/ftp/ftp/extern.h
deleted file mode 100644
index b830999d664b..000000000000
--- a/crypto/kerberosIV/appl/ftp/ftp/extern.h
+++ /dev/null
@@ -1,167 +0,0 @@
-/*-
- * Copyright (c) 1994 The Regents of the University of California.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)extern.h	8.3 (Berkeley) 10/9/94
- */
-
-/* $Id: extern.h,v 1.13 1997/04/20 05:46:48 assar Exp $ */
-
-#include <setjmp.h>
-#include <stdlib.h>
-#ifdef TIME_WITH_SYS_TIME
-#include <sys/time.h>
-#include <time.h>
-#elif defined(HAVE_SYS_TIME_H)
-#include <sys/time.h>
-#else
-#include <time.h>
-#endif
-#ifdef HAVE_SYS_SELECT_H
-#include <sys/select.h>
-#endif
-
-void    abort_remote (FILE *);
-void    abortpt (int);
-void    abortrecv (int);
-void	account (int, char **);
-int	another (int *, char ***, char *);
-void	blkfree (char **);
-void	cd (int, char **);
-void	cdup (int, char **);
-void	changetype (int, int);
-void	cmdabort (int);
-void	cmdscanner (int);
-int	command (char *fmt, ...);
-int	confirm (char *, char *);
-FILE   *dataconn (char *);
-void	delete (int, char **);
-void	disconnect (int, char **);
-void	do_chmod (int, char **);
-void	do_umask (int, char **);
-void	domacro (int, char **);
-char   *domap (char *);
-void	doproxy (int, char **);
-char   *dotrans (char *);
-int     empty (fd_set *, int);
-void	fatal (char *);
-void	get (int, char **);
-struct cmd *getcmd (char *);
-int	getit (int, char **, int, char *);
-int	getreply (int);
-int	globulize (char **);
-char   *gunique (char *);
-void	help (int, char **);
-char   *hookup (char *, int);
-void	ftp_idle (int, char **);
-int     initconn (void);
-void	intr (int);
-void	lcd (int, char **);
-int	login (char *);
-RETSIGTYPE	lostpeer (int);
-void	ls (int, char **);
-void	macdef (int, char **);
-void	makeargv (void);
-void	makedir (int, char **);
-void	mdelete (int, char **);
-void	mget (int, char **);
-void	mls (int, char **);
-void	modtime (int, char **);
-void	mput (int, char **);
-char   *onoff (int);
-void	newer (int, char **);
-void    proxtrans (char *, char *, char *);
-void    psabort (int);
-void    pswitch (int);
-void    ptransfer (char *, long, struct timeval *, struct timeval *);
-void	put (int, char **);
-void	pwd (int, char **);
-void	quit (int, char **);
-void	quote (int, char **);
-void	quote1 (char *, int, char **);
-void    recvrequest (char *, char *, char *, char *, int);
-void	reget (int, char **);
-char   *remglob (char **, int);
-void	removedir (int, char **);
-void	renamefile (int, char **);
-void    reset (int, char **);
-void	restart (int, char **);
-void	rmthelp (int, char **);
-void	rmtstatus (int, char **);
-int	ruserpass (char *, char **, char **, char **);
-void    sendrequest (char *, char *, char *, int);
-void	setascii (int, char **);
-void	setbell (int, char **);
-void	setbinary (int, char **);
-void	setcase (int, char **);
-void	setcr (int, char **);
-void	setdebug (int, char **);
-void	setform (int, char **);
-void	setftmode (int, char **);
-void	setglob (int, char **);
-void	sethash (int, char **);
-void	setnmap (int, char **);
-void	setntrans (int, char **);
-void	setpassive (int, char **);
-void	setpeer (int, char **);
-void	setport (int, char **);
-void	setprompt (int, char **);
-void	setrunique (int, char **);
-void	setstruct (int, char **);
-void	setsunique (int, char **);
-void	settenex (int, char **);
-void	settrace (int, char **);
-void	settype (int, char **);
-void	setverbose (int, char **);
-void	shell (int, char **);
-void	site (int, char **);
-void	sizecmd (int, char **);
-char   *slurpstring (void);
-void	status (int, char **);
-void	syst (int, char **);
-void    tvsub (struct timeval *, struct timeval *, struct timeval *);
-void	user (int, char **);
-
-extern jmp_buf	abortprox;
-extern int	abrtflag;
-extern struct	cmd cmdtab[];
-extern FILE	*cout;
-extern int	data;
-extern char    *home;
-extern jmp_buf	jabort;
-extern int	proxy;
-extern char	reply_string[];
-extern off_t	restart_point;
-extern int	NCMDS;
-
-extern char 	username[32];
-extern char	myhostname[];
-extern char	*mydomain;
diff --git a/crypto/kerberosIV/appl/ftp/ftp/ftp.c b/crypto/kerberosIV/appl/ftp/ftp/ftp.c
deleted file mode 100644
index cfabda6a5688..000000000000
--- a/crypto/kerberosIV/appl/ftp/ftp/ftp.c
+++ /dev/null
@@ -1,1658 +0,0 @@
-/*
- * Copyright (c) 1985, 1989, 1993, 1994
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "ftp_locl.h"
-RCSID("$Id: ftp.c,v 1.44 1997/05/18 20:00:31 assar Exp $");
-
-struct	sockaddr_in hisctladdr;
-struct	sockaddr_in data_addr;
-int	data = -1;
-int	abrtflag = 0;
-jmp_buf	ptabort;
-int	ptabflg;
-int	ptflag = 0;
-struct	sockaddr_in myctladdr;
-off_t	restart_point = 0;
-
-
-FILE	*cin, *cout;
-
-typedef void (*sighand)(int);
-
-char *
-hookup(char *host, int port)
-{
-    struct hostent *hp = 0;
-    int s, len, tos;
-    static char hostnamebuf[80];
-
-    memset(&hisctladdr, 0, sizeof (hisctladdr));
-    if(inet_aton(host, &hisctladdr.sin_addr)){
-	hisctladdr.sin_family = AF_INET;
-	strncpy(hostnamebuf, host, sizeof(hostnamebuf));
-    } else {
-	hp = gethostbyname(host);
-	if (hp == NULL) {
-#ifdef HAVE_H_ERRNO
-	    warnx("%s: %s", host, hstrerror(h_errno));
-#else
-	    warnx("%s: %s", host, "unknown error");
-#endif
-	    code = -1;
-	    return NULL;
-	}
-	hisctladdr.sin_family = hp->h_addrtype;
-	memmove(&hisctladdr.sin_addr,
-		hp->h_addr_list[0],
-		sizeof(hisctladdr.sin_addr));
-	strncpy(hostnamebuf, hp->h_name, sizeof(hostnamebuf));
-	hostnamebuf[sizeof(hostnamebuf) - 1] = '\0';
-    }
-    hostname = hostnamebuf;
-    s = socket(hisctladdr.sin_family, SOCK_STREAM, 0);
-    if (s < 0) {
-	warn("socket");
-	code = -1;
-	return (0);
-    }
-    hisctladdr.sin_port = port;
-    while (connect(s, (struct sockaddr *)&hisctladdr, sizeof (hisctladdr)) < 0) {
-	if (hp && hp->h_addr_list[1]) {
-	    int oerrno = errno;
-	    char *ia;
-
-	    ia = inet_ntoa(hisctladdr.sin_addr);
-	    errno = oerrno;
-	    warn("connect to address %s", ia);
-	    hp->h_addr_list++;
-	    memmove(&hisctladdr.sin_addr,
-		    hp->h_addr_list[0],
-		    sizeof(hisctladdr.sin_addr));
-	    fprintf(stdout, "Trying %s...\n",
-		    inet_ntoa(hisctladdr.sin_addr));
-	    close(s);
-	    s = socket(hisctladdr.sin_family, SOCK_STREAM, 0);
-	    if (s < 0) {
-		warn("socket");
-		code = -1;
-		return (0);
-	    }
-	    continue;
-	}
-	warn("connect");
-	code = -1;
-	goto bad;
-    }
-    len = sizeof (myctladdr);
-    if (getsockname(s, (struct sockaddr *)&myctladdr, &len) < 0) {
-	warn("getsockname");
-	code = -1;
-	goto bad;
-    }
-#if defined(IP_TOS) && defined(HAVE_SETSOCKOPT)
-    tos = IPTOS_LOWDELAY;
-    if (setsockopt(s, IPPROTO_IP, IP_TOS, (char *)&tos, sizeof(int)) < 0)
-	warn("setsockopt TOS (ignored)");
-#endif
-    cin = fdopen(s, "r");
-    cout = fdopen(s, "w");
-    if (cin == NULL || cout == NULL) {
-	warnx("fdopen failed.");
-	if (cin)
-	    fclose(cin);
-	if (cout)
-	    fclose(cout);
-	code = -1;
-	goto bad;
-    }
-    if (verbose)
-	printf("Connected to %s.\n", hostname);
-    if (getreply(0) > 2) { 	/* read startup message from server */
-	if (cin)
-	    fclose(cin);
-	if (cout)
-	    fclose(cout);
-	code = -1;
-	goto bad;
-    }
-#if defined(SO_OOBINLINE) && defined(HAVE_SETSOCKOPT)
-    {
-	int on = 1;
-
-	if (setsockopt(s, SOL_SOCKET, SO_OOBINLINE, (char *)&on, sizeof(on))
-	    < 0 && debug) {
-	    warn("setsockopt");
-	}
-    }
-#endif /* SO_OOBINLINE */
-
-    return (hostname);
-bad:
-    close(s);
-    return NULL;
-}
-
-int
-login(char *host)
-{
-    char tmp[80];
-    char defaultpass[128];
-    char *user, *pass, *acct;
-    int n, aflag = 0;
-
-    char *myname = NULL;
-    struct passwd *pw = k_getpwuid(getuid());
-    if (pw != NULL)
-	myname = pw->pw_name;
-
-    user = pass = acct = 0;
-
-    if(do_klogin(host))
-	printf("\n*** Using plaintext user and password ***\n\n");
-    else{
-	printf("Kerberos authentication successful.\n\n");
-    }
-
-    if (ruserpass(host, &user, &pass, &acct) < 0) {
-	code = -1;
-	return (0);
-    }
-    while (user == NULL) {
-	if (myname)
-	    printf("Name (%s:%s): ", host, myname);
-	else
-	    printf("Name (%s): ", host);
-	fgets(tmp, sizeof(tmp) - 1, stdin);
-	tmp[strlen(tmp) - 1] = '\0';
-	if (*tmp == '\0')
-	    user = myname;
-	else
-	    user = tmp;
-    }
-    strcpy(username, user);
-    n = command("USER %s", user);
-    if (n == CONTINUE) {
-	if(auth_complete)
-	    pass = myname;
-	else if (pass == NULL) {
-	    char prompt[128];
-	    if(myname && 
-	       (!strcmp(user, "ftp") || !strcmp(user, "anonymous"))){
-		snprintf(defaultpass, sizeof(defaultpass), "%s@%s", myname, mydomain);
-		snprintf(prompt, sizeof(prompt), "Password (%s): ", defaultpass);
-	    }else{
-		strcpy(defaultpass, "");
-		snprintf(prompt, sizeof(prompt), "Password: ");
-	    }
-	    pass = defaultpass;
-	    des_read_pw_string (tmp, sizeof(tmp), prompt, 0);
-	    if(tmp[0])
-		pass = tmp;
-	}
-	n = command("PASS %s", pass);
-    }
-    if (n == CONTINUE) {
-	aflag++;
-	acct = tmp;
-	des_read_pw_string(acct, 128, "Account:", 0);
-	n = command("ACCT %s", acct);
-    }
-    if (n != COMPLETE) {
-	warnx("Login failed.");
-	return (0);
-    }
-    if (!aflag && acct != NULL)
-	command("ACCT %s", acct);
-    if (proxy)
-	return (1);
-    for (n = 0; n < macnum; ++n) {
-	if (!strcmp("init", macros[n].mac_name)) {
-	    strcpy(line, "$init");
-	    makeargv();
-	    domacro(margc, margv);
-	    break;
-	}
-    }
-    sec_set_protection_level();
-    return (1);
-}
-
-void
-cmdabort(int sig)
-{
-
-    printf("\n");
-    fflush(stdout);
-    abrtflag++;
-    if (ptflag)
-	longjmp(ptabort,1);
-}
-
-int
-command(char *fmt, ...)
-{
-    va_list ap;
-    int r;
-    sighand oldintr;
-
-    abrtflag = 0;
-    if (cout == NULL) {
-	warn("No control connection for command");
-	code = -1;
-	return (0);
-    }
-    oldintr = signal(SIGINT, cmdabort);
-    va_start(ap, fmt);
-    if(debug){
-	printf("---> ");
-	if (strncmp("PASS ", fmt, 5) == 0)
-	    printf("PASS XXXX");
-	else 
-	    vfprintf(stdout, fmt, ap);
-	va_start(ap, fmt);
-    }
-    if(auth_complete)
-	krb4_write_enc(cout, fmt, ap);
-    else
-	vfprintf(cout, fmt, ap);
-    va_end(ap);
-    if(debug){
-	printf("\n");
-	fflush(stdout);
-    }
-    fprintf(cout, "\r\n");
-    fflush(cout);
-    cpend = 1;
-    r = getreply(!strcmp(fmt, "QUIT"));
-    if (abrtflag && oldintr != SIG_IGN)
-	(*oldintr)(SIGINT);
-    signal(SIGINT, oldintr);
-    return (r);
-}
-
-char reply_string[BUFSIZ];		/* last line of previous reply */
-
-int
-getreply(int expecteof)
-{
-    char *p;
-    char *lead_string;
-    int c;
-    struct sigaction sa, osa;
-    char buf[1024];
-
-    sigemptyset(&sa.sa_mask);
-    sa.sa_flags = 0;
-    sa.sa_handler = cmdabort;
-    sigaction(SIGINT, &sa, &osa);
-    
-    p = buf;
-
-    while(1){
-	c = getc(cin);
-	switch(c){
-	case EOF:
-	    if (expecteof) {
-		sigaction(SIGINT,&osa, NULL);
-		code = 221;
-		return 0;
-	    }
-	    lostpeer(0);
-	    if (verbose) {
-		printf("421 Service not available, "
-		       "remote server has closed connection\n");
-		fflush(stdout);
-	    }
-	    code = 421;
-	    return (4);
-	    break;
-	case IAC:
-	    c = getc(cin);
-	    if(c == WILL || c == WONT)
-		fprintf(cout, "%c%c%c", IAC, DONT, getc(cin));
-	    if(c == DO || c == DONT)
-		fprintf(cout, "%c%c%c", IAC, WONT, getc(cin));
-	    continue;
-	case '\n':
-	    *p++ = 0;
-	    if(isdigit(buf[0])){
-		sscanf(buf, "%d", &code);
-		if(code == 631){
-		    krb4_read_mic(buf);
-		    sscanf(buf, "%d", &code);
-		    lead_string = "S:";
-		} else if(code == 632){
-		    krb4_read_enc(buf);
-		    sscanf(buf, "%d", &code);
-		    lead_string = "P:";
-		}else if(code == 633){
-		    printf("Received confidential reply!\n");
-		}else if(auth_complete)
-		    lead_string = "!!";
-		else
-		    lead_string = "";
-		if(verbose > 0 || (verbose > -1 && code > 499))
-		    fprintf(stdout, "%s%s\n", lead_string, buf);
-		if(buf[3] == ' '){
-		    strcpy(reply_string, buf);
-		    if (code >= 200)
-			cpend = 0;
-		    sigaction(SIGINT, &osa, NULL);
-		    if (code == 421)
-			lostpeer(0);
-#if 1
-		    if (abrtflag && 
-			osa.sa_handler != cmdabort && 
-			osa.sa_handler != SIG_IGN)
-			osa.sa_handler(SIGINT);
-#endif
-		    if(code == 227){
-			char *p, *q;
-			pasv[0] = 0;
-			p = strchr(reply_string, '(');
-			if(p){
-			    p++;
-			    q = strchr(p, ')');
-			    if(q){
-				strncpy(pasv, p, q - p);
-				pasv[q - p] = 0;
-			    }
-			}
-		    }
-		    return code / 100;
-		}
-	    }else{
-		if(verbose > 0 || (verbose > -1 && code > 499)){
-		    if(auth_complete)
-			fprintf(stdout, "!!");
-		    fprintf(stdout, "%s\n", buf);
-		}
-	    }
-	    p = buf;
-	    continue;
-	default:
-	    *p++ = c;
-	}
-    }
-    
-}
-
-
-#if 0
-int
-getreply(int expecteof)
-{
-    int c, n;
-    int dig;
-    int originalcode = 0, continuation = 0;
-    sighand oldintr;
-    int pflag = 0;
-    char *cp, *pt = pasv;
-
-    oldintr = signal(SIGINT, cmdabort);
-    for (;;) {
-	dig = n = code = 0;
-	cp = reply_string;
-	while ((c = getc(cin)) != '\n') {
-	    if (c == IAC) {     /* handle telnet commands */
-		switch (c = getc(cin)) {
-		case WILL:
-		case WONT:
-		    c = getc(cin);
-		    fprintf(cout, "%c%c%c", IAC, DONT, c);
-		    fflush(cout);
-		    break;
-		case DO:
-		case DONT:
-		    c = getc(cin);
-		    fprintf(cout, "%c%c%c", IAC, WONT, c);
-		    fflush(cout);
-		    break;
-		default:
-		    break;
-		}
-		continue;
-	    }
-	    dig++;
-	    if (c == EOF) {
-		if (expecteof) {
-		    signal(SIGINT,oldintr);
-		    code = 221;
-		    return (0);
-		}
-		lostpeer(0);
-		if (verbose) {
-		    printf("421 Service not available, remote server has closed connection\n");
-		    fflush(stdout);
-		}
-		code = 421;
-		return (4);
-	    }
-	    if (c != '\r' && (verbose > 0 ||
-			      (verbose > -1 && n == '5' && dig > 4))) {
-		if (proxflag &&
-		    (dig == 1 || dig == 5 && verbose == 0))
-		    printf("%s:",hostname);
-		putchar(c);
-	    }
-	    if (dig < 4 && isdigit(c))
-		code = code * 10 + (c - '0');
-	    if (!pflag && code == 227)
-		pflag = 1;
-	    if (dig > 4 && pflag == 1 && isdigit(c))
-		pflag = 2;
-	    if (pflag == 2) {
-		if (c != '\r' && c != ')')
-		    *pt++ = c;
-		else {
-		    *pt = '\0';
-		    pflag = 3;
-		}
-	    }
-	    if (dig == 4 && c == '-') {
-		if (continuation)
-		    code = 0;
-		continuation++;
-	    }
-	    if (n == 0)
-		n = c;
-	    if (cp < &reply_string[sizeof(reply_string) - 1])
-		*cp++ = c;
-	}
-	if (verbose > 0 || verbose > -1 && n == '5') {
-	    putchar(c);
-	    fflush (stdout);
-	}
-	if (continuation && code != originalcode) {
-	    if (originalcode == 0)
-		originalcode = code;
-	    continue;
-	}
-	*cp = '\0';
-	if(auth_complete){
-	    if(code == 631)
-		krb4_read_mic(reply_string);
-	    else
-		krb4_read_enc(reply_string);
-	    n = code / 100 + '0';
-	}
-
-	if (n != '1')
-	    cpend = 0;
-	signal(SIGINT,oldintr);
-	if (code == 421 || originalcode == 421)
-	    lostpeer(0);
-	if (abrtflag && oldintr != cmdabort && oldintr != SIG_IGN)
-	    (*oldintr)(SIGINT);
-	return (n - '0');
-    }
-}
-#endif
-
-int
-empty(fd_set *mask, int sec)
-{
-    struct timeval t;
-
-    t.tv_sec = (long) sec;
-    t.tv_usec = 0;
-    return (select(32, mask, NULL, NULL, &t));
-}
-
-jmp_buf	sendabort;
-
-static RETSIGTYPE
-abortsend(int sig)
-{
-
-    mflag = 0;
-    abrtflag = 0;
-    printf("\nsend aborted\nwaiting for remote to finish abort\n");
-    fflush(stdout);
-    longjmp(sendabort, 1);
-}
-
-#define HASHBYTES 1024
-
-static int
-copy_stream(FILE *from, FILE *to)
-{
-    static size_t bufsize;
-    static char *buf;
-    int n;
-    int bytes = 0;
-    int werr;
-    int hashbytes = HASHBYTES;
-    struct stat st;
-    
-#ifdef HAVE_MMAP
-    void *chunk;
-
-#ifndef MAP_FAILED
-#define MAP_FAILED (-1)
-#endif
-
-    if(fstat(fileno(from), &st) == 0 && S_ISREG(st.st_mode)){
-	chunk = mmap(0, st.st_size, PROT_READ, MAP_SHARED, fileno(from), 0);
-	if (chunk != (void *)MAP_FAILED) {
-	    int res;
-
-	    res = sec_write(fileno(to), chunk, st.st_size);
-	    if (munmap(chunk, st.st_size) < 0)
-		warn ("munmap");
-	    sec_fflush(to);
-	    return res;
-	}
-    }
-#endif
-
-    buf = alloc_buffer (buf, &bufsize,
-			fstat(fileno(from), &st) >= 0 ? &st : NULL);
-    if (buf == NULL)
-	return -1;
-
-    while((n = read(fileno(from), buf, bufsize)) > 0){
-	werr = sec_write(fileno(to), buf, n);
-	if(werr < 0)
-	    break;
-	bytes += werr;
-	while(hash && bytes > hashbytes){
-	    putchar('#');
-	    hashbytes += HASHBYTES;
-	}
-    }
-    sec_fflush(to);
-    if(n < 0)
-	warn("local");
-
-    if(werr < 0){
-	if(errno != EPIPE)
-	    warn("netout");
-	bytes = -1;
-    }
-    return bytes;
-}
-
-void
-sendrequest(char *cmd, char *local, char *remote, int printnames)
-{
-    struct stat st;
-    struct timeval start, stop;
-    int c, d;
-    FILE *fin, *dout = 0;
-    int (*closefunc) (FILE *);
-    RETSIGTYPE (*oldintr)(), (*oldintp)();
-    long bytes = 0, hashbytes = HASHBYTES;
-    char *lmode;
-
-    if (verbose && printnames) {
-	if (local && *local != '-')
-	    printf("local: %s ", local);
-	if (remote)
-	    printf("remote: %s\n", remote);
-    }
-    if (proxy) {
-	proxtrans(cmd, local, remote);
-	return;
-    }
-    if (curtype != type)
-	changetype(type, 0);
-    closefunc = NULL;
-    oldintr = NULL;
-    oldintp = NULL;
-    lmode = "w";
-    if (setjmp(sendabort)) {
-	while (cpend) {
-	    getreply(0);
-	}
-	if (data >= 0) {
-	    close(data);
-	    data = -1;
-	}
-	if (oldintr)
-	    signal(SIGINT,oldintr);
-	if (oldintp)
-	    signal(SIGPIPE,oldintp);
-	code = -1;
-	return;
-    }
-    oldintr = signal(SIGINT, abortsend);
-    if (strcmp(local, "-") == 0)
-	fin = stdin;
-    else if (*local == '|') {
-	oldintp = signal(SIGPIPE,SIG_IGN);
-	fin = popen(local + 1, "r");
-	if (fin == NULL) {
-	    warn("%s", local + 1);
-	    signal(SIGINT, oldintr);
-	    signal(SIGPIPE, oldintp);
-	    code = -1;
-	    return;
-	}
-	closefunc = pclose;
-    } else {
-	fin = fopen(local, "r");
-	if (fin == NULL) {
-	    warn("local: %s", local);
-	    signal(SIGINT, oldintr);
-	    code = -1;
-	    return;
-	}
-	closefunc = fclose;
-	if (fstat(fileno(fin), &st) < 0 ||
-	    (st.st_mode&S_IFMT) != S_IFREG) {
-	    fprintf(stdout, "%s: not a plain file.\n", local);
-	    signal(SIGINT, oldintr);
-	    fclose(fin);
-	    code = -1;
-	    return;
-	}
-    }
-    if (initconn()) {
-	signal(SIGINT, oldintr);
-	if (oldintp)
-	    signal(SIGPIPE, oldintp);
-	code = -1;
-	if (closefunc != NULL)
-	    (*closefunc)(fin);
-	return;
-    }
-    if (setjmp(sendabort))
-	goto abort;
-
-    if (restart_point &&
-	(strcmp(cmd, "STOR") == 0 || strcmp(cmd, "APPE") == 0)) {
-	int rc;
-
-	switch (curtype) {
-	case TYPE_A:
-	    rc = fseek(fin, (long) restart_point, SEEK_SET);
-	    break;
-	case TYPE_I:
-	case TYPE_L:
-	    rc = lseek(fileno(fin), restart_point, SEEK_SET);
-	    break;
-	}
-	if (rc < 0) {
-	    warn("local: %s", local);
-	    restart_point = 0;
-	    if (closefunc != NULL)
-		(*closefunc)(fin);
-	    return;
-	}
-	if (command("REST %ld", (long) restart_point)
-	    != CONTINUE) {
-	    restart_point = 0;
-	    if (closefunc != NULL)
-		(*closefunc)(fin);
-	    return;
-	}
-	restart_point = 0;
-	lmode = "r+w";
-    }
-    if (remote) {
-	if (command("%s %s", cmd, remote) != PRELIM) {
-	    signal(SIGINT, oldintr);
-	    if (oldintp)
-		signal(SIGPIPE, oldintp);
-	    if (closefunc != NULL)
-		(*closefunc)(fin);
-	    return;
-	}
-    } else
-	if (command("%s", cmd) != PRELIM) {
-	    signal(SIGINT, oldintr);
-	    if (oldintp)
-		signal(SIGPIPE, oldintp);
-	    if (closefunc != NULL)
-		(*closefunc)(fin);
-	    return;
-	}
-    dout = dataconn(lmode);
-    if (dout == NULL)
-	goto abort;
-    set_buffer_size(fileno(dout), 0);
-    gettimeofday(&start, (struct timezone *)0);
-    oldintp = signal(SIGPIPE, SIG_IGN);
-    switch (curtype) {
-
-    case TYPE_I:
-    case TYPE_L:
-	errno = d = c = 0;
-	bytes = copy_stream(fin, dout);
-	break;
-
-    case TYPE_A:
-	while ((c = getc(fin)) != EOF) {
-	    if (c == '\n') {
-		while (hash && (bytes >= hashbytes)) {
-		    putchar('#');
-		    fflush(stdout);
-		    hashbytes += HASHBYTES;
-		}
-		if (ferror(dout))
-		    break;
-		sec_putc('\r', dout);
-		bytes++;
-	    }
-	    sec_putc(c, dout);
-	    bytes++;
-	}
-	sec_fflush(dout);
-	if (hash) {
-	    if (bytes < hashbytes)
-		putchar('#');
-	    putchar('\n');
-	    fflush(stdout);
-	}
-	if (ferror(fin))
-	    warn("local: %s", local);
-	if (ferror(dout)) {
-	    if (errno != EPIPE)
-		warn("netout");
-	    bytes = -1;
-	}
-	break;
-    }
-    if (closefunc != NULL)
-	(*closefunc)(fin);
-    fclose(dout);
-    gettimeofday(&stop, (struct timezone *)0);
-    getreply(0);
-    signal(SIGINT, oldintr);
-    if (oldintp)
-	signal(SIGPIPE, oldintp);
-    if (bytes > 0)
-	ptransfer("sent", bytes, &start, &stop);
-    return;
-abort:
-    signal(SIGINT, oldintr);
-    if (oldintp)
-	signal(SIGPIPE, oldintp);
-    if (!cpend) {
-	code = -1;
-	return;
-    }
-    if (data >= 0) {
-	close(data);
-	data = -1;
-    }
-    if (dout)
-	fclose(dout);
-    getreply(0);
-    code = -1;
-    if (closefunc != NULL && fin != NULL)
-	(*closefunc)(fin);
-    gettimeofday(&stop, (struct timezone *)0);
-    if (bytes > 0)
-	ptransfer("sent", bytes, &start, &stop);
-}
-
-jmp_buf	recvabort;
-
-void
-abortrecv(int sig)
-{
-
-    mflag = 0;
-    abrtflag = 0;
-    printf("\nreceive aborted\nwaiting for remote to finish abort\n");
-    fflush(stdout);
-    longjmp(recvabort, 1);
-}
-
-void
-recvrequest(char *cmd, char *local, char *remote, char *lmode, int printnames)
-{
-    FILE *fout, *din = 0;
-    int (*closefunc) (FILE *);
-    sighand oldintr, oldintp;
-    int c, d, is_retr, tcrflag, bare_lfs = 0;
-    static size_t bufsize;
-    static char *buf;
-    long bytes = 0, hashbytes = HASHBYTES;
-    struct timeval start, stop;
-    struct stat st;
-
-    is_retr = strcmp(cmd, "RETR") == 0;
-    if (is_retr && verbose && printnames) {
-	if (local && *local != '-')
-	    printf("local: %s ", local);
-	if (remote)
-	    printf("remote: %s\n", remote);
-    }
-    if (proxy && is_retr) {
-	proxtrans(cmd, local, remote);
-	return;
-    }
-    closefunc = NULL;
-    oldintr = NULL;
-    oldintp = NULL;
-    tcrflag = !crflag && is_retr;
-    if (setjmp(recvabort)) {
-	while (cpend) {
-	    getreply(0);
-	}
-	if (data >= 0) {
-	    close(data);
-	    data = -1;
-	}
-	if (oldintr)
-	    signal(SIGINT, oldintr);
-	code = -1;
-	return;
-    }
-    oldintr = signal(SIGINT, abortrecv);
-    if (strcmp(local, "-") && *local != '|') {
-	if (access(local, 2) < 0) {
-	    char *dir = strrchr(local, '/');
-
-	    if (errno != ENOENT && errno != EACCES) {
-		warn("local: %s", local);
-		signal(SIGINT, oldintr);
-		code = -1;
-		return;
-	    }
-	    if (dir != NULL)
-		*dir = 0;
-	    d = access(dir ? local : ".", 2);
-	    if (dir != NULL)
-		*dir = '/';
-	    if (d < 0) {
-		warn("local: %s", local);
-		signal(SIGINT, oldintr);
-		code = -1;
-		return;
-	    }
-	    if (!runique && errno == EACCES &&
-		chmod(local, 0600) < 0) {
-		warn("local: %s", local);
-		signal(SIGINT, oldintr);
-		signal(SIGINT, oldintr);
-		code = -1;
-		return;
-	    }
-	    if (runique && errno == EACCES &&
-		(local = gunique(local)) == NULL) {
-		signal(SIGINT, oldintr);
-		code = -1;
-		return;
-	    }
-	}
-	else if (runique && (local = gunique(local)) == NULL) {
-	    signal(SIGINT, oldintr);
-	    code = -1;
-	    return;
-	}
-    }
-    if (!is_retr) {
-	if (curtype != TYPE_A)
-	    changetype(TYPE_A, 0);
-    } else if (curtype != type)
-	changetype(type, 0);
-    if (initconn()) {
-	signal(SIGINT, oldintr);
-	code = -1;
-	return;
-    }
-    if (setjmp(recvabort))
-	goto abort;
-    if (is_retr && restart_point &&
-	command("REST %ld", (long) restart_point) != CONTINUE)
-	return;
-    if (remote) {
-	if (command("%s %s", cmd, remote) != PRELIM) {
-	    signal(SIGINT, oldintr);
-	    return;
-	}
-    } else {
-	if (command("%s", cmd) != PRELIM) {
-	    signal(SIGINT, oldintr);
-	    return;
-	}
-    }
-    din = dataconn("r");
-    if (din == NULL)
-	goto abort;
-    set_buffer_size(fileno(din), 1);
-    if (strcmp(local, "-") == 0)
-	fout = stdout;
-    else if (*local == '|') {
-	oldintp = signal(SIGPIPE, SIG_IGN);
-	fout = popen(local + 1, "w");
-	if (fout == NULL) {
-	    warn("%s", local+1);
-	    goto abort;
-	}
-	closefunc = pclose;
-    } else {
-	fout = fopen(local, lmode);
-	if (fout == NULL) {
-	    warn("local: %s", local);
-	    goto abort;
-	}
-	closefunc = fclose;
-    }
-    buf = alloc_buffer (buf, &bufsize,
-			fstat(fileno(fout), &st) >= 0 ? &st : NULL);
-    if (buf == NULL)
-	goto abort;
-
-    gettimeofday(&start, (struct timezone *)0);
-    switch (curtype) {
-
-    case TYPE_I:
-    case TYPE_L:
-	if (restart_point &&
-	    lseek(fileno(fout), restart_point, SEEK_SET) < 0) {
-	    warn("local: %s", local);
-	    if (closefunc != NULL)
-		(*closefunc)(fout);
-	    return;
-	}
-	errno = d = 0;
-	while ((c = sec_read(fileno(din), buf, bufsize)) > 0) {
-	    if ((d = write(fileno(fout), buf, c)) != c)
-		break;
-	    bytes += c;
-	    if (hash) {
-		while (bytes >= hashbytes) {
-		    putchar('#');
-		    hashbytes += HASHBYTES;
-		}
-		fflush(stdout);
-	    }
-	}
-	if (hash && bytes > 0) {
-	    if (bytes < HASHBYTES)
-		putchar('#');
-	    putchar('\n');
-	    fflush(stdout);
-	}
-	if (c < 0) {
-	    if (errno != EPIPE)
-		warn("netin");
-	    bytes = -1;
-	}
-	if (d < c) {
-	    if (d < 0)
-		warn("local: %s", local);
-	    else
-		warnx("%s: short write", local);
-	}
-	break;
-
-    case TYPE_A:
-	if (restart_point) {
-	    int i, n, ch;
-
-	    if (fseek(fout, 0L, SEEK_SET) < 0)
-		goto done;
-	    n = restart_point;
-	    for (i = 0; i++ < n;) {
-		if ((ch = sec_getc(fout)) == EOF)
-		    goto done;
-		if (ch == '\n')
-		    i++;
-	    }
-	    if (fseek(fout, 0L, SEEK_CUR) < 0) {
-	    done:
-		warn("local: %s", local);
-		if (closefunc != NULL)
-		    (*closefunc)(fout);
-		return;
-	    }
-	}
-
-	while ((c = sec_getc(din)) != EOF) {
-	    if (c == '\n')
-		bare_lfs++;
-	    while (c == '\r') {
-		while (hash && (bytes >= hashbytes)) {
-		    putchar('#');
-		    fflush(stdout);
-		    hashbytes += HASHBYTES;
-		}
-		bytes++;
-		if ((c = sec_getc(din)) != '\n' || tcrflag) {
-		    if (ferror(fout))
-			goto break2;
-		    putc('\r', fout);
-		    if (c == '\0') {
-			bytes++;
-			goto contin2;
-		    }
-		    if (c == EOF)
-			goto contin2;
-		}
-	    }
-	    putc(c, fout);
-	    bytes++;
-	contin2:	;
-	}
-    break2:
-	if (bare_lfs) {
-	    printf("WARNING! %d bare linefeeds received in ASCII mode\n",
-		   bare_lfs);
-	    printf("File may not have transferred correctly.\n");
-	}
-	if (hash) {
-	    if (bytes < hashbytes)
-		putchar('#');
-	    putchar('\n');
-	    fflush(stdout);
-	}
-	if (ferror(din)) {
-	    if (errno != EPIPE)
-		warn("netin");
-	    bytes = -1;
-	}
-	if (ferror(fout))
-	    warn("local: %s", local);
-	break;
-    }
-    if (closefunc != NULL)
-	(*closefunc)(fout);
-    signal(SIGINT, oldintr);
-    if (oldintp)
-	signal(SIGPIPE, oldintp);
-    fclose(din);
-    gettimeofday(&stop, (struct timezone *)0);
-    getreply(0);
-    if (bytes > 0 && is_retr)
-	ptransfer("received", bytes, &start, &stop);
-    return;
-abort:
-
-    /* abort using RFC959 recommended IP,SYNC sequence  */
-
-    if (oldintp)
-	signal(SIGPIPE, oldintr);
-    signal(SIGINT, SIG_IGN);
-    if (!cpend) {
-	code = -1;
-	signal(SIGINT, oldintr);
-	return;
-    }
-
-    abort_remote(din);
-    code = -1;
-    if (data >= 0) {
-	close(data);
-	data = -1;
-    }
-    if (closefunc != NULL && fout != NULL)
-	(*closefunc)(fout);
-    if (din)
-	fclose(din);
-    gettimeofday(&stop, (struct timezone *)0);
-    if (bytes > 0)
-	ptransfer("received", bytes, &start, &stop);
-    signal(SIGINT, oldintr);
-}
-
-/*
- * Need to start a listen on the data channel before we send the command,
- * otherwise the server's connect may fail.
- */
-int
-initconn(void)
-{
-    int result, len, tmpno = 0;
-    int on = 1;
-    int a0, a1, a2, a3, p0, p1;
-
-    if (passivemode) {
-	data = socket(AF_INET, SOCK_STREAM, 0);
-	if (data < 0) {
-	    perror("ftp: socket");
-	    return(1);
-	}
-#if defined(SO_DEBUG) && defined(HAVE_SETSOCKOPT)
-	if ((options & SO_DEBUG) &&
-	    setsockopt(data, SOL_SOCKET, SO_DEBUG, (char *)&on,
-		       sizeof (on)) < 0)
-	    perror("ftp: setsockopt (ignored)");
-#endif
-	if (command("PASV") != COMPLETE) {
-	    printf("Passive mode refused.\n");
-	    goto bad;
-	}
-
-	/*
-	 * What we've got at this point is a string of comma
-	 * separated one-byte unsigned integer values.
-	 * The first four are the an IP address. The fifth is
-	 * the MSB of the port number, the sixth is the LSB.
-	 * From that we'll prepare a sockaddr_in.
-	 */
-
-	if (sscanf(pasv,"%d,%d,%d,%d,%d,%d",
-		   &a0, &a1, &a2, &a3, &p0, &p1) != 6) {
-	    printf("Passive mode address scan failure. "
-		   "Shouldn't happen!\n");
-	    goto bad;
-	}
-	if(a0 < 0 || a0 > 255 || 
-	   a1 < 0 || a1 > 255 || 
-	   a2 < 0 || a2 > 255 || 
-	   a3 < 0 || a3 > 255 || 
-	   p0 < 0 || p0 > 255 || 
-	   p1 < 0 || p1 > 255){
-	    printf("Can't parse passive mode string.\n");
-	    goto bad;
-	}
-	
-	memset(&data_addr, 0, sizeof(data_addr));
-	data_addr.sin_family = AF_INET;
-	data_addr.sin_addr.s_addr = htonl((a0 << 24) | (a1 << 16) | 
-					  (a2 << 8) | a3);
-	data_addr.sin_port = htons((p0 << 8) | p1);
-
-	if (connect(data, (struct sockaddr *)&data_addr,
-		    sizeof(data_addr)) < 0) {
-	    perror("ftp: connect");
-	    goto bad;
-	}
-#if defined(IP_TOS) && defined(HAVE_SETSOCKOPT)
-	on = IPTOS_THROUGHPUT;
-	if (setsockopt(data, IPPROTO_IP, IP_TOS, (char *)&on,
-		       sizeof(int)) < 0)
-	    perror("ftp: setsockopt TOS (ignored)");
-#endif
-	return(0);
-    }
-
-noport:
-    data_addr = myctladdr;
-    if (sendport)
-	data_addr.sin_port = 0;	/* let system pick one */ 
-    if (data != -1)
-	close(data);
-    data = socket(AF_INET, SOCK_STREAM, 0);
-    if (data < 0) {
-	warn("socket");
-	if (tmpno)
-	    sendport = 1;
-	return (1);
-    }
-#if defined(SO_REUSEADDR) && defined(HAVE_SETSOCKOPT)
-    if (!sendport)
-	if (setsockopt(data, SOL_SOCKET, SO_REUSEADDR, (char *)&on, sizeof (on)) < 0) {
-	    warn("setsockopt (reuse address)");
-	    goto bad;
-	}
-#endif
-    if (bind(data, (struct sockaddr *)&data_addr, sizeof (data_addr)) < 0) {
-	warn("bind");
-	goto bad;
-    }
-#if defined(SO_DEBUG) && defined(HAVE_SETSOCKOPT)
-    if (options & SO_DEBUG &&
-	setsockopt(data, SOL_SOCKET, SO_DEBUG, (char *)&on, sizeof (on)) < 0)
-	warn("setsockopt (ignored)");
-#endif
-    len = sizeof (data_addr);
-    if (getsockname(data, (struct sockaddr *)&data_addr, &len) < 0) {
-	warn("getsockname");
-	goto bad;
-    }
-    if (listen(data, 1) < 0)
-	warn("listen");
-    if (sendport) {
-	unsigned int a = ntohl(data_addr.sin_addr.s_addr);
-	unsigned int p = ntohs(data_addr.sin_port);
-	result = command("PORT %d,%d,%d,%d,%d,%d", 
-			 (a >> 24) & 0xff,
-			 (a >> 16) & 0xff,
-			 (a >> 8) & 0xff,
-			 a & 0xff,
-			 (p >> 8) & 0xff,
-			 p & 0xff);
-	if (result == ERROR && sendport == -1) {
-	    sendport = 0;
-	    tmpno = 1;
-	    goto noport;
-	}
-	return (result != COMPLETE);
-    }
-    if (tmpno)
-	sendport = 1;
-#if defined(IP_TOS) && defined(HAVE_SETSOCKOPT)
-    on = IPTOS_THROUGHPUT;
-    if (setsockopt(data, IPPROTO_IP, IP_TOS, (char *)&on, sizeof(int)) < 0)
-	warn("setsockopt TOS (ignored)");
-#endif
-    return (0);
-bad:
-    close(data), data = -1;
-    if (tmpno)
-	sendport = 1;
-    return (1);
-}
-
-FILE *
-dataconn(char *lmode)
-{
-    struct sockaddr_in from;
-    int s, fromlen = sizeof (from), tos;
-
-    if (passivemode)
-	return (fdopen(data, lmode));
-
-    s = accept(data, (struct sockaddr *) &from, &fromlen);
-    if (s < 0) {
-	warn("accept");
-	close(data), data = -1;
-	return (NULL);
-    }
-    close(data);
-    data = s;
-#if defined(IP_TOS) && defined(HAVE_SETSOCKOPT)
-    tos = IPTOS_THROUGHPUT;
-    if (setsockopt(s, IPPROTO_IP, IP_TOS, (char *)&tos, sizeof(int)) < 0)
-	warn("setsockopt TOS (ignored)");
-#endif
-    return (fdopen(data, lmode));
-}
-
-void
-ptransfer(char *direction, long int bytes, 
-	  struct timeval *t0, struct timeval *t1)
-{
-    struct timeval td;
-    float s;
-    float bs;
-    int prec;
-    char *unit;
-    
-    if (verbose) {
-	td.tv_sec = t1->tv_sec - t0->tv_sec;
-	td.tv_usec = t1->tv_usec - t0->tv_usec;
-	if(td.tv_usec < 0){
-	    td.tv_sec--;
-	    td.tv_usec += 1000000;
-	}
-	s = td.tv_sec + (td.tv_usec / 1000000.);
-	bs = bytes / (s?s:1);
-	if(bs >= 1048576){
-	    bs /= 1048576;
-	    unit = "M";
-	    prec = 2;
-	}else if(bs >= 1024){
-	    bs /= 1024;
-	    unit = "k";
-	    prec = 1;
-	}else{
-	    unit = "";
-	    prec = 0;
-	}
-	
-	printf("%ld bytes %s in %.3g seconds (%.*f %sbyte/s)\n",
-	       bytes, direction, s, prec, bs, unit);
-    }
-}
-
-void
-psabort(int sig)
-{
-
-    abrtflag++;
-}
-
-void
-pswitch(int flag)
-{
-    sighand oldintr;
-    static struct comvars {
-	int connect;
-	char name[MaxHostNameLen];
-	struct sockaddr_in mctl;
-	struct sockaddr_in hctl;
-	FILE *in;
-	FILE *out;
-	int tpe;
-	int curtpe;
-	int cpnd;
-	int sunqe;
-	int runqe;
-	int mcse;
-	int ntflg;
-	char nti[17];
-	char nto[17];
-	int mapflg;
-	char mi[MaxPathLen];
-	char mo[MaxPathLen];
-    } proxstruct, tmpstruct;
-    struct comvars *ip, *op;
-
-    abrtflag = 0;
-    oldintr = signal(SIGINT, psabort);
-    if (flag) {
-	if (proxy)
-	    return;
-	ip = &tmpstruct;
-	op = &proxstruct;
-	proxy++;
-    } else {
-	if (!proxy)
-	    return;
-	ip = &proxstruct;
-	op = &tmpstruct;
-	proxy = 0;
-    }
-    ip->connect = connected;
-    connected = op->connect;
-    if (hostname) {
-	strncpy(ip->name, hostname, sizeof(ip->name) - 1);
-	ip->name[strlen(ip->name)] = '\0';
-    } else
-	ip->name[0] = 0;
-    hostname = op->name;
-    ip->hctl = hisctladdr;
-    hisctladdr = op->hctl;
-    ip->mctl = myctladdr;
-    myctladdr = op->mctl;
-    ip->in = cin;
-    cin = op->in;
-    ip->out = cout;
-    cout = op->out;
-    ip->tpe = type;
-    type = op->tpe;
-    ip->curtpe = curtype;
-    curtype = op->curtpe;
-    ip->cpnd = cpend;
-    cpend = op->cpnd;
-    ip->sunqe = sunique;
-    sunique = op->sunqe;
-    ip->runqe = runique;
-    runique = op->runqe;
-    ip->mcse = mcase;
-    mcase = op->mcse;
-    ip->ntflg = ntflag;
-    ntflag = op->ntflg;
-    strncpy(ip->nti, ntin, 16);
-    (ip->nti)[strlen(ip->nti)] = '\0';
-    strcpy(ntin, op->nti);
-    strncpy(ip->nto, ntout, 16);
-    (ip->nto)[strlen(ip->nto)] = '\0';
-    strcpy(ntout, op->nto);
-    ip->mapflg = mapflag;
-    mapflag = op->mapflg;
-    strncpy(ip->mi, mapin, MaxPathLen - 1);
-    (ip->mi)[strlen(ip->mi)] = '\0';
-    strcpy(mapin, op->mi);
-    strncpy(ip->mo, mapout, MaxPathLen - 1);
-    (ip->mo)[strlen(ip->mo)] = '\0';
-    strcpy(mapout, op->mo);
-    signal(SIGINT, oldintr);
-    if (abrtflag) {
-	abrtflag = 0;
-	(*oldintr)(SIGINT);
-    }
-}
-
-void
-abortpt(int sig)
-{
-
-    printf("\n");
-    fflush(stdout);
-    ptabflg++;
-    mflag = 0;
-    abrtflag = 0;
-    longjmp(ptabort, 1);
-}
-
-void
-proxtrans(char *cmd, char *local, char *remote)
-{
-    sighand oldintr;
-    int secndflag = 0, prox_type, nfnd;
-    char *cmd2;
-    fd_set mask;
-
-    if (strcmp(cmd, "RETR"))
-	cmd2 = "RETR";
-    else
-	cmd2 = runique ? "STOU" : "STOR";
-    if ((prox_type = type) == 0) {
-	if (unix_server && unix_proxy)
-	    prox_type = TYPE_I;
-	else
-	    prox_type = TYPE_A;
-    }
-    if (curtype != prox_type)
-	changetype(prox_type, 1);
-    if (command("PASV") != COMPLETE) {
-	printf("proxy server does not support third party transfers.\n");
-	return;
-    }
-    pswitch(0);
-    if (!connected) {
-	printf("No primary connection\n");
-	pswitch(1);
-	code = -1;
-	return;
-    }
-    if (curtype != prox_type)
-	changetype(prox_type, 1);
-    if (command("PORT %s", pasv) != COMPLETE) {
-	pswitch(1);
-	return;
-    }
-    if (setjmp(ptabort))
-	goto abort;
-    oldintr = signal(SIGINT, abortpt);
-    if (command("%s %s", cmd, remote) != PRELIM) {
-	signal(SIGINT, oldintr);
-	pswitch(1);
-	return;
-    }
-    sleep(2);
-    pswitch(1);
-    secndflag++;
-    if (command("%s %s", cmd2, local) != PRELIM)
-	goto abort;
-    ptflag++;
-    getreply(0);
-    pswitch(0);
-    getreply(0);
-    signal(SIGINT, oldintr);
-    pswitch(1);
-    ptflag = 0;
-    printf("local: %s remote: %s\n", local, remote);
-    return;
-abort:
-    signal(SIGINT, SIG_IGN);
-    ptflag = 0;
-    if (strcmp(cmd, "RETR") && !proxy)
-	pswitch(1);
-    else if (!strcmp(cmd, "RETR") && proxy)
-	pswitch(0);
-    if (!cpend && !secndflag) {  /* only here if cmd = "STOR" (proxy=1) */
-	if (command("%s %s", cmd2, local) != PRELIM) {
-	    pswitch(0);
-	    if (cpend)
-		abort_remote((FILE *) NULL);
-	}
-	pswitch(1);
-	if (ptabflg)
-	    code = -1;
-	signal(SIGINT, oldintr);
-	return;
-    }
-    if (cpend)
-	abort_remote((FILE *) NULL);
-    pswitch(!proxy);
-    if (!cpend && !secndflag) {  /* only if cmd = "RETR" (proxy=1) */
-	if (command("%s %s", cmd2, local) != PRELIM) {
-	    pswitch(0);
-	    if (cpend)
-		abort_remote((FILE *) NULL);
-	    pswitch(1);
-	    if (ptabflg)
-		code = -1;
-	    signal(SIGINT, oldintr);
-	    return;
-	}
-    }
-    if (cpend)
-	abort_remote((FILE *) NULL);
-    pswitch(!proxy);
-    if (cpend) {
-	FD_ZERO(&mask);
-	FD_SET(fileno(cin), &mask);
-	if ((nfnd = empty(&mask, 10)) <= 0) {
-	    if (nfnd < 0) {
-		warn("abort");
-	    }
-	    if (ptabflg)
-		code = -1;
-	    lostpeer(0);
-	}
-	getreply(0);
-	getreply(0);
-    }
-    if (proxy)
-	pswitch(0);
-    pswitch(1);
-    if (ptabflg)
-	code = -1;
-    signal(SIGINT, oldintr);
-}
-
-void
-reset(int argc, char **argv)
-{
-    fd_set mask;
-    int nfnd = 1;
-
-    FD_ZERO(&mask);
-    while (nfnd > 0) {
-	FD_SET(fileno(cin), &mask);
-	if ((nfnd = empty(&mask,0)) < 0) {
-	    warn("reset");
-	    code = -1;
-	    lostpeer(0);
-	}
-	else if (nfnd) {
-	    getreply(0);
-	}
-    }
-}
-
-char *
-gunique(char *local)
-{
-    static char new[MaxPathLen];
-    char *cp = strrchr(local, '/');
-    int d, count=0;
-    char ext = '1';
-
-    if (cp)
-	*cp = '\0';
-    d = access(cp ? local : ".", 2);
-    if (cp)
-	*cp = '/';
-    if (d < 0) {
-	warn("local: %s", local);
-	return NULL;
-    }
-    strcpy(new, local);
-    cp = new + strlen(new);
-    *cp++ = '.';
-    while (!d) {
-	if (++count == 100) {
-	    printf("runique: can't find unique file name.\n");
-	    return NULL;
-	}
-	*cp++ = ext;
-	*cp = '\0';
-	if (ext == '9')
-	    ext = '0';
-	else
-	    ext++;
-	if ((d = access(new, 0)) < 0)
-	    break;
-	if (ext != '0')
-	    cp--;
-	else if (*(cp - 2) == '.')
-	    *(cp - 1) = '1';
-	else {
-	    *(cp - 2) = *(cp - 2) + 1;
-	    cp--;
-	}
-    }
-    return (new);
-}
-
-void
-abort_remote(FILE *din)
-{
-    char buf[BUFSIZ];
-    int nfnd;
-    fd_set mask;
-
-    /*
-     * send IAC in urgent mode instead of DM because 4.3BSD places oob mark
-     * after urgent byte rather than before as is protocol now
-     */
-    snprintf(buf, sizeof(buf), "%c%c%c", IAC, IP, IAC);
-    if (send(fileno(cout), buf, 3, MSG_OOB) != 3)
-	warn("abort");
-    fprintf(cout,"%cABOR\r\n", DM);
-    fflush(cout);
-    FD_ZERO(&mask);
-    FD_SET(fileno(cin), &mask);
-    if (din) { 
-	FD_SET(fileno(din), &mask);
-    }
-    if ((nfnd = empty(&mask, 10)) <= 0) {
-	if (nfnd < 0) {
-	    warn("abort");
-	}
-	if (ptabflg)
-	    code = -1;
-	lostpeer(0);
-    }
-    if (din && FD_ISSET(fileno(din), &mask)) {
-	while (read(fileno(din), buf, BUFSIZ) > 0)
-	    /* LOOP */;
-    }
-    if (getreply(0) == ERROR && code == 552) {
-	/* 552 needed for nic style abort */
-	getreply(0);
-    }
-    getreply(0);
-}
diff --git a/crypto/kerberosIV/appl/ftp/ftp/ftp_locl.h b/crypto/kerberosIV/appl/ftp/ftp/ftp_locl.h
deleted file mode 100644
index 6ead7932ddf4..000000000000
--- a/crypto/kerberosIV/appl/ftp/ftp/ftp_locl.h
+++ /dev/null
@@ -1,145 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* $Id: ftp_locl.h,v 1.29 1997/05/20 18:40:28 bg Exp $ */
-
-#ifndef __FTP_LOCL_H__
-#define __FTP_LOCL_H__
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-
-#include <sys/cdefs.h>
-
-#ifdef HAVE_PWD_H
-#include <pwd.h>
-#endif
-#include <signal.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <stdarg.h>
-#include <string.h>
-#ifdef TIME_WITH_SYS_TIME
-#include <sys/time.h>
-#include <time.h>
-#elif defined(HAVE_SYS_TIME_H)
-#include <sys/time.h>
-#else
-#include <time.h>
-#endif
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_PARAM_H
-#include <sys/param.h>
-#endif
-#ifdef HAVE_SYS_RESOURCE_H
-#include <sys/resource.h>
-#endif
-#ifdef HAVE_SYS_WAIT_H
-#include <sys/wait.h>
-#endif
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_NETINET_IN_SYSTM_H
-#include <netinet/in_systm.h>
-#endif
-#ifdef HAVE_NETINET_IP_H
-#include <netinet/ip.h>
-#endif
-
-#ifdef HAVE_ARPA_FTP_H
-#include <arpa/ftp.h>
-#endif
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-#ifdef HAVE_ARPA_TELNET_H
-#include <arpa/telnet.h>
-#endif
-
-#include <errno.h>
-#include <ctype.h>
-#include <glob.h>
-#ifdef HAVE_NETDB_H
-#include <netdb.h>
-#endif
-
-#ifdef HAVE_SYS_MMAN_H
-#include <sys/mman.h>
-#endif
-
-#include <err.h>
-
-#ifdef SOCKS
-#include <socks.h>
-extern int LIBPREFIX(fclose)      __P((FILE *));
-#endif
-
-#include "ftp_var.h"
-#include "extern.h"
-#include "common.h"
-#include "pathnames.h"
-
-#include <des.h>
-
-#include <krb.h>
-
-#include "krb4.h"
-
-#include "roken.h"
-
-#if defined(__sun__) && !defined(__svr4)
-int fclose(FILE*);
-int pclose(FILE*);
-#endif
-
-#endif /* __FTP_LOCL_H__ */
diff --git a/crypto/kerberosIV/appl/ftp/ftp/ftp_var.h b/crypto/kerberosIV/appl/ftp/ftp/ftp_var.h
deleted file mode 100644
index ffac59a50fa9..000000000000
--- a/crypto/kerberosIV/appl/ftp/ftp/ftp_var.h
+++ /dev/null
@@ -1,127 +0,0 @@
-/*
- * Copyright (c) 1985, 1989, 1993, 1994
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)ftp_var.h	8.4 (Berkeley) 10/9/94
- */
-
-/*
- * FTP global variables.
- */
-
-#ifdef HAVE_SYS_PARAM_H
-#include <sys/param.h>
-#endif
-#include <setjmp.h>
-
-/*
- * Options and other state info.
- */
-extern int	trace;			/* trace packets exchanged */
-extern int	hash;			/* print # for each buffer transferred */
-extern int	sendport;		/* use PORT cmd for each data connection */
-extern int	verbose;		/* print messages coming back from server */
-extern int	connected;		/* connected to server */
-extern int	fromatty;		/* input is from a terminal */
-extern int	interactive;		/* interactively prompt on m* cmds */
-extern int	debug;			/* debugging level */
-extern int	bell;			/* ring bell on cmd completion */
-extern int	doglob;			/* glob local file names */
-extern int	autologin;		/* establish user account on connection */
-extern int	proxy;			/* proxy server connection active */
-extern int	proxflag;		/* proxy connection exists */
-extern int	sunique;		/* store files on server with unique name */
-extern int	runique;		/* store local files with unique name */
-extern int	mcase;			/* map upper to lower case for mget names */
-extern int	ntflag;			/* use ntin ntout tables for name translation */
-extern int	mapflag;		/* use mapin mapout templates on file names */
-extern int	code;			/* return/reply code for ftp command */
-extern int	crflag;			/* if 1, strip car. rets. on ascii gets */
-extern char	pasv[64];		/* passive port for proxy data connection */
-extern int	passivemode;		/* passive mode enabled */
-extern char	*altarg;		/* argv[1] with no shell-like preprocessing  */
-extern char	ntin[17];		/* input translation table */
-extern char	ntout[17];		/* output translation table */
-extern char	mapin[MaxPathLen];	/* input map template */
-extern char	mapout[MaxPathLen];	/* output map template */
-extern char	typename[32];		/* name of file transfer type */
-extern int	type;			/* requested file transfer type */
-extern int	curtype;		/* current file transfer type */
-extern char	structname[32];		/* name of file transfer structure */
-extern int	stru;			/* file transfer structure */
-extern char	formname[32];		/* name of file transfer format */
-extern int	form;			/* file transfer format */
-extern char	modename[32];		/* name of file transfer mode */
-extern int	mode;			/* file transfer mode */
-extern char	bytename[32];		/* local byte size in ascii */
-extern int	bytesize;		/* local byte size in binary */
-
-extern char	*hostname;		/* name of host connected to */
-extern int	unix_server;		/* server is unix, can use binary for ascii */
-extern int	unix_proxy;		/* proxy is unix, can use binary for ascii */
-
-extern jmp_buf	toplevel;		/* non-local goto stuff for cmd scanner */
-
-extern char	line[200];		/* input line buffer */
-extern char	*stringbase;		/* current scan point in line buffer */
-extern char	argbuf[200];		/* argument storage buffer */
-extern char	*argbase;		/* current storage point in arg buffer */
-extern int	margc;			/* count of arguments on input line */
-extern char	**margv;		/* args parsed from input line */
-extern int	margvlen;		/* how large margv is currently */
-extern int     cpend;                  /* flag: if != 0, then pending server reply */
-extern int	mflag;			/* flag: if != 0, then active multi command */
-
-extern int	options;		/* used during socket creation */
-
-/*
- * Format of command table.
- */
-struct cmd {
-	char	*c_name;	/* name of command */
-	char	*c_help;	/* help string */
-	char	c_bell;		/* give bell when command completes */
-	char	c_conn;		/* must be connected to use command */
-	char	c_proxy;	/* proxy server may execute */
-	void	(*c_handler) (int, char **); /* function to call */
-};
-
-struct macel {
-	char mac_name[9];	/* macro name */
-	char *mac_start;	/* start of macro in macbuf */
-	char *mac_end;		/* end of macro in macbuf */
-};
-
-extern int macnum;			/* number of defined macros */
-extern struct macel macros[16];
-extern char macbuf[4096];
-
-
diff --git a/crypto/kerberosIV/appl/ftp/ftp/globals.c b/crypto/kerberosIV/appl/ftp/ftp/globals.c
deleted file mode 100644
index 7199e65c8c35..000000000000
--- a/crypto/kerberosIV/appl/ftp/ftp/globals.c
+++ /dev/null
@@ -1,76 +0,0 @@
-#include "ftp_locl.h"
-RCSID("$Id: globals.c,v 1.6 1996/08/26 22:46:26 assar Exp $");
-
-/*
- * Options and other state info.
- */
-int	trace;			/* trace packets exchanged */
-int	hash;			/* print # for each buffer transferred */
-int	sendport;		/* use PORT cmd for each data connection */
-int	verbose;		/* print messages coming back from server */
-int	connected;		/* connected to server */
-int	fromatty;		/* input is from a terminal */
-int	interactive;		/* interactively prompt on m* cmds */
-int	debug;			/* debugging level */
-int	bell;			/* ring bell on cmd completion */
-int	doglob;			/* glob local file names */
-int	autologin;		/* establish user account on connection */
-int	proxy;			/* proxy server connection active */
-int	proxflag;		/* proxy connection exists */
-int	sunique;		/* store files on server with unique name */
-int	runique;		/* store local files with unique name */
-int	mcase;			/* map upper to lower case for mget names */
-int	ntflag;			/* use ntin ntout tables for name translation */
-int	mapflag;		/* use mapin mapout templates on file names */
-int	code;			/* return/reply code for ftp command */
-int	crflag;			/* if 1, strip car. rets. on ascii gets */
-char	pasv[64];		/* passive port for proxy data connection */
-int	passivemode;		/* passive mode enabled */
-char	*altarg;		/* argv[1] with no shell-like preprocessing  */
-char	ntin[17];		/* input translation table */
-char	ntout[17];		/* output translation table */
-char	mapin[MaxPathLen];	/* input map template */
-char	mapout[MaxPathLen];	/* output map template */
-char	typename[32];		/* name of file transfer type */
-int	type;			/* requested file transfer type */
-int	curtype;		/* current file transfer type */
-char	structname[32];		/* name of file transfer structure */
-int	stru;			/* file transfer structure */
-char	formname[32];		/* name of file transfer format */
-int	form;			/* file transfer format */
-char	modename[32];		/* name of file transfer mode */
-int	mode;			/* file transfer mode */
-char	bytename[32];		/* local byte size in ascii */
-int	bytesize;		/* local byte size in binary */
-
-char	*hostname;		/* name of host connected to */
-int	unix_server;		/* server is unix, can use binary for ascii */
-int	unix_proxy;		/* proxy is unix, can use binary for ascii */
-
-jmp_buf	toplevel;		/* non-local goto stuff for cmd scanner */
-
-char	line[200];		/* input line buffer */
-char	*stringbase;		/* current scan point in line buffer */
-char	argbuf[200];		/* argument storage buffer */
-char	*argbase;		/* current storage point in arg buffer */
-int	margc;			/* count of arguments on input line */
-char	**margv;		/* args parsed from input line */
-int	margvlen;		/* how large margv is currently */
-int     cpend;                  /* flag: if != 0, then pending server reply */
-int	mflag;			/* flag: if != 0, then active multi command */
-
-int	options;		/* used during socket creation */
-
-/*
- * Format of command table.
- */
-
-int macnum;			/* number of defined macros */
-struct macel macros[16];
-char macbuf[4096];
-
-char username[32];
-
-/* these are set in ruserpass */
-char myhostname[MaxHostNameLen];
-char *mydomain;
diff --git a/crypto/kerberosIV/appl/ftp/ftp/kauth.c b/crypto/kerberosIV/appl/ftp/ftp/kauth.c
deleted file mode 100644
index 8bc9b9bf28dd..000000000000
--- a/crypto/kerberosIV/appl/ftp/ftp/kauth.c
+++ /dev/null
@@ -1,145 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "ftp_locl.h"
-RCSID("$Id: kauth.c,v 1.14 1997/05/11 04:08:04 assar Exp $");
-
-void kauth(int argc, char **argv)
-{
-    int ret;
-    char buf[1024];
-    des_cblock key;
-    des_key_schedule schedule;
-    KTEXT_ST tkt, tktcopy;
-    char *name;
-    char *p;
-    int overbose;
-    char passwd[100];
-    int tmp;
-	
-    if(argc > 2){
-	printf("usage: %s [principal]\n", argv[0]);
-	code = -1;
-	return;
-    }
-    if(argc == 2)
-	name = argv[1];
-    else
-	name = username;
-
-    overbose = verbose;
-    verbose = 0;
-
-    ret = command("SITE KAUTH %s", name);
-    if(ret != CONTINUE){
-	verbose = overbose;
-	code = -1;
-	return;
-    }
-    verbose = overbose;
-    p = strstr(reply_string, "T=");
-    if(!p){
-	printf("Bad reply from server.\n");
-	code = -1;
-	return;
-    }
-    p += 2;
-    tmp = base64_decode(p, &tkt.dat);
-    if(tmp < 0){
-	printf("Failed to decode base64 in reply.\n");
-	code = -1;
-	return;
-    }
-    tkt.length = tmp;
-    tktcopy.length = tkt.length;
-    
-    p = strstr(reply_string, "P=");
-    if(!p){
-	printf("Bad reply from server.\n");
-	verbose = overbose;
-	code = -1;
-	return;
-    }
-    name = p + 2;
-    for(; *p && *p != ' ' && *p != '\r' && *p != '\n'; p++);
-    *p = 0;
-    
-    snprintf(buf, sizeof(buf), "Password for %s:", name);
-    if (des_read_pw_string (passwd, sizeof(passwd)-1, buf, 0))
-        *passwd = '\0';
-    des_string_to_key (passwd, &key);
-
-    des_key_sched(&key, schedule);
-    
-    des_pcbc_encrypt((des_cblock*)tkt.dat, (des_cblock*)tktcopy.dat,
-		     tkt.length,
-		     schedule, &key, DES_DECRYPT);
-    if (strcmp ((char*)tktcopy.dat + 8,
-		KRB_TICKET_GRANTING_TICKET) != 0) {
-        afs_string_to_key (passwd, krb_realmofhost(hostname), &key);
-	des_key_sched (&key, schedule);
-	des_pcbc_encrypt((des_cblock*)tkt.dat, (des_cblock*)tktcopy.dat,
-			 tkt.length,
-			 schedule, &key, DES_DECRYPT);
-    }
-    memset(key, 0, sizeof(key));
-    memset(schedule, 0, sizeof(schedule));
-    memset(passwd, 0, sizeof(passwd));
-    base64_encode(tktcopy.dat, tktcopy.length, &p);
-    memset (tktcopy.dat, 0, tktcopy.length);
-    ret = command("SITE KAUTH %s %s", name, p);
-    free(p);
-    if(ret != COMPLETE){
-	code = -1;
-	return;
-    }
-    code = 0;
-}
-
-void klist(int argc, char **argv)
-{
-    int ret;
-    if(argc != 1){
-	printf("usage: %s\n", argv[0]);
-	code = -1;
-	return;
-    }
-    
-    ret = command("SITE KLIST");
-    code = (ret == COMPLETE);
-}
diff --git a/crypto/kerberosIV/appl/ftp/ftp/krb4.c b/crypto/kerberosIV/appl/ftp/ftp/krb4.c
deleted file mode 100644
index 872c5bc13f91..000000000000
--- a/crypto/kerberosIV/appl/ftp/ftp/krb4.c
+++ /dev/null
@@ -1,567 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "ftp_locl.h"
-
-RCSID("$Id: krb4.c,v 1.18 1997/05/11 04:08:05 assar Exp $");
-
-static KTEXT_ST krb4_adat;
-
-static des_cblock key;
-static des_key_schedule schedule;
-
-static char *data_buffer;
-
-extern struct sockaddr_in hisctladdr, myctladdr;
-
-int auth_complete;
-
-static int command_prot;
-
-static int auth_pbsz;
-static int data_prot;
-
-static int request_data_prot;
-
-
-static struct {
-    int level;
-    char *name;
-} level_names[] = {
-    { prot_clear, "clear" },
-    { prot_safe, "safe" },
-    { prot_confidential, "confidential" },
-    { prot_private, "private" }
-};
-
-static char *level_to_name(int level)
-{
-    int i;
-    for(i = 0; i < sizeof(level_names) / sizeof(level_names[0]); i++)
-	if(level_names[i].level == level)
-	    return level_names[i].name;
-    return "unknown";
-}
-
-static int name_to_level(char *name)
-{
-    int i;
-    for(i = 0; i < sizeof(level_names) / sizeof(level_names[0]); i++)
-	if(!strncasecmp(level_names[i].name, name, strlen(name)))
-	    return level_names[i].level;
-    return -1;
-}
-
-void sec_status(void)
-{
-    if(auth_complete){
-	printf("Using KERBEROS_V4 for authentication.\n");
-
-	command_prot = prot_private; /* this variable is not used */
-
-	printf("Using %s command channel.\n", 
-	       level_to_name(command_prot));
-
-	printf("Using %s data channel.\n", 
-	       level_to_name(data_prot));
-	if(auth_pbsz > 0)
-	    printf("Protection buffer size: %d.\n", auth_pbsz);
-    }else{
-	printf("Not using any security mechanism.\n");
-    }
-}
-
-static int
-sec_prot_internal(int level)
-{
-    int ret;
-    char *p;
-    int s = 1048576;
-
-    int old_verbose = verbose;
-    verbose = 0;
-
-    if(!auth_complete){
-	printf("No security data exchange has taken place.\n");
-	return -1;
-    }
-
-    if(level){
-	ret = command("PBSZ %d", s);
-	if(ret != COMPLETE){
-	    printf("Failed to set protection buffer size.\n");
-	    return -1;
-	}
-	auth_pbsz = s;
-	p = strstr(reply_string, "PBSZ=");
-	if(p)
-	    sscanf(p, "PBSZ=%d", &s);
-	if(s < auth_pbsz)
-	    auth_pbsz = s;
-	if(data_buffer)
-	    free(data_buffer);
-	data_buffer = malloc(auth_pbsz);
-    }
-    verbose = old_verbose;
-    ret = command("PROT %c", level["CSEP"]); /* XXX :-) */
-    if(ret != COMPLETE){
-	printf("Failed to set protection level.\n");
-	return -1;
-    }
-    
-    data_prot = level;
-    return 0;
-}
-
-
-void
-sec_prot(int argc, char **argv)
-{
-    int level = -1;
-
-    if(argc != 2){
-	printf("usage: %s (clear | safe | confidential | private)\n",
-	       argv[0]);
-	code = -1;
-	return;
-    }
-    if(!auth_complete){
-	printf("No security data exchange has taken place.\n");
-	code = -1;
-	return;
-    }
-    level = name_to_level(argv[1]);
-    
-    if(level == -1){
-	printf("usage: %s (clear | safe | confidential | private)\n",
-	       argv[0]);
-	code = -1;
-	return;
-    }
-    
-    if(level == prot_confidential){
-	printf("Confidential protection is not defined with Kerberos.\n");
-	code = -1;
-	return;
-    }
-
-    if(sec_prot_internal(level) < 0){
-	code = -1;
-	return;
-    }
-    code = 0;
-}
-
-void
-sec_set_protection_level(void)
-{
-    if(auth_complete && data_prot != request_data_prot)
-	sec_prot_internal(request_data_prot);
-}
-
-
-int
-sec_request_prot(char *level)
-{
-    int l = name_to_level(level);
-    if(l == -1)
-	return -1;
-    request_data_prot = l;
-    return 0;
-}
-
-
-int sec_getc(FILE *F)
-{
-    if(auth_complete && data_prot)
-	return krb4_getc(F);
-    else
-	return getc(F);
-}
-
-int sec_read(int fd, void *data, int length)
-{
-    if(auth_complete && data_prot)
-	return krb4_read(fd, data, length);
-    else
-	return read(fd, data, length);
-}
-
-static int
-krb4_recv(int fd)
-{
-    int len;
-    MSG_DAT m;
-    int kerror;
-    
-    krb_net_read(fd, &len, sizeof(len));
-    len = ntohl(len);
-    krb_net_read(fd, data_buffer, len);
-    if(data_prot == prot_safe)
-	kerror = krb_rd_safe(data_buffer, len, &key, 
-			     &hisctladdr, &myctladdr, &m);
-    else
-	kerror = krb_rd_priv(data_buffer, len, schedule, &key, 
-			     &hisctladdr, &myctladdr, &m);
-    if(kerror){
-	return -1;
-    }
-    memmove(data_buffer, m.app_data, m.app_length);
-    return m.app_length;
-}
-
-
-int krb4_getc(FILE *F)
-{
-    static int bytes;
-    static int index;
-    if(bytes == 0){
-	bytes = krb4_recv(fileno(F));
-	index = 0;
-    }
-    if(bytes){
-	bytes--;
-	return (unsigned char)data_buffer[index++];
-    }
-    return EOF;
-}
-
-int krb4_read(int fd, char *data, int length)
-{
-    static int left;
-    static int index;
-    static int eof;
-    int len = left;
-    int rx = 0;
-
-    if(eof){
-	eof = 0;
-	return 0;
-    }
-    
-    if(left){
-	if(length < len)
-	    len = length;
-	memmove(data, data_buffer + index, len);
-	length -= len;
-	index += len;
-	rx += len;
-	left -= len;
-    }
-    
-    while(length){
-	len = krb4_recv(fd);
-	if(len == 0){
-	    if(rx)
-		eof = 1;
-	    return rx;
-	}
-	if(len > length){
-	    left = len - length;
-	    len = index = length;
-	}
-	memmove(data, data_buffer, len);
-	length -= len;
-	data += len;
-	rx += len;
-    }
-    return rx;
-}
-
-
-static int
-krb4_encode(char *from, char *to, int length)
-{
-    if(data_prot == prot_safe)
-	return krb_mk_safe(from, to, length, &key, 
-			   &myctladdr, &hisctladdr);
-    else
-	return krb_mk_priv(from, to, length, schedule, &key, 
-			   &myctladdr, &hisctladdr);
-}
-
-static int
-krb4_overhead(int len)
-{
-    if(data_prot == prot_safe)
-	return 31;
-    else
-	return 26;
-}
-
-static char p_buf[1024];
-static int p_index;
-
-int
-sec_putc(int c, FILE *F)
-{
-    if(data_prot){
-	if((c == '\n' && p_index) || p_index == sizeof(p_buf)){
-	    sec_write(fileno(F), p_buf, p_index);
-	    p_index = 0;
-	}
-	p_buf[p_index++] = c;
-	return c;
-    }
-    return putc(c, F);
-}
-
-static int
-sec_send(int fd, char *from, int length)
-{
-    int bytes;
-    bytes = krb4_encode(from, data_buffer, length);
-    bytes = htonl(bytes);
-    krb_net_write(fd, &bytes, sizeof(bytes));
-    krb_net_write(fd, data_buffer, ntohl(bytes));
-    return length;
-}
-
-int
-sec_fflush(FILE *F)
-{
-    if(data_prot){
-	if(p_index){
-	    sec_write(fileno(F), p_buf, p_index);
-	    p_index = 0;
-	}
-	sec_send(fileno(F), NULL, 0);
-    }
-    fflush(F);
-    return 0;
-}
-
-int
-sec_write(int fd, char *data, int length)
-{
-    int len = auth_pbsz;
-    int tx = 0;
-      
-    if(data_prot == prot_clear)
-	return write(fd, data, length);
-
-    len -= krb4_overhead(len);
-    while(length){
-	if(length < len)
-	    len = length;
-	sec_send(fd, data, len);
-	length -= len;
-	data += len;
-	tx += len;
-    }
-    return tx;
-}
-
-static int
-do_auth(char *service, char *host, int checksum)
-{
-    int ret;
-    CREDENTIALS cred;
-    char sname[SNAME_SZ], inst[INST_SZ], realm[REALM_SZ];
-    strcpy(sname, service);
-    strcpy(inst, krb_get_phost(host));
-    strcpy(realm, krb_realmofhost(host));
-    ret = krb_mk_req(&krb4_adat, sname, inst, realm, checksum);
-    if(ret)
-	return ret;
-    strcpy(sname, service);
-    strcpy(inst, krb_get_phost(host));
-    strcpy(realm, krb_realmofhost(host));
-    ret = krb_get_cred(sname, inst, realm, &cred);
-    memmove(&key, &cred.session, sizeof(des_cblock));
-    des_key_sched(&key, schedule);
-    memset(&cred, 0, sizeof(cred));
-    return ret;
-}
-
-
-int
-do_klogin(char *host)
-{
-    int ret;
-    char *p;
-    int len;
-    char adat[1024];
-    MSG_DAT msg_data;
-    int checksum;
-
-    int old_verbose = verbose;
-
-    verbose = 0;
-    printf("Trying KERBEROS_V4...\n");
-    ret = command("AUTH KERBEROS_V4");
-    if(ret != CONTINUE){
-	if(code == 504){
-	    printf("Kerberos 4 is not supported by the server.\n");
-	}else if(code == 534){
-	    printf("KERBEROS_V4 rejected as security mechanism.\n");
-	}else if(ret == ERROR)
-	    printf("The server doesn't understand the FTP "
-		   "security extensions.\n");
-	verbose = old_verbose;
-	return -1;
-    }
-
-    checksum = getpid();
-    ret = do_auth("ftp", host, checksum);
-    if(ret == KDC_PR_UNKNOWN)
-	ret = do_auth("rcmd", host, checksum);
-    if(ret){
-	printf("%s\n", krb_get_err_text(ret));
-	verbose = old_verbose;
-	return ret;
-    }
-
-    base64_encode(krb4_adat.dat, krb4_adat.length, &p);
-    ret = command("ADAT %s", p);
-    free(p);
-
-    if(ret != COMPLETE){
-	printf("Server didn't accept auth data.\n");
-	verbose = old_verbose;
-	return -1;
-    }
-
-    p = strstr(reply_string, "ADAT=");
-    if(!p){
-	printf("Remote host didn't send adat reply.\n");
-	verbose = old_verbose;
-	return -1;
-    }
-    p+=5;
-    len = base64_decode(p, adat);
-    if(len < 0){
-	printf("Failed to decode base64 from server.\n");
-	verbose = old_verbose;
-	return -1;
-    }
-    ret = krb_rd_safe(adat, len, &key, 
-		      &hisctladdr, &myctladdr, &msg_data);
-    if(ret){
-	printf("Error reading reply from server: %s.\n", 
-	       krb_get_err_text(ret));
-	verbose = old_verbose;
-	return -1;
-    }
-    { 
-	/* the draft doesn't tell what size the return has */
-	int i;
-	u_int32_t cs = 0;
-	for(i = 0; i < msg_data.app_length; i++)
-	    cs = (cs<<8) + msg_data.app_data[i];
-	if(cs - checksum != 1){
-	    printf("Bad checksum returned from server.\n");
-	    verbose = old_verbose;
-	    return -1;
-	}
-    }
-    auth_complete = 1;
-    verbose = old_verbose;
-    return 0;
-}
-
-void
-krb4_quit(void)
-{
-  auth_complete = 0;
-}
-
-int krb4_write_enc(FILE *F, char *fmt, va_list ap)
-{
-    int len;
-    char *p;
-    char buf[1024];
-    char enc[1024];
-
-    vsnprintf(buf, sizeof(buf), fmt, ap);
-    len = krb_mk_priv(buf, enc, strlen(buf), schedule, &key, 
-		      &myctladdr, &hisctladdr);
-    base64_encode(enc, len, &p);
-
-    fprintf(F, "ENC %s", p);
-    free (p);
-    return 0;
-}
-
-
-int krb4_read_msg(char *s, int priv)
-{
-    int len;
-    int ret;
-    char buf[1024];
-    MSG_DAT m;
-    int code;
-    
-    len = base64_decode(s + 4, buf);
-    if(priv)
-	ret = krb_rd_priv(buf, len, schedule, &key, 
-			  &hisctladdr, &myctladdr, &m);
-    else
-	ret = krb_rd_safe(buf, len, &key, &hisctladdr, &myctladdr, &m);
-    if(ret){
-	printf("%s\n", krb_get_err_text(ret));
-	return -1;
-    }
-	
-    m.app_data[m.app_length] = 0;
-    if(m.app_data[3] == '-')
-      code = 0;
-    else
-      sscanf((char*)m.app_data, "%d", &code);
-    strncpy(s, (char*)m.app_data, strlen((char*)m.app_data));
-    
-    s[m.app_length] = 0;
-    len = strlen(s);
-    if(s[len-1] == '\n')
-	s[len-1] = 0;
-    
-    return code;
-}
-
-int
-krb4_read_mic(char *s)
-{
-    return krb4_read_msg(s, 0);
-}
-
-int
-krb4_read_enc(char *s)
-{
-    return krb4_read_msg(s, 1);
-}
-
diff --git a/crypto/kerberosIV/appl/ftp/ftp/krb4.h b/crypto/kerberosIV/appl/ftp/ftp/krb4.h
deleted file mode 100644
index 7cf8cece104d..000000000000
--- a/crypto/kerberosIV/appl/ftp/ftp/krb4.h
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* $Id: krb4.h,v 1.10 1997/04/01 08:17:22 joda Exp $ */
-
-#ifndef __KRB4_H__
-#define __KRB4_H__
-
-#include <stdio.h>
-#include <stdarg.h>
-
-extern int auth_complete;
-
-void sec_status(void);
-
-enum { prot_clear, prot_safe, prot_confidential, prot_private };
-
-void sec_prot(int, char**);
-
-int sec_getc(FILE *F);
-int sec_putc(int c, FILE *F);
-int sec_fflush(FILE *F);
-int sec_read(int fd, void *data, int length);
-int sec_write(int fd, char *data, int length);
-
-int krb4_getc(FILE *F);
-int krb4_read(int fd, char *data, int length);
-
-
-
-void sec_set_protection_level(void);
-int sec_request_prot(char *level);
-
-void kauth(int, char **);
-void klist(int, char **);
-
-void krb4_quit(void);
-
-int krb4_write_enc(FILE *F, char *fmt, va_list ap);
-int krb4_read_msg(char *s, int priv);
-int krb4_read_mic(char *s);
-int krb4_read_enc(char *s);
-
-int do_klogin(char *host);
-
-#endif /* __KRB4_H__ */
diff --git a/crypto/kerberosIV/appl/ftp/ftp/main.c b/crypto/kerberosIV/appl/ftp/ftp/main.c
deleted file mode 100644
index 4d1b6a543cdf..000000000000
--- a/crypto/kerberosIV/appl/ftp/ftp/main.c
+++ /dev/null
@@ -1,542 +0,0 @@
-/*
- * Copyright (c) 1985, 1989, 1993, 1994
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/*
- * FTP User Program -- Command Interface.
- */
-
-#include "ftp_locl.h"
-RCSID("$Id: main.c,v 1.20 1997/04/20 16:14:55 joda Exp $");
-
-int
-main(int argc, char **argv)
-{
-	int ch, top;
-	struct passwd *pw = NULL;
-	char homedir[MaxPathLen];
-	struct servent *sp;
-
-	set_progname(argv[0]);
-
-	sp = getservbyname("ftp", "tcp");
-	if (sp == 0)
-		errx(1, "ftp/tcp: unknown service");
-	doglob = 1;
-	interactive = 1;
-	autologin = 1;
-
-	while ((ch = getopt(argc, argv, "dgintv")) != EOF) {
-		switch (ch) {
-		case 'd':
-			options |= SO_DEBUG;
-			debug++;
-			break;
-			
-		case 'g':
-			doglob = 0;
-			break;
-
-		case 'i':
-			interactive = 0;
-			break;
-
-		case 'n':
-			autologin = 0;
-			break;
-
-		case 't':
-			trace++;
-			break;
-
-		case 'v':
-			verbose++;
-			break;
-
-		default:
-		    fprintf(stderr,
-			    "usage: ftp [-dgintv] [host [port]]\n");
-		    exit(1);
-		}
-	}
-	argc -= optind;
-	argv += optind;
-
-	fromatty = isatty(fileno(stdin));
-	if (fromatty)
-		verbose++;
-	cpend = 0;	/* no pending replies */
-	proxy = 0;	/* proxy not active */
-	passivemode = 0; /* passive mode not active */
-	crflag = 1;	/* strip c.r. on ascii gets */
-	sendport = -1;	/* not using ports */
-	/*
-	 * Set up the home directory in case we're globbing.
-	 */
-	pw = k_getpwuid(getuid());
-	if (pw != NULL) {
-		home = homedir;
-		strcpy(home, pw->pw_dir);
-	}
-	if (argc > 0) {
-	    char *xargv[5];
-	    
-	    if (setjmp(toplevel))
-		exit(0);
-	    signal(SIGINT, intr);
-	    signal(SIGPIPE, lostpeer);
-	    xargv[0] = (char*)__progname;
-	    xargv[1] = argv[0];
-	    xargv[2] = argv[1];
-	    xargv[3] = argv[2];
-	    xargv[4] = NULL;
-	    setpeer(argc+1, xargv);
-	}
-	if(setjmp(toplevel) == 0)
-	    top = 1;
-	else
-	    top = 0;
-	if (top) {
-	    signal(SIGINT, intr);
-	    signal(SIGPIPE, lostpeer);
-	}
-	for (;;) {
-	    cmdscanner(top);
-	    top = 1;
-	}
-}
-
-void
-intr(int sig)
-{
-
-	longjmp(toplevel, 1);
-}
-
-#ifndef SHUT_RDWR
-#define SHUT_RDWR 2
-#endif
-
-RETSIGTYPE
-lostpeer(int sig)
-{
-
-    if (connected) {
-	if (cout != NULL) {
-	    shutdown(fileno(cout), SHUT_RDWR);
-	    fclose(cout);
-	    cout = NULL;
-	}
-	if (data >= 0) {
-	    shutdown(data, SHUT_RDWR);
-	    close(data);
-	    data = -1;
-	}
-	connected = 0;
-    }
-    pswitch(1);
-    if (connected) {
-	if (cout != NULL) {
-	    shutdown(fileno(cout), SHUT_RDWR);
-	    fclose(cout);
-	    cout = NULL;
-	}
-	connected = 0;
-    }
-    proxflag = 0;
-    pswitch(0);
-    SIGRETURN(0);
-}
-
-/*
-char *
-tail(filename)
-	char *filename;
-{
-	char *s;
-	
-	while (*filename) {
-		s = strrchr(filename, '/');
-		if (s == NULL)
-			break;
-		if (s[1])
-			return (s + 1);
-		*s = '\0';
-	}
-	return (filename);
-}
-*/
-
-#ifndef HAVE_READLINE
-
-static char *
-readline(char *prompt)
-{
-    char buf[BUFSIZ];
-    printf ("%s", prompt);
-    fflush (stdout);
-    if(fgets(buf, sizeof(buf), stdin) == NULL)
-	return NULL;
-    if (buf[strlen(buf) - 1] == '\n')
-	buf[strlen(buf) - 1] = '\0';
-    return strdup(buf);
-}
-
-static void
-add_history(char *p)
-{
-}
-
-#else
-
-/* These should not really be here */
-
-char *readline(char *);
-void add_history(char *);
-
-#endif
-
-/*
- * Command parser.
- */
-void
-cmdscanner(int top)
-{
-    struct cmd *c;
-    int l;
-
-    if (!top)
-	putchar('\n');
-    for (;;) {
-	if (fromatty) {
-	    char *p;
-	    p = readline("ftp> ");
-	    if(p == NULL)
-		quit(0, 0);
-	    strncpy(line, p, sizeof(line));
-	    line[sizeof(line) - 1] = 0;
-	    add_history(p);
-	    free(p);
-	} else{
-	    if (fgets(line, sizeof line, stdin) == NULL)
-		quit(0, 0);
-	}
-	/* XXX will break on long lines */
-	l = strlen(line);
-	if (l == 0)
-	    break;
-	if (line[--l] == '\n') {
-	    if (l == 0)
-		break;
-	    line[l] = '\0';
-	} else if (l == sizeof(line) - 2) {
-	    printf("sorry, input line too long\n");
-	    while ((l = getchar()) != '\n' && l != EOF)
-		/* void */;
-	    break;
-	} /* else it was a line without a newline */
-	makeargv();
-	if (margc == 0) {
-	    continue;
-	}
-	c = getcmd(margv[0]);
-	if (c == (struct cmd *)-1) {
-	    printf("?Ambiguous command\n");
-	    continue;
-	}
-	if (c == 0) {
-	    printf("?Invalid command\n");
-	    continue;
-	}
-	if (c->c_conn && !connected) {
-	    printf("Not connected.\n");
-	    continue;
-	}
-	(*c->c_handler)(margc, margv);
-	if (bell && c->c_bell)
-	    putchar('\007');
-	if (c->c_handler != help)
-	    break;
-    }
-    signal(SIGINT, intr);
-    signal(SIGPIPE, lostpeer);
-}
-
-struct cmd *
-getcmd(char *name)
-{
-	char *p, *q;
-	struct cmd *c, *found;
-	int nmatches, longest;
-
-	longest = 0;
-	nmatches = 0;
-	found = 0;
-	for (c = cmdtab; (p = c->c_name); c++) {
-		for (q = name; *q == *p++; q++)
-			if (*q == 0)		/* exact match? */
-				return (c);
-		if (!*q) {			/* the name was a prefix */
-			if (q - name > longest) {
-				longest = q - name;
-				nmatches = 1;
-				found = c;
-			} else if (q - name == longest)
-				nmatches++;
-		}
-	}
-	if (nmatches > 1)
-		return ((struct cmd *)-1);
-	return (found);
-}
-
-/*
- * Slice a string up into argc/argv.
- */
-
-int slrflag;
-
-void
-makeargv(void)
-{
-	char **argp;
-
-	argp = margv;
-	stringbase = line;		/* scan from first of buffer */
-	argbase = argbuf;		/* store from first of buffer */
-	slrflag = 0;
-	for (margc = 0; ; margc++) {
-		/* Expand array if necessary */
-		if (margc == margvlen) {
-			margv = (margvlen == 0)
-				? (char **)malloc(20 * sizeof(char *))
-				: (char **)realloc(margv,
-					(margvlen + 20)*sizeof(char *));
-			if (margv == NULL)
-				errx(1, "cannot realloc argv array");
-			margvlen += 20;
-			argp = margv + margc;
-		}
-
-		if ((*argp++ = slurpstring()) == NULL)
-			break;
-	}
-
-}
-
-/*
- * Parse string into argbuf;
- * implemented with FSM to
- * handle quoting and strings
- */
-char *
-slurpstring(void)
-{
-	int got_one = 0;
-	char *sb = stringbase;
-	char *ap = argbase;
-	char *tmp = argbase;		/* will return this if token found */
-
-	if (*sb == '!' || *sb == '$') {	/* recognize ! as a token for shell */
-		switch (slrflag) {	/* and $ as token for macro invoke */
-			case 0:
-				slrflag++;
-				stringbase++;
-				return ((*sb == '!') ? "!" : "$");
-				/* NOTREACHED */
-			case 1:
-				slrflag++;
-				altarg = stringbase;
-				break;
-			default:
-				break;
-		}
-	}
-
-S0:
-	switch (*sb) {
-
-	case '\0':
-		goto OUT;
-
-	case ' ':
-	case '\t':
-		sb++; goto S0;
-
-	default:
-		switch (slrflag) {
-			case 0:
-				slrflag++;
-				break;
-			case 1:
-				slrflag++;
-				altarg = sb;
-				break;
-			default:
-				break;
-		}
-		goto S1;
-	}
-
-S1:
-	switch (*sb) {
-
-	case ' ':
-	case '\t':
-	case '\0':
-		goto OUT;	/* end of token */
-
-	case '\\':
-		sb++; goto S2;	/* slurp next character */
-
-	case '"':
-		sb++; goto S3;	/* slurp quoted string */
-
-	default:
-		*ap++ = *sb++;	/* add character to token */
-		got_one = 1;
-		goto S1;
-	}
-
-S2:
-	switch (*sb) {
-
-	case '\0':
-		goto OUT;
-
-	default:
-		*ap++ = *sb++;
-		got_one = 1;
-		goto S1;
-	}
-
-S3:
-	switch (*sb) {
-
-	case '\0':
-		goto OUT;
-
-	case '"':
-		sb++; goto S1;
-
-	default:
-		*ap++ = *sb++;
-		got_one = 1;
-		goto S3;
-	}
-
-OUT:
-	if (got_one)
-		*ap++ = '\0';
-	argbase = ap;			/* update storage pointer */
-	stringbase = sb;		/* update scan pointer */
-	if (got_one) {
-		return (tmp);
-	}
-	switch (slrflag) {
-		case 0:
-			slrflag++;
-			break;
-		case 1:
-			slrflag++;
-			altarg = (char *) 0;
-			break;
-		default:
-			break;
-	}
-	return NULL;
-}
-
-#define HELPINDENT ((int) sizeof ("directory"))
-
-/*
- * Help command.
- * Call each command handler with argc == 0 and argv[0] == name.
- */
-void
-help(int argc, char **argv)
-{
-	struct cmd *c;
-
-	if (argc == 1) {
-		int i, j, w, k;
-		int columns, width = 0, lines;
-
-		printf("Commands may be abbreviated.  Commands are:\n\n");
-		for (c = cmdtab; c < &cmdtab[NCMDS]; c++) {
-			int len = strlen(c->c_name);
-
-			if (len > width)
-				width = len;
-		}
-		width = (width + 8) &~ 7;
-		columns = 80 / width;
-		if (columns == 0)
-			columns = 1;
-		lines = (NCMDS + columns - 1) / columns;
-		for (i = 0; i < lines; i++) {
-			for (j = 0; j < columns; j++) {
-				c = cmdtab + j * lines + i;
-				if (c->c_name && (!proxy || c->c_proxy)) {
-					printf("%s", c->c_name);
-				}
-				else if (c->c_name) {
-					for (k=0; k < strlen(c->c_name); k++) {
-						putchar(' ');
-					}
-				}
-				if (c + lines >= &cmdtab[NCMDS]) {
-					printf("\n");
-					break;
-				}
-				w = strlen(c->c_name);
-				while (w < width) {
-					w = (w + 8) &~ 7;
-					putchar('\t');
-				}
-			}
-		}
-		return;
-	}
-	while (--argc > 0) {
-		char *arg;
-		arg = *++argv;
-		c = getcmd(arg);
-		if (c == (struct cmd *)-1)
-			printf("?Ambiguous help command %s\n", arg);
-		else if (c == (struct cmd *)0)
-			printf("?Invalid help command %s\n", arg);
-		else
-			printf("%-*s\t%s\n", HELPINDENT,
-				c->c_name, c->c_help);
-	}
-}
diff --git a/crypto/kerberosIV/appl/ftp/ftp/pathnames.h b/crypto/kerberosIV/appl/ftp/ftp/pathnames.h
deleted file mode 100644
index f7c1fb391d69..000000000000
--- a/crypto/kerberosIV/appl/ftp/ftp/pathnames.h
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- * Copyright (c) 1989, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)pathnames.h	8.1 (Berkeley) 6/6/93
- */
-
-#ifdef HAVE_PATHS_H
-#include <paths.h>
-#endif
-
-#define	_PATH_TMP_XXX	"/tmp/ftpXXXXXX"
-
-#ifndef _PATH_BSHELL
-#define _PATH_BSHELL	"/bin/sh"
-#endif
diff --git a/crypto/kerberosIV/appl/ftp/ftp/ruserpass.c b/crypto/kerberosIV/appl/ftp/ftp/ruserpass.c
deleted file mode 100644
index 8cea6d432016..000000000000
--- a/crypto/kerberosIV/appl/ftp/ftp/ruserpass.c
+++ /dev/null
@@ -1,274 +0,0 @@
-/*
- * Copyright (c) 1985, 1993, 1994
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "ftp_locl.h"
-RCSID("$Id: ruserpass.c,v 1.10 1997/05/02 14:27:55 assar Exp $");
-
-static	int token (void);
-static	FILE *cfile;
-
-#define	DEFAULT	1
-#define	LOGIN	2
-#define	PASSWD	3
-#define	ACCOUNT 4
-#define MACDEF  5
-#define PROT	6
-#define	ID	10
-#define	MACH	11
-
-static char tokval[100];
-
-static struct toktab {
-	char *tokstr;
-	int tval;
-} toktab[]= {
-	{ "default",	DEFAULT },
-	{ "login",	LOGIN },
-	{ "password",	PASSWD },
-	{ "passwd",	PASSWD },
-	{ "account",	ACCOUNT },
-	{ "machine",	MACH },
-	{ "macdef",	MACDEF },
-	{ "prot", 	PROT }, 
-	{ NULL,		0 }
-};
-
-int
-ruserpass(char *host, char **aname, char **apass, char **aacct)
-{
-	char *hdir, buf[BUFSIZ], *tmp;
-	int t, i, c, usedefault = 0;
-	struct stat stb;
-
-	if(k_gethostname(myhostname, MaxHostNameLen) < 0)
-	    strcpy(myhostname, "");
-	if((mydomain = strchr(myhostname, '.')) == NULL)
-	    mydomain = myhostname;
-	else
-	    mydomain++;
-	hdir = getenv("HOME");
-	if (hdir == NULL)
-		hdir = ".";
-	snprintf(buf, sizeof(buf), "%s/.netrc", hdir);
-	cfile = fopen(buf, "r");
-	if (cfile == NULL) {
-		if (errno != ENOENT)
-			warn("%s", buf);
-		return (0);
-	}
-
-next:
-	while ((t = token())) switch(t) {
-
-	case DEFAULT:
-		usedefault = 1;
-		/* FALL THROUGH */
-
-	case MACH:
-		if (!usedefault) {
-			if (token() != ID)
-				continue;
-			/*
-			 * Allow match either for user's input host name
-			 * or official hostname.  Also allow match of 
-			 * incompletely-specified host in local domain.
-			 */
-			if (strcasecmp(host, tokval) == 0)
-				goto match;
-			if (strcasecmp(hostname, tokval) == 0)
-				goto match;
-			if ((tmp = strchr(hostname, '.')) != NULL &&
-			    tmp++ &&
-			    strcasecmp(tmp, mydomain) == 0 &&
-			    strncasecmp(hostname, tokval, tmp-hostname) == 0 &&
-			    tokval[tmp - hostname] == '\0')
-				goto match;
-			if ((tmp = strchr(host, '.')) != NULL &&
-			    tmp++ &&
-			    strcasecmp(tmp, mydomain) == 0 &&
-			    strncasecmp(host, tokval, tmp - host) == 0 &&
-			    tokval[tmp - host] == '\0')
-				goto match;
-			continue;
-		}
-	match:
-		while ((t = token()) && t != MACH && t != DEFAULT) switch(t) {
-
-		case LOGIN:
-			if (token())
-				if (*aname == 0) { 
-					*aname = strdup(tokval);
-				} else {
-					if (strcmp(*aname, tokval))
-						goto next;
-				}
-			break;
-		case PASSWD:
-			if ((*aname == NULL || strcmp(*aname, "anonymous")) &&
-			    fstat(fileno(cfile), &stb) >= 0 &&
-			    (stb.st_mode & 077) != 0) {
-	warnx("Error: .netrc file is readable by others.");
-	warnx("Remove password or make file unreadable by others.");
-				goto bad;
-			}
-			if (token() && *apass == 0) {
-				*apass = strdup(tokval);
-			}
-			break;
-		case ACCOUNT:
-			if (fstat(fileno(cfile), &stb) >= 0
-			    && (stb.st_mode & 077) != 0) {
-	warnx("Error: .netrc file is readable by others.");
-	warnx("Remove account or make file unreadable by others.");
-				goto bad;
-			}
-			if (token() && *aacct == 0) {
-				*aacct = strdup(tokval);
-			}
-			break;
-		case MACDEF:
-			if (proxy) {
-				fclose(cfile);
-				return (0);
-			}
-			while ((c=getc(cfile)) != EOF && c == ' ' || c == '\t');
-			if (c == EOF || c == '\n') {
-				printf("Missing macdef name argument.\n");
-				goto bad;
-			}
-			if (macnum == 16) {
-				printf("Limit of 16 macros have already been defined\n");
-				goto bad;
-			}
-			tmp = macros[macnum].mac_name;
-			*tmp++ = c;
-			for (i=0; i < 8 && (c=getc(cfile)) != EOF &&
-			    !isspace(c); ++i) {
-				*tmp++ = c;
-			}
-			if (c == EOF) {
-				printf("Macro definition missing null line terminator.\n");
-				goto bad;
-			}
-			*tmp = '\0';
-			if (c != '\n') {
-				while ((c=getc(cfile)) != EOF && c != '\n');
-			}
-			if (c == EOF) {
-				printf("Macro definition missing null line terminator.\n");
-				goto bad;
-			}
-			if (macnum == 0) {
-				macros[macnum].mac_start = macbuf;
-			}
-			else {
-				macros[macnum].mac_start = macros[macnum-1].mac_end + 1;
-			}
-			tmp = macros[macnum].mac_start;
-			while (tmp != macbuf + 4096) {
-				if ((c=getc(cfile)) == EOF) {
-				printf("Macro definition missing null line terminator.\n");
-					goto bad;
-				}
-				*tmp = c;
-				if (*tmp == '\n') {
-					if (*(tmp-1) == '\0') {
-					   macros[macnum++].mac_end = tmp - 1;
-					   break;
-					}
-					*tmp = '\0';
-				}
-				tmp++;
-			}
-			if (tmp == macbuf + 4096) {
-				printf("4K macro buffer exceeded\n");
-				goto bad;
-			}
-			break;
-		case PROT:
-		    token();
-		    if(sec_request_prot(tokval) < 0)
-			warnx("Unknown protection level \"%s\"", tokval);
-		    break;
-		default:
-			warnx("Unknown .netrc keyword %s", tokval);
-			break;
-		}
-		goto done;
-	}
-done:
-	fclose(cfile);
-	return (0);
-bad:
-	fclose(cfile);
-	return (-1);
-}
-
-static int
-token(void)
-{
-	char *cp;
-	int c;
-	struct toktab *t;
-
-	if (feof(cfile) || ferror(cfile))
-		return (0);
-	while ((c = getc(cfile)) != EOF &&
-	    (c == '\n' || c == '\t' || c == ' ' || c == ','))
-		continue;
-	if (c == EOF)
-		return (0);
-	cp = tokval;
-	if (c == '"') {
-		while ((c = getc(cfile)) != EOF && c != '"') {
-			if (c == '\\')
-				c = getc(cfile);
-			*cp++ = c;
-		}
-	} else {
-		*cp++ = c;
-		while ((c = getc(cfile)) != EOF
-		    && c != '\n' && c != '\t' && c != ' ' && c != ',') {
-			if (c == '\\')
-				c = getc(cfile);
-			*cp++ = c;
-		}
-	}
-	*cp = 0;
-	if (tokval[0] == 0)
-		return (0);
-	for (t = toktab; t->tokstr; t++)
-		if (!strcmp(t->tokstr, tokval))
-			return (t->tval);
-	return (ID);
-}
diff --git a/crypto/kerberosIV/appl/ftp/ftpd/Makefile.in b/crypto/kerberosIV/appl/ftp/ftpd/Makefile.in
deleted file mode 100644
index 55981deb7ecd..000000000000
--- a/crypto/kerberosIV/appl/ftp/ftpd/Makefile.in
+++ /dev/null
@@ -1,84 +0,0 @@
-# 
-# $Id: Makefile.in,v 1.31 1997/05/02 17:49:27 assar Exp $
-#
-
-srcdir		= @srcdir@
-top_srcdir	= @top_srcdir@
-VPATH		= @srcdir@
-
-topdir		= ../../..
-
-SHELL		= /bin/sh
-
-CC 	= @CC@
-YACC	= @YACC@
-RANLIB 	= @RANLIB@
-DEFS 	= @DEFS@
-CFLAGS 	= @CFLAGS@
-LD_FLAGS = @LD_FLAGS@
-LIBS	= @LIBS@
-LIB_DBM = @LIB_DBM@
-MKINSTALLDIRS = $(top_srcdir)/mkinstalldirs
-
-INSTALL = @INSTALL@
-INSTALL_PROGRAM = @INSTALL_PROGRAM@
-
-prefix 	= @prefix@
-exec_prefix = @exec_prefix@
-libdir = @libdir@
-libexecdir = @libexecdir@
-transform=@program_transform_name@
-EXECSUFFIX=@EXECSUFFIX@
-
-ATHENA = ../../..
-
-INCTOP = $(ATHENA)/include
-
-LIBTOP = $(ATHENA)/lib
-
-LIBKAFS = @KRB_KAFS_LIB@
-LIBKRB	= -L$(LIBTOP)/krb -lkrb
-LIBDES	= -L$(LIBTOP)/des -ldes
-LIBOTP  = -L$(LIBTOP)/otp -lotp
-LIBROKEN= -L$(LIBTOP)/roken -lroken
-
-PROGS = ftpd$(EXECSUFFIX)
-
-ftpd_SOURCES = ftpd.c ftpcmd.c logwtmp.c popen.c auth.c krb4.c kauth.c
-ftpd_OBJS = ftpd.o ftpcmd.o logwtmp.o popen.o auth.o krb4.o kauth.o
-
-SOURCES = $(ftpd_SOURCES)
-OBJECTS = $(ftpd_OBJS)
-
-all: $(PROGS)
-
-.c.o:
-	$(CC) -c $(CFLAGS) -I$(srcdir) -I$(srcdir)/../common -I$(INCTOP) $(DEFS) $<
-
-install: all
-	$(MKINSTALLDIRS) $(libexecdir)
-	for x in $(PROGS); do \
-	  $(INSTALL_PROGRAM) $$x $(libexecdir)/`echo $$x | sed '$(transform)'`; \
-	done
-
-uninstall:
-	for x in $(PROGS); do \
-	  rm -f $(libexecdir)/`echo $$x | sed '$(transform)'`; \
-	done
-
-ftpd$(EXECSUFFIX): $(ftpd_OBJS)
-	$(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ $(ftpd_OBJS) -L../common -lcommon $(LIBKAFS) $(LIBKRB) $(LIBOTP) $(LIBDES) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN)
-
-ftpcmd.c: ftpcmd.y
-	$(YACC) $(YFLAGS) $<
-	chmod a-w y.tab.c
-	mv -f y.tab.c ftpcmd.c
-
-TAGS: $(SOURCES)
-	etags $(SOURCES)
-
-clean cleandir:
-	rm -f *~ *.o core ftpd ftpcmd.c \#*
-
-distclean: 
-	rm -f Makefile
diff --git a/crypto/kerberosIV/appl/ftp/ftpd/auth.c b/crypto/kerberosIV/appl/ftp/ftpd/auth.c
deleted file mode 100644
index 862eb6dcc639..000000000000
--- a/crypto/kerberosIV/appl/ftp/ftpd/auth.c
+++ /dev/null
@@ -1,249 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: auth.c,v 1.11 1997/05/04 23:09:00 assar Exp $");
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#if defined(HAVE_SYS_IOCTL_H) && SunOS != 4
-#include <sys/ioctl.h>
-#endif
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#include "extern.h"
-#include "krb4.h"
-#include "auth.h"
-
-static struct at auth_types [] = {
-    { "KERBEROS_V4", krb4_auth, krb4_adat, krb4_pbsz, krb4_prot, krb4_ccc, 
-      krb4_mic, krb4_conf, krb4_enc, krb4_read, krb4_write, krb4_userok, 
-      krb4_vprintf },
-    { 0, 0, 0, 0, 0, 0, 0, 0, 0 }
-};
-
-struct at *ct;
-
-int data_protection;
-int buffer_size;
-unsigned char *data_buffer;
-int auth_complete;
-
-
-char *protection_names[] = {
-    "clear", "safe", 
-    "confidential", "private"
-};
-
-
-void auth_init(void)
-{
-}
-
-char *ftp_command;
-int prot_level;
-
-void new_ftp_command(char *command)
-{
-    ftp_command = command;
-}
-
-void delete_ftp_command(void)
-{
-    if(ftp_command){
-	free(ftp_command);
-	ftp_command = NULL;
-    }
-}
-
-int auth_ok(void)
-{
-    return ct && auth_complete;
-}
-
-void auth(char *auth)
-{
-    for(ct=auth_types; ct->name; ct++){
-	if(!strcasecmp(auth, ct->name)){
-	    ct->auth(auth);
-	    return;
-	}
-    }
-    reply(504, "%s is not a known security mechanism", auth);
-}
-
-void adat(char *auth)
-{
-    if(ct && !auth_complete)
-	ct->adat(auth);
-    else
-	reply(503, "You must (re)issue an AUTH first.");
-}
-
-void pbsz(int size)
-{
-    int old = buffer_size;
-    if(auth_ok())
-	ct->pbsz(size);
-    else
-	reply(503, "Incomplete security data exchange.");
-    if(buffer_size != old){
-	if(data_buffer)
-	    free(data_buffer);
-	data_buffer = malloc(buffer_size + 4);
-    }
-}
-
-void prot(char *pl)
-{
-    int p = -1;
-
-    if(buffer_size == 0){
-	reply(503, "No protection buffer size negotiated.");
-	return;
-    }
-
-    if(!strcasecmp(pl, "C"))
-	p = prot_clear;
-    
-    if(!strcasecmp(pl, "S"))
-	p = prot_safe;
-    
-    if(!strcasecmp(pl, "E"))
-	p = prot_confidential;
-    
-    if(!strcasecmp(pl, "P"))
-	p = prot_private;
-    
-    if(p == -1){
-	reply(504, "Unrecognized protection level.");
-	return;
-    }
-    
-    if(auth_ok()){
-	if(ct->prot(p)){
-	    reply(536, "%s does not support %s protection.", 
-		  ct->name, protection_names[p]);
-	}else{
-	    data_protection = p;
-	    reply(200, "Data protection is %s.", 
-		  protection_names[data_protection]);
-	}
-    }else{
-	reply(503, "Incomplete security data exchange.");
-    }
-}
-
-void ccc(void)
-{
-    if(auth_ok()){
-	if(!ct->ccc())
-	    prot_level = prot_clear;
-    }else
-	reply(503, "Incomplete security data exchange.");
-}
-
-void mic(char *msg)
-{
-    if(auth_ok()){
-	if(!ct->mic(msg))
-	    prot_level = prot_safe;
-    }else
-	reply(503, "Incomplete security data exchange.");
-}
-
-void conf(char *msg)
-{
-    if(auth_ok()){
-	if(!ct->conf(msg))
-	    prot_level = prot_confidential;
-    }else
-	reply(503, "Incomplete security data exchange.");
-}
-
-void enc(char *msg)
-{
-    if(auth_ok()){
-	if(!ct->enc(msg))
-	    prot_level = prot_private;
-    }else
-	reply(503, "Incomplete security data exchange.");
-}
-
-int auth_read(int fd, void *data, int length)
-{
-    if(auth_ok() && data_protection)
-	return ct->read(fd, data, length);
-    else
-	return read(fd, data, length);
-}
-
-int auth_write(int fd, void *data, int length)
-{
-    if(auth_ok() && data_protection)
-	return ct->write(fd, data, length);
-    else
-	return write(fd, data, length);
-}
-
-void auth_vprintf(const char *fmt, va_list ap)
-{
-    if(auth_ok() && prot_level){
-	ct->vprintf(fmt, ap);
-    }else
-	vprintf(fmt, ap);
-}
-
-void auth_printf(const char *fmt, ...)
-{
-    va_list ap;
-    va_start(ap, fmt);
-    auth_vprintf(fmt, ap);
-    va_end(ap);
-}
diff --git a/crypto/kerberosIV/appl/ftp/ftpd/auth.h b/crypto/kerberosIV/appl/ftp/ftpd/auth.h
deleted file mode 100644
index 17d9a133f719..000000000000
--- a/crypto/kerberosIV/appl/ftp/ftpd/auth.h
+++ /dev/null
@@ -1,109 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* $Id: auth.h,v 1.9 1997/05/11 11:04:28 assar Exp $ */
-
-#ifndef __AUTH_H__
-#define __AUTH_H__
-
-#include <stdarg.h>
-
-struct at {
-  char *name;
-  int (*auth)(char*);
-  int (*adat)(char*);
-  int (*pbsz)(int);
-  int (*prot)(int);
-  int (*ccc)(void);
-  int (*mic)(char*);
-  int (*conf)(char*);
-  int (*enc)(char*);
-  int (*read)(int, void*, int);
-  int (*write)(int, void*, int);
-  int (*userok)(char*);
-  int (*vprintf)(const char*, va_list);
-};
-
-extern struct at *ct;
-
-enum protection_levels {
-  prot_clear, prot_safe, prot_confidential, prot_private
-};
-
-extern char *protection_names[];
-
-extern char *ftp_command;
-extern int prot_level;
-
-void delete_ftp_command(void);
-
-extern int data_protection;
-extern int buffer_size;
-extern unsigned char *data_buffer;
-extern int auth_complete;
-
-void auth_init(void);
-
-int auth_ok(void);
-
-void auth(char*);
-void adat(char*);
-void pbsz(int);
-void prot(char*);
-void ccc(void);
-void mic(char*);
-void conf(char*);
-void enc(char*);
-
-int auth_read(int, void*, int);
-int auth_write(int, void*, int);
-
-void auth_vprintf(const char *fmt, va_list ap)
-#ifdef __GNUC__
-__attribute__ ((format (printf, 1, 0)))
-#endif
-;
-void auth_printf(const char *fmt, ...)
-#ifdef __GNUC__
-__attribute__ ((format (printf, 1, 2)))
-#endif
-;
-
-void new_ftp_command(char *command);
-
-#endif /* __AUTH_H__ */
diff --git a/crypto/kerberosIV/appl/ftp/ftpd/extern.h b/crypto/kerberosIV/appl/ftp/ftpd/extern.h
deleted file mode 100644
index f9b800fee0bb..000000000000
--- a/crypto/kerberosIV/appl/ftp/ftpd/extern.h
+++ /dev/null
@@ -1,141 +0,0 @@
-/*-
- * Copyright (c) 1992, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)extern.h	8.2 (Berkeley) 4/4/94
- */
-
-#ifndef _EXTERN_H_
-#define _EXTERN_H_
-
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_NETDB_H
-#include <netdb.h>
-#endif
-
-#include <stdio.h>
-#include <stdarg.h>
-#include <setjmp.h>
-#ifdef HAVE_PWD_H
-#include <pwd.h>
-#endif
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-
-void	abor(void);
-void	blkfree(char **);
-char  **copyblk(char **);
-void	cwd(char *);
-void	do_delete(char *);
-void	dologout(int);
-void	fatal(char *);
-int	filename_check(char *);
-int	ftpd_pclose(FILE *);
-FILE   *ftpd_popen(char *, char *, int, int);
-char   *getline(char *, int);
-void	logwtmp(char *, char *, char *);
-void	lreply(int, const char *, ...)
-#ifdef __GNUC__
-__attribute__ ((format (printf, 2, 3)))
-#endif
-;
-void	makedir(char *);
-void	nack(char *);
-void	nreply(const char *, ...)
-#ifdef __GNUC__
-__attribute__ ((format (printf, 1, 2)))
-#endif
-;
-void	pass(char *);
-void	passive(void);
-void	perror_reply(int, char *);
-void	pwd(void);
-void	removedir(char *);
-void	renamecmd(char *, char *);
-char   *renamefrom(char *);
-void	reply(int, const char *, ...)
-#ifdef __GNUC__
-__attribute__ ((format (printf, 2, 3)))
-#endif
-;
-void	retrieve(char *, char *);
-void	send_file_list(char *);
-void	setproctitle(const char *, ...)
-#ifdef __GNUC__
-__attribute__ ((format (printf, 1, 2)))
-#endif
-;
-void	statcmd(void);
-void	statfilecmd(char *);
-void	do_store(char *, char *, int);
-void	upper(char *);
-void	user(char *);
-void	yyerror(char *);
-
-void	kauth(char *, char*);
-void	klist(void);
-
-int	find(char *);
-
-int	do_login(int code, char *passwd);
-int	klogin(char *name, char *password);
-
-const char *ftp_rooted(const char *path);
-
-extern struct sockaddr_in ctrl_addr, his_addr;
-extern char hostname[];
-
-extern	struct sockaddr_in data_dest;
-extern	int logged_in;
-extern	struct passwd *pw;
-extern	int guest;
-extern	int logging;
-extern	int type;
-extern	int oobflag;
-extern off_t file_size;
-extern off_t byte_count;
-extern jmp_buf urgcatch;
-
-extern	int form;
-extern	int debug;
-extern	int ftpd_timeout;
-extern	int maxtimeout;
-extern  int pdata;
-extern	char hostname[], remotehost[];
-extern	char proctitle[];
-extern	int usedefault;
-extern  int transflag;
-extern  char tmpline[];
-
-#endif /* _EXTERN_H_ */
diff --git a/crypto/kerberosIV/appl/ftp/ftpd/ftpcmd.y b/crypto/kerberosIV/appl/ftp/ftpd/ftpcmd.y
deleted file mode 100644
index 9368cdb10893..000000000000
--- a/crypto/kerberosIV/appl/ftp/ftpd/ftpcmd.y
+++ /dev/null
@@ -1,1408 +0,0 @@
-/*	$NetBSD: ftpcmd.y,v 1.6 1995/06/03 22:46:45 mycroft Exp $	*/
-
-/*
- * Copyright (c) 1985, 1988, 1993, 1994
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)ftpcmd.y	8.3 (Berkeley) 4/6/94
- */
-
-/*
- * Grammar for FTP commands.
- * See RFC 959.
- */
-
-%{
-
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-
-RCSID("$Id: ftpcmd.y,v 1.35 1997/05/25 14:38:49 assar Exp $");
-
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-
-#ifdef HAVE_SYS_PARAM_H
-#include <sys/param.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
-
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_ARPA_FTP_H
-#include <arpa/ftp.h>
-#endif
-
-#include <ctype.h>
-#include <errno.h>
-#include <glob.h>
-#ifdef HAVE_PWD_H
-#include <pwd.h>
-#endif
-#include <setjmp.h>
-#include <signal.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#ifdef HAVE_SYSLOG_H
-#include <syslog.h>
-#endif
-#include <time.h>
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#ifdef HAVE_BSD_BSD_H
-#include <bsd/bsd.h>
-#endif
-
-#include <roken.h>
-
-#ifdef SOCKS
-#include <socks.h>
-extern int LIBPREFIX(fclose)      __P((FILE *));
-#endif
-
-#include "extern.h"
-#include "auth.h"
-
-off_t	restart_point;
-
-static	int cmd_type;
-static	int cmd_form;
-static	int cmd_bytesz;
-char	cbuf[512];
-char	*fromname;
-
-struct tab {
-	char	*name;
-	short	token;
-	short	state;
-	short	implemented;	/* 1 if command is implemented */
-	char	*help;
-};
-
-extern struct tab cmdtab[];
-extern struct tab sitetab[];
-
-static char	*copy (char *);
-static void	 help (struct tab *, char *);
-static struct tab *
-		 lookup (struct tab *, char *);
-static void	 sizecmd (char *);
-static void	 toolong (int);
-static int	 yylex (void);
-
-/* This is for bison */
-
-#if !defined(alloca) && !defined(HAVE_ALLOCA)
-#define alloca(x) malloc(x)
-#endif
-
-%}
-
-%union {
-	int	i;
-	char   *s;
-}
-
-%token
-	A	B	C	E	F	I
-	L	N	P	R	S	T
-
-	SP	CRLF	COMMA
-
-	USER	PASS	ACCT	REIN	QUIT	PORT
-	PASV	TYPE	STRU	MODE	RETR	STOR
-	APPE	MLFL	MAIL	MSND	MSOM	MSAM
-	MRSQ	MRCP	ALLO	REST	RNFR	RNTO
-	ABOR	DELE	CWD	LIST	NLST	SITE
-	STAT	HELP	NOOP	MKD	RMD	PWD
-	CDUP	STOU	SMNT	SYST	SIZE	MDTM
-
-	UMASK	IDLE	CHMOD
-
-	AUTH	ADAT	PROT	PBSZ	CCC	MIC
-	CONF	ENC
-
-	KAUTH	KLIST	FIND	URL
-
-	LEXERR
-
-%token	<s> STRING
-%token	<i> NUMBER
-
-%type	<i> check_login check_login_no_guest octal_number byte_size
-%type	<i> struct_code mode_code type_code form_code
-%type	<s> pathstring pathname password username
-
-%start	cmd_list
-
-%%
-
-cmd_list
-	: /* empty */
-	| cmd_list cmd
-		{
-			fromname = (char *) 0;
-			restart_point = (off_t) 0;
-		}
-	| cmd_list rcmd
-	;
-
-cmd
-	: USER SP username CRLF
-		{
-			user($3);
-			free($3);
-		}
-	| AUTH SP STRING CRLF
-		{
-			auth($3);
-			free($3);
-		}
-	| ADAT SP STRING CRLF
-		{
-			adat($3);
-			free($3);
-		}
-	| PBSZ SP NUMBER CRLF
-		{
-			pbsz($3);
-		}
-	| PROT SP STRING CRLF
-		{
-			prot($3);
-		}
-	| CCC CRLF
-		{
-			ccc();
-		}
-	| MIC SP STRING CRLF
-		{
-			mic($3);
-			free($3);
-		}
-	| CONF SP STRING CRLF
-		{
-			conf($3);
-			free($3);
-		}
-	| PASS SP password CRLF
-		{
-			pass($3);
-			memset ($3, 0, strlen($3));
-			free($3);
-		}
-	| PORT SP host_port CRLF
-		{
-			usedefault = 0;
-			if (pdata >= 0) {
-				close(pdata);
-				pdata = -1;
-			}
-			reply(200, "PORT command successful.");
-		}
-	| PASV CRLF
-		{
-			passive();
-		}
-	| TYPE SP type_code CRLF
-		{
-			switch (cmd_type) {
-
-			case TYPE_A:
-				if (cmd_form == FORM_N) {
-					reply(200, "Type set to A.");
-					type = cmd_type;
-					form = cmd_form;
-				} else
-					reply(504, "Form must be N.");
-				break;
-
-			case TYPE_E:
-				reply(504, "Type E not implemented.");
-				break;
-
-			case TYPE_I:
-				reply(200, "Type set to I.");
-				type = cmd_type;
-				break;
-
-			case TYPE_L:
-#if NBBY == 8
-				if (cmd_bytesz == 8) {
-					reply(200,
-					    "Type set to L (byte size 8).");
-					type = cmd_type;
-				} else
-					reply(504, "Byte size must be 8.");
-#else /* NBBY == 8 */
-				UNIMPLEMENTED for NBBY != 8
-#endif /* NBBY == 8 */
-			}
-		}
-	| STRU SP struct_code CRLF
-		{
-			switch ($3) {
-
-			case STRU_F:
-				reply(200, "STRU F ok.");
-				break;
-
-			default:
-				reply(504, "Unimplemented STRU type.");
-			}
-		}
-	| MODE SP mode_code CRLF
-		{
-			switch ($3) {
-
-			case MODE_S:
-				reply(200, "MODE S ok.");
-				break;
-
-			default:
-				reply(502, "Unimplemented MODE type.");
-			}
-		}
-	| ALLO SP NUMBER CRLF
-		{
-			reply(202, "ALLO command ignored.");
-		}
-	| ALLO SP NUMBER SP R SP NUMBER CRLF
-		{
-			reply(202, "ALLO command ignored.");
-		}
-	| RETR check_login SP pathname CRLF
-		{
-			if ($2 && $4 != NULL)
-				retrieve((char *) 0, $4);
-			if ($4 != NULL)
-				free($4);
-		}
-	| STOR check_login SP pathname CRLF
-		{
-			if ($2 && $4 != NULL)
-				do_store($4, "w", 0);
-			if ($4 != NULL)
-				free($4);
-		}
-	| APPE check_login SP pathname CRLF
-		{
-			if ($2 && $4 != NULL)
-				do_store($4, "a", 0);
-			if ($4 != NULL)
-				free($4);
-		}
-	| NLST check_login CRLF
-		{
-			if ($2)
-				send_file_list(".");
-		}
-	| NLST check_login SP STRING CRLF
-		{
-			if ($2 && $4 != NULL)
-				send_file_list($4);
-			if ($4 != NULL)
-				free($4);
-		}
-	| LIST check_login CRLF
-		{
-#ifdef HAVE_LS_A
-		  char *cmd = "/bin/ls -lA";
-#else
-		  char *cmd = "/bin/ls -la";
-#endif
-			if ($2)
-				retrieve(cmd, "");
-			
-		}
-	| LIST check_login SP pathname CRLF
-		{
-#ifdef HAVE_LS_A
-		  char *cmd = "/bin/ls -lA %s";
-#else
-		  char *cmd = "/bin/ls -la %s";
-#endif
-			if ($2 && $4 != NULL)
-				retrieve(cmd, $4);
-			if ($4 != NULL)
-				free($4);
-		}
-	| STAT check_login SP pathname CRLF
-		{
-			if ($2 && $4 != NULL)
-				statfilecmd($4);
-			if ($4 != NULL)
-				free($4);
-		}
-	| STAT CRLF
-		{
-			if(oobflag){
-				if (file_size != (off_t) -1)
-					reply(213, "Status: %ld of %ld bytes transferred",
-						byte_count, file_size);
-				else
-					reply(213, "Status: %ld bytes transferred", byte_count);
-			}else
-				statcmd();
-	}
-	| DELE check_login_no_guest SP pathname CRLF
-		{
-			if ($2 && $4 != NULL)
-				do_delete($4);
-			if ($4 != NULL)
-				free($4);
-		}
-	| RNTO check_login_no_guest SP pathname CRLF
-		{
-			if($2){
-				if (fromname) {
-					renamecmd(fromname, $4);
-					free(fromname);
-					fromname = (char *) 0;
-				} else {
-					reply(503, "Bad sequence of commands.");
-				}
-			}
-			if ($4 != NULL)
-				free($4);
-		}
-	| ABOR CRLF
-		{
-			if(oobflag){
-				reply(426, "Transfer aborted. Data connection closed.");
-				reply(226, "Abort successful");
-				oobflag = 0;
-				longjmp(urgcatch, 1);
-			}else
-				reply(225, "ABOR command successful.");
-		}
-	| CWD check_login CRLF
-		{
-			if ($2)
-				cwd(pw->pw_dir);
-		}
-	| CWD check_login SP pathname CRLF
-		{
-			if ($2 && $4 != NULL)
-				cwd($4);
-			if ($4 != NULL)
-				free($4);
-		}
-	| HELP CRLF
-		{
-			help(cmdtab, (char *) 0);
-		}
-	| HELP SP STRING CRLF
-		{
-			char *cp = $3;
-
-			if (strncasecmp(cp, "SITE", 4) == 0) {
-				cp = $3 + 4;
-				if (*cp == ' ')
-					cp++;
-				if (*cp)
-					help(sitetab, cp);
-				else
-					help(sitetab, (char *) 0);
-			} else
-				help(cmdtab, $3);
-		}
-	| NOOP CRLF
-		{
-			reply(200, "NOOP command successful.");
-		}
-	| MKD check_login SP pathname CRLF
-		{
-			if ($2 && $4 != NULL)
-				makedir($4);
-			if ($4 != NULL)
-				free($4);
-		}
-	| RMD check_login_no_guest SP pathname CRLF
-		{
-			if ($2 && $4 != NULL)
-				removedir($4);
-			if ($4 != NULL)
-				free($4);
-		}
-	| PWD check_login CRLF
-		{
-			if ($2)
-				pwd();
-		}
-	| CDUP check_login CRLF
-		{
-			if ($2)
-				cwd("..");
-		}
-	| SITE SP HELP CRLF
-		{
-			help(sitetab, (char *) 0);
-		}
-	| SITE SP HELP SP STRING CRLF
-		{
-			help(sitetab, $5);
-		}
-	| SITE SP UMASK check_login CRLF
-		{
-			int oldmask;
-
-			if ($4) {
-				oldmask = umask(0);
-				umask(oldmask);
-				reply(200, "Current UMASK is %03o", oldmask);
-			}
-		}
-	| SITE SP UMASK check_login_no_guest SP octal_number CRLF
-		{
-			int oldmask;
-
-			if ($4) {
-				if (($6 == -1) || ($6 > 0777)) {
-					reply(501, "Bad UMASK value");
-				} else {
-					oldmask = umask($6);
-					reply(200,
-					    "UMASK set to %03o (was %03o)",
-					    $6, oldmask);
-				}
-			}
-		}
-	| SITE SP CHMOD check_login_no_guest SP octal_number SP pathname CRLF
-		{
-			if ($4 && $8 != NULL) {
-				if ($6 > 0777)
-					reply(501,
-				"CHMOD: Mode value must be between 0 and 0777");
-				else if (chmod($8, $6) < 0)
-					perror_reply(550, $8);
-				else
-					reply(200, "CHMOD command successful.");
-			}
-			if ($8 != NULL)
-				free($8);
-		}
-	| SITE SP IDLE CRLF
-		{
-			reply(200,
-			    "Current IDLE time limit is %d seconds; max %d",
-				ftpd_timeout, maxtimeout);
-		}
-	| SITE SP IDLE SP NUMBER CRLF
-		{
-			if ($5 < 30 || $5 > maxtimeout) {
-				reply(501,
-			"Maximum IDLE time must be between 30 and %d seconds",
-				    maxtimeout);
-			} else {
-				ftpd_timeout = $5;
-				alarm((unsigned) ftpd_timeout);
-				reply(200,
-				    "Maximum IDLE time set to %d seconds",
-				    ftpd_timeout);
-			}
-		}
-
-	| SITE SP KAUTH check_login SP STRING CRLF
-		{
-			char *p;
-			
-			if(guest)
-				reply(500, "Can't be done as guest.");
-			else{
-				if($4 && $6 != NULL){
-				    p = strpbrk($6, " \t");
-				    if(p){
-					*p++ = 0;
-					kauth($6, p + strspn(p, " \t"));
-				    }else
-					kauth($6, NULL);
-				}
-			}
-			if($6 != NULL)
-			    free($6);
-		}
-	| SITE SP KLIST check_login CRLF
-		{
-		    if($4)
-			klist();
-		}
-	| SITE SP FIND check_login SP STRING CRLF
-		{
-		    if($4 && $6 != NULL)
-			find($6);
-		    if($6 != NULL)
-			free($6);
-		}
-	| SITE SP URL CRLF
-		{
-			reply(200, "http://www.pdc.kth.se/kth-krb/");
-		}
-	| STOU check_login SP pathname CRLF
-		{
-			if ($2 && $4 != NULL)
-				do_store($4, "w", 1);
-			if ($4 != NULL)
-				free($4);
-		}
-	| SYST CRLF
-		{
-#if defined(unix) || defined(__unix__) || defined(__unix) || defined(_AIX) || defined(_CRAY)
-		    reply(215, "UNIX Type: L%d", NBBY);
-#else
-		    reply(215, "UNKNOWN Type: L%d", NBBY);
-#endif
-		}
-
-		/*
-		 * SIZE is not in RFC959, but Postel has blessed it and
-		 * it will be in the updated RFC.
-		 *
-		 * Return size of file in a format suitable for
-		 * using with RESTART (we just count bytes).
-		 */
-	| SIZE check_login SP pathname CRLF
-		{
-			if ($2 && $4 != NULL)
-				sizecmd($4);
-			if ($4 != NULL)
-				free($4);
-		}
-
-		/*
-		 * MDTM is not in RFC959, but Postel has blessed it and
-		 * it will be in the updated RFC.
-		 *
-		 * Return modification time of file as an ISO 3307
-		 * style time. E.g. YYYYMMDDHHMMSS or YYYYMMDDHHMMSS.xxx
-		 * where xxx is the fractional second (of any precision,
-		 * not necessarily 3 digits)
-		 */
-	| MDTM check_login SP pathname CRLF
-		{
-			if ($2 && $4 != NULL) {
-				struct stat stbuf;
-				if (stat($4, &stbuf) < 0)
-					reply(550, "%s: %s",
-					    $4, strerror(errno));
-				else if (!S_ISREG(stbuf.st_mode)) {
-					reply(550, "%s: not a plain file.", $4);
-				} else {
-					struct tm *t;
-					t = gmtime(&stbuf.st_mtime);
-					reply(213,
-					      "%04d%02d%02d%02d%02d%02d",
-					      t->tm_year + 1900,
-					      t->tm_mon + 1,
-					      t->tm_mday,
-					      t->tm_hour,
-					      t->tm_min,
-					      t->tm_sec);
-				}
-			}
-			if ($4 != NULL)
-				free($4);
-		}
-	| QUIT CRLF
-		{
-			reply(221, "Goodbye.");
-			dologout(0);
-		}
-	| error CRLF
-		{
-			yyerrok;
-		}
-	;
-rcmd
-	: RNFR check_login_no_guest SP pathname CRLF
-		{
-			restart_point = (off_t) 0;
-			if ($2 && $4) {
-				fromname = renamefrom($4);
-				if (fromname == (char *) 0 && $4) {
-					free($4);
-				}
-			}
-		}
-	| REST SP byte_size CRLF
-		{
-			fromname = (char *) 0;
-			restart_point = $3;	/* XXX $3 is only "int" */
-			reply(350, "Restarting at %ld. %s",
-			      (long)restart_point,
-			      "Send STORE or RETRIEVE to initiate transfer.");
-		}
-	| ENC SP STRING CRLF
-		{
-			enc($3);
-			free($3);
-		}
-	;
-
-username
-	: STRING
-	;
-
-password
-	: /* empty */
-		{
-			$$ = (char *)calloc(1, sizeof(char));
-		}
-	| STRING
-	;
-
-byte_size
-	: NUMBER
-	;
-
-host_port
-	: NUMBER COMMA NUMBER COMMA NUMBER COMMA NUMBER COMMA
-		NUMBER COMMA NUMBER
-		{
-			data_dest.sin_family = AF_INET;
-			data_dest.sin_port = htons($9 * 256 + $11);
-			data_dest.sin_addr.s_addr = 
-			    htonl(($1 << 24) | ($3 << 16) | ($5 << 8) | $7);
-		}
-	;
-
-form_code
-	: N
-		{
-			$$ = FORM_N;
-		}
-	| T
-		{
-			$$ = FORM_T;
-		}
-	| C
-		{
-			$$ = FORM_C;
-		}
-	;
-
-type_code
-	: A
-		{
-			cmd_type = TYPE_A;
-			cmd_form = FORM_N;
-		}
-	| A SP form_code
-		{
-			cmd_type = TYPE_A;
-			cmd_form = $3;
-		}
-	| E
-		{
-			cmd_type = TYPE_E;
-			cmd_form = FORM_N;
-		}
-	| E SP form_code
-		{
-			cmd_type = TYPE_E;
-			cmd_form = $3;
-		}
-	| I
-		{
-			cmd_type = TYPE_I;
-		}
-	| L
-		{
-			cmd_type = TYPE_L;
-			cmd_bytesz = NBBY;
-		}
-	| L SP byte_size
-		{
-			cmd_type = TYPE_L;
-			cmd_bytesz = $3;
-		}
-		/* this is for a bug in the BBN ftp */
-	| L byte_size
-		{
-			cmd_type = TYPE_L;
-			cmd_bytesz = $2;
-		}
-	;
-
-struct_code
-	: F
-		{
-			$$ = STRU_F;
-		}
-	| R
-		{
-			$$ = STRU_R;
-		}
-	| P
-		{
-			$$ = STRU_P;
-		}
-	;
-
-mode_code
-	: S
-		{
-			$$ = MODE_S;
-		}
-	| B
-		{
-			$$ = MODE_B;
-		}
-	| C
-		{
-			$$ = MODE_C;
-		}
-	;
-
-pathname
-	: pathstring
-		{
-			/*
-			 * Problem: this production is used for all pathname
-			 * processing, but only gives a 550 error reply.
-			 * This is a valid reply in some cases but not in others.
-			 */
-			if (logged_in && $1 && *$1 == '~') {
-				glob_t gl;
-				int flags =
-				 GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE;
-
-				memset(&gl, 0, sizeof(gl));
-				if (glob($1, flags, NULL, &gl) ||
-				    gl.gl_pathc == 0) {
-					reply(550, "not found");
-					$$ = NULL;
-				} else {
-					$$ = strdup(gl.gl_pathv[0]);
-				}
-				globfree(&gl);
-				free($1);
-			} else
-				$$ = $1;
-		}
-	;
-
-pathstring
-	: STRING
-	;
-
-octal_number
-	: NUMBER
-		{
-			int ret, dec, multby, digit;
-
-			/*
-			 * Convert a number that was read as decimal number
-			 * to what it would be if it had been read as octal.
-			 */
-			dec = $1;
-			multby = 1;
-			ret = 0;
-			while (dec) {
-				digit = dec%10;
-				if (digit > 7) {
-					ret = -1;
-					break;
-				}
-				ret += digit * multby;
-				multby *= 8;
-				dec /= 10;
-			}
-			$$ = ret;
-		}
-	;
-
-
-check_login_no_guest : check_login
-		{
-			$$ = $1 && !guest;
-			if($1 && !$$)
-				reply(550, "Permission denied");
-		}
-	;
-
-check_login
-	: /* empty */
-		{
-		    if(auth_complete && prot_level == prot_clear){
-			reply(533, "Command protection level denied for paranoid reasons.");
-			$$ = 0;
-		    }else
-			if (logged_in)
-			    $$ = 1;
-			else {
-			    reply(530, "Please login with USER and PASS.");
-			    $$ = 0;
-			}
-		}
-	;
-
-%%
-
-extern jmp_buf errcatch;
-
-#define	CMD	0	/* beginning of command */
-#define	ARGS	1	/* expect miscellaneous arguments */
-#define	STR1	2	/* expect SP followed by STRING */
-#define	STR2	3	/* expect STRING */
-#define	OSTR	4	/* optional SP then STRING */
-#define	ZSTR1	5	/* SP then optional STRING */
-#define	ZSTR2	6	/* optional STRING after SP */
-#define	SITECMD	7	/* SITE command */
-#define	NSTR	8	/* Number followed by a string */
-
-struct tab cmdtab[] = {		/* In order defined in RFC 765 */
-	{ "USER", USER, STR1, 1,	"<sp> username" },
-	{ "PASS", PASS, ZSTR1, 1,	"<sp> password" },
-	{ "ACCT", ACCT, STR1, 0,	"(specify account)" },
-	{ "SMNT", SMNT, ARGS, 0,	"(structure mount)" },
-	{ "REIN", REIN, ARGS, 0,	"(reinitialize server state)" },
-	{ "QUIT", QUIT, ARGS, 1,	"(terminate service)", },
-	{ "PORT", PORT, ARGS, 1,	"<sp> b0, b1, b2, b3, b4" },
-	{ "PASV", PASV, ARGS, 1,	"(set server in passive mode)" },
-	{ "TYPE", TYPE, ARGS, 1,	"<sp> [ A | E | I | L ]" },
-	{ "STRU", STRU, ARGS, 1,	"(specify file structure)" },
-	{ "MODE", MODE, ARGS, 1,	"(specify transfer mode)" },
-	{ "RETR", RETR, STR1, 1,	"<sp> file-name" },
-	{ "STOR", STOR, STR1, 1,	"<sp> file-name" },
-	{ "APPE", APPE, STR1, 1,	"<sp> file-name" },
-	{ "MLFL", MLFL, OSTR, 0,	"(mail file)" },
-	{ "MAIL", MAIL, OSTR, 0,	"(mail to user)" },
-	{ "MSND", MSND, OSTR, 0,	"(mail send to terminal)" },
-	{ "MSOM", MSOM, OSTR, 0,	"(mail send to terminal or mailbox)" },
-	{ "MSAM", MSAM, OSTR, 0,	"(mail send to terminal and mailbox)" },
-	{ "MRSQ", MRSQ, OSTR, 0,	"(mail recipient scheme question)" },
-	{ "MRCP", MRCP, STR1, 0,	"(mail recipient)" },
-	{ "ALLO", ALLO, ARGS, 1,	"allocate storage (vacuously)" },
-	{ "REST", REST, ARGS, 1,	"<sp> offset (restart command)" },
-	{ "RNFR", RNFR, STR1, 1,	"<sp> file-name" },
-	{ "RNTO", RNTO, STR1, 1,	"<sp> file-name" },
-	{ "ABOR", ABOR, ARGS, 1,	"(abort operation)" },
-	{ "DELE", DELE, STR1, 1,	"<sp> file-name" },
-	{ "CWD",  CWD,  OSTR, 1,	"[ <sp> directory-name ]" },
-	{ "XCWD", CWD,	OSTR, 1,	"[ <sp> directory-name ]" },
-	{ "LIST", LIST, OSTR, 1,	"[ <sp> path-name ]" },
-	{ "NLST", NLST, OSTR, 1,	"[ <sp> path-name ]" },
-	{ "SITE", SITE, SITECMD, 1,	"site-cmd [ <sp> arguments ]" },
-	{ "SYST", SYST, ARGS, 1,	"(get type of operating system)" },
-	{ "STAT", STAT, OSTR, 1,	"[ <sp> path-name ]" },
-	{ "HELP", HELP, OSTR, 1,	"[ <sp> <string> ]" },
-	{ "NOOP", NOOP, ARGS, 1,	"" },
-	{ "MKD",  MKD,  STR1, 1,	"<sp> path-name" },
-	{ "XMKD", MKD,  STR1, 1,	"<sp> path-name" },
-	{ "RMD",  RMD,  STR1, 1,	"<sp> path-name" },
-	{ "XRMD", RMD,  STR1, 1,	"<sp> path-name" },
-	{ "PWD",  PWD,  ARGS, 1,	"(return current directory)" },
-	{ "XPWD", PWD,  ARGS, 1,	"(return current directory)" },
-	{ "CDUP", CDUP, ARGS, 1,	"(change to parent directory)" },
-	{ "XCUP", CDUP, ARGS, 1,	"(change to parent directory)" },
-	{ "STOU", STOU, STR1, 1,	"<sp> file-name" },
-	{ "SIZE", SIZE, OSTR, 1,	"<sp> path-name" },
-	{ "MDTM", MDTM, OSTR, 1,	"<sp> path-name" },
-
-	/* extensions from draft-ietf-cat-ftpsec-08 */
-	{ "AUTH", AUTH,	STR1, 1,	"<sp> auth-type" },
-	{ "ADAT", ADAT,	STR1, 1,	"<sp> auth-data" },
-	{ "PBSZ", PBSZ,	ARGS, 1,	"<sp> buffer-size" },
-	{ "PROT", PROT,	STR1, 1,	"<sp> prot-level" },
-	{ "CCC",  CCC,	ARGS, 1,	"" },
-	{ "MIC",  MIC,	STR1, 1,	"<sp> integrity command" },
-	{ "CONF", CONF,	STR1, 1,	"<sp> confidentiality command" },
-	{ "ENC",  ENC,	STR1, 1,	"<sp> privacy command" },
-
-	{ NULL,   0,    0,    0,	0 }
-};
-
-struct tab sitetab[] = {
-	{ "UMASK", UMASK, ARGS, 1,	"[ <sp> umask ]" },
-	{ "IDLE", IDLE, ARGS, 1,	"[ <sp> maximum-idle-time ]" },
-	{ "CHMOD", CHMOD, NSTR, 1,	"<sp> mode <sp> file-name" },
-	{ "HELP", HELP, OSTR, 1,	"[ <sp> <string> ]" },
-
-	{ "KAUTH", KAUTH, STR1, 1,	"<sp> principal [ <sp> ticket ]" },
-	{ "KLIST", KLIST, ARGS, 1,	"(show ticket file)" },
-
-	{ "FIND", FIND, STR1, 1,	"<sp> globexpr" },
-
-	{ "URL",  URL,  ARGS, 1,	"?" },
-	
-	{ NULL,   0,    0,    0,	0 }
-};
-
-static struct tab *
-lookup(struct tab *p, char *cmd)
-{
-
-	for (; p->name != NULL; p++)
-		if (strcmp(cmd, p->name) == 0)
-			return (p);
-	return (0);
-}
-
-#include <arpa/telnet.h>
-
-/*
- * getline - a hacked up version of fgets to ignore TELNET escape codes.
- */
-char *
-getline(char *s, int n)
-{
-	int c;
-	char *cs;
-
-	cs = s;
-/* tmpline may contain saved command from urgent mode interruption */
-	if(ftp_command){
-	  strncpy(s, ftp_command, n);
-	  if (debug)
-	    syslog(LOG_DEBUG, "command: %s", s);
-#ifdef XXX
-	  fprintf(stderr, "%s\n", s);
-#endif
-	  return s;
-	}
-	prot_level = prot_clear;
-	while ((c = getc(stdin)) != EOF) {
-		c &= 0377;
-		if (c == IAC) {
-		    if ((c = getc(stdin)) != EOF) {
-			c &= 0377;
-			switch (c) {
-			case WILL:
-			case WONT:
-				c = getc(stdin);
-				printf("%c%c%c", IAC, DONT, 0377&c);
-				fflush(stdout);
-				continue;
-			case DO:
-			case DONT:
-				c = getc(stdin);
-				printf("%c%c%c", IAC, WONT, 0377&c);
-				fflush(stdout);
-				continue;
-			case IAC:
-				break;
-			default:
-				continue;	/* ignore command */
-			}
-		    }
-		}
-		*cs++ = c;
-		if (--n <= 0 || c == '\n')
-			break;
-	}
-	if (c == EOF && cs == s)
-		return (NULL);
-	*cs++ = '\0';
-	if (debug) {
-		if (!guest && strncasecmp("pass ", s, 5) == 0) {
-			/* Don't syslog passwords */
-			syslog(LOG_DEBUG, "command: %.5s ???", s);
-		} else {
-			char *cp;
-			int len;
-
-			/* Don't syslog trailing CR-LF */
-			len = strlen(s);
-			cp = s + len - 1;
-			while (cp >= s && (*cp == '\n' || *cp == '\r')) {
-				--cp;
-				--len;
-			}
-			syslog(LOG_DEBUG, "command: %.*s", len, s);
-		}
-	}
-#ifdef XXX
-	fprintf(stderr, "%s\n", s);
-#endif
-	return (s);
-}
-
-static RETSIGTYPE
-toolong(int signo)
-{
-
-	reply(421,
-	    "Timeout (%d seconds): closing control connection.",
-	      ftpd_timeout);
-	if (logging)
-		syslog(LOG_INFO, "User %s timed out after %d seconds",
-		    (pw ? pw -> pw_name : "unknown"), ftpd_timeout);
-	dologout(1);
-	SIGRETURN(0);
-}
-
-static int
-yylex(void)
-{
-	static int cpos, state;
-	char *cp, *cp2;
-	struct tab *p;
-	int n;
-	char c;
-
-	for (;;) {
-		switch (state) {
-
-		case CMD:
-			signal(SIGALRM, toolong);
-			alarm((unsigned) ftpd_timeout);
-			if (getline(cbuf, sizeof(cbuf)-1) == NULL) {
-				reply(221, "You could at least say goodbye.");
-				dologout(0);
-			}
-			alarm(0);
-#ifdef HASSETPROCTITLE
-			if (strncasecmp(cbuf, "PASS", 4) != NULL)
-				setproctitle("%s: %s", proctitle, cbuf);
-#endif /* HASSETPROCTITLE */
-			if ((cp = strchr(cbuf, '\r'))) {
-				*cp++ = '\n';
-				*cp = '\0';
-			}
-			if ((cp = strpbrk(cbuf, " \n")))
-				cpos = cp - cbuf;
-			if (cpos == 0)
-				cpos = 4;
-			c = cbuf[cpos];
-			cbuf[cpos] = '\0';
-			strupr(cbuf);
-			p = lookup(cmdtab, cbuf);
-			cbuf[cpos] = c;
-			if (p != 0) {
-				if (p->implemented == 0) {
-					nack(p->name);
-					longjmp(errcatch,0);
-					/* NOTREACHED */
-				}
-				state = p->state;
-				yylval.s = p->name;
-				return (p->token);
-			}
-			break;
-
-		case SITECMD:
-			if (cbuf[cpos] == ' ') {
-				cpos++;
-				return (SP);
-			}
-			cp = &cbuf[cpos];
-			if ((cp2 = strpbrk(cp, " \n")))
-				cpos = cp2 - cbuf;
-			c = cbuf[cpos];
-			cbuf[cpos] = '\0';
-			strupr(cp);
-			p = lookup(sitetab, cp);
-			cbuf[cpos] = c;
-			if (p != 0) {
-				if (p->implemented == 0) {
-					state = CMD;
-					nack(p->name);
-					longjmp(errcatch,0);
-					/* NOTREACHED */
-				}
-				state = p->state;
-				yylval.s = p->name;
-				return (p->token);
-			}
-			state = CMD;
-			break;
-
-		case OSTR:
-			if (cbuf[cpos] == '\n') {
-				state = CMD;
-				return (CRLF);
-			}
-			/* FALLTHROUGH */
-
-		case STR1:
-		case ZSTR1:
-		dostr1:
-			if (cbuf[cpos] == ' ') {
-				cpos++;
-				state = state == OSTR ? STR2 : ++state;
-				return (SP);
-			}
-			break;
-
-		case ZSTR2:
-			if (cbuf[cpos] == '\n') {
-				state = CMD;
-				return (CRLF);
-			}
-			/* FALLTHROUGH */
-
-		case STR2:
-			cp = &cbuf[cpos];
-			n = strlen(cp);
-			cpos += n - 1;
-			/*
-			 * Make sure the string is nonempty and \n terminated.
-			 */
-			if (n > 1 && cbuf[cpos] == '\n') {
-				cbuf[cpos] = '\0';
-				yylval.s = copy(cp);
-				cbuf[cpos] = '\n';
-				state = ARGS;
-				return (STRING);
-			}
-			break;
-
-		case NSTR:
-			if (cbuf[cpos] == ' ') {
-				cpos++;
-				return (SP);
-			}
-			if (isdigit(cbuf[cpos])) {
-				cp = &cbuf[cpos];
-				while (isdigit(cbuf[++cpos]))
-					;
-				c = cbuf[cpos];
-				cbuf[cpos] = '\0';
-				yylval.i = atoi(cp);
-				cbuf[cpos] = c;
-				state = STR1;
-				return (NUMBER);
-			}
-			state = STR1;
-			goto dostr1;
-
-		case ARGS:
-			if (isdigit(cbuf[cpos])) {
-				cp = &cbuf[cpos];
-				while (isdigit(cbuf[++cpos]))
-					;
-				c = cbuf[cpos];
-				cbuf[cpos] = '\0';
-				yylval.i = atoi(cp);
-				cbuf[cpos] = c;
-				return (NUMBER);
-			}
-			switch (cbuf[cpos++]) {
-
-			case '\n':
-				state = CMD;
-				return (CRLF);
-
-			case ' ':
-				return (SP);
-
-			case ',':
-				return (COMMA);
-
-			case 'A':
-			case 'a':
-				return (A);
-
-			case 'B':
-			case 'b':
-				return (B);
-
-			case 'C':
-			case 'c':
-				return (C);
-
-			case 'E':
-			case 'e':
-				return (E);
-
-			case 'F':
-			case 'f':
-				return (F);
-
-			case 'I':
-			case 'i':
-				return (I);
-
-			case 'L':
-			case 'l':
-				return (L);
-
-			case 'N':
-			case 'n':
-				return (N);
-
-			case 'P':
-			case 'p':
-				return (P);
-
-			case 'R':
-			case 'r':
-				return (R);
-
-			case 'S':
-			case 's':
-				return (S);
-
-			case 'T':
-			case 't':
-				return (T);
-
-			}
-			break;
-
-		default:
-			fatal("Unknown state in scanner.");
-		}
-		yyerror((char *) 0);
-		state = CMD;
-		longjmp(errcatch,0);
-	}
-}
-
-static char *
-copy(char *s)
-{
-	char *p;
-
-	p = strdup(s);
-	if (p == NULL)
-		fatal("Ran out of memory.");
-	return p;
-}
-
-static void
-help(struct tab *ctab, char *s)
-{
-	struct tab *c;
-	int width, NCMDS;
-	char *type;
-	char buf[1024];
-
-	if (ctab == sitetab)
-		type = "SITE ";
-	else
-		type = "";
-	width = 0, NCMDS = 0;
-	for (c = ctab; c->name != NULL; c++) {
-		int len = strlen(c->name);
-
-		if (len > width)
-			width = len;
-		NCMDS++;
-	}
-	width = (width + 8) &~ 7;
-	if (s == 0) {
-		int i, j, w;
-		int columns, lines;
-
-		lreply(214, "The following %scommands are recognized %s.",
-		    type, "(* =>'s unimplemented)");
-		columns = 76 / width;
-		if (columns == 0)
-			columns = 1;
-		lines = (NCMDS + columns - 1) / columns;
-		for (i = 0; i < lines; i++) {
-		    strcpy (buf, "   ");
-		    for (j = 0; j < columns; j++) {
-			c = ctab + j * lines + i;
-			snprintf (buf + strlen(buf), sizeof(buf) - strlen(buf),
-				  "%s%c", c->name, c->implemented ? ' ' : '*');
-			if (c + lines >= &ctab[NCMDS])
-			    break;
-			w = strlen(c->name) + 1;
-			while (w < width) {
-			    strcat(buf, " ");
-			    w++;
-			}
-		    }
-		    lreply(214, buf);
-		}
-		reply(214, "Direct comments to kth-krb-bugs@pdc.kth.se");
-		return;
-	}
-	strupr(s);
-	c = lookup(ctab, s);
-	if (c == (struct tab *)0) {
-		reply(502, "Unknown command %s.", s);
-		return;
-	}
-	if (c->implemented)
-		reply(214, "Syntax: %s%s %s", type, c->name, c->help);
-	else
-		reply(214, "%s%-*s\t%s; unimplemented.", type, width,
-		    c->name, c->help);
-}
-
-static void
-sizecmd(char *filename)
-{
-	switch (type) {
-	case TYPE_L:
-	case TYPE_I: {
-		struct stat stbuf;
-		if (stat(filename, &stbuf) < 0 || !S_ISREG(stbuf.st_mode))
-			reply(550, "%s: not a plain file.", filename);
-		else
-			reply(213, "%lu", (unsigned long)stbuf.st_size);
-		break; }
-	case TYPE_A: {
-		FILE *fin;
-		int c;
-		off_t count;
-		struct stat stbuf;
-		fin = fopen(filename, "r");
-		if (fin == NULL) {
-			perror_reply(550, filename);
-			return;
-		}
-		if (fstat(fileno(fin), &stbuf) < 0 || !S_ISREG(stbuf.st_mode)) {
-			reply(550, "%s: not a plain file.", filename);
-			fclose(fin);
-			return;
-		}
-
-		count = 0;
-		while((c=getc(fin)) != EOF) {
-			if (c == '\n')	/* will get expanded to \r\n */
-				count++;
-			count++;
-		}
-		fclose(fin);
-
-		reply(213, "%ld", count);
-		break; }
-	default:
-		reply(504, "SIZE not implemented for Type %c.", "?AEIL"[type]);
-	}
-}
diff --git a/crypto/kerberosIV/appl/ftp/ftpd/ftpd.c b/crypto/kerberosIV/appl/ftp/ftpd/ftpd.c
deleted file mode 100644
index e0844d560a1d..000000000000
--- a/crypto/kerberosIV/appl/ftp/ftpd/ftpd.c
+++ /dev/null
@@ -1,2089 +0,0 @@
-/*
- * Copyright (c) 1985, 1988, 1990, 1992, 1993, 1994
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id$");
-#endif
-
-/*
- * FTP server.
- */
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_PARAM_H
-#include <sys/param.h>
-#endif
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#if defined(HAVE_SYS_IOCTL_H) && SunOS != 4
-#include <sys/ioctl.h>
-#endif
-#ifdef TIME_WITH_SYS_TIME
-#include <sys/time.h>
-#include <time.h>
-#elif defined(HAVE_SYS_TIME_H)
-#include <sys/time.h>
-#else
-#include <time.h>
-#endif
-#ifdef HAVE_SYS_RESOURCE_H
-#include <sys/resource.h>
-#endif
-#ifdef HAVE_SYS_WAIT_H
-#include <sys/wait.h>
-#endif
-
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_NETINET_IN_SYSTM_H
-#include <netinet/in_systm.h>
-#endif
-#ifdef HAVE_NETINET_IP_H
-#include <netinet/ip.h>
-#endif
-
-#ifdef HAVE_SYS_MMAN_H
-#include <sys/mman.h>
-#endif
-
-#define	FTP_NAMES
-#include <arpa/ftp.h>
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-#ifdef HAVE_ARPA_TELNET_H
-#include <arpa/telnet.h>
-#endif
-
-#include <ctype.h>
-#ifdef HAVE_DIRENT_H
-#include <dirent.h>
-#endif
-#include <errno.h>
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-#include <glob.h>
-#include <limits.h>
-#ifdef HAVE_PWD_H
-#include <pwd.h>
-#endif
-#include <setjmp.h>
-#include <signal.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <stdarg.h>
-#include <string.h>
-#ifdef HAVE_SYSLOG_H
-#include <syslog.h>
-#endif
-#include <time.h>
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-#ifdef HAVE_GRP_H
-#include <grp.h>
-#endif
-
-#include <err.h>
-
-#include "pathnames.h"
-#include "extern.h"
-#include "common.h"
-
-#include "auth.h"
-
-#include <krb.h>
-
-#include <kafs.h>
-#include "roken.h"
-
-#ifdef OTP
-#include <otp.h>
-#endif
-
-#ifdef SOCKS
-#include <socks.h>
-extern int LIBPREFIX(fclose)      __P((FILE *));
-#endif
-
-void yyparse();
-
-#ifndef LOG_FTP
-#define LOG_FTP LOG_DAEMON
-#endif
-
-static char version[] = "Version 6.00";
-
-extern	off_t restart_point;
-extern	char cbuf[];
-
-struct	sockaddr_in ctrl_addr;
-struct	sockaddr_in data_source;
-struct	sockaddr_in data_dest;
-struct	sockaddr_in his_addr;
-struct	sockaddr_in pasv_addr;
-
-int	data;
-jmp_buf	errcatch, urgcatch;
-int	oobflag;
-int	logged_in;
-struct	passwd *pw;
-int	debug;
-int	ftpd_timeout = 900;    /* timeout after 15 minutes of inactivity */
-int	maxtimeout = 7200;/* don't allow idle time to be set beyond 2 hours */
-int	logging;
-int	guest;
-int	dochroot;
-int	type;
-int	form;
-int	stru;			/* avoid C keyword */
-int	mode;
-int	usedefault = 1;		/* for data transfers */
-int	pdata = -1;		/* for passive mode */
-int	transflag;
-off_t	file_size;
-off_t	byte_count;
-#if !defined(CMASK) || CMASK == 0
-#undef CMASK
-#define CMASK 027
-#endif
-int	defumask = CMASK;		/* default umask value */
-int	guest_umask = 0777;	/* Paranoia for anonymous users */
-char	tmpline[10240];
-char	hostname[MaxHostNameLen];
-char	remotehost[MaxHostNameLen];
-static char ttyline[20];
-
-#define AUTH_PLAIN	(1 << 0) /* allow sending passwords */
-#define AUTH_OTP	(1 << 1) /* passwords are one-time */
-#define AUTH_FTP	(1 << 2) /* allow anonymous login */
-
-static int auth_level = 0; /* Only allow kerberos login by default */
-
-/*
- * Timeout intervals for retrying connections
- * to hosts that don't accept PORT cmds.  This
- * is a kludge, but given the problems with TCP...
- */
-#define	SWAITMAX	90	/* wait at most 90 seconds */
-#define	SWAITINT	5	/* interval between retries */
-
-int	swaitmax = SWAITMAX;
-int	swaitint = SWAITINT;
-
-#ifdef HAVE_SETPROCTITLE
-char	proctitle[BUFSIZ];	/* initial part of title */
-#endif /* HAVE_SETPROCTITLE */
-
-#define LOGCMD(cmd, file) \
-	if (logging > 1) \
-	    syslog(LOG_INFO,"%s %s%s", cmd, \
-		*(file) == '/' ? "" : curdir(), file);
-#define LOGCMD2(cmd, file1, file2) \
-	 if (logging > 1) \
-	    syslog(LOG_INFO,"%s %s%s %s%s", cmd, \
-		*(file1) == '/' ? "" : curdir(), file1, \
-		*(file2) == '/' ? "" : curdir(), file2);
-#define LOGBYTES(cmd, file, cnt) \
-	if (logging > 1) { \
-		if (cnt == (off_t)-1) \
-		    syslog(LOG_INFO,"%s %s%s", cmd, \
-			*(file) == '/' ? "" : curdir(), file); \
-		else \
-		    syslog(LOG_INFO, "%s %s%s = %ld bytes", \
-			cmd, (*(file) == '/') ? "" : curdir(), file, (long)cnt); \
-	}
-
-static void	 ack (char *);
-static void	 myoob (int);
-static int	 checkuser (char *, char *);
-static int	 checkaccess (char *);
-static FILE	*dataconn (char *, off_t, char *);
-static void	 dolog (struct sockaddr_in *);
-static void	 end_login (void);
-static FILE	*getdatasock (char *);
-static char	*gunique (char *);
-static RETSIGTYPE	 lostconn (int);
-static int	 receive_data (FILE *, FILE *);
-static void	 send_data (FILE *, FILE *);
-static struct passwd * sgetpwnam (char *);
-static void	 usage(void);
-
-static char *
-curdir(void)
-{
-	static char path[MaxPathLen+1+1];	/* path + '/' + '\0' */
-
-	if (getcwd(path, sizeof(path)-2) == NULL)
-		return ("");
-	if (path[1] != '\0')		/* special case for root dir. */
-		strcat(path, "/");
-	/* For guest account, skip / since it's chrooted */
-	return (guest ? path+1 : path);
-}
-
-#ifndef LINE_MAX
-#define LINE_MAX 1024
-#endif
-
-static int
-parse_auth_level(char *str)
-{
-    char *p;
-    int ret = 0;
-    char *foo = NULL;
-
-    for(p = strtok_r(str, ",", &foo);
-	p;
-	p = strtok_r(NULL, ",", &foo)) {
-	if(strcmp(p, "user") == 0)
-	    ;
-#ifdef OTP
-	else if(strcmp(p, "otp") == 0)
-	    ret |= AUTH_PLAIN|AUTH_OTP;
-#endif
-	else if(strcmp(p, "ftp") == 0 ||
-		strcmp(p, "safe") == 0)
-	    ret |= AUTH_FTP;
-	else if(strcmp(p, "plain") == 0)
-	    ret |= AUTH_PLAIN;
-	else if(strcmp(p, "none") == 0)
-	    ret |= AUTH_PLAIN|AUTH_FTP;
-	else
-	    warnx("bad value for -a: `%s'", p);
-    }
-    return ret;	    
-}
-
-/*
- * Print usage and die.
- */
-
-static void
-usage (void)
-{
-    fprintf (stderr,
-	     "Usage: %s [-d] [-i] [-g guest_umask] [-l] [-p port]"
-	     " [-t timeout] [-T max_timeout] [-u umask] [-v]"
-	     " [-a auth_level] \n",
-	     __progname);
-    exit (1);
-}
-
-int
-main(int argc, char **argv)
-{
-	int addrlen, ch, on = 1, tos;
-	char *cp, line[LINE_MAX];
-	FILE *fd;
-	int not_inetd = 0;
-	int port;
-	struct servent *sp;
-	char tkfile[1024];
-
-	set_progname (argv[0]);
-
-	/* detach from any tickets and tokens */
-
-	snprintf(tkfile, sizeof(tkfile),
-		 "/tmp/ftp_%u", (unsigned)getpid());
-	krb_set_tkt_string(tkfile);
-	if(k_hasafs())
-	    k_setpag();
-
-	sp = getservbyname("ftp", "tcp");
-	if(sp)
-	    port = sp->s_port;
-	else
-	    port = htons(21);
-
-	while ((ch = getopt(argc, argv, "a:dg:ilp:t:T:u:v")) != EOF) {
-		switch (ch) {
-		case 'a':
-		    auth_level = parse_auth_level(optarg);
-		    break;
-		case 'd':
-		    debug = 1;
-		    break;
-
-		case 'i':
-		    not_inetd = 1;
-		    break;
-		case 'g':
-		    {
-			long val = 0;
-
-			val = strtol(optarg, &optarg, 8);
-			if (*optarg != '\0' || val < 0)
-			    warnx("bad value for -g");
-			else
-			    guest_umask = val;
-			break;
-		    }
-		case 'l':
-		    logging++;	/* > 1 == extra logging */
-		    break;
-
-		case 'p':
-		    sp = getservbyname(optarg, "tcp");
-		    if(sp)
-			port = sp->s_port;
-		    else
-			if(isdigit(optarg[0]))
-			    port = htons(atoi(optarg));
-			else
-			    warnx("bad value for -p");
-		    break;
-		    
-		case 't':
-		    ftpd_timeout = atoi(optarg);
-		    if (maxtimeout < ftpd_timeout)
-			maxtimeout = ftpd_timeout;
-		    break;
-
-		case 'T':
-		    maxtimeout = atoi(optarg);
-		    if (ftpd_timeout > maxtimeout)
-			ftpd_timeout = maxtimeout;
-		    break;
-
-		case 'u':
-		    {
-			long val = 0;
-
-			val = strtol(optarg, &optarg, 8);
-			if (*optarg != '\0' || val < 0)
-			    warnx("bad value for -u");
-			else
-			    defumask = val;
-			break;
-		    }
-
-		case 'v':
-		    debug = 1;
-		    break;
-
-		default:
-		    usage ();
-		}
-	}
-
-	if(not_inetd)
-	    mini_inetd (port);
-
-	/*
-	 * LOG_NDELAY sets up the logging connection immediately,
-	 * necessary for anonymous ftp's that chroot and can't do it later.
-	 */
-	openlog("ftpd", LOG_PID | LOG_NDELAY, LOG_FTP);
-	addrlen = sizeof(his_addr);
-	if (getpeername(0, (struct sockaddr *)&his_addr, &addrlen) < 0) {
-		syslog(LOG_ERR, "getpeername (%s): %m",argv[0]);
-		exit(1);
-	}
-	addrlen = sizeof(ctrl_addr);
-	if (getsockname(0, (struct sockaddr *)&ctrl_addr, &addrlen) < 0) {
-		syslog(LOG_ERR, "getsockname (%s): %m",argv[0]);
-		exit(1);
-	}
-#if defined(IP_TOS) && defined(HAVE_SETSOCKOPT)
-	tos = IPTOS_LOWDELAY;
-	if (setsockopt(0, IPPROTO_IP, IP_TOS, (void *)&tos, sizeof(int)) < 0)
-		syslog(LOG_WARNING, "setsockopt (IP_TOS): %m");
-#endif
-	data_source.sin_port = htons(ntohs(ctrl_addr.sin_port) - 1);
-	debug = 0;
-
-	/* set this here so it can be put in wtmp */
-	snprintf(ttyline, sizeof(ttyline), "ftp%u", (unsigned)getpid());
-
-
-	/*	freopen(_PATH_DEVNULL, "w", stderr); */
-	signal(SIGPIPE, lostconn);
-	signal(SIGCHLD, SIG_IGN);
-#ifdef SIGURG
-	if (signal(SIGURG, myoob) == SIG_ERR)
-	    syslog(LOG_ERR, "signal: %m");
-#endif
-
-	auth_init();
-
-	/* Try to handle urgent data inline */
-#if defined(SO_OOBINLINE) && defined(HAVE_SETSOCKOPT)
-	if (setsockopt(0, SOL_SOCKET, SO_OOBINLINE, (void *)&on,
-		       sizeof(on)) < 0)
-		syslog(LOG_ERR, "setsockopt: %m");
-#endif
-
-#ifdef	F_SETOWN
-	if (fcntl(fileno(stdin), F_SETOWN, getpid()) == -1)
-		syslog(LOG_ERR, "fcntl F_SETOWN: %m");
-#endif
-	dolog(&his_addr);
-	/*
-	 * Set up default state
-	 */
-	data = -1;
-	type = TYPE_A;
-	form = FORM_N;
-	stru = STRU_F;
-	mode = MODE_S;
-	tmpline[0] = '\0';
-
-	/* If logins are disabled, print out the message. */
-	if ((fd = fopen(_PATH_NOLOGIN,"r")) != NULL) {
-		while (fgets(line, sizeof(line), fd) != NULL) {
-			if ((cp = strchr(line, '\n')) != NULL)
-				*cp = '\0';
-			lreply(530, "%s", line);
-		}
-		fflush(stdout);
-		fclose(fd);
-		reply(530, "System not available.");
-		exit(0);
-	}
-	if ((fd = fopen(_PATH_FTPWELCOME, "r")) != NULL) {
-		while (fgets(line, sizeof(line), fd) != NULL) {
-			if ((cp = strchr(line, '\n')) != NULL)
-				*cp = '\0';
-			lreply(220, "%s", line);
-		}
-		fflush(stdout);
-		fclose(fd);
-		/* reply(220,) must follow */
-	}
-	k_gethostname(hostname, sizeof(hostname));
-	reply(220, "%s FTP server (%s+%s) ready.", hostname, 
-	      version, krb4_version);
-	setjmp(errcatch);
-	for (;;)
-	    yyparse();
-	/* NOTREACHED */
-}
-
-static RETSIGTYPE
-lostconn(int signo)
-{
-
-	if (debug)
-		syslog(LOG_DEBUG, "lost connection");
-	dologout(-1);
-}
-
-/*
- * Helper function for sgetpwnam().
- */
-static char *
-sgetsave(char *s)
-{
-	char *new = strdup(s);
-
-	if (new == NULL) {
-		perror_reply(421, "Local resource failure: malloc");
-		dologout(1);
-		/* NOTREACHED */
-	}
-	return new;
-}
-
-/*
- * Save the result of a getpwnam.  Used for USER command, since
- * the data returned must not be clobbered by any other command
- * (e.g., globbing).
- */
-static struct passwd *
-sgetpwnam(char *name)
-{
-	static struct passwd save;
-	struct passwd *p;
-
-	if ((p = k_getpwnam(name)) == NULL)
-		return (p);
-	if (save.pw_name) {
-		free(save.pw_name);
-		free(save.pw_passwd);
-		free(save.pw_gecos);
-		free(save.pw_dir);
-		free(save.pw_shell);
-	}
-	save = *p;
-	save.pw_name = sgetsave(p->pw_name);
-	save.pw_passwd = sgetsave(p->pw_passwd);
-	save.pw_gecos = sgetsave(p->pw_gecos);
-	save.pw_dir = sgetsave(p->pw_dir);
-	save.pw_shell = sgetsave(p->pw_shell);
-	return (&save);
-}
-
-static int login_attempts;	/* number of failed login attempts */
-static int askpasswd;		/* had user command, ask for passwd */
-static char curname[10];	/* current USER name */
-#ifdef OTP
-OtpContext otp_ctx;
-#endif
-
-/*
- * USER command.
- * Sets global passwd pointer pw if named account exists and is acceptable;
- * sets askpasswd if a PASS command is expected.  If logged in previously,
- * need to reset state.  If name is "ftp" or "anonymous", the name is not in
- * _PATH_FTPUSERS, and ftp account exists, set guest and pw, then just return.
- * If account doesn't exist, ask for passwd anyway.  Otherwise, check user
- * requesting login privileges.  Disallow anyone who does not have a standard
- * shell as returned by getusershell().  Disallow anyone mentioned in the file
- * _PATH_FTPUSERS to allow people such as root and uucp to be avoided.
- */
-void
-user(char *name)
-{
-	char *cp, *shell;
-
-	if(auth_level == 0 && !auth_complete){
-	    reply(530, "No login allowed without authorization.");
-	    return;
-	}
-
-	if (logged_in) {
-		if (guest) {
-			reply(530, "Can't change user from guest login.");
-			return;
-		} else if (dochroot) {
-			reply(530, "Can't change user from chroot user.");
-			return;
-		}
-		end_login();
-	}
-
-	guest = 0;
-	if (strcmp(name, "ftp") == 0 || strcmp(name, "anonymous") == 0) {
-	    if ((auth_level & AUTH_FTP) == 0 ||
-		checkaccess("ftp") || 
-		checkaccess("anonymous"))
-		reply(530, "User %s access denied.", name);
-	    else if ((pw = sgetpwnam("ftp")) != NULL) {
-		guest = 1;
-		defumask = guest_umask;	/* paranoia for incoming */
-		askpasswd = 1;
-		reply(331, "Guest login ok, type your name as password.");
-	    } else
-		reply(530, "User %s unknown.", name);
-	    if (!askpasswd && logging)
-		syslog(LOG_NOTICE,
-		       "ANONYMOUS FTP LOGIN REFUSED FROM %s(%s)",
-		       remotehost, inet_ntoa(his_addr.sin_addr));
-	    return;
-	}
-	if((auth_level & AUTH_PLAIN) == 0 && !auth_complete){
-	    reply(530, "Only authorized and anonymous login allowed.");
-	    return;
-	}
-	if ((pw = sgetpwnam(name))) {
-		if ((shell = pw->pw_shell) == NULL || *shell == 0)
-			shell = _PATH_BSHELL;
-		while ((cp = getusershell()) != NULL)
-			if (strcmp(cp, shell) == 0)
-				break;
-		endusershell();
-
-		if (cp == NULL || checkaccess(name)) {
-			reply(530, "User %s access denied.", name);
-			if (logging)
-				syslog(LOG_NOTICE,
-				       "FTP LOGIN REFUSED FROM %s(%s), %s",
-				       remotehost,
-				       inet_ntoa(his_addr.sin_addr),
-				       name);
-			pw = (struct passwd *) NULL;
-			return;
-		}
-	}
-	if (logging)
-		strncpy(curname, name, sizeof(curname)-1);
-	if(auth_ok())
-		ct->userok(name);
-#ifdef OTP
-	else {
-		char ss[256];
-
-		if (otp_challenge(&otp_ctx, name, ss, sizeof(ss)) == 0) {
-			reply(331, "Password %s for %s required.",
-			      ss, name);
-			askpasswd = 1;
-		} else if ((auth_level & AUTH_OTP) == 0) {
-		    reply(331, "Password required for %s.", name);
-		    askpasswd = 1;
-		} else {
-		    char *s;
-		    
-		    if (s = otp_error (&otp_ctx))
-			lreply(530, "OTP: %s", s);
-		    reply(530,
-			  "Only authorized, anonymous and OTP "
-			  "login allowed.");
-		}
-
-	}
-#endif
-	/*
-	 * Delay before reading passwd after first failed
-	 * attempt to slow down passwd-guessing programs.
-	 */
-	if (login_attempts)
-		sleep(login_attempts);
-}
-
-/*
- * Check if a user is in the file "fname"
- */
-static int
-checkuser(char *fname, char *name)
-{
-	FILE *fd;
-	int found = 0;
-	char *p, line[BUFSIZ];
-
-	if ((fd = fopen(fname, "r")) != NULL) {
-		while (fgets(line, sizeof(line), fd) != NULL)
-			if ((p = strchr(line, '\n')) != NULL) {
-				*p = '\0';
-				if (line[0] == '#')
-					continue;
-				if (strcmp(line, name) == 0) {
-					found = 1;
-					break;
-				}
-			}
-		fclose(fd);
-	}
-	return (found);
-}
-
-
-/*
- * Determine whether a user has access, based on information in 
- * _PATH_FTPUSERS. The users are listed one per line, with `allow'
- * or `deny' after the username. If anything other than `allow', or
- * just nothing, is given after the username, `deny' is assumed.
- *
- * If the user is not found in the file, but the pseudo-user `*' is,
- * the permission is taken from that line.
- *
- * This preserves the old semantics where if a user was listed in the
- * file he was denied, otherwise he was allowed.
- *
- * Return 1 if the user is denied, or 0 if he is allowed.  */
-
-static int
-match(const char *pattern, const char *string)
-{
-#ifdef HAVE_FNMATCH
-    return fnmatch(pattern, string, FNM_NOESCAPE);
-#else
-    return strcmp(pattern, "*") != 0 && strcmp(pattern, string) != 0;
-#endif
-}
-
-static int
-checkaccess(char *name)
-{
-#define ALLOWED		0
-#define	NOT_ALLOWED	1
-    FILE *fd;
-    int allowed = ALLOWED;
-    char *user, *perm, line[BUFSIZ];
-    char *foo;
-    
-    fd = fopen(_PATH_FTPUSERS, "r");
-    
-    if(fd == NULL)
-	return allowed;
-
-    while (fgets(line, sizeof(line), fd) != NULL)  {
-	foo = NULL;
-	user = strtok_r(line, " \t\n", &foo);
-	if (user == NULL || user[0] == '#')
-	    continue;
-	perm = strtok_r(NULL, " \t\n", &foo);
-	if (match(user, name) == 0){
-	    if(perm && strcmp(perm, "allow") == 0)
-		allowed = ALLOWED;
-	    else
-		allowed = NOT_ALLOWED;
-	    break;
-	}
-    }
-    fclose(fd);
-    return allowed;
-}
-#undef	ALLOWED
-#undef	NOT_ALLOWED
-
-int do_login(int code, char *passwd)
-{
-        FILE *fd;
-	login_attempts = 0;		/* this time successful */
-	if (setegid((gid_t)pw->pw_gid) < 0) {
-		reply(550, "Can't set gid.");
-		return -1;
-	}
-	initgroups(pw->pw_name, pw->pw_gid);
-
-	/* open wtmp before chroot */
-	logwtmp(ttyline, pw->pw_name, remotehost);
-	logged_in = 1;
-
-	dochroot = checkuser(_PATH_FTPCHROOT, pw->pw_name);
-	if (guest) {
-		/*
-		 * We MUST do a chdir() after the chroot. Otherwise
-		 * the old current directory will be accessible as "."
-		 * outside the new root!
-		 */
-		if (chroot(pw->pw_dir) < 0 || chdir("/") < 0) {
-			reply(550, "Can't set guest privileges.");
-			return -1;
-		}
-	} else if (dochroot) {
-		if (chroot(pw->pw_dir) < 0 || chdir("/") < 0) {
-			reply(550, "Can't change root.");
-			return -1;
-		}
-	} else if (chdir(pw->pw_dir) < 0) {
-		if (chdir("/") < 0) {
-			reply(530, "User %s: can't change directory to %s.",
-			    pw->pw_name, pw->pw_dir);
-			return -1;
-		} else
-			lreply(code, "No directory! Logging in with home=/");
-	}
-	if (seteuid((uid_t)pw->pw_uid) < 0) {
-		reply(550, "Can't set uid.");
-		return -1;
-	}
-	/*
-	 * Display a login message, if it exists.
-	 * N.B. reply(code,) must follow the message.
-	 */
-	if ((fd = fopen(_PATH_FTPLOGINMESG, "r")) != NULL) {
-		char *cp, line[LINE_MAX];
-
-		while (fgets(line, sizeof(line), fd) != NULL) {
-			if ((cp = strchr(line, '\n')) != NULL)
-				*cp = '\0';
-			lreply(code, "%s", line);
-		}
-	}
-	if (guest) {
-		reply(code, "Guest login ok, access restrictions apply.");
-#ifdef HAVE_SETPROCTITLE
-		snprintf (proctitle, sizeof(proctitle),
-			  "%s: anonymous/%s",
-			  remotehost,
-			  passwd);
-#endif /* HAVE_SETPROCTITLE */
-		if (logging)
-			syslog(LOG_INFO, "ANONYMOUS FTP LOGIN FROM %s(%s), %s",
-			       remotehost, 
-			       inet_ntoa(his_addr.sin_addr),
-			       passwd);
-	} else {
-		reply(code, "User %s logged in.", pw->pw_name);
-#ifdef HAVE_SETPROCTITLE
-		snprintf(proctitle, sizeof(proctitle), "%s: %s", remotehost, pw->pw_name);
-		setproctitle(proctitle);
-#endif /* HAVE_SETPROCTITLE */
-		if (logging)
-			syslog(LOG_INFO, "FTP LOGIN FROM %s(%s) as %s",
-			       remotehost,
-			       inet_ntoa(his_addr.sin_addr),
-			       pw->pw_name);
-	}
-	umask(defumask);
-	return 0;
-}
-
-/*
- * Terminate login as previous user, if any, resetting state;
- * used when USER command is given or login fails.
- */
-static void
-end_login(void)
-{
-
-	seteuid((uid_t)0);
-	if (logged_in)
-		logwtmp(ttyline, "", "");
-	pw = NULL;
-	logged_in = 0;
-	guest = 0;
-	dochroot = 0;
-}
-
-void
-pass(char *passwd)
-{
-	int rval;
-
-	/* some clients insists on sending a password */
-	if (logged_in && askpasswd == 0){
-	     reply(230, "Dumpucko!");
-	     return;
-	}
-
-	if (logged_in || askpasswd == 0) {
-		reply(503, "Login with USER first.");
-		return;
-	}
-	askpasswd = 0;
-	rval = 1;
-	if (!guest) {		/* "ftp" is only account allowed no password */
-		if (pw == NULL)
-			rval = 1;	/* failure below */
-#ifdef OTP
-		else if (otp_verify_user (&otp_ctx, passwd) == 0)
-		    rval = 0;
-#endif
-		else if((auth_level & AUTH_OTP) == 0) {
-		    char realm[REALM_SZ];
-		    if((rval = krb_get_lrealm(realm, 1)) == KSUCCESS)
-			rval = krb_verify_user(pw->pw_name, "", realm, 
-					       passwd, 1, NULL);
-		    if (rval == KSUCCESS ){
-			if(k_hasafs())
-			    k_afsklog(0, 0);
-		    }else 
-			rval = unix_verify_user(pw->pw_name, passwd);
-		}
-#ifdef OTP
-		else {
-		    char *s;
-		    
-		    if (s = otp_error(&otp_ctx))
-			lreply(530, "OTP: %s", s);
-		}
-#endif
-		memset (passwd, 0, strlen(passwd));
-
-		/*
-		 * If rval == 1, the user failed the authentication
-		 * check above.  If rval == 0, either Kerberos or
-		 * local authentication succeeded.
-		 */
-		if (rval) {
-			reply(530, "Login incorrect.");
-			if (logging)
-				syslog(LOG_NOTICE,
-				    "FTP LOGIN FAILED FROM %s(%s), %s",
-				       remotehost,
-				       inet_ntoa(his_addr.sin_addr),
-				       curname);
-			pw = NULL;
-			if (login_attempts++ >= 5) {
-				syslog(LOG_NOTICE,
-				       "repeated login failures from %s(%s)",
-				       remotehost,
-				       inet_ntoa(his_addr.sin_addr));
-				exit(0);
-			}
-			return;
-		}
-	}
-	if(!do_login(230, passwd))
-	  return;
-	
-	/* Forget all about it... */
-	end_login();
-}
-
-void
-retrieve(char *cmd, char *name)
-{
-	FILE *fin = NULL, *dout;
-	struct stat st;
-	int (*closefunc) (FILE *);
-	char line[BUFSIZ];
-
-
-	if (cmd == 0) {
-		fin = fopen(name, "r");
-		closefunc = fclose;
-		st.st_size = 0;
-		if(fin == NULL){
-		    struct cmds {
-			char *ext;
-			char *cmd;
-		    } cmds[] = {
-			{".tar", "/bin/gtar cPf - %s"},
-			{".tar.gz", "/bin/gtar zcPf - %s"},
-			{".tar.Z", "/bin/gtar ZcPf - %s"},
-			{".gz", "/bin/gzip -c %s"},
-			{".Z", "/bin/compress -c %s"},
-			{NULL, NULL}
-		    };
-		    struct cmds *p;
-		    for(p = cmds; p->ext; p++){
-			char *tail = name + strlen(name) - strlen(p->ext);
-			char c = *tail;
-			
-			if(strcmp(tail, p->ext) == 0 &&
-			   (*tail  = 0) == 0 &&
-			   access(name, R_OK) == 0){
-			    snprintf (line, sizeof(line), p->cmd, name);
-			    *tail  = c;
-			    break;
-			}
-			*tail = c;
-		    }
-		    if(p->ext){
-			fin = ftpd_popen(line, "r", 0, 0);
-			closefunc = ftpd_pclose;
-			st.st_size = -1;
-			cmd = line;
-		    }
-		}
-	} else {
-		snprintf(line, sizeof(line), cmd, name);
-		name = line;
-		fin = ftpd_popen(line, "r", 1, 0);
-		closefunc = ftpd_pclose;
-		st.st_size = -1;
-	}
-	if (fin == NULL) {
-		if (errno != 0) {
-			perror_reply(550, name);
-			if (cmd == 0) {
-				LOGCMD("get", name);
-			}
-		}
-		return;
-	}
-	byte_count = -1;
-	if (cmd == 0){
-	    if(fstat(fileno(fin), &st) < 0 || !S_ISREG(st.st_mode)) {
-		reply(550, "%s: not a plain file.", name);
-		goto done;
-	    }
-	}
-	if (restart_point) {
-		if (type == TYPE_A) {
-			off_t i, n;
-			int c;
-
-			n = restart_point;
-			i = 0;
-			while (i++ < n) {
-				if ((c=getc(fin)) == EOF) {
-					perror_reply(550, name);
-					goto done;
-				}
-				if (c == '\n')
-					i++;
-			}
-		} else if (lseek(fileno(fin), restart_point, SEEK_SET) < 0) {
-			perror_reply(550, name);
-			goto done;
-		}
-	}
-	dout = dataconn(name, st.st_size, "w");
-	if (dout == NULL)
-		goto done;
-	set_buffer_size(fileno(dout), 0);
-	send_data(fin, dout);
-	fclose(dout);
-	data = -1;
-	pdata = -1;
-done:
-	if (cmd == 0)
-		LOGBYTES("get", name, byte_count);
-	(*closefunc)(fin);
-}
-
-/* filename sanity check */
-
-int 
-filename_check(char *filename)
-{
-  static const char good_chars[] = "+-=_,.";
-    char *p;
-
-    p = strrchr(filename, '/');
-    if(p)
-	filename = p + 1;
-
-    p = filename;
-
-    if(isalnum(*p)){
-	p++;
-	while(*p && (isalnum(*p) || strchr(good_chars, *p)))
-	    p++;
-	if(*p == '\0')
-	    return 0;
-    }
-    lreply(553, "\"%s\" is an illegal filename.", filename);
-    lreply(553, "The filename must start with an alphanumeric "
-	   "character and must only");
-    reply(553, "consist of alphanumeric characters or any of the following: %s", 
-	  good_chars);
-    return 1;
-}
-
-void
-do_store(char *name, char *mode, int unique)
-{
-	FILE *fout, *din;
-	struct stat st;
-	int (*closefunc) (FILE *);
-
-	if(guest && filename_check(name))
-	    return;
-	if (unique && stat(name, &st) == 0 &&
-	    (name = gunique(name)) == NULL) {
-		LOGCMD(*mode == 'w' ? "put" : "append", name);
-		return;
-	}
-
-	if (restart_point)
-		mode = "r+";
-	fout = fopen(name, mode);
-	closefunc = fclose;
-	if (fout == NULL) {
-		perror_reply(553, name);
-		LOGCMD(*mode == 'w' ? "put" : "append", name);
-		return;
-	}
-	byte_count = -1;
-	if (restart_point) {
-		if (type == TYPE_A) {
-			off_t i, n;
-			int c;
-
-			n = restart_point;
-			i = 0;
-			while (i++ < n) {
-				if ((c=getc(fout)) == EOF) {
-					perror_reply(550, name);
-					goto done;
-				}
-				if (c == '\n')
-					i++;
-			}
-			/*
-			 * We must do this seek to "current" position
-			 * because we are changing from reading to
-			 * writing.
-			 */
-			if (fseek(fout, 0L, SEEK_CUR) < 0) {
-				perror_reply(550, name);
-				goto done;
-			}
-		} else if (lseek(fileno(fout), restart_point, SEEK_SET) < 0) {
-			perror_reply(550, name);
-			goto done;
-		}
-	}
-	din = dataconn(name, (off_t)-1, "r");
-	if (din == NULL)
-		goto done;
-	set_buffer_size(fileno(din), 1);
-	if (receive_data(din, fout) == 0) {
-		if (unique)
-			reply(226, "Transfer complete (unique file name:%s).",
-			    name);
-		else
-			reply(226, "Transfer complete.");
-	}
-	fclose(din);
-	data = -1;
-	pdata = -1;
-done:
-	LOGBYTES(*mode == 'w' ? "put" : "append", name, byte_count);
-	(*closefunc)(fout);
-}
-
-static FILE *
-getdatasock(char *mode)
-{
-	int on = 1, s, t, tries;
-
-	if (data >= 0)
-		return (fdopen(data, mode));
-	seteuid((uid_t)0);
-	s = socket(AF_INET, SOCK_STREAM, 0);
-	if (s < 0)
-		goto bad;
-#if defined(SO_REUSEADDR) && defined(HAVE_SETSOCKOPT)
-	if (setsockopt(s, SOL_SOCKET, SO_REUSEADDR,
-	    (void *) &on, sizeof(on)) < 0)
-		goto bad;
-#endif
-	/* anchor socket to avoid multi-homing problems */
-	data_source.sin_family = AF_INET;
-	data_source.sin_addr = ctrl_addr.sin_addr;
-	for (tries = 1; ; tries++) {
-		if (bind(s, (struct sockaddr *)&data_source,
-		    sizeof(data_source)) >= 0)
-			break;
-		if (errno != EADDRINUSE || tries > 10)
-			goto bad;
-		sleep(tries);
-	}
-	seteuid((uid_t)pw->pw_uid);
-#if defined(IP_TOS) && defined(HAVE_SETSOCKOPT)
-	on = IPTOS_THROUGHPUT;
-	if (setsockopt(s, IPPROTO_IP, IP_TOS, (void *)&on, sizeof(int)) < 0)
-		syslog(LOG_WARNING, "setsockopt (IP_TOS): %m");
-#endif
-	return (fdopen(s, mode));
-bad:
-	/* Return the real value of errno (close may change it) */
-	t = errno;
-	seteuid((uid_t)pw->pw_uid);
-	close(s);
-	errno = t;
-	return (NULL);
-}
-
-static FILE *
-dataconn(char *name, off_t size, char *mode)
-{
-	char sizebuf[32];
-	FILE *file;
-	int retry = 0, tos;
-
-	file_size = size;
-	byte_count = 0;
-	if (size != (off_t) -1)
-		snprintf(sizebuf, sizeof(sizebuf), " (%ld bytes)", size);
-	else
-		strcpy(sizebuf, "");
-	if (pdata >= 0) {
-		struct sockaddr_in from;
-		int s, fromlen = sizeof(from);
-
-		s = accept(pdata, (struct sockaddr *)&from, &fromlen);
-		if (s < 0) {
-			reply(425, "Can't open data connection.");
-			close(pdata);
-			pdata = -1;
-			return (NULL);
-		}
-		close(pdata);
-		pdata = s;
-#if defined(IP_TOS) && defined(HAVE_SETSOCKOPT)
-		tos = IPTOS_THROUGHPUT;
-		setsockopt(s, IPPROTO_IP, IP_TOS, (void *)&tos,
-		    sizeof(int));
-#endif
-		reply(150, "Opening %s mode data connection for '%s'%s.",
-		     type == TYPE_A ? "ASCII" : "BINARY", name, sizebuf);
-		return (fdopen(pdata, mode));
-	}
-	if (data >= 0) {
-		reply(125, "Using existing data connection for '%s'%s.",
-		    name, sizebuf);
-		usedefault = 1;
-		return (fdopen(data, mode));
-	}
-	if (usedefault)
-		data_dest = his_addr;
-	usedefault = 1;
-	file = getdatasock(mode);
-	if (file == NULL) {
-		reply(425, "Can't create data socket (%s,%d): %s.",
-		    inet_ntoa(data_source.sin_addr),
-		    ntohs(data_source.sin_port), strerror(errno));
-		return (NULL);
-	}
-	data = fileno(file);
-	while (connect(data, (struct sockaddr *)&data_dest,
-	    sizeof(data_dest)) < 0) {
-		if (errno == EADDRINUSE && retry < swaitmax) {
-			sleep((unsigned) swaitint);
-			retry += swaitint;
-			continue;
-		}
-		perror_reply(425, "Can't build data connection");
-		fclose(file);
-		data = -1;
-		return (NULL);
-	}
-	reply(150, "Opening %s mode data connection for '%s'%s.",
-	     type == TYPE_A ? "ASCII" : "BINARY", name, sizebuf);
-	return (file);
-}
-
-/*
- * Tranfer the contents of "instr" to "outstr" peer using the appropriate
- * encapsulation of the data subject * to Mode, Structure, and Type.
- *
- * NB: Form isn't handled.
- */
-static void
-send_data(FILE *instr, FILE *outstr)
-{
-	int c, cnt, filefd, netfd;
-	static char *buf;
-	static size_t bufsize;
-	int i = 0;
-	char s[1024];
-
-	transflag++;
-	if (setjmp(urgcatch)) {
-		transflag = 0;
-		return;
-	}
-	switch (type) {
-
-	case TYPE_A:
-		while ((c = getc(instr)) != EOF) {
-		    byte_count++;
-		    if(i > 1022){
-			auth_write(fileno(outstr), s, i);
-			i = 0;
-		    }
-		    if(c == '\n')
-			s[i++] = '\r';
-		    s[i++] = c;
-		}
-		if(i)
-		    auth_write(fileno(outstr), s, i);
-		auth_write(fileno(outstr), s, 0);
-		fflush(outstr);
-		transflag = 0;
-		if (ferror(instr))
-			goto file_err;
-		if (ferror(outstr))
-			goto data_err;
-		reply(226, "Transfer complete.");
-		return;
-		
-	case TYPE_I:
-	case TYPE_L:
-#ifdef HAVE_MMAP
-#ifndef MAP_FAILED
-#define MAP_FAILED (-1)
-#endif
-	    {
-		struct stat st;
-		char *chunk;
-		int in = fileno(instr);
-		if(fstat(in, &st) == 0 && S_ISREG(st.st_mode)) {
-		    chunk = mmap(0, st.st_size, PROT_READ, MAP_SHARED, in, 0);
-		    if(chunk != (void *)MAP_FAILED) {
-			cnt = st.st_size - restart_point;
-			auth_write(fileno(outstr),
-				   chunk + restart_point,
-				   cnt);
-			munmap(chunk, st.st_size);
-			auth_write(fileno(outstr), NULL, 0);
-			byte_count = cnt;
-			transflag = 0;
-		    }
-		}
-	    }
-	
-#endif
-	if(transflag){
-	    struct stat st;
-
-	    netfd = fileno(outstr);
-	    filefd = fileno(instr);
-	    buf = alloc_buffer (buf, &bufsize,
-				fstat(filefd, &st) >= 0 ? &st : NULL);
-	    if (buf == NULL) {
-		transflag = 0;
-		perror_reply(451, "Local resource failure: malloc");
-		return;
-	    }
-	    while ((cnt = read(filefd, buf, bufsize)) > 0 &&
-		   auth_write(netfd, buf, cnt) == cnt)
-		byte_count += cnt;
-	    auth_write(netfd, buf, 0); /* to end an encrypted stream */
-	    transflag = 0;
-	    if (cnt != 0) {
-		if (cnt < 0)
-		    goto file_err;
-		goto data_err;
-	    }
-	}
-	reply(226, "Transfer complete.");
-	return;
-	default:
-	    transflag = 0;
-	    reply(550, "Unimplemented TYPE %d in send_data", type);
-	    return;
-	}
-
-data_err:
-	transflag = 0;
-	perror_reply(426, "Data connection");
-	return;
-
-file_err:
-	transflag = 0;
-	perror_reply(551, "Error on input file");
-}
-
-/*
- * Transfer data from peer to "outstr" using the appropriate encapulation of
- * the data subject to Mode, Structure, and Type.
- *
- * N.B.: Form isn't handled.
- */
-static int
-receive_data(FILE *instr, FILE *outstr)
-{
-    int cnt, bare_lfs = 0;
-    static char *buf;
-    static size_t bufsize;
-    struct stat st;
-
-    transflag++;
-    if (setjmp(urgcatch)) {
-	transflag = 0;
-	return (-1);
-    }
-
-    buf = alloc_buffer (buf, &bufsize,
-			fstat(fileno(outstr), &st) >= 0 ? &st : NULL);
-    if (buf == NULL) {
-	transflag = 0;
-	perror_reply(451, "Local resource failure: malloc");
-	return -1;
-    }
-    
-    switch (type) {
-
-    case TYPE_I:
-    case TYPE_L:
-	while ((cnt = auth_read(fileno(instr), buf, bufsize)) > 0) {
-	    if (write(fileno(outstr), buf, cnt) != cnt)
-		goto file_err;
-	    byte_count += cnt;
-	}
-	if (cnt < 0)
-	    goto data_err;
-	transflag = 0;
-	return (0);
-
-    case TYPE_E:
-	reply(553, "TYPE E not implemented.");
-	transflag = 0;
-	return (-1);
-
-    case TYPE_A:
-    {
-	char *p, *q;
-	int cr_flag = 0;
-	while ((cnt = auth_read(fileno(instr),
-				buf + cr_flag, 
-				bufsize - cr_flag)) > 0){
-	    byte_count += cnt;
-	    cnt += cr_flag;
-	    cr_flag = 0;
-	    for(p = buf, q = buf; p < buf + cnt;) {
-		if(*p == '\n')
-		    bare_lfs++;
-		if(*p == '\r')
-		    if(p == buf + cnt - 1){
-			cr_flag = 1;
-			p++;
-			continue;
-		    }else if(p[1] == '\n'){
-			*q++ = '\n';
-			p += 2;
-			continue;
-		    }
-		*q++ = *p++;
-	    }
-	    fwrite(buf, q - buf, 1, outstr);
-	    if(cr_flag)
-		buf[0] = '\r';
-	}
-	if(cr_flag)
-	    putc('\r', outstr);
-	fflush(outstr);
-	if (ferror(instr))
-	    goto data_err;
-	if (ferror(outstr))
-	    goto file_err;
-	transflag = 0;
-	if (bare_lfs) {
-	    lreply(226, "WARNING! %d bare linefeeds received in ASCII mode\r\n"
-		   "    File may not have transferred correctly.\r\n",
-		   bare_lfs);
-	}
-	return (0);
-    }
-    default:
-	reply(550, "Unimplemented TYPE %d in receive_data", type);
-	transflag = 0;
-	return (-1);
-    }
-	
-data_err:
-    transflag = 0;
-    perror_reply(426, "Data Connection");
-    return (-1);
-	
-file_err:
-    transflag = 0;
-    perror_reply(452, "Error writing file");
-    return (-1);
-}
-
-void
-statfilecmd(char *filename)
-{
-	FILE *fin;
-	int c;
-	char line[LINE_MAX];
-
-	snprintf(line, sizeof(line), "/bin/ls -la %s", filename);
-	fin = ftpd_popen(line, "r", 1, 0);
-	lreply(211, "status of %s:", filename);
-	while ((c = getc(fin)) != EOF) {
-		if (c == '\n') {
-			if (ferror(stdout)){
-				perror_reply(421, "control connection");
-				ftpd_pclose(fin);
-				dologout(1);
-				/* NOTREACHED */
-			}
-			if (ferror(fin)) {
-				perror_reply(551, filename);
-				ftpd_pclose(fin);
-				return;
-			}
-			putc('\r', stdout);
-		}
-		putc(c, stdout);
-	}
-	ftpd_pclose(fin);
-	reply(211, "End of Status");
-}
-
-void
-statcmd(void)
-{
-#if 0
-	struct sockaddr_in *sin;
-	u_char *a, *p;
-
-	lreply(211, "%s FTP server status:", hostname, version);
-	printf("     %s\r\n", version);
-	printf("     Connected to %s", remotehost);
-	if (!isdigit(remotehost[0]))
-		printf(" (%s)", inet_ntoa(his_addr.sin_addr));
-	printf("\r\n");
-	if (logged_in) {
-		if (guest)
-			printf("     Logged in anonymously\r\n");
-		else
-			printf("     Logged in as %s\r\n", pw->pw_name);
-	} else if (askpasswd)
-		printf("     Waiting for password\r\n");
-	else
-		printf("     Waiting for user name\r\n");
-	printf("     TYPE: %s", typenames[type]);
-	if (type == TYPE_A || type == TYPE_E)
-		printf(", FORM: %s", formnames[form]);
-	if (type == TYPE_L)
-#if NBBY == 8
-		printf(" %d", NBBY);
-#else
-		printf(" %d", bytesize);	/* need definition! */
-#endif
-	printf("; STRUcture: %s; transfer MODE: %s\r\n",
-	    strunames[stru], modenames[mode]);
-	if (data != -1)
-		printf("     Data connection open\r\n");
-	else if (pdata != -1) {
-		printf("     in Passive mode");
-		sin = &pasv_addr;
-		goto printaddr;
-	} else if (usedefault == 0) {
-		printf("     PORT");
-		sin = &data_dest;
-printaddr:
-		a = (u_char *) &sin->sin_addr;
-		p = (u_char *) &sin->sin_port;
-#define UC(b) (((int) b) & 0xff)
-		printf(" (%d,%d,%d,%d,%d,%d)\r\n", UC(a[0]),
-			UC(a[1]), UC(a[2]), UC(a[3]), UC(p[0]), UC(p[1]));
-#undef UC
-	} else
-		printf("     No data connection\r\n");
-#endif
-	reply(211, "End of status");
-}
-
-void
-fatal(char *s)
-{
-
-	reply(451, "Error in server: %s\n", s);
-	reply(221, "Closing connection due to server error.");
-	dologout(0);
-	/* NOTREACHED */
-}
-
-static void
-int_reply(int, char *, const char *, va_list)
-#ifdef __GNUC__
-__attribute__ ((format (printf, 3, 0)))
-#endif
-;
-
-static void
-int_reply(int n, char *c, const char *fmt, va_list ap)
-{
-  char buf[10240];
-  char *p;
-  p=buf;
-  if(n){
-      snprintf(p, sizeof(buf), "%d%s", n, c);
-      p+=strlen(p);
-  }
-  vsnprintf(p, sizeof(buf) - strlen(p), fmt, ap);
-  p+=strlen(p);
-  snprintf(p, sizeof(buf) - strlen(p), "\r\n");
-  p+=strlen(p);
-  auth_printf("%s", buf);
-  fflush(stdout);
-  if (debug)
-    syslog(LOG_DEBUG, "<--- %s- ", buf);
-}
-
-void
-reply(int n, const char *fmt, ...)
-{
-  va_list ap;
-  va_start(ap, fmt);
-  int_reply(n, " ", fmt, ap);
-  delete_ftp_command();
-  va_end(ap);
-}
-
-void
-lreply(int n, const char *fmt, ...)
-{
-  va_list ap;
-  va_start(ap, fmt);
-  int_reply(n, "-", fmt, ap);
-  va_end(ap);
-}
-
-void
-nreply(const char *fmt, ...)
-{
-  va_list ap;
-  va_start(ap, fmt);
-  int_reply(0, NULL, fmt, ap);
-  va_end(ap);
-}
-
-static void
-ack(char *s)
-{
-
-	reply(250, "%s command successful.", s);
-}
-
-void
-nack(char *s)
-{
-
-	reply(502, "%s command not implemented.", s);
-}
-
-/* ARGSUSED */
-void
-yyerror(char *s)
-{
-	char *cp;
-
-	if ((cp = strchr(cbuf,'\n')))
-		*cp = '\0';
-	reply(500, "'%s': command not understood.", cbuf);
-}
-
-void
-do_delete(char *name)
-{
-	struct stat st;
-
-	LOGCMD("delete", name);
-	if (stat(name, &st) < 0) {
-		perror_reply(550, name);
-		return;
-	}
-	if ((st.st_mode&S_IFMT) == S_IFDIR) {
-		if (rmdir(name) < 0) {
-			perror_reply(550, name);
-			return;
-		}
-		goto done;
-	}
-	if (unlink(name) < 0) {
-		perror_reply(550, name);
-		return;
-	}
-done:
-	ack("DELE");
-}
-
-void
-cwd(char *path)
-{
-
-	if (chdir(path) < 0)
-		perror_reply(550, path);
-	else
-		ack("CWD");
-}
-
-void
-makedir(char *name)
-{
-
-	LOGCMD("mkdir", name);
-	if(guest && filename_check(name))
-	    return;
-	if (mkdir(name, 0777) < 0)
-		perror_reply(550, name);
-	else{
-	    if(guest)
-		chmod(name, 0700); /* guest has umask 777 */
-	    reply(257, "MKD command successful.");
-	}
-}
-
-void
-removedir(char *name)
-{
-
-	LOGCMD("rmdir", name);
-	if (rmdir(name) < 0)
-		perror_reply(550, name);
-	else
-		ack("RMD");
-}
-
-void
-pwd(void)
-{
-    char path[MaxPathLen + 1];
-    char *ret;
-
-    /* SunOS has a broken getcwd that does popen(pwd) (!!!), this
-     * failes miserably when running chroot 
-     */
-    ret = getcwd(path, sizeof(path));
-    if (ret == NULL)
-	reply(550, "%s.", strerror(errno));
-    else
-	reply(257, "\"%s\" is current directory.", path);
-}
-
-char *
-renamefrom(char *name)
-{
-	struct stat st;
-
-	if (stat(name, &st) < 0) {
-		perror_reply(550, name);
-		return NULL;
-	}
-	reply(350, "File exists, ready for destination name");
-	return (name);
-}
-
-void
-renamecmd(char *from, char *to)
-{
-
-	LOGCMD2("rename", from, to);
-	if(guest && filename_check(to))
-	    return;
-	if (rename(from, to) < 0)
-		perror_reply(550, "rename");
-	else
-		ack("RNTO");
-}
-
-static void
-dolog(struct sockaddr_in *sin)
-{
-	inaddr2str (sin->sin_addr, remotehost, sizeof(remotehost));
-#ifdef HAVE_SETPROCTITLE
-	snprintf(proctitle, sizeof(proctitle), "%s: connected", remotehost);
-	setproctitle(proctitle);
-#endif /* HAVE_SETPROCTITLE */
-
-	if (logging)
-		syslog(LOG_INFO, "connection from %s(%s)",
-		       remotehost,
-		       inet_ntoa(his_addr.sin_addr));
-}
-
-/*
- * Record logout in wtmp file
- * and exit with supplied status.
- */
-void
-dologout(int status)
-{
-    transflag = 0;
-    if (logged_in) {
-	seteuid((uid_t)0);
-	logwtmp(ttyline, "", "");
-	dest_tkt();
-	if(k_hasafs())
-	    k_unlog();
-    }
-    /* beware of flushing buffers after a SIGPIPE */
-#ifdef XXX
-    exit(status);
-#else
-    _exit(status);
-#endif	
-}
-
-void abor(void)
-{
-}
-
-static void
-myoob(int signo)
-{
-#if 0
-	char *cp;
-#endif
-
-	/* only process if transfer occurring */
-	if (!transflag)
-		return;
-
-	/* This is all XXX */
-	oobflag = 1;
-	/* if the command resulted in a new command, 
-	   parse that as well */
-	do{
-	    yyparse();
-	} while(ftp_command);
-	oobflag = 0;
-
-#if 0 
-	cp = tmpline;
-	if (getline(cp, 7) == NULL) {
-		reply(221, "You could at least say goodbye.");
-		dologout(0);
-	}
-	upper(cp);
-	if (strcmp(cp, "ABOR\r\n") == 0) {
-		tmpline[0] = '\0';
-		reply(426, "Transfer aborted. Data connection closed.");
-		reply(226, "Abort successful");
-		longjmp(urgcatch, 1);
-	}
-	if (strcmp(cp, "STAT\r\n") == 0) {
-		if (file_size != (off_t) -1)
-			reply(213, "Status: %ld of %ld bytes transferred",
-			      (long)byte_count,
-			      (long)file_size);
-		else
-			reply(213, "Status: %ld bytes transferred"
-			      (long)byte_count);
-	}
-#endif
-}
-
-/*
- * Note: a response of 425 is not mentioned as a possible response to
- *	the PASV command in RFC959. However, it has been blessed as
- *	a legitimate response by Jon Postel in a telephone conversation
- *	with Rick Adams on 25 Jan 89.
- */
-void
-passive(void)
-{
-	int len;
-	char *p, *a;
-
-	pdata = socket(AF_INET, SOCK_STREAM, 0);
-	if (pdata < 0) {
-		perror_reply(425, "Can't open passive connection");
-		return;
-	}
-	pasv_addr = ctrl_addr;
-	pasv_addr.sin_port = 0;
-	seteuid((uid_t)0);
-	if (bind(pdata, (struct sockaddr *)&pasv_addr, sizeof(pasv_addr)) < 0) {
-		seteuid((uid_t)pw->pw_uid);
-		goto pasv_error;
-	}
-	seteuid((uid_t)pw->pw_uid);
-	len = sizeof(pasv_addr);
-	if (getsockname(pdata, (struct sockaddr *) &pasv_addr, &len) < 0)
-		goto pasv_error;
-	if (listen(pdata, 1) < 0)
-		goto pasv_error;
-	a = (char *) &pasv_addr.sin_addr;
-	p = (char *) &pasv_addr.sin_port;
-
-#define UC(b) (((int) b) & 0xff)
-
-	reply(227, "Entering Passive Mode (%d,%d,%d,%d,%d,%d)", UC(a[0]),
-		UC(a[1]), UC(a[2]), UC(a[3]), UC(p[0]), UC(p[1]));
-	return;
-
-pasv_error:
-	close(pdata);
-	pdata = -1;
-	perror_reply(425, "Can't open passive connection");
-	return;
-}
-
-/*
- * Generate unique name for file with basename "local".
- * The file named "local" is already known to exist.
- * Generates failure reply on error.
- */
-static char *
-gunique(char *local)
-{
-	static char new[MaxPathLen];
-	struct stat st;
-	int count;
-	char *cp;
-
-	cp = strrchr(local, '/');
-	if (cp)
-		*cp = '\0';
-	if (stat(cp ? local : ".", &st) < 0) {
-		perror_reply(553, cp ? local : ".");
-		return NULL;
-	}
-	if (cp)
-		*cp = '/';
-	for (count = 1; count < 100; count++) {
-		snprintf (new, sizeof(new), "%s.%d", local, count);
-		if (stat(new, &st) < 0)
-			return (new);
-	}
-	reply(452, "Unique file name cannot be created.");
-	return (NULL);
-}
-
-/*
- * Format and send reply containing system error number.
- */
-void
-perror_reply(int code, char *string)
-{
-	reply(code, "%s: %s.", string, strerror(errno));
-}
-
-static char *onefile[] = {
-	"",
-	0
-};
-
-void
-send_file_list(char *whichf)
-{
-  struct stat st;
-  DIR *dirp = NULL;
-  struct dirent *dir;
-  FILE *dout = NULL;
-  char **dirlist, *dirname;
-  int simple = 0;
-  int freeglob = 0;
-  glob_t gl;
-  char buf[MaxPathLen];
-
-  if (strpbrk(whichf, "~{[*?") != NULL) {
-    int flags = GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE;
-
-    memset(&gl, 0, sizeof(gl));
-    freeglob = 1;
-    if (glob(whichf, flags, 0, &gl)) {
-      reply(550, "not found");
-      goto out;
-    } else if (gl.gl_pathc == 0) {
-      errno = ENOENT;
-      perror_reply(550, whichf);
-      goto out;
-    }
-    dirlist = gl.gl_pathv;
-  } else {
-    onefile[0] = whichf;
-    dirlist = onefile;
-    simple = 1;
-  }
-
-  if (setjmp(urgcatch)) {
-    transflag = 0;
-    goto out;
-  }
-  while ((dirname = *dirlist++)) {
-    if (stat(dirname, &st) < 0) {
-      /*
-       * If user typed "ls -l", etc, and the client
-       * used NLST, do what the user meant.
-       */
-      if (dirname[0] == '-' && *dirlist == NULL &&
-	  transflag == 0) {
-	retrieve("/bin/ls %s", dirname);
-	goto out;
-      }
-      perror_reply(550, whichf);
-      if (dout != NULL) {
-	fclose(dout);
-	transflag = 0;
-	data = -1;
-	pdata = -1;
-      }
-      goto out;
-    }
-
-    if (S_ISREG(st.st_mode)) {
-      if (dout == NULL) {
-	dout = dataconn("file list", (off_t)-1, "w");
-	if (dout == NULL)
-	  goto out;
-	transflag++;
-      }
-      snprintf(buf, sizeof(buf), "%s%s\n", dirname,
-	      type == TYPE_A ? "\r" : "");
-      auth_write(fileno(dout), buf, strlen(buf));
-      byte_count += strlen(dirname) + 1;
-      continue;
-    } else if (!S_ISDIR(st.st_mode))
-      continue;
-
-    if ((dirp = opendir(dirname)) == NULL)
-      continue;
-
-    while ((dir = readdir(dirp)) != NULL) {
-      char nbuf[MaxPathLen];
-
-      if (!strcmp(dir->d_name, "."))
-	continue;
-      if (!strcmp(dir->d_name, ".."))
-	continue;
-
-      snprintf(nbuf, sizeof(nbuf), "%s/%s", dirname, dir->d_name);
-
-      /*
-       * We have to do a stat to insure it's
-       * not a directory or special file.
-       */
-      if (simple || (stat(nbuf, &st) == 0 &&
-		     S_ISREG(st.st_mode))) {
-	if (dout == NULL) {
-	  dout = dataconn("file list", (off_t)-1, "w");
-	  if (dout == NULL)
-	    goto out;
-	  transflag++;
-	}
-	if(strncmp(nbuf, "./", 2) == 0)
-	  snprintf(buf, sizeof(buf), "%s%s\n", nbuf +2,
-		   type == TYPE_A ? "\r" : "");
-	else
-	  snprintf(buf, sizeof(buf), "%s%s\n", nbuf,
-		   type == TYPE_A ? "\r" : "");
-	auth_write(fileno(dout), buf, strlen(buf));
-	byte_count += strlen(nbuf) + 1;
-      }
-    }
-    closedir(dirp);
-  }
-  if (dout == NULL)
-    reply(550, "No files found.");
-  else if (ferror(dout) != 0)
-    perror_reply(550, "Data connection");
-  else
-    reply(226, "Transfer complete.");
-
-  transflag = 0;
-  if (dout != NULL){
-    auth_write(fileno(dout), buf, 0); /* XXX flush */
-	    
-    fclose(dout);
-  }
-  data = -1;
-  pdata = -1;
-out:
-  if (freeglob) {
-    freeglob = 0;
-    globfree(&gl);
-  }
-}
-
-
-int
-find(char *pattern)
-{
-    char line[1024];
-    FILE *f;
-
-    snprintf(line, sizeof(line),
-	     "/bin/locate -d %s %s",
-	     ftp_rooted("/etc/locatedb"),
-	     pattern);
-    f = ftpd_popen(line, "r", 1, 1);
-    if(f == NULL){
-	perror_reply(550, "/bin/locate");
-	return 1;
-    }
-    lreply(200, "Output from find.");
-    while(fgets(line, sizeof(line), f)){
-	if(line[strlen(line)-1] == '\n')
-	    line[strlen(line)-1] = 0;
-	nreply("%s", line);
-    }
-    reply(200, "Done");
-    ftpd_pclose(f);
-    return 0;
-}
-
diff --git a/crypto/kerberosIV/appl/ftp/ftpd/kauth.c b/crypto/kerberosIV/appl/ftp/ftpd/kauth.c
deleted file mode 100644
index 02d23d65683b..000000000000
--- a/crypto/kerberosIV/appl/ftp/ftpd/kauth.c
+++ /dev/null
@@ -1,325 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-
-RCSID("$Id: kauth.c,v 1.14 1997/05/07 02:21:30 assar Exp $");
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <time.h>
-#ifdef HAVE_SYS_TIME_H 
-#include <sys/time.h>
-#endif
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-
-#include <roken.h>
-
-#include <des.h>
-#include <krb.h>
-#include <kafs.h>
-
-#include "extern.h"
-#include "krb4.h"
-#include "auth.h"
-#include "base64.h"
-
-static KTEXT_ST cip;
-static unsigned int lifetime;
-static time_t local_time;
-
-static krb_principal pr;
-
-static int
-save_tkt(char *user, char *instance, char *realm, void *arg, 
-	 int (*key_proc)(char*, char*, char*, void*, des_cblock*), KTEXT *cipp)
-{
-    local_time = time(0);
-    memmove(&cip, *cipp, sizeof(cip));
-    return -1;
-}
-
-static int
-store_ticket(KTEXT cip)
-{
-    char *ptr;
-    des_cblock session;
-    krb_principal sp;
-    unsigned char kvno;
-    KTEXT_ST tkt;
-    int left = cip->length;
-
-    int kerror;
-    
-    time_t kdc_time;
-
-    ptr = (char *) cip->dat;
-
-    /* extract session key */
-    memmove(session, ptr, 8);
-    ptr += 8;
-    left -= 8;
-
-    if (strnlen(ptr, left) == left)
-	return(INTK_BADPW);
-    
-    /* extract server's name */
-    strcpy(sp.name, ptr);
-    ptr += strlen(sp.name) + 1;
-    left -= strlen(sp.name) + 1;
-
-    if (strnlen(ptr, left) == left)
-	return(INTK_BADPW);
-
-    /* extract server's instance */
-    strcpy(sp.instance, ptr);
-    ptr += strlen(sp.instance) + 1;
-    left -= strlen(sp.instance) + 1;
-
-    if (strnlen(ptr, left) == left)
-	return(INTK_BADPW);
-
-    /* extract server's realm */
-    strcpy(sp.realm,ptr);
-    ptr += strlen(sp.realm) + 1;
-    left -= strlen(sp.realm) + 1;
-
-    if(left < 3)
-	return INTK_BADPW;
-    /* extract ticket lifetime, server key version, ticket length */
-    /* be sure to avoid sign extension on lifetime! */
-    lifetime = (unsigned char) ptr[0];
-    kvno = (unsigned char) ptr[1];
-    tkt.length = (unsigned char) ptr[2];
-    ptr += 3;
-    left -= 3;
-    
-    if (tkt.length > left)
-	return(INTK_BADPW);
-
-    /* extract ticket itself */
-    memmove(tkt.dat, ptr, tkt.length);
-    ptr += tkt.length;
-    left -= tkt.length;
-
-    /* Here is where the time should be verified against the KDC.
-     * Unfortunately everything is sent in host byte order (receiver
-     * makes wrong) , and at this stage there is no way for us to know
-     * which byteorder the KDC has. So we simply ignore the time,
-     * there are no security risks with this, the only thing that can
-     * happen is that we might receive a replayed ticket, which could
-     * at most be useless.
-     */
-    
-#if 0
-    /* check KDC time stamp */
-    memmove(&kdc_time, ptr, sizeof(kdc_time));
-    if (swap_bytes) swap_u_long(kdc_time);
-
-    ptr += 4;
-    
-    if (abs((int)(local_time - kdc_time)) > CLOCK_SKEW) {
-        return(RD_AP_TIME);		/* XXX should probably be better
-					   code */
-    }
-#endif
-
-    /* initialize ticket cache */
-
-    if (tf_create(TKT_FILE) != KSUCCESS)
-	return(INTK_ERR);
-
-    if (tf_put_pname(pr.name) != KSUCCESS ||
-	tf_put_pinst(pr.instance) != KSUCCESS) {
-	tf_close();
-	return(INTK_ERR);
-    }
-
-    
-    kerror = tf_save_cred(sp.name, sp.instance, sp.realm, session, 
-			  lifetime, kvno, &tkt, local_time);
-    tf_close();
-
-    return(kerror);
-}
-
-void kauth(char *principal, char *ticket)
-{
-    char *p;
-    int ret;
-  
-    ret = krb_parse_name(principal, &pr);
-    if(ret){
-	reply(500, "Bad principal: %s.", krb_get_err_text(ret));
-	return;
-    }
-    if(pr.realm[0] == 0)
-	krb_get_lrealm(pr.realm, 1);
-
-    if(ticket){
-	cip.length = base64_decode(ticket, &cip.dat);
-	if(cip.length == -1){
-	    reply(500, "Failed to decode data.");
-	    return;
-	}
-	ret = store_ticket(&cip);
-	if(ret){
-	    reply(500, "Kerberos error: %s.", krb_get_err_text(ret));
-	    memset(&cip, 0, sizeof(cip));
-	    return;
-	}
-	if(k_hasafs())
-	    k_afsklog(0, 0);
-	reply(200, "Tickets will be destroyed on exit.");
-	return;
-    }
-    
-    ret = krb_get_in_tkt (pr.name,
-			  pr.instance,
-			  pr.realm,
-			  KRB_TICKET_GRANTING_TICKET,
-			  pr.realm,
-			  DEFAULT_TKT_LIFE,
-			  NULL, save_tkt, NULL);
-    if(ret != INTK_BADPW){
-	reply(500, "Kerberos error: %s.", krb_get_err_text(ret));
-	return;
-    }
-    base64_encode(cip.dat, cip.length, &p);
-    reply(300, "P=%s T=%s", krb_unparse_name(&pr), p);
-    free(p);
-    memset(&cip, 0, sizeof(cip));
-}
-
-
-static char *
-short_date(int32_t dp)
-{
-    char *cp;
-    time_t t = (time_t)dp;
-
-    if (t == (time_t)(-1L)) return "***  Never  *** ";
-    cp = ctime(&t) + 4;
-    cp[15] = '\0';
-    return (cp);
-}
-
-void klist(void)
-{
-    int err;
-
-    char *file = tkt_string();
-
-    krb_principal pr;
-    
-    char buf1[128], buf2[128];
-    int header = 1;
-    CREDENTIALS c;
-
-    
-
-    err = tf_init(file, R_TKT_FIL);
-    if(err != KSUCCESS){
-	reply(500, "%s", krb_get_err_text(err));
-	return;
-    }
-    tf_close();
-
-    /* 
-     * We must find the realm of the ticket file here before calling
-     * tf_init because since the realm of the ticket file is not
-     * really stored in the principal section of the file, the
-     * routine we use must itself call tf_init and tf_close.
-     */
-    err = krb_get_tf_realm(file, pr.realm);
-    if(err != KSUCCESS){
-	reply(500, "%s", krb_get_err_text(err));
-	return;
-    }
-
-    err = tf_init(file, R_TKT_FIL);
-    if(err != KSUCCESS){
-	reply(500, "%s", krb_get_err_text(err));
-	return;
-    }
-
-    err = tf_get_pname(pr.name);
-    if(err != KSUCCESS){
-	reply(500, "%s", krb_get_err_text(err));
-	return;
-    }
-    err = tf_get_pinst(pr.instance);
-    if(err != KSUCCESS){
-	reply(500, "%s", krb_get_err_text(err));
-	return;
-    }
-
-    /* 
-     * You may think that this is the obvious place to get the
-     * realm of the ticket file, but it can't be done here as the
-     * routine to do this must open the ticket file.  This is why 
-     * it was done before tf_init.
-     */
-       
-    lreply(200, "Principal: %s", krb_unparse_name(&pr));
-    while ((err = tf_get_cred(&c)) == KSUCCESS) {
-	if (header) {
-	    lreply(200, "%-15s  %-15s  %s",
-		   "  Issued", "  Expires", "  Principal (kvno)");
-	    header = 0;
-	}
-	strcpy(buf1, short_date(c.issue_date));
-	c.issue_date = krb_life_to_time(c.issue_date, c.lifetime);
-	if (time(0) < (unsigned long) c.issue_date)
-	    strcpy(buf2, short_date(c.issue_date));
-	else
-	    strcpy(buf2, ">>> Expired <<< ");
-	lreply(200, "%s  %s  %s (%d)", buf1, buf2,
-	       krb_unparse_name_long(c.service, c.instance, c.realm), c.kvno); 
-    }
-    if (header && err == EOF) {
-	lreply(200, "No tickets in file.");
-    }
-    reply(200, "");
-}
diff --git a/crypto/kerberosIV/appl/ftp/ftpd/krb4.c b/crypto/kerberosIV/appl/ftp/ftpd/krb4.c
deleted file mode 100644
index 2457c61cc1fe..000000000000
--- a/crypto/kerberosIV/appl/ftp/ftpd/krb4.c
+++ /dev/null
@@ -1,372 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: krb4.c,v 1.19 1997/05/11 09:00:07 assar Exp $");
-#endif
-
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_PARAM_H
-#include <sys/param.h>
-#endif
-#ifdef HAVE_NETINET_IN_h
-#include <netinet/in.h>
-#endif
-
-#include <errno.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <krb.h>
-
-#include "base64.h"
-#include "extern.h"
-#include "auth.h"
-#include "krb4.h"
-
-#include <roken.h>
-
-static AUTH_DAT auth_dat;
-static des_key_schedule schedule;
-
-int krb4_auth(char *auth)
-{
-    auth_complete = 0;
-    reply(334, "Using authentication type %s; ADAT must follow", auth);
-    return 0;
-}
-
-int krb4_adat(char *auth)
-{
-    KTEXT_ST tkt;
-    char *p;
-    int kerror;
-    u_int32_t cs;
-    char msg[35]; /* size of encrypted block */
-    int len;
-
-    char inst[INST_SZ];
-
-    memset(&tkt, 0, sizeof(tkt));
-    len = base64_decode(auth, tkt.dat);
-
-    if(len < 0){
-	reply(501, "Failed to decode base64 data.");
-	return -1;
-    }
-    tkt.length = len;
-
-    k_getsockinst(0, inst, sizeof(inst));
-    kerror = krb_rd_req(&tkt, "ftp", inst, 0, &auth_dat, "");
-    if(kerror == RD_AP_UNDEC){
-	k_getsockinst(0, inst, sizeof(inst));
-	kerror = krb_rd_req(&tkt, "rcmd", inst, 0, &auth_dat, "");
-    }
-
-    if(kerror){
-	reply(535, "Error reading request: %s.", krb_get_err_text(kerror));
-	return -1;
-    }
-  
-    des_set_key(&auth_dat.session, schedule);
-
-    cs = auth_dat.checksum + 1;
-    {
-	unsigned char tmp[4];
-	tmp[0] = (cs >> 24) & 0xff;
-	tmp[1] = (cs >> 16) & 0xff;
-	tmp[2] = (cs >> 8) & 0xff;
-	tmp[3] = cs & 0xff;
-	len = krb_mk_safe(tmp, msg, 4, &auth_dat.session, 
-			  &ctrl_addr, &his_addr);
-    }
-    if(len < 0){
-	reply(535, "Error creating reply: %s.", strerror(errno));
-	return -1;
-    }
-    base64_encode(msg, len, &p);
-    reply(235, "ADAT=%s", p);
-    auth_complete = 1;
-    free(p);
-    return 0;
-}
-
-int krb4_pbsz(int size)
-{
-    if(size > 1048576) /* XXX arbitrary number */
-	size = 1048576;
-    buffer_size = size;
-    reply(200, "OK PBSZ=%d", buffer_size);
-    return 0;
-}
-
-int krb4_prot(int level)
-{
-    if(level == prot_confidential)
-	return -1;
-    return 0;
-}
-
-int krb4_ccc(void)
-{
-    reply(534, "Don't event think about it.");
-    return -1;
-}
-
-int krb4_mic(char *msg)
-{
-    int len;
-    int kerror;
-    MSG_DAT m_data;
-    char *tmp, *cmd;
-  
-    cmd = strdup(msg);
-    
-    len = base64_decode(msg, cmd);
-    if(len < 0){
-	reply(501, "Failed to decode base 64 data.");
-	free(cmd);
-	return -1;
-    }
-    kerror = krb_rd_safe(cmd, len, &auth_dat.session, 
-			 &his_addr, &ctrl_addr, &m_data);
-
-    if(kerror){
-	reply(535, "Error reading request: %s.", krb_get_err_text(kerror));
-	free(cmd);
-	return -1;
-    }
-    
-    tmp = malloc(strlen(msg) + 1);
-    snprintf(tmp, strlen(msg) + 1, "%.*s", (int)m_data.app_length, m_data.app_data);
-    if(!strstr(tmp, "\r\n"))
-	strcat(tmp, "\r\n");
-    new_ftp_command(tmp);
-    free(cmd);
-    return 0;
-}
-
-int krb4_conf(char *msg)
-{
-    prot_level = prot_safe;
-
-    reply(537, "Protection level not supported.");
-    return -1;
-}
-
-int krb4_enc(char *msg)
-{
-    int len;
-    int kerror;
-    MSG_DAT m_data;
-    char *tmp, *cmd;
-  
-    cmd = strdup(msg);
-    
-    len = base64_decode(msg, cmd);
-    if(len < 0){
-	reply(501, "Failed to decode base 64 data.");
-	free(cmd);
-	return -1;
-    }
-    kerror = krb_rd_priv(cmd, len, schedule, &auth_dat.session, 
-			 &his_addr, &ctrl_addr, &m_data);
-
-    if(kerror){
-	reply(535, "Error reading request: %s.", krb_get_err_text(kerror));
-	free(cmd);
-	return -1;
-    }
-    
-    tmp = strdup(msg);
-    snprintf(tmp, strlen(msg) + 1, "%.*s", (int)m_data.app_length, m_data.app_data);
-    if(!strstr(tmp, "\r\n"))
-	strcat(tmp, "\r\n");
-    new_ftp_command(tmp);
-    free(cmd);
-    return 0;
-}
-
-int krb4_read(int fd, void *data, int length)
-{
-    static int left;
-    static char *extra;
-    static int eof;
-    int len, bytes, tx = 0;
-    
-    MSG_DAT m_data;
-    int kerror;
-
-    if(eof){ /* if we haven't reported an end-of-file, do so */
-	eof = 0;
-	return 0;
-    }
-    
-    if(left){
-	if(length > left)
-	    bytes = left;
-	else
-	    bytes = length;
-	memmove(data, extra, bytes);
-	left -= bytes;
-	if(left)
-	    memmove(extra, extra + bytes, left);
-	else
-	    free(extra);
-	length -= bytes;
-	tx += bytes;
-    }
-
-    while(length){
-	unsigned char tmp[4];
-	if(krb_net_read(fd, tmp, 4) < 4){
-	    reply(400, "Unexpected end of file.\n");
-	    return -1;
-	}
-	len = (tmp[0] << 24) | (tmp[1] << 16) | (tmp[2] << 8) | tmp[3];
-	krb_net_read(fd, data_buffer, len);
-	if(data_protection == prot_safe)
-	    kerror = krb_rd_safe(data_buffer, len, &auth_dat.session, 
-				 &his_addr, &ctrl_addr, &m_data);
-	else
-	    kerror = krb_rd_priv(data_buffer, len, schedule, &auth_dat.session,
-				 &his_addr, &ctrl_addr, &m_data);
-	
-	if(kerror){
-	    reply(400, "Failed to read data: %s.", krb_get_err_text(kerror));
-	    return -1;
-	}
-	
-	bytes = m_data.app_length;
-	if(bytes == 0){
-	    if(tx) eof = 1;
-	    return  tx;
-	}
-	if(bytes > length){
-	    left = bytes - length;
-	    bytes = length;
-	    extra = malloc(left);
-	    memmove(extra, m_data.app_data + bytes, left);
-	}
-	memmove((unsigned char*)data + tx, m_data.app_data, bytes);
-	tx += bytes;
-	length -= bytes;
-    }
-    return tx;
-}
-
-int krb4_write(int fd, void *data, int length)
-{
-    int len, bytes, tx = 0;
-
-    len = buffer_size;
-    if(data_protection == prot_safe)
-	len -= 31; /* always 31 bytes overhead */
-    else
-	len -= 26; /* at most 26 bytes */
-    
-    do{
-	if(length < len)
-	    len = length;
-	if(data_protection == prot_safe)
-	    bytes = krb_mk_safe(data, data_buffer+4, len, &auth_dat.session,
-				&ctrl_addr, &his_addr);
-	else
-	    bytes = krb_mk_priv(data, data_buffer+4, len, schedule, 
-				&auth_dat.session,
-				&ctrl_addr, &his_addr);
-	if(bytes == -1){
-	    reply(535, "Failed to make packet: %s.", strerror(errno));
-	    return -1;
-	}
-	data_buffer[0] = (bytes >> 24) & 0xff;
-	data_buffer[1] = (bytes >> 16) & 0xff;
-	data_buffer[2] = (bytes >> 8) & 0xff;
-	data_buffer[3] = bytes & 0xff;
-	if(krb_net_write(fd, data_buffer, bytes+4) < 0)
-	    return -1;
-	length -= len;
-	data = (unsigned char*)data + len;
-	tx += len;
-    }while(length);
-    return tx;
-}
-
-int krb4_userok(char *name)
-{
-    if(!kuserok(&auth_dat, name)){
-	do_login(232, name);
-    }else{
-	reply(530, "User %s access denied.", name);
-    }
-    return 0;
-}
-
-
-int
-krb4_vprintf(const char *fmt, va_list ap)
-{
-    char buf[10240];
-    char *p;
-    char *enc;
-    int code;
-    int len;
-  
-    vsnprintf (buf, sizeof(buf), fmt, ap);
-    enc = malloc(strlen(buf) + 31);
-    if(prot_level == prot_safe){
-	len = krb_mk_safe((u_char*)buf, (u_char*)enc, strlen(buf), &auth_dat.session, 
-			  &ctrl_addr, &his_addr); 
-	code = 631;
-    }else if(prot_level == prot_private){
-	len = krb_mk_priv((u_char*)buf, (u_char*)enc, strlen(buf), schedule, 
-			  &auth_dat.session, &ctrl_addr, &his_addr); 
-	code = 632;
-    }else{
-	len = 0; /* XXX */
-	code = 631;
-    }
-    base64_encode(enc, len, &p);
-    fprintf(stdout, "%d %s\r\n", code, p);
-    free(enc);
-    free(p);
-    return 0;
-}
diff --git a/crypto/kerberosIV/appl/ftp/ftpd/krb4.h b/crypto/kerberosIV/appl/ftp/ftpd/krb4.h
deleted file mode 100644
index f777dbd5c2a9..000000000000
--- a/crypto/kerberosIV/appl/ftp/ftpd/krb4.h
+++ /dev/null
@@ -1,61 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* $Id: krb4.h,v 1.6 1997/04/01 08:17:29 joda Exp $ */
-
-#ifndef __KRB4_H__
-#define __KRB4_H__
-
-#include <stdarg.h>
-
-int krb4_auth(char *auth);
-int krb4_adat(char *auth);
-int krb4_pbsz(int size);
-int krb4_prot(int level);
-int krb4_ccc(void);
-int krb4_mic(char *msg);
-int krb4_conf(char *msg);
-int krb4_enc(char *msg);
-
-int krb4_read(int fd, void *data, int length);
-int krb4_write(int fd, void *data, int length);
-
-int krb4_userok(char *name);
-int krb4_vprintf(const char *fmt, va_list ap);
-
-#endif /* __KRB4_H__ */
diff --git a/crypto/kerberosIV/appl/ftp/ftpd/logwtmp.c b/crypto/kerberosIV/appl/ftp/ftpd/logwtmp.c
deleted file mode 100644
index 95ab216a1718..000000000000
--- a/crypto/kerberosIV/appl/ftp/ftpd/logwtmp.c
+++ /dev/null
@@ -1,136 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: logwtmp.c,v 1.10 1997/05/25 15:17:56 assar Exp $");
-#endif
-
-#include <stdio.h>
-#include <string.h>
-#ifdef TIME_WITH_SYS_TIME
-#include <sys/time.h>
-#include <time.h>
-#elif defined(HAVE_SYS_TIME_H)
-#include <sys/time.h>
-#else
-#include <time.h>
-#endif
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-#ifdef HAVE_UTMP_H
-#include <utmp.h>
-#endif
-#ifdef HAVE_UTMPX_H
-#include <utmpx.h>
-#endif
-#include "extern.h"
-
-#ifndef WTMP_FILE
-#ifdef _PATH_WTMP
-#define WTMP_FILE _PATH_WTMP
-#else
-#define WTMP_FILE "/var/adm/wtmp"
-#endif
-#endif
-
-void
-logwtmp(char *line, char *name, char *host)
-{
-    static int init = 0;
-    static int fd, fdx;
-    struct timeval tv;
-    struct utmp ut;
-#ifdef WTMPX_FILE
-    struct utmpx utx;
-#endif
-
-    memset(&ut, 0, sizeof(struct utmp));
-#ifdef HAVE_UT_TYPE
-    if(name[0])
-	ut.ut_type = USER_PROCESS;
-    else
-	ut.ut_type = DEAD_PROCESS;
-#endif
-    strncpy(ut.ut_line, line, sizeof(ut.ut_line));
-    strncpy(ut.ut_name, name, sizeof(ut.ut_name));
-#ifdef HAVE_UT_PID
-    ut.ut_pid = getpid();
-#endif
-#ifdef HAVE_UT_HOST
-    strncpy(ut.ut_host, host, sizeof(ut.ut_host));
-#endif
-    ut.ut_time = time(NULL);
-
-#ifdef WTMPX_FILE
-    strncpy(utx.ut_line, line, sizeof(utx.ut_line));
-    strncpy(utx.ut_user, name, sizeof(utx.ut_user));
-    strncpy(utx.ut_host, host, sizeof(utx.ut_host));
-#ifdef HAVE_UT_SYSLEN
-    utx.ut_syslen = strlen(host) + 1;
-    if (utx.ut_syslen > sizeof(utx.ut_host))
-        utx.ut_syslen = sizeof(utx.ut_host);
-#endif
-    gettimeofday (&tv, 0);
-    utx.ut_tv.tv_sec = tv.tv_sec;
-    utx.ut_tv.tv_usec = tv.tv_usec;
-
-    if(name[0])
-	utx.ut_type = USER_PROCESS;
-    else
-	utx.ut_type = DEAD_PROCESS;
-#endif
-
-    if(!init){
-	fd = open(WTMP_FILE, O_WRONLY|O_APPEND, 0);
-#ifdef WTMPX_FILE
-	fdx = open(WTMPX_FILE, O_WRONLY|O_APPEND, 0);
-#endif
-	init = 1;
-    }
-    if(fd >= 0) {
-	write(fd, &ut, sizeof(struct utmp)); /* XXX */
-#ifdef WTMPX_FILE
-	write(fdx, &utx, sizeof(struct utmpx));
-#endif	
-    }
-}
diff --git a/crypto/kerberosIV/appl/ftp/ftpd/pathnames.h b/crypto/kerberosIV/appl/ftp/ftpd/pathnames.h
deleted file mode 100644
index 1bd2be1a1efa..000000000000
--- a/crypto/kerberosIV/appl/ftp/ftpd/pathnames.h
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * Copyright (c) 1989, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)pathnames.h	8.1 (Berkeley) 6/4/93
- */
-
-#ifdef HAVE_PATHS_H
-#include <paths.h>
-#endif
-
-#ifndef _PATH_DEVNULL
-#define _PATH_DEVNULL "/dev/null"
-#endif
-
-#ifndef _PATH_NOLOGIN
-#define _PATH_NOLOGIN "/etc/nologin"
-#endif
-
-#ifndef _PATH_BSHELL
-#define _PATH_BSHELL "/bin/sh"
-#endif
-
-#define	_PATH_FTPUSERS		"/etc/ftpusers"
-#define	_PATH_FTPCHROOT		"/etc/ftpchroot"
-#define	_PATH_FTPWELCOME	"/etc/ftpwelcome"
-#define	_PATH_FTPLOGINMESG	"/etc/motd"
diff --git a/crypto/kerberosIV/appl/ftp/ftpd/popen.c b/crypto/kerberosIV/appl/ftp/ftpd/popen.c
deleted file mode 100644
index 58c4985a0b90..000000000000
--- a/crypto/kerberosIV/appl/ftp/ftpd/popen.c
+++ /dev/null
@@ -1,224 +0,0 @@
-/*
- * Copyright (c) 1988, 1993, 1994
- *	The Regents of the University of California.  All rights reserved.
- *
- * This code is derived from software written by Ken Arnold and
- * published in UNIX Review, Vol. 6, No. 8.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: popen.c,v 1.16 1997/06/01 03:14:06 assar Exp $");
-#endif
-
-#include <sys/types.h>
-#ifdef TIME_WITH_SYS_TIME
-#include <sys/time.h>
-#include <time.h>
-#elif defined(HAVE_SYS_TIME_H)
-#include <sys/time.h>
-#else
-#include <time.h>
-#endif
-#ifdef HAVE_SYS_RESOURCE_H
-#include <sys/resource.h>
-#endif
-#include <sys/wait.h>
-
-#include <errno.h>
-#include <glob.h>
-#include <signal.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-
-#include "extern.h"
-
-#include <roken.h>
-
-/* 
- * Special version of popen which avoids call to shell.  This ensures
- * no one may create a pipe to a hidden program as a side effect of a
- * list or dir command.
- */
-static int *pids;
-static int fds;
-
-extern int dochroot;
-
-/* return path prepended with ~ftp if that file exists, otherwise
- * return path unchanged
- */
-
-const char *
-ftp_rooted(const char *path)
-{
-    static char home[MaxPathLen] = "";
-    static char newpath[MaxPathLen];
-    struct passwd *pwd;
-
-    if(!home[0])
-	if((pwd = k_getpwnam("ftp")))
-	    strcpy(home, pwd->pw_dir);
-    snprintf(newpath, sizeof(newpath), "%s/%s", home, path);
-    if(access(newpath, X_OK))
-	strcpy(newpath, path);
-    return newpath;
-}
-
-
-FILE *
-ftpd_popen(char *program, char *type, int do_stderr, int no_glob)
-{
-	char *cp;
-	FILE *iop;
-	int argc, gargc, pdes[2], pid;
-	char **pop, *argv[100], *gargv[1000];
-	char *foo;
-
-	if (strcmp(type, "r") && strcmp(type, "w"))
-		return (NULL);
-
-	if (!pids) {
-
-	    /* This function is ugly and should be rewritten, in
-	     * modern unices there is no such thing as a maximum
-	     * filedescriptor.
-	     */
-
-	    fds = getdtablesize();
-	    pids = (int*)calloc(fds, sizeof(int));
-	    if(!pids)
-		return NULL;
-	}
-	if (pipe(pdes) < 0)
-		return (NULL);
-
-	/* break up string into pieces */
-	for (argc = 0, cp = program;; cp = NULL) {
-		foo = NULL;
-		if (!(argv[argc++] = strtok_r(cp, " \t\n", &foo)))
-			break;
-	}
-
-	gargv[0] = (char*)ftp_rooted(argv[0]);
-	/* glob each piece */
-	for (gargc = argc = 1; argv[argc]; argc++) {
-		glob_t gl;
-		int flags = GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE;
-
-		memset(&gl, 0, sizeof(gl));
-		if (no_glob || glob(argv[argc], flags, NULL, &gl))
-			gargv[gargc++] = strdup(argv[argc]);
-		else
-			for (pop = gl.gl_pathv; *pop; pop++)
-				gargv[gargc++] = strdup(*pop);
-		globfree(&gl);
-	}
-	gargv[gargc] = NULL;
-
-	iop = NULL;
-	switch(pid = fork()) {
-	case -1:			/* error */
-		close(pdes[0]);
-		close(pdes[1]);
-		goto pfree;
-		/* NOTREACHED */
-	case 0:				/* child */
-		if (*type == 'r') {
-			if (pdes[1] != STDOUT_FILENO) {
-				dup2(pdes[1], STDOUT_FILENO);
-				close(pdes[1]);
-			}
-			if(do_stderr)
-			    dup2(STDOUT_FILENO, STDERR_FILENO);
-			close(pdes[0]);
-		} else {
-			if (pdes[0] != STDIN_FILENO) {
-				dup2(pdes[0], STDIN_FILENO);
-				close(pdes[0]);
-			}
-			close(pdes[1]);
-		}
-		execv(gargv[0], gargv);
-		gargv[0] = argv[0];
-		execv(gargv[0], gargv);
-		_exit(1);
-	}
-	/* parent; assume fdopen can't fail...  */
-	if (*type == 'r') {
-		iop = fdopen(pdes[0], type);
-		close(pdes[1]);
-	} else {
-		iop = fdopen(pdes[1], type);
-		close(pdes[0]);
-	}
-	pids[fileno(iop)] = pid;
-	
-pfree:	
-	for (argc = 1; gargv[argc] != NULL; argc++)
-	    free(gargv[argc]);
-
-
-	return (iop);
-}
-
-int
-ftpd_pclose(FILE *iop)
-{
-	int fdes, status;
-	pid_t pid;
-	sigset_t sigset, osigset;
-
-	/*
-	 * pclose returns -1 if stream is not associated with a
-	 * `popened' command, or, if already `pclosed'.
-	 */
-	if (pids == 0 || pids[fdes = fileno(iop)] == 0)
-		return (-1);
-	fclose(iop);
-	sigemptyset(&sigset);
-	sigaddset(&sigset, SIGINT);
-	sigaddset(&sigset, SIGQUIT);
-	sigaddset(&sigset, SIGHUP);
-	sigprocmask(SIG_BLOCK, &sigset, &osigset);
-	while ((pid = waitpid(pids[fdes], &status, 0)) < 0 && errno == EINTR)
-		continue;
-	sigprocmask(SIG_SETMASK, &osigset, NULL);
-	pids[fdes] = 0;
-	if (pid < 0)
-		return (pid);
-	if (WIFEXITED(status))
-		return (WEXITSTATUS(status));
-	return (1);
-}
diff --git a/crypto/kerberosIV/appl/kauth/Makefile.in b/crypto/kerberosIV/appl/kauth/Makefile.in
deleted file mode 100644
index 97bfdb42edf7..000000000000
--- a/crypto/kerberosIV/appl/kauth/Makefile.in
+++ /dev/null
@@ -1,112 +0,0 @@
-# $Id: Makefile.in,v 1.33 1997/04/05 21:24:35 assar Exp $
-
-SHELL = /bin/sh
-
-srcdir = @srcdir@
-VPATH = @srcdir@
-
-topdir = ../..
-
-CC = @CC@
-AR = ar
-RANLIB = @RANLIB@
-DEFS = @DEFS@ -DBINDIR='"$(bindir)"'
-CFLAGS = @CFLAGS@
-LD_FLAGS = @LD_FLAGS@
-INSTALL = @INSTALL@
-INSTALL_PROGRAM = @INSTALL_PROGRAM@
-LIBS = @LIBS@
-MKINSTALLDIRS = @top_srcdir@/mkinstalldirs
-
-prefix = @prefix@
-exec_prefix = @exec_prefix@
-libdir = @libdir@
-libexecdir = @libexecdir@
-bindir = @bindir@
-transform=@program_transform_name@
-EXECSUFFIX=@EXECSUFFIX@
-
-PROG_BIN	= kauth$(EXECSUFFIX) ksrvtgt
-PROG_LIBEXEC	= kauthd$(EXECSUFFIX)
-PROGS = $(PROG_BIN) $(PROG_LIBEXEC)
-
-SOURCES_KAUTH  = kauth.c rkinit.c
-SOURCES_KAUTHD = kauthd.c
-SOURCES_COMMON = encdata.c marshall.c
-
-OBJECTS_KAUTH  = kauth.o rkinit.o
-OBJECTS_KAUTHD = kauthd.o
-OBJECTS_COMMON = marshall.o encdata.o
-
-OBJECTS = $(OBJECTS_KAUTH) $(OBJECTS_KAUTHD)
-SOURCES = $(SOURCES_KAUTH) $(SOURCES_KAUTHD) $(SOURCES_COMMON)
-
-KRB_KAFS_LIB = @KRB_KAFS_LIB@
-
-all: $(PROGS)
-
-Wall:
-	make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__"
-
-.c.o:
-	$(CC) -c $(CPPFLAGS) $(DEFS) -I../../include -I$(srcdir) $(CFLAGS) $<
-
-install: all
-	$(MKINSTALLDIRS) $(bindir) $(libexecdir)
-	for x in $(PROG_BIN); do \
-	  $(INSTALL_PROGRAM) $$x $(bindir)/`echo $$x| sed '$(transform)'`; \
-	done
-	if test -f $(bindir)/zrefresh -o -r  $(bindir)/zrefresh; then \
-	  true; \
-	else \
-	  $(INSTALL_PROGRAM) $(srcdir)/zrefresh $(bindir)/`echo zrefresh | sed '$(transform)'`; \
-	fi
-	for x in $(PROG_LIBEXEC); do \
-	  $(INSTALL_PROGRAM) $$x $(libexecdir)/`echo $$x| sed '$(transform)'`; \
-	done
-
-uninstall:
-	for x in $(PROG_BIN); do \
-	  rm -f $(bindir)/`echo $$x| sed '$(transform)'`; \
-	done
-	for x in $(PROG_LIBEXEC); do \
-	  rm -f $(libexecdir)/`echo $$x| sed '$(transform)'`; \
-	done
-
-TAGS: $(SOURCES)
-	etags $(SOURCES)
-
-check:
-
-clean:
-	rm -f *.a *.o $(PROGS)
-
-mostlyclean: clean
-
-distclean: clean
-	rm -f Makefile *.tab.c *~
-
-realclean: distclean
-	rm -f TAGS
-
-dist: $(DISTFILES)
-	for file in $(DISTFILES); do \
-	  ln $$file ../`cat ../.fname`/lib \
-	    || cp -p $$file ../`cat ../.fname`/lib; \
-	done
-
-KLIB=-L../../lib/krb -lkrb -L../../lib/des -ldes
-LIBROKEN=-L../../lib/roken -lroken
-
-kauth$(EXECSUFFIX): $(OBJECTS_KAUTH) $(OBJECTS_COMMON)
-	$(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ $(OBJECTS_KAUTH) $(OBJECTS_COMMON) $(KRB_KAFS_LIB) $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN)
-
-kauthd$(EXECSUFFIX): $(OBJECTS_KAUTHD) $(OBJECTS_COMMON)
-	$(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ $(OBJECTS_KAUTHD) $(OBJECTS_COMMON) $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN)
-
-ksrvtgt: ksrvtgt.in
-	sed -e "s!%bindir%!$(bindir)!" $(srcdir)/ksrvtgt.in > $@
-	chmod +x $@
-
-
-$(OBJECTS): ../../include/config.h
diff --git a/crypto/kerberosIV/appl/kauth/encdata.c b/crypto/kerberosIV/appl/kauth/encdata.c
deleted file mode 100644
index 800326a4fc83..000000000000
--- a/crypto/kerberosIV/appl/kauth/encdata.c
+++ /dev/null
@@ -1,101 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "kauth.h"
-
-RCSID("$Id: encdata.c,v 1.9 1997/04/01 08:17:30 joda Exp $");
-
-int
-write_encrypted (int fd, void *buf, size_t len, des_key_schedule schedule,
-		 des_cblock *session, struct sockaddr_in *me,
-		 struct sockaddr_in *him)
-{
-     void *outbuf;
-     int32_t outlen, l;
-     int i;
-     unsigned char tmp[4];
-
-     outbuf = malloc(len + 30);
-     if (outbuf == NULL)
-	  return -1;
-     outlen = krb_mk_priv (buf, outbuf, len, schedule, session, me, him);
-     if (outlen < 0) {
-	  free(outbuf);
-	  return -1;
-     }
-     l = outlen;
-     for(i = 3; i >= 0; i--, l = l >> 8)
-	 tmp[i] = l & 0xff;
-     if (krb_net_write (fd, tmp, 4) != 4 ||
-	 krb_net_write (fd, outbuf, outlen) != outlen) {
-	  free(outbuf);
-	  return -1;
-     }
-     
-     free(outbuf);
-     return 0;
-}
-
-
-int
-read_encrypted (int fd, void *buf, size_t len, void **ret,
-		des_key_schedule schedule, des_cblock *session,
-		struct sockaddr_in *him, struct sockaddr_in *me)
-{
-     int status;
-     int32_t l;
-     MSG_DAT msg;
-     unsigned char tmp[4];
-
-     l = krb_net_read (fd, tmp, 4);
-     if (l != 4)
-	 return l;
-     l = (tmp[0] << 24) | (tmp[1] << 16) | (tmp[2] << 8) | tmp[3];
-     if (l > len)
-	  return -1;
-     if (krb_net_read (fd, buf, l) != l)
-	  return -1;
-     status = krb_rd_priv (buf, l, schedule, session, him, me, &msg);
-     if (status != RD_AP_OK) {
-	  fprintf (stderr, "read_encrypted: %s\n",
-		   krb_get_err_text(status));
-	  return -1;
-     }
-     *ret  = msg.app_data;
-     return  msg.app_length;
-}
diff --git a/crypto/kerberosIV/appl/kauth/kauth.c b/crypto/kerberosIV/appl/kauth/kauth.c
deleted file mode 100644
index 84614b048e4f..000000000000
--- a/crypto/kerberosIV/appl/kauth/kauth.c
+++ /dev/null
@@ -1,312 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/*
- * Little program that reads an srvtab or password and
- * creates a suitable ticketfile and associated AFS tokens.
- *
- * If an optional command is given the command is executed in a
- * new PAG and when the command exits the tickets are destroyed.
- */
-
-#include "kauth.h"
-
-RCSID("$Id: kauth.c,v 1.75 1997/05/02 15:09:24 assar Exp $");
-
-krb_principal princ;
-static char srvtab[MaxPathLen + 1];
-static int lifetime = DEFAULT_TKT_LIFE;
-static char remote_tktfile[MaxPathLen + 1];
-static char remoteuser[100];
-static char *cell = 0;
-
-static void
-usage(void)
-{
-    fprintf(stderr,
-	    "Usage: %s [-n <name>] [-r remoteuser] [-t remote ticketfile]"
-	    "[-l lifetime (in minutes) ] [-h hosts... ]"
-	    "[-f srvtab ] [-c AFS cell name ] [command ... ]\n",
-	    __progname);
-    fprintf(stderr, "\nA fully qualified name can be given user[.instance][@realm]\nRealm is converted to uppercase!\n");
-    exit(1);
-}
-
-static void
-doexec(int argc, char **argv)
-{
-    int status;
-    pid_t ret;
-
-    switch (fork()) {
-    case -1:
-	err (1, "fork");
-	break;
-    case 0:
-	/* in child */
-	execvp(argv[0], argv);
-	err (1, "Can't exec program ``%s''", argv[0]);
-	break;
-    default:
-	/* in parent */
-	do {
-	    ret = wait(&status);
-	} while ((ret > 0 && !WIFEXITED(status)) || (ret < 0 && errno == EINTR));
-	if (ret < 0)
-	    perror("wait");
-	dest_tkt();
-	if (k_hasafs())
-	    k_unlog();	 
-	break;
-    }
-}
-
-static RETSIGTYPE
-renew(int sig)
-{
-    int code;
-
-    signal(SIGALRM, renew);
-
-    code = krb_get_svc_in_tkt(princ.name, princ.instance, princ.realm,
-			      KRB_TICKET_GRANTING_TICKET,
-			      princ.realm, lifetime, srvtab);
-    if (code)
-	warnx ("%s", krb_get_err_text(code));
-    else if (k_hasafs())
-	{
-	    if ((code = k_afsklog(cell, NULL)) != 0 && code != KDC_PR_UNKNOWN) {
-		warnx ("%s", krb_get_err_text(code));
-	    }
-	}
-
-    alarm(krb_life_to_time(0, lifetime)/2 - 60);
-    SIGRETURN(0);
-}
-
-static int
-zrefresh(void)
-{
-    switch (fork()) {
-    case -1:
-	err (1, "Warning: Failed to fork zrefresh");
-	return -1;
-    case 0:
-	/* Child */
-	execlp("zrefresh", "zrefresh", 0);
-	execl(BINDIR "/zrefresh", "zrefresh", 0);
-	exit(1);
-    default:
-	/* Parent */
-	break;
-    }
-    return 0;
-}
-
-static int
-key_to_key(char *user, char *instance, char *realm, void *arg,
-	   des_cblock *key)
-{
-    memcpy(key, arg, sizeof(des_cblock));
-    return 0;
-}
-
-int
-main(int argc, char **argv)
-{
-    int code, more_args;
-    int ret;
-    int c;
-    char *file;
-    int pflag = 0;
-    char passwd[100];
-    des_cblock key;
-    char **host;
-    int nhost;
-    char tf[MaxPathLen];
-
-    set_progname (argv[0]);
-
-    if ((file =  getenv("KRBTKFILE")) == 0)
-	file = TKT_FILE;  
-
-    memset(&princ, 0, sizeof(princ));
-    memset(srvtab, 0, sizeof(srvtab));
-    *remoteuser = '\0';
-    nhost = 0;
-  
-    while ((c = getopt(argc, argv, "r:t:f:hl:n:c:")) != EOF)
-	switch (c) {
-	case 'f':
-	    strncpy(srvtab, optarg, sizeof(srvtab));
-	    break;
-	case 't':
-	    strncpy(remote_tktfile, optarg, sizeof(remote_tktfile));
-	    break;
-	case 'r':
-	    strncpy(remoteuser, optarg, sizeof(remoteuser));
-	    break;
-	case 'l':
-	    lifetime = atoi(optarg);
-	    if (lifetime == -1)
-		lifetime = 255;
-	    else if (lifetime < 5)
-		lifetime = 1;
-	    else
-		lifetime = krb_time_to_life(0, lifetime*60);
-	    if (lifetime > 255)
-		lifetime = 255;
-	    break;
-	case 'n':
-	    if ((code = krb_parse_name(optarg, &princ)) != 0) {
-		warnx ("%s", krb_get_err_text(code));
-		usage();
-	    }
-	    strupr(princ.realm);
-	    pflag = 1;
-	    break;
-	case 'c':
-	    cell = optarg;
-	    break;
-	case 'h':
-	    host = argv + optind;
-	    for(nhost = 0; optind < argc && *argv[optind] != '-'; ++optind)
-		++nhost;
-	    break;
-	case '?':
-	default:
-	    usage();
-	    break;
-	}
-  
-    /* Look for kerberos name */
-    if (!pflag && optind < argc && krb_parse_name(argv[optind], &princ) == 0) {
-	++optind;	 
-	strupr(princ.realm);
-    }
-
-    if (princ.name[0] == '\0' && krb_get_default_principal (princ.name, 
-							    princ.instance, 
-							    princ.realm) < 0)
-	errx (1, "Could not get default principal");
-  
-    if (*remoteuser == '\0')
-	strcpy (remoteuser, princ.name);
-
-    more_args = argc - optind;
-  
-    if (princ.realm[0] == '\0')
-	if (krb_get_lrealm(princ.realm, 1) != KSUCCESS)
-	    strcpy(princ.realm, KRB_REALM);
-  
-    if (more_args) {
-	int f;
-      
-	do{
-	    snprintf(tf, sizeof(tf),
-		     TKT_ROOT "%u_%u",
-		     (unsigned)getuid(),
-		     (unsigned)(getpid()*time(0)));
-	    f = open(tf, O_CREAT|O_EXCL|O_RDWR);
-	}while(f < 0);
-	close(f);
-	unlink(tf);
-	setenv("KRBTKFILE", tf, 1);
-	krb_set_tkt_string (tf);
-    }
-    
-    if (srvtab[0])
-	{
-	    signal(SIGALRM, renew);
-
-	    code = read_service_key (princ.name, princ.instance, princ.realm, 0, 
-				     srvtab, (char *)&key);
-	    if (code == KSUCCESS)
-		code = krb_get_in_tkt(princ.name, princ.instance, princ.realm,
-				      KRB_TICKET_GRANTING_TICKET,
-				      princ.realm, lifetime,
-				      key_to_key, NULL, key);
-	    alarm(krb_life_to_time(0, lifetime)/2 - 60);
-	}
-    else {
-	char prompt[128];
-	  
-	snprintf(prompt, sizeof(prompt), "%s's Password: ", krb_unparse_name(&princ));
-	if (des_read_pw_string(passwd, sizeof(passwd)-1, prompt, 0)){
-	    memset(passwd, 0, sizeof(passwd));
-	    exit(1);
-	}
-	des_string_to_key (passwd, &key);
-	code = krb_get_in_tkt (princ.name, princ.instance, princ.realm,
-			       KRB_TICKET_GRANTING_TICKET,
-			       princ.realm, lifetime,
-			       key_to_key, NULL, key);
-	if(code == INTK_BADPW) {
-	    afs_string_to_key (passwd, princ.realm, &key);
-	    code = krb_get_in_tkt (princ.name, princ.instance, princ.realm,
-				   KRB_TICKET_GRANTING_TICKET,
-				   princ.realm, lifetime,
-				   key_to_key, NULL, key);
-	}
-	memset(passwd, 0, sizeof(passwd));
-    }
-    if (code) {
-	memset (key, 0, sizeof(key));
-	errx (1, "%s", krb_get_err_text(code));
-    }
-
-    if (k_hasafs()) {
-	if (more_args)
-	    k_setpag();
-	if ((code = k_afsklog(cell, NULL)) != 0 && code != KDC_PR_UNKNOWN)
-	    warnx ("%s", krb_get_err_text(code));
-    }
-
-    for(ret = 0; nhost-- > 0; host++)
-	ret += rkinit(&princ, lifetime, remoteuser, remote_tktfile, &key, *host);
-  
-    if (ret)
-	return ret;
-
-    if (more_args)
-	doexec(more_args, &argv[optind]);
-    else
-	zrefresh();
-  
-    return 0;
-}
diff --git a/crypto/kerberosIV/appl/kauth/kauth.h b/crypto/kerberosIV/appl/kauth/kauth.h
deleted file mode 100644
index 2c48fcc7e327..000000000000
--- a/crypto/kerberosIV/appl/kauth/kauth.h
+++ /dev/null
@@ -1,118 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* $Id: kauth.h,v 1.18 1997/05/20 18:40:31 bg Exp $ */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif /* HAVE_CONFIG_H */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <ctype.h>
-#include <string.h>
-#include <signal.h>
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-#include <errno.h>
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-#ifdef HAVE_PWD_H
-#include <pwd.h>
-#endif
-#ifdef HAVE_GRP_H
-#include <grp.h>
-#endif
-
-#ifdef TIME_WITH_SYS_TIME
-#include <sys/time.h>
-#include <time.h>
-#elif defined(HAVE_SYS_TIME_H)
-#include <sys/time.h>
-#else
-#include <time.h>
-#endif
-#ifdef HAVE_SYS_RESOURCE_H
-#include <sys/resource.h>
-#endif /* HAVE_SYS_RESOURCE_H */
-#ifdef HAVE_SYS_WAIT_H
-#include <sys/wait.h>
-#endif
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-#ifdef HAVE_NETDB_H
-#include <netdb.h>
-#endif
-#ifdef SOCKS
-#include <socks.h>
-#endif
-
-#include <err.h>
-
-#include <krb.h>
-#include <kafs.h>
-
-#include <roken.h>
-
-#define KAUTH_PORT 2120
-
-#define KAUTH_VERSION "RKINIT.0"
-
-int rkinit (krb_principal*, int, char*, char*, des_cblock*, char*);
-
-int write_encrypted (int, void*, size_t, des_key_schedule,
-		     des_cblock*, struct sockaddr_in*, struct sockaddr_in*);
-
-int read_encrypted (int, void*, size_t, void **, des_key_schedule,
-		    des_cblock*, struct sockaddr_in*, struct sockaddr_in*);
-
-unsigned pack_args (char *, krb_principal*, int, char*, char*);
-
-int unpack_args (char*, krb_principal*, int*, char*, char*);
diff --git a/crypto/kerberosIV/appl/kauth/kauthd.c b/crypto/kerberosIV/appl/kauth/kauthd.c
deleted file mode 100644
index b6a40cf9a0ac..000000000000
--- a/crypto/kerberosIV/appl/kauth/kauthd.c
+++ /dev/null
@@ -1,201 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "kauth.h"
-
-RCSID("$Id: kauthd.c,v 1.22 1997/05/18 20:37:55 assar Exp $");
-
-krb_principal princ;
-static char locuser[SNAME_SZ + 1];
-static int  lifetime;
-static char tktfile[MaxPathLen + 1];
-
-struct remote_args {
-     int sock;
-     des_key_schedule *schedule;
-     des_cblock *session;
-     struct sockaddr_in *me, *her;
-};
-
-static int
-decrypt_remote_tkt (char *user, char *inst, char *realm, void *varg,
-		    key_proc_t key_proc, KTEXT *cipp)
-{
-     char buf[BUFSIZ];
-     void *ptr;
-     int len;
-     KTEXT cip  = *cipp;
-     struct remote_args *args = (struct remote_args *)varg;
-
-     write_encrypted (args->sock, cip->dat, cip->length,
-		      *args->schedule, args->session, args->me,
-		      args->her);
-     len = read_encrypted (args->sock, buf, sizeof(buf), &ptr, *args->schedule,
-			   args->session, args->her, args->me);
-     memcpy(cip->dat, ptr, cip->length);
-	  
-     return 0;
-}
-
-static int
-doit(int sock)
-{
-     int status;
-     KTEXT_ST ticket;
-     AUTH_DAT auth;
-     char instance[INST_SZ + 1];
-     des_key_schedule schedule;
-     struct sockaddr_in thisaddr, thataddr;
-     int addrlen;
-     int len;
-     char buf[BUFSIZ];
-     void *data;
-     struct passwd *passwd;
-     char version[KRB_SENDAUTH_VLEN + 1];
-     char remotehost[MaxHostNameLen];
-
-     addrlen = sizeof(thisaddr);
-     if (getsockname (sock, (struct sockaddr *)&thisaddr, &addrlen) < 0 ||
-	 addrlen != sizeof(thisaddr)) {
-	  return 1;
-     }
-     addrlen = sizeof(thataddr);
-     if (getpeername (sock, (struct sockaddr *)&thataddr, &addrlen) < 0 ||
-	 addrlen != sizeof(thataddr)) {
-	  return 1;
-     }
-
-     inaddr2str (thataddr.sin_addr, remotehost, sizeof(remotehost));
-
-     k_getsockinst (sock, instance, sizeof(instance));
-     status = krb_recvauth (KOPT_DO_MUTUAL, sock, &ticket, "rcmd", instance,
-			    &thataddr, &thisaddr, &auth, "", schedule,
-			    version);
-     if (status != KSUCCESS ||
-	 strncmp(version, KAUTH_VERSION, KRB_SENDAUTH_VLEN) != 0) {
-	  return 1;
-     }
-     len = read_encrypted (sock, buf, sizeof(buf), &data, schedule,
-			   &auth.session, &thataddr, &thisaddr);
-     if (len < 0) {
-	  write_encrypted (sock, "read_enc failed",
-			   sizeof("read_enc failed") - 1, schedule,
-			   &auth.session, &thisaddr, &thataddr);
-	  return 1;
-     }
-     if (unpack_args(data, &princ, &lifetime, locuser,
-		     tktfile)) {
-	  write_encrypted (sock, "unpack_args failed",
-			   sizeof("unpack_args failed") - 1, schedule,
-			   &auth.session, &thisaddr, &thataddr);
-	  return 1;
-     }
-
-     if( kuserok(&auth, locuser) != 0) {
-	 snprintf(buf, sizeof(buf), "%s cannot get tickets for %s",
-		  locuser, krb_unparse_name(&princ));
-	 syslog (LOG_ERR, buf);
-	 write_encrypted (sock, buf, strlen(buf), schedule,
-			  &auth.session, &thisaddr, &thataddr);
-	 return 1;
-     }
-     passwd = k_getpwnam (locuser);
-     if (passwd == NULL) {
-	  snprintf (buf, sizeof(buf), "No user '%s'", locuser);
-	  syslog (LOG_ERR, buf);
-	  write_encrypted (sock, buf, strlen(buf), schedule,
-			   &auth.session, &thisaddr, &thataddr);
-	  return 1;
-     }
-     if (setgid (passwd->pw_gid) ||
-	 initgroups(passwd->pw_name, passwd->pw_gid) ||
-	 setuid(passwd->pw_uid)) {
-	  snprintf (buf, sizeof(buf), "Could not change user");
-	  syslog (LOG_ERR, buf);
-	  write_encrypted (sock, buf, strlen(buf), schedule,
-			   &auth.session, &thisaddr, &thataddr);
-	  return 1;
-     }
-     write_encrypted (sock, "ok", sizeof("ok") - 1, schedule,
-		      &auth.session, &thisaddr, &thataddr);
-
-     if (*tktfile == 0)
-	 snprintf(tktfile, sizeof(tktfile), "%s%u", TKT_ROOT, (unsigned)getuid());
-     krb_set_tkt_string (tktfile);
-
-     {
-	  struct remote_args arg;
-
-	  arg.sock     = sock;
-	  arg.schedule = &schedule;
-	  arg.session  = &auth.session;
-	  arg.me       = &thisaddr;
-	  arg.her      = &thataddr;
-
-	  status = krb_get_in_tkt (princ.name, princ.instance, princ.realm,
-				   KRB_TICKET_GRANTING_TICKET,
-				   princ.realm,
-				   lifetime, NULL, decrypt_remote_tkt, &arg);
-     }
-     if (status == KSUCCESS) {
-	 syslog (LOG_INFO, "from %s(%s): %s -> %s",
-		 remotehost,
-		 inet_ntoa(thataddr.sin_addr),
-		 locuser,
-		 krb_unparse_name (&princ));
-	  write_encrypted (sock, "ok", sizeof("ok") - 1, schedule,
-			   &auth.session, &thisaddr, &thataddr);
-	  return 0;
-     } else {
-	  snprintf (buf, sizeof(buf), "TGT failed: %s", krb_get_err_text(status));
-	  syslog (LOG_NOTICE, buf);
-	  write_encrypted (sock, buf, strlen(buf), schedule,
-			   &auth.session, &thisaddr, &thataddr);
-	  return 1;
-     }
-}
-
-int
-main (int argc, char **argv)
-{
-    openlog ("kauthd", LOG_ODELAY, LOG_AUTH);
-
-    if(argc > 1 && strcmp(argv[1], "-i") == 0)
-	mini_inetd (k_getportbyname("kauth", "tcp", htons(KAUTH_PORT)));
-    return doit(STDIN_FILENO);
-}
diff --git a/crypto/kerberosIV/appl/kauth/ksrvtgt.in b/crypto/kerberosIV/appl/kauth/ksrvtgt.in
deleted file mode 100644
index 7571d2d0778b..000000000000
--- a/crypto/kerberosIV/appl/kauth/ksrvtgt.in
+++ /dev/null
@@ -1,14 +0,0 @@
-#! /bin/sh
-# $Id$
-
-usage="Usage: `basename $0` name instance [[realm] srvtab]"
-
-if [ $# -lt 2 -o $# -gt 4 ]; then
-	echo "$usage"
-	exit 1
-fi
-
-srvtab="${4-${3-/etc/kerberosIV/srvtab}}"
-realm="${4+@$3}"
-
-kauth -n "$1.$2$realm" -l 5 -f "$srvtab "
diff --git a/crypto/kerberosIV/appl/kauth/marshall.c b/crypto/kerberosIV/appl/kauth/marshall.c
deleted file mode 100644
index 4f1bfeb84f6c..000000000000
--- a/crypto/kerberosIV/appl/kauth/marshall.c
+++ /dev/null
@@ -1,97 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "kauth.h"
-
-RCSID("$Id: marshall.c,v 1.7 1997/04/01 08:17:32 joda Exp $");
-
-unsigned
-pack_args (char *buf, krb_principal *pr, int lifetime,
-	   char *locuser, char *tktfile)
-{
-    char *p;
-
-    p = buf;
-    strcpy (p, pr->name);
-    p += strlen (pr->name) + 1;
-    strcpy (p, pr->instance);
-    p += strlen (pr->instance) + 1;
-    strcpy (p, pr->realm);
-    p += strlen (pr->realm) + 1;
-    *p++ = (unsigned char)lifetime;
-    strcpy(p, locuser);
-    p += strlen (locuser) + 1;
-    strcpy(p, tktfile);
-    p += strlen(tktfile) + 1;
-    return p - buf;
-}
-
-int
-unpack_args (char *buf, krb_principal *pr, int *lifetime,
-	     char *locuser, char *tktfile)
-{
-    int len;
-
-    len = strlen(buf);
-    if (len > SNAME_SZ)
-	return -1;
-    strncpy(pr->name, buf, len + 1);
-    buf += len + 1;
-    len = strlen (buf);
-    if (len > INST_SZ)
-	return -1;
-    strncpy (pr->instance, buf, len + 1);
-    buf += len + 1;
-    len = strlen (buf);
-    if (len > REALM_SZ)
-	return -1;
-    strncpy (pr->realm, buf, len + 1);
-    buf += len + 1;
-    *lifetime = (unsigned char)*buf++;
-    len = strlen(buf);
-    if (len > SNAME_SZ)
-	return -1;
-    strncpy (locuser, buf, len + 1);
-    buf += len + 1;
-    len = strlen(buf);
-    if (len > MaxPathLen)
-	return -1;
-    strncpy (tktfile, buf, len + 1);
-    buf += len + 1;
-    return 0;
-}
diff --git a/crypto/kerberosIV/appl/kauth/rkinit.c b/crypto/kerberosIV/appl/kauth/rkinit.c
deleted file mode 100644
index ec75d4634b3a..000000000000
--- a/crypto/kerberosIV/appl/kauth/rkinit.c
+++ /dev/null
@@ -1,222 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "kauth.h"
-
-RCSID("$Id: rkinit.c,v 1.19 1997/04/01 08:17:33 joda Exp $");
-
-static struct in_addr *
-getalladdrs (char *hostname, unsigned *count)
-{
-    struct hostent *hostent;
-    struct in_addr **h;
-    struct in_addr *addr;
-    unsigned naddr;
-    unsigned maxaddr;
-
-    hostent = gethostbyname (hostname);
-    if (hostent == NULL) {
-	warnx ("gethostbyname '%s' failed: %s\n",
-	       hostname,
-#ifdef HAVE_H_ERRNO
-	       hstrerror(h_errno)
-#else
-	       "unknown error"
-#endif
-	       );
-	return NULL;
-    }
-    maxaddr = 1;
-    naddr = 0;
-    addr = malloc(sizeof(*addr) * maxaddr);
-    if (addr == NULL) {
-	warnx ("out of memory");
-	return NULL;
-    }
-    for (h = (struct in_addr **)(hostent->h_addr_list);
-	 *h != NULL;
-	 h++) {
-	if (naddr >= maxaddr) {
-	    maxaddr *= 2;
-	    addr = realloc (addr, sizeof(*addr) * maxaddr);
-	    if (addr == NULL) {
-		warnx ("out of memory");
-		return NULL;
-	    }
-	}
-	addr[naddr++] = **h;
-    }
-    addr = realloc (addr, sizeof(*addr) * naddr);
-    if (addr == NULL) {
-	warnx ("out of memory");
-	return NULL;
-    }
-    *count = naddr;
-    return addr;
-}
-
-static int
-doit_host (krb_principal *princ, int lifetime, char *locuser, 
-	   char *tktfile, des_cblock *key, int s, char *hostname)
-{
-    char buf[BUFSIZ];
-    int inlen;
-    KTEXT_ST text;
-    CREDENTIALS cred;
-    MSG_DAT msg;
-    int status;
-    des_key_schedule schedule;
-    struct sockaddr_in thisaddr, thataddr;
-    int addrlen;
-    void *ret;
-
-    addrlen = sizeof(thisaddr);
-    if (getsockname (s, (struct sockaddr *)&thisaddr, &addrlen) < 0 ||
-	addrlen != sizeof(thisaddr)) {
-	warn ("getsockname(%s)", hostname);
-	return 1;
-    }
-    addrlen = sizeof(thataddr);
-    if (getpeername (s, (struct sockaddr *)&thataddr, &addrlen) < 0 ||
-	addrlen != sizeof(thataddr)) {
-	warn ("getpeername(%s)", hostname);
-	return 1;
-    }
-
-    status = krb_sendauth (KOPT_DO_MUTUAL, s, &text, "rcmd",
-			   hostname, krb_realmofhost (hostname),
-			   getpid(), &msg, &cred, schedule,
-			   &thisaddr, &thataddr, KAUTH_VERSION);
-    if (status != KSUCCESS) {
-	warnx ("%s: %s\n", hostname, krb_get_err_text(status));
-	return 1;
-    }
-    inlen = pack_args (buf, princ, lifetime, locuser, tktfile);
-
-    if (write_encrypted(s, buf, inlen, schedule, &cred.session,
-			&thisaddr, &thataddr) < 0) {
-	warn ("write to %s", hostname);
-	return 1;
-    }
-
-    inlen = read_encrypted (s, buf, sizeof(buf), &ret, schedule,
-			    &cred.session, &thataddr, &thisaddr);
-    if (inlen < 0) {
-	warn ("read from %s failed", hostname);
-	return 1;
-    }
-
-    if (strncmp(ret, "ok", inlen) != 0) {
-	warnx ("error from %s: %.*s\n",
-	       hostname, inlen, (char *)ret);
-	return 1;
-    }
-
-    inlen = read_encrypted (s, buf, sizeof(buf), &ret, schedule,
-			    &cred.session, &thataddr, &thisaddr);
-    if (inlen < 0) {
-	warn ("read from %s", hostname);
-	return 1;
-    }
-     
-    {
-	des_key_schedule key_s;
-
-	des_key_sched(key, key_s);
-	des_pcbc_encrypt(ret, ret, inlen, key_s, key, DES_DECRYPT);
-	memset(key_s, 0, sizeof(key_s));
-    }
-    write_encrypted (s, ret, inlen, schedule, &cred.session,
-		     &thisaddr, &thataddr);
-
-    inlen = read_encrypted (s, buf, sizeof(buf), &ret, schedule,
-			    &cred.session, &thataddr, &thisaddr);
-    if (inlen < 0) {
-	warn ("read from %s", hostname);
-	return 1;
-    }
-
-    if (strncmp(ret, "ok", inlen) != 0) {
-	warnx ("error from %s: %.*s\n",
-	       hostname, inlen, (char *)ret);
-	return 1;
-    }
-    return 0;
-}
-
-int
-rkinit (krb_principal *princ, int lifetime, char *locuser, 
-	char *tktfile, des_cblock *key, char *hostname)
-{
-    struct in_addr *addr;
-    unsigned naddr;
-    unsigned i;
-    int port;
-    int success;
-
-    addr = getalladdrs (hostname, &naddr);
-    if (addr == NULL)
-	return 1;
-    port = k_getportbyname ("kauth", "tcp", htons(KAUTH_PORT));
-    success = 0;
-    for (i = 0; !success && i < naddr; ++i) {
-	struct sockaddr_in a;
-	int s;
-
-	memset(&a, 0, sizeof(a));
-	a.sin_family = AF_INET;
-	a.sin_port   = port;
-	a.sin_addr   = addr[i];
-
-	s = socket (AF_INET, SOCK_STREAM, 0);
-	if (s < 0) {
-	    warn("socket");
-	    return 1;
-	}
-	if (connect(s, (struct sockaddr *)&a, sizeof(a)) < 0) {
-	    warn("connect(%s)", hostname);
-	    continue;
-	}
-
-	success = success || !doit_host (princ, lifetime,
-					 locuser, tktfile, key,
-					 s, hostname);
-	close (s);
-    }
-    return !success;
-}
diff --git a/crypto/kerberosIV/appl/kauth/zrefresh b/crypto/kerberosIV/appl/kauth/zrefresh
deleted file mode 100644
index 8347a1b33c0c..000000000000
--- a/crypto/kerberosIV/appl/kauth/zrefresh
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/bin/sh
-# 
-# @(#) $Id: zrefresh,v 1.3 1996/06/09 19:21:59 joda Exp $
-#
-# Substitute this script with a real zrefresh if running Zephyr. For
-# instance:
-#
-# if [ -f "$WGFILE" ] ; then
-#     zctl load
-# fi
-
-exit 0
diff --git a/crypto/kerberosIV/appl/kip/Makefile.in b/crypto/kerberosIV/appl/kip/Makefile.in
deleted file mode 100644
index 690a66117d0d..000000000000
--- a/crypto/kerberosIV/appl/kip/Makefile.in
+++ /dev/null
@@ -1,96 +0,0 @@
-# $Id: Makefile.in,v 1.12 1997/03/23 13:04:03 assar Exp $
-
-SHELL = /bin/sh
-
-srcdir = @srcdir@
-VPATH = @srcdir@
-
-CC = @CC@
-AR = ar
-DEFS = @DEFS@
-CFLAGS = @CFLAGS@
-LD_FLAGS = @LD_FLAGS@
-INSTALL = @INSTALL@
-INSTALL_PROGRAM = @INSTALL_PROGRAM@
-LIBS = @LIBS@
-MKINSTALLDIRS = @top_srcdir@/mkinstalldirs
-
-prefix = @prefix@
-exec_prefix = @exec_prefix@
-libexecdir = @libexecdir@
-libdir = @libdir@
-bindir = @bindir@
-transform=@program_transform_name@
-EXECSUFFIX=@EXECSUFFIX@
-
-PROG_BIN	= kip$(EXECSUFFIX)
-PROG_LIBEXEC	= kipd$(EXECSUFFIX)
-PROGS = $(PROG_BIN) $(PROG_LIBEXEC)
-
-SOURCES_KIP     = kip.c
-SOURCES_KIPD    = kipd.c
-SOURCES_COMMON  = common.c
-
-OBJECTS_KIP     = kip.o common.o
-OBJECTS_KIPD    = kipd.o common.o
-
-OBJECTS = $(OBJECTS_KIP) $(OBJECTS_KIPD)
-SOURCES = $(SOURCES_KIP) $(SOURCES_KIPD) $(SOURCES_COMMON)
-
-all: $(PROGS)
-
-Wall:
-	make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__"
-
-.c.o:
-	$(CC) -c $(CPPFLAGS) $(DEFS) -I../../include -I$(srcdir) $(CFLAGS) $<
-
-install: all
-	$(MKINSTALLDIRS) $(bindir) $(libexecdir)
-	for x in $(PROG_BIN); do \
-	  $(INSTALL_PROGRAM) $$x $(bindir)/`echo $$x | sed '$(transform)'`; \
-	done
-	for x in $(PROG_LIBEXEC); do \
-	  $(INSTALL_PROGRAM) $$x $(libexecdir)/`echo $$x | sed '$(transform)'`; \
-	done
-
-uninstall:
-	for x in $(PROG_BIN); do \
-	  rm -f $(bindir)/`echo $$x | sed '$(transform)'`; \
-	done
-	for x in $(PROG_LIBEXEC); do \
-	  rm -f $(libexecdir)/`echo $$x | sed '$(transform)'`; \
-	done
-
-TAGS: $(SOURCES)
-	etags $(SOURCES)
-
-check:
-
-clean:
-	rm -f *.a *.o $(PROGS)
-
-mostlyclean: clean
-
-distclean: clean
-	rm -f Makefile *.tab.c *~
-
-realclean: distclean
-	rm -f TAGS
-
-dist: $(DISTFILES)
-	for file in $(DISTFILES); do \
-	  ln $$file ../`cat ../.fname`/lib \
-	    || cp -p $$file ../`cat ../.fname`/lib; \
-	done
-
-KLIB=-L../../lib/krb -lkrb -L../../lib/des -ldes
-LIBROKEN=-L../../lib/roken -lroken
-
-kip$(EXECSUFFIX): $(OBJECTS_KIP)
-	$(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ $(OBJECTS_KIP) $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN)
-
-kipd$(EXECSUFFIX): $(OBJECTS_KIPD)
-	$(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ $(OBJECTS_KIPD) $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN)
-
-$(OBJECTS): ../../include/config.h
diff --git a/crypto/kerberosIV/appl/kip/common.c b/crypto/kerberosIV/appl/kip/common.c
deleted file mode 100644
index b21d03dc866c..000000000000
--- a/crypto/kerberosIV/appl/kip/common.c
+++ /dev/null
@@ -1,178 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "kip.h"
-
-RCSID("$Id: common.c,v 1.12 1997/05/02 14:28:06 assar Exp $");
-
-/*
- * Copy packets from `tundev' to `netdev' or vice versa.
- * Mode is used when reading from `tundev'
- */
-
-int
-copy_packets (int tundev, int netdev, int mtu, des_cblock *iv,
-	      des_key_schedule schedule)
-{
-     des_cblock iv1, iv2;
-     int num1 = 0, num2 = 0;
-     u_char *buf;
-
-     buf = malloc (mtu + 2);
-     if (buf == NULL) {
-	 warnx("malloc(%d) failed", mtu);
-	 return 1;
-     }
-
-     memcpy (&iv1, iv, sizeof(iv1));
-     memcpy (&iv2, iv, sizeof(iv2));
-     for (;;) {
-	  fd_set fdset;
-	  int ret, len;
-
-	  FD_ZERO(&fdset);
-	  FD_SET(tundev, &fdset);
-	  FD_SET(netdev, &fdset);
-
-	  ret = select (max(tundev, netdev)+1, &fdset, NULL, NULL, NULL);
-	  if (ret < 0 && errno != EINTR) {
-	      warn ("select");
-	      return 1;
-	  }
-	  if (FD_ISSET(tundev, &fdset)) {
-	       ret = read (tundev, buf + 2, mtu);
-	       if (ret == 0)
-		    return 0;
-	       if (ret < 0) {
-		    if (errno == EINTR)
-			 continue;
-		    else { 
-			warn("read");
-			return ret;
-		    }
-	       }
-	       buf[0] = ret >> 8;
-	       buf[1] = ret & 0xFF;
-	       ret += 2;
-	       des_cfb64_encrypt (buf, buf, ret, schedule,
-				  &iv1, &num1, DES_ENCRYPT);
-	       ret = krb_net_write (netdev, buf, ret);
-	       if (ret < 0) {
-		   warn("write");
-		   return ret;
-	       }
-	  }
-	  if (FD_ISSET(netdev, &fdset)) {
-	       ret = read (netdev, buf, 2);
-	       if (ret == 0)
-		    return 0;
-	       if (ret < 0) {
-		    if (errno == EINTR)
-			 continue;
-		    else { 
-			warn("read");
-			return ret;
-		    }
-	       }
-	       des_cfb64_encrypt (buf, buf, 2, schedule,
-				  &iv2, &num2, DES_DECRYPT);
-	       len = (buf[0] << 8 ) | buf[1];
-	       ret = krb_net_read (netdev, buf + 2, len);
-	       if (ret == 0)
-		    return 0;
-	       if (ret < 0) {
-		    if (errno == EINTR)
-			 continue;
-		    else { 
-			warn("read");
-			return ret;
-		    }
-	       }
-	       des_cfb64_encrypt (buf + 2, buf + 2, len, schedule,
-				  &iv2, &num2, DES_DECRYPT);
-	       ret = krb_net_write (tundev, buf + 2, len);
-	       if (ret < 0) {
-		   warn("write");
-		   return ret;
-	       }
-	  }
-     }
-}
-
-/*
- * Signal handler that justs waits for the children when they die.
- */
-
-RETSIGTYPE
-childhandler (int sig)
-{
-     pid_t pid;
-     int status;
-
-     do { 
-	  pid = waitpid (-1, &status, WNOHANG|WUNTRACED);
-     } while(pid > 0);
-     signal (SIGCHLD, childhandler);
-     SIGRETURN(0);
-}
-
-/*
- * Find a free tunnel device and open it.
- */
-
-int
-tunnel_open (void)
-{
-     int fd;
-     int i;
-     char name[64];
-
-     for (i = 0; i < 256; ++i) {
-	  snprintf (name, sizeof(name), "%s%s%d", _PATH_DEV, TUNDEV, i);
-	  fd = open (name, O_RDWR, 0);
-	  if (fd >= 0)
-	       break;
-	  if (errno == ENOENT || errno == ENODEV) {
-	      warn("open %s", name);
-	      return fd;
-	  }
-     }
-     if (fd < 0)
-	 warn("open %s" ,name);
-     return fd;
-}
diff --git a/crypto/kerberosIV/appl/kip/kip.c b/crypto/kerberosIV/appl/kip/kip.c
deleted file mode 100644
index e324a280ec49..000000000000
--- a/crypto/kerberosIV/appl/kip/kip.c
+++ /dev/null
@@ -1,179 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "kip.h"
-
-RCSID("$Id: kip.c,v 1.15 1997/05/11 10:54:51 assar Exp $");
-
-static void
-usage()
-{
-     fprintf (stderr, "Usage: %s host\n",
-	      __progname);
-     exit (1);
-}
-
-/*
- * Establish authenticated connection
- */
-
-static int
-connect_host (char *host, des_cblock *key, des_key_schedule schedule)
-{
-     CREDENTIALS cred;
-     KTEXT_ST text;
-     MSG_DAT msg;
-     int status;
-     struct sockaddr_in thisaddr, thataddr;
-     int addrlen;
-     struct hostent *hostent;
-     int s;
-     u_char b;
-     char **p;
-
-     hostent = gethostbyname (host);
-     if (hostent == NULL) {
-	 warnx ("gethostbyname '%s': %s", host,
-#ifdef HAVE_H_ERRNO
-		hstrerror(h_errno)
-#else
-		"unknown error"
-#endif
-	     );
-	  return -1;
-     }
-
-     memset (&thataddr, 0, sizeof(thataddr));
-     thataddr.sin_family = AF_INET;
-     thataddr.sin_port   = k_getportbyname ("kip", "tcp", htons(KIPPORT));
-
-     for(p = hostent->h_addr_list; *p; ++p) {
-	 int one = 1;
-
-	 memcpy (&thataddr.sin_addr, *p, sizeof(thataddr.sin_addr));
-
-	 s = socket (AF_INET, SOCK_STREAM, 0);
-	 if (s < 0) {
-	     warn ("socket");
-	     return -1;
-	 }
-
-#if defined(TCP_NODELAY) && defined(HAVE_SETSOCKOPT)
-	 setsockopt (s, IPPROTO_TCP, TCP_NODELAY, (void *)&one, sizeof(one));
-#endif
-
-	 if (connect (s, (struct sockaddr *)&thataddr, sizeof(thataddr)) < 0) {
-	     warn ("connect(%s)", host);
-	     close (s);
-	     continue;
-	 } else {
-	     break;
-	 }
-     }
-     if (*p == NULL)
-	 return -1;
-
-     addrlen = sizeof(thisaddr);
-     if (getsockname (s, (struct sockaddr *)&thisaddr, &addrlen) < 0 ||
-	 addrlen != sizeof(thisaddr)) {
-	 warn ("getsockname(%s)", host);
-	 return -1;
-     }
-     status = krb_sendauth (KOPT_DO_MUTUAL, s, &text, "rcmd",
-			    host, krb_realmofhost (host),
-			    getpid(), &msg, &cred, schedule,
-			    &thisaddr, &thataddr, KIP_VERSION);
-     if (status != KSUCCESS) {
-	 warnx("%s: %s", host,
-	       krb_get_err_text(status));
-	 return -1;
-     }
-     if (read (s, &b, sizeof(b)) != sizeof(b)) {
-	 warn ("read");
-	 return -1;
-     }
-     if (b) {
-	  char buf[BUFSIZ];
-
-	  read (s, buf, sizeof(buf));
-	  buf[BUFSIZ - 1] = '\0';
-
-	  warnx ("%s: %s", host, buf);
-	  return -1;
-     }
-
-     memcpy(key, &cred.session, sizeof(des_cblock));
-     return s;
-}
-
-/*
- * Connect to the given host.
- */
-
-static int
-doit (char *host)
-{
-     des_key_schedule schedule;
-     des_cblock iv;
-     int other, this;
-     struct ifreq ifreq;
-     int sock;
-
-     other = connect_host (host, &iv, schedule);
-     if (other < 0)
-	  return 1;
-     this = tunnel_open ();
-     if (this < 0)
-	  return 1;
-     return copy_packets (this, other, TUNMTU, &iv, schedule);
-}
-
-/*
- * kip - forward IP packets over a kerberos-encrypted channel.
- *
- */
-
-int
-main(int argc, char **argv)
-{
-    set_progname (argv[0]);
-
-    if (argc != 2)
-	usage ();
-    return doit (argv[1]);
-}
diff --git a/crypto/kerberosIV/appl/kip/kip.h b/crypto/kerberosIV/appl/kip/kip.h
deleted file mode 100644
index 94e30a59c104..000000000000
--- a/crypto/kerberosIV/appl/kip/kip.h
+++ /dev/null
@@ -1,106 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* $Id: kip.h,v 1.16 1997/05/20 18:40:31 bg Exp $ */
-
-#ifdef HAVE_CONFIG_H
-#include "config.h"
-#endif /* HAVE_CONFIG_H */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-#include <errno.h>
-#include <pwd.h>
-#include <signal.h>
-#include <paths.h>
-#include <fcntl.h>
-#ifdef HAVE_SYSLOG_H
-#include <syslog.h>
-#endif
-#include <sys/types.h>
-#ifdef TIME_WITH_SYS_TIME
-#include <sys/time.h>
-#include <time.h>
-#elif defined(HAVE_SYS_TIME_H)
-#include <sys/time.h>
-#else
-#include <time.h>
-#endif
-#ifdef HAVE_SYS_RESOURCE_H
-#include <sys/resource.h>
-#endif
-#ifdef HAVE_SYS_SELECT_H
-#include <sys/select.h>
-#endif
-#include <sys/wait.h>
-#include <sys/stat.h>
-#include <sys/socket.h>
-#include <netinet/in.h>
-#include <netdb.h>
-#include <sys/sockio.h>
-#include <net/if.h>
-#ifdef HAVE_NET_IF_VAR_H
-#include <net/if_var.h>
-#endif
-#include <net/if_tun.h>
-#include <err.h>
-
-#ifdef SOCKS
-#include <socks.h>
-#endif
-
-#include <krb.h>
-
-#include <roken.h>
-
-#define TUNDEV "tun"
-
-#define KIPPORT 2112
-
-#define KIP_VERSION "KIPSRV.0"
-
-int
-copy_packets (int tundev, int netdev, int mtu, des_cblock *iv,
-	      des_key_schedule schedule);
-
-RETSIGTYPE childhandler (int);
-
-int
-tunnel_open (void);
diff --git a/crypto/kerberosIV/appl/kip/kipd.c b/crypto/kerberosIV/appl/kip/kipd.c
deleted file mode 100644
index 6d9d33409381..000000000000
--- a/crypto/kerberosIV/appl/kip/kipd.c
+++ /dev/null
@@ -1,128 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "kip.h"
-
-RCSID("$Id: kipd.c,v 1.13 1997/05/18 20:38:01 assar Exp $");
-
-static int
-fatal (int fd, char *s)
-{
-     u_char err = 1;
-
-     write (fd, &err, sizeof(err));
-     write (fd, s, strlen(s)+1);
-     syslog(LOG_ERR, s);
-     return err;
-}
-
-static int
-recv_conn (int sock, des_cblock *key, des_key_schedule schedule,
-	   struct sockaddr_in *retaddr)
-{
-     int status;
-     KTEXT_ST ticket;
-     AUTH_DAT auth;
-     char instance[INST_SZ + 1];
-     struct sockaddr_in thisaddr, thataddr;
-     int addrlen;
-     char version[KRB_SENDAUTH_VLEN + 1];
-     u_char ok = 0;
-     struct passwd *passwd;
-
-     addrlen = sizeof(thisaddr);
-     if (getsockname (sock, (struct sockaddr *)&thisaddr, &addrlen) < 0 ||
-	 addrlen != sizeof(thisaddr)) {
-	  return 1;
-     }
-     addrlen = sizeof(thataddr);
-     if (getpeername (sock, (struct sockaddr *)&thataddr, &addrlen) < 0 ||
-	 addrlen != sizeof(thataddr)) {
-	  return 1;
-     }
-
-     k_getsockinst (sock, instance, sizeof(instance));
-     status = krb_recvauth (KOPT_DO_MUTUAL, sock, &ticket, "rcmd", instance,
-			    &thataddr, &thisaddr, &auth, "", schedule,
-			    version);
-     if (status != KSUCCESS ||
-	 strncmp(version, KIP_VERSION, KRB_SENDAUTH_VLEN) != 0) {
-	  return 1;
-     }
-     passwd = k_getpwnam ("root");
-     if (passwd == NULL)
-	  return fatal (sock, "Cannot find root");
-     if (kuserok(&auth, "root") != 0)
-	  return fatal (sock, "Permission denied");
-     if (write (sock, &ok, sizeof(ok)) != sizeof(ok))
-	  return 1;
-
-     memcpy(key, &auth.session, sizeof(des_cblock));
-     *retaddr = thataddr;
-     return 0;
-}
-
-static int
-doit(int sock)
-{
-     struct sockaddr_in thataddr;
-     des_key_schedule schedule;
-     des_cblock key;
-     int this;
-
-     if (recv_conn (sock, &key, schedule, &thataddr))
-	  return 1;
-     this = tunnel_open ();
-     if (this < 0)
-	  fatal (sock, "Cannot open " _PATH_DEV TUNDEV);
-     return copy_packets (this, sock, TUNMTU, &key, schedule);
-}
-
-/*
- * kipd - receive forwarded IP
- */
-
-int
-main (int argc, char **argv)
-{
-    set_progname (argv[0]);
-
-    openlog(__progname, LOG_PID|LOG_CONS, LOG_DAEMON);
-    signal (SIGCHLD, childhandler);
-    return doit(0);
-}
diff --git a/crypto/kerberosIV/config.guess b/crypto/kerberosIV/config.guess
deleted file mode 100644
index 74253c33bd5c..000000000000
--- a/crypto/kerberosIV/config.guess
+++ /dev/null
@@ -1,696 +0,0 @@
-#! /bin/sh
-# Attempt to guess a canonical system name.
-#   Copyright (C) 1992, 93, 94, 95, 1996 Free Software Foundation, Inc.
-#
-# This file is free software; you can redistribute it and/or modify it
-# under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-# General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
-#
-# As a special exception to the GNU General Public License, if you
-# distribute this file as part of a program that contains a
-# configuration script generated by Autoconf, you may include it under
-# the same distribution terms that you use for the rest of that program.
-
-# Written by Per Bothner <bothner@cygnus.com>.
-# The master version of this file is at the FSF in /home/gd/gnu/lib.
-#
-# This script attempts to guess a canonical system name similar to
-# config.sub.  If it succeeds, it prints the system name on stdout, and
-# exits with 0.  Otherwise, it exits with 1.
-#
-# The plan is that this can be called by configure scripts if you
-# don't specify an explicit system type (host/target name).
-#
-# Only a few systems have been added to this list; please add others
-# (but try to keep the structure clean).
-#
-
-# This is needed to find uname on a Pyramid OSx when run in the BSD universe.
-# (ghazi@noc.rutgers.edu 8/24/94.)
-if (test -f /.attbin/uname) >/dev/null 2>&1 ; then
-	PATH=$PATH:/.attbin ; export PATH
-fi
-
-UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown
-UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown
-UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown
-UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown
-
-trap 'rm -f dummy.c dummy.o dummy; exit 1' 1 2 15
-
-# Note: order is significant - the case branches are not exclusive.
-
-case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
-    alpha:OSF1:*:*)
-	# A Vn.n version is a released version.
-	# A Tn.n version is a released field test version.
-	# A Xn.n version is an unreleased experimental baselevel.
-	# 1.2 uses "1.2" for uname -r.
-	echo alpha-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[VTX]//'`
-	exit 0 ;;
-    21064:Windows_NT:50:3)
-	echo alpha-dec-winnt3.5
-	exit 0 ;;
-    Amiga*:UNIX_System_V:4.0:*)
-	echo m68k-cbm-sysv4
-	exit 0;;
-    amiga:NetBSD:*:*)
-      echo m68k-cbm-netbsd${UNAME_RELEASE}
-      exit 0 ;;
-    amiga:OpenBSD:*:*)
-      echo m68k-cbm-openbsd${UNAME_RELEASE}
-      exit 0 ;;
-    arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*)
-	echo arm-acorn-riscix${UNAME_RELEASE}
-	exit 0;;
-    Pyramid*:OSx*:*:*|MIS*:OSx*:*:*)
-	# akee@wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE.
-	if test "`(/bin/universe) 2>/dev/null`" = att ; then
-		echo pyramid-pyramid-sysv3
-	else
-		echo pyramid-pyramid-bsd
-	fi
-	exit 0 ;;
-    NILE:*:*:dcosx)
-	echo pyramid-pyramid-svr4
-	exit 0 ;;
-    sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*)
-	echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
-	exit 0 ;;
-    i86pc:SunOS:5.*:*)
-	echo i386-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
-	exit 0 ;;
-    sun4*:SunOS:6*:*)
-	# According to config.sub, this is the proper way to canonicalize
-	# SunOS6.  Hard to guess exactly what SunOS6 will be like, but
-	# it's likely to be more like Solaris than SunOS4.
-	echo sparc-sun-solaris3`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
-	exit 0 ;;
-    sun4*:SunOS:*:*)
-	case "`/usr/bin/arch -k`" in
-	    Series*|S4*)
-		UNAME_RELEASE=`uname -v`
-		;;
-	esac
-	# Japanese Language versions have a version number like `4.1.3-JL'.
-	echo sparc-sun-sunos`echo ${UNAME_RELEASE}|sed -e 's/-/_/'`
-	exit 0 ;;
-    sun3*:SunOS:*:*)
-	echo m68k-sun-sunos${UNAME_RELEASE}
-	exit 0 ;;
-    aushp:SunOS:*:*)
-	echo sparc-auspex-sunos${UNAME_RELEASE}
-	exit 0 ;;
-    atari*:NetBSD:*:*)
-	echo m68k-atari-netbsd${UNAME_RELEASE}
-	exit 0 ;;
-    atari*:OpenBSD:*:*)
-	echo m68k-atari-openbsd${UNAME_RELEASE}
-	exit 0 ;;
-    sun3*:NetBSD:*:*)
-	echo m68k-sun-netbsd${UNAME_RELEASE}
-	exit 0 ;;
-    sun3*:OpenBSD:*:*)
-	echo m68k-sun-openbsd${UNAME_RELEASE}
-	exit 0 ;;
-    mac68k:NetBSD:*:*)
-	echo m68k-apple-netbsd${UNAME_RELEASE}
-	exit 0 ;;
-    mac68k:OpenBSD:*:*)
-	echo m68k-apple-openbsd${UNAME_RELEASE}
-	exit 0 ;;
-    powerpc:machten:*:*)
-	echo powerpc-apple-machten${UNAME_RELEASE}
-	exit 0 ;;
-    RISC*:Mach:*:*)
-	echo mips-dec-mach_bsd4.3
-	exit 0 ;;
-    RISC*:ULTRIX:*:*)
-	echo mips-dec-ultrix${UNAME_RELEASE}
-	exit 0 ;;
-    VAX*:ULTRIX*:*:*)
-	echo vax-dec-ultrix${UNAME_RELEASE}
-	exit 0 ;;
-    mips:*:*:UMIPS | mips:*:*:RISCos)
-	sed 's/^	//' << EOF >dummy.c
-	int main (argc, argv) int argc; char **argv; {
-	#if defined (host_mips) && defined (MIPSEB)
-	#if defined (SYSTYPE_SYSV)
-	  printf ("mips-mips-riscos%ssysv\n", argv[1]); exit (0);
-	#endif
-	#if defined (SYSTYPE_SVR4)
-	  printf ("mips-mips-riscos%ssvr4\n", argv[1]); exit (0);
-	#endif
-	#if defined (SYSTYPE_BSD43) || defined(SYSTYPE_BSD)
-	  printf ("mips-mips-riscos%sbsd\n", argv[1]); exit (0);
-	#endif
-	#endif
-	  exit (-1);
-	}
-EOF
-	${CC-cc} dummy.c -o dummy \
-	  && ./dummy `echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` \
-	  && rm dummy.c dummy && exit 0
-	rm -f dummy.c dummy
-	echo mips-mips-riscos${UNAME_RELEASE}
-	exit 0 ;;
-    Night_Hawk:Power_UNIX:*:*)
-	echo powerpc-harris-powerunix
-	exit 0 ;;
-    m88k:CX/UX:7*:*)
-	echo m88k-harris-cxux7
-	exit 0 ;;
-    m88k:*:4*:R4*)
-	echo m88k-motorola-sysv4
-	exit 0 ;;
-    m88k:*:3*:R3*)
-	echo m88k-motorola-sysv3
-	exit 0 ;;
-    AViiON:dgux:*:*)
-        # DG/UX returns AViiON for all architectures
-        UNAME_PROCESSOR=`/usr/bin/uname -p`
-        if [ $UNAME_PROCESSOR = mc88100 -o $UNAME_PROCESSOR = mc88110 ] ; then
-	if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx \
-	     -o ${TARGET_BINARY_INTERFACE}x = x ] ; then
-		echo m88k-dg-dgux${UNAME_RELEASE}
-	else
-		echo m88k-dg-dguxbcs${UNAME_RELEASE}
-	fi
-        else echo i586-dg-dgux${UNAME_RELEASE}
-        fi
- 	exit 0 ;;
-    M88*:DolphinOS:*:*)	# DolphinOS (SVR3)
-	echo m88k-dolphin-sysv3
-	exit 0 ;;
-    M88*:*:R3*:*)
-	# Delta 88k system running SVR3
-	echo m88k-motorola-sysv3
-	exit 0 ;;
-    XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3)
-	echo m88k-tektronix-sysv3
-	exit 0 ;;
-    Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD)
-	echo m68k-tektronix-bsd
-	exit 0 ;;
-    *:IRIX*:*:*)
-	echo mips-sgi-irix`echo ${UNAME_RELEASE}|sed -e 's/-/_/g'`
-	exit 0 ;;
-    ????????:AIX?:[12].1:2)   # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX.
-	echo romp-ibm-aix      # uname -m gives an 8 hex-code CPU id
-	exit 0 ;;              # Note that: echo "'`uname -s`'" gives 'AIX '
-    i?86:AIX:*:*)
-	echo i386-ibm-aix
-	exit 0 ;;
-    *:AIX:2:3)
-	if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then
-		sed 's/^		//' << EOF >dummy.c
-		#include <sys/systemcfg.h>
-
-		main()
-			{
-			if (!__power_pc())
-				exit(1);
-			puts("powerpc-ibm-aix3.2.5");
-			exit(0);
-			}
-EOF
-		${CC-cc} dummy.c -o dummy && ./dummy && rm dummy.c dummy && exit 0
-		rm -f dummy.c dummy
-		echo rs6000-ibm-aix3.2.5
-	elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then
-		echo rs6000-ibm-aix3.2.4
-	else
-		echo rs6000-ibm-aix3.2
-	fi
-	exit 0 ;;
-    *:AIX:*:4)
-	if /usr/sbin/lsattr -EHl proc0 | grep POWER >/dev/null 2>&1; then
-		IBM_ARCH=rs6000
-	else
-		IBM_ARCH=powerpc
-	fi
-	if [ -x /usr/bin/oslevel ] ; then
-		IBM_REV=`/usr/bin/oslevel`
-	else
-		IBM_REV=4.${UNAME_RELEASE}
-	fi
-	echo ${IBM_ARCH}-ibm-aix${IBM_REV}
-	exit 0 ;;
-    *:AIX:*:*)
-	echo rs6000-ibm-aix
-	exit 0 ;;
-    ibmrt:4.4BSD:*|romp-ibm:BSD:*)
-	echo romp-ibm-bsd4.4
-	exit 0 ;;
-    ibmrt:*BSD:*|romp-ibm:BSD:*)            # covers RT/PC NetBSD and
-	echo romp-ibm-bsd${UNAME_RELEASE}   # 4.3 with uname added to
-	exit 0 ;;                           # report: romp-ibm BSD 4.3
-    *:BOSX:*:*)
-	echo rs6000-bull-bosx
-	exit 0 ;;
-    DPX/2?00:B.O.S.:*:*)
-	echo m68k-bull-sysv3
-	exit 0 ;;
-    9000/[34]??:4.3bsd:1.*:*)
-	echo m68k-hp-bsd
-	exit 0 ;;
-    hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*)
-	echo m68k-hp-bsd4.4
-	exit 0 ;;
-    9000/[3478]??:HP-UX:*:*)
-	case "${UNAME_MACHINE}" in
-	    9000/31? )            HP_ARCH=m68000 ;;
-	    9000/[34]?? )         HP_ARCH=m68k ;;
-	    9000/7?? | 9000/8?[1679] ) HP_ARCH=hppa1.1 ;;
-	    9000/8?? )            HP_ARCH=hppa1.0 ;;
-	esac
-	HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'`
-	echo ${HP_ARCH}-hp-hpux${HPUX_REV}
-	exit 0 ;;
-    3050*:HI-UX:*:*)
-	sed 's/^	//' << EOF >dummy.c
-	#include <unistd.h>
-	int
-	main ()
-	{
-	  long cpu = sysconf (_SC_CPU_VERSION);
-	  /* The order matters, because CPU_IS_HP_MC68K erroneously returns
-	     true for CPU_PA_RISC1_0.  CPU_IS_PA_RISC returns correct
-	     results, however.  */
-	  if (CPU_IS_PA_RISC (cpu))
-	    {
-	      switch (cpu)
-		{
-		  case CPU_PA_RISC1_0: puts ("hppa1.0-hitachi-hiuxwe2"); break;
-		  case CPU_PA_RISC1_1: puts ("hppa1.1-hitachi-hiuxwe2"); break;
-		  case CPU_PA_RISC2_0: puts ("hppa2.0-hitachi-hiuxwe2"); break;
-		  default: puts ("hppa-hitachi-hiuxwe2"); break;
-		}
-	    }
-	  else if (CPU_IS_HP_MC68K (cpu))
-	    puts ("m68k-hitachi-hiuxwe2");
-	  else puts ("unknown-hitachi-hiuxwe2");
-	  exit (0);
-	}
-EOF
-	${CC-cc} dummy.c -o dummy && ./dummy && rm dummy.c dummy && exit 0
-	rm -f dummy.c dummy
-	echo unknown-hitachi-hiuxwe2
-	exit 0 ;;
-    9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:* )
-	echo hppa1.1-hp-bsd
-	exit 0 ;;
-    9000/8??:4.3bsd:*:*)
-	echo hppa1.0-hp-bsd
-	exit 0 ;;
-    hp7??:OSF1:*:* | hp8?[79]:OSF1:*:* )
-	echo hppa1.1-hp-osf
-	exit 0 ;;
-    hp8??:OSF1:*:*)
-	echo hppa1.0-hp-osf
-	exit 0 ;;
-    i?86:OSF1:*:*)
-	if [ -x /usr/sbin/sysversion ] ; then
-	    echo ${UNAME_MACHINE}-unknown-osf1mk
-	else
-	    echo ${UNAME_MACHINE}-unknown-osf1
-	fi
-	exit 0 ;;
-    parisc*:Lites*:*:*)
-	echo hppa1.1-hp-lites
-	exit 0 ;;
-    C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*)
-	echo c1-convex-bsd
-        exit 0 ;;
-    C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*)
-	if getsysinfo -f scalar_acc
-	then echo c32-convex-bsd
-	else echo c2-convex-bsd
-	fi
-        exit 0 ;;
-    C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*)
-	echo c34-convex-bsd
-        exit 0 ;;
-    C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*)
-	echo c38-convex-bsd
-        exit 0 ;;
-    C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*)
-	echo c4-convex-bsd
-        exit 0 ;;
-    CRAY*X-MP:*:*:*)
-	echo xmp-cray-unicos
-        exit 0 ;;
-    CRAY*Y-MP:*:*:*)
-	echo ymp-cray-unicos${UNAME_RELEASE}
-	exit 0 ;;
-    CRAY*[A-Z]90:*:*:*)
-	echo ${UNAME_MACHINE}-cray-unicos${UNAME_RELEASE} \
-	| sed -e 's/CRAY.*\([A-Z]90\)/\1/' \
-	      -e y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/
-	exit 0 ;;
-    CRAY*TS:*:*:*)
-	echo t90-cray-unicos${UNAME_RELEASE}
-	exit 0 ;;
-    CRAY-2:*:*:*)
-	echo cray2-cray-unicos
-        exit 0 ;;
-    F300:UNIX_System_V:*:*)
-        FUJITSU_SYS=`uname -p | tr [A-Z] [a-z] | sed -e 's/\///'`
-        FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'`
-        echo "f300-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}"
-        exit 0 ;;
-    F301:UNIX_System_V:*:*)
-       echo f301-fujitsu-uxpv`echo $UNAME_RELEASE | sed 's/ .*//'`
-       exit 0 ;;
-    hp3[0-9][05]:NetBSD:*:*)
-	echo m68k-hp-netbsd${UNAME_RELEASE}
-	exit 0 ;;
-    hp3[0-9][05]:OpenBSD:*:*)
-	echo m68k-hp-openbsd${UNAME_RELEASE}
-	exit 0 ;;
-    i?86:BSD/386:*:* | *:BSD/OS:*:*)
-	echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE}
-	exit 0 ;;
-    *:FreeBSD:*:*)
-	echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`
-	exit 0 ;;
-    *:NetBSD:*:*)
-	echo ${UNAME_MACHINE}-unknown-netbsd`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'`
-	exit 0 ;;
-    *:OpenBSD:*:*)
-	echo ${UNAME_MACHINE}-unknown-openbsd`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'`
-	exit 0 ;;
-    i*:CYGWIN*:*)
-	echo i386-pc-cygwin32
-	exit 0 ;;
-    p*:CYGWIN*:*)
-	echo powerpcle-unknown-cygwin32
-	exit 0 ;;
-    prep*:SunOS:5.*:*)
-	echo powerpcle-unknown-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
-	exit 0 ;;
-    *:GNU:*:*)
-	echo `echo ${UNAME_MACHINE}|sed -e 's,/.*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'`
-	exit 0 ;;
-    *:Linux:*:*)
-	# The BFD linker knows what the default object file format is, so
-	# first see if it will tell us.
-	ld_help_string=`ld --help 2>&1`
-	if echo "$ld_help_string" | grep >/dev/null 2>&1 "supported emulations: elf_i.86"; then
-	  echo "${UNAME_MACHINE}-pc-linux-gnu" ; exit 0
-	elif echo "$ld_help_string" | grep >/dev/null 2>&1 "supported emulations: i.86linux"; then
-	  echo "${UNAME_MACHINE}-pc-linux-gnuaout" ; exit 0
-	elif echo "$ld_help_string" | grep >/dev/null 2>&1 "supported emulations: i.86coff"; then
-	  echo "${UNAME_MACHINE}-pc-linux-gnucoff" ; exit 0
-	elif echo "$ld_help_string" | grep >/dev/null 2>&1 "supported emulations: m68kelf"; then
-	  echo "${UNAME_MACHINE}-unknown-linux-gnu" ; exit 0
-	elif echo "$ld_help_string" | grep >/dev/null 2>&1 "supported emulations: m68klinux"; then
-	  echo "${UNAME_MACHINE}-unknown-linux-gnuaout" ; exit 0
-	elif echo "$ld_help_string" | grep >/dev/null 2>&1 "supported emulations: elf32ppc"; then
-	  echo "powerpc-unknown-linux-gnu" ; exit 0
-	elif test "${UNAME_MACHINE}" = "alpha" ; then
-	  echo alpha-unknown-linux-gnu ; exit 0
-	elif test "${UNAME_MACHINE}" = "sparc" ; then
-	  echo sparc-unknown-linux-gnu ; exit 0
-	else
-	  # Either a pre-BFD a.out linker (linux-gnuoldld) or one that does not give us
-	  # useful --help.  Gcc wants to distinguish between linux-gnuoldld and linux-gnuaout.
-	  test ! -d /usr/lib/ldscripts/. \
-	    && echo "${UNAME_MACHINE}-pc-linux-gnuoldld" && exit 0
-	  # Determine whether the default compiler is a.out or elf
-	  cat >dummy.c <<EOF
-main(argc, argv)
-int argc;
-char *argv[];
-{
-#ifdef __ELF__
-  printf ("%s-pc-linux-gnu\n", argv[1]);
-#else
-  printf ("%s-pc-linux-gnuaout\n", argv[1]);
-#endif
-  return 0;
-}
-EOF
-	  ${CC-cc} dummy.c -o dummy 2>/dev/null && ./dummy "${UNAME_MACHINE}" && rm dummy.c dummy && exit 0
-	  rm -f dummy.c dummy
-	fi ;;
-# ptx 4.0 does uname -s correctly, with DYNIX/ptx in there.  earlier versions
-# are messed up and put the nodename in both sysname and nodename.
-    i?86:DYNIX/ptx:4*:*)
-	echo i386-sequent-sysv4
-	exit 0 ;;
-    i?86:*:4.*:* | i?86:SYSTEM_V:4.*:*)
-	if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then
-		echo ${UNAME_MACHINE}-univel-sysv${UNAME_RELEASE}
-	else
-		echo ${UNAME_MACHINE}-pc-sysv${UNAME_RELEASE}
-	fi
-	exit 0 ;;
-    i?86:*:3.2:*)
-	if test -f /usr/options/cb.name; then
-		UNAME_REL=`sed -n 's/.*Version //p' </usr/options/cb.name`
-		echo ${UNAME_MACHINE}-pc-isc$UNAME_REL
-	elif /bin/uname -X 2>/dev/null >/dev/null ; then
-		UNAME_REL=`(/bin/uname -X|egrep Release|sed -e 's/.*= //')`
-		(/bin/uname -X|egrep i80486 >/dev/null) && UNAME_MACHINE=i486
-		(/bin/uname -X|egrep '^Machine.*Pentium' >/dev/null) \
-			&& UNAME_MACHINE=i586
-		echo ${UNAME_MACHINE}-pc-sco$UNAME_REL
-	else
-		echo ${UNAME_MACHINE}-pc-sysv32
-	fi
-	exit 0 ;;
-    Intel:Mach:3*:*)
-	echo i386-pc-mach3
-	exit 0 ;;
-    paragon:*:*:*)
-	echo i860-intel-osf1
-	exit 0 ;;
-    i860:*:4.*:*) # i860-SVR4
-	if grep Stardent /usr/include/sys/uadmin.h >/dev/null 2>&1 ; then
-	  echo i860-stardent-sysv${UNAME_RELEASE} # Stardent Vistra i860-SVR4
-	else # Add other i860-SVR4 vendors below as they are discovered.
-	  echo i860-unknown-sysv${UNAME_RELEASE}  # Unknown i860-SVR4
-	fi
-	exit 0 ;;
-    mini*:CTIX:SYS*5:*)
-	# "miniframe"
-	echo m68010-convergent-sysv
-	exit 0 ;;
-    M68*:*:R3V[567]*:*)
-	test -r /sysV68 && echo 'm68k-motorola-sysv' && exit 0 ;;
-    3[34]??:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 4850:*:4.0:3.0)
-	OS_REL=''
-	test -r /etc/.relid \
-	&& OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid`
-	/bin/uname -p 2>/dev/null | grep 86 >/dev/null \
-	  && echo i486-ncr-sysv4.3${OS_REL} && exit 0
-	/bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \
-	  && echo i586-ncr-sysv4.3${OS_REL} && exit 0 ;;
-    3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*)
-        /bin/uname -p 2>/dev/null | grep 86 >/dev/null \
-          && echo i486-ncr-sysv4 && exit 0 ;;
-    m68*:LynxOS:2.*:*)
-	echo m68k-unknown-lynxos${UNAME_RELEASE}
-	exit 0 ;;
-    mc68030:UNIX_System_V:4.*:*)
-	echo m68k-atari-sysv4
-	exit 0 ;;
-    i?86:LynxOS:2.*:*)
-	echo i386-unknown-lynxos${UNAME_RELEASE}
-	exit 0 ;;
-    TSUNAMI:LynxOS:2.*:*)
-	echo sparc-unknown-lynxos${UNAME_RELEASE}
-	exit 0 ;;
-    rs6000:LynxOS:2.*:* | PowerPC:LynxOS:2.*:*)
-	echo rs6000-unknown-lynxos${UNAME_RELEASE}
-	exit 0 ;;
-    SM[BE]S:UNIX_SV:*:*)
-	echo mips-dde-sysv${UNAME_RELEASE}
-	exit 0 ;;
-    RM*:SINIX-*:*:*)
-	echo mips-sni-sysv4
-	exit 0 ;;
-    *:SINIX-*:*:*)
-	if uname -p 2>/dev/null >/dev/null ; then
-		UNAME_MACHINE=`(uname -p) 2>/dev/null`
-		echo ${UNAME_MACHINE}-sni-sysv4
-	else
-		echo ns32k-sni-sysv
-	fi
-	exit 0 ;;
-    *:UNIX_System_V:4*:FTX*)
-	# From Gerald Hewes <hewes@openmarket.com>.
-	# How about differentiating between stratus architectures? -djm
-	echo hppa1.1-stratus-sysv4
-	exit 0 ;;
-    *:*:*:FTX*)
-	# From seanf@swdc.stratus.com.
-	echo i860-stratus-sysv4
-	exit 0 ;;
-    mc68*:A/UX:*:*)
-	echo m68k-apple-aux${UNAME_RELEASE}
-	exit 0 ;;
-    R3000:*System_V*:*:* | R4000:UNIX_SYSV:*:*)
-	if [ -d /usr/nec ]; then
-	        echo mips-nec-sysv${UNAME_RELEASE}
-	else
-	        echo mips-unknown-sysv${UNAME_RELEASE}
-	fi
-        exit 0 ;;
-    PENTIUM:CPunix:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort
-                           # says <Richard.M.Bartel@ccMail.Census.GOV>
-        echo i586-unisys-sysv4
-        exit 0 ;;
-    *:OS/2:*:*)
-	echo ${UNAME_MACHINE}-pc-os2_emx
-	exit 0 ;;
-esac
-
-#echo '(No uname command or uname output not recognized.)' 1>&2
-#echo "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" 1>&2
-
-cat >dummy.c <<EOF
-#ifdef _SEQUENT_
-# include <sys/types.h>
-# include <sys/utsname.h>
-#endif
-main ()
-{
-#if defined (sony)
-#if defined (MIPSEB)
-  /* BFD wants "bsd" instead of "newsos".  Perhaps BFD should be changed,
-     I don't know....  */
-  printf ("mips-sony-bsd\n"); exit (0);
-#else
-#include <sys/param.h>
-  printf ("m68k-sony-newsos%s\n",
-#ifdef NEWSOS4
-          "4"
-#else
-	  ""
-#endif
-         ); exit (0);
-#endif
-#endif
-
-#if defined (__arm) && defined (__acorn) && defined (__unix)
-  printf ("arm-acorn-riscix"); exit (0);
-#endif
-
-#if defined (hp300) && !defined (hpux)
-  printf ("m68k-hp-bsd\n"); exit (0);
-#endif
-
-#if defined (NeXT)
-#if !defined (__ARCHITECTURE__)
-#define __ARCHITECTURE__ "m68k"
-#endif
-  int version;
-  version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`;
-  printf ("%s-next-nextstep%d\n", __ARCHITECTURE__, version);
-  exit (0);
-#endif
-
-#if defined (MULTIMAX) || defined (n16)
-#if defined (UMAXV)
-  printf ("ns32k-encore-sysv\n"); exit (0);
-#else
-#if defined (CMU)
-  printf ("ns32k-encore-mach\n"); exit (0);
-#else
-  printf ("ns32k-encore-bsd\n"); exit (0);
-#endif
-#endif
-#endif
-
-#if defined (__386BSD__)
-  printf ("i386-pc-bsd\n"); exit (0);
-#endif
-
-#if defined (sequent)
-#if defined (i386)
-  printf ("i386-sequent-dynix\n"); exit (0);
-#endif
-#if defined (ns32000)
-  printf ("ns32k-sequent-dynix\n"); exit (0);
-#endif
-#endif
-
-#if defined (_SEQUENT_)
-    struct utsname un;
-
-    uname(&un);
-
-    if (strncmp(un.version, "V2", 2) == 0) {
-	printf ("i386-sequent-ptx2\n"); exit (0);
-    }
-    if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */
-	printf ("i386-sequent-ptx1\n"); exit (0);
-    }
-    printf ("i386-sequent-ptx\n"); exit (0);
-
-#endif
-
-#if defined (vax)
-#if !defined (ultrix)
-  printf ("vax-dec-bsd\n"); exit (0);
-#else
-  printf ("vax-dec-ultrix\n"); exit (0);
-#endif
-#endif
-
-#if defined (alliant) && defined (i860)
-  printf ("i860-alliant-bsd\n"); exit (0);
-#endif
-
-  exit (1);
-}
-EOF
-
-${CC-cc} dummy.c -o dummy 2>/dev/null && ./dummy && rm dummy.c dummy && exit 0
-rm -f dummy.c dummy
-
-# Apollos put the system type in the environment.
-
-test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit 0; }
-
-# Convex versions that predate uname can use getsysinfo(1)
-
-if [ -x /usr/convex/getsysinfo ]
-then
-    case `getsysinfo -f cpu_type` in
-    c1*)
-	echo c1-convex-bsd
-	exit 0 ;;
-    c2*)
-	if getsysinfo -f scalar_acc
-	then echo c32-convex-bsd
-	else echo c2-convex-bsd
-	fi
-	exit 0 ;;
-    c34*)
-	echo c34-convex-bsd
-	exit 0 ;;
-    c38*)
-	echo c38-convex-bsd
-	exit 0 ;;
-    c4*)
-	echo c4-convex-bsd
-	exit 0 ;;
-    esac
-fi
-
-#echo '(Unable to guess system type)' 1>&2
-
-exit 1
diff --git a/crypto/kerberosIV/config.sub b/crypto/kerberosIV/config.sub
deleted file mode 100644
index 75822a223e66..000000000000
--- a/crypto/kerberosIV/config.sub
+++ /dev/null
@@ -1,932 +0,0 @@
-#! /bin/sh
-# Configuration validation subroutine script, version 1.1.
-#   Copyright (C) 1991, 92, 93, 94, 95, 1996 Free Software Foundation, Inc.
-# This file is (in principle) common to ALL GNU software.
-# The presence of a machine in this file suggests that SOME GNU software
-# can handle that machine.  It does not imply ALL GNU software can.
-#
-# This file is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place - Suite 330,
-# Boston, MA 02111-1307, USA.
-
-# As a special exception to the GNU General Public License, if you
-# distribute this file as part of a program that contains a
-# configuration script generated by Autoconf, you may include it under
-# the same distribution terms that you use for the rest of that program.
-
-# Configuration subroutine to validate and canonicalize a configuration type.
-# Supply the specified configuration type as an argument.
-# If it is invalid, we print an error message on stderr and exit with code 1.
-# Otherwise, we print the canonical config type on stdout and succeed.
-
-# This file is supposed to be the same for all GNU packages
-# and recognize all the CPU types, system types and aliases
-# that are meaningful with *any* GNU software.
-# Each package is responsible for reporting which valid configurations
-# it does not support.  The user should be able to distinguish
-# a failure to support a valid configuration from a meaningless
-# configuration.
-
-# The goal of this file is to map all the various variations of a given
-# machine specification into a single specification in the form:
-#	CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM
-# or in some cases, the newer four-part form:
-#	CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM
-# It is wrong to echo any other type of specification.
-
-if [ x$1 = x ]
-then
-	echo Configuration name missing. 1>&2
-	echo "Usage: $0 CPU-MFR-OPSYS" 1>&2
-	echo "or     $0 ALIAS" 1>&2
-	echo where ALIAS is a recognized configuration type. 1>&2
-	exit 1
-fi
-
-# First pass through any local machine types.
-case $1 in
-	*local*)
-		echo $1
-		exit 0
-		;;
-	*)
-	;;
-esac
-
-# Separate what the user gave into CPU-COMPANY and OS or KERNEL-OS (if any).
-# Here we must recognize all the valid KERNEL-OS combinations.
-maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'`
-case $maybe_os in
-  linux-gnu*)
-    os=-$maybe_os
-    basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`
-    ;;
-  *)
-    basic_machine=`echo $1 | sed 's/-[^-]*$//'`
-    if [ $basic_machine != $1 ]
-    then os=`echo $1 | sed 's/.*-/-/'`
-    else os=; fi
-    ;;
-esac
-
-### Let's recognize common machines as not being operating systems so
-### that things like config.sub decstation-3100 work.  We also
-### recognize some manufacturers as not being operating systems, so we
-### can provide default operating systems below.
-case $os in
-	-sun*os*)
-		# Prevent following clause from handling this invalid input.
-		;;
-	-dec* | -mips* | -sequent* | -encore* | -pc532* | -sgi* | -sony* | \
-	-att* | -7300* | -3300* | -delta* | -motorola* | -sun[234]* | \
-	-unicom* | -ibm* | -next | -hp | -isi* | -apollo | -altos* | \
-	-convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\
-	-c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \
-	-harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \
-	-apple)
-		os=
-		basic_machine=$1
-		;;
-	-hiux*)
-		os=-hiuxwe2
-		;;
-	-sco5)
-		os=sco3.2v5
-		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
-		;;
-	-sco4)
-		os=-sco3.2v4
-		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
-		;;
-	-sco3.2.[4-9]*)
-		os=`echo $os | sed -e 's/sco3.2./sco3.2v/'`
-		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
-		;;
-	-sco3.2v[4-9]*)
-		# Don't forget version if it is 3.2v4 or newer.
-		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
-		;;
-	-sco*)
-		os=-sco3.2v2
-		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
-		;;
-	-isc)
-		os=-isc2.2
-		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
-		;;
-	-clix*)
-		basic_machine=clipper-intergraph
-		;;
-	-isc*)
-		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
-		;;
-	-lynx*)
-		os=-lynxos
-		;;
-	-ptx*)
-		basic_machine=`echo $1 | sed -e 's/86-.*/86-sequent/'`
-		;;
-	-windowsnt*)
-		os=`echo $os | sed -e 's/windowsnt/winnt/'`
-		;;
-	-psos*)
-		os=-psos
-		;;
-esac
-
-# Decode aliases for certain CPU-COMPANY combinations.
-case $basic_machine in
-	# Recognize the basic CPU types without company name.
-	# Some are omitted here because they have special meanings below.
-	tahoe | i860 | m68k | m68000 | m88k | ns32k | arm \
-		| arme[lb] | pyramid \
-		| tron | a29k | 580 | i960 | h8300 | hppa | hppa1.0 | hppa1.1 \
-		| alpha | we32k | ns16k | clipper | i370 | sh \
-		| powerpc | powerpcle | 1750a | dsp16xx | mips64 | mipsel \
-		| pdp11 | mips64el | mips64orion | mips64orionel \
-		| sparc | sparclet | sparclite | sparc64)
-		basic_machine=$basic_machine-unknown
-		;;
-	# We use `pc' rather than `unknown'
-	# because (1) that's what they normally are, and
-	# (2) the word "unknown" tends to confuse beginning users.
-	i[3456]86)
-	  basic_machine=$basic_machine-pc
-	  ;;
-	# Object if more than one company name word.
-	*-*-*)
-		echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2
-		exit 1
-		;;
-	# Recognize the basic CPU types with company name.
-	vax-* | tahoe-* | i[3456]86-* | i860-* | m68k-* | m68000-* | m88k-* \
-	      | sparc-* | ns32k-* | fx80-* | arm-* | c[123]* \
-	      | mips-* | pyramid-* | tron-* | a29k-* | romp-* | rs6000-* | power-* \
-	      | none-* | 580-* | cray2-* | h8300-* | i960-* | xmp-* | ymp-* \
-	      | hppa-* | hppa1.0-* | hppa1.1-* | alpha-* | we32k-* | cydra-* | ns16k-* \
-	      | pn-* | np1-* | xps100-* | clipper-* | orion-* | sparclite-* \
-	      | pdp11-* | sh-* | powerpc-* | powerpcle-* | sparc64-* | mips64-* | mipsel-* \
-	      | mips64el-* | mips64orion-* | mips64orionel-* | f301-*)
-		;;
-	# Recognize the various machine names and aliases which stand
-	# for a CPU type and a company and sometimes even an OS.
-	3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc)
-		basic_machine=m68000-att
-		;;
-	3b*)
-		basic_machine=we32k-att
-		;;
-	alliant | fx80)
-		basic_machine=fx80-alliant
-		;;
-	altos | altos3068)
-		basic_machine=m68k-altos
-		;;
-	am29k)
-		basic_machine=a29k-none
-		os=-bsd
-		;;
-	amdahl)
-		basic_machine=580-amdahl
-		os=-sysv
-		;;
-	amiga | amiga-*)
-		basic_machine=m68k-cbm
-		;;
-	amigados)
-		basic_machine=m68k-cbm
-		os=-amigados
-		;;
-	amigaunix | amix)
-		basic_machine=m68k-cbm
-		os=-sysv4
-		;;
-	apollo68)
-		basic_machine=m68k-apollo
-		os=-sysv
-		;;
-	aux)
-		basic_machine=m68k-apple
-		os=-aux
-		;;
-	balance)
-		basic_machine=ns32k-sequent
-		os=-dynix
-		;;
-	convex-c1)
-		basic_machine=c1-convex
-		os=-bsd
-		;;
-	convex-c2)
-		basic_machine=c2-convex
-		os=-bsd
-		;;
-	convex-c32)
-		basic_machine=c32-convex
-		os=-bsd
-		;;
-	convex-c34)
-		basic_machine=c34-convex
-		os=-bsd
-		;;
-	convex-c38)
-		basic_machine=c38-convex
-		os=-bsd
-		;;
-	cray | ymp)
-		basic_machine=ymp-cray
-		os=-unicos
-		;;
-	cray2)
-		basic_machine=cray2-cray
-		os=-unicos
-		;;
-	[ctj]90-cray)
-		#basic_machine=c90-cray
-		os=-unicos
-		;;
-	crds | unos)
-		basic_machine=m68k-crds
-		;;
-	da30 | da30-*)
-		basic_machine=m68k-da30
-		;;
-	decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn)
-		basic_machine=mips-dec
-		;;
-	delta | 3300 | motorola-3300 | motorola-delta \
-	      | 3300-motorola | delta-motorola)
-		basic_machine=m68k-motorola
-		;;
-	delta88)
-		basic_machine=m88k-motorola
-		os=-sysv3
-		;;
-	dpx20 | dpx20-*)
-		basic_machine=rs6000-bull
-		os=-bosx
-		;;
-	dpx2* | dpx2*-bull)
-		basic_machine=m68k-bull
-		os=-sysv3
-		;;
-	ebmon29k)
-		basic_machine=a29k-amd
-		os=-ebmon
-		;;
-	elxsi)
-		basic_machine=elxsi-elxsi
-		os=-bsd
-		;;
-	encore | umax | mmax)
-		basic_machine=ns32k-encore
-		;;
-	fx2800)
-		basic_machine=i860-alliant
-		;;
-	genix)
-		basic_machine=ns32k-ns
-		;;
-	gmicro)
-		basic_machine=tron-gmicro
-		os=-sysv
-		;;
-	h3050r* | hiux*)
-		basic_machine=hppa1.1-hitachi
-		os=-hiuxwe2
-		;;
-	h8300hms)
-		basic_machine=h8300-hitachi
-		os=-hms
-		;;
-	harris)
-		basic_machine=m88k-harris
-		os=-sysv3
-		;;
-	hp300-*)
-		basic_machine=m68k-hp
-		;;
-	hp300bsd)
-		basic_machine=m68k-hp
-		os=-bsd
-		;;
-	hp300hpux)
-		basic_machine=m68k-hp
-		os=-hpux
-		;;
-	hp9k2[0-9][0-9] | hp9k31[0-9])
-		basic_machine=m68000-hp
-		;;
-	hp9k3[2-9][0-9])
-		basic_machine=m68k-hp
-		;;
-	hp9k7[0-9][0-9] | hp7[0-9][0-9] | hp9k8[0-9]7 | hp8[0-9]7)
-		basic_machine=hppa1.1-hp
-		;;
-	hp9k8[0-9][0-9] | hp8[0-9][0-9])
-		basic_machine=hppa1.0-hp
-		;;
-	hppa-next)
-		os=-nextstep3
-		;;
-	i370-ibm* | ibm*)
-		basic_machine=i370-ibm
-		os=-mvs
-		;;
-# I'm not sure what "Sysv32" means.  Should this be sysv3.2?
-	i[3456]86v32)
-		basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
-		os=-sysv32
-		;;
-	i[3456]86v4*)
-		basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
-		os=-sysv4
-		;;
-	i[3456]86v)
-		basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
-		os=-sysv
-		;;
-	i[3456]86sol2)
-		basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
-		os=-solaris2
-		;;
-	iris | iris4d)
-		basic_machine=mips-sgi
-		case $os in
-		    -irix*)
-			;;
-		    *)
-			os=-irix4
-			;;
-		esac
-		;;
-	isi68 | isi)
-		basic_machine=m68k-isi
-		os=-sysv
-		;;
-	m88k-omron*)
-		basic_machine=m88k-omron
-		;;
-	magnum | m3230)
-		basic_machine=mips-mips
-		os=-sysv
-		;;
-	merlin)
-		basic_machine=ns32k-utek
-		os=-sysv
-		;;
-	miniframe)
-		basic_machine=m68000-convergent
-		;;
-	mips3*-*)
-		basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`
-		;;
-	mips3*)
-		basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown
-		;;
-	ncr3000)
-		basic_machine=i486-ncr
-		os=-sysv4
-		;;
-	news | news700 | news800 | news900)
-		basic_machine=m68k-sony
-		os=-newsos
-		;;
-	news1000)
-		basic_machine=m68030-sony
-		os=-newsos
-		;;
-	news-3600 | risc-news)
-		basic_machine=mips-sony
-		os=-newsos
-		;;
-	next | m*-next )
-		basic_machine=m68k-next
-		case $os in
-		    -nextstep* )
-			;;
-		    -ns2*)
-		      os=-nextstep2
-			;;
-		    *)
-		      os=-nextstep3
-			;;
-		esac
-		;;
-	nh3000)
-		basic_machine=m68k-harris
-		os=-cxux
-		;;
-	nh[45]000)
-		basic_machine=m88k-harris
-		os=-cxux
-		;;
-	nindy960)
-		basic_machine=i960-intel
-		os=-nindy
-		;;
-	np1)
-		basic_machine=np1-gould
-		;;
-	pa-hitachi)
-		basic_machine=hppa1.1-hitachi
-		os=-hiuxwe2
-		;;
-	paragon)
-		basic_machine=i860-intel
-		os=-osf
-		;;
-	pbd)
-		basic_machine=sparc-tti
-		;;
-	pbb)
-		basic_machine=m68k-tti
-		;;
-        pc532 | pc532-*)
-		basic_machine=ns32k-pc532
-		;;
-	pentium | p5)
-		basic_machine=i586-intel
-		;;
-	pentiumpro | p6)
-		basic_machine=i686-intel
-		;;
-	pentium-* | p5-*)
-		basic_machine=i586-`echo $basic_machine | sed 's/^[^-]*-//'`
-		;;
-	pentiumpro-* | p6-*)
-		basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'`
-		;;
-	k5)
-		# We don't have specific support for AMD's K5 yet, so just call it a Pentium
-		basic_machine=i586-amd
-		;;
-	nexen)
-		# We don't have specific support for Nexgen yet, so just call it a Pentium
-		basic_machine=i586-nexgen
-		;;
-	pn)
-		basic_machine=pn-gould
-		;;
-	power)	basic_machine=rs6000-ibm
-		;;
-	ppc)	basic_machine=powerpc-unknown
-	        ;;
-	ppc-*)	basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'`
-		;;
-	ppcle | powerpclittle | ppc-le | powerpc-little)
-		basic_machine=powerpcle-unknown
-	        ;;
-	ppcle-* | powerpclittle-*)
-		basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'`
-		;;
-	ps2)
-		basic_machine=i386-ibm
-		;;
-	rm[46]00)
-		basic_machine=mips-siemens
-		;;
-	rtpc | rtpc-*)
-		basic_machine=romp-ibm
-		;;
-	sequent)
-		basic_machine=i386-sequent
-		;;
-	sh)
-		basic_machine=sh-hitachi
-		os=-hms
-		;;
-	sps7)
-		basic_machine=m68k-bull
-		os=-sysv2
-		;;
-	spur)
-		basic_machine=spur-unknown
-		;;
-	sun2)
-		basic_machine=m68000-sun
-		;;
-	sun2os3)
-		basic_machine=m68000-sun
-		os=-sunos3
-		;;
-	sun2os4)
-		basic_machine=m68000-sun
-		os=-sunos4
-		;;
-	sun3os3)
-		basic_machine=m68k-sun
-		os=-sunos3
-		;;
-	sun3os4)
-		basic_machine=m68k-sun
-		os=-sunos4
-		;;
-	sun4os3)
-		basic_machine=sparc-sun
-		os=-sunos3
-		;;
-	sun4os4)
-		basic_machine=sparc-sun
-		os=-sunos4
-		;;
-	sun4sol2)
-		basic_machine=sparc-sun
-		os=-solaris2
-		;;
-	sun3 | sun3-*)
-		basic_machine=m68k-sun
-		;;
-	sun4)
-		basic_machine=sparc-sun
-		;;
-	sun386 | sun386i | roadrunner)
-		basic_machine=i386-sun
-		;;
-	symmetry)
-		basic_machine=i386-sequent
-		os=-dynix
-		;;
-	tower | tower-32)
-		basic_machine=m68k-ncr
-		;;
-	udi29k)
-		basic_machine=a29k-amd
-		os=-udi
-		;;
-	ultra3)
-		basic_machine=a29k-nyu
-		os=-sym1
-		;;
-	vaxv)
-		basic_machine=vax-dec
-		os=-sysv
-		;;
-	vpp*|vx|vx-*)
-		basic_machine=f301-fujitsu
-		;;
-	vms)
-		basic_machine=vax-dec
-		os=-vms
-		;;
-       vpp*|vx|vx-*)
-               basic_machine=f301-fujitsu
-               ;;
-	vxworks960)
-		basic_machine=i960-wrs
-		os=-vxworks
-		;;
-	vxworks68)
-		basic_machine=m68k-wrs
-		os=-vxworks
-		;;
-	vxworks29k)
-		basic_machine=a29k-wrs
-		os=-vxworks
-		;;
-	xmp)
-		basic_machine=xmp-cray
-		os=-unicos
-		;;
-        xps | xps100)
-		basic_machine=xps100-honeywell
-		;;
-	none)
-		basic_machine=none-none
-		os=-none
-		;;
-
-# Here we handle the default manufacturer of certain CPU types.  It is in
-# some cases the only manufacturer, in others, it is the most popular.
-	mips)
-		basic_machine=mips-mips
-		;;
-	romp)
-		basic_machine=romp-ibm
-		;;
-	rs6000)
-		basic_machine=rs6000-ibm
-		;;
-	vax)
-		basic_machine=vax-dec
-		;;
-	pdp11)
-		basic_machine=pdp11-dec
-		;;
-	we32k)
-		basic_machine=we32k-att
-		;;
-	sparc)
-		basic_machine=sparc-sun
-		;;
-        cydra)
-		basic_machine=cydra-cydrome
-		;;
-	orion)
-		basic_machine=orion-highlevel
-		;;
-	orion105)
-		basic_machine=clipper-highlevel
-		;;
-	*)
-		echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2
-		exit 1
-		;;
-esac
-
-# Here we canonicalize certain aliases for manufacturers.
-case $basic_machine in
-	*-digital*)
-		basic_machine=`echo $basic_machine | sed 's/digital.*/dec/'`
-		;;
-	*-commodore*)
-		basic_machine=`echo $basic_machine | sed 's/commodore.*/cbm/'`
-		;;
-	*)
-		;;
-esac
-
-# Decode manufacturer-specific aliases for certain operating systems.
-
-if [ x"$os" != x"" ]
-then
-case $os in
-        # First match some system type aliases
-        # that might get confused with valid system types.
-	# -solaris* is a basic system type, with this one exception.
-	-solaris1 | -solaris1.*)
-		os=`echo $os | sed -e 's|solaris1|sunos4|'`
-		;;
-	-solaris)
-		os=-solaris2
-		;;
-	-unixware* | svr4*)
-		os=-sysv4
-		;;
-	-gnu/linux*)
-		os=`echo $os | sed -e 's|gnu/linux|linux-gnu|'`
-		;;
-	# First accept the basic system types.
-	# The portable systems comes first.
-	# Each alternative MUST END IN A *, to match a version number.
-	# -sysv* is not here because it comes later, after sysvr4.
-	-gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \
-	      | -*vms* | -sco* | -esix* | -isc* | -aix* | -sunos | -sunos[34]*\
-	      | -hpux* | -unos* | -osf* | -luna* | -dgux* | -solaris* | -sym* \
-	      | -amigados* | -msdos* | -newsos* | -unicos* | -aof* | -aos* \
-	      | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \
-	      | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \
-	      | -hiux* | -386bsd* | -netbsd* | -openbsd* | -freebsd* | -riscix* \
-	      | -lynxos* | -bosx* | -nextstep* | -cxux* | -aout* | -elf* \
-	      | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \
-	      | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \
-	      | -cygwin32* | -pe* | -psos* | -moss* | -proelf* | -rtems* \
-	      | -linux-gnu* | -uxpv*)
-	# Remember, each alternative MUST END IN *, to match a version number.
-		;;
-	-linux*)
-		os=`echo $os | sed -e 's|linux|linux-gnu|'`
-		;;
-	-sunos5*)
-		os=`echo $os | sed -e 's|sunos5|solaris2|'`
-		;;
-	-sunos6*)
-		os=`echo $os | sed -e 's|sunos6|solaris3|'`
-		;;
-	-osfrose*)
-		os=-osfrose
-		;;
-	-osf*)
-		os=-osf
-		;;
-	-utek*)
-		os=-bsd
-		;;
-	-dynix*)
-		os=-bsd
-		;;
-	-acis*)
-		os=-aos
-		;;
-	-ctix* | -uts*)
-		os=-sysv
-		;;
-	-ns2 )
-	        os=-nextstep2
-		;;
-	# Preserve the version number of sinix5.
-	-sinix5.*)
-		os=`echo $os | sed -e 's|sinix|sysv|'`
-		;;
-	-sinix*)
-		os=-sysv4
-		;;
-	-triton*)
-		os=-sysv3
-		;;
-	-oss*)
-		os=-sysv3
-		;;
-	-svr4)
-		os=-sysv4
-		;;
-	-svr3)
-		os=-sysv3
-		;;
-	-sysvr4)
-		os=-sysv4
-		;;
-	# This must come after -sysvr4.
-	-sysv*)
-		;;
-	-xenix)
-		os=-xenix
-		;;
-	-os2*)
-		;;
-	-none)
-		;;
-	*)
-		# Get rid of the `-' at the beginning of $os.
-		os=`echo $os | sed 's/[^-]*-//'`
-		echo Invalid configuration \`$1\': system \`$os\' not recognized 1>&2
-		exit 1
-		;;
-esac
-else
-
-# Here we handle the default operating systems that come with various machines.
-# The value should be what the vendor currently ships out the door with their
-# machine or put another way, the most popular os provided with the machine.
-
-# Note that if you're going to try to match "-MANUFACTURER" here (say,
-# "-sun"), then you have to tell the case statement up towards the top
-# that MANUFACTURER isn't an operating system.  Otherwise, code above
-# will signal an error saying that MANUFACTURER isn't an operating
-# system, and we'll never get to this point.
-
-case $basic_machine in
-	*-acorn)
-		os=-riscix1.2
-		;;
-	arm*-semi)
-		os=-aout
-		;;
-        pdp11-*)
-		os=-none
-		;;
-	*-dec | vax-*)
-		os=-ultrix4.2
-		;;
-	m68*-apollo)
-		os=-domain
-		;;
-	i386-sun)
-		os=-sunos4.0.2
-		;;
-	m68000-sun)
-		os=-sunos3
-		# This also exists in the configure program, but was not the
-		# default.
-		# os=-sunos4
-		;;
-	*-tti)	# must be before sparc entry or we get the wrong os.
-		os=-sysv3
-		;;
-	sparc-* | *-sun)
-		os=-sunos4.1.1
-		;;
-	*-ibm)
-		os=-aix
-		;;
-	*-hp)
-		os=-hpux
-		;;
-	*-hitachi)
-		os=-hiux
-		;;
-	i860-* | *-att | *-ncr | *-altos | *-motorola | *-convergent)
-		os=-sysv
-		;;
-	*-cbm)
-		os=-amigados
-		;;
-	*-dg)
-		os=-dgux
-		;;
-	*-dolphin)
-		os=-sysv3
-		;;
-	m68k-ccur)
-		os=-rtu
-		;;
-	m88k-omron*)
-		os=-luna
-		;;
-	*-next )
-		os=-nextstep
-		;;
-	*-sequent)
-		os=-ptx
-		;;
-	*-crds)
-		os=-unos
-		;;
-	*-ns)
-		os=-genix
-		;;
-	i370-*)
-		os=-mvs
-		;;
-	*-next)
-		os=-nextstep3
-		;;
-        *-gould)
-		os=-sysv
-		;;
-        *-highlevel)
-		os=-bsd
-		;;
-	*-encore)
-		os=-bsd
-		;;
-        *-sgi)
-		os=-irix
-		;;
-        *-siemens)
-		os=-sysv4
-		;;
-	*-masscomp)
-		os=-rtu
-		;;
-	f301-fujitsu)
-		os=-uxpv
-		;;
-	*)
-		os=-none
-		;;
-esac
-fi
-
-# Here we handle the case where we know the os, and the CPU type, but not the
-# manufacturer.  We pick the logical manufacturer.
-vendor=unknown
-case $basic_machine in
-	*-unknown)
-		case $os in
-			-riscix*)
-				vendor=acorn
-				;;
-			-sunos*)
-				vendor=sun
-				;;
-			-aix*)
-				vendor=ibm
-				;;
-			-hpux*)
-				vendor=hp
-				;;
-			-hiux*)
-				vendor=hitachi
-				;;
-			-unos*)
-				vendor=crds
-				;;
-			-dgux*)
-				vendor=dg
-				;;
-			-luna*)
-				vendor=omron
-				;;
-			-genix*)
-				vendor=ns
-				;;
-			-mvs*)
-				vendor=ibm
-				;;
-			-ptx*)
-				vendor=sequent
-				;;
-			-vxsim* | -vxworks*)
-				vendor=wrs
-				;;
-			-aux*)
-				vendor=apple
-				;;
-		esac
-		basic_machine=`echo $basic_machine | sed "s/unknown/$vendor/"`
-		;;
-esac
-
-echo $basic_machine$os
diff --git a/crypto/kerberosIV/configure b/crypto/kerberosIV/configure
deleted file mode 100644
index e6fefbf0b929..000000000000
--- a/crypto/kerberosIV/configure
+++ /dev/null
@@ -1,9343 +0,0 @@
-#! /bin/sh
-
-# From configure.in Revision: 1.285 
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-# Guess values for system-dependent variables and create Makefiles.
-# Generated automatically using autoconf version 2.12 
-# Copyright (C) 1992, 93, 94, 95, 96 Free Software Foundation, Inc.
-#
-# This configure script is free software; the Free Software Foundation
-# gives unlimited permission to copy, distribute and modify it.
-
-# Defaults:
-ac_help=
-ac_default_prefix=/usr/local
-# Any additions from configure.in:
-ac_default_prefix=/usr/athena
-ac_help="$ac_help
-  --with-socks=dir                use socks in dir"
-ac_help="$ac_help
-  --with-socks-lib=dir            use socks-lib in dir"
-ac_help="$ac_help
-  --with-socks-include=dir        use socks-include in dir"
-ac_help="$ac_help
-  --with-shared           create shared libraries for Kerberos"
-ac_help="$ac_help
-  --with-cracklib=dir     use the cracklib.a in dir"
-ac_help="$ac_help
-  --with-dictpath=path    use this dictionary with cracklib
-"
-ac_help="$ac_help
-  --with-mailspool=dir    this is the mail spool directory
-"
-ac_help="$ac_help
-  --enable-random-mkey    use new code for master keys"
-ac_help="$ac_help
-  --with-mkey=file        where to put the master key"
-ac_help="$ac_help
-  --without-berkeley-db   if you don't want berkeley db"
-ac_help="$ac_help
-  --without-afs-support   if you don't want support for afs"
-ac_help="$ac_help
-  --with-des-quad-checksum=kind
-                           default checksum to use (new, old, or guess)"
-ac_help="$ac_help
-  --with-readline=dir                use readline in dir"
-ac_help="$ac_help
-  --with-readline-lib=dir            use readline-lib in dir"
-ac_help="$ac_help
-  --with-readline-include=dir        use readline-include in dir"
-ac_help="$ac_help
-  --with-x                use the X Window System"
-
-# Initialize some variables set by options.
-# The variables have the same names as the options, with
-# dashes changed to underlines.
-build=NONE
-cache_file=./config.cache
-exec_prefix=NONE
-host=NONE
-no_create=
-nonopt=NONE
-no_recursion=
-prefix=NONE
-program_prefix=NONE
-program_suffix=NONE
-program_transform_name=s,x,x,
-silent=
-site=
-srcdir=
-target=NONE
-verbose=
-x_includes=NONE
-x_libraries=NONE
-bindir='${exec_prefix}/bin'
-sbindir='${exec_prefix}/sbin'
-libexecdir='${exec_prefix}/libexec'
-datadir='${prefix}/share'
-sysconfdir='${prefix}/etc'
-sharedstatedir='${prefix}/com'
-localstatedir='${prefix}/var'
-libdir='${exec_prefix}/lib'
-includedir='${prefix}/include'
-oldincludedir='/usr/include'
-infodir='${prefix}/info'
-mandir='${prefix}/man'
-
-# Initialize some other variables.
-subdirs=
-MFLAGS= MAKEFLAGS=
-# Maximum number of lines to put in a shell here document.
-ac_max_here_lines=12
-
-ac_prev=
-for ac_option
-do
-
-  # If the previous option needs an argument, assign it.
-  if test -n "$ac_prev"; then
-    eval "$ac_prev=\$ac_option"
-    ac_prev=
-    continue
-  fi
-
-  case "$ac_option" in
-  -*=*) ac_optarg=`echo "$ac_option" | sed 's/[-_a-zA-Z0-9]*=//'` ;;
-  *) ac_optarg= ;;
-  esac
-
-  # Accept the important Cygnus configure options, so we can diagnose typos.
-
-  case "$ac_option" in
-
-  -bindir | --bindir | --bindi | --bind | --bin | --bi)
-    ac_prev=bindir ;;
-  -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*)
-    bindir="$ac_optarg" ;;
-
-  -build | --build | --buil | --bui | --bu)
-    ac_prev=build ;;
-  -build=* | --build=* | --buil=* | --bui=* | --bu=*)
-    build="$ac_optarg" ;;
-
-  -cache-file | --cache-file | --cache-fil | --cache-fi \
-  | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c)
-    ac_prev=cache_file ;;
-  -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \
-  | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*)
-    cache_file="$ac_optarg" ;;
-
-  -datadir | --datadir | --datadi | --datad | --data | --dat | --da)
-    ac_prev=datadir ;;
-  -datadir=* | --datadir=* | --datadi=* | --datad=* | --data=* | --dat=* \
-  | --da=*)
-    datadir="$ac_optarg" ;;
-
-  -disable-* | --disable-*)
-    ac_feature=`echo $ac_option|sed -e 's/-*disable-//'`
-    # Reject names that are not valid shell variable names.
-    if test -n "`echo $ac_feature| sed 's/[-a-zA-Z0-9_]//g'`"; then
-      { echo "configure: error: $ac_feature: invalid feature name" 1>&2; exit 1; }
-    fi
-    ac_feature=`echo $ac_feature| sed 's/-/_/g'`
-    eval "enable_${ac_feature}=no" ;;
-
-  -enable-* | --enable-*)
-    ac_feature=`echo $ac_option|sed -e 's/-*enable-//' -e 's/=.*//'`
-    # Reject names that are not valid shell variable names.
-    if test -n "`echo $ac_feature| sed 's/[-_a-zA-Z0-9]//g'`"; then
-      { echo "configure: error: $ac_feature: invalid feature name" 1>&2; exit 1; }
-    fi
-    ac_feature=`echo $ac_feature| sed 's/-/_/g'`
-    case "$ac_option" in
-      *=*) ;;
-      *) ac_optarg=yes ;;
-    esac
-    eval "enable_${ac_feature}='$ac_optarg'" ;;
-
-  -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \
-  | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \
-  | --exec | --exe | --ex)
-    ac_prev=exec_prefix ;;
-  -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \
-  | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \
-  | --exec=* | --exe=* | --ex=*)
-    exec_prefix="$ac_optarg" ;;
-
-  -gas | --gas | --ga | --g)
-    # Obsolete; use --with-gas.
-    with_gas=yes ;;
-
-  -help | --help | --hel | --he)
-    # Omit some internal or obsolete options to make the list less imposing.
-    # This message is too long to be a string in the A/UX 3.1 sh.
-    cat << EOF
-Usage: configure [options] [host]
-Options: [defaults in brackets after descriptions]
-Configuration:
-  --cache-file=FILE       cache test results in FILE
-  --help                  print this message
-  --no-create             do not create output files
-  --quiet, --silent       do not print \`checking...' messages
-  --version               print the version of autoconf that created configure
-Directory and file names:
-  --prefix=PREFIX         install architecture-independent files in PREFIX
-                          [$ac_default_prefix]
-  --exec-prefix=EPREFIX   install architecture-dependent files in EPREFIX
-                          [same as prefix]
-  --bindir=DIR            user executables in DIR [EPREFIX/bin]
-  --sbindir=DIR           system admin executables in DIR [EPREFIX/sbin]
-  --libexecdir=DIR        program executables in DIR [EPREFIX/libexec]
-  --datadir=DIR           read-only architecture-independent data in DIR
-                          [PREFIX/share]
-  --sysconfdir=DIR        read-only single-machine data in DIR [PREFIX/etc]
-  --sharedstatedir=DIR    modifiable architecture-independent data in DIR
-                          [PREFIX/com]
-  --localstatedir=DIR     modifiable single-machine data in DIR [PREFIX/var]
-  --libdir=DIR            object code libraries in DIR [EPREFIX/lib]
-  --includedir=DIR        C header files in DIR [PREFIX/include]
-  --oldincludedir=DIR     C header files for non-gcc in DIR [/usr/include]
-  --infodir=DIR           info documentation in DIR [PREFIX/info]
-  --mandir=DIR            man documentation in DIR [PREFIX/man]
-  --srcdir=DIR            find the sources in DIR [configure dir or ..]
-  --program-prefix=PREFIX prepend PREFIX to installed program names
-  --program-suffix=SUFFIX append SUFFIX to installed program names
-  --program-transform-name=PROGRAM
-                          run sed PROGRAM on installed program names
-EOF
-    cat << EOF
-Host type:
-  --build=BUILD           configure for building on BUILD [BUILD=HOST]
-  --host=HOST             configure for HOST [guessed]
-  --target=TARGET         configure for TARGET [TARGET=HOST]
-Features and packages:
-  --disable-FEATURE       do not include FEATURE (same as --enable-FEATURE=no)
-  --enable-FEATURE[=ARG]  include FEATURE [ARG=yes]
-  --with-PACKAGE[=ARG]    use PACKAGE [ARG=yes]
-  --without-PACKAGE       do not use PACKAGE (same as --with-PACKAGE=no)
-  --x-includes=DIR        X include files are in DIR
-  --x-libraries=DIR       X library files are in DIR
-EOF
-    if test -n "$ac_help"; then
-      echo "--enable and --with options recognized:$ac_help"
-    fi
-    exit 0 ;;
-
-  -host | --host | --hos | --ho)
-    ac_prev=host ;;
-  -host=* | --host=* | --hos=* | --ho=*)
-    host="$ac_optarg" ;;
-
-  -includedir | --includedir | --includedi | --included | --include \
-  | --includ | --inclu | --incl | --inc)
-    ac_prev=includedir ;;
-  -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \
-  | --includ=* | --inclu=* | --incl=* | --inc=*)
-    includedir="$ac_optarg" ;;
-
-  -infodir | --infodir | --infodi | --infod | --info | --inf)
-    ac_prev=infodir ;;
-  -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*)
-    infodir="$ac_optarg" ;;
-
-  -libdir | --libdir | --libdi | --libd)
-    ac_prev=libdir ;;
-  -libdir=* | --libdir=* | --libdi=* | --libd=*)
-    libdir="$ac_optarg" ;;
-
-  -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \
-  | --libexe | --libex | --libe)
-    ac_prev=libexecdir ;;
-  -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \
-  | --libexe=* | --libex=* | --libe=*)
-    libexecdir="$ac_optarg" ;;
-
-  -localstatedir | --localstatedir | --localstatedi | --localstated \
-  | --localstate | --localstat | --localsta | --localst \
-  | --locals | --local | --loca | --loc | --lo)
-    ac_prev=localstatedir ;;
-  -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \
-  | --localstate=* | --localstat=* | --localsta=* | --localst=* \
-  | --locals=* | --local=* | --loca=* | --loc=* | --lo=*)
-    localstatedir="$ac_optarg" ;;
-
-  -mandir | --mandir | --mandi | --mand | --man | --ma | --m)
-    ac_prev=mandir ;;
-  -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*)
-    mandir="$ac_optarg" ;;
-
-  -nfp | --nfp | --nf)
-    # Obsolete; use --without-fp.
-    with_fp=no ;;
-
-  -no-create | --no-create | --no-creat | --no-crea | --no-cre \
-  | --no-cr | --no-c)
-    no_create=yes ;;
-
-  -no-recursion | --no-recursion | --no-recursio | --no-recursi \
-  | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r)
-    no_recursion=yes ;;
-
-  -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \
-  | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \
-  | --oldin | --oldi | --old | --ol | --o)
-    ac_prev=oldincludedir ;;
-  -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \
-  | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \
-  | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*)
-    oldincludedir="$ac_optarg" ;;
-
-  -prefix | --prefix | --prefi | --pref | --pre | --pr | --p)
-    ac_prev=prefix ;;
-  -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*)
-    prefix="$ac_optarg" ;;
-
-  -program-prefix | --program-prefix | --program-prefi | --program-pref \
-  | --program-pre | --program-pr | --program-p)
-    ac_prev=program_prefix ;;
-  -program-prefix=* | --program-prefix=* | --program-prefi=* \
-  | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*)
-    program_prefix="$ac_optarg" ;;
-
-  -program-suffix | --program-suffix | --program-suffi | --program-suff \
-  | --program-suf | --program-su | --program-s)
-    ac_prev=program_suffix ;;
-  -program-suffix=* | --program-suffix=* | --program-suffi=* \
-  | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*)
-    program_suffix="$ac_optarg" ;;
-
-  -program-transform-name | --program-transform-name \
-  | --program-transform-nam | --program-transform-na \
-  | --program-transform-n | --program-transform- \
-  | --program-transform | --program-transfor \
-  | --program-transfo | --program-transf \
-  | --program-trans | --program-tran \
-  | --progr-tra | --program-tr | --program-t)
-    ac_prev=program_transform_name ;;
-  -program-transform-name=* | --program-transform-name=* \
-  | --program-transform-nam=* | --program-transform-na=* \
-  | --program-transform-n=* | --program-transform-=* \
-  | --program-transform=* | --program-transfor=* \
-  | --program-transfo=* | --program-transf=* \
-  | --program-trans=* | --program-tran=* \
-  | --progr-tra=* | --program-tr=* | --program-t=*)
-    program_transform_name="$ac_optarg" ;;
-
-  -q | -quiet | --quiet | --quie | --qui | --qu | --q \
-  | -silent | --silent | --silen | --sile | --sil)
-    silent=yes ;;
-
-  -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
-    ac_prev=sbindir ;;
-  -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
-  | --sbi=* | --sb=*)
-    sbindir="$ac_optarg" ;;
-
-  -sharedstatedir | --sharedstatedir | --sharedstatedi \
-  | --sharedstated | --sharedstate | --sharedstat | --sharedsta \
-  | --sharedst | --shareds | --shared | --share | --shar \
-  | --sha | --sh)
-    ac_prev=sharedstatedir ;;
-  -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \
-  | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \
-  | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \
-  | --sha=* | --sh=*)
-    sharedstatedir="$ac_optarg" ;;
-
-  -site | --site | --sit)
-    ac_prev=site ;;
-  -site=* | --site=* | --sit=*)
-    site="$ac_optarg" ;;
-
-  -srcdir | --srcdir | --srcdi | --srcd | --src | --sr)
-    ac_prev=srcdir ;;
-  -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*)
-    srcdir="$ac_optarg" ;;
-
-  -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \
-  | --syscon | --sysco | --sysc | --sys | --sy)
-    ac_prev=sysconfdir ;;
-  -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \
-  | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*)
-    sysconfdir="$ac_optarg" ;;
-
-  -target | --target | --targe | --targ | --tar | --ta | --t)
-    ac_prev=target ;;
-  -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*)
-    target="$ac_optarg" ;;
-
-  -v | -verbose | --verbose | --verbos | --verbo | --verb)
-    verbose=yes ;;
-
-  -version | --version | --versio | --versi | --vers)
-    echo "configure generated by autoconf version 2.12"
-    exit 0 ;;
-
-  -with-* | --with-*)
-    ac_package=`echo $ac_option|sed -e 's/-*with-//' -e 's/=.*//'`
-    # Reject names that are not valid shell variable names.
-    if test -n "`echo $ac_package| sed 's/[-_a-zA-Z0-9]//g'`"; then
-      { echo "configure: error: $ac_package: invalid package name" 1>&2; exit 1; }
-    fi
-    ac_package=`echo $ac_package| sed 's/-/_/g'`
-    case "$ac_option" in
-      *=*) ;;
-      *) ac_optarg=yes ;;
-    esac
-    eval "with_${ac_package}='$ac_optarg'" ;;
-
-  -without-* | --without-*)
-    ac_package=`echo $ac_option|sed -e 's/-*without-//'`
-    # Reject names that are not valid shell variable names.
-    if test -n "`echo $ac_package| sed 's/[-a-zA-Z0-9_]//g'`"; then
-      { echo "configure: error: $ac_package: invalid package name" 1>&2; exit 1; }
-    fi
-    ac_package=`echo $ac_package| sed 's/-/_/g'`
-    eval "with_${ac_package}=no" ;;
-
-  --x)
-    # Obsolete; use --with-x.
-    with_x=yes ;;
-
-  -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \
-  | --x-incl | --x-inc | --x-in | --x-i)
-    ac_prev=x_includes ;;
-  -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \
-  | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*)
-    x_includes="$ac_optarg" ;;
-
-  -x-libraries | --x-libraries | --x-librarie | --x-librari \
-  | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l)
-    ac_prev=x_libraries ;;
-  -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \
-  | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*)
-    x_libraries="$ac_optarg" ;;
-
-  -*) { echo "configure: error: $ac_option: invalid option; use --help to show usage" 1>&2; exit 1; }
-    ;;
-
-  *)
-    if test -n "`echo $ac_option| sed 's/[-a-z0-9.]//g'`"; then
-      echo "configure: warning: $ac_option: invalid host type" 1>&2
-    fi
-    if test "x$nonopt" != xNONE; then
-      { echo "configure: error: can only configure for one host and one target at a time" 1>&2; exit 1; }
-    fi
-    nonopt="$ac_option"
-    ;;
-
-  esac
-done
-
-if test -n "$ac_prev"; then
-  { echo "configure: error: missing argument to --`echo $ac_prev | sed 's/_/-/g'`" 1>&2; exit 1; }
-fi
-
-trap 'rm -fr conftest* confdefs* core core.* *.core $ac_clean_files; exit 1' 1 2 15
-
-# File descriptor usage:
-# 0 standard input
-# 1 file creation
-# 2 errors and warnings
-# 3 some systems may open it to /dev/tty
-# 4 used on the Kubota Titan
-# 6 checking for... messages and results
-# 5 compiler messages saved in config.log
-if test "$silent" = yes; then
-  exec 6>/dev/null
-else
-  exec 6>&1
-fi
-exec 5>./config.log
-
-echo "\
-This file contains any messages produced by compilers while
-running configure, to aid debugging if configure makes a mistake.
-" 1>&5
-
-# Strip out --no-create and --no-recursion so they do not pile up.
-# Also quote any args containing shell metacharacters.
-ac_configure_args=
-for ac_arg
-do
-  case "$ac_arg" in
-  -no-create | --no-create | --no-creat | --no-crea | --no-cre \
-  | --no-cr | --no-c) ;;
-  -no-recursion | --no-recursion | --no-recursio | --no-recursi \
-  | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) ;;
-  *" "*|*"	"*|*[\[\]\~\#\$\^\&\*\(\)\{\}\\\|\;\<\>\?]*)
-  ac_configure_args="$ac_configure_args '$ac_arg'" ;;
-  *) ac_configure_args="$ac_configure_args $ac_arg" ;;
-  esac
-done
-
-# NLS nuisances.
-# Only set these to C if already set.  These must not be set unconditionally
-# because not all systems understand e.g. LANG=C (notably SCO).
-# Fixing LC_MESSAGES prevents Solaris sh from translating var values in `set'!
-# Non-C LC_CTYPE values break the ctype check.
-if test "${LANG+set}"   = set; then LANG=C;   export LANG;   fi
-if test "${LC_ALL+set}" = set; then LC_ALL=C; export LC_ALL; fi
-if test "${LC_MESSAGES+set}" = set; then LC_MESSAGES=C; export LC_MESSAGES; fi
-if test "${LC_CTYPE+set}"    = set; then LC_CTYPE=C;    export LC_CTYPE;    fi
-
-# confdefs.h avoids OS command line length limits that DEFS can exceed.
-rm -rf conftest* confdefs.h
-# AIX cpp loses on an empty file, so make sure it contains at least a newline.
-echo > confdefs.h
-
-# A filename unique to this package, relative to the directory that
-# configure is in, which we can look for to find out if srcdir is correct.
-ac_unique_file=lib/krb/getrealm.c
-
-# Find the source files, if location was not specified.
-if test -z "$srcdir"; then
-  ac_srcdir_defaulted=yes
-  # Try the directory containing this script, then its parent.
-  ac_prog=$0
-  ac_confdir=`echo $ac_prog|sed 's%/[^/][^/]*$%%'`
-  test "x$ac_confdir" = "x$ac_prog" && ac_confdir=.
-  srcdir=$ac_confdir
-  if test ! -r $srcdir/$ac_unique_file; then
-    srcdir=..
-  fi
-else
-  ac_srcdir_defaulted=no
-fi
-if test ! -r $srcdir/$ac_unique_file; then
-  if test "$ac_srcdir_defaulted" = yes; then
-    { echo "configure: error: can not find sources in $ac_confdir or .." 1>&2; exit 1; }
-  else
-    { echo "configure: error: can not find sources in $srcdir" 1>&2; exit 1; }
-  fi
-fi
-srcdir=`echo "${srcdir}" | sed 's%\([^/]\)/*$%\1%'`
-
-# Prefer explicitly selected file to automatically selected ones.
-if test -z "$CONFIG_SITE"; then
-  if test "x$prefix" != xNONE; then
-    CONFIG_SITE="$prefix/share/config.site $prefix/etc/config.site"
-  else
-    CONFIG_SITE="$ac_default_prefix/share/config.site $ac_default_prefix/etc/config.site"
-  fi
-fi
-for ac_site_file in $CONFIG_SITE; do
-  if test -r "$ac_site_file"; then
-    echo "loading site script $ac_site_file"
-    . "$ac_site_file"
-  fi
-done
-
-if test -r "$cache_file"; then
-  echo "loading cache $cache_file"
-  . $cache_file
-else
-  echo "creating cache $cache_file"
-  > $cache_file
-fi
-
-ac_ext=c
-# CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options.
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5'
-ac_link='${CC-cc} -o conftest $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5'
-cross_compiling=$ac_cv_prog_cc_cross
-
-if (echo "testing\c"; echo 1,2,3) | grep c >/dev/null; then
-  # Stardent Vistra SVR4 grep lacks -e, says ghazi@caip.rutgers.edu.
-  if (echo -n testing; echo 1,2,3) | sed s/-n/xn/ | grep xn >/dev/null; then
-    ac_n= ac_c='
-' ac_t='	'
-  else
-    ac_n=-n ac_c= ac_t=
-  fi
-else
-  ac_n= ac_c='\c' ac_t=
-fi
-
-
-
-
-
-PACKAGE=krb4
-VERSION=0.9.6
-# This may be overridden using --prefix=/usr to configure
-
-
-ac_aux_dir=
-for ac_dir in $srcdir $srcdir/.. $srcdir/../..; do
-  if test -f $ac_dir/install-sh; then
-    ac_aux_dir=$ac_dir
-    ac_install_sh="$ac_aux_dir/install-sh -c"
-    break
-  elif test -f $ac_dir/install.sh; then
-    ac_aux_dir=$ac_dir
-    ac_install_sh="$ac_aux_dir/install.sh -c"
-    break
-  fi
-done
-if test -z "$ac_aux_dir"; then
-  { echo "configure: error: can not find install-sh or install.sh in $srcdir $srcdir/.. $srcdir/../.." 1>&2; exit 1; }
-fi
-ac_config_guess=$ac_aux_dir/config.guess
-ac_config_sub=$ac_aux_dir/config.sub
-ac_configure=$ac_aux_dir/configure # This should be Cygnus configure.
-
-
-# Make sure we can run config.sub.
-if $ac_config_sub sun4 >/dev/null 2>&1; then :
-else { echo "configure: error: can not run $ac_config_sub" 1>&2; exit 1; }
-fi
-
-echo $ac_n "checking host system type""... $ac_c" 1>&6
-echo "configure:648: checking host system type" >&5
-
-host_alias=$host
-case "$host_alias" in
-NONE)
-  case $nonopt in
-  NONE)
-    if host_alias=`$ac_config_guess`; then :
-    else { echo "configure: error: can not guess host type; you must specify one" 1>&2; exit 1; }
-    fi ;;
-  *) host_alias=$nonopt ;;
-  esac ;;
-esac
-
-host=`$ac_config_sub $host_alias`
-host_cpu=`echo $host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'`
-host_vendor=`echo $host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\2/'`
-host_os=`echo $host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'`
-echo "$ac_t""$host" 1>&6
-
-echo $ac_n "checking whether ${MAKE-make} sets \${MAKE}""... $ac_c" 1>&6
-echo "configure:669: checking whether ${MAKE-make} sets \${MAKE}" >&5
-set dummy ${MAKE-make}; ac_make=`echo "$2" | sed 'y%./+-%__p_%'`
-if eval "test \"`echo '$''{'ac_cv_prog_make_${ac_make}_set'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftestmake <<\EOF
-all:
-	@echo 'ac_maketemp="${MAKE}"'
-EOF
-# GNU make sometimes prints "make[1]: Entering...", which would confuse us.
-eval `${MAKE-make} -f conftestmake 2>/dev/null | grep temp=`
-if test -n "$ac_maketemp"; then
-  eval ac_cv_prog_make_${ac_make}_set=yes
-else
-  eval ac_cv_prog_make_${ac_make}_set=no
-fi
-rm -f conftestmake
-fi
-if eval "test \"`echo '$ac_cv_prog_make_'${ac_make}_set`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-  SET_MAKE=
-else
-  echo "$ac_t""no" 1>&6
-  SET_MAKE="MAKE=${MAKE-make}"
-fi
-
-if test "$program_transform_name" = s,x,x,; then
-  program_transform_name=
-else
-  # Double any \ or $.  echo might interpret backslashes.
-  cat <<\EOF_SED > conftestsed
-s,\\,\\\\,g; s,\$,$$,g
-EOF_SED
-  program_transform_name="`echo $program_transform_name|sed -f conftestsed`"
-  rm -f conftestsed
-fi
-test "$program_prefix" != NONE &&
-  program_transform_name="s,^,${program_prefix},; $program_transform_name"
-# Use a double $ so make ignores it.
-test "$program_suffix" != NONE &&
-  program_transform_name="s,\$\$,${program_suffix},; $program_transform_name"
-
-# sed with no file args requires a program.
-test "$program_transform_name" = "" && program_transform_name="s,x,x,"
-
-
-# We want these before the checks, so the checks can modify their values.
-test -z "$LDFLAGS" && LDFLAGS=-g
-
-
-echo $ac_n "checking for ln -s or something else""... $ac_c" 1>&6
-echo "configure:720: checking for ln -s or something else" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_LN_S'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  rm -f conftestdata
-if ln -s X conftestdata 2>/dev/null
-then
-  rm -f conftestdata
-  ac_cv_prog_LN_S="ln -s"
-else
-  touch conftestdata1
-  if ln conftestdata1 conftestdata2; then
-    rm -f conftestdata*
-    ac_cv_prog_LN_S=ln
-  else
-    ac_cv_prog_LN_S=cp
-  fi
-fi
-fi
-LN_S="$ac_cv_prog_LN_S"
-echo "$ac_t""$ac_cv_prog_LN_S" 1>&6
-
-# Extract the first word of "gcc", so it can be a program name with args.
-set dummy gcc; ac_word=$2
-echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:745: checking for $ac_word" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  if test -n "$CC"; then
-  ac_cv_prog_CC="$CC" # Let the user override the test.
-else
-  IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS="${IFS}:"
-  for ac_dir in $PATH; do
-    test -z "$ac_dir" && ac_dir=.
-    if test -f $ac_dir/$ac_word; then
-      ac_cv_prog_CC="gcc"
-      break
-    fi
-  done
-  IFS="$ac_save_ifs"
-fi
-fi
-CC="$ac_cv_prog_CC"
-if test -n "$CC"; then
-  echo "$ac_t""$CC" 1>&6
-else
-  echo "$ac_t""no" 1>&6
-fi
-
-if test -z "$CC"; then
-  # Extract the first word of "cc", so it can be a program name with args.
-set dummy cc; ac_word=$2
-echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:774: checking for $ac_word" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  if test -n "$CC"; then
-  ac_cv_prog_CC="$CC" # Let the user override the test.
-else
-  IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS="${IFS}:"
-  ac_prog_rejected=no
-  for ac_dir in $PATH; do
-    test -z "$ac_dir" && ac_dir=.
-    if test -f $ac_dir/$ac_word; then
-      if test "$ac_dir/$ac_word" = "/usr/ucb/cc"; then
-        ac_prog_rejected=yes
-	continue
-      fi
-      ac_cv_prog_CC="cc"
-      break
-    fi
-  done
-  IFS="$ac_save_ifs"
-if test $ac_prog_rejected = yes; then
-  # We found a bogon in the path, so make sure we never use it.
-  set dummy $ac_cv_prog_CC
-  shift
-  if test $# -gt 0; then
-    # We chose a different compiler from the bogus one.
-    # However, it has the same basename, so the bogon will be chosen
-    # first if we set CC to just the basename; use the full file name.
-    shift
-    set dummy "$ac_dir/$ac_word" "$@"
-    shift
-    ac_cv_prog_CC="$@"
-  fi
-fi
-fi
-fi
-CC="$ac_cv_prog_CC"
-if test -n "$CC"; then
-  echo "$ac_t""$CC" 1>&6
-else
-  echo "$ac_t""no" 1>&6
-fi
-
-  test -z "$CC" && { echo "configure: error: no acceptable cc found in \$PATH" 1>&2; exit 1; }
-fi
-
-echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works""... $ac_c" 1>&6
-echo "configure:822: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works" >&5
-
-ac_ext=c
-# CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options.
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5'
-ac_link='${CC-cc} -o conftest $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5'
-cross_compiling=$ac_cv_prog_cc_cross
-
-cat > conftest.$ac_ext <<EOF
-#line 832 "configure"
-#include "confdefs.h"
-main(){return(0);}
-EOF
-if { (eval echo configure:836: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  ac_cv_prog_cc_works=yes
-  # If we can't run a trivial program, we are probably using a cross compiler.
-  if (./conftest; exit) 2>/dev/null; then
-    ac_cv_prog_cc_cross=no
-  else
-    ac_cv_prog_cc_cross=yes
-  fi
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  ac_cv_prog_cc_works=no
-fi
-rm -fr conftest*
-
-echo "$ac_t""$ac_cv_prog_cc_works" 1>&6
-if test $ac_cv_prog_cc_works = no; then
-  { echo "configure: error: installation or configuration problem: C compiler cannot create executables." 1>&2; exit 1; }
-fi
-echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler""... $ac_c" 1>&6
-echo "configure:856: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler" >&5
-echo "$ac_t""$ac_cv_prog_cc_cross" 1>&6
-cross_compiling=$ac_cv_prog_cc_cross
-
-echo $ac_n "checking whether we are using GNU C""... $ac_c" 1>&6
-echo "configure:861: checking whether we are using GNU C" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_gcc'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.c <<EOF
-#ifdef __GNUC__
-  yes;
-#endif
-EOF
-if { ac_try='${CC-cc} -E conftest.c'; { (eval echo configure:870: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then
-  ac_cv_prog_gcc=yes
-else
-  ac_cv_prog_gcc=no
-fi
-fi
-
-echo "$ac_t""$ac_cv_prog_gcc" 1>&6
-
-if test $ac_cv_prog_gcc = yes; then
-  GCC=yes
-  ac_test_CFLAGS="${CFLAGS+set}"
-  ac_save_CFLAGS="$CFLAGS"
-  CFLAGS=
-  echo $ac_n "checking whether ${CC-cc} accepts -g""... $ac_c" 1>&6
-echo "configure:885: checking whether ${CC-cc} accepts -g" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_cc_g'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  echo 'void f(){}' > conftest.c
-if test -z "`${CC-cc} -g -c conftest.c 2>&1`"; then
-  ac_cv_prog_cc_g=yes
-else
-  ac_cv_prog_cc_g=no
-fi
-rm -f conftest*
-
-fi
-
-echo "$ac_t""$ac_cv_prog_cc_g" 1>&6
-  if test "$ac_test_CFLAGS" = set; then
-    CFLAGS="$ac_save_CFLAGS"
-  elif test $ac_cv_prog_cc_g = yes; then
-    CFLAGS="-g -O2"
-  else
-    CFLAGS="-O2"
-  fi
-else
-  GCC=
-  test "${CFLAGS+set}" = set || CFLAGS="-g"
-fi
-
-echo $ac_n "checking how to run the C preprocessor""... $ac_c" 1>&6
-echo "configure:913: checking how to run the C preprocessor" >&5
-# On Suns, sometimes $CPP names a directory.
-if test -n "$CPP" && test -d "$CPP"; then
-  CPP=
-fi
-if test -z "$CPP"; then
-if eval "test \"`echo '$''{'ac_cv_prog_CPP'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-    # This must be in double quotes, not single quotes, because CPP may get
-  # substituted into the Makefile and "${CC-cc}" will confuse make.
-  CPP="${CC-cc} -E"
-  # On the NeXT, cc -E runs the code through the compiler's parser,
-  # not just through cpp.
-  cat > conftest.$ac_ext <<EOF
-#line 928 "configure"
-#include "confdefs.h"
-#include <assert.h>
-Syntax Error
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:934: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out`
-if test -z "$ac_err"; then
-  :
-else
-  echo "$ac_err" >&5
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  CPP="${CC-cc} -E -traditional-cpp"
-  cat > conftest.$ac_ext <<EOF
-#line 945 "configure"
-#include "confdefs.h"
-#include <assert.h>
-Syntax Error
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:951: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out`
-if test -z "$ac_err"; then
-  :
-else
-  echo "$ac_err" >&5
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  CPP=/lib/cpp
-fi
-rm -f conftest*
-fi
-rm -f conftest*
-  ac_cv_prog_CPP="$CPP"
-fi
-  CPP="$ac_cv_prog_CPP"
-else
-  ac_cv_prog_CPP="$CPP"
-fi
-echo "$ac_t""$CPP" 1>&6
-
-echo $ac_n "checking for POSIXized ISC""... $ac_c" 1>&6
-echo "configure:974: checking for POSIXized ISC" >&5
-if test -d /etc/conf/kconfig.d &&
-  grep _POSIX_VERSION /usr/include/sys/unistd.h >/dev/null 2>&1
-then
-  echo "$ac_t""yes" 1>&6
-  ISC=yes # If later tests want to check for ISC.
-  cat >> confdefs.h <<\EOF
-#define _POSIX_SOURCE 1
-EOF
-
-  if test "$GCC" = yes; then
-    CC="$CC -posix"
-  else
-    CC="$CC -Xp"
-  fi
-else
-  echo "$ac_t""no" 1>&6
-  ISC=
-fi
-
-for ac_prog in byacc yacc 'bison -y'
-do
-# Extract the first word of "$ac_prog", so it can be a program name with args.
-set dummy $ac_prog; ac_word=$2
-echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:999: checking for $ac_word" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_YACC'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  if test -n "$YACC"; then
-  ac_cv_prog_YACC="$YACC" # Let the user override the test.
-else
-  IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS="${IFS}:"
-  for ac_dir in $PATH; do
-    test -z "$ac_dir" && ac_dir=.
-    if test -f $ac_dir/$ac_word; then
-      ac_cv_prog_YACC="$ac_prog"
-      break
-    fi
-  done
-  IFS="$ac_save_ifs"
-fi
-fi
-YACC="$ac_cv_prog_YACC"
-if test -n "$YACC"; then
-  echo "$ac_t""$YACC" 1>&6
-else
-  echo "$ac_t""no" 1>&6
-fi
-
-test -n "$YACC" && break
-done
-
-# Extract the first word of "flex", so it can be a program name with args.
-set dummy flex; ac_word=$2
-echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1030: checking for $ac_word" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_LEX'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  if test -n "$LEX"; then
-  ac_cv_prog_LEX="$LEX" # Let the user override the test.
-else
-  IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS="${IFS}:"
-  for ac_dir in $PATH; do
-    test -z "$ac_dir" && ac_dir=.
-    if test -f $ac_dir/$ac_word; then
-      ac_cv_prog_LEX="flex"
-      break
-    fi
-  done
-  IFS="$ac_save_ifs"
-  test -z "$ac_cv_prog_LEX" && ac_cv_prog_LEX="lex"
-fi
-fi
-LEX="$ac_cv_prog_LEX"
-if test -n "$LEX"; then
-  echo "$ac_t""$LEX" 1>&6
-else
-  echo "$ac_t""no" 1>&6
-fi
-
-if test -z "$LEXLIB"
-then
-  case "$LEX" in
-  flex*) ac_lib=fl ;;
-  *) ac_lib=l ;;
-  esac
-  echo $ac_n "checking for yywrap in -l$ac_lib""... $ac_c" 1>&6
-echo "configure:1063: checking for yywrap in -l$ac_lib" >&5
-ac_lib_var=`echo $ac_lib'_'yywrap | sed 'y%./+-%__p_%'`
-if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  ac_save_LIBS="$LIBS"
-LIBS="-l$ac_lib  $LIBS"
-cat > conftest.$ac_ext <<EOF
-#line 1071 "configure"
-#include "confdefs.h"
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char yywrap();
-
-int main() {
-yywrap()
-; return 0; }
-EOF
-if { (eval echo configure:1082: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "ac_cv_lib_$ac_lib_var=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_lib_$ac_lib_var=no"
-fi
-rm -f conftest*
-LIBS="$ac_save_LIBS"
-
-fi
-if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-  LEXLIB="-l$ac_lib"
-else
-  echo "$ac_t""no" 1>&6
-fi
-
-fi
-
-# Extract the first word of "ranlib", so it can be a program name with args.
-set dummy ranlib; ac_word=$2
-echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1107: checking for $ac_word" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_RANLIB'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  if test -n "$RANLIB"; then
-  ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test.
-else
-  IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS="${IFS}:"
-  for ac_dir in $PATH; do
-    test -z "$ac_dir" && ac_dir=.
-    if test -f $ac_dir/$ac_word; then
-      ac_cv_prog_RANLIB="ranlib"
-      break
-    fi
-  done
-  IFS="$ac_save_ifs"
-  test -z "$ac_cv_prog_RANLIB" && ac_cv_prog_RANLIB=":"
-fi
-fi
-RANLIB="$ac_cv_prog_RANLIB"
-if test -n "$RANLIB"; then
-  echo "$ac_t""$RANLIB" 1>&6
-else
-  echo "$ac_t""no" 1>&6
-fi
-
-# Find a good install program.  We prefer a C program (faster),
-# so one script is as good as another.  But avoid the broken or
-# incompatible versions:
-# SysV /etc/install, /usr/sbin/install
-# SunOS /usr/etc/install
-# IRIX /sbin/install
-# AIX /bin/install
-# AFS /usr/afsws/bin/install, which mishandles nonexistent args
-# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff"
-# ./install, which can be erroneously created by make from ./install.sh.
-echo $ac_n "checking for a BSD compatible install""... $ac_c" 1>&6
-echo "configure:1144: checking for a BSD compatible install" >&5
-if test -z "$INSTALL"; then
-if eval "test \"`echo '$''{'ac_cv_path_install'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-    IFS="${IFS= 	}"; ac_save_IFS="$IFS"; IFS="${IFS}:"
-  for ac_dir in $PATH; do
-    # Account for people who put trailing slashes in PATH elements.
-    case "$ac_dir/" in
-    /|./|.//|/etc/*|/usr/sbin/*|/usr/etc/*|/sbin/*|/usr/afsws/bin/*|/usr/ucb/*) ;;
-    *)
-      # OSF1 and SCO ODT 3.0 have their own names for install.
-      for ac_prog in ginstall installbsd scoinst install; do
-        if test -f $ac_dir/$ac_prog; then
-	  if test $ac_prog = install &&
-            grep dspmsg $ac_dir/$ac_prog >/dev/null 2>&1; then
-	    # AIX install.  It has an incompatible calling convention.
-	    # OSF/1 installbsd also uses dspmsg, but is usable.
-	    :
-	  else
-	    ac_cv_path_install="$ac_dir/$ac_prog -c"
-	    break 2
-	  fi
-	fi
-      done
-      ;;
-    esac
-  done
-  IFS="$ac_save_IFS"
-
-fi
-  if test "${ac_cv_path_install+set}" = set; then
-    INSTALL="$ac_cv_path_install"
-  else
-    # As a last resort, use the slow shell script.  We don't cache a
-    # path for INSTALL within a source directory, because that will
-    # break other packages using the cache if that directory is
-    # removed, or if the path is relative.
-    INSTALL="$ac_install_sh"
-  fi
-fi
-echo "$ac_t""$INSTALL" 1>&6
-
-# Use test -z because SunOS4 sh mishandles braces in ${var-val}.
-# It thinks the first close brace ends the variable substitution.
-test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}'
-
-test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644'
-
-# Extract the first word of "makeinfo", so it can be a program name with args.
-set dummy makeinfo; ac_word=$2
-echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1196: checking for $ac_word" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_MAKEINFO'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  if test -n "$MAKEINFO"; then
-  ac_cv_prog_MAKEINFO="$MAKEINFO" # Let the user override the test.
-else
-  IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS="${IFS}:"
-  for ac_dir in $PATH; do
-    test -z "$ac_dir" && ac_dir=.
-    if test -f $ac_dir/$ac_word; then
-      ac_cv_prog_MAKEINFO="makeinfo"
-      break
-    fi
-  done
-  IFS="$ac_save_ifs"
-  test -z "$ac_cv_prog_MAKEINFO" && ac_cv_prog_MAKEINFO=":"
-fi
-fi
-MAKEINFO="$ac_cv_prog_MAKEINFO"
-if test -n "$MAKEINFO"; then
-  echo "$ac_t""$MAKEINFO" 1>&6
-else
-  echo "$ac_t""no" 1>&6
-fi
-
-
-
-
-echo $ac_n "checking for socks""... $ac_c" 1>&6
-echo "configure:1226: checking for socks" >&5
-# Check whether --with-socks or --without-socks was given.
-if test "${with_socks+set}" = set; then
-  withval="$with_socks"
-  if test "$with_socks" = "no"; then
-  with_socks=
-fi
-
-fi
-
-# Check whether --with-socks-lib or --without-socks-lib was given.
-if test "${with_socks_lib+set}" = set; then
-  withval="$with_socks_lib"
-  if test "$withval" = "yes" -o "$withval" = "no"; then
-  { echo "configure: error: No argument for --with-socks-lib" 1>&2; exit 1; }
-elif test "X$with_socks" = "X"; then
-  with_socks=yes
-fi
-
-fi
-
-# Check whether --with-socks-include or --without-socks-include was given.
-if test "${with_socks_include+set}" = set; then
-  withval="$with_socks_include"
-  if test "$withval" = "yes" -o "$withval" = "no"; then
-  { echo "configure: error: No argument for --with-socks-include" 1>&2; exit 1; }
-elif test "X$with_socks" = "X"; then
-  with_socks=yes
-fi
-
-fi
-
-
-
-: << END
-@@@syms="$syms SOCKS"@@@
-END
-
-if test -n "$with_socks"; then
-  cat >> confdefs.h <<\EOF
-#define SOCKS 1
-EOF
-
-  if test "$with_socks" != "yes"; then
-    socks_dir=$with_socks
-  fi
-  if test -n "$with_socks_include"; then
-    trydir=$with_socks_include
-  elif test "$with_socks" != "yes"; then
-    trydir="$with_socks $with_socks/include"
-  else
-    trydir=
-  fi
-  found=
-  for i in $trydir ""; do
-    if test -n "$i"; then
-      if test -f $i/socks.h; then
-        found=yes; res=$i; break
-      fi
-    else
-      cat > conftest.$ac_ext <<EOF
-#line 1287 "configure"
-#include "confdefs.h"
-#include <socks.h>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:1292: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out`
-if test -z "$ac_err"; then
-  rm -rf conftest*
-  found=yes; res=$i; break
-else
-  echo "$ac_err" >&5
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-fi
-rm -f conftest*
-    fi
-  done
-  if test -n "$found"; then
-    socks_include=$res
-  else
-    { echo "configure: error: Cannot find socks.h" 1>&2; exit 1; }
-  fi
-  if test -n "$with_socks_lib"; then
-    trydir=$with_socks_lib
-  elif test "$with_socks" != "yes"; then
-    trydir="$with_socks $with_socks/lib"
-  else
-    trydir=
-  fi
-  found=
-  for i in $trydir ""; do
-    if test -n "$i"; then
-      if test -f $i/libsocks5.a; then
-        found=yes; res=$i; break
-      fi
-    else
-      old_LIBS=$LIBS
-      LIBS="-lsocks5 $LIBS"
-      cat > conftest.$ac_ext <<EOF
-#line 1327 "configure"
-#include "confdefs.h"
-
-int main() {
-
-; return 0; }
-EOF
-if { (eval echo configure:1334: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  found=yes; res=$i; LIBS=$old_LIBS; break
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-fi
-rm -f conftest*
-      LIBS=$old_LIBS
-    fi
-  done
-  if test -n "$found"; then
-    socks_lib=$res
-  else
-    { echo "configure: error: Cannot find libsocks5.a" 1>&2; exit 1; }
-  fi
-  echo "$ac_t""headers $socks_include, libraries $socks_lib" 1>&6
-  cat >> confdefs.h <<EOF
-#define SOCKS 1
-EOF
-
-  if test -n "$socks_include"; then
-    SOCKSINCLUDE="-I$socks_include"
-  fi
-  
-  if test -n "$socks_lib"; then
-    SOCKSLIB="-L$socks_lib"
-  fi
-  SOCKSLIB="$SOCKSLIB -lsocks5"
-  
-else
-  echo "$ac_t""no" 1>&6
-fi
-
-
-CFLAGS="$SOCKSINCLUDE $CFLAGS"
-LIBS="$SOCKSLIB $LIBS"
-
-# Check whether --with-shared or --without-shared was given.
-if test "${with_shared+set}" = set; then
-  withval="$with_shared"
-  :
-fi
-
-
-# Check whether --with-cracklib or --without-cracklib was given.
-if test "${with_cracklib+set}" = set; then
-  withval="$with_cracklib"
-  :
-fi
-
-
-# Check whether --with-dictpath or --without-dictpath was given.
-if test "${with_dictpath+set}" = set; then
-  withval="$with_dictpath"
-  :
-fi
-
-
-(test -z "$with_cracklib" && test -n "$with_dictpath") ||
-(test -n "$with_cracklib" && test -z "$with_dictpath") &&
-{ echo "configure: error: --with-cracklib requires --with-dictpath and vice versa" 1>&2; exit 1; }
-test -n "$with_cracklib" &&
-CRACKLIB="-L$with_cracklib -lcrack" &&
-echo "$ac_t""Using cracklib in $with_cracklib" 1>&6
-test -n "$with_dictpath" &&
-echo "$ac_t""Using dictpath=$with_dictpath" 1>&6 &&
-cat >> confdefs.h <<EOF
-#define DICTPATH "$with_dictpath"
-EOF
-
-
-# Check whether --with-mailspool or --without-mailspool was given.
-if test "${with_mailspool+set}" = set; then
-  withval="$with_mailspool"
-  :
-fi
-
-
-test -n "$with_mailspool" &&
-cat >> confdefs.h <<EOF
-#define KRB4_MAILDIR "$with_mailspool"
-EOF
-
-
-# Check whether --enable-random-mkey or --disable-random-mkey was given.
-if test "${enable_random_mkey+set}" = set; then
-  enableval="$enable_random_mkey"
-  
-if test "$enableval" = "yes"; then
-	cat >> confdefs.h <<\EOF
-#define RANDOM_MKEY 1
-EOF
-
-fi
-
-fi
-
-
-# Check whether --with-mkey or --without-mkey was given.
-if test "${with_mkey+set}" = set; then
-  withval="$with_mkey"
-  
-if test -n "$withval"; then
-	cat >> confdefs.h <<EOF
-#define MKEYFILE "$withval"
-EOF
-
-fi
-
-fi
-
-
-berkeley_db=db
-# Check whether --with-berkeley-db or --without-berkeley-db was given.
-if test "${with_berkeley_db+set}" = set; then
-  withval="$with_berkeley_db"
-  
-if test "$withval" = no; then
-	berkeley_db=""
-fi
-
-fi
-
-
-afs_support=yes
-# Check whether --with-afs-support or --without-afs-support was given.
-if test "${with_afs_support+set}" = set; then
-  withval="$with_afs_support"
-  
-if test "$withval" = no; then
-	cat >> confdefs.h <<\EOF
-#define NO_AFS 1
-EOF
-
-	afs_support=no
-fi
-
-fi
-
-
-des_quad=guess
-# Check whether --with-des-quad-checksum or --without-des-quad-checksum was given.
-if test "${with_des_quad_checksum+set}" = set; then
-  withval="$with_des_quad_checksum"
-  
-des_quad="$withval"
-
-fi
-
-if test "$des_quad" = "new"; then
-	cat >> confdefs.h <<\EOF
-#define DES_QUAD_DEFAULT DES_QUAD_NEW
-EOF
-
-elif test "$des_quad" = "old"; then
-	cat >> confdefs.h <<\EOF
-#define DES_QUAD_DEFAULT DES_QUAD_OLD
-EOF
-
-else
-	cat >> confdefs.h <<\EOF
-#define DES_QUAD_DEFAULT DES_QUAD_GUESS
-EOF
-
-fi	
-
-
-echo $ac_n "checking for readline""... $ac_c" 1>&6
-echo "configure:1503: checking for readline" >&5
-# Check whether --with-readline or --without-readline was given.
-if test "${with_readline+set}" = set; then
-  withval="$with_readline"
-  if test "$with_readline" = "no"; then
-  with_readline=
-fi
-
-fi
-
-# Check whether --with-readline-lib or --without-readline-lib was given.
-if test "${with_readline_lib+set}" = set; then
-  withval="$with_readline_lib"
-  if test "$withval" = "yes" -o "$withval" = "no"; then
-  { echo "configure: error: No argument for --with-readline-lib" 1>&2; exit 1; }
-elif test "X$with_readline" = "X"; then
-  with_readline=yes
-fi
-
-fi
-
-# Check whether --with-readline-include or --without-readline-include was given.
-if test "${with_readline_include+set}" = set; then
-  withval="$with_readline_include"
-  if test "$withval" = "yes" -o "$withval" = "no"; then
-  { echo "configure: error: No argument for --with-readline-include" 1>&2; exit 1; }
-elif test "X$with_readline" = "X"; then
-  with_readline=yes
-fi
-
-fi
-
-
-
-: << END
-@@@syms="$syms READLINE"@@@
-END
-
-if test -n "$with_readline"; then
-  cat >> confdefs.h <<\EOF
-#define READLINE 1
-EOF
-
-  if test "$with_readline" != "yes"; then
-    readline_dir=$with_readline
-  fi
-  if test -n "$with_readline_include"; then
-    trydir=$with_readline_include
-  elif test "$with_readline" != "yes"; then
-    trydir="$with_readline $with_readline/include"
-  else
-    trydir=
-  fi
-  found=
-  for i in $trydir ""; do
-    if test -n "$i"; then
-      if test -f $i/readline.h; then
-        found=yes; res=$i; break
-      fi
-    else
-      cat > conftest.$ac_ext <<EOF
-#line 1564 "configure"
-#include "confdefs.h"
-#include <readline.h>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:1569: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out`
-if test -z "$ac_err"; then
-  rm -rf conftest*
-  found=yes; res=$i; break
-else
-  echo "$ac_err" >&5
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-fi
-rm -f conftest*
-    fi
-  done
-  if test -n "$found"; then
-    readline_include=$res
-  else
-    { echo "configure: error: Cannot find readline.h" 1>&2; exit 1; }
-  fi
-  if test -n "$with_readline_lib"; then
-    trydir=$with_readline_lib
-  elif test "$with_readline" != "yes"; then
-    trydir="$with_readline $with_readline/lib"
-  else
-    trydir=
-  fi
-  found=
-  for i in $trydir ""; do
-    if test -n "$i"; then
-      if test -f $i/libreadline.a; then
-        found=yes; res=$i; break
-      fi
-    else
-      old_LIBS=$LIBS
-      LIBS="-lreadline $LIBS"
-      cat > conftest.$ac_ext <<EOF
-#line 1604 "configure"
-#include "confdefs.h"
-
-int main() {
-
-; return 0; }
-EOF
-if { (eval echo configure:1611: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  found=yes; res=$i; LIBS=$old_LIBS; break
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-fi
-rm -f conftest*
-      LIBS=$old_LIBS
-    fi
-  done
-  if test -n "$found"; then
-    readline_lib=$res
-  else
-    { echo "configure: error: Cannot find libreadline.a" 1>&2; exit 1; }
-  fi
-  echo "$ac_t""headers $readline_include, libraries $readline_lib" 1>&6
-  cat >> confdefs.h <<EOF
-#define READLINE 1
-EOF
-
-  if test -n "$readline_include"; then
-    READLINEINCLUDE="-I$readline_include"
-  fi
-  
-  if test -n "$readline_lib"; then
-    READLINELIB="-L$readline_lib"
-  fi
-  READLINELIB="$READLINELIB -lreadline"
-  
-else
-  echo "$ac_t""no" 1>&6
-fi
-
-
-
-
-
-case ${with_shared} in
-  yes ) with_shared=yes;;
-  no  ) with_shared=no;;
-  *   ) with_shared=no;;
-esac
-
-# NOTE: Building shared libraries may not work if you do not use gcc!
-#
-# OS		$SHLIBEXT
-# HP-UX		sl
-# Linux		so
-# NetBSD	so
-# FreeBSD	so
-# OSF		so
-# SunOS5	so
-# SunOS4	so.0.5
-# Irix		so
-#
-# LIBEXT is the extension we should build (.a or $SHLIBEXT)
-REAL_PICFLAGS="-fpic"
-LDSHARED='$(CC) $(PICFLAGS) -shared'
-LIBPREFIX=lib
-REAL_SHLIBEXT=so
-SHLIB_VERSION=`echo $VERSION | sed 's/\([0-9.]*\).*/\1/'`
-case "${host}" in
-*-*-hpux*)
-	REAL_SHLIBEXT=sl
-	REAL_LD_FLAGS='-Wl,+b$(libdir)'
-	if test -z "$GCC"; then
-		LDSHARED="ld -b"
-		REAL_PICFLAGS="+z"
-	fi
-	;;
-*-*-linux*)
-	REAL_LD_FLAGS='-Wl,-rpath,$(libdir)'
-	;;
-*-*-*bsd*)
-	REAL_SHLIBEXT=so.$SHLIB_VERSION
-	LDSHARED='ld -Bshareable'
-	REAL_LD_FLAGS='-Wl,-R$(libdir)'
-	;;
-*-*-osf*)
-	REAL_LD_FLAGS='-Wl,-rpath,$(libdir)'
-	REAL_PICFLAGS=
-	LDSHARED='ld -shared -expect_unresolved \*'
-	;;
-*-*-solaris2*)
-	REAL_LD_FLAGS='-Wl,-R$(libdir)'
-	if test -z "$GCC"; then
-		LDSHARED='$(CC) -G'
-		REAL_PICFLAGS="-Kpic"
-	fi
-	;;
-*-*-sunos*)
-	REAL_SHLIBEXT=so.$SHLIB_VERSION
-	REAL_LD_FLAGS='-Wl,-L$(libdir)'
-	;;
-*-*-irix*)
-	REAL_LD_FLAGS='-Wl,-rpath,$(libdir)'
-	REAL_PICFLAGS=
-	;;
-*-*-os2_emx*)
-	LD_FLAGS='-Zexe'
-	LIBPREFIX=
-	EXECSUFFIX='.exe'
-	RANLIB=EMXOMF
-	REAL_SHLIBEXT=nobuild
-	;;
-*-*-cygwin32*)
-	EXECSUFFIX='.exe'
-	REAL_SHLIBEXT=nobuild
-	;;
-*)	REAL_SHLIBEXT=nobuild
-	REAL_PICFLAGS= 
-	;;
-esac
-
-if test "${with_shared}" != "yes" ; then 
- PICFLAGS=""
- SHLIBEXT="nobuild"
- LIBEXT="a"
-else
- PICFLAGS="$REAL_PICFLAGS"
- SHLIBEXT="$REAL_SHLIBEXT"
- LIBEXT="$SHLIBEXT"
- LD_FLAGS="$REAL_LD_FLAGS"
-fi
-
-   
-       
-
-
-if test "${with_shared}" = "yes"; then
-echo $ac_n "checking for pragma weak""... $ac_c" 1>&6
-echo "configure:1743: checking for pragma weak" >&5
-if eval "test \"`echo '$''{'ac_have_pragma_weak'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-ac_have_pragma_weak=no
-cat > conftest_foo.$ac_ext <<'EOF'
-#line 1750 "configure"
-#include "confdefs.h"
-#pragma weak foo = _foo
-int _foo = 17;
-EOF
-cat > conftest_bar.$ac_ext <<'EOF'
-#line 1756 "configure"
-#include "confdefs.h"
-extern int foo;
-
-int t() {
-  return foo;
-}
-
-int main() {
-  return t();
-}
-EOF
-if { (eval echo configure:1768: \"$'CC -o conftest $CFLAGS $CPPFLAGS $LDFLAGS conftest_foo.$ac_ext conftest_bar.$ac_ext 1>&5'\") 1>&5; (eval $'CC -o conftest $CFLAGS $CPPFLAGS $LDFLAGS conftest_foo.$ac_ext conftest_bar.$ac_ext 1>&5') 2>&5; }; then
-ac_have_pragma_weak=yes
-fi
-rm -rf conftest*
-
-fi
-
-if test "$ac_have_pragma_weak" = "yes"; then
-	cat >> confdefs.h <<\EOF
-#define HAVE_PRAGMA_WEAK 1
-EOF
-fi
-echo "$ac_t""$ac_have_pragma_weak" 1>&6
-fi
-
-
-echo $ac_n "checking whether byte ordering is bigendian""... $ac_c" 1>&6
-echo "configure:1785: checking whether byte ordering is bigendian" >&5
-if eval "test \"`echo '$''{'ac_cv_c_bigendian'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  ac_cv_c_bigendian=unknown
-# See if sys/param.h defines the BYTE_ORDER macro.
-cat > conftest.$ac_ext <<EOF
-#line 1792 "configure"
-#include "confdefs.h"
-#include <sys/types.h>
-#include <sys/param.h>
-int main() {
-
-#if !BYTE_ORDER || !BIG_ENDIAN || !LITTLE_ENDIAN
- bogus endian macros
-#endif
-; return 0; }
-EOF
-if { (eval echo configure:1803: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
-  rm -rf conftest*
-  # It does; now see whether it defined to BIG_ENDIAN or not.
-cat > conftest.$ac_ext <<EOF
-#line 1807 "configure"
-#include "confdefs.h"
-#include <sys/types.h>
-#include <sys/param.h>
-int main() {
-
-#if BYTE_ORDER != BIG_ENDIAN
- not big endian
-#endif
-; return 0; }
-EOF
-if { (eval echo configure:1818: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
-  rm -rf conftest*
-  ac_cv_c_bigendian=yes
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  ac_cv_c_bigendian=no
-fi
-rm -f conftest*
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-fi
-rm -f conftest*
-if test $ac_cv_c_bigendian = unknown; then
-if test "$cross_compiling" = yes; then
-    { echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; }
-else
-  cat > conftest.$ac_ext <<EOF
-#line 1838 "configure"
-#include "confdefs.h"
-main () {
-  /* Are we little or big endian?  From Harbison&Steele.  */
-  union
-  {
-    long l;
-    char c[sizeof (long)];
-  } u;
-  u.l = 1;
-  exit (u.c[sizeof (long) - 1] == 1);
-}
-EOF
-if { (eval echo configure:1851: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
-then
-  ac_cv_c_bigendian=no
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -fr conftest*
-  ac_cv_c_bigendian=yes
-fi
-rm -fr conftest*
-fi
-
-fi
-fi
-
-echo "$ac_t""$ac_cv_c_bigendian" 1>&6
-if test $ac_cv_c_bigendian = yes; then
-  cat >> confdefs.h <<\EOF
-#define WORDS_BIGENDIAN 1
-EOF
-
-fi
-
-
-echo $ac_n "checking for working const""... $ac_c" 1>&6
-echo "configure:1876: checking for working const" >&5
-if eval "test \"`echo '$''{'ac_cv_c_const'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 1881 "configure"
-#include "confdefs.h"
-
-int main() {
-
-/* Ultrix mips cc rejects this.  */
-typedef int charset[2]; const charset x;
-/* SunOS 4.1.1 cc rejects this.  */
-char const *const *ccp;
-char **p;
-/* NEC SVR4.0.2 mips cc rejects this.  */
-struct point {int x, y;};
-static struct point const zero = {0,0};
-/* AIX XL C 1.02.0.0 rejects this.
-   It does not let you subtract one const X* pointer from another in an arm
-   of an if-expression whose if-part is not a constant expression */
-const char *g = "string";
-ccp = &g + (g ? g-g : 0);
-/* HPUX 7.0 cc rejects these. */
-++ccp;
-p = (char**) ccp;
-ccp = (char const *const *) p;
-{ /* SCO 3.2v4 cc rejects this.  */
-  char *t;
-  char const *s = 0 ? (char *) 0 : (char const *) 0;
-
-  *t++ = 0;
-}
-{ /* Someone thinks the Sun supposedly-ANSI compiler will reject this.  */
-  int x[] = {25, 17};
-  const int *foo = &x[0];
-  ++foo;
-}
-{ /* Sun SC1.0 ANSI compiler rejects this -- but not the above. */
-  typedef const int *iptr;
-  iptr p = 0;
-  ++p;
-}
-{ /* AIX XL C 1.02.0.0 rejects this saying
-     "k.c", line 2.27: 1506-025 (S) Operand must be a modifiable lvalue. */
-  struct s { int j; const int *ap[3]; };
-  struct s *b; b->j = 5;
-}
-{ /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */
-  const int foo = 10;
-}
-
-; return 0; }
-EOF
-if { (eval echo configure:1930: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
-  rm -rf conftest*
-  ac_cv_c_const=yes
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  ac_cv_c_const=no
-fi
-rm -f conftest*
-fi
-
-echo "$ac_t""$ac_cv_c_const" 1>&6
-if test $ac_cv_c_const = no; then
-  cat >> confdefs.h <<\EOF
-#define const 
-EOF
-
-fi
-
-
-
-
-echo $ac_n "checking for NEXTSTEP""... $ac_c" 1>&6
-echo "configure:1954: checking for NEXTSTEP" >&5
-if eval "test \"`echo '$''{'krb_cv_sys_nextstep'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 1959 "configure"
-#include "confdefs.h"
-#ifdef NeXT
-	yes
-#endif 
-
-EOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  egrep "yes" >/dev/null 2>&1; then
-  rm -rf conftest*
-  krb_cv_sys_nextstep=yes
-else
-  rm -rf conftest*
-  krb_cv_sys_nextstep=no
-fi
-rm -f conftest*
- 
-fi
-
-if test "$krb_cv_sys_nextstep" = "yes"; then
-  CFLAGS="$CFLAGS -posix"
-  LIBS="$LIBS -posix"
-fi
-echo "$ac_t""$krb_cv_sys_nextstep" 1>&6
-
-
-echo $ac_n "checking for AIX""... $ac_c" 1>&6
-echo "configure:1986: checking for AIX" >&5
-if eval "test \"`echo '$''{'krb_cv_sys_aix'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 1991 "configure"
-#include "confdefs.h"
-#ifdef _AIX
-	yes
-#endif 
-
-EOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  egrep "yes" >/dev/null 2>&1; then
-  rm -rf conftest*
-  krb_cv_sys_aix=yes
-else
-  rm -rf conftest*
-  krb_cv_sys_aix=no
-fi
-rm -f conftest*
- 
-fi
-
-echo "$ac_t""$krb_cv_sys_aix" 1>&6
-
-
-if test "$krb_cv_sys_aix" = yes ;then
-	AFS_EXTRA_OBJS='$(srcdir)/afsl.exp dlfcn.o'
-	
-	AFS_EXTRA_LIBS=afslib.so
-	
-fi
-
-#
-# AIX needs /lib/pse.exp for getmsg, but alas that file is broken in
-# AIX414
-#
-
-if test -f /lib/pse.exp ;then
-	LIBS="$LIBS -Wl,-bI:/lib/pse.exp"
-fi
-
-
-echo $ac_n "checking for ANSI C header files""... $ac_c" 1>&6
-echo "configure:2031: checking for ANSI C header files" >&5
-if eval "test \"`echo '$''{'ac_cv_header_stdc'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 2036 "configure"
-#include "confdefs.h"
-#include <stdlib.h>
-#include <stdarg.h>
-#include <string.h>
-#include <float.h>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:2044: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out`
-if test -z "$ac_err"; then
-  rm -rf conftest*
-  ac_cv_header_stdc=yes
-else
-  echo "$ac_err" >&5
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  ac_cv_header_stdc=no
-fi
-rm -f conftest*
-
-if test $ac_cv_header_stdc = yes; then
-  # SunOS 4.x string.h does not declare mem*, contrary to ANSI.
-cat > conftest.$ac_ext <<EOF
-#line 2061 "configure"
-#include "confdefs.h"
-#include <string.h>
-EOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  egrep "memchr" >/dev/null 2>&1; then
-  :
-else
-  rm -rf conftest*
-  ac_cv_header_stdc=no
-fi
-rm -f conftest*
-
-fi
-
-if test $ac_cv_header_stdc = yes; then
-  # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI.
-cat > conftest.$ac_ext <<EOF
-#line 2079 "configure"
-#include "confdefs.h"
-#include <stdlib.h>
-EOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  egrep "free" >/dev/null 2>&1; then
-  :
-else
-  rm -rf conftest*
-  ac_cv_header_stdc=no
-fi
-rm -f conftest*
-
-fi
-
-if test $ac_cv_header_stdc = yes; then
-  # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi.
-if test "$cross_compiling" = yes; then
-  :
-else
-  cat > conftest.$ac_ext <<EOF
-#line 2100 "configure"
-#include "confdefs.h"
-#include <ctype.h>
-#define ISLOWER(c) ('a' <= (c) && (c) <= 'z')
-#define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c))
-#define XOR(e, f) (((e) && !(f)) || (!(e) && (f)))
-int main () { int i; for (i = 0; i < 256; i++)
-if (XOR (islower (i), ISLOWER (i)) || toupper (i) != TOUPPER (i)) exit(2);
-exit (0); }
-
-EOF
-if { (eval echo configure:2111: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
-then
-  :
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -fr conftest*
-  ac_cv_header_stdc=no
-fi
-rm -fr conftest*
-fi
-
-fi
-fi
-
-echo "$ac_t""$ac_cv_header_stdc" 1>&6
-if test $ac_cv_header_stdc = yes; then
-  cat >> confdefs.h <<\EOF
-#define STDC_HEADERS 1
-EOF
-
-fi
-
-
-for ac_hdr in arpa/ftp.h arpa/inet.h arpa/nameser.h
-do
-ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
-echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:2139: checking for $ac_hdr" >&5
-if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 2144 "configure"
-#include "confdefs.h"
-#include <$ac_hdr>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:2149: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out`
-if test -z "$ac_err"; then
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=yes"
-else
-  echo "$ac_err" >&5
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=no"
-fi
-rm -f conftest*
-fi
-if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_hdr 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-for ac_hdr in arpa/telnet.h bind/bitypes.h bsd/bsd.h bsdsetjmp.h
-do
-ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
-echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:2179: checking for $ac_hdr" >&5
-if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 2184 "configure"
-#include "confdefs.h"
-#include <$ac_hdr>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:2189: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out`
-if test -z "$ac_err"; then
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=yes"
-else
-  echo "$ac_err" >&5
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=no"
-fi
-rm -f conftest*
-fi
-if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_hdr 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-for ac_hdr in crypt.h dbm.h dirent.h err.h fcntl.h grp.h io.h
-do
-ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
-echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:2219: checking for $ac_hdr" >&5
-if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 2224 "configure"
-#include "confdefs.h"
-#include <$ac_hdr>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:2229: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out`
-if test -z "$ac_err"; then
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=yes"
-else
-  echo "$ac_err" >&5
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=no"
-fi
-rm -f conftest*
-fi
-if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_hdr 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-for ac_hdr in lastlog.h login.h maillock.h ndbm.h net/if.h
-do
-ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
-echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:2259: checking for $ac_hdr" >&5
-if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 2264 "configure"
-#include "confdefs.h"
-#include <$ac_hdr>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:2269: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out`
-if test -z "$ac_err"; then
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=yes"
-else
-  echo "$ac_err" >&5
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=no"
-fi
-rm -f conftest*
-fi
-if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_hdr 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-for ac_hdr in net/if_tun.h net/if_var.h netdb.h netinet/in.h
-do
-ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
-echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:2299: checking for $ac_hdr" >&5
-if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 2304 "configure"
-#include "confdefs.h"
-#include <$ac_hdr>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:2309: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out`
-if test -z "$ac_err"; then
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=yes"
-else
-  echo "$ac_err" >&5
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=no"
-fi
-rm -f conftest*
-fi
-if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_hdr 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-for ac_hdr in netinet/in6_machtypes.h netinet/in_systm.h
-do
-ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
-echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:2339: checking for $ac_hdr" >&5
-if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 2344 "configure"
-#include "confdefs.h"
-#include <$ac_hdr>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:2349: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out`
-if test -z "$ac_err"; then
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=yes"
-else
-  echo "$ac_err" >&5
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=no"
-fi
-rm -f conftest*
-fi
-if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_hdr 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-for ac_hdr in netinet/ip.h netinet/tcp.h paths.h pty.h pwd.h
-do
-ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
-echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:2379: checking for $ac_hdr" >&5
-if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 2384 "configure"
-#include "confdefs.h"
-#include <$ac_hdr>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:2389: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out`
-if test -z "$ac_err"; then
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=yes"
-else
-  echo "$ac_err" >&5
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=no"
-fi
-rm -f conftest*
-fi
-if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_hdr 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-for ac_hdr in resolv.h rpcsvc/dbm.h sac.h security/pam_modules.h
-do
-ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
-echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:2419: checking for $ac_hdr" >&5
-if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 2424 "configure"
-#include "confdefs.h"
-#include <$ac_hdr>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:2429: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out`
-if test -z "$ac_err"; then
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=yes"
-else
-  echo "$ac_err" >&5
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=no"
-fi
-rm -f conftest*
-fi
-if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_hdr 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-for ac_hdr in shadow.h siad.h signal.h stropts.h sys/bitypes.h
-do
-ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
-echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:2459: checking for $ac_hdr" >&5
-if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 2464 "configure"
-#include "confdefs.h"
-#include <$ac_hdr>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:2469: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out`
-if test -z "$ac_err"; then
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=yes"
-else
-  echo "$ac_err" >&5
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=no"
-fi
-rm -f conftest*
-fi
-if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_hdr 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-for ac_hdr in sys/category.h sys/cdefs.h sys/file.h sys/filio.h
-do
-ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
-echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:2499: checking for $ac_hdr" >&5
-if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 2504 "configure"
-#include "confdefs.h"
-#include <$ac_hdr>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:2509: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out`
-if test -z "$ac_err"; then
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=yes"
-else
-  echo "$ac_err" >&5
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=no"
-fi
-rm -f conftest*
-fi
-if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_hdr 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-for ac_hdr in sys/ioccom.h sys/ioctl.h sys/locking.h sys/mman.h
-do
-ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
-echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:2539: checking for $ac_hdr" >&5
-if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 2544 "configure"
-#include "confdefs.h"
-#include <$ac_hdr>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:2549: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out`
-if test -z "$ac_err"; then
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=yes"
-else
-  echo "$ac_err" >&5
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=no"
-fi
-rm -f conftest*
-fi
-if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_hdr 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-for ac_hdr in sys/param.h sys/proc.h sys/ptyio.h sys/ptyvar.h
-do
-ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
-echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:2579: checking for $ac_hdr" >&5
-if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 2584 "configure"
-#include "confdefs.h"
-#include <$ac_hdr>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:2589: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out`
-if test -z "$ac_err"; then
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=yes"
-else
-  echo "$ac_err" >&5
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=no"
-fi
-rm -f conftest*
-fi
-if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_hdr 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-for ac_hdr in sys/resource.h sys/select.h sys/socket.h
-do
-ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
-echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:2619: checking for $ac_hdr" >&5
-if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 2624 "configure"
-#include "confdefs.h"
-#include <$ac_hdr>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:2629: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out`
-if test -z "$ac_err"; then
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=yes"
-else
-  echo "$ac_err" >&5
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=no"
-fi
-rm -f conftest*
-fi
-if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_hdr 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-for ac_hdr in sys/sockio.h sys/stat.h sys/str_tty.h sys/stream.h
-do
-ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
-echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:2659: checking for $ac_hdr" >&5
-if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 2664 "configure"
-#include "confdefs.h"
-#include <$ac_hdr>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:2669: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out`
-if test -z "$ac_err"; then
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=yes"
-else
-  echo "$ac_err" >&5
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=no"
-fi
-rm -f conftest*
-fi
-if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_hdr 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-for ac_hdr in sys/stropts.h sys/strtty.h sys/syscall.h
-do
-ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
-echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:2699: checking for $ac_hdr" >&5
-if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 2704 "configure"
-#include "confdefs.h"
-#include <$ac_hdr>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:2709: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out`
-if test -z "$ac_err"; then
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=yes"
-else
-  echo "$ac_err" >&5
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=no"
-fi
-rm -f conftest*
-fi
-if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_hdr 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-for ac_hdr in sys/sysctl.h sys/termio.h sys/time.h sys/timeb.h
-do
-ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
-echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:2739: checking for $ac_hdr" >&5
-if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 2744 "configure"
-#include "confdefs.h"
-#include <$ac_hdr>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:2749: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out`
-if test -z "$ac_err"; then
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=yes"
-else
-  echo "$ac_err" >&5
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=no"
-fi
-rm -f conftest*
-fi
-if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_hdr 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-for ac_hdr in sys/times.h sys/tty.h sys/types.h sys/uio.h
-do
-ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
-echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:2779: checking for $ac_hdr" >&5
-if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 2784 "configure"
-#include "confdefs.h"
-#include <$ac_hdr>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:2789: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out`
-if test -z "$ac_err"; then
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=yes"
-else
-  echo "$ac_err" >&5
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=no"
-fi
-rm -f conftest*
-fi
-if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_hdr 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-for ac_hdr in sys/un.h sys/utsname.h sys/wait.h syslog.h
-do
-ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
-echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:2819: checking for $ac_hdr" >&5
-if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 2824 "configure"
-#include "confdefs.h"
-#include <$ac_hdr>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:2829: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out`
-if test -z "$ac_err"; then
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=yes"
-else
-  echo "$ac_err" >&5
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=no"
-fi
-rm -f conftest*
-fi
-if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_hdr 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-for ac_hdr in termio.h termios.h tmpdir.h ttyent.h udb.h ulimit.h
-do
-ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
-echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:2859: checking for $ac_hdr" >&5
-if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 2864 "configure"
-#include "confdefs.h"
-#include <$ac_hdr>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:2869: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out`
-if test -z "$ac_err"; then
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=yes"
-else
-  echo "$ac_err" >&5
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=no"
-fi
-rm -f conftest*
-fi
-if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_hdr 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-for ac_hdr in unistd.h userpw.h usersec.h util.h utime.h utmp.h
-do
-ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
-echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:2899: checking for $ac_hdr" >&5
-if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 2904 "configure"
-#include "confdefs.h"
-#include <$ac_hdr>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:2909: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out`
-if test -z "$ac_err"; then
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=yes"
-else
-  echo "$ac_err" >&5
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=no"
-fi
-rm -f conftest*
-fi
-if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_hdr 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-for ac_hdr in utmpx.h wait.h winsock.h
-do
-ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
-echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:2939: checking for $ac_hdr" >&5
-if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 2944 "configure"
-#include "confdefs.h"
-#include <$ac_hdr>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:2949: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out`
-if test -z "$ac_err"; then
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=yes"
-else
-  echo "$ac_err" >&5
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=no"
-fi
-rm -f conftest*
-fi
-if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_hdr 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-
-echo $ac_n "checking whether time.h and sys/time.h may both be included""... $ac_c" 1>&6
-echo "configure:2977: checking whether time.h and sys/time.h may both be included" >&5
-if eval "test \"`echo '$''{'ac_cv_header_time'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 2982 "configure"
-#include "confdefs.h"
-#include <sys/types.h>
-#include <sys/time.h>
-#include <time.h>
-int main() {
-struct tm *tp;
-; return 0; }
-EOF
-if { (eval echo configure:2991: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
-  rm -rf conftest*
-  ac_cv_header_time=yes
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  ac_cv_header_time=no
-fi
-rm -f conftest*
-fi
-
-echo "$ac_t""$ac_cv_header_time" 1>&6
-if test $ac_cv_header_time = yes; then
-  cat >> confdefs.h <<\EOF
-#define TIME_WITH_SYS_TIME 1
-EOF
-
-fi
-
-echo $ac_n "checking for sys_siglist declaration in signal.h or unistd.h""... $ac_c" 1>&6
-echo "configure:3012: checking for sys_siglist declaration in signal.h or unistd.h" >&5
-if eval "test \"`echo '$''{'ac_cv_decl_sys_siglist'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 3017 "configure"
-#include "confdefs.h"
-#include <sys/types.h>
-#include <signal.h>
-/* NetBSD declares sys_siglist in unistd.h.  */
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-int main() {
-char *msg = *(sys_siglist + 1);
-; return 0; }
-EOF
-if { (eval echo configure:3029: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
-  rm -rf conftest*
-  ac_cv_decl_sys_siglist=yes
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  ac_cv_decl_sys_siglist=no
-fi
-rm -f conftest*
-fi
-
-echo "$ac_t""$ac_cv_decl_sys_siglist" 1>&6
-if test $ac_cv_decl_sys_siglist = yes; then
-  cat >> confdefs.h <<\EOF
-#define SYS_SIGLIST_DECLARED 1
-EOF
-
-fi
-
-
-
-for i in int8_t int16_t int32_t int64_t; do
-	echo $ac_n "checking for $i""... $ac_c" 1>&6
-echo "configure:3053: checking for $i" >&5
-	
-if eval "test \"`echo '$''{'ac_cv_type_$i'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 3059 "configure"
-#include "confdefs.h"
-
-#include "confdefs.h"
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_BITYPES_H
-#include <sys/bitypes.h>
-#endif
-#ifdef HAVE_BIND_BITYPES_H
-#include <bind/bitypes.h>
-#endif
-#ifdef HAVE_NETINET_IN6_MACHTYPES_H
-#include <netinet/in6_machtypes.h>
-#endif
-
-int main() {
-$i x;
-
-; return 0; }
-EOF
-if { (eval echo configure:3081: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
-  rm -rf conftest*
-  eval ac_cv_type_$i=yes
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval ac_cv_type_$i=no
-fi
-rm -f conftest*
-fi
-
-	eval ac_res=\$ac_cv_type_$i
-	if test "$ac_res" = yes; then
-		type=HAVE_`echo $i | tr 'a-z' 'A-Z'`
-		cat >> confdefs.h <<EOF
-#define $type 1
-EOF
-
-	fi
-	echo "$ac_t""$ac_res" 1>&6
-done
-
-
-for i in u_int8_t u_int16_t u_int32_t u_int64_t; do
-	echo $ac_n "checking for $i""... $ac_c" 1>&6
-echo "configure:3107: checking for $i" >&5
-	
-if eval "test \"`echo '$''{'ac_cv_type_$i'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 3113 "configure"
-#include "confdefs.h"
-
-#include "confdefs.h"
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_BITYPES_H
-#include <sys/bitypes.h>
-#endif
-#ifdef HAVE_BIND_BITYPES_H
-#include <bind/bitypes.h>
-#endif
-#ifdef HAVE_NETINET_IN6_MACHTYPES_H
-#include <netinet/in6_machtypes.h>
-#endif
-
-int main() {
-$i x;
-
-; return 0; }
-EOF
-if { (eval echo configure:3135: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
-  rm -rf conftest*
-  eval ac_cv_type_$i=yes
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval ac_cv_type_$i=no
-fi
-rm -f conftest*
-fi
-
-	eval ac_res=\$ac_cv_type_$i
-	if test "$ac_res" = yes; then
-		type=HAVE_`echo $i | tr 'a-z' 'A-Z'`
-		cat >> confdefs.h <<EOF
-#define $type 1
-EOF
-
-	fi
-	echo "$ac_t""$ac_res" 1>&6
-done
-
-
-
-
-
-
-
-echo $ac_n "checking for socket""... $ac_c" 1>&6
-echo "configure:3165: checking for socket" >&5
-if eval "test \"`echo '$''{'ac_cv_funclib_socket'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-if eval "test \"\$ac_cv_func_socket\" != yes" ; then
-	ac_save_LIBS="$LIBS"
-	for ac_lib in "" socket; do
-		if test -n "$ac_lib"; then 
-			ac_lib="-l$ac_lib"
-			LIBS="$ac_lib $ac_save_LIBS"
-		fi
-		cat > conftest.$ac_ext <<EOF
-#line 3178 "configure"
-#include "confdefs.h"
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-int main() {
-socket(0,0,0)
-; return 0; }
-EOF
-if { (eval echo configure:3190: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "if test -n \"$ac_lib\";then ac_cv_funclib_socket=$ac_lib; else ac_cv_funclib_socket=yes; fi";break
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-fi
-rm -f conftest*
-	done
-	eval "ac_cv_funclib_socket=\${ac_cv_funclib_socket-no}"
-	LIBS="$ac_save_LIBS"
-fi
-
-fi
-
-
-eval "ac_res=\$ac_cv_funclib_socket"
-
-# autoheader tricks *sigh*
-: << END
-@@@funcs="$funcs socket"@@@
-@@@libs="$libs socket"@@@
-END
-
-eval "ac_tr_func=HAVE_`echo socket | tr '[a-z]' '[A-Z]'`"
-eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr '[a-z]' '[A-Z]'`"
-eval "LIB_socket=$ac_res"
-
-case "$ac_res" in
-	yes)
-	eval "ac_cv_func_socket=yes"
-	eval "LIB_socket="
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	echo "$ac_t""yes" 1>&6
-	;;
-	no)
-	eval "ac_cv_func_socket=no"
-	eval "LIB_socket="
-	echo "$ac_t""no" 1>&6
-	;;
-	*)
-	eval "ac_cv_func_socket=yes"
-	eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes"
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	cat >> confdefs.h <<EOF
-#define $ac_tr_lib 1
-EOF
-
-	echo "$ac_t""yes, in $ac_res" 1>&6
-	;;
-esac
-
-
-if test -n "$LIB_socket"; then
-	LIBS="$LIB_socket $LIBS"
-fi
-
-
-
-
-echo $ac_n "checking for gethostbyname""... $ac_c" 1>&6
-echo "configure:3257: checking for gethostbyname" >&5
-if eval "test \"`echo '$''{'ac_cv_funclib_gethostbyname'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-if eval "test \"\$ac_cv_func_gethostbyname\" != yes" ; then
-	ac_save_LIBS="$LIBS"
-	for ac_lib in "" nsl; do
-		if test -n "$ac_lib"; then 
-			ac_lib="-l$ac_lib"
-			LIBS="$ac_lib $ac_save_LIBS"
-		fi
-		cat > conftest.$ac_ext <<EOF
-#line 3270 "configure"
-#include "confdefs.h"
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-int main() {
-gethostbyname("foo")
-; return 0; }
-EOF
-if { (eval echo configure:3282: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "if test -n \"$ac_lib\";then ac_cv_funclib_gethostbyname=$ac_lib; else ac_cv_funclib_gethostbyname=yes; fi";break
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-fi
-rm -f conftest*
-	done
-	eval "ac_cv_funclib_gethostbyname=\${ac_cv_funclib_gethostbyname-no}"
-	LIBS="$ac_save_LIBS"
-fi
-
-fi
-
-
-eval "ac_res=\$ac_cv_funclib_gethostbyname"
-
-# autoheader tricks *sigh*
-: << END
-@@@funcs="$funcs gethostbyname"@@@
-@@@libs="$libs nsl"@@@
-END
-
-eval "ac_tr_func=HAVE_`echo gethostbyname | tr '[a-z]' '[A-Z]'`"
-eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr '[a-z]' '[A-Z]'`"
-eval "LIB_gethostbyname=$ac_res"
-
-case "$ac_res" in
-	yes)
-	eval "ac_cv_func_gethostbyname=yes"
-	eval "LIB_gethostbyname="
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	echo "$ac_t""yes" 1>&6
-	;;
-	no)
-	eval "ac_cv_func_gethostbyname=no"
-	eval "LIB_gethostbyname="
-	echo "$ac_t""no" 1>&6
-	;;
-	*)
-	eval "ac_cv_func_gethostbyname=yes"
-	eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes"
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	cat >> confdefs.h <<EOF
-#define $ac_tr_lib 1
-EOF
-
-	echo "$ac_t""yes, in $ac_res" 1>&6
-	;;
-esac
-
-
-if test -n "$LIB_gethostbyname"; then
-	LIBS="$LIB_gethostbyname $LIBS"
-fi
-
-
-
-
-
-
-echo $ac_n "checking for odm_initialize""... $ac_c" 1>&6
-echo "configure:3351: checking for odm_initialize" >&5
-if eval "test \"`echo '$''{'ac_cv_funclib_odm_initialize'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-if eval "test \"\$ac_cv_func_odm_initialize\" != yes" ; then
-	ac_save_LIBS="$LIBS"
-	for ac_lib in "" odm; do
-		if test -n "$ac_lib"; then 
-			ac_lib="-l$ac_lib"
-			LIBS="$ac_lib $ac_save_LIBS"
-		fi
-		cat > conftest.$ac_ext <<EOF
-#line 3364 "configure"
-#include "confdefs.h"
-
-int main() {
-odm_initialize()
-; return 0; }
-EOF
-if { (eval echo configure:3371: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "if test -n \"$ac_lib\";then ac_cv_funclib_odm_initialize=$ac_lib; else ac_cv_funclib_odm_initialize=yes; fi";break
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-fi
-rm -f conftest*
-	done
-	eval "ac_cv_funclib_odm_initialize=\${ac_cv_funclib_odm_initialize-no}"
-	LIBS="$ac_save_LIBS"
-fi
-
-fi
-
-
-eval "ac_res=\$ac_cv_funclib_odm_initialize"
-
-# autoheader tricks *sigh*
-: << END
-@@@funcs="$funcs odm_initialize"@@@
-@@@libs="$libs odm"@@@
-END
-
-eval "ac_tr_func=HAVE_`echo odm_initialize | tr '[a-z]' '[A-Z]'`"
-eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr '[a-z]' '[A-Z]'`"
-eval "LIB_odm_initialize=$ac_res"
-
-case "$ac_res" in
-	yes)
-	eval "ac_cv_func_odm_initialize=yes"
-	eval "LIB_odm_initialize="
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	echo "$ac_t""yes" 1>&6
-	;;
-	no)
-	eval "ac_cv_func_odm_initialize=no"
-	eval "LIB_odm_initialize="
-	echo "$ac_t""no" 1>&6
-	;;
-	*)
-	eval "ac_cv_func_odm_initialize=yes"
-	eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes"
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	cat >> confdefs.h <<EOF
-#define $ac_tr_lib 1
-EOF
-
-	echo "$ac_t""yes, in $ac_res" 1>&6
-	;;
-esac
-
-
-if test -n "$LIB_odm_initialize"; then
-	LIBS="$LIB_odm_initialize $LIBS"
-fi
-
-
-
-
-echo $ac_n "checking for getattr""... $ac_c" 1>&6
-echo "configure:3438: checking for getattr" >&5
-if eval "test \"`echo '$''{'ac_cv_funclib_getattr'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-if eval "test \"\$ac_cv_func_getattr\" != yes" ; then
-	ac_save_LIBS="$LIBS"
-	for ac_lib in "" cfg; do
-		if test -n "$ac_lib"; then 
-			ac_lib="-l$ac_lib"
-			LIBS="$ac_lib $ac_save_LIBS"
-		fi
-		cat > conftest.$ac_ext <<EOF
-#line 3451 "configure"
-#include "confdefs.h"
-
-int main() {
-getattr()
-; return 0; }
-EOF
-if { (eval echo configure:3458: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "if test -n \"$ac_lib\";then ac_cv_funclib_getattr=$ac_lib; else ac_cv_funclib_getattr=yes; fi";break
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-fi
-rm -f conftest*
-	done
-	eval "ac_cv_funclib_getattr=\${ac_cv_funclib_getattr-no}"
-	LIBS="$ac_save_LIBS"
-fi
-
-fi
-
-
-eval "ac_res=\$ac_cv_funclib_getattr"
-
-# autoheader tricks *sigh*
-: << END
-@@@funcs="$funcs getattr"@@@
-@@@libs="$libs cfg"@@@
-END
-
-eval "ac_tr_func=HAVE_`echo getattr | tr '[a-z]' '[A-Z]'`"
-eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr '[a-z]' '[A-Z]'`"
-eval "LIB_getattr=$ac_res"
-
-case "$ac_res" in
-	yes)
-	eval "ac_cv_func_getattr=yes"
-	eval "LIB_getattr="
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	echo "$ac_t""yes" 1>&6
-	;;
-	no)
-	eval "ac_cv_func_getattr=no"
-	eval "LIB_getattr="
-	echo "$ac_t""no" 1>&6
-	;;
-	*)
-	eval "ac_cv_func_getattr=yes"
-	eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes"
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	cat >> confdefs.h <<EOF
-#define $ac_tr_lib 1
-EOF
-
-	echo "$ac_t""yes, in $ac_res" 1>&6
-	;;
-esac
-
-
-if test -n "$LIB_getattr"; then
-	LIBS="$LIB_getattr $LIBS"
-fi
-
-
-
-
-echo $ac_n "checking for setpcred""... $ac_c" 1>&6
-echo "configure:3525: checking for setpcred" >&5
-if eval "test \"`echo '$''{'ac_cv_funclib_setpcred'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-if eval "test \"\$ac_cv_func_setpcred\" != yes" ; then
-	ac_save_LIBS="$LIBS"
-	for ac_lib in "" s; do
-		if test -n "$ac_lib"; then 
-			ac_lib="-l$ac_lib"
-			LIBS="$ac_lib $ac_save_LIBS"
-		fi
-		cat > conftest.$ac_ext <<EOF
-#line 3538 "configure"
-#include "confdefs.h"
-
-int main() {
-setpcred()
-; return 0; }
-EOF
-if { (eval echo configure:3545: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "if test -n \"$ac_lib\";then ac_cv_funclib_setpcred=$ac_lib; else ac_cv_funclib_setpcred=yes; fi";break
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-fi
-rm -f conftest*
-	done
-	eval "ac_cv_funclib_setpcred=\${ac_cv_funclib_setpcred-no}"
-	LIBS="$ac_save_LIBS"
-fi
-
-fi
-
-
-eval "ac_res=\$ac_cv_funclib_setpcred"
-
-# autoheader tricks *sigh*
-: << END
-@@@funcs="$funcs setpcred"@@@
-@@@libs="$libs s"@@@
-END
-
-eval "ac_tr_func=HAVE_`echo setpcred | tr '[a-z]' '[A-Z]'`"
-eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr '[a-z]' '[A-Z]'`"
-eval "LIB_setpcred=$ac_res"
-
-case "$ac_res" in
-	yes)
-	eval "ac_cv_func_setpcred=yes"
-	eval "LIB_setpcred="
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	echo "$ac_t""yes" 1>&6
-	;;
-	no)
-	eval "ac_cv_func_setpcred=no"
-	eval "LIB_setpcred="
-	echo "$ac_t""no" 1>&6
-	;;
-	*)
-	eval "ac_cv_func_setpcred=yes"
-	eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes"
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	cat >> confdefs.h <<EOF
-#define $ac_tr_lib 1
-EOF
-
-	echo "$ac_t""yes, in $ac_res" 1>&6
-	;;
-esac
-
-
-if test -n "$LIB_setpcred"; then
-	LIBS="$LIB_setpcred $LIBS"
-fi
-
-
-
-
-echo $ac_n "checking for logwtmp""... $ac_c" 1>&6
-echo "configure:3612: checking for logwtmp" >&5
-if eval "test \"`echo '$''{'ac_cv_funclib_logwtmp'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-if eval "test \"\$ac_cv_func_logwtmp\" != yes" ; then
-	ac_save_LIBS="$LIBS"
-	for ac_lib in "" util; do
-		if test -n "$ac_lib"; then 
-			ac_lib="-l$ac_lib"
-			LIBS="$ac_lib $ac_save_LIBS"
-		fi
-		cat > conftest.$ac_ext <<EOF
-#line 3625 "configure"
-#include "confdefs.h"
-
-int main() {
-logwtmp()
-; return 0; }
-EOF
-if { (eval echo configure:3632: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "if test -n \"$ac_lib\";then ac_cv_funclib_logwtmp=$ac_lib; else ac_cv_funclib_logwtmp=yes; fi";break
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-fi
-rm -f conftest*
-	done
-	eval "ac_cv_funclib_logwtmp=\${ac_cv_funclib_logwtmp-no}"
-	LIBS="$ac_save_LIBS"
-fi
-
-fi
-
-
-eval "ac_res=\$ac_cv_funclib_logwtmp"
-
-# autoheader tricks *sigh*
-: << END
-@@@funcs="$funcs logwtmp"@@@
-@@@libs="$libs util"@@@
-END
-
-eval "ac_tr_func=HAVE_`echo logwtmp | tr '[a-z]' '[A-Z]'`"
-eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr '[a-z]' '[A-Z]'`"
-eval "LIB_logwtmp=$ac_res"
-
-case "$ac_res" in
-	yes)
-	eval "ac_cv_func_logwtmp=yes"
-	eval "LIB_logwtmp="
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	echo "$ac_t""yes" 1>&6
-	;;
-	no)
-	eval "ac_cv_func_logwtmp=no"
-	eval "LIB_logwtmp="
-	echo "$ac_t""no" 1>&6
-	;;
-	*)
-	eval "ac_cv_func_logwtmp=yes"
-	eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes"
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	cat >> confdefs.h <<EOF
-#define $ac_tr_lib 1
-EOF
-
-	echo "$ac_t""yes, in $ac_res" 1>&6
-	;;
-esac
-
-
-if test -n "$LIB_logwtmp"; then
-	LIBS="$LIB_logwtmp $LIBS"
-fi
-
-
-
-
-
-echo $ac_n "checking for logout""... $ac_c" 1>&6
-echo "configure:3700: checking for logout" >&5
-if eval "test \"`echo '$''{'ac_cv_funclib_logout'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-if eval "test \"\$ac_cv_func_logout\" != yes" ; then
-	ac_save_LIBS="$LIBS"
-	for ac_lib in "" util; do
-		if test -n "$ac_lib"; then 
-			ac_lib="-l$ac_lib"
-			LIBS="$ac_lib $ac_save_LIBS"
-		fi
-		cat > conftest.$ac_ext <<EOF
-#line 3713 "configure"
-#include "confdefs.h"
-
-int main() {
-logout()
-; return 0; }
-EOF
-if { (eval echo configure:3720: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "if test -n \"$ac_lib\";then ac_cv_funclib_logout=$ac_lib; else ac_cv_funclib_logout=yes; fi";break
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-fi
-rm -f conftest*
-	done
-	eval "ac_cv_funclib_logout=\${ac_cv_funclib_logout-no}"
-	LIBS="$ac_save_LIBS"
-fi
-
-fi
-
-
-eval "ac_res=\$ac_cv_funclib_logout"
-
-# autoheader tricks *sigh*
-: << END
-@@@funcs="$funcs logout"@@@
-@@@libs="$libs util"@@@
-END
-
-eval "ac_tr_func=HAVE_`echo logout | tr '[a-z]' '[A-Z]'`"
-eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr '[a-z]' '[A-Z]'`"
-eval "LIB_logout=$ac_res"
-
-case "$ac_res" in
-	yes)
-	eval "ac_cv_func_logout=yes"
-	eval "LIB_logout="
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	echo "$ac_t""yes" 1>&6
-	;;
-	no)
-	eval "ac_cv_func_logout=no"
-	eval "LIB_logout="
-	echo "$ac_t""no" 1>&6
-	;;
-	*)
-	eval "ac_cv_func_logout=yes"
-	eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes"
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	cat >> confdefs.h <<EOF
-#define $ac_tr_lib 1
-EOF
-
-	echo "$ac_t""yes, in $ac_res" 1>&6
-	;;
-esac
-
-
-if test -n "$LIB_logout"; then
-	LIBS="$LIB_logout $LIBS"
-fi
-
-
-
-echo $ac_n "checking for tgetent""... $ac_c" 1>&6
-echo "configure:3786: checking for tgetent" >&5
-if eval "test \"`echo '$''{'ac_cv_funclib_tgetent'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-if eval "test \"\$ac_cv_func_tgetent\" != yes" ; then
-	ac_save_LIBS="$LIBS"
-	for ac_lib in "" termcap; do
-		if test -n "$ac_lib"; then 
-			ac_lib="-l$ac_lib"
-			LIBS="$ac_lib $ac_save_LIBS"
-		fi
-		cat > conftest.$ac_ext <<EOF
-#line 3799 "configure"
-#include "confdefs.h"
-
-int main() {
-tgetent()
-; return 0; }
-EOF
-if { (eval echo configure:3806: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "if test -n \"$ac_lib\";then ac_cv_funclib_tgetent=$ac_lib; else ac_cv_funclib_tgetent=yes; fi";break
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-fi
-rm -f conftest*
-	done
-	eval "ac_cv_funclib_tgetent=\${ac_cv_funclib_tgetent-no}"
-	LIBS="$ac_save_LIBS"
-fi
-
-fi
-
-
-eval "ac_res=\$ac_cv_funclib_tgetent"
-
-# autoheader tricks *sigh*
-: << END
-@@@funcs="$funcs tgetent"@@@
-@@@libs="$libs termcap"@@@
-END
-
-eval "ac_tr_func=HAVE_`echo tgetent | tr '[a-z]' '[A-Z]'`"
-eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr '[a-z]' '[A-Z]'`"
-eval "LIB_tgetent=$ac_res"
-
-case "$ac_res" in
-	yes)
-	eval "ac_cv_func_tgetent=yes"
-	eval "LIB_tgetent="
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	echo "$ac_t""yes" 1>&6
-	;;
-	no)
-	eval "ac_cv_func_tgetent=no"
-	eval "LIB_tgetent="
-	echo "$ac_t""no" 1>&6
-	;;
-	*)
-	eval "ac_cv_func_tgetent=yes"
-	eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes"
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	cat >> confdefs.h <<EOF
-#define $ac_tr_lib 1
-EOF
-
-	echo "$ac_t""yes, in $ac_res" 1>&6
-	;;
-esac
-
-
-	
-# If we find X, set shell vars x_includes and x_libraries to the
-# paths, otherwise set no_x=yes.
-# Uses ac_ vars as temps to allow command line to override cache and checks.
-# --without-x overrides everything else, but does not touch the cache.
-echo $ac_n "checking for X""... $ac_c" 1>&6
-echo "configure:3871: checking for X" >&5
-
-# Check whether --with-x or --without-x was given.
-if test "${with_x+set}" = set; then
-  withval="$with_x"
-  :
-fi
-
-# $have_x is `yes', `no', `disabled', or empty when we do not yet know.
-if test "x$with_x" = xno; then
-  # The user explicitly disabled X.
-  have_x=disabled
-else
-  if test "x$x_includes" != xNONE && test "x$x_libraries" != xNONE; then
-    # Both variables are already set.
-    have_x=yes
-  else
-if eval "test \"`echo '$''{'ac_cv_have_x'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  # One or both of the vars are not set, and there is no cached value.
-ac_x_includes=NO ac_x_libraries=NO
-rm -fr conftestdir
-if mkdir conftestdir; then
-  cd conftestdir
-  # Make sure to not put "make" in the Imakefile rules, since we grep it out.
-  cat > Imakefile <<'EOF'
-acfindx:
-	@echo 'ac_im_incroot="${INCROOT}"; ac_im_usrlibdir="${USRLIBDIR}"; ac_im_libdir="${LIBDIR}"'
-EOF
-  if (xmkmf) >/dev/null 2>/dev/null && test -f Makefile; then
-    # GNU make sometimes prints "make[1]: Entering...", which would confuse us.
-    eval `${MAKE-make} acfindx 2>/dev/null | grep -v make`
-    # Open Windows xmkmf reportedly sets LIBDIR instead of USRLIBDIR.
-    for ac_extension in a so sl; do
-      if test ! -f $ac_im_usrlibdir/libX11.$ac_extension &&
-        test -f $ac_im_libdir/libX11.$ac_extension; then
-        ac_im_usrlibdir=$ac_im_libdir; break
-      fi
-    done
-    # Screen out bogus values from the imake configuration.  They are
-    # bogus both because they are the default anyway, and because
-    # using them would break gcc on systems where it needs fixed includes.
-    case "$ac_im_incroot" in
-	/usr/include) ;;
-	*) test -f "$ac_im_incroot/X11/Xos.h" && ac_x_includes="$ac_im_incroot" ;;
-    esac
-    case "$ac_im_usrlibdir" in
-	/usr/lib | /lib) ;;
-	*) test -d "$ac_im_usrlibdir" && ac_x_libraries="$ac_im_usrlibdir" ;;
-    esac
-  fi
-  cd ..
-  rm -fr conftestdir
-fi
-
-if test "$ac_x_includes" = NO; then
-  # Guess where to find include files, by looking for this one X11 .h file.
-  test -z "$x_direct_test_include" && x_direct_test_include=X11/Intrinsic.h
-
-  # First, try using that file with no special directory specified.
-cat > conftest.$ac_ext <<EOF
-#line 3933 "configure"
-#include "confdefs.h"
-#include <$x_direct_test_include>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:3938: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out`
-if test -z "$ac_err"; then
-  rm -rf conftest*
-  # We can compile using X headers with no special include directory.
-ac_x_includes=
-else
-  echo "$ac_err" >&5
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  # Look for the header file in a standard set of common directories.
-# Check X11 before X11Rn because it is often a symlink to the current release.
-  for ac_dir in               \
-    /usr/X11/include          \
-    /usr/X11R6/include        \
-    /usr/X11R5/include        \
-    /usr/X11R4/include        \
-                              \
-    /usr/include/X11          \
-    /usr/include/X11R6        \
-    /usr/include/X11R5        \
-    /usr/include/X11R4        \
-                              \
-    /usr/local/X11/include    \
-    /usr/local/X11R6/include  \
-    /usr/local/X11R5/include  \
-    /usr/local/X11R4/include  \
-                              \
-    /usr/local/include/X11    \
-    /usr/local/include/X11R6  \
-    /usr/local/include/X11R5  \
-    /usr/local/include/X11R4  \
-                              \
-    /usr/X386/include         \
-    /usr/x386/include         \
-    /usr/XFree86/include/X11  \
-                              \
-    /usr/include              \
-    /usr/local/include        \
-    /usr/unsupported/include  \
-    /usr/athena/include       \
-    /usr/local/x11r5/include  \
-    /usr/lpp/Xamples/include  \
-                              \
-    /usr/openwin/include      \
-    /usr/openwin/share/include \
-    ; \
-  do
-    if test -r "$ac_dir/$x_direct_test_include"; then
-      ac_x_includes=$ac_dir
-      break
-    fi
-  done
-fi
-rm -f conftest*
-fi # $ac_x_includes = NO
-
-if test "$ac_x_libraries" = NO; then
-  # Check for the libraries.
-
-  test -z "$x_direct_test_library" && x_direct_test_library=Xt
-  test -z "$x_direct_test_function" && x_direct_test_function=XtMalloc
-
-  # See if we find them without any special options.
-  # Don't add to $LIBS permanently.
-  ac_save_LIBS="$LIBS"
-  LIBS="-l$x_direct_test_library $LIBS"
-cat > conftest.$ac_ext <<EOF
-#line 4007 "configure"
-#include "confdefs.h"
-
-int main() {
-${x_direct_test_function}()
-; return 0; }
-EOF
-if { (eval echo configure:4014: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  LIBS="$ac_save_LIBS"
-# We can link X programs with no special library path.
-ac_x_libraries=
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  LIBS="$ac_save_LIBS"
-# First see if replacing the include by lib works.
-# Check X11 before X11Rn because it is often a symlink to the current release.
-for ac_dir in `echo "$ac_x_includes" | sed s/include/lib/` \
-    /usr/X11/lib          \
-    /usr/X11R6/lib        \
-    /usr/X11R5/lib        \
-    /usr/X11R4/lib        \
-                          \
-    /usr/lib/X11          \
-    /usr/lib/X11R6        \
-    /usr/lib/X11R5        \
-    /usr/lib/X11R4        \
-                          \
-    /usr/local/X11/lib    \
-    /usr/local/X11R6/lib  \
-    /usr/local/X11R5/lib  \
-    /usr/local/X11R4/lib  \
-                          \
-    /usr/local/lib/X11    \
-    /usr/local/lib/X11R6  \
-    /usr/local/lib/X11R5  \
-    /usr/local/lib/X11R4  \
-                          \
-    /usr/X386/lib         \
-    /usr/x386/lib         \
-    /usr/XFree86/lib/X11  \
-                          \
-    /usr/lib              \
-    /usr/local/lib        \
-    /usr/unsupported/lib  \
-    /usr/athena/lib       \
-    /usr/local/x11r5/lib  \
-    /usr/lpp/Xamples/lib  \
-    /lib/usr/lib/X11	  \
-                          \
-    /usr/openwin/lib      \
-    /usr/openwin/share/lib \
-    ; \
-do
-  for ac_extension in a so sl; do
-    if test -r $ac_dir/lib${x_direct_test_library}.$ac_extension; then
-      ac_x_libraries=$ac_dir
-      break 2
-    fi
-  done
-done
-fi
-rm -f conftest*
-fi # $ac_x_libraries = NO
-
-if test "$ac_x_includes" = NO || test "$ac_x_libraries" = NO; then
-  # Didn't find X anywhere.  Cache the known absence of X.
-  ac_cv_have_x="have_x=no"
-else
-  # Record where we found X for the cache.
-  ac_cv_have_x="have_x=yes \
-	        ac_x_includes=$ac_x_includes ac_x_libraries=$ac_x_libraries"
-fi
-fi
-  fi
-  eval "$ac_cv_have_x"
-fi # $with_x != no
-
-if test "$have_x" != yes; then
-  echo "$ac_t""$have_x" 1>&6
-  no_x=yes
-else
-  # If each of the values was on the command line, it overrides each guess.
-  test "x$x_includes" = xNONE && x_includes=$ac_x_includes
-  test "x$x_libraries" = xNONE && x_libraries=$ac_x_libraries
-  # Update the cache value to reflect the command line values.
-  ac_cv_have_x="have_x=yes \
-		ac_x_includes=$x_includes ac_x_libraries=$x_libraries"
-  echo "$ac_t""libraries $x_libraries, headers $x_includes" 1>&6
-fi
-
-if test "$no_x" = yes; then
-  # Not all programs may use this symbol, but it does not hurt to define it.
-  cat >> confdefs.h <<\EOF
-#define X_DISPLAY_MISSING 1
-EOF
-
-  X_CFLAGS= X_PRE_LIBS= X_LIBS= X_EXTRA_LIBS=
-else
-  if test -n "$x_includes"; then
-    X_CFLAGS="$X_CFLAGS -I$x_includes"
-  fi
-
-  # It would also be nice to do this for all -L options, not just this one.
-  if test -n "$x_libraries"; then
-    X_LIBS="$X_LIBS -L$x_libraries"
-    # For Solaris; some versions of Sun CC require a space after -R and
-    # others require no space.  Words are not sufficient . . . .
-    case "`(uname -sr) 2>/dev/null`" in
-    "SunOS 5"*)
-      echo $ac_n "checking whether -R must be followed by a space""... $ac_c" 1>&6
-echo "configure:4120: checking whether -R must be followed by a space" >&5
-      ac_xsave_LIBS="$LIBS"; LIBS="$LIBS -R$x_libraries"
-      cat > conftest.$ac_ext <<EOF
-#line 4123 "configure"
-#include "confdefs.h"
-
-int main() {
-
-; return 0; }
-EOF
-if { (eval echo configure:4130: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  ac_R_nospace=yes
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  ac_R_nospace=no
-fi
-rm -f conftest*
-      if test $ac_R_nospace = yes; then
-	echo "$ac_t""no" 1>&6
-	X_LIBS="$X_LIBS -R$x_libraries"
-      else
-	LIBS="$ac_xsave_LIBS -R $x_libraries"
-	cat > conftest.$ac_ext <<EOF
-#line 4146 "configure"
-#include "confdefs.h"
-
-int main() {
-
-; return 0; }
-EOF
-if { (eval echo configure:4153: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  ac_R_space=yes
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  ac_R_space=no
-fi
-rm -f conftest*
-	if test $ac_R_space = yes; then
-	  echo "$ac_t""yes" 1>&6
-	  X_LIBS="$X_LIBS -R $x_libraries"
-	else
-	  echo "$ac_t""neither works" 1>&6
-	fi
-      fi
-      LIBS="$ac_xsave_LIBS"
-    esac
-  fi
-
-  # Check for system-dependent libraries X programs must link with.
-  # Do this before checking for the system-independent R6 libraries
-  # (-lICE), since we may need -lsocket or whatever for X linking.
-
-  if test "$ISC" = yes; then
-    X_EXTRA_LIBS="$X_EXTRA_LIBS -lnsl_s -linet"
-  else
-    # Martyn.Johnson@cl.cam.ac.uk says this is needed for Ultrix, if the X
-    # libraries were built with DECnet support.  And karl@cs.umb.edu says
-    # the Alpha needs dnet_stub (dnet does not exist).
-    echo $ac_n "checking for dnet_ntoa in -ldnet""... $ac_c" 1>&6
-echo "configure:4185: checking for dnet_ntoa in -ldnet" >&5
-ac_lib_var=`echo dnet'_'dnet_ntoa | sed 'y%./+-%__p_%'`
-if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  ac_save_LIBS="$LIBS"
-LIBS="-ldnet  $LIBS"
-cat > conftest.$ac_ext <<EOF
-#line 4193 "configure"
-#include "confdefs.h"
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char dnet_ntoa();
-
-int main() {
-dnet_ntoa()
-; return 0; }
-EOF
-if { (eval echo configure:4204: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "ac_cv_lib_$ac_lib_var=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_lib_$ac_lib_var=no"
-fi
-rm -f conftest*
-LIBS="$ac_save_LIBS"
-
-fi
-if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-  X_EXTRA_LIBS="$X_EXTRA_LIBS -ldnet"
-else
-  echo "$ac_t""no" 1>&6
-fi
-
-    if test $ac_cv_lib_dnet_dnet_ntoa = no; then
-      echo $ac_n "checking for dnet_ntoa in -ldnet_stub""... $ac_c" 1>&6
-echo "configure:4226: checking for dnet_ntoa in -ldnet_stub" >&5
-ac_lib_var=`echo dnet_stub'_'dnet_ntoa | sed 'y%./+-%__p_%'`
-if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  ac_save_LIBS="$LIBS"
-LIBS="-ldnet_stub  $LIBS"
-cat > conftest.$ac_ext <<EOF
-#line 4234 "configure"
-#include "confdefs.h"
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char dnet_ntoa();
-
-int main() {
-dnet_ntoa()
-; return 0; }
-EOF
-if { (eval echo configure:4245: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "ac_cv_lib_$ac_lib_var=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_lib_$ac_lib_var=no"
-fi
-rm -f conftest*
-LIBS="$ac_save_LIBS"
-
-fi
-if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-  X_EXTRA_LIBS="$X_EXTRA_LIBS -ldnet_stub"
-else
-  echo "$ac_t""no" 1>&6
-fi
-
-    fi
-
-    # msh@cis.ufl.edu says -lnsl (and -lsocket) are needed for his 386/AT,
-    # to get the SysV transport functions.
-    # chad@anasazi.com says the Pyramis MIS-ES running DC/OSx (SVR4)
-    # needs -lnsl.
-    # The nsl library prevents programs from opening the X display
-    # on Irix 5.2, according to dickey@clark.net.
-    echo $ac_n "checking for gethostbyname""... $ac_c" 1>&6
-echo "configure:4274: checking for gethostbyname" >&5
-if eval "test \"`echo '$''{'ac_cv_func_gethostbyname'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 4279 "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
-    which can conflict with char gethostbyname(); below.  */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char gethostbyname();
-
-int main() {
-
-/* The GNU C library defines this for functions which it implements
-    to always fail with ENOSYS.  Some functions are actually named
-    something starting with __ and the normal name is an alias.  */
-#if defined (__stub_gethostbyname) || defined (__stub___gethostbyname)
-choke me
-#else
-gethostbyname();
-#endif
-
-; return 0; }
-EOF
-if { (eval echo configure:4302: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "ac_cv_func_gethostbyname=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_func_gethostbyname=no"
-fi
-rm -f conftest*
-fi
-
-if eval "test \"`echo '$ac_cv_func_'gethostbyname`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-  :
-else
-  echo "$ac_t""no" 1>&6
-fi
-
-    if test $ac_cv_func_gethostbyname = no; then
-      echo $ac_n "checking for gethostbyname in -lnsl""... $ac_c" 1>&6
-echo "configure:4323: checking for gethostbyname in -lnsl" >&5
-ac_lib_var=`echo nsl'_'gethostbyname | sed 'y%./+-%__p_%'`
-if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  ac_save_LIBS="$LIBS"
-LIBS="-lnsl  $LIBS"
-cat > conftest.$ac_ext <<EOF
-#line 4331 "configure"
-#include "confdefs.h"
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char gethostbyname();
-
-int main() {
-gethostbyname()
-; return 0; }
-EOF
-if { (eval echo configure:4342: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "ac_cv_lib_$ac_lib_var=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_lib_$ac_lib_var=no"
-fi
-rm -f conftest*
-LIBS="$ac_save_LIBS"
-
-fi
-if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-  X_EXTRA_LIBS="$X_EXTRA_LIBS -lnsl"
-else
-  echo "$ac_t""no" 1>&6
-fi
-
-    fi
-
-    # lieder@skyler.mavd.honeywell.com says without -lsocket,
-    # socket/setsockopt and other routines are undefined under SCO ODT
-    # 2.0.  But -lsocket is broken on IRIX 5.2 (and is not necessary
-    # on later versions), says simon@lia.di.epfl.ch: it contains
-    # gethostby* variants that don't use the nameserver (or something).
-    # -lsocket must be given before -lnsl if both are needed.
-    # We assume that if connect needs -lnsl, so does gethostbyname.
-    echo $ac_n "checking for connect""... $ac_c" 1>&6
-echo "configure:4372: checking for connect" >&5
-if eval "test \"`echo '$''{'ac_cv_func_connect'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 4377 "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
-    which can conflict with char connect(); below.  */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char connect();
-
-int main() {
-
-/* The GNU C library defines this for functions which it implements
-    to always fail with ENOSYS.  Some functions are actually named
-    something starting with __ and the normal name is an alias.  */
-#if defined (__stub_connect) || defined (__stub___connect)
-choke me
-#else
-connect();
-#endif
-
-; return 0; }
-EOF
-if { (eval echo configure:4400: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "ac_cv_func_connect=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_func_connect=no"
-fi
-rm -f conftest*
-fi
-
-if eval "test \"`echo '$ac_cv_func_'connect`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-  :
-else
-  echo "$ac_t""no" 1>&6
-fi
-
-    if test $ac_cv_func_connect = no; then
-      echo $ac_n "checking for connect in -lsocket""... $ac_c" 1>&6
-echo "configure:4421: checking for connect in -lsocket" >&5
-ac_lib_var=`echo socket'_'connect | sed 'y%./+-%__p_%'`
-if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  ac_save_LIBS="$LIBS"
-LIBS="-lsocket $X_EXTRA_LIBS $LIBS"
-cat > conftest.$ac_ext <<EOF
-#line 4429 "configure"
-#include "confdefs.h"
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char connect();
-
-int main() {
-connect()
-; return 0; }
-EOF
-if { (eval echo configure:4440: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "ac_cv_lib_$ac_lib_var=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_lib_$ac_lib_var=no"
-fi
-rm -f conftest*
-LIBS="$ac_save_LIBS"
-
-fi
-if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-  X_EXTRA_LIBS="-lsocket $X_EXTRA_LIBS"
-else
-  echo "$ac_t""no" 1>&6
-fi
-
-    fi
-
-    # gomez@mi.uni-erlangen.de says -lposix is necessary on A/UX.
-    echo $ac_n "checking for remove""... $ac_c" 1>&6
-echo "configure:4464: checking for remove" >&5
-if eval "test \"`echo '$''{'ac_cv_func_remove'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 4469 "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
-    which can conflict with char remove(); below.  */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char remove();
-
-int main() {
-
-/* The GNU C library defines this for functions which it implements
-    to always fail with ENOSYS.  Some functions are actually named
-    something starting with __ and the normal name is an alias.  */
-#if defined (__stub_remove) || defined (__stub___remove)
-choke me
-#else
-remove();
-#endif
-
-; return 0; }
-EOF
-if { (eval echo configure:4492: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "ac_cv_func_remove=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_func_remove=no"
-fi
-rm -f conftest*
-fi
-
-if eval "test \"`echo '$ac_cv_func_'remove`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-  :
-else
-  echo "$ac_t""no" 1>&6
-fi
-
-    if test $ac_cv_func_remove = no; then
-      echo $ac_n "checking for remove in -lposix""... $ac_c" 1>&6
-echo "configure:4513: checking for remove in -lposix" >&5
-ac_lib_var=`echo posix'_'remove | sed 'y%./+-%__p_%'`
-if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  ac_save_LIBS="$LIBS"
-LIBS="-lposix  $LIBS"
-cat > conftest.$ac_ext <<EOF
-#line 4521 "configure"
-#include "confdefs.h"
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char remove();
-
-int main() {
-remove()
-; return 0; }
-EOF
-if { (eval echo configure:4532: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "ac_cv_lib_$ac_lib_var=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_lib_$ac_lib_var=no"
-fi
-rm -f conftest*
-LIBS="$ac_save_LIBS"
-
-fi
-if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-  X_EXTRA_LIBS="$X_EXTRA_LIBS -lposix"
-else
-  echo "$ac_t""no" 1>&6
-fi
-
-    fi
-
-    # BSDI BSD/OS 2.1 needs -lipc for XOpenDisplay.
-    echo $ac_n "checking for shmat""... $ac_c" 1>&6
-echo "configure:4556: checking for shmat" >&5
-if eval "test \"`echo '$''{'ac_cv_func_shmat'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 4561 "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
-    which can conflict with char shmat(); below.  */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char shmat();
-
-int main() {
-
-/* The GNU C library defines this for functions which it implements
-    to always fail with ENOSYS.  Some functions are actually named
-    something starting with __ and the normal name is an alias.  */
-#if defined (__stub_shmat) || defined (__stub___shmat)
-choke me
-#else
-shmat();
-#endif
-
-; return 0; }
-EOF
-if { (eval echo configure:4584: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "ac_cv_func_shmat=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_func_shmat=no"
-fi
-rm -f conftest*
-fi
-
-if eval "test \"`echo '$ac_cv_func_'shmat`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-  :
-else
-  echo "$ac_t""no" 1>&6
-fi
-
-    if test $ac_cv_func_shmat = no; then
-      echo $ac_n "checking for shmat in -lipc""... $ac_c" 1>&6
-echo "configure:4605: checking for shmat in -lipc" >&5
-ac_lib_var=`echo ipc'_'shmat | sed 'y%./+-%__p_%'`
-if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  ac_save_LIBS="$LIBS"
-LIBS="-lipc  $LIBS"
-cat > conftest.$ac_ext <<EOF
-#line 4613 "configure"
-#include "confdefs.h"
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char shmat();
-
-int main() {
-shmat()
-; return 0; }
-EOF
-if { (eval echo configure:4624: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "ac_cv_lib_$ac_lib_var=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_lib_$ac_lib_var=no"
-fi
-rm -f conftest*
-LIBS="$ac_save_LIBS"
-
-fi
-if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-  X_EXTRA_LIBS="$X_EXTRA_LIBS -lipc"
-else
-  echo "$ac_t""no" 1>&6
-fi
-
-    fi
-  fi
-
-  # Check for libraries that X11R6 Xt/Xaw programs need.
-  ac_save_LDFLAGS="$LDFLAGS"
-  test -n "$x_libraries" && LDFLAGS="$LDFLAGS -L$x_libraries"
-  # SM needs ICE to (dynamically) link under SunOS 4.x (so we have to
-  # check for ICE first), but we must link in the order -lSM -lICE or
-  # we get undefined symbols.  So assume we have SM if we have ICE.
-  # These have to be linked with before -lX11, unlike the other
-  # libraries we check for below, so use a different variable.
-  #  --interran@uluru.Stanford.EDU, kb@cs.umb.edu.
-  echo $ac_n "checking for IceConnectionNumber in -lICE""... $ac_c" 1>&6
-echo "configure:4657: checking for IceConnectionNumber in -lICE" >&5
-ac_lib_var=`echo ICE'_'IceConnectionNumber | sed 'y%./+-%__p_%'`
-if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  ac_save_LIBS="$LIBS"
-LIBS="-lICE  $LIBS"
-cat > conftest.$ac_ext <<EOF
-#line 4665 "configure"
-#include "confdefs.h"
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char IceConnectionNumber();
-
-int main() {
-IceConnectionNumber()
-; return 0; }
-EOF
-if { (eval echo configure:4676: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "ac_cv_lib_$ac_lib_var=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_lib_$ac_lib_var=no"
-fi
-rm -f conftest*
-LIBS="$ac_save_LIBS"
-
-fi
-if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-  X_PRE_LIBS="$X_PRE_LIBS -lSM -lICE"
-else
-  echo "$ac_t""no" 1>&6
-fi
-
-  LDFLAGS="$ac_save_LDFLAGS"
-
-fi
-
-if test "$no_x" = "yes" ; then
-	MAKE_X_PROGS_BIN=""
-	MAKE_X_PROGS_LIBEXEC=""
-else
-	MAKE_X_PROGS_BIN='$(X_PROGS_BIN)'
-	MAKE_X_PROGS_LIBEXEC='$(X_PROGS_LIBEXEC)'
-fi
-
-save_CFLAGS="$CFLAGS"
-CFLAGS="$X_CFLAGS $CFLAGS"
-save_LIBS="$LIBS"
-LIBS="$X_PRE_LIBS $X_EXTRA_LIBS $LIBS"
-save_LDFLAGS="$LDFLAGS"
-LDFLAGS="$LDFLAGS $X_LIBS"
-
-
-
-echo $ac_n "checking for XauReadAuth""... $ac_c" 1>&6
-echo "configure:4718: checking for XauReadAuth" >&5
-if eval "test \"`echo '$''{'ac_cv_funclib_XauReadAuth'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-if eval "test \"\$ac_cv_func_XauReadAuth\" != yes" ; then
-	ac_save_LIBS="$LIBS"
-	for ac_lib in "" Xau X11; do
-		if test -n "$ac_lib"; then 
-			ac_lib="-l$ac_lib"
-			LIBS="$ac_lib $ac_save_LIBS"
-		fi
-		cat > conftest.$ac_ext <<EOF
-#line 4731 "configure"
-#include "confdefs.h"
-
-int main() {
-XauReadAuth()
-; return 0; }
-EOF
-if { (eval echo configure:4738: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "if test -n \"$ac_lib\";then ac_cv_funclib_XauReadAuth=$ac_lib; else ac_cv_funclib_XauReadAuth=yes; fi";break
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-fi
-rm -f conftest*
-	done
-	eval "ac_cv_funclib_XauReadAuth=\${ac_cv_funclib_XauReadAuth-no}"
-	LIBS="$ac_save_LIBS"
-fi
-
-fi
-
-
-eval "ac_res=\$ac_cv_funclib_XauReadAuth"
-
-# autoheader tricks *sigh*
-: << END
-@@@funcs="$funcs XauReadAuth"@@@
-@@@libs="$libs Xau X11"@@@
-END
-
-eval "ac_tr_func=HAVE_`echo XauReadAuth | tr '[a-z]' '[A-Z]'`"
-eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr '[a-z]' '[A-Z]'`"
-eval "LIB_XauReadAuth=$ac_res"
-
-case "$ac_res" in
-	yes)
-	eval "ac_cv_func_XauReadAuth=yes"
-	eval "LIB_XauReadAuth="
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	echo "$ac_t""yes" 1>&6
-	;;
-	no)
-	eval "ac_cv_func_XauReadAuth=no"
-	eval "LIB_XauReadAuth="
-	echo "$ac_t""no" 1>&6
-	;;
-	*)
-	eval "ac_cv_func_XauReadAuth=yes"
-	eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes"
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	cat >> confdefs.h <<EOF
-#define $ac_tr_lib 1
-EOF
-
-	echo "$ac_t""yes, in $ac_res" 1>&6
-	;;
-esac
-
-
-ac_xxx="$LIBS"
-LIBS="$LIB_XauReadAuth $LIBS"
-for ac_func in XauWriteAuth
-do
-echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:4802: checking for $ac_func" >&5
-if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 4807 "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
-    which can conflict with char $ac_func(); below.  */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char $ac_func();
-
-int main() {
-
-/* The GNU C library defines this for functions which it implements
-    to always fail with ENOSYS.  Some functions are actually named
-    something starting with __ and the normal name is an alias.  */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-$ac_func();
-#endif
-
-; return 0; }
-EOF
-if { (eval echo configure:4830: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=no"
-fi
-rm -f conftest*
-fi
-
-if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-if test "$ac_cv_func_XauWriteAuth" != "yes"; then
-  XauWriteAuth_c=writeauth.c
-  XauWriteAuth_o=writeauth.o
-fi
-LIBS="$ac_xxx"
-
-CFLAGS=$save_CFLAGS
-LIBS=$save_LIBS
-LDFLAGS=$save_LDFLAGS
-
-
-save_LIBS="$LIBS"
-
-
-echo $ac_n "checking for dbopen""... $ac_c" 1>&6
-echo "configure:4869: checking for dbopen" >&5
-if eval "test \"`echo '$''{'ac_cv_funclib_dbopen'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-if eval "test \"\$ac_cv_func_dbopen\" != yes" ; then
-	ac_save_LIBS="$LIBS"
-	for ac_lib in "" $berkeley_db; do
-		if test -n "$ac_lib"; then 
-			ac_lib="-l$ac_lib"
-			LIBS="$ac_lib $ac_save_LIBS"
-		fi
-		cat > conftest.$ac_ext <<EOF
-#line 4882 "configure"
-#include "confdefs.h"
-
-int main() {
-dbopen()
-; return 0; }
-EOF
-if { (eval echo configure:4889: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "if test -n \"$ac_lib\";then ac_cv_funclib_dbopen=$ac_lib; else ac_cv_funclib_dbopen=yes; fi";break
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-fi
-rm -f conftest*
-	done
-	eval "ac_cv_funclib_dbopen=\${ac_cv_funclib_dbopen-no}"
-	LIBS="$ac_save_LIBS"
-fi
-
-fi
-
-
-eval "ac_res=\$ac_cv_funclib_dbopen"
-
-# autoheader tricks *sigh*
-: << END
-@@@funcs="$funcs dbopen"@@@
-@@@libs="$libs $berkeley_db"@@@
-END
-
-eval "ac_tr_func=HAVE_`echo dbopen | tr '[a-z]' '[A-Z]'`"
-eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr '[a-z]' '[A-Z]'`"
-eval "LIB_dbopen=$ac_res"
-
-case "$ac_res" in
-	yes)
-	eval "ac_cv_func_dbopen=yes"
-	eval "LIB_dbopen="
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	echo "$ac_t""yes" 1>&6
-	;;
-	no)
-	eval "ac_cv_func_dbopen=no"
-	eval "LIB_dbopen="
-	echo "$ac_t""no" 1>&6
-	;;
-	*)
-	eval "ac_cv_func_dbopen=yes"
-	eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes"
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	cat >> confdefs.h <<EOF
-#define $ac_tr_lib 1
-EOF
-
-	echo "$ac_t""yes, in $ac_res" 1>&6
-	;;
-esac
-
-
-LIBS="$LIB_dbopen $LIBS"
-
-
-echo $ac_n "checking for dbm_firstkey""... $ac_c" 1>&6
-echo "configure:4952: checking for dbm_firstkey" >&5
-if eval "test \"`echo '$''{'ac_cv_funclib_dbm_firstkey'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-if eval "test \"\$ac_cv_func_dbm_firstkey\" != yes" ; then
-	ac_save_LIBS="$LIBS"
-	for ac_lib in "" $berkeley_db gdbm ndbm; do
-		if test -n "$ac_lib"; then 
-			ac_lib="-l$ac_lib"
-			LIBS="$ac_lib $ac_save_LIBS"
-		fi
-		cat > conftest.$ac_ext <<EOF
-#line 4965 "configure"
-#include "confdefs.h"
-
-int main() {
-dbm_firstkey()
-; return 0; }
-EOF
-if { (eval echo configure:4972: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "if test -n \"$ac_lib\";then ac_cv_funclib_dbm_firstkey=$ac_lib; else ac_cv_funclib_dbm_firstkey=yes; fi";break
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-fi
-rm -f conftest*
-	done
-	eval "ac_cv_funclib_dbm_firstkey=\${ac_cv_funclib_dbm_firstkey-no}"
-	LIBS="$ac_save_LIBS"
-fi
-
-fi
-
-
-eval "ac_res=\$ac_cv_funclib_dbm_firstkey"
-
-# autoheader tricks *sigh*
-: << END
-@@@funcs="$funcs dbm_firstkey"@@@
-@@@libs="$libs $berkeley_db gdbm ndbm"@@@
-END
-
-eval "ac_tr_func=HAVE_`echo dbm_firstkey | tr '[a-z]' '[A-Z]'`"
-eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr '[a-z]' '[A-Z]'`"
-eval "LIB_dbm_firstkey=$ac_res"
-
-case "$ac_res" in
-	yes)
-	eval "ac_cv_func_dbm_firstkey=yes"
-	eval "LIB_dbm_firstkey="
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	echo "$ac_t""yes" 1>&6
-	;;
-	no)
-	eval "ac_cv_func_dbm_firstkey=no"
-	eval "LIB_dbm_firstkey="
-	echo "$ac_t""no" 1>&6
-	;;
-	*)
-	eval "ac_cv_func_dbm_firstkey=yes"
-	eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes"
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	cat >> confdefs.h <<EOF
-#define $ac_tr_lib 1
-EOF
-
-	echo "$ac_t""yes, in $ac_res" 1>&6
-	;;
-esac
-
-
-if test -n "$LIB_dbopen"; then
-  LIB_DBM="$LIB_dbopen"
-else
-  LIB_DBM="$LIB_dbm_firstkey"
-fi
-LIBS="$save_LIBS"
-
-
-
-
-echo $ac_n "checking for syslog""... $ac_c" 1>&6
-echo "configure:5042: checking for syslog" >&5
-if eval "test \"`echo '$''{'ac_cv_funclib_syslog'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-if eval "test \"\$ac_cv_func_syslog\" != yes" ; then
-	ac_save_LIBS="$LIBS"
-	for ac_lib in "" syslog; do
-		if test -n "$ac_lib"; then 
-			ac_lib="-l$ac_lib"
-			LIBS="$ac_lib $ac_save_LIBS"
-		fi
-		cat > conftest.$ac_ext <<EOF
-#line 5055 "configure"
-#include "confdefs.h"
-
-int main() {
-syslog()
-; return 0; }
-EOF
-if { (eval echo configure:5062: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "if test -n \"$ac_lib\";then ac_cv_funclib_syslog=$ac_lib; else ac_cv_funclib_syslog=yes; fi";break
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-fi
-rm -f conftest*
-	done
-	eval "ac_cv_funclib_syslog=\${ac_cv_funclib_syslog-no}"
-	LIBS="$ac_save_LIBS"
-fi
-
-fi
-
-
-eval "ac_res=\$ac_cv_funclib_syslog"
-
-# autoheader tricks *sigh*
-: << END
-@@@funcs="$funcs syslog"@@@
-@@@libs="$libs syslog"@@@
-END
-
-eval "ac_tr_func=HAVE_`echo syslog | tr '[a-z]' '[A-Z]'`"
-eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr '[a-z]' '[A-Z]'`"
-eval "LIB_syslog=$ac_res"
-
-case "$ac_res" in
-	yes)
-	eval "ac_cv_func_syslog=yes"
-	eval "LIB_syslog="
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	echo "$ac_t""yes" 1>&6
-	;;
-	no)
-	eval "ac_cv_func_syslog=no"
-	eval "LIB_syslog="
-	echo "$ac_t""no" 1>&6
-	;;
-	*)
-	eval "ac_cv_func_syslog=yes"
-	eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes"
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	cat >> confdefs.h <<EOF
-#define $ac_tr_lib 1
-EOF
-
-	echo "$ac_t""yes, in $ac_res" 1>&6
-	;;
-esac
-
-
-if test -n "$LIB_syslog"; then
-	LIBS="$LIB_syslog $LIBS"
-fi
-
-
-echo $ac_n "checking for working snprintf""... $ac_c" 1>&6
-echo "configure:5127: checking for working snprintf" >&5
-if eval "test \"`echo '$''{'ac_cv_func_snprintf_working'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  ac_cv_func_snprintf_working=yes
-if test "$cross_compiling" = yes; then
-  :
-else
-  cat > conftest.$ac_ext <<EOF
-#line 5136 "configure"
-#include "confdefs.h"
-
-#include <stdio.h>
-#include <string.h>
-int main()
-{
-	char foo[3];
-	snprintf(foo, 2, "12");
-	return strcmp(foo, "1");
-}
-EOF
-if { (eval echo configure:5148: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
-then
-  :
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -fr conftest*
-  ac_cv_func_snprintf_working=no
-fi
-rm -fr conftest*
-fi
-
-fi
-
-echo "$ac_t""$ac_cv_func_snprintf_working" 1>&6
-: << END
-@@@funcs="$funcs snprintf"@@@
-END
-if test "$ac_cv_func_snprintf_working" = yes; then
-	foo=HAVE_SNPRINTF
-	cat >> confdefs.h <<EOF
-#define $foo 1
-EOF
-
-fi
-
-for ac_func in asnprintf asprintf vasprintf vasnprintf vsnprintf
-do
-echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:5177: checking for $ac_func" >&5
-if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 5182 "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
-    which can conflict with char $ac_func(); below.  */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char $ac_func();
-
-int main() {
-
-/* The GNU C library defines this for functions which it implements
-    to always fail with ENOSYS.  Some functions are actually named
-    something starting with __ and the normal name is an alias.  */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-$ac_func();
-#endif
-
-; return 0; }
-EOF
-if { (eval echo configure:5205: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=no"
-fi
-rm -f conftest*
-fi
-
-if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-
-
-for ac_func in _getpty _scrsize _setsid _stricmp fchmod fcntl flock
-do
-echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:5234: checking for $ac_func" >&5
-if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 5239 "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
-    which can conflict with char $ac_func(); below.  */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char $ac_func();
-
-int main() {
-
-/* The GNU C library defines this for functions which it implements
-    to always fail with ENOSYS.  Some functions are actually named
-    something starting with __ and the normal name is an alias.  */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-$ac_func();
-#endif
-
-; return 0; }
-EOF
-if { (eval echo configure:5262: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=no"
-fi
-rm -f conftest*
-fi
-
-if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-for ac_func in forkpty frevoke gethostname getlogin getpriority getservbyname
-do
-echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:5289: checking for $ac_func" >&5
-if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 5294 "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
-    which can conflict with char $ac_func(); below.  */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char $ac_func();
-
-int main() {
-
-/* The GNU C library defines this for functions which it implements
-    to always fail with ENOSYS.  Some functions are actually named
-    something starting with __ and the normal name is an alias.  */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-$ac_func();
-#endif
-
-; return 0; }
-EOF
-if { (eval echo configure:5317: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=no"
-fi
-rm -f conftest*
-fi
-
-if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-for ac_func in getspnam getspuid gettimeofday getuid grantpt
-do
-echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:5344: checking for $ac_func" >&5
-if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 5349 "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
-    which can conflict with char $ac_func(); below.  */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char $ac_func();
-
-int main() {
-
-/* The GNU C library defines this for functions which it implements
-    to always fail with ENOSYS.  Some functions are actually named
-    something starting with __ and the normal name is an alias.  */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-$ac_func();
-#endif
-
-; return 0; }
-EOF
-if { (eval echo configure:5372: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=no"
-fi
-rm -f conftest*
-fi
-
-if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-for ac_func in innetgr iruserok mktime ptsname rand random
-do
-echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:5399: checking for $ac_func" >&5
-if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 5404 "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
-    which can conflict with char $ac_func(); below.  */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char $ac_func();
-
-int main() {
-
-/* The GNU C library defines this for functions which it implements
-    to always fail with ENOSYS.  Some functions are actually named
-    something starting with __ and the normal name is an alias.  */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-$ac_func();
-#endif
-
-; return 0; }
-EOF
-if { (eval echo configure:5427: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=no"
-fi
-rm -f conftest*
-fi
-
-if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-for ac_func in revoke setitimer setlogin setpgid setpriority
-do
-echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:5454: checking for $ac_func" >&5
-if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 5459 "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
-    which can conflict with char $ac_func(); below.  */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char $ac_func();
-
-int main() {
-
-/* The GNU C library defines this for functions which it implements
-    to always fail with ENOSYS.  Some functions are actually named
-    something starting with __ and the normal name is an alias.  */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-$ac_func();
-#endif
-
-; return 0; }
-EOF
-if { (eval echo configure:5482: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=no"
-fi
-rm -f conftest*
-fi
-
-if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-for ac_func in setproctitle setregid setresgid setresuid setreuid setsid
-do
-echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:5509: checking for $ac_func" >&5
-if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 5514 "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
-    which can conflict with char $ac_func(); below.  */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char $ac_func();
-
-int main() {
-
-/* The GNU C library defines this for functions which it implements
-    to always fail with ENOSYS.  Some functions are actually named
-    something starting with __ and the normal name is an alias.  */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-$ac_func();
-#endif
-
-; return 0; }
-EOF
-if { (eval echo configure:5537: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=no"
-fi
-rm -f conftest*
-fi
-
-if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-for ac_func in setutent swab ttyname ttyslot ulimit uname
-do
-echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:5564: checking for $ac_func" >&5
-if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 5569 "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
-    which can conflict with char $ac_func(); below.  */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char $ac_func();
-
-int main() {
-
-/* The GNU C library defines this for functions which it implements
-    to always fail with ENOSYS.  Some functions are actually named
-    something starting with __ and the normal name is an alias.  */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-$ac_func();
-#endif
-
-; return 0; }
-EOF
-if { (eval echo configure:5592: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=no"
-fi
-rm -f conftest*
-fi
-
-if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-for ac_func in unlockpt vhangup yp_get_default_domain
-do
-echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:5619: checking for $ac_func" >&5
-if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 5624 "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
-    which can conflict with char $ac_func(); below.  */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char $ac_func();
-
-int main() {
-
-/* The GNU C library defines this for functions which it implements
-    to always fail with ENOSYS.  Some functions are actually named
-    something starting with __ and the normal name is an alias.  */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-$ac_func();
-#endif
-
-; return 0; }
-EOF
-if { (eval echo configure:5647: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=no"
-fi
-rm -f conftest*
-fi
-
-if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-
-
-echo $ac_n "checking for getpwnam_r""... $ac_c" 1>&6
-echo "configure:5674: checking for getpwnam_r" >&5
-if eval "test \"`echo '$''{'ac_cv_funclib_getpwnam_r'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-if eval "test \"\$ac_cv_func_getpwnam_r\" != yes" ; then
-	ac_save_LIBS="$LIBS"
-	for ac_lib in "" c_r; do
-		if test -n "$ac_lib"; then 
-			ac_lib="-l$ac_lib"
-			LIBS="$ac_lib $ac_save_LIBS"
-		fi
-		cat > conftest.$ac_ext <<EOF
-#line 5687 "configure"
-#include "confdefs.h"
-
-int main() {
-getpwnam_r()
-; return 0; }
-EOF
-if { (eval echo configure:5694: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "if test -n \"$ac_lib\";then ac_cv_funclib_getpwnam_r=$ac_lib; else ac_cv_funclib_getpwnam_r=yes; fi";break
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-fi
-rm -f conftest*
-	done
-	eval "ac_cv_funclib_getpwnam_r=\${ac_cv_funclib_getpwnam_r-no}"
-	LIBS="$ac_save_LIBS"
-fi
-
-fi
-
-
-eval "ac_res=\$ac_cv_funclib_getpwnam_r"
-
-# autoheader tricks *sigh*
-: << END
-@@@funcs="$funcs getpwnam_r"@@@
-@@@libs="$libs c_r"@@@
-END
-
-eval "ac_tr_func=HAVE_`echo getpwnam_r | tr '[a-z]' '[A-Z]'`"
-eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr '[a-z]' '[A-Z]'`"
-eval "LIB_getpwnam_r=$ac_res"
-
-case "$ac_res" in
-	yes)
-	eval "ac_cv_func_getpwnam_r=yes"
-	eval "LIB_getpwnam_r="
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	echo "$ac_t""yes" 1>&6
-	;;
-	no)
-	eval "ac_cv_func_getpwnam_r=no"
-	eval "LIB_getpwnam_r="
-	echo "$ac_t""no" 1>&6
-	;;
-	*)
-	eval "ac_cv_func_getpwnam_r=yes"
-	eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes"
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	cat >> confdefs.h <<EOF
-#define $ac_tr_lib 1
-EOF
-
-	echo "$ac_t""yes, in $ac_res" 1>&6
-	;;
-esac
-
-
-if test "$ac_cv_func_getpwnam_r" = yes; then
-	echo $ac_n "checking if getpwnam_r is posix""... $ac_c" 1>&6
-echo "configure:5755: checking if getpwnam_r is posix" >&5
-if eval "test \"`echo '$''{'ac_cv_func_getpwnam_r_posix'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  ac_libs="$LIBS"
-	LIBS="$LIBS $LIB_getpwnam_r"
-	if test "$cross_compiling" = yes; then
-  :
-else
-  cat > conftest.$ac_ext <<EOF
-#line 5765 "configure"
-#include "confdefs.h"
-
-#include <pwd.h>
-int main()
-{
-	struct passwd pw, *pwd;
-	return getpwnam_r("", &pw, NULL, 0, &pwd) < 0;
-}
-
-EOF
-if { (eval echo configure:5776: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
-then
-  ac_cv_func_getpwnam_r_posix=yes
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -fr conftest*
-  ac_cv_func_getpwnam_r_posix=no
-fi
-rm -fr conftest*
-fi
-
-LIBS="$ac_libs"
-fi
-
-echo "$ac_t""$ac_cv_func_getpwnam_r_posix" 1>&6
-if test "$ac_cv_func_getpwnam_r_posix" = yes; then
-	cat >> confdefs.h <<\EOF
-#define POSIX_GETPWNAM_R 1
-EOF
-
-fi
-fi
-
-
-
-echo $ac_n "checking for getsockopt""... $ac_c" 1>&6
-echo "configure:5803: checking for getsockopt" >&5
-if eval "test \"`echo '$''{'ac_cv_funclib_getsockopt'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-if eval "test \"\$ac_cv_func_getsockopt\" != yes" ; then
-	ac_save_LIBS="$LIBS"
-	for ac_lib in "" ; do
-		if test -n "$ac_lib"; then 
-			ac_lib="-l$ac_lib"
-			LIBS="$ac_lib $ac_save_LIBS"
-		fi
-		cat > conftest.$ac_ext <<EOF
-#line 5816 "configure"
-#include "confdefs.h"
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-int main() {
-getsockopt(0,0,0,0,0)
-; return 0; }
-EOF
-if { (eval echo configure:5828: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "if test -n \"$ac_lib\";then ac_cv_funclib_getsockopt=$ac_lib; else ac_cv_funclib_getsockopt=yes; fi";break
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-fi
-rm -f conftest*
-	done
-	eval "ac_cv_funclib_getsockopt=\${ac_cv_funclib_getsockopt-no}"
-	LIBS="$ac_save_LIBS"
-fi
-
-fi
-
-
-eval "ac_res=\$ac_cv_funclib_getsockopt"
-
-# autoheader tricks *sigh*
-: << END
-@@@funcs="$funcs getsockopt"@@@
-@@@libs="$libs "@@@
-END
-
-eval "ac_tr_func=HAVE_`echo getsockopt | tr '[a-z]' '[A-Z]'`"
-eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr '[a-z]' '[A-Z]'`"
-eval "LIB_getsockopt=$ac_res"
-
-case "$ac_res" in
-	yes)
-	eval "ac_cv_func_getsockopt=yes"
-	eval "LIB_getsockopt="
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	echo "$ac_t""yes" 1>&6
-	;;
-	no)
-	eval "ac_cv_func_getsockopt=no"
-	eval "LIB_getsockopt="
-	echo "$ac_t""no" 1>&6
-	;;
-	*)
-	eval "ac_cv_func_getsockopt=yes"
-	eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes"
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	cat >> confdefs.h <<EOF
-#define $ac_tr_lib 1
-EOF
-
-	echo "$ac_t""yes, in $ac_res" 1>&6
-	;;
-esac
-
-
-
-
-echo $ac_n "checking for setsockopt""... $ac_c" 1>&6
-echo "configure:5890: checking for setsockopt" >&5
-if eval "test \"`echo '$''{'ac_cv_funclib_setsockopt'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-if eval "test \"\$ac_cv_func_setsockopt\" != yes" ; then
-	ac_save_LIBS="$LIBS"
-	for ac_lib in "" ; do
-		if test -n "$ac_lib"; then 
-			ac_lib="-l$ac_lib"
-			LIBS="$ac_lib $ac_save_LIBS"
-		fi
-		cat > conftest.$ac_ext <<EOF
-#line 5903 "configure"
-#include "confdefs.h"
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-int main() {
-setsockopt(0,0,0,0,0)
-; return 0; }
-EOF
-if { (eval echo configure:5915: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "if test -n \"$ac_lib\";then ac_cv_funclib_setsockopt=$ac_lib; else ac_cv_funclib_setsockopt=yes; fi";break
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-fi
-rm -f conftest*
-	done
-	eval "ac_cv_funclib_setsockopt=\${ac_cv_funclib_setsockopt-no}"
-	LIBS="$ac_save_LIBS"
-fi
-
-fi
-
-
-eval "ac_res=\$ac_cv_funclib_setsockopt"
-
-# autoheader tricks *sigh*
-: << END
-@@@funcs="$funcs setsockopt"@@@
-@@@libs="$libs "@@@
-END
-
-eval "ac_tr_func=HAVE_`echo setsockopt | tr '[a-z]' '[A-Z]'`"
-eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr '[a-z]' '[A-Z]'`"
-eval "LIB_setsockopt=$ac_res"
-
-case "$ac_res" in
-	yes)
-	eval "ac_cv_func_setsockopt=yes"
-	eval "LIB_setsockopt="
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	echo "$ac_t""yes" 1>&6
-	;;
-	no)
-	eval "ac_cv_func_setsockopt=no"
-	eval "LIB_setsockopt="
-	echo "$ac_t""no" 1>&6
-	;;
-	*)
-	eval "ac_cv_func_setsockopt=yes"
-	eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes"
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	cat >> confdefs.h <<EOF
-#define $ac_tr_lib 1
-EOF
-
-	echo "$ac_t""yes, in $ac_res" 1>&6
-	;;
-esac
-
-
-
-for ac_func in getudbnam setlim
-do
-echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:5978: checking for $ac_func" >&5
-if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 5983 "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
-    which can conflict with char $ac_func(); below.  */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char $ac_func();
-
-int main() {
-
-/* The GNU C library defines this for functions which it implements
-    to always fail with ENOSYS.  Some functions are actually named
-    something starting with __ and the normal name is an alias.  */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-$ac_func();
-#endif
-
-; return 0; }
-EOF
-if { (eval echo configure:6006: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=no"
-fi
-rm -f conftest*
-fi
-
-if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-
-
-
-
-echo $ac_n "checking for res_search""... $ac_c" 1>&6
-echo "configure:6035: checking for res_search" >&5
-if eval "test \"`echo '$''{'ac_cv_funclib_res_search'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-if eval "test \"\$ac_cv_func_res_search\" != yes" ; then
-	ac_save_LIBS="$LIBS"
-	for ac_lib in "" resolv; do
-		if test -n "$ac_lib"; then 
-			ac_lib="-l$ac_lib"
-			LIBS="$ac_lib $ac_save_LIBS"
-		fi
-		cat > conftest.$ac_ext <<EOF
-#line 6048 "configure"
-#include "confdefs.h"
-
-#include <stdio.h>
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_ARPA_NAMESER_H
-#include <arpa/nameser.h>
-#endif
-#ifdef HAVE_RESOLV_H
-#include <resolv.h>
-#endif
-
-int main() {
-res_search(0,0,0,0,0)
-; return 0; }
-EOF
-if { (eval echo configure:6069: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "if test -n \"$ac_lib\";then ac_cv_funclib_res_search=$ac_lib; else ac_cv_funclib_res_search=yes; fi";break
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-fi
-rm -f conftest*
-	done
-	eval "ac_cv_funclib_res_search=\${ac_cv_funclib_res_search-no}"
-	LIBS="$ac_save_LIBS"
-fi
-
-fi
-
-
-eval "ac_res=\$ac_cv_funclib_res_search"
-
-# autoheader tricks *sigh*
-: << END
-@@@funcs="$funcs res_search"@@@
-@@@libs="$libs resolv"@@@
-END
-
-eval "ac_tr_func=HAVE_`echo res_search | tr '[a-z]' '[A-Z]'`"
-eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr '[a-z]' '[A-Z]'`"
-eval "LIB_res_search=$ac_res"
-
-case "$ac_res" in
-	yes)
-	eval "ac_cv_func_res_search=yes"
-	eval "LIB_res_search="
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	echo "$ac_t""yes" 1>&6
-	;;
-	no)
-	eval "ac_cv_func_res_search=no"
-	eval "LIB_res_search="
-	echo "$ac_t""no" 1>&6
-	;;
-	*)
-	eval "ac_cv_func_res_search=yes"
-	eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes"
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	cat >> confdefs.h <<EOF
-#define $ac_tr_lib 1
-EOF
-
-	echo "$ac_t""yes, in $ac_res" 1>&6
-	;;
-esac
-
-
-if test -n "$LIB_res_search"; then
-	LIBS="$LIB_res_search $LIBS"
-fi
-
-
-
-
-
-echo $ac_n "checking for dn_expand""... $ac_c" 1>&6
-echo "configure:6137: checking for dn_expand" >&5
-if eval "test \"`echo '$''{'ac_cv_funclib_dn_expand'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-if eval "test \"\$ac_cv_func_dn_expand\" != yes" ; then
-	ac_save_LIBS="$LIBS"
-	for ac_lib in "" resolv; do
-		if test -n "$ac_lib"; then 
-			ac_lib="-l$ac_lib"
-			LIBS="$ac_lib $ac_save_LIBS"
-		fi
-		cat > conftest.$ac_ext <<EOF
-#line 6150 "configure"
-#include "confdefs.h"
-
-#include <stdio.h>
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_ARPA_NAMESER_H
-#include <arpa/nameser.h>
-#endif
-#ifdef HAVE_RESOLV_H
-#include <resolv.h>
-#endif
-
-int main() {
-dn_expand(0,0,0,0,0)
-; return 0; }
-EOF
-if { (eval echo configure:6171: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "if test -n \"$ac_lib\";then ac_cv_funclib_dn_expand=$ac_lib; else ac_cv_funclib_dn_expand=yes; fi";break
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-fi
-rm -f conftest*
-	done
-	eval "ac_cv_funclib_dn_expand=\${ac_cv_funclib_dn_expand-no}"
-	LIBS="$ac_save_LIBS"
-fi
-
-fi
-
-
-eval "ac_res=\$ac_cv_funclib_dn_expand"
-
-# autoheader tricks *sigh*
-: << END
-@@@funcs="$funcs dn_expand"@@@
-@@@libs="$libs resolv"@@@
-END
-
-eval "ac_tr_func=HAVE_`echo dn_expand | tr '[a-z]' '[A-Z]'`"
-eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr '[a-z]' '[A-Z]'`"
-eval "LIB_dn_expand=$ac_res"
-
-case "$ac_res" in
-	yes)
-	eval "ac_cv_func_dn_expand=yes"
-	eval "LIB_dn_expand="
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	echo "$ac_t""yes" 1>&6
-	;;
-	no)
-	eval "ac_cv_func_dn_expand=no"
-	eval "LIB_dn_expand="
-	echo "$ac_t""no" 1>&6
-	;;
-	*)
-	eval "ac_cv_func_dn_expand=yes"
-	eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes"
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	cat >> confdefs.h <<EOF
-#define $ac_tr_lib 1
-EOF
-
-	echo "$ac_t""yes, in $ac_res" 1>&6
-	;;
-esac
-
-
-if test -n "$LIB_dn_expand"; then
-	LIBS="$LIB_dn_expand $LIBS"
-fi
-
-
-
-for ac_hdr in unistd.h
-do
-ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
-echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:6240: checking for $ac_hdr" >&5
-if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 6245 "configure"
-#include "confdefs.h"
-#include <$ac_hdr>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:6250: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out`
-if test -z "$ac_err"; then
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=yes"
-else
-  echo "$ac_err" >&5
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=no"
-fi
-rm -f conftest*
-fi
-if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_hdr 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-for ac_func in getpagesize
-do
-echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:6279: checking for $ac_func" >&5
-if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 6284 "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
-    which can conflict with char $ac_func(); below.  */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char $ac_func();
-
-int main() {
-
-/* The GNU C library defines this for functions which it implements
-    to always fail with ENOSYS.  Some functions are actually named
-    something starting with __ and the normal name is an alias.  */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-$ac_func();
-#endif
-
-; return 0; }
-EOF
-if { (eval echo configure:6307: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=no"
-fi
-rm -f conftest*
-fi
-
-if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-echo $ac_n "checking for working mmap""... $ac_c" 1>&6
-echo "configure:6332: checking for working mmap" >&5
-if eval "test \"`echo '$''{'ac_cv_func_mmap_fixed_mapped'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  if test "$cross_compiling" = yes; then
-  ac_cv_func_mmap_fixed_mapped=no
-else
-  cat > conftest.$ac_ext <<EOF
-#line 6340 "configure"
-#include "confdefs.h"
-
-/* Thanks to Mike Haertel and Jim Avera for this test.
-   Here is a matrix of mmap possibilities:
-	mmap private not fixed
-	mmap private fixed at somewhere currently unmapped
-	mmap private fixed at somewhere already mapped
-	mmap shared not fixed
-	mmap shared fixed at somewhere currently unmapped
-	mmap shared fixed at somewhere already mapped
-   For private mappings, we should verify that changes cannot be read()
-   back from the file, nor mmap's back from the file at a different
-   address.  (There have been systems where private was not correctly
-   implemented like the infamous i386 svr4.0, and systems where the
-   VM page cache was not coherent with the filesystem buffer cache
-   like early versions of FreeBSD and possibly contemporary NetBSD.)
-   For shared mappings, we should conversely verify that changes get
-   propogated back to all the places they're supposed to be.
-
-   Grep wants private fixed already mapped.
-   The main things grep needs to know about mmap are:
-   * does it exist and is it safe to write into the mmap'd area
-   * how to use it (BSD variants)  */
-#include <sys/types.h>
-#include <fcntl.h>
-#include <sys/mman.h>
-
-/* This mess was copied from the GNU getpagesize.h.  */
-#ifndef HAVE_GETPAGESIZE
-# ifdef HAVE_UNISTD_H
-#  include <unistd.h>
-# endif
-
-/* Assume that all systems that can run configure have sys/param.h.  */
-# ifndef HAVE_SYS_PARAM_H
-#  define HAVE_SYS_PARAM_H 1
-# endif
-
-# ifdef _SC_PAGESIZE
-#  define getpagesize() sysconf(_SC_PAGESIZE)
-# else /* no _SC_PAGESIZE */
-#  ifdef HAVE_SYS_PARAM_H
-#   include <sys/param.h>
-#   ifdef EXEC_PAGESIZE
-#    define getpagesize() EXEC_PAGESIZE
-#   else /* no EXEC_PAGESIZE */
-#    ifdef NBPG
-#     define getpagesize() NBPG * CLSIZE
-#     ifndef CLSIZE
-#      define CLSIZE 1
-#     endif /* no CLSIZE */
-#    else /* no NBPG */
-#     ifdef NBPC
-#      define getpagesize() NBPC
-#     else /* no NBPC */
-#      ifdef PAGESIZE
-#       define getpagesize() PAGESIZE
-#      endif /* PAGESIZE */
-#     endif /* no NBPC */
-#    endif /* no NBPG */
-#   endif /* no EXEC_PAGESIZE */
-#  else /* no HAVE_SYS_PARAM_H */
-#   define getpagesize() 8192	/* punt totally */
-#  endif /* no HAVE_SYS_PARAM_H */
-# endif /* no _SC_PAGESIZE */
-
-#endif /* no HAVE_GETPAGESIZE */
-
-#ifdef __cplusplus
-extern "C" { void *malloc(unsigned); }
-#else
-char *malloc();
-#endif
-
-int
-main()
-{
-	char *data, *data2, *data3;
-	int i, pagesize;
-	int fd;
-
-	pagesize = getpagesize();
-
-	/*
-	 * First, make a file with some known garbage in it.
-	 */
-	data = malloc(pagesize);
-	if (!data)
-		exit(1);
-	for (i = 0; i < pagesize; ++i)
-		*(data + i) = rand();
-	umask(0);
-	fd = creat("conftestmmap", 0600);
-	if (fd < 0)
-		exit(1);
-	if (write(fd, data, pagesize) != pagesize)
-		exit(1);
-	close(fd);
-
-	/*
-	 * Next, try to mmap the file at a fixed address which
-	 * already has something else allocated at it.  If we can,
-	 * also make sure that we see the same garbage.
-	 */
-	fd = open("conftestmmap", O_RDWR);
-	if (fd < 0)
-		exit(1);
-	data2 = malloc(2 * pagesize);
-	if (!data2)
-		exit(1);
-	data2 += (pagesize - ((int) data2 & (pagesize - 1))) & (pagesize - 1);
-	if (data2 != mmap(data2, pagesize, PROT_READ | PROT_WRITE,
-	    MAP_PRIVATE | MAP_FIXED, fd, 0L))
-		exit(1);
-	for (i = 0; i < pagesize; ++i)
-		if (*(data + i) != *(data2 + i))
-			exit(1);
-
-	/*
-	 * Finally, make sure that changes to the mapped area
-	 * do not percolate back to the file as seen by read().
-	 * (This is a bug on some variants of i386 svr4.0.)
-	 */
-	for (i = 0; i < pagesize; ++i)
-		*(data2 + i) = *(data2 + i) + 1;
-	data3 = malloc(pagesize);
-	if (!data3)
-		exit(1);
-	if (read(fd, data3, pagesize) != pagesize)
-		exit(1);
-	for (i = 0; i < pagesize; ++i)
-		if (*(data + i) != *(data3 + i))
-			exit(1);
-	close(fd);
-	unlink("conftestmmap");
-	exit(0);
-}
-
-EOF
-if { (eval echo configure:6480: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
-then
-  ac_cv_func_mmap_fixed_mapped=yes
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -fr conftest*
-  ac_cv_func_mmap_fixed_mapped=no
-fi
-rm -fr conftest*
-fi
-
-fi
-
-echo "$ac_t""$ac_cv_func_mmap_fixed_mapped" 1>&6
-if test $ac_cv_func_mmap_fixed_mapped = yes; then
-  cat >> confdefs.h <<\EOF
-#define HAVE_MMAP 1
-EOF
-
-fi
-
-# The Ultrix 4.2 mips builtin alloca declared by alloca.h only works
-# for constant arguments.  Useless!
-echo $ac_n "checking for working alloca.h""... $ac_c" 1>&6
-echo "configure:6505: checking for working alloca.h" >&5
-if eval "test \"`echo '$''{'ac_cv_header_alloca_h'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 6510 "configure"
-#include "confdefs.h"
-#include <alloca.h>
-int main() {
-char *p = alloca(2 * sizeof(int));
-; return 0; }
-EOF
-if { (eval echo configure:6517: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  ac_cv_header_alloca_h=yes
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  ac_cv_header_alloca_h=no
-fi
-rm -f conftest*
-fi
-
-echo "$ac_t""$ac_cv_header_alloca_h" 1>&6
-if test $ac_cv_header_alloca_h = yes; then
-  cat >> confdefs.h <<\EOF
-#define HAVE_ALLOCA_H 1
-EOF
-
-fi
-
-echo $ac_n "checking for alloca""... $ac_c" 1>&6
-echo "configure:6538: checking for alloca" >&5
-if eval "test \"`echo '$''{'ac_cv_func_alloca_works'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 6543 "configure"
-#include "confdefs.h"
-
-#ifdef __GNUC__
-# define alloca __builtin_alloca
-#else
-# if HAVE_ALLOCA_H
-#  include <alloca.h>
-# else
-#  ifdef _AIX
- #pragma alloca
-#  else
-#   ifndef alloca /* predefined by HP cc +Olibcalls */
-char *alloca ();
-#   endif
-#  endif
-# endif
-#endif
-
-int main() {
-char *p = (char *) alloca(1);
-; return 0; }
-EOF
-if { (eval echo configure:6566: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  ac_cv_func_alloca_works=yes
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  ac_cv_func_alloca_works=no
-fi
-rm -f conftest*
-fi
-
-echo "$ac_t""$ac_cv_func_alloca_works" 1>&6
-if test $ac_cv_func_alloca_works = yes; then
-  cat >> confdefs.h <<\EOF
-#define HAVE_ALLOCA 1
-EOF
-
-fi
-
-if test $ac_cv_func_alloca_works = no; then
-  # The SVR3 libPW and SVR4 libucb both contain incompatible functions
-  # that cause trouble.  Some versions do not even contain alloca or
-  # contain a buggy version.  If you still want to use their alloca,
-  # use ar to extract alloca.o from them instead of compiling alloca.c.
-  ALLOCA=alloca.o
-  cat >> confdefs.h <<\EOF
-#define C_ALLOCA 1
-EOF
-
-
-echo $ac_n "checking whether alloca needs Cray hooks""... $ac_c" 1>&6
-echo "configure:6598: checking whether alloca needs Cray hooks" >&5
-if eval "test \"`echo '$''{'ac_cv_os_cray'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 6603 "configure"
-#include "confdefs.h"
-#if defined(CRAY) && ! defined(CRAY2)
-webecray
-#else
-wenotbecray
-#endif
-
-EOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  egrep "webecray" >/dev/null 2>&1; then
-  rm -rf conftest*
-  ac_cv_os_cray=yes
-else
-  rm -rf conftest*
-  ac_cv_os_cray=no
-fi
-rm -f conftest*
-
-fi
-
-echo "$ac_t""$ac_cv_os_cray" 1>&6
-if test $ac_cv_os_cray = yes; then
-for ac_func in _getb67 GETB67 getb67; do
-  echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:6628: checking for $ac_func" >&5
-if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 6633 "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
-    which can conflict with char $ac_func(); below.  */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char $ac_func();
-
-int main() {
-
-/* The GNU C library defines this for functions which it implements
-    to always fail with ENOSYS.  Some functions are actually named
-    something starting with __ and the normal name is an alias.  */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-$ac_func();
-#endif
-
-; return 0; }
-EOF
-if { (eval echo configure:6656: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=no"
-fi
-rm -f conftest*
-fi
-
-if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-  cat >> confdefs.h <<EOF
-#define CRAY_STACKSEG_END $ac_func
-EOF
-
-  break
-else
-  echo "$ac_t""no" 1>&6
-fi
-
-done
-fi
-
-echo $ac_n "checking stack direction for C alloca""... $ac_c" 1>&6
-echo "configure:6683: checking stack direction for C alloca" >&5
-if eval "test \"`echo '$''{'ac_cv_c_stack_direction'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  if test "$cross_compiling" = yes; then
-  ac_cv_c_stack_direction=0
-else
-  cat > conftest.$ac_ext <<EOF
-#line 6691 "configure"
-#include "confdefs.h"
-find_stack_direction ()
-{
-  static char *addr = 0;
-  auto char dummy;
-  if (addr == 0)
-    {
-      addr = &dummy;
-      return find_stack_direction ();
-    }
-  else
-    return (&dummy > addr) ? 1 : -1;
-}
-main ()
-{
-  exit (find_stack_direction() < 0);
-}
-EOF
-if { (eval echo configure:6710: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
-then
-  ac_cv_c_stack_direction=1
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -fr conftest*
-  ac_cv_c_stack_direction=-1
-fi
-rm -fr conftest*
-fi
-
-fi
-
-echo "$ac_t""$ac_cv_c_stack_direction" 1>&6
-cat >> confdefs.h <<EOF
-#define STACK_DIRECTION $ac_cv_c_stack_direction
-EOF
-
-fi
-
-
-#
-# Test for POSIX (broken) getlogin
-#
-
-if test "$ac_cv_func_getlogin" = yes; then
-echo $ac_n "checking if getlogin is posix""... $ac_c" 1>&6
-echo "configure:6738: checking if getlogin is posix" >&5
-if eval "test \"`echo '$''{'ac_cv_func_getlogin_posix'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-if test "$ac_cv_func_getlogin" = yes -a "$ac_cv_func_setlogin" = yes; then
-	ac_cv_func_getlogin_posix=no
-else
-	ac_cv_func_getlogin_posix=yes
-fi
-
-fi
-
-echo "$ac_t""$ac_cv_func_getlogin_posix" 1>&6
-if test "$ac_cv_func_getlogin_posix" = yes; then
-	cat >> confdefs.h <<\EOF
-#define POSIX_GETLOGIN 1
-EOF
-
-fi
-fi
-
-
-
-
-echo $ac_n "checking for hstrerror""... $ac_c" 1>&6
-echo "configure:6764: checking for hstrerror" >&5
-if eval "test \"`echo '$''{'ac_cv_funclib_hstrerror'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-if eval "test \"\$ac_cv_func_hstrerror\" != yes" ; then
-	ac_save_LIBS="$LIBS"
-	for ac_lib in "" resolv; do
-		if test -n "$ac_lib"; then 
-			ac_lib="-l$ac_lib"
-			LIBS="$ac_lib $ac_save_LIBS"
-		fi
-		cat > conftest.$ac_ext <<EOF
-#line 6777 "configure"
-#include "confdefs.h"
-#ifdef HAVE_NETDB_H
-#include <netdb.h>
-#endif
-int main() {
-hstrerror(17)
-; return 0; }
-EOF
-if { (eval echo configure:6786: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "if test -n \"$ac_lib\";then ac_cv_funclib_hstrerror=$ac_lib; else ac_cv_funclib_hstrerror=yes; fi";break
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-fi
-rm -f conftest*
-	done
-	eval "ac_cv_funclib_hstrerror=\${ac_cv_funclib_hstrerror-no}"
-	LIBS="$ac_save_LIBS"
-fi
-
-fi
-
-
-eval "ac_res=\$ac_cv_funclib_hstrerror"
-
-# autoheader tricks *sigh*
-: << END
-@@@funcs="$funcs hstrerror"@@@
-@@@libs="$libs resolv"@@@
-END
-
-eval "ac_tr_func=HAVE_`echo hstrerror | tr '[a-z]' '[A-Z]'`"
-eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr '[a-z]' '[A-Z]'`"
-eval "LIB_hstrerror=$ac_res"
-
-case "$ac_res" in
-	yes)
-	eval "ac_cv_func_hstrerror=yes"
-	eval "LIB_hstrerror="
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	echo "$ac_t""yes" 1>&6
-	;;
-	no)
-	eval "ac_cv_func_hstrerror=no"
-	eval "LIB_hstrerror="
-	echo "$ac_t""no" 1>&6
-	;;
-	*)
-	eval "ac_cv_func_hstrerror=yes"
-	eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes"
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	cat >> confdefs.h <<EOF
-#define $ac_tr_lib 1
-EOF
-
-	echo "$ac_t""yes, in $ac_res" 1>&6
-	;;
-esac
-
-
-if test -n "$LIB_hstrerror"; then
-	LIBS="$LIB_hstrerror $LIBS"
-fi
-
-if eval "test \"$ac_cv_func_hstrerror\" != yes"; then
-LIBOBJS="$LIBOBJS hstrerror.o"
-fi
-
-
-for ac_func in chown daemon err errx fchown getcwd getdtablesize getopt
-do
-echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:6857: checking for $ac_func" >&5
-if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 6862 "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
-    which can conflict with char $ac_func(); below.  */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char $ac_func();
-
-int main() {
-
-/* The GNU C library defines this for functions which it implements
-    to always fail with ENOSYS.  Some functions are actually named
-    something starting with __ and the normal name is an alias.  */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-$ac_func();
-#endif
-
-; return 0; }
-EOF
-if { (eval echo configure:6885: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=no"
-fi
-rm -f conftest*
-fi
-
-if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-  
-ac_tr_func=HAVE_`echo $ac_func | tr '[a-z]' '[A-Z]'`
-cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-else
-  echo "$ac_t""no" 1>&6
-LIBOBJS="$LIBOBJS ${ac_func}.o"
-fi
-
-# autoheader tricks *sigh*
-: << END
-@@@funcs="$funcs chown daemon err errx fchown getcwd getdtablesize getopt"@@@
-END
-done
-
-for ac_func in getusershell inet_aton initgroups lstat memmove mkstemp
-do
-echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:6919: checking for $ac_func" >&5
-if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 6924 "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
-    which can conflict with char $ac_func(); below.  */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char $ac_func();
-
-int main() {
-
-/* The GNU C library defines this for functions which it implements
-    to always fail with ENOSYS.  Some functions are actually named
-    something starting with __ and the normal name is an alias.  */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-$ac_func();
-#endif
-
-; return 0; }
-EOF
-if { (eval echo configure:6947: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=no"
-fi
-rm -f conftest*
-fi
-
-if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-  
-ac_tr_func=HAVE_`echo $ac_func | tr '[a-z]' '[A-Z]'`
-cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-else
-  echo "$ac_t""no" 1>&6
-LIBOBJS="$LIBOBJS ${ac_func}.o"
-fi
-
-# autoheader tricks *sigh*
-: << END
-@@@funcs="$funcs getusershell inet_aton initgroups lstat memmove mkstemp"@@@
-END
-done
-
-for ac_func in putenv rcmd setegid setenv seteuid strcasecmp strdup
-do
-echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:6981: checking for $ac_func" >&5
-if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 6986 "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
-    which can conflict with char $ac_func(); below.  */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char $ac_func();
-
-int main() {
-
-/* The GNU C library defines this for functions which it implements
-    to always fail with ENOSYS.  Some functions are actually named
-    something starting with __ and the normal name is an alias.  */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-$ac_func();
-#endif
-
-; return 0; }
-EOF
-if { (eval echo configure:7009: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=no"
-fi
-rm -f conftest*
-fi
-
-if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-  
-ac_tr_func=HAVE_`echo $ac_func | tr '[a-z]' '[A-Z]'`
-cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-else
-  echo "$ac_t""no" 1>&6
-LIBOBJS="$LIBOBJS ${ac_func}.o"
-fi
-
-# autoheader tricks *sigh*
-: << END
-@@@funcs="$funcs putenv rcmd setegid setenv seteuid strcasecmp strdup"@@@
-END
-done
-
-for ac_func in strerror strftime strlwr strnlen strtok_r strupr unsetenv
-do
-echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:7043: checking for $ac_func" >&5
-if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 7048 "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
-    which can conflict with char $ac_func(); below.  */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char $ac_func();
-
-int main() {
-
-/* The GNU C library defines this for functions which it implements
-    to always fail with ENOSYS.  Some functions are actually named
-    something starting with __ and the normal name is an alias.  */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-$ac_func();
-#endif
-
-; return 0; }
-EOF
-if { (eval echo configure:7071: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=no"
-fi
-rm -f conftest*
-fi
-
-if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-  
-ac_tr_func=HAVE_`echo $ac_func | tr '[a-z]' '[A-Z]'`
-cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-else
-  echo "$ac_t""no" 1>&6
-LIBOBJS="$LIBOBJS ${ac_func}.o"
-fi
-
-# autoheader tricks *sigh*
-: << END
-@@@funcs="$funcs strerror strftime strlwr strnlen strtok_r strupr unsetenv"@@@
-END
-done
-
-for ac_func in verr verrx vwarn vwarnx warn warnx
-do
-echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:7105: checking for $ac_func" >&5
-if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 7110 "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
-    which can conflict with char $ac_func(); below.  */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char $ac_func();
-
-int main() {
-
-/* The GNU C library defines this for functions which it implements
-    to always fail with ENOSYS.  Some functions are actually named
-    something starting with __ and the normal name is an alias.  */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-$ac_func();
-#endif
-
-; return 0; }
-EOF
-if { (eval echo configure:7133: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=no"
-fi
-rm -f conftest*
-fi
-
-if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-  
-ac_tr_func=HAVE_`echo $ac_func | tr '[a-z]' '[A-Z]'`
-cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-else
-  echo "$ac_t""no" 1>&6
-LIBOBJS="$LIBOBJS ${ac_func}.o"
-fi
-
-# autoheader tricks *sigh*
-: << END
-@@@funcs="$funcs verr verrx vwarn vwarnx warn warnx"@@@
-END
-done
-
-
-
-if test "$ac_cv_func_getcwd" = yes; then
-echo $ac_n "checking if getcwd is broken""... $ac_c" 1>&6
-echo "configure:7168: checking if getcwd is broken" >&5
-if eval "test \"`echo '$''{'ac_cv_func_getcwd_broken'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-ac_cv_func_getcwd_broken=no
-
-if test "$cross_compiling" = yes; then
-  :
-else
-  cat > conftest.$ac_ext <<EOF
-#line 7179 "configure"
-#include "confdefs.h"
-
-#include <errno.h>
-char *getcwd(char*, int);
-
-void *popen(char *cmd, char *mode)
-{
-	errno = ENOTTY;
-	return 0;
-}
-
-int main()
-{
-	char *ret;
-	ret = getcwd(0, 1024);
-	if(ret == 0 && errno == ENOTTY)
-		return 0;
-	return 1;
-}
-
-EOF
-if { (eval echo configure:7201: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
-then
-  ac_cv_func_getcwd_broken=yes
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -fr conftest*
-  :
-fi
-rm -fr conftest*
-fi
-
-
-fi
-
-if test "$ac_cv_func_getcwd_broken" = yes; then
-	cat >> confdefs.h <<\EOF
-#define BROKEN_GETCWD 1
-EOF
-	LIBOBJS="$LIBOBJS getcwd.o"
-		echo "$ac_t""$ac_cv_func_getcwd_broken" 1>&6
-else
-	echo "$ac_t""seems ok" 1>&6
-fi
-fi
-
-
-
-echo $ac_n "checking which authentication modules should be built""... $ac_c" 1>&6
-echo "configure:7230: checking which authentication modules should be built" >&5
-
-LIB_AUTH_SUBDIRS=
-
-if test "$ac_cv_header_siad_h" = yes; then
-	LIB_AUTH_SUBDIRS="$LIB_AUTH_SUBDIRS sia"
-fi
-
-if test "$ac_cv_header_security_pam_modules_h" = yes; then
-	LIB_AUTH_SUBDIRS="$LIB_AUTH_SUBDIRS pam"
-fi
-
-case "${host}" in
-*-*-irix[56]*) LIB_AUTH_SUBDIRS="$LIB_AUTH_SUBDIRS afskauthlib" ;;
-esac
-
-echo "$ac_t""$LIB_AUTH_SUBDIRS" 1>&6
-
-
-
-echo $ac_n "checking for tunnel devices""... $ac_c" 1>&6
-echo "configure:7251: checking for tunnel devices" >&5
-
-APPL_KIP_DIR=
-
-if test "$ac_cv_header_net_if_tun_h" = "yes"; then
-	APPL_KIP_DIR=kip
-fi
-
-echo "$ac_t""$ac_cv_header_net_if_tun_h" 1>&6
-
-
-
-
-echo $ac_n "checking if crypt needs a prototype""... $ac_c" 1>&6
-echo "configure:7265: checking if crypt needs a prototype" >&5
-if eval "test \"`echo '$''{'ac_cv_func_crypt_noproto'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 7270 "configure"
-#include "confdefs.h"
-
-#ifdef HAVE_CRYPT_H
-#include <crypt.h>
-#endif
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-int main() {
-struct foo { int foo; } xx;
-extern int crypt (struct foo*);
-crypt(&xx);
-
-; return 0; }
-EOF
-if { (eval echo configure:7287: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
-  rm -rf conftest*
-  eval "ac_cv_func_crypt_noproto=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_func_crypt_noproto=no"
-fi
-rm -f conftest*
-fi
-
-echo "$ac_t""$ac_cv_func_crypt_noproto" 1>&6
-
-if test "$ac_cv_func_crypt_noproto" = yes; then
-	cat >> confdefs.h <<\EOF
-#define NEED_CRYPT_PROTO 1
-EOF
-
-fi
-: << END
-@@@syms="$syms NEED_CRYPT_PROTO"@@@
-END
-
-
-
-
-echo $ac_n "checking if strtok_r needs a prototype""... $ac_c" 1>&6
-echo "configure:7315: checking if strtok_r needs a prototype" >&5
-if eval "test \"`echo '$''{'ac_cv_func_strtok_r_noproto'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 7320 "configure"
-#include "confdefs.h"
-
-#include <string.h>
-
-int main() {
-struct foo { int foo; } xx;
-extern int strtok_r (struct foo*);
-strtok_r(&xx);
-
-; return 0; }
-EOF
-if { (eval echo configure:7332: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
-  rm -rf conftest*
-  eval "ac_cv_func_strtok_r_noproto=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_func_strtok_r_noproto=no"
-fi
-rm -f conftest*
-fi
-
-echo "$ac_t""$ac_cv_func_strtok_r_noproto" 1>&6
-
-if test "$ac_cv_func_strtok_r_noproto" = yes; then
-	cat >> confdefs.h <<\EOF
-#define NEED_STRTOK_R_PROTO 1
-EOF
-
-fi
-: << END
-@@@syms="$syms NEED_STRTOK_R_PROTO"@@@
-END
-
-
-
-
-echo $ac_n "checking for h_errno""... $ac_c" 1>&6
-echo "configure:7360: checking for h_errno" >&5
-if eval "test \"`echo '$''{'ac_cv_var_h_errno'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-cat > conftest.$ac_ext <<EOF
-#line 7366 "configure"
-#include "confdefs.h"
-extern int h_errno;
-int foo() { return h_errno; }
-int main() {
-foo()
-; return 0; }
-EOF
-if { (eval echo configure:7374: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  ac_cv_var_h_errno=yes
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  ac_cv_var_h_errno=no
-fi
-rm -f conftest*
-
-fi
-
-eval "ac_tr_var=HAVE_H_ERRNO"
-
-
-: << END
-@@@syms="$syms HAVE_H_ERRNO"@@@
-END
-
-
-echo "$ac_t""`eval echo \\$ac_cv_var_h_errno`" 1>&6
-if test `eval echo \\$ac_cv_var_h_errno` = yes; then
-	cat >> confdefs.h <<EOF
-#define $ac_tr_var 1
-EOF
-
-	
-echo $ac_n "checking if h_errno is properly declared""... $ac_c" 1>&6
-echo "configure:7403: checking if h_errno is properly declared" >&5
-if eval "test \"`echo '$''{'ac_cv_var_h_errno_declaration'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-cat > conftest.$ac_ext <<EOF
-#line 7409 "configure"
-#include "confdefs.h"
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_NETDB_H
-#include <netdb.h>
-#endif
-extern struct { int foo; } h_errno;
-int main() {
-h_errno.foo = 1;
-; return 0; }
-EOF
-if { (eval echo configure:7422: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
-  rm -rf conftest*
-  eval "ac_cv_var_h_errno_declaration=no"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_var_h_errno_declaration=yes"
-fi
-rm -f conftest*
-
-fi
-
-
-ac_tr_var=HAVE_H_ERRNO_DECLARATION
-
-
-: << END
-@@@syms="$syms HAVE_H_ERRNO_DECLARATION"@@@
-END
-
-
-echo "$ac_t""$ac_cv_var_h_errno_declaration" 1>&6
-if eval "test \"\$ac_cv_var_h_errno_declaration\" = yes"; then
-	cat >> confdefs.h <<EOF
-#define $ac_tr_var 1
-EOF
-
-fi
-
-fi
-
-
-
-echo $ac_n "checking for h_errlist""... $ac_c" 1>&6
-echo "configure:7457: checking for h_errlist" >&5
-if eval "test \"`echo '$''{'ac_cv_var_h_errlist'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-cat > conftest.$ac_ext <<EOF
-#line 7463 "configure"
-#include "confdefs.h"
-extern int h_errlist;
-int foo() { return h_errlist; }
-int main() {
-foo()
-; return 0; }
-EOF
-if { (eval echo configure:7471: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  ac_cv_var_h_errlist=yes
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  ac_cv_var_h_errlist=no
-fi
-rm -f conftest*
-
-fi
-
-eval "ac_tr_var=HAVE_H_ERRLIST"
-
-
-: << END
-@@@syms="$syms HAVE_H_ERRLIST"@@@
-END
-
-
-echo "$ac_t""`eval echo \\$ac_cv_var_h_errlist`" 1>&6
-if test `eval echo \\$ac_cv_var_h_errlist` = yes; then
-	cat >> confdefs.h <<EOF
-#define $ac_tr_var 1
-EOF
-
-	
-echo $ac_n "checking if h_errlist is properly declared""... $ac_c" 1>&6
-echo "configure:7500: checking if h_errlist is properly declared" >&5
-if eval "test \"`echo '$''{'ac_cv_var_h_errlist_declaration'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-cat > conftest.$ac_ext <<EOF
-#line 7506 "configure"
-#include "confdefs.h"
-#ifdef HAVE_NETDB_H
-#include <netdb.h>
-#endif
-extern struct { int foo; } h_errlist;
-int main() {
-h_errlist.foo = 1;
-; return 0; }
-EOF
-if { (eval echo configure:7516: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
-  rm -rf conftest*
-  eval "ac_cv_var_h_errlist_declaration=no"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_var_h_errlist_declaration=yes"
-fi
-rm -f conftest*
-
-fi
-
-
-ac_tr_var=HAVE_H_ERRLIST_DECLARATION
-
-
-: << END
-@@@syms="$syms HAVE_H_ERRLIST_DECLARATION"@@@
-END
-
-
-echo "$ac_t""$ac_cv_var_h_errlist_declaration" 1>&6
-if eval "test \"\$ac_cv_var_h_errlist_declaration\" = yes"; then
-	cat >> confdefs.h <<EOF
-#define $ac_tr_var 1
-EOF
-
-fi
-
-fi
-
-
-
-echo $ac_n "checking for h_nerr""... $ac_c" 1>&6
-echo "configure:7551: checking for h_nerr" >&5
-if eval "test \"`echo '$''{'ac_cv_var_h_nerr'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-cat > conftest.$ac_ext <<EOF
-#line 7557 "configure"
-#include "confdefs.h"
-extern int h_nerr;
-int foo() { return h_nerr; }
-int main() {
-foo()
-; return 0; }
-EOF
-if { (eval echo configure:7565: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  ac_cv_var_h_nerr=yes
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  ac_cv_var_h_nerr=no
-fi
-rm -f conftest*
-
-fi
-
-eval "ac_tr_var=HAVE_H_NERR"
-
-
-: << END
-@@@syms="$syms HAVE_H_NERR"@@@
-END
-
-
-echo "$ac_t""`eval echo \\$ac_cv_var_h_nerr`" 1>&6
-if test `eval echo \\$ac_cv_var_h_nerr` = yes; then
-	cat >> confdefs.h <<EOF
-#define $ac_tr_var 1
-EOF
-
-	
-echo $ac_n "checking if h_nerr is properly declared""... $ac_c" 1>&6
-echo "configure:7594: checking if h_nerr is properly declared" >&5
-if eval "test \"`echo '$''{'ac_cv_var_h_nerr_declaration'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-cat > conftest.$ac_ext <<EOF
-#line 7600 "configure"
-#include "confdefs.h"
-#ifdef HAVE_NETDB_H
-#include <netdb.h>
-#endif
-extern struct { int foo; } h_nerr;
-int main() {
-h_nerr.foo = 1;
-; return 0; }
-EOF
-if { (eval echo configure:7610: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
-  rm -rf conftest*
-  eval "ac_cv_var_h_nerr_declaration=no"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_var_h_nerr_declaration=yes"
-fi
-rm -f conftest*
-
-fi
-
-
-ac_tr_var=HAVE_H_NERR_DECLARATION
-
-
-: << END
-@@@syms="$syms HAVE_H_NERR_DECLARATION"@@@
-END
-
-
-echo "$ac_t""$ac_cv_var_h_nerr_declaration" 1>&6
-if eval "test \"\$ac_cv_var_h_nerr_declaration\" = yes"; then
-	cat >> confdefs.h <<EOF
-#define $ac_tr_var 1
-EOF
-
-fi
-
-fi
-
-
-
-echo $ac_n "checking for __progname""... $ac_c" 1>&6
-echo "configure:7645: checking for __progname" >&5
-if eval "test \"`echo '$''{'ac_cv_var___progname'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-cat > conftest.$ac_ext <<EOF
-#line 7651 "configure"
-#include "confdefs.h"
-extern int __progname;
-int foo() { return __progname; }
-int main() {
-foo()
-; return 0; }
-EOF
-if { (eval echo configure:7659: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  ac_cv_var___progname=yes
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  ac_cv_var___progname=no
-fi
-rm -f conftest*
-
-fi
-
-eval "ac_tr_var=HAVE___PROGNAME"
-
-
-: << END
-@@@syms="$syms HAVE___PROGNAME"@@@
-END
-
-
-echo "$ac_t""`eval echo \\$ac_cv_var___progname`" 1>&6
-if test `eval echo \\$ac_cv_var___progname` = yes; then
-	cat >> confdefs.h <<EOF
-#define $ac_tr_var 1
-EOF
-
-	
-echo $ac_n "checking if __progname is properly declared""... $ac_c" 1>&6
-echo "configure:7688: checking if __progname is properly declared" >&5
-if eval "test \"`echo '$''{'ac_cv_var___progname_declaration'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-cat > conftest.$ac_ext <<EOF
-#line 7694 "configure"
-#include "confdefs.h"
-#ifdef HAVE_ERR_H
-#include <err.h>
-#endif
-extern struct { int foo; } __progname;
-int main() {
-__progname.foo = 1;
-; return 0; }
-EOF
-if { (eval echo configure:7704: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
-  rm -rf conftest*
-  eval "ac_cv_var___progname_declaration=no"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_var___progname_declaration=yes"
-fi
-rm -f conftest*
-
-fi
-
-
-ac_tr_var=HAVE___PROGNAME_DECLARATION
-
-
-: << END
-@@@syms="$syms HAVE___PROGNAME_DECLARATION"@@@
-END
-
-
-echo "$ac_t""$ac_cv_var___progname_declaration" 1>&6
-if eval "test \"\$ac_cv_var___progname_declaration\" = yes"; then
-	cat >> confdefs.h <<EOF
-#define $ac_tr_var 1
-EOF
-
-fi
-
-fi
-
-
-
-echo $ac_n "checking if optarg is properly declared""... $ac_c" 1>&6
-echo "configure:7739: checking if optarg is properly declared" >&5
-if eval "test \"`echo '$''{'ac_cv_var_optarg_declaration'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-cat > conftest.$ac_ext <<EOF
-#line 7745 "configure"
-#include "confdefs.h"
-#include <stdlib.h>
-extern struct { int foo; } optarg;
-int main() {
-optarg.foo = 1;
-; return 0; }
-EOF
-if { (eval echo configure:7753: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
-  rm -rf conftest*
-  eval "ac_cv_var_optarg_declaration=no"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_var_optarg_declaration=yes"
-fi
-rm -f conftest*
-
-fi
-
-
-ac_tr_var=HAVE_OPTARG_DECLARATION
-
-
-: << END
-@@@syms="$syms HAVE_OPTARG_DECLARATION"@@@
-END
-
-
-echo "$ac_t""$ac_cv_var_optarg_declaration" 1>&6
-if eval "test \"\$ac_cv_var_optarg_declaration\" = yes"; then
-	cat >> confdefs.h <<EOF
-#define $ac_tr_var 1
-EOF
-
-fi
-
-
-echo $ac_n "checking if optind is properly declared""... $ac_c" 1>&6
-echo "configure:7785: checking if optind is properly declared" >&5
-if eval "test \"`echo '$''{'ac_cv_var_optind_declaration'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-cat > conftest.$ac_ext <<EOF
-#line 7791 "configure"
-#include "confdefs.h"
-#include <stdlib.h>
-extern struct { int foo; } optind;
-int main() {
-optind.foo = 1;
-; return 0; }
-EOF
-if { (eval echo configure:7799: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
-  rm -rf conftest*
-  eval "ac_cv_var_optind_declaration=no"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_var_optind_declaration=yes"
-fi
-rm -f conftest*
-
-fi
-
-
-ac_tr_var=HAVE_OPTIND_DECLARATION
-
-
-: << END
-@@@syms="$syms HAVE_OPTIND_DECLARATION"@@@
-END
-
-
-echo "$ac_t""$ac_cv_var_optind_declaration" 1>&6
-if eval "test \"\$ac_cv_var_optind_declaration\" = yes"; then
-	cat >> confdefs.h <<EOF
-#define $ac_tr_var 1
-EOF
-
-fi
-
-
-echo $ac_n "checking if opterr is properly declared""... $ac_c" 1>&6
-echo "configure:7831: checking if opterr is properly declared" >&5
-if eval "test \"`echo '$''{'ac_cv_var_opterr_declaration'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-cat > conftest.$ac_ext <<EOF
-#line 7837 "configure"
-#include "confdefs.h"
-#include <stdlib.h>
-extern struct { int foo; } opterr;
-int main() {
-opterr.foo = 1;
-; return 0; }
-EOF
-if { (eval echo configure:7845: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
-  rm -rf conftest*
-  eval "ac_cv_var_opterr_declaration=no"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_var_opterr_declaration=yes"
-fi
-rm -f conftest*
-
-fi
-
-
-ac_tr_var=HAVE_OPTERR_DECLARATION
-
-
-: << END
-@@@syms="$syms HAVE_OPTERR_DECLARATION"@@@
-END
-
-
-echo "$ac_t""$ac_cv_var_opterr_declaration" 1>&6
-if eval "test \"\$ac_cv_var_opterr_declaration\" = yes"; then
-	cat >> confdefs.h <<EOF
-#define $ac_tr_var 1
-EOF
-
-fi
-
-
-echo $ac_n "checking if optopt is properly declared""... $ac_c" 1>&6
-echo "configure:7877: checking if optopt is properly declared" >&5
-if eval "test \"`echo '$''{'ac_cv_var_optopt_declaration'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-cat > conftest.$ac_ext <<EOF
-#line 7883 "configure"
-#include "confdefs.h"
-#include <stdlib.h>
-extern struct { int foo; } optopt;
-int main() {
-optopt.foo = 1;
-; return 0; }
-EOF
-if { (eval echo configure:7891: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
-  rm -rf conftest*
-  eval "ac_cv_var_optopt_declaration=no"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_var_optopt_declaration=yes"
-fi
-rm -f conftest*
-
-fi
-
-
-ac_tr_var=HAVE_OPTOPT_DECLARATION
-
-
-: << END
-@@@syms="$syms HAVE_OPTOPT_DECLARATION"@@@
-END
-
-
-echo "$ac_t""$ac_cv_var_optopt_declaration" 1>&6
-if eval "test \"\$ac_cv_var_optopt_declaration\" = yes"; then
-	cat >> confdefs.h <<EOF
-#define $ac_tr_var 1
-EOF
-
-fi
-
-
-echo $ac_n "checking return type of signal handlers""... $ac_c" 1>&6
-echo "configure:7923: checking return type of signal handlers" >&5
-if eval "test \"`echo '$''{'ac_cv_type_signal'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 7928 "configure"
-#include "confdefs.h"
-#include <sys/types.h>
-#include <signal.h>
-#ifdef signal
-#undef signal
-#endif
-#ifdef __cplusplus
-extern "C" void (*signal (int, void (*)(int)))(int);
-#else
-void (*signal ()) ();
-#endif
-
-int main() {
-int i;
-; return 0; }
-EOF
-if { (eval echo configure:7945: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
-  rm -rf conftest*
-  ac_cv_type_signal=void
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  ac_cv_type_signal=int
-fi
-rm -f conftest*
-fi
-
-echo "$ac_t""$ac_cv_type_signal" 1>&6
-cat >> confdefs.h <<EOF
-#define RETSIGTYPE $ac_cv_type_signal
-EOF
-
-
-if test "$ac_cv_type_signal" = "void" ; then
-	cat >> confdefs.h <<\EOF
-#define VOID_RETSIGTYPE 1
-EOF
-
-fi
-
-cat > conftest.$ac_ext <<EOF
-#line 7971 "configure"
-#include "confdefs.h"
-#include <utmp.h>
-EOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  egrep "ut_user" >/dev/null 2>&1; then
-  rm -rf conftest*
-  cat >> confdefs.h <<\EOF
-#define HAVE_UT_USER 1
-EOF
-
-fi
-rm -f conftest*
-
-cat > conftest.$ac_ext <<EOF
-#line 7986 "configure"
-#include "confdefs.h"
-#include <utmp.h>
-EOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  egrep "ut_host" >/dev/null 2>&1; then
-  rm -rf conftest*
-  cat >> confdefs.h <<\EOF
-#define HAVE_UT_HOST 1
-EOF
-
-fi
-rm -f conftest*
-
-cat > conftest.$ac_ext <<EOF
-#line 8001 "configure"
-#include "confdefs.h"
-#include <utmp.h>
-EOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  egrep "ut_addr" >/dev/null 2>&1; then
-  rm -rf conftest*
-  cat >> confdefs.h <<\EOF
-#define HAVE_UT_ADDR 1
-EOF
-
-fi
-rm -f conftest*
-
-cat > conftest.$ac_ext <<EOF
-#line 8016 "configure"
-#include "confdefs.h"
-#include <utmp.h>
-EOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  egrep "ut_type" >/dev/null 2>&1; then
-  rm -rf conftest*
-  cat >> confdefs.h <<\EOF
-#define HAVE_UT_TYPE 1
-EOF
-
-fi
-rm -f conftest*
-
-cat > conftest.$ac_ext <<EOF
-#line 8031 "configure"
-#include "confdefs.h"
-#include <utmp.h>
-EOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  egrep "ut_pid" >/dev/null 2>&1; then
-  rm -rf conftest*
-  cat >> confdefs.h <<\EOF
-#define HAVE_UT_PID 1
-EOF
-
-fi
-rm -f conftest*
-
-cat > conftest.$ac_ext <<EOF
-#line 8046 "configure"
-#include "confdefs.h"
-#include <utmp.h>
-EOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  egrep "ut_id" >/dev/null 2>&1; then
-  rm -rf conftest*
-  cat >> confdefs.h <<\EOF
-#define HAVE_UT_ID 1
-EOF
-
-fi
-rm -f conftest*
-
-cat > conftest.$ac_ext <<EOF
-#line 8061 "configure"
-#include "confdefs.h"
-#include <utmpx.h>
-EOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  egrep "ut_syslen" >/dev/null 2>&1; then
-  rm -rf conftest*
-  cat >> confdefs.h <<\EOF
-#define HAVE_UT_SYSLEN 1
-EOF
-
-fi
-rm -f conftest*
-
-
-echo $ac_n "checking for st_blksize in struct stat""... $ac_c" 1>&6
-echo "configure:8077: checking for st_blksize in struct stat" >&5
-if eval "test \"`echo '$''{'ac_cv_struct_st_blksize'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 8082 "configure"
-#include "confdefs.h"
-#include <sys/types.h>
-#include <sys/stat.h>
-int main() {
-struct stat s; s.st_blksize;
-; return 0; }
-EOF
-if { (eval echo configure:8090: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
-  rm -rf conftest*
-  ac_cv_struct_st_blksize=yes
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  ac_cv_struct_st_blksize=no
-fi
-rm -f conftest*
-fi
-
-echo "$ac_t""$ac_cv_struct_st_blksize" 1>&6
-if test $ac_cv_struct_st_blksize = yes; then
-  cat >> confdefs.h <<\EOF
-#define HAVE_ST_BLKSIZE 1
-EOF
-
-fi
-
-
-
-
-echo $ac_n "checking for struct winsize""... $ac_c" 1>&6
-echo "configure:8114: checking for struct winsize" >&5
-if eval "test \"`echo '$''{'ac_cv_struct_winsize'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-ac_cv_struct_winsize=no
-for i in sys/termios.h sys/ioctl.h; do
-cat > conftest.$ac_ext <<EOF
-#line 8122 "configure"
-#include "confdefs.h"
-#include <$i>
-EOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  egrep "struct[ 	]*winsize" >/dev/null 2>&1; then
-  rm -rf conftest*
-  ac_cv_struct_winsize=yes; break
-fi
-rm -f conftest*
-done
-
-fi
-
-if test "$ac_cv_struct_winsize" = "yes"; then
-  cat >> confdefs.h <<\EOF
-#define HAVE_STRUCT_WINSIZE 1
-EOF
-fi
-echo "$ac_t""$ac_cv_struct_winsize" 1>&6
-cat > conftest.$ac_ext <<EOF
-#line 8143 "configure"
-#include "confdefs.h"
-#include <termios.h>
-EOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  egrep "ws_xpixel" >/dev/null 2>&1; then
-  rm -rf conftest*
-  cat >> confdefs.h <<\EOF
-#define HAVE_WS_XPIXEL 1
-EOF
-
-fi
-rm -f conftest*
-
-cat > conftest.$ac_ext <<EOF
-#line 8158 "configure"
-#include "confdefs.h"
-#include <termios.h>
-EOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  egrep "ws_ypixel" >/dev/null 2>&1; then
-  rm -rf conftest*
-  cat >> confdefs.h <<\EOF
-#define HAVE_WS_YPIXEL 1
-EOF
-
-fi
-rm -f conftest*
-
-
-
-
-echo $ac_n "checking for pid_t""... $ac_c" 1>&6
-echo "configure:8176: checking for pid_t" >&5
-if eval "test \"`echo '$''{'ac_cv_type_pid_t'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 8181 "configure"
-#include "confdefs.h"
-#include <sys/types.h>
-#if STDC_HEADERS
-#include <stdlib.h>
-#include <stddef.h>
-#endif
-EOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  egrep "pid_t[^a-zA-Z_0-9]" >/dev/null 2>&1; then
-  rm -rf conftest*
-  ac_cv_type_pid_t=yes
-else
-  rm -rf conftest*
-  ac_cv_type_pid_t=no
-fi
-rm -f conftest*
-
-fi
-echo "$ac_t""$ac_cv_type_pid_t" 1>&6
-if test $ac_cv_type_pid_t = no; then
-  cat >> confdefs.h <<\EOF
-#define pid_t int
-EOF
-
-fi
-
-echo $ac_n "checking for uid_t in sys/types.h""... $ac_c" 1>&6
-echo "configure:8209: checking for uid_t in sys/types.h" >&5
-if eval "test \"`echo '$''{'ac_cv_type_uid_t'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 8214 "configure"
-#include "confdefs.h"
-#include <sys/types.h>
-EOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  egrep "uid_t" >/dev/null 2>&1; then
-  rm -rf conftest*
-  ac_cv_type_uid_t=yes
-else
-  rm -rf conftest*
-  ac_cv_type_uid_t=no
-fi
-rm -f conftest*
-
-fi
-
-echo "$ac_t""$ac_cv_type_uid_t" 1>&6
-if test $ac_cv_type_uid_t = no; then
-  cat >> confdefs.h <<\EOF
-#define uid_t int
-EOF
-
-  cat >> confdefs.h <<\EOF
-#define gid_t int
-EOF
-
-fi
-
-echo $ac_n "checking for off_t""... $ac_c" 1>&6
-echo "configure:8243: checking for off_t" >&5
-if eval "test \"`echo '$''{'ac_cv_type_off_t'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 8248 "configure"
-#include "confdefs.h"
-#include <sys/types.h>
-#if STDC_HEADERS
-#include <stdlib.h>
-#include <stddef.h>
-#endif
-EOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  egrep "off_t[^a-zA-Z_0-9]" >/dev/null 2>&1; then
-  rm -rf conftest*
-  ac_cv_type_off_t=yes
-else
-  rm -rf conftest*
-  ac_cv_type_off_t=no
-fi
-rm -f conftest*
-
-fi
-echo "$ac_t""$ac_cv_type_off_t" 1>&6
-if test $ac_cv_type_off_t = no; then
-  cat >> confdefs.h <<\EOF
-#define off_t long
-EOF
-
-fi
-
-echo $ac_n "checking for size_t""... $ac_c" 1>&6
-echo "configure:8276: checking for size_t" >&5
-if eval "test \"`echo '$''{'ac_cv_type_size_t'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 8281 "configure"
-#include "confdefs.h"
-#include <sys/types.h>
-#if STDC_HEADERS
-#include <stdlib.h>
-#include <stddef.h>
-#endif
-EOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  egrep "size_t[^a-zA-Z_0-9]" >/dev/null 2>&1; then
-  rm -rf conftest*
-  ac_cv_type_size_t=yes
-else
-  rm -rf conftest*
-  ac_cv_type_size_t=no
-fi
-rm -f conftest*
-
-fi
-echo "$ac_t""$ac_cv_type_size_t" 1>&6
-if test $ac_cv_type_size_t = no; then
-  cat >> confdefs.h <<\EOF
-#define size_t unsigned
-EOF
-
-fi
-
-
-
-echo $ac_n "checking for sa_len in struct sockaddr""... $ac_c" 1>&6
-echo "configure:8311: checking for sa_len in struct sockaddr" >&5
-if eval "test \"`echo '$''{'krb_cv_struct_sockaddr_sa_len'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-cat > conftest.$ac_ext <<EOF
-#line 8317 "configure"
-#include "confdefs.h"
-#include <sys/types.h>
-#include <sys/socket.h>
-int main() {
-struct sockaddr sa;
-int foo = sa.sa_len;
-; return 0; }
-EOF
-if { (eval echo configure:8326: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
-  rm -rf conftest*
-  krb_cv_struct_sockaddr_sa_len=yes
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  krb_cv_struct_sockaddr_sa_len=no
-fi
-rm -f conftest*
-
-fi
-
-echo "$ac_t""$krb_cv_struct_sockaddr_sa_len" 1>&6
-if test "$krb_cv_struct_sockaddr_sa_len" = yes; then
-	cat >> confdefs.h <<\EOF
-#define SOCKADDR_HAS_SA_LEN 1
-EOF
-
-fi
-
-
-if test "$ac_cv_header_siad_h" = yes; then
-echo $ac_n "checking for ouid in struct siaentity""... $ac_c" 1>&6
-echo "configure:8350: checking for ouid in struct siaentity" >&5
-if eval "test \"`echo '$''{'krb_cv_struct_siaentity_ouid'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-cat > conftest.$ac_ext <<EOF
-#line 8356 "configure"
-#include "confdefs.h"
-#include <siad.h>
-
-int main() {
-SIAENTITY e;
-int foo = e.ouid;
-; return 0; }
-EOF
-if { (eval echo configure:8365: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
-  rm -rf conftest*
-  krb_cv_struct_siaentity_ouid=yes
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  krb_cv_struct_siaentity_ouid=no
-fi
-rm -f conftest*
-
-fi
-
-echo "$ac_t""$krb_cv_struct_siaentity_ouid" 1>&6
-if test "$krb_cv_struct_siaentity_ouid" = yes; then
-	cat >> confdefs.h <<\EOF
-#define SIAENTITY_HAS_OUID 1
-EOF
-
-fi
-fi
-
-
-echo $ac_n "checking for working getmsg""... $ac_c" 1>&6
-echo "configure:8389: checking for working getmsg" >&5
-if eval "test \"`echo '$''{'ac_cv_func_getmsg'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  if test "$cross_compiling" = yes; then
-  ac_cv_func_getmsg=no
-else
-  cat > conftest.$ac_ext <<EOF
-#line 8397 "configure"
-#include "confdefs.h"
-
-#include <stdio.h>
-
-int main()
-{
-  getmsg(open("/dev/null", 0), NULL, NULL, NULL);
-  return 0;
-}
-
-EOF
-if { (eval echo configure:8409: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
-then
-  ac_cv_func_getmsg=yes
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -fr conftest*
-  ac_cv_func_getmsg=no
-fi
-rm -fr conftest*
-fi
-
-fi
-
-echo "$ac_t""$ac_cv_func_getmsg" 1>&6
-test "$ac_cv_func_getmsg" = "yes" &&
-cat >> confdefs.h <<\EOF
-#define HAVE_GETMSG 1
-EOF
-
-
-
-save_LIBS="$LIBS"
-LIBS="$LIB_DBM $LIBS"
-echo $ac_n "checking for berkeley db""... $ac_c" 1>&6
-echo "configure:8434: checking for berkeley db" >&5
-if eval "test \"`echo '$''{'krb_cv_lib_berkeleydb'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  if test "$cross_compiling" = yes; then
-  krb_cv_lib_berkeleydb=no
-else
-  cat > conftest.$ac_ext <<EOF
-#line 8442 "configure"
-#include "confdefs.h"
-
-#include <unistd.h>
-#include <fcntl.h>
-#include <ndbm.h>
-int main()
-{
-  DBM *d;
-
-  d = dbm_open("conftest", O_RDWR | O_CREAT, 0666);
-  if(d == NULL)
-    return 1;
-  dbm_close(d);
-  return access("conftest.db", F_OK) != 0;
-}
-EOF
-if { (eval echo configure:8459: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
-then
-  krb_cv_lib_berkeleydb=yes
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -fr conftest*
-  krb_cv_lib_berkeleydb=no
-fi
-rm -fr conftest*
-fi
-
-fi
-
-echo "$ac_t""$krb_cv_lib_berkeleydb" 1>&6
-test "$krb_cv_lib_berkeleydb" = "yes" &&
-cat >> confdefs.h <<\EOF
-#define HAVE_NEW_DB 1
-EOF
-
-LIBS="$save_LIBS"
-
-
-
-
-echo $ac_n "checking for el_init""... $ac_c" 1>&6
-echo "configure:8485: checking for el_init" >&5
-if eval "test \"`echo '$''{'ac_cv_funclib_el_init'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-if eval "test \"\$ac_cv_func_el_init\" != yes" ; then
-	ac_save_LIBS="$LIBS"
-	for ac_lib in "" edit; do
-		if test -n "$ac_lib"; then 
-			ac_lib="-l$ac_lib"
-			LIBS="$ac_lib $ac_save_LIBS"
-		fi
-		cat > conftest.$ac_ext <<EOF
-#line 8498 "configure"
-#include "confdefs.h"
-
-int main() {
-el_init()
-; return 0; }
-EOF
-if { (eval echo configure:8505: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "if test -n \"$ac_lib\";then ac_cv_funclib_el_init=$ac_lib; else ac_cv_funclib_el_init=yes; fi";break
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-fi
-rm -f conftest*
-	done
-	eval "ac_cv_funclib_el_init=\${ac_cv_funclib_el_init-no}"
-	LIBS="$ac_save_LIBS"
-fi
-
-fi
-
-
-eval "ac_res=\$ac_cv_funclib_el_init"
-
-# autoheader tricks *sigh*
-: << END
-@@@funcs="$funcs el_init"@@@
-@@@libs="$libs edit"@@@
-END
-
-eval "ac_tr_func=HAVE_`echo el_init | tr '[a-z]' '[A-Z]'`"
-eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr '[a-z]' '[A-Z]'`"
-eval "LIB_el_init=$ac_res"
-
-case "$ac_res" in
-	yes)
-	eval "ac_cv_func_el_init=yes"
-	eval "LIB_el_init="
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	echo "$ac_t""yes" 1>&6
-	;;
-	no)
-	eval "ac_cv_func_el_init=no"
-	eval "LIB_el_init="
-	echo "$ac_t""no" 1>&6
-	;;
-	*)
-	eval "ac_cv_func_el_init=yes"
-	eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes"
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	cat >> confdefs.h <<EOF
-#define $ac_tr_lib 1
-EOF
-
-	echo "$ac_t""yes, in $ac_res" 1>&6
-	;;
-esac
-
-
-
-
-echo $ac_n "checking for readline""... $ac_c" 1>&6
-echo "configure:8567: checking for readline" >&5
-if eval "test \"`echo '$''{'ac_cv_funclib_readline'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  
-if eval "test \"\$ac_cv_func_readline\" != yes" ; then
-	ac_save_LIBS="$LIBS"
-	for ac_lib in "" readline; do
-		if test -n "$ac_lib"; then 
-			ac_lib="-l$ac_lib"
-			LIBS="$ac_lib $ac_save_LIBS"
-		fi
-		cat > conftest.$ac_ext <<EOF
-#line 8580 "configure"
-#include "confdefs.h"
-
-int main() {
-readline()
-; return 0; }
-EOF
-if { (eval echo configure:8587: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
-  rm -rf conftest*
-  eval "if test -n \"$ac_lib\";then ac_cv_funclib_readline=$ac_lib; else ac_cv_funclib_readline=yes; fi";break
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-fi
-rm -f conftest*
-	done
-	eval "ac_cv_funclib_readline=\${ac_cv_funclib_readline-no}"
-	LIBS="$ac_save_LIBS"
-fi
-
-fi
-
-
-eval "ac_res=\$ac_cv_funclib_readline"
-
-# autoheader tricks *sigh*
-: << END
-@@@funcs="$funcs readline"@@@
-@@@libs="$libs readline"@@@
-END
-
-eval "ac_tr_func=HAVE_`echo readline | tr '[a-z]' '[A-Z]'`"
-eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr '[a-z]' '[A-Z]'`"
-eval "LIB_readline=$ac_res"
-
-case "$ac_res" in
-	yes)
-	eval "ac_cv_func_readline=yes"
-	eval "LIB_readline="
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	echo "$ac_t""yes" 1>&6
-	;;
-	no)
-	eval "ac_cv_func_readline=no"
-	eval "LIB_readline="
-	echo "$ac_t""no" 1>&6
-	;;
-	*)
-	eval "ac_cv_func_readline=yes"
-	eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes"
-	cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-	cat >> confdefs.h <<EOF
-#define $ac_tr_lib 1
-EOF
-
-	echo "$ac_t""yes, in $ac_res" 1>&6
-	;;
-esac
-
-
-
-if test "$with_readline"; then
-	cat >> confdefs.h <<\EOF
-#define HAVE_READLINE 1
-EOF
-
-	editline_OBJS=
-	LIB_readline="$READLINELIB "'$(LIB_tgetent)'
-	INCLUDE_readline="$READLINEINCLUDE"
-elif test "$ac_cv_func_el_init" = yes; then
-	cat >> confdefs.h <<\EOF
-#define HAVE_READLINE 1
-EOF
-
-
-	editline_OBJS=edit_compat.o
-	LIB_readline='-L$(topdir)/lib/editline -leditline '"$LIB_el_init"' $(LIB_tgetent)'
-
-	INCLUDE_readline='-I$(topdir)/lib/editline -I$(top_srcdir)/lib/editline'
-elif test "$ac_cv_func_readline" = yes; then
-	cat >> confdefs.h <<\EOF
-#define HAVE_READLINE 1
-EOF
-
-	editline_OBJS=
-	LIB_readline='-lreadline $(LIB_tgetent)'
-	INCLUDE_readline=
-else
-	cat >> confdefs.h <<\EOF
-#define HAVE_READLINE 1
-EOF
-
-	editline_OBJS="editline.o complete.o sysunix.o"
-	LIB_readline='-L$(topdir)/lib/editline -leditline $(LIB_tgetent)'
-	INCLUDE_readline='-I$(topdir)/lib/editline -I$(top_srcdir)/lib/editline'
-fi
-
-
-
-
-
-cat >> confdefs.h <<\EOF
-#define AUTHENTICATION 1
-EOF
-cat >> confdefs.h <<\EOF
-#define KRB4 1
-EOF
-cat >> confdefs.h <<\EOF
-#define ENCRYPTION 1
-EOF
-cat >> confdefs.h <<\EOF
-#define DES_ENCRYPTION 1
-EOF
-cat >> confdefs.h <<\EOF
-#define DIAGNOSTICS 1
-EOF
-cat >> confdefs.h <<\EOF
-#define OLD_ENVIRON 1
-EOF
-
-# Simple test for streamspty, based on the existance of getmsg(), alas
-# this breaks on SunOS4 which have streams but BSD-like ptys
-#
-# And also something wierd has happend with dec-osf1, fallback to bsd-ptys
-
-echo $ac_n "checking for streamspty""... $ac_c" 1>&6
-echo "configure:8712: checking for streamspty" >&5
-case "`uname -sr`" in
-SunOS\ 4*|OSF1*|IRIX\ 4*|HP-UX\ ?.10.*)
-	krb_cv_sys_streamspty=no
-	;;
-AIX*)
-	os_rel=`uname -v`.`uname -r`
-	if expr "$os_rel" : "3*" >/dev/null 2>&1; then
-		krb_cv_sys_streamspty=no
-	else
-		krb_cv_sys_streamspty="$ac_cv_func_getmsg"
-	fi
-	;;
-*)
-	krb_cv_sys_streamspty="$ac_cv_func_getmsg"
-	;;
-esac
-if test "$krb_cv_sys_streamspty" = yes; then
-	cat >> confdefs.h <<\EOF
-#define STREAMSPTY 1
-EOF
-
-fi
-echo "$ac_t""$krb_cv_sys_streamspty" 1>&6
-
-echo $ac_n "checking if /bin/ls takes -A""... $ac_c" 1>&6
-echo "configure:8738: checking if /bin/ls takes -A" >&5
-if /bin/ls -A > /dev/null 2>&1 ;then
-	cat >> confdefs.h <<\EOF
-#define HAVE_LS_A 1
-EOF
-
-	krb_ls_a=yes
-else
-	krb_ls_a=no
-fi
-echo "$ac_t""$krb_ls_a" 1>&6
-	
-echo $ac_n "checking for suffix of preformatted manual pages""... $ac_c" 1>&6
-echo "configure:8751: checking for suffix of preformatted manual pages" >&5
-if eval "test \"`echo '$''{'krb_cv_sys_cat_suffix'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  if grep _version /etc/man.conf > /dev/null 2>&1; then
-	krb_cv_sys_cat_suffix=0
-else
-	krb_cv_sys_cat_suffix=number
-fi
-fi
-
-echo "$ac_t""$krb_cv_sys_cat_suffix" 1>&6
-if test "$krb_cv_sys_cat_suffix" = number; then
-		CATSUFFIX='$$s'
-else
-		CATSUFFIX=0
-fi
-
-
-
-KRB_KAFS_LIB='-L$(topdir)/lib/kafs -lkafs'
-if test "$krb_cv_sys_aix" = yes; then
-	KRB_KAFS_LIB="$KRB_KAFS_LIB -lld"
-fi
-
-
-
-
-test "x$prefix" = xNONE && prefix=$ac_default_prefix
-test "x$exec_prefix" = xNONE && exec_prefix='${prefix}'
-
-for i in bin lib libexec sbin; do
-	i=${i}dir
-	foo=`echo $i | tr 'xindiscernible' 'XINDISCERNIBLE'`
-	x="\$${i}"
-	eval y="$x"
-	while test "x$y" != "x$x"; do
-		x="$y"
-		eval y="$x"
-	done
-	cat >> confdefs.h <<EOF
-#define $foo "$x"
-EOF
-
-done
-
-trap '' 1 2 15
-cat > confcache <<\EOF
-# This file is a shell script that caches the results of configure
-# tests run on this system so they can be shared between configure
-# scripts and configure runs.  It is not useful on other systems.
-# If it contains results you don't want to keep, you may remove or edit it.
-#
-# By default, configure uses ./config.cache as the cache file,
-# creating it if it does not exist already.  You can give configure
-# the --cache-file=FILE option to use a different cache file; that is
-# what configure does when it calls configure scripts in
-# subdirectories, so they share the cache.
-# Giving --cache-file=/dev/null disables caching, for debugging configure.
-# config.status only pays attention to the cache file if you give it the
-# --recheck option to rerun configure.
-#
-EOF
-# The following way of writing the cache mishandles newlines in values,
-# but we know of no workaround that is simple, portable, and efficient.
-# So, don't put newlines in cache variables' values.
-# Ultrix sh set writes to stderr and can't be redirected directly,
-# and sets the high bit in the cache file unless we assign to the vars.
-(set) 2>&1 |
-  case `(ac_space=' '; set) 2>&1 | grep '^ac_space'` in
-  *ac_space=\ *)
-    # `set' does not quote correctly, so add quotes (double-quote substitution
-    # turns \\\\ into \\, and sed turns \\ into \).
-    sed -n \
-      -e "s/'/'\\\\''/g" \
-      -e "s/^\\([a-zA-Z0-9_]*_cv_[a-zA-Z0-9_]*\\)=\\(.*\\)/\\1=\${\\1='\\2'}/p"
-    ;;
-  *)
-    # `set' quotes correctly as required by POSIX, so do not add quotes.
-    sed -n -e 's/^\([a-zA-Z0-9_]*_cv_[a-zA-Z0-9_]*\)=\(.*\)/\1=${\1=\2}/p'
-    ;;
-  esac >> confcache
-if cmp -s $cache_file confcache; then
-  :
-else
-  if test -w $cache_file; then
-    echo "updating cache $cache_file"
-    cat confcache > $cache_file
-  else
-    echo "not updating unwritable cache $cache_file"
-  fi
-fi
-rm -f confcache
-
-trap 'rm -fr conftest* confdefs* core core.* *.core $ac_clean_files; exit 1' 1 2 15
-
-test "x$prefix" = xNONE && prefix=$ac_default_prefix
-# Let make expand exec_prefix.
-test "x$exec_prefix" = xNONE && exec_prefix='${prefix}'
-
-# Any assignment to VPATH causes Sun make to only execute
-# the first set of double-colon rules, so remove it if not needed.
-# If there is a colon in the path, we need to keep it.
-if test "x$srcdir" = x.; then
-  ac_vpsub='/^[ 	]*VPATH[ 	]*=[^:]*$/d'
-fi
-
-trap 'rm -f $CONFIG_STATUS conftest*; exit 1' 1 2 15
-
-DEFS=-DHAVE_CONFIG_H
-
-# Without the "./", some shells look in PATH for config.status.
-: ${CONFIG_STATUS=./config.status}
-
-echo creating $CONFIG_STATUS
-rm -f $CONFIG_STATUS
-cat > $CONFIG_STATUS <<EOF
-#! /bin/sh
-# Generated automatically by configure.
-# Run this file to recreate the current configuration.
-# This directory was configured as follows,
-# on host `(hostname || uname -n) 2>/dev/null | sed 1q`:
-#
-# $0 $ac_configure_args
-#
-# Compiler output produced by configure, useful for debugging
-# configure, is in ./config.log if it exists.
-
-ac_cs_usage="Usage: $CONFIG_STATUS [--recheck] [--version] [--help]"
-for ac_option
-do
-  case "\$ac_option" in
-  -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r)
-    echo "running \${CONFIG_SHELL-/bin/sh} $0 $ac_configure_args --no-create --no-recursion"
-    exec \${CONFIG_SHELL-/bin/sh} $0 $ac_configure_args --no-create --no-recursion ;;
-  -version | --version | --versio | --versi | --vers | --ver | --ve | --v)
-    echo "$CONFIG_STATUS generated by autoconf version 2.12"
-    exit 0 ;;
-  -help | --help | --hel | --he | --h)
-    echo "\$ac_cs_usage"; exit 0 ;;
-  *) echo "\$ac_cs_usage"; exit 1 ;;
-  esac
-done
-
-ac_given_srcdir=$srcdir
-ac_given_INSTALL="$INSTALL"
-
-trap 'rm -fr `echo "\
-Makefile 					\
-include/Makefile				\
-include/sys/Makefile				\
-						\
-util/Makefile					\
-util/et/Makefile				\
-						\
-man/Makefile					\
-						\
-lib/Makefile					\
-lib/des/Makefile				\
-lib/krb/Makefile				\
-lib/kdb/Makefile				\
-lib/kadm/Makefile				\
-lib/acl/Makefile				\
-lib/kafs/Makefile				\
-lib/roken/Makefile				\
-lib/otp/Makefile				\
-lib/sl/Makefile					\
-lib/editline/Makefile				\
-lib/auth/Makefile				\
-lib/auth/pam/Makefile				\
-lib/auth/sia/Makefile				\
-lib/auth/afskauthlib/Makefile			\
-						\
-kuser/Makefile					\
-server/Makefile					\
-slave/Makefile					\
-admin/Makefile					\
-kadmin/Makefile					\
-						\
-appl/Makefile					\
-						\
-appl/afsutil/Makefile 				\
-appl/ftp/Makefile				\
-appl/ftp/common/Makefile			\
-appl/ftp/ftp/Makefile				\
-appl/ftp/ftpd/Makefile				\
-appl/telnet/Makefile				\
-appl/telnet/libtelnet/Makefile			\
-appl/telnet/telnet/Makefile			\
-appl/telnet/telnetd/Makefile			\
-appl/bsd/Makefile 				\
-appl/kauth/Makefile				\
-appl/kpopper/Makefile				\
-appl/movemail/Makefile				\
-appl/sample/Makefile				\
-appl/xnlock/Makefile				\
-appl/kx/Makefile				\
-appl/kip/Makefile				\
-appl/otp/Makefile				\
-doc/Makefile					\
- include/config.h" | sed "s/:[^ ]*//g"` conftest*; exit 1' 1 2 15
-EOF
-cat >> $CONFIG_STATUS <<EOF
-
-# Protect against being on the right side of a sed subst in config.status.
-sed 's/%@/@@/; s/@%/@@/; s/%g\$/@g/; /@g\$/s/[\\\\&%]/\\\\&/g;
- s/@@/%@/; s/@@/@%/; s/@g\$/%g/' > conftest.subs <<\\CEOF
-$ac_vpsub
-$extrasub
-s%@CFLAGS@%$CFLAGS%g
-s%@CPPFLAGS@%$CPPFLAGS%g
-s%@CXXFLAGS@%$CXXFLAGS%g
-s%@DEFS@%$DEFS%g
-s%@LDFLAGS@%$LDFLAGS%g
-s%@LIBS@%$LIBS%g
-s%@exec_prefix@%$exec_prefix%g
-s%@prefix@%$prefix%g
-s%@program_transform_name@%$program_transform_name%g
-s%@bindir@%$bindir%g
-s%@sbindir@%$sbindir%g
-s%@libexecdir@%$libexecdir%g
-s%@datadir@%$datadir%g
-s%@sysconfdir@%$sysconfdir%g
-s%@sharedstatedir@%$sharedstatedir%g
-s%@localstatedir@%$localstatedir%g
-s%@libdir@%$libdir%g
-s%@includedir@%$includedir%g
-s%@oldincludedir@%$oldincludedir%g
-s%@infodir@%$infodir%g
-s%@mandir@%$mandir%g
-s%@PACKAGE@%$PACKAGE%g
-s%@VERSION@%$VERSION%g
-s%@host@%$host%g
-s%@host_alias@%$host_alias%g
-s%@host_cpu@%$host_cpu%g
-s%@host_vendor@%$host_vendor%g
-s%@host_os@%$host_os%g
-s%@SET_MAKE@%$SET_MAKE%g
-s%@LN_S@%$LN_S%g
-s%@CC@%$CC%g
-s%@CPP@%$CPP%g
-s%@YACC@%$YACC%g
-s%@LEX@%$LEX%g
-s%@LEXLIB@%$LEXLIB%g
-s%@RANLIB@%$RANLIB%g
-s%@INSTALL_PROGRAM@%$INSTALL_PROGRAM%g
-s%@INSTALL_DATA@%$INSTALL_DATA%g
-s%@MAKEINFO@%$MAKEINFO%g
-s%@SOCKSINCLUDE@%$SOCKSINCLUDE%g
-s%@SOCKSLIB@%$SOCKSLIB%g
-s%@CRACKLIB@%$CRACKLIB%g
-s%@READLINEINCLUDE@%$READLINEINCLUDE%g
-s%@READLINELIB@%$READLINELIB%g
-s%@REAL_PICFLAGS@%$REAL_PICFLAGS%g
-s%@REAL_SHLIBEXT@%$REAL_SHLIBEXT%g
-s%@REAL_LD_FLAGS@%$REAL_LD_FLAGS%g
-s%@PICFLAGS@%$PICFLAGS%g
-s%@SHLIBEXT@%$SHLIBEXT%g
-s%@LDSHARED@%$LDSHARED%g
-s%@LD_FLAGS@%$LD_FLAGS%g
-s%@LIBEXT@%$LIBEXT%g
-s%@LIBPREFIX@%$LIBPREFIX%g
-s%@EXECSUFFIX@%$EXECSUFFIX%g
-s%@AFS_EXTRA_OBJS@%$AFS_EXTRA_OBJS%g
-s%@AFS_EXTRA_LIBS@%$AFS_EXTRA_LIBS%g
-s%@ac_cv_header_sys_cdefs_h@%$ac_cv_header_sys_cdefs_h%g
-s%@ac_cv_header_err_h@%$ac_cv_header_err_h%g
-s%@LIB_socket@%$LIB_socket%g
-s%@LIB_gethostbyname@%$LIB_gethostbyname%g
-s%@LIB_odm_initialize@%$LIB_odm_initialize%g
-s%@LIB_getattr@%$LIB_getattr%g
-s%@LIB_setpcred@%$LIB_setpcred%g
-s%@LIB_logwtmp@%$LIB_logwtmp%g
-s%@LIB_logout@%$LIB_logout%g
-s%@LIB_tgetent@%$LIB_tgetent%g
-s%@X_CFLAGS@%$X_CFLAGS%g
-s%@X_PRE_LIBS@%$X_PRE_LIBS%g
-s%@X_LIBS@%$X_LIBS%g
-s%@X_EXTRA_LIBS@%$X_EXTRA_LIBS%g
-s%@MAKE_X_PROGS_BIN@%$MAKE_X_PROGS_BIN%g
-s%@MAKE_X_PROGS_LIBEXEC@%$MAKE_X_PROGS_LIBEXEC%g
-s%@LIB_XauReadAuth@%$LIB_XauReadAuth%g
-s%@XauWriteAuth_c@%$XauWriteAuth_c%g
-s%@XauWriteAuth_o@%$XauWriteAuth_o%g
-s%@LIB_dbopen@%$LIB_dbopen%g
-s%@LIB_dbm_firstkey@%$LIB_dbm_firstkey%g
-s%@LIB_DBM@%$LIB_DBM%g
-s%@LIB_syslog@%$LIB_syslog%g
-s%@LIB_getpwnam_r@%$LIB_getpwnam_r%g
-s%@LIB_getsockopt@%$LIB_getsockopt%g
-s%@LIB_setsockopt@%$LIB_setsockopt%g
-s%@LIB_res_search@%$LIB_res_search%g
-s%@LIB_dn_expand@%$LIB_dn_expand%g
-s%@ALLOCA@%$ALLOCA%g
-s%@LIB_hstrerror@%$LIB_hstrerror%g
-s%@LIBOBJS@%$LIBOBJS%g
-s%@LIB_AUTH_SUBDIRS@%$LIB_AUTH_SUBDIRS%g
-s%@APPL_KIP_DIR@%$APPL_KIP_DIR%g
-s%@LIB_el_init@%$LIB_el_init%g
-s%@LIB_readline@%$LIB_readline%g
-s%@INCLUDE_readline@%$INCLUDE_readline%g
-s%@editline_OBJS@%$editline_OBJS%g
-s%@CATSUFFIX@%$CATSUFFIX%g
-s%@KRB_KAFS_LIB@%$KRB_KAFS_LIB%g
-
-CEOF
-EOF
-
-cat >> $CONFIG_STATUS <<\EOF
-
-# Split the substitutions into bite-sized pieces for seds with
-# small command number limits, like on Digital OSF/1 and HP-UX.
-ac_max_sed_cmds=90 # Maximum number of lines to put in a sed script.
-ac_file=1 # Number of current file.
-ac_beg=1 # First line for current file.
-ac_end=$ac_max_sed_cmds # Line after last line for current file.
-ac_more_lines=:
-ac_sed_cmds=""
-while $ac_more_lines; do
-  if test $ac_beg -gt 1; then
-    sed "1,${ac_beg}d; ${ac_end}q" conftest.subs > conftest.s$ac_file
-  else
-    sed "${ac_end}q" conftest.subs > conftest.s$ac_file
-  fi
-  if test ! -s conftest.s$ac_file; then
-    ac_more_lines=false
-    rm -f conftest.s$ac_file
-  else
-    if test -z "$ac_sed_cmds"; then
-      ac_sed_cmds="sed -f conftest.s$ac_file"
-    else
-      ac_sed_cmds="$ac_sed_cmds | sed -f conftest.s$ac_file"
-    fi
-    ac_file=`expr $ac_file + 1`
-    ac_beg=$ac_end
-    ac_end=`expr $ac_end + $ac_max_sed_cmds`
-  fi
-done
-if test -z "$ac_sed_cmds"; then
-  ac_sed_cmds=cat
-fi
-EOF
-
-cat >> $CONFIG_STATUS <<EOF
-
-CONFIG_FILES=\${CONFIG_FILES-"\
-Makefile 					\
-include/Makefile				\
-include/sys/Makefile				\
-						\
-util/Makefile					\
-util/et/Makefile				\
-						\
-man/Makefile					\
-						\
-lib/Makefile					\
-lib/des/Makefile				\
-lib/krb/Makefile				\
-lib/kdb/Makefile				\
-lib/kadm/Makefile				\
-lib/acl/Makefile				\
-lib/kafs/Makefile				\
-lib/roken/Makefile				\
-lib/otp/Makefile				\
-lib/sl/Makefile					\
-lib/editline/Makefile				\
-lib/auth/Makefile				\
-lib/auth/pam/Makefile				\
-lib/auth/sia/Makefile				\
-lib/auth/afskauthlib/Makefile			\
-						\
-kuser/Makefile					\
-server/Makefile					\
-slave/Makefile					\
-admin/Makefile					\
-kadmin/Makefile					\
-						\
-appl/Makefile					\
-						\
-appl/afsutil/Makefile 				\
-appl/ftp/Makefile				\
-appl/ftp/common/Makefile			\
-appl/ftp/ftp/Makefile				\
-appl/ftp/ftpd/Makefile				\
-appl/telnet/Makefile				\
-appl/telnet/libtelnet/Makefile			\
-appl/telnet/telnet/Makefile			\
-appl/telnet/telnetd/Makefile			\
-appl/bsd/Makefile 				\
-appl/kauth/Makefile				\
-appl/kpopper/Makefile				\
-appl/movemail/Makefile				\
-appl/sample/Makefile				\
-appl/xnlock/Makefile				\
-appl/kx/Makefile				\
-appl/kip/Makefile				\
-appl/otp/Makefile				\
-doc/Makefile					\
-"}
-EOF
-cat >> $CONFIG_STATUS <<\EOF
-for ac_file in .. $CONFIG_FILES; do if test "x$ac_file" != x..; then
-  # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in".
-  case "$ac_file" in
-  *:*) ac_file_in=`echo "$ac_file"|sed 's%[^:]*:%%'`
-       ac_file=`echo "$ac_file"|sed 's%:.*%%'` ;;
-  *) ac_file_in="${ac_file}.in" ;;
-  esac
-
-  # Adjust a relative srcdir, top_srcdir, and INSTALL for subdirectories.
-
-  # Remove last slash and all that follows it.  Not all systems have dirname.
-  ac_dir=`echo $ac_file|sed 's%/[^/][^/]*$%%'`
-  if test "$ac_dir" != "$ac_file" && test "$ac_dir" != .; then
-    # The file is in a subdirectory.
-    test ! -d "$ac_dir" && mkdir "$ac_dir"
-    ac_dir_suffix="/`echo $ac_dir|sed 's%^\./%%'`"
-    # A "../" for each directory in $ac_dir_suffix.
-    ac_dots=`echo $ac_dir_suffix|sed 's%/[^/]*%../%g'`
-  else
-    ac_dir_suffix= ac_dots=
-  fi
-
-  case "$ac_given_srcdir" in
-  .)  srcdir=.
-      if test -z "$ac_dots"; then top_srcdir=.
-      else top_srcdir=`echo $ac_dots|sed 's%/$%%'`; fi ;;
-  /*) srcdir="$ac_given_srcdir$ac_dir_suffix"; top_srcdir="$ac_given_srcdir" ;;
-  *) # Relative path.
-    srcdir="$ac_dots$ac_given_srcdir$ac_dir_suffix"
-    top_srcdir="$ac_dots$ac_given_srcdir" ;;
-  esac
-
-  case "$ac_given_INSTALL" in
-  [/$]*) INSTALL="$ac_given_INSTALL" ;;
-  *) INSTALL="$ac_dots$ac_given_INSTALL" ;;
-  esac
-
-  echo creating "$ac_file"
-  rm -f "$ac_file"
-  configure_input="Generated automatically from `echo $ac_file_in|sed 's%.*/%%'` by configure."
-  case "$ac_file" in
-  *Makefile*) ac_comsub="1i\\
-# $configure_input" ;;
-  *) ac_comsub= ;;
-  esac
-
-  ac_file_inputs=`echo $ac_file_in|sed -e "s%^%$ac_given_srcdir/%" -e "s%:% $ac_given_srcdir/%g"`
-  sed -e "$ac_comsub
-s%@configure_input@%$configure_input%g
-s%@srcdir@%$srcdir%g
-s%@top_srcdir@%$top_srcdir%g
-s%@INSTALL@%$INSTALL%g
-" $ac_file_inputs | (eval "$ac_sed_cmds") > $ac_file
-fi; done
-rm -f conftest.s*
-
-# These sed commands are passed to sed as "A NAME B NAME C VALUE D", where
-# NAME is the cpp macro being defined and VALUE is the value it is being given.
-#
-# ac_d sets the value in "#define NAME VALUE" lines.
-ac_dA='s%^\([ 	]*\)#\([ 	]*define[ 	][ 	]*\)'
-ac_dB='\([ 	][ 	]*\)[^ 	]*%\1#\2'
-ac_dC='\3'
-ac_dD='%g'
-# ac_u turns "#undef NAME" with trailing blanks into "#define NAME VALUE".
-ac_uA='s%^\([ 	]*\)#\([ 	]*\)undef\([ 	][ 	]*\)'
-ac_uB='\([ 	]\)%\1#\2define\3'
-ac_uC=' '
-ac_uD='\4%g'
-# ac_e turns "#undef NAME" without trailing blanks into "#define NAME VALUE".
-ac_eA='s%^\([ 	]*\)#\([ 	]*\)undef\([ 	][ 	]*\)'
-ac_eB='$%\1#\2define\3'
-ac_eC=' '
-ac_eD='%g'
-
-if test "${CONFIG_HEADERS+set}" != set; then
-EOF
-cat >> $CONFIG_STATUS <<EOF
-  CONFIG_HEADERS="include/config.h"
-EOF
-cat >> $CONFIG_STATUS <<\EOF
-fi
-for ac_file in .. $CONFIG_HEADERS; do if test "x$ac_file" != x..; then
-  # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in".
-  case "$ac_file" in
-  *:*) ac_file_in=`echo "$ac_file"|sed 's%[^:]*:%%'`
-       ac_file=`echo "$ac_file"|sed 's%:.*%%'` ;;
-  *) ac_file_in="${ac_file}.in" ;;
-  esac
-
-  echo creating $ac_file
-
-  rm -f conftest.frag conftest.in conftest.out
-  ac_file_inputs=`echo $ac_file_in|sed -e "s%^%$ac_given_srcdir/%" -e "s%:% $ac_given_srcdir/%g"`
-  cat $ac_file_inputs > conftest.in
-
-EOF
-
-# Transform confdefs.h into a sed script conftest.vals that substitutes
-# the proper values into config.h.in to produce config.h.  And first:
-# Protect against being on the right side of a sed subst in config.status.
-# Protect against being in an unquoted here document in config.status.
-rm -f conftest.vals
-cat > conftest.hdr <<\EOF
-s/[\\&%]/\\&/g
-s%[\\$`]%\\&%g
-s%#define \([A-Za-z_][A-Za-z0-9_]*\) *\(.*\)%${ac_dA}\1${ac_dB}\1${ac_dC}\2${ac_dD}%gp
-s%ac_d%ac_u%gp
-s%ac_u%ac_e%gp
-EOF
-sed -n -f conftest.hdr confdefs.h > conftest.vals
-rm -f conftest.hdr
-
-# This sed command replaces #undef with comments.  This is necessary, for
-# example, in the case of _POSIX_SOURCE, which is predefined and required
-# on some systems where configure will not decide to define it.
-cat >> conftest.vals <<\EOF
-s%^[ 	]*#[ 	]*undef[ 	][ 	]*[a-zA-Z_][a-zA-Z_0-9]*%/* & */%
-EOF
-
-# Break up conftest.vals because some shells have a limit on
-# the size of here documents, and old seds have small limits too.
-
-rm -f conftest.tail
-while :
-do
-  ac_lines=`grep -c . conftest.vals`
-  # grep -c gives empty output for an empty file on some AIX systems.
-  if test -z "$ac_lines" || test "$ac_lines" -eq 0; then break; fi
-  # Write a limited-size here document to conftest.frag.
-  echo '  cat > conftest.frag <<CEOF' >> $CONFIG_STATUS
-  sed ${ac_max_here_lines}q conftest.vals >> $CONFIG_STATUS
-  echo 'CEOF
-  sed -f conftest.frag conftest.in > conftest.out
-  rm -f conftest.in
-  mv conftest.out conftest.in
-' >> $CONFIG_STATUS
-  sed 1,${ac_max_here_lines}d conftest.vals > conftest.tail
-  rm -f conftest.vals
-  mv conftest.tail conftest.vals
-done
-rm -f conftest.vals
-
-cat >> $CONFIG_STATUS <<\EOF
-  rm -f conftest.frag conftest.h
-  echo "/* $ac_file.  Generated automatically by configure.  */" > conftest.h
-  cat conftest.in >> conftest.h
-  rm -f conftest.in
-  if cmp -s $ac_file conftest.h 2>/dev/null; then
-    echo "$ac_file is unchanged"
-    rm -f conftest.h
-  else
-    # Remove last slash and all that follows it.  Not all systems have dirname.
-      ac_dir=`echo $ac_file|sed 's%/[^/][^/]*$%%'`
-      if test "$ac_dir" != "$ac_file" && test "$ac_dir" != .; then
-      # The file is in a subdirectory.
-      test ! -d "$ac_dir" && mkdir "$ac_dir"
-    fi
-    rm -f $ac_file
-    mv conftest.h $ac_file
-  fi
-fi; done
-
-EOF
-cat >> $CONFIG_STATUS <<EOF
-
-EOF
-cat >> $CONFIG_STATUS <<\EOF
-
-exit 0
-EOF
-chmod +x $CONFIG_STATUS
-rm -fr confdefs* $ac_clean_files
-test "$no_create" = yes || ${CONFIG_SHELL-/bin/sh} $CONFIG_STATUS || exit 1
- 
-KRB4VERSION="$PACKAGE-$VERSION"
-
-cat > include/newversion.h.in <<EOF
-char *krb4_long_version = "@(#)\$Version: $KRB4VERSION by @USER@ on @HOST@ ($host) @DATE@ \$";
-char *krb4_version = "$KRB4VERSION";
-EOF
-
-if test -f include/version.h && cmp -s include/newversion.h.in include/version.h.in; then
-	echo "include/version.h is unchanged"
-	rm -f include/newversion.h.in
-else
- 	echo "creating include/version.h"
- 	User=${USER-${LOGNAME}}
- 	Host=`(hostname || uname -n) 2>/dev/null | sed 1q`
- 	Date=`date`
-	mv -f include/newversion.h.in include/version.h.in
-	sed -e "s/@USER@/$User/" -e "s/@HOST@/$Host/" -e "s/@DATE@/$Date/" include/version.h.in > include/version.h
-fi
diff --git a/crypto/kerberosIV/configure.in b/crypto/kerberosIV/configure.in
deleted file mode 100644
index 9265666139fc..000000000000
--- a/crypto/kerberosIV/configure.in
+++ /dev/null
@@ -1,970 +0,0 @@
-dnl
-dnl *** PLEASE NOTE ***
-dnl *** PLEASE NOTE ***
-dnl *** PLEASE NOTE ***
-dnl
-dnl Update $VERSION before making a new release
-dnl
-
-dnl Process this file with autoconf to produce a configure script.
-dnl
-AC_REVISION($Revision: 1.285 $)
-AC_INIT(lib/krb/getrealm.c)
-AC_CONFIG_HEADER(include/config.h)
-
-dnl
-dnl definitions
-dnl
-
-PACKAGE=krb4
-AC_SUBST(PACKAGE)dnl
-VERSION=0.9.6
-AC_SUBST(VERSION)dnl
-# This may be overridden using --prefix=/usr to configure
-AC_PREFIX_DEFAULT(/usr/athena)
-
-AC_CANONICAL_HOST
-AC_PROG_MAKE_SET
-AC_ARG_PROGRAM
-
-# We want these before the checks, so the checks can modify their values.
-test -z "$LDFLAGS" && LDFLAGS=-g
-
-dnl
-dnl check for programs
-dnl
-
-AC_KRB_PROG_LN_S
-AC_PROG_CC
-AC_PROG_CPP
-AC_ISC_POSIX
-AC_KRB_PROG_YACC
-AC_PROG_LEX
-AC_PROG_RANLIB
-AC_PROG_INSTALL
-AC_CHECK_PROG(MAKEINFO, makeinfo, makeinfo, :)
-
-dnl
-dnl check for build options
-dnl
-
-AC_TEST_PACKAGE(socks,socks.h,libsocks5.a,-lsocks5)
-CFLAGS="$SOCKSINCLUDE $CFLAGS"
-LIBS="$SOCKSLIB $LIBS"
-
-dnl Check if we want to use shared libraries
-AC_ARG_WITH(shared,
-[  --with-shared           create shared libraries for Kerberos])
-
-AC_ARG_WITH(cracklib,
-[  --with-cracklib=dir     use the cracklib.a in dir],
-)
-
-AC_ARG_WITH(dictpath,
-[  --with-dictpath=path    use this dictionary with cracklib]
-)
-
-(test -z "$with_cracklib" && test -n "$with_dictpath") ||
-(test -n "$with_cracklib" && test -z "$with_dictpath") &&
-AC_MSG_ERROR(--with-cracklib requires --with-dictpath and vice versa)
-test -n "$with_cracklib" &&
-CRACKLIB="-L$with_cracklib -lcrack" &&
-AC_MSG_RESULT(Using cracklib in $with_cracklib)
-AC_SUBST(CRACKLIB)dnl
-test -n "$with_dictpath" &&
-AC_MSG_RESULT(Using dictpath=$with_dictpath) &&
-AC_DEFINE_UNQUOTED(DICTPATH,"$with_dictpath")
-
-AC_ARG_WITH(mailspool,
-[  --with-mailspool=dir    this is the mail spool directory]
-)
-
-test -n "$with_mailspool" &&
-AC_DEFINE_UNQUOTED(KRB4_MAILDIR, "$with_mailspool")
-
-AC_ARG_ENABLE(random-mkey,
-[  --enable-random-mkey    use new code for master keys],[
-if test "$enableval" = "yes"; then
-	AC_DEFINE(RANDOM_MKEY,1)
-fi
-])
-
-AC_ARG_WITH(mkey,
-[  --with-mkey=file        where to put the master key],[
-if test -n "$withval"; then
-	AC_DEFINE_UNQUOTED(MKEYFILE,"$withval")
-fi
-])
-
-berkeley_db=db
-AC_ARG_WITH(berkeley-db,
-[  --without-berkeley-db   if you don't want berkeley db],[
-if test "$withval" = no; then
-	berkeley_db=""
-fi
-])
-
-afs_support=yes
-AC_ARG_WITH(afs-support,
-[  --without-afs-support   if you don't want support for afs],[
-if test "$withval" = no; then
-	AC_DEFINE(NO_AFS)
-	afs_support=no
-fi
-])
-
-des_quad=guess
-AC_ARG_WITH(des-quad-checksum,
-[  --with-des-quad-checksum=kind
-                           default checksum to use (new, old, or guess)],[
-des_quad="$withval"
-])
-if test "$des_quad" = "new"; then
-	AC_DEFINE(DES_QUAD_DEFAULT,DES_QUAD_NEW)
-elif test "$des_quad" = "old"; then
-	AC_DEFINE(DES_QUAD_DEFAULT,DES_QUAD_OLD)
-else
-	AC_DEFINE(DES_QUAD_DEFAULT,DES_QUAD_GUESS)
-fi	
-
-AC_TEST_PACKAGE(readline,readline.h,libreadline.a,-lreadline)
-
-dnl
-dnl Shared library stuff has to be different everywhere
-dnl
-
-AC_SUBST(CFLAGS)dnl
-AC_SUBST(LDFLAGS)dnl
-
-case ${with_shared} in
-  yes ) with_shared=yes;;
-  no  ) with_shared=no;;
-  *   ) with_shared=no;;
-esac
-
-# NOTE: Building shared libraries may not work if you do not use gcc!
-#
-# OS		$SHLIBEXT
-# HP-UX		sl
-# Linux		so
-# NetBSD	so
-# FreeBSD	so
-# OSF		so
-# SunOS5	so
-# SunOS4	so.0.5
-# Irix		so
-#
-# LIBEXT is the extension we should build (.a or $SHLIBEXT)
-REAL_PICFLAGS="-fpic"
-LDSHARED='$(CC) $(PICFLAGS) -shared'
-LIBPREFIX=lib
-REAL_SHLIBEXT=so
-changequote({,})dnl
-SHLIB_VERSION=`echo $VERSION | sed 's/\([0-9.]*\).*/\1/'`
-changequote([,])dnl
-case "${host}" in
-*-*-hpux*)
-	REAL_SHLIBEXT=sl
-	REAL_LD_FLAGS='-Wl,+b$(libdir)'
-	if test -z "$GCC"; then
-		LDSHARED="ld -b"
-		REAL_PICFLAGS="+z"
-	fi
-	;;
-*-*-linux*)
-	REAL_LD_FLAGS='-Wl,-rpath,$(libdir)'
-	;;
-*-*-*bsd*)
-	REAL_SHLIBEXT=so.$SHLIB_VERSION
-	LDSHARED='ld -Bshareable'
-	REAL_LD_FLAGS='-Wl,-R$(libdir)'
-	;;
-*-*-osf*)
-	REAL_LD_FLAGS='-Wl,-rpath,$(libdir)'
-	REAL_PICFLAGS=
-	LDSHARED='ld -shared -expect_unresolved \*'
-	;;
-*-*-solaris2*)
-	REAL_LD_FLAGS='-Wl,-R$(libdir)'
-	if test -z "$GCC"; then
-		LDSHARED='$(CC) -G'
-		REAL_PICFLAGS="-Kpic"
-	fi
-	;;
-*-*-sunos*)
-	REAL_SHLIBEXT=so.$SHLIB_VERSION
-	REAL_LD_FLAGS='-Wl,-L$(libdir)'
-	;;
-*-*-irix*)
-	REAL_LD_FLAGS='-Wl,-rpath,$(libdir)'
-	REAL_PICFLAGS=
-	;;
-*-*-os2_emx*)
-	LD_FLAGS='-Zexe'
-	LIBPREFIX=
-	EXECSUFFIX='.exe'
-	RANLIB=EMXOMF
-	REAL_SHLIBEXT=nobuild
-	;;
-*-*-cygwin32*)
-	EXECSUFFIX='.exe'
-	REAL_SHLIBEXT=nobuild
-	;;
-*)	REAL_SHLIBEXT=nobuild
-	REAL_PICFLAGS= 
-	;;
-esac
-
-if test "${with_shared}" != "yes" ; then 
- PICFLAGS=""
- SHLIBEXT="nobuild"
- LIBEXT="a"
-else
- PICFLAGS="$REAL_PICFLAGS"
- SHLIBEXT="$REAL_SHLIBEXT"
- LIBEXT="$SHLIBEXT"
- LD_FLAGS="$REAL_LD_FLAGS"
-fi
-
-AC_SUBST(REAL_PICFLAGS) dnl
-AC_SUBST(REAL_SHLIBEXT) dnl
-AC_SUBST(REAL_LD_FLAGS) dnl
-
-AC_SUBST(PICFLAGS) dnl
-AC_SUBST(SHLIBEXT) dnl
-AC_SUBST(LDSHARED) dnl
-AC_SUBST(LD_FLAGS) dnl
-AC_SUBST(LIBEXT) dnl
-AC_SUBST(LIBPREFIX) dnl
-AC_SUBST(EXECSUFFIX) dnl
-
-dnl
-dnl Check if we need to use weak-stuff
-dnl
-
-AC_HAVE_PRAGMA_WEAK
-
-dnl
-dnl Check for endian-ness, this breaks cross compilation
-dnl
-AC_C_BIGENDIAN
-
-dnl
-dnl Check for constness
-dnl
-AC_C_CONST
-
-dnl
-dnl Check for strange operating systems that you need to handle differently
-dnl
-
-AC_KRB_SYS_NEXTSTEP
-AC_KRB_SYS_AIX
-
-if test "$krb_cv_sys_aix" = yes ;then
-	AFS_EXTRA_OBJS='$(srcdir)/afsl.exp dlfcn.o'
-	AC_SUBST(AFS_EXTRA_OBJS)
-	AFS_EXTRA_LIBS=afslib.so
-	AC_SUBST(AFS_EXTRA_LIBS)
-fi
-
-#
-# AIX needs /lib/pse.exp for getmsg, but alas that file is broken in
-# AIX414
-#
-
-if test -f /lib/pse.exp ;then
-	LIBS="$LIBS -Wl,-bI:/lib/pse.exp"
-fi
-
-dnl
-dnl Various checks for headers and their contents
-dnl
-
-AC_HEADER_STDC
-
-AC_CHECK_HEADERS(arpa/ftp.h arpa/inet.h arpa/nameser.h)
-AC_CHECK_HEADERS(arpa/telnet.h bind/bitypes.h bsd/bsd.h bsdsetjmp.h)
-AC_CHECK_HEADERS(crypt.h dbm.h dirent.h err.h fcntl.h grp.h io.h)
-AC_CHECK_HEADERS(lastlog.h login.h maillock.h ndbm.h net/if.h)
-AC_CHECK_HEADERS(net/if_tun.h net/if_var.h netdb.h netinet/in.h)
-AC_CHECK_HEADERS(netinet/in6_machtypes.h netinet/in_systm.h)
-AC_CHECK_HEADERS(netinet/ip.h netinet/tcp.h paths.h pty.h pwd.h)
-AC_CHECK_HEADERS(resolv.h rpcsvc/dbm.h sac.h security/pam_modules.h)
-AC_CHECK_HEADERS(shadow.h siad.h signal.h stropts.h sys/bitypes.h)
-AC_CHECK_HEADERS(sys/category.h sys/cdefs.h sys/file.h sys/filio.h)
-AC_CHECK_HEADERS(sys/ioccom.h sys/ioctl.h sys/locking.h sys/mman.h)
-AC_CHECK_HEADERS(sys/param.h sys/proc.h sys/ptyio.h sys/ptyvar.h)
-AC_CHECK_HEADERS(sys/resource.h sys/select.h sys/socket.h)
-AC_CHECK_HEADERS(sys/sockio.h sys/stat.h sys/str_tty.h sys/stream.h)
-AC_CHECK_HEADERS(sys/stropts.h sys/strtty.h sys/syscall.h)
-AC_CHECK_HEADERS(sys/sysctl.h sys/termio.h sys/time.h sys/timeb.h)
-AC_CHECK_HEADERS(sys/times.h sys/tty.h sys/types.h sys/uio.h)
-AC_CHECK_HEADERS(sys/un.h sys/utsname.h sys/wait.h syslog.h)
-AC_CHECK_HEADERS(termio.h termios.h tmpdir.h ttyent.h udb.h ulimit.h)
-AC_CHECK_HEADERS(unistd.h userpw.h usersec.h util.h utime.h utmp.h)
-AC_CHECK_HEADERS(utmpx.h wait.h winsock.h)
-
-AC_HEADER_TIME
-AC_DECL_SYS_SIGLIST
-AC_SUBST(ac_cv_header_sys_cdefs_h)dnl
-AC_SUBST(ac_cv_header_err_h)dnl
-
-AC_GROK_TYPES(int8_t int16_t int32_t int64_t)
-AC_GROK_TYPES(u_int8_t u_int16_t u_int32_t u_int64_t)
-
-dnl
-dnl Various checks for libraries and their contents
-dnl
-
-dnl
-dnl System V is have misplaced the socket routines, should really be in libc
-dnl
-
-AC_FIND_FUNC(socket, socket,
-[#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif],
-[0,0,0])
-AC_FIND_FUNC(gethostbyname, nsl,
-[#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif],
-"foo")
-
-dnl
-dnl Horror AIX needs -lodm -lcfg to link login
-dnl
-
-AC_FIND_FUNC(odm_initialize, odm)
-AC_FIND_FUNC(getattr, cfg)
-AC_FIND_FUNC(setpcred, s)
-AC_FIND_FUNC(logwtmp, util)
-
-AC_FIND_FUNC(logout, util)
-AC_FIND_FUNC_NO_LIBS(tgetent, termcap)
-	
-dnl 
-dnl See if there is any X11 present
-dnl
-AC_PATH_XTRA
-if test "$no_x" = "yes" ; then
-	MAKE_X_PROGS_BIN=""
-	MAKE_X_PROGS_LIBEXEC=""
-else
-	MAKE_X_PROGS_BIN='$(X_PROGS_BIN)'
-	MAKE_X_PROGS_LIBEXEC='$(X_PROGS_LIBEXEC)'
-fi
-AC_SUBST(MAKE_X_PROGS_BIN)dnl
-AC_SUBST(MAKE_X_PROGS_LIBEXEC)dnl
-
-save_CFLAGS="$CFLAGS"
-CFLAGS="$X_CFLAGS $CFLAGS"
-save_LIBS="$LIBS"
-dnl LIBS="$X_LIBS $X_PRE_LIBS $X_EXTRA_LIBS $LIBS"
-LIBS="$X_PRE_LIBS $X_EXTRA_LIBS $LIBS"
-save_LDFLAGS="$LDFLAGS"
-LDFLAGS="$LDFLAGS $X_LIBS"
-
-AC_FIND_FUNC_NO_LIBS(XauReadAuth, Xau X11)
-ac_xxx="$LIBS"
-LIBS="$LIB_XauReadAuth $LIBS"
-AC_CHECK_FUNCS(XauWriteAuth)
-if test "$ac_cv_func_XauWriteAuth" != "yes"; then
-  XauWriteAuth_c=writeauth.c
-  XauWriteAuth_o=writeauth.o
-fi
-AC_SUBST(XauWriteAuth_c)dnl
-AC_SUBST(XauWriteAuth_o)dnl
-LIBS="$ac_xxx"
-
-CFLAGS=$save_CFLAGS
-LIBS=$save_LIBS
-LDFLAGS=$save_LDFLAGS
-
-dnl
-dnl Look for berkeley db, gdbm, and ndbm in that order.
-dnl
-
-save_LIBS="$LIBS"
-AC_FIND_FUNC_NO_LIBS(dbopen, $berkeley_db)
-LIBS="$LIB_dbopen $LIBS"
-AC_FIND_FUNC_NO_LIBS(dbm_firstkey, $berkeley_db gdbm ndbm)
-if test -n "$LIB_dbopen"; then
-  LIB_DBM="$LIB_dbopen"
-else
-  LIB_DBM="$LIB_dbm_firstkey"
-fi
-AC_SUBST(LIB_DBM)dnl
-LIBS="$save_LIBS"
-
-AC_FIND_FUNC(syslog, syslog)
-
-AC_CACHE_CHECK(for working snprintf,ac_cv_func_snprintf_working,
-ac_cv_func_snprintf_working=yes
-AC_TRY_RUN([
-#include <stdio.h>
-#include <string.h>
-int main()
-{
-changequote(`,')dnl
-	char foo[3];
-changequote([,])dnl
-	snprintf(foo, 2, "12");
-	return strcmp(foo, "1");
-}],:,ac_cv_func_snprintf_working=no,:))
-: << END
-@@@funcs="$funcs snprintf"@@@
-END
-if test "$ac_cv_func_snprintf_working" = yes; then
-	foo=HAVE_SNPRINTF
-	AC_DEFINE_UNQUOTED($foo)
-fi
-
-AC_CHECK_FUNCS(asnprintf asprintf vasprintf vasnprintf vsnprintf)
-
-
-AC_CHECK_FUNCS(_getpty _scrsize _setsid _stricmp fchmod fcntl flock)
-AC_CHECK_FUNCS(forkpty frevoke gethostname getlogin getpriority getservbyname)
-AC_CHECK_FUNCS(getspnam getspuid gettimeofday getuid grantpt)
-AC_CHECK_FUNCS(innetgr iruserok mktime ptsname rand random)
-AC_CHECK_FUNCS(revoke setitimer setlogin setpgid setpriority)
-AC_CHECK_FUNCS(setproctitle setregid setresgid setresuid setreuid setsid)
-AC_CHECK_FUNCS(setutent swab ttyname ttyslot ulimit uname)
-AC_CHECK_FUNCS(unlockpt vhangup yp_get_default_domain)
-AC_FIND_FUNC_NO_LIBS(getpwnam_r,c_r)
-if test "$ac_cv_func_getpwnam_r" = yes; then
-	AC_CACHE_CHECK(if getpwnam_r is posix,ac_cv_func_getpwnam_r_posix,
-	ac_libs="$LIBS"
-	LIBS="$LIBS $LIB_getpwnam_r"
-	AC_TRY_RUN([
-#include <pwd.h>
-int main()
-{
-	struct passwd pw, *pwd;
-	return getpwnam_r("", &pw, NULL, 0, &pwd) < 0;
-}
-],ac_cv_func_getpwnam_r_posix=yes,ac_cv_func_getpwnam_r_posix=no,:)
-LIBS="$ac_libs")
-if test "$ac_cv_func_getpwnam_r_posix" = yes; then
-	AC_DEFINE(POSIX_GETPWNAM_R)
-fi
-fi
-
-AC_FIND_FUNC_NO_LIBS(getsockopt, ,
-[#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif],
-[0,0,0,0,0])
-AC_FIND_FUNC_NO_LIBS(setsockopt, ,
-[#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif],
-[0,0,0,0,0])
-
-dnl Cray stuff
-AC_CHECK_FUNCS(getudbnam setlim)
-
-AC_FIND_FUNC(res_search, resolv,
-[
-#include <stdio.h>
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_ARPA_NAMESER_H
-#include <arpa/nameser.h>
-#endif
-#ifdef HAVE_RESOLV_H
-#include <resolv.h>
-#endif
-],
-[0,0,0,0,0])
-
-AC_FIND_FUNC(dn_expand, resolv,
-[
-#include <stdio.h>
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_ARPA_NAMESER_H
-#include <arpa/nameser.h>
-#endif
-#ifdef HAVE_RESOLV_H
-#include <resolv.h>
-#endif
-],
-[0,0,0,0,0])
-
-
-AC_FUNC_MMAP
-AC_FUNC_ALLOCA
-
-#
-# Test for POSIX (broken) getlogin
-#
-
-if test "$ac_cv_func_getlogin" = yes; then
-AC_CACHE_CHECK(if getlogin is posix, ac_cv_func_getlogin_posix, [
-if test "$ac_cv_func_getlogin" = yes -a "$ac_cv_func_setlogin" = yes; then
-	ac_cv_func_getlogin_posix=no
-else
-	ac_cv_func_getlogin_posix=yes
-fi
-])
-if test "$ac_cv_func_getlogin_posix" = yes; then
-	AC_DEFINE(POSIX_GETLOGIN, 1)
-fi
-fi
-
-AC_FIND_IF_NOT_BROKEN(hstrerror, resolv,
-[#ifdef HAVE_NETDB_H
-#include <netdb.h>
-#endif],
-17)
-
-AC_BROKEN(chown daemon err errx fchown getcwd getdtablesize getopt)
-AC_BROKEN(getusershell inet_aton initgroups lstat memmove mkstemp)
-AC_BROKEN(putenv rcmd setegid setenv seteuid strcasecmp strdup)
-AC_BROKEN(strerror strftime strlwr strnlen strtok_r strupr unsetenv)
-AC_BROKEN(verr verrx vwarn vwarnx warn warnx)
-
-AC_KRB_FUNC_GETCWD_BROKEN
-
-dnl
-dnl Figure what authentication modules should be built
-dnl
-
-AC_MSG_CHECKING(which authentication modules should be built)
-
-LIB_AUTH_SUBDIRS=
-
-if test "$ac_cv_header_siad_h" = yes; then
-	LIB_AUTH_SUBDIRS="$LIB_AUTH_SUBDIRS sia"
-fi
-
-if test "$ac_cv_header_security_pam_modules_h" = yes; then
-	LIB_AUTH_SUBDIRS="$LIB_AUTH_SUBDIRS pam"
-fi
-
-case "${host}" in
-changequote(,)dnl
-*-*-irix[56]*) LIB_AUTH_SUBDIRS="$LIB_AUTH_SUBDIRS afskauthlib" ;;
-changequote([,])dnl
-esac
-
-AC_MSG_RESULT($LIB_AUTH_SUBDIRS)
-
-AC_SUBST(LIB_AUTH_SUBDIRS)dnl
-
-dnl
-dnl Figure out if we have tunnels
-dnl
-
-AC_MSG_CHECKING(for tunnel devices)
-
-APPL_KIP_DIR=
-
-if test "$ac_cv_header_net_if_tun_h" = "yes"; then
-	APPL_KIP_DIR=kip
-fi
-
-AC_MSG_RESULT($ac_cv_header_net_if_tun_h)
-
-AC_SUBST(APPL_KIP_DIR)dnl
-
-dnl
-dnl Checks for prototypes and declarations
-dnl
-
-AC_NEED_PROTO([
-#ifdef HAVE_CRYPT_H
-#include <crypt.h>
-#endif
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-],
-crypt)
-
-AC_NEED_PROTO([
-#include <string.h>
-],
-strtok_r)
-
-AC_CHECK_VAR([#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_NETDB_H
-#include <netdb.h>
-#endif],
-h_errno)
-
-AC_CHECK_VAR([#ifdef HAVE_NETDB_H
-#include <netdb.h>
-#endif],
-h_errlist)
-
-AC_CHECK_VAR([#ifdef HAVE_NETDB_H
-#include <netdb.h>
-#endif],
-h_nerr)
-
-AC_CHECK_VAR([#ifdef HAVE_ERR_H
-#include <err.h>
-#endif],[__progname])
-
-AC_CHECK_DECLARATION([#include <stdlib.h>], optarg)
-AC_CHECK_DECLARATION([#include <stdlib.h>], optind)
-AC_CHECK_DECLARATION([#include <stdlib.h>], opterr)
-AC_CHECK_DECLARATION([#include <stdlib.h>], optopt)
-
-dnl
-dnl According to ANSI you are explicitly allowed to cast to void,
-dnl but the standard fails to say what should happen. Some compilers
-dnl think this is illegal:
-dnl
-dnl void foo(void)
-dnl {
-dnl   return (void)0;
-dnl }
-dnl
-dnl Thus explicitly test for void
-dnl
-AC_TYPE_SIGNAL
-if test "$ac_cv_type_signal" = "void" ; then
-	AC_DEFINE(VOID_RETSIGTYPE, 1)
-fi
-
-dnl
-dnl Check for fields in struct utmp
-dnl
-AC_EGREP_HEADER(ut_user, utmp.h, AC_DEFINE(HAVE_UT_USER))
-AC_EGREP_HEADER(ut_host, utmp.h, AC_DEFINE(HAVE_UT_HOST))
-AC_EGREP_HEADER(ut_addr, utmp.h, AC_DEFINE(HAVE_UT_ADDR))
-AC_EGREP_HEADER(ut_type, utmp.h, AC_DEFINE(HAVE_UT_TYPE))
-AC_EGREP_HEADER(ut_pid, utmp.h, AC_DEFINE(HAVE_UT_PID))
-AC_EGREP_HEADER(ut_id, utmp.h, AC_DEFINE(HAVE_UT_ID))
-AC_EGREP_HEADER(ut_syslen, utmpx.h, AC_DEFINE(HAVE_UT_SYSLEN))
-
-AC_STRUCT_ST_BLKSIZE
-
-dnl
-dnl Check for struct winsize
-dnl
-
-AC_KRB_STRUCT_WINSIZE
-
-dnl
-dnl Check for some common types
-dnl
-
-AC_TYPE_PID_T
-AC_TYPE_UID_T
-AC_TYPE_OFF_T
-AC_TYPE_SIZE_T
-
-dnl
-dnl Check for sa_len in sys/socket.h
-dnl
-
-AC_MSG_CHECKING(for sa_len in struct sockaddr)
-AC_CACHE_VAL(krb_cv_struct_sockaddr_sa_len, [
-AC_TRY_COMPILE(
-[#include <sys/types.h>
-#include <sys/socket.h>],
-[struct sockaddr sa;
-int foo = sa.sa_len;],
-krb_cv_struct_sockaddr_sa_len=yes,
-krb_cv_struct_sockaddr_sa_len=no)
-])
-AC_MSG_RESULT($krb_cv_struct_sockaddr_sa_len)
-if test "$krb_cv_struct_sockaddr_sa_len" = yes; then
-	AC_DEFINE(SOCKADDR_HAS_SA_LEN)
-fi
-
-dnl
-dnl Check for ouid in sys/siad.h
-dnl
-
-if test "$ac_cv_header_siad_h" = yes; then
-AC_MSG_CHECKING(for ouid in struct siaentity)
-AC_CACHE_VAL(krb_cv_struct_siaentity_ouid, [
-AC_TRY_COMPILE(
-[#include <siad.h>
-],
-[SIAENTITY e;
-int foo = e.ouid;],
-krb_cv_struct_siaentity_ouid=yes,
-krb_cv_struct_siaentity_ouid=no)
-])
-AC_MSG_RESULT($krb_cv_struct_siaentity_ouid)
-if test "$krb_cv_struct_siaentity_ouid" = yes; then
-	AC_DEFINE(SIAENTITY_HAS_OUID)
-fi
-fi
-
-dnl
-dnl you can link with getmsg on AIX 3.2 but you cannot run the program
-dnl
-
-AC_CACHE_CHECK(for working getmsg, ac_cv_func_getmsg,
-AC_TRY_RUN(
-[
-#include <stdio.h>
-
-int main()
-{
-  getmsg(open("/dev/null", 0), NULL, NULL, NULL);
-  return 0;
-}
-], ac_cv_func_getmsg=yes, ac_cv_func_getmsg=no, ac_cv_func_getmsg=no))
-test "$ac_cv_func_getmsg" = "yes" &&
-AC_DEFINE(HAVE_GETMSG)
-
-dnl
-dnl Test if we are using berkeley db
-dnl
-
-save_LIBS="$LIBS"
-LIBS="$LIB_DBM $LIBS"
-AC_CACHE_CHECK(for berkeley db, krb_cv_lib_berkeleydb,
-AC_TRY_RUN(
-[
-#include <unistd.h>
-#include <fcntl.h>
-#include <ndbm.h>
-int main()
-{
-  DBM *d;
-
-  d = dbm_open("conftest", O_RDWR | O_CREAT, 0666);
-  if(d == NULL)
-    return 1;
-  dbm_close(d);
-  return access("conftest.db", F_OK) != 0;
-}], krb_cv_lib_berkeleydb=yes, krb_cv_lib_berkeleydb=no,
-krb_cv_lib_berkeleydb=no))
-test "$krb_cv_lib_berkeleydb" = "yes" &&
-AC_DEFINE(HAVE_NEW_DB)
-LIBS="$save_LIBS"
-
-dnl
-dnl Tests for editline
-dnl
-
-AC_FIND_FUNC_NO_LIBS(el_init, edit)
-AC_FIND_FUNC_NO_LIBS(readline, readline)
-
-if test "$with_readline"; then
-	AC_DEFINE(HAVE_READLINE, 1)
-	editline_OBJS=
-	LIB_readline="$READLINELIB "'$(LIB_tgetent)'
-	INCLUDE_readline="$READLINEINCLUDE"
-elif test "$ac_cv_func_el_init" = yes; then
-	AC_DEFINE(HAVE_READLINE, 1)
-
-	editline_OBJS=edit_compat.o
-	LIB_readline='-L$(topdir)/lib/editline -leditline '"$LIB_el_init"' $(LIB_tgetent)'
-
-	INCLUDE_readline='-I$(topdir)/lib/editline -I$(top_srcdir)/lib/editline'
-elif test "$ac_cv_func_readline" = yes; then
-	AC_DEFINE(HAVE_READLINE, 1)
-	editline_OBJS=
-	LIB_readline='-lreadline $(LIB_tgetent)'
-	INCLUDE_readline=
-else
-	AC_DEFINE(HAVE_READLINE, 1)
-	editline_OBJS="editline.o complete.o sysunix.o"
-	LIB_readline='-L$(topdir)/lib/editline -leditline $(LIB_tgetent)'
-	INCLUDE_readline='-I$(topdir)/lib/editline -I$(top_srcdir)/lib/editline'
-fi
-AC_SUBST(LIB_readline)
-AC_SUBST(INCLUDE_readline)
-AC_SUBST(editline_OBJS)
-
-dnl telnet muck --------------------------------------------------
-
-AC_DEFINE(AUTHENTICATION)dnl
-AC_DEFINE(KRB4)dnl
-AC_DEFINE(ENCRYPTION)dnl
-AC_DEFINE(DES_ENCRYPTION)dnl
-AC_DEFINE(DIAGNOSTICS)dnl
-AC_DEFINE(OLD_ENVIRON)dnl
-
-# Simple test for streamspty, based on the existance of getmsg(), alas
-# this breaks on SunOS4 which have streams but BSD-like ptys
-#
-# And also something wierd has happend with dec-osf1, fallback to bsd-ptys
-
-AC_MSG_CHECKING(for streamspty)
-case "`uname -sr`" in
-SunOS\ 4*|OSF1*|IRIX\ 4*|HP-UX\ ?.10.*)
-	krb_cv_sys_streamspty=no
-	;;
-AIX*)
-	os_rel=`uname -v`.`uname -r`
-	if expr "$os_rel" : "3*" >/dev/null 2>&1; then
-		krb_cv_sys_streamspty=no
-	else
-		krb_cv_sys_streamspty="$ac_cv_func_getmsg"
-	fi
-	;;
-*)
-	krb_cv_sys_streamspty="$ac_cv_func_getmsg"
-	;;
-esac
-if test "$krb_cv_sys_streamspty" = yes; then
-	AC_DEFINE(STREAMSPTY)
-fi
-dnl AC_SUBST(STREAMSPTY)
-AC_MSG_RESULT($krb_cv_sys_streamspty)
-
-AC_MSG_CHECKING([if /bin/ls takes -A])
-if /bin/ls -A > /dev/null 2>&1 ;then
-	AC_DEFINE(HAVE_LS_A)
-	krb_ls_a=yes
-else
-	krb_ls_a=no
-fi
-AC_MSG_RESULT($krb_ls_a)
-	
-dnl ------------------------------------------------------------
-AC_CACHE_CHECK(for suffix of preformatted manual pages, krb_cv_sys_cat_suffix,
-if grep _version /etc/man.conf > /dev/null 2>&1; then
-	krb_cv_sys_cat_suffix=0
-else
-	krb_cv_sys_cat_suffix=number
-fi)
-if test "$krb_cv_sys_cat_suffix" = number; then
-		CATSUFFIX='$$s'
-else
-		CATSUFFIX=0
-fi
-AC_SUBST(CATSUFFIX)
-
-dnl ------------------------------------------------------------
-
-KRB_KAFS_LIB='-L$(topdir)/lib/kafs -lkafs'
-if test "$krb_cv_sys_aix" = yes; then
-	KRB_KAFS_LIB="$KRB_KAFS_LIB -lld"
-fi
-AC_SUBST(KRB_KAFS_LIB)dnl
-
-dnl ------------------------------------------------------------
-
-
-dnl This is done by AC_OUTPUT but we need the result here.
-
-test "x$prefix" = xNONE && prefix=$ac_default_prefix
-test "x$exec_prefix" = xNONE && exec_prefix='${prefix}'
-
-for i in bin lib libexec sbin; do
-	i=${i}dir
-	foo=`echo $i | tr 'xindiscernible' 'XINDISCERNIBLE'`
-	x="\$${i}"
-	eval y="$x"
-	while test "x$y" != "x$x"; do
-		x="$y"
-		eval y="$x"
-	done
-	AC_DEFINE_UNQUOTED($foo,"$x")
-done
-
-dnl
-dnl We are all set to emit the Makefiles and config.h
-dnl
-AC_OUTPUT(					\
-Makefile 					\
-include/Makefile				\
-include/sys/Makefile				\
-						\
-util/Makefile					\
-util/et/Makefile				\
-						\
-man/Makefile					\
-						\
-lib/Makefile					\
-lib/des/Makefile				\
-lib/krb/Makefile				\
-lib/kdb/Makefile				\
-lib/kadm/Makefile				\
-lib/acl/Makefile				\
-lib/kafs/Makefile				\
-lib/roken/Makefile				\
-lib/otp/Makefile				\
-lib/sl/Makefile					\
-lib/editline/Makefile				\
-lib/auth/Makefile				\
-lib/auth/pam/Makefile				\
-lib/auth/sia/Makefile				\
-lib/auth/afskauthlib/Makefile			\
-						\
-kuser/Makefile					\
-server/Makefile					\
-slave/Makefile					\
-admin/Makefile					\
-kadmin/Makefile					\
-						\
-appl/Makefile					\
-						\
-appl/afsutil/Makefile 				\
-appl/ftp/Makefile				\
-appl/ftp/common/Makefile			\
-appl/ftp/ftp/Makefile				\
-appl/ftp/ftpd/Makefile				\
-appl/telnet/Makefile				\
-appl/telnet/libtelnet/Makefile			\
-appl/telnet/telnet/Makefile			\
-appl/telnet/telnetd/Makefile			\
-appl/bsd/Makefile 				\
-appl/kauth/Makefile				\
-appl/kpopper/Makefile				\
-appl/movemail/Makefile				\
-appl/sample/Makefile				\
-appl/xnlock/Makefile				\
-appl/kx/Makefile				\
-appl/kip/Makefile				\
-appl/otp/Makefile				\
-doc/Makefile					\
-) dnl end of AC_OUTPUT
-
-dnl
-dnl This is the release version name-number[beta]
-dnl Update before making a new release
-dnl
-KRB4VERSION="$PACKAGE-$VERSION"
-
-cat > include/newversion.h.in <<EOF
-char *krb4_long_version = "@(#)\$Version: $KRB4VERSION by @USER@ on @HOST@ ($host) @DATE@ \$";
-char *krb4_version = "$KRB4VERSION";
-EOF
-
-if test -f include/version.h && cmp -s include/newversion.h.in include/version.h.in; then
-	echo "include/version.h is unchanged"
-	rm -f include/newversion.h.in
-else
- 	echo "creating include/version.h"
- 	User=${USER-${LOGNAME}}
- 	Host=`(hostname || uname -n) 2>/dev/null | sed 1q`
- 	Date=`date`
-	mv -f include/newversion.h.in include/version.h.in
-	sed -e "s/@USER@/$User/" -e "s/@HOST@/$Host/" -e "s/@DATE@/$Date/" include/version.h.in > include/version.h
-fi
diff --git a/crypto/kerberosIV/doc/Makefile.in b/crypto/kerberosIV/doc/Makefile.in
deleted file mode 100644
index 5071e8e7a3f4..000000000000
--- a/crypto/kerberosIV/doc/Makefile.in
+++ /dev/null
@@ -1,65 +0,0 @@
-# $Id: Makefile.in,v 1.10 1997/05/06 03:05:55 joda Exp $
-
-SHELL = /bin/sh
-
-srcdir = @srcdir@
-VPATH = @srcdir@
-
-INSTALL = @INSTALL@
-INSTALL_DATA = $(INSTALL)
-MKINSTALLDIRS = @top_srcdir@/mkinstalldirs
-MAKEINFO = @MAKEINFO@
-TEXI2DVI = texi2dvi
-TEXI2HTML = texi2html
-
-prefix = @prefix@
-infodir = @infodir@
-
-all: info
-
-install: all installdirs
-	if test -f kth-krb.info; then \
-	  $(INSTALL_DATA) kth-krb.info $(infodir)/kth-krb.info; \
-	else \
-	  $(INSTALL_DATA) $(srcdir)/kth-krb.info $(infodir)/kth-krb.info; \
-	fi
-	if $(SHELL) -c 'install-info --version' >/dev/null 2>&1; then \
-	  install-info --dir-file=$(infodir)/dir $(infodir)/kth-krb.info; \
-	else \
-	  true; \
-	fi
-
-uninstall:
-	rm -f $(infodir)/kth-krb.info
-
-installdirs:
-	$(MKINSTALLDIRS) $(infodir)
-
-info: kth-krb.info
-
-kth-krb.info: kth-krb.texi
-	$(MAKEINFO) -I$(srcdir) -o $@ $(srcdir)/kth-krb.texi
-
-dvi: kth-krb.dvi
-
-kth-krb.dvi: kth-krb.texi
-	$(TEXI2DVI) $(srcdir)/kth-krb.texi
-
-html: kth-krb.html
-
-kth-krb.html: kth-krb.texi
-	$(TEXI2HTML) $(srcdir)/kth-krb.texi
-
-clean:
-	rm -f *.aux *.cp *.cps *.dvi *.fn *.ky *.log *.pg *.toc *.tp *.vr
-
-distclean: clean
-
-mostlyclean: clean
-
-maintainer-clean: clean
-	rm -f kth-krb.info
-
-check:
-
-.PHONY: install all installdirs uninstall info dvi html clean check distclean mostlyclean maintainer-clean
diff --git a/crypto/kerberosIV/doc/ack.texi b/crypto/kerberosIV/doc/ack.texi
deleted file mode 100644
index 388f6444bb87..000000000000
--- a/crypto/kerberosIV/doc/ack.texi
+++ /dev/null
@@ -1,80 +0,0 @@
-@node  Acknowledgments, Index, Resolving frequent problems, Top
-@comment  node-name,  next,  previous,  up
-@appendix Acknowledgments
-
-People from the MIT Athena project wrote the original code that this is
-based on. @w{Kerberos 4} @w{patch-level 9} was stripped of both the
-encryption functions and the calls to them. This was exported from the
-US as the ``Bones'' release.  Eric Young put back the calls and hooked
-in his libdes, thereby creating the ``eBones'' release.
-@cindex Bones
-@cindex eBones
-
-The ``rcmd'' programs where initially developed at the University of
-California at Berkeley and then hacked on by the FreeBSD and NetBSD
-projects.
-
-Berkeley also wrote @code{ftp}, @code{ftpd}, @code{telnet}, and
-@code{telnetd}.  The authentication and encryption code of @code{telnet}
-and @code{telnetd} was added by David Borman (then of Cray Research,
-Inc).  The encryption code was removed when this was exported and then
-added back by Juha Eskelinen, @code{<esc@@magic.fi>}.
-
-The @code{popper} was also a Berkeley program initially.
-
-The @code{login} has the same origins but has received code written by
-Wietse Venema at Eindhoven University of Technology, The Netherlands.
-
-@code{movemail} was (at least partially) written by Jonathan Kamens,
-@code{<jik@@security.ov.com>}, and is Copyright @copyright{} 1986, 1991,
-1992, 1993, 1994 Free Software Foundation, Inc.
-
-@code{xnlock} was originally written by Dan Heller in 1985 for sunview.
-The X version was written by him in 1990.
-
-Some of the functions in @file{libroken} also come from Berkeley by the
-way of NetBSD/FreeBSD.
-
-The code to handle the dynamic loading of the AFS module for AIX is
-copyright @copyright{} 1992 HELIOS Software GmbH 30159 Hannover,
-Germany.
-
-@code{editline} was written by Simmule Turner and Rich Salz.
-
-Bugfixes and code has been contributed by:
-@table @asis
-@item Derrick J Brashear
-@code{<shadow@@dementia.org>}
-@item Anders Gertz
-@code{<gertz@@lysator.liu.se>}
-@item Dejan Ilic
-@code{<svedja@@lysator.liu.se>}
-@item Kent Engström
-@code{<kent@@lysator.liu.se>}
-@item Simon Josefsson
-@code{<jas@@pdc.kth.se>}
-@item Robert Malmgren
-@code{<rom@@incolumitas.se>}
-@item Fredrik Ljungberg
-@code{<flag@@it.kth.se>}
-@item Lars Malinowsky
-@code{<lama@@pdc.kth.se>}
-@item Fabien Coelho
-@code{<coelho@@cri.ensmp.fr>}
-@item and we hope that those not mentioned here will forgive us.
-@end table
-
-Ian Marsh @code{<ianm@@sics.se>} removed the worst abuses of the English
-language from this text.
-
-Ilja Hallberg @code{<iha@@incolumitas.se>} is still promising to help us
-finish the documentation.
-
-This work was supported in part by SUNET and the Centre for Parallel
-Computers at KTH.
-
-The port to Windows 95/NT was supported by the Computer Council at KTH
-and done by Jörgen Karlsson @code{<d93-jka@@nada.kth.se>}.
-
-All the bugs were introduced by ourselves.
-
diff --git a/crypto/kerberosIV/doc/index.texi b/crypto/kerberosIV/doc/index.texi
deleted file mode 100644
index ebe5d911ce0c..000000000000
--- a/crypto/kerberosIV/doc/index.texi
+++ /dev/null
@@ -1,6 +0,0 @@
-@node Index, , Acknowledgments, Top
-@comment  node-name,  next,  previous,  up
-@unnumbered Index
-
-@printindex cp
-
diff --git a/crypto/kerberosIV/doc/install.texi b/crypto/kerberosIV/doc/install.texi
deleted file mode 100644
index 240c04e2e2a8..000000000000
--- a/crypto/kerberosIV/doc/install.texi
+++ /dev/null
@@ -1,368 +0,0 @@
-@node Installing programs, How to set up a realm, What is Kerberos?, Top
-@chapter Installing programs
-
-You have a choise to either build the distribution from source code or
-to install binaries, if they are available for your machine.
-
-@c XXX
-
-We recommend building from sources, but using pre-compiled binaries
-might be easier.  If there are no binaries available for your machine or
-you want to do some specific configuration, you will have to compile
-from source.
-
-@menu
-* Installing from source::      
-* Installing a binary distribution::  
-* Finishing the installation::  
-* Authentication modules::      
-@end menu
-
-@node Installing from source, Installing a binary distribution, Installing programs, Installing programs
-@comment  node-name,  next,  previous,  up
-@section Installing from source
-
-To build this software un-tar the distribution and run the
-@code{configure} script.
-
-To compile successfully, you will need an ANSI C compiler, such as
-@code{gcc}. Other compilers might also work, but setting the ``ANSI
-compliance'' too high, might break in parts of the code, not to mention
-the standard include files.
-
-To build in a separate build tree, run @code{configure} in the directory
-where the tree should reside.  You will need a Make that understands
-VPATH correctly.  GNU Make works fine.
-
-After building everything (which will take anywhere from a few minutes
-to a long time), you can install everything in @file{/usr/athena} with
-@kbd{make install} (running as root). It is possible to install in some
-other place, but it isn't recommended. To do this you will have to run
-@code{configure} with @samp{--prefix=/my/path}.
-
-If you need to change the default behavior, configure understands the
-following options:
-
-@table @asis
-@item @kbd{--with-shared}
-Create shared versions of the Kerberos libraries. Not really
-recommended and might not work on all systems.
-
-@item @kbd{--with-cracklib=}@var{dir}
-Use cracklib for password quality control in 
-@pindex kadmind
-@code{kadmind}. This option requires 
-@cindex cracklib
-cracklib with the patch from
-@code{ftp://ftp.pdc.kth.se/pub/krb/src/cracklib.patch}.
-
-@item @kbd{--with-dictpath=}@var{dictpath}
-This is the dictionary that cracklib should use.
-
-@item @kbd{--with-socks=}@var{dir}
-@cindex firewall
-@cindex socks
-If you have to traverse a firewall and it uses the SocksV5 protocol
-(@cite{RFC 1928}), you can build with socks-support.  Point @var{dir} to
-the directory where you have socks5 installed.  For more information
-about socks see @kbd{http://www.socks.nec.com/}.
-
-@item @kbd{--with-readline=}@var{dir}
-@cindex readline
-To enable history/line editing in @code{ftp} and @code{kadmin}, any
-present version of readline will be used.  If you have readline
-installed but in a place where configure does not managed to find it,
-you can use this option.  The code also looks for @code{libedit}.  If
-there is no library at all, the bundled version of @code{editline} will
-be used.
-
-@item @kbd{--with-mailspool=}@var{dir}
-The configuration process tries to determine where your machine stores
-its incoming mail.  This is typically @file{/usr/spool/mail} or
-@file{/var/mail}.  If it does not work or you store your mail in some
-unusual directory, this option can be used to specify where the mail
-spool directory is located.  This directory is only accessed by
-@pindex popper
-@code{popper}, and the mail check in
-@pindex login
-@code{login}.
-
-@c @item @kbd{--enable-random-mkey}
-@c Do not use this option unless you think you know what you are doing.
-
-@item @kbd{--with-mkey=}@var{file}
-Put the master key here, the default is @file{/.k}.
-
-@item @kbd{--without-berkeley-db}
-If you have
-@cindex Berkeley DB
-Berkeley DB installed, it is preferred over
-@c XXX
-dbm. If you already are running Kerberos this option might be useful,
-since there currently isn't an easy way to convert a dbm database to a
-db one (you have to dump the old database and then load it with the new
-binaries).
-@end table
-
-@node Installing a binary distribution, Finishing the installation, Installing from source, Installing programs
-@comment  node-name,  next,  previous,  up
-@section Installing a binary distribution
-
-The binary distribution is supposed to be installed in
-@file{/usr/athena}, installing in some other place may work but is not
-recommended.  A symlink from @file{/usr/athena} to the install directory
-should be fine.
-
-@node Finishing the installation, Authentication modules, Installing a binary distribution, Installing programs
-@section Finishing the installation
-
-@pindex su
-The only program that needs to be installed setuid to root is @code{su}.
-
-If 
-@pindex rlogin
-@pindex rsh
-@code{rlogin} and @code{rsh} are setuid to root they will fall back to
-non-kerberised protocols if the kerberised ones fail for some
-reason. The old protocols use reserved ports as security, and therefore
-the programs have to be setuid to root. If you don't need this
-functionality consider turning off the setuid bit.
-
-@pindex login
-@code{login} does not have to be setuid, as it is always run by root
-(users should use @code{su} rather than @code{login}).  It will print a
-helpful message when not setuid to root and run by a user.
-
-The programs intended to be run by users are located in
-@file{/usr/athena/bin}.  Inform your users to include
-@file{/usr/athena/bin} in their paths, or copy or symlink the binaries
-to some good place.  The programs that you will want to use are:
-@code{kauth}/@code{kinit},
-@pindex kauth
-@pindex kinit
-@code{klist}, @code{kdestroy}, @code{kpasswd}, @code{ftp},
-@pindex klist
-@pindex kdestroy
-@pindex kpasswd
-@pindex ftp
-@code{telnet}, @code{rcp}, @code{rsh}, @code{rlogin}, @code{su},
-@pindex telnet
-@pindex rcp
-@pindex rsh
-@pindex rlogin
-@pindex su
-@pindex xnlock
-@pindex afslog
-@pindex pagsh
-@pindex rxtelnet
-@pindex tenletxr
-@pindex rxterm
-@code{rxtelnet}, @code{tenletxr}, @code{rxterm}, and
-@code{xnlock}. If you are using AFS, @code{afslog} and @code{pagsh}
-might also be useful.  Administrators will want to use @code{kadmin} and
-@code{ksrvutil}, which are located in @file{/usr/athena/sbin}.
-@pindex kadmin
-@pindex ksrvutil
-
-@code{telnetd} and @code{rlogind} assume that @code{login} is located in
-@file{/usr/athena/bin} (or whatever path you used as
-@samp{--prefix}). If for some reason you want to move @code{login}, you
-will have to specify the new location with the @samp{-L} switch when
-configuring
-@pindex telnetd
-telnetd
-and
-@pindex rlogind
-rlogind
-in @file{inetd.conf}.
-
-It should be possible to replace the system's default @code{login} with
-the kerberised @code{login}.  However some systems assume that login
-performs some serious amount of magic that our login might not do (although
-we've tried to do our best). So before replacing it on every machine,
-try and see what happens.  Another thing to try is to use one of the
-authentication modules (@xref{Authentication modules}) supplied.
-
-The @code{login} program that we use was in an earlier life the standard
-login program from NetBSD. In order to use it with a lot of weird
-systems, it has been ``enhanced'' with features from many other logins
-(Solaris, SunOS, IRIX, AIX, and others).  Some of these features are
-actually useful and you might want to use them even on other systems.
-
-@table @file
-@item /etc/fbtab
-@pindex fbtab
-@itemx /etc/logindevperm
-@pindex logindevperm
-Allows you to chown some devices when a user logs in on a certain
-terminal.  Commonly used to change the ownership of @file{/dev/mouse},
-@file{/dev/kbd}, and other devices when someone logs in on
-@file{/dev/console}.
-
-@file{/etc/fbtab} is the SunOS file name and it is tried first.  If
-there is no such file then the Solaris file name
-@file{/etc/logindevperm} is tried.
-@item /etc/environment
-@pindex environment
-This file specifies what environment variables should be set when a user
-logs in. (AIX-style)
-@item /etc/default/login
-@pindex default/login
-Almost the same as @file{/etc/environment}, but the System V style.
-@item /etc/login.access
-@pindex login.access
-Can be used to control who is allowed to login from where and on what
-ttys. (From Wietse Venema)
-@end table
-
-@menu
-* Authentication modules::      
-@end menu
-
-@node  Authentication modules,  , Finishing the installation, Installing programs
-@comment  node-name,  next,  previous,  up
-@section Authentication modules
-The problem of having different authentication mechanisms has been
-recognised by several vendors, and several solutions has appeared. In
-most cases these solutions involve some kind of shared modules that are
-loaded at run-time.  Modules for some of these systems can be found in
-@file{lib/auth}.  Presently there are modules for Digital's SIA, Linux'
-PAM (might also work on Solaris, when PAM gets supported), and IRIX'
-@code{login} and @code{xdm} (in @file{lib/auth/afskauthlib}).
-
-@menu
-* Digital SIA::                 
-* IRIX::                        
-* PAM::                         
-@end menu
-
-@node Digital SIA, IRIX, Authentication modules, Authentication modules
-@subsection Digital SIA
-
-To install the SIA module you will have to do the following:
-
-@itemize @bullet
-
-@item
-Make sure @file{libsia_krb4.so} is available in
-@file{/usr/athena/lib}. If @file{/usr/athena} is not on local disk, you
-might want to put it in @file{/usr/shlib} or someplace else. If you do,
-you'll have to edit @file{krb4_matrix.conf} to reflect the new location
-(you will also have to do this if you installed in some other directory
-than @file{/usr/athena}).
-@item
-Copy (your possibly edited) @file{krb4_matrix.conf} to @file{/etc/sia}.
-@item
-Apply @file{security.patch} to @file{/sbin/init.d/security}.
-@item
-Turn on KRB4 security by issuing @kbd{rcmgr set SECURITY KRB4} and
-@kbd{rcmgr set KRB4_MATRIX_CONF krb4_matrix.conf}.
-@item
-Digital thinks you should reboot your machine, but that really shouldn't
-be necessary.  It's usually sufficient just to run
-@kbd{/sbin/init.d/security start}.
-@end itemize
-
-Users with local passwords (like @samp{root}) should be able to login
-safely.
-
-When using Digital's xdm the @samp{KRBTKFILE} environment variable isn't
-passed along as it should (since xdm zaps the environment). Instead you
-have to set @samp{KRBTKFILE} to the correct value in
-@file{/usr/lib/X11/xdm/Xsession}. Add a line similar to
-@example
-KRBTKFILE=/tmp/tkt`id -u`_`ps -o ppid= -p $$`; export KRBTKFILE
-@end example
-
-There is currently no support for changing passwords. Use @file{kpasswd}
-instead.
-
-@subsubheading Notes to users with Enhanced security
-
-Digital's @samp{ENHANCED} (C2) security, and Kerberos solves two
-different problems. C2 deals with local security, adds better control of
-who can do what, auditing, and similar things. Kerberos deals with
-network security.
-
-To make C2 security work with Kerberos you will have to do the
-following.
-
-@itemize @bullet
-@item
-Replace all occurencies of @file{krb4_matrix.conf} with
-@file{krb4+c2_matrix.conf} in the directions above.
-@item
-You must enable ``vouching'' in the @samp{default} database.  This will
-make the OSFC2 module trust other SIA modules, so you can login without
-giving your C2 password. To do this use @samp{edauth} to edit the
-default entry @kbd{/usr/tcb/bin/edauth -dd default}, and add a
-@samp{d_accept_alternate_vouching} capability, if not already present.
-@item
-For each user that does @emph{not} have a local C2 password, you should
-set the password expiration field to zero. You can do this for each
-user, or in the @samp{default} table. To to this use @samp{edauth} to
-set (or change) the @samp{u_exp} capability to @samp{u_exp#0}.
-@item
-You should make sure that you use Digital's login rather than the one
-distributed by us. The easiest way to do this is to replace
-@file{/usr/athena/bin/login} with @file{/bin/login}.
-@end itemize
-
-At present @samp{su} does not accept the vouching flag, so it will not
-work as expected. 
-
-Also, kerberised ftp will not work with C2 passwords. You can solve this
-by using both Digital's ftpd and our on different ports.
-
-@strong{Remember}, if you do these changes you will get a system that
-most certainly does @emph{not} fulfill the requirements of a C2
-system. If C2 is what you want, for instance if someone else is forcing
-you to use it, you're out of luck.  If you use enhanced security because
-you want a system that is more secure than it would otherwise be, you
-probably got an even more secure system. Passwords will not be sent in
-the clear, for instance.
-
-@node IRIX, PAM, Digital SIA, Authentication modules
-@subsection IRIX
-
-The IRIX support is a module that is compatible with Transarc's
-@file{afskauthlib.so}.  It should work with all programs that use this
-library, this should include @file{login} and @file{xdm}.
-
-The interface is not very documented but it seems that you have to copy
-@file{libkafs.so}, @file{libkrb.so}, and @file{libdes.so} to
-@file{/usr/lib}, or build your @file{afskauthlib.so} statically.
-
-The @file{afskauthlib.so} itself is able to reside in
-@file{/usr/vice/etc}, @file{/usr/afsws/lib}, or the current directory
-(wherever that is).
-
-Appart from this it should ``just work'', there are no configuration
-files.
-
-@node PAM,  , IRIX, Authentication modules
-@subsection PAM
-
-The PAM module was written more out of curiosity that anything else. It
-has not been updated for quite a while, since none of us are using
-Linux, and Solaris does not support PAM yet.  We've had positive reports
-from at least one person using the module, though.
-
-To use this module you should:
-
-@itemize @bullet
-@item
-Make sure @file{pam_krb4.so} is available in @file{/usr/athena/lib}. You
-might actually want it on local disk, so @file{/lib/security} might be a
-better place if @file{/usr/athena} is not local.
-@item
-Look at @file{pam.conf.add} for examples of what to add to
-@file{/etc/pam.conf}.
-@end itemize
-
-There is currently no support for changing kerberos passwords. Use
-kpasswd instead.
-
-See also Derrick J Brashear's @code{<shadow@@dementia.org>} Kerberos PAM
-module at @kbd{ftp://ftp.dementia.org/pub/pam}. It has a lot more
-features, and it is also more in line with other PAM modules.
diff --git a/crypto/kerberosIV/doc/intro.texi b/crypto/kerberosIV/doc/intro.texi
deleted file mode 100644
index 830ca1ad6d59..000000000000
--- a/crypto/kerberosIV/doc/intro.texi
+++ /dev/null
@@ -1,69 +0,0 @@
-@node Introduction, What is Kerberos?, Top, Top
-@comment  node-name,  next,  previous,  up
-@chapter Introduction
-
-This is an attempt at documenting the Kerberos 4 distribution from
-Kungliga Tekniska Högskolan (the Royal Institute of Technology in
-Stockholm, Sweden).  This distribution is based on eBones, but has been
-improved in many ways. It is more portable, and several new features
-have been added. It currently runs on the following systems:
-
-@itemize @bullet
-@item
-AIX 4.1, 4.2
-@item
-BSD/OS 2.0, 2.1
-@item
-Digital UNIX 3.2, 4.0
-@item
-HP-UX 9, 10
-@item
-IRIX 4.0, 5.2, 5.3, 6.1, 6.2, 6.3, 6.4
-@item
-Linux 1.3, 2.0
-@item
-NetBSD 1.2
-@item
-FreeBSD 2.2
-@item
-SunOS 4.1
-@item
-SunOS 5.4/5.5 (aka Solaris 2.4/2.5)
-@item
-Ultrix 4.4
-@item
-Cray UNICOS 9.
-@item
-Fujitsu UXP/V 4.1.
-@end itemize
-
-Some part compile and work on:
-
-@itemize @bullet
-@item
-OS/2 with EMX
-@item
-Windows 95/NT with gnu-win32 (with the proper amount of magic the
-libraries should compile with Microsoft C as well)
-@end itemize
-
-It should work on anything that is almost POSIX, has an ANSI C
-compiler, a dbm library (for the server side), and BSD Sockets.
-
-A web-page is available at @kbd{http://www.pdc.kth.se/kth-krb/}.
-
-@heading Bug reports
-
-If you cannot build the programs or they do not behave as you think they
-should, please send us a bug report.  The bug report should be sent to
-@code{<kth-krb-bugs@@nada.kth.se>}.  Please include information on what
-machine and operating system (including version) you are running, what
-you are trying to do, what happens, what you think should have happened,
-an example for us to repeat, the output you get when trying the example,
-and a patch for the problem if you have one.  Please make any patches
-with @code{diff -u} or @code{diff -c}.  The more detailed the bug report
-is, the easier it will be for us to reproduce, understand, and fix it.
-
-Suggestions, comments and other non bug reports are welcome.  Send them
-to @code{<kth-krb@@nada.kth.se>}.
-
diff --git a/crypto/kerberosIV/doc/kth-krb.texi b/crypto/kerberosIV/doc/kth-krb.texi
deleted file mode 100644
index 8b26349baa0a..000000000000
--- a/crypto/kerberosIV/doc/kth-krb.texi
+++ /dev/null
@@ -1,300 +0,0 @@
-\input texinfo @c -*- texinfo -*-
-@c %**start of header
-@c $Id: kth-krb.texi,v 1.71 1997/05/25 21:31:00 assar Exp $
-@setfilename kth-krb.info
-@settitle KTH-KRB
-@iftex
-@afourpaper
-@end iftex
-@c some sensible characters, please?
-@tex
-\input latin1.tex
-@end tex
-@setchapternewpage on
-@syncodeindex pg cp
-@c %**end of header
-
-@dircategory Kerberos
-@direntry
-* Kth-krb: (kth-krb).           The Kerberos IV distribution from KTH
-@end direntry
-
-@c title page
-@titlepage
-@title KTH-KRB
-@subtitle Kerberos 4 from KTH
-@subtitle Edition -1.0, for version 0.9.5
-@subtitle 1997
-@author Johan Danielsson
-@author Assar Westerlund
-@author last updated $Date: 1997/05/25 21:31:00 $
-
-@def@copynext{@vskip 20pt plus 1fil@penalty-1000}
-@def@copyrightstart{}
-@def@copyrightend{}
-@page
-@copyrightstart
-Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan 
-(Royal Institute of Technology, Stockholm, Sweden).
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions
-are met:
-
-1. Redistributions of source code must retain the above copyright
-   notice, this list of conditions and the following disclaimer.
-
-2. Redistributions in binary form must reproduce the above copyright
-   notice, this list of conditions and the following disclaimer in the
-   documentation and/or other materials provided with the distribution.
-
-3. All advertising materials mentioning features or use of this software
-   must display the following acknowledgement:
-     This product includes software developed by the Kungliga Tekniska
-     Högskolan and its contributors.
-
-4. Neither the name of the Institute nor the names of its contributors
-   may be used to endorse or promote products derived from this software
-   without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
-ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
-FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-SUCH DAMAGE.
-
-@copynext
-
-Copyright (C) 1995 Eric Young (eay@@mincom.oz.au)
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions
-are met:
-
-1. Redistributions of source code must retain the copyright
-   notice, this list of conditions and the following disclaimer.
-
-2. Redistributions in binary form must reproduce the above copyright
-   notice, this list of conditions and the following disclaimer in the
-   documentation and/or other materials provided with the distribution.
-
-3. All advertising materials mentioning features or use of this software
-   must display the following acknowledgement:
-   This product includes software developed by Eric Young (eay@@mincom.oz.au)
-
-THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-SUCH DAMAGE.
-
-@copynext
-
-Copyright (c) 1983, 1990 The Regents of the University of California.
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions
-are met:
-
-1. Redistributions of source code must retain the above copyright
-   notice, this list of conditions and the following disclaimer.
-
-2. Redistributions in binary form must reproduce the above copyright
-   notice, this list of conditions and the following disclaimer in the
-   documentation and/or other materials provided with the distribution.
-
-3. All advertising materials mentioning features or use of this software
-   must display the following acknowledgement:
-     This product includes software developed by the University of
-     California, Berkeley and its contributors.
-
-4. Neither the name of the University nor the names of its contributors
-   may be used to endorse or promote products derived from this software
-   without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
-ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
-FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-SUCH DAMAGE.
-
-@copynext
-
-Copyright (C) 1990 by the Massachusetts Institute of Technology
-
-Export of this software from the United States of America is assumed
-to require a specific license from the United States Government.
-It is the responsibility of any person or organization contemplating
-export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-@copynext
-
-Copyright 1987, 1989 by the Student Information Processing Board
-	of the Massachusetts Institute of Technology
-
-Permission to use, copy, modify, and distribute this software
-and its documentation for any purpose and without fee is
-hereby granted, provided that the above copyright notice
-appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation,
-and that the names of M.I.T. and the M.I.T. S.I.P.B. not be
-used in advertising or publicity pertaining to distribution
-of the software without specific, written prior permission.
-M.I.T. and the M.I.T. S.I.P.B. make no representations about
-the suitability of this software for any purpose.  It is
-provided "as is" without express or implied warranty.
-
-@copynext
-
-Copyright 1992 Simmule Turner and Rich Salz.  All rights reserved. 
-
-This software is not subject to any license of the American Telephone 
-and Telegraph Company or of the Regents of the University of California. 
-
-Permission is granted to anyone to use this software for any purpose on
-any computer system, and to alter it and redistribute it freely, subject
-to the following restrictions:
-
-1. The authors are not responsible for the consequences of use of this
-   software, no matter how awful, even if they arise from flaws in it.
-
-2. The origin of this software must not be misrepresented, either by
-   explicit claim or by omission.  Since few users ever read sources,
-   credits must appear in the documentation.
-
-3. Altered versions must be plainly marked as such, and must not be
-   misrepresented as being the original software.  Since few users
-   ever read sources, credits must appear in the documentation.
-
-4. This notice may not be removed or altered.
-
-@copyrightend
-@end titlepage
-
-@c Less filling! Tastes great!
-@iftex
-@parindent=0pt
-@global@parskip 6pt plus 1pt
-@global@chapheadingskip = 15pt plus 4pt minus 2pt 
-@global@secheadingskip = 12pt plus 3pt minus 2pt
-@global@subsecheadingskip = 9pt plus 2pt minus 2pt
-@end iftex
-@ifinfo
-@paragraphindent 0
-@end ifinfo
-
-@ifinfo
-@node Top, Introduction, (dir), (dir)
-@top KTH-krb
-@end ifinfo
-
-@menu
-* Introduction::                
-* What is Kerberos?::           
-* Installing programs::         
-* How to set up a realm::       
-* One-Time Passwords::          
-* Resolving frequent problems::  
-* Acknowledgments::             
-* Index::                       
-
- --- The Detailed Node Listing ---
-
-Installing programs
-
-* Installing from source::      
-* Installing a binary distribution::  
-* Finishing the installation::  
-* Authentication modules::      
-
-Finishing the installation
-
-* Authentication modules::      
-
-Authentication modules
-
-* Digital SIA::                 
-* IRIX::                        
-* PAM::                         
-
-How to set up a realm
-
-* How to set up the kerberos server::  
-* Install the client programs::  
-* Install the kerberised services::  
-* Install a slave kerberos server::  
-* Cross-realm functionality ::  
-
-How to set up the kerberos server
-
-* Choose a realm name::         
-* Choose a kerberos server::    
-* Install the configuration files::  
-* Install the /etc/services::   
-* Install the kerberos server::  
-* Set up the server::           
-* Add a few important principals::  
-* Start the server::            
-* Try to get tickets::          
-* Create initial ACL for the admin server::  
-* Start the admin server::      
-* Add users to the database::   
-* Automate the startup of the servers::  
-
-One-Time Passwords
-
-* What are one time passwords?::  
-* When to use one time passwords?::  
-* Configuring OTPs::            
-
-Resolving frequent problems
-
-* Problems compiling Kerberos::  
-* Common error messages::       
-@end menu
-
-@include intro.texi
-@include whatis.texi
-@include install.texi
-@include setup.texi
-@include otp.texi
-@include problems.texi
-@include ack.texi
-@include index.texi
-
-@c @shortcontents
-@contents
-
-@bye
diff --git a/crypto/kerberosIV/doc/latin1.tex b/crypto/kerberosIV/doc/latin1.tex
deleted file mode 100644
index e683dd271dc1..000000000000
--- a/crypto/kerberosIV/doc/latin1.tex
+++ /dev/null
@@ -1,95 +0,0 @@
-% ISO Latin 1 (ISO 8859/1) encoding for Computer Modern fonts.
-% Jan Michael Rynning <jmr@nada.kth.se> 1990-10-12
-\def\inmathmode#1{\relax\ifmmode#1\else$#1$\fi}
-\global\catcode`\^^a0=\active \global\let^^a0=~		% no-break space
-\global\catcode`\^^a1=\active \global\def^^a1{!`}		% inverted exclamation mark
-\global\catcode`\^^a2=\active \global\def^^a2{{\rm\rlap/c}}	% cent sign
-\global\catcode`\^^a3=\active \global\def^^a3{{\it\$}}	% pound sign
-% currency sign, yen sign, broken bar
-\global\catcode`\^^a7=\active \global\let^^a7=\S		% section sign
-\global\catcode`\^^a8=\active \global\def^^a8{\"{}}		% diaeresis
-\global\catcode`\^^a9=\active \global\let^^a9=\copyright	% copyright sign
-% feminine ordinal indicator, left angle quotation mark
-\global\catcode`\^^ac=\active \global\def^^ac{\inmathmode\neg}% not sign
-\global\catcode`\^^ad=\active \global\let^^ad=\-		% soft hyphen
-% registered trade mark sign
-\global\catcode`\^^af=\active \global\def^^af{\={}}		% macron
-% ...
-\global\catcode`\^^b1=\active \global\def^^b1{\inmathmode\pm}	% plus minus
-\global\catcode`\^^b2=\active \global\def^^b2{\inmathmode{{^2}}}
-\global\catcode`\^^b3=\active \global\def^^b3{\inmathmode{{^3}}}
-\global\catcode`\^^b4=\active \global\def^^b4{\'{}}		% acute accent
-\global\catcode`\^^b5=\active \global\def^^b5{\inmathmode\mu}	% mu
-\global\catcode`\^^b6=\active \global\let^^b6=\P		% pilcroy
-\global\catcode`\^^b7=\active \global\def^^b7{\inmathmode{{\cdot}}}
-\global\catcode`\^^b8=\active \global\def^^b8{\c{}}		% cedilla
-\global\catcode`\^^b9=\active \global\def^^b9{\inmathmode{{^1}}}
-% ...
-\global\catcode`\^^bc=\active \global\def^^bc{\inmathmode{{1\over4}}}
-\global\catcode`\^^bd=\active \global\def^^bd{\inmathmode{{1\over2}}}
-\global\catcode`\^^be=\active \global\def^^be{\inmathmode{{3\over4}}}
-\global\catcode`\^^bf=\active \global\def^^bf{?`}		% inverted question mark
-\global\catcode`\^^c0=\active \global\def^^c0{\`A}
-\global\catcode`\^^c1=\active \global\def^^c1{\'A}
-\global\catcode`\^^c2=\active \global\def^^c2{\^A}
-\global\catcode`\^^c3=\active \global\def^^c3{\~A}
-\global\catcode`\^^c4=\active \global\def^^c4{\"A}		% capital a with diaeresis
-\global\catcode`\^^c5=\active \global\let^^c5=\AA		% capital a with ring above
-\global\catcode`\^^c6=\active \global\let^^c6=\AE
-\global\catcode`\^^c7=\active \global\def^^c7{\c C}
-\global\catcode`\^^c8=\active \global\def^^c8{\`E}
-\global\catcode`\^^c9=\active \global\def^^c9{\'E}
-\global\catcode`\^^ca=\active \global\def^^ca{\^E}
-\global\catcode`\^^cb=\active \global\def^^cb{\"E}
-\global\catcode`\^^cc=\active \global\def^^cc{\`I}
-\global\catcode`\^^cd=\active \global\def^^cd{\'I}
-\global\catcode`\^^ce=\active \global\def^^ce{\^I}
-\global\catcode`\^^cf=\active \global\def^^cf{\"I}
-% capital eth
-\global\catcode`\^^d1=\active \global\def^^d1{\~N}
-\global\catcode`\^^d2=\active \global\def^^d2{\`O}
-\global\catcode`\^^d3=\active \global\def^^d3{\'O}
-\global\catcode`\^^d4=\active \global\def^^d4{\^O}
-\global\catcode`\^^d5=\active \global\def^^d5{\~O}
-\global\catcode`\^^d6=\active \global\def^^d6{\"O}		% capital o with diaeresis
-\global\catcode`\^^d7=\active \global\def^^d7{\inmathmode\times}% multiplication sign
-\global\catcode`\^^d8=\active \global\let^^d8=\O
-\global\catcode`\^^d9=\active \global\def^^d9{\`U}
-\global\catcode`\^^da=\active \global\def^^da{\'U}
-\global\catcode`\^^db=\active \global\def^^db{\^U}
-\global\catcode`\^^dc=\active \global\def^^dc{\"U}
-\global\catcode`\^^dd=\active \global\def^^dd{\'Y}
-% capital thorn
-\global\catcode`\^^df=\active \global\def^^df{\ss}
-\global\catcode`\^^e0=\active \global\def^^e0{\`a}
-\global\catcode`\^^e1=\active \global\def^^e1{\'a}
-\global\catcode`\^^e2=\active \global\def^^e2{\^a}
-\global\catcode`\^^e3=\active \global\def^^e3{\~a}
-\global\catcode`\^^e4=\active \global\def^^e4{\"a}		% small a with diaeresis
-\global\catcode`\^^e5=\active \global\let^^e5=\aa		% small a with ring above
-\global\catcode`\^^e6=\active \global\let^^e6=\ae
-\global\catcode`\^^e7=\active \global\def^^e7{\c c}
-\global\catcode`\^^e8=\active \global\def^^e8{\`e}
-\global\catcode`\^^e9=\active \global\def^^e9{\'e}
-\global\catcode`\^^ea=\active \global\def^^ea{\^e}
-\global\catcode`\^^eb=\active \global\def^^eb{\"e}
-\global\catcode`\^^ec=\active \global\def^^ec{\`\i}
-\global\catcode`\^^ed=\active \global\def^^ed{\'\i}
-\global\catcode`\^^ee=\active \global\def^^ee{\^\i}
-\global\catcode`\^^ef=\active \global\def^^ef{\"\i}
-% small eth
-\global\catcode`\^^f1=\active \global\def^^f1{\~n}
-\global\catcode`\^^f2=\active \global\def^^f2{\`o}
-\global\catcode`\^^f3=\active \global\def^^f3{\'o}
-\global\catcode`\^^f4=\active \global\def^^f4{\^o}
-\global\catcode`\^^f5=\active \global\def^^f5{\~o}
-\global\catcode`\^^f6=\active \global\def^^f6{\"o}		% small o with diaeresis
-\global\catcode`\^^f7=\active \global\def^^f7{\inmathmode\div}% division sign
-\global\catcode`\^^f8=\active \global\let^^f8=\o
-\global\catcode`\^^f9=\active \global\def^^f9{\`u}
-\global\catcode`\^^fa=\active \global\def^^fa{\'u}
-\global\catcode`\^^fb=\active \global\def^^fb{\^u}
-\global\catcode`\^^fc=\active \global\def^^fc{\"u}
-\global\catcode`\^^fd=\active \global\def^^fd{\'y}
-% capital thorn
-\global\catcode`\^^ff=\active \global\def^^ff{\"y}
diff --git a/crypto/kerberosIV/doc/otp.texi b/crypto/kerberosIV/doc/otp.texi
deleted file mode 100644
index 0a5929fa8629..000000000000
--- a/crypto/kerberosIV/doc/otp.texi
+++ /dev/null
@@ -1,127 +0,0 @@
-@node  One-Time Passwords, Resolving frequent problems, How to set up a realm, Top
-@chapter One-Time Passwords
-
-@cindex OTP
-@cindex One time passwords
-There is also support for using @dfn{one time passwords} (OTP) in this
-package.  Specifically @code{login}, @code{ftpd}, and @code{popper} have
-support for using them.
-
-@menu
-* What are one time passwords?::  
-* When to use one time passwords?::  
-* Configuring OTPs::            
-@end menu
-
-@node  What are one time passwords?, When to use one time passwords?, One-Time Passwords, One-Time Passwords
-@comment  node-name,  next,  previous,  up
-@section What are one time passwords?
-
-One time passwords are, as the name implies, passwords that can only
-be used once.  This means that even if someone is eavesdropping on the
-network, they will not be able to make use of the passwords they steal.
-
-The OTPs used in this package support @cite{RFC 1938}.  This standard is
-also backwards compatible with the well-known S/Key.  There are lots of
-programs for generating these on everything from HP 48's to Crays.
-@cindex S/Key
-
-@node  When to use one time passwords?, Configuring OTPs, What are one time passwords?, One-Time Passwords
-@comment  node-name,  next,  previous,  up
-@section When to use one time passwords?
-
-Why would you want to use OTPs instead of Kerberos?  The advantage of
-OTPs is that they don't require a computer to operate.  You can print
-out a list of passwords and take with you, or you could use your
-calculator or hand-held computer to generate them.
-
-The downside is that they only protect you against passive attacks.
-Only the initial connection is authenticated.  After that, anyone can
-eavesdrop on your session, so you should not send or view any sensitive
-data (e.g. passwords) over a OTP-initiated link.  You are also
-vulnerable to active attacks where intruders try to take over your
-TCP-session and/or introduce data in the middle of it.  In other words,
-they provide initial authentication, but neither integrity nor
-confidentiality.
-
-The OTPs are generated from the tuple (@var{seed}, @var{sequence
-number}, @var{pass-phrase}).  The seed and the sequence number will be
-printed as part of the @dfn{challenge} and you will have to generate the
-corresponding password or pick it from a list.
-
-In conclusion, they are simple and can be used everywhere but don't
-protect against all threats that Kerberos does.  Use them when you can't
-use Kerberos.
-
-@node  Configuring OTPs,  , When to use one time passwords?, One-Time Passwords
-@comment  node-name,  next,  previous,  up
-@section Configuring OTPs
-
-@heading Initializing
-
-To initialize your OTPs use the @code{otp} program.  This program will
-write an entry in a local file on this host with your current password
-(in this case the 100th) and the corresponding seed (@samp{foobar}).
-@pindex otp
-
-@example
-@cartouche
-datan:>otp 100 foobar
-Pass-phrase: <pass-phrase>
-Verifying password Pass-phrase: <pass-phrase>
-@end cartouche
-@end example
-
-@heading Generating
-
-To print out a list of them there is a program called
-@code{otpprint}.
-@pindex otpprint
-
-@example
-@cartouche
-datan:>otpprint 100 foobar
-Pass-phrase: <pass-phrase>
-91: SLAM BUY SUP DUSK SKY BEST
-92: DEEM SIGH ROB RASH JUG MAT
-93: DUET FISK HERS AREA TOLL SUP
-94: WOW RAIN LEAK SARA MARK WING
-95: COG YELL MILK CART ABE BAWL
-96: GROW SILK GIST OMEN CAM ANNE
-97: JAG QUAD NUT BEAT BHOY MAGI
-98: ADAM USED GENE NIP EYE SIS
-99: MY SUNG HERO AT DASH RAKE
-100: CORN KNIT BOTH TOGO SOUL BOG
-@end cartouche
-@end example
-
-@heading Using the OTPs
-
-When you try to use one and have initialized a series of
-one-time passwords for yourself you will get a challenge with the
-algorithm being used, the sequence number, and the seed.  Enter those in
-your generator or find the corresponding password in your list.
-
-@example
-@cartouche
-login: assar
-assar's [ otp-md5 99 foobar ] Password: <MY SUNG HERO AT DASH RAKE>
-@end cartouche
-@end example
-
-The sequence number of the password will start at one less that the
-number you gave to @code{otp} and decrease by one every time you use it.
-You should try to keep track of which should be the current one so that
-you can be assured that nobody has stolen some of your passwords and
-used them.  When the number has reached zero you need to acquire a new
-series of passwords.
-
-Once you have initialized your series of passwords, you can always use
-them at any password prompt where you get the challenge as shown above.
-
-@heading Configuring servers
-
-@code{ftpd}, @code{telnetd}, and @code{popper} can be configured to
-require one-time passwords when the connection has not been kerberos
-authenticated.  Check the man pages for these programs for the correct
-options.
diff --git a/crypto/kerberosIV/doc/problems.texi b/crypto/kerberosIV/doc/problems.texi
deleted file mode 100644
index 9e3630e2d0bf..000000000000
--- a/crypto/kerberosIV/doc/problems.texi
+++ /dev/null
@@ -1,156 +0,0 @@
-@node Resolving frequent problems, Acknowledgments, One-Time Passwords, Top
-@chapter Resolving frequent problems
-
-@menu
-* Problems compiling Kerberos::  
-* Common error messages::       
-@end menu
-
-@node Problems compiling Kerberos, Common error messages, Resolving frequent problems, Resolving frequent problems
-@section Problems compiling Kerberos
-
-Many compilers require a switch to become ANSI compliant. Since kth-krb
-is written in ANSI C it is necessary to specify the name of the compiler
-to be used and the required switch to make it ANSI compliant. This is
-most easily done when running configure using the @kbd{env} command. For
-instance to build under HP-UX using the native compiler do:
-
-@cartouche
-@example
-datan$ env CC="cc -Ae" ./configure
-@end example
-@end cartouche
-
-In general @kbd{gcc} works. The following combinations have also been
-verified to successfully compile the distribution:
-
-@table @asis
-
-@item @samp{HP-UX}
-@kbd{cc -Ae}
-@item @samp{Digital UNIX}
-@kbd{cc -std1}
-@item @samp{AIX}
-@kbd{xlc}
-@item @samp{Solaris 2.x}
-@kbd{cc} (unbundled one)
-@item @samp{IRIX}
-@kbd{cc}
-
-@end table
-
-@subheading Linux problems
-
-Some systems have lost @file{/usr/include/ndbm.h} which is necessary to
-build kth-krb correctly. There is a @file{ndbm.h.Linux} right next to
-the source distribution.
-
-There has been reports of non-working @file{libdb} on some Linux
-distributions.  If that happens, use the @kbd{--without-berkeley-db}
-when configuring.
-
-@subheading HP-UX problems
-
-The shared library @file{/usr/lib/libndbm.sl} doesn't exist on all
-systems.  To make problems even worse, there is never an archive version
-for static linking either. Therefore, when building ``truly portable''
-binaries first install GNU gdbm or Berkeley DB, and make sure that you
-are linking against that library.
-
-@subheading Cray problems
-
-@kbd{rlogind} won't work on Crays until @code{forkpty()} has been
-ported, in the mean time use @kbd{telnetd}.
-
-@subheading AIX problems
-
-@kbd{gcc} version 2.7.2.1 has a bug which makes it miscompile
-@file{appl/telnet/telnetd/sys_term.c} (and possibily
-@file{appl/bsd/forkpty.c}), if used with too much optimization.
-
-@subheading C2 problems
-
-@cindex C2
-The programs that checks passwords works with @file{passwd}, OTP, and
-Kerberos paswords. This is problem if you use C2 security (or use some
-other password database), that normally keeps passwords in some obscure
-place. If you want to use Kerberos with C2 security you will have to
-think about what kind of changes are necessary. See also the discussion
-about Digital's SIA and C2 security, see @ref{Digital SIA}.
-
-@node Common error messages,  , Problems compiling Kerberos, Resolving frequent problems
-@section Common error messages
-
-These are some of the more obscure error messages you might encounter:
-
-@table @asis
-
-@item @samp{Time is out of bounds}
-
-The time on your machine differs from the time on either the kerberos
-server or the machine you are trying to login to. If it isn't obvious
-that this is the case, remember that all times are compared in UTC.
-
-On unix systems you usually can find out what the local time is by doing
-@code{telnet machine daytime}. This time (again, usually is the keyword)
-is with correction for time-zone and daylight savings.
-
-If you have problem keeping your clocks synchronized, consider using a
-time keeping system such as NTP (see also the discussion in
-@ref{Install the client programs}).
-
-@item @samp{Ticket issue date too far in the future}
-
-The time on the kerberos server is more than five minutes ahead of the
-time on the server.
-
-@item @samp{Can't decode authenticator}
-
-This means that there is a mismatch between the service key in the
-kerberos server and the service key file on the specific machine.
-Either:
-@itemize @bullet
-@item
-the server couldn't find a service key matching the request
-@item
-the service key (or version number) does not match the key the packet
-was encrypted with
-@end itemize
-
-@item @samp{Incorrect network address}
-
-The address in the ticket does not match the address you sent the
-request from. This happens on systems with more than one network
-address, either physically or logically. You can list addresses which
-should be considered equal in @file{/etc/krb.equiv} on your servers. 
-
-A note to programmers: a server should not pass @samp{*} as the instance
-to @samp{krb_rd_req}. It should try to figure out on which interface the
-request was received, for instance by using @samp{k_getsockinst}.
-
-If you change addresses on your computer you invalidate any tickets you
-might have. The easiest way to fix this is to get new tickets with the
-new address.
-
-@item @samp{Message integrity error}
-
-The packet is broken in some way:
-@itemize @bullet
-@item
-the lengths does not match the size of the packet, or
-@item
-the checksum does not match the contents of the packet
-@end itemize
-
-@item @samp{Can't send request}
-There is some problem contacting the kerberos server. Either the server
-is down, or it is using the wrong port (compare the entries for
-@samp{kerberos-iv} in @file{/etc/services}). The client might also have
-failed to guess what kerberos server to talk to (check
-@file{/etc/krb.conf} and @file{/etc/krb.realms}).
-
-@item @samp{Generic kerberos error}
-This is a generic catch-all error message.
-
-@end table
-
diff --git a/crypto/kerberosIV/doc/setup.texi b/crypto/kerberosIV/doc/setup.texi
deleted file mode 100644
index 1b4b395dfcf1..000000000000
--- a/crypto/kerberosIV/doc/setup.texi
+++ /dev/null
@@ -1,794 +0,0 @@
-@node How to set up a realm, One-Time Passwords, Installing programs, Top
-@chapter How to set up a realm
-
-@quotation
-@flushleft
-	Who willed you? or whose will stands but mine?
-	There's none protector of the realm but I.
-	Break up the gates, I'll be your warrantize.
-	Shall I be flouted thus by dunghill grooms?
-        --- King Henry VI, 6.1
-@end flushleft
-@end quotation
-
-@menu
-* How to set up the kerberos server::  
-* Install the client programs::  
-* Install the kerberised services::  
-* Install a slave kerberos server::  
-* Cross-realm functionality ::  
-@end menu
-
-@node How to set up the kerberos server, Install the client programs, How to set up a realm, How to set up a realm
-@section How to set up the kerberos server
-
-@menu
-* Choose a realm name::         
-* Choose a kerberos server::    
-* Install the configuration files::  
-* Install the /etc/services::   
-* Install the kerberos server::  
-* Set up the server::           
-* Add a few important principals::  
-* Start the server::            
-* Try to get tickets::          
-* Create initial ACL for the admin server::  
-* Start the admin server::      
-* Add users to the database::   
-* Automate the startup of the servers::  
-@end menu
-
-@node Choose a realm name, Choose a kerberos server, How to set up the kerberos server, How to set up the kerberos server
-@subsection Choose a realm name
-
-A 
-@cindex realm
-realm is an administrative domain.  Kerberos realms are usually
-written in uppercase and consist of a Internet domain
-name@footnote{Using lowercase characters in the realm name might break
-in mysterious ways. This really should have been fixed, but has not.}.
-Call your realm the same as your Internet domain name if you do not have
-strong reasons for not doing so.  It will make life easier for you and
-everyone else.
-
-@node Choose a kerberos server, Install the configuration files, Choose a realm name, How to set up the kerberos server
-@subsection Choose a kerberos server
-
-You need to choose a machine to run the 
-@pindex kerberos
-kerberos server program.  If the kerberos database residing on this host
-is compromised, your entire realm will be compromised.  Therefore, this
-machine must be as secure as possible.  Preferably it should not run any
-services other than Kerberos.  The secure-minded administrator might
-only allow logins on the console.
-
-This machine has also to be reliable.  If it is down, you will not be
-able to use any kerberised services unless you have also configured a
-slave server (@xref{Install a slave kerberos server}).
-
-Running the kerberos server requires very little CPU power and a small
-amount of disk. An old PC with some hundreds of megabytes of free disk
-space should do fine. Most of the disk space will be used for various
-logs.
-
-@node Install the configuration files, Install the /etc/services, Choose a kerberos server, How to set up the kerberos server
-@subsection Install the configuration files
-
-There are two important configuration files: @file{/etc/krb.conf} and
-@file{/etc/krb.realms}.
-@pindex krb.conf
-@pindex krb.realms
-
-The @file{krb.conf} file determines which machines are servers for
-different realms.  The format of this file is:
-
-@example
-THIS.REALM
-THIS.REALM              kerberos.this.realm admin server
-THIS.REALM              kerberos-1.this.realm
-ANOTHER.REALM           kerberos.another.realm
-@end example
-
-The first line defines the name of the local realm. Line two defines the
-name of the master kerberos server and the database administration
-server for this realm.  You can define any number of kerberos slave
-servers similar to the one defined in line three.  The clients will try
-to contact the servers in the order they are defined in @file{krb.conf}.
-
-The @samp{admin server} clause at the first entry states that this is
-the master server
-@cindex master server
-(the one to contact when modifying the database, such as changing
-passwords). There should be only one such entry for each realm.
-
-In the original MIT Kerberos 4 (as in most others), the server
-specification could only take the form of a host-name. To facilitate
-having kerberos servers in odd places (such as behind a firewall),
-support has been added for ports other than the default (750), and
-protocols other than UDP.
-
-The formal syntax for an entry is now
-@samp{@var{[proto}/@var{]host[}:@var{port]}}. @var{proto} is either
-@samp{udp} or @samp{tcp}, and @var{port} is the port to talk to. Default
-value for @var{proto} is @samp{udp} and for @var{port} whatever
-@samp{kerberos-iv} is defined to be in @file{/etc/services} or 750 if
-undefined.
-
-If the information about a realm is missing from the @file{krb.conf}
-file, or if the information is wrong, the following methods will be
-tried in order.
-
-@enumerate
-@item
-If you have an SRV-record (@cite{RFC 2052}) for your realm it will be
-used. This record should be of the form
-@samp{kerberos-iv.@var{protocol}.@var{REALM}}, where @var{proto} is
-either @samp{udp} or @samp{tcp}. (Note: the current implementation does
-not look at priority or weight when deciding which server to talk to.)
-@item
-If there isn't any SRV-record, it tries to find a TXT-record for the
-same domain. The contents of the record should have the same format as the
-host specification in @file{krb.conf}. (Note: this is a temporary
-solution if your name server doesn't support SRV records. The clients
-should work fine with SRV records, so if your name server supports them,
-they are very much preferred.)
-@item
-If no valid kerberos server is found, it will try to talk udp to the
-service @samp{kerberos-iv} with fall-back to port 750 with
-@samp{kerberos.@var{REALM}} (which is also assumed to be the master
-server), and then @samp{kerberos-1.@var{REALM}},
-@samp{kerberos-2.@var{REALM}}, and so on.
-@end enumerate
-
-We strongly recommend that you add a CNAME @samp{kerberos.@var{REALM}}
-pointing to your kerberos master server.
-
-The @file{krb.realms} file is used to find out what realm a particular
-host belongs to.  An example of this file could look like:
-
-@example
-this.realm            THIS.REALM
-.this.realm           THIS.REALM
-foo.com               SOME.OTHER.REALM
-www.foo.com           A.STRANGE.REALM
-.foo.com              FOO.REALM
-@end example
-
-Entries starting with a dot are taken as the name of a domain. Entries
-not starting with a dot are taken as a host-name. The first entry matched
-is used. The entry for @samp{this.realm} is only necessary if there is a
-host named @samp{this.realm}.
-
-If no matching realm is found in @file{krb.realms}, DNS is searched for
-the correct realm. For example, if we are looking for host @samp{a.b.c},
-@samp{krb4-realm.a.b.c} is first tried and then @samp{krb4-realm.b.c}
-and so on. The entry should be a TXT record containing the name of the
-realm, such as:
-
-@example
-krb4-realm.pdc.kth.se.  7200    TXT     "NADA.KTH.SE"
-@end example
-
-If this didn't help the domain name sans the first part in uppercase is
-tried.
-
-The plain vanilla version of Kerberos doesn't have any fancy methods of
-getting realms and servers so it is generally a good idea to keep
-@file{krb.conf} and @file{krb.realms} up to date.
-
-@node Install the /etc/services, Install the kerberos server, Install the configuration files, How to set up the kerberos server
-@subsection Updating /etc/services
-
-You should append or merge the contents of @file{services.append} to
-your @file{/etc/services} files or NIS-map. Remove any unused factory
-installed kerberos port definitions to avoid possible conflicts.
-@pindex services
-
-Most of the programs will fall back to the default ports if the port
-numbers are not found in @file{/etc/services}, but it is convenient to
-have them there anyway.
-
-@node Install the kerberos server, Set up the server, Install the /etc/services, How to set up the kerberos server
-@subsection Install the kerberos server
-
-You should have already chosen the machine where you want to run the
-kerberos server and the realm name.  The machine should also be as
-secure as possible (@xref{Choose a kerberos server}) before installing
-the kerberos server.  In this example, we will install a kerberos server
-for the realm @samp{FOO.SE} on a machine called @samp{hemlig.foo.se}.
-
-@node Set up the server, Add a few important principals, Install the kerberos server, How to set up the kerberos server
-@subsection Setup the server
-
-Login as root on the console of the kerberos server.  Add
-@file{/usr/athena/bin} and @file{/usr/athena/sbin} to your path.  Run
-@kbd{kdb_init}:
-@pindex kdb_init
-
-@example
-@cartouche
-hemlig# kdb_init
-Realm name [default  FOO.SE ]: 
-You will be prompted for the database Master Password.
-It is important that you NOT FORGET this password.
-
-Enter Kerberos master password: 
-Verifying password 
-Enter Kerberos master password: 
-@end cartouche
-@end example
-
-If you have set up the configuration files correctly, @kbd{kdb_init}
-should choose the correct realm as the default, otherwise a (good) guess
-is made.  Enter the master password.
-
-This password will only be used for encrypting the kerberos database on
-disk and for generating new random keys.  You will not have to remember
-it, only to type it again when you run @kbd{kstash}.  Choose something
-long and random.  Now run @kbd{kstash} using the same password:
-@pindex kstash
-
-@example
-@cartouche
-hemlig# kstash
-
-Enter Kerberos master password: 
-
-Current Kerberos master key version is 1.
-
-Master key entered.  BEWARE!
-Wrote master key to /.k
-@end cartouche
-@end example
-
-After entering the same master password it will be saved in the file
-@file{/.k} and the kerberos server will read it when needed. Write down
-the master password and put it in a sealed envelope in a safe, you might
-need it if your disk crashes or should you want to set up a slave
-server.
-
-@code{kdb_init} initializes the database with a few entries:
-
-@table @samp
-@item krbtgt.@var{REALM}
-The key used for authenticating to the kerberos server.
-
-@item changepw.kerberos
-The key used for authenticating to the administrative server, i.e. when
-adding users, changing passwords, and so on.
-
-@item default
-This entry is copied to new items when these are added.  Enter here the
-values you want new entries to have, particularly the expiry date.
-
-@item K.M
-This is the master key and it is only used to verify that the master key
-that is saved un-encrypted in @file{/.k} is correct and corresponds to
-this database.
-
-@end table
-
-@code{kstash} only reads the master password and writes it to
-@file{/.k}.  This enables the kerberos server to start without you
-having to enter the master password.  This file (@file{/.k}) is only
-readable by root and resides on a ``secure'' machine.
-
-@node Add a few important principals, Start the server, Set up the server, How to set up the kerberos server
-@subsection Add a few important principals
-
-Now the kerberos database has been created, containing only a few
-principals.  The next step is to add a few more so that you can test
-that it works properly and so that you can administer your realm without
-having to use the console on the kerberos server.  Use @kbd{kdb_edit}
-to edit the kerberos database directly on the server.
-@pindex kdb_edit
-
-@code{kdb_edit} is intended as a bootstrapping and fall-back mechanism
-for editing the database.  For normal purposes, use the @code{kadmin}
-program (@xref{Add users to the database}).
-
-The following example shows the adding of the principal
-@samp{nisse.admin} into the kerberos database.  This principal is used
-by @samp{nisse} when administrating the kerberos database.  Later on the
-normal principal for @samp{nisse} will be created.  Replace @samp{nisse}
-and @samp{password} with your own username and password.
-
-@example
-@cartouche
-hemlig# kdb_edit -n
-Opening database...
-Current Kerberos master key version is 1.
-
-Master key entered.  BEWARE!
-Previous or default values are in [brackets] ,
-enter return to leave the same, or new value.
-
-Principal name: <nisse>
-Instance: <admin>
-
-<Not found>, Create [y] ? <>
-
-Principal: nisse, Instance: admin, kdc_key_ver: 1
-New Password: <password>
-Verifying password 
-New Password: <password>
-
-Principal's new key version = 1
-Expiration date (enter yyyy-mm-dd) [ 2000-01-01 ] ? <>
-Max ticket lifetime (*5 minutes) [ 255 ] ? <>
-Attributes [ 0 ] ? <>
-Edit O.K.
-Principal name: <>
-@end cartouche
-@end example
-
-@code{kdb_edit} will loop until you hit the @kbd{return} key at the
-``Principal name'' prompt. Now you have added nisse as an administrator.
-
-@node Start the server, Try to get tickets, Add a few important principals, How to set up the kerberos server
-@subsection Start the server
-
-@pindex kerberos
-@example
-@cartouche
-hemlig# /usr/athena/libexec/kerberos &
-Kerberos server starting
-Sleep forever on error
-Log file is /var/log/kerberos.log
-Current Kerberos master key version is 1.
-
-Master key entered.  BEWARE!
-
-Current Kerberos master key version is 1
-Local realm: FOO.SE
-@end cartouche
-@end example
-
-@node  Try to get tickets, Create initial ACL for the admin server, Start the server, How to set up the kerberos server
-@subsection Try to get tickets
-
-You can now verify that these principals have been added and that the
-server is working correctly.
-
-@pindex kinit
-@example
-@cartouche
-hemlig# kinit
-eBones International (hemlig.foo.se)
-Kerberos Initialization
-Kerberos name: <nisse.admin>
-Password: <password>
-@end cartouche
-@end example
-
-If you do not get any error message from @code{kinit}, then everything
-is working (otherwise, see @ref{Common error messages}).  Use
-@code{klist} to verify the tickets you acquired with @code{kinit}:
-
-@pindex klist
-@example
-@cartouche
-hemlig# klist
-Ticket file:    /tmp/tkt0
-Principal:      nisse.admin@@FOO.SE
-
-Issued           Expires          Principal
-May 24 21:06:03  May 25 07:06:03  krbtgt.FOO.SE@@FOO.SE
-@end cartouche
-@end example
-
-@node Create initial ACL for the admin server, Start the admin server, Try to get tickets, How to set up the kerberos server
-@subsection Create initial ACL for the admin server
-
-The admin server, @code{kadmind}, uses a series of files to determine who has
-@pindex kadmind
-the right to perform certain operations.  The files are:
-@file{admin_acl.add}, @file{admin_acl.get}, @file{admin_acl.del}, and
-@file{admin_acl.mod}.  Create these with @samp{nisse.admin@@FOO.SE} as
-the contents.
-@pindex admin_acl.add
-@pindex admin_acl.get
-@pindex admin_acl.del
-@pindex admin_acl.mod
-
-@example
-@cartouche
-hemlig# echo "nisse.admin@@FOO.SE" > /var/kerberos/admin_acl.add
-hemlig# echo "nisse.admin@@FOO.SE" > /var/kerberos/admin_acl.get
-hemlig# echo "nisse.admin@@FOO.SE" > /var/kerberos/admin_acl.mod
-hemlig# echo "nisse.admin@@FOO.SE" > /var/kerberos/admin_acl.del
-@end cartouche
-@end example
-
-Later on you may wish to add more users with administration
-privileges. Make sure that you create both the administration principals
-and add them to the admin server ACL.
-
-@node Start the admin server, Add users to the database, Create initial ACL for the admin server, How to set up the kerberos server
-@subsection Start the admin server
-
-@pindex kadmind
-@example
-@cartouche
-hemlig# /usr/athena/libexec/kadmind &
-KADM Server KADM0.0A initializing
-Please do not use 'kill -9' to kill this job, use a
-regular kill instead
-
-Current Kerberos master key version is 1.
-
-Master key entered.  BEWARE!
-@end cartouche
-@end example
-
-@node Add users to the database, Automate the startup of the servers, Start the admin server, How to set up the kerberos server
-@subsection Add users to the database
-
-Use the @code{kadmin} client to add users to the database:
-@pindex kadmin
-
-@example
-@cartouche
-hemlig# kadmin -u nisse.admin -m
-Welcome to the Kerberos Administration Program, version 2
-Type "help" if you need it.
-admin:  <add nisse>
-Admin password: <nisse.admin's password>
-Maximum ticket lifetime?  (255)  [Forever]  
-Attributes?  [0x00]  
-Expiration date (enter yyyy-mm-dd) ?  [Sat Jan  1 05:59:00 2000]  
-Password for nisse:
-Verifying password Password for nisse:
-nisse added to database.
-@end cartouche
-@end example
-
-Add whatever other users you want to have in the same way.  Verify that
-a user is in the database and check the database entry for that user:
-
-@example
-@cartouche
-admin:  <get nisse>
-Info in Database for nisse.:
-Max Life: 255 (Forever)   Exp Date: Sat Jan  1 05:59:59 2000
-
-Attribs: 00  key: 0 0
-admin:  <^D>
-Cleaning up and exiting.
-@end cartouche
-@end example
-
-@node Automate the startup of the servers,  , Add users to the database, How to set up the kerberos server
-@subsection Automate the startup of the servers
-
-Add the lines that were used to start the kerberos server and the
-admin server to your startup scripts (@file{/etc/rc} or similar).
-@pindex rc
-
-@node Install the client programs, Install the kerberised services, How to set up the kerberos server, How to set up a realm
-@section Install the client programs
-
-Making a machine a kerberos client only requires a few steps.  First you
-might need to change the configuration files as with the kerberos
-server.  (@xref{Install the configuration files} and @ref{Install the
-/etc/services}.) Also you need to make the programs in
-@file{/usr/athena/bin} available.  This can be done by adding the
-@file{/usr/athena/bin} directory to the users' paths, by making symbolic
-links, or even by copying the programs.
-
-You should also verify that the local time on the client is synchronised
-with the time on the kerberos server by some means. The maximum allowed
-time difference between the participating servers and a client is 5
-minutes.
-@cindex NTP.
-One good way to synchronize the time is NTP (Network Time Protocol), see
-@code{http://www.eecis.udel.edu/~ntp/}.
-
-If you need to run the client programs on a machine where you do not
-have root-access, you can hopefully just use the binaries and no
-configuration will be needed.  The heuristics used are mentioned above
-(see @ref{Install the configuration files}).  If this is not the case
-and you need to have @file{krb.conf} and/or @file{krb.realms}, you can
-copy them into a directory of your choice and
-@pindex krb.conf
-@pindex krb.realms
-set the environment variable @var{KRBCONFDIR} to point at this
-@cindex KRBCONFDIR
-directory.
-
-To test the client functionality, run the @code{kinit} program:
-
-@example
-@cartouche
-foo$ kinit
-eBones International (foo.foo.se)
-Kerberos Initialization
-Kerberos name: <nisse>
-Password: <password>
-
-foo$ klist
-Ticket file:    /tmp/tkt4711
-Principal:      nisse@@FOO.SE
-
-Issued           Expires          Principal
-May 24 21:06:03  May 25 07:06:03  krbtgt.FOO.SE@@FOO.SE
-@end cartouche
-@end example
-
-@node Install the kerberised services, Install a slave kerberos server, Install the client programs, How to set up a realm
-@section Install the kerberised services
-
-These includes @code{rsh}, @code{rlogin}, @code{telnet}, @code{ftp},
-@code{rxtelnet}, and so on.
-@pindex rsh
-@pindex rlogin
-@pindex telnet
-@pindex ftp
-@pindex rxtelnet
-
-First follow the steps mentioned in the prior section to make it a
-client and verify its operation.  Change @file{inetd.conf} next to use
-the new daemons.  Look at the file
-@pindex inetd.conf
-@file{etc/inetd.conf.changes} to see the changes that we recommend you
-perform on @file{inetd.conf}.
-
-You should at this point decide what services you want to run on
-each machine.
-
-@subsection rsh, rlogin, and rcp
-@pindex rsh
-@pindex rlogin
-@pindex rcp
-
-These exist in kerberised versions and ``old-style'' versions.  The
-different versions use different port numbers, so you can choose none,
-one, or both.  If you do not want to use ``old-style'' r* services, you
-can let the programs output the text ``Remote host requires Kerberos
-authentication'' instead of just refusing connections to that port.
-This is enabled with the @samp{-v} option.  The kerberised services
-exist in encrypted and non-encrypted versions.  The encrypted services
-have an ``e'' prepended to the name and the programs take @samp{-x} as an
-option indicating encryption.
-
-Our recommendation is to only use the kerberised services and give
-explanation messages for the old ports.
-
-@subsection telnet
-@pindex telnet
-
-The telnet service always uses the same port and negotiates as to which
-authentication method should be used.  The @code{telnetd} program has
-@pindex telnetd
-an option ``-a user'' that only allows kerberised and authenticated
-connections.  If this is not included, it falls back to using clear text
-passwords.  For obvious reasons, we recommend that you enable this
-option.  If you want to use one-time passwords (@xref{One-Time
-Passwords}) you can use the ``-a otp'' option which will allow OTPs or
-kerberised connections.
-
-@subsection ftp
-@pindex ftp
-
-The ftp service works as telnet does, with just one port being used.  By
-default only kerberos authenticated connections are allowed.  You can
-specify additional levels that are thus allowed with these options:
-
-@table @asis
-@item @kbd{-a otp}
-Allow one-time passwords (@xref{One-Time Passwords}).
-@item @kbd{-a ftp}
-Allow anonymous login (as user ``ftp'' or ``anonymous'').
-@item @kbd{-a safe}
-The same as @kbd{-a ftp}, for backwards compatibility.
-@item @kbd{-a plain}
-Allow clear-text passwords.
-@item @kbd{-a none}
-The same as @kbd{-a ftp -a plain}.
-@item @kbd{-a user}
-A no-op, also there for backwards compatibility reasons.
-@end table
-
-When running anonymous ftp you should read the man page on @code{ftpd}
-which explains how to set it up.
-
-@subsection pop
-@pindex popper
-
-The Post Office Protocol (POP) is used to retrieve mail from the mail
-hub.  The @code{popper} program implements the standard POP3 protocol
-and the kerberised KPOP.  Use the @samp{-k} option to run the kerberos
-version of the protocol. This service should only be run on your mail
-hub.
-
-@subsection kx
-@pindex kx
-
-@code{kx} allows you to run X over a kerberos-authenticated and
-encrypted connection.  This program is used by @code{rxtelnet},
-@code{tenletxr}, and @code{rxterm}.
-
-If you have some strange kind of operating system with X libraries that
-do not allow you to use unix-sockets, you need to specify the @samp{-t}
-@pindex kxd
-option to @code{kxd}.  Otherwise it should be sufficient by adding the
-daemon in @file{inetd.conf}.
-
-@subsection kauth
-@pindex kauth
-
-This service allows you to create tickets on a remote host.  To
-enable it just insert the corresponding line in @file{inetd.conf}.
-
-@section srvtabs
-@pindex srvtab
-
-In the same way every user needs to have a password registered with
-the kerberos server, every service needs to have a shared key with the
-kerberos server.  The service keys are stored in a file, usually called
-@file{/etc/srvtab}.  This file should not be readable to anyone but
-root, in order to keep the key from being divulged.  The name of this principal
-in the kerberos database is usually the service and the host.  The key
-for the pop service is called @samp{pop.@var{hostname}}.  The one for
-rsh/rlogin/telnet is named @samp{rcmd.@var{hostname}}.  (rcmd comes from
-``remote command'').  To create these keys you will use the the
-@code{ksrvutil} program.  Perform the
-@pindex ksrvutil
-following:
-
-@example
-@cartouche
-bar# ksrvutil -p nisse.admin get
-Name [rcmd]: <>
-Instance [bar]: <>
-Realm [FOO.SE]: <>
-Is this correct? (y,n) [y] <>
-Add more keys? (y,n) [n] <>
-Password for nisse.admin@@FOO.SE: <nisse.admin's password>
-Written rcmd.bar
-rcmd.bar@@FOO.SE
-Old keyfile in /etc/srvtab.old.
-@end cartouche
-@end example
-
-@subsection Complete test of the kerberised services
-
-Obtain a ticket on one machine (@samp{foo}) and use it to login with a
-kerberised service to a second machine (@samp{bar}).  The test should
-look like this if successful:
-
-@example
-@cartouche
-foo$ kinit nisse
-eBones International (foo.foo.se)
-Kerberos Initialization for "nisse"
-Password: <nisse's password>
-foo$ klist
-Ticket file:    /tmp/tkt4711
-Principal:      nisse@@FOO.SE
-
-Issued           Expires          Principal
-May 30 13:48:03  May 30 23:48:03  krbtgt.FOO.SE@@FOO.SE
-foo$ telnet bar
-Trying 17.17.17.17...
-Connected to bar.foo.se
-Escape character is '^]'.
-[ Trying mutual KERBEROS4 ... ]
-[ Kerberos V4 accepts you ]
-[ Kerberos V4 challenge successful ]
-bar$
-@end cartouche
-@end example
-
-You can also try with @code{rsh}, @code{rcp}, @code{rlogin},
-@code{rlogin -x}, and some other commands to see that everything is
-working all right.
-
-@node Install a slave kerberos server, Cross-realm functionality , Install the kerberised services, How to set up a realm
-@section Install a slave kerberos server
-
-It is desirable to have at least one backup (slave) server in case the
-master server fails. It is possible to have any number of such slave
-servers but more than three usually doesn't buy much more redundancy.
-
-First select a good server machine.  @xref{Choose a kerberos
-server}. Since the master and slave servers will use copies of the same
-database, they need to use the same master key.
-
-On the master, add a @samp{rcmd.kerberos} principal (using
-@samp{ksrvutil get}). The
-@pindex kprop
-@code{kprop} program, running on the master, will use this when
-authenticating to the
-@pindex kpropd
-@code{kpropd} daemons running on the slave servers.
-
-On your master server, create a file, e.g. @file{/var/kerberos/slaves},
-that contains the hostnames of your kerberos slave servers.
-
-Start @code{kpropd} with @samp{kpropd -i} on your slave servers.
-
-On your master server, create a dump of the database with @samp{kdb_util
-slave_dump /var/kerberos/slave_dump}, and then run @code{kprop}.
-
-You should now have copies of the database on your slave servers. You
-can verify this by issuing @samp{kdb_util dump @var{file}} on your
-slave servers, and comparing with the original file on the master
-server. Note that the entries will not be in the same order.
-
-This procedure should be automated with a script run regularly by cron,
-for instance once an hour.
-
-To start the kerberos server on slaves, you first have to copy the
-master key from the master server. You can do this either by remembering
-the master password and issuing @samp{kstash}, or you can just copy the
-keyfile. Remember that if you copy the file, do so on a safe media, not
-over the network. Good means include floppy or paper. Paper is better,
-since it is easier to swallow afterwards.
-
-The kerberos server should be started with @samp{-s} on the slave
-servers. This enables sanity checks, for example checking the time since
-the last update from the master.
-
-All changes to the database are made by @code{kadmind} at the master,
-and then propagated to the slaves, so you should @strong{not} run
-@code{kadmind} on the slaves.
-
-Finally add the slave servers to
-@file{/etc/krb.conf}. The clients will ask the servers in the order
-specified by that file.
-
-Consider adding CNAMEs to your slave servers, see @ref{Install the
-configuration files}.
-
-@node Cross-realm functionality ,  , Install a slave kerberos server, How to set up a realm
-@section Cross-realm functionality
-
-Suppose you are residing in the realm @samp{MY.REALM}, how do you
-authenticate to a server in @samp{OTHER.REALM}? Having valid tickets in
-@samp{MY.REALM} allows you to communicate with kerberised services in that
-realm. However, the computer in the other realm does not have a secret
-key shared with the kerberos server in your realm.
-
-It is possible to add a shared key between two realms that trust each
-other. When a client program, such as @code{telnet}, finds that the
-other computer is in a different realm, it will try to get a ticket
-granting ticket for that other realm, but from the local kerberos
-server. With that ticket granting ticket, it will then obtain service
-tickets from the kerberos server in the other realm.
-
-To add this functionality you have to add a principal to each realm. The
-principals should be @samp{krbtgt.OTHER.REALM} in @samp{MY.REALM}, and
-@samp{krbtgt.MY.REALM} in @samp{OTHER.REALM}. The two different
-principals should have the same key (and key version number).  Remember
-to transfer this key in a safe manner. This is all that is required.
-
-@example
-@cartouche
-blubb$ klist
-Ticket file:    /tmp/tkt3008
-Principal:      joda@@NADA.KTH.SE
-
-  Issued           Expires          Principal
-Jun  7 02:26:23  Jun  7 12:26:23  krbtgt.NADA.KTH.SE@@NADA.KTH.SE
-blubb$ telnet agat.e.kth.se
-Trying 130.237.48.12...
-Connected to agat.e.kth.se.
-Escape character is '^]'.
-[ Trying mutual KERBEROS4 ... ]
-[ Kerberos V4 accepts you ]
-[ Kerberos V4 challenge successful ]
-Last login: Sun Jun  2 20:51:50 from emma.pdc.kth.se
-
-agat$ exit
-Connection closed by foreign host.
-blubb$ klist
-Ticket file:    /tmp/tkt3008
-Principal:      joda@@NADA.KTH.SE
-
-  Issued           Expires          Principal
-Jun  7 02:26:23  Jun  7 12:26:23  krbtgt.NADA.KTH.SE@@NADA.KTH.SE
-Jun  7 02:26:50  Jun  7 12:26:50  krbtgt.E.KTH.SE@@NADA.KTH.SE
-Jun  7 02:26:51  Jun  7 12:26:51  rcmd.agat@@E.KTH.SE
-@end cartouche
-@end example
diff --git a/crypto/kerberosIV/doc/whatis.texi b/crypto/kerberosIV/doc/whatis.texi
deleted file mode 100644
index 16989bbec9d0..000000000000
--- a/crypto/kerberosIV/doc/whatis.texi
+++ /dev/null
@@ -1,137 +0,0 @@
-@node What is Kerberos?, Installing programs, Introduction, Top
-@chapter What is Kerberos?
-
-@quotation
-@flushleft
-        Now this Cerberus had three heads of dogs,
-        the tail of a dragon, and on his back the
-        heads of all sorts of snakes.
-        --- Pseudo-Apollodorus Library 2.5.12
-@end flushleft
-@end quotation
-
-Kerberos is a system for authenticating users and services on a network.
-It is built upon the assumption that the network is ``unsafe''.  For
-example, data sent over the network can be eavesdropped and altered, and
-addresses can also be faked.  Therefore they cannot be used for
-authentication purposes.
-@cindex authentication
-
-Kerberos is a trusted third-party service.  That means that there is a
-third party (the kerberos server) that is trusted by all the entities on
-the network (users and services, usually called @dfn{principals}).  All
-principals share a secret password (or key) with the kerberos server and
-this enables principals to verify that the messages from the kerberos
-server are authentic.  Thus trusting the kerberos server, users and
-services can authenticate each other.
-
-@section Basic mechanism
-
-@ifinfo
-@macro sub{arg}
-<\arg\>
-@end macro
-@end ifinfo
-
-@tex
-@def@xsub#1{$_{#1}$}
-@global@let@sub=@xsub
-@end tex
-
-In Kerberos, principals use @dfn{tickets} to prove that they are who
-they claim to be. In the following example, @var{A} is the initiator of
-the authentication exchange, usually a user, and @var{B} is the service
-that @var{A} wishes to use.
-
-To obtain a ticket for a specific service, @var{A} sends a ticket
-request to the kerberos server. The request basically contains @var{A}'s
-and @var{B}'s names. The kerberos server checks that both @var{A} and
-@var{B} are valid principals.
-
-Having verified the validity of the principals, it creates a packet
-containing @var{A}'s and @var{B}'s names, @var{A}'s network address
-(@var{A@sub{addr}}), the current time (@var{t@sub{issue}}), the lifetime
-of the ticket (@var{life}), and a secret @dfn{session key}
-@cindex session key
-(@var{K@sub{AB}}). This packet is encrypted with @var{B}'s secret key
-(@var{K@sub{B}}).  The actual ticket (@var{T@sub{AB}}) looks like this:
-(@{@var{A}, @var{B}, @var{A@sub{addr}}, @var{t@sub{issue}}, @var{life},
-@var{K@sub{AB}}@}@var{K@sub{B}}).
-
-The reply to @var{A} consists of the ticket (@var{T@sub{AB}}), @var{B}'s
-name, the current time, the lifetime of the ticket, and the session key, all
-encrypted in @var{A}'s secret key (@{@var{B}, @var{t@sub{issue}},
-@var{life}, @var{K@sub{AB}}, @var{T@sub{AB}}@}@var{K@sub{A}}). @var{A}
-decrypts the reply and retains it for later use.
-
-@sp 1
-
-Before sending a message to @var{B}, @var{A} creates an authenticator
-consisting of @var{A}'s name, @var{A}'s address, the current time, and a
-``checksum'' chosen by @var{A}, all encrypted with the secret session
-key (@{@var{A}, @var{A@sub{addr}}, @var{t@sub{current}},
-@var{checksum}@}@var{K@sub{AB}}). This is sent together with the ticket
-received from the kerberos server to @var{B}.  Upon reception, @var{B}
-decrypts the ticket using @var{B}'s secret key.  Since the ticket
-contains the session key that the authenticator was encrypted with,
-@var{B} can now also decrypt the authenticator. To verify that @var{A}
-really is @var{A}, @var{B} now has to compare the contents of the ticket
-with that of the authenticator. If everything matches, @var{B} now
-considers @var{A} as properly authenticated.
-
-@c (here we should have some more explanations)
-
-@section Different attacks
-
-@subheading Impersonating A
-
-An impostor, @var{C} could steal the authenticator and the ticket as it
-is transmitted across the network, and use them to impersonate
-@var{A}. The address in the ticket and the authenticator was added to
-make it more difficult to perform this attack.  To succeed @var{C} will
-have to either use the same machine as @var{A} or fake the source
-addresses of the packets. By including the time stamp in the
-authenticator, @var{C} does not have much time in which to mount the
-attack.
-
-@subheading Impersonating B
-
-@var{C} can hijack @var{B}'s network address, and when @var{A} sends
-her credentials, @var{C} just pretend to verify them. @var{C} can't
-be sure that she is talking to @var{A}.
-
-@section Defense strategies
-
-It would be possible to add a @dfn{replay cache}
-@cindex replay cache
-to the server side.  The idea is to save the authenticators sent during
-the last few minutes, so that @var{B} can detect when someone is trying
-to retransmit an already used message. This is somewhat impractical
-(mostly regarding efficiency), and is not part of Kerberos 4; MIT
-Kerberos 5 contains it.
-
-To authenticate @var{B}, @var{A} might request that @var{B} sends
-something back that proves that @var{B} has access to the session
-key. An example of this is the checksum that @var{A} sent as part of the
-authenticator. One typical procedure is to add one to the checksum,
-encrypt it with the session key and send it back to @var{A}.  This is
-called @dfn{mutual authentication}.
-
-The session key can also be used to add cryptographic checksums to the
-messages sent between @var{A} and @var{B} (known as @dfn{message
-integrity}).  Encryption can also be added (@dfn{message
-confidentiality}). This is probably the best approach in all cases.
-@cindex integrity
-@cindex confidentiality
-
-@section Further reading
-
-The original paper on Kerberos from 1988 is @cite{Kerberos: An
-Authentication Service for Open Network Systems}, by Jennifer Steiner,
-Clifford Neuman and Jeffrey I. Schiller.
-
-A less technical description can be found in @cite{Designing an
-Authentication System: a Dialogue in Four Scenes} by Bill Bryant, also
-from 1988.
-
-These and several other documents can be found on our web-page.
diff --git a/crypto/kerberosIV/eBones-p9.README b/crypto/kerberosIV/eBones-p9.README
deleted file mode 100644
index 844298598e23..000000000000
--- a/crypto/kerberosIV/eBones-p9.README
+++ /dev/null
@@ -1,26 +0,0 @@
-The file eBones-p9.patch.Z is the compressed patch for Bones (patchlevel 9)
-that puts back the calls to the DES encryption libraries.
-
-eBones-p9-des.tar.Z is a compressed tar file of MIT compatible
-des encryption routines.  Install these routines in src/lib/des.
-The des_quad_cksum is not compatible with the MIT version
-but I should fix that when I have access to ultrix 4
-* [It has now been fixed and is the same as MIT's]
-(it has a binary copy of libdes.a)).  There are two extra routines,
-des_enc_read and des_enc_write.  These routines are used in the
-kerberos rcp, rlogin and rlogind to encrypt all network traffic.
-
-eBones-p9.tar.Z is a compressed tar file of Bones (patchlevel 9)
-with the eBones-p9.patch applied and eBones-p9-des.tar.Z installed.
-
-When applying the patch to Bones, don't do a
-find src -name "*.orig" -exec /bin/rm {} \;
-There is a file called src/util/ss/ss.h.orig that is needed and
-the above find will remove it.
-
-The Imakefile in src/lib/des assumes you have gcc.  If you don't,
-you will have to change the Imakefile.  Compile this directory with
-the maximum optimization your compiler has available.
-
-These modifications have been successfully unpacked and compiled
-on a microvax 3600.
diff --git a/crypto/kerberosIV/etc/README b/crypto/kerberosIV/etc/README
deleted file mode 100644
index 68865ec7c8fc..000000000000
--- a/crypto/kerberosIV/etc/README
+++ /dev/null
@@ -1,41 +0,0 @@
-
-	How to update your files in the /etc directory!
-
-/etc/services (all machines)
-
-  The contents of services.append can probably just be appended to
-your local file. If you use NIS (YP) you need to do this on the NIS
-master. Delete and duplicate definitions to prevent inconsistencies.
-
-/etc/krb.conf (all machines)
-
-  Create a krb.conf file by substituting MY.REALM.NAME with your
-domain name. If you create a domain name alias (CNAME) kerberos.domain
-pointing to your master server, unconfigured clients will have a
-chance to find your realm.
-
-  It is no longer necessary to put each and every realm in
-krb.{conf,realms}. If the domain name matches your realm name and you
-have a CNAME kerberos.REALMNAME pointing at your kerberos server other
-sites will find your realm even if it is not listed in krb.conf.  
-*** Please add this CNAME to your local DNS ***
-
-/etc/krb.realms (all machines)
-
-  Substitue MY.REALM.NAME in krb.realms with your domain name.
-  Not strictly necessary when domain and realm names match.
-
-/etc/inetd.conf (all machines supporting incoming telnet, rsh etc.)
-
-  Comment out the lines starting with shell, login and telnet and
-append inetd.conf.changes. Be carefull to check that there are no
-additional old entries of kshell, ekshell, klogin and eklogin left.
-
-  The -v option to rshd and rlogin turns off that service and echo
-an informational message to the user.
-
-/etc/srvtab
-
-  With 'ksrvutil get' you can add entries to the Kerberos database and
-put the service keys into your srvtab file.
-
diff --git a/crypto/kerberosIV/etc/default.login b/crypto/kerberosIV/etc/default.login
deleted file mode 100644
index f01b2eee90a4..000000000000
--- a/crypto/kerberosIV/etc/default.login
+++ /dev/null
@@ -1,47 +0,0 @@
-#
-# Sample /etc/default/login file, read by the login program
-#
-# For more info consult SysV login(1)
-#
-# Most things are environment variables.
-# HZ and TZ are set only if they are still uninitialized.
-
-# This really variable TZ
-#TIMEZONE=EST5EDT
-
-#HZ=100
-
-# File size limit, se ulimit(2).
-# Note that the limit must be specified in units of 512-byte blocks.
-#ULIMIT=0
-
-# If CONSOLE is set, root can only login on that device.
-# When not set root can log in on any device.
-#CONSOLE=/dev/console
-
-# PASSREQ determines if login requires a password.
-PASSREQ=YES
-
-# ALTSHELL, really set SHELL=/bin/bash or other shell
-# Extension: when ALTSHELL=YES, we set the SHELL variable even if it is /bin/sh
-ALTSHELL=YES
-
-# Default PATH
-#PATH=/usr/bin:
-
-# Default PATH for root user
-#SUPATH=/usr/sbin:/usr/bin
-
-# TIMEOUT sets the number of seconds (between 0 and 900) to wait before
-# abandoning a login session.
-# 
-#TIMEOUT=300
-
-# Use this for default umask(2) value
-#UMASK=022
-
-# Sleeptime between failed logins
-# SLEEPTIME
-
-# Maximum number of failed login attempts, well the user can always reconnect
-# MAXTRYS
diff --git a/crypto/kerberosIV/etc/fbtab b/crypto/kerberosIV/etc/fbtab
deleted file mode 100644
index 3e2137691471..000000000000
--- a/crypto/kerberosIV/etc/fbtab
+++ /dev/null
@@ -1,15 +0,0 @@
-# Sample /etc/fbtab file read by the login program
-# This file can also be called /etc/logindevperm.
-
-# Use this to give away devices to the console user. The group of the
-# devices is set to the owner's group specified in /etc/passwd.
-#
-# First column specifies the console device.
-#
-# Second the mode bits of the given away devices
-#
-# Third is a : separated list of devices to give away
-
-# console       mode    devices
-/dev/console	0600	/dev/console:/dev/mouse
-/dev/console	0600	/dev/floppy
diff --git a/crypto/kerberosIV/etc/hosts.equiv b/crypto/kerberosIV/etc/hosts.equiv
deleted file mode 100644
index 2fbb50c4a8dc..000000000000
--- a/crypto/kerberosIV/etc/hosts.equiv
+++ /dev/null
@@ -1 +0,0 @@
-localhost
diff --git a/crypto/kerberosIV/etc/inetd.conf.changes b/crypto/kerberosIV/etc/inetd.conf.changes
deleted file mode 100644
index a9721a0ff161..000000000000
--- a/crypto/kerberosIV/etc/inetd.conf.changes
+++ /dev/null
@@ -1,33 +0,0 @@
-#
-# $Id: inetd.conf.changes,v 1.12 1996/10/27 11:58:02 bg Exp $
-#
-# Turn off vanilla rshd and rlogind with an informational message.
-# If you really want this security problem remove the '-v' option!
-shell	stream	tcp nowait root	/usr/athena/libexec/rshd rshd -l -L -v
-login	stream	tcp nowait root /usr/athena/libexec/rlogind rlogind -l -v
-#
-# Kerberos rsh
-kshell	stream	tcp nowait root	/usr/athena/libexec/rshd rshd -L -k
-ekshell	stream	tcp nowait root	/usr/athena/libexec/rshd rshd -L -k -x
-ekshell2 stream	tcp nowait root	/usr/athena/libexec/rshd rshd -L -k -x
-#
-# Kerberos rlogin
-klogin	stream	tcp nowait root	/usr/athena/libexec/rlogind rlogind -k
-eklogin	stream	tcp nowait root	/usr/athena/libexec/rlogind rlogind -k -x
-#
-# Kerberized telnet and ftp, consider adding '-a user' to
-# disallow cleartext passwords to both telnetd and ftpd.
-telnet	stream	tcp nowait root /usr/athena/libexec/telnetd telnetd -a none
-ftp	stream	tcp nowait root	/usr/athena/libexec/ftpd ftpd -a none
-#
-# Kerberized POP. Server principal is pop.hostname, *not* rcmd.hostname!
-#kpop	stream	tcp nowait root	/usr/athena/libexec/popper popper -k
-#
-# Old POP3 with passwords in clear (not recommended, uses cleartext passwords)
-#pop3	stream	tcp nowait root	/usr/athena/libexec/popper popper
-#
-# Kauthd, support for putting tickets on other machines in a secure fashion.
-kauth	stream	tcp nowait root	/usr/athena/libexec/kauthd kauthd
-#
-# Encrypted X connections
-kx	stream	tcp nowait root	/usr/athena/libexec/kxd kxd
diff --git a/crypto/kerberosIV/etc/krb.conf b/crypto/kerberosIV/etc/krb.conf
deleted file mode 100644
index 6114c8520645..000000000000
--- a/crypto/kerberosIV/etc/krb.conf
+++ /dev/null
@@ -1,56 +0,0 @@
-MY.REALM.NAME
-MY.REALM.NAME	kerberos.MY.REALM.NAME admin server
-SICS.SE		kerberos.sics.se admin server
-NADA.KTH.SE	kerberos.nada.kth.se admin server
-NADA.KTH.SE	sysman.nada.kth.se
-NADA.KTH.SE	server.nada.kth.se
-ADMIN.KTH.SE	ulysses.admin.kth.se admin server
-ADMIN.KTH.SE	graziano.admin.kth.se
-ADMIN.KTH.SE	montano.admin.kth.se
-BION.KTH.SE     chaplin.bion.kth.se admin server
-DSV.SU.SE	ssi.dsv.su.se admin server
-DSV.SU.SE	vall.dsv.su.se
-E.KTH.SE	heimdal.e.kth.se admin server
-E.KTH.SE        elixir.e.kth.se
-E.KTH.SE        malt.e.kth.se
-IT.KTH.SE	gaia.it.kth.se
-IT.KTH.SE	isolde.it.kth.se
-IT.KTH.SE	tristan.it.kth.se
-KTH.SE		kth.se admin server
-ML.KVA.SE	gustava.ml.kva.se admin server
-PI.SE		liszt.adm.pi.se admin server
-STACKEN.KTH.SE	linnea.stacken.kth.se admin server
-STACKEN.KTH.SE	marcel.stacken.kth.se
-STACKEN.KTH.SE	sune.stacken.kth.se
-SUNET.SE	bar.pilsnet.sunet.se admin server
-CYGNUS.COM kerberos.cygnus.com admin server
-CYGNUS.COM kerberos-1.cygnus.com
-CYGNUS.COM dumb.cygnus.com
-DEVO.CYGNUS.COM dumber.cygnus.com admin server
-MIRKWOOD.CYGNUS.COM mirkwood.cygnus.com admin server
-KITHRUP.COM KITHRUP.COM admin server
-ATHENA.MIT.EDU kerberos.mit.edu admin server
-ATHENA.MIT.EDU kerberos-1.mit.edu
-ATHENA.MIT.EDU kerberos-2.mit.edu
-ATHENA.MIT.EDU kerberos-3.mit.edu
-LCS.MIT.EDU kerberos.lcs.mit.edu admin server
-SMS_TEST.MIT.EDU dodo.mit.edu admin server
-LS.MIT.EDU ls.mit.edu admin server
-IFS.UMICH.EDU kerberos.ifs.umich.edu
-CS.WASHINGTON.EDU hawk.cs.washington.edu
-CS.WASHINGTON.EDU aspen.cs.washington.edu
-CS.BERKELEY.EDU okeeffe.berkeley.edu
-SOUP.MIT.EDU soup.mit.edu admin server
-TELECOM.MIT.EDU bitsy.mit.edu
-MEDIA.MIT.EDU kerberos.media.mit.edu
-NEAR.NET kerberos.near.net
-CATS.UCSC.EDU mehitabel.ucsc.edu admin server
-CATS.UCSC.EDU ucsch.ucsc.edu
-WATCH.MIT.EDU kerberos.watch.mit.edu admin server
-TELEBIT.COM napa.telebit.com. admin server
-ARMADILLO.COM monad.armadillo.com admin server
-TOAD.COM toad.com admin server
-ZEN.ORG zen.org admin server
-LLOYD.COM harry.lloyd.com admin server
-EPRI.COM kerberos.epri.com admin server
-EPRI.COM kerberos-2.epri.com
diff --git a/crypto/kerberosIV/etc/krb.equiv b/crypto/kerberosIV/etc/krb.equiv
deleted file mode 100644
index 6205c1f38b1c..000000000000
--- a/crypto/kerberosIV/etc/krb.equiv
+++ /dev/null
@@ -1,14 +0,0 @@
-# List of host with multiple adresses.
-#
-193.10.156.253	130.237.232.44	193.10.156.252	# scws scws-fddi scws-2.
-193.10.156.250  130.237.232.15  		# salmon-sp salmon.
-#
-# new krb.equiv syntax for all of SP.
-#
-193.10.156.0/24	193.10.157.0/24	\	# syk-X.pdc.kth.se syk-X-hps.pdc.kth.se
-130.237.232.31	130.237.232.32	\	# syk-0101-fddi syk-0201-fddi
-130.237.232.38	130.237.232.39	\	# syk-0115-fddi syk-0116-fddi
-130.237.232.33	130.237.232.34	\	# syk-0301-fddi syk-0401-fddi
-130.237.232.35	130.237.232.36	\	# syk-0501-fddi syk-0601-fddi
-130.237.232.37	130.237.230.66	\	# syk-0602-fddi syk-0602-fcs
-130.237.230.36				# syk-0606-hippi.
diff --git a/crypto/kerberosIV/etc/krb.realms b/crypto/kerberosIV/etc/krb.realms
deleted file mode 100644
index 85e955a9d9b1..000000000000
--- a/crypto/kerberosIV/etc/krb.realms
+++ /dev/null
@@ -1,51 +0,0 @@
-.MY.REALM.NAME	MY.REALM.NAME
-sics.se		SICS.SE
-.sics.se	SICS.SE
-nada.kth.se	NADA.KTH.SE
-pdc.kth.se	NADA.KTH.SE
-.hydro.kth.se	NADA.KTH.SE
-.math.kth.se	NADA.KTH.SE
-.mech.kth.se	NADA.KTH.SE
-.nada.kth.se	NADA.KTH.SE
-.pdc.kth.se	NADA.KTH.SE
-.sans.kth.se	NADA.KTH.SE
-.admin.kth.se	ADMIN.KTH.SE
-.e.kth.se	E.KTH.SE
-.electrum.kth.se	IT.KTH.SE
-.it.kth.se	IT.KTH.SE
-.sth.sunet.se	SUNET.SE
-.pilsnet.sunet.se	SUNET.SE
-.sunet.se	SUNET.SE
-.ml.kva.se	ML.KVA.SE
-pi.se		PI.SE
-.pi.se		PI.SE
-.adm.pi.se	PI.SE
-.stacken.kth.se	STACKEN.KTH.SE
-kth.se		KTH.SE
-.kth.se		KTH.SE
-.bion.kth.se	BION.KTH.SE
-.dsv.su.se	DSV.SU.SE
-.MIT.EDU ATHENA.MIT.EDU
-.MIT.EDU. ATHENA.MIT.EDU
-MIT.EDU ATHENA.MIT.EDU
-DODO.MIT.EDU SMS_TEST.MIT.EDU
-.UCSC.EDU CATS.UCSC.EDU
-.UCSC.EDU. CATS.UCSC.EDU
-CYGNUS.COM CYGNUS.COM
-.CYGNUS.COM CYGNUS.COM
-MIRKWOOD.CYGNUS.COM MIRKWOOD.CYGNUS.COM
-KITHRUP.COM KITHRUP.COM
-.KITHRUP.COM KITHRUP.COM
-.berkeley.edu   EECS.BERKELEY.EDU
-.CS.berkeley.edu        EECS.BERKELEY.EDU
-.MIT.EDU        ATHENA.MIT.EDU
-.mit.edu        ATHENA.MIT.EDU
-.BSDI.COM       BSDI.COM
-ARMADILLO.COM	ARMADILLO.COM
-.ARMADILLO.COM	ARMADILLO.COM
-ZEN.ORG		ZEN.ORG
-.ZEN.ORG	ZEN.ORG
-toad.com	TOAD.COM
-.toad.com	TOAD.COM
-lloyd.com	LLOYD.COM
-.lloyd.com	LLOYD.COM
diff --git a/crypto/kerberosIV/etc/login.access b/crypto/kerberosIV/etc/login.access
deleted file mode 100644
index f8116161af3a..000000000000
--- a/crypto/kerberosIV/etc/login.access
+++ /dev/null
@@ -1,54 +0,0 @@
-# Sample /etc/login.access file read by the login program
-#
-# Login access control table.
-# 
-# When someone logs in, the table is scanned for the first entry that
-# matches the (user, host) combination, or, in case of non-networked
-# logins, the first entry that matches the (user, tty) combination.  The
-# permissions field of that table entry determines whether the login will 
-# be accepted or refused.
-# 
-# Format of the login access control table is three fields separated by a
-# ":" character:
-# 
-# 	permission : users : origins
-# 
-# The first field should be a "+" (access granted) or "-" (access denied)
-# character. 
-#
-# The second field should be a list of one or more login names, group
-# names, or ALL (always matches). A pattern of the form user@host is
-# matched when the login name matches the "user" part, and when the
-# "host" part matches the local machine name.
-#
-# The third field should be a list of one or more tty names (for
-# non-networked logins), host names, domain names (begin with "."), host
-# addresses, internet network numbers (end with "."), ALL (always
-# matches) or LOCAL (matches any string that does not contain a "."
-# character).
-#
-# If you run NIS you can use @netgroupname in host or user patterns; this
-# even works for @usergroup@@hostgroup patterns. Weird.
-#
-# The EXCEPT operator makes it possible to write very compact rules.
-#
-# The group file is searched only when a name does not match that of the
-# logged-in user. Only groups are matched in which users are explicitly
-# listed: the program does not look at a user's primary group id value.
-#
-##############################################################################
-# 
-# Disallow console logins to all but a few accounts.
-#
--:ALL EXCEPT wheel shutdown sync:console
-#
-# Disallow non-local logins to privileged accounts (group wheel).
-#
--:wheel:ALL EXCEPT LOCAL .win.tue.nl
-#
-# Some accounts are not allowed to login from anywhere:
-#
--:wsbscaro wsbsecr wsbspac wsbsym wscosor wstaiwde:ALL
-#
-# All other accounts are allowed to login from anywhere.
-#
diff --git a/crypto/kerberosIV/etc/services.append b/crypto/kerberosIV/etc/services.append
deleted file mode 100644
index 8101e729b913..000000000000
--- a/crypto/kerberosIV/etc/services.append
+++ /dev/null
@@ -1,22 +0,0 @@
-#
-# Kerberos
-#
-# $Id: services.append,v 1.11 1996/10/18 15:25:17 bg Exp $
-#
-kerberos-sec	88/udp				# Kerberos secondary port UDP
-kerberos-sec	88/tcp				# Kerberos secondary port TCP
-klogin		543/tcp				# Kerberos authenticated rlogin
-kshell		544/tcp		krcmd		# and remote shell
-ekshell		545/tcp		      # Kerberos encrypted remote shell -kfall
-ekshell2	2106/tcp	      # What U of Colorado @ Boulder uses?
-kerberos-iv	750/udp		kerberos kdc	# Kerberos authentication--udp
-kerberos-iv	750/tcp		kerberos kdc	# Kerberos authentication--tcp
-kerberos_master 751/udp				# Kerberos authentication
-kerberos_master 751/tcp				# Kerberos authentication
-krb_prop	754/tcp				# Kerberos slave propagation
-kpop		1109/tcp			# Pop with Kerberos
-eklogin		2105/tcp			# Kerberos encrypted rlogin
-rkinit		2108/tcp			# Kerberos remote kinit
-kx		2111/tcp			# X over kerberos
-kip		2112/tcp			# IP over kerberos
-kauth		2120/tcp			# Remote kauth
diff --git a/crypto/kerberosIV/include/Makefile.in b/crypto/kerberosIV/include/Makefile.in
deleted file mode 100644
index 5061c085c44a..000000000000
--- a/crypto/kerberosIV/include/Makefile.in
+++ /dev/null
@@ -1,147 +0,0 @@
-# $Id: Makefile.in,v 1.36 1997/05/20 18:58:39 bg Exp $
-
-srcdir		= @srcdir@
-VPATH		= @srcdir@
-
-SHELL		= /bin/sh
-
-CC		= @CC@
-DEFS		= @DEFS@
-CFLAGS		= @CFLAGS@
-LD_FLAGS	= @LD_FLAGS@
-
-INSTALL		= @INSTALL@
-INSTALL_DATA	= @INSTALL_DATA@
-MKINSTALLDIRS	= @top_srcdir@/mkinstalldirs
-LN_S		= @LN_S@
-EXECSUFFIX	= @EXECSUFFIX@
-
-prefix		= @prefix@
-exec_prefix	= @exec_prefix@
-includedir	= @includedir@
-libdir		= @libdir@
-
-HAVE_ERR_H	= @ac_cv_header_err_h@
-
-@SET_MAKE@
-
-.c.o:
-	$(CC) -c $(CPPFLAGS) $(DEFS) -I. -I$(srcdir) $(CFLAGS) $(PICFLAGS) $<
-
-HEADERS = krb_err.h kadm_err.h acl.h com_err.h des.h kadm.h kafs.h \
-	  kdc.h klog.h krb.h krb_db.h prot.h otp.h sl.h ktypes.h
-
-KTYPES_OBJECTS = ktypes.o
-
-SOURCES = ktypes.c
-
-LOCL_HEADERS = roken.h protos.h resolve.h xdbm.h
-
-MAYBE_HEADERS = err.h
-
-SUBDIRS		= sys
-
-all: stamp-headers
-	for i in $(SUBDIRS); \
-	do (cd $$i && $(MAKE) $(MFLAGS) all); done
-
-Wall:
-	$(MAKE) CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__"
-
-ALL_INC =  com_err.h des.h kadm.h kafs.h kdc.h klog.h krb.h krb_db.h otp.h
-
-install:
-	$(MKINSTALLDIRS) $(includedir)
-	for x in $(HEADERS); \
-		do $(INSTALL_DATA) $$x $(includedir)/$$x; done
-	-if test "$(HAVE_ERR_H)" != yes; then \
-	  $(INSTALL_DATA) err.h $(includedir)/err.h; \
-	fi
-	for i in $(SUBDIRS); \
-	do (cd $$i && $(MAKE) $(MFLAGS) install); done
-
-uninstall:
-	for x in $(HEADERS); do \
-	  rm -f $(includedir)/$$x; \
-	done
-	-if test "$(HAVE_ERR_H)" != yes; then \
-	  rm -f $(includedir)/err.h; \
-	fi
-	for i in $(SUBDIRS); \
-	do (cd $$i && $(MAKE) $(MFLAGS) uninstall); done
-
-clean:
-	rm -f $(HEADERS) $(LOCL_HEADERS) $(MAYBE_HEADERS) *.o ktypes stamp-headers
-	for i in $(SUBDIRS); \
-	do (cd $$i && $(MAKE) $(MFLAGS) clean); done
-
-mostlyclean:	clean
-
-distclean:
-	$(MAKE) clean		
-	for i in $(SUBDIRS); \
-	do (cd $$i && $(MAKE) $(MFLAGS) distclean); done
-	rm -f Makefile config.status *~
-
-realclean:
-	for i in $(SUBDIRS); \
-	do (cd $$i && $(MAKE) $(MFLAGS) realclean); done
-
-err.h:
-	if test "$(HAVE_ERR_H)" != yes; then \
-	  $(LN_S) $(srcdir)/../lib/roken/err.h err.h; \
-	fi || true
-
-krb_err.h:
-	cd ../lib/krb && $(MAKE) krb_err.h
-	$(LN_S) ../lib/krb/krb_err.h .
-kadm_err.h:
-	cd ../lib/kadm && $(MAKE) kadm_err.h
-	$(LN_S) ../lib/kadm/kadm_err.h .
-acl.h:
-	$(LN_S) $(srcdir)/../lib/acl/acl.h .
-com_err.h:
-	$(LN_S) $(srcdir)/../util/et/com_err.h .
-des.h:
-	$(LN_S) $(srcdir)/../lib/des/des.h .
-kadm.h:
-	$(LN_S) $(srcdir)/../lib/kadm/kadm.h .
-kafs.h:
-	$(LN_S) $(srcdir)/../lib/kafs/kafs.h .
-kdc.h:
-	$(LN_S) $(srcdir)/../lib/kdb/kdc.h .
-klog.h:
-	$(LN_S) $(srcdir)/../lib/krb/klog.h .
-krb.h:
-	$(LN_S) $(srcdir)/../lib/krb/krb.h .
-resolve.h:
-	$(LN_S) $(srcdir)/../lib/krb/resolve.h .
-krb_db.h:
-	$(LN_S) $(srcdir)/../lib/kdb/krb_db.h .
-prot.h:
-	$(LN_S) $(srcdir)/../lib/krb/prot.h .
-
-protos.h:
-	$(LN_S) $(srcdir)/protos.H protos.h
-roken.h:
-	$(LN_S) $(srcdir)/../lib/roken/roken.h .
-xdbm.h:
-	$(LN_S) $(srcdir)/../lib/roken/xdbm.h .
-
-otp.h:
-	$(LN_S) $(srcdir)/../lib/otp/otp.h .
-
-sl.h:
-	$(LN_S) $(srcdir)/../lib/sl/sl.h .
-
-ktypes$(EXECSUFFIX):	$(KTYPES_OBJECTS)
-	$(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ $(KTYPES_OBJECTS)
-
-ktypes.o: ktypes.c
-
-ktypes.h:	ktypes$(EXECSUFFIX)
-	./ktypes$(EXECSUFFIX) > $@
-
-stamp-headers: Makefile
-	$(MAKE) $(HEADERS) $(LOCL_HEADERS) $(MAYBE_HEADERS)
-	touch stamp-headers
diff --git a/crypto/kerberosIV/include/config.h.in b/crypto/kerberosIV/include/config.h.in
deleted file mode 100644
index 826dc76c3ed2..000000000000
--- a/crypto/kerberosIV/include/config.h.in
+++ /dev/null
@@ -1,984 +0,0 @@
-/* include/config.h.in.  Generated automatically from configure.in by autoheader.  */
-
-/* Define if using alloca.c.  */
-#undef C_ALLOCA
-
-/* Define to empty if the keyword does not work.  */
-#undef const
-
-/* Define to one of _getb67, GETB67, getb67 for Cray-2 and Cray-YMP systems.
-   This function is required for alloca.c support on those systems.  */
-#undef CRAY_STACKSEG_END
-
-/* Define to `int' if <sys/types.h> doesn't define.  */
-#undef gid_t
-
-/* Define if you have alloca, as a function or macro.  */
-#undef HAVE_ALLOCA
-
-/* Define if you have <alloca.h> and it should be used (not on Ultrix).  */
-#undef HAVE_ALLOCA_H
-
-/* Define if you have a working `mmap' system call.  */
-#undef HAVE_MMAP
-
-/* Define if your struct stat has st_blksize.  */
-#undef HAVE_ST_BLKSIZE
-
-/* Define to `long' if <sys/types.h> doesn't define.  */
-#undef off_t
-
-/* Define to `int' if <sys/types.h> doesn't define.  */
-#undef pid_t
-
-/* Define if you need to in order for stat and other things to work.  */
-#undef _POSIX_SOURCE
-
-/* Define as the return type of signal handlers (int or void).  */
-#undef RETSIGTYPE
-
-/* Define to `unsigned' if <sys/types.h> doesn't define.  */
-#undef size_t
-
-/* If using the C implementation of alloca, define if you know the
-   direction of stack growth for your system; otherwise it will be
-   automatically deduced at run-time.
- STACK_DIRECTION > 0 => grows toward higher addresses
- STACK_DIRECTION < 0 => grows toward lower addresses
- STACK_DIRECTION = 0 => direction of growth unknown
- */
-#undef STACK_DIRECTION
-
-/* Define if you have the ANSI C header files.  */
-#undef STDC_HEADERS
-
-/* Define if `sys_siglist' is declared by <signal.h>.  */
-#undef SYS_SIGLIST_DECLARED
-
-/* Define if you can safely include both <sys/time.h> and <time.h>.  */
-#undef TIME_WITH_SYS_TIME
-
-/* Define to `int' if <sys/types.h> doesn't define.  */
-#undef uid_t
-
-/* Define if your processor stores words with the most significant
-   byte first (like Motorola and SPARC, unlike Intel and VAX).  */
-#undef WORDS_BIGENDIAN
-
-/* Define if the X Window System is missing or not being used.  */
-#undef X_DISPLAY_MISSING
-
-/*  Define this if RETSIGTYPE == void  */
-#undef VOID_RETSIGTYPE
-
-/*  Define this if struct utmp have ut_user  */
-#undef HAVE_UT_USER
-
-/*  Define this if struct utmp have ut_host  */
-#undef HAVE_UT_HOST
-
-/*  Define this if struct utmp have ut_addr  */
-#undef HAVE_UT_ADDR
-
-/*  Define this if struct utmp have ut_type  */
-#undef HAVE_UT_TYPE
-
-/*  Define this if struct utmp have ut_pid  */
-#undef HAVE_UT_PID
-
-/*  Define this if struct utmp have ut_id  */
-#undef HAVE_UT_ID
-
-/*  Define this if struct utmpx have ut_syslen  */
-#undef HAVE_UT_SYSLEN
-
-/*  Define this if struct winsize is declared in sys/termios.h */
-#undef HAVE_STRUCT_WINSIZE
-
-/*  Define this if struct winsize have ws_xpixel */
-#undef HAVE_WS_XPIXEL
-
-/*  Define this if struct winsize have ws_ypixel */
-#undef HAVE_WS_YPIXEL
-
-/*  Define this to be the directory where the dictionary for cracklib */
-/*  resides */
-#undef DICTPATH
-
-/* Define this if you want to use SOCKS v5 */
-#undef SOCKS
-
-/* Define this to the path of the mail spool directory */
-#undef KRB4_MAILDIR
-
-/* Define this if `struct sockaddr' includes sa_len */
-#undef SOCKADDR_HAS_SA_LEN
-
-/* Define this if `struct siaentity' includes ouid */
-#undef SIAENTITY_HAS_OUID
-
-/* Define if getlogin has POSIX flavour, as opposed to BSD */
-#undef POSIX_GETLOGIN
-
-/* Define if getpwnam_r has POSIX flavour */
-#undef POSIX_GETPWNAM_R
-
-/* define if getcwd() is broken (such as in SunOS) */
-#undef BROKEN_GETCWD
-
-/* define if the system is missing a prototype for crypt() */
-#undef NEED_CRYPT_PROTO
-
-/* define if the system is missing a prototype for strtok_r() */
-#undef NEED_STRTOK_R_PROTO
-
-/* define if /bin/ls takes -A */
-#undef HAVE_LS_A
-
-/* define if you have h_errno */
-#undef HAVE_H_ERRNO
-
-/* define if you have h_errlist but not hstrerror */
-#undef HAVE_H_ERRLIST
-
-/* define if you have h_nerr but not hstrerror */
-#undef HAVE_H_NERR
-
-/* define if your system doesn't declare h_errlist */
-#undef HAVE_H_ERRLIST_DECLARATION
-
-/* define if your system doesn't declare h_nerr */
-#undef HAVE_H_NERR_DECLARATION
-
-/* define this if you need a declaration for h_errno */
-#undef HAVE_H_ERRNO_DECLARATION
-
-/* define if you need a declaration for optarg */
-#undef HAVE_OPTARG_DECLARATION
-
-/* define if you need a declaration for optind */
-#undef HAVE_OPTIND_DECLARATION
-
-/* define if you need a declaration for opterr */
-#undef HAVE_OPTERR_DECLARATION
-
-/* define if you need a declaration for optopt */
-#undef HAVE_OPTOPT_DECLARATION
-
-/* define if you need a declaration for __progname */
-#undef HAVE___PROGNAME_DECLARATION
-
-/* Define if you have the XauReadAuth function.  */
-#undef HAVE_XAUREADAUTH
-
-/* Define if you have the XauWriteAuth function.  */
-#undef HAVE_XAUWRITEAUTH
-
-/* Define if you have the _getpty function.  */
-#undef HAVE__GETPTY
-
-/* Define if you have the _scrsize function.  */
-#undef HAVE__SCRSIZE
-
-/* Define if you have the _setsid function.  */
-#undef HAVE__SETSID
-
-/* Define if you have the _stricmp function.  */
-#undef HAVE__STRICMP
-
-/* Define if you have the asnprintf function.  */
-#undef HAVE_ASNPRINTF
-
-/* Define if you have the asprintf function.  */
-#undef HAVE_ASPRINTF
-
-/* Define if you have the chown function.  */
-#undef HAVE_CHOWN
-
-/* Define if you have the daemon function.  */
-#undef HAVE_DAEMON
-
-/* Define if you have the dbm_firstkey function.  */
-#undef HAVE_DBM_FIRSTKEY
-
-/* Define if you have the dbopen function.  */
-#undef HAVE_DBOPEN
-
-/* Define if you have the dn_expand function.  */
-#undef HAVE_DN_EXPAND
-
-/* Define if you have the el_init function.  */
-#undef HAVE_EL_INIT
-
-/* Define if you have the err function.  */
-#undef HAVE_ERR
-
-/* Define if you have the errx function.  */
-#undef HAVE_ERRX
-
-/* Define if you have the fchmod function.  */
-#undef HAVE_FCHMOD
-
-/* Define if you have the fchown function.  */
-#undef HAVE_FCHOWN
-
-/* Define if you have the fcntl function.  */
-#undef HAVE_FCNTL
-
-/* Define if you have the flock function.  */
-#undef HAVE_FLOCK
-
-/* Define if you have the forkpty function.  */
-#undef HAVE_FORKPTY
-
-/* Define if you have the frevoke function.  */
-#undef HAVE_FREVOKE
-
-/* Define if you have the getattr function.  */
-#undef HAVE_GETATTR
-
-/* Define if you have the getcwd function.  */
-#undef HAVE_GETCWD
-
-/* Define if you have the getdtablesize function.  */
-#undef HAVE_GETDTABLESIZE
-
-/* Define if you have the gethostbyname function.  */
-#undef HAVE_GETHOSTBYNAME
-
-/* Define if you have the gethostname function.  */
-#undef HAVE_GETHOSTNAME
-
-/* Define if you have the getlogin function.  */
-#undef HAVE_GETLOGIN
-
-/* Define if you have the getopt function.  */
-#undef HAVE_GETOPT
-
-/* Define if you have the getpagesize function.  */
-#undef HAVE_GETPAGESIZE
-
-/* Define if you have the getpriority function.  */
-#undef HAVE_GETPRIORITY
-
-/* Define if you have the getpwnam_r function.  */
-#undef HAVE_GETPWNAM_R
-
-/* Define if you have the getservbyname function.  */
-#undef HAVE_GETSERVBYNAME
-
-/* Define if you have the getsockopt function.  */
-#undef HAVE_GETSOCKOPT
-
-/* Define if you have the getspnam function.  */
-#undef HAVE_GETSPNAM
-
-/* Define if you have the getspuid function.  */
-#undef HAVE_GETSPUID
-
-/* Define if you have the gettimeofday function.  */
-#undef HAVE_GETTIMEOFDAY
-
-/* Define if you have the getudbnam function.  */
-#undef HAVE_GETUDBNAM
-
-/* Define if you have the getuid function.  */
-#undef HAVE_GETUID
-
-/* Define if you have the getusershell function.  */
-#undef HAVE_GETUSERSHELL
-
-/* Define if you have the grantpt function.  */
-#undef HAVE_GRANTPT
-
-/* Define if you have the hstrerror function.  */
-#undef HAVE_HSTRERROR
-
-/* Define if you have the inet_aton function.  */
-#undef HAVE_INET_ATON
-
-/* Define if you have the initgroups function.  */
-#undef HAVE_INITGROUPS
-
-/* Define if you have the innetgr function.  */
-#undef HAVE_INNETGR
-
-/* Define if you have the iruserok function.  */
-#undef HAVE_IRUSEROK
-
-/* Define if you have the logout function.  */
-#undef HAVE_LOGOUT
-
-/* Define if you have the logwtmp function.  */
-#undef HAVE_LOGWTMP
-
-/* Define if you have the lstat function.  */
-#undef HAVE_LSTAT
-
-/* Define if you have the memmove function.  */
-#undef HAVE_MEMMOVE
-
-/* Define if you have the mkstemp function.  */
-#undef HAVE_MKSTEMP
-
-/* Define if you have the mktime function.  */
-#undef HAVE_MKTIME
-
-/* Define if you have the odm_initialize function.  */
-#undef HAVE_ODM_INITIALIZE
-
-/* Define if you have the ptsname function.  */
-#undef HAVE_PTSNAME
-
-/* Define if you have the putenv function.  */
-#undef HAVE_PUTENV
-
-/* Define if you have the rand function.  */
-#undef HAVE_RAND
-
-/* Define if you have the random function.  */
-#undef HAVE_RANDOM
-
-/* Define if you have the rcmd function.  */
-#undef HAVE_RCMD
-
-/* Define if you have the readline function.  */
-#undef HAVE_READLINE
-
-/* Define if you have the res_search function.  */
-#undef HAVE_RES_SEARCH
-
-/* Define if you have the revoke function.  */
-#undef HAVE_REVOKE
-
-/* Define if you have the setegid function.  */
-#undef HAVE_SETEGID
-
-/* Define if you have the setenv function.  */
-#undef HAVE_SETENV
-
-/* Define if you have the seteuid function.  */
-#undef HAVE_SETEUID
-
-/* Define if you have the setitimer function.  */
-#undef HAVE_SETITIMER
-
-/* Define if you have the setlim function.  */
-#undef HAVE_SETLIM
-
-/* Define if you have the setlogin function.  */
-#undef HAVE_SETLOGIN
-
-/* Define if you have the setpcred function.  */
-#undef HAVE_SETPCRED
-
-/* Define if you have the setpgid function.  */
-#undef HAVE_SETPGID
-
-/* Define if you have the setpriority function.  */
-#undef HAVE_SETPRIORITY
-
-/* Define if you have the setproctitle function.  */
-#undef HAVE_SETPROCTITLE
-
-/* Define if you have the setregid function.  */
-#undef HAVE_SETREGID
-
-/* Define if you have the setresgid function.  */
-#undef HAVE_SETRESGID
-
-/* Define if you have the setresuid function.  */
-#undef HAVE_SETRESUID
-
-/* Define if you have the setreuid function.  */
-#undef HAVE_SETREUID
-
-/* Define if you have the setsid function.  */
-#undef HAVE_SETSID
-
-/* Define if you have the setsockopt function.  */
-#undef HAVE_SETSOCKOPT
-
-/* Define if you have the setutent function.  */
-#undef HAVE_SETUTENT
-
-/* Define if you have the snprintf function.  */
-#undef HAVE_SNPRINTF
-
-/* Define if you have the socket function.  */
-#undef HAVE_SOCKET
-
-/* Define if you have the strcasecmp function.  */
-#undef HAVE_STRCASECMP
-
-/* Define if you have the strdup function.  */
-#undef HAVE_STRDUP
-
-/* Define if you have the strerror function.  */
-#undef HAVE_STRERROR
-
-/* Define if you have the strftime function.  */
-#undef HAVE_STRFTIME
-
-/* Define if you have the strlwr function.  */
-#undef HAVE_STRLWR
-
-/* Define if you have the strnlen function.  */
-#undef HAVE_STRNLEN
-
-/* Define if you have the strtok_r function.  */
-#undef HAVE_STRTOK_R
-
-/* Define if you have the strupr function.  */
-#undef HAVE_STRUPR
-
-/* Define if you have the swab function.  */
-#undef HAVE_SWAB
-
-/* Define if you have the syslog function.  */
-#undef HAVE_SYSLOG
-
-/* Define if you have the tgetent function.  */
-#undef HAVE_TGETENT
-
-/* Define if you have the ttyname function.  */
-#undef HAVE_TTYNAME
-
-/* Define if you have the ttyslot function.  */
-#undef HAVE_TTYSLOT
-
-/* Define if you have the ulimit function.  */
-#undef HAVE_ULIMIT
-
-/* Define if you have the uname function.  */
-#undef HAVE_UNAME
-
-/* Define if you have the unlockpt function.  */
-#undef HAVE_UNLOCKPT
-
-/* Define if you have the unsetenv function.  */
-#undef HAVE_UNSETENV
-
-/* Define if you have the vasnprintf function.  */
-#undef HAVE_VASNPRINTF
-
-/* Define if you have the vasprintf function.  */
-#undef HAVE_VASPRINTF
-
-/* Define if you have the verr function.  */
-#undef HAVE_VERR
-
-/* Define if you have the verrx function.  */
-#undef HAVE_VERRX
-
-/* Define if you have the vhangup function.  */
-#undef HAVE_VHANGUP
-
-/* Define if you have the vsnprintf function.  */
-#undef HAVE_VSNPRINTF
-
-/* Define if you have the vwarn function.  */
-#undef HAVE_VWARN
-
-/* Define if you have the vwarnx function.  */
-#undef HAVE_VWARNX
-
-/* Define if you have the warn function.  */
-#undef HAVE_WARN
-
-/* Define if you have the warnx function.  */
-#undef HAVE_WARNX
-
-/* Define if you have the yp_get_default_domain function.  */
-#undef HAVE_YP_GET_DEFAULT_DOMAIN
-
-/* Define if you have the <arpa/ftp.h> header file.  */
-#undef HAVE_ARPA_FTP_H
-
-/* Define if you have the <arpa/inet.h> header file.  */
-#undef HAVE_ARPA_INET_H
-
-/* Define if you have the <arpa/nameser.h> header file.  */
-#undef HAVE_ARPA_NAMESER_H
-
-/* Define if you have the <arpa/telnet.h> header file.  */
-#undef HAVE_ARPA_TELNET_H
-
-/* Define if you have the <bind/bitypes.h> header file.  */
-#undef HAVE_BIND_BITYPES_H
-
-/* Define if you have the <bsd/bsd.h> header file.  */
-#undef HAVE_BSD_BSD_H
-
-/* Define if you have the <bsdsetjmp.h> header file.  */
-#undef HAVE_BSDSETJMP_H
-
-/* Define if you have the <crypt.h> header file.  */
-#undef HAVE_CRYPT_H
-
-/* Define if you have the <dbm.h> header file.  */
-#undef HAVE_DBM_H
-
-/* Define if you have the <dirent.h> header file.  */
-#undef HAVE_DIRENT_H
-
-/* Define if you have the <err.h> header file.  */
-#undef HAVE_ERR_H
-
-/* Define if you have the <fcntl.h> header file.  */
-#undef HAVE_FCNTL_H
-
-/* Define if you have the <grp.h> header file.  */
-#undef HAVE_GRP_H
-
-/* Define if you have the <io.h> header file.  */
-#undef HAVE_IO_H
-
-/* Define if you have the <lastlog.h> header file.  */
-#undef HAVE_LASTLOG_H
-
-/* Define if you have the <login.h> header file.  */
-#undef HAVE_LOGIN_H
-
-/* Define if you have the <maillock.h> header file.  */
-#undef HAVE_MAILLOCK_H
-
-/* Define if you have the <ndbm.h> header file.  */
-#undef HAVE_NDBM_H
-
-/* Define if you have the <net/if.h> header file.  */
-#undef HAVE_NET_IF_H
-
-/* Define if you have the <net/if_tun.h> header file.  */
-#undef HAVE_NET_IF_TUN_H
-
-/* Define if you have the <net/if_var.h> header file.  */
-#undef HAVE_NET_IF_VAR_H
-
-/* Define if you have the <netdb.h> header file.  */
-#undef HAVE_NETDB_H
-
-/* Define if you have the <netinet/in.h> header file.  */
-#undef HAVE_NETINET_IN_H
-
-/* Define if you have the <netinet/in6_machtypes.h> header file.  */
-#undef HAVE_NETINET_IN6_MACHTYPES_H
-
-/* Define if you have the <netinet/in_systm.h> header file.  */
-#undef HAVE_NETINET_IN_SYSTM_H
-
-/* Define if you have the <netinet/ip.h> header file.  */
-#undef HAVE_NETINET_IP_H
-
-/* Define if you have the <netinet/tcp.h> header file.  */
-#undef HAVE_NETINET_TCP_H
-
-/* Define if you have the <paths.h> header file.  */
-#undef HAVE_PATHS_H
-
-/* Define if you have the <pty.h> header file.  */
-#undef HAVE_PTY_H
-
-/* Define if you have the <pwd.h> header file.  */
-#undef HAVE_PWD_H
-
-/* Define if you have the <resolv.h> header file.  */
-#undef HAVE_RESOLV_H
-
-/* Define if you have the <rpcsvc/dbm.h> header file.  */
-#undef HAVE_RPCSVC_DBM_H
-
-/* Define if you have the <sac.h> header file.  */
-#undef HAVE_SAC_H
-
-/* Define if you have the <security/pam_modules.h> header file.  */
-#undef HAVE_SECURITY_PAM_MODULES_H
-
-/* Define if you have the <shadow.h> header file.  */
-#undef HAVE_SHADOW_H
-
-/* Define if you have the <siad.h> header file.  */
-#undef HAVE_SIAD_H
-
-/* Define if you have the <signal.h> header file.  */
-#undef HAVE_SIGNAL_H
-
-/* Define if you have the <stropts.h> header file.  */
-#undef HAVE_STROPTS_H
-
-/* Define if you have the <sys/bitypes.h> header file.  */
-#undef HAVE_SYS_BITYPES_H
-
-/* Define if you have the <sys/category.h> header file.  */
-#undef HAVE_SYS_CATEGORY_H
-
-/* Define if you have the <sys/cdefs.h> header file.  */
-#undef HAVE_SYS_CDEFS_H
-
-/* Define if you have the <sys/file.h> header file.  */
-#undef HAVE_SYS_FILE_H
-
-/* Define if you have the <sys/filio.h> header file.  */
-#undef HAVE_SYS_FILIO_H
-
-/* Define if you have the <sys/ioccom.h> header file.  */
-#undef HAVE_SYS_IOCCOM_H
-
-/* Define if you have the <sys/ioctl.h> header file.  */
-#undef HAVE_SYS_IOCTL_H
-
-/* Define if you have the <sys/locking.h> header file.  */
-#undef HAVE_SYS_LOCKING_H
-
-/* Define if you have the <sys/mman.h> header file.  */
-#undef HAVE_SYS_MMAN_H
-
-/* Define if you have the <sys/param.h> header file.  */
-#undef HAVE_SYS_PARAM_H
-
-/* Define if you have the <sys/proc.h> header file.  */
-#undef HAVE_SYS_PROC_H
-
-/* Define if you have the <sys/ptyio.h> header file.  */
-#undef HAVE_SYS_PTYIO_H
-
-/* Define if you have the <sys/ptyvar.h> header file.  */
-#undef HAVE_SYS_PTYVAR_H
-
-/* Define if you have the <sys/resource.h> header file.  */
-#undef HAVE_SYS_RESOURCE_H
-
-/* Define if you have the <sys/select.h> header file.  */
-#undef HAVE_SYS_SELECT_H
-
-/* Define if you have the <sys/socket.h> header file.  */
-#undef HAVE_SYS_SOCKET_H
-
-/* Define if you have the <sys/sockio.h> header file.  */
-#undef HAVE_SYS_SOCKIO_H
-
-/* Define if you have the <sys/stat.h> header file.  */
-#undef HAVE_SYS_STAT_H
-
-/* Define if you have the <sys/str_tty.h> header file.  */
-#undef HAVE_SYS_STR_TTY_H
-
-/* Define if you have the <sys/stream.h> header file.  */
-#undef HAVE_SYS_STREAM_H
-
-/* Define if you have the <sys/stropts.h> header file.  */
-#undef HAVE_SYS_STROPTS_H
-
-/* Define if you have the <sys/strtty.h> header file.  */
-#undef HAVE_SYS_STRTTY_H
-
-/* Define if you have the <sys/syscall.h> header file.  */
-#undef HAVE_SYS_SYSCALL_H
-
-/* Define if you have the <sys/sysctl.h> header file.  */
-#undef HAVE_SYS_SYSCTL_H
-
-/* Define if you have the <sys/termio.h> header file.  */
-#undef HAVE_SYS_TERMIO_H
-
-/* Define if you have the <sys/time.h> header file.  */
-#undef HAVE_SYS_TIME_H
-
-/* Define if you have the <sys/timeb.h> header file.  */
-#undef HAVE_SYS_TIMEB_H
-
-/* Define if you have the <sys/times.h> header file.  */
-#undef HAVE_SYS_TIMES_H
-
-/* Define if you have the <sys/tty.h> header file.  */
-#undef HAVE_SYS_TTY_H
-
-/* Define if you have the <sys/types.h> header file.  */
-#undef HAVE_SYS_TYPES_H
-
-/* Define if you have the <sys/uio.h> header file.  */
-#undef HAVE_SYS_UIO_H
-
-/* Define if you have the <sys/un.h> header file.  */
-#undef HAVE_SYS_UN_H
-
-/* Define if you have the <sys/utsname.h> header file.  */
-#undef HAVE_SYS_UTSNAME_H
-
-/* Define if you have the <sys/wait.h> header file.  */
-#undef HAVE_SYS_WAIT_H
-
-/* Define if you have the <syslog.h> header file.  */
-#undef HAVE_SYSLOG_H
-
-/* Define if you have the <termio.h> header file.  */
-#undef HAVE_TERMIO_H
-
-/* Define if you have the <termios.h> header file.  */
-#undef HAVE_TERMIOS_H
-
-/* Define if you have the <tmpdir.h> header file.  */
-#undef HAVE_TMPDIR_H
-
-/* Define if you have the <ttyent.h> header file.  */
-#undef HAVE_TTYENT_H
-
-/* Define if you have the <udb.h> header file.  */
-#undef HAVE_UDB_H
-
-/* Define if you have the <ulimit.h> header file.  */
-#undef HAVE_ULIMIT_H
-
-/* Define if you have the <unistd.h> header file.  */
-#undef HAVE_UNISTD_H
-
-/* Define if you have the <userpw.h> header file.  */
-#undef HAVE_USERPW_H
-
-/* Define if you have the <usersec.h> header file.  */
-#undef HAVE_USERSEC_H
-
-/* Define if you have the <util.h> header file.  */
-#undef HAVE_UTIL_H
-
-/* Define if you have the <utime.h> header file.  */
-#undef HAVE_UTIME_H
-
-/* Define if you have the <utmp.h> header file.  */
-#undef HAVE_UTMP_H
-
-/* Define if you have the <utmpx.h> header file.  */
-#undef HAVE_UTMPX_H
-
-/* Define if you have the <wait.h> header file.  */
-#undef HAVE_WAIT_H
-
-/* Define if you have the <winsock.h> header file.  */
-#undef HAVE_WINSOCK_H
-
-/* Define if you have the X11 library (-lX11).  */
-#undef HAVE_LIBX11
-
-/* Define if you have the Xau library (-lXau).  */
-#undef HAVE_LIBXAU
-
-/* Define if you have the c_r library (-lc_r).  */
-#undef HAVE_LIBC_R
-
-/* Define if you have the cfg library (-lcfg).  */
-#undef HAVE_LIBCFG
-
-/* Define if you have the edit library (-ledit).  */
-#undef HAVE_LIBEDIT
-
-/* Define if you have the gdbm library (-lgdbm).  */
-#undef HAVE_LIBGDBM
-
-/* Define if you have the ndbm library (-lndbm).  */
-#undef HAVE_LIBNDBM
-
-/* Define if you have the nsl library (-lnsl).  */
-#undef HAVE_LIBNSL
-
-/* Define if you have the odm library (-lodm).  */
-#undef HAVE_LIBODM
-
-/* Define if you have the readline library (-lreadline).  */
-#undef HAVE_LIBREADLINE
-
-/* Define if you have the resolv library (-lresolv).  */
-#undef HAVE_LIBRESOLV
-
-/* Define if you have the s library (-ls).  */
-#undef HAVE_LIBS
-
-/* Define if you have the socket library (-lsocket).  */
-#undef HAVE_LIBSOCKET
-
-/* Define if you have the syslog library (-lsyslog).  */
-#undef HAVE_LIBSYSLOG
-
-/* Define if you have the termcap library (-ltermcap).  */
-#undef HAVE_LIBTERMCAP
-
-/* Define if you have the util library (-lutil).  */
-#undef HAVE_LIBUTIL
-
-#undef HAVE_INT8_T
-#undef HAVE_INT16_T
-#undef HAVE_INT32_T
-#undef HAVE_INT64_T
-#undef HAVE_U_INT8_T
-#undef HAVE_U_INT16_T
-#undef HAVE_U_INT32_T
-#undef HAVE_U_INT64_T
-
-#define RCSID(msg) \
-static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg }
-
-/*
- * Set ORGANIZATION to be the desired organization string printed
- * by the 'kinit' program.  It may have spaces.
- */
-#define ORGANIZATION "eBones International"
-
-#if 0
-#undef BINDIR 
-#undef LIBDIR
-#undef LIBEXECDIR
-#undef SBINDIR
-#endif
-
-#if 0
-#define KRB_CNF_FILES	{ "/etc/krb.conf",   "/etc/kerberosIV/krb.conf", 0}
-#define KRB_RLM_FILES	{ "/etc/krb.realms", "/etc/kerberosIV/krb.realms", 0}
-#define KRB_EQUIV	"/etc/krb.equiv"
-
-#define KEYFILE		"/etc/srvtab"
-
-#define KRBDIR		"/var/kerberos"
-#define DBM_FILE	KRBDIR "/principal"
-#define DEFAULT_ACL_DIR	KRBDIR
-
-#define KRBLOG		"/var/log/kerberos.log"	/* master server  */
-#define KRBSLAVELOG	"/var/log/kerberos_slave.log" /* slave server  */
-#define KADM_SYSLOG	"/var/log/admin_server.syslog"
-#define K_LOGFIL	"/var/log/kpropd.log"
-#endif
-
-/* Maximum values on all known systems */
-#define MaxHostNameLen (64+4)
-#define MaxPathLen (1024+4)
-
-/*
- * Define NDBM if you are using the 4.3 ndbm library (which is part of
- * libc).  If not defined, 4.2 dbm will be assumed.
- */
-#if defined(HAVE_DBM_FIRSTKEY)
-#define NDBM
-#endif
-
-/* ftp stuff -------------------------------------------------- */
-
-#define KERBEROS
-
-/* telnet stuff ----------------------------------------------- */
-
-/* define this if you have kerberos 4 */
-#undef KRB4
-
-/* define this if you want encryption */
-#undef ENCRYPTION
-
-/* define this if you want authentication */
-#undef AUTHENTICATION
-
-#if defined(ENCRYPTION) && !defined(AUTHENTICATION)
-#define AUTHENTICATION 1
-#endif
-
-/* Set this if you want des encryption */
-#undef DES_ENCRYPTION
-
-/* Set this to the default system lead string for telnetd 
- * can contain %-escapes: %s=sysname, %m=machine, %r=os-release
- * %v=os-version, %t=tty, %h=hostname, %d=date and time
- */
-#undef USE_IM
-
-/* define this if you want diagnostics in telnetd */
-#undef DIAGNOSTICS
-
-/* define this if you want support for broken ENV_{VALUE,VAR} systems  */
-#undef ENV_HACK
-
-/*  */
-#undef OLD_ENVIRON
-
-/* Used with login -p */
-#undef LOGIN_ARGS
-
-/* Define if there are working stream ptys */
-#undef STREAMSPTY
-
-/* set this to a sensible login */
-#ifndef LOGIN_PATH
-#define LOGIN_PATH BINDIR "/login"
-#endif
-
-
-/* ------------------------------------------------------------ */
-
-/*
- * Define this if your ndbm-library really is berkeley db and creates
- * files that ends in .db.
- */
-#undef HAVE_NEW_DB
-
-/* Define this if you have a working getmsg */
-#undef HAVE_GETMSG
-
-/* Define to enable new master key code */
-#undef RANDOM_MKEY
-
-/* Location of the master key file, default value lives in <kdc.h> */
-#undef MKEYFILE
-
-/* Define if you don't want support for afs, might be a good idea on
-   AIX if you don't have afs */
-#undef NO_AFS
-
-/* Define if you have a readline compatible library */
-#undef HAVE_READLINE
-
-#ifdef VOID_RETSIGTYPE
-#define SIGRETURN(x) return
-#else
-#define SIGRETURN(x) return (RETSIGTYPE)(x)
-#endif
-
-/* Define this if your compiler supports '#pragma weak' */
-#undef HAVE_PRAGMA_WEAK
-
-/* Temporary fixes for krb_{rd,mk}_safe */
-#define DES_QUAD_GUESS 0
-#define DES_QUAD_NEW 1
-#define DES_QUAD_OLD 2
-
-/* Set this to one of the constants above to specify default checksum
-   type to emit */
-#undef DES_QUAD_DEFAULT
-
-/*
- * AIX braindamage!
- */
-#if _AIX
-#define _ALL_SOURCE
-#define _POSIX_SOURCE
-/* this is left for hysteric reasons :-) */
-#define unix /* well, ok... */
-#endif
-
-/*
- * SunOS braindamage! (Sun include files are generally braindead)
- */
-#if (defined(sun) || defined(__sun))
-#if defined(__svr4__) || defined(__SVR4)
-#define SunOS 5
-#else
-#define SunOS 4
-#endif
-#endif
-
-#if defined(__sgi) || defined(sgi)
-#if defined(__SYSTYPE_SVR4) || defined(_SYSTYPE_SVR4)
-#define IRIX 5
-#else
-#define IRIX 4
-#endif
-#endif
-
-/* IRIX 4 braindamage */
-#if IRIX == 4 && !defined(__STDC__)
-#define __STDC__ 0
-#endif
diff --git a/crypto/kerberosIV/include/ktypes.c b/crypto/kerberosIV/include/ktypes.c
deleted file mode 100644
index eb6ad48c67ad..000000000000
--- a/crypto/kerberosIV/include/ktypes.c
+++ /dev/null
@@ -1,64 +0,0 @@
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: ktypes.c,v 1.4 1997/05/31 08:52:09 bg Exp $");
-#endif
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_BITYPES_H
-#include <sys/bitypes.h>
-#endif
-#ifdef HAVE_BIND_BITYPES_H
-#include <bind/bitypes.h>
-#endif
-#ifdef HAVE_NETINET_IN6_MACHTYPES_H
-#include <netinet/in6_machtypes.h>
-#endif
-
-int
-main(void)
-{
-    printf ("/*\n"
-	    " * This file was automatically generated by\n"
-	    " * $Id: ktypes.c,v 1.4 1997/05/31 08:52:09 bg Exp $.\n"
-	    " * Please do not edit\n"
-	    " */\n\n");
-
-    printf ("#ifndef __KTYPES_H__\n"
-	    "#define __KTYPES_H__\n\n");
-
-#ifdef HAVE_SYS_TYPES_H
-    printf("#include <sys/types.h>\n");
-#endif
-#ifdef HAVE_SYS_BITYPES_H
-    printf("#include <sys/bitypes.h>\n");
-#endif
-#ifdef HAVE_BIND_BITYPES_H
-    printf("#include <bind/bitypes.h>\n");
-#endif
-#ifdef HAVE_NETINET_IN6_MACHTYPES_H
-    printf("#include <netinet/in6_machtypes.h>\n");
-#endif
-    
-#ifndef HAVE_INT8_T
-    printf("typedef signed char int8_t;\n");
-#endif
-#ifndef HAVE_U_INT8_T
-    printf("typedef unsigned char u_int8_t;\n");
-#endif
-#ifndef HAVE_INT16_T
-    printf("typedef short int16_t;\n");
-#endif
-#ifndef HAVE_U_INT16_T
-    printf("typedef unsigned short u_int16_t;\n");
-#endif
-#ifndef HAVE_INT32_T
-    printf("typedef int int32_t;\n");
-#endif
-#ifndef HAVE_U_INT32_T
-    printf("typedef unsigned int u_int32_t;\n");
-#endif
-
-    printf("\n#endif /* __KTYPES_H__ */\n");
-    return 0;
-}
diff --git a/crypto/kerberosIV/include/protos.h b/crypto/kerberosIV/include/protos.h
deleted file mode 100644
index 0ceb122f2771..000000000000
--- a/crypto/kerberosIV/include/protos.h
+++ /dev/null
@@ -1,276 +0,0 @@
-/* -*- C -*-
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/*
- * Add here functions that don't have a prototype on your system.
- *
- * $Id: protos.H,v 1.43 1997/05/28 01:09:36 assar Exp $
- */
-
-#ifdef NEED_CRYPT_PROTO
-char *crypt(const char*, const char*);
-#endif
-
-#ifdef NEED_STRTOK_R_PROTO
-char *strtok_r (char *s1, const char *s2, char **lasts);
-#endif
-
-#ifndef HAVE_OPTARG_DECLARATION
-extern char *optarg;
-#endif
-#ifndef HAVE_OPTERR_DECLARATION
-extern int opterr;
-#endif
-#ifndef HAVE_OPTIND_DECLARATION
-extern int optind;
-#endif
-#ifndef HAVE_OPTOPT_DECLARATION
-extern int optopt;
-#endif
-
-#if defined(__GNUC__) && SunOS == 4
-
-/* To get type fd_set */
-#include <sys/types.h>
-#include <sys/time.h>
-
-/* To get struct sockaddr, struct in_addr and struct hostent */
-#include <sys/socket.h>
-#include <netinet/in.h>
-#include <netdb.h>
-
-/* To get struct stat */
-#include <sys/stat.h>
-
-/* To get struct utimbuf */
-#include <utime.h>
-
-int utime(const char *, struct utimbuf *);
-int syscall(int, ...);
-pid_t getpid(void);
-int ftruncate(int, off_t);
-int fchmod(int, mode_t);
-int fchown(int fd, int owner, int group);
-int fsync(int);
-int seteuid(uid_t);
-int setreuid(int, int);
-int flock(int, int);
-int gettimeofday(struct timeval *tp, struct timezone *tzp);
-int lstat(const char *, struct stat *);
-int ioctl(int, int, void *); 
-int getpriority(int which, int who);
-int setpriority(int which, int who, int priority);
-int getdtablesize(void);
-int initgroups(const char *name, int basegid);
-long ulimit(int cmd, long newlimit);
-int vhangup(void);
-
-int sigblock(int);
-int sigsetmask(int);
-int setitimer(int which, struct itimerval *value, struct itimerval *ovalue);
-
-int munmap(caddr_t addr, int len);
-
-int socket(int, int, int);
-int setsockopt(int, int, int, void *, int);
-int bind(int, void *, int);
-int getsockname(int, struct sockaddr *, int *);
-int accept(int, struct sockaddr *, int *);
-int connect(int, struct sockaddr *, int);
-int listen(int, int);
-int recv(int s, void *buf, int len, int flags);
-int recvfrom(int, char *, int, int, void *, int *);
-int sendto(int, const char *, int, int, void *, int);
-int select(int, fd_set *, fd_set *, fd_set *, struct timeval *);
-int shutdown(int, int);
-int getpeername(int, struct sockaddr *, int *);
-int getsockopt(int, int, int, void *, int *);
-int send(int s, const void *msg, int len, int flags);
-struct strbuf;
-int getmsg(int fd, struct strbuf *ctlptr, struct strbuf *dataptr, int *flags);
-
-char *inet_ntoa(struct in_addr in);
-unsigned long inet_addr(const char *cp);
-int gethostname(char *, int);
-struct hostent *gethostbyname(const char *);
-int dn_expand(const u_char *msg,
-	      const u_char *eomorig,
-	      const u_char *comp_dn,
-	      char *exp_dn,
-	      int length);
-int res_search(const char *dname,
-	       int class,
-	       int type,
-	       u_char *answer,
-	       int anslen);
-
-int yp_get_default_domain (char **outdomain);
-int innetgr(const char *netgroup, const char *machine,
-	    const char *user, const char *domain);
-
-char *getwd(char *pathname);
-
-void bzero(char *b, int length);
-int strcasecmp(const char *, const char *);
-void swab(const char *, char *, int);
-int atoi(const char *str);
-char *mktemp(char *);
-void srandom(int seed);
-int random(void);
-
-int rcmd(char **, unsigned short, char *, char *, char *, int *);
-int rresvport(int *);
-int openlog(const char *ident, int logopt, int facility);
-int syslog(int priority, const char *message, ...);
-int ttyslot(void);
-
-char *getpass(const char *);
-
-char *getusershell(void);
-void setpwent();
-void endpwent();
-
-#include <stdio.h>
-int fclose(FILE *);
-
-#endif /* SunOS4 */
-
-#if SunOS == 5
-
-#include <sys/types.h>
-#include <sys/resource.h>
-
-char *getusershell(void);
-char *strtok_r(char *, const char *, char **);
-int getpriority (int which, id_t who);
-int setpriority (int which, id_t who, int prio);
-int getdtablesize (void);
-char *getusershell(void);
-void setusershell(void);
-void endusershell(void);
-
-#if defined(__GNUC__)
-
-int syscall(int, ...);
-int gethostname(char *, int);
-
-struct timeval;
-int gettimeofday(struct timeval *tp, void *);
-
-#endif
-#endif
-
-#if defined(__osf__) /* OSF/1 */
-
-#if 0
-/* To get type fd_set */
-#include <sys/types.h>
-#include <sys/time.h>
-
-int select(int, fd_set *, fd_set *, fd_set *, struct timeval *);
-int fsync(int fildes);
-int gethostname(char *address, int address_len);
-int setreuid(int ruid, int euid);
-int ioctl(int d, unsigned long request, void * arg);
-#endif
-int flock(int fildes, int operation);
-int syscall(int, ...);
-
-unsigned short htons(unsigned short hostshort);
-unsigned int   htonl(unsigned int hostint);
-unsigned short ntohs(unsigned short netshort);
-unsigned int   ntohl(unsigned int netint);
-
-char *mktemp(char *template);
-char *getusershell(void);
-
-int rcmd(char **, unsigned short, char *, char *, char *, int *);
-int rresvport (int *port);
-
-#endif /* OSF/1 */
-
-#if defined(__sgi)
-#include <sys/types.h>
-
-char *ptsname(int fd);
-struct spwd *getspuid(uid_t);
-#endif /* IRIX */
-
-#if defined(__GNUC__) && defined(_AIX) /* AIX */
-
-struct timeval;
-struct timezone;
-int gettimeofday (struct timeval *Tp, void *Tzp);
-
-#endif /* AIX */
-
-#if defined(__GNUC__) && defined(__hpux) /* HP-UX */
-
-int syscall(int, ...);
-
-int vhangup(void);
-
-char *ptsname(int fildes);
-
-void utmpname(const char *file);
-
-int innetgr(const char *netgroup, const char *machine,
-	    const char *user, const char *domain);
-
-int dn_comp(char *exp_dn, char *comp_dn, int length,
-	    char **dnptrs, char **lastdnptr);
-
-int res_query(char *dname, int class, int type,
-	      unsigned char *answer, int anslen);
-
-int dn_expand(char *msg, char *eomorig, char *comp_dn,
-	      char *exp_dn, int length);
-
-int res_search(char *dname, int class, int type,
-	       unsigned char *answer, int anslen);
-
-#endif /* HP-UX */
-
-#if defined(WIN32)	/* Visual C++ 4.0 (Windows95/NT) */
-
-int open(const char *, int, ...);
-int close(int);
-int	read(int, void *, unsigned int);
-int write(int, const void *, unsigned int);
-
-#endif /* WIN32 */
diff --git a/crypto/kerberosIV/include/sys/Makefile.in b/crypto/kerberosIV/include/sys/Makefile.in
deleted file mode 100644
index d6a58e01cd87..000000000000
--- a/crypto/kerberosIV/include/sys/Makefile.in
+++ /dev/null
@@ -1,53 +0,0 @@
-# $Id: Makefile.in,v 1.18 1997/05/11 04:29:47 assar Exp $
-
-srcdir		= @srcdir@
-VPATH		= @srcdir@
-
-SHELL		= /bin/sh
-
-LN_S		= @LN_S@
-INSTALL		= @INSTALL@
-INSTALL_DATA	= @INSTALL_DATA@
-MKINSTALLDIRS = @top_srcdir@/mkinstalldirs
-
-prefix		= @prefix@
-includedir	= @includedir@
-HAVE_CDEFS	= @ac_cv_header_sys_cdefs_h@
-
-@SET_MAKE@
-
-HEADERS = cdefs.h
-
-all: stamp-headers
-
-Wall:
-	$(MAKE) CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__"
-
-install: all
-	$(MKINSTALLDIRS) $(includedir)/sys
-	-if test "$(HAVE_CDEFS)" != yes; then \
-	  $(INSTALL_DATA) cdefs.h $(includedir)/sys/cdefs.h ; \
-	fi
-
-uninstall:
-	-if test "$(HAVE_CDEFS)" != yes; then \
-	  rm -f $(includedir)/sys/cdefs.h ; \
-	fi
-
-clean:
-	rm -f $(HEADERS) stamp-headers
-
-mostlyclean:	clean
-distclean:	clean
-	rm -f Makefile config.status *~
-
-realclean:	clean
-
-cdefs.h:
-	if test "$(HAVE_CDEFS)" != yes; then \
-	  $(LN_S) ${srcdir}/cdefs.H cdefs.h; \
-	fi || true
-
-stamp-headers:
-	$(MAKE) $(HEADERS)
-	touch stamp-headers
diff --git a/crypto/kerberosIV/include/sys/cdefs.H b/crypto/kerberosIV/include/sys/cdefs.H
deleted file mode 100644
index 196d476651db..000000000000
--- a/crypto/kerberosIV/include/sys/cdefs.H
+++ /dev/null
@@ -1,149 +0,0 @@
-/* -*- C -*-
- *
- * ++Copyright++ 1991, 1993
- * -
- * Copyright (c) 1991, 1993
- *    The Regents of the University of California.  All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- * 	This product includes software developed by the University of
- * 	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * -
- * Portions Copyright (c) 1993 by Digital Equipment Corporation.
- * 
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies, and that
- * the name of Digital Equipment Corporation not be used in advertising or
- * publicity pertaining to distribution of the document or software without
- * specific, written prior permission.
- * 
- * THE SOFTWARE IS PROVIDED "AS IS" AND DIGITAL EQUIPMENT CORP. DISCLAIMS ALL
- * WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS.   IN NO EVENT SHALL DIGITAL EQUIPMENT
- * CORPORATION BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
- * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
- * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
- * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
- * SOFTWARE.
- * -
- * --Copyright--
- */
-
-/*
- *	@(#)cdefs.h	8.1 (Berkeley) 6/2/93
- *	$Id: cdefs.H,v 1.2 1995/09/10 20:18:56 d91-jda Exp $
- */
-
-#ifndef	_CDEFS_H_
-#define	_CDEFS_H_
-
-#if defined(__cplusplus)
-#define	__BEGIN_DECLS	extern "C" {
-#define	__END_DECLS	};
-#else
-#define	__BEGIN_DECLS
-#define	__END_DECLS
-#endif
-
-/*
- * The __CONCAT macro is used to concatenate parts of symbol names, e.g.
- * with "#define OLD(foo) __CONCAT(old,foo)", OLD(foo) produces oldfoo.
- * The __CONCAT macro is a bit tricky -- make sure you don't put spaces
- * in between its arguments.  __CONCAT can also concatenate double-quoted
- * strings produced by the __STRING macro, but this only works with ANSI C.
- */
-#if defined(__STDC__) || defined(__cplusplus)
-#ifndef __P /* it's quite popular to define this */
-#define	__P(protos)	protos		/* full-blown ANSI C */
-#endif
-#define	__CONCAT(x,y)	x ## y
-#define	__STRING(x)	#x
-
-#define	__const		const		/* define reserved names to standard */
-#define	__signed	signed
-#define	__volatile	volatile
-#if defined(__cplusplus)
-#define	__inline	inline		/* convert to C++ keyword */
-#else
-#ifndef __GNUC__
-#define	__inline			/* delete GCC keyword */
-#endif /* !__GNUC__ */
-#endif /* !__cplusplus */
-
-#else	/* !(__STDC__ || __cplusplus) */
-#ifndef __P
-#define	__P(protos)	()		/* traditional C preprocessor */
-#endif
-#define	__CONCAT(x,y)	x/**/y
-#define	__STRING(x)	"x"
-
-#ifndef __GNUC__
-#define	__const				/* delete pseudo-ANSI C keywords */
-#define	__inline
-#define	__signed
-#define	__volatile
-/*
- * In non-ANSI C environments, new programs will want ANSI-only C keywords
- * deleted from the program and old programs will want them left alone.
- * When using a compiler other than gcc, programs using the ANSI C keywords
- * const, inline etc. as normal identifiers should define -DNO_ANSI_KEYWORDS.
- * When using "gcc -traditional", we assume that this is the intent; if
- * __GNUC__ is defined but __STDC__ is not, we leave the new keywords alone.
- */
-#ifndef	NO_ANSI_KEYWORDS
-#define	const				/* delete ANSI C keywords */
-#define	inline
-#define	signed
-#define	volatile
-#endif
-#endif	/* !__GNUC__ */
-#endif	/* !(__STDC__ || __cplusplus) */
-
-/*
- * GCC1 and some versions of GCC2 declare dead (non-returning) and
- * pure (no side effects) functions using "volatile" and "const";
- * unfortunately, these then cause warnings under "-ansi -pedantic".
- * GCC2 uses a new, peculiar __attribute__((attrs)) style.  All of
- * these work for GNU C++ (modulo a slight glitch in the C++ grammar
- * in the distribution version of 2.5.5).
- */
-#if !defined(__GNUC__) || __GNUC__ < 2 || __GNUC_MINOR__ < 5
-#define	__attribute__(x)	/* delete __attribute__ if non-gcc or gcc1 */
-#if defined(__GNUC__) && !defined(__STRICT_ANSI__)
-#define	__dead		__volatile
-#define	__pure		__const
-#endif
-#endif
-
-/* Delete pseudo-keywords wherever they are not available or needed. */
-#ifndef __dead
-#define	__dead
-#define	__pure
-#endif
-
-#endif /* !_CDEFS_H_ */
diff --git a/crypto/kerberosIV/install-sh b/crypto/kerberosIV/install-sh
deleted file mode 100644
index ebc66913e940..000000000000
--- a/crypto/kerberosIV/install-sh
+++ /dev/null
@@ -1,250 +0,0 @@
-#! /bin/sh
-#
-# install - install a program, script, or datafile
-# This comes from X11R5 (mit/util/scripts/install.sh).
-#
-# Copyright 1991 by the Massachusetts Institute of Technology
-#
-# Permission to use, copy, modify, distribute, and sell this software and its
-# documentation for any purpose is hereby granted without fee, provided that
-# the above copyright notice appear in all copies and that both that
-# copyright notice and this permission notice appear in supporting
-# documentation, and that the name of M.I.T. not be used in advertising or
-# publicity pertaining to distribution of the software without specific,
-# written prior permission.  M.I.T. makes no representations about the
-# suitability of this software for any purpose.  It is provided "as is"
-# without express or implied warranty.
-#
-# Calling this script install-sh is preferred over install.sh, to prevent
-# `make' implicit rules from creating a file called install from it
-# when there is no Makefile.
-#
-# This script is compatible with the BSD install script, but was written
-# from scratch.  It can only install one file at a time, a restriction
-# shared with many OS's install programs.
-
-
-# set DOITPROG to echo to test this script
-
-# Don't use :- since 4.3BSD and earlier shells don't like it.
-doit="${DOITPROG-}"
-
-
-# put in absolute paths if you don't have them in your path; or use env. vars.
-
-mvprog="${MVPROG-mv}"
-cpprog="${CPPROG-cp}"
-chmodprog="${CHMODPROG-chmod}"
-chownprog="${CHOWNPROG-chown}"
-chgrpprog="${CHGRPPROG-chgrp}"
-stripprog="${STRIPPROG-strip}"
-rmprog="${RMPROG-rm}"
-mkdirprog="${MKDIRPROG-mkdir}"
-
-transformbasename=""
-transform_arg=""
-instcmd="$mvprog"
-chmodcmd="$chmodprog 0755"
-chowncmd=""
-chgrpcmd=""
-stripcmd=""
-rmcmd="$rmprog -f"
-mvcmd="$mvprog"
-src=""
-dst=""
-dir_arg=""
-
-while [ x"$1" != x ]; do
-    case $1 in
-	-c) instcmd="$cpprog"
-	    shift
-	    continue;;
-
-	-d) dir_arg=true
-	    shift
-	    continue;;
-
-	-m) chmodcmd="$chmodprog $2"
-	    shift
-	    shift
-	    continue;;
-
-	-o) chowncmd="$chownprog $2"
-	    shift
-	    shift
-	    continue;;
-
-	-g) chgrpcmd="$chgrpprog $2"
-	    shift
-	    shift
-	    continue;;
-
-	-s) stripcmd="$stripprog"
-	    shift
-	    continue;;
-
-	-t=*) transformarg=`echo $1 | sed 's/-t=//'`
-	    shift
-	    continue;;
-
-	-b=*) transformbasename=`echo $1 | sed 's/-b=//'`
-	    shift
-	    continue;;
-
-	*)  if [ x"$src" = x ]
-	    then
-		src=$1
-	    else
-		# this colon is to work around a 386BSD /bin/sh bug
-		:
-		dst=$1
-	    fi
-	    shift
-	    continue;;
-    esac
-done
-
-if [ x"$src" = x ]
-then
-	echo "install:	no input file specified"
-	exit 1
-else
-	true
-fi
-
-if [ x"$dir_arg" != x ]; then
-	dst=$src
-	src=""
-	
-	if [ -d $dst ]; then
-		instcmd=:
-	else
-		instcmd=mkdir
-	fi
-else
-
-# Waiting for this to be detected by the "$instcmd $src $dsttmp" command
-# might cause directories to be created, which would be especially bad 
-# if $src (and thus $dsttmp) contains '*'.
-
-	if [ -f $src -o -d $src ]
-	then
-		true
-	else
-		echo "install:  $src does not exist"
-		exit 1
-	fi
-	
-	if [ x"$dst" = x ]
-	then
-		echo "install:	no destination specified"
-		exit 1
-	else
-		true
-	fi
-
-# If destination is a directory, append the input filename; if your system
-# does not like double slashes in filenames, you may need to add some logic
-
-	if [ -d $dst ]
-	then
-		dst="$dst"/`basename $src`
-	else
-		true
-	fi
-fi
-
-## this sed command emulates the dirname command
-dstdir=`echo $dst | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'`
-
-# Make sure that the destination directory exists.
-#  this part is taken from Noah Friedman's mkinstalldirs script
-
-# Skip lots of stat calls in the usual case.
-if [ ! -d "$dstdir" ]; then
-defaultIFS='	
-'
-IFS="${IFS-${defaultIFS}}"
-
-oIFS="${IFS}"
-# Some sh's can't handle IFS=/ for some reason.
-IFS='%'
-set - `echo ${dstdir} | sed -e 's@/@%@g' -e 's@^%@/@'`
-IFS="${oIFS}"
-
-pathcomp=''
-
-while [ $# -ne 0 ] ; do
-	pathcomp="${pathcomp}${1}"
-	shift
-
-	if [ ! -d "${pathcomp}" ] ;
-        then
-		$mkdirprog "${pathcomp}"
-	else
-		true
-	fi
-
-	pathcomp="${pathcomp}/"
-done
-fi
-
-if [ x"$dir_arg" != x ]
-then
-	$doit $instcmd $dst &&
-
-	if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else true ; fi &&
-	if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else true ; fi &&
-	if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else true ; fi &&
-	if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else true ; fi
-else
-
-# If we're going to rename the final executable, determine the name now.
-
-	if [ x"$transformarg" = x ] 
-	then
-		dstfile=`basename $dst`
-	else
-		dstfile=`basename $dst $transformbasename | 
-			sed $transformarg`$transformbasename
-	fi
-
-# don't allow the sed command to completely eliminate the filename
-
-	if [ x"$dstfile" = x ] 
-	then
-		dstfile=`basename $dst`
-	else
-		true
-	fi
-
-# Make a temp file name in the proper directory.
-
-	dsttmp=$dstdir/#inst.$$#
-
-# Move or copy the file name to the temp name
-
-	$doit $instcmd $src $dsttmp &&
-
-	trap "rm -f ${dsttmp}" 0 &&
-
-# and set any options; do chmod last to preserve setuid bits
-
-# If any of these fail, we abort the whole thing.  If we want to
-# ignore errors from any of these, just make sure not to ignore
-# errors from the above "$doit $instcmd $src $dsttmp" command.
-
-	if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else true;fi &&
-	if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else true;fi &&
-	if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else true;fi &&
-	if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else true;fi &&
-
-# Now rename the file to the real destination.
-
-	$doit $rmcmd -f $dstdir/$dstfile &&
-	$doit $mvcmd $dsttmp $dstdir/$dstfile 
-
-fi &&
-
-
-exit 0
diff --git a/crypto/kerberosIV/kadmin/Design.txt b/crypto/kerberosIV/kadmin/Design.txt
deleted file mode 100644
index 7763a04f4967..000000000000
--- a/crypto/kerberosIV/kadmin/Design.txt
+++ /dev/null
@@ -1,23 +0,0 @@
-// This file attempts to present the internal functioning of the new kerberos
-// admin server and interface..
-
-//
-// The calling side
-//
-
-// Outer interface (programmers interface)
-kadm_mod_entry(vals *old_dat, vals *new_dat) returns (vals *cur_dat)
-    // sends a command telling the server to change all entries which match
-    //   old_dat to entries matching new_dat
-    // returns in cur_dat the actual current values of the modified records
-    // implemented with calls to _vals_to_stream, _send_out, _take_in, and
-    //   _stream_to_vals, _interpret_ret
-
-// Inner calls
-_vals_to_stream (vals *, unsigned char *)
-    // converts a vals structure to a byte stream for transmission over the net
-
-_stream_to_vals (unsigned char *, vals *)
-    // converts a byte stream recieved into a vals structure
-
-
diff --git a/crypto/kerberosIV/kadmin/Makefile.in b/crypto/kerberosIV/kadmin/Makefile.in
deleted file mode 100644
index 947248ecd54f..000000000000
--- a/crypto/kerberosIV/kadmin/Makefile.in
+++ /dev/null
@@ -1,125 +0,0 @@
-# $Id: Makefile.in,v 1.37 1997/05/02 17:50:35 assar Exp $
-
-SHELL = /bin/sh
-
-srcdir = @srcdir@
-VPATH = @srcdir@
-
-topdir=..
-
-CC = @CC@
-AR = ar
-RANLIB = @RANLIB@
-LN_S = @LN_S@
-DEFS = @DEFS@
-CFLAGS = @CFLAGS@
-LD_FLAGS = @LD_FLAGS@
-
-LIB_tgetent = @LIB_tgetent@
-LIB_readline = @LIB_readline@
-LIB_DBM = @LIB_DBM@
-LIBS = @LIBS@
-
-INSTALL = @INSTALL@
-INSTALL_PROGRAM = @INSTALL_PROGRAM@
-MKINSTALLDIRS = @top_srcdir@/mkinstalldirs
-
-CRACKLIB = @CRACKLIB@
-
-prefix = @prefix@
-exec_prefix = @exec_prefix@
-libdir = @libdir@
-libexecdir = @libexecdir@
-bindir = @bindir@
-sbindir = @sbindir@
-transform=@program_transform_name@
-EXECSUFFIX=@EXECSUFFIX@
-
-PROG_BIN	= kpasswd$(EXECSUFFIX) \
-		  kadmin$(EXECSUFFIX)
-PROG_SBIN	= ksrvutil$(EXECSUFFIX)
-PROG_LIBEXEC	= kadmind$(EXECSUFFIX)
-PROGS = $(PROG_BIN) $(PROG_SBIN) $(PROG_LIBEXEC)
-
-SOURCES = kpasswd.c kadmin.c kadm_server.c kadm_funcs.c pw_check.c \
-          admin_server.c kadm_ser_wrap.c ksrvutil.c ksrvutil_get.c \
-	  new_pwd.c
-
-OBJECTS = kpasswd.o kadmin.o kadm_server.o kadm_funcs.o \
-          admin_server.o kadm_ser_wrap.o ksrvutil.o ksrvutil_get.o \
-	  new_pwd.o
-
-all: $(PROGS)
-
-Wall:
-	make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__"
-
-.c.o:
-	$(CC) -c $(CPPFLAGS) $(DEFS) -I../include -I$(srcdir) $(CFLAGS) $<
-
-install: all
-	$(MKINSTALLDIRS) $(bindir)
-	for x in $(PROG_BIN); do \
-	  $(INSTALL_PROGRAM) $$x $(bindir)/`echo $$x | sed '$(transform)'`; \
-	done
-	$(MKINSTALLDIRS) $(sbindir)
-	for x in $(PROG_SBIN); do \
-	  $(INSTALL_PROGRAM) $$x $(sbindir)/`echo $$x | sed '$(transform)'`; \
-	done
-	$(MKINSTALLDIRS) $(libexecdir)
-	for x in $(PROG_LIBEXEC); do \
-	  $(INSTALL_PROGRAM) $$x $(libexecdir)/`echo $$x | sed '$(transform)'`; \
-	done
-	@rm -f $(prefix)/sbin/kadmin
-
-uninstall:
-	for x in $(PROG_BIN); do \
-	  rm -f $(bindir)/`echo $$x | sed '$(transform)'`; \
-	done
-	for x in $(PROG_SBIN); do \
-	  rm -f $(sbindir)/`echo $$x | sed '$(transform)'`; \
-	done
-	for x in $(PROG_LIBEXEC); do \
-	  rm -f $(libexecdir)/`echo $$x | sed '$(transform)'`; \
-	done
-
-TAGS: $(SOURCES)
-	etags $(SOURCES)
-
-check:
-
-clean:
-	rm -f *.a *.o $(PROGS)
-
-mostlyclean: clean
-
-distclean: clean
-	rm -f Makefile *.tab.c *~
-
-realclean: distclean
-	rm -f TAGS
-
-dist: $(DISTFILES)
-	for file in $(DISTFILES); do \
-	  ln $$file ../`cat ../.fname`/lib \
-	    || cp -p $$file ../`cat ../.fname`/lib; \
-	done
-
-KLIB=-L../lib/kadm -lkadm -L../lib/krb -lkrb -L../lib/des -ldes -L../util/et -lcom_err
-LIBROKEN=-L../lib/roken -lroken
-
-kpasswd$(EXECSUFFIX): kpasswd.o new_pwd.o
-	$(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ kpasswd.o new_pwd.o $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN)
-
-kadmin$(EXECSUFFIX): kadmin.o new_pwd.o
-	$(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ new_pwd.o kadmin.o -L../lib/kadm -lkadm -L../lib/krb -lkrb -L../lib/des -ldes -L../lib/sl -lsl -L../util/et -lcom_err $(LIBROKEN) $(LIBS) $(LIB_readline) $(LIBROKEN)
-
-KADMIND_OBJECTS=kadm_server.o kadm_funcs.o admin_server.o kadm_ser_wrap.o pw_check.o
-
-kadmind$(EXECSUFFIX): $(KADMIND_OBJECTS)
-	$(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ $(KADMIND_OBJECTS) -L../lib/kdb -lkdb -L../lib/acl -lacl $(KLIB) $(CRACKLIB) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN)
-
-ksrvutil$(EXECSUFFIX): ksrvutil.o ksrvutil_get.o
-	$(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ ksrvutil.o ksrvutil_get.o $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN)
-
-$(OBJECTS): ../include/config.h
diff --git a/crypto/kerberosIV/kadmin/admin_server.c b/crypto/kerberosIV/kadmin/admin_server.c
deleted file mode 100644
index 2654c77477de..000000000000
--- a/crypto/kerberosIV/kadmin/admin_server.c
+++ /dev/null
@@ -1,432 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-/*
- * Top-level loop of the kerberos Administration server
- */
-
-/*
-  admin_server.c
-  this holds the main loop and initialization and cleanup code for the server
-*/
-
-#include "kadm_locl.h"
-
-RCSID("$Id: admin_server.c,v 1.41 1997/05/27 15:52:53 bg Exp $");
-
-/* Almost all procs and such need this, so it is global */
-admin_params prm;		/* The command line parameters struct */
-
-/* GLOBAL */
-char *acldir = DEFAULT_ACL_DIR;
-static char krbrlm[REALM_SZ];
-
-static unsigned pidarraysize = 0;
-static int *pidarray = (int *)0;
-
-static int exit_now = 0;
-
-static
-RETSIGTYPE
-doexit(int sig)
-{
-    exit_now = 1;
-    SIGRETURN(0);
-}
-   
-static
-RETSIGTYPE
-do_child(int sig)
-{
-    int pid;
-    int i, j;
-
-    int status;
-
-    pid = wait(&status);
-
-    /* Reinstall signal handlers for SysV. Must be done *after* wait */
-    signal(SIGCHLD, do_child);
-
-    for (i = 0; i < pidarraysize; i++)
-	if (pidarray[i] == pid) {
-	    /* found it */
-	    for (j = i; j < pidarraysize-1; j++)
-		/* copy others down */
-		pidarray[j] = pidarray[j+1];
-	    pidarraysize--;
-	    if ((WIFEXITED(status) && WEXITSTATUS(status) != 0)
-		|| WIFSIGNALED(status))
-	      krb_log("child %d: termsig %d, retcode %d", pid,
-		  WTERMSIG(status), WEXITSTATUS(status));
-	    SIGRETURN(0);
-	}
-    krb_log("child %d not in list: termsig %d, retcode %d", pid,
-	WTERMSIG(status), WEXITSTATUS(status));
-    SIGRETURN(0);
-}
-
-static void
-kill_children(void)
-{
-    int i;
-
-    for (i = 0; i < pidarraysize; i++) {
-	kill(pidarray[i], SIGINT);
-	krb_log("killing child %d", pidarray[i]);
-    }
-}
-
-/* close the system log file */
-static void
-close_syslog(void)
-{
-   krb_log("Shutting down admin server");
-}
-
-static void
-byebye(void)			/* say goodnight gracie */
-{
-   printf("Admin Server (kadm server) has completed operation.\n");
-}
-
-static void
-clear_secrets(void)
-{
-    memset(server_parm.master_key, 0, sizeof(server_parm.master_key));
-    memset(server_parm.master_key_schedule, 0,
-	  sizeof(server_parm.master_key_schedule));
-    server_parm.master_key_version = 0L;
-}
-
-#ifdef DEBUG
-#define cleanexit(code) {kerb_fini(); return;}
-#endif
-
-#ifndef DEBUG
-static void
-cleanexit(int val)
-{
-    kerb_fini();
-    clear_secrets();
-    exit(val);
-}
-#endif
-
-static void
-process_client(int fd, struct sockaddr_in *who)
-{
-    u_char *dat;
-    int dat_len;
-    u_short dlen;
-    int retval;
-    int on = 1;
-    Principal service;
-    des_cblock skey;
-    int more;
-    int status;
-
-#if defined(SO_KEEPALIVE) && defined(HAVE_SETSOCKOPT)
-    if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, (void *)&on, sizeof(on)) < 0)
-	krb_log("setsockopt keepalive: %d",errno);
-#endif
-
-    server_parm.recv_addr = *who;
-
-    if (kerb_init()) {			/* Open as client */
-	krb_log("can't open krb db");
-	cleanexit(1);
-    }
-    /* need to set service key to changepw.KRB_MASTER */
-
-    status = kerb_get_principal(server_parm.sname, server_parm.sinst, &service,
-			    1, &more);
-    if (status == -1) {
-      /* db locked */
-      int32_t retcode = KADM_DB_INUSE;
-      char *pdat;
-      
-      dat_len = KADM_VERSIZE + sizeof(retcode);
-      dat = (u_char *) malloc((unsigned)dat_len);
-      pdat = (char *) dat;
-      retcode = htonl((u_int32_t) KADM_DB_INUSE);
-      strncpy(pdat, KADM_ULOSE, KADM_VERSIZE);
-      memcpy(pdat+KADM_VERSIZE, &retcode, sizeof(retcode));
-      goto out;
-    } else if (!status) {
-      krb_log("no service %s.%s",server_parm.sname, server_parm.sinst);
-      cleanexit(2);
-    }
-
-    copy_to_key(&service.key_low, &service.key_high, skey);
-    memset(&service, 0, sizeof(service));
-    kdb_encrypt_key (&skey, &skey, &server_parm.master_key,
-		     server_parm.master_key_schedule, DES_DECRYPT);
-    krb_set_key(skey, 0); /* if error, will show up when
-					    rd_req fails */
-    memset(skey, 0, sizeof(skey));
-
-    while (1) {
-	if ((retval = krb_net_read(fd, &dlen, sizeof(u_short))) !=
-	    sizeof(u_short)) {
-	    if (retval < 0)
-		krb_log("dlen read: %s",error_message(errno));
-	    else if (retval)
-		krb_log("short dlen read: %d",retval);
-	    close(fd);
-	    cleanexit(retval ? 3 : 0);
-	}
-	if (exit_now) {
-	    cleanexit(0);
-	}
-	dat_len = ntohs(dlen);
-	dat = (u_char *) malloc(dat_len);
-	if (!dat) {
-	    krb_log("malloc: No memory");
-	    close(fd);
-	    cleanexit(4);
-	}
-	if ((retval = krb_net_read(fd, dat, dat_len)) != dat_len) {
-	    if (retval < 0)
-		krb_log("data read: %s",error_message(errno));
-	    else
-		krb_log("short read: %d vs. %d", dat_len, retval);
-	    close(fd);
-	    cleanexit(5);
-	}
-    	if (exit_now) {
-	    cleanexit(0);
-	}
-	if ((retval = kadm_ser_in(&dat,&dat_len)) != KADM_SUCCESS)
-	    krb_log("processing request: %s", error_message(retval));
-    
-	/* kadm_ser_in did the processing and returned stuff in
-	   dat & dat_len , return the appropriate data */
-    
-    out:
-	dlen = htons(dat_len);
-    
-	if (krb_net_write(fd, &dlen, sizeof(u_short)) < 0) {
-	    krb_log("writing dlen to client: %s",error_message(errno));
-	    close(fd);
-	    cleanexit(6);
-	}
-    
-	if (krb_net_write(fd, dat, dat_len) < 0) {
-	    krb_log("writing to client: %s", error_message(errno));
-	    close(fd);
-	    cleanexit(7);
-	}
-	free(dat);
-    }
-    /*NOTREACHED*/
-}
-
-/*
-kadm_listen
-listen on the admin servers port for a request
-*/
-static int
-kadm_listen(void)
-{
-    int found;
-    int admin_fd;
-    int peer_fd;
-    fd_set mask, readfds;
-    struct sockaddr_in peer;
-    int addrlen;
-    int pid;
-
-    signal(SIGINT, doexit);
-    signal(SIGTERM, doexit);
-    signal(SIGHUP, doexit);
-    signal(SIGQUIT, doexit);
-    signal(SIGPIPE, SIG_IGN); /* get errors on write() */
-    signal(SIGALRM, doexit);
-    signal(SIGCHLD, do_child);
-    if (setsid() < 0)
-        krb_log("setsid() failed");
-
-    if ((admin_fd = socket(AF_INET, SOCK_STREAM, 0)) < 0)
-	return KADM_NO_SOCK;
-#if defined(SO_REUSEADDR) && defined(HAVE_SETSOCKOPT)
-    {
-      int one=1;
-      setsockopt(admin_fd, SOL_SOCKET, SO_REUSEADDR, (void *)&one,
-		 sizeof(one));
-    }
-#endif
-    if (bind(admin_fd, (struct sockaddr *)&server_parm.admin_addr,
-	     sizeof(struct sockaddr_in)) < 0)
-	return KADM_NO_BIND;
-    listen(admin_fd, 1);
-    FD_ZERO(&mask);
-    FD_SET(admin_fd, &mask);
-
-    for (;;) {				/* loop nearly forever */
-	if (exit_now) {
-	    clear_secrets();
-	    kill_children();
-	    return(0);
-	}
-	readfds = mask;
-	if ((found = select(admin_fd+1, &readfds, 0,
-			    0, (struct timeval *)0)) == 0)
-	    continue;			/* no things read */
-	if (found < 0) {
-	    if (errno != EINTR)
-		krb_log("select: %s",error_message(errno));
-	    continue;
-	}      
-	if (FD_ISSET(admin_fd, &readfds)) {
-	    /* accept the conn */
-	    addrlen = sizeof(peer);
-	    if ((peer_fd = accept(admin_fd, (struct sockaddr *)&peer,
-				  &addrlen)) < 0) {
-		krb_log("accept: %s",error_message(errno));
-		continue;
-	    }
-#ifndef DEBUG
-	    /* if you want a sep daemon for each server */
-	    if ((pid = fork())) {
-		/* parent */
-		if (pid < 0) {
-		    krb_log("fork: %s",error_message(errno));
-		    close(peer_fd);
-		    continue;
-		}
-		/* fork succeded: keep tabs on child */
-		close(peer_fd);
-		if (pidarray) {
-		    pidarray = (int *)realloc(pidarray, ++pidarraysize);
-		    pidarray[pidarraysize-1] = pid;
-		} else {
-		    pidarray = (int *)malloc(pidarraysize = 1);
-		    pidarray[0] = pid;
-		}
-	    } else {
-		/* child */
-		close(admin_fd);
-#endif /* DEBUG */
-		/*
-		 * If we are multihomed we need to figure out which
-		 * local address that is used this time since it is
-		 * used in "direction" comparison.
-		 */
-		getsockname(peer_fd,
-			    (struct sockaddr *)&server_parm.admin_addr,
-			    &addrlen);
-		/* do stuff */
-		process_client (peer_fd, &peer);
-#ifndef DEBUG
-	    }
-#endif
-	} else {
-	    krb_log("something else woke me up!");
-	    return(0);
-	}
-    }
-    /*NOTREACHED*/
-}
-
-/*
-** Main does the logical thing, it sets up the database and RPC interface,
-**  as well as handling the creation and maintenance of the syslog file...
-*/
-int
-main(int argc, char **argv)		/* admin_server main routine */
-{
-    int errval;
-    int c;
-
-    set_progname (argv[0]);
-
-    umask(077);		/* Create protected files */
-
-    /* initialize the admin_params structure */
-    prm.sysfile = KADM_SYSLOG;		/* default file name */
-    prm.inter = 0;
-
-    memset(krbrlm, 0, sizeof(krbrlm));
-
-    while ((c = getopt(argc, argv, "f:hmnd:a:r:")) != EOF)
-	switch(c) {
-	case 'f':			/* Syslog file name change */
-	    prm.sysfile = optarg;
-	    break;
-	case 'n':
-	    prm.inter = 0;
-	    break;
-	case 'm':
-	    prm.inter = 1;
-	    break;
-	case 'a':			/* new acl directory */
-	    acldir = optarg;
-	    break;
-	case 'd':
-	    /* put code to deal with alt database place */
-	    if ((errval = kerb_db_set_name(optarg)))
-		errx (1, "opening database %s: %s",
-		      optarg, error_message(errval));
-	    break;
-	case 'r':
-	    strncpy(krbrlm, optarg, sizeof(krbrlm) - 1);
-	    break;
-	case 'h':			/* get help on using admin_server */
-	default:
-	    errx(1, "Usage: kadmind [-h] [-n] [-m] [-r realm] [-d dbname] [-f filename] [-a acldir]");
-	}
-
-    if (krbrlm[0] == 0)
-	if (krb_get_lrealm(krbrlm, 0) != KSUCCESS)
-	    errx (1, "Unable to get local realm.  Fix krb.conf or use -r.");
-
-    printf("KADM Server %s initializing\n",KADM_VERSTR);
-    printf("Please do not use 'kill -9' to kill this job, use a\n");
-    printf("regular kill instead\n\n");
-
-    kset_logfile(prm.sysfile);
-    krb_log("Admin server starting");
-
-    kerb_db_set_lockmode(KERB_DBL_NONBLOCKING);
-    errval = kerb_init();		/* Open the Kerberos database */
-    if (errval) {
-	warnx ("error: kerb_init() failed");
-	close_syslog();
-	byebye();
-    }
-    /* set up the server_parm struct */
-    if ((errval = kadm_ser_init(prm.inter, krbrlm))==KADM_SUCCESS) {
-	kerb_fini();			/* Close the Kerberos database--
-					   will re-open later */
-	errval = kadm_listen();		/* listen for calls to server from
-					   clients */
-    }
-    if (errval != KADM_SUCCESS) {
-	warnx("error:  %s",error_message(errval));
-	kerb_fini();			/* Close if error */
-    }
-    close_syslog();			/* Close syslog file, print
-					   closing note */
-    byebye();				/* Say bye bye on the terminal
-					   in use */
-    exit(1);
-}					/* procedure main */
diff --git a/crypto/kerberosIV/kadmin/kadm_funcs.c b/crypto/kerberosIV/kadmin/kadm_funcs.c
deleted file mode 100644
index 34a34b0a9ae9..000000000000
--- a/crypto/kerberosIV/kadmin/kadm_funcs.c
+++ /dev/null
@@ -1,411 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-*/
-
-/*
- * Kerberos administration server-side database manipulation routines
- */
-
-/*
- * kadm_funcs.c
- * the actual database manipulation code
- */
-
-#include "kadm_locl.h"
-
-RCSID("$Id: kadm_funcs.c,v 1.16 1997/05/02 14:28:49 assar Exp $");
-
-static int
-check_access(char *pname, char *pinst, char *prealm, enum acl_types acltype)
-{
-    char checkname[MAX_K_NAME_SZ];
-    char filename[MaxPathLen];
-
-    snprintf(checkname, sizeof(checkname), "%s.%s@%s", pname, pinst, prealm);
-    
-    switch (acltype) {
-    case ADDACL:
-	snprintf(filename, sizeof(filename), "%s%s", acldir, ADD_ACL_FILE);
-	break;
-    case GETACL:
-	snprintf(filename, sizeof(filename), "%s%s", acldir, GET_ACL_FILE);
-	break;
-    case MODACL:
-	snprintf(filename, sizeof(filename), "%s%s", acldir, MOD_ACL_FILE);
-	break;
-    case DELACL:
-	snprintf(filename, sizeof(filename), "%s%s", acldir, DEL_ACL_FILE);
-	break;
-    default:
-	krb_log("WARNING in check_access: default case in switch");
-	return 0;
-    }
-    return(acl_check(filename, checkname));
-}
-
-static int
-wildcard(char *str)
-{
-    if (!strcmp(str, WILDCARD_STR))
-	return(1);
-    return(0);
-}
-
-static int
-fail(int code, char *oper, char *princ)
-{
-    krb_log("ERROR: %s: %s (%s)", oper, princ, error_message(code));
-    return code;
-}
-
-#define failadd(code) { fail(code, "ADD", victim); return code; }
-#define faildelete(code) { fail(code, "DELETE", victim); return code; }
-#define failget(code) { fail(code, "GET", victim); return code; }
-#define failmod(code) { fail(code, "MOD", victim); return code; }
-#define failchange(code) { fail(code, "CHANGE", admin); return code; }
-
-int
-kadm_add_entry (char *rname, char *rinstance, char *rrealm, 
-		Kadm_vals *valsin, Kadm_vals *valsout)
-{
-    long numfound;		/* check how many we get written */
-    int more;			/* pointer to more grabbed records */
-    Principal data_i, data_o;		/* temporary principal */
-    u_char flags[4];
-    des_cblock newpw;
-    Principal default_princ;
-  
-    char admin[MAX_K_NAME_SZ], victim[MAX_K_NAME_SZ];
-
-    strcpy(admin, krb_unparse_name_long(rname, rinstance, rrealm));
-    strcpy(victim, krb_unparse_name_long(valsin->name, valsin->instance, NULL));
-
-    krb_log("ADD: %s by %s", victim, admin);
-
-    if (!check_access(rname, rinstance, rrealm, ADDACL)) {
-	krb_log("WARNING: ADD: %s permission denied", admin);
-	return KADM_UNAUTH;
-    }
-  
-    /* Need to check here for "legal" name and instance */
-    if (wildcard(valsin->name) || wildcard(valsin->instance)) {
-	failadd(KADM_ILL_WILDCARD);
-    }
-
-    numfound = kerb_get_principal(KERB_DEFAULT_NAME, KERB_DEFAULT_INST,
-				  &default_princ, 1, &more);
-    if (numfound == -1) {
-	failadd(KADM_DB_INUSE);
-    } else if (numfound != 1) {
-	failadd(KADM_UK_RERROR);
-    }
-
-    kadm_vals_to_prin(valsin->fields, &data_i, valsin);
-    strncpy(data_i.name, valsin->name, ANAME_SZ);
-    strncpy(data_i.instance, valsin->instance, INST_SZ);
-
-    if (!IS_FIELD(KADM_EXPDATE,valsin->fields))
-	data_i.exp_date = default_princ.exp_date;
-    if (!IS_FIELD(KADM_ATTR,valsin->fields))
-	data_i.attributes = default_princ.attributes;
-    if (!IS_FIELD(KADM_MAXLIFE,valsin->fields))
-	data_i.max_life = default_princ.max_life; 
-
-    memset(&default_princ, 0, sizeof(default_princ));
-
-    /* convert to host order */
-    data_i.key_low = ntohl(data_i.key_low);
-    data_i.key_high = ntohl(data_i.key_high);
-
-
-    copy_to_key(&data_i.key_low, &data_i.key_high, newpw);
-
-    /* encrypt new key in master key */
-    kdb_encrypt_key (&newpw, &newpw, &server_parm.master_key,
-		     server_parm.master_key_schedule, DES_ENCRYPT);
-    copy_from_key(newpw, &data_i.key_low, &data_i.key_high);
-    memset(newpw, 0, sizeof(newpw));
-
-    data_o = data_i;
-    numfound = kerb_get_principal(valsin->name, valsin->instance, 
-				  &data_o, 1, &more);
-    if (numfound == -1) {
-	failadd(KADM_DB_INUSE);
-    } else if (numfound) {
-	failadd(KADM_INUSE);
-    } else {
-	data_i.key_version++;
-	data_i.kdc_key_ver = server_parm.master_key_version;
-	strncpy(data_i.mod_name, rname, sizeof(data_i.mod_name)-1);
-	strncpy(data_i.mod_instance, rinstance,
-		sizeof(data_i.mod_instance)-1);
-
-	numfound = kerb_put_principal(&data_i, 1);
-	if (numfound == -1) {
-	    failadd(KADM_DB_INUSE);
-	} else if (numfound) {
-	    failadd(KADM_UK_SERROR);
-	} else {
-	    numfound = kerb_get_principal(valsin->name, valsin->instance, 
-					  &data_o, 1, &more);
-	    if ((numfound!=1) || (more!=0)) {
-		failadd(KADM_UK_RERROR);
-	    }
-	    memset(flags, 0, sizeof(flags));
-	    SET_FIELD(KADM_NAME,flags);
-	    SET_FIELD(KADM_INST,flags);
-	    SET_FIELD(KADM_EXPDATE,flags);
-	    SET_FIELD(KADM_ATTR,flags);
-	    SET_FIELD(KADM_MAXLIFE,flags);
-	    kadm_prin_to_vals(flags, valsout, &data_o);
-	    krb_log("ADD: %s added", victim);
-	    return KADM_DATA;		/* Set all the appropriate fields */
-	}
-    }
-}
-
-int
-kadm_delete_entry (char *rname, char *rinstance, char *rrealm, 
-		   Kadm_vals *valsin)
-{
-    int ret;
-
-    char admin[MAX_K_NAME_SZ], victim[MAX_K_NAME_SZ];
-    
-    strcpy(admin, krb_unparse_name_long(rname, rinstance, rrealm));
-    strcpy(victim, krb_unparse_name_long(valsin->name, valsin->instance, NULL));
-
-    krb_log("DELETE: %s by %s", victim, admin);
-
-    if (!check_access(rname, rinstance, rrealm, DELACL)) {
-	krb_log("WARNING: DELETE: %s permission denied", admin);
-	return KADM_UNAUTH;
-    }
-    
-    /* Need to check here for "legal" name and instance */
-    if (wildcard(valsin->name) || wildcard(valsin->instance)) {
-	faildelete(KADM_ILL_WILDCARD);
-    }
-  
-#define EQ(V,N,I) (strcmp((V)->name, (N)) == 0 && strcmp((V)->instance, (I)) == 0)
-
-    if(EQ(valsin, PWSERV_NAME, KRB_MASTER) ||
-       EQ(valsin, "K", "M") ||
-       EQ(valsin, "default", "") ||
-       EQ(valsin, KRB_TICKET_GRANTING_TICKET, server_parm.krbrlm)){
-	krb_log("WARNING: DELETE: %s is immutable", victim);
-	return KADM_IMMUTABLE; /* XXX */
-    }
-    
-    ret = kerb_delete_principal(valsin->name, valsin->instance);
-    if(ret == -1)
-	return KADM_DB_INUSE; /* XXX */
-    krb_log("DELETE: %s removed.", victim);
-    return KADM_SUCCESS;
-}
-
-
-int
-kadm_get_entry (char *rname, char *rinstance, char *rrealm, 
-		Kadm_vals *valsin, u_char *flags, Kadm_vals *valsout)
-{
-    long numfound;		/* check how many were returned */
-    int more;			/* To point to more name.instances */
-    Principal data_o;		/* Data object to hold Principal */
-    
-    char admin[MAX_K_NAME_SZ], victim[MAX_K_NAME_SZ];
-    
-    strcpy(admin, krb_unparse_name_long(rname, rinstance, rrealm));
-    strcpy(victim, krb_unparse_name_long(valsin->name, valsin->instance, NULL));
-    
-    krb_log("GET: %s by %s", victim, admin);
-
-    if (!check_access(rname, rinstance, rrealm, GETACL)) {
-	krb_log("WARNING: GET: %s permission denied", admin);
-	return KADM_UNAUTH;
-    }
-  
-    if (wildcard(valsin->name) || wildcard(valsin->instance)) {
-	failget(KADM_ILL_WILDCARD);
-    }
-
-    /* Look up the record in the database */
-    numfound = kerb_get_principal(valsin->name, valsin->instance, 
-				  &data_o, 1, &more);
-    if (numfound == -1) {
-	failget(KADM_DB_INUSE);
-    }  else if (numfound) {	/* We got the record, let's return it */
-	kadm_prin_to_vals(flags, valsout, &data_o);
-	krb_log("GET: %s retrieved", victim);
-	return KADM_DATA; /* Set all the appropriate fields */
-    } else {
-	failget(KADM_NOENTRY);	/* Else whimper and moan */
-    }
-}
-
-int
-kadm_mod_entry (char *rname, char *rinstance, char *rrealm, 
-		Kadm_vals *valsin, Kadm_vals *valsin2, Kadm_vals *valsout)
-{
-    long numfound;
-    int more;
-    Principal data_o, temp_key;
-    u_char fields[4];
-    des_cblock newpw;
-
-    char admin[MAX_K_NAME_SZ], victim[MAX_K_NAME_SZ];
-    
-    strcpy(admin, krb_unparse_name_long(rname, rinstance, rrealm));
-    strcpy(victim, krb_unparse_name_long(valsin->name, valsin->instance, NULL));
-    
-    krb_log("MOD: %s by %s", victim, admin);
-
-    if (wildcard(valsin->name) || wildcard(valsin->instance)) {
-	failmod(KADM_ILL_WILDCARD);
-    }
-  
-    if (!check_access(rname, rinstance, rrealm, MODACL)) {
-	krb_log("WARNING: MOD: %s permission denied", admin);
-	return KADM_UNAUTH;
-    }
-    
-    numfound = kerb_get_principal(valsin->name, valsin->instance, 
-				  &data_o, 1, &more);
-    if (numfound == -1) {
-	failmod(KADM_DB_INUSE);
-    } else if (numfound) {
-	kadm_vals_to_prin(valsin2->fields, &temp_key, valsin2);
-	strncpy(data_o.name, valsin->name, ANAME_SZ);
-	strncpy(data_o.instance, valsin->instance, INST_SZ);
-	if (IS_FIELD(KADM_EXPDATE,valsin2->fields))
-	    data_o.exp_date = temp_key.exp_date;
-	if (IS_FIELD(KADM_ATTR,valsin2->fields))
-	    data_o.attributes = temp_key.attributes;
-	if (IS_FIELD(KADM_MAXLIFE,valsin2->fields))
-	    data_o.max_life = temp_key.max_life; 
-	if (IS_FIELD(KADM_DESKEY,valsin2->fields)) {
-	    data_o.key_version++;
-	    data_o.kdc_key_ver = server_parm.master_key_version;
-
-
-	    /* convert to host order */
-	    temp_key.key_low = ntohl(temp_key.key_low);
-	    temp_key.key_high = ntohl(temp_key.key_high);
-
-
-	    copy_to_key(&temp_key.key_low, &temp_key.key_high, newpw);
-
-	    /* encrypt new key in master key */
-	    kdb_encrypt_key (&newpw, &newpw, &server_parm.master_key,
-			     server_parm.master_key_schedule, DES_ENCRYPT);
-	    copy_from_key(newpw, &data_o.key_low, &data_o.key_high);
-	    memset(newpw, 0, sizeof(newpw));
-	}
-	memset(&temp_key, 0, sizeof(temp_key));
-
-	strncpy(data_o.mod_name, rname, sizeof(data_o.mod_name)-1);
-	strncpy(data_o.mod_instance, rinstance,
-		sizeof(data_o.mod_instance)-1);
-	more = kerb_put_principal(&data_o, 1);
-
-	memset(&data_o, 0, sizeof(data_o));
-
-	if (more == -1) {
-	    failmod(KADM_DB_INUSE);
-	} else if (more) {
-	    failmod(KADM_UK_SERROR);
-	} else {
-	    numfound = kerb_get_principal(valsin->name, valsin->instance, 
-					  &data_o, 1, &more);
-	    if ((more!=0)||(numfound!=1)) {
-		failmod(KADM_UK_RERROR);
-	    }
-	    memset(fields, 0, sizeof(fields));
-	    SET_FIELD(KADM_NAME,fields);
-	    SET_FIELD(KADM_INST,fields);
-	    SET_FIELD(KADM_EXPDATE,fields);
-	    SET_FIELD(KADM_ATTR,fields);
-	    SET_FIELD(KADM_MAXLIFE,fields);
-	    kadm_prin_to_vals(fields, valsout, &data_o);
-	    krb_log("MOD: %s modified", victim);
-	    return KADM_DATA;		/* Set all the appropriate fields */
-	}
-    }
-    else {
-	failmod(KADM_NOENTRY);
-    }
-}
-
-int
-kadm_change (char *rname, char *rinstance, char *rrealm, unsigned char *newpw)
-{
-    long numfound;
-    int more;
-    Principal data_o;
-    des_cblock local_pw;
-
-    char admin[MAX_K_NAME_SZ];
-    
-    strcpy(admin, krb_unparse_name_long(rname, rinstance, rrealm));
-    
-    krb_log("CHANGE: %s", admin);
-
-    if (strcmp(server_parm.krbrlm, rrealm)) {
-	krb_log("ERROR: CHANGE: request from wrong realm %s", rrealm);
-	return(KADM_WRONG_REALM);
-    }
-
-    if (wildcard(rname) || wildcard(rinstance)) {
-	failchange(KADM_ILL_WILDCARD);
-    }
-
-    memcpy(local_pw, newpw, sizeof(local_pw));
-  
-    /* encrypt new key in master key */
-    kdb_encrypt_key (&local_pw, &local_pw, &server_parm.master_key,
-		     server_parm.master_key_schedule, DES_ENCRYPT);
-
-    numfound = kerb_get_principal(rname, rinstance, 
-				  &data_o, 1, &more);
-    if (numfound == -1) {
-	failchange(KADM_DB_INUSE);
-    } else if (numfound) {
-	copy_from_key(local_pw, &data_o.key_low, &data_o.key_high);
-	data_o.key_version++;
-	data_o.kdc_key_ver = server_parm.master_key_version;
-	strncpy(data_o.mod_name, rname, sizeof(data_o.mod_name)-1);
-	strncpy(data_o.mod_instance, rinstance,
-		sizeof(data_o.mod_instance)-1);
-	more = kerb_put_principal(&data_o, 1);
-	memset(local_pw, 0, sizeof(local_pw));
-	memset(&data_o, 0, sizeof(data_o));
-	if (more == -1) {
-	    failchange(KADM_DB_INUSE);
-	} else if (more) {
-	    failchange(KADM_UK_SERROR);
-	} else {
-	    krb_log("CHANGE: %s's password changed", admin);
-	    return KADM_SUCCESS;
-	}
-    }
-    else {
-	failchange(KADM_NOENTRY);
-    }
-}
diff --git a/crypto/kerberosIV/kadmin/kadm_locl.h b/crypto/kerberosIV/kadmin/kadm_locl.h
deleted file mode 100644
index 07f9093a29fb..000000000000
--- a/crypto/kerberosIV/kadmin/kadm_locl.h
+++ /dev/null
@@ -1,148 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* $Id: kadm_locl.h,v 1.25 1997/05/20 18:40:43 bg Exp $ */
-
-#include "config.h"
-#include "protos.h"
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <ctype.h>
-#include <string.h>
-
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-
-#ifdef TIME_WITH_SYS_TIME
-#include <sys/time.h>
-#include <time.h>
-#elif defined(HAVE_SYS_TIME_H)
-#include <sys/time.h>
-#else
-#include <time.h>
-#endif
-
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
-#ifdef HAVE_SYS_SELECT_H
-#include <sys/select.h>
-#endif
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-
-#include <errno.h>
-#include <signal.h>
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#ifdef HAVE_SYS_RESOURCE_H
-#include <sys/resource.h>
-#endif /* HAVE_SYS_RESOURCE_H */
-#ifdef HAVE_SYS_WAIT_H
-#include <sys/wait.h>
-#endif
-#ifdef HAVE_PWD_H
-#include <pwd.h>
-#endif
-
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_NETDB_H
-#include <netdb.h>
-#endif
-
-#ifdef HAVE_SYSLOG_H
-#include <syslog.h>
-#endif
-
-#include <err.h>
-
-#ifdef SOCKS
-#include <socks.h>
-#endif
-
-#include <roken.h>
-
-#include <com_err.h>
-#include <sl.h>
-
-#include <des.h>
-#include <krb.h>
-#include <krb_err.h>
-#include <krb_db.h>
-#include <kadm.h>
-#include <kadm_err.h>
-#include <acl.h>
-
-#include "kadm_server.h"
-#include "pw_check.h"
-
-/* from libacl */
-/* int acl_check(char *acl, char *principal); */
-
-/* GLOBALS */
-extern char *acldir;
-extern Kadm_Server server_parm;
-
-/* Utils */
-int kadm_change __P((char *, char *, char *, des_cblock));
-int kadm_add_entry __P((char *, char *, char *, Kadm_vals *, Kadm_vals *));
-int kadm_mod_entry __P((char *, char *, char *, Kadm_vals *, Kadm_vals *, Kadm_vals *));
-int kadm_get_entry __P((char *, char *, char *, Kadm_vals *, u_char *, Kadm_vals *));
-int kadm_delete_entry __P((char *, char *, char *, Kadm_vals *));
-int kadm_ser_cpw __P((u_char *, int, AUTH_DAT *, u_char **, int *));
-int kadm_ser_add __P((u_char *, int, AUTH_DAT *, u_char **, int *));
-int kadm_ser_mod __P((u_char *, int, AUTH_DAT *, u_char **, int *));
-int kadm_ser_get __P((u_char *, int, AUTH_DAT *, u_char **, int *));
-int kadm_ser_delete __P((u_char *, int, AUTH_DAT *, u_char **, int *));
-int kadm_ser_init __P((int inter, char realm[]));
-int kadm_ser_in __P((u_char **, int *));
-
-int get_pw_new_pwd  __P((char *pword, int pwlen, krb_principal *pr, int print_realm));
-
-/* cracklib */
-char *FascistCheck __P((char *password, char *path, char **strings));
diff --git a/crypto/kerberosIV/kadmin/kadm_ser_wrap.c b/crypto/kerberosIV/kadmin/kadm_ser_wrap.c
deleted file mode 100644
index 6909a9f0e0cc..000000000000
--- a/crypto/kerberosIV/kadmin/kadm_ser_wrap.c
+++ /dev/null
@@ -1,213 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-/*
- * Kerberos administration server-side support functions
- */
-
-/* 
-kadm_ser_wrap.c
-unwraps wrapped packets and calls the appropriate server subroutine
-*/
-
-#include "kadm_locl.h"
-
-RCSID("$Id: kadm_ser_wrap.c,v 1.20 1997/05/02 10:29:14 joda Exp $");
-
-/* GLOBAL */
-Kadm_Server server_parm;
-
-/* 
-kadm_ser_init
-set up the server_parm structure
-*/
-int
-kadm_ser_init(int inter, char *realm)
-          			/* interactive or from file */
-             
-{
-  struct hostent *hp;
-  char hostname[MaxHostNameLen];
-
-  init_kadm_err_tbl();
-  init_krb_err_tbl();
-  if (k_gethostname(hostname, sizeof(hostname)))
-      return KADM_NO_HOSTNAME;
-
-  strcpy(server_parm.sname, PWSERV_NAME);
-  strcpy(server_parm.sinst, KRB_MASTER);
-  strcpy(server_parm.krbrlm, realm);
-
-  server_parm.admin_fd = -1;
-  /* setting up the addrs */
-  memset(&server_parm.admin_addr,0, sizeof(server_parm.admin_addr));
-
-  server_parm.admin_addr.sin_port = k_getportbyname (KADM_SNAME,
-						     "tcp",
-						     htons(751));
-  server_parm.admin_addr.sin_family = AF_INET;
-  if ((hp = gethostbyname(hostname)) == NULL)
-      return KADM_NO_HOSTNAME;
-  server_parm.admin_addr.sin_addr.s_addr = INADDR_ANY;
-				/* setting up the database */
-  if (kdb_get_master_key((inter==1), &server_parm.master_key,
-			 server_parm.master_key_schedule) != 0)
-    return KADM_NO_MAST;
-  if ((server_parm.master_key_version =
-       kdb_verify_master_key(&server_parm.master_key,
-			     server_parm.master_key_schedule,stderr))<0)
-      return KADM_NO_VERI;
-  return KADM_SUCCESS;
-}
-
-static void errpkt(u_char **dat, int *dat_len, int code)
-{
-    u_int32_t retcode;
-    char *pdat;
-
-    free(*dat);			/* free up req */
-    *dat_len = KADM_VERSIZE + sizeof(u_int32_t);
-    *dat = (u_char *) malloc((unsigned)*dat_len);
-    pdat = (char *) *dat;
-    retcode = htonl((u_int32_t) code);
-    strncpy(pdat, KADM_ULOSE, KADM_VERSIZE);
-    memcpy(&pdat[KADM_VERSIZE], &retcode, sizeof(u_int32_t));
-    return;
-}
-
-/*
-kadm_ser_in
-unwrap the data stored in dat, process, and return it.
-*/
-int
-kadm_ser_in(u_char **dat, int *dat_len)
-{
-    u_char *in_st;			/* pointer into the sent packet */
-    int in_len,retc;			/* where in packet we are, for
-					   returns */
-    u_int32_t r_len;			/* length of the actual packet */
-    KTEXT_ST authent;			/* the authenticator */
-    AUTH_DAT ad;			/* who is this, klink */
-    u_int32_t ncksum;			/* checksum of encrypted data */
-    des_key_schedule sess_sched;	/* our schedule */
-    MSG_DAT msg_st;
-    u_char *retdat, *tmpdat;
-    int retval, retlen;
-
-    if (strncmp(KADM_VERSTR, (char *)*dat, KADM_VERSIZE)) {
-	errpkt(dat, dat_len, KADM_BAD_VER);
-	return KADM_BAD_VER;
-    }
-    in_len = KADM_VERSIZE;
-    /* get the length */
-    if ((retc = stv_long(*dat, &r_len, in_len, *dat_len)) < 0)
-	return KADM_LENGTH_ERROR;
-    in_len += retc;
-    authent.length = *dat_len - r_len - KADM_VERSIZE - sizeof(u_int32_t);
-    memcpy(authent.dat, (char *)(*dat) + in_len, authent.length);
-    authent.mbz = 0;
-    /* service key should be set before here */
-    if ((retc = krb_rd_req(&authent, server_parm.sname, server_parm.sinst,
-			  server_parm.recv_addr.sin_addr.s_addr, &ad, NULL)))
-    {
-	errpkt(dat, dat_len,retc + krb_err_base);
-	return retc + krb_err_base;
-    }
-
-#define clr_cli_secrets() {memset(sess_sched, 0, sizeof(sess_sched)); memset(ad.session, 0,sizeof(ad.session));}
-
-    in_st = *dat + *dat_len - r_len;
-#ifdef NOENCRYPTION
-    ncksum = 0;
-#else
-    ncksum = des_quad_cksum((des_cblock *)in_st, (des_cblock *)0, (long) r_len, 0, &ad.session);
-#endif
-    if (ncksum!=ad.checksum) {		/* yow, are we correct yet */
-	clr_cli_secrets();
-	errpkt(dat, dat_len,KADM_BAD_CHK);
-	return KADM_BAD_CHK;
-    }
-#ifdef NOENCRYPTION
-    memset(sess_sched, 0, sizeof(sess_sched));
-#else
-    des_key_sched(&ad.session, sess_sched);
-#endif
-    if ((retc = (int) krb_rd_priv(in_st, r_len, sess_sched, &ad.session, 
-				 &server_parm.recv_addr,
-				 &server_parm.admin_addr, &msg_st))) {
-	clr_cli_secrets();
-	errpkt(dat, dat_len,retc + krb_err_base);
-	return retc + krb_err_base;
-    }
-    switch (msg_st.app_data[0]) {
-    case CHANGE_PW:
-	retval = kadm_ser_cpw(msg_st.app_data+1,(int) msg_st.app_length - 1,
-			      &ad, &retdat, &retlen);
-	break;
-    case ADD_ENT:
-	retval = kadm_ser_add(msg_st.app_data+1,(int) msg_st.app_length - 1,
-			      &ad, &retdat, &retlen);
-	break;
-    case GET_ENT:
-	retval = kadm_ser_get(msg_st.app_data+1,(int) msg_st.app_length - 1,
-			      &ad, &retdat, &retlen);
-	break;
-    case MOD_ENT:
-	retval = kadm_ser_mod(msg_st.app_data+1,(int) msg_st.app_length - 1,
-			      &ad, &retdat, &retlen);
-	break;
-    case DEL_ENT:
-	retval = kadm_ser_delete(msg_st.app_data + 1, msg_st.app_length - 1, 
-				 &ad, &retdat, &retlen);
-	break;
-    default:
-	clr_cli_secrets();
-	errpkt(dat, dat_len, KADM_NO_OPCODE);
-	return KADM_NO_OPCODE;
-    }
-    /* Now seal the response back into a priv msg */
-    free(*dat);
-    tmpdat = (u_char *) malloc((unsigned)(retlen + KADM_VERSIZE +
-					  sizeof(u_int32_t)));
-    strncpy((char *)tmpdat, KADM_VERSTR, KADM_VERSIZE);
-    retval = htonl((u_int32_t)retval);
-    memcpy((char *)tmpdat + KADM_VERSIZE, &retval, sizeof(u_int32_t));
-    if (retlen) {
-        memcpy((char *)tmpdat + KADM_VERSIZE + sizeof(u_int32_t), retdat,
-	       retlen);
-	free(retdat);
-    }
-    /* slop for mk_priv stuff */
-    *dat = (u_char *) malloc((unsigned) (retlen + KADM_VERSIZE +
-					 sizeof(u_int32_t) + 200));
-    if ((*dat_len = krb_mk_priv(tmpdat, *dat,
-				(u_int32_t) (retlen + KADM_VERSIZE +
-					  sizeof(u_int32_t)),
-				sess_sched,
-				&ad.session, &server_parm.admin_addr,
-				&server_parm.recv_addr)) < 0) {
-	clr_cli_secrets();
-	errpkt(dat, dat_len, KADM_NO_ENCRYPT);
-	return KADM_NO_ENCRYPT;
-    }
-    clr_cli_secrets();
-    return KADM_SUCCESS;
-}
diff --git a/crypto/kerberosIV/kadmin/kadm_server.c b/crypto/kerberosIV/kadmin/kadm_server.c
deleted file mode 100644
index 1006f20c70ad..000000000000
--- a/crypto/kerberosIV/kadmin/kadm_server.c
+++ /dev/null
@@ -1,198 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-/*
- * Kerberos administration server-side subroutines
- */
-
-#include "kadm_locl.h"
-
-RCSID("$Id: kadm_server.c,v 1.9 1997/05/02 10:29:08 joda Exp $");
-
-/* 
-kadm_ser_cpw - the server side of the change_password routine
-  recieves    : KTEXT, {key}
-  returns     : CKSUM, RETCODE
-  acl         : caller can change only own password
-
-Replaces the password (i.e. des key) of the caller with that specified in key.
-Returns no actual data from the master server, since this is called by a user
-*/
-int
-kadm_ser_cpw(u_char *dat, int len, AUTH_DAT *ad, u_char **datout, int *outlen)
-{
-    u_int32_t keylow, keyhigh;
-    des_cblock newkey;
-    int status;
-    int stvlen=0;
-    char *pw_msg;
-    char pword[MAX_KPW_LEN];
-    char *strings[4];
-
-    /* take key off the stream, and change the database */
-
-    if ((status = stv_long(dat, &keyhigh, 0, len)) < 0)
-	return(KADM_LENGTH_ERROR);
-    stvlen=status;
-    if ((status = stv_long(dat, &keylow, stvlen, len)) < 0)
-	return(KADM_LENGTH_ERROR);
-    stvlen+=status;
-
-    if((status = stv_string(dat, pword, stvlen, sizeof(pword), len))<0)
-      pword[0]=0;
-
-    keylow = ntohl(keylow);
-    keyhigh = ntohl(keyhigh);
-    memcpy(((char *)newkey) + 4, &keyhigh, 4);
-    memcpy(newkey, &keylow, 4);
-
-    strings[0] = ad->pname;
-    strings[1] = ad->pinst;
-    strings[2] = ad->prealm;
-    strings[3] = NULL;
-    status = kadm_pw_check(pword, &newkey, &pw_msg, strings);
-    
-    memset(pword, 0, sizeof(pword));
-    memset(dat, 0, len);
-
-    if(status != KADM_SUCCESS){
-      *datout=malloc(0);
-      *outlen=vts_string(pw_msg, datout, 0);
-      return status;
-    }
-    *datout=0;
-    *outlen=0;
-
-    return(kadm_change(ad->pname, ad->pinst, ad->prealm, newkey));
-}
-
-
-/*
-kadm_ser_add - the server side of the add_entry routine
-  recieves    : KTEXT, {values}
-  returns     : CKSUM, RETCODE, {values}
-  acl         : su, sms (as alloc)
-
-Adds and entry containing values to the database
-returns the values of the entry, so if you leave certain fields blank you will
-   be able to determine the default values they are set to
-*/
-int
-kadm_ser_add(u_char *dat, int len, AUTH_DAT *ad, u_char **datout, int *outlen)
-{
-  Kadm_vals values, retvals;
-  long status;
-
-  if ((status = stream_to_vals(dat, &values, len)) < 0)
-      return(KADM_LENGTH_ERROR);
-  if ((status = kadm_add_entry(ad->pname, ad->pinst, ad->prealm,
-			      &values, &retvals)) == KADM_DATA) {
-      *outlen = vals_to_stream(&retvals,datout);
-      return KADM_SUCCESS;
-  } else {
-      *outlen = 0;
-      return status;
-  }
-}
-
-/*
-kadm_ser_mod - the server side of the mod_entry routine
-  recieves    : KTEXT, {values, values}
-  returns     : CKSUM, RETCODE, {values}
-  acl         : su, sms (as register or dealloc)
-
-Modifies all entries corresponding to the first values so they match the
-   second values.
-returns the values for the changed entries
-*/
-int
-kadm_ser_mod(u_char *dat, int len, AUTH_DAT *ad, u_char **datout, int *outlen)
-{
-  Kadm_vals vals1, vals2, retvals;
-  int wh;
-  long status;
-
-  if ((wh = stream_to_vals(dat, &vals1, len)) < 0)
-      return KADM_LENGTH_ERROR;
-  if ((status = stream_to_vals(dat+wh,&vals2, len-wh)) < 0)
-      return KADM_LENGTH_ERROR;
-  if ((status = kadm_mod_entry(ad->pname, ad->pinst, ad->prealm, &vals1,
-			       &vals2, &retvals)) == KADM_DATA) {
-      *outlen = vals_to_stream(&retvals,datout);
-      return KADM_SUCCESS;
-  } else {
-      *outlen = 0;
-      return status;
-  }
-}
-
-int
-kadm_ser_delete(u_char *dat, int len, AUTH_DAT *ad, 
-		u_char **datout, int *outlen)
-{
-    Kadm_vals values;
-    int wh;
-    int status;
-    
-    if((wh = stream_to_vals(dat, &values, len)) < 0)
-	return KADM_LENGTH_ERROR;
-    if(wh != len)
-	return KADM_LENGTH_ERROR;
-    status = kadm_delete_entry(ad->pname, ad->pinst, ad->prealm, 
-			       &values);
-    *outlen = 0;
-    return status;
-}
-
-/*
-kadm_ser_get
-  recieves   : KTEXT, {values, flags}
-  returns    : CKSUM, RETCODE, {count, values, values, values}
-  acl        : su
-
-gets the fields requested by flags from all entries matching values
-returns this data for each matching recipient, after a count of how many such
-  matches there were
-*/
-int
-kadm_ser_get(u_char *dat, int len, AUTH_DAT *ad, u_char **datout, int *outlen)
-{
-  Kadm_vals values, retvals;
-  u_char fl[FLDSZ];
-  int loop,wh;
-  long status;
-
-  if ((wh = stream_to_vals(dat, &values, len)) < 0)
-      return KADM_LENGTH_ERROR;
-  if (wh + FLDSZ > len)
-      return KADM_LENGTH_ERROR;
-  for (loop=FLDSZ-1; loop>=0; loop--)
-    fl[loop] = dat[wh++];
-  if ((status = kadm_get_entry(ad->pname, ad->pinst, ad->prealm,
-			      &values, fl, &retvals)) == KADM_DATA) {
-      *outlen = vals_to_stream(&retvals,datout);
-      return KADM_SUCCESS;
-  } else {
-      *outlen = 0;
-      return status;
-  }
-}
-
diff --git a/crypto/kerberosIV/kadmin/kadm_server.h b/crypto/kerberosIV/kadmin/kadm_server.h
deleted file mode 100644
index c730574249dc..000000000000
--- a/crypto/kerberosIV/kadmin/kadm_server.h
+++ /dev/null
@@ -1,66 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-/* $Id: kadm_server.h,v 1.10 1997/05/11 04:08:26 assar Exp $ */
-
-/*
- * Definitions for Kerberos administration server & client
- */
-
-#ifndef KADM_SERVER_DEFS
-#define KADM_SERVER_DEFS
-
-/*
- * kadm_server.h
- * Header file for the fourth attempt at an admin server
- * Doug Church, December 28, 1989, MIT Project Athena
- *    ps. Yes that means this code belongs to athena etc...
- *        as part of our ongoing attempt to copyright all greek names
- */
-
-typedef struct {
-  struct sockaddr_in admin_addr;
-  struct sockaddr_in recv_addr;
-  int recv_addr_len;
-  int admin_fd;			/* our link to clients */
-  char sname[ANAME_SZ];
-  char sinst[INST_SZ];
-  char krbrlm[REALM_SZ];
-  des_cblock master_key;
-  des_cblock session_key;
-  des_key_schedule master_key_schedule;
-  long master_key_version;
-} Kadm_Server;
-
-/* the default syslog file */
-#ifndef KADM_SYSLOG
-#define KADM_SYSLOG  "/var/log/admin_server.syslog"
-#endif /* KADM_SYSLOG */
-
-#ifndef DEFAULT_ACL_DIR
-#define DEFAULT_ACL_DIR	"/var/kerberos"
-#endif /* DEFAULT_ACL_DIR */
-#define	ADD_ACL_FILE	"/admin_acl.add"
-#define	GET_ACL_FILE	"/admin_acl.get"
-#define	MOD_ACL_FILE	"/admin_acl.mod"
-#define	DEL_ACL_FILE	"/admin_acl.del"
-
-#endif /* KADM_SERVER_DEFS */
diff --git a/crypto/kerberosIV/kadmin/kadmin.c b/crypto/kerberosIV/kadmin/kadmin.c
deleted file mode 100644
index f117b6b36a35..000000000000
--- a/crypto/kerberosIV/kadmin/kadmin.c
+++ /dev/null
@@ -1,845 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-/*
- * Kerberos database administrator's tool.  
- * 
- * The default behavior of kadmin is if the -m option is given 
- * on the commandline, multiple requests are allowed to be given
- * with one entry of the admin password (until the tickets expire).
- */
-
-#include "kadm_locl.h"
-
-RCSID("$Id: kadmin.c,v 1.48 1997/05/13 09:43:06 bg Exp $");
-
-static void change_password(int argc, char **argv);
-static void change_key(int argc, char **argv);
-static void change_admin_password(int argc, char **argv);
-static void add_new_key(int argc, char **argv);
-static void del_entry(int argc, char **argv);
-static void get_entry(int argc, char **argv);
-static void mod_entry(int argc, char **argv);
-static void help(int argc, char **argv);
-static void clean_up_cmd(int argc, char **argv);
-static void quit_cmd(int argc, char **argv);
-
-static SL_cmd cmds[] = {
-  {"change_password", change_password, "Change a user's password"},
-  {"cpw"},
-  {"passwd"},
-  {"change_key", change_key, "Change a user's password as a DES binary key"},
-  {"ckey"},
-  {"change_admin_password", change_admin_password,
-   "Change your admin password"},
-  {"cap"},
-  {"add_new_key", add_new_key, "Add new user to kerberos database"},
-  {"ank"},
-  {"del_entry", del_entry, "Delete entry from database"},
-  {"del"},
-  {"delete"},
-  {"get_entry", get_entry, "Get entry from kerberos database"},
-  {"mod_entry", mod_entry, "Modify entry in kerberos database"},
-  {"destroy_tickets", clean_up_cmd, "Destroy admin tickets"},
-  {"exit", quit_cmd, "Exit program"},
-  {"quit"},
-  {"help", help, "Help"},
-  {"?"},
-  {NULL}
-};
-
-#define BAD_PW 1
-#define GOOD_PW 0
-#define FUDGE_VALUE 15		/* for ticket expiration time */
-#define PE_NO 0
-#define PE_YES 1
-#define PE_UNSURE 2
-
-/* for get_password, whether it should do the swapping...necessary for
-   using vals structure, unnecessary for change_pw requests */
-#define DONTSWAP 0
-#define SWAP 1
-
-static krb_principal pr;
-static char default_realm[REALM_SZ]; /* default kerberos realm */
-static char krbrlm[REALM_SZ];	/* current realm being administered */
-static int multiple = 0;	/* Allow multiple requests per ticket */
-
-#ifdef NOENCRYPTION
-#define read_long_pw_string placebo_read_pw_string
-#else
-#define read_long_pw_string des_read_pw_string
-#endif
-
-static void
-get_maxlife(Kadm_vals *vals)
-{
-    char buff[BUFSIZ];
-    time_t life;
-    int l;
-
-    do {
-	printf("Maximum ticket lifetime?  (%d)  [%s]  ",
- 	     vals->max_life, krb_life_to_atime(vals->max_life));
-	fflush(stdout);
-	if (fgets(buff, sizeof(buff), stdin) == NULL || *buff == '\n') {
-	    clearerr(stdin);
-	    return;
-	}
-	life = krb_atime_to_life(buff);
-    } while (life <= 0);
-
-    l = strlen(buff);
-    if (buff[l-2] == 'm')
-	life = krb_time_to_life(0L, life*60);
-    if (buff[l-2] == 'h')
-	life = krb_time_to_life(0L, life*60*60);
-
-    vals->max_life = life;
-    SET_FIELD(KADM_MAXLIFE,vals->fields);
-}
-
-static void
-get_attr(Kadm_vals *vals)
-{
-    char buff[BUFSIZ], *out;
-    int attr;
-
-    do {
-	printf("Attributes?  [0x%.2x]  ", vals->attributes);
-	fflush(stdout);
-	if (fgets(buff, sizeof(buff), stdin) == NULL || *buff == '\n') {
-	    clearerr(stdin);
-	    return;
-	}
-        attr = strtol(buff, &out, 0);
-	if (attr == 0 && out == buff)
-	  attr = -1;
-    } while (attr < 0 || attr > 0xffff);
-
-    vals->attributes = attr;
-    SET_FIELD(KADM_ATTR,vals->fields);
-}
-
-static void
-get_expdate(Kadm_vals *vals)
-{
-    char buff[BUFSIZ];
-    struct tm edate;
-
-    memset(&edate, 0, sizeof(edate));
-    do {
-        printf("Expiration date (enter yyyy-mm-dd) ?  [%.24s]  ",
-             asctime(k_localtime(&vals->exp_date)));
-        fflush(stdout);
-        if (fgets(buff, sizeof(buff), stdin) == NULL || *buff == '\n') {
-            clearerr(stdin);
-            return;
-        }
-        if (sscanf(buff, "%d-%d-%d",
-                   &edate.tm_year, &edate.tm_mon, &edate.tm_mday) == 3) {
-            edate.tm_mon--;     /* January is 0, not 1 */
-            edate.tm_hour = 23; /* nearly midnight at the end of the */
-            edate.tm_min = 59;  /* specified day */
-        }
-    } while (krb_check_tm (edate));
-
-    edate.tm_year -= 1900;
-    vals->exp_date = tm2time (edate, 1);
-    SET_FIELD(KADM_EXPDATE,vals->fields);
-}
-
-static int
-princ_exists(char *name, char *instance, char *realm)
-{
-    int status;
-
-    status = krb_get_pw_in_tkt(name, instance, realm,
-			       KRB_TICKET_GRANTING_TICKET,
-			       realm, 1, "");
-
-    if ((status == KSUCCESS) || (status == INTK_BADPW))
-	return(PE_YES);
-    else if (status == KDC_PR_UNKNOWN)
-	return(PE_NO);
-    else
-	return(PE_UNSURE);
-}
-
-static int
-get_password(u_int32_t *low, u_int32_t *high, char *prompt, int byteswap)
-{
-    char new_passwd[MAX_KPW_LEN];	/* new password */
-    des_cblock newkey;
-
-    if (read_long_pw_string(new_passwd, sizeof(new_passwd)-1, prompt, 1))
-    	return(BAD_PW);
-    if (strlen(new_passwd) == 0) {
-    	printf("Using random password.\n");
-#ifdef NOENCRYPTION
-	memset(newkey, 0, sizeof(newkey));
-#else
-	des_new_random_key(&newkey);
-#endif
-    } else {
-#ifdef NOENCRYPTION
-      memset(newkey, 0, sizeof(newkey));
-#else
-      des_string_to_key(new_passwd, &newkey);
-#endif
-      memset(new_passwd, 0, sizeof(new_passwd));
-    }
-
-    memcpy(low, newkey, 4);
-    memcpy(high, ((char *)newkey) + 4, 4);
-
-    memset(newkey, 0, sizeof(newkey));
-
-#ifdef NOENCRYPTION
-    *low = 1;
-#endif
-
-    if (byteswap != DONTSWAP) {
-	*low = htonl(*low);
-	*high = htonl(*high);
-    }
-    return(GOOD_PW);
-}
-
-static int
-get_admin_password(void)
-{
-    int status;
-    char admin_passwd[MAX_KPW_LEN];	/* Admin's password */
-    int ticket_life = 1;	/* minimum ticket lifetime */
-    CREDENTIALS c;
-
-    if (multiple) {
-	/* If admin tickets exist and are valid, just exit. */
-	memset(&c, 0, sizeof(c));
-	if (krb_get_cred(PWSERV_NAME, KADM_SINST, krbrlm, &c) == KSUCCESS)
-	    /* 
-	     * If time is less than lifetime - FUDGE_VALUE after issue date,
-	     * tickets will probably last long enough for the next 
-	     * transaction.
-	     */
-	    if (time(0) < (c.issue_date + (5 * 60 * c.lifetime) - FUDGE_VALUE))
-		return(KADM_SUCCESS);
-	ticket_life = DEFAULT_TKT_LIFE;
-    }
-    
-    if (princ_exists(pr.name, pr.instance, pr.realm) != PE_NO) {
-        char prompt[256];
-	snprintf(prompt, sizeof(prompt), "%s's Password: ", krb_unparse_name(&pr));
-	if (read_long_pw_string(admin_passwd,
-				sizeof(admin_passwd)-1,
-				prompt, 0)) {
-	    warnx ("Error reading admin password.");
-	    goto bad;
-	}
-	status = krb_get_pw_in_tkt(pr.name, pr.instance, pr.realm,
-				   PWSERV_NAME, KADM_SINST,
-				   ticket_life, admin_passwd);
-	memset(admin_passwd, 0, sizeof(admin_passwd));
-
-	/* Initialize non shared random sequence from session key. */
-	memset(&c, 0, sizeof(c));
-	krb_get_cred(PWSERV_NAME, KADM_SINST, krbrlm, &c);
-	des_init_random_number_generator(&c.session);
-    }
-    else
-	status = KDC_PR_UNKNOWN;
-
-    switch(status) {
-    case GT_PW_OK:
-	return(GOOD_PW);
-    case KDC_PR_UNKNOWN:
-	printf("Principal %s does not exist.\n", krb_unparse_name(&pr));
-	goto bad;
-    case GT_PW_BADPW:
-	printf("Incorrect admin password.\n");
-	goto bad;
-    default:
-	com_err("kadmin", status+krb_err_base,
-		"while getting password tickets");
-	goto bad;
-    }
-    
- bad:
-    memset(admin_passwd, 0, sizeof(admin_passwd));
-    dest_tkt();
-    return(BAD_PW);
-}
-
-static void
-usage(void)
-{
-    fprintf (stderr, "Usage: kadmin [[-u|-p] admin_name] [-r default_realm]"
-	     " [-m]\n"
-	     "   -m allows multiple admin requests to be "
-	     "serviced with one entry of admin\n"	     
-	     "   password.\n");
-    exit (1);
-}
-
-/* GLOBAL */
-static void
-clean_up()
-{
-    dest_tkt();
-}
-
-static void
-clean_up_cmd (int argc, char **argv)
-{
-    clean_up();
-}
-
-/* GLOBAL */
-static void 
-quit()
-{
-    printf("Cleaning up and exiting.\n");
-    clean_up();
-    exit(0);
-}
-
-static void
-quit_cmd (int argc, char **argv)
-{
-    quit();
-}
-
-static void
-do_init(int argc, char **argv)
-{
-    int c;
-    int tflag = 0;
-    char tktstring[MaxPathLen];
-    int k_errno;
-    
-    set_progname (argv[0]);
-
-    memset(&pr, 0, sizeof(pr));
-    if (krb_get_default_principal(pr.name, pr.instance, default_realm) < 0)
-	errx (1, "I could not even guess who you might be");
-    while ((c = getopt(argc, argv, "p:u:r:mt")) != EOF) 
-	switch (c) {
-	case 'p':
-	case 'u':
-	    if((k_errno = krb_parse_name(optarg, &pr)) != KSUCCESS)
-		errx (1, "%s", krb_get_err_text(k_errno));
-	    break;
-	case 'r':
-	    memset(default_realm, 0, sizeof(default_realm));
-	    strncpy(default_realm, optarg, sizeof(default_realm) - 1);
-	    break;
-	case 'm':
-	    multiple++;
-	    break;
-	case 't':
-	    tflag++;
-	    break;
-	default:
-	    usage();
-	    break;
-	}
-    if (optind < argc)
-	usage();
-    strcpy(krbrlm, default_realm);
-
-    if (kadm_init_link(PWSERV_NAME, KRB_MASTER, krbrlm) != KADM_SUCCESS)
-	*krbrlm = '\0';
-    if (pr.realm[0] == '\0')
-	strcpy (pr.realm, krbrlm);
-    if (pr.instance[0] == '\0')
-	strcpy(pr.instance, "admin");
-    
-    if (!tflag) {
-	snprintf(tktstring, sizeof(tktstring), TKT_ROOT "_adm_%d",(int)getpid());
-	krb_set_tkt_string(tktstring);
-    }
-    
-}
-
-int
-main(int argc, char **argv)
-{
-    do_init(argc, argv);
-
-    printf("Welcome to the Kerberos Administration Program, version 2\n");
-    printf("Type \"help\" if you need it.\n");
-    sl_loop (cmds, "kadmin: ");
-    printf("\n");
-    quit();
-    exit(0);
-}
-
-static int
-setvals(Kadm_vals *vals, char *string)
-{
-    char realm[REALM_SZ];
-    int status = KADM_SUCCESS;
-
-    memset(vals, 0, sizeof(*vals));
-    memset(realm, 0, sizeof(realm));
-
-    SET_FIELD(KADM_NAME,vals->fields);
-    SET_FIELD(KADM_INST,vals->fields);
-    if ((status = kname_parse(vals->name, vals->instance, realm, string))) {
-	printf("kerberos error: %s\n", krb_get_err_text(status));
-	return status;
-    }
-    if (!realm[0])
-	strcpy(realm, default_realm);
-    if (strcmp(realm, krbrlm)) {
-	strcpy(krbrlm, realm);
-	if ((status = kadm_init_link(PWSERV_NAME, KRB_MASTER, krbrlm)) 
-	    != KADM_SUCCESS)
-	    printf("kadm error for realm %s: %s\n", 
-		   krbrlm, error_message(status));
-    }
-    if (status) 
-	return 1;
-    else
-	return KADM_SUCCESS;
-}    
-
-static void 
-change_password(int argc, char **argv)
-{
-    Kadm_vals old, new;
-    int status;
-    char pw_prompt[BUFSIZ];
-
-    if (argc != 2) {
-	printf("Usage: change_password loginname\n");
-	return;
-    }
-
-    if (setvals(&old, argv[1]) != KADM_SUCCESS)
-	return;
-
-    new = old;
-
-    SET_FIELD(KADM_DESKEY,new.fields);
-
-    if (princ_exists(old.name, old.instance, krbrlm) != PE_NO) {
-	/* get the admin's password */
-        if (get_admin_password() != GOOD_PW)
-	    return;
-
-	/* get the new password */
-	snprintf(pw_prompt, sizeof(pw_prompt), "New password for %s:", argv[1]);
-	
-	if (get_password(&new.key_low, &new.key_high,
-			 pw_prompt, SWAP) == GOOD_PW) {
-	    status = kadm_mod(&old, &new);
-	    if (status == KADM_SUCCESS) {
-		printf("Password changed for %s.\n", argv[1]);
-	    } else {
-		printf("kadmin: %s\nwhile changing password for %s",
-		       error_message(status), argv[1]);
-	    }
-	} else
-	    printf("Error reading password; password unchanged\n");
-	memset(&new, 0, sizeof(new));
-	if (!multiple)
-	    clean_up();
-    }
-    else 
-	printf("kadmin: Principal %s does not exist.\n",
-	       krb_unparse_name_long (old.name, old.instance, krbrlm));
-    return;
-}
-
-static int
-getkey(unsigned char *k)
-{
-    int i, c;
-    for (i = 0; i < 8; i++)
-	{
-	    c = getchar();
-	    if (c == EOF)
-		return 0;
-	    else if (c == '\\')
-		{
-		    int oct = -1;
-		    scanf("%03o", &oct);
-		    if (oct < 0 || oct > 255)
-			return 0;
-		    k[i] = oct;
-		}
-	    else if (!isalpha(c))
-		return 0;
-	    else
-		k[i] = c;
-	}
-    c = getchar();
-    if (c != '\n')
-	return 0;
-    return 1;			/* Success */
-}
-
-static void
-printkey(unsigned char *tkey)
-{
-    int j;
-    for(j = 0; j < 8; j++)
-	if(tkey[j] != '\\' && isalpha(tkey[j]) != 0)
-	    printf("%c", tkey[j]);
-	else
-	    printf("\\%03o",(unsigned char)tkey[j]);
-    printf("\n");
-}
-
-static void 
-change_key(int argc, char **argv)
-{
-    Kadm_vals old, new;
-    unsigned char newkey[8];
-    int status;
-
-    if (argc != 2) {
-	printf("Usage: change_key principal-name\n");
-	return;
-    }
-
-    if (setvals(&old, argv[1]) != KADM_SUCCESS)
-	return;
-
-    new = old;
-
-    SET_FIELD(KADM_DESKEY,new.fields);
-
-    if (princ_exists(old.name, old.instance, krbrlm) != PE_NO) {
-	/* get the admin's password */
-        if (get_admin_password() != GOOD_PW)
-	    return;
-
-	/* get the new password */
-	printf("New DES key for %s: ", argv[1]);
-	
-	if (getkey(newkey)) {
-	    memcpy(&new.key_low, newkey, 4);
-	    memcpy(&new.key_high, ((char *)newkey) + 4, 4);
-	    printf("Entered key for %s: ", argv[1]);
-	    printkey(newkey);
-	    memset(newkey, 0, sizeof(newkey));
-
-	    status = kadm_mod(&old, &new);
-	    if (status == KADM_SUCCESS) {
-		printf("Key changed for %s.\n", argv[1]);
-	    } else {
-		printf("kadmin: %s\nwhile changing key for %s",
-		       error_message(status), argv[1]);
-	    }
-	} else
-	    printf("Error reading key; key unchanged\n");
-	memset(&new, 0, sizeof(new));
-	if (!multiple)
-	    clean_up();
-    }
-    else 
-	printf("kadmin: Principal %s does not exist.\n",
-	       krb_unparse_name_long (old.name, old.instance, krbrlm));
-    return;
-}
-
-static void 
-change_admin_password(int argc, char **argv)
-{
-    des_cblock newkey;
-    int status;
-    char pword[MAX_KPW_LEN];
-    char *pw_msg;
-
-    if (argc != 1) {
-	printf("Usage: change_admin_password\n");
-	return;
-    }
-    if (get_pw_new_pwd(pword, sizeof(pword), &pr, 1) == 0) {
-	 des_string_to_key(pword, &newkey);
-	 status = kadm_change_pw_plain(newkey, pword, &pw_msg);
-	 if(status == KADM_INSECURE_PW)
-	      printf("Insecure password: %s\n", pw_msg);
-	 else if (status == KADM_SUCCESS)
-	      printf("Admin password changed\n");
-	 else
-	      printf("kadm error: %s\n",error_message(status));
-	 memset(newkey, 0, sizeof(newkey));
-	 memset(pword, 0, sizeof(pword));
-    }
-    if (!multiple)
-	clean_up();
-    return;
-}
-
-static void 
-add_new_key(int argc, char **argv)
-{
-    Kadm_vals new;
-    char pw_prompt[BUFSIZ];
-    int status;
-
-    if (argc != 2) {
-	printf("Usage: add_new_key user_name.\n");
-	return;
-    }
-    if (setvals(&new, argv[1]) != KADM_SUCCESS)
-	return;
-
-    SET_FIELD(KADM_EXPDATE,new.fields);
-    SET_FIELD(KADM_ATTR,new.fields);
-    SET_FIELD(KADM_MAXLIFE,new.fields);
-    SET_FIELD(KADM_DESKEY,new.fields);
-
-    if (princ_exists(new.name, new.instance, krbrlm) != PE_YES) {
-	Kadm_vals vals;
-	u_char fields[4];
-	char n[ANAME_SZ + INST_SZ + 1];
-
-	/* get the admin's password */
-	if (get_admin_password() != GOOD_PW)
-	    return;
-	
-	memset(fields, 0, sizeof(fields));
-	SET_FIELD(KADM_NAME,fields);
-	SET_FIELD(KADM_INST,fields);
-	SET_FIELD(KADM_EXPDATE,fields);
-	SET_FIELD(KADM_ATTR,fields);
-	SET_FIELD(KADM_MAXLIFE,fields);
-	snprintf (n, sizeof(n), "default.%s", new.instance);
-	if (setvals(&vals, n) != KADM_SUCCESS)
-	    return;
-
-	if (kadm_get(&vals, fields) != KADM_SUCCESS) {
-	    if (setvals(&vals, "default") != KADM_SUCCESS)
-		return;
-	    if ((status = kadm_get(&vals, fields)) != KADM_SUCCESS) {
-		printf ("kadm error: %s\n", error_message(status));
-		return;
-	    }
-	}
-
-	if (vals.max_life == 255) /* Defaults not set! */ {
-	      /* This is the default maximum lifetime for new principals. */
-	      if (strcmp(new.instance, "admin") == 0)
-		vals.max_life = 1 + (CLOCK_SKEW/(5*60)); /* 5+5 minutes */
-	      else if (strcmp(new.instance, "root") == 0)
-		vals.max_life = 96;    /* 8 hours */
-	      else if (krb_life_to_time(0, 162) >= 24*60*60)
-		vals.max_life = 162;     /* ca 100 hours */
-	      else
-		vals.max_life = 255;     /* ca 21 hours (maximum) */
-
-	      /* Also fix expiration date. */
-	      if (strcmp(new.name, "rcmd") == 0)
-		vals.exp_date = 1104814999; /* Tue Jan 4 06:03:19 2005 */
-	      else
-		vals.exp_date = time(0) + 2*(365*24*60*60); /* + ca 2 years */
-	}
-
-	new.max_life = vals.max_life;
-	new.exp_date = vals.exp_date;
-	new.attributes = vals.attributes;
-	get_maxlife(&new);
-	get_attr(&new);
-	get_expdate(&new);
-
-	/* get the new password */
-	snprintf(pw_prompt, sizeof(pw_prompt), "Password for %s:", argv[1]);
-	
-	if (get_password(&new.key_low, &new.key_high,
-			 pw_prompt, SWAP) == GOOD_PW) {
-	    status = kadm_add(&new);
-	    if (status == KADM_SUCCESS) {
-		printf("%s added to database.\n", argv[1]);
-	    } else {
-		printf("kadm error: %s\n",error_message(status));
-	    }
-	} else
-	    printf("Error reading password; %s not added\n",argv[1]);
-	memset(&new, 0, sizeof(new));
-	if (!multiple)
-	    clean_up();
-    }
-    else
-	printf("kadmin: Principal already exists.\n");
-    return;
-}
-
-static void 
-del_entry(int argc, char **argv)
-{
-    int status;
-    Kadm_vals vals;
-
-    if (argc != 2) {
-	printf("Usage: del_entry username\n");
-	return;
-    }
-
-    if (setvals(&vals, argv[1]) != KADM_SUCCESS)
-	return;
-
-    if (princ_exists(vals.name, vals.instance, krbrlm) != PE_NO) {
-	/* get the admin's password */
-	if (get_admin_password() != GOOD_PW)
-	    return;
-	
-	if ((status = kadm_del(&vals)) == KADM_SUCCESS){
-	    printf("%s removed from database.\n", argv[1]);
-	} else {
-	    printf("kadm error: %s\n",error_message(status));
-	}
-	
-	if (!multiple)
-	    clean_up();
-    }
-    else
-	printf("kadmin: Principal %s does not exist.\n",
-	       krb_unparse_name_long (vals.name, vals.instance, krbrlm));
-    return;
-}
-
-static void 
-get_entry(int argc, char **argv)
-{
-    int status;
-    u_char fields[4];
-    Kadm_vals vals;
-
-    if (argc != 2) {
-	printf("Usage: get_entry username\n");
-	return;
-    }
-
-    memset(fields, 0, sizeof(fields));
-
-    SET_FIELD(KADM_NAME,fields);
-    SET_FIELD(KADM_INST,fields);
-    SET_FIELD(KADM_EXPDATE,fields);
-    SET_FIELD(KADM_ATTR,fields);
-    SET_FIELD(KADM_MAXLIFE,fields);
-#if 0
-    SET_FIELD(KADM_DESKEY,fields); 
-#endif
-
-    if (setvals(&vals, argv[1]) != KADM_SUCCESS)
-	return;
-
-
-    if (princ_exists(vals.name, vals.instance, krbrlm) != PE_NO) {
-	/* get the admin's password */
-	if (get_admin_password() != GOOD_PW)
-	    return;
-	
-	if ((status = kadm_get(&vals, fields)) == KADM_SUCCESS)
-	    prin_vals(&vals);
-	else
-	    printf("kadm error: %s\n",error_message(status));
-	
-	if (!multiple)
-	    clean_up();
-    }
-    else
-	printf("kadmin: Principal %s does not exist.\n",
-	       krb_unparse_name_long (vals.name, vals.instance, krbrlm));
-    return;
-}
-
-static void 
-mod_entry(int argc, char **argv)
-{
-    int status;
-    u_char fields[4];
-    Kadm_vals ovals, nvals;
-
-    if (argc != 2) {
-	printf("Usage: mod_entry username\n");
-	return;
-    }
-
-    memset(fields, 0, sizeof(fields));
-
-    SET_FIELD(KADM_NAME,fields);
-    SET_FIELD(KADM_INST,fields);
-    SET_FIELD(KADM_EXPDATE,fields);
-    SET_FIELD(KADM_ATTR,fields);
-    SET_FIELD(KADM_MAXLIFE,fields);
-
-    if (setvals(&ovals, argv[1]) != KADM_SUCCESS)
-	return;
-
-    nvals = ovals;
-
-    if (princ_exists(ovals.name, ovals.instance, krbrlm) == PE_NO) {
-	printf("kadmin: Principal %s does not exist.\n",
-	       krb_unparse_name_long (ovals.name, ovals.instance, krbrlm));
-	return;
-    }
-
-    /* get the admin's password */
-    if (get_admin_password() != GOOD_PW)
-	return;
-	
-    if ((status = kadm_get(&ovals, fields)) != KADM_SUCCESS) {
-	printf("[ unable to retrieve current settings: %s ]\n",
-	    error_message(status));
-	nvals.max_life = DEFAULT_TKT_LIFE;
-	nvals.exp_date = 0;
-	nvals.attributes = 0;
-    } else {
-	nvals.max_life = ovals.max_life;
-	nvals.exp_date = ovals.exp_date;
-	nvals.attributes = ovals.attributes;
-    }
-
-    get_maxlife(&nvals);
-    get_attr(&nvals);
-    get_expdate(&nvals);
-    
-    if (IS_FIELD(KADM_MAXLIFE, nvals.fields) ||
-	IS_FIELD(KADM_ATTR, nvals.fields) ||
-	IS_FIELD(KADM_EXPDATE, nvals.fields)) {
-	if ((status = kadm_mod(&ovals, &nvals)) != KADM_SUCCESS) {
-	    printf("kadm error: %s\n",error_message(status));
-	    goto out;
-	}
-	if ((status = kadm_get(&ovals, fields)) != KADM_SUCCESS) {
-	    printf("kadm error: %s\n",error_message(status));
-	    goto out;
-	}
-    }
-    prin_vals(&ovals);
-
-out:
-    if (!multiple)
-	clean_up();
-    return;
-}
-
-static void
-help(int argc, char **argv)
-{
-    sl_help (cmds, argc, argv);
-}
diff --git a/crypto/kerberosIV/kadmin/kpasswd.c b/crypto/kerberosIV/kadmin/kpasswd.c
deleted file mode 100644
index f4c0cdabc8dc..000000000000
--- a/crypto/kerberosIV/kadmin/kpasswd.c
+++ /dev/null
@@ -1,163 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-/*
- * change your password with kerberos
- */
-
-#include "kadm_locl.h"
-
-RCSID("$Id: kpasswd.c,v 1.25 1997/05/02 14:28:51 assar Exp $");
-
-static void
-usage(int value)
-{
-    fprintf(stderr, "Usage: ");
-    fprintf(stderr, "kpasswd [-h ] [-n user] [-i instance] [-r realm] ");
-    fprintf(stderr, "[-u fullname]\n");
-    exit(value);
-}
-
-int
-main(int argc, char **argv)
-{
-    krb_principal principal;
-    krb_principal default_principal;
-    int realm_given = 0;	/* True if realm was give on cmdline */
-    int use_default = 1;	/* True if we should use default name */
-    int status;			/* return code */
-    char pword[MAX_KPW_LEN];
-    int c;
-    char tktstring[MaxPathLen];
-    
-    set_progname (argv[0]);
-
-    memset (&principal, 0, sizeof(principal));
-    memset (&default_principal, 0, sizeof(default_principal));
-    
-    krb_get_default_principal (default_principal.name,
-			       default_principal.instance,
-			       default_principal.realm);
-
-    while ((c = getopt(argc, argv, "u:n:i:r:h")) != EOF) {
-	switch (c) {
-	case 'u':
-	    status = krb_parse_name (optarg, &principal);
-	    if (status != KSUCCESS)
-		errx (2, "%s", krb_get_err_text(status));
-	    if (principal.realm[0])
-		realm_given++;
-	    else if (krb_get_lrealm(principal.realm, 1) != KSUCCESS)
-		errx (1, "Could not find default realm!");
-	    break;
-	case 'n':
-	    if (k_isname(optarg))
-		strncpy(principal.name, optarg, sizeof(principal.name) - 1);
-	    else {
-		warnx("Bad name: %s", optarg);
-		usage(1);
-	    }
-	    break;
-	case 'i':
-	    if (k_isinst(optarg))
-		strncpy(principal.instance,
-			optarg,
-			sizeof(principal.instance) - 1);
-	    else {
-		warnx("Bad instance: %s", optarg);
-		usage(1);
-	    }
-	    break;
-	case 'r':
-	    if (k_isrealm(optarg)) {
-		strncpy(principal.realm, optarg, sizeof(principal.realm) - 1);
-		realm_given++; 
-	    } else {
-		warnx("Bad realm: %s", optarg);
-		usage(1);
-	    }
-	    break;
-	case 'h':
-	    usage(0);
-	    break;
-	default:
-	    usage(1);
-	    break;
-	}
-	use_default = 0;
-    }
-    if (optind < argc) {
-	use_default = 0;
-	status = krb_parse_name (argv[optind], &principal);
-	if(status != KSUCCESS)
-	    errx (1, "%s", krb_get_err_text (status));
-    }
-
-    if (use_default) {
-	strcpy(principal.name, default_principal.name);
-	strcpy(principal.instance, default_principal.instance);
-	strcpy(principal.realm, default_principal.realm);
-    } else {
-	if (!principal.name[0])
-	    strcpy(principal.name, default_principal.name);
-	if (!principal.realm[0])
-	    strcpy(principal.realm, default_principal.realm);
-    }
-
-    snprintf(tktstring, sizeof(tktstring),
-	     TKT_ROOT "_cpw_%u", (unsigned)getpid());
-    krb_set_tkt_string(tktstring);
-    
-    if (get_pw_new_pwd(pword, sizeof(pword), &principal,
-		       realm_given)) {
-	dest_tkt ();
-	exit(1);
-    }
-    
-    status = kadm_init_link (PWSERV_NAME, KRB_MASTER, principal.realm);
-    if (status != KADM_SUCCESS) 
-	com_err(argv[0], status, "while initializing");
-    else {
-	des_cblock newkey;
-	char *pw_msg; /* message from server */
-
-	des_string_to_key(pword, &newkey);
-	status = kadm_change_pw_plain((unsigned char*)&newkey, pword, &pw_msg);
-	memset(newkey, 0, sizeof(newkey));
-      
-	if (status == KADM_INSECURE_PW)
-	    warnx ("Insecure password: %s", pw_msg);
-	else if (status != KADM_SUCCESS)
-	    com_err(argv[0], status, " attempting to change password.");
-    }
-    memset(pword, 0, sizeof(pword));
-
-    if (status != KADM_SUCCESS)
-	fprintf(stderr,"Password NOT changed.\n");
-    else
-	printf("Password changed.\n");
-
-    dest_tkt();
-    if (status)
-	return 2;
-    else 
-	return 0;
-}
diff --git a/crypto/kerberosIV/kadmin/kpasswd_standalone.c b/crypto/kerberosIV/kadmin/kpasswd_standalone.c
deleted file mode 100644
index 443daa8991ea..000000000000
--- a/crypto/kerberosIV/kadmin/kpasswd_standalone.c
+++ /dev/null
@@ -1,228 +0,0 @@
-/*
- * Copyright 1988 by the Massachusetts Institute of Technology.
- *
- * For copying and distribution information, please see the file
- * Copyright.MIT.
- *
- * change your password with kerberos
- */
-
-#ifndef	lint
-#if 0
-static char rcsid_kpasswd_c[] =
-    "BonesHeader: /afs/athena.mit.edu/astaff/project/kerberos/src/kadmin/RCS/kpasswd.c,v 4.3 89/09/26 09:33:02 jtkohl Exp ";
-#endif
-static const char rcsid[] =
-	"$Id$";
-#endif	lint
-
-/*
- * kpasswd
- * change your password with kerberos
- */
-
-#include <stdio.h>
-#include <sys/types.h>
-#include <sys/param.h>
-#include <netinet/in.h>
-#include <com_err.h>
-#include <err.h>
-#include <krb.h>
-#include <string.h>
-#include <pwd.h>
-#include <unistd.h>
-#include "kadm.h"
-
-#include "extern.h"
-
-extern void krb_set_tkt_string();
-static void go_home(char *, int);
-
-
-int krb_passwd(char *uname, char *iflag, char *rflag, char *uflag)
-{
-    char name[ANAME_SZ];	/* name of user */
-    char inst[INST_SZ];		/* instance of user */
-    char realm[REALM_SZ];	/* realm of user */
-    char default_name[ANAME_SZ];
-    char default_inst[INST_SZ];
-    char default_realm[REALM_SZ];
-    int realm_given = 0;	/* True if realm was give on cmdline */
-    int use_default = 1;	/* True if we should use default name */
-    struct passwd *pw;
-    int status;			/* return code */
-    des_cblock new_key;
-    extern char *optarg;
-    extern int optind;
-    char tktstring[MAXPATHLEN];
-
-    void get_pw_new_key();
-
-#ifdef NOENCRYPTION
-#define read_long_pw_string placebo_read_pw_string
-#else
-#define read_long_pw_string des_read_pw_string
-#endif
-    int read_long_pw_string();
-
-    bzero(name, sizeof(name));
-    bzero(inst, sizeof(inst));
-    bzero(realm, sizeof(realm));
-
-    if (krb_get_tf_fullname(TKT_FILE, default_name, default_inst,
-			    default_realm) != KSUCCESS) {
-	pw = getpwuid((int) getuid());
-	if (pw) {
-		strcpy(default_name, pw->pw_name);
-	} else {
-	    /* seems like a null name is kinda silly */
-		strcpy(default_name, "");
-	}
-	strcpy(default_inst, "");
-	if (krb_get_lrealm(default_realm, 1) != KSUCCESS)
-	    strcpy(default_realm, KRB_REALM);
-    }
-
-    if(uflag) {
-	    if ((status = kname_parse(name, inst, realm, uflag))) {
-		    errx(2, "Kerberos error: %s", krb_err_txt[status]);
-	    }
-	    if (realm[0])
-		realm_given++;
-	    else
-		if (krb_get_lrealm(realm, 1) != KSUCCESS)
-		    strcpy(realm, KRB_REALM);
-    }
-
-    if(uname) {
-	    if (k_isname(uname)) {
-		    strncpy(name, uname, sizeof(name) - 1);
-	    } else {
-		    errx(1, "bad name: %s", uname);
-	    }
-    }
-
-    if(iflag) {
-	    if (k_isinst(iflag)) {
-		    strncpy(inst, iflag, sizeof(inst) - 1);
-	    } else {
-		    errx(1, "bad instance: %s", iflag);
-	    }
-    }
-
-    if(rflag) {
-	    if (k_isrealm(rflag)) {
-		    strncpy(realm, rflag, sizeof(realm) - 1);
-		    realm_given++;
-	    } else {
-		    errx(1, "bad realm: %s", rflag);
-	    }
-    }
-
-    if(uname || iflag || rflag || uflag) use_default = 0;
-
-    if (use_default) {
-	strcpy(name, default_name);
-	strcpy(inst, default_inst);
-	strcpy(realm, default_realm);
-    } else {
-	if (!name[0])
-	    strcpy(name, default_name);
-	if (!realm[0])
-	    strcpy(realm, default_realm);
-    }
-
-    (void) sprintf(tktstring, "/tmp/tkt_cpw_%d",getpid());
-    krb_set_tkt_string(tktstring);
-
-    get_pw_new_key(new_key, name, inst, realm, realm_given);
-
-    if ((status = kadm_init_link("changepw", KRB_MASTER, realm))
-	!= KADM_SUCCESS)
-	com_err("kpasswd", status, "while initializing");
-    else if ((status = kadm_change_pw(new_key)) != KADM_SUCCESS)
-	com_err("kpasswd", status, " attempting to change password.");
-
-    if (status != KADM_SUCCESS)
-	fprintf(stderr,"Password NOT changed.\n");
-    else
-	printf("Password changed.\n");
-
-    (void) dest_tkt();
-    if (status)
-	exit(2);
-    else
-	exit(0);
-}
-
-void get_pw_new_key(new_key, name, inst, realm, print_realm)
-  des_cblock new_key;
-  char *name;
-  char *inst;
-  char *realm;
-  int print_realm;		/* True if realm was give on cmdline */
-{
-    char ppromp[40+ANAME_SZ+INST_SZ+REALM_SZ]; /* for the password prompt */
-    char pword[MAX_KPW_LEN];	               /* storage for the password */
-    char npromp[40+ANAME_SZ+INST_SZ+REALM_SZ]; /* for the password prompt */
-
-    char local_realm[REALM_SZ];
-    int status;
-
-    /*
-     * We don't care about failure; this is to determine whether or
-     * not to print the realm in the prompt for a new password.
-     */
-    (void) krb_get_lrealm(local_realm, 1);
-
-    if (strcmp(local_realm, realm))
-	print_realm++;
-
-    (void) sprintf(ppromp,"Old password for %s%s%s%s%s:",
-		   name, *inst ? "." : "", inst,
-		   print_realm ? "@" : "", print_realm ? realm : "");
-    if (read_long_pw_string(pword, sizeof(pword)-1, ppromp, 0)) {
-	fprintf(stderr, "Error reading old password.\n");
-	exit(1);
-    }
-
-    if ((status = krb_get_pw_in_tkt(name, inst, realm, PWSERV_NAME,
-				    KADM_SINST, 1, pword)) != KSUCCESS) {
-	if (status == INTK_BADPW) {
-	    printf("Incorrect old password.\n");
-	    exit(0);
-	}
-	else {
-	    fprintf(stderr, "Kerberos error: %s\n", krb_err_txt[status]);
-	    exit(1);
-	}
-    }
-    bzero(pword, sizeof(pword));
-    do {
-	(void) sprintf(npromp,"New Password for %s%s%s%s%s:",
-		       name, *inst ? "." : "", inst,
-		       print_realm ? "@" : "", print_realm ? realm : "");
-	if (read_long_pw_string(pword, sizeof(pword)-1, npromp, 1))
-	    go_home("Error reading new password, password unchanged.\n",0);
-	if (strlen(pword) == 0)
-	    printf("Null passwords are not allowed; try again.\n");
-    } while (strlen(pword) == 0);
-
-#ifdef NOENCRYPTION
-    bzero((char *) new_key, sizeof(des_cblock));
-    new_key[0] = (unsigned char) 1;
-#else
-    (void) des_string_to_key(pword, (des_cblock *)new_key);
-#endif
-    bzero(pword, sizeof(pword));
-}
-
-static void
-go_home(str,x)
-  char *str;
-  int x;
-{
-    fprintf(stderr, str, x);
-    (void) dest_tkt();
-    exit(1);
-}
diff --git a/crypto/kerberosIV/kadmin/ksrvutil.c b/crypto/kerberosIV/kadmin/ksrvutil.c
deleted file mode 100644
index 108481c0dfef..000000000000
--- a/crypto/kerberosIV/kadmin/ksrvutil.c
+++ /dev/null
@@ -1,601 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-/*
- * list and update contents of srvtab files
- */
-
-/*
- * ksrvutil
- * list and update the contents of srvtab files
- */
-
-#include "kadm_locl.h"
-
-RCSID("$Id: ksrvutil.c,v 1.39 1997/05/02 14:28:52 assar Exp $");
-
-#include "ksrvutil.h"
-
-#ifdef NOENCRYPTION
-#define read_long_pw_string placebo_read_pw_string
-#else /* NOENCRYPTION */
-#define read_long_pw_string des_read_pw_string
-#endif /* NOENCRYPTION */
-
-#define SRVTAB_MODE 0600	/* rw------- */
-#define PAD "  "
-#define VNO_HEADER "Version"
-#define VNO_FORMAT "%4d   "
-#define KEY_HEADER "       Key       " /* 17 characters long */
-#define PRINC_HEADER "  Principal\n"
-#define PRINC_FORMAT "%s"
-
-char u_name[ANAME_SZ];
-char u_inst[INST_SZ];
-char u_realm[REALM_SZ];
-
-int destroyp = FALSE;		/* Should the ticket file be destroyed? */
-
-static unsigned short
-get_mode(char *filename)
-{
-    struct stat statbuf;
-    unsigned short mode;
-
-    memset(&statbuf, 0, sizeof(statbuf));
-    
-    if (stat(filename, &statbuf) < 0) 
-	mode = SRVTAB_MODE;
-    else
-	mode = statbuf.st_mode;
-
-    return(mode);
-}
-
-static void
-copy_keyfile(char *keyfile, char *backup_keyfile)
-{
-    int keyfile_fd;
-    int backup_keyfile_fd;
-    int keyfile_mode;
-    char buf[BUFSIZ];		/* for copying keyfiles */
-    int rcount;			/* for copying keyfiles */
-    int try_again;
-    
-    memset(buf, 0, sizeof(buf));
-    
-    do {
-	try_again = FALSE;
-	if ((keyfile_fd = open(keyfile, O_RDONLY, 0)) < 0) {
-	    if (errno != ENOENT)
-	      err (1, "read %s", keyfile);
-	    else {
-		try_again = TRUE;
-		if ((keyfile_fd = 
-		     open(keyfile, 
-			  O_WRONLY | O_TRUNC | O_CREAT, SRVTAB_MODE)) < 0)
-		  err(1, "create %s", keyfile);
-		else
-		    if (close(keyfile_fd) < 0)
-		      err (1, "close %s", keyfile);
-	    }
-	}
-    } while(try_again);
-
-    keyfile_mode = get_mode(keyfile);
-
-    if ((backup_keyfile_fd = 
-	 open(backup_keyfile, O_WRONLY | O_TRUNC | O_CREAT, 
-	      keyfile_mode)) < 0)
-	err (1, "write %s", backup_keyfile);
-    do {
-	if ((rcount = read(keyfile_fd, buf, sizeof(buf))) < 0)
-	    err (1, "read %s", keyfile);
-	if (rcount && (write(backup_keyfile_fd, buf, rcount) != rcount))
-	    err (1, "write %s", backup_keyfile);
-    } while (rcount);
-    if (close(backup_keyfile_fd) < 0)
-	err(1, "close %s", backup_keyfile);
-    if (close(keyfile_fd) < 0)
-	err(1, "close %s", keyfile);
-}
-
-void
-leave(char *str, int x)
-{
-    if (str)
-	fprintf(stderr, "%s\n", str);
-    if (destroyp)
-	 dest_tkt();
-    exit(x);
-}
-
-void
-safe_read_stdin(char *prompt, char *buf, size_t size)
-{
-    printf("%s", prompt);
-    fflush(stdout);
-    memset(buf, 0, size);
-    if (read(0, buf, size - 1) < 0) {
-	warn("read stdin");
-	leave(NULL, 1);
-    }
-    buf[strlen(buf)-1] = 0;
-}
-
-void
-safe_write(char *filename, int fd, void *buf, size_t len)
-{
-    if (write(fd, buf, len) != len) {
-	warn("write %s", filename);
-	close(fd);
-	leave("In progress srvtab in this file.", 1);
-    }
-}
-
-static int
-yes_no(char *string, int dflt)
-{
-  char ynbuf[5];
-  
-  printf("%s (y,n) [%c]", string, dflt?'y':'n');
-  for (;;) {
-    safe_read_stdin("", ynbuf, sizeof(ynbuf));
-    
-    if ((ynbuf[0] == 'n') || (ynbuf[0] == 'N'))
-      return(0);
-    else if ((ynbuf[0] == 'y') || (ynbuf[0] == 'Y'))
-      return(1);
-    else if(ynbuf[0] == 0)
-      return dflt;
-    else {
-      printf("Please enter 'y' or 'n': ");
-      fflush(stdout);
-    }
-  }
-}
-
-int yn(char *string)
-{
-  return yes_no(string, 1);
-}
-
-int ny(char *string)
-{
-  return yes_no(string, 0);
-}
-
-static void
-append_srvtab(char *filename, int fd, char *sname, char *sinst, char *srealm, unsigned char key_vno, unsigned char *key)
-{
-  /* Add one to append null */
-    safe_write(filename, fd, sname, strlen(sname) + 1);
-    safe_write(filename, fd, sinst, strlen(sinst) + 1);
-    safe_write(filename, fd, srealm, strlen(srealm) + 1);
-    safe_write(filename, fd, &key_vno, 1);
-    safe_write(filename, fd, key, sizeof(des_cblock));
-    fsync(fd);
-}    
-
-static void
-print_key(unsigned char *key)
-{
-    int i;
-
-    for (i = 0; i < 4; i++)
-	printf("%02x", key[i]);
-    printf(" ");
-    for (i = 4; i < 8; i++)
-	printf("%02x", key[i]);
-}
-
-static void
-print_name(char *name, char *inst, char *realm)
-{
-    printf("%s", krb_unparse_name_long(name, inst, realm));
-}
-
-static int
-get_svc_new_key(des_cblock *new_key, char *sname, char *sinst,
-		char *srealm, char *keyfile)
-{
-    int status = KADM_SUCCESS;
-
-    if (((status = krb_get_svc_in_tkt(sname, sinst, srealm, PWSERV_NAME,
-				      KADM_SINST, 1, keyfile)) == KSUCCESS) &&
-	((status = kadm_init_link(PWSERV_NAME, KRB_MASTER, srealm)) == 
-	 KADM_SUCCESS)) {
-#ifdef NOENCRYPTION
-	memset(new_key, 0, sizeof(des_cblock));
-	(*new_key)[0] = (unsigned char) 1;
-#else /* NOENCRYPTION */
-	des_new_random_key(new_key);
-#endif /* NOENCRYPTION */
-	return(KADM_SUCCESS);
-    }
-    
-    return(status);
-}
-
-static void
-get_key_from_password(des_cblock (*key), char *cellname)
-{
-    char password[MAX_KPW_LEN];	/* storage for the password */
-
-    if (read_long_pw_string(password, sizeof(password)-1, "Password: ", 1))
-	leave("Error reading password.", 1);
-
-#ifdef NOENCRYPTION
-    memset(key, 0, sizeof(des_cblock));
-    (*key)[0] = (unsigned char) 1;
-#else /* NOENCRYPTION */
-    if (strlen(cellname) == 0)
-      des_string_to_key(password, key);
-    else
-      afs_string_to_key(password, cellname, key);
-#endif /* NOENCRYPTION */
-    memset(password, 0, sizeof(password));
-}    
-
-static void
-usage(void)
-{
-    fprintf(stderr, "Usage: ksrvutil [-f keyfile] [-i] [-k] ");
-    fprintf(stderr, "[-p principal] [-r realm] ");
-    fprintf(stderr, "[-c AFS cellname] ");
-    fprintf(stderr, "{list | change | add | get}\n");
-    fprintf(stderr, "   -i causes the program to ask for ");
-    fprintf(stderr, "confirmation before changing keys.\n");
-    fprintf(stderr, "   -k causes the key to printed for list or ");
-    fprintf(stderr, "change.\n");
-    exit(1);
-}
-
-int
-main(int argc, char **argv)
-{
-    char sname[ANAME_SZ];	/* name of service */
-    char sinst[INST_SZ];	/* instance of service */
-    char srealm[REALM_SZ];	/* realm of service */
-    unsigned char key_vno;	/* key version number */
-    int status;			/* general purpose error status */
-    des_cblock new_key;
-    des_cblock old_key;
-    char change_tkt[MaxPathLen]; /* Ticket to use for key change */
-    char keyfile[MaxPathLen];	/* Original keyfile */
-    char work_keyfile[MaxPathLen]; /* Working copy of keyfile */
-    char backup_keyfile[MaxPathLen]; /* Backup copy of keyfile */
-    unsigned short keyfile_mode; /* Protections on keyfile */
-    int work_keyfile_fd = -1;	/* Initialize so that */
-    int backup_keyfile_fd = -1;	/* compiler doesn't complain */
-    char local_realm[REALM_SZ];	/* local kerberos realm */
-    char cellname[1024];         /* AFS cell name */
-    int c;
-    int interactive = FALSE;
-    int list = FALSE;
-    int change = FALSE;
-    int add = FALSE;
-    int get = FALSE;
-    int key = FALSE;		/* do we show keys? */
-    int arg_entered = FALSE;
-    int change_this_key = FALSE;
-    char databuf[BUFSIZ];
-    int first_printed = FALSE;	/* have we printed the first item? */
-    
-    memset(sname, 0, sizeof(sname));
-    memset(sinst, 0, sizeof(sinst));
-    memset(srealm, 0, sizeof(srealm));
-    	  
-    memset(change_tkt, 0, sizeof(change_tkt));
-    memset(keyfile, 0, sizeof(keyfile));
-    memset(work_keyfile, 0, sizeof(work_keyfile));
-    memset(backup_keyfile, 0, sizeof(backup_keyfile));
-    memset(local_realm, 0, sizeof(local_realm));
-    memset(cellname, 0, sizeof(cellname));
-    
-    set_progname (argv[0]);
-
-    if (krb_get_default_principal(u_name, u_inst, u_realm) < 0)
-	errx (1, "could not get default principal");
-
-    /* This is used only as a default for adding keys */
-    if (krb_get_lrealm(local_realm, 1) != KSUCCESS)
-	strcpy(local_realm, KRB_REALM);
-    
-    while((c = getopt(argc, argv, "ikc:f:p:r:")) != EOF) {
-	 switch (c) {
-	      case 'i':
-	      interactive++;
-	      break;
-	      case 'k':
-	      key++;
-	      break;
-	      case 'c':
-	      strcpy(cellname, optarg);
-	      break;
-	      case 'f':
-	      strcpy(keyfile, optarg);
-	      break;
-	      case 'p':
-	      if((status = kname_parse (u_name, u_inst, u_realm, optarg)) !=
-		 KSUCCESS)
-		  errx (1, "principal %s: %s", optarg,
-			krb_get_err_text(status));
-	      break;
-	      case 'r':
-	      strcpy(u_realm, optarg);
-	      break;
-	      case '?':
-	      usage();
-	 }
-    }
-    if (optind >= argc)
-	 usage();
-    if (*u_realm == '\0')
-	 strcpy (u_realm, local_realm);
-    if (strcmp(argv[optind], "list") == 0) {
-	 if (arg_entered)
-	      usage();
-	 else {
-	      arg_entered++;
-	      list++;
-	 }
-    }
-    else if (strcmp(argv[optind], "change") == 0) {
-	 if (arg_entered)
-	      usage();
-	 else {
-	      arg_entered++;
-	      change++;
-	 }
-    }
-    else if (strcmp(argv[optind], "add") == 0) {
-	 if (arg_entered)
-	      usage();
-	 else {
-	      arg_entered++;
-	      add++;
-	 }
-    }
-    else if (strcmp(argv[optind], "get") == 0) {
-	 if (arg_entered)
-	      usage();
-	 else {
-	      arg_entered++;
-	      get++;
-	 }
-    }
-    else
-	 usage();
-    ++optind;
-    
-    if (!arg_entered)
-	usage();
-
-    if (!keyfile[0])
-	strcpy(keyfile, KEYFILE);
-    
-    strcpy(work_keyfile, keyfile);
-    strcpy(backup_keyfile, keyfile);
-    
-    if (change || add || get) {
-	strcat(work_keyfile, ".work");
-	strcat(backup_keyfile, ".old");
-	
-	copy_keyfile(keyfile, backup_keyfile);
-    }
-    
-    if (add || get)
-	copy_keyfile(backup_keyfile, work_keyfile);
-
-    keyfile_mode = get_mode(keyfile);
-
-    if (change || list)
-	if ((backup_keyfile_fd = open(backup_keyfile, O_RDONLY, 0)) < 0)
-	    err (1, "open %s", backup_keyfile);
-
-    if (change) {
-	if ((work_keyfile_fd = 
-	     open(work_keyfile, O_WRONLY | O_CREAT | O_TRUNC, 
-		  SRVTAB_MODE)) < 0)
-	    err (1, "creat %s", work_keyfile);
-    }
-    else if (add) {
-	if ((work_keyfile_fd =
-	     open(work_keyfile, O_APPEND | O_WRONLY, SRVTAB_MODE)) < 0)
-	    err (1, "open with append %s", work_keyfile );
-    }
-    else if (get) {
-	if ((work_keyfile_fd =
-	     open(work_keyfile, O_RDWR | O_CREAT, SRVTAB_MODE)) < 0)
-	    err (1, "open for writing %s", work_keyfile);
-    }
-    
-    if (change || list) {
-	while ((getst(backup_keyfile_fd, sname, SNAME_SZ) > 0) &&
-	       (getst(backup_keyfile_fd, sinst, INST_SZ) > 0) &&
-	       (getst(backup_keyfile_fd, srealm, REALM_SZ) > 0) &&
-	       (read(backup_keyfile_fd, &key_vno, 1) > 0) &&
-	       (read(backup_keyfile_fd, old_key, sizeof(old_key)) > 0)) {
-	    if (list) {
-		if (!first_printed) {
-		    printf(VNO_HEADER);
-		    printf(PAD);
-		    if (key) {
-			printf(KEY_HEADER);
-			printf(PAD);
-		    }
-		    printf(PRINC_HEADER);
-		    first_printed = 1;
-		}
-		printf(VNO_FORMAT, key_vno);
-		printf(PAD);
-		if (key) {
-		    print_key(old_key);
-		    printf(PAD);
-		}
-		print_name(sname, sinst, srealm);
-		printf("\n");
-	    }
-	    else if (change) {
-		snprintf(change_tkt, sizeof(change_tkt),
-			 TKT_ROOT "_ksrvutil.%u",
-			 (unsigned)getpid());
-		krb_set_tkt_string(change_tkt);
-		destroyp = TRUE;
-
-		printf("\nPrincipal: ");
-		print_name(sname, sinst, srealm);
-		printf("; version %d\n", key_vno);
-		if (interactive)
-		    change_this_key = yn("Change this key?");
-		else if (change)
-		    change_this_key = 1;
-		else
-		    change_this_key = 0;
-		
-		if (change_this_key)
-		    printf("Changing to version %d.\n", key_vno + 1);
-		else if (change)
-		    printf("Not changing this key.\n");
-		
-		if (change_this_key) {
-		    /*
-		     * This is not a good choice of seed when/if the
-		     * key has been compromised so we also use a
-		     * random sequence number!
-		     */
-		    des_init_random_number_generator(&old_key);
-		    {
-		        des_cblock seqnum;
-			des_generate_random_block(&seqnum);
-			des_set_sequence_number((unsigned char *)&seqnum);
-		    }
-		    /* 
-		     * Pick a new key and determine whether or not
-		     * it is safe to change
-		     */
-		    if ((status = 
-			 get_svc_new_key(&new_key, sname, sinst, 
-					 srealm, keyfile)) == KADM_SUCCESS)
-			key_vno++;
-		    else {
-		        memcpy(new_key, old_key, sizeof(new_key));
-			warnx ("Key NOT changed: %s\n",
-			       krb_get_err_text(status));
-			change_this_key = FALSE;
-		    }
-		}
-		else 
-		    memcpy(new_key, old_key, sizeof(new_key));
-		append_srvtab(work_keyfile, work_keyfile_fd, 
-			      sname, sinst, srealm, key_vno, new_key);
-		if (key && change_this_key) {
-		    printf("Old key: ");
-		    print_key(old_key);
-		    printf("; new key: ");
-		    print_key(new_key);
-		    printf("\n");
-		}
-		if (change_this_key) {
-		    if ((status = kadm_change_pw(new_key)) == KADM_SUCCESS) {
-			printf("Key changed.\n");
-			dest_tkt();
-		    }
-		    else {
-			com_err(__progname, status, 
-				" attempting to change password.");
-			dest_tkt();
-			/* XXX This knows the format of a keyfile */
-			if (lseek(work_keyfile_fd, -9, SEEK_CUR) >= 0) {
-			    key_vno--;
-			    safe_write(work_keyfile,
-				       work_keyfile_fd, &key_vno, 1);
-			    safe_write(work_keyfile, work_keyfile_fd,
-				       old_key, sizeof(des_cblock));
-			    fsync(work_keyfile_fd);
-			    fprintf(stderr,"Key NOT changed.\n");
-			} else {
-			    warn ("Unable to revert keyfile");
-			    leave("", 1);
-			}
-		    }
-		}
-	    }
-	    memset(old_key, 0, sizeof(des_cblock));
-	    memset(new_key, 0, sizeof(des_cblock));
-	}
-    }
-    else if (add) {
-	do {
-	    do {
-		safe_read_stdin("Name: ", databuf, sizeof(databuf));
-		strncpy(sname, databuf, sizeof(sname) - 1);
-		if (strchr(sname, '.') != 0) {
-		  strcpy(sinst, strchr(sname, '.') + 1);
-		  *(strchr(sname, '.')) = 0;
-		} else {
-		  safe_read_stdin("Instance: ", databuf, sizeof(databuf));
-		  strncpy(sinst, databuf, sizeof(sinst) - 1);
-		}
-		safe_read_stdin("Realm: ", databuf, sizeof(databuf));
-		strncpy(srealm, databuf, sizeof(srealm) - 1);
-		safe_read_stdin("Version number: ", databuf, sizeof(databuf));
-		key_vno = atoi(databuf);
-		if (key_vno == 0)
-			key_vno = 1; /* Version numbers are never 0 */
-		if (!srealm[0])
-		    strcpy(srealm, local_realm);
-		printf("New principal: ");
-		print_name(sname, sinst, srealm);
-		printf("; version %d\n", key_vno);
-	    } while (!yn("Is this correct?"));
-	    get_key_from_password(&new_key, cellname);
-	    if (key) {
-		printf("Key: ");
-		print_key(new_key);
-		printf("\n");
-	    }
-	    append_srvtab(work_keyfile, work_keyfile_fd, 
-			  sname, sinst, srealm, key_vno, new_key);
-	    printf("Key successfully added.\n");
-	} while (yn("Would you like to add another key?"));
-    }
-    else if (get) {
-        ksrvutil_get(work_keyfile_fd, work_keyfile,
-		     argc - optind, argv + optind);
-    }
-
-    if (change || list) 
-	if (close(backup_keyfile_fd) < 0)
-	    warn ("close %s", backup_keyfile);
-    
-    if (change || add || get) {
-	if (close(work_keyfile_fd) < 0)
-	    err (1, "close %s", work_keyfile);
-	if (rename(work_keyfile, keyfile) < 0)
-	    err (1, "rename(%s, %s)", work_keyfile, keyfile);
-	chmod(backup_keyfile, keyfile_mode);
-	chmod(keyfile, keyfile_mode);
-	printf("Old keyfile in %s.\n", backup_keyfile);
-    }
-    return 0;
-}
diff --git a/crypto/kerberosIV/kadmin/ksrvutil.h b/crypto/kerberosIV/kadmin/ksrvutil.h
deleted file mode 100644
index 64e2fe4c2e50..000000000000
--- a/crypto/kerberosIV/kadmin/ksrvutil.h
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan 
- * (Royal Institute of Technology, Stockholm, Sweden).  
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/*
- * $Id: ksrvutil.h,v 1.8 1997/04/01 03:58:55 assar Exp $
- *
- */
-
-extern char u_name[], u_inst[], u_realm[];
-extern int destroyp;
-
-void leave(char *str, int x);
-void safe_read_stdin(char *prompt, char *buf, size_t size);
-void safe_write(char *filename, int fd, void *buf, size_t len);
-
-int yn(char *string);
-int ny(char *string);
-
-void ksrvutil_get(int fd, char *filename, int argc, char **argv);
diff --git a/crypto/kerberosIV/kadmin/ksrvutil_get.c b/crypto/kerberosIV/kadmin/ksrvutil_get.c
deleted file mode 100644
index 7b97d35088af..000000000000
--- a/crypto/kerberosIV/kadmin/ksrvutil_get.c
+++ /dev/null
@@ -1,400 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "kadm_locl.h"
-#include "ksrvutil.h"
-
-RCSID("$Id: ksrvutil_get.c,v 1.32 1997/05/05 21:14:57 assar Exp $");
-
-#define BAD_PW 1
-#define GOOD_PW 0
-#define FUDGE_VALUE 15		/* for ticket expiration time */
-#define PE_NO 0
-#define PE_YES 1
-#define PE_UNSURE 2
-
-static char tktstring[128];
-
-static int
-princ_exists(char *name, char *instance, char *realm)
-{
-    int status;
-
-    status = krb_get_pw_in_tkt(name, instance, realm,
-			       KRB_TICKET_GRANTING_TICKET,
-			       realm, 1, "");
-
-    if ((status == KSUCCESS) || (status == INTK_BADPW))
-	return(PE_YES);
-    else if (status == KDC_PR_UNKNOWN)
-	return(PE_NO);
-    else
-	return(PE_UNSURE);
-}
-
-static int
-get_admin_password(char *myname, char *myinst, char *myrealm)
-{
-  int status;
-  char admin_passwd[MAX_KPW_LEN];	/* Admin's password */
-  int ticket_life = 1;	/* minimum ticket lifetime */
-  char buf[1024];
-  CREDENTIALS c;
-
-  if (princ_exists(myname, myinst, myrealm) != PE_NO) {
-    snprintf(buf, sizeof(buf), "Password for %s: ",
-	    krb_unparse_name_long (myname, myinst, myrealm));
-    if (des_read_pw_string(admin_passwd, sizeof(admin_passwd)-1,
-			    buf, 0)) {
-      fprintf(stderr, "Error reading admin password.\n");
-      goto bad;
-    }
-    status = krb_get_pw_in_tkt(myname, myinst, myrealm, PWSERV_NAME, 
-			       KADM_SINST, ticket_life, admin_passwd);
-    memset(admin_passwd, 0, sizeof(admin_passwd));
-    
-    /* Initialize non shared random sequence from session key. */
-    memset(&c, 0, sizeof(c));
-    krb_get_cred(PWSERV_NAME, KADM_SINST, myrealm, &c);
-    des_init_random_number_generator(&c.session);
-  }
-  else
-    status = KDC_PR_UNKNOWN;
-  
-  switch(status) {
-  case GT_PW_OK:
-    return(GOOD_PW);
-  case KDC_PR_UNKNOWN:
-    printf("Principal %s does not exist.\n",
-	   krb_unparse_name_long(myname, myinst, myrealm));
-    goto bad;
-  case GT_PW_BADPW:
-    printf("Incorrect admin password.\n");
-    goto bad;
-  default:
-    com_err("kadmin", status+krb_err_base,
-	    "while getting password tickets");
-    goto bad;
-  }
-  
-bad:
-  memset(admin_passwd, 0, sizeof(admin_passwd));
-  dest_tkt();
-  return(BAD_PW);
-}
-
-static void
-srvtab_put_key (int fd, char *filename, char *name, char *inst, char *realm,
-		int8_t kvno, des_cblock key)
-{
-  char sname[ANAME_SZ];	/* name of service */
-  char sinst[INST_SZ];	/* instance of service */
-  char srealm[REALM_SZ];	/* realm of service */
-  int8_t skvno;
-  des_cblock skey;
-
-  lseek(fd, 0, SEEK_SET);
-
-  while(getst(fd, sname,  SNAME_SZ) > 0 &&
-	getst(fd, sinst,  INST_SZ) > 0  &&
-	getst(fd, srealm, REALM_SZ) > 0 &&
-	read(fd, &skvno,  sizeof(skvno)) > 0 &&
-	read(fd, skey,    sizeof(skey)) > 0) {
-    if(strcmp(name,  sname)  == 0 &&
-       strcmp(inst,  sinst)  == 0 &&
-       strcmp(realm, srealm) == 0) {
-      lseek(fd, lseek(fd,0,SEEK_CUR)-(sizeof(skvno) + sizeof(skey)), SEEK_SET);
-      safe_write(filename, fd, &kvno, sizeof(kvno));
-      safe_write(filename, fd, key,   sizeof(des_cblock));
-      return;
-    }
-  }
-  safe_write(filename, fd, name,  strlen(name) + 1);
-  safe_write(filename, fd, inst,  strlen(inst) + 1);
-  safe_write(filename, fd, realm, strlen(realm) + 1);
-  safe_write(filename, fd, &kvno, sizeof(kvno));
-  safe_write(filename, fd, key,   sizeof(des_cblock));
-}
-
-/* 
- * node list of services 
- */
-
-struct srv_ent{
-  char name[SNAME_SZ];
-  char inst[INST_SZ];
-  char realm[REALM_SZ];
-  struct srv_ent *next;
-};
-
-static int
-key_to_key(char *user, char *instance, char *realm, void *arg,
-	   des_cblock *key)
-{
-  memcpy(key, arg, sizeof(des_cblock));
-  return 0;
-}
-
-static void
-get_srvtab_ent(int fd, char *filename, char *name, char *inst, char *realm)
-{
-  char chname[128];
-  des_cblock newkey;
-  char old_tktfile[MaxPathLen], new_tktfile[MaxPathLen];
-  char garbage_name[ANAME_SZ];
-  char garbage_inst[ANAME_SZ];
-  CREDENTIALS c;
-  u_int8_t kvno;
-  Kadm_vals values;
-  int ret;
-
-  strncpy(chname, krb_get_phost(inst), sizeof(chname));
-  if(strcmp(inst, chname))
-    fprintf(stderr, 
-	    "Warning: Are you sure `%s' should not be `%s'?\n",
-	    inst, chname);
-    
-  memset(&values, 0, sizeof(values));
-  strcpy(values.name, name);
-  strcpy(values.instance, inst);
-  des_new_random_key(&newkey);
-  values.key_low = (newkey[0] << 24) | (newkey[1] << 16)
-    | (newkey[2] << 8) | (newkey[3] << 0);
-  values.key_high = (newkey[4] << 24) | (newkey[5] << 16)
-    | (newkey[6] << 8) | (newkey[7] << 0);
-
-  SET_FIELD(KADM_NAME,values.fields);
-  SET_FIELD(KADM_INST,values.fields);
-  SET_FIELD(KADM_DESKEY,values.fields);
-
-  ret = kadm_mod(&values, &values);
-  if(ret == KADM_NOENTRY)
-    ret = kadm_add(&values);
-  if (ret != KSUCCESS) {
-    warnx ("Couldn't get srvtab entry for %s.%s: %s",
-	    name, inst, error_message(ret));
-    return;
-  }
-  
-  values.key_low = values.key_high = 0;
-
-  /* get the key version number */
-
-  strcpy(old_tktfile, tkt_string());
-  snprintf(new_tktfile, sizeof(new_tktfile),
-	   TKT_ROOT "_ksrvutil-get.%u",
-	   (unsigned)getpid());
-  krb_set_tkt_string(new_tktfile);
-
-  ret = krb_get_in_tkt(name, inst, realm, name, inst,
-		       1, key_to_key, NULL, &newkey);
-
-  if (ret == KSUCCESS &&
-      (ret = tf_init(tkt_string(), R_TKT_FIL)) == KSUCCESS &&
-      (ret = tf_get_pname(garbage_name)) == KSUCCESS &&
-      (ret = tf_get_pinst(garbage_inst)) == KSUCCESS &&
-      (ret = tf_get_cred(&c)) == KSUCCESS)
-    kvno = c.kvno;
-  else {
-    warnx ("Could not find the cred in the ticket file");
-    return;
-  }
-
-  tf_close();
-  krb_set_tkt_string(old_tktfile);
-  unlink(new_tktfile);
-    
-  if(ret != KSUCCESS) {
-    memset(&newkey, 0, sizeof(newkey));
-    warnx ("Could not get a ticket for %s: %s\n",
-	   krb_unparse_name_long(name, inst, realm),
-	   krb_get_err_text(ret));
-    return;
-  }
-
-  /* Write the new key & c:o to the srvtab file */
-
-  srvtab_put_key (fd, filename, name, inst, realm, kvno, newkey);
-  memset(&newkey, 0, sizeof(newkey));
-
-  fprintf (stderr, "Added %s\n", krb_unparse_name_long (name, inst, realm));
-}
-
-static void
-ksrvutil_kadm(int fd, char *filename, struct srv_ent *p)
-{
-  int ret;
-  CREDENTIALS c;
-  
-  ret = kadm_init_link(PWSERV_NAME, KADM_SINST, u_realm);
-  if (ret != KADM_SUCCESS) {
-    warnx("Couldn't initialize kadmin link: %s", error_message(ret));
-    leave(NULL, 1);
-  }
-  
-  ret = krb_get_cred (PWSERV_NAME, KADM_SINST, u_realm, &c);
-  if (ret == KSUCCESS)
-    des_init_random_number_generator (&c.session);
-  else {
-    umask(077);
-       
-    /*
-     *  create ticket file and get admin tickets
-     */
-    snprintf(tktstring, sizeof(tktstring), TKT_ROOT "_ksrvutil_%d", (int)getpid());
-    krb_set_tkt_string(tktstring);
-    destroyp = TRUE;
-       
-    ret = get_admin_password(u_name, u_inst, u_realm);
-    if (ret) {
-      warnx("Couldn't get admin password.");
-      leave(NULL, 1);
-    }
-  }  
-  for(;p;){
-    get_srvtab_ent(fd, filename, p->name, p->inst, p->realm);
-    p=p->next;
-  }
-  unlink(tktstring);
-}
-
-static void
-parseinput (char *result, size_t sz, char *val, char *def)
-{
-  char *lim;
-  int inq;
-
-  if (val[0] == '\0') {
-    strncpy (result, def, sz-1);
-    return;
-  }
-  lim = result + sz - 1;
-  inq = 0;
-  while(*val && result < lim) {
-    switch(*val) {
-    case '\'' :
-      inq = !inq;
-      ++val;
-      break;
-    case '\\' :
-      if(!inq)
-	val++;
-    default:
-      *result++ = *val++;
-      break;
-    }
-  }
-  *result = '\0';
-}
-
-void
-ksrvutil_get(int fd, char *filename, int argc, char **argv)
-{
-  char sname[ANAME_SZ];		/* name of service */
-  char sinst[INST_SZ];		/* instance of service */
-  char srealm[REALM_SZ];	/* realm of service */
-  char databuf[BUFSIZ];
-  char local_hostname[100];
-  char prompt[100];
-  struct srv_ent *head=NULL;
-  int i;
-
-  k_gethostname(local_hostname, sizeof(local_hostname));
-  strcpy(local_hostname, krb_get_phost(local_hostname));
-
-  if (argc)
-    for(i=0; i < argc; ++i) {
-      struct srv_ent *p=malloc(sizeof(*p));
-
-      if(p == NULL) {
-	warnx ("out of memory in malloc");
-	leave(NULL,1);
-      }
-      p->next = head;
-      strcpy (p->realm, u_realm);
-      if (kname_parse (p->name, p->inst, p->realm, argv[i]) !=
-	  KSUCCESS) {
-	warnx ("parse error on '%s'\n", argv[i]);
-	free(p);
-	continue;
-      }
-      if (p->name[0] == '\0')
-	strcpy(p->name, "rcmd");
-      if (p->inst[0] == '\0')
-	strcpy(p->inst, local_hostname);
-      if (p->realm[0] == '\0')
-	strcpy(p->realm, u_realm);
-      head = p;
-    }
-
-  else
-    do{
-      safe_read_stdin("Name [rcmd]: ", databuf, sizeof(databuf));
-      parseinput (sname, sizeof(sname), databuf, "rcmd");
-    
-      snprintf(prompt, sizeof(prompt), "Instance [%s]: ", local_hostname);
-      safe_read_stdin(prompt, databuf, sizeof(databuf));
-      parseinput (sinst, sizeof(sinst), databuf, local_hostname);
-    
-      snprintf(prompt, sizeof(prompt), "Realm [%s]: ", u_realm);
-      safe_read_stdin(prompt, databuf, sizeof(databuf));
-      parseinput (srealm, sizeof(srealm), databuf, u_realm);
-
-      if(yn("Is this correct?")){
-	struct srv_ent *p=(struct srv_ent*)malloc(sizeof(struct srv_ent));
-	p->next=head;
-	head=p;
-	strcpy(p->name, sname);
-	strcpy(p->inst, sinst);
-	strcpy(p->realm, srealm);
-      }
-    }while(ny("Add more keys?"));
-  
-  
-  ksrvutil_kadm(fd, filename, head);
-
-  {
-    struct srv_ent *p=head, *q;
-    while(p){
-      q=p;
-      p=p->next;
-      free(q);
-    }
-  }
-
-}
diff --git a/crypto/kerberosIV/kadmin/new_pwd.c b/crypto/kerberosIV/kadmin/new_pwd.c
deleted file mode 100644
index 88fb7a9b33be..000000000000
--- a/crypto/kerberosIV/kadmin/new_pwd.c
+++ /dev/null
@@ -1,146 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "kadm_locl.h"
-
-RCSID("$Id: new_pwd.c,v 1.11 1997/05/02 14:28:54 assar Exp $");
-
-#ifdef NOENCRYPTION
-#define read_long_pw_string placebo_read_pw_string
-#else
-#define read_long_pw_string des_read_pw_string
-#endif
-
-static char *
-check_pw (char *pword)
-{
-    if (strlen(pword) == 0)
-	return "Null passwords are not allowed - Please enter a longer password.";
-    
-    if (strlen(pword) < MIN_KPW_LEN)
-	return "Password is to short - Please enter a longer password.";
-    
-    /* Don't allow all lower case passwords regardless of length */
-    {
-	char *t;
-	for (t = pword; *t && islower(*t); t++)
-	    ;
-	if (*t == 0)
-	    return "Please don't use an all-lower case password.\n"
-	      "\tUnusual capitalization, delimiter characters or "
-	      "digits are suggested.";
-    }
-
-    return NULL;
-}
-
-int
-get_pw_new_pwd(char *pword, int pwlen, krb_principal *pr, int print_realm)
-{
-    char ppromp[40+ANAME_SZ+INST_SZ+REALM_SZ]; /* for the password prompt */
-    char npromp[40+ANAME_SZ+INST_SZ+REALM_SZ]; /* for the password prompt */
-    
-    char p[MAX_K_NAME_SZ];
-    
-    char local_realm[REALM_SZ];
-    int status;
-    char *expl;
-    
-    /*
-     * We don't care about failure; this is to determine whether or
-     * not to print the realm in the prompt for a new password. 
-     */
-    krb_get_lrealm(local_realm, 1);
-    
-    if (strcmp(local_realm, pr->realm))
-	print_realm++;
-    
-    {
-	char *q;
-	krb_unparse_name_r(pr, p);
-	if(print_realm == 0 && (q = strrchr(p, '@')))
-	    *q = 0;
-    }
-
-    snprintf(ppromp, sizeof(ppromp), "Old password for %s:", p);
-    if (read_long_pw_string(pword, pwlen-1, ppromp, 0)) {
-	fprintf(stderr, "Error reading old password.\n");
-	return -1;
-    }
-
-    status = krb_get_pw_in_tkt(pr->name, pr->instance, pr->realm, 
-			       PWSERV_NAME, KADM_SINST, 1, pword);
-    if (status != KSUCCESS) {
-	if (status == INTK_BADPW) {
-	    printf("Incorrect old password.\n");
-	    return -1;
-	}
-	else {
-	    fprintf(stderr, "Kerberos error: %s\n", krb_get_err_text(status));
-	    return -1;
-	}
-    }
-    memset(pword, 0, pwlen);
-    
-    do {
-	char verify[MAX_KPW_LEN];
-	snprintf(npromp, sizeof(npromp), "New Password for %s:",p);
-	if (read_long_pw_string(pword, pwlen-1, npromp, 0)) {
-	    fprintf(stderr,
-		    "Error reading new password, password unchanged.\n");
-	    return -1;
-        }
-	expl = check_pw (pword);
-	if (expl) {
-	    printf("\n\t%s\n\n", expl);
-	    continue;
-	}
-	/* Now we got an ok password, verify it. */
-	snprintf(npromp, sizeof(npromp), "Verifying New Password for %s:", p);
-	if (read_long_pw_string(verify, MAX_KPW_LEN-1, npromp, 0)) {
-	    fprintf(stderr,
-		    "Error reading new password, password unchanged.\n");
-	    return -1;
-        }
-	if (strcmp(pword, verify) != 0) {
-	    printf("Verify failure - try again\n");
-	    expl = "";		/* continue */
-	}
-    } while (expl);
-    return 0;
-}
diff --git a/crypto/kerberosIV/kadmin/pw_check.c b/crypto/kerberosIV/kadmin/pw_check.c
deleted file mode 100644
index ac6912b6fe97..000000000000
--- a/crypto/kerberosIV/kadmin/pw_check.c
+++ /dev/null
@@ -1,87 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "kadm_locl.h"
-
-RCSID("$Id: pw_check.c,v 1.13 1997/04/01 08:17:50 joda Exp $");
-
-/*
- * kadm_pw_check
- *
- * pw		: new password or "" if none passed
- * newkey	: key for pw as passed from client
- * strings	: interesting strings to check for
- *
- * returns NULL if pw is ok, else an explanatory string
- */
-int
-kadm_pw_check(char *pw, des_cblock *newkey, char **pw_msg, 
-	      char **strings)
-{
-  des_cblock pwkey;
-  int status=KADM_SUCCESS;
-  
-  if (pw == NULL || *pw == '\0')
-    return status;		/* XXX - Change this later */
-
-#ifndef NO_PW_CHECK
-  *pw_msg = NULL;
-  des_string_to_key(pw, &pwkey); /* Check AFS string to key also! */
-  if (memcmp(pwkey, *newkey, sizeof(pwkey)) != 0)
-    {
-      /* no password or bad key */
-      status=KADM_PW_MISMATCH;
-      *pw_msg = "Password doesn't match supplied DES key";
-    }
-  else if (strlen(pw) < MIN_KPW_LEN)
-    {
-      status = KADM_INSECURE_PW;
-      *pw_msg="Password is too short";
-    }
-  
-#ifdef DICTPATH
-  *pw_msg = FascistCheck(pw, DICTPATH, strings);
-  if (*pw_msg)
-    return KADM_INSECURE_PW;
-#endif
-
-  memset(pwkey, 0, sizeof(pwkey));
-#endif
-
-  return status;
-}
diff --git a/crypto/kerberosIV/kadmin/pw_check.h b/crypto/kerberosIV/kadmin/pw_check.h
deleted file mode 100644
index c5a5d69eab60..000000000000
--- a/crypto/kerberosIV/kadmin/pw_check.h
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/*
- * $Id: pw_check.h,v 1.6 1997/04/01 08:17:50 joda Exp $ 
- */
-
-int kadm_pw_check(char *pw, des_cblock *newkey, 
-		  char **pw_msg, char **strings);
-
diff --git a/crypto/kerberosIV/kuser/Makefile.in b/crypto/kerberosIV/kuser/Makefile.in
deleted file mode 100644
index aff8c19872d1..000000000000
--- a/crypto/kerberosIV/kuser/Makefile.in
+++ /dev/null
@@ -1,92 +0,0 @@
-# $Id: Makefile.in,v 1.23 1997/03/23 13:04:08 assar Exp $
-
-SHELL	= /bin/sh
-
-srcdir	= @srcdir@
-VPATH	= @srcdir@
-
-topdir	= ..
-
-CC		= @CC@
-AR		= ar
-RANLIB		= @RANLIB@
-DEFS		= @DEFS@
-CFLAGS		= @CFLAGS@
-LD_FLAGS	= @LD_FLAGS@
-INSTALL		= @INSTALL@
-INSTALL_PROGRAM = @INSTALL_PROGRAM@
-LIBS		= @LIBS@
-KRB_KAFS_LIB	= @KRB_KAFS_LIB@
-MKINSTALLDIRS	= @top_srcdir@/mkinstalldirs
-
-prefix = @prefix@
-exec_prefix = @exec_prefix@
-bindir = @bindir@
-libdir = @libdir@
-transform=@program_transform_name@
-EXECSUFFIX=@EXECSUFFIX@
-
-PROGS = kinit$(EXECSUFFIX) \
-	kdestroy$(EXECSUFFIX) \
-	klist$(EXECSUFFIX)
-
-SOURCES = kinit.c kdestroy.c klist.c
-
-OBJECTS = kinit.o kdestroy.o klist.o
-
-all: $(PROGS)
-
-Wall:
-	make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__"
-
-.c.o:
-	$(CC) -c $(CPPFLAGS) $(DEFS) -I../include -I$(srcdir) $(CFLAGS) $<
-
-install: all
-	$(MKINSTALLDIRS) $(bindir)
-	for x in $(PROGS); do \
-	  $(INSTALL_PROGRAM) $$x $(bindir)/`echo $$x | sed '$(transform)'`; \
-	done
-
-uninstall:
-	for x in $(PROGS); do \
-	  rm -f $(bindir)/`echo $$x | sed '$(transform)'`; \
-	done
-
-TAGS: $(SOURCES)
-	etags $(SOURCES)
-
-check:
-
-clean:
-	rm -f *.a *.o $(PROGS)
-
-mostlyclean: clean
-
-distclean: clean
-	rm -f Makefile *.tab.c *~
-
-realclean: distclean
-	rm -f TAGS
-
-dist: $(DISTFILES)
-	for file in $(DISTFILES); do \
-	  ln $$file ../`cat ../.fname`/lib \
-	    || cp -p $$file ../`cat ../.fname`/lib; \
-	done
-
-KLIB=-L../lib/krb -lkrb -L../lib/des -ldes
-LIBROKEN=-L../lib/roken -lroken
-
-kinit$(EXECSUFFIX): kinit.o
-	$(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ kinit.o $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN)
-
-kdestroy$(EXECSUFFIX): kdestroy.o
-	$(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ kdestroy.o $(KRB_KAFS_LIB) $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN)
-
-klist$(EXECSUFFIX): klist.o
-	$(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ klist.o $(KRB_KAFS_LIB) $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN)
-
-# su move to appl/bsd
-
-$(OBJECTS): ../include/config.h
diff --git a/crypto/kerberosIV/kuser/kdestroy.c b/crypto/kerberosIV/kuser/kdestroy.c
deleted file mode 100644
index 2fe36c37fac7..000000000000
--- a/crypto/kerberosIV/kuser/kdestroy.c
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
- * Copyright 1987, 1988 by the Massachusetts Institute of Technology. 
- *
- * For copying and distribution information, please see the file
- * <mit-copyright.h>. 
- *
- * This program causes Kerberos tickets to be destroyed.
- * Options are: 
- *
- *   -q[uiet]	- no bell even if tickets not destroyed
- *   -f[orce]	- no message printed at all 
- *   -t		- do not destroy tokens
- */
-
-#include "kuser_locl.h"
-#include <kafs.h>
-
-RCSID("$Id: kdestroy.c,v 1.8 1997/03/30 16:15:03 joda Exp $");
-
-static void
-usage(void)
-{
-    fprintf(stderr, "Usage: %s [-f] [-q] [-t]\n", __progname);
-    exit(1);
-}
-
-int
-main(int argc, char **argv)
-{
-    int fflag=0, tflag = 0, k_errno;
-    int c;
-
-    set_progname(argv[0]);
-
-    while((c = getopt(argc, argv, "fqt")) >= 0){
-	switch(c){
-	case 'f':
-	case 'q':
-	    fflag++;
-	    break;
-	case 't':
-	    tflag++;
-	    break;
-	default:
-	    usage();
-	}
-    }
-    if(argc - optind > 0)
-	usage();
-
-    k_errno = dest_tkt();
-
-    if(!tflag && k_hasafs())
-	k_unlog();
-
-    if (fflag) {
-	if (k_errno != 0 && k_errno != RET_TKFIL)
-	    exit(1);
-	else
-	    exit(0);
-    } else {
-	if (k_errno == 0)
-	    printf("Tickets destroyed.\n");
-	else if (k_errno == RET_TKFIL)
-	    printf("No tickets to destroy.\n");
-	else {
-	    printf("Tickets NOT destroyed.\n");
-	    exit(1);
-	}
-    }
-    exit(0);
-}
diff --git a/crypto/kerberosIV/kuser/kinit.c b/crypto/kerberosIV/kuser/kinit.c
deleted file mode 100644
index cd2f826bb2cf..000000000000
--- a/crypto/kerberosIV/kuser/kinit.c
+++ /dev/null
@@ -1,187 +0,0 @@
-/*
- * Copyright 1987, 1988 by the Massachusetts Institute of Technology. 
- *
- * For copying and distribution information, please see the file
- * <mit-copyright.h>. 
- *
- * Routine to initialize user to Kerberos.  Prompts optionally for
- * user, instance and realm.  Authenticates user and gets a ticket
- * for the Kerberos ticket-granting service for future use. 
- *
- * Options are: 
- *
- *   -i[instance]
- *   -r[realm]
- *   -v[erbose]
- *   -l[ifetime]
- *   -p
- */
-
-#include "kuser_locl.h"
-
-RCSID("$Id$");
-
-#define	LIFE	DEFAULT_TKT_LIFE /* lifetime of ticket in 5-minute units */
-#define CHPASSLIFE 2
-
-static void
-get_input(char *s, int size, FILE *stream)
-{
-    char *p;
-
-    if (fgets(s, size, stream) == NULL)
-	exit(1);
-    if ( (p = strchr(s, '\n')) != NULL)
-	*p = '\0';
-}
-
-
-static void
-usage(void)
-{
-    fprintf(stderr, "Usage: %s [-irvlp] [name]\n", __progname);
-    exit(1);
-}
-
-int
-main(int argc, char **argv)
-{
-    char    aname[ANAME_SZ];
-    char    inst[INST_SZ];
-    char    realm[REALM_SZ];
-    char    buf[MaxHostNameLen];
-    char    name[MAX_K_NAME_SZ];
-    char   *username = NULL;
-    int     iflag, rflag, vflag, lflag, pflag, lifetime, k_errno;
-    int	    i;
-
-    set_progname (argv[0]);
-
-    *inst = *realm = '\0';
-    iflag = rflag = vflag = lflag = pflag = 0;
-    lifetime = LIFE;
-    set_progname(argv[0]);
-
-    while (--argc) {
-	if ((*++argv)[0] != '-') {
-	    if (username)
-		usage();
-	    username = *argv;
-	    continue;
-	}
-	for (i = 1; (*argv)[i] != '\0'; i++)
-	    switch ((*argv)[i]) {
-	    case 'i':		/* Instance */
-		++iflag;
-		continue;
-	    case 'r':		/* Realm */
-		++rflag;
-		continue;
-	    case 'v':		/* Verbose */
-		++vflag;
-		continue;
-	    case 'l':
-		++lflag;
-		continue;
-	    case 'p':
-		++pflag;	/* chpass-tickets */
-		lifetime = CHPASSLIFE;
-		break;
-	    default:
-		usage();
-	    }
-    }
-    if (username &&
-	(k_errno = kname_parse(aname, inst, realm, username)) != KSUCCESS) {
-	warnx("%s", krb_get_err_text(k_errno));
-	iflag = rflag = 1;
-	username = NULL;
-    }
-    if (k_gethostname(buf, MaxHostNameLen)) 
-	err(1, "k_gethostname failed");
-    printf("%s (%s)\n", ORGANIZATION, buf);
-    if (username) {
-	printf("Kerberos Initialization for \"%s", aname);
-	if (*inst)
-	    printf(".%s", inst);
-	if (*realm)
-	    printf("@%s", realm);
-	printf("\"\n");
-    } else {
-	if (iflag) {
-		printf("Kerberos Initialization\n");
-		printf("Kerberos name: ");
-		get_input(name, sizeof(name), stdin);
-		if (!*name)
-		    return 0;
-		if ((k_errno = kname_parse(aname, inst, realm, name)) 
-			!= KSUCCESS )
-			errx(1, "%s", krb_get_err_text(k_errno));
-	} else {
-	    int uid = getuid();
-	    char *getenv();
-	    struct passwd *pwd;
-
-	    /* default to current user name unless running as root */
-	    if (uid == 0 && (username = getenv("USER")) &&
-	        strcmp(username, "root") != 0) {
-	    	    strncpy(aname, username, sizeof(aname));
-		    strncpy(inst, "root", sizeof(inst));
-	    } else {
-		    pwd = getpwuid(uid);
-
-		    if (pwd == (struct passwd *) NULL) {
-			fprintf(stderr, "Unknown name for your uid\n");
-			printf("Kerberos name: ");
-			get_input(aname, sizeof(aname), stdin);
-		    } else
-			strncpy(aname, pwd->pw_name, sizeof(aname));
-	    }
-	    if (!*aname)
-	        return 0;
-	    if (!k_isname(aname)) {
-	        errx(1, "%s", "bad Kerberos name format");
-	    }
-	}
-    }
-    /* optional instance */
-    if (iflag) {
-	printf("Kerberos instance: ");
-	get_input(inst, sizeof(inst), stdin);
-	if (!k_isinst(inst))
-	    errx(1, "bad Kerberos instance format");
-    }
-    if (rflag) {
-	printf("Kerberos realm: ");
-	get_input(realm, sizeof(realm), stdin);
-	if (!k_isrealm(realm))
-	    errx(1, "bad Kerberos realm format");
-    }
-    if (lflag) {
-	 printf("Kerberos ticket lifetime (minutes): ");
-	 get_input(buf, sizeof(buf), stdin);
-	 lifetime = atoi(buf);
-	 if (lifetime < 5)
-	      lifetime = 1;
-	 else
-	      lifetime = krb_time_to_life(0, lifetime*60);
-	 /* This should be changed if the maximum ticket lifetime */
-	 /* changes */
-	 if (lifetime > 255)
-	      lifetime = 255;
-    }
-    if (!*realm && krb_get_lrealm(realm, 1))
-	errx(1, "krb_get_lrealm failed");
-    k_errno = krb_get_pw_in_tkt(aname, inst, realm,
-				pflag ? PWSERV_NAME : 
-				KRB_TICKET_GRANTING_TICKET,
-				pflag ? KADM_SINST  : realm,
-				lifetime, 0);
-    if (vflag) {
-	printf("Kerberos realm %s:\n", realm);
-	printf("Ticket file: %s\n", tkt_string());
-	printf("%s\n", krb_get_err_text(k_errno));
-    } else if (k_errno)
-	errx(1, "%s", krb_get_err_text(k_errno));
-    exit(0);
-}
diff --git a/crypto/kerberosIV/kuser/klist.c b/crypto/kerberosIV/kuser/klist.c
deleted file mode 100644
index faf7d6bd6a07..000000000000
--- a/crypto/kerberosIV/kuser/klist.c
+++ /dev/null
@@ -1,314 +0,0 @@
-/*
- * Copyright 1987, 1988 by the Massachusetts Institute of Technology. 
- *
- * For copying and distribution information, please see the file
- * <mit-copyright.h>. 
- *
- * Lists your current Kerberos tickets.
- * Written by Bill Sommerfeld, MIT Project Athena.
- */
-
-#include "kuser_locl.h"
-
-#if defined(HAVE_SYS_IOCTL_H) && SunOS != 4
-#include <sys/ioctl.h>
-#endif
-
-#ifdef HAVE_SYS_IOCCOM_H
-#include <sys/ioccom.h>
-#endif
-
-#include <kafs.h>
-
-RCSID("$Id: klist.c,v 1.28 1997/05/26 17:33:50 bg Exp $");
-
-static int option_verbose = 0;
-
-static char *
-short_date(int32_t dp)
-{
-    char *cp;
-    time_t t = (time_t)dp;
-
-    if (t == (time_t)(-1L)) return "***  Never  *** ";
-    cp = ctime(&t) + 4;
-    cp[15] = '\0';
-    return (cp);
-}
-
-static void
-display_tktfile(char *file, int tgt_test, int long_form)
-{
-    krb_principal pr;
-    char    buf1[20], buf2[20];
-    int     k_errno;
-    CREDENTIALS c;
-    int     header = 1;
-
-    if ((file == NULL) && ((file = getenv("KRBTKFILE")) == NULL))
-	file = TKT_FILE;
-
-    if (long_form)
-	printf("Ticket file:	%s\n", file);
-
-    /* 
-     * Since krb_get_tf_realm will return a ticket_file error, 
-     * we will call tf_init and tf_close first to filter out
-     * things like no ticket file.  Otherwise, the error that 
-     * the user would see would be 
-     * klist: can't find realm of ticket file: No ticket file (tf_util)
-     * instead of
-     * klist: No ticket file (tf_util)
-     */
-
-    /* Open ticket file */
-    if ((k_errno = tf_init(file, R_TKT_FIL))) {
-	if (!tgt_test)
-	    warnx("%s", krb_get_err_text(k_errno));
-	exit(1);
-    }
-    /* Close ticket file */
-    tf_close();
-
-    /* 
-     * We must find the realm of the ticket file here before calling
-     * tf_init because since the realm of the ticket file is not
-     * really stored in the principal section of the file, the
-     * routine we use must itself call tf_init and tf_close.
-     */
-    if ((k_errno = krb_get_tf_realm(file, pr.realm)) != KSUCCESS) {
-	if (!tgt_test)
-	    warnx("can't find realm of ticket file: %s", 
-		  krb_get_err_text(k_errno));
-	exit(1);
-    }
-
-    /* Open ticket file */
-    if ((k_errno = tf_init(file, R_TKT_FIL))) {
-	if (!tgt_test)
-	    warnx("%s", krb_get_err_text(k_errno));
-	exit(1);
-    }
-    /* Get principal name and instance */
-    if ((k_errno = tf_get_pname(pr.name)) ||
-	(k_errno = tf_get_pinst(pr.instance))) {
-	if (!tgt_test)
-	    warnx("%s", krb_get_err_text(k_errno));
-	exit(1);
-    }
-
-    /* 
-     * You may think that this is the obvious place to get the
-     * realm of the ticket file, but it can't be done here as the
-     * routine to do this must open the ticket file.  This is why 
-     * it was done before tf_init.
-     */
-       
-    if (!tgt_test && long_form)
-	printf("Principal:\t%s\n\n", krb_unparse_name(&pr));
-    while ((k_errno = tf_get_cred(&c)) == KSUCCESS) {
-	if (!tgt_test && long_form && header) {
-	    printf("%-15s  %-15s  %s%s\n",
-		   "  Issued", "  Expires", "  Principal", 
-		   option_verbose ? " (kvno)" : "");
-	    header = 0;
-	}
-	if (tgt_test) {
-	    c.issue_date = krb_life_to_time(c.issue_date, c.lifetime);
-	    if (!strcmp(c.service, KRB_TICKET_GRANTING_TICKET) &&
-		!strcmp(c.instance, pr.realm)) {
-		if (time(0) < c.issue_date)
-		    exit(0);		/* tgt hasn't expired */
-		else
-		    exit(1);		/* has expired */
-	    }
-	    continue;			/* not a tgt */
-	}
-	if (long_form) {
-	    strcpy(buf1, short_date(c.issue_date));
-	    c.issue_date = krb_life_to_time(c.issue_date, c.lifetime);
-	    if (time(0) < (unsigned long) c.issue_date)
-	        strcpy(buf2, short_date(c.issue_date));
-	    else
-	        strcpy(buf2, ">>> Expired <<<");
-	    printf("%s  %s  ", buf1, buf2);
-	}
-	printf("%s", krb_unparse_name_long(c.service, c.instance, c.realm));
-	if(long_form && option_verbose)
-	  printf(" (%d)", c.kvno);
-	printf("\n");
-    }
-    if (tgt_test)
-	exit(1);			/* no tgt found */
-    if (header && long_form && k_errno == EOF) {
-	printf("No tickets in file.\n");
-    }
-}
-
-/* adapted from getst() in librkb */
-/*
- * ok_getst() takes a file descriptor, a string and a count.  It reads
- * from the file until either it has read "count" characters, or until
- * it reads a null byte.  When finished, what has been read exists in
- * the given string "s".  If "count" characters were actually read, the
- * last is changed to a null, so the returned string is always null-
- * terminated.  ok_getst() returns the number of characters read, including
- * the null terminator.
- *
- * If there is a read error, it returns -1 (like the read(2) system call)
- */
-
-static int
-ok_getst(int fd, char *s, int n)
-{
-    int count = n;
-    int err;
-    while ((err = read(fd, s, 1)) > 0 && --count)
-        if (*s++ == '\0')
-            return (n - count);
-    if (err < 0)
-	return(-1);
-    *s = '\0';
-    return (n - count);
-}
-
-static void
-display_tokens()
-{
-    u_int32_t i;
-    unsigned char t[128];
-    struct ViceIoctl parms;
-    struct ClearToken ct;
-    int size_secret_tok, size_public_tok;
-
-    parms.in = (void *)&i;
-    parms.in_size = sizeof(i);
-    parms.out = (void *)t;
-    parms.out_size = sizeof(t);
-
-    for (i = 0; k_pioctl(NULL, VIOCGETTOK, &parms, 0) == 0; i++) {
-        char *cell;
-	memcpy(&size_secret_tok, t, 4);
-	memcpy(&size_public_tok, t + 4 + size_secret_tok, 4);
-	memcpy(&ct, t + 4 + size_secret_tok + 4, size_public_tok);
-	cell = t + 4 + size_secret_tok + 4 + size_public_tok + 4;
-
-	printf("%-15s  ", short_date(ct.BeginTimestamp));
-	printf("%-15s  ", short_date(ct.EndTimestamp));
-	if ((ct.EndTimestamp - ct.BeginTimestamp) & 1)
-	  printf("User's (AFS ID %d) tokens for %s", ct.ViceId, cell);
-	else
-	  printf("Tokens for %s", cell);
-	if (option_verbose)
-	    printf(" (%d)", ct.AuthHandle);
-	putchar('\n');
-    }
-}
-
-static void
-display_srvtab(char *file)
-{
-    int stab;
-    char serv[SNAME_SZ];
-    char inst[INST_SZ];
-    char rlm[REALM_SZ];
-    unsigned char key[8];
-    unsigned char vno;
-    int count;
-
-    printf("Server key file:   %s\n", file);
-	
-    if ((stab = open(file, O_RDONLY, 0400)) < 0) {
-	perror(file);
-	exit(1);
-    }
-    printf("%-15s %-15s %-10s %s\n","Service","Instance","Realm",
-	   "Key Version");
-    printf("------------------------------------------------------\n");
-
-    /* argh. getst doesn't return error codes, it silently fails */
-    while (((count = ok_getst(stab, serv, SNAME_SZ)) > 0)
-	   && ((count = ok_getst(stab, inst, INST_SZ)) > 0)
-	   && ((count = ok_getst(stab, rlm, REALM_SZ)) > 0)) {
-	if (((count = read(stab,  &vno,1)) != 1) ||
-	     ((count = read(stab, key,8)) != 8)) {
-	    if (count < 0)
-		err(1, "reading from key file");
-	    else
-		errx(1, "key file truncated");
-	}
-	printf("%-15s %-15s %-15s %d\n",serv,inst,rlm,vno);
-    }
-    if (count < 0)
-	warn(file);
-    close(stab);
-}
-
-static void
-usage(void)
-{
-    fprintf(stderr,
-	    "Usage: %s [ -v | -s | -t ] [ -f filename ] [-tokens] [-srvtab ]\n",
-	    __progname);
-    exit(1);
-}
-
-/* ARGSUSED */
-int
-main(int argc, char **argv)
-{
-    int     long_form = 1;
-    int     tgt_test = 0;
-    int     do_srvtab = 0;
-    int     do_tokens = 0;
-    char   *tkt_file = NULL;
-
-    set_progname(argv[0]);
-
-    while (*(++argv)) {
-	if (!strcmp(*argv, "-v")) {
-	    option_verbose = 1;
-	    continue;
-	}
-	if (!strcmp(*argv, "-s")) {
-	    long_form = 0;
-	    continue;
-	}
-	if (!strcmp(*argv, "-t")) {
-	    tgt_test = 1;
-	    long_form = 0;
-	    continue;
-	}
-	if (strcmp(*argv, "-tokens") == 0
-	    || strcmp(*argv, "-T") == 0) {
-	    do_tokens = k_hasafs();
-	    continue;
-	}
-	if (!strcmp(*argv, "-l")) {	/* now default */
-	    continue;
-	}
-	if (!strncmp(*argv, "-f", 2)) {
-	    if (*(++argv)) {
-		tkt_file = *argv;
-		continue;
-	    } else
-		usage();
-	}
-	if (!strcmp(*argv, "-srvtab")) {
-		if (tkt_file == NULL)	/* if no other file spec'ed,
-					   set file to default srvtab */
-		    tkt_file = KEYFILE;
-		do_srvtab = 1;
-		continue;
-	}
-	usage();
-    }
-
-    if (do_srvtab)
-	display_srvtab(tkt_file);
-    else
-	display_tktfile(tkt_file, tgt_test, long_form);
-    if (long_form && do_tokens)
-	display_tokens();
-    exit(0);
-}
diff --git a/crypto/kerberosIV/kuser/kuser_locl.h b/crypto/kerberosIV/kuser/kuser_locl.h
deleted file mode 100644
index 514a0ac5e597..000000000000
--- a/crypto/kerberosIV/kuser/kuser_locl.h
+++ /dev/null
@@ -1,86 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* $Id: kuser_locl.h,v 1.10 1997/05/20 18:40:43 bg Exp $ */
-
-#include "config.h"
-#include "protos.h"
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-#include <time.h>
-#ifdef HAVE_SYS_FILE_H
-#include <sys/file.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-
-#ifdef HAVE_PWD_H
-#include <pwd.h>
-#endif
-
-#ifdef SOCKS
-#include <socks.h>
-#endif
-
-#include <roken.h>
-
-#include <err.h>
-
-#include <krb.h>
-#include <krb_db.h>
-#include <kadm.h>
-#include <prot.h>
diff --git a/crypto/kerberosIV/lib/Makefile.in b/crypto/kerberosIV/lib/Makefile.in
deleted file mode 100644
index b2e662c26e8f..000000000000
--- a/crypto/kerberosIV/lib/Makefile.in
+++ /dev/null
@@ -1,46 +0,0 @@
-#
-# $Id: Makefile.in,v 1.21 1997/05/20 18:58:40 bg Exp $
-#
-
-srcdir		= @srcdir@
-VPATH		= @srcdir@
-
-SHELL		= /bin/sh
-
-@SET_MAKE@
-
-SUBDIRS		= des krb kdb kadm acl kafs roken otp auth sl editline
-
-all:
-		for i in $(SUBDIRS); \
-		do (cd $$i && $(MAKE) $(MFLAGS) all); done
-
-Wall:
-		make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__"
-
-install:
-		for i in $(SUBDIRS); \
-		do (cd $$i && $(MAKE) $(MFLAGS) install); done
-
-uninstall:
-		for i in $(SUBDIRS); \
-		do (cd $$i && $(MAKE) $(MFLAGS) uninstall); done
-
-check:		all
-		for i in $(SUBDIRS); \
-		do (cd $$i && $(MAKE) $(MFLAGS) check); done
-
-clean:
-		for i in $(SUBDIRS); \
-		do (cd $$i && $(MAKE) $(MFLAGS) clean); done
-
-mostlyclean:	clean
-
-distclean:
-		for i in $(SUBDIRS); \
-		do (cd $$i && $(MAKE) $(MFLAGS) distclean); done
-		rm -f Makefile config.status *~
-
-realclean:
-		for i in $(SUBDIRS); \
-		do (cd $$i && $(MAKE) $(MFLAGS) realclean); done
diff --git a/crypto/kerberosIV/lib/acl/Makefile.in b/crypto/kerberosIV/lib/acl/Makefile.in
deleted file mode 100644
index 59894e488c07..000000000000
--- a/crypto/kerberosIV/lib/acl/Makefile.in
+++ /dev/null
@@ -1,84 +0,0 @@
-#
-# $Id: Makefile.in,v 1.21 1997/05/06 03:46:37 assar Exp $
-#
-
-SHELL = /bin/sh
-
-srcdir = @srcdir@
-VPATH = @srcdir@
-
-CC = @CC@
-AR = ar
-RANLIB = @RANLIB@
-DEFS = @DEFS@
-CFLAGS = @CFLAGS@
-
-INSTALL = @INSTALL@
-INSTALL_DATA	= @INSTALL_DATA@
-MKINSTALLDIRS = @top_srcdir@/mkinstalldirs
-
-prefix = @prefix@
-exec_prefix = @exec_prefix@
-libdir = @libdir@
-
-PICFLAGS = # @PICFLAGS@
-
-LIBNAME = $(LIBPREFIX)acl
-#LIBEXT = @LIBEXT@ Always build archive library!
-LIBEXT = a
-LIBPREFIX = @LIBPREFIX@
-SHLIBEXT = @SHLIBEXT@
-LDSHARED = @LDSHARED@
-LIB = $(LIBNAME).$(LIBEXT)
-
-SOURCES = acl_files.c
-
-OBJECTS = acl_files.o
-
-all: $(LIB)
-
-Wall:
-	make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__"
-
-.c.o:
-	$(CC) -c $(CPPFLAGS) $(DEFS) -I../../include -I$(srcdir) $(CFLAGS) $(PICFLAGS) $<
-
-install: all
-	$(MKINSTALLDIRS) $(libdir)
-	$(INSTALL_DATA) -m 0555 $(LIB) $(libdir)
-
-uninstall:
-	rm -f $(libdir)/$(LIB)
-
-TAGS: $(SOURCES)
-	etags $(SOURCES)
-
-check:
-
-clean:
-	rm -f $(LIB) *.o *.a
-
-mostlyclean: clean
-
-distclean: clean
-	rm -f Makefile *.tab.c *~
-
-realclean: distclean
-	rm -f TAGS
-
-dist: $(DISTFILES)
-	for file in $(DISTFILES); do \
-	  ln $$file ../`cat ../.fname`/lib \
-	    || cp -p $$file ../`cat ../.fname`/lib; \
-	done
-
-$(LIBNAME).a: $(OBJECTS)
-	rm -f $@
-	$(AR) cr $@ $(OBJECTS)
-	-$(RANLIB) $@
-
-$(LIBNAME).$(SHLIBEXT): $(OBJECTS)
-	rm -f $@
-	$(LDSHARED) -o $@ $(OBJECTS)
-
-$(OBJECTS): ../../include/config.h
diff --git a/crypto/kerberosIV/lib/acl/acl.h b/crypto/kerberosIV/lib/acl/acl.h
deleted file mode 100644
index 305b66c9db2a..000000000000
--- a/crypto/kerberosIV/lib/acl/acl.h
+++ /dev/null
@@ -1,53 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* $Id: acl.h,v 1.5 1997/04/01 08:17:52 joda Exp $ */
-
-#ifndef __ACL_H
-#define __ACL_H
-
-#include <sys/cdefs.h>
-
-void acl_canonicalize_principal __P((char *principal, char *canon));
-int acl_initialize __P((char *acl_file, int perm));
-int acl_exact_match __P((char *acl, char *principal));
-int acl_check __P((char *acl, char *principal));
-int acl_add __P((char *acl, char *principal));
-int acl_delete __P((char *acl, char *principal));
-
-#endif /* __ACL_H */
diff --git a/crypto/kerberosIV/lib/acl/acl_files.c b/crypto/kerberosIV/lib/acl/acl_files.c
deleted file mode 100644
index fc00b8016be0..000000000000
--- a/crypto/kerberosIV/lib/acl/acl_files.c
+++ /dev/null
@@ -1,540 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-#include "config.h"
-#include "protos.h"
-
-RCSID("$Id: acl_files.c,v 1.10 1997/05/02 14:28:56 assar Exp $");
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#include <time.h>
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-#ifdef HAVE_SYS_FILE_H
-#include <sys/file.h>
-#endif
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
-
-#include <errno.h>
-#include <ctype.h>
-
-#include <roken.h>
-
-#include <krb.h>
-#include <acl.h>
-
-/*** Routines for manipulating access control list files ***/
-
-/* "aname.inst@realm" */
-#define MAX_PRINCIPAL_SIZE  (ANAME_SZ + INST_SZ + REALM_SZ + 3)
-#define INST_SEP '.'
-#define REALM_SEP '@'
-
-#define LINESIZE 2048		/* Maximum line length in an acl file */
-
-#define NEW_FILE "%s.~NEWACL~"	/* Format for name of altered acl file */
-#define WAIT_TIME 300		/* Maximum time allowed write acl file */
-
-#define CACHED_ACLS 8		/* How many acls to cache */
-				/* Each acl costs 1 open file descriptor */
-#define ACL_LEN 16		/* Twice a reasonable acl length */
-
-#define COR(a,b) ((a!=NULL)?(a):(b))
-
-/* Canonicalize a principal name */
-/* If instance is missing, it becomes "" */
-/* If realm is missing, it becomes the local realm */
-/* Canonicalized form is put in canon, which must be big enough to hold
-   MAX_PRINCIPAL_SIZE characters */
-void
-acl_canonicalize_principal(char *principal, char *canon)
-{
-    char *dot, *atsign, *end;
-    int len;
-
-    dot = strchr(principal, INST_SEP);
-    atsign = strchr(principal, REALM_SEP);
-
-    /* Maybe we're done already */
-    if(dot != NULL && atsign != NULL) {
-	if(dot < atsign) {
-	    /* It's for real */
-	    /* Copy into canon */
-	    strncpy(canon, principal, MAX_PRINCIPAL_SIZE);
-	    canon[MAX_PRINCIPAL_SIZE-1] = '\0';
-	    return;
-	} else {
-	    /* Nope, it's part of the realm */
-	    dot = NULL;
-	}
-    }
-    
-    /* No such luck */
-    end = principal + strlen(principal);
-
-    /* Get the principal name */
-    len = min(ANAME_SZ, COR(dot, COR(atsign, end)) - principal);
-    strncpy(canon, principal, len);
-    canon += len;
-
-    /* Add INST_SEP */
-    *canon++ = INST_SEP;
-
-    /* Get the instance, if it exists */
-    if(dot != NULL) {
-	++dot;
-	len = min(INST_SZ, COR(atsign, end) - dot);
-	strncpy(canon, dot, len);
-	canon += len;
-    }
-
-    /* Add REALM_SEP */
-    *canon++ = REALM_SEP;
-
-    /* Get the realm, if it exists */
-    /* Otherwise, default to local realm */
-    if(atsign != NULL) {
-	++atsign;
-	len = min(REALM_SZ, end - atsign);
-	strncpy(canon, atsign, len);
-	canon += len;
-	*canon++ = '\0';
-    } else if(krb_get_lrealm(canon, 1) != KSUCCESS) {
-	strcpy(canon, KRB_REALM);
-    }
-}
-	    
-/* Get a lock to modify acl_file */
-/* Return new FILE pointer */
-/* or NULL if file cannot be modified */
-/* REQUIRES WRITE PERMISSION TO CONTAINING DIRECTORY */
-static
-FILE *acl_lock_file(char *acl_file)
-{
-    struct stat s;
-    char new[LINESIZE];
-    int nfd;
-    FILE *nf;
-    int mode;
-
-    if(stat(acl_file, &s) < 0) return(NULL);
-    mode = s.st_mode;
-    snprintf(new, sizeof(new), NEW_FILE, acl_file);
-    for(;;) {
-	/* Open the new file */
-	if((nfd = open(new, O_WRONLY|O_CREAT|O_EXCL, mode)) < 0) {
-	    if(errno == EEXIST) {
-		/* Maybe somebody got here already, maybe it's just old */
-		if(stat(new, &s) < 0) return(NULL);
-		if(time(0) - s.st_ctime > WAIT_TIME) {
-		    /* File is stale, kill it */
-		    unlink(new);
-		    continue;
-		} else {
-		    /* Wait and try again */
-		    sleep(1);
-		    continue;
-		}
-	    } else {
-		/* Some other error, we lose */
-		return(NULL);
-	    }
-	}
-
-	/* If we got to here, the lock file is ours and ok */
-	/* Reopen it under stdio */
-	if((nf = fdopen(nfd, "w")) == NULL) {
-	    /* Oops, clean up */
-	    unlink(new);
-	}
-	return(nf);
-    }
-}
-
-/* Abort changes to acl_file written onto FILE *f */
-/* Returns 0 if successful, < 0 otherwise */
-/* Closes f */
-static int
-acl_abort(char *acl_file, FILE *f)
-{
-    char new[LINESIZE];
-    int ret;
-    struct stat s;
-
-    /* make sure we aren't nuking someone else's file */
-    if(fstat(fileno(f), &s) < 0
-       || s.st_nlink == 0) {
-	   fclose(f);
-	   return(-1);
-       } else {
-	   snprintf(new, sizeof(new), NEW_FILE, acl_file);
-	   ret = unlink(new);
-	   fclose(f);
-	   return(ret);
-       }
-}
-
-/* Commit changes to acl_file written onto FILE *f */
-/* Returns zero if successful */
-/* Returns > 0 if lock was broken */
-/* Returns < 0 if some other error occurs */
-/* Closes f */
-static int
-acl_commit(char *acl_file, FILE *f)
-{
-    char new[LINESIZE];
-    int ret;
-    struct stat s;
-
-    snprintf(new, sizeof(new), NEW_FILE, acl_file);
-    if(fflush(f) < 0
-       || fstat(fileno(f), &s) < 0
-       || s.st_nlink == 0) {
-	acl_abort(acl_file, f);
-	return(-1);
-    }
-
-    ret = rename(new, acl_file);
-    fclose(f);
-    return(ret);
-}
-
-/* Initialize an acl_file */
-/* Creates the file with permissions perm if it does not exist */
-/* Erases it if it does */
-/* Returns return value of acl_commit */
-int
-acl_initialize(char *acl_file, int perm)
-{
-    FILE *new;
-    int fd;
-
-    /* Check if the file exists already */
-    if((new = acl_lock_file(acl_file)) != NULL) {
-	return(acl_commit(acl_file, new));
-    } else {
-	/* File must be readable and writable by owner */
-	if((fd = open(acl_file, O_CREAT|O_EXCL, perm|0600)) < 0) {
-	    return(-1);
-	} else {
-	    close(fd);
-	    return(0);
-	}
-    }
-}
-
-/* Eliminate all whitespace character in buf */
-/* Modifies its argument */
-static void
- nuke_whitespace(char *buf)
-{
-    char *pin, *pout;
-
-    for(pin = pout = buf; *pin != '\0'; pin++)
-	if(!isspace(*pin)) *pout++ = *pin;
-    *pout = '\0';		/* Terminate the string */
-}
-
-/* Hash table stuff */
-
-struct hashtbl {
-    int size;			/* Max number of entries */
-    int entries;		/* Actual number of entries */
-    char **tbl;			/* Pointer to start of table */
-};
-
-/* Make an empty hash table of size s */
-static struct hashtbl *
-make_hash(int size)
-{
-    struct hashtbl *h;
-
-    if(size < 1) size = 1;
-    h = (struct hashtbl *) malloc(sizeof(struct hashtbl));
-    h->size = size;
-    h->entries = 0;
-    h->tbl = (char **) calloc(size, sizeof(char *));
-    return(h);
-}
-
-/* Destroy a hash table */
-static void
-destroy_hash(struct hashtbl *h)
-{
-    int i;
-
-    for(i = 0; i < h->size; i++) {
-	if(h->tbl[i] != NULL) free(h->tbl[i]);
-    }
-    free(h->tbl);
-    free(h);
-}
-
-/* Compute hash value for a string */
-static unsigned int
-hashval(char *s)
-{
-    unsigned hv;
-
-    for(hv = 0; *s != '\0'; s++) {
-	hv ^= ((hv << 3) ^ *s);
-    }
-    return(hv);
-}
-
-/* Add an element to a hash table */
-static void
-add_hash(struct hashtbl *h, char *el)
-{
-    unsigned hv;
-    char *s;
-    char **old;
-    int i;
-
-    /* Make space if it isn't there already */
-    if(h->entries + 1 > (h->size >> 1)) {
-	old = h->tbl;
-	h->tbl = (char **) calloc(h->size << 1, sizeof(char *));
-	for(i = 0; i < h->size; i++) {
-	    if(old[i] != NULL) {
-		hv = hashval(old[i]) % (h->size << 1);
-		while(h->tbl[hv] != NULL) hv = (hv+1) % (h->size << 1);
-		h->tbl[hv] = old[i];
-	    }
-	}
-	h->size = h->size << 1;
-	free(old);
-    }
-
-    hv = hashval(el) % h->size;
-    while(h->tbl[hv] != NULL && strcmp(h->tbl[hv], el)) hv = (hv+1) % h->size;
-    s = strdup(el);
-    h->tbl[hv] = s;
-    h->entries++;
-}
-
-/* Returns nonzero if el is in h */
-static int
-check_hash(struct hashtbl *h, char *el)
-{
-    unsigned hv;
-
-    for(hv = hashval(el) % h->size;
-	h->tbl[hv] != NULL;
-	hv = (hv + 1) % h->size) {
-	    if(!strcmp(h->tbl[hv], el)) return(1);
-	}
-    return(0);
-}
-
-struct acl {
-    char filename[LINESIZE];	/* Name of acl file */
-    int fd;			/* File descriptor for acl file */
-    struct stat status;		/* File status at last read */
-    struct hashtbl *acl;	/* Acl entries */
-};
-
-static struct acl acl_cache[CACHED_ACLS];
-
-static int acl_cache_count = 0;
-static int acl_cache_next = 0;
-
-/* Returns < 0 if unsuccessful in loading acl */
-/* Returns index into acl_cache otherwise */
-/* Note that if acl is already loaded, this is just a lookup */
-static int
-acl_load(char *name)
-{
-    int i;
-    FILE *f;
-    struct stat s;
-    char buf[MAX_PRINCIPAL_SIZE];
-    char canon[MAX_PRINCIPAL_SIZE];
-
-    /* See if it's there already */
-    for(i = 0; i < acl_cache_count; i++) {
-	if(!strcmp(acl_cache[i].filename, name)
-	   && acl_cache[i].fd >= 0) goto got_it;
-    }
-
-    /* It isn't, load it in */
-    /* maybe there's still room */
-    if(acl_cache_count < CACHED_ACLS) {
-	i = acl_cache_count++;
-    } else {
-	/* No room, clean one out */
-	i = acl_cache_next;
-	acl_cache_next = (acl_cache_next + 1) % CACHED_ACLS;
-	close(acl_cache[i].fd);
-	if(acl_cache[i].acl) {
-	    destroy_hash(acl_cache[i].acl);
-	    acl_cache[i].acl = (struct hashtbl *) 0;
-	}
-    }
-
-    /* Set up the acl */
-    strcpy(acl_cache[i].filename, name);
-    if((acl_cache[i].fd = open(name, O_RDONLY, 0)) < 0) return(-1);
-    /* Force reload */
-    acl_cache[i].acl = (struct hashtbl *) 0;
-
- got_it:
-    /*
-     * See if the stat matches
-     *
-     * Use stat(), not fstat(), as the file may have been re-created by
-     * acl_add or acl_delete.  If this happens, the old inode will have
-     * no changes in the mod-time and the following test will fail.
-     */
-    if(stat(acl_cache[i].filename, &s) < 0) return(-1);
-    if(acl_cache[i].acl == (struct hashtbl *) 0
-       || s.st_nlink != acl_cache[i].status.st_nlink
-       || s.st_mtime != acl_cache[i].status.st_mtime
-       || s.st_ctime != acl_cache[i].status.st_ctime) {
-	   /* Gotta reload */
-	   if(acl_cache[i].fd >= 0) close(acl_cache[i].fd);
-	   if((acl_cache[i].fd = open(name, O_RDONLY, 0)) < 0) return(-1);
-	   if((f = fdopen(acl_cache[i].fd, "r")) == NULL) return(-1);
-	   if(acl_cache[i].acl) destroy_hash(acl_cache[i].acl);
-	   acl_cache[i].acl = make_hash(ACL_LEN);
-	   while(fgets(buf, sizeof(buf), f) != NULL) {
-	       nuke_whitespace(buf);
-	       acl_canonicalize_principal(buf, canon);
-	       add_hash(acl_cache[i].acl, canon);
-	   }
-	   fclose(f);
-	   acl_cache[i].status = s;
-       }
-    return(i);
-}
-
-/* Returns nonzero if it can be determined that acl contains principal */
-/* Principal is not canonicalized, and no wildcarding is done */
-int
-acl_exact_match(char *acl, char *principal)
-{
-    int idx;
-
-    return((idx = acl_load(acl)) >= 0
-	   && check_hash(acl_cache[idx].acl, principal));
-}
-
-/* Returns nonzero if it can be determined that acl contains principal */
-/* Recognizes wildcards in acl of the form
-   name.*@realm, *.*@realm, and *.*@* */
-int
-acl_check(char *acl, char *principal)
-{
-    char buf[MAX_PRINCIPAL_SIZE];
-    char canon[MAX_PRINCIPAL_SIZE];
-    char *realm;
-
-    acl_canonicalize_principal(principal, canon);
-
-    /* Is it there? */
-    if(acl_exact_match(acl, canon)) return(1);
-
-    /* Try the wildcards */
-    realm = strchr(canon, REALM_SEP);
-    *strchr(canon, INST_SEP) = '\0';	/* Chuck the instance */
-
-    snprintf(buf, sizeof(buf), "%s.*%s", canon, realm);
-    if(acl_exact_match(acl, buf)) return(1);
-
-    snprintf(buf, sizeof(buf), "*.*%s", realm);
-    if(acl_exact_match(acl, buf) || acl_exact_match(acl, "*.*@*")) return(1);
-       
-    return(0);
-}
-
-/* Adds principal to acl */
-/* Wildcards are interpreted literally */
-int
-acl_add(char *acl, char *principal)
-{
-    int idx;
-    int i;
-    FILE *new;
-    char canon[MAX_PRINCIPAL_SIZE];
-
-    acl_canonicalize_principal(principal, canon);
-
-    if((new = acl_lock_file(acl)) == NULL) return(-1);
-    if((acl_exact_match(acl, canon))
-       || (idx = acl_load(acl)) < 0) {
-	   acl_abort(acl, new);
-	   return(-1);
-       }
-    /* It isn't there yet, copy the file and put it in */
-    for(i = 0; i < acl_cache[idx].acl->size; i++) {
-	if(acl_cache[idx].acl->tbl[i] != NULL) {
-	    if(fputs(acl_cache[idx].acl->tbl[i], new) == EOF
-	       || putc('\n', new) != '\n') {
-		   acl_abort(acl, new);
-		   return(-1);
-	       }
-	}
-    }
-    fputs(canon, new);
-    putc('\n', new);
-    return(acl_commit(acl, new));
-}
-
-/* Removes principal from acl */
-/* Wildcards are interpreted literally */
-int
-acl_delete(char *acl, char *principal)
-{
-    int idx;
-    int i;
-    FILE *new;
-    char canon[MAX_PRINCIPAL_SIZE];
-
-    acl_canonicalize_principal(principal, canon);
-
-    if((new = acl_lock_file(acl)) == NULL) return(-1);
-    if((!acl_exact_match(acl, canon))
-       || (idx = acl_load(acl)) < 0) {
-	   acl_abort(acl, new);
-	   return(-1);
-       }
-    /* It isn't there yet, copy the file and put it in */
-    for(i = 0; i < acl_cache[idx].acl->size; i++) {
-	if(acl_cache[idx].acl->tbl[i] != NULL
-	   && strcmp(acl_cache[idx].acl->tbl[i], canon)) {
-	       fputs(acl_cache[idx].acl->tbl[i], new);
-	       putc('\n', new);
-	}
-    }
-    return(acl_commit(acl, new));
-}
diff --git a/crypto/kerberosIV/lib/acl/acl_files.doc b/crypto/kerberosIV/lib/acl/acl_files.doc
deleted file mode 100644
index 78c448a6d698..000000000000
--- a/crypto/kerberosIV/lib/acl/acl_files.doc
+++ /dev/null
@@ -1,107 +0,0 @@
-PROTOTYPE ACL LIBRARY
-
-Introduction
-	
-An access control list (ACL) is a list of principals, where each
-principal is is represented by a text string which cannot contain
-whitespace.  The library allows application programs to refer to named
-access control lists to test membership and to atomically add and
-delete principals using a natural and intuitive interface.  At
-present, the names of access control lists are required to be Unix
-filenames, and refer to human-readable Unix files; in the future, when
-a networked ACL server is implemented, the names may refer to a
-different namespace specific to the ACL service.
-
-
-Usage
-
-cc <files> -lacl -lkrb.
-
-
-
-Principal Names
-
-Principal names have the form
-
-<name>[.<instance>][@<realm>]
-
-e.g.
-
-asp
-asp.root
-asp@ATHENA.MIT.EDU
-asp.@ATHENA.MIT.EDU
-asp.root@ATHENA.MIT.EDU
-
-It is possible for principals to be underspecified.  If instance is
-missing, it is assumed to be "".  If realm is missing, it is assumed
-to be local_realm.  The canonical form contains all of name, instance,
-and realm; the acl_add and acl_delete routines will always
-leave the file in that form.  Note that the canonical form of
-asp@ATHENA.MIT.EDU is actually asp.@ATHENA.MIT.EDU.
-
-
-Routines
-
-acl_canonicalize_principal(principal, buf)
-char *principal;
-char *buf;  	/*RETVAL*/
-
-Store the canonical form of principal in buf.  Buf must contain enough
-space to store a principal, given the limits on the sizes of name,
-instance, and realm specified in /usr/include/krb.h.
-
-acl_check(acl, principal)
-char *acl;
-char *principal;
-
-Returns nonzero if principal appears in acl.  Returns 0 if principal
-does not appear in acl, or if an error occurs.  Canonicalizes
-principal before checking, and allows the ACL to contain wildcards.
-
-acl_exact_match(acl, principal)
-char *acl;
-char *principal;
-
-Like acl_check, but does no canonicalization or wildcarding.
-
-acl_add(acl, principal)
-char *acl;
-char *principal;
-
-Atomically adds principal to acl.  Returns 0 if successful, nonzero
-otherwise.  It is considered a failure if principal is already in acl.
-This routine will canonicalize principal, but will treat wildcards
-literally.
-
-acl_delete(acl, principal)
-char *acl;
-char *principal;
-
-Atomically deletes principal from acl.  Returns 0 if successful,
-nonzero otherwise.  It is consider a failure if principal is not
-already in acl.  This routine will canonicalize principal, but will
-treat wildcards literally.
-
-acl_initialize(acl, mode)
-char *acl;
-int mode;
-
-Initialize acl.  If acl file does not exist, creates it with mode
-mode.  If acl exists, removes all members.  Returns 0 if successful,
-nonzero otherwise.  WARNING: Mode argument is likely to change with
-the eventual introduction of an ACL service.  
-
-
-Known problems
-
-In the presence of concurrency, there is a very small chance that
-acl_add or acl_delete could report success even though it would have
-had no effect.  This is a necessary side effect of using lock files
-for concurrency control rather than flock(2), which is not supported
-by NFS.
-
-The current implementation caches ACLs in memory in a hash-table
-format for increased efficiency in checking membership; one effect of
-the caching scheme is that one file descriptor will be kept open for
-each ACL cached, up to a maximum of 8.
diff --git a/crypto/kerberosIV/lib/kadm/Makefile.in b/crypto/kerberosIV/lib/kadm/Makefile.in
deleted file mode 100644
index 1dafd4f9ff2f..000000000000
--- a/crypto/kerberosIV/lib/kadm/Makefile.in
+++ /dev/null
@@ -1,92 +0,0 @@
-#
-# $Id: Makefile.in,v 1.30 1997/05/06 03:47:28 assar Exp $
-#
-
-SHELL = /bin/sh
-
-srcdir = @srcdir@
-VPATH = @srcdir@
-
-CC = @CC@
-AR = ar
-RANLIB = @RANLIB@
-LN_S = @LN_S@
-DEFS = @DEFS@
-CFLAGS = @CFLAGS@
-
-INSTALL = @INSTALL@
-INSTALL_DATA	= @INSTALL_DATA@
-MKINSTALLDIRS = @top_srcdir@/mkinstalldirs
-
-COMPILE_ET = ../../util/et/compile_et$(EXECSUFFIX) -language ansi-c 
-
-prefix = @prefix@
-exec_prefix = @exec_prefix@
-libdir = @libdir@
-
-PICFLAGS = @PICFLAGS@
-
-LIBNAME = $(LIBPREFIX)kadm
-LIBEXT = @LIBEXT@
-LIBPREFIX = @LIBPREFIX@
-EXECSUFFIX = @EXECSUFFIX@
-SHLIBEXT = @SHLIBEXT@
-LDSHARED = @LDSHARED@
-LIB = $(LIBNAME).$(LIBEXT)
-
-SOURCES = kadm_cli_wrap.c kadm_err.c kadm_stream.c kadm_supp.c
-
-OBJECTS = kadm_cli_wrap.o kadm_err.o kadm_stream.o kadm_supp.o
-
-all: $(LIB)
-
-Wall:
-	make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__"
-
-.c.o:
-	$(CC) -c $(CPPFLAGS) $(DEFS) -I../../include -I$(srcdir) $(CFLAGS) $(PICFLAGS) $<
-
-install: all
-	$(MKINSTALLDIRS) $(libdir)
-	$(INSTALL_DATA) -m 0555 $(LIB) $(libdir)
-
-uninstall:
-	rm -f $(libdir)/$(LIB)
-
-TAGS: $(SOURCES)
-	etags $(SOURCES)
-
-check:
-
-clean:
-	rm -f $(LIB) *.o *.a kadm_err.c kadm_err.h
-
-mostlyclean: clean
-
-distclean: clean
-	rm -f Makefile *.tab.c *~
-
-realclean: distclean
-	rm -f TAGS
-
-dist: $(DISTFILES)
-	for file in $(DISTFILES); do \
-	  ln $$file ../`cat ../.fname`/lib \
-	    || cp -p $$file ../`cat ../.fname`/lib; \
-	done
-
-$(LIBNAME).a: $(OBJECTS)
-	rm -f $@
-	$(AR) cr $@ $(OBJECTS)
-	-$(RANLIB) $@
-
-$(LIBNAME).$(SHLIBEXT): $(OBJECTS)
-	rm -f $@
-	$(LDSHARED) -o $@ $(OBJECTS)
-
-kadm_err.c kadm_err.h: kadm_err.et
-	test -r kadm_err.et || (rm -f kadm_err.et && $(LN_S) $(srcdir)/kadm_err.et .)
-	$(COMPILE_ET) kadm_err.et
-
-$(OBJECTS): ../../include/config.h
-$(OBJECTS): kadm_err.h kadm_locl.h
diff --git a/crypto/kerberosIV/lib/kadm/kadm.h b/crypto/kerberosIV/lib/kadm/kadm.h
deleted file mode 100644
index d18f5921ce5b..000000000000
--- a/crypto/kerberosIV/lib/kadm/kadm.h
+++ /dev/null
@@ -1,143 +0,0 @@
-/*
- * $Id: kadm.h,v 1.12 1996/11/17 20:04:39 assar Exp $
- *
- * Copyright 1988 by the Massachusetts Institute of Technology.
- *
- * For copying and distribution information, please see the file
- * <mit-copyright.h>.
- *
- * Definitions for Kerberos administration server & client
- */
-
-#ifndef KADM_DEFS
-#define KADM_DEFS
-
-/*
- * kadm.h
- * Header file for the fourth attempt at an admin server
- * Doug Church, December 28, 1989, MIT Project Athena
- */
-
-#include <krb_db.h>
-
-/* The global structures for the client and server */
-typedef struct {
-  struct sockaddr_in admin_addr;
-  struct sockaddr_in my_addr;
-  int my_addr_len;
-  int admin_fd;			/* file descriptor for link to admin server */
-  char sname[ANAME_SZ];		/* the service name */
-  char sinst[INST_SZ];		/* the services instance */
-  char krbrlm[REALM_SZ];
-} Kadm_Client;
-
-typedef struct {		/* status of the server, i.e the parameters */
-   int inter;			/* Space for command line flags */
-   char *sysfile;		/* filename of server */
-} admin_params;			/* Well... it's the admin's parameters */
-
-/* Largest password length to be supported */
-#define MAX_KPW_LEN	128
-/* Minimum allowed password length */
-#define MIN_KPW_LEN	6
-
-/* Largest packet the admin server will ever allow itself to return */
-#define KADM_RET_MAX 2048
-
-/* That's right, versions are 8 byte strings */
-#define KADM_VERSTR	"KADM0.0A"
-#define KADM_ULOSE	"KYOULOSE"	/* sent back when server can't
-					   decrypt client's msg */
-#define KADM_VERSIZE strlen(KADM_VERSTR)
-
-/* the lookups for the server instances */
-#define PWSERV_NAME  "changepw"
-#define KADM_SNAME   "kerberos_master"
-#define KADM_PORT    751
-#define KADM_SINST   "kerberos"
-
-/* Attributes fields constants and macros */
-#define ALLOC        2
-#define RESERVED     3
-#define DEALLOC      4
-#define DEACTIVATED  5
-#define ACTIVE       6
-
-/* Kadm_vals structure for passing db fields into the server routines */
-#define FLDSZ        4
-
-typedef struct {
-    u_int8_t       fields[FLDSZ];     /* The active fields in this struct */
-    char           name[ANAME_SZ];
-    char           instance[INST_SZ];
-    u_int32_t  key_low;
-    u_int32_t  key_high;
-    u_int32_t  exp_date;
-    u_int16_t attributes;
-    u_int8_t  max_life;
-} Kadm_vals;                    /* The basic values structure in Kadm */
-
-/* Kadm_vals structure for passing db fields into the server routines */
-#define FLDSZ        4
-
-/* Need to define fields types here */
-#define KADM_NAME       31
-#define KADM_INST       30
-#define KADM_EXPDATE    29
-#define KADM_ATTR       28
-#define KADM_MAXLIFE    27
-#define KADM_DESKEY     26
-
-/* To set a field entry f in a fields structure d */
-#define SET_FIELD(f,d)  (d[3-(f/8)]|=(1<<(f%8)))
-
-/* To set a field entry f in a fields structure d */
-#define CLEAR_FIELD(f,d)  (d[3-(f/8)]&=(~(1<<(f%8))))
-
-/* Is field f in fields structure d */
-#define IS_FIELD(f,d)   (d[3-(f/8)]&(1<<(f%8)))
-
-/* Various return codes */
-#define KADM_SUCCESS    0
-
-#define WILDCARD_STR "*"
-
-enum acl_types {
-ADDACL,
-GETACL,
-MODACL,
-STABACL, /* not used */
-DELACL
-};
-
-/* Various opcodes for the admin server's functions */
-#define CHANGE_PW    2
-#define ADD_ENT      3
-#define MOD_ENT      4
-#define GET_ENT      5
-#define CHECK_PW     6 /* not used */
-#define CHG_STAB     7 /* not used */
-#define DEL_ENT	     8
-
-void prin_vals __P((Kadm_vals *));
-int stv_long __P((u_char *, u_int32_t *, int, int));
-int vts_long __P((u_int32_t, u_char **, int));
-int vts_string __P((char *, u_char **, int));
-int stv_string __P((u_char *, char *, int, int, int));
-
-int stream_to_vals __P((u_char *, Kadm_vals *, int));
-int vals_to_stream __P((Kadm_vals *, u_char **));
-
-int kadm_init_link __P((char *, char *, char *));
-int kadm_change_pw __P((unsigned char *));
-int kadm_change_pw_plain __P((unsigned char *, char *, char**));
-int kadm_mod __P((Kadm_vals *, Kadm_vals *));
-int kadm_get __P((Kadm_vals *, u_char *));
-int kadm_add __P((Kadm_vals *));
-int kadm_del __P((Kadm_vals *));
-void kadm_vals_to_prin __P((u_char *, Principal *, Kadm_vals *));
-void kadm_prin_to_vals __P((u_char *, Kadm_vals *, Principal *));
-
-
-
-#endif /* KADM_DEFS */
diff --git a/crypto/kerberosIV/lib/kadm/kadm_cli_wrap.c b/crypto/kerberosIV/lib/kadm/kadm_cli_wrap.c
deleted file mode 100644
index 1e5c4f36bde6..000000000000
--- a/crypto/kerberosIV/lib/kadm/kadm_cli_wrap.c
+++ /dev/null
@@ -1,545 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-/*
- * Kerberos administration server client-side routines
- */
-
-/*
- * kadm_cli_wrap.c the client side wrapping of the calls to the admin server 
- */
-
-#include "kadm_locl.h"
-
-RCSID("$Id: kadm_cli_wrap.c,v 1.21 1997/05/02 10:28:11 joda Exp $");
-
-#ifndef NULL
-#define NULL 0
-#endif
-
-static Kadm_Client client_parm;
-
-/* Macros for use in returning data... used in kadm_cli_send */
-#define RET_N_FREE(r) {clear_secrets(); free((char *)act_st); free((char *)priv_pak); return r;}
-
-/* Keys for use in the transactions */
-static des_cblock sess_key;	       /* to be filled in by kadm_cli_keyd */
-static des_key_schedule sess_sched;
-
-static void
-clear_secrets(void)
-{
-	memset(sess_key, 0, sizeof(sess_key));
-	memset(sess_sched, 0, sizeof(sess_sched));
-	return;
-}
-
-static RETSIGTYPE (*opipe)();
-
-static void
-kadm_cli_disconn(void)
-{
-    close(client_parm.admin_fd);
-    signal(SIGPIPE, opipe);
-    return;
-}
-
-/*
- * kadm_init_link
- *	receives    : name, inst, realm
- *
- * initializes client parm, the Kadm_Client structure which holds the 
- * data about the connection between the server and client, the services 
- * used, the locations and other fun things 
- */
-
-int
-kadm_init_link(char *n, char *i, char *r)
-{
-	struct hostent *hop;	       /* host we will talk to */
-	char adm_hostname[MaxHostNameLen];
-
-	init_kadm_err_tbl();
-	init_krb_err_tbl();
-	strcpy(client_parm.sname, n);
-	strcpy(client_parm.sinst, i);
-	strcpy(client_parm.krbrlm, r);
-	client_parm.admin_fd = -1;
-
-	/* set up the admin_addr - fetch name of admin host */
-	if (krb_get_admhst(adm_hostname, client_parm.krbrlm, 1) != KSUCCESS)
-		return KADM_NO_HOST;
-	if ((hop = gethostbyname(adm_hostname)) == NULL)
-		return KADM_UNK_HOST;
-	memset(&client_parm.admin_addr, 0, sizeof(client_parm.admin_addr));
-	client_parm.admin_addr.sin_port = 
-	  k_getportbyname(KADM_SNAME, "tcp", htons(KADM_PORT));
-	client_parm.admin_addr.sin_family = hop->h_addrtype;
-	memcpy(&client_parm.admin_addr.sin_addr, hop->h_addr,
-	       sizeof(client_parm.admin_addr.sin_addr));
-
-	return KADM_SUCCESS;
-}
-
-static int
-kadm_cli_conn(void)
-{					/* this connects and sets my_addr */
-    int on = 1;
-
-    if ((client_parm.admin_fd =
-	 socket(client_parm.admin_addr.sin_family, SOCK_STREAM,0)) < 0)
-	return KADM_NO_SOCK;		/* couldnt create the socket */
-    if (connect(client_parm.admin_fd,
-		(struct sockaddr *) & client_parm.admin_addr,
-		sizeof(client_parm.admin_addr))) {
-	close(client_parm.admin_fd);
-	client_parm.admin_fd = -1;
-	return KADM_NO_CONN;		/* couldnt get the connect */
-    }
-    opipe = signal(SIGPIPE, SIG_IGN);
-    client_parm.my_addr_len = sizeof(client_parm.my_addr);
-    if (getsockname(client_parm.admin_fd,
-		    (struct sockaddr *) & client_parm.my_addr,
-		    &client_parm.my_addr_len) < 0) {
-	close(client_parm.admin_fd);
-	client_parm.admin_fd = -1;
-	signal(SIGPIPE, opipe);
-	return KADM_NO_HERE;		/* couldnt find out who we are */
-    }
-#if defined(SO_KEEPALIVE) && defined(HAVE_SETSOCKOPT)
-    if (setsockopt(client_parm.admin_fd, SOL_SOCKET, SO_KEEPALIVE,
-		   (void *)&on,
-		   sizeof(on)) < 0) {
-	close(client_parm.admin_fd);
-	client_parm.admin_fd = -1;
-	signal(SIGPIPE, opipe);
-	return KADM_NO_CONN;		/* XXX */
-    }
-#endif
-    return KADM_SUCCESS;
-}
-
-/* takes in the sess_key and key_schedule and sets them appropriately */
-static int
-kadm_cli_keyd(des_cblock (*s_k), struct des_ks_struct *s_s)
-                			       /* session key */
-                     		       /* session key schedule */
-{
-	CREDENTIALS cred;	       /* to get key data */
-	int stat;
-
-	/* want .sname and .sinst here.... */
-	if ((stat = krb_get_cred(client_parm.sname, client_parm.sinst,
-				client_parm.krbrlm, &cred)))
-		return stat + krb_err_base;
-	memcpy(s_k, cred.session, sizeof(des_cblock));
-	memset(cred.session, 0, sizeof(des_cblock));
-#ifdef NOENCRYPTION
-	memset(s_s, 0, sizeof(des_key_schedule));
-#else
-	if ((stat = des_key_sched(s_k,s_s)))
-		return(stat+krb_err_base);
-#endif
-	return KADM_SUCCESS;
-}				       /* This code "works" */
-
-static int
-kadm_cli_out(u_char *dat, int dat_len, u_char **ret_dat, int *ret_siz)
-{
-	u_int16_t dlen;
-	int retval;
-	char tmp[4];
-
-	dlen = (u_int16_t) dat_len;
-
-	if (dat_len != (int)dlen)
-		return (KADM_NO_ROOM);
-
-	tmp[0] = (dlen >> 8) & 0xff;
-	tmp[1] = dlen & 0xff;
-	if (krb_net_write(client_parm.admin_fd, tmp, 2) != 2)
-	    return (errno);	       /* XXX */
-
-	if (krb_net_write(client_parm.admin_fd, (char *) dat, dat_len) < 0)
-		return (errno);	       /* XXX */
-
-	
-	if ((retval = krb_net_read(client_parm.admin_fd, tmp, 2)) != 2){
-	    if (retval < 0)
-		return(errno);		/* XXX */
-	    else
-		return(EPIPE);		/* short read ! */
-	}
-	dlen = (tmp[0] << 8) | tmp[1];
-
-	*ret_dat = (u_char *)malloc((unsigned)dlen);
-	if (!*ret_dat)
-	    return(KADM_NOMEM);
-
-	if ((retval = krb_net_read(client_parm.admin_fd,  *ret_dat,
-				  dlen) != dlen)) {
-	    if (retval < 0)
-		return(errno);		/* XXX */
-	    else
-		return(EPIPE);		/* short read ! */
-	}
-	*ret_siz = (int) dlen;
-	return KADM_SUCCESS;
-}
-
-/*
- * kadm_cli_send
- *	recieves   : opcode, packet, packet length, serv_name, serv_inst
- *	returns    : return code from the packet build, the server, or
- *			 something else 
- *
- * It assembles a packet as follows:
- *	 8 bytes    : VERSION STRING
- *	 4 bytes    : LENGTH OF MESSAGE DATA and OPCODE
- *		    : KTEXT
- *		    : OPCODE       \
- *		    : DATA          > Encrypted (with make priv)
- *		    : ......       / 
- *
- * If it builds the packet and it is small enough, then it attempts to open the
- * connection to the admin server.  If the connection is succesfully open
- * then it sends the data and waits for a reply. 
- */
-static int
-kadm_cli_send(u_char *st_dat, int st_siz, u_char **ret_dat, int *ret_siz)
-               				/* the actual data */
-           				/* length of said data */
-                 			/* to give return info */
-             				/* length of returned info */
-{
-	int act_len, retdat;	       /* current offset into packet, return
-				        * data */
-	KTEXT_ST authent;	       /* the authenticator we will build */
-	u_char *act_st;		       /* the pointer to the complete packet */
-	u_char *priv_pak;	       /* private version of the packet */
-	int priv_len;		       /* length of private packet */
-	u_int32_t cksum;		       /* checksum of the packet */
-	MSG_DAT mdat;
-	u_char *return_dat;
-
-	act_st = (u_char *) malloc(KADM_VERSIZE); /* verstr stored first */
-	strncpy((char *)act_st, KADM_VERSTR, KADM_VERSIZE);
-	act_len = KADM_VERSIZE;
-
-	if ((retdat = kadm_cli_keyd(&sess_key, sess_sched)) != KADM_SUCCESS) {
-		free(act_st);
-		return retdat;	       /* couldnt get key working */
-	}
-	priv_pak = (u_char *) malloc((unsigned)(st_siz + 200));
-	/* 200 bytes for extra info case */
-	if ((priv_len = krb_mk_priv(st_dat, priv_pak, (u_int32_t)st_siz,
-				    sess_sched, &sess_key, &client_parm.my_addr,
-				    &client_parm.admin_addr)) < 0)
-		RET_N_FREE(KADM_NO_ENCRYPT);	/* whoops... we got a lose
-						 * here */
-	/* here is the length of priv data.  receiver calcs
-	 size of authenticator by subtracting vno size, priv size, and
-	 sizeof(u_int32_t) (for the size indication) from total size */
-
-	act_len += vts_long((u_int32_t) priv_len, &act_st, act_len);
-#ifdef NOENCRYPTION
-	cksum = 0;
-#else
-	cksum = des_quad_cksum((des_cblock *)priv_pak, (des_cblock *)0, (long)priv_len, 0,
-			   &sess_key);
-#endif
-	if ((retdat = krb_mk_req(&authent, client_parm.sname, client_parm.sinst,
-				client_parm.krbrlm, cksum))) {
-	    /* authenticator? */
-	    RET_N_FREE(retdat + krb_err_base);
-	}
-
-	act_st = (u_char *) realloc(act_st,
-				    act_len + authent.length + priv_len);
-	if (!act_st) {
-	    clear_secrets();
-	    free(priv_pak);
-	    return(KADM_NOMEM);
-	}
-	memcpy((char *)act_st + act_len, authent.dat, authent.length);
-	memcpy((char *)act_st + act_len + authent.length, priv_pak, priv_len);
-	free(priv_pak);
-	if ((retdat = kadm_cli_out(act_st,
-				   act_len + authent.length + priv_len,
-				   ret_dat, ret_siz)) != KADM_SUCCESS)
-	    RET_N_FREE(retdat);
-	free(act_st);
-#define RET_N_FREE2(r) {free(*ret_dat); clear_secrets(); return(r);}
-
-	/* first see if it's a YOULOUSE */
-	if ((*ret_siz >= KADM_VERSIZE) &&
-	    !strncmp(KADM_ULOSE, (char *)*ret_dat, KADM_VERSIZE)) {
-	    unsigned char *p;
-	    /* it's a youlose packet */
-	    if (*ret_siz < KADM_VERSIZE + 4)
-		RET_N_FREE2(KADM_BAD_VER);
-	    p = (*ret_dat)+KADM_VERSIZE;
-	    retdat = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3];
-	    RET_N_FREE2(retdat);
-	}
-	/* need to decode the ret_dat */
-	if ((retdat = krb_rd_priv(*ret_dat, (u_int32_t)*ret_siz, sess_sched,
-				 &sess_key, &client_parm.admin_addr,
-				 &client_parm.my_addr, &mdat)))
-	    RET_N_FREE2(retdat+krb_err_base);
-	if (mdat.app_length < KADM_VERSIZE + 4)
-	    /* too short! */
-	    RET_N_FREE2(KADM_BAD_VER);
-	if (strncmp((char *)mdat.app_data, KADM_VERSTR, KADM_VERSIZE))
-	    /* bad version */
-	    RET_N_FREE2(KADM_BAD_VER);
-	{
-	    unsigned char *p = mdat.app_data+KADM_VERSIZE;
-	    retdat = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3];
-	}
-	{
-	  int s=mdat.app_length - KADM_VERSIZE - 4;
-	  if(s<=0) s=1;
-	  if (!(return_dat = (u_char *)malloc(s)))
-	    RET_N_FREE2(KADM_NOMEM);
-	}
-	memcpy(return_dat,
-	       (char *) mdat.app_data + KADM_VERSIZE + 4,
-	       mdat.app_length - KADM_VERSIZE - 4);
-	free(*ret_dat);
-	clear_secrets();
-	*ret_dat = return_dat;
-	*ret_siz = mdat.app_length - KADM_VERSIZE - 4;
-	return retdat;
-}
-
-
-
-/* 
- * kadm_change_pw_plain
- *
- * see kadm_change_pw
- *
- */
-int kadm_change_pw_plain(unsigned char *newkey, char *password, char **pw_msg)
-{
-	int stsize, retc;	       /* stream size and return code */
-	u_char *send_st;	       /* send stream */
-	u_char *ret_st;
-	int ret_sz;
-	int status;
-	static char msg[128];
-
-	if ((retc = kadm_cli_conn()) != KADM_SUCCESS)
-	    return(retc);
-	/* possible problem with vts_long on a non-multiple of four boundary */
-
-	stsize = 0;		       /* start of our output packet */
-	send_st = (u_char *) malloc(1);/* to make it reallocable */
-	send_st[stsize++] = (u_char) CHANGE_PW;
-
-	/* change key to stream */
-
-	send_st = realloc(send_st, stsize + 8);
-	memcpy(send_st + stsize + 4, newkey, 4); /* yes, this is backwards */
-	memcpy(send_st + stsize, newkey + 4, 4);
-	stsize += 8;
-	
-	if(password && *password)
-	  stsize += vts_string(password, &send_st, stsize);
-
-	retc = kadm_cli_send(send_st, stsize, &ret_st, &ret_sz);
-	free(send_st);
-	
-	if(retc != KADM_SUCCESS){
-	  status = stv_string(ret_st, msg, 0, sizeof(msg), ret_sz);
-	  if(status<0)
-	    msg[0]=0;
-	  *pw_msg=msg;
-	}
-
-	if (ret_st)
-	    free(ret_st);
-	
-	kadm_cli_disconn();
-	return(retc);
-}
-
-/*
- * kadm_change_pw
- * recieves    : key 
- *
- * Replaces the password (i.e. des key) of the caller with that specified in
- * key. Returns no actual data from the master server, since this is called
- * by a user 
- */
-
-int kadm_change_pw(unsigned char *newkey)
-{
-  char *pw_msg;
-  return kadm_change_pw_plain(newkey, "", &pw_msg);
-}
-
-/*
- * kadm_add
- * 	receives    : vals
- * 	returns     : vals 
- *
- * Adds and entry containing values to the database returns the values of the
- * entry, so if you leave certain fields blank you will be able to determine
- * the default values they are set to 
- */
-int
-kadm_add(Kadm_vals *vals)
-{
-	u_char *st, *st2;	       /* st will hold the stream of values */
-	int st_len;		       /* st2 the final stream with opcode */
-	int retc;		       /* return code from call */
-	u_char *ret_st;
-	int ret_sz;
-
-	if ((retc = kadm_cli_conn()) != KADM_SUCCESS)
-	    return(retc);
-	st_len = vals_to_stream(vals, &st);
-	st2 = (u_char *) malloc((unsigned)(1 + st_len));
-	*st2 = (u_char) ADD_ENT;       /* here's the opcode */
-	memcpy((char *) st2 + 1, st, st_len);	/* append st on */
-	retc = kadm_cli_send(st2, st_len + 1, &ret_st, &ret_sz);
-	free(st);
-	free(st2);
-	if (retc == KADM_SUCCESS) {
-	    /* ret_st has vals */
-	    if (stream_to_vals(ret_st, vals, ret_sz) < 0)
-		retc = KADM_LENGTH_ERROR;
-	    free(ret_st);
-	}
-	kadm_cli_disconn();
-	return(retc);
-}
-
-/*
- * kadm_mod
- * 	receives    : KTEXT, {values, values}
- *	returns     : CKSUM,  RETCODE, {values} 
- *	acl         : su, sms (as register or dealloc) 
- *
- * Modifies all entries corresponding to the first values so they match the
- * second values. returns the values for the changed entries in vals2
- */
-int
-kadm_mod(Kadm_vals *vals1, Kadm_vals *vals2)
-{
-	u_char *st, *st2;	       /* st will hold the stream of values */
-	int st_len, nlen;	       /* st2 the final stream with opcode */
-	u_char *ret_st;
-	int ret_sz;
-
-	/* nlen is the length of second vals */
-	int retc;		       /* return code from call */
-
-	if ((retc = kadm_cli_conn()) != KADM_SUCCESS)
-	    return(retc);
-
-	st_len = vals_to_stream(vals1, &st);
-	st2 = (u_char *) malloc((unsigned)(1 + st_len));
-	*st2 = (u_char) MOD_ENT;       /* here's the opcode */
-	memcpy((char *)st2 + 1, st, st_len++); /* append st on */
-	free(st);
-	nlen = vals_to_stream(vals2, &st);
-	st2 = (u_char *) realloc((char *) st2, (unsigned)(st_len + nlen));
-	memcpy((char *) st2 + st_len, st, nlen); /* append st on */
-	retc = kadm_cli_send(st2, st_len + nlen, &ret_st, &ret_sz);
-	free(st);
-	free(st2);
-	if (retc == KADM_SUCCESS) {
-	    /* ret_st has vals */
-	    if (stream_to_vals(ret_st, vals2, ret_sz) < 0)
-		retc = KADM_LENGTH_ERROR;
-	    free(ret_st);
-	}
-	kadm_cli_disconn();
-	return(retc);
-}
-
-
-int
-kadm_del(Kadm_vals *vals)
-{
-    unsigned char *st, *st2;	       /* st will hold the stream of values */
-    int st_len;		       /* st2 the final stream with opcode */
-    int retc;		       /* return code from call */
-    u_char *ret_st;
-    int ret_sz;
-    
-    if ((retc = kadm_cli_conn()) != KADM_SUCCESS)
-	return(retc);
-    st_len = vals_to_stream(vals, &st);
-    st2 = (unsigned char *) malloc(st_len + 1);
-    *st2 = DEL_ENT;       /* here's the opcode */
-    memcpy(st2 + 1, st, st_len);	/* append st on */
-    retc = kadm_cli_send(st2, st_len + 1, &ret_st, &ret_sz);
-    free(st);
-    free(st2);
-    kadm_cli_disconn();
-    return(retc);
-}
-
-
-/*
- * kadm_get
- * 	receives   : KTEXT, {values, flags} 
- *	returns    : CKSUM, RETCODE, {count, values, values, values}
- *	acl        : su 
- *
- * gets the fields requested by flags from all entries matching values returns
- * this data for each matching recipient, after a count of how many such
- * matches there were 
- */
-int
-kadm_get(Kadm_vals *vals, u_char *fl)
-{
-	int loop;		       /* for copying the fields data */
-	u_char *st, *st2;	       /* st will hold the stream of values */
-	int st_len;		       /* st2 the final stream with opcode */
-	int retc;		       /* return code from call */
-	u_char *ret_st;
-	int ret_sz;
-
-	if ((retc = kadm_cli_conn()) != KADM_SUCCESS)
-	    return(retc);
-	st_len = vals_to_stream(vals, &st);
-	st2 = (u_char *) malloc((unsigned)(1 + st_len + FLDSZ));
-	*st2 = (u_char) GET_ENT;       /* here's the opcode */
-	memcpy((char *)st2 + 1, st, st_len); /* append st on */
-	for (loop = FLDSZ - 1; loop >= 0; loop--)
-		*(st2 + st_len + FLDSZ - loop) = fl[loop]; /* append the flags */
-	retc = kadm_cli_send(st2, st_len + 1 + FLDSZ,  &ret_st, &ret_sz);
-	free(st);
-	free(st2);
-	if (retc == KADM_SUCCESS) {
-	    /* ret_st has vals */
-	    if (stream_to_vals(ret_st, vals, ret_sz) < 0)
-		retc = KADM_LENGTH_ERROR;
-	    free(ret_st);
-	}
-	kadm_cli_disconn();
-	return(retc);
-}
diff --git a/crypto/kerberosIV/lib/kadm/kadm_err.et b/crypto/kerberosIV/lib/kadm/kadm_err.et
deleted file mode 100644
index 0a7c7b6b8db8..000000000000
--- a/crypto/kerberosIV/lib/kadm/kadm_err.et
+++ /dev/null
@@ -1,59 +0,0 @@
-#	$Id: kadm_err.et,v 1.4 1996/06/12 08:01:34 bg Exp $
-#	$Author: bg $
-#
-# Copyright 1988 by the Massachusetts Institute of Technology.
-#
-# For copying and distribution information, please see the file
-# <mit-copyright.h>.
-#
-# Kerberos administration server error table
-#
-	et	kadm
-
-# KADM_SUCCESS, as all success codes should be, is zero
-
-ec KADM_RCSID,		"$Id: kadm_err.et,v 1.4 1996/06/12 08:01:34 bg Exp $"
-# /* Building and unbuilding the packet errors */
-ec KADM_NO_REALM,	"Cannot fetch local realm"
-ec KADM_NO_CRED,	"Unable to fetch credentials"
-ec KADM_BAD_KEY,	"Bad key supplied"
-ec KADM_NO_ENCRYPT,	"Can't encrypt data"
-ec KADM_NO_AUTH,	"Cannot encode/decode authentication info"
-ec KADM_WRONG_REALM,	"Principal attemping change is in wrong realm"
-ec KADM_NO_ROOM,	"Packet is too large"
-ec KADM_BAD_VER,	"Version number is incorrect"
-ec KADM_BAD_CHK,	"Checksum does not match"
-ec KADM_NO_READ,	"Unsealing private data failed"
-ec KADM_NO_OPCODE,	"Unsupported operation"
-ec KADM_NO_HOST,	"Could not find administrating host"
-ec KADM_UNK_HOST,	"Administrating host name is unknown"
-ec KADM_NO_SERV,	"Could not find service name in services database"
-ec KADM_NO_SOCK,	"Could not create socket"
-ec KADM_NO_CONN,	"Could not connect to server"
-ec KADM_NO_HERE,	"Could not fetch local socket address"
-ec KADM_NO_MAST,	"Could not fetch master key"
-ec KADM_NO_VERI,	"Could not verify master key"
-
-# /* From the server side routines */
-ec KADM_INUSE,		"Entry already exists in database"
-ec KADM_UK_SERROR,	"Database store error"
-ec KADM_UK_RERROR,	"Database read error"
-ec KADM_UNAUTH,		"Insufficient access to perform requested operation"
-# KADM_DATA isn't really an error, but...
-ec KADM_DATA,		"Data is available for return to client"
-ec KADM_NOENTRY,	"No such entry in the database"
-
-ec KADM_NOMEM,		"Memory exhausted"
-ec KADM_NO_HOSTNAME,	"Could not fetch system hostname"
-ec KADM_NO_BIND,	"Could not bind port"
-ec KADM_LENGTH_ERROR,	"Length mismatch problem"
-ec KADM_ILL_WILDCARD,	"Illegal use of wildcard"
-
-ec KADM_DB_INUSE,	"Database is locked or in use--try again later"
-
-ec KADM_INSECURE_PW,    "Insecure password rejected"
-ec KADM_PW_MISMATCH,    "Cleartext password and DES key did not match"
-
-ec KADM_NOT_SERV_PRINC, "Invalid principal for change srvtab request"
-ec KADM_IMMUTABLE,	"Attempt do delete immutable principal"
-end
diff --git a/crypto/kerberosIV/lib/kadm/kadm_locl.h b/crypto/kerberosIV/lib/kadm/kadm_locl.h
deleted file mode 100644
index e6e374bfe8fa..000000000000
--- a/crypto/kerberosIV/lib/kadm/kadm_locl.h
+++ /dev/null
@@ -1,90 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* $Id: kadm_locl.h,v 1.9 1997/05/20 18:40:44 bg Exp $ */
-
-#include "config.h"
-#include "protos.h"
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-#include <signal.h>
-#include <time.h>
-#include <errno.h>
-
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_NETDB_H
-#include <netdb.h>
-#endif
-
-#ifdef SOCKS
-#include <socks.h>
-#endif
-
-#include <roken.h>
-
-#include <des.h>
-#include <krb.h>
-#include <krb_err.h>
-#include <krb_db.h>
-#include <kadm.h>
-#include <kadm_err.h>
-
-int vts_long __P((u_int32_t, u_char **, int));
-int vals_to_stream __P((Kadm_vals *, u_char **));
-int stream_to_vals __P((u_char *, Kadm_vals *, int));
-
-int kadm_init_link __P((char n[], char i[], char r[]));
-int kadm_change_pw __P((des_cblock));
-int kadm_add __P((Kadm_vals *));
-int kadm_mod __P((Kadm_vals *, Kadm_vals *));
-int kadm_get __P((Kadm_vals *, u_char fl[4]));
-
-
diff --git a/crypto/kerberosIV/lib/kadm/kadm_stream.c b/crypto/kerberosIV/lib/kadm/kadm_stream.c
deleted file mode 100644
index 33fe177cbfcb..000000000000
--- a/crypto/kerberosIV/lib/kadm/kadm_stream.c
+++ /dev/null
@@ -1,299 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-/*
- * Stream conversion functions for Kerberos administration server
- */
-
-/*
-  kadm_stream.c
-  this holds the stream support routines for the kerberos administration server
-
-    vals_to_stream: converts a vals struct to a stream for transmission
-       internals build_field_header, vts_[string, char, long, short]
-    stream_to_vals: converts a stream to a vals struct
-       internals check_field_header, stv_[string, char, long, short]
-    error: prints out a kadm error message, returns
-    fatal: prints out a kadm fatal error message, exits
-*/
-
-#include "kadm_locl.h"
-
-RCSID("$Id: kadm_stream.c,v 1.11 1997/05/02 10:28:05 joda Exp $");
-
-static int
-build_field_header(u_char *cont, u_char **st)
-             			/* container for fields data */
-            			/* stream */
-{
-  *st = (u_char *) malloc (4);
-  memcpy(*st, cont, 4);
-  return 4;			/* return pointer to current stream location */
-}
-
-static int
-check_field_header(u_char *st, u_char *cont, int maxlen)
-           			/* stream */
-             			/* container for fields data */
-           
-{
-  if (4 > maxlen)
-      return(-1);
-  memcpy(cont, st, 4);
-  return 4;			/* return pointer to current stream location */
-}
-
-int
-vts_string(char *dat, u_char **st, int loc)
-          			/* a string to put on the stream */
-            			/* base pointer to the stream */
-        			/* offset into the stream for current data */
-{
-  *st = (u_char *) realloc (*st, (unsigned) (loc + strlen(dat) + 1));
-  memcpy(*st + loc, dat, strlen(dat)+1);
-  return strlen(dat)+1;
-}
-
-
-static int
-vts_short(u_int16_t dat, u_char **st, int loc)
-            			/* the attributes field */
-            			/* a base pointer to the stream */
-        			/* offset into the stream for current data */
-{
-    unsigned char *p;
-    p = realloc(*st, loc + 2);
-    if(p == NULL){
-	abort();
-    }
-    p[loc] = (dat >> 8) & 0xff;
-    p[loc+1] = dat & 0xff;
-    *st = p;
-    return 2;
-}
-
-static int
-vts_char(u_char dat, u_char **st, int loc)
-           			/* the attributes field */
-            			/* a base pointer to the stream */
-        			/* offset into the stream for current data */
-{
-    unsigned char *p = realloc(*st, loc + 1);
-    if(p == NULL){
-	abort();
-    }
-    p[loc] = dat;
-    *st = p;
-    return 1;
-}
-
-int
-vts_long(u_int32_t dat, u_char **st, int loc)
-           			/* the attributes field */
-            			/* a base pointer to the stream */
-        			/* offset into the stream for current data */
-{
-    unsigned char *p = realloc(*st, loc + 4);
-    if(p == NULL){
-	abort();
-    }
-    p[loc] = (dat >> 24) & 0xff;
-    p[loc+1] = (dat >> 16) & 0xff;
-    p[loc+2] = (dat >> 8) & 0xff;
-    p[loc+3] = dat & 0xff;
-    *st = p;
-    return 4;
-}
-    
-int
-stv_string(u_char *st,		/* base pointer to the stream */
-	   char *dat,		/* a string to read from the stream */
-	   int loc,		/* offset into the stream for current data */
-	   int stlen,		/* max length of string to copy in */
-	   int maxlen)		/* max length of input stream */
-{
-  int maxcount;				/* max count of chars to copy */
-
-  maxcount = min(maxlen - loc, stlen);
-
-  if(maxcount <= 0)
-      return -1;
-
-  strncpy(dat, (char *)st + loc, maxcount);
-
-  if (dat[maxcount-1]) /* not null-term --> not enuf room */
-      return(-1);
-  return strlen(dat)+1;
-}
-
-static int
-stv_short(u_char *st, u_int16_t *dat, int loc, int maxlen)
-           			/* a base pointer to the stream */
-             			/* the attributes field */
-        			/* offset into the stream for current data */
-           
-{
-  if (maxlen - loc < 2)
-      return -1;
-  
-  *dat = (st[loc] << 8) | st[loc + 1];
-  return 2;
-}
-
-int
-stv_long(u_char *st, u_int32_t *dat, int loc, int maxlen)
-           			/* a base pointer to the stream */
-            			/* the attributes field */
-        			/* offset into the stream for current data */
-           			/* maximum length of st */
-{
-  if (maxlen - loc < 4)
-      return -1;
-  
-  *dat = (st[loc] << 24) | (st[loc+1] << 16) | (st[loc+2] << 8) | st[loc+3];
-  return 4;
-}
-    
-static int
-stv_char(u_char *st, u_char *dat, int loc, int maxlen)
-           			/* a base pointer to the stream */
-            			/* the attributes field */
-        			/* offset into the stream for current data */
-           
-{
-  if (maxlen - loc < 1)
-      return -1;
-  
-  *dat = st[loc];
-  return 1;
-}
-
-/* 
-vals_to_stream
-  recieves    : kadm_vals *, u_char *
-  returns     : a realloced and filled in u_char *
-     
-this function creates a byte-stream representation of the kadm_vals structure
-*/
-int
-vals_to_stream(Kadm_vals *dt_in, u_char **dt_out)
-{
-  int vsloop, stsize;		/* loop counter, stream size */
-
-  stsize = build_field_header(dt_in->fields, dt_out);
-  for (vsloop=31; vsloop>=0; vsloop--)
-    if (IS_FIELD(vsloop,dt_in->fields)) {
-      switch (vsloop) {
-      case KADM_NAME:
-	  stsize+=vts_string(dt_in->name, dt_out, stsize);
-	  break;
-      case KADM_INST:
-	  stsize+=vts_string(dt_in->instance, dt_out, stsize);
-	  break;
-      case KADM_EXPDATE:
-	  stsize+=vts_long(dt_in->exp_date, dt_out, stsize);
-	  break;
-      case KADM_ATTR:
-	  stsize+=vts_short(dt_in->attributes, dt_out, stsize);
-	  break;
-      case KADM_MAXLIFE:
-	  stsize+=vts_char(dt_in->max_life, dt_out, stsize);
-	  break;
-      case KADM_DESKEY: 
-	  stsize+=vts_long(dt_in->key_high, dt_out, stsize); 
-	  stsize+=vts_long(dt_in->key_low, dt_out, stsize); 
-	  break;
-      default:
-	  break;
-      }
-}
-  return(stsize);
-}  
-
-/* 
-stream_to_vals
-  recieves    : u_char *, kadm_vals *
-  returns     : a kadm_vals filled in according to u_char *
-     
-this decodes a byte stream represntation of a vals struct into kadm_vals
-*/
-int
-stream_to_vals(u_char *dt_in, Kadm_vals *dt_out, int maxlen)
-              
-                  
-           				/* max length to use */
-{
-  int vsloop, stsize;		/* loop counter, stream size */
-  int status;
-
-  memset(dt_out, 0, sizeof(*dt_out));
-
-  stsize = check_field_header(dt_in, dt_out->fields, maxlen);
-  if (stsize < 0)
-      return(-1);
-  for (vsloop=31; vsloop>=0; vsloop--)
-    if (IS_FIELD(vsloop,dt_out->fields))
-      switch (vsloop) {
-      case KADM_NAME:
-	  if ((status = stv_string(dt_in, dt_out->name, stsize,
-				   sizeof(dt_out->name), maxlen)) < 0)
-	      return(-1);
-	  stsize += status;
-	  break;
-      case KADM_INST:
-	  if ((status = stv_string(dt_in, dt_out->instance, stsize,
-				   sizeof(dt_out->instance), maxlen)) < 0)
-	      return(-1);
-	  stsize += status;
-	  break;
-      case KADM_EXPDATE:
-	  if ((status = stv_long(dt_in, &dt_out->exp_date, stsize,
-				 maxlen)) < 0)
-	      return(-1);
-	  stsize += status;
-	  break;
-      case KADM_ATTR:
-	  if ((status = stv_short(dt_in, &dt_out->attributes, stsize,
-				  maxlen)) < 0)
-	      return(-1);
-	  stsize += status;
-	  break;
-      case KADM_MAXLIFE:
-	  if ((status = stv_char(dt_in, &dt_out->max_life, stsize,
-				 maxlen)) < 0)
-	      return(-1);
-	  stsize += status;
-	  break;
-      case KADM_DESKEY:
-	  if ((status = stv_long(dt_in, &dt_out->key_high, stsize,
-				    maxlen)) < 0)
-	      return(-1);
-	  stsize += status;
-	  if ((status = stv_long(dt_in, &dt_out->key_low, stsize,
-				    maxlen)) < 0)
-	      return(-1);
-	  stsize += status;
-	  break;
-      default:
-	  break;
-      }
-  return stsize;
-}  
diff --git a/crypto/kerberosIV/lib/kadm/kadm_supp.c b/crypto/kerberosIV/lib/kadm/kadm_supp.c
deleted file mode 100644
index 984526764770..000000000000
--- a/crypto/kerberosIV/lib/kadm/kadm_supp.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-/*
- * Support functions for Kerberos administration server & clients
- */
-
-/*
-  kadm_supp.c
-  this holds the support routines for the kerberos administration server
-
-    error: prints out a kadm error message, returns
-    fatal: prints out a kadm fatal error message, exits
-    prin_vals: prints out data associated with a Principal in the vals
-           structure
-*/
-
-#include "kadm_locl.h"
-    
-RCSID("$Id: kadm_supp.c,v 1.8 1997/05/02 10:27:58 joda Exp $");
-
-/*
-prin_vals:
-  recieves    : a vals structure
-*/
-void
-prin_vals(Kadm_vals *vals)
-{
-   printf("Info in Database for %s.%s:\n", vals->name, vals->instance);
-   printf("   Max Life: %d (%s)   Exp Date: %s\n",
-	  vals->max_life,
-	  krb_life_to_atime(vals->max_life), 
-	  asctime(k_localtime(&vals->exp_date)));
-   printf("   Attribs: %.2x  key: %#lx %#lx\n",
-	  vals->attributes,
-	  (long)vals->key_low, (long)vals->key_high);
-}
-
-/* kadm_prin_to_vals takes a fields arguments, a Kadm_vals and a Principal,
-   it copies the fields in Principal specified by fields into Kadm_vals, 
-   i.e from old to new */
-
-void
-kadm_prin_to_vals(u_char *fields, Kadm_vals *new, Principal *old)
-{
-  memset(new, 0, sizeof(*new));
-  if (IS_FIELD(KADM_NAME,fields)) {
-      strncpy(new->name, old->name, ANAME_SZ); 
-      SET_FIELD(KADM_NAME, new->fields);
-  }
-  if (IS_FIELD(KADM_INST,fields)) {
-      strncpy(new->instance, old->instance, INST_SZ); 
-      SET_FIELD(KADM_INST, new->fields);
-  }      
-  if (IS_FIELD(KADM_EXPDATE,fields)) {
-      new->exp_date   = old->exp_date; 
-      SET_FIELD(KADM_EXPDATE, new->fields);
-  }      
-  if (IS_FIELD(KADM_ATTR,fields)) {
-    new->attributes = old->attributes; 
-      SET_FIELD(KADM_ATTR, new->fields);
-  }      
-  if (IS_FIELD(KADM_MAXLIFE,fields)) {
-    new->max_life   = old->max_life; 
-      SET_FIELD(KADM_MAXLIFE, new->fields);
-  }      
-  if (IS_FIELD(KADM_DESKEY,fields)) {
-    new->key_low    = old->key_low; 
-    new->key_high   = old->key_high; 
-    SET_FIELD(KADM_DESKEY, new->fields);
-  }
-}
-
-void
-kadm_vals_to_prin(u_char *fields, Principal *new, Kadm_vals *old)
-{
-
-  memset(new, 0, sizeof(*new));
-  if (IS_FIELD(KADM_NAME,fields))
-    strncpy(new->name, old->name, ANAME_SZ); 
-  if (IS_FIELD(KADM_INST,fields))
-    strncpy(new->instance, old->instance, INST_SZ); 
-  if (IS_FIELD(KADM_EXPDATE,fields))
-    new->exp_date   = old->exp_date; 
-  if (IS_FIELD(KADM_ATTR,fields))
-    new->attributes = old->attributes; 
-  if (IS_FIELD(KADM_MAXLIFE,fields))
-    new->max_life   = old->max_life; 
-  if (IS_FIELD(KADM_DESKEY,fields)) {
-    new->key_low    = old->key_low; 
-    new->key_high   = old->key_high; 
-  }
-}
diff --git a/crypto/kerberosIV/lib/kafs/Makefile.in b/crypto/kerberosIV/lib/kafs/Makefile.in
deleted file mode 100644
index e9c9121be2d7..000000000000
--- a/crypto/kerberosIV/lib/kafs/Makefile.in
+++ /dev/null
@@ -1,90 +0,0 @@
-#
-# $Id: Makefile.in,v 1.30 1997/05/06 03:47:35 assar Exp $
-#
-
-SHELL = /bin/sh
-
-srcdir = @srcdir@
-VPATH = @srcdir@
-
-CC = @CC@
-AR = ar
-RANLIB = @RANLIB@
-DEFS = @DEFS@ -DLIBDIR='"$(libdir)"'
-CFLAGS = @CFLAGS@
-
-INSTALL = @INSTALL@
-INSTALL_DATA	= @INSTALL_DATA@
-MKINSTALLDIRS = @top_srcdir@/mkinstalldirs
-
-prefix = @prefix@
-exec_prefix = @exec_prefix@
-libdir = @libdir@
-
-PICFLAGS = @PICFLAGS@
- 
-LIBNAME = $(LIBPREFIX)kafs
-LIBEXT = @LIBEXT@
-SHLIBEXT = @SHLIBEXT@
-LIBPREFIX = @LIBPREFIX@
-LDSHARED = @LDSHARED@
-AFS_EXTRA_LIBS	= @AFS_EXTRA_LIBS@
-LIB = $(LIBNAME).$(LIBEXT) $(AFS_EXTRA_LIBS)
-
-SOURCES = afssys.c afskrb.c afslib.c
-
-OBJECTS = afssys.o afskrb.o
-
-all: $(LIB)
-
-Wall:
-	make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__"
-
-.c.o:
-	$(CC) -c $(CPPFLAGS) $(DEFS) -I../../include -I$(srcdir) $(CFLAGS) $(PICFLAGS) $<
-
-install: all
-	$(MKINSTALLDIRS) $(libdir)
-	$(INSTALL_DATA) -m 0555 $(LIB) $(libdir)
-
-uninstall:
-	rm -f $(libdir)/$(LIB)
-
-TAGS: $(SOURCES)
-	etags $(SOURCES)
-
-check:
-
-clean:
-	rm -f $(LIB) *.o *.a
-
-mostlyclean: clean
-
-distclean: clean
-	rm -f Makefile *.tab.c *~
-
-realclean: distclean
-	rm -f TAGS
-
-dist: $(DISTFILES)
-	for file in $(DISTFILES); do \
-	  ln $$file ../`cat ../.fname`/lib \
-	    || cp -p $$file ../`cat ../.fname`/lib; \
-	done
-
-$(LIBNAME).a: $(OBJECTS) @AFS_EXTRA_OBJS@
-	rm -f $@
-	$(AR) cr $@ $(OBJECTS) @AFS_EXTRA_OBJS@
-	-$(RANLIB) $@
-
-
-$(LIBNAME).$(SHLIBEXT): $(OBJECTS)
-	rm -f $@
-	$(LDSHARED) -o $@ $(OBJECTS)
-
-# AIX: this almost works with gcc, but somehow it fails to use the
-# correct ld, use ld instead
-afslib.so: afslib.o
-	ld -o $@ -bM:SRE -bI:$(srcdir)/afsl.exp -bE:$(srcdir)/afslib.exp -bnoentry afslib.o
-
-$(OBJECTS): ../../include/config.h
diff --git a/crypto/kerberosIV/lib/kafs/afskrb.c b/crypto/kerberosIV/lib/kafs/afskrb.c
deleted file mode 100644
index d979ac5b72d6..000000000000
--- a/crypto/kerberosIV/lib/kafs/afskrb.c
+++ /dev/null
@@ -1,373 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "kafs_locl.h"
-
-RCSID("$Id: afskrb.c,v 1.6 1997/05/26 17:38:24 bg Exp $");
-
-#define AUTH_SUPERUSER "afs"
-
-/*
- * Here only ASCII characters are relevant.
- */
-
-#define IsAsciiLower(c) ('a' <= (c) && (c) <= 'z')
-
-#define ToAsciiUpper(c) ((c) - 'a' + 'A')
-
-static void
-foldup(char *a, const char *b)
-{
-  for (; *b; a++, b++)
-    if (IsAsciiLower(*b))
-      *a = ToAsciiUpper(*b);
-    else
-      *a = *b;
-  *a = '\0';
-}
-
-static int
-get_cred(const char *princ, const char *inst, const char *krealm, 
-	 CREDENTIALS *c, KTEXT_ST *tkt)
-{
-  int k_errno = krb_get_cred((char*)princ, (char*)inst, (char*)krealm, c);
-
-  if (k_errno != KSUCCESS)
-    {
-      k_errno = krb_mk_req(tkt, (char*)princ, (char*)inst, (char*)krealm, 0);
-      if (k_errno == KSUCCESS)
-	k_errno = krb_get_cred((char*)princ, (char*)inst, (char*)krealm, c);
-    }
-  return k_errno;
-}
-
-
-/* Convert a string to a 32 bit ip number in network byte order. 
-   Return 0 on error
-   */
-
-static u_int32_t
-ip_aton(char *ip)
-{
-  u_int32_t addr;
-  unsigned int a, b, c, d;
-
-  if(sscanf(ip, "%u.%u.%u.%u", &a, &b, &c, &d) != 4)
-      return 0;
-  if((a | b | c | d) > 255)
-      return 0;
-  addr = (a << 24) | (b << 16) | (c << 8) | d;
-  addr = htonl(addr);
-  return addr;
-}
-
-/* Try to get a db-server for an AFS cell from a AFSDB record */
-
-static int
-dns_find_cell(const char *cell, char *dbserver)
-{
-    struct dns_reply *r;
-    int ok = -1;
-    r = dns_lookup(cell, "afsdb");
-    if(r){
-	struct resource_record *rr = r->head;
-	while(rr){
-	    if(rr->type == T_AFSDB && rr->u.afsdb->preference == 1){
-		strncpy(dbserver, rr->u.afsdb->domain, MaxHostNameLen);
-		dbserver[MaxHostNameLen - 1] = 0;
-		ok = 0;
-		break;
-	    }
-	    rr = rr->next;
-	}
-	dns_free_data(r);
-    }
-    return ok;
-}
-
-
-/* Find the realm associated with cell. Do this by opening
-   /usr/vice/etc/CellServDB and getting the realm-of-host for the
-   first VL-server for the cell.
-
-   This does not work when the VL-server is living in one cell, but
-   the cell it is serving is living in another cell.
-   */
-
-static char*
-realm_of_cell(const char *cell)
-{
-    FILE *F;
-    char buf[1024];
-    u_int32_t addr;
-    struct hostent *hp;
-    char *realm = NULL;
-
-    if((F = fopen(_PATH_CELLSERVDB, "r"))){
-	while(fgets(buf, sizeof(buf), F)){
-	    if(buf[0] != '>')
-		continue;
-	    if(strncmp(buf + 1, cell, strlen(cell)) == 0){
-		if(fgets(buf, sizeof(buf), F) == NULL)
-		    break;
-		addr = ip_aton(buf);
-		if(addr == 0)
-		    break;
-		hp = gethostbyaddr((char*)&addr, 4, AF_INET);
-		if(hp == NULL)
-		    break;
-		strncpy (buf, hp->h_name, sizeof(buf));
-		buf[sizeof(buf) - 1] = '\0';
-		realm = krb_realmofhost(buf);
-		break;
-	    }
-	}
-	fclose(F);
-    }
-    if(realm == NULL){
-	if(dns_find_cell(cell, buf) == 0)
-	    realm = krb_realmofhost(buf);
-    }
-    return realm;
-}
-
-/*
- * Get tokens for all cells[]
- */
-static int
-k_afslog_cells(char *cells[], int max, const char *krealm, uid_t uid)
-{
-    int err = KSUCCESS;
-    int i;
-    for(i = 0; i < max; i++)
-	err = k_afsklog_uid(cells[i], krealm, uid);
-    return err;
-}
-
-/*
- * Try to find the cells we should try to klog to in "file".
- */
-static void
-k_find_cells(char *file, char *cells[], int size, int *index)
-{
-    FILE *f;
-    char cell[64];
-    int i;
-    f = fopen(file, "r");
-    if (f == NULL)
-	return;
-    while (*index < size && fgets(cell, sizeof(cell), f)) {
-	char *nl = strchr(cell, '\n');
-	if (nl) *nl = 0;
-	for(i = 0; i < *index; i++)
-	    if(strcmp(cells[i], cell) == 0)
-		break;
-	if(i == *index)
-	    cells[(*index)++] = strdup(cell);
-    }
-    fclose(f);
-}
-
-static int
-k_afsklog_all_local_cells(const char *krealm, uid_t uid)
-{
-    int err;
-    char *cells[32]; /* XXX */
-    int num_cells = sizeof(cells) / sizeof(cells[0]);
-    int index = 0;
-
-    char *p;
-    
-    if ((p = getenv("HOME"))) {
-	char home[MaxPathLen];
-
-	if (k_concat(home, sizeof(home), p, "/.TheseCells", NULL) == 0)
-	    k_find_cells(home, cells, num_cells, &index);
-    }
-    k_find_cells(_PATH_THESECELLS, cells, num_cells, &index);
-    k_find_cells(_PATH_THISCELL, cells, num_cells, &index);
-    
-    err = k_afslog_cells(cells, index, krealm, uid);
-    while(index > 0)
-	free(cells[--index]);
-    return err;
-}
-
-int
-k_afsklog_uid(const char *cell, const char *krealm, uid_t uid)
-{
-  int k_errno;
-  CREDENTIALS c;
-  KTEXT_ST ticket;
-  char realm[REALM_SZ];
-  char *vl_realm; /* realm of vl-server */
-  char *lrealm; /* local realm */
-  char CELL[64];
-
-  if (cell == 0 || cell[0] == 0)
-    return k_afsklog_all_local_cells (krealm, uid);
-  foldup(CELL, cell);
-
-  k_errno = krb_get_lrealm(realm , 0);
-  if(k_errno == KSUCCESS && (krealm == NULL || strcmp(krealm, realm)))
-    lrealm = realm;
-  else
-    lrealm = NULL;
-
-  /* We're about to find the the realm that holds the key for afs in
-   * the specified cell. The problem is that null-instance
-   * afs-principals are common and that hitting the wrong realm might
-   * yield the wrong afs key. The following assumptions were made.
-   *
-   * Any realm passed to us is preferred.
-   *
-   * If there is a realm with the same name as the cell, it is most
-   * likely the correct realm to talk to.
-   *
-   * In most (maybe even all) cases the database servers of the cell
-   * will live in the realm we are looking for.
-   *
-   * Try the local realm, but if the previous cases fail, this is
-   * really a long shot.
-   *
-   */
-  
-  /* comments on the ordering of these tests */
-
-  /* If the user passes a realm, she probably knows something we don't
-   * know and we should try afs@krealm (otherwise we're talking with a
-   * blondino and she might as well have it.)
-   */
-  
-  k_errno = -1;
-  if(krealm){
-    k_errno = get_cred(AUTH_SUPERUSER, cell, krealm, &c, &ticket);
-    if(k_errno)
-      k_errno = get_cred(AUTH_SUPERUSER, "", krealm, &c, &ticket);
-  }
-
-  if(k_errno)
-    k_errno = get_cred(AUTH_SUPERUSER, cell, CELL, &c, &ticket);
-  if(k_errno)
-    k_errno = get_cred(AUTH_SUPERUSER, "", CELL, &c, &ticket);
-  
-  /* this might work in some conditions */
-  if(k_errno && (vl_realm = realm_of_cell(cell))){
-    k_errno = get_cred(AUTH_SUPERUSER, cell, vl_realm, &c, &ticket);
-    if(k_errno)
-      k_errno = get_cred(AUTH_SUPERUSER, "", vl_realm, &c, &ticket);
-  }
-  
-  if(k_errno && lrealm){
-    k_errno = get_cred(AUTH_SUPERUSER, cell, lrealm, &c, &ticket);
-#if 0
-    /* this is most likely never right anyway, but won't fail */
-    if(k_errno)
-      k_errno = get_cred(AUTH_SUPERUSER, "", lrealm, &c, &ticket);
-#endif
-  }
-  
-  if (k_errno == KSUCCESS)
-    {
-      struct ViceIoctl parms;
-      struct ClearToken ct;
-      int32_t sizeof_x;
-      char buf[2048], *t;
-
-      /*
-       * Build a struct ClearToken
-       */
-      ct.AuthHandle = c.kvno;
-      memcpy (ct.HandShakeKey, c.session, sizeof(c.session));
-      ct.ViceId = uid;	/* is this always valid? */
-      ct.BeginTimestamp = 1 + c.issue_date;
-      ct.EndTimestamp = krb_life_to_time(c.issue_date, c.lifetime);
-
-#define ODD(x) ((x) & 1)
-      /* If we don't know the numerical ID lifetime should be even? */
-      if (uid == 0 && ODD(ct.EndTimestamp - ct.BeginTimestamp))
-	ct.BeginTimestamp--;
-
-      t = buf;
-      /*
-       * length of secret token followed by secret token
-       */
-      sizeof_x = c.ticket_st.length;
-      memcpy(t, &sizeof_x, sizeof(sizeof_x));
-      t += sizeof(sizeof_x);
-      memcpy(t, c.ticket_st.dat, sizeof_x);
-      t += sizeof_x;
-      /*
-       * length of clear token followed by clear token
-       */
-      sizeof_x = sizeof(ct);
-      memcpy(t, &sizeof_x, sizeof(sizeof_x));
-      t += sizeof(sizeof_x);
-      memcpy(t, &ct, sizeof_x);
-      t += sizeof_x;
-
-      /*
-       * do *not* mark as primary cell
-       */
-      sizeof_x = 0;
-      memcpy(t, &sizeof_x, sizeof(sizeof_x));
-      t += sizeof(sizeof_x);
-      /*
-       * follow with cell name
-       */
-      sizeof_x = strlen(cell) + 1;
-      memcpy(t, cell, sizeof_x);
-      t += sizeof_x;
-
-      /*
-       * Build argument block
-       */
-      parms.in = buf;
-      parms.in_size = t - buf;
-      parms.out = 0;
-      parms.out_size = 0;
-      k_pioctl(0, VIOCSETTOK, &parms, 0);
-    }
-  return k_errno;
-}
-
-int
-k_afsklog(const char *cell, const char *krealm)
-{
-  return k_afsklog_uid (cell, krealm, getuid());
-}
diff --git a/crypto/kerberosIV/lib/kafs/afsl.exp b/crypto/kerberosIV/lib/kafs/afsl.exp
deleted file mode 100644
index 4d2b00e28337..000000000000
--- a/crypto/kerberosIV/lib/kafs/afsl.exp
+++ /dev/null
@@ -1,6 +0,0 @@
-#!/unix
-
-* This mumbo jumbo creates entry points to syscalls in _AIX
-
-lpioctl	syscall
-lsetpag	syscall
diff --git a/crypto/kerberosIV/lib/kafs/afslib.c b/crypto/kerberosIV/lib/kafs/afslib.c
deleted file mode 100644
index 12779bcd72d9..000000000000
--- a/crypto/kerberosIV/lib/kafs/afslib.c
+++ /dev/null
@@ -1,60 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* 
- * This file is only used with AIX 
- */
-
-#include "kafs_locl.h"
-
-RCSID("$Id: afslib.c,v 1.5 1997/04/20 13:21:15 joda Exp $");
-
-int
-aix_pioctl(char *a_path,
-	   int o_opcode,
-	   struct ViceIoctl *a_paramsP,
-	   int a_followSymlinks)
-{
-    return lpioctl(a_path, o_opcode, a_paramsP, a_followSymlinks);
-}
-
-int
-aix_setpag(void)
-{
-    return lsetpag();
-}
diff --git a/crypto/kerberosIV/lib/kafs/afslib.exp b/crypto/kerberosIV/lib/kafs/afslib.exp
deleted file mode 100644
index f288717706ea..000000000000
--- a/crypto/kerberosIV/lib/kafs/afslib.exp
+++ /dev/null
@@ -1,3 +0,0 @@
-#!
-aix_pioctl
-aix_setpag
diff --git a/crypto/kerberosIV/lib/kafs/afssys.c b/crypto/kerberosIV/lib/kafs/afssys.c
deleted file mode 100644
index 741225ca3381..000000000000
--- a/crypto/kerberosIV/lib/kafs/afssys.c
+++ /dev/null
@@ -1,293 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "kafs_locl.h"
-
-RCSID("$Id: afssys.c,v 1.53 1997/05/04 02:30:41 assar Exp $");
-
-/* Magic to get AIX syscalls to work */
-#ifdef _AIX
-
-static int (*Pioctl)(char*, int, void*, int);
-static int (*Setpag)(void);
-
-#include "dlfcn.h"
-
-static int
-isSuid()
-{
-    int uid = getuid();
-    int gid = getgid();
-    int euid = getegid();
-    int egid = getegid();
-    return (uid != euid) || (gid != egid);
-}
-
-static int
-aix_setup(void)
-{
-#ifdef STATIC_AFS_SYSCALLS
-    Pioctl = aix_pioctl;
-    Setpag = aix_setpag;
-#else
-    void *ptr;
-    char path[MaxPathLen], *p;
-    /*
-     * If we are root or running setuid don't trust AFSLIBPATH!
-     */
-    if (getuid() != 0 && !isSuid() && (p = getenv("AFSLIBPATH")) != NULL)
-	strcpy(path, p);
-    else
-	snprintf(path, sizeof(path), "%s/afslib.so", LIBDIR);
-	
-    ptr = dlopen(path, 0);
-    if(ptr){
-	Setpag = (int (*)(void))dlsym(ptr, "aix_setpag");
-	Pioctl = (int (*)(char*, int, void*, int))dlsym(ptr, "aix_pioctl");
-    }
-#endif
-}
-#endif /* _AIX */
-
-#define NO_ENTRY_POINT		0
-#define SINGLE_ENTRY_POINT	1
-#define MULTIPLE_ENTRY_POINT	2
-#define SINGLE_ENTRY_POINT2	3
-#define SINGLE_ENTRY_POINT3	4
-#define AIX_ENTRY_POINTS	5
-#define UNKNOWN_ENTRY_POINT	6
-static int afs_entry_point = UNKNOWN_ENTRY_POINT;
-static int afs_syscalls[2];
-
-
-int
-k_pioctl(char *a_path,
-	 int o_opcode,
-	 struct ViceIoctl *a_paramsP,
-	 int a_followSymlinks)
-{
-#ifndef NO_AFS
-    switch(afs_entry_point){
-#if defined(AFS_SYSCALL) || defined(AFS_SYSCALL2) || defined(AFS_SYSCALL3)
-    case SINGLE_ENTRY_POINT:
-    case SINGLE_ENTRY_POINT2:
-    case SINGLE_ENTRY_POINT3:
-	return syscall(afs_syscalls[0], AFSCALL_PIOCTL,
-		       a_path, o_opcode, a_paramsP, a_followSymlinks);
-#endif
-#if defined(AFS_PIOCTL)
-    case MULTIPLE_ENTRY_POINT:
-	return syscall(afs_syscalls[0],
-		       a_path, o_opcode, a_paramsP, a_followSymlinks);
-#endif
-#ifdef _AIX
-    case AIX_ENTRY_POINTS:
-	return Pioctl(a_path, o_opcode, a_paramsP, a_followSymlinks);
-#endif
-    }
-    
-    errno = ENOSYS;
-#ifdef SIGSYS
-    kill(getpid(), SIGSYS);	/* You loose! */
-#endif
-#endif /* NO_AFS */
-    return -1;
-}
-
-int
-k_afs_cell_of_file(const char *path, char *cell, int len)
-{
-    struct ViceIoctl parms;
-    parms.in = NULL;
-    parms.in_size = 0;
-    parms.out = cell;
-    parms.out_size = len;
-    return k_pioctl((char*)path, VIOC_FILE_CELL_NAME, &parms, 1);
-}
-
-int
-k_unlog(void)
-{
-    struct ViceIoctl parms;
-    memset(&parms, 0, sizeof(parms));
-    return k_pioctl(0, VIOCUNLOG, &parms, 0);
-}
-
-int
-k_setpag(void)
-{
-#ifndef NO_AFS
-    switch(afs_entry_point){
-#if defined(AFS_SYSCALL) || defined(AFS_SYSCALL2) || defined(AFS_SYSCALL3)
-    case SINGLE_ENTRY_POINT:
-    case SINGLE_ENTRY_POINT2:
-    case SINGLE_ENTRY_POINT3:
-	return syscall(afs_syscalls[0], AFSCALL_SETPAG);
-#endif
-#if defined(AFS_PIOCTL)
-    case MULTIPLE_ENTRY_POINT:
-	return syscall(afs_syscalls[1]);
-#endif
-#ifdef _AIX
-    case AIX_ENTRY_POINTS:
-	return Setpag();
-#endif
-    }
-    
-    errno = ENOSYS;
-#ifdef SIGSYS
-    kill(getpid(), SIGSYS);	/* You loose! */
-#endif
-#endif /* NO_AFS */
-    return -1;
-}
-
-static jmp_buf catch_SIGSYS;
-
-#ifdef SIGSYS
-
-static RETSIGTYPE
-SIGSYS_handler(int sig)
-{
-    errno = 0;
-    signal(SIGSYS, SIGSYS_handler); /* Need to reinstall handler on SYSV */
-    longjmp(catch_SIGSYS, 1);
-}
-
-#endif
-
-int
-k_hasafs(void)
-{
-    int saved_errno;
-    RETSIGTYPE (*saved_func)();
-    struct ViceIoctl parms;
-  
-    /*
-     * Already checked presence of AFS syscalls?
-     */
-    if (afs_entry_point != UNKNOWN_ENTRY_POINT)
-	return afs_entry_point != NO_ENTRY_POINT;
-
-    /*
-     * Probe kernel for AFS specific syscalls,
-     * they (currently) come in two flavors.
-     * If the syscall is absent we recive a SIGSYS.
-     */
-    afs_entry_point = NO_ENTRY_POINT;
-    memset(&parms, 0, sizeof(parms));
-  
-    saved_errno = errno;
-#ifndef NO_AFS
-#ifdef SIGSYS
-    saved_func = signal(SIGSYS, SIGSYS_handler);
-#endif
-
-#ifdef AFS_SYSCALL
-    if (setjmp(catch_SIGSYS) == 0)
-	{
-	    syscall(AFS_SYSCALL, AFSCALL_PIOCTL,
-		    0, VIOCSETTOK, &parms, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
-	    if (errno == EINVAL)
-		{
-		    afs_entry_point = SINGLE_ENTRY_POINT;
-		    afs_syscalls[0] = AFS_SYSCALL;
-		    goto done;
-		}
-	}
-#endif /* AFS_SYSCALL */
-
-#ifdef AFS_PIOCTL
-    if (setjmp(catch_SIGSYS) == 0)
-	{
-	    syscall(AFS_PIOCTL,
-		    0, VIOCSETTOK, &parms, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
-	    if (errno == EINVAL)
-		{
-		    afs_entry_point = MULTIPLE_ENTRY_POINT;
-		    afs_syscalls[0] = AFS_PIOCTL;
-		    afs_syscalls[1] = AFS_SETPAG;
-		    goto done;
-		}
-	}
-#endif /* AFS_PIOCTL */
-
-#ifdef AFS_SYSCALL2
-    if (setjmp(catch_SIGSYS) == 0)
-	{
-	    syscall(AFS_SYSCALL2, AFSCALL_PIOCTL,
-		    0, VIOCSETTOK, &parms, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
-	    if (errno == EINVAL)
-		{
-		    afs_entry_point = SINGLE_ENTRY_POINT2;
-		    afs_syscalls[0] = AFS_SYSCALL2;
-		    goto done;
-		}
-	}
-#endif /* AFS_SYSCALL */
-
-#ifdef AFS_SYSCALL3
-    if (setjmp(catch_SIGSYS) == 0)
-	{
-	    syscall(AFS_SYSCALL3, AFSCALL_PIOCTL,
-		    0, VIOCSETTOK, &parms, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
-	    if (errno == EINVAL)
-		{
-		    afs_entry_point = SINGLE_ENTRY_POINT3;
-		    afs_syscalls[0] = AFS_SYSCALL3;
-		    goto done;
-		}
-	}
-#endif /* AFS_SYSCALL */
-
-#ifdef _AIX
-    aix_setup();
-    if(Pioctl != NULL && Setpag != NULL){
-	afs_entry_point = AIX_ENTRY_POINTS;
-	goto done;
-    }
-#endif
-
-done:
-#ifdef SIGSYS
-    signal(SIGSYS, saved_func);
-#endif
-#endif /* NO_AFS */
-    errno = saved_errno;
-    return afs_entry_point != NO_ENTRY_POINT;
-}
diff --git a/crypto/kerberosIV/lib/kafs/afssysdefs.h b/crypto/kerberosIV/lib/kafs/afssysdefs.h
deleted file mode 100644
index 028f9b3f59f4..000000000000
--- a/crypto/kerberosIV/lib/kafs/afssysdefs.h
+++ /dev/null
@@ -1,87 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* $Id: afssysdefs.h,v 1.15 1997/04/01 08:18:12 joda Exp $ */
-
-/*
- * This section is for machines using single entry point AFS syscalls!
- * and/or
- * This section is for machines using multiple entry point AFS syscalls!
- *
- * SunOS 4 is an example of single entry point and sgi of multiple
- * entry point syscalls.
- */
-
-#if SunOS == 4
-#define AFS_SYSCALL	31
-#endif
-
-#if SunOS == 5
-#define AFS_SYSCALL	105
-#endif
-
-#if defined(__hpux)
-#define AFS_SYSCALL	50
-#define AFS_SYSCALL2	49
-#endif
-
-#if defined(_AIX)
-/* _AIX is too weird */
-#endif
-
-#if defined(__sgi)
-#define AFS_PIOCTL      (64+1000)
-#define AFS_SETPAG      (65+1000)
-#endif
-
-#if defined(__osf__)
-#define AFS_SYSCALL	232
-#define AFS_SYSCALL2	258
-#endif
-
-#if defined(__ultrix)
-#define AFS_SYSCALL	31
-#endif
-
-#if defined(__NetBSD__)
-#define AFS_SYSCALL 210
-#endif
-
-#ifdef SYS_afs_syscall
-#define AFS_SYSCALL3	SYS_afs_syscall
-#endif
diff --git a/crypto/kerberosIV/lib/kafs/dlfcn.c b/crypto/kerberosIV/lib/kafs/dlfcn.c
deleted file mode 100644
index 3f4de9221665..000000000000
--- a/crypto/kerberosIV/lib/kafs/dlfcn.c
+++ /dev/null
@@ -1,570 +0,0 @@
-/*
- * @(#)dlfcn.c	1.11 revision of 96/04/10  20:12:51
- * This is an unpublished work copyright (c) 1992 HELIOS Software GmbH
- * 30159 Hannover, Germany
- */
-
-/*
- * Changes marked with `--jwe' were made on April 7 1996 by John W. Eaton
- * <jwe@bevo.che.wisc.edu> to support g++ and/or use with Octave.
- */
-
-/*
- * This makes my life easier with Octave.  --jwe
- */
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-
-#include <stdio.h>
-#include <errno.h>
-#include <string.h>
-#include <stdlib.h>
-#include <sys/types.h>
-#include <sys/ldr.h>
-#include <a.out.h>
-#include <ldfcn.h>
-#include "dlfcn.h"
-
-/*
- * We simulate dlopen() et al. through a call to load. Because AIX has
- * no call to find an exported symbol we read the loader section of the
- * loaded module and build a list of exported symbols and their virtual
- * address.
- */
-
-typedef struct {
-	char		*name;		/* the symbols's name */
-	void		*addr;		/* its relocated virtual address */
-} Export, *ExportPtr;
-
-/*
- * xlC uses the following structure to list its constructors and
- * destructors. This is gleaned from the output of munch.
- */
-typedef struct {
-	void (*init)(void);		/* call static constructors */
-	void (*term)(void);		/* call static destructors */
-} Cdtor, *CdtorPtr;
-
-typedef void (*GccCDtorPtr)(void);
-
-/*
- * The void * handle returned from dlopen is actually a ModulePtr.
- */
-typedef struct Module {
-	struct Module	*next;
-	char		*name;		/* module name for refcounting */
-	int		refCnt;		/* the number of references */
-	void		*entry;		/* entry point from load */
-	struct dl_info	*info;		/* optional init/terminate functions */
-	CdtorPtr	cdtors;		/* optional C++ constructors */
-	GccCDtorPtr	gcc_ctor;	/* g++ constructors  --jwe */
-	GccCDtorPtr	gcc_dtor;	/* g++ destructors  --jwe */
-	int		nExports;	/* the number of exports found */
-	ExportPtr	exports;	/* the array of exports */
-} Module, *ModulePtr;
-
-/*
- * We keep a list of all loaded modules to be able to call the fini
- * handlers and destructors at atexit() time.
- */
-static ModulePtr modList;
-
-/*
- * The last error from one of the dl* routines is kept in static
- * variables here. Each error is returned only once to the caller.
- */
-static char errbuf[BUFSIZ];
-static int errvalid;
-
-/*
- * The `fixed' gcc header files on AIX 3.2.5 provide a prototype for
- * strdup().  --jwe
- */
-#ifndef HAVE_STRDUP
-extern char *strdup(const char *);
-#endif
-static void caterr(char *);
-static int readExports(ModulePtr);
-static void terminate(void);
-static void *findMain(void);
-
-void *dlopen(const char *path, int mode)
-{
-	ModulePtr mp;
-	static void *mainModule;
-
-	/*
-	 * Upon the first call register a terminate handler that will
-	 * close all libraries. Also get a reference to the main module
-	 * for use with loadbind.
-	 */
-	if (!mainModule) {
-		if ((mainModule = findMain()) == NULL)
-			return NULL;
-		atexit(terminate);
-	}
-	/*
-	 * Scan the list of modules if we have the module already loaded.
-	 */
-	for (mp = modList; mp; mp = mp->next)
-		if (strcmp(mp->name, path) == 0) {
-			mp->refCnt++;
-			return mp;
-		}
-	if ((mp = (ModulePtr)calloc(1, sizeof(*mp))) == NULL) {
-		errvalid++;
-		strcpy(errbuf, "calloc: ");
-		strcat(errbuf, strerror(errno));
-		return NULL;
-	}
-	if ((mp->name = strdup(path)) == NULL) {
-		errvalid++;
-		strcpy(errbuf, "strdup: ");
-		strcat(errbuf, strerror(errno));
-		free(mp);
-		return NULL;
-	}
-	/*
-	 * load should be declared load(const char *...). Thus we
-	 * cast the path to a normal char *. Ugly.
-	 */
-	if ((mp->entry = (void *)load((char *)path, L_NOAUTODEFER, NULL)) == NULL) {
-		free(mp->name);
-		free(mp);
-		errvalid++;
-		strcpy(errbuf, "dlopen: ");
-		strcat(errbuf, path);
-		strcat(errbuf, ": ");
-		/*
-		 * If AIX says the file is not executable, the error
-		 * can be further described by querying the loader about
-		 * the last error.
-		 */
-		if (errno == ENOEXEC) {
-			char *tmp[BUFSIZ/sizeof(char *)];
-			if (loadquery(L_GETMESSAGES, tmp, sizeof(tmp)) == -1)
-				strcpy(errbuf, strerror(errno));
-			else {
-				char **p;
-				for (p = tmp; *p; p++)
-					caterr(*p);
-			}
-		} else
-			strcat(errbuf, strerror(errno));
-		return NULL;
-	}
-	mp->refCnt = 1;
-	mp->next = modList;
-	modList = mp;
-	if (loadbind(0, mainModule, mp->entry) == -1) {
-		dlclose(mp);
-		errvalid++;
-		strcpy(errbuf, "loadbind: ");
-		strcat(errbuf, strerror(errno));
-		return NULL;
-	}
-	/*
-	 * If the user wants global binding, loadbind against all other
-	 * loaded modules.
-	 */
-	if (mode & RTLD_GLOBAL) {
-		ModulePtr mp1;
-		for (mp1 = mp->next; mp1; mp1 = mp1->next)
-			if (loadbind(0, mp1->entry, mp->entry) == -1) {
-				dlclose(mp);
-				errvalid++;
-				strcpy(errbuf, "loadbind: ");
-				strcat(errbuf, strerror(errno));
-				return NULL;
-			}
-	}
-	if (readExports(mp) == -1) {
-		dlclose(mp);
-		return NULL;
-	}
-	/*
-	 * If there is a dl_info structure, call the init function.
-	 */
-	if (mp->info = (struct dl_info *)dlsym(mp, "dl_info")) {
-		if (mp->info->init)
-			(*mp->info->init)();
-	} else
-		errvalid = 0;
-	/*
-	 * If the shared object was compiled using xlC we will need
-	 * to call static constructors (and later on dlclose destructors).
-	 */
-	if (mp->cdtors = (CdtorPtr)dlsym(mp, "__cdtors")) {
-		CdtorPtr cp = mp->cdtors;
-		while (cp->init || cp->term) {
-			if (cp->init && cp->init != (void (*)(void))0xffffffff)
-				(*cp->init)();
-			cp++;
-		}
-	/*
-	 * If the shared object was compiled using g++, we will need
-	 * to call global constructors using the _GLOBAL__DI function,
-	 * and later, global destructors using the _GLOBAL_DD
-	 * funciton.  --jwe
-	 */
-	} else if (mp->gcc_ctor = (GccCDtorPtr)dlsym(mp, "_GLOBAL__DI")) {
-		(*mp->gcc_ctor)();
-		mp->gcc_dtor = (GccCDtorPtr)dlsym(mp, "_GLOBAL__DD"); 
-	} else
-		errvalid = 0;
-	return mp;
-}
-
-/*
- * Attempt to decipher an AIX loader error message and append it
- * to our static error message buffer.
- */
-static void caterr(char *s)
-{
-	char *p = s;
-
-	while (*p >= '0' && *p <= '9')
-		p++;
-	switch(atoi(s)) {
-	case L_ERROR_TOOMANY:
-		strcat(errbuf, "to many errors");
-		break;
-	case L_ERROR_NOLIB:
-		strcat(errbuf, "can't load library");
-		strcat(errbuf, p);
-		break;
-	case L_ERROR_UNDEF:
-		strcat(errbuf, "can't find symbol");
-		strcat(errbuf, p);
-		break;
-	case L_ERROR_RLDBAD:
-		strcat(errbuf, "bad RLD");
-		strcat(errbuf, p);
-		break;
-	case L_ERROR_FORMAT:
-		strcat(errbuf, "bad exec format in");
-		strcat(errbuf, p);
-		break;
-	case L_ERROR_ERRNO:
-		strcat(errbuf, strerror(atoi(++p)));
-		break;
-	default:
-		strcat(errbuf, s);
-		break;
-	}
-}
-
-void *dlsym(void *handle, const char *symbol)
-{
-	ModulePtr mp = (ModulePtr)handle;
-	ExportPtr ep;
-	int i;
-
-	/*
-	 * Could speed up the search, but I assume that one assigns
-	 * the result to function pointers anyways.
-	 */
-	for (ep = mp->exports, i = mp->nExports; i; i--, ep++)
-		if (strcmp(ep->name, symbol) == 0)
-			return ep->addr;
-	errvalid++;
-	strcpy(errbuf, "dlsym: undefined symbol ");
-	strcat(errbuf, symbol);
-	return NULL;
-}
-
-char *dlerror(void)
-{
-	if (errvalid) {
-		errvalid = 0;
-		return errbuf;
-	}
-	return NULL;
-}
-
-int dlclose(void *handle)
-{
-	ModulePtr mp = (ModulePtr)handle;
-	int result;
-	ModulePtr mp1;
-
-	if (--mp->refCnt > 0)
-		return 0;
-	if (mp->info && mp->info->fini)
-		(*mp->info->fini)();
-	if (mp->cdtors) {
-		CdtorPtr cp = mp->cdtors;
-		while (cp->init || cp->term) {
-			if (cp->term && cp->init != (void (*)(void))0xffffffff)
-				(*cp->term)();
-			cp++;
-		}
-	/*
-	 * If the function to handle global destructors for g++
-	 * exists, call it.  --jwe
-	 */
-	} else if (mp->gcc_dtor) {
-	        (*mp->gcc_dtor)();
-	}
-	result = unload(mp->entry);
-	if (result == -1) {
-		errvalid++;
-		strcpy(errbuf, strerror(errno));
-	}
-	if (mp->exports) {
-		ExportPtr ep;
-		int i;
-		for (ep = mp->exports, i = mp->nExports; i; i--, ep++)
-			if (ep->name)
-				free(ep->name);
-		free(mp->exports);
-	}
-	if (mp == modList)
-		modList = mp->next;
-	else {
-		for (mp1 = modList; mp1; mp1 = mp1->next)
-			if (mp1->next == mp) {
-				mp1->next = mp->next;
-				break;
-			}
-	}
-	free(mp->name);
-	free(mp);
-	return result;
-}
-
-static void terminate(void)
-{
-	while (modList)
-		dlclose(modList);
-}
-
-/*
- * Build the export table from the XCOFF .loader section.
- */
-static int readExports(ModulePtr mp)
-{
-	LDFILE *ldp = NULL;
-	SCNHDR sh, shdata;
-	LDHDR *lhp;
-	char *ldbuf;
-	LDSYM *ls;
-	int i;
-	ExportPtr ep;
-
-	if ((ldp = ldopen(mp->name, ldp)) == NULL) {
-		struct ld_info *lp;
-		char *buf;
-		int size = 4*1024;
-		if (errno != ENOENT) {
-			errvalid++;
-			strcpy(errbuf, "readExports: ");
-			strcat(errbuf, strerror(errno));
-			return -1;
-		}
-		/*
-		 * The module might be loaded due to the LIBPATH
-		 * environment variable. Search for the loaded
-		 * module using L_GETINFO.
-		 */
-		if ((buf = malloc(size)) == NULL) {
-			errvalid++;
-			strcpy(errbuf, "readExports: ");
-			strcat(errbuf, strerror(errno));
-			return -1;
-		}
-		while ((i = loadquery(L_GETINFO, buf, size)) == -1 && errno == ENOMEM) {
-			free(buf);
-			size += 4*1024;
-			if ((buf = malloc(size)) == NULL) {
-				errvalid++;
-				strcpy(errbuf, "readExports: ");
-				strcat(errbuf, strerror(errno));
-				return -1;
-			}
-		}
-		if (i == -1) {
-			errvalid++;
-			strcpy(errbuf, "readExports: ");
-			strcat(errbuf, strerror(errno));
-			free(buf);
-			return -1;
-		}
-		/*
-		 * Traverse the list of loaded modules. The entry point
-		 * returned by load() does actually point to the data
-		 * segment origin.
-		 */
-		lp = (struct ld_info *)buf;
-		while (lp) {
-			if (lp->ldinfo_dataorg == mp->entry) {
-				ldp = ldopen(lp->ldinfo_filename, ldp);
-				break;
-			}
-			if (lp->ldinfo_next == 0)
-				lp = NULL;
-			else
-				lp = (struct ld_info *)((char *)lp + lp->ldinfo_next);
-		}
-		free(buf);
-		if (!ldp) {
-			errvalid++;
-			strcpy(errbuf, "readExports: ");
-			strcat(errbuf, strerror(errno));
-			return -1;
-		}
-	}
-	if (TYPE(ldp) != U802TOCMAGIC) {
-		errvalid++;
-		strcpy(errbuf, "readExports: bad magic");
-		while(ldclose(ldp) == FAILURE)
-			;
-		return -1;
-	}
-	/*
-	 * Get the padding for the data section. This is needed for
-	 * AIX 4.1 compilers. This is used when building the final
-	 * function pointer to the exported symbol.
-	 */
-	if (ldnshread(ldp, _DATA, &shdata) != SUCCESS) {
-		errvalid++;
-		strcpy(errbuf, "readExports: cannot read data section header");
-		while(ldclose(ldp) == FAILURE)
-			;
-		return -1;
-	}
-	if (ldnshread(ldp, _LOADER, &sh) != SUCCESS) {
-		errvalid++;
-		strcpy(errbuf, "readExports: cannot read loader section header");
-		while(ldclose(ldp) == FAILURE)
-			;
-		return -1;
-	}
-	/*
-	 * We read the complete loader section in one chunk, this makes
-	 * finding long symbol names residing in the string table easier.
-	 */
-	if ((ldbuf = (char *)malloc(sh.s_size)) == NULL) {
-		errvalid++;
-		strcpy(errbuf, "readExports: ");
-		strcat(errbuf, strerror(errno));
-		while(ldclose(ldp) == FAILURE)
-			;
-		return -1;
-	}
-	if (FSEEK(ldp, sh.s_scnptr, BEGINNING) != OKFSEEK) {
-		errvalid++;
-		strcpy(errbuf, "readExports: cannot seek to loader section");
-		free(ldbuf);
-		while(ldclose(ldp) == FAILURE)
-			;
-		return -1;
-	}
-	if (FREAD(ldbuf, sh.s_size, 1, ldp) != 1) {
-		errvalid++;
-		strcpy(errbuf, "readExports: cannot read loader section");
-		free(ldbuf);
-		while(ldclose(ldp) == FAILURE)
-			;
-		return -1;
-	}
-	lhp = (LDHDR *)ldbuf;
-	ls = (LDSYM *)(ldbuf+LDHDRSZ);
-	/*
-	 * Count the number of exports to include in our export table.
-	 */
-	for (i = lhp->l_nsyms; i; i--, ls++) {
-		if (!LDR_EXPORT(*ls))
-			continue;
-		mp->nExports++;
-	}
-	if ((mp->exports = (ExportPtr)calloc(mp->nExports, sizeof(*mp->exports))) == NULL) {
-		errvalid++;
-		strcpy(errbuf, "readExports: ");
-		strcat(errbuf, strerror(errno));
-		free(ldbuf);
-		while(ldclose(ldp) == FAILURE)
-			;
-		return -1;
-	}
-	/*
-	 * Fill in the export table. All entries are relative to
-	 * the entry point we got from load.
-	 */
-	ep = mp->exports;
-	ls = (LDSYM *)(ldbuf+LDHDRSZ);
-	for (i = lhp->l_nsyms; i; i--, ls++) {
-		char *symname;
-		char tmpsym[SYMNMLEN+1];
-		if (!LDR_EXPORT(*ls))
-			continue;
-		if (ls->l_zeroes == 0)
-			symname = ls->l_offset+lhp->l_stoff+ldbuf;
-		else {
-			/*
-			 * The l_name member is not zero terminated, we
-			 * must copy the first SYMNMLEN chars and make
-			 * sure we have a zero byte at the end.
-			 */
-			strncpy(tmpsym, ls->l_name, SYMNMLEN);
-			tmpsym[SYMNMLEN] = '\0';
-			symname = tmpsym;
-		}
-		ep->name = strdup(symname);
-		ep->addr = (void *)((unsigned long)mp->entry +
-					ls->l_value - shdata.s_vaddr);
-		ep++;
-	}
-	free(ldbuf);
-	while(ldclose(ldp) == FAILURE)
-		;
-	return 0;
-}
-
-/*
- * Find the main modules entry point. This is used as export pointer
- * for loadbind() to be able to resolve references to the main part.
- */
-static void * findMain(void)
-{
-	struct ld_info *lp;
-	char *buf;
-	int size = 4*1024;
-	int i;
-	void *ret;
-
-	if ((buf = malloc(size)) == NULL) {
-		errvalid++;
-		strcpy(errbuf, "findMain: ");
-		strcat(errbuf, strerror(errno));
-		return NULL;
-	}
-	while ((i = loadquery(L_GETINFO, buf, size)) == -1 && errno == ENOMEM) {
-		free(buf);
-		size += 4*1024;
-		if ((buf = malloc(size)) == NULL) {
-			errvalid++;
-			strcpy(errbuf, "findMain: ");
-			strcat(errbuf, strerror(errno));
-			return NULL;
-		}
-	}
-	if (i == -1) {
-		errvalid++;
-		strcpy(errbuf, "findMain: ");
-		strcat(errbuf, strerror(errno));
-		free(buf);
-		return NULL;
-	}
-	/*
-	 * The first entry is the main module. The entry point
-	 * returned by load() does actually point to the data
-	 * segment origin.
-	 */
-	lp = (struct ld_info *)buf;
-	ret = lp->ldinfo_dataorg;
-	free(buf);
-	return ret;
-}
diff --git a/crypto/kerberosIV/lib/kafs/dlfcn.h b/crypto/kerberosIV/lib/kafs/dlfcn.h
deleted file mode 100644
index 5671e9caa3a7..000000000000
--- a/crypto/kerberosIV/lib/kafs/dlfcn.h
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * @(#)dlfcn.h	1.4 revision of 95/04/25  09:36:52
- * This is an unpublished work copyright (c) 1992 HELIOS Software GmbH
- * 30159 Hannover, Germany
- */
-
-#ifndef __dlfcn_h__
-#define __dlfcn_h__
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/*
- * Mode flags for the dlopen routine.
- */
-#define RTLD_LAZY	1	/* lazy function call binding */
-#define RTLD_NOW	2	/* immediate function call binding */
-#define RTLD_GLOBAL	0x100	/* allow symbols to be global */
-
-/*
- * To be able to intialize, a library may provide a dl_info structure
- * that contains functions to be called to initialize and terminate.
- */
-struct dl_info {
-	void (*init)(void);
-	void (*fini)(void);
-};
-
-#if __STDC__ || defined(_IBMR2)
-void *dlopen(const char *path, int mode);
-void *dlsym(void *handle, const char *symbol);
-char *dlerror(void);
-int dlclose(void *handle);
-#else
-void *dlopen();
-void *dlsym();
-char *dlerror();
-int dlclose();
-#endif
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* __dlfcn_h__ */
diff --git a/crypto/kerberosIV/lib/kafs/kafs.h b/crypto/kerberosIV/lib/kafs/kafs.h
deleted file mode 100644
index 579856a3b91e..000000000000
--- a/crypto/kerberosIV/lib/kafs/kafs.h
+++ /dev/null
@@ -1,100 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* $Id$ */
-
-#ifndef __KAFS_H
-#define __KAFS_H
-
-#include <sys/types.h>
-#include <sys/cdefs.h>
-/* sys/ioctl.h must be included manually before kafs.h */
-
-/*
- */
-#define AFSCALL_PIOCTL 20
-#define AFSCALL_SETPAG 21
-
-#ifndef _VICEIOCTL
-#define _VICEIOCTL(id)  ((unsigned int ) _IOW('V', id, struct ViceIoctl))
-#endif /* _VICEIOCTL */
-
-#define VIOCSETTOK		_VICEIOCTL(3)
-#define VIOCGETTOK		_VICEIOCTL(8)
-#define VIOCUNLOG		_VICEIOCTL(9)
-#define VIOC_FILE_CELL_NAME	_VICEIOCTL(30)
-
-struct ViceIoctl {
-  caddr_t in, out;
-  short in_size;
-  short out_size;
-};
-
-struct ClearToken {
-  int32_t AuthHandle;
-  char HandShakeKey[8];
-  int32_t ViceId;
-  int32_t BeginTimestamp;
-  int32_t EndTimestamp;
-};
-
-#ifndef __P
-#define __P(x) x
-#endif
-
-/* Use k_hasafs() to probe if the machine supports AFS syscalls.
-   The other functions will generate a SIGSYS if AFS is not supported */
-
-int k_hasafs __P((void));
-
-int k_afsklog __P((const char *cell, const char *realm));
-int k_afsklog_uid __P((const char *cell, const char *realm, uid_t uid));
-int k_pioctl __P((char *a_path,
-		  int o_opcode,
-		  struct ViceIoctl *a_paramsP,
-		  int a_followSymlinks));
-int k_unlog __P((void));
-int k_setpag __P((void));
-int k_afs_cell_of_file __P((const char *path, char *cell, int len));
-
-#define _PATH_VICE		"/usr/vice/etc/"
-#define _PATH_THISCELL 		_PATH_VICE "ThisCell"
-#define _PATH_CELLSERVDB 	_PATH_VICE "CellServDB"
-#define _PATH_THESECELLS	_PATH_VICE "TheseCells"
-
-#endif /* __KAFS_H */
diff --git a/crypto/kerberosIV/lib/kafs/kafs_locl.h b/crypto/kerberosIV/lib/kafs/kafs_locl.h
deleted file mode 100644
index 6ada6abd907c..000000000000
--- a/crypto/kerberosIV/lib/kafs/kafs_locl.h
+++ /dev/null
@@ -1,96 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* $Id: kafs_locl.h,v 1.3 1997/05/04 23:04:44 assar Exp $ */
-
-#ifndef __KAFS_LOCL_H__
-#define __KAFS_LOCL_H__
-
-#include <config.h>
-#include <protos.h>
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <signal.h>
-#include <setjmp.h>
-#include <errno.h>
-
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-#if defined(HAVE_SYS_IOCTL_H) && SunOS != 4
-#include <sys/ioctl.h>
-#endif
-#ifdef HAVE_SYS_FILIO_H
-#include <sys/filio.h>
-#endif
-
-#ifdef HAVE_SYS_SYSCALL_H
-#include <sys/syscall.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_NETDB_H
-#include <netdb.h>
-#endif
-
-#ifdef HAVE_ARPA_NAMESER_H
-#include <arpa/nameser.h>
-#endif
-#ifdef HAVE_RESOLV_H
-#include <resolv.h>
-#endif
-#include <roken.h>
-
-#include <krb.h>
-#include <kafs.h>
-
-#include <resolve.h>
-
-#include "afssysdefs.h"
-
-
-#endif /* __KAFS_LOCL_H__ */
diff --git a/crypto/kerberosIV/lib/kdb/Makefile.in b/crypto/kerberosIV/lib/kdb/Makefile.in
deleted file mode 100644
index f6fb9620612e..000000000000
--- a/crypto/kerberosIV/lib/kdb/Makefile.in
+++ /dev/null
@@ -1,83 +0,0 @@
-#
-# $Id: Makefile.in,v 1.25 1997/05/06 03:47:39 assar Exp $
-#
-
-SHELL = /bin/sh
-
-srcdir = @srcdir@
-VPATH = @srcdir@
-
-CC = @CC@
-AR = ar
-RANLIB = @RANLIB@
-DEFS = @DEFS@
-CFLAGS = @CFLAGS@
-
-INSTALL = @INSTALL@
-INSTALL_DATA	= @INSTALL_DATA@
-MKINSTALLDIRS = @top_srcdir@/mkinstalldirs
-
-prefix = @prefix@
-exec_prefix = @exec_prefix@
-libdir = @libdir@
-
-PICFLAGS = @PICFLAGS@
- 
-LIBNAME = $(LIBPREFIX)kdb
-LIBEXT = @LIBEXT@
-SHLIBEXT = @SHLIBEXT@
-LIBPREFIX = @LIBPREFIX@
-LDSHARED = @LDSHARED@
-LIB = $(LIBNAME).$(LIBEXT)
-
-SOURCES = krb_cache.c krb_kdb_utils.c copykey.c krb_lib.c krb_dbm.c print_princ.c base64.c
-
-OBJECTS = krb_cache.o krb_kdb_utils.o copykey.o krb_lib.o krb_dbm.o print_princ.o base64.o
-
-all: $(LIB)
-
-Wall:
-		make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__"
-
-.c.o:
-	$(CC) -c $(CPPFLAGS) $(DEFS) -I../../include -I$(srcdir) $(CFLAGS) $(PICFLAGS) $<
-
-install: all
-	$(MKINSTALLDIRS) $(libdir)
-	$(INSTALL_DATA) -m 0555 $(LIB) $(libdir)
-
-uninstall:
-	rm -f $(libdir)/$(LIB)
-
-TAGS: $(SOURCES)
-	etags $(SOURCES)
-
-check:
-
-clean:
-	rm -f $(LIB) *.o *.a
-
-mostlyclean: clean
-
-distclean: clean
-	rm -f Makefile *.tab.c *~
-
-realclean: distclean
-	rm -f TAGS
-
-dist: $(DISTFILES)
-	for file in $(DISTFILES); do \
-	  ln $$file ../`cat ../.fname`/lib \
-	    || cp -p $$file ../`cat ../.fname`/lib; \
-	done
-
-$(LIBNAME).a: $(OBJECTS)
-	rm -f $@
-	$(AR) cr $@ $(OBJECTS)
-	-$(RANLIB) $@
-
-$(LIBNAME).$(SHLIBEXT): $(OBJECTS)
-	rm -f $@
-	$(LDSHARED) -o $@ $(OBJECTS)
-
-$(OBJECTS): ../../include/config.h
diff --git a/crypto/kerberosIV/lib/kdb/base64.c b/crypto/kerberosIV/lib/kdb/base64.c
deleted file mode 100644
index d7e89c476251..000000000000
--- a/crypto/kerberosIV/lib/kdb/base64.c
+++ /dev/null
@@ -1,150 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: base64.c,v 1.7 1997/04/01 08:18:16 joda Exp $");
-#endif
-
-#include <stdlib.h>
-#include <ctype.h>
-#include <string.h>
-#include "base64.h"
-
-static char base64[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
-
-static int POS(char c)
-{
-  if(c == '=') return 64;
-  if(isupper(c))
-    return c - 'A';
-  if(islower(c))
-    return c - 'a' + 26;
-  if(isdigit(c))
-    return c - '0' + 52;
-  if(c == '+')
-    return 62;
-  if(c == '/')
-    return 63;
-  return -1;
-}
-
-char *base64_encode(const void *buf, int size)
-{
-  char *str = (char*)malloc((size+3)*4/3+1);
-  char *p=str;
-  unsigned char *q = (unsigned char*)buf;
-  int i;
-  int c;
-  i=0;
-  while(i<size){
-    c=q[i++];
-    c*=256;
-    if(i<size)
-      c+=q[i];
-    i++;
-    c*=256;
-    if(i<size)
-      c+=q[i];
-    i++;
-    p[0]=base64[(c&0x00fc0000) >> 18];
-    p[1]=base64[(c&0x0003f000) >> 12];
-    p[2]=base64[(c&0x00000fc0) >> 6];
-    p[3]=base64[(c&0x0000003f) >> 0];
-    if(i>size)
-      p[3]='=';
-    if(i>size+1)
-      p[2]='=';
-    p+=4;
-  }
-  *p=0;
-  return str;
-}
-
-/* convert string in s to binary data. s should be a multiple of 4
- * bytes long. data should be at least len(s) * 3 / 4 bytes long.
- * returns 
- */
-int base64_decode(char *s, void *data)
-{
-  char *p;
-  unsigned char *q;
-  int n[4];
-
-  if(strlen(s) % 4)
-    return -1;
-  q=(unsigned char*)data;
-  for(p=s; *p; p+=4){
-    n[0] = POS(p[0]);
-    n[1] = POS(p[1]);
-    n[2] = POS(p[2]);
-    n[3] = POS(p[3]);
-    if((n[0] | n[1] | n[2] | n[3]) < 0)
-      return -1;
-
-    if(n[0] == 64 || n[1] == 64)
-      return -1;
-    if(n[2] == 64 && n[3] < 64)
-      return -1;
-    q[0] = (n[0] << 2) + (n[1] >> 4);
-    if(n[2] < 64){
-      q[1] = ((n[1] & 15) << 4) + (n[2] >> 2);
-    }
-    if(n[3] < 64){
-      q[2] = ((n[2] & 3) << 6) + n[3];
-    }
-    q+=3;
-  }
-  q -= (n[2] == 64) + (n[3] == 64);
-  return q - (unsigned char*)data;
-}
-
-#ifdef TEST
-int main(int argc, char **argv)
-{
-  char str[128];
-  char buf[128];
-  char *p;
-  printf("base64_encode(\"%s\") = \"%s\"\n", argv[1], 
-	 p=base64_encode(argv[1], strlen(argv[1])));
-  printf("base64_decode(\"%s\") = %d", p, base64_decode(p, buf));
-  printf(" (\"%s\")\n", buf);
-  printf("base64_decode(\"%s\") = %d", argv[1], base64_decode(argv[1], buf));
-  printf(" (\"%s\")\n", buf);
-}
-#endif
diff --git a/crypto/kerberosIV/lib/kdb/base64.h b/crypto/kerberosIV/lib/kdb/base64.h
deleted file mode 100644
index edfb34415ca2..000000000000
--- a/crypto/kerberosIV/lib/kdb/base64.h
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* $Id: base64.h,v 1.5 1997/04/01 08:18:16 joda Exp $ */
-
-#ifndef _BASE64_H_
-#define _BASE64_H_
-
-char *base64_encode(const void *buf, int size);
-int base64_decode(char *s, void *data);
-
-#endif
diff --git a/crypto/kerberosIV/lib/kdb/copykey.c b/crypto/kerberosIV/lib/kdb/copykey.c
deleted file mode 100644
index a78baf78e816..000000000000
--- a/crypto/kerberosIV/lib/kdb/copykey.c
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "kdb_locl.h"
-
-RCSID("$Id: copykey.c,v 1.10 1997/04/01 08:18:17 joda Exp $");
-
-void
-copy_from_key(des_cblock in, u_int32_t *lo, u_int32_t *hi)
-{
-    memcpy(lo, ((char *) in) + 0, 4);
-    memcpy(hi, ((char *) in) + 4, 4);
-}
-
-void
-copy_to_key(u_int32_t *lo, u_int32_t *hi, des_cblock out)
-{
-    memcpy(((char *)out) + 0, lo, 4);
-    memcpy(((char *)out) + 4, hi, 4);
-}
diff --git a/crypto/kerberosIV/lib/kdb/kdb_locl.h b/crypto/kerberosIV/lib/kdb/kdb_locl.h
deleted file mode 100644
index fe4d0793e492..000000000000
--- a/crypto/kerberosIV/lib/kdb/kdb_locl.h
+++ /dev/null
@@ -1,98 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* $Id: kdb_locl.h,v 1.9 1997/05/02 14:29:08 assar Exp $ */
-
-#ifndef __kdb_locl_h
-#define __kdb_locl_h
-
-#include "config.h"
-#include "protos.h"
-
-#include "base64.h"
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <unistd.h>
-#include <errno.h>
-
-#include <sys/types.h>
-
-#ifdef TIME_WITH_SYS_TIME
-#include <sys/time.h>
-#include <time.h>
-#elif defined(HAVE_SYS_TIME_H)
-#include <sys/time.h>
-#else
-#include <time.h>
-#endif
-
-#include <sys/stat.h>
-#include <fcntl.h>
-#include <utime.h>
-#include <sys/file.h>
-#include <roken.h>
-
-#include <krb.h>
-#include <krb_db.h>
-
-/* --- */
-
-/* Globals! */
-
-/* Utils */
-
-int kerb_db_set_lockmode __P((int));
-void kerb_db_fini __P((void));
-int kerb_db_init __P((void));
-int kerb_db_get_principal __P((char *name, char *, Principal *, unsigned int, int *));
-int kerb_db_get_dba __P((char *, char *, Dba *, unsigned int, int *));
-
-void delta_stat __P((DB_stat *, DB_stat *, DB_stat *));
-
-int kerb_cache_init __P((void));
-int kerb_cache_get_principal __P((char *name, char *, Principal *, unsigned int));
-int kerb_cache_put_principal __P((Principal *, unsigned int));
-int kerb_cache_get_dba __P((char *, char *, Dba *, unsigned int));
-int kerb_cache_put_dba __P((Dba *, unsigned int));
-
-void krb_print_principal __P((Principal *));
-
-#endif /*  __kdb_locl_h */
diff --git a/crypto/kerberosIV/lib/kdb/kdc.h b/crypto/kerberosIV/lib/kdb/kdc.h
deleted file mode 100644
index 08fa94f08f85..000000000000
--- a/crypto/kerberosIV/lib/kdb/kdc.h
+++ /dev/null
@@ -1,34 +0,0 @@
-/*
- * $Id$
- *
- * Copyright 1987, 1988 by the Massachusetts Institute of Technology. 
- *
- * For copying and distribution information, please see the file
- * <mit-copyright.h>. 
- *
- * Include file for the Kerberos Key Distribution Center. 
- */
-
-#ifndef KDC_DEFS
-#define KDC_DEFS
-
-/* Don't depend on this! */
-#ifndef MKEYFILE
-#if 1
-#define MKEYFILE	"/etc/kerberosIV/master-key"
-#else
-#define MKEYFILE	"/.k"
-#endif
-#endif
-#ifndef K_LOGFIL
-#define K_LOGFIL	"/var/log/kpropd.log"
-#endif
-
-#define ONE_MINUTE	60
-#define FIVE_MINUTES	(5 * ONE_MINUTE)
-#define ONE_HOUR	(60 * ONE_MINUTE)
-#define ONE_DAY		(24 * ONE_HOUR)
-#define THREE_DAYS	(3 * ONE_DAY)
-
-#endif /* KDC_DEFS */
-
diff --git a/crypto/kerberosIV/lib/kdb/krb_cache.c b/crypto/kerberosIV/lib/kdb/krb_cache.c
deleted file mode 100644
index ed4a5b19990f..000000000000
--- a/crypto/kerberosIV/lib/kdb/krb_cache.c
+++ /dev/null
@@ -1,189 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-/*
- * This is where a cache would be implemented, if it were necessary.
- */
-
-#include "kdb_locl.h"
-
-RCSID("$Id: krb_cache.c,v 1.6 1997/05/02 10:27:53 joda Exp $");
-
-#ifdef DEBUG
-extern int debug;
-extern long kerb_debug;
-#endif
-static int init = 0;
-
-/*
- * initialization routine for cache 
- */
-
-int
-kerb_cache_init(void)
-{
-    init = 1;
-    return (0);
-}
-
-/*
- * look up a principal in the cache returns number of principals found 
- */
-
-int
-kerb_cache_get_principal(char *serv, char *inst, Principal *principal, unsigned int max)
-                 		/* could have wild card */
-                 		/* could have wild card */
-                         
-                     		/* max number of name structs to return */
-
-{
-    int     found = 0;
-
-    if (!init)
-	kerb_cache_init();
-#ifdef DEBUG
-    if (kerb_debug & 2)
-	fprintf(stderr, "cache_get_principal for %s %s max = %d\n",
-	    serv, inst, max);
-#endif /* DEBUG */
-    
-#ifdef DEBUG
-    if (kerb_debug & 2) {
-	if (found) {
-	    fprintf(stderr, "cache get %s %s found %s %s sid = %d\n",
-		serv, inst, principal->name, principal->instance);
-	} else {
-	    fprintf(stderr, "cache %s %s not found\n", serv,
-		inst);
-	}
-    }
-#endif
-    return (found);
-}
-
-/*
- * insert/replace a principal in the cache returns number of principals
- * inserted 
- */
-
-int
-kerb_cache_put_principal(Principal *principal, unsigned int max)
-                         
-                     		/* max number of principal structs to
-				 * insert */
-
-{
-    u_long  i;
-    int     count = 0;
-
-    if (!init)
-	kerb_cache_init();
-
-#ifdef DEBUG
-    if (kerb_debug & 2) {
-	fprintf(stderr, "kerb_cache_put_principal  max = %d",
-	    max);
-    }
-#endif
-    
-    for (i = 0; i < max; i++) {
-#ifdef DEBUG
-	if (kerb_debug & 2)
-	    fprintf(stderr, "\n %s %s",
-		    principal->name, principal->instance);
-#endif	
-	/* DO IT */
-	count++;
-	principal++;
-    }
-    return count;
-}
-
-/*
- * look up a dba in the cache returns number of dbas found 
- */
-
-int
-kerb_cache_get_dba(char *serv, char *inst, Dba *dba, unsigned int max)
-                 		/* could have wild card */
-                 		/* could have wild card */
-                
-                     		/* max number of name structs to return */
-
-{
-    int     found = 0;
-
-    if (!init)
-	kerb_cache_init();
-
-#ifdef DEBUG
-    if (kerb_debug & 2)
-	fprintf(stderr, "cache_get_dba for %s %s max = %d\n",
-	    serv, inst, max);
-#endif
-
-#ifdef DEBUG
-    if (kerb_debug & 2) {
-	if (found) {
-	    fprintf(stderr, "cache get %s %s found %s %s sid = %d\n",
-		serv, inst, dba->name, dba->instance);
-	} else {
-	    fprintf(stderr, "cache %s %s not found\n", serv, inst);
-	}
-    }
-#endif
-    return (found);
-}
-
-/*
- * insert/replace a dba in the cache returns number of dbas inserted 
- */
-
-int
-kerb_cache_put_dba(Dba *dba, unsigned int max)
-                
-                     		/* max number of dba structs to insert */
-
-{
-    u_long  i;
-    int     count = 0;
-
-    if (!init)
-	kerb_cache_init();
-#ifdef DEBUG
-    if (kerb_debug & 2) {
-	fprintf(stderr, "kerb_cache_put_dba  max = %d", max);
-    }
-#endif
-    for (i = 0; i < max; i++) {
-#ifdef DEBUG
-	if (kerb_debug & 2)
-	    fprintf(stderr, "\n %s %s",
-		    dba->name, dba->instance);
-#endif	
-	/* DO IT */
-	count++;
-	dba++;
-    }
-    return count;
-}
-
diff --git a/crypto/kerberosIV/lib/kdb/krb_db.h b/crypto/kerberosIV/lib/kdb/krb_db.h
deleted file mode 100644
index 00d6bb07b805..000000000000
--- a/crypto/kerberosIV/lib/kdb/krb_db.h
+++ /dev/null
@@ -1,137 +0,0 @@
-/*
- * $Id$ 
- *
- * Copyright 1987, 1988 by the Massachusetts Institute of Technology. 
- *
- * For copying and distribution information, please see the file
- * <mit-copyright.h>. 
- *
- * spm		Project Athena  8/85 
- *
- * This file defines data structures for the kerberos
- * authentication/authorization database. 
- *
- * They MUST correspond to those defined in *.rel 
- */
-
-#ifndef KRB_DB_DEFS
-#define KRB_DB_DEFS
-
-#include <stdio.h>
-
-#define KERB_M_NAME		"K"	/* Kerberos */
-#define KERB_M_INST		"M"	/* Master */
-#define KERB_DEFAULT_NAME	"default"
-#define KERB_DEFAULT_INST	""
-#ifndef DB_DIR
-#define DB_DIR			"/var/db/kerberos"
-#endif
-#ifndef DBM_FILE
-#define	DBM_FILE		DB_DIR "/principal"
-#endif
-
-/* this also defines the number of queue headers */
-#define KERB_DB_HASH_MODULO 64
-
-
-/* Arguments to kerb_dbl_lock() */
-
-#define KERB_DBL_EXCLUSIVE 1
-#define KERB_DBL_SHARED 0
-
-/* arguments to kerb_db_set_lockmode() */
-
-#define KERB_DBL_BLOCKING 0
-#define KERB_DBL_NONBLOCKING 1
-
-/* arguments to kdb_get_master_key */
-
-#define KDB_GET_PROMPT 1
-#define KDB_GET_TWICE  2
-
-/* Principal defines the structure of a principal's name */
-
-typedef struct {
-    char    name[ANAME_SZ];
-    char    instance[INST_SZ];
-
-    u_int32_t key_low;
-    u_int32_t key_high;
-    u_int32_t exp_date;
-    char    exp_date_txt[DATE_SZ];
-    u_int32_t mod_date;
-    char    mod_date_txt[DATE_SZ];
-    u_int16_t attributes;
-    u_int8_t max_life;
-    u_int8_t kdc_key_ver;
-    u_int8_t key_version;
-
-    char    mod_name[ANAME_SZ];
-    char    mod_instance[INST_SZ];
-    char   *old;		/* cast to (Principal *); not in db,
-				 * ptr to old vals */
-} Principal;
-
-typedef struct {
-    int32_t    cpu;
-    int32_t    elapsed;
-    int32_t    dio;
-    int32_t    pfault;
-    int32_t    t_stamp;
-    int32_t    n_retrieve;
-    int32_t    n_replace;
-    int32_t    n_append;
-    int32_t    n_get_stat;
-    int32_t    n_put_stat;
-} DB_stat;
-
-/* Dba defines the structure of a database administrator */
-
-typedef struct {
-    char    name[ANAME_SZ];
-    char    instance[INST_SZ];
-    u_int16_t attributes;
-    u_int32_t exp_date;
-    char    exp_date_txt[DATE_SZ];
-    char   *old;	/*
-			 * cast to (Dba *); not in db, ptr to
-			 * old vals
-			 */
-} Dba;
-
-typedef int (*k_iter_proc_t)(void*, Principal*);
-
-void copy_from_key __P((des_cblock in, u_int32_t *lo, u_int32_t *hi));
-void copy_to_key __P((u_int32_t *lo, u_int32_t *hi, des_cblock out));
-
-void kdb_encrypt_key __P((des_cblock *, des_cblock *, des_cblock *,
-			  des_key_schedule, int));
-int kdb_get_master_key __P((int prompt, des_cblock *master_key,
-			    des_key_schedule master_key_sched));
-int kdb_get_new_master_key __P((des_cblock *, des_key_schedule, int));
-int kdb_kstash __P((des_cblock *, char *));
-int kdb_new_get_master_key __P((des_cblock *, des_key_schedule));
-int kdb_new_get_new_master_key __P((des_cblock *key, des_key_schedule schedule, int verify));
-long kdb_verify_master_key __P((des_cblock *, des_key_schedule, FILE *));
-long *kerb_db_begin_update __P((void));
-int kerb_db_create __P((char *db_name));
-int kerb_db_delete_principal (char *name, char *inst);
-void kerb_db_end_update __P((long *db));
-int kerb_db_get_dba __P((char *, char *, Dba *, unsigned, int *));
-void kerb_db_get_stat __P((DB_stat *));
-int kerb_db_iterate __P((k_iter_proc_t, void*));
-int kerb_db_put_principal __P((Principal *, unsigned int));
-void kerb_db_put_stat __P((DB_stat *));
-int kerb_db_rename __P((char *, char *));
-int kerb_db_set_lockmode __P((int));
-int kerb_db_set_name __P((char *));
-int kerb_db_update __P((long *db, Principal *principal, unsigned int max));
-int kerb_delete_principal __P((char *name, char *inst));
-void kerb_fini __P((void));
-int kerb_get_dba __P((char *, char *, Dba *, unsigned int, int *));
-time_t kerb_get_db_age __P((void));
-int kerb_get_principal __P((char *, char *, Principal *, unsigned int, int *));
-int kerb_init __P((void));
-int kerb_put_principal __P((Principal *, unsigned int));
-
-#endif /* KRB_DB_DEFS */
diff --git a/crypto/kerberosIV/lib/kdb/krb_dbm.c b/crypto/kerberosIV/lib/kdb/krb_dbm.c
deleted file mode 100644
index 963656a87607..000000000000
--- a/crypto/kerberosIV/lib/kdb/krb_dbm.c
+++ /dev/null
@@ -1,823 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-#include "kdb_locl.h"
-
-RCSID("$Id: krb_dbm.c,v 1.27 1997/05/02 14:29:09 assar Exp $");
-
-#include <xdbm.h>
-
-#define KERB_DB_MAX_RETRY 5
-
-#ifdef DEBUG
-extern int debug;
-extern long kerb_debug;
-extern char *progname;
-#endif
-
-static int init = 0;
-static char default_db_name[] = DBM_FILE;
-static char *current_db_name = default_db_name;
-
-static struct timeval timestamp;/* current time of request */
-static int non_blocking = 0;
-
-/*
- * This module contains all of the code which directly interfaces to
- * the underlying representation of the Kerberos database; this
- * implementation uses a DBM or NDBM indexed "file" (actually
- * implemented as two separate files) to store the relations, plus a
- * third file as a semaphore to allow the database to be replaced out
- * from underneath the KDC server.
- */
-
-/*
- * Locking:
- * 
- * There are two distinct locking protocols used.  One is designed to
- * lock against processes (the admin_server, for one) which make
- * incremental changes to the database; the other is designed to lock
- * against utilities (kdb_util, kpropd) which replace the entire
- * database in one fell swoop.
- *
- * The first locking protocol is implemented using flock() in the 
- * krb_dbl_lock() and krb_dbl_unlock routines.
- *
- * The second locking protocol is necessary because DBM "files" are
- * actually implemented as two separate files, and it is impossible to
- * atomically rename two files simultaneously.  It assumes that the
- * database is replaced only very infrequently in comparison to the time
- * needed to do a database read operation.
- *
- * A third file is used as a "version" semaphore; the modification
- * time of this file is the "version number" of the database.
- * At the start of a read operation, the reader checks the version
- * number; at the end of the read operation, it checks again.  If the
- * version number changed, or if the semaphore was nonexistant at
- * either time, the reader sleeps for a second to let things
- * stabilize, and then tries again; if it does not succeed after
- * KERB_DB_MAX_RETRY attempts, it gives up.
- * 
- * On update, the semaphore file is deleted (if it exists) before any
- * update takes place; at the end of the update, it is replaced, with
- * a version number strictly greater than the version number which
- * existed at the start of the update.
- * 
- * If the system crashes in the middle of an update, the semaphore
- * file is not automatically created on reboot; this is a feature, not
- * a bug, since the database may be inconsistant.  Note that the
- * absence of a semaphore file does not prevent another _update_ from
- * taking place later.  Database replacements take place automatically
- * only on slave servers; a crash in the middle of an update will be
- * fixed by the next slave propagation.  A crash in the middle of an
- * update on the master would be somewhat more serious, but this would
- * likely be noticed by an administrator, who could fix the problem and
- * retry the operation.
- */
-
-
-/*
- * Utility routine: generate name of database file.
- */
-
-static char *gen_dbsuffix (char *db_name, char *sfx);
-
-static char *
-gen_dbsuffix(char *db_name, char *sfx)
-{
-    char *dbsuffix;
-    
-    if (sfx == NULL)
-	sfx = ".ok";
-
-    asprintf (&dbsuffix, "%s%s", db_name, sfx);
-    return dbsuffix;
-}
-
-static void
-decode_princ_key (datum *key, char *name, char *instance);
-
-static void
-decode_princ_key(datum *key, char *name, char *instance)
-{
-    strncpy(name, key->dptr, ANAME_SZ);
-    strncpy(instance, (char *)key->dptr + ANAME_SZ, INST_SZ);
-    name[ANAME_SZ - 1] = '\0';
-    instance[INST_SZ - 1] = '\0';
-}
-
-static void
-encode_princ_contents (datum *contents, Principal *principal);
-
-static void
-encode_princ_contents(datum *contents, Principal *principal)
-{
-    contents->dsize = sizeof(*principal);
-    contents->dptr = (char *) principal;
-}
-
-static void
-decode_princ_contents (datum *contents, Principal *principal)
-{
-    memcpy(principal, contents->dptr, sizeof(*principal));
-}
-
-static void
-encode_princ_key (datum *key, char *name, char *instance)
-{
-    static char keystring[ANAME_SZ + INST_SZ];
-
-    memset(keystring, 0, ANAME_SZ + INST_SZ);
-    strncpy(keystring, name, ANAME_SZ);
-    strncpy(&keystring[ANAME_SZ], instance, INST_SZ);
-    key->dptr = keystring;
-    key->dsize = ANAME_SZ + INST_SZ;
-}
-
-static int dblfd = -1;		/* db LOCK fd */
-static int mylock = 0;
-static int inited = 0;
-
-static int
-kerb_dbl_init (void);
-
-static int
-kerb_dbl_init()
-{
-    if (!inited) {
-	char *filename = gen_dbsuffix (current_db_name, ".ok");
-	if ((dblfd = open(filename, O_RDWR)) < 0) {
-	    fprintf(stderr, "kerb_dbl_init: couldn't open %s\n", filename);
-	    fflush(stderr);
-	    perror("open");
-	    exit(1);
-	}
-	free(filename);
-	inited++;
-    }
-    return (0);
-}
-
-static void
-kerb_dbl_fini (void);
-
-static void
-kerb_dbl_fini()
-{
-    close(dblfd);
-    dblfd = -1;
-    inited = 0;
-    mylock = 0;
-}
-
-static int
-kerb_dbl_lock (int mode);
-
-static int
-kerb_dbl_lock(int mode)
-{
-    int flock_mode;
-    
-    if (!inited)
-	kerb_dbl_init();
-    if (mylock) {		/* Detect lock call when lock already
-				 * locked */
-	fprintf(stderr, "Kerberos locking error (mylock)\n");
-	fflush(stderr);
-	exit(1);
-    }
-    switch (mode) {
-    case KERB_DBL_EXCLUSIVE:
-	flock_mode = K_LOCK_EX;
-	break;
-    case KERB_DBL_SHARED:
-	flock_mode = K_LOCK_SH;
-	break;
-    default:
-	fprintf(stderr, "invalid lock mode %d\n", mode);
-	abort();
-    }
-    if (non_blocking)
-	flock_mode |= K_LOCK_NB;
-    
-    if (k_flock(dblfd, flock_mode) < 0) 
-	return errno;
-    mylock++;
-    return 0;
-}
-
-static void kerb_dbl_unlock (void);
-
-static void
-kerb_dbl_unlock()
-{
-    if (!mylock) {		/* lock already unlocked */
-	fprintf(stderr, "Kerberos database lock not locked when unlocking.\n");
-	fflush(stderr);
-	exit(1);
-    }
-    if (k_flock(dblfd, K_LOCK_UN) < 0) {
-	fprintf(stderr, "Kerberos database lock error. (unlocking)\n");
-	fflush(stderr);
-	perror("k_flock");
-	exit(1);
-    }
-    mylock = 0;
-}
-
-int
-kerb_db_set_lockmode (int mode);
-
-int
-kerb_db_set_lockmode(int mode)
-{
-    int old = non_blocking;
-    non_blocking = mode;
-    return old;
-}
-
-/*
- * initialization for data base routines.
- */
-
-int
-kerb_db_init (void);
-
-int
-kerb_db_init()
-{
-    init = 1;
-    return (0);
-}
-
-/*
- * gracefully shut down database--must be called by ANY program that does
- * a kerb_db_init 
- */
-
-void
-kerb_db_fini (void);
-
-void
-kerb_db_fini()
-{
-}
-
-/*
- * Set the "name" of the current database to some alternate value.
- *
- * Passing a null pointer as "name" will set back to the default.
- * If the alternate database doesn't exist, nothing is changed.
- */
-
-int
-kerb_db_set_name (char *name);
-
-int
-kerb_db_set_name(char *name)
-{
-    DBM *db;
-
-    if (name == NULL)
-	name = default_db_name;
-    db = dbm_open(name, 0, 0);
-    if (db == NULL)
-	return errno;
-    dbm_close(db);
-    kerb_dbl_fini();
-    current_db_name = name;
-    return 0;
-}
-
-/*
- * Return the last modification time of the database.
- */
-
-time_t
-kerb_get_db_age (void);
-
-time_t
-kerb_get_db_age()
-{
-    struct stat st;
-    char *okname;
-    time_t age;
-    
-    okname = gen_dbsuffix(current_db_name, ".ok");
-
-    if (stat (okname, &st) < 0)
-	age = 0;
-    else
-	age = st.st_mtime;
-
-    free (okname);
-    return age;
-}
-
-/*
- * Remove the semaphore file; indicates that database is currently
- * under renovation.
- *
- * This is only for use when moving the database out from underneath
- * the server (for example, during slave updates).
- */
-
-static time_t
-kerb_start_update (char *db_name);
-
-static time_t
-kerb_start_update(char *db_name)
-{
-    char *okname = gen_dbsuffix(db_name, ".ok");
-    time_t age = kerb_get_db_age();
-    
-    if (unlink(okname) < 0
-	&& errno != ENOENT) {
-	    age = -1;
-    }
-    free (okname);
-    return age;
-}
-
-static int
-kerb_end_update (char *db_name, time_t age);
-
-static int
-kerb_end_update(char *db_name, time_t age)
-{
-    int fd;
-    int retval = 0;
-    char *new_okname = gen_dbsuffix(db_name, ".ok#");
-    char *okname = gen_dbsuffix(db_name, ".ok");
-    
-    fd = open (new_okname, O_CREAT|O_RDWR|O_TRUNC, 0600);
-    if (fd < 0)
-	retval = errno;
-    else {
-	struct stat st;
-	struct utimbuf tv;
-	/* make sure that semaphore is "after" previous value. */
-	if (fstat (fd, &st) == 0
-	    && st.st_mtime <= age) {
-	    tv.actime = st.st_atime;
-	    tv.modtime = age;
-	    /* set times.. */
-	    utime (new_okname, &tv);
-	    fsync(fd);
-	}
-	close(fd);
-	if (rename (new_okname, okname) < 0)
-	    retval = errno;
-    }
-
-    free (new_okname);
-    free (okname);
-
-    return retval;
-}
-
-static time_t
-kerb_start_read (void);
-
-static time_t
-kerb_start_read()
-{
-    return kerb_get_db_age();
-}
-
-static int kerb_end_read (time_t age);
-
-static int
-kerb_end_read(time_t age)
-{
-    if (kerb_get_db_age() != age || age == -1) {
-	return -1;
-    }
-    return 0;
-}
-
-/*
- * Create the database, assuming it's not there.
- */
-int
-kerb_db_create(char *db_name)
-{
-    char *okname = gen_dbsuffix(db_name, ".ok");
-    int fd;
-    int ret = 0;
-#ifdef NDBM
-    DBM *db;
-
-    db = dbm_open(db_name, O_RDWR|O_CREAT|O_EXCL, 0600);
-    if (db == NULL)
-	ret = errno;
-    else
-	dbm_close(db);
-#else
-    char *dirname = gen_dbsuffix(db_name, ".dir");
-    char *pagname = gen_dbsuffix(db_name, ".pag");
-
-    fd = open(dirname, O_RDWR|O_CREAT|O_EXCL, 0600);
-    if (fd < 0)
-	ret = errno;
-    else {
-	close(fd);
-	fd = open (pagname, O_RDWR|O_CREAT|O_EXCL, 0600);
-	if (fd < 0)
-	    ret = errno;
-	else
-	    close(fd);
-    }
-    if (dbminit(db_name) < 0)
-	ret = errno;
-#endif
-    if (ret == 0) {
-	fd = open (okname, O_CREAT|O_RDWR|O_TRUNC, 0600);
-	if (fd < 0)
-	    ret = errno;
-	close(fd);
-    }
-    return ret;
-}
-
-/*
- * "Atomically" rename the database in a way that locks out read
- * access in the middle of the rename.
- *
- * Not perfect; if we crash in the middle of an update, we don't
- * necessarily know to complete the transaction the rename, but...
- */
-
-int
-kerb_db_rename(char *from, char *to)
-{
-#ifdef HAVE_NEW_DB
-    char *fromdb = gen_dbsuffix (from, ".db");
-    char *todb = gen_dbsuffix (to, ".db");
-#else
-    char *fromdir = gen_dbsuffix (from, ".dir");
-    char *todir = gen_dbsuffix (to, ".dir");
-    char *frompag = gen_dbsuffix (from , ".pag");
-    char *topag = gen_dbsuffix (to, ".pag");
-#endif
-    char *fromok = gen_dbsuffix(from, ".ok");
-    long trans = kerb_start_update(to);
-    int ok = 0;
-    
-#ifdef HAVE_NEW_DB
-    if (rename (fromdb, todb) == 0) {
-	unlink (fromok);
-	ok = 1;
-    }
-    free (fromdb);
-    free (todb);
-#else
-    if ((rename (fromdir, todir) == 0)
-	&& (rename (frompag, topag) == 0)) {
-	unlink (fromok);
-	ok = 1;
-    }
-    free (fromdir);
-    free (todir);
-    free (frompag);
-    free (topag);
-#endif
-    free (fromok);
-    if (ok)
-	return kerb_end_update(to, trans);
-    else
-	return -1;
-}
-
-int
-kerb_db_delete_principal (char *name, char *inst)
-{
-    DBM *db;
-    int try;
-    int done = 0;
-    int code;
-    datum key;
-    
-    if(!init)
-	kerb_db_init();
-    
-    for(try = 0; try < KERB_DB_MAX_RETRY; try++){
-	if((code = kerb_dbl_lock(KERB_DBL_SHARED)) != 0)
-	    return -1;
-	
-	db = dbm_open(current_db_name, O_RDWR, 0600);
-	if(db == NULL)
-	    return -1;
-	encode_princ_key(&key, name, inst);
-	if(dbm_delete(db, key) == 0)
-	    done = 1;
-	
-	dbm_close(db);
-	kerb_dbl_unlock();
-	if(done)
-	    break;
-	if(!non_blocking)
-	    sleep(1);
-    }
-    if(!done)
-	return -1;
-    return 0;
-}
-
-
-/*
- * look up a principal in the data base returns number of principals
- * found , and whether there were more than requested. 
- */
-
-int
-kerb_db_get_principal (char *name, char *inst, Principal *principal, 
-		       unsigned int max, int *more)
-{
-    int     found = 0, code;
-    int     wildp, wildi;
-    datum   key, contents;
-    char    testname[ANAME_SZ], testinst[INST_SZ];
-    u_long trans;
-    int try;
-    DBM    *db;
-
-    if (!init)
-	kerb_db_init();		/* initialize database routines */
-
-    for (try = 0; try < KERB_DB_MAX_RETRY; try++) {
-	trans = kerb_start_read();
-
-	if ((code = kerb_dbl_lock(KERB_DBL_SHARED)) != 0)
-	    return -1;
-
-	db = dbm_open(current_db_name, O_RDONLY, 0600);
-
-	*more = 0;
-
-#ifdef DEBUG
-	if (kerb_debug & 2)
-	    fprintf(stderr,
-		    "%s: db_get_principal for %s %s max = %d",
-		    progname, name, inst, max);
-#endif
-
-	wildp = !strcmp(name, "*");
-	wildi = !strcmp(inst, "*");
-
-	if (!wildi && !wildp) {	/* nothing's wild */
-	    encode_princ_key(&key, name, inst);
-	    contents = dbm_fetch(db, key);
-	    if (contents.dptr == NULL) {
-		found = 0;
-		goto done;
-	    }
-	    decode_princ_contents(&contents, principal);
-#ifdef DEBUG
-	    if (kerb_debug & 1) {
-		fprintf(stderr, "\t found %s %s p_n length %d t_n length %d\n",
-			principal->name, principal->instance,
-			strlen(principal->name),
-			strlen(principal->instance));
-	    }
-#endif
-	    found = 1;
-	    goto done;
-	}
-	/* process wild cards by looping through entire database */
-
-	for (key = dbm_firstkey(db); key.dptr != NULL;
-	     key = dbm_next(db, key)) {
-	    decode_princ_key(&key, testname, testinst);
-	    if ((wildp || !strcmp(testname, name)) &&
-		(wildi || !strcmp(testinst, inst))) { /* have a match */
-		if (found >= max) {
-		    *more = 1;
-		    goto done;
-		} else {
-		    found++;
-		    contents = dbm_fetch(db, key);
-		    decode_princ_contents(&contents, principal);
-#ifdef DEBUG
-		    if (kerb_debug & 1) {
-			fprintf(stderr,
-				"\tfound %s %s p_n length %d t_n length %d\n",
-				principal->name, principal->instance,
-				strlen(principal->name),
-				strlen(principal->instance));
-		    }
-#endif
-		    principal++; /* point to next */
-		}
-	    }
-	}
-
-    done:
-	kerb_dbl_unlock();	/* unlock read lock */
-	dbm_close(db);
-	if (kerb_end_read(trans) == 0)
-	    break;
-	found = -1;
-	if (!non_blocking)
-	    sleep(1);
-    }
-    return (found);
-}
-
-/* Use long * rather than DBM * so that the database structure is private */
-
-long *
-kerb_db_begin_update(void)
-{
-    int code;
-
-    gettimeofday(&timestamp, NULL);
-
-    if (!init)
-	kerb_db_init();
-
-    if ((code = kerb_dbl_lock(KERB_DBL_EXCLUSIVE)) != 0)
-	return 0;
-
-    return (long *) dbm_open(current_db_name, O_RDWR, 0600);
-}
-
-void
-kerb_db_end_update(long *db)
-{
-    dbm_close((DBM *)db);
-    kerb_dbl_unlock();		/* unlock database */
-}
-
-int
-kerb_db_update(long *db, Principal *principal, unsigned int max)
-{
-    int     found = 0;
-    u_long  i;
-    datum   key, contents;
-
-#ifdef DEBUG
-    if (kerb_debug & 2)
-	fprintf(stderr, "%s: kerb_db_put_principal  max = %d",
-	    progname, max);
-#endif
-
-    /* for each one, stuff temps, and do replace/append */
-    for (i = 0; i < max; i++) {
-	encode_princ_contents(&contents, principal);
-	encode_princ_key(&key, principal->name, principal->instance);
-	dbm_store((DBM *)db, key, contents, DBM_REPLACE);
-#ifdef DEBUG
-	if (kerb_debug & 1) {
-	    fprintf(stderr, "\n put %s %s\n",
-		principal->name, principal->instance);
-	}
-#endif
-	found++;
-	principal++;		/* bump to next struct			   */
-    }
-    return found;
-}
-
-/*
- * Update a name in the data base.  Returns number of names
- * successfully updated.
- */
-
-int
-kerb_db_put_principal (Principal *principal, unsigned int max);
-
-int
-kerb_db_put_principal(Principal *principal,
-		      unsigned max)
-
-{
-    int found;
-    long    *db;
-
-    db = kerb_db_begin_update();
-    if (db == 0)
-	return -1;
-
-    found = kerb_db_update(db, principal, max);
-
-    kerb_db_end_update(db);
-    return (found);
-}
-
-void
-kerb_db_get_stat (DB_stat *s);
-
-void
-kerb_db_get_stat(DB_stat *s)
-{
-    gettimeofday(&timestamp, NULL);
-
-    s->cpu = 0;
-    s->elapsed = 0;
-    s->dio = 0;
-    s->pfault = 0;
-    s->t_stamp = timestamp.tv_sec;
-    s->n_retrieve = 0;
-    s->n_replace = 0;
-    s->n_append = 0;
-    s->n_get_stat = 0;
-    s->n_put_stat = 0;
-    /* update local copy too */
-}
-
-void
-kerb_db_put_stat (DB_stat *s);
-
-void
-kerb_db_put_stat(DB_stat *s)
-{
-}
-
-void
-delta_stat (DB_stat *a, DB_stat *b, DB_stat *c);
-
-void
-delta_stat(DB_stat *a, DB_stat *b, DB_stat *c)
-{
-    /* c = a - b then b = a for the next time */
-
-    c->cpu = a->cpu - b->cpu;
-    c->elapsed = a->elapsed - b->elapsed;
-    c->dio = a->dio - b->dio;
-    c->pfault = a->pfault - b->pfault;
-    c->t_stamp = a->t_stamp - b->t_stamp;
-    c->n_retrieve = a->n_retrieve - b->n_retrieve;
-    c->n_replace = a->n_replace - b->n_replace;
-    c->n_append = a->n_append - b->n_append;
-    c->n_get_stat = a->n_get_stat - b->n_get_stat;
-    c->n_put_stat = a->n_put_stat - b->n_put_stat;
-
-    memcpy(b, a, sizeof(DB_stat));
-    return;
-}
-
-/*
- * look up a dba in the data base returns number of dbas found , and
- * whether there were more than requested. 
- */
-
-int
-kerb_db_get_dba (char *dba_name, char *dba_inst, Dba *dba, unsigned int max, int *more);
-
-int
-kerb_db_get_dba(char *dba_name, char *dba_inst, Dba *dba,
-		unsigned max,
-		int *more)
-		/* could have wild card */
-		/* could have wild card */
-		/* max number of name structs to return */
-		/* where there more than 'max' tuples? */
-{
-    *more = 0;
-    return (0);
-}
-
-int
-kerb_db_iterate (k_iter_proc_t func, void *arg)
-{
-    datum key, contents;
-    Principal *principal;
-    int code;
-    DBM *db;
-    
-    kerb_db_init();		/* initialize and open the database */
-    if ((code = kerb_dbl_lock(KERB_DBL_SHARED)) != 0)
-	return code;
-
-    db = dbm_open(current_db_name, O_RDONLY, 0600);
-
-    for (key = dbm_firstkey (db); key.dptr != NULL; key = dbm_next(db, key)) {
-	contents = dbm_fetch (db, key);
-	/* XXX may not be properly aligned */
-	principal = (Principal *) contents.dptr;
-	if ((code = (*func)(arg, principal)) != 0)
-	    return code;
-    }
-    dbm_close(db);
-    kerb_dbl_unlock();
-    return 0;
-}
diff --git a/crypto/kerberosIV/lib/kdb/krb_kdb_utils.c b/crypto/kerberosIV/lib/kdb/krb_kdb_utils.c
deleted file mode 100644
index f321e9f710b7..000000000000
--- a/crypto/kerberosIV/lib/kdb/krb_kdb_utils.c
+++ /dev/null
@@ -1,261 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-/*
- * Utility routines for Kerberos programs which directly access
- * the database.  This code was duplicated in too many places
- * before I gathered it here.
- *
- * Jon Rochlis, MIT Telecom, March 1988
- */
-
-#include "kdb_locl.h"
-
-#include <kdc.h>
-
-RCSID("$Id: krb_kdb_utils.c,v 1.23 1997/05/02 14:29:10 assar Exp $");
-
-/* always try /.k for backwards compatibility */
-static char *master_key_files[] = { MKEYFILE, "/.k", NULL };
-
-#ifdef HAVE_STRERROR
-#define k_strerror(e) strerror(e)
-#else
-static
-char *
-k_strerror(int eno)
-{
-  extern int sys_nerr;
-  extern char *sys_errlist[];
-
-  static char emsg[128];
-
-  if (eno < 0 || eno >= sys_nerr)
-    snprintf(emsg, sizeof(emsg), "Error %d occurred.", eno);
-  else
-    return sys_errlist[eno];
-
-  return emsg;
-}
-#endif
-
-int
-kdb_new_get_master_key(des_cblock *key, des_key_schedule schedule)
-{
-  int kfile;
-  int i;
-  char buf[1024];
-
-  char **mkey;
-
-  for(mkey = master_key_files; *mkey; mkey++){
-      kfile = open(*mkey, O_RDONLY);
-      if(kfile < 0 && errno != ENOENT)
-	  fprintf(stderr, "Failed to open master key file \"%s\": %s\n", 
-		  *mkey,
-		  k_strerror(errno));
-      if(kfile >= 0)
-	  break;
-  }
-  if(*mkey){
-      int bytes;
-      bytes = read(kfile, (char*)key, sizeof(des_cblock));
-      close(kfile);
-      if(bytes == sizeof(des_cblock)){
-	  des_key_sched(key, schedule);
-	  return 0;
-      }
-      fprintf(stderr, "Could only read %d bytes from master key file %s\n", 
-	      bytes, *mkey);
-  }else{
-      fprintf(stderr, "No master key file found.\n");
-  }
-
-  
-  i=0;
-  while(i < 3){
-      if(des_read_pw_string(buf, sizeof(buf), "Enter master password: ", 0))
-	  break;
-
-      /* buffer now contains either an old format master key password or a
-       * new format base64 encoded master key
-       */
-      
-      /* try to verify as old password */
-      des_string_to_key(buf, key);
-      des_key_sched(key, schedule);
-      
-      if(kdb_verify_master_key(key, schedule, NULL) != -1){
-	  memset(buf, 0, sizeof(buf));
-	  return 0;
-      }
-      
-      /* failed test, so must be base64 encoded */
-      
-      if(base64_decode(buf, key) == 8){
-	  des_key_sched(key, schedule);
-	  if(kdb_verify_master_key(key, schedule, NULL) != -1){
-	      memset(buf, 0, sizeof(buf));
-	      return 0;
-	  }
-      }
-      
-      memset(buf, 0, sizeof(buf));
-      fprintf(stderr, "Failed to verify master key.\n");
-      i++;
-  }
-  
-  /* life sucks */
-  fprintf(stderr, "You loose.\n");
-  exit(1);
-}
-
-int kdb_new_get_new_master_key(des_cblock *key, des_key_schedule schedule, 
-			       int verify)
-{
-#ifndef RANDOM_MKEY
-  des_read_password(key, "\nEnter Kerberos master password: ", verify);
-  printf ("\n");
-#else
-  char buf[1024];
-  des_generate_random_block (key);
-  des_key_sched(key, schedule);
-  
-  des_read_pw_string(buf, sizeof(buf), "Enter master key seed: ", 0);
-  des_cbc_cksum((des_cblock*)buf, key, sizeof(buf), schedule, key);
-  memset(buf, 0, sizeof(buf));
-#endif
-  des_key_sched(key, schedule);
-  return 0;
-}
-
-int kdb_get_master_key(int prompt, des_cblock *master_key, 
-		       des_key_schedule master_key_sched)
-{
-  int ask = (prompt == KDB_GET_TWICE);
-#ifndef RANDOM_MKEY
-  ask |= (prompt == KDB_GET_PROMPT);
-#endif
-  
-  if(ask)
-    kdb_new_get_new_master_key(master_key, master_key_sched, 
-			       prompt == KDB_GET_TWICE);
-  else
-    kdb_new_get_master_key(master_key, master_key_sched);
-  return 0;
-}
-
-int kdb_kstash(des_cblock *master_key, char *file)
-{
-  int kfile;
-  kfile = open(file, O_TRUNC | O_RDWR | O_CREAT, 0600);
-  if (kfile < 0) {
-    return -1;
-  }
-  if (write(kfile, master_key, sizeof(des_cblock)) != sizeof(des_cblock)) {
-    close(kfile);
-    return -1;
-  }
-  close(kfile);
-  return 0;
-}
-
-/* The old algorithm used the key schedule as the initial vector which
-   was byte order depedent ... */
-
-void
-kdb_encrypt_key (des_cblock (*in), des_cblock (*out),
-		 des_cblock (*master_key),
-		 des_key_schedule master_key_sched, int e_d_flag)
-{
-
-#ifdef NOENCRYPTION
-  memcpy(out, in, sizeof(des_cblock));
-#else
-  des_pcbc_encrypt(in,out,(long)sizeof(des_cblock),master_key_sched,master_key,
- 	e_d_flag);
-#endif
-}
-
-/* The caller is reasponsible for cleaning up the master key and sched,
-   even if we can't verify the master key */
-
-/* Returns master key version if successful, otherwise -1 */
-
-long 
-kdb_verify_master_key (des_cblock *master_key,
-		       des_key_schedule master_key_sched,
-		       FILE *out) /* NULL -> no output */
-{
-  des_cblock key_from_db;
-  Principal principal_data[1];
-  int n, more = 0;
-  long master_key_version;
-
-  /* lookup the master key version */
-  n = kerb_get_principal(KERB_M_NAME, KERB_M_INST, principal_data,
-			 1 /* only one please */, &more);
-  if ((n != 1) || more) {
-    if (out != (FILE *) NULL) 
-      fprintf(out,
-	      "verify_master_key: %s, %d found.\n",
-	      "Kerberos error on master key version lookup",
-	      n);
-    return (-1);
-  }
-
-  master_key_version = (long) principal_data[0].key_version;
-
-  /* set up the master key */
-  if (out != (FILE *) NULL)  /* should we punt this? */
-    fprintf(out, "Current Kerberos master key version is %d.\n",
-	    principal_data[0].kdc_key_ver);
-
-  /*
-   * now use the master key to decrypt the key in the db, had better
-   * be the same! 
-   */
-  copy_to_key(&principal_data[0].key_low,
-	      &principal_data[0].key_high,
-	      key_from_db);
-  kdb_encrypt_key (&key_from_db, &key_from_db, 
-		   master_key, master_key_sched, DES_DECRYPT);
-
-  /* the decrypted database key had better equal the master key */
-  n = memcmp(master_key, key_from_db, sizeof(master_key));
-  /* this used to zero the master key here! */
-  memset(key_from_db, 0, sizeof(key_from_db));
-  memset(principal_data, 0, sizeof (principal_data));
-
-  if (n && (out != (FILE *) NULL)) {
-    fprintf(out, "\n\07\07verify_master_key: Invalid master key; ");
-    fprintf(out, "does not match database.\n");
-  }
-  if(n)
-    return (-1);
-
-  if (out != (FILE *) NULL) {
-    fprintf(out, "\nMaster key entered.  BEWARE!\07\07\n");
-    fflush(out);
-  }
-
-  return (master_key_version);
-}
diff --git a/crypto/kerberosIV/lib/kdb/krb_lib.c b/crypto/kerberosIV/lib/kdb/krb_lib.c
deleted file mode 100644
index 19bf3168ac19..000000000000
--- a/crypto/kerberosIV/lib/kdb/krb_lib.c
+++ /dev/null
@@ -1,259 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-#include "kdb_locl.h"
-
-RCSID("$Id: krb_lib.c,v 1.11 1997/05/07 01:36:08 assar Exp $");
-
-#ifdef DEBUG
-extern int debug;
-extern char *progname;
-long    kerb_debug;
-#endif
-
-static int init = 0;
-
-/*
- * initialization routine for data base 
- */
-
-int
-kerb_init(void)
-{
-#ifdef DEBUG
-    if (!init) {
-	char *dbg = getenv("KERB_DBG");
-	if (dbg)
-	    sscanf(dbg, "%d", &kerb_debug);
-	init = 1;
-    }
-#endif
-    kerb_db_init();
-
-#ifdef CACHE
-    kerb_cache_init();
-#endif
-
-    /* successful init, return 0, else errcode */
-    return (0);
-}
-
-/*
- * finalization routine for database -- NOTE: MUST be called by any
- * program using kerb_init.  ALSO will have to be modified to finalize
- * caches, if they're ever really implemented. 
- */
-
-void
-kerb_fini(void)
-{
-    kerb_db_fini();
-}
-
-
-int
-kerb_delete_principal(char *name, char *inst)
-{
-    int ret;
-    
-    if (!init)
-	kerb_init();
-
-    ret = kerb_db_delete_principal(name, inst);
-#ifdef CACHE
-    if(ret == 0){
-	kerb_cache_delete_principal(name, inst);
-    }
-#endif
-    return ret;
-}
-
-
-/*
- * look up a principal in the cache or data base returns number of
- * principals found 
- */
-
-int
-kerb_get_principal(char *name, char *inst, Principal *principal,
-		   unsigned int max, int *more)
-                 		/* could have wild card */
-                 		/* could have wild card */
-                         
-                     		/* max number of name structs to return */
-                 		/* more tuples than room for */
-
-{
-    int     found = 0;
-#ifdef CACHE
-    static int wild = 0;
-#endif
-    if (!init)
-	kerb_init();
-
-#ifdef DEBUG
-    if (kerb_debug & 1)
-	fprintf(stderr, "\n%s: kerb_get_principal for %s %s max = %d\n",
-	    progname, name, inst, max);
-#endif
-    
-    /*
-     * if this is a request including a wild card, have to go to db
-     * since the cache may not be exhaustive. 
-     */
-
-    /* clear the principal area */
-    memset(principal, 0, max * sizeof(Principal));
-
-#ifdef CACHE
-    /*
-     * so check to see if the name contains a wildcard "*" or "?", not
-     * preceeded by a backslash. 
-     */
-    wild = 0;
-    if (index(name, '*') || index(name, '?') ||
-	index(inst, '*') || index(inst, '?'))
-	wild = 1;
-
-    if (!wild) {
-	/* try the cache first */
-	found = kerb_cache_get_principal(name, inst, principal, max, more);
-	if (found)
-	    return (found);
-    }
-#endif
-    /* If we didn't try cache, or it wasn't there, try db */
-    found = kerb_db_get_principal(name, inst, principal, max, more);
-    /* try to insert principal(s) into cache if it was found */
-#ifdef CACHE
-    if (found) {
-	kerb_cache_put_principal(principal, found);
-    }
-#endif
-    return (found);
-}
-
-/* principals */
-int
-kerb_put_principal(Principal *principal, unsigned int n)
-                         
-                   		/* number of principal structs to write */
-{
-    struct tm *tp;
-
-    /* set mod date */
-    principal->mod_date = time((time_t *)0);
-    /* and mod date string */
-
-    tp = k_localtime(&principal->mod_date);
-    snprintf(principal->mod_date_txt,
-	     sizeof(principal->mod_date_txt),
-	     "%4d-%2d-%2d",
-	     tp->tm_year + 1900,
-	     tp->tm_mon + 1, tp->tm_mday); /* January is 0, not 1 */
-#ifdef DEBUG
-    if (kerb_debug & 1) {
-	int i;
-	fprintf(stderr, "\nkerb_put_principal...");
-	for (i = 0; i < n; i++) {
-	    krb_print_principal(&principal[i]);
-	}
-    }
-#endif
-    /* write database */
-    if (kerb_db_put_principal(principal, n) < 0) {
-#ifdef DEBUG
-	if (kerb_debug & 1)
-	    fprintf(stderr, "\n%s: kerb_db_put_principal err", progname);
-	/* watch out for cache */
-#endif
-	return -1;
-    }
-#ifdef CACHE
-    /* write cache */
-    if (!kerb_cache_put_principal(principal, n)) {
-#ifdef DEBUG
-	if (kerb_debug & 1)
-	    fprintf(stderr, "\n%s: kerb_cache_put_principal err", progname);
-#endif
-	return -1;
-    }
-#endif
-    return 0;
-}
-
-int
-kerb_get_dba(char *name, char *inst, Dba *dba, unsigned int max, int *more)
-                 		/* could have wild card */
-                 		/* could have wild card */
-                
-                     		/* max number of name structs to return */
-                 		/* more tuples than room for */
-
-{
-    int     found = 0;
-#ifdef CACHE
-    static int wild = 0;
-#endif
-    if (!init)
-	kerb_init();
-
-#ifdef DEBUG
-    if (kerb_debug & 1)
-	fprintf(stderr, "\n%s: kerb_get_dba for %s %s max = %d\n",
-	    progname, name, inst, max);
-#endif
-    /*
-     * if this is a request including a wild card, have to go to db
-     * since the cache may not be exhaustive. 
-     */
-
-    /* clear the dba area */
-    memset(dba, 0, max * sizeof(Dba));
-
-#ifdef CACHE
-    /*
-     * so check to see if the name contains a wildcard "*" or "?", not
-     * preceeded by a backslash. 
-     */
-
-    wild = 0;
-    if (index(name, '*') || index(name, '?') ||
-	index(inst, '*') || index(inst, '?'))
-	wild = 1;
-
-    if (!wild) {
-	/* try the cache first */
-	found = kerb_cache_get_dba(name, inst, dba, max, more);
-	if (found)
-	    return (found);
-    }
-#endif
-    /* If we didn't try cache, or it wasn't there, try db */
-    found = kerb_db_get_dba(name, inst, dba, max, more);
-#ifdef CACHE
-    /* try to insert dba(s) into cache if it was found */
-    if (found) {
-	kerb_cache_put_dba(dba, found);
-    }
-#endif
-    return (found);
-}
diff --git a/crypto/kerberosIV/lib/kdb/print_princ.c b/crypto/kerberosIV/lib/kdb/print_princ.c
deleted file mode 100644
index 786c5a93a218..000000000000
--- a/crypto/kerberosIV/lib/kdb/print_princ.c
+++ /dev/null
@@ -1,48 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-#include "kdb_locl.h"
-
-RCSID("$Id: print_princ.c,v 1.5 1997/05/07 01:37:13 assar Exp $");
-
-void
-krb_print_principal(Principal *a_n)
-{
-    struct tm *time_p;
-
-    /* run-time database does not contain string versions */
-    time_p = k_localtime(&(a_n->exp_date));
-
-    fprintf(stderr,
-    "\n%s %s expires %4d-%2d-%2d %2d:%2d, max_life %d*5 = %d min  attr 0x%02x",
-    a_n->name, a_n->instance,
-    time_p->tm_year + 1900,
-    time_p->tm_mon + 1, time_p->tm_mday,
-    time_p->tm_hour, time_p->tm_min,
-    a_n->max_life, 5 * a_n->max_life, a_n->attributes);
-
-    fprintf(stderr,
-    "\n\tkey_ver %d  k_low 0x%08lx  k_high 0x%08lx  akv %d  exists %ld\n",
-    a_n->key_version, (long)a_n->key_low, (long)a_n->key_high,
-    a_n->kdc_key_ver, (long)a_n->old);
-
-    fflush(stderr);
-}
diff --git a/crypto/kerberosIV/lib/krb/Makefile.in b/crypto/kerberosIV/lib/krb/Makefile.in
deleted file mode 100644
index 8b34d651e86c..000000000000
--- a/crypto/kerberosIV/lib/krb/Makefile.in
+++ /dev/null
@@ -1,269 +0,0 @@
-#
-# $Id: Makefile.in,v 1.74 1997/05/19 03:03:05 assar Exp $
-#
-
-# Under SunOS-5.x it is necessary to link with -ldes to be binary compatible.
-LIBDES=`test -r /usr/lib/libkrb.so.1 && echo "-lresolv -L../des -ldes"; true`
-
-SHELL = /bin/sh
-
-srcdir = @srcdir@
-VPATH = @srcdir@
-
-CC = @CC@
-AR = ar
-RANLIB = @RANLIB@
-LN_S = @LN_S@
-DEFS = @DEFS@
-CFLAGS = @CFLAGS@
-LD_FLAGS = @LD_FLAGS@
-EXECSUFFIX=@EXECSUFFIX@
-
-INSTALL = @INSTALL@
-INSTALL_DATA	= @INSTALL_DATA@
-MKINSTALLDIRS = @top_srcdir@/mkinstalldirs
-
-COMPILE_ET = ../../util/et/compile_et$(EXECSUFFIX) -language ansi-c 
-
-prefix = @prefix@
-exec_prefix = @exec_prefix@
-libdir = @libdir@
-
-PICFLAGS = @PICFLAGS@
- 
-PROGS = sizetest$(EXEC_SUFFIX)
-LIBNAME = $(LIBPREFIX)krb
-LIBEXT = @LIBEXT@
-SHLIBEXT = @SHLIBEXT@
-LIBPREFIX = @LIBPREFIX@
-LDSHARED = @LDSHARED@
-LIB = $(LIBNAME).$(LIBEXT)
-
-SOURCES = cr_err_reply.c \
-          create_auth_reply.c \
-          create_ciph.c \
-          create_death_packet.c \
-          create_ticket.c \
-          dest_tkt.c \
-          get_in_tkt.c \
-          get_svc_in_tkt.c \
-          getrealm.c \
-          k_localtime.c \
-          krb_err_txt.c \
-          krb_get_in_tkt.c \
-          kuserok.c \
-	  parse_name.c \
-          kntoln.c \
-	  mk_auth.c \
-	  krb_check_auth.c \
-          mk_err.c \
-          mk_safe.c \
-          rd_err.c \
-          rd_safe.c \
-          recvauth.c \
-          mk_priv.c \
-          rd_req.c \
-          decomp_ticket.c \
-          lifetime.c \
-          month_sname.c \
-	  stime.c \
-          read_service_key.c \
-          getst.c \
-          sendauth.c \
-          netread.c \
-          netwrite.c \
-          rd_priv.c \
-          krb_equiv.c \
-          str2key.c \
-          get_ad_tkt.c \
-          mk_req.c \
-          get_cred.c \
-          get_tf_realm.c \
-          get_tf_fullname.c \
-          one.c \
-          save_credentials.c \
-          send_to_kdc.c \
-	  get_host.c \
-          get_krbrlm.c \
-          k_gethostname.c \
-          tf_util.c \
-          debug_decl.c \
-          k_flock.c \
-          tkt_string.c \
-          getaddrs.c \
-          k_getsockinst.c \
-	  k_getport.c \
-	  lsb_addr_comp.c \
-	  name2name.c \
-	  get_default_principal.c \
-	  realm_parse.c \
-	  verify_user.c \
-	  rw.c \
-	  kdc_reply.c \
-	  encrypt_ktext.c \
-	  swab.c \
-	  gettimeofday.c \
-	  check_time.c \
-	  krb_err.c \
-	  et_list.c \
-	  resolve.c \
-	  unparse_name.c \
-	  logging.c \
-	  k_concat.c
-
-#	  these files reside in ../roken
-#	  snprintf.c \
-#	  strdup.c \
-#	  strtok_r.c \
-#	  strcasecmp.c
-
-OBJECTS = cr_err_reply.o \
-          create_auth_reply.o \
-          create_ciph.o \
-          create_death_packet.o \
-          create_ticket.o \
-          dest_tkt.o \
-          get_in_tkt.o \
-          get_svc_in_tkt.o \
-          getrealm.o \
-          k_localtime.o \
-          krb_err_txt.o \
-          krb_get_in_tkt.o \
-          kuserok.o \
-	  parse_name.o \
-          kntoln.o \
-	  mk_auth.o \
-	  krb_check_auth.o \
-          mk_err.o \
-          mk_safe.o \
-          rd_err.o \
-          rd_safe.o \
-          recvauth.o \
-          mk_priv.o \
-          rd_req.o \
-          decomp_ticket.o \
-          lifetime.o \
-          month_sname.o \
-	  stime.o \
-          read_service_key.o \
-          getst.o \
-          sendauth.o \
-          netread.o \
-          netwrite.o \
-          rd_priv.o \
-          krb_equiv.o \
-          str2key.o \
-          get_ad_tkt.o \
-          mk_req.o \
-          get_cred.o \
-          get_tf_realm.o \
-          get_tf_fullname.o \
-          one.o \
-          save_credentials.o \
-          send_to_kdc.o \
-	  get_host.o \
-          get_krbrlm.o \
-          k_gethostname.o \
-          tf_util.o \
-          debug_decl.o \
-          k_flock.o \
-          tkt_string.o \
-          getaddrs.o \
-          k_getsockinst.o \
-	  k_getport.o \
-	  lsb_addr_comp.o \
-	  name2name.o \
-	  get_default_principal.o \
-	  realm_parse.o \
-	  verify_user.o \
-	  rw.o \
-	  kdc_reply.o \
-	  encrypt_ktext.o \
-	  swab.o \
-	  gettimeofday.o \
-	  check_time.o \
-	  krb_err.o \
-	  resolve.o \
-	  unparse_name.o \
-	  logging.o \
-	  k_concat.o \
-	  snprintf.o \
-	  strdup.o \
-	  strtok_r.o \
-	  strcasecmp.o
-
-# This is only needed by some shared library implementations
-LDOBJ = et_list.o
-
-all: $(LIB) $(PROGS)
-
-Wall:
-		make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__"
-
-.c.o:
-	$(CC) -c $(CPPFLAGS) $(DEFS) -I../../include -I$(srcdir) $(CFLAGS) $(PICFLAGS) $<
-
-install: all
-	$(MKINSTALLDIRS) $(libdir)
-	$(INSTALL_DATA) -m 0555 $(LIB) $(libdir)
-
-uninstall:
-	rm -f $(libdir)/$(LIB)
-
-TAGS: $(SOURCES)
-	etags $(SOURCES)
-
-sizetest.o: sizetest.c
-	$(CC) -c $(CPPFLAGS) $(DEFS) -I../../include -I$(srcdir) $(CFLAGS) $<
-
-sizetest$(EXECSUFFIX): sizetest.o
-	$(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ sizetest.o
-
-check: sizetest$(EXECSUFFIX)
-	./sizetest$(EXECSUFFIX)
-
-clean:
-	rm -f $(LIB) *.o *.a krb_err.c krb_err.h $(PROGS) 
-
-mostlyclean: clean
-
-distclean: clean
-	rm -f Makefile *.tab.c *~
-
-realclean: distclean
-	rm -f TAGS
-
-dist: $(DISTFILES)
-	for file in $(DISTFILES); do \
-	  ln $$file ../`cat ../.fname`/lib \
-	    || cp -p $$file ../`cat ../.fname`/lib; \
-	done
-
-$(LIBNAME).a: $(OBJECTS)
-	rm -f $@
-	$(AR) cr $@ $(OBJECTS)
-	-$(RANLIB) $@
-
-$(LIBNAME).$(SHLIBEXT): $(OBJECTS) $(LDOBJ)
-	rm -f $@
-	$(LDSHARED) -o $@ $(OBJECTS) $(LDOBJ) $(LIBDES)
-
-krb_err.c krb_err.h: krb_err.et
-	test -r krb_err.et || (rm -f krb_err.et && $(LN_S) $(srcdir)/krb_err.et .)
-	$(COMPILE_ET) krb_err.et
-
-snprintf.c:
-	$(LN_S) $(srcdir)/../roken/snprintf.c .
-
-strdup.c:
-	$(LN_S) $(srcdir)/../roken/strdup.c .
-
-strtok_r.c:
-	$(LN_S) $(srcdir)/../roken/strtok_r.c .
-
-strcasecmp.c:
-	$(LN_S) $(srcdir)/../roken/strcasecmp.c .
-
-$(OBJECTS): ../../include/config.h
-$(OBJECTS): krb_locl.h krb.h krb_err.h
-one.o: ../../include/version.h
diff --git a/crypto/kerberosIV/lib/krb/check_time.c b/crypto/kerberosIV/lib/krb/check_time.c
deleted file mode 100644
index 3c3e6c0730b9..000000000000
--- a/crypto/kerberosIV/lib/krb/check_time.c
+++ /dev/null
@@ -1,56 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan 
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: check_time.c,v 1.4 1997/04/01 08:18:18 joda Exp $");
-
-int
-krb_check_tm (struct tm tm)
-{
-     return  tm.tm_mon < 0
-	  || tm.tm_mon > 11
-	  || tm.tm_hour < 0
-	  || tm.tm_hour > 23
-	  || tm.tm_min < 0
-	  || tm.tm_min > 59
-	  || tm.tm_sec < 0
-	  || tm.tm_sec > 59
-	  || tm.tm_year < 1901
-	  || tm.tm_year > 2038;
-}
diff --git a/crypto/kerberosIV/lib/krb/cr_err_reply.c b/crypto/kerberosIV/lib/krb/cr_err_reply.c
deleted file mode 100644
index 2c1956af97d5..000000000000
--- a/crypto/kerberosIV/lib/krb/cr_err_reply.c
+++ /dev/null
@@ -1,99 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: cr_err_reply.c,v 1.9 1997/04/01 08:18:19 joda Exp $");
-
-/*
- * This routine is used by the Kerberos authentication server to
- * create an error reply packet to send back to its client.
- *
- * It takes a pointer to the packet to be built, the name, instance,
- * and realm of the principal, the client's timestamp, an error code
- * and an error string as arguments.  Its return value is undefined.
- *
- * The packet is built in the following format:
- * 
- * type			variable	   data
- *			or constant
- * ----			-----------	   ----
- *
- * unsigned char	req_ack_vno	   protocol version number
- * 
- * unsigned char	AUTH_MSG_ERR_REPLY protocol message type
- * 
- * [least significant	HOST_BYTE_ORDER	   sender's (server's) byte
- * bit of above field]			   order
- * 
- * string		pname		   principal's name
- * 
- * string		pinst		   principal's instance
- * 
- * string		prealm		   principal's realm
- * 
- * unsigned long	time_ws		   client's timestamp
- * 
- * unsigned long	e		   error code
- * 
- * string		e_string	   error text
- */
-
-void
-cr_err_reply(KTEXT pkt, char *pname, char *pinst, char *prealm, 
-	     u_int32_t time_ws, u_int32_t e, char *e_string)
-{
-    unsigned char *p = pkt->dat;
-    
-    p += krb_put_int(KRB_PROT_VERSION, p, 1);
-    p += krb_put_int(AUTH_MSG_ERR_REPLY, p, 1);
-
-    if (pname == NULL) pname = "";
-    if (pinst == NULL) pinst = "";
-    if (prealm == NULL) prealm = "";
-
-    p += krb_put_nir(pname, pinst, prealm, p);
-    
-    p += krb_put_int(time_ws, p, 4);
-
-    p += krb_put_int(e, p, 4);
-
-    p += krb_put_string(e_string, p);
-
-    pkt->length = p - pkt->dat;
-}
diff --git a/crypto/kerberosIV/lib/krb/create_auth_reply.c b/crypto/kerberosIV/lib/krb/create_auth_reply.c
deleted file mode 100644
index 4976c464b8d6..000000000000
--- a/crypto/kerberosIV/lib/krb/create_auth_reply.c
+++ /dev/null
@@ -1,131 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: create_auth_reply.c,v 1.11 1997/04/01 08:18:20 joda Exp $");
-
-/*
- * This routine is called by the Kerberos authentication server
- * to create a reply to an authentication request.  The routine
- * takes the user's name, instance, and realm, the client's
- * timestamp, the number of tickets, the user's key version
- * number and the ciphertext containing the tickets themselves.
- * It constructs a packet and returns a pointer to it.
- *
- * Notes: The packet returned by this routine is static.  Thus, if you
- * intend to keep the result beyond the next call to this routine, you
- * must copy it elsewhere.
- *
- * The packet is built in the following format:
- * 
- * 			variable
- * type			or constant	   data
- * ----			-----------	   ----
- * 
- * unsigned char	KRB_PROT_VERSION   protocol version number
- * 
- * unsigned char	AUTH_MSG_KDC_REPLY protocol message type
- * 
- * [least significant	HOST_BYTE_ORDER	   sender's (server's) byte
- *  bit of above field]			   order
- * 
- * string		pname		   principal's name
- * 
- * string		pinst		   principal's instance
- * 
- * string		prealm		   principal's realm
- * 
- * unsigned long	time_ws		   client's timestamp
- * 
- * unsigned char	n		   number of tickets
- * 
- * unsigned long	x_date		   expiration date
- * 
- * unsigned char	kvno		   master key version
- * 
- * short		w_1		   cipher length
- * 
- * ---			cipher->dat	   cipher data
- */
-
-KTEXT
-create_auth_reply(char *pname,	/* Principal's name */
-		  char *pinst,	/* Principal's instance */
-		  char *prealm,	/* Principal's authentication domain */
-		  int32_t time_ws, /* Workstation time */
-		  int n,	/* Number of tickets */
-		  u_int32_t x_date, /* Principal's expiration date */
-		  int kvno,	/* Principal's key version number */
-		  KTEXT cipher)	/* Cipher text with tickets and session keys */
-{
-    static  KTEXT_ST pkt_st;
-    KTEXT pkt = &pkt_st;
-    
-    unsigned char *p = pkt->dat;
-
-    p += krb_put_int(KRB_PROT_VERSION, p, 1);
-    p += krb_put_int(AUTH_MSG_KDC_REPLY, p, 1);
-
-    if(n != 0){
-	/* barf on old code */
-	krb_warning("create_auth_reply: don't give me no krb3 crap!"
-		    " (n == %d)\n", n);
-	return NULL;
-    }
-
-
-    p += krb_put_nir(pname, pinst, prealm, p);
-
-    p += krb_put_int(time_ws, p, 4);
-    
-    p += krb_put_int(n, p, 1);
-    
-    p += krb_put_int(x_date, p, 4);
-    
-    p += krb_put_int(kvno, p, 1);
-    
-    p += krb_put_int(cipher->length, p, 2);
-    
-    memcpy(p, cipher->dat, cipher->length);
-    p += cipher->length;
-
-    pkt->length = p - pkt->dat;
-
-    return pkt;
-}
diff --git a/crypto/kerberosIV/lib/krb/create_ciph.c b/crypto/kerberosIV/lib/krb/create_ciph.c
deleted file mode 100644
index 27d27ff604ea..000000000000
--- a/crypto/kerberosIV/lib/krb/create_ciph.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: create_ciph.c,v 1.9 1997/04/01 08:18:20 joda Exp $");
-
-/*
- * This routine is used by the authentication server to create
- * a packet for its client, containing a ticket for the requested
- * service (given in "tkt"), and some information about the ticket,
- *
- * Returns KSUCCESS no matter what.
- *
- * The length of the cipher is stored in c->length; the format of
- * c->dat is as follows:
- *
- * 			variable
- * type			or constant	   data
- * ----			-----------	   ----
- * 
- * 
- * 8 bytes		session		session key for client, service
- * 
- * string		service		service name
- * 
- * string		instance	service instance
- * 
- * string		realm		KDC realm
- * 
- * unsigned char	life		ticket lifetime
- * 
- * unsigned char	kvno		service key version number
- * 
- * unsigned char	tkt->length	length of following ticket
- * 
- * data			tkt->dat	ticket for service
- * 
- * 4 bytes		kdc_time	KDC's timestamp
- *
- * <=7 bytes		null		   null pad to 8 byte multiple
- *
- */
-
-int
-create_ciph(KTEXT c,		/* Text block to hold ciphertext */
-	    unsigned char *session, /* Session key to send to user */
-	    char *service,	/* Service name on ticket */
-	    char *instance,	/* Instance name on ticket */
-	    char *realm,	/* Realm of this KDC */
-	    u_int32_t life,	/* Lifetime of the ticket */
-	    int kvno,		/* Key version number for service */
-	    KTEXT tkt,		/* The ticket for the service */
-	    u_int32_t kdc_time,	/* KDC time */
-	    des_cblock *key)	/* Key to encrypt ciphertext with */
-
-{
-    unsigned char *p = c->dat;
-
-    memset(c, 0, sizeof(KTEXT_ST));
-
-    memcpy(p, session, 8);
-    p += 8;
-    
-    p += krb_put_nir(service, instance, realm, p);
-    
-    p += krb_put_int(life, p, 1);
-    p += krb_put_int(kvno, p, 1);
-
-    p += krb_put_int(tkt->length, p, 1);
-
-    memcpy(p, tkt->dat, tkt->length);
-    p += tkt->length;
-
-    p += krb_put_int(kdc_time, p, 4);
-
-    /* multiple of eight bytes */
-    c->length = (p - c->dat + 7) & ~7;
-
-    encrypt_ktext(c, key, DES_ENCRYPT);
-    return KSUCCESS;
-}
diff --git a/crypto/kerberosIV/lib/krb/create_death_packet.c b/crypto/kerberosIV/lib/krb/create_death_packet.c
deleted file mode 100644
index f74ba30845d6..000000000000
--- a/crypto/kerberosIV/lib/krb/create_death_packet.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: create_death_packet.c,v 1.8 1997/04/01 08:18:21 joda Exp $");
-
-/*
- * This routine creates a packet to type AUTH_MSG_DIE which is sent to
- * the Kerberos server to make it shut down.  It is used only in the
- * development environment.
- *
- * It takes a string "a_name" which is sent in the packet.  A pointer
- * to the packet is returned.
- *
- * The format of the killer packet is:
- *
- * type			variable		data
- *			or constant
- * ----			-----------		----
- *
- * unsigned char	KRB_PROT_VERSION	protocol version number
- * 
- * unsigned char	AUTH_MSG_DIE		message type
- * 
- * [least significant	HOST_BYTE_ORDER		byte order of sender
- *  bit of above field]
- * 
- * string		a_name			presumably, name of
- * 						principal sending killer
- * 						packet
- */
-
-#ifdef DEBUG
-KTEXT
-krb_create_death_packet(char *a_name)
-{
-    static KTEXT_ST pkt_st;
-    KTEXT pkt = &pkt_st;
-
-    unsigned char *p = pkt->dat;
-    
-    p += krb_put_int(KRB_PROT_VERSION, p, 1);
-    p += krb_put_int(AUTH_MSG_DIE, p, 1);
-    
-    p += krb_put_string(a_name, p);
-    pkt->length = p - pkt->dat;
-    return pkt;
-}
-#endif /* DEBUG */
diff --git a/crypto/kerberosIV/lib/krb/create_ticket.c b/crypto/kerberosIV/lib/krb/create_ticket.c
deleted file mode 100644
index b46923223391..000000000000
--- a/crypto/kerberosIV/lib/krb/create_ticket.c
+++ /dev/null
@@ -1,134 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: create_ticket.c,v 1.12 1997/04/01 08:18:21 joda Exp $");
-
-/*
- * Create ticket takes as arguments information that should be in a
- * ticket, and the KTEXT object in which the ticket should be
- * constructed.  It then constructs a ticket and returns, leaving the
- * newly created ticket in tkt.
- * The length of the ticket is a multiple of
- * eight bytes and is in tkt->length.
- *
- * If the ticket is too long, the ticket will contain nulls.
- *
- * The corresponding routine to extract information from a ticket it
- * decomp_ticket.  When changes are made to this routine, the
- * corresponding changes should also be made to that file.
- *
- * The packet is built in the following format:
- * 
- * 			variable
- * type			or constant	   data
- * ----			-----------	   ----
- *
- * tkt->length		length of ticket (multiple of 8 bytes)
- * 
- * tkt->dat:
- * 
- * unsigned char	flags		   namely, HOST_BYTE_ORDER
- * 
- * string		pname		   client's name
- * 
- * string		pinstance	   client's instance
- * 
- * string		prealm		   client's realm
- * 
- * 4 bytes		paddress	   client's address
- * 
- * 8 bytes		session		   session key
- * 
- * 1 byte		life		   ticket lifetime
- * 
- * 4 bytes		time_sec	   KDC timestamp
- * 
- * string		sname		   service's name
- * 
- * string		sinstance	   service's instance
- * 
- * <=7 bytes		null		   null pad to 8 byte multiple
- *
- */
-
-int
-krb_create_ticket(KTEXT tkt,	/* Gets filled in by the ticket */
-		  unsigned char flags, /* Various Kerberos flags */
-		  char *pname,	/* Principal's name */
-		  char *pinstance, /* Principal's instance */
-		  char *prealm, /* Principal's authentication domain */
-		  int32_t paddress, /* Net address of requesting entity */
-		  void *session, /* Session key inserted in ticket */
-		  int16_t life,	/* Lifetime of the ticket */
-		  int32_t time_sec, /* Issue time and date */
-		  char *sname,	/* Service Name */
-		  char *sinstance, /* Instance Name */
-		  des_cblock *key) /* Service's secret key */
-{
-    unsigned char *p = tkt->dat;
-
-    memset(tkt, 0, sizeof(KTEXT_ST));
-
-    p += krb_put_int(flags, p, 1);
-    p += krb_put_nir(pname, pinstance, prealm, p);
-    
-    p += krb_put_address(paddress, p);
-    
-    memcpy(p, session, 8);
-    p += 8;
-
-    p += krb_put_int(life, p, 1);
-    p += krb_put_int(time_sec, p, 4);
-
-    p += krb_put_nir(sname, sinstance, NULL, p);
-
-    /* multiple of eight bytes */
-    tkt->length = (p - tkt->dat + 7) & ~7;
-
-    /* Check length of ticket */
-    if (tkt->length > (sizeof(KTEXT_ST) - 7)) {
-        memset(tkt->dat, 0, tkt->length);
-        tkt->length = 0;
-        return KFAILURE /* XXX */;
-    }
-
-    encrypt_ktext(tkt, key, DES_ENCRYPT);
-    return KSUCCESS;
-}
diff --git a/crypto/kerberosIV/lib/krb/debug_decl.c b/crypto/kerberosIV/lib/krb/debug_decl.c
deleted file mode 100644
index 5358bcb65d9f..000000000000
--- a/crypto/kerberosIV/lib/krb/debug_decl.c
+++ /dev/null
@@ -1,29 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-#include "krb_locl.h"
-
-RCSID("$Id: debug_decl.c,v 1.6 1997/03/23 03:53:07 joda Exp $");
-
-/* Declare global debugging variables. */
-
-int krb_ap_req_debug = 0;
-int krb_debug = 0;
diff --git a/crypto/kerberosIV/lib/krb/decomp_ticket.c b/crypto/kerberosIV/lib/krb/decomp_ticket.c
deleted file mode 100644
index 8e556a37d2bd..000000000000
--- a/crypto/kerberosIV/lib/krb/decomp_ticket.c
+++ /dev/null
@@ -1,119 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: decomp_ticket.c,v 1.16 1997/04/01 08:18:22 joda Exp $");
-
-/*
- * This routine takes a ticket and pointers to the variables that
- * should be filled in based on the information in the ticket.  It
- * fills in values for its arguments.
- *
- * The routine returns KFAILURE if any of the "pname", "pinstance",
- * or "prealm" fields is too big, otherwise it returns KSUCCESS.
- *
- * The corresponding routine to generate tickets is create_ticket.
- * When changes are made to this routine, the corresponding changes
- * should also be made to that file.
- *
- * See create_ticket.c for the format of the ticket packet.
- */
-
-int
-decomp_ticket(KTEXT tkt,	/* The ticket to be decoded */
-	      unsigned char *flags, /* Kerberos ticket flags */
-	      char *pname,	/* Authentication name */
-	      char *pinstance,	/* Principal's instance */
-	      char *prealm,	/* Principal's authentication domain */
-	      u_int32_t *paddress,/* Net address of entity requesting ticket */
-	      unsigned char *session, /* Session key inserted in ticket */
-	      int *life,	/* Lifetime of the ticket */
-	      u_int32_t *time_sec, /* Issue time and date */
-	      char *sname,	/* Service name */
-	      char *sinstance,	/* Service instance */
-	      des_cblock *key,	/* Service's secret key (to decrypt the ticket) */
-	      des_key_schedule schedule) /* The precomputed key schedule */
-
-{
-    unsigned char *p = tkt->dat;
-    
-    int little_endian;
-
-    des_pcbc_encrypt((des_cblock *)tkt->dat, (des_cblock *)tkt->dat,
-		     tkt->length, schedule, key, DES_DECRYPT);
-
-    tkt->mbz = 0;
-
-    *flags = *p++;
-
-    little_endian = (*flags >> K_FLAG_ORDER) & 1;
-
-    if(strlen((char*)p) > ANAME_SZ)
-	return KFAILURE;
-    p += krb_get_string(p, pname);
-
-    if(strlen((char*)p) > INST_SZ)
-	return KFAILURE;
-    p += krb_get_string(p, pinstance);
-
-    if(strlen((char*)p) > REALM_SZ)
-	return KFAILURE;
-    p += krb_get_string(p, prealm);
-
-    if(tkt->length - (p - tkt->dat) < 8 + 1 + 4)
-	return KFAILURE;
-    p += krb_get_address(p, paddress);
-
-    memcpy(session, p, 8);
-    p += 8;
-
-    *life = *p++;
-    
-    p += krb_get_int(p, time_sec, 4, little_endian);
-
-    if(strlen((char*)p) > SNAME_SZ)
-	return KFAILURE;
-    p += krb_get_string(p, sname);
-
-    if(strlen((char*)p) > INST_SZ)
-	return KFAILURE;
-    p += krb_get_string(p, sinstance);
-
-    return KSUCCESS;
-}
diff --git a/crypto/kerberosIV/lib/krb/dest_tkt.c b/crypto/kerberosIV/lib/krb/dest_tkt.c
deleted file mode 100644
index 0487e6b72386..000000000000
--- a/crypto/kerberosIV/lib/krb/dest_tkt.c
+++ /dev/null
@@ -1,82 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-#include "krb_locl.h"
-
-RCSID("$Id: dest_tkt.c,v 1.11 1997/05/19 03:03:40 assar Exp $");
-
-/*
- * dest_tkt() is used to destroy the ticket store upon logout.
- * If the ticket file does not exist, dest_tkt() returns RET_TKFIL.
- * Otherwise the function returns RET_OK on success, KFAILURE on
- * failure.
- *
- * The ticket file (TKT_FILE) is defined in "krb.h".
- */
-
-int
-dest_tkt(void)
-{
-    char *file = TKT_FILE;
-    int i,fd;
-    struct stat statb;
-    char buf[BUFSIZ];
-
-    errno = 0;
-    if (
-#ifdef HAVE_LSTAT
-    lstat
-#else
-    stat
-#endif
-    (file, &statb) < 0)      
-	goto out;
-
-    if (!(statb.st_mode & S_IFREG)
-#ifdef notdef
-	|| statb.st_mode & 077
-#endif
-	)
-	goto out;
-
-    if ((fd = open(file, O_RDWR, 0)) < 0)
-	goto out;
-
-    memset(buf, 0, BUFSIZ);
-
-    for (i = 0; i < statb.st_size; i += sizeof(buf))
-	if (write(fd, buf, sizeof(buf)) != sizeof(buf)) {
-	    fsync(fd);
-	    close(fd);
-	    goto out;
-	}
-	
-
-    fsync(fd);
-    close(fd);
-    
-    unlink(file);
-
-out:
-    if (errno == ENOENT) return RET_TKFIL;
-    else if (errno != 0) return KFAILURE;
-    return(KSUCCESS);
-}
diff --git a/crypto/kerberosIV/lib/krb/dllmain.c b/crypto/kerberosIV/lib/krb/dllmain.c
deleted file mode 100644
index e98b7dc6526e..000000000000
--- a/crypto/kerberosIV/lib/krb/dllmain.c
+++ /dev/null
@@ -1,128 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* dllmain.c - main function to krb4.dll
- * Author:	J Karlsson <d93-jka@nada.kth.se>
- * Date:	June 1996
- */
-
-#include "krb_locl.h"
-#include "ticket_memory.h"
-#include <Windows.h>
-
-RCSID("$Id: dllmain.c,v 1.6 1997/05/02 14:29:13 assar Exp $");
-
-void
-msg(char *text, int error)
-{
-    char *buf;
-
-    asprintf (&buf, "%s\nAn error of type: %d", text, error);
-
-    MessageBox(GetActiveWindow(),
-	       buf ? buf : "can't tell you",
-	       "kerberos message",
-	       MB_OK|MB_APPLMODAL);
-    free (buf);
-}
-
-BOOL WINAPI
-DllMain (HANDLE hInst, 
-	 ULONG reason,
-	 LPVOID lpReserved)
-{
-    WORD wVersionRequested; 
-    WSADATA wsaData; 
-    PROCESS_INFORMATION p;	
-    int err; 
-
-    switch(reason){
-    case DLL_PROCESS_ATTACH:
-	wVersionRequested = MAKEWORD(1, 1); 
-	err = WSAStartup(wVersionRequested, &wsaData); 
-	if (err != 0) 
-	{
-	    /* Tell the user that we couldn't find a useable */ 
-	    /* winsock.dll.     */ 
-	    msg("Cannot find winsock.dll", err);
-	    return FALSE;
-	}
-	if(newTktMem(0) != KSUCCESS)
-	{
-	    /* Tell the user that we couldn't alloc shared memory. */ 
-	    msg("Cannot allocate shared ticket memory", GetLastError());
-	    return FALSE;
-	}
-	if(GetLastError() != ERROR_ALREADY_EXISTS)
-	{
-	    STARTUPINFO s = 
-	    {
-		sizeof(s),
-		0,
-		0,
-		0,
-		0,0,
-		0,0,
-		0,0,
-		0,
-		0,
-		0,
-		0,0,
-		0,0,0};
-
-	    s.dwFlags = STARTF_USESHOWWINDOW;
-	    s.wShowWindow = SW_HIDE;
-	    if(!CreateProcess(0,"krbmanager",
-			      0,0,FALSE,0,0,
-			      0,&s, &p))
-	    {
-		msg("Unable to create kerberos manager process.\n"
-		    "Make sure krbmanager.exe is in your PATH.",
-		    GetLastError());
-		return FALSE;
-	    }
-	}
-	break;
-    case DLL_PROCESS_DETACH:
-	freeTktMem(0);
-	WSACleanup();
-	break;
-    }
-
-    return TRUE;
-}
diff --git a/crypto/kerberosIV/lib/krb/encrypt_ktext.c b/crypto/kerberosIV/lib/krb/encrypt_ktext.c
deleted file mode 100644
index d97fcc7c8e04..000000000000
--- a/crypto/kerberosIV/lib/krb/encrypt_ktext.c
+++ /dev/null
@@ -1,51 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: encrypt_ktext.c,v 1.4 1997/04/01 08:18:26 joda Exp $");
-
-void
-encrypt_ktext(KTEXT cip, des_cblock *key, int encrypt)
-{
-    des_key_schedule schedule;
-    des_set_key(key, schedule);
-    des_pcbc_encrypt((des_cblock*)cip->dat, (des_cblock*)cip->dat, 
-		     cip->length, schedule, key, encrypt);
-    memset(schedule, 0, sizeof(des_key_schedule));
-}
diff --git a/crypto/kerberosIV/lib/krb/et_list.c b/crypto/kerberosIV/lib/krb/et_list.c
deleted file mode 100644
index 69d1c89ac39d..000000000000
--- a/crypto/kerberosIV/lib/krb/et_list.c
+++ /dev/null
@@ -1,74 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/*
- * This is a hack to resolve the reference to _et_list when making a
- * shared library under Psoriasis and possibly other systems. Presumably
- * they define __ELF__, some people say Linux does so.
- */
-
-#include "config.h"
-
-RCSID("$Id: et_list.c,v 1.12 1997/05/13 09:45:01 bg Exp $");
-
-struct et_list {
-    struct et_list *next;
-    const struct error_table *table;
-};
-
-#if defined(__GNUC__)
-
-#ifdef __FreeBSD__
-asm(".globl __et_list");	/* FreeBSD bug workaround */
-#endif
-struct et_list * _et_list __attribute__ ((weak)) = 0;
-
-#else /* !__GNUC__ */
-
-#ifdef HAVE_PRAGMA_WEAK
-
-#pragma weak _et_list = __et_list
-struct et_list * __et_list = 0;
-
-#else /* !HAVE_PRAGMA_WEAK */
-
-struct et_list * _et_list = 0;
-
-#endif /* !HAVE_PRAGMA_WEAK */
-
-#endif /* !__GNUC__ */
diff --git a/crypto/kerberosIV/lib/krb/get_ad_tkt.c b/crypto/kerberosIV/lib/krb/get_ad_tkt.c
deleted file mode 100644
index 95907600c850..000000000000
--- a/crypto/kerberosIV/lib/krb/get_ad_tkt.c
+++ /dev/null
@@ -1,190 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: get_ad_tkt.c,v 1.16 1997/05/30 17:43:34 bg Exp $");
-
-/*
- * get_ad_tkt obtains a new service ticket from Kerberos, using
- * the ticket-granting ticket which must be in the ticket file.
- * It is typically called by krb_mk_req() when the client side
- * of an application is creating authentication information to be
- * sent to the server side.
- *
- * get_ad_tkt takes four arguments: three pointers to strings which
- * contain the name, instance, and realm of the service for which the
- * ticket is to be obtained; and an integer indicating the desired
- * lifetime of the ticket.
- *
- * It returns an error status if the ticket couldn't be obtained,
- * or AD_OK if all went well.  The ticket is stored in the ticket
- * cache.
- *
- * The request sent to the Kerberos ticket-granting service looks
- * like this:
- *
- * pkt->dat
- *
- * TEXT			original contents of	authenticator+ticket
- *			pkt->dat		built in krb_mk_req call
- * 
- * 4 bytes		time_ws			always 0 (?)
- * char			lifetime		lifetime argument passed
- * string		service			service name argument
- * string		sinstance		service instance arg.
- *
- * See "prot.h" for the reply packet layout and definitions of the
- * extraction macros like pkt_version(), pkt_msg_type(), etc.
- */
-
-int
-get_ad_tkt(char *service, char *sinstance, char *realm, int lifetime)
-{
-    static KTEXT_ST pkt_st;
-    KTEXT pkt = & pkt_st;	/* Packet to KDC */
-    static KTEXT_ST rpkt_st;
-    KTEXT rpkt = &rpkt_st;	/* Returned packet */
-
-    CREDENTIALS cr;
-    char lrealm[REALM_SZ];
-    u_int32_t time_ws = 0;
-    int kerror;
-    unsigned char *p;
-
-    /*
-     * First check if we have a "real" TGT for the corresponding
-     * realm, if we don't, use ordinary inter-realm authentication.
-     */
-
-    kerror = krb_get_cred(KRB_TICKET_GRANTING_TICKET, realm, realm, &cr);
-    if (kerror == KSUCCESS)
-      strncpy(lrealm, realm, REALM_SZ);
-    else
-      kerror = krb_get_tf_realm(TKT_FILE, lrealm);
-    
-    if (kerror != KSUCCESS)
-	return(kerror);
-
-    /*
-     * Look for the session key (and other stuff we don't need)
-     * in the ticket file for krbtgt.realm@lrealm where "realm" 
-     * is the service's realm (passed in "realm" argument) and 
-     * lrealm is the realm of our initial ticket.  If we don't 
-     * have this, we will try to get it.
-     */
-    
-    if ((kerror = krb_get_cred(KRB_TICKET_GRANTING_TICKET,
-			       realm, lrealm, &cr)) != KSUCCESS) {
-	/*
-	 * If realm == lrealm, we have no hope, so let's not even try.
-	 */
-	if ((strncmp(realm, lrealm, REALM_SZ)) == 0)
-	    return(AD_NOTGT);
-	else{
-	    if ((kerror = 
-		 get_ad_tkt(KRB_TICKET_GRANTING_TICKET,
-			    realm, lrealm, lifetime)) != KSUCCESS)
-		if (kerror == KDC_PR_UNKNOWN)
-		  return(AD_INTR_RLM_NOTGT);
-		else
-		  return(kerror);
-	    if ((kerror = krb_get_cred(KRB_TICKET_GRANTING_TICKET,
-				       realm, lrealm, &cr)) != KSUCCESS)
-		return(kerror);
-	}
-    }
-    
-    /*
-     * Make up a request packet to the "krbtgt.realm@lrealm".
-     * Start by calling krb_mk_req() which puts ticket+authenticator
-     * into "pkt".  Then tack other stuff on the end.
-     */
-    
-    kerror = krb_mk_req(pkt,
-			KRB_TICKET_GRANTING_TICKET,
-			realm,lrealm,0L);
-
-    if (kerror)
-	return(AD_NOTGT);
-
-    p = pkt->dat + pkt->length;
-
-    p += krb_put_int(time_ws, p, 4);
-    p += krb_put_int(lifetime, p, 1);
-    p += krb_put_nir(service, sinstance, NULL, p);
-    
-    pkt->length = p - pkt->dat;
-    rpkt->length = 0;
-    
-    /* Send the request to the local ticket-granting server */
-    if ((kerror = send_to_kdc(pkt, rpkt, realm))) return(kerror);
-
-    /* check packet version of the returned packet */
-
-    {
-	KTEXT_ST cip;
-	CREDENTIALS cred;
-	struct timeval tv;
-
-	kerror = kdc_reply_cipher(rpkt, &cip);
-	if(kerror != KSUCCESS)
-	    return kerror;
-	
-	encrypt_ktext(&cip, &cr.session, DES_DECRYPT);
-
-	kerror = kdc_reply_cred(&cip, &cred);
-	if(kerror != KSUCCESS)
-	    return kerror;
-
-	if (strcmp(cred.service, service) || strcmp(cred.instance, sinstance) ||
-	    strcmp(cred.realm, realm))	/* not what we asked for */
-	    return INTK_ERR;	/* we need a better code here XXX */
-	
-	gettimeofday(&tv, NULL);
-	if (abs((int)(tv.tv_sec - cred.issue_date)) > CLOCK_SKEW) {
-	    return RD_AP_TIME; /* XXX should probably be better code */
-	}
-	
-
-	kerror = save_credentials(cred.service, cred.instance, cred.realm, 
-				  cred.session, cred.lifetime, cred.kvno, 
-				  &cred.ticket_st, tv.tv_sec);
-	return kerror;
-    }
-}
diff --git a/crypto/kerberosIV/lib/krb/get_cred.c b/crypto/kerberosIV/lib/krb/get_cred.c
deleted file mode 100644
index 1a0016c4670b..000000000000
--- a/crypto/kerberosIV/lib/krb/get_cred.c
+++ /dev/null
@@ -1,70 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-#include "krb_locl.h"
-
-RCSID("$Id: get_cred.c,v 1.6 1997/05/30 17:38:29 bg Exp $");
-
-/*
- * krb_get_cred takes a service name, instance, and realm, and a
- * structure of type CREDENTIALS to be filled in with ticket
- * information.  It then searches the ticket file for the appropriate
- * ticket and fills in the structure with the corresponding
- * information from the file.  If successful, it returns KSUCCESS.
- * On failure it returns a Kerberos error code.
- */
-
-int
-krb_get_cred(char *service,	/* Service name */
-	     char *instance,	/* Instance */
-	     char *realm,	/* Auth domain */
-	     CREDENTIALS *c)	/* Credentials struct */
-{
-    int tf_status;              /* return value of tf function calls */
-    CREDENTIALS cr;
-
-    if (c == 0)
-        c = &cr;
-
-    /* Open ticket file and lock it for shared reading */
-    if ((tf_status = tf_init(TKT_FILE, R_TKT_FIL)) != KSUCCESS)
-	return(tf_status);
-
-    /* Copy principal's name and instance into the CREDENTIALS struc c */
-
-    if ( (tf_status = tf_get_pname(c->pname)) != KSUCCESS ||
-    	 (tf_status = tf_get_pinst(c->pinst)) != KSUCCESS )
-	return (tf_status);
-
-    /* Search for requested service credentials and copy into c */
-       
-    while ((tf_status = tf_get_cred(c)) == KSUCCESS) {
-	if ((strcmp(c->service,service) == 0) &&
-           (strcmp(c->instance,instance) == 0) &&
-           (strcmp(c->realm,realm) == 0))
-		   break;
-    }
-    tf_close();
-
-    if (tf_status == EOF)
-	return (GC_NOTKT);
-    return(tf_status);
-}
diff --git a/crypto/kerberosIV/lib/krb/get_default_principal.c b/crypto/kerberosIV/lib/krb/get_default_principal.c
deleted file mode 100644
index 3a111ea52e38..000000000000
--- a/crypto/kerberosIV/lib/krb/get_default_principal.c
+++ /dev/null
@@ -1,94 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: get_default_principal.c,v 1.10 1997/04/01 08:18:28 joda Exp $");
-
-int
-krb_get_default_principal(char *name, char *instance, char *realm)
-{
-  char *file;
-  int ret;
-
-  char *p;
-
-  if ((file = getenv("KRBTKFILE")) == NULL)
-      file = TKT_FILE;  
-  
-  ret = krb_get_tf_fullname(file, name, instance, realm);
-  if(ret == KSUCCESS)
-      return 0;
-
-  p = getenv("KRB4PRINCIPAL");
-  if(p && kname_parse(name, instance, realm, p) == KSUCCESS)
-      return 1;
-      
-
-#ifdef HAVE_PWD_H
-  {
-    struct passwd *pw;
-    pw = getpwuid(getuid());
-    if(pw == NULL){
-      return -1;
-    }
-
-    strcpy(name, pw->pw_name);
-    strcpy(instance, "");
-    krb_get_lrealm(realm, 1);
-
-    if(strcmp(name, "root") == 0){
-      p = NULL;
-#if defined(HAVE_GETLOGIN) && !defined(POSIX_GETLOGIN)
-      p = getlogin();
-#endif
-      if(p == NULL)
-	p = getenv("USER");
-      if(p == NULL)
-	p = getenv("LOGNAME");
-      if(p){
-	strncpy (name, p, ANAME_SZ);
-	name[ANAME_SZ - 1] = '\0';
-	strcpy(instance, "root");
-      }
-    }
-    return 1;
-  }
-#endif
-  return -1;
-}
diff --git a/crypto/kerberosIV/lib/krb/get_host.c b/crypto/kerberosIV/lib/krb/get_host.c
deleted file mode 100644
index de80ac4c8efa..000000000000
--- a/crypto/kerberosIV/lib/krb/get_host.c
+++ /dev/null
@@ -1,292 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: get_host.c,v 1.30 1997/05/02 14:29:13 assar Exp $");
-
-static struct host_list {
-    struct krb_host *this;
-    struct host_list *next;
-} *hosts;
-
-static int krb_port = 0;
-
-static void
-free_hosts(struct host_list *h)
-{
-    struct host_list *t;
-    while(h){
-	if(h->this->realm)
-	    free(h->this->realm);
-	if(h->this->host)
-	    free(h->this->host);
-	t = h;
-	h = h->next;
-	free(t);
-    }
-}
-
-static int
-parse_address(char *address, int *proto, char **host, int *port)
-{
-    char *p, *q;
-    p = strchr(address, '/');
-    *proto = IPPROTO_UDP;
-    if(p){
-	char prot[32];
-	struct protoent *pp;
-	strncpy(prot, address, p - address);
-	prot[p - address] = 0;
-	if((pp = getprotobyname(prot)))
-	    *proto = pp->p_proto;
-	else
-	    krb_warning("Bad protocol name `%s', Using default `udp'.\n", 
-			prot);
-	p++;
-    }else
-	p = address;
-    q = strchr(p, ':');
-    if(q){
-	*host = (char*)malloc(q - p + 1);
-	strncpy(*host, p, q - p);
-	(*host)[q - p] = 0;
-	q++;
-	{
-	    struct servent *sp = getservbyname(q, NULL);
-	    if(sp)
-		*port = ntohs(sp->s_port);
-	    else
-		if(sscanf(q, "%d", port) != 1){
-		    krb_warning("Bad port specification `%s', using port %d.", 
-				q, krb_port);
-		    *port = krb_port;
-		}
-	}
-    }else{
-	*host = strdup(p);
-	*port = krb_port;
-    }
-    return 0;
-}
-
-static int
-add_host(char *realm, char *address, int admin, int validate)
-{
-    struct krb_host *host;
-    struct host_list *p, **last = &hosts;
-    host = (struct krb_host*)malloc(sizeof(struct krb_host));
-    parse_address(address, &host->proto, &host->host, &host->port);
-    if(validate && gethostbyname(host->host) == NULL){
-	free(host->host);
-	free(host);
-	return 1;
-    }
-    host->admin = admin;
-    for(p = hosts; p; p = p->next){
-	if(strcmp(realm, p->this->realm) == 0 &&
-	   strcmp(host->host, p->this->host) == 0 && 
-	   host->proto == p->this->proto &&
-	   host->port == p->this->port){
-	    free(host->host);
-	    free(host);
-	    return 1;
-	}
-	last = &p->next;
-    }
-    host->realm = strdup(realm);
-    p = (struct host_list*)malloc(sizeof(struct host_list));
-    p->this = host;
-    p->next = NULL;
-    *last = p;
-    return 0;
-}
-
-
-
-static int
-read_file(const char *filename, const char *r)
-{
-    char line[1024];
-    char realm[1024];
-    char address[1024];
-    char scratch[1024];
-    int n;
-    int nhosts = 0;
-    
-    FILE *f = fopen(filename, "r");
-    if(f == NULL)
-	return -1;
-    while(fgets(line, sizeof(line), f)){
-	n = sscanf(line, "%s %s admin %s", realm, address, scratch);
-	if(n == 2 || n == 3){
-	    if(strcmp(realm, r))
-		continue;
-	    if(add_host(realm, address, n == 3, 0) == 0)
-		nhosts++;
-	}
-    }
-    fclose(f);
-    return nhosts;
-}
-
-static int
-init_hosts(char *realm)
-{
-    static const char *files[] = KRB_CNF_FILES;
-    int i;
-    char *dir = getenv("KRBCONFDIR");
-
-    krb_port = ntohs(k_getportbyname (KRB_SERVICE, NULL, htons(KRB_PORT)));
-    if(dir){
-	char file[MaxPathLen];
-	if(k_concat(file, sizeof(file), dir, "/krb.conf", NULL) == 0)
-	    read_file(file, realm);
-    }
-    for(i = 0; files[i]; i++)
-	read_file(files[i], realm);
-    return 0;
-}
-
-static void
-srv_find_realm(char *realm, char *proto, char *service)
-{
-    char *domain;
-    struct dns_reply *r;
-    struct resource_record *rr;
-    
-    k_mconcat(&domain, 1024, service, ".", proto, ".", realm, ".", NULL);
-    
-    if(domain == NULL)
-	return;
-    
-    r = dns_lookup(domain, "srv");
-    if(r == NULL)
-	r = dns_lookup(domain, "txt");
-    if(r == NULL){
-	free(domain);
-	return;
-    }
-    for(rr = r->head; rr; rr = rr->next){
-	if(rr->type == T_SRV){
-	    char buf[1024];
-
-	    if (snprintf (buf,
-			  sizeof(buf),
-			  "%s/%s:%u",
-			  proto,
-			  rr->u.srv->target,
-			  rr->u.srv->port) < sizeof(buf))
-		add_host(realm, buf, 0, 0);
-	}else if(rr->type == T_TXT)
-	    add_host(realm, rr->u.txt, 0, 0);
-    }
-    dns_free_data(r);
-    free(domain);
-}
-
-struct krb_host*
-krb_get_host(int nth, char *realm, int admin)
-{
-    struct host_list *p;
-    static char orealm[REALM_SZ];
-    if(orealm[0] == 0 || strcmp(realm, orealm)){
-	/* quick optimization */
-	if(realm && realm[0]){
-	    strncpy(orealm, realm, sizeof(orealm) - 1);
-	    orealm[sizeof(orealm) - 1] = 0;
-	}else{
-	    int ret = krb_get_lrealm(orealm, 1);
-	    if(ret != KSUCCESS)
-		return NULL;
-	}
-	
-	if(hosts){
-	    free_hosts(hosts);
-	    hosts = NULL;
-	}
-	
-	init_hosts(orealm);
-    
-	srv_find_realm(orealm, "udp", KRB_SERVICE);
-	srv_find_realm(orealm, "tcp", KRB_SERVICE);
-	
-	{
-	    /* XXX this assumes no one has more than 99999 kerberos
-	       servers */
-	    char host[REALM_SZ + sizeof("kerberos-XXXXX..")];
-	    int i = 0;
-	    sprintf(host, "kerberos.%s.", orealm);
-	    add_host(orealm, host, 1, 1);
-	    do{
-		i++;
-		sprintf(host, "kerberos-%d.%s.", i, orealm);
-	    }while(i < 100000 && add_host(orealm, host, 0, 1) == 0);
-	}
-    }
-    
-    for(p = hosts; p; p = p->next){
-	if(strcmp(orealm, p->this->realm) == 0 &&
-	   (!admin || p->this->admin))
-	    if(nth == 1)
-		return p->this;
-	    else
-		nth--;
-    }
-    return NULL;
-}
-
-int
-krb_get_krbhst(char *host, char *realm, int nth)
-{
-    struct krb_host *p = krb_get_host(nth, realm, 0);
-    if(p == NULL)
-	return KFAILURE;
-    strcpy(host, p->host);
-    return KSUCCESS;
-}
-
-int
-krb_get_admhst(char *host, char *realm, int nth)
-{
-    struct krb_host *p = krb_get_host(nth, realm, 1);
-    if(p == NULL)
-	return KFAILURE;
-    strcpy(host, p->host);
-    return KSUCCESS;
-}
diff --git a/crypto/kerberosIV/lib/krb/get_in_tkt.c b/crypto/kerberosIV/lib/krb/get_in_tkt.c
deleted file mode 100644
index 435632a665a0..000000000000
--- a/crypto/kerberosIV/lib/krb/get_in_tkt.c
+++ /dev/null
@@ -1,99 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-#include "krb_locl.h"
-
-RCSID("$Id: get_in_tkt.c,v 1.15 1997/03/23 03:53:08 joda Exp $");
-
-/*
- * This file contains three routines: passwd_to_key() and
- * passwd_to_afskey() converts a password into a DES key, using the
- * normal strinttokey and the AFS one, respectively, and
- * krb_get_pw_in_tkt() gets an initial ticket for a user.  
- */
-
-/*
- * passwd_to_key() and passwd_to_afskey: given a password, return a DES key.
- */
-
-int
-passwd_to_key(char *user, char *instance, char *realm, void *passwd,
-	      des_cblock *key)
-{
-#ifndef NOENCRYPTION
-    des_string_to_key((char *)passwd, key);
-#endif
-    return 0;
-}
-
-
-int
-passwd_to_afskey(char *user, char *instance, char *realm, void *passwd,
-		  des_cblock *key)
-{
-#ifndef NOENCRYPTION
-    afs_string_to_key((char *)passwd, realm, key);
-#endif
-    return (0);
-}
-
-/*
- * krb_get_pw_in_tkt() takes the name of the server for which the initial
- * ticket is to be obtained, the name of the principal the ticket is
- * for, the desired lifetime of the ticket, and the user's password.
- * It passes its arguments on to krb_get_in_tkt(), which contacts
- * Kerberos to get the ticket, decrypts it using the password provided,
- * and stores it away for future use.
- *
- * krb_get_pw_in_tkt() passes two additional arguments to krb_get_in_tkt():
- * the name of a routine (passwd_to_key()) to be used to get the
- * password in case the "password" argument is null and NULL for the
- * decryption procedure indicating that krb_get_in_tkt should use the 
- * default method of decrypting the response from the KDC.
- *
- * The result of the call to krb_get_in_tkt() is returned.
- */
-
-int
-krb_get_pw_in_tkt(char *user, char *instance, char *realm, char *service,
-		  char *sinstance, int life, char *password)
-{
-    char pword[100];		/* storage for the password */
-    int code;
-
-    /* Only request password once! */
-    if (!password) {
-        if (des_read_pw_string(pword, sizeof(pword)-1, "Password: ", 0)){
-	    memset(pword, 0, sizeof(pword));
-	    return INTK_BADPW;
-	}
-        password = pword;
-    }
-
-    code = krb_get_in_tkt(user,instance,realm,service,sinstance,life,
-                          passwd_to_key, NULL, password);
-    if (code == INTK_BADPW)
-	 code = krb_get_in_tkt(user,instance,realm,service,sinstance,life,
-			       passwd_to_afskey, NULL, password);
-    if (password == pword)
-        memset(pword, 0, sizeof(pword));
-    return(code);
-}
diff --git a/crypto/kerberosIV/lib/krb/get_krbrlm.c b/crypto/kerberosIV/lib/krb/get_krbrlm.c
deleted file mode 100644
index 8c5b0c99392e..000000000000
--- a/crypto/kerberosIV/lib/krb/get_krbrlm.c
+++ /dev/null
@@ -1,116 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-#include "krb_locl.h"
-
-RCSID("$Id: get_krbrlm.c,v 1.16 1997/05/02 01:26:22 assar Exp $");
-
-/*
- * krb_get_lrealm takes a pointer to a string, and a number, n.  It fills
- * in the string, r, with the name of the nth realm specified on the
- * first line of the kerberos config file (KRB_CONF, defined in "krb.h").
- * It returns 0 (KSUCCESS) on success, and KFAILURE on failure.  If the
- * config file does not exist, and if n=1, a successful return will occur
- * with r = KRB_REALM (also defined in "krb.h").
- *
- * NOTE: for archaic & compatibility reasons, this routine will only return
- * valid results when n = 1.
- *
- * For the format of the KRB_CONF file, see comments describing the routine
- * krb_get_krbhst().
- */
-
-static int
-krb_get_lrealm_f(char *r, int n, const char *fname)
-{
-    FILE *f;
-    int ret = KFAILURE;
-    f = fopen(fname, "r");
-    if(f){
-	char buf[REALM_SZ];
-	if(fgets(buf, sizeof(buf), f)){
-	    char *p = buf + strspn(buf, " \t");
-	    p[strcspn(p, " \t\r\n")] = 0;
-	    p[REALM_SZ - 1] = 0;
-	    strcpy(r, p);
-	    ret = KSUCCESS;
-	}
-	fclose(f);
-    }
-    return ret;
-}
-
-int
-krb_get_lrealm(char *r, int n)
-{
-  static const char *const files[] = KRB_CNF_FILES;
-  int i;
-  
-  const char *dir = getenv("KRBCONFDIR");
-
-  if (n > 1)
-    return(KFAILURE);		/* Temporary restriction */
-
-  /* First try user specified file */
-  if (dir != 0) {
-    char fname[MaxPathLen];
-    if(k_concat(fname, sizeof(fname), dir, "/krb.conf", NULL) == 0)
-	if (krb_get_lrealm_f(r, n, fname) == KSUCCESS)
-	    return KSUCCESS;
-  }
-
-  for (i = 0; files[i] != 0; i++)
-    if (krb_get_lrealm_f(r, n, files[i]) == KSUCCESS)
-      return KSUCCESS;
-
-  /* If nothing else works try LOCALDOMAIN, if it exists */
-  if (n == 1)
-    {
-      char *t, hostname[MaxHostNameLen];
-      k_gethostname(hostname, sizeof(hostname));
-      t = krb_realmofhost(hostname);
-      if (t) {
-	strcpy (r, t);
-	return KSUCCESS;
-      }
-      t = strchr(hostname, '.');
-      if (t == 0)
-	return KFAILURE;	/* No domain part, you loose */
-
-      t++;			/* Skip leading dot and upcase the rest */
-      for (; *t; t++, r++)
-	*r = toupper(*t);
-      *r = 0;
-      return(KSUCCESS);
-    }
-  else
-    return(KFAILURE);
-}
-
-/* For SunOS5 compat. */
-char *
-krb_get_default_realm(void)
-{
-  static char local_realm[REALM_SZ]; /* local kerberos realm */
-  if (krb_get_lrealm(local_realm, 1) != KSUCCESS)
-    strcpy(local_realm, "NO.DEFAULT.REALM");
-  return local_realm;
-}
diff --git a/crypto/kerberosIV/lib/krb/get_svc_in_tkt.c b/crypto/kerberosIV/lib/krb/get_svc_in_tkt.c
deleted file mode 100644
index c2905245efed..000000000000
--- a/crypto/kerberosIV/lib/krb/get_svc_in_tkt.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-#include "krb_locl.h"
-
-RCSID("$Id: get_svc_in_tkt.c,v 1.8 1997/03/23 03:53:09 joda Exp $");
-
-/*
- * This file contains two routines: srvtab_to_key(), which gets
- * a server's key from a srvtab file, and krb_get_svc_in_tkt() which
- * gets an initial ticket for a server.
- */
-
-/*
- * srvtab_to_key(): given a "srvtab" file (where the keys for the
- * service on a host are stored), return the private key of the
- * given service (user.instance@realm).
- *
- * srvtab_to_key() passes its arguments on to read_service_key(),
- * plus one additional argument, the key version number.
- * (Currently, the key version number is always 0; this value
- * is treated as a wildcard by read_service_key().)
- *
- * If the "srvtab" argument is null, KEYFILE (defined in "krb.h")
- * is passed in its place.
- *
- * It returns the return value of the read_service_key() call.
- * The service key is placed in "key".
- */
-
-int 
-srvtab_to_key(char *user, char *instance, char *realm, void *srvtab,
-	      des_cblock *key)
-{
-    if (!srvtab)
-        srvtab = KEYFILE;
-
-    return(read_service_key(user, instance, realm, 0, (char *)srvtab,
-                            (char *)key));
-}
-
-/*
- * krb_get_svc_in_tkt() passes its arguments on to krb_get_in_tkt(),
- * plus two additional arguments: a pointer to the srvtab_to_key()
- * function to be used to get the key from the key file and a NULL
- * for the decryption procedure indicating that krb_get_in_tkt should 
- * use the default method of decrypting the response from the KDC.
- *
- * It returns the return value of the krb_get_in_tkt() call.
- */
-
-int
-krb_get_svc_in_tkt(char *user, char *instance, char *realm, char *service,
-		   char *sinstance, int life, char *srvtab)
-{
-    return(krb_get_in_tkt(user, instance, realm, service, sinstance,
-                          life, srvtab_to_key, NULL, srvtab));
-}
diff --git a/crypto/kerberosIV/lib/krb/get_tf_fullname.c b/crypto/kerberosIV/lib/krb/get_tf_fullname.c
deleted file mode 100644
index 33733d0c0e7d..000000000000
--- a/crypto/kerberosIV/lib/krb/get_tf_fullname.c
+++ /dev/null
@@ -1,70 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-#include "krb_locl.h"
-
-RCSID("$Id: get_tf_fullname.c,v 1.6 1997/03/23 03:53:10 joda Exp $");
-
-/*
- * This file contains a routine to extract the fullname of a user
- * from the ticket file.
- */
-
-/*
- * krb_get_tf_fullname() takes four arguments: the name of the 
- * ticket file, and variables for name, instance, and realm to be
- * returned in.  Since the realm of a ticket file is not really fully 
- * supported, the realm used will be that of the the first ticket in 
- * the file as this is the one that was obtained with a password by
- * krb_get_in_tkt().
- */
-
-int
-krb_get_tf_fullname(char *ticket_file, char *name, char *instance, char *realm)
-{
-    int tf_status;
-    CREDENTIALS c;
-
-    if ((tf_status = tf_init(ticket_file, R_TKT_FIL)) != KSUCCESS)
-	return(tf_status);
-
-    if (((tf_status = tf_get_pname(c.pname)) != KSUCCESS) ||
-	((tf_status = tf_get_pinst(c.pinst)) != KSUCCESS))
-	return (tf_status);
-    
-    if (name)
-	strcpy(name, c.pname);
-    if (instance)
-	strcpy(instance, c.pinst);
-    if ((tf_status = tf_get_cred(&c)) == KSUCCESS) {
-	if (realm)
-	    strcpy(realm, c.realm);
-    }
-    else {
-	if (tf_status == EOF)
-	    return(KFAILURE);
-	else
-	    return(tf_status);
-    }    
-    tf_close();
-    
-    return(tf_status);
-}
diff --git a/crypto/kerberosIV/lib/krb/get_tf_realm.c b/crypto/kerberosIV/lib/krb/get_tf_realm.c
deleted file mode 100644
index 1a3c7d1cb5b8..000000000000
--- a/crypto/kerberosIV/lib/krb/get_tf_realm.c
+++ /dev/null
@@ -1,41 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-#include "krb_locl.h"
-
-RCSID("$Id: get_tf_realm.c,v 1.5 1997/03/23 03:53:10 joda Exp $");
-
-/*
- * This file contains a routine to extract the realm of a kerberos
- * ticket file.
- */
-
-/*
- * krb_get_tf_realm() takes two arguments: the name of a ticket 
- * and a variable to store the name of the realm in.
- * 
- */
-
-int
-krb_get_tf_realm(char *ticket_file, char *realm)
-{
-    return(krb_get_tf_fullname(ticket_file, 0, 0, realm));
-}
diff --git a/crypto/kerberosIV/lib/krb/getaddrs.c b/crypto/kerberosIV/lib/krb/getaddrs.c
deleted file mode 100644
index d25ec1bac92d..000000000000
--- a/crypto/kerberosIV/lib/krb/getaddrs.c
+++ /dev/null
@@ -1,130 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: getaddrs.c,v 1.19 1997/04/01 08:18:29 joda Exp $");
-
-#if defined(HAVE_SYS_IOCTL_H) && SunOS != 4
-#include <sys/ioctl.h>
-#endif
-#ifdef HAVE_NET_IF_H
-#include <net/if.h>
-#endif
-
-#ifdef HAVE_SYS_SOCKIO_H
-#include <sys/sockio.h>
-#endif /* HAVE_SYS_SOCKIO_H */
-
-/*
- * Return number and list of all local adresses.
- */
-
-int
-k_get_all_addrs (struct in_addr **l)
-{
-#if !defined(SIOCGIFCONF) || !defined(SIOCGIFFLAGS) || !defined(SIOCGIFADDR)
-     char name[MaxHostNameLen];
-     struct hostent *he;
-
-     if (k_gethostname(name, sizeof(name)) < 0)
-	  return -1;
-     he = gethostbyname (name);
-     if (he == NULL)
-	  return -1;
-     *l = malloc(sizeof(**l));
-     if (*l == NULL)
-	  return -1;
-     memcpy (*l, he->h_addr_list[0], sizeof(*l));
-     return 1;
-#else
-     int fd;
-     char buf[BUFSIZ];
-     struct ifreq ifreq;
-     struct ifconf ifconf;
-     int num, j;
-     char *p;
-
-     fd = socket(AF_INET, SOCK_DGRAM, 0);
-     if (fd < 0)
-	  return -1;
-
-     ifconf.ifc_len = sizeof(buf);
-     ifconf.ifc_buf = buf;
-     if(ioctl(fd, SIOCGIFCONF, &ifconf) < 0)
-	  return -1;
-     num = ifconf.ifc_len / sizeof(struct ifreq);
-     *l = malloc(num * sizeof(struct in_addr));
-     if(*l == NULL) {
-	  close (fd);
-	  return -1;
-     }
-
-     j = 0;
-     ifreq.ifr_name[0] = '\0';
-     for (p = ifconf.ifc_buf; p < ifconf.ifc_buf + ifconf.ifc_len;) {
-          struct ifreq *ifr = (struct ifreq *)p;
-#ifdef SOCKADDR_HAS_SA_LEN
-	  size_t sz = sizeof(ifr->ifr_name) + ifr->ifr_addr.sa_len;
-#else
-	  size_t sz = sizeof(*ifr);
-#endif
-	  if(strncmp(ifreq.ifr_name, ifr->ifr_name, sizeof(ifr->ifr_name))) {
-	       if(ioctl(fd, SIOCGIFFLAGS, ifr) < 0) {
-		    close (fd);
-		    free (*l);
-		    return -1;
-	       }
-	       if (ifr->ifr_flags & IFF_UP) {
-		    if(ioctl(fd, SIOCGIFADDR, ifr) < 0) {
-			 close (fd);
-			 free (*l);
-			 return -1;
-		    }
-		    (*l)[j++] = ((struct sockaddr_in *)&ifr->ifr_addr)->sin_addr;
-	       }
-	       ifreq = *ifr;
-	  }
-	  p = p + sz;
-     }
-     if (j != num)
-	  *l = realloc (*l, j * sizeof(struct in_addr));
-     close (fd);
-     return j;
-#endif /* SIOCGIFCONF */
-}
diff --git a/crypto/kerberosIV/lib/krb/getrealm.c b/crypto/kerberosIV/lib/krb/getrealm.c
deleted file mode 100644
index 05dfdabb5740..000000000000
--- a/crypto/kerberosIV/lib/krb/getrealm.c
+++ /dev/null
@@ -1,184 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-#include "krb_locl.h"
-
-RCSID("$Id: getrealm.c,v 1.25 1997/05/02 14:29:14 assar Exp $");
-
-#define MATCH_SUBDOMAINS        0
-
-/*
- * krb_realmofhost.
- * Given a fully-qualified domain-style primary host name,
- * return the name of the Kerberos realm for the host.
- * If the hostname contains no discernable domain, or an error occurs,
- * return the local realm name, as supplied by get_krbrlm().
- * If the hostname contains a domain, but no translation is found,
- * the hostname's domain is converted to upper-case and returned.
- *
- * The format of each line of the translation file is:
- * domain_name kerberos_realm
- * -or-
- * host_name kerberos_realm
- *
- * domain_name should be of the form .XXX.YYY (e.g. .LCS.MIT.EDU)
- * host names should be in the usual form (e.g. FOO.BAR.BAZ)
- */
-
-/* To automagically find the correct realm of a host (without
- * krb.realms) add a text record for your domain with the name of your
- * realm, like this:
- *
- * krb4-realm	IN	TXT	FOO.SE
- *
- * The search is recursive, so you can also add entries for specific
- * hosts. To find the realm of host a.b.c, it first tries
- * krb4-realm.a.b.c, then krb4-realm.b.c and so on.
- */
-
-static int
-dns_find_realm(char *hostname, char *realm)
-{
-    char domain[MaxHostNameLen + sizeof("krb4-realm..")];
-    char *p;
-    int level = 0;
-    struct dns_reply *r;
-    
-    p = hostname;
-
-    while(1){
-	snprintf(domain, sizeof(domain), "krb4-realm.%s.", p);
-	r = dns_lookup(domain, "TXT");
-	if(r){
-	    struct resource_record *rr = r->head;
-	    while(rr){
-		if(rr->type == T_TXT){
-		    strncpy(realm, rr->u.txt, REALM_SZ);
-		    realm[REALM_SZ - 1] = 0;
-		    dns_free_data(r);
-		    return level;
-		}
-		rr = rr->next;
-	    }
-	    dns_free_data(r);
-	}
-	level++;
-	p = strchr(p, '.');
-	if(p == NULL)
-	    break;
-	p++;
-    }
-    return -1;
-}
-
-
-static FILE *
-open_krb_realms(void)
-{
-  static const char *const files[] = KRB_RLM_FILES;
-  FILE *res;
-  int i;
-  
-  const char *dir = getenv("KRBCONFDIR");
-
-  /* First try user specified file */
-  if (dir != 0) {
-    char fname[MaxPathLen];
-
-    if(k_concat(fname, sizeof(fname), dir, "/krb.realms", NULL) == 0)
-	if ((res = fopen(fname, "r")) != NULL)
-	    return res;
-  }
-
-  for (i = 0; files[i] != 0; i++)
-    if ((res = fopen(files[i], "r")) != NULL)
-      return res;
-
-  return NULL;
-}
-
-char *
-krb_realmofhost(const char *host)
-{
-  static char ret_realm[REALM_SZ];
-  char *domain;
-  FILE *trans_file;
-  char trans_host[MaxHostNameLen];
-  char trans_realm[REALM_SZ];
-  char buf[1024];
-
-  char phost[MaxHostNameLen];
-	
-  krb_name_to_name(host, phost, sizeof(phost));
-	
-  domain = strchr(phost, '.');
-
-  /* prepare default */
-  if(dns_find_realm(phost, ret_realm) < 0){
-      if (domain) {
-	  char *cp;
-	  
-	  strncpy(ret_realm, &domain[1], REALM_SZ);
-	  ret_realm[REALM_SZ - 1] = 0;
-	  /* Upper-case realm */
-	  for (cp = ret_realm; *cp; cp++)
-	      *cp = toupper(*cp);
-      } else {
-	  krb_get_lrealm(ret_realm, 1);
-      }
-  }
-
-  if ((trans_file = open_krb_realms()) == NULL)
-      return(ret_realm); /* krb_errno = KRB_NO_TRANS */
-
-  while (fgets(buf, sizeof(buf), trans_file)) {
-      char *save = NULL;
-      char *tok = strtok_r(buf, " \t\r\n", &save);
-      if(tok == NULL)
-	  continue;
-      strncpy(trans_host, tok, MaxHostNameLen);
-      trans_host[MaxHostNameLen - 1] = 0;
-      tok = strtok_r(NULL, " \t\r\n", &save);
-      if(tok == NULL)
-	  continue;
-      strcpy(trans_realm, tok);
-      trans_realm[REALM_SZ - 1] = 0;
-      if (!strcasecmp(trans_host, phost)) {
-	  /* exact match of hostname, so return the realm */
-	  strcpy(ret_realm, trans_realm);
-	  fclose(trans_file);
-	  return(ret_realm);
-      }
-      if ((trans_host[0] == '.') && domain) { 
-	  char *cp = domain;
-	  do {
-	      if(strcasecmp(trans_host, domain) == 0){
-		  /* domain match, save for later */ 
-		  strcpy(ret_realm, trans_realm);
-		  break;
-	      }
-	      cp = strchr(cp + 1, '.');
-	  } while(MATCH_SUBDOMAINS && cp);
-      }
-  }
-  fclose(trans_file);
-  return ret_realm;
-}
diff --git a/crypto/kerberosIV/lib/krb/getst.c b/crypto/kerberosIV/lib/krb/getst.c
deleted file mode 100644
index de9996264ee6..000000000000
--- a/crypto/kerberosIV/lib/krb/getst.c
+++ /dev/null
@@ -1,45 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-#include "krb_locl.h"
-
-RCSID("$Id: getst.c,v 1.6 1997/03/23 03:53:11 joda Exp $");
-
-/*
- * getst() takes a file descriptor, a string and a count.  It reads
- * from the file until either it has read "count" characters, or until
- * it reads a null byte.  When finished, what has been read exists in
- * the given string "s".  If "count" characters were actually read, the
- * last is changed to a null, so the returned string is always null-
- * terminated.  getst() returns the number of characters read, including
- * the null terminator.
- */
-
-int
-getst(int fd, char *s, int n)
-{
-    int count = n;
-    while (read(fd, s, 1) > 0 && --count)
-        if (*s++ == '\0')
-            return (n - count);
-    *s = '\0';
-    return (n - count);
-}
diff --git a/crypto/kerberosIV/lib/krb/gettimeofday.c b/crypto/kerberosIV/lib/krb/gettimeofday.c
deleted file mode 100644
index 734ca5968ee8..000000000000
--- a/crypto/kerberosIV/lib/krb/gettimeofday.c
+++ /dev/null
@@ -1,56 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-RCSID("$Id: gettimeofday.c,v 1.5 1997/04/01 08:18:29 joda Exp $");
-
-#ifndef HAVE_GETTIMEOFDAY
-/*
- * Simple gettimeofday that only returns seconds.
- */
-int
-gettimeofday (struct timeval *tp, void *ignore)
-{
-     time_t t;
-
-     t = time(NULL);
-     tp->tv_sec  = t;
-     tp->tv_usec = 0;
-     return 0;
-}
-#endif
diff --git a/crypto/kerberosIV/lib/krb/k_concat.c b/crypto/kerberosIV/lib/krb/k_concat.c
deleted file mode 100644
index e7daa5f047cb..000000000000
--- a/crypto/kerberosIV/lib/krb/k_concat.c
+++ /dev/null
@@ -1,116 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: k_concat.c,v 1.5 1997/05/02 08:56:39 joda Exp $");
-
-int
-k_concat (char *s, size_t len, ...)
-{
-    int ret;
-    va_list args;
-
-    va_start(args, len);
-    ret = k_vconcat (s, len, args);
-    va_end(args);
-    return ret;
-}
-
-int
-k_vconcat (char *s, size_t len, va_list args)
-{
-    const char *a;
-
-    while ((a = va_arg(args, const char*))) {
-	size_t n = strlen (a);
-
-	if (n >= len)
-	    return -1;
-	strncpy (s, a, n);
-	s += n;
-	len -= n;
-    }
-    *s = '\0';
-    return 0;
-}
-
-size_t
-k_vmconcat (char **s, size_t max_len, va_list args)
-{
-    const char *a;
-    char *p, *q;
-    size_t len = 0;
-    *s = NULL;
-    p = malloc(1);
-    if(p == NULL)
-	return 0;
-    *p = 0;
-    len = 1;
-    while ((a = va_arg(args, const char*))) {
-	size_t n = strlen (a);
-	
-	if(max_len && len + n > max_len){
-	    free(p);
-	    return 0;
-	}
-	q = realloc(p, len + n);
-	if(q == NULL){
-	    free(p);
-	    return 0;
-	}
-	p = q;
-	len += n;
-	strcat(p, a);
-    }
-    *s = p;
-    return len;
-}
-
-size_t
-k_mconcat (char **s, size_t max_len, ...)
-{
-    int ret;
-    va_list args;
-
-    va_start(args, max_len);
-    ret = k_vmconcat (s, max_len, args);
-    va_end(args);
-    return ret;
-}
-
diff --git a/crypto/kerberosIV/lib/krb/k_flock.c b/crypto/kerberosIV/lib/krb/k_flock.c
deleted file mode 100644
index 844c34c44305..000000000000
--- a/crypto/kerberosIV/lib/krb/k_flock.c
+++ /dev/null
@@ -1,95 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: k_flock.c,v 1.8 1997/04/01 08:18:30 joda Exp $");
-
-#define K_OP_MASK (K_LOCK_SH | K_LOCK_EX | K_LOCK_UN)
-
-int
-k_flock(int fd, int operation)
-{
-#ifdef HAVE_FLOCK
-  int op = 0;
-  if (operation & K_LOCK_SH)
-    op |= LOCK_SH;
-  if (operation & K_LOCK_EX)
-    op |= LOCK_EX;
-  if (operation & K_LOCK_UN)
-    op |= LOCK_UN;
-  if (operation & K_LOCK_NB)
-    op |= LOCK_NB;
-
-  return flock(fd, op);
-#elif defined(HAVE_FCNTL) && defined(F_SETLK)
-  struct flock arg;
-  int code, cmd;
-  
-  arg.l_whence = SEEK_SET;
-  arg.l_start = 0;
-  arg.l_len = 0;		/* means to EOF */
-
-  if (operation & K_LOCK_NB)
-    cmd = F_SETLK;
-  else
-    cmd = F_SETLKW;		/* Blocking */
-
-  switch (operation & K_OP_MASK) {
-  case K_LOCK_UN:
-    arg.l_type = F_UNLCK;
-    code = fcntl(fd, F_SETLK, &arg);
-    break;
-  case K_LOCK_SH:
-    arg.l_type = F_RDLCK;
-    code = fcntl(fd, cmd, &arg);
-    break;
-  case K_LOCK_EX:
-    arg.l_type = F_WRLCK;
-    code = fcntl(fd, cmd, &arg);
-    break;
-  default:
-    errno = EINVAL;
-    code = -1;
-    break;
-  }
-  return code;
-#else
-  return -1;
-#endif /* !HAVE_FLOCK */
-}
diff --git a/crypto/kerberosIV/lib/krb/k_gethostname.c b/crypto/kerberosIV/lib/krb/k_gethostname.c
deleted file mode 100644
index 0f4d57f6581b..000000000000
--- a/crypto/kerberosIV/lib/krb/k_gethostname.c
+++ /dev/null
@@ -1,58 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-#include "krb_locl.h"
-RCSID("$Id: k_gethostname.c,v 1.10 1997/03/23 03:53:12 joda Exp $");
-
-#ifdef HAVE_SYS_UTSNAME_H
-#include <sys/utsname.h>
-#endif
-
-/*
- * Return the local host's name in "name", up to "namelen" characters.
- * "name" will be null-terminated if "namelen" is big enough.
- * The return code is 0 on success, -1 on failure.  (The calling
- * interface is identical to gethostname(2).)
- */
-
-int
-k_gethostname(char *name, int namelen)
-{
-#if defined(HAVE_GETHOSTNAME)
-    return gethostname(name, namelen);
-#elif defined(HAVE_UNAME)
-    {
-	struct utsname utsname;
-	int ret;
-
-	ret = uname (&utsname);
-	if (ret < 0)
-	    return ret;
-	strncpy (name, utsname.nodename, namelen);
-	name[namelen-1] = '\0';
-	return 0;
-    }
-#else
-    strncpy (name, "some.random.host", namelen);
-    name[namelen-1] = '\0';
-    return 0;
-#endif
-}
diff --git a/crypto/kerberosIV/lib/krb/k_getport.c b/crypto/kerberosIV/lib/krb/k_getport.c
deleted file mode 100644
index c5f9f15f5310..000000000000
--- a/crypto/kerberosIV/lib/krb/k_getport.c
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: k_getport.c,v 1.10 1997/04/01 08:18:30 joda Exp $");
-
-int
-k_getportbyname (const char *service, const char *proto, int default_port)
-{
-#ifdef HAVE_GETSERVBYNAME  
-    struct servent *sp;
-    
-    sp = getservbyname(service, proto);
-    if(sp != NULL)
-	return sp->s_port;
-    
-    krb_warning ("%s/%s unknown service, using default port %d\n", 
-		 service, proto ? proto : "*", ntohs(default_port));
-#endif
-    return default_port;
-}
diff --git a/crypto/kerberosIV/lib/krb/k_getsockinst.c b/crypto/kerberosIV/lib/krb/k_getsockinst.c
deleted file mode 100644
index 04676b1e4473..000000000000
--- a/crypto/kerberosIV/lib/krb/k_getsockinst.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: k_getsockinst.c,v 1.10 1997/05/02 14:29:17 assar Exp $");
-
-/*
- * Return in inst the name of the local interface bound to socket
- * fd. On Failure return the 'wildcard' instance "*".
- */
-
-int
-k_getsockinst(int fd, char *inst, size_t inst_size)
-{
-  struct sockaddr_in addr;
-  int len = sizeof(addr);
-  struct hostent *hnam;
-
-  if (getsockname(fd, (struct sockaddr *)&addr, &len) < 0)
-    goto fail;
-
-  hnam = gethostbyaddr((char *)&addr.sin_addr,
-		       sizeof(addr.sin_addr),
-		       addr.sin_family);
-  if (hnam == 0)
-    goto fail;
-
-  strncpy (inst, hnam->h_name, inst_size);
-  inst[inst_size - 1] = '\0';
-  k_ricercar(inst); /* Canonicalize name */
-  return 0;			/* Success */
-
- fail:
-  inst[0] = '*';
-  inst[1] = 0;
-  return -1;
-}
diff --git a/crypto/kerberosIV/lib/krb/k_localtime.c b/crypto/kerberosIV/lib/krb/k_localtime.c
deleted file mode 100644
index a6ffb9b7e785..000000000000
--- a/crypto/kerberosIV/lib/krb/k_localtime.c
+++ /dev/null
@@ -1,48 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: k_localtime.c,v 1.7 1997/04/01 08:18:31 joda Exp $");
-
-struct tm *k_localtime(u_int32_t *tp)
-{
-  time_t t;
-  t = *tp;
-  return localtime(&t);
-}
diff --git a/crypto/kerberosIV/lib/krb/kdc_reply.c b/crypto/kerberosIV/lib/krb/kdc_reply.c
deleted file mode 100644
index aa012e06d20a..000000000000
--- a/crypto/kerberosIV/lib/krb/kdc_reply.c
+++ /dev/null
@@ -1,131 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: kdc_reply.c,v 1.9 1997/04/15 21:52:14 assar Exp $");
-
-static int little_endian; /* XXX ugly */
-
-int
-kdc_reply_cred(KTEXT cip, CREDENTIALS *cred)
-{
-    unsigned char *p = cip->dat;
-    
-    memcpy(cred->session, p, 8);
-    p += 8;
-    
-    if(p + strlen((char*)p) > cip->dat + cip->length)
-	return INTK_BADPW;
-    p += krb_get_string(p, cred->service);
-    
-    if(p + strlen((char*)p) > cip->dat + cip->length)
-	return INTK_BADPW;
-    p += krb_get_string(p, cred->instance);
-    
-    if(p + strlen((char*)p) > cip->dat + cip->length)
-	return INTK_BADPW;
-    p += krb_get_string(p, cred->realm);
-    
-    if(p + 3 > cip->dat + cip->length)
-	return INTK_BADPW;
-    cred->lifetime = *p++;
-    cred->kvno = *p++;
-    cred->ticket_st.length = *p++;
-    
-    if(p + cred->ticket_st.length + 4 > cip->dat + cip->length)
-	return INTK_BADPW;
-    memcpy(cred->ticket_st.dat, p, cred->ticket_st.length);
-    p += cred->ticket_st.length;
-    
-    p += krb_get_int(p, (u_int32_t *)&cred->issue_date, 4, little_endian);
-    
-    return KSUCCESS;
-}
-
-int
-kdc_reply_cipher(KTEXT reply, KTEXT cip)
-{
-    unsigned char *p;
-    unsigned char pvno;
-    unsigned char type;
-
-    char aname[ANAME_SZ];
-    char inst[INST_SZ];
-    char realm[REALM_SZ];
-    
-    u_int32_t kdc_time;
-    u_int32_t exp_date;
-    u_int32_t clen;
-
-    p = reply->dat;
-
-    pvno = *p++;
-
-    if (pvno != KRB_PROT_VERSION )
-        return INTK_PROT;
-    
-    type = *p++;
-    little_endian = type & 1;
-    
-    type &= ~1;
-
-    if(type == AUTH_MSG_ERR_REPLY){
-	u_int32_t code;
-	p += strlen((char*)p) + 1; /* name */
-	p += strlen((char*)p) + 1; /* instance */
-	p += strlen((char*)p) + 1; /* realm */
-	p += 4; /* time */
-	p += krb_get_int(p, &code, 4, little_endian);
-	return code;
-    }
-    if(type != AUTH_MSG_KDC_REPLY)
-	return INTK_PROT;
-
-    p += krb_get_nir(p, aname, inst, realm);
-    p += krb_get_int(p, &kdc_time, 4, little_endian);
-    p++; /* number of tickets */
-    p += krb_get_int(p, &exp_date, 4, little_endian);
-    p++; /* master key version number */
-    p += krb_get_int(p, &clen, 2, little_endian);
-    cip->length = clen;
-    memcpy(cip->dat, p, clen);
-    p += clen;
-    
-    return KSUCCESS;
-}
diff --git a/crypto/kerberosIV/lib/krb/klog.h b/crypto/kerberosIV/lib/krb/klog.h
deleted file mode 100644
index cee92d973c20..000000000000
--- a/crypto/kerberosIV/lib/krb/klog.h
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * $Id: klog.h,v 1.5 1997/05/11 11:05:28 assar Exp $
- *
- * Copyright 1988 by the Massachusetts Institute of Technology.
- *
- * For copying and distribution information, please see the file
- * <mit-copyright.h>.
- *
- * This file defines the types of log messages logged by klog.  Each
- * type of message may be selectively turned on or off. 
- */
-
-#ifndef KLOG_DEFS
-#define KLOG_DEFS
-
-#ifndef KRBLOG
-#define KRBLOG 		"/var/log/kerberos.log"  /* master server  */
-#endif
-#ifndef KRBSLAVELOG
-#define KRBSLAVELOG	"/var/log/kerberos_slave.log"  /* slave server  */
-#endif
-#define	NLOGTYPE	100	/* Maximum number of log msg types  */
-
-#define L_NET_ERR	  1	/* Error in network code	    */
-#define L_NET_INFO	  2	/* Info on network activity	    */
-#define L_KRB_PERR	  3	/* Kerberos protocol errors	    */
-#define L_KRB_PINFO	  4	/* Kerberos protocol info	    */
-#define L_INI_REQ	  5	/* Request for initial ticket	    */
-#define L_NTGT_INTK       6	/* Initial request not for TGT	    */
-#define L_DEATH_REQ       7	/* Request for server death	    */
-#define L_TKT_REQ	  8	/* All ticket requests using a tgt  */
-#define L_ERR_SEXP	  9	/* Service expired		    */
-#define L_ERR_MKV	 10	/* Master key version incorrect     */
-#define L_ERR_NKY	 11	/* User's key is null		    */
-#define L_ERR_NUN	 12	/* Principal not unique		    */
-#define L_ERR_UNK	 13	/* Principal Unknown		    */
-#define L_ALL_REQ	 14	/* All requests			    */
-#define L_APPL_REQ	 15	/* Application requests (using tgt) */
-#define L_KRB_PWARN      16	/* Protocol warning messages	    */
-
-char * klog __P((int type, const char *format, ...))
-#ifdef __GNUC__
-__attribute__ ((format (printf, 2, 3)))
-#endif
-;
-
-#endif /* KLOG_DEFS */
diff --git a/crypto/kerberosIV/lib/krb/kntoln.c b/crypto/kerberosIV/lib/krb/kntoln.c
deleted file mode 100644
index 88b8b25ebe01..000000000000
--- a/crypto/kerberosIV/lib/krb/kntoln.c
+++ /dev/null
@@ -1,180 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-/*
- * krb_kntoln converts an auth name into a local name by looking up
- * the auth name in the /etc/aname file.  The format of the aname
- * file is:
- *
- * +-----+-----+-----+-----+------+----------+-------+-------+
- * | anl | inl | rll | lnl | name | instance | realm | lname |
- * +-----+-----+-----+-----+------+----------+-------+-------+
- * | 1by | 1by | 1by | 1by | name | instance | realm | lname |
- * +-----+-----+-----+-----+------+----------+-------+-------+
- *
- * If the /etc/aname file can not be opened it will set the
- * local name to the auth name.  Thus, in this case it performs as
- * the identity function.
- *
- * The name instance and realm are passed to krb_kntoln through
- * the AUTH_DAT structure (ad).
- *
- * Now here's what it *really* does:
- *
- * Given a Kerberos name in an AUTH_DAT structure, check that the
- * instance is null, and that the realm is the same as the local
- * realm, and return the principal's name in "lname".  Return
- * KSUCCESS if all goes well, otherwise KFAILURE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: kntoln.c,v 1.7 1997/03/23 03:53:12 joda Exp $");
-
-int
-krb_kntoln(AUTH_DAT *ad, char *lname)
-{
-    static char lrealm[REALM_SZ] = "";
-
-    if (!(*lrealm) && (krb_get_lrealm(lrealm,1) == KFAILURE))
-        return(KFAILURE);
-
-    if (strcmp(ad->pinst, ""))
-        return(KFAILURE);
-    if (strcmp(ad->prealm, lrealm))
-        return(KFAILURE);
-    strcpy(lname, ad->pname);
-    return(KSUCCESS);
-}
-
-#if 0
-/* Posted to usenet by "Derrick J. Brashear" <shadow+@andrew.cmu.edu> */
-
-#include <krb.h>
-#include <ndbm.h>
-#include <stdio.h>
-#include <sys/file.h>
-#include <strings.h>
-#include <sys/syslog.h>
-#include <sys/errno.h>
-
-extern int errno;
-/*
- * antoln converts an authentication name into a local name by looking up
- * the authentication name in the /etc/aname dbm database.
- * 
- * If the /etc/aname file can not be opened it will set the 
- * local name to the principal name.  Thus, in this case it performs as 
- * the identity function.
- * 
- * The name instance and realm are passed to antoln through
- * the AUTH_DAT structure (ad).
- */
-
-static char     lrealm[REALM_SZ] = "";
-
-an_to_ln(ad,lname)
-AUTH_DAT        *ad;
-char            *lname;
-{
-        static DBM *aname = NULL;
-        char keyname[ANAME_SZ+INST_SZ+REALM_SZ+2];
-
-        if(!(*lrealm) && (krb_get_lrealm(lrealm,1) == KFAILURE))
-                return(KFAILURE);
-
-        if((strcmp(ad->pinst,"") && strcmp(ad->pinst,"root")) ||
-strcmp(ad->prealm,lrealm)) {
-                datum val;
-                datum key;
-                /*
-                 * Non-local name (or) non-null and non-root instance.
-                 * Look up in dbm file.
-                 */
-                if (!aname) {
-                        if ((aname = dbm_open("/etc/aname", O_RDONLY, 0))
-                            == NULL) return (KFAILURE);
-                }
-                /* Construct dbm lookup key. */
-                an_to_a(ad, keyname);
-                key.dptr = keyname;
-                key.dsize = strlen(keyname)+1;
-                flock(dbm_dirfno(aname), LOCK_SH);
-                val = dbm_fetch(aname, key);
-                flock(dbm_dirfno(aname), LOCK_UN);
-                if (!val.dptr) {
-                  dbm_close(aname);
-                  return(KFAILURE);
-                }
-                /* Got it! */
-                strcpy(lname,val.dptr);
-                return(KSUCCESS);
-        } else strcpy(lname,ad->pname);
-        return(KSUCCESS);
-}
-
-an_to_a(ad, str)
-        AUTH_DAT *ad;
-        char *str;
-{
-        strcpy(str, ad->pname);
-        if(*ad->pinst) {
-                strcat(str, ".");
-                strcat(str, ad->pinst);
-        }
-        strcat(str, "@");
-        strcat(str, ad->prealm);
-}
-
-/*
- * Parse a string of the form "user[.instance][@realm]" 
- * into a struct AUTH_DAT.
- */
-
-a_to_an(str, ad)
-        AUTH_DAT *ad;
-        char *str;
-{
-        char *buf = (char *)malloc(strlen(str)+1);
-        char *rlm, *inst, *princ;
-
-        if(!(*lrealm) && (krb_get_lrealm(lrealm,1) == KFAILURE)) {
-                free(buf);
-                return(KFAILURE);
-        }
-        /* destructive string hacking is more fun.. */
-        strcpy(buf, str);
-
-        if (rlm = index(buf, '@')) {
-                *rlm++ = '\0';
-        }
-        if (inst = index(buf, '.')) {
-                *inst++ = '\0';
-        }
-        strcpy(ad->pname, buf);
-        if(inst) strcpy(ad->pinst, inst);
-        else *ad->pinst = '\0';
-        if (rlm) strcpy(ad->prealm, rlm);
-        else strcpy(ad->prealm, lrealm);
-        free(buf);
-        return(KSUCCESS);
-}
-#endif
diff --git a/crypto/kerberosIV/lib/krb/krb.def b/crypto/kerberosIV/lib/krb/krb.def
deleted file mode 100644
index da2e906ac7dc..000000000000
--- a/crypto/kerberosIV/lib/krb/krb.def
+++ /dev/null
@@ -1,92 +0,0 @@
-LIBRARY	"krb"  BASE=0x07000000
-
-DESCRIPTION "Dynamic link library for kerberos version 4"
-VERSION 1.0
-
-EXPORTS
-	krb_get_err_text
-	
-	newTktMem
-	getTktMem
-	firstCred
-	nextCredIndex
-	currCredIndex
-	nextFreeIndex
-	
-	k_flock
-	k_localtime
-	k_getsockinst
-	k_getportbyname
-	k_get_all_addrs
-
-	krb_equiv
-
-	afs_string_to_key
-
-	krb_life_to_time
-	krb_time_to_life
-	krb_life_to_atime
-	krb_atime_to_life
-
-	tf_get_cred
-	tf_get_pinst
-	tf_get_pname
-	tf_put_pinst
-	tf_put_pname
-	tf_init
-	tf_create
-	tf_save_cred
-	tf_close
-
-	krb_mk_priv
-	krb_rd_priv
-
-	create_auth_reply
-	krb_get_phost
-	krb_realmofhost
-	tkt_string
-	create_ciph
-	decomp_ticket
-	dest_tkt
-	get_ad_tkt
-	in_tkt
-	k_gethostname
-	k_isinst
-	k_isname
-	k_isrealm
-	kname_parse
-	krb_create_ticket
-	krb_get_admhst
-	krb_get_cred
-	krb_get_in_tkt
-	krb_get_krbhst
-	krb_get_lrealm
-	krb_get_default_realm
-	krb_get_pw_in_tkt
-	krb_get_svc_in_tkt
-	krb_get_tf_fullname
-	krb_get_tf_realm
-	krb_kntoln
-	krb_mk_req
-	krb_net_read
-	krb_net_write
-	krb_rd_err
-	krb_rd_req
-	krb_recvauth
-	krb_sendauth
-	krb_set_key
-	krb_set_lifetime 
-	read_service_key
-	save_credentials
-	send_to_kdc
-	krb_mk_err
-	krb_mk_safe
-	krb_rd_safe
-	ad_print
-	cr_err_reply
-	krb_set_tkt_string
-	krb_get_default_principal
-	krb_realm_parse
-	krb_verify_user
-	kset_logfile
-	getst
diff --git a/crypto/kerberosIV/lib/krb/krb.h b/crypto/kerberosIV/lib/krb/krb.h
deleted file mode 100644
index 90ca0aba406c..000000000000
--- a/crypto/kerberosIV/lib/krb/krb.h
+++ /dev/null
@@ -1,566 +0,0 @@
-/*
- * $Id$
- *
- * Copyright 1987, 1988 by the Massachusetts Institute of Technology. 
- *
- * For copying and distribution information, please see the file
- * <mit-copyright.h>. 
- *
- * Include file for the Kerberos library. 
- */
-
-/* Only one time, please */
-#ifndef	KRB_DEFS
-#define KRB_DEFS
-
-#include <sys/types.h>
-#include <sys/cdefs.h>
-#include <stdarg.h>
-#include <time.h>
-
-__BEGIN_DECLS
-
-#ifndef __P
-#define __P(x) x
-#endif
-
-/* Need some defs from des.h	 */
-#if !defined(NOPROTO) && !defined(__STDC__)
-#define NOPROTO
-#endif
-#include <des.h>
-
-/* Don't use these guys, they are only for compatibility with CNS. */
-#ifndef KRB_INT32
-#define KRB_INT32 int32_t
-#endif
-#ifndef KRB_UINT32
-#define KRB_UINT32 u_int32_t
-#endif
-
-/* Global library variables. */
-extern int krb_ignore_ip_address; /* To turn off IP address comparison */
-extern int krb_no_long_lifetimes; /* To disable AFS compatible lifetimes */
-extern int krbONE;
-#define         HOST_BYTE_ORDER (* (char *) &krbONE)
-
-/* Text describing error codes */
-#define		MAX_KRB_ERRORS	256
-extern const char *krb_err_txt[MAX_KRB_ERRORS];
-
-/* Use this function rather than indexing in krb_err_txt */
-const char *krb_get_err_text __P((int code));
-
-
-/* General definitions */
-#define		KSUCCESS	0
-#define		KFAILURE	255
-
-/*
- * Kerberos specific definitions 
- *
- * KRBLOG is the log file for the kerberos master server. KRB_CONF is
- * the configuration file where different host machines running master
- * and slave servers can be found. KRB_MASTER is the name of the
- * machine with the master database.  The admin_server runs on this
- * machine, and all changes to the db (as opposed to read-only
- * requests, which can go to slaves) must go to it. KRB_HOST is the
- * default machine * when looking for a kerberos slave server.  Other
- * possibilities are * in the KRB_CONF file. KRB_REALM is the name of
- * the realm. 
- */
-
-/* /etc/kerberosIV is only for backwards compatibility, don't use it! */
-/* FreeBSD wants to maintain backwards compatibility */
-#ifndef KRB_CONF
-#define KRB_CONF	"/etc/kerberosIV/krb.conf"
-#endif
-#ifndef KRB_RLM_TRANS
-#define KRB_RLM_TRANS   "/etc/kerberosIV/krb.realms"
-#endif
-#ifndef KRB_CNF_FILES
-#define KRB_CNF_FILES	{ KRB_CONF,   "/etc/krb.conf", 0}
-#endif
-#ifndef KRB_RLM_FILES
-#define KRB_RLM_FILES	{ KRB_RLM_TRANS, "/etc/krb.realms", 0}
-#endif
-#ifndef KRB_EQUIV
-#define KRB_EQUIV	"/etc/kerberosIV/krb.equiv"
-#endif
-#define KRB_MASTER	"kerberos"
-#ifndef KRB_REALM
-#define KRB_REALM	(krb_get_default_realm())
-#endif
-
-/* The maximum sizes for aname, realm, sname, and instance +1 */
-#define 	ANAME_SZ	40
-#define		REALM_SZ	40
-#define		SNAME_SZ	40
-#define		INST_SZ		40
-/* Leave space for quoting */
-#define		MAX_K_NAME_SZ	(2*ANAME_SZ + 2*INST_SZ + 2*REALM_SZ - 3)
-#define		KKEY_SZ		100
-#define		VERSION_SZ	1
-#define		MSG_TYPE_SZ	1
-#define		DATE_SZ		26	/* RTI date output */
-
-#define MAX_HSTNM 100 /* for compatibility */
-
-typedef struct krb_principal{
-    char name[ANAME_SZ];
-    char instance[INST_SZ];
-    char realm[REALM_SZ];
-}krb_principal;
-
-#ifndef DEFAULT_TKT_LIFE	/* allow compile-time override */
-/* default lifetime for krb_mk_req & co., 10 hrs */
-#define	DEFAULT_TKT_LIFE 120
-#endif
-
-#define		KRB_TICKET_GRANTING_TICKET	"krbtgt"
-
-/* Definition of text structure used to pass text around */
-#define		MAX_KTXT_LEN	1250
-
-struct ktext {
-    unsigned int length;		/* Length of the text */
-    unsigned char dat[MAX_KTXT_LEN];	/* The data itself */
-    u_int32_t mbz;		/* zero to catch runaway strings */
-};
-
-typedef struct ktext *KTEXT;
-typedef struct ktext KTEXT_ST;
-
-
-/* Definitions for send_to_kdc */
-#define	CLIENT_KRB_TIMEOUT	4	/* time between retries */
-#define CLIENT_KRB_RETRY	5	/* retry this many times */
-#define	CLIENT_KRB_BUFLEN	512	/* max unfragmented packet */
-
-/* Definitions for ticket file utilities */
-#define	R_TKT_FIL	0
-#define	W_TKT_FIL	1
-
-/* Parameters for rd_ap_req */
-/* Maximum alloable clock skew in seconds */
-#define 	CLOCK_SKEW	5*60
-/* Filename for readservkey */
-#ifndef		KEYFILE
-#define		KEYFILE		"/etc/kerberosIV/srvtab"
-#endif
-
-/* Structure definition for rd_ap_req */
-
-struct auth_dat {
-    unsigned char k_flags;	/* Flags from ticket */
-    char    pname[ANAME_SZ];	/* Principal's name */
-    char    pinst[INST_SZ];	/* His Instance */
-    char    prealm[REALM_SZ];	/* His Realm */
-    u_int32_t checksum;		/* Data checksum (opt) */
-    des_cblock session;		/* Session Key */
-    int     life;		/* Life of ticket */
-    u_int32_t time_sec;		/* Time ticket issued */
-    u_int32_t address;		/* Address in ticket */
-    KTEXT_ST reply;		/* Auth reply (opt) */
-};
-
-typedef struct auth_dat AUTH_DAT;
-
-/* Structure definition for credentials returned by get_cred */
-
-struct credentials {
-    char    service[ANAME_SZ];	/* Service name */
-    char    instance[INST_SZ];	/* Instance */
-    char    realm[REALM_SZ];	/* Auth domain */
-    des_cblock session;		/* Session key */
-    int     lifetime;		/* Lifetime */
-    int     kvno;		/* Key version number */
-    KTEXT_ST ticket_st;		/* The ticket itself */
-    int32_t    issue_date;	/* The issue time */
-    char    pname[ANAME_SZ];	/* Principal's name */
-    char    pinst[INST_SZ];	/* Principal's instance */
-};
-
-typedef struct credentials CREDENTIALS;
-
-/* Structure definition for rd_private_msg and rd_safe_msg */
-
-struct msg_dat {
-    unsigned char *app_data;	/* pointer to appl data */
-    u_int32_t app_length;	/* length of appl data */
-    u_int32_t hash;		/* hash to lookup replay */
-    int     swap;		/* swap bytes? */
-    int32_t    time_sec;		/* msg timestamp seconds */
-    unsigned char time_5ms;	/* msg timestamp 5ms units */
-};
-
-typedef struct msg_dat MSG_DAT;
-
-struct krb_host {
-    char *realm;
-    char *host;
-    int proto;
-    int port;
-    int admin;
-};
-
-struct krb_host *krb_get_host __P((int, char*, int));
-
-
-/* Location of ticket file for save_cred and get_cred */
-#define TKT_FILE        tkt_string()
-#define TKT_ROOT        "/tmp/tkt_"
-
-/* Error codes returned from the KDC */
-#define		KDC_OK		0	/* Request OK */
-#define		KDC_NAME_EXP	1	/* Principal expired */
-#define		KDC_SERVICE_EXP	2	/* Service expired */
-#define		KDC_AUTH_EXP	3	/* Auth expired */
-#define		KDC_PKT_VER	4	/* Protocol version unknown */
-#define		KDC_P_MKEY_VER	5	/* Wrong master key version */
-#define		KDC_S_MKEY_VER 	6	/* Wrong master key version */
-#define		KDC_BYTE_ORDER	7	/* Byte order unknown */
-#define		KDC_PR_UNKNOWN	8	/* Principal unknown */
-#define		KDC_PR_N_UNIQUE 9	/* Principal not unique */
-#define		KDC_NULL_KEY   10	/* Principal has null key */
-#define		KDC_GEN_ERR    20	/* Generic error from KDC */
-
-
-/* Values returned by get_credentials */
-#define		GC_OK		0	/* Retrieve OK */
-#define		RET_OK		0	/* Retrieve OK */
-#define		GC_TKFIL       21	/* Can't read ticket file */
-#define		RET_TKFIL      21	/* Can't read ticket file */
-#define		GC_NOTKT       22	/* Can't find ticket or TGT */
-#define		RET_NOTKT      22	/* Can't find ticket or TGT */
-
-
-/* Values returned by mk_ap_req	 */
-#define		MK_AP_OK	0	/* Success */
-#define		MK_AP_TGTEXP   26	/* TGT Expired */
-
-/* Values returned by rd_ap_req */
-#define		RD_AP_OK	0	/* Request authentic */
-#define		RD_AP_UNDEC    31	/* Can't decode authenticator */
-#define		RD_AP_EXP      32	/* Ticket expired */
-#define		RD_AP_NYV      33	/* Ticket not yet valid */
-#define		RD_AP_REPEAT   34	/* Repeated request */
-#define		RD_AP_NOT_US   35	/* The ticket isn't for us */
-#define		RD_AP_INCON    36	/* Request is inconsistent */
-#define		RD_AP_TIME     37	/* delta_t too big */
-#define		RD_AP_BADD     38	/* Incorrect net address */
-#define		RD_AP_VERSION  39	/* protocol version mismatch */
-#define		RD_AP_MSG_TYPE 40	/* invalid msg type */
-#define		RD_AP_MODIFIED 41	/* message stream modified */
-#define		RD_AP_ORDER    42	/* message out of order */
-#define		RD_AP_UNAUTHOR 43	/* unauthorized request */
-
-/* Values returned by get_pw_tkt */
-#define		GT_PW_OK	0	/* Got password changing tkt */
-#define		GT_PW_NULL     51	/* Current PW is null */
-#define		GT_PW_BADPW    52	/* Incorrect current password */
-#define		GT_PW_PROT     53	/* Protocol Error */
-#define		GT_PW_KDCERR   54	/* Error returned by KDC */
-#define		GT_PW_NULLTKT  55	/* Null tkt returned by KDC */
-
-
-/* Values returned by send_to_kdc */
-#define		SKDC_OK		0	/* Response received */
-#define		SKDC_RETRY     56	/* Retry count exceeded */
-#define		SKDC_CANT      57	/* Can't send request */
-
-/*
- * Values returned by get_intkt
- * (can also return SKDC_* and KDC errors)
- */
-
-#define		INTK_OK		0	/* Ticket obtained */
-#define		INTK_W_NOTALL  61	/* Not ALL tickets returned */
-#define		INTK_BADPW     62	/* Incorrect password */
-#define		INTK_PROT      63	/* Protocol Error */
-#define		INTK_ERR       70	/* Other error */
-
-/* Values returned by get_adtkt */
-#define         AD_OK           0	/* Ticket Obtained */
-#define         AD_NOTGT       71	/* Don't have tgt */
-#define         AD_INTR_RLM_NOTGT 72	/* Can't get inter-realm tgt */
-
-/* Error codes returned by ticket file utilities */
-#define		NO_TKT_FIL	76	/* No ticket file found */
-#define		TKT_FIL_ACC	77	/* Couldn't access tkt file */
-#define		TKT_FIL_LCK	78	/* Couldn't lock ticket file */
-#define		TKT_FIL_FMT	79	/* Bad ticket file format */
-#define		TKT_FIL_INI	80	/* tf_init not called first */
-
-/* Error code returned by kparse_name */
-#define		KNAME_FMT	81	/* Bad Kerberos name format */
-
-/* Error code returned by krb_mk_safe */
-#define		SAFE_PRIV_ERROR	-1	/* syscall error */
-
-/*
- * macros for byte swapping; also scratch space
- * u_quad  0-->7, 1-->6, 2-->5, 3-->4, 4-->3, 5-->2, 6-->1, 7-->0
- * u_int32_t  0-->3, 1-->2, 2-->1, 3-->0
- * u_int16_t 0-->1, 1-->0
- */
-
-#define     swap_u_16(x) {\
- u_int32_t   _krb_swap_tmp[4];\
- swab(((char *) x) +0, ((char *)  _krb_swap_tmp) +14 ,2); \
- swab(((char *) x) +2, ((char *)  _krb_swap_tmp) +12 ,2); \
- swab(((char *) x) +4, ((char *)  _krb_swap_tmp) +10 ,2); \
- swab(((char *) x) +6, ((char *)  _krb_swap_tmp) +8  ,2); \
- swab(((char *) x) +8, ((char *)  _krb_swap_tmp) +6 ,2); \
- swab(((char *) x) +10,((char *)  _krb_swap_tmp) +4 ,2); \
- swab(((char *) x) +12,((char *)  _krb_swap_tmp) +2 ,2); \
- swab(((char *) x) +14,((char *)  _krb_swap_tmp) +0 ,2); \
- memcpy(x, _krb_swap_tmp, 16);\
-                            }
-
-#define     swap_u_12(x) {\
- u_int32_t   _krb_swap_tmp[4];\
- swab(( char *) x,     ((char *)  _krb_swap_tmp) +10 ,2); \
- swab(((char *) x) +2, ((char *)  _krb_swap_tmp) +8 ,2); \
- swab(((char *) x) +4, ((char *)  _krb_swap_tmp) +6 ,2); \
- swab(((char *) x) +6, ((char *)  _krb_swap_tmp) +4 ,2); \
- swab(((char *) x) +8, ((char *)  _krb_swap_tmp) +2 ,2); \
- swab(((char *) x) +10,((char *)  _krb_swap_tmp) +0 ,2); \
- memcpy(x, _krb_swap_tmp, 12);\
-                            }
-
-#define     swap_C_Block(x) {\
- u_int32_t   _krb_swap_tmp[4];\
- swab(( char *) x,    ((char *)  _krb_swap_tmp) +6 ,2); \
- swab(((char *) x) +2,((char *)  _krb_swap_tmp) +4 ,2); \
- swab(((char *) x) +4,((char *)  _krb_swap_tmp) +2 ,2); \
- swab(((char *) x) +6,((char *)  _krb_swap_tmp)    ,2); \
- memcpy(x, _krb_swap_tmp, 8);\
-                            }
-#define     swap_u_quad(x) {\
- u_int32_t   _krb_swap_tmp[4];\
- swab(( char *) &x,    ((char *)  _krb_swap_tmp) +6 ,2); \
- swab(((char *) &x) +2,((char *)  _krb_swap_tmp) +4 ,2); \
- swab(((char *) &x) +4,((char *)  _krb_swap_tmp) +2 ,2); \
- swab(((char *) &x) +6,((char *)  _krb_swap_tmp)    ,2); \
- memcpy(x, _krb_swap_tmp, 8);\
-                            }
-
-#define     swap_u_long(x) {\
- u_int32_t   _krb_swap_tmp[4];\
- swab((char *)  &x,    ((char *)  _krb_swap_tmp) +2 ,2); \
- swab(((char *) &x) +2,((char *)  _krb_swap_tmp),2); \
- x = _krb_swap_tmp[0];   \
-                           }
-
-#define     swap_u_short(x) {\
- u_int16_t	_krb_swap_sh_tmp; \
- swab((char *)  &x,    ( &_krb_swap_sh_tmp) ,2); \
- x = (u_int16_t) _krb_swap_sh_tmp; \
-                            }
-/* Kerberos ticket flag field bit definitions */
-#define K_FLAG_ORDER    0       /* bit 0 --> lsb */
-#define K_FLAG_1                /* reserved */
-#define K_FLAG_2                /* reserved */
-#define K_FLAG_3                /* reserved */
-#define K_FLAG_4                /* reserved */
-#define K_FLAG_5                /* reserved */
-#define K_FLAG_6                /* reserved */
-#define K_FLAG_7                /* reserved, bit 7 --> msb */
-
-/* Defines for krb_sendauth and krb_recvauth */
-
-#define	KOPT_DONT_MK_REQ 0x00000001 /* don't call krb_mk_req */
-#define	KOPT_DO_MUTUAL   0x00000002 /* do mutual auth */
-
-#define	KOPT_DONT_CANON  0x00000004 /*
-				     * don't canonicalize inst as
-				     * a hostname
-				     */
-
-#define	KRB_SENDAUTH_VLEN 8	    /* length for version strings */
-
-
-/* File locking */
-#define   K_LOCK_SH   1		/* Shared lock */
-#define   K_LOCK_EX   2		/* Exclusive lock */
-#define   K_LOCK_NB   4		/* Don't block when locking */
-#define   K_LOCK_UN   8		/* Unlock */
-int k_flock __P((int fd, int operation));
-struct tm *k_localtime __P((u_int32_t *));
-int k_getsockinst __P((int fd, char *inst, size_t));
-int k_getportbyname __P((const char *service, const char *proto, int default_port));
-
-extern char *krb4_version;
-
-struct in_addr;
-
-int k_get_all_addrs __P((struct in_addr **l));
-
-/* Host address comparison */
-int krb_equiv __P((u_int32_t, u_int32_t));
-
-/* Password conversion */
-void mit_string_to_key __P((char *str, char *cell, des_cblock *key));
-void afs_string_to_key __P((char *str, char *cell, des_cblock *key));
-
-/* Lifetime conversion */
-u_int32_t krb_life_to_time __P((u_int32_t start, int life));
-int krb_time_to_life __P((u_int32_t start, u_int32_t end));
-char *krb_life_to_atime __P((int life));
-int krb_atime_to_life __P((char *atime));
-
-/* Ticket manipulation */
-int tf_get_cred __P((CREDENTIALS *));
-int tf_get_pinst __P((char *));
-int tf_get_pname __P((char *));
-int tf_put_pinst __P((char *));
-int tf_put_pname __P((char *));
-int tf_init __P((char *, int));
-int tf_create __P((char *));
-int tf_save_cred __P((char *, char *, char *, unsigned char *, int , int , KTEXT ticket, u_int32_t));
-void tf_close __P((void));
-int tf_setup __P((CREDENTIALS *cred, char *pname, char *pinst));
-
-/* Private communication */
-
-struct sockaddr_in;
-
-int32_t krb_mk_priv __P((void *, void *, u_int32_t, struct des_ks_struct *, des_cblock *, struct sockaddr_in *, struct sockaddr_in *));
-int32_t krb_rd_priv __P((void *, u_int32_t, struct des_ks_struct *, des_cblock *, struct sockaddr_in *, struct sockaddr_in *, MSG_DAT *));
-
-/* Misc */
-KTEXT create_auth_reply __P((char *, char *, char *, int32_t, int, u_int32_t, int, KTEXT));
-
-char *krb_get_phost __P((const char *));
-char *krb_realmofhost __P((const char *));
-char *tkt_string __P((void));
-
-int create_ciph __P((KTEXT, unsigned char *, char *, char *, char *, u_int32_t, int, KTEXT, u_int32_t, des_cblock *));
-int decomp_ticket __P((KTEXT, unsigned char *, char *, char *, char *, u_int32_t *, unsigned char *, int *, u_int32_t *, char *, char *, des_cblock *, struct des_ks_struct *));
-int dest_tkt __P((void));
-int get_ad_tkt __P((char *, char *, char *, int));
-int get_pw_tkt __P((char *, char *, char *, char *));
-int get_request __P((KTEXT, int, char **, char **));
-int in_tkt __P((char *, char *));
-int k_gethostname __P((char *, int ));
-int k_isinst __P((char *));
-int k_isname __P((char *));
-int k_isrealm __P((char *));
-int kname_parse __P((char *, char *, char *, char *));
-int krb_parse_name __P((const char*, krb_principal*));
-char *krb_unparse_name  __P((krb_principal*));
-char *krb_unparse_name_r  __P((krb_principal*, char*));
-char *krb_unparse_name_long  __P((char*, char*, char*));
-char *krb_unparse_name_long_r __P((char *name, char *instance, char *realm, char *fullname));
-int krb_create_ticket __P((KTEXT, unsigned char, char *, char *, char *, int32_t, void *, int16_t, int32_t, char *, char *, des_cblock *));
-int krb_get_admhst __P((char *, char *, int));
-int krb_get_cred __P((char *, char *, char *, CREDENTIALS *));
-
-typedef int (*key_proc_t) __P((char*, char*, char*, void*, des_cblock*));
-
-typedef int (*decrypt_proc_t) __P((char*, char*, char*, void*, 
-			      key_proc_t, KTEXT*));
-
-int krb_get_in_tkt __P((char*, char*, char*, char*, char*, int, key_proc_t, 
-			decrypt_proc_t, void*));
-
-int srvtab_to_key	__P((char *, char *, char *, void *, des_cblock *));
-int passwd_to_key	__P((char *, char *, char *, void *, des_cblock *));
-int passwd_to_afskey	__P((char *, char *, char *, void *, des_cblock *));
-
-int krb_get_krbhst __P((char *, char *, int));
-int krb_get_lrealm __P((char *, int));
-char *krb_get_default_realm __P((void));
-int krb_get_pw_in_tkt __P((char *, char *, char *, char *, char *, int, char *));
-int krb_get_svc_in_tkt __P((char *, char *, char *, char *, char *, int, char *));
-int krb_get_tf_fullname __P((char *, char *, char *, char *));
-int krb_get_tf_realm __P((char *, char *));
-int krb_kntoln __P((AUTH_DAT *, char *));
-int krb_mk_req __P((KTEXT , char *, char *, char *, int32_t));
-int krb_net_read __P((int , void *, size_t));
-int krb_net_write __P((int , const void *, size_t));
-int krb_rd_err __P((u_char *, u_int32_t, int32_t *, MSG_DAT *));
-int krb_rd_req __P((KTEXT , char *, char *, int32_t, AUTH_DAT *, char *));
-int krb_recvauth __P((int32_t, int, KTEXT, char *, char *, struct sockaddr_in *, struct sockaddr_in *, AUTH_DAT *, char *, struct des_ks_struct *, char *));
-int krb_sendauth __P((int32_t, int, KTEXT, char *,char *, char *, u_int32_t, MSG_DAT *, CREDENTIALS *, struct des_ks_struct *, struct sockaddr_in *, struct sockaddr_in *, char *));
-int krb_mk_auth __P((int32_t, KTEXT, char *, char *, char *, u_int32_t, char *, KTEXT));
-int krb_check_auth __P((KTEXT, u_int32_t, MSG_DAT *, des_cblock *, struct des_ks_struct *, struct sockaddr_in *, struct sockaddr_in *));
-int krb_set_key __P((void *, int));
-int krb_set_lifetime __P((int));
-int krb_kuserok __P((char *name, char *inst, char *realm, char *luser));
-int kuserok __P((AUTH_DAT *, char *));
-int read_service_key __P((char *, char *, char *, int , char *, char *));
-int save_credentials __P((char *, char *, char *, unsigned char *, int , int , KTEXT , int32_t));
-int send_to_kdc __P((KTEXT , KTEXT , char *));
-
-int32_t krb_mk_err __P((u_char *, int32_t, char *));
-int32_t krb_mk_safe __P((void *, void *, u_int32_t, des_cblock *, struct sockaddr_in *, struct sockaddr_in *));
-int32_t krb_rd_safe __P((void *, u_int32_t, des_cblock *, struct sockaddr_in *, struct sockaddr_in *, MSG_DAT *));
-
-void ad_print __P((AUTH_DAT *));
-void cr_err_reply __P((KTEXT, char *, char *, char *, u_int32_t, u_int32_t, char *));
-void extract_ticket __P((KTEXT, int, char *, int *, int *, char *, KTEXT));
-void krb_set_tkt_string __P((char *));
-
-int krb_get_default_principal __P((char *, char *, char *));
-int krb_realm_parse __P((char *, int));
-int krb_verify_user __P((char*, char*, char*, char*, int, char *));
-
-/* logging.c */
-
-typedef int (*krb_log_func_t)(FILE *, const char *, va_list);
-
-typedef krb_log_func_t krb_warnfn_t;
-
-struct krb_log_facility;
-
-int krb_vlogger __P((struct krb_log_facility*, const char *, va_list))
-#ifdef __GNUC__
-__attribute__ ((format (printf, 2, 0)))
-#endif
-;
-int krb_logger __P((struct krb_log_facility*, const char *, ...))
-#ifdef __GNUC__
-__attribute__ ((format (printf, 2, 3)))
-#endif
-;
-int krb_openlog __P((struct krb_log_facility*, char*, FILE*, krb_log_func_t));
-
-void krb_set_warnfn  __P((krb_warnfn_t));
-krb_warnfn_t krb_get_warnfn  __P((void));
-void krb_warning  __P((const char*, ...))
-#ifdef __GNUC__
-__attribute__ ((format (printf, 1, 2)))
-#endif
-;
-
-void kset_logfile __P((char*));
-void krb_log __P((const char*, ...))
-#ifdef __GNUC__
-__attribute__ ((format (printf, 1, 2)))
-#endif
-;
-char *klog __P((int, const char*, ...))
-#ifdef __GNUC__
-__attribute__ ((format (printf, 2, 3)))
-#endif
-;
-
-int getst __P((int, char *, int));
-const char *month_sname __P((int));
-const char *krb_stime __P((time_t *));
-int krb_check_tm __P((struct tm));
-
-int krb_get_int __P((void *from, u_int32_t *to, int size, int lsb));
-int krb_put_int __P((u_int32_t from, void *to, int size));
-int krb_get_address __P((void *from, u_int32_t *to));
-int krb_put_address __P((u_int32_t addr, void *to));
-int krb_put_string __P((char *from, void *to));
-int krb_get_string __P((void *from, char *to));
-int krb_get_nir __P((void *from, char *name, char *instance, char *realm));
-int krb_put_nir __P((char *name, char *instance, char *realm, void *to));
-
-__END_DECLS
-
-#endif /* KRB_DEFS */
diff --git a/crypto/kerberosIV/lib/krb/krb.mak b/crypto/kerberosIV/lib/krb/krb.mak
deleted file mode 100644
index 1236261a0818..000000000000
--- a/crypto/kerberosIV/lib/krb/krb.mak
+++ /dev/null
@@ -1,3065 +0,0 @@
-# Microsoft Developer Studio Generated NMAKE File, Format Version 4.10
-# ** DO NOT EDIT **
-
-# TARGTYPE "Win32 (x86) Dynamic-Link Library" 0x0102
-
-!IF "$(CFG)" == ""
-CFG=krb - Win32 Debug
-!MESSAGE No configuration specified.  Defaulting to krb - Win32 Debug.
-!ENDIF 
-
-!IF "$(CFG)" != "krb - Win32 Release" && "$(CFG)" != "krb - Win32 Debug"
-!MESSAGE Invalid configuration "$(CFG)" specified.
-!MESSAGE You can specify a configuration when running NMAKE on this makefile
-!MESSAGE by defining the macro CFG on the command line.  For example:
-!MESSAGE 
-!MESSAGE NMAKE /f "krb.mak" CFG="krb - Win32 Debug"
-!MESSAGE 
-!MESSAGE Possible choices for configuration are:
-!MESSAGE 
-!MESSAGE "krb - Win32 Release" (based on "Win32 (x86) Dynamic-Link Library")
-!MESSAGE "krb - Win32 Debug" (based on "Win32 (x86) Dynamic-Link Library")
-!MESSAGE 
-!ERROR An invalid configuration is specified.
-!ENDIF 
-
-!IF "$(OS)" == "Windows_NT"
-NULL=
-!ELSE 
-NULL=nul
-!ENDIF 
-################################################################################
-# Begin Project
-# PROP Target_Last_Scanned "krb - Win32 Debug"
-RSC=rc.exe
-MTL=mktyplib.exe
-CPP=cl.exe
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-# PROP BASE Use_MFC 0
-# PROP BASE Use_Debug_Libraries 0
-# PROP BASE Output_Dir "Release"
-# PROP BASE Intermediate_Dir "Release"
-# PROP BASE Target_Dir ""
-# PROP Use_MFC 0
-# PROP Use_Debug_Libraries 0
-# PROP Output_Dir "Release"
-# PROP Intermediate_Dir "Release"
-# PROP Target_Dir ""
-OUTDIR=.\Release
-INTDIR=.\Release
-
-ALL : ".\Release\krb.dll"
-
-CLEAN : 
-	-@erase ".\Release\cr_err_reply.obj"
-	-@erase ".\Release\create_auth_reply.obj"
-	-@erase ".\Release\create_ciph.obj"
-	-@erase ".\Release\create_ticket.obj"
-	-@erase ".\Release\debug_decl.obj"
-	-@erase ".\Release\decomp_ticket.obj"
-	-@erase ".\Release\dllmain.obj"
-	-@erase ".\Release\encrypt_ktext.obj"
-	-@erase ".\Release\et_list.obj"
-	-@erase ".\Release\get_ad_tkt.obj"
-	-@erase ".\Release\get_cred.obj"
-	-@erase ".\Release\get_default_principal.obj"
-	-@erase ".\Release\get_host.obj"
-	-@erase ".\Release\get_in_tkt.obj"
-	-@erase ".\Release\get_krbrlm.obj"
-	-@erase ".\Release\get_phost.obj"
-	-@erase ".\Release\get_svc_in_tkt.obj"
-	-@erase ".\Release\get_tf_fullname.obj"
-	-@erase ".\Release\get_tf_realm.obj"
-	-@erase ".\Release\getaddrs.obj"
-	-@erase ".\Release\getrealm.obj"
-	-@erase ".\Release\getst.obj"
-	-@erase ".\Release\k_flock.obj"
-	-@erase ".\Release\k_gethostname.obj"
-	-@erase ".\Release\k_getport.obj"
-	-@erase ".\Release\k_getsockinst.obj"
-	-@erase ".\Release\k_localtime.obj"
-	-@erase ".\Release\kdc_reply.obj"
-	-@erase ".\Release\kntoln.obj"
-	-@erase ".\Release\krb.dll"
-	-@erase ".\Release\krb.exp"
-	-@erase ".\Release\krb.lib"
-	-@erase ".\Release\krb_check_auth.obj"
-	-@erase ".\Release\krb_equiv.obj"
-	-@erase ".\Release\krb_err_txt.obj"
-	-@erase ".\Release\krb_get_in_tkt.obj"
-	-@erase ".\Release\lifetime.obj"
-	-@erase ".\Release\logging.obj"
-	-@erase ".\Release\lsb_addr_comp.obj"
-	-@erase ".\Release\mk_auth.obj"
-	-@erase ".\Release\mk_err.obj"
-	-@erase ".\Release\mk_priv.obj"
-	-@erase ".\Release\mk_req.obj"
-	-@erase ".\Release\mk_safe.obj"
-	-@erase ".\Release\month_sname.obj"
-	-@erase ".\Release\name2name.obj"
-	-@erase ".\Release\netread.obj"
-	-@erase ".\Release\netwrite.obj"
-	-@erase ".\Release\one.obj"
-	-@erase ".\Release\parse_name.obj"
-	-@erase ".\Release\rd_err.obj"
-	-@erase ".\Release\rd_priv.obj"
-	-@erase ".\Release\rd_req.obj"
-	-@erase ".\Release\rd_safe.obj"
-	-@erase ".\Release\read_service_key.obj"
-	-@erase ".\Release\realm_parse.obj"
-	-@erase ".\Release\recvauth.obj"
-	-@erase ".\Release\resolve.obj"
-	-@erase ".\Release\rw.obj"
-	-@erase ".\Release\save_credentials.obj"
-	-@erase ".\Release\send_to_kdc.obj"
-	-@erase ".\Release\sendauth.obj"
-	-@erase ".\Release\stime.obj"
-	-@erase ".\Release\str2key.obj"
-	-@erase ".\Release\swab.obj"
-	-@erase ".\Release\ticket_memory.obj"
-	-@erase ".\Release\tkt_string.obj"
-	-@erase ".\Release\unparse_name.obj"
-	-@erase ".\Release\util.obj"
-	-@erase ".\Release\verify_user.obj"
-
-"$(OUTDIR)" :
-    if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)"
-
-# ADD BASE CPP /nologo /MT /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /YX /c
-# ADD CPP /nologo /MT /W3 /GX /O2 /I "." /I "..\..\include" /I "..\..\include\win32" /I "..\des" /I "..\roken" /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D "HAVE_CONFIG_H" /YX /c
-CPP_PROJ=/nologo /MT /W3 /GX /O2 /I "." /I "..\..\include" /I\
- "..\..\include\win32" /I "..\des" /I "..\roken" /D "NDEBUG" /D "WIN32" /D\
- "_WINDOWS" /D "HAVE_CONFIG_H" /Fp"$(INTDIR)/krb.pch" /YX /Fo"$(INTDIR)/" /c 
-CPP_OBJS=.\Release/
-CPP_SBRS=.\.
-# ADD BASE MTL /nologo /D "NDEBUG" /win32
-# ADD MTL /nologo /D "NDEBUG" /win32
-MTL_PROJ=/nologo /D "NDEBUG" /win32 
-# ADD BASE RSC /l 0x409 /d "NDEBUG"
-# ADD RSC /l 0x409 /d "NDEBUG"
-BSC32=bscmake.exe
-# ADD BASE BSC32 /nologo
-# ADD BSC32 /nologo
-BSC32_FLAGS=/nologo /o"$(OUTDIR)/krb.bsc" 
-BSC32_SBRS= \
-	
-LINK32=link.exe
-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /dll /machine:I386
-# ADD LINK32 ..\roken\Release\roken.lib ..\des\Release\des.lib wsock32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /dll /machine:I386
-LINK32_FLAGS=..\roken\Release\roken.lib ..\des\Release\des.lib wsock32.lib\
- kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib\
- shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo\
- /subsystem:windows /dll /incremental:no /pdb:"$(OUTDIR)/krb.pdb" /machine:I386\
- /def:".\krb.def" /out:"$(OUTDIR)/krb.dll" /implib:"$(OUTDIR)/krb.lib" 
-DEF_FILE= \
-	".\krb.def"
-LINK32_OBJS= \
-	".\Release\cr_err_reply.obj" \
-	".\Release\create_auth_reply.obj" \
-	".\Release\create_ciph.obj" \
-	".\Release\create_ticket.obj" \
-	".\Release\debug_decl.obj" \
-	".\Release\decomp_ticket.obj" \
-	".\Release\dllmain.obj" \
-	".\Release\encrypt_ktext.obj" \
-	".\Release\et_list.obj" \
-	".\Release\get_ad_tkt.obj" \
-	".\Release\get_cred.obj" \
-	".\Release\get_default_principal.obj" \
-	".\Release\get_host.obj" \
-	".\Release\get_in_tkt.obj" \
-	".\Release\get_krbrlm.obj" \
-	".\Release\get_phost.obj" \
-	".\Release\get_svc_in_tkt.obj" \
-	".\Release\get_tf_fullname.obj" \
-	".\Release\get_tf_realm.obj" \
-	".\Release\getaddrs.obj" \
-	".\Release\getrealm.obj" \
-	".\Release\getst.obj" \
-	".\Release\k_flock.obj" \
-	".\Release\k_gethostname.obj" \
-	".\Release\k_getport.obj" \
-	".\Release\k_getsockinst.obj" \
-	".\Release\k_localtime.obj" \
-	".\Release\kdc_reply.obj" \
-	".\Release\kntoln.obj" \
-	".\Release\krb_check_auth.obj" \
-	".\Release\krb_equiv.obj" \
-	".\Release\krb_err_txt.obj" \
-	".\Release\krb_get_in_tkt.obj" \
-	".\Release\lifetime.obj" \
-	".\Release\logging.obj" \
-	".\Release\lsb_addr_comp.obj" \
-	".\Release\mk_auth.obj" \
-	".\Release\mk_err.obj" \
-	".\Release\mk_priv.obj" \
-	".\Release\mk_req.obj" \
-	".\Release\mk_safe.obj" \
-	".\Release\month_sname.obj" \
-	".\Release\name2name.obj" \
-	".\Release\netread.obj" \
-	".\Release\netwrite.obj" \
-	".\Release\one.obj" \
-	".\Release\parse_name.obj" \
-	".\Release\rd_err.obj" \
-	".\Release\rd_priv.obj" \
-	".\Release\rd_req.obj" \
-	".\Release\rd_safe.obj" \
-	".\Release\read_service_key.obj" \
-	".\Release\realm_parse.obj" \
-	".\Release\recvauth.obj" \
-	".\Release\resolve.obj" \
-	".\Release\rw.obj" \
-	".\Release\save_credentials.obj" \
-	".\Release\send_to_kdc.obj" \
-	".\Release\sendauth.obj" \
-	".\Release\stime.obj" \
-	".\Release\str2key.obj" \
-	".\Release\swab.obj" \
-	".\Release\ticket_memory.obj" \
-	".\Release\tkt_string.obj" \
-	".\Release\unparse_name.obj" \
-	".\Release\util.obj" \
-	".\Release\verify_user.obj"
-
-".\Release\krb.dll" : "$(OUTDIR)" $(DEF_FILE) $(LINK32_OBJS)
-    $(LINK32) @<<
-  $(LINK32_FLAGS) $(LINK32_OBJS)
-<<
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-# PROP BASE Use_MFC 0
-# PROP BASE Use_Debug_Libraries 1
-# PROP BASE Output_Dir "Debug"
-# PROP BASE Intermediate_Dir "Debug"
-# PROP BASE Target_Dir ""
-# PROP Use_MFC 0
-# PROP Use_Debug_Libraries 1
-# PROP Output_Dir "Debug"
-# PROP Intermediate_Dir "Debug"
-# PROP Target_Dir ""
-OUTDIR=.\Debug
-INTDIR=.\Debug
-
-ALL : ".\Debug\krb.dll"
-
-CLEAN : 
-	-@erase ".\Debug\cr_err_reply.obj"
-	-@erase ".\Debug\create_auth_reply.obj"
-	-@erase ".\Debug\create_ciph.obj"
-	-@erase ".\Debug\create_ticket.obj"
-	-@erase ".\Debug\debug_decl.obj"
-	-@erase ".\Debug\decomp_ticket.obj"
-	-@erase ".\Debug\dllmain.obj"
-	-@erase ".\Debug\encrypt_ktext.obj"
-	-@erase ".\Debug\et_list.obj"
-	-@erase ".\Debug\get_ad_tkt.obj"
-	-@erase ".\Debug\get_cred.obj"
-	-@erase ".\Debug\get_default_principal.obj"
-	-@erase ".\Debug\get_host.obj"
-	-@erase ".\Debug\get_in_tkt.obj"
-	-@erase ".\Debug\get_krbrlm.obj"
-	-@erase ".\Debug\get_phost.obj"
-	-@erase ".\Debug\get_svc_in_tkt.obj"
-	-@erase ".\Debug\get_tf_fullname.obj"
-	-@erase ".\Debug\get_tf_realm.obj"
-	-@erase ".\Debug\getaddrs.obj"
-	-@erase ".\Debug\getrealm.obj"
-	-@erase ".\Debug\getst.obj"
-	-@erase ".\Debug\k_flock.obj"
-	-@erase ".\Debug\k_gethostname.obj"
-	-@erase ".\Debug\k_getport.obj"
-	-@erase ".\Debug\k_getsockinst.obj"
-	-@erase ".\Debug\k_localtime.obj"
-	-@erase ".\Debug\kdc_reply.obj"
-	-@erase ".\Debug\kntoln.obj"
-	-@erase ".\Debug\krb.dll"
-	-@erase ".\Debug\krb.exp"
-	-@erase ".\Debug\krb.ilk"
-	-@erase ".\Debug\krb.lib"
-	-@erase ".\Debug\krb.pdb"
-	-@erase ".\Debug\krb_check_auth.obj"
-	-@erase ".\Debug\krb_equiv.obj"
-	-@erase ".\Debug\krb_err_txt.obj"
-	-@erase ".\Debug\krb_get_in_tkt.obj"
-	-@erase ".\Debug\lifetime.obj"
-	-@erase ".\Debug\logging.obj"
-	-@erase ".\Debug\lsb_addr_comp.obj"
-	-@erase ".\Debug\mk_auth.obj"
-	-@erase ".\Debug\mk_err.obj"
-	-@erase ".\Debug\mk_priv.obj"
-	-@erase ".\Debug\mk_req.obj"
-	-@erase ".\Debug\mk_safe.obj"
-	-@erase ".\Debug\month_sname.obj"
-	-@erase ".\Debug\name2name.obj"
-	-@erase ".\Debug\netread.obj"
-	-@erase ".\Debug\netwrite.obj"
-	-@erase ".\Debug\one.obj"
-	-@erase ".\Debug\parse_name.obj"
-	-@erase ".\Debug\rd_err.obj"
-	-@erase ".\Debug\rd_priv.obj"
-	-@erase ".\Debug\rd_req.obj"
-	-@erase ".\Debug\rd_safe.obj"
-	-@erase ".\Debug\read_service_key.obj"
-	-@erase ".\Debug\realm_parse.obj"
-	-@erase ".\Debug\recvauth.obj"
-	-@erase ".\Debug\resolve.obj"
-	-@erase ".\Debug\rw.obj"
-	-@erase ".\Debug\save_credentials.obj"
-	-@erase ".\Debug\send_to_kdc.obj"
-	-@erase ".\Debug\sendauth.obj"
-	-@erase ".\Debug\stime.obj"
-	-@erase ".\Debug\str2key.obj"
-	-@erase ".\Debug\swab.obj"
-	-@erase ".\Debug\ticket_memory.obj"
-	-@erase ".\Debug\tkt_string.obj"
-	-@erase ".\Debug\unparse_name.obj"
-	-@erase ".\Debug\util.obj"
-	-@erase ".\Debug\vc40.idb"
-	-@erase ".\Debug\vc40.pdb"
-	-@erase ".\Debug\verify_user.obj"
-
-"$(OUTDIR)" :
-    if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)"
-
-# ADD BASE CPP /nologo /MTd /W3 /Gm /GX /Zi /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /YX /c
-# ADD CPP /nologo /MTd /W3 /Gm /GX /Zi /Od /I "." /I "..\..\include" /I "..\..\include\win32" /I "..\des" /I "..\roken" /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /D "HAVE_CONFIG_H" /YX /c
-CPP_PROJ=/nologo /MTd /W3 /Gm /GX /Zi /Od /I "." /I "..\..\include" /I\
- "..\..\include\win32" /I "..\des" /I "..\roken" /D "_DEBUG" /D "WIN32" /D\
- "_WINDOWS" /D "HAVE_CONFIG_H" /Fp"$(INTDIR)/krb.pch" /YX /Fo"$(INTDIR)/"\
- /Fd"$(INTDIR)/" /c 
-CPP_OBJS=.\Debug/
-CPP_SBRS=.\.
-# ADD BASE MTL /nologo /D "_DEBUG" /win32
-# ADD MTL /nologo /D "_DEBUG" /win32
-MTL_PROJ=/nologo /D "_DEBUG" /win32 
-# ADD BASE RSC /l 0x409 /d "_DEBUG"
-# ADD RSC /l 0x409 /d "_DEBUG"
-BSC32=bscmake.exe
-# ADD BASE BSC32 /nologo
-# ADD BSC32 /nologo
-BSC32_FLAGS=/nologo /o"$(OUTDIR)/krb.bsc" 
-BSC32_SBRS= \
-	
-LINK32=link.exe
-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /dll /debug /machine:I386
-# ADD LINK32 ..\roken\Debug\roken.lib ..\des\Debug\des.lib wsock32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /dll /debug /machine:I386
-LINK32_FLAGS=..\roken\Debug\roken.lib ..\des\Debug\des.lib wsock32.lib\
- kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib\
- shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo\
- /subsystem:windows /dll /incremental:yes /pdb:"$(OUTDIR)/krb.pdb" /debug\
- /machine:I386 /def:".\krb.def" /out:"$(OUTDIR)/krb.dll"\
- /implib:"$(OUTDIR)/krb.lib" 
-DEF_FILE= \
-	".\krb.def"
-LINK32_OBJS= \
-	".\Debug\cr_err_reply.obj" \
-	".\Debug\create_auth_reply.obj" \
-	".\Debug\create_ciph.obj" \
-	".\Debug\create_ticket.obj" \
-	".\Debug\debug_decl.obj" \
-	".\Debug\decomp_ticket.obj" \
-	".\Debug\dllmain.obj" \
-	".\Debug\encrypt_ktext.obj" \
-	".\Debug\et_list.obj" \
-	".\Debug\get_ad_tkt.obj" \
-	".\Debug\get_cred.obj" \
-	".\Debug\get_default_principal.obj" \
-	".\Debug\get_host.obj" \
-	".\Debug\get_in_tkt.obj" \
-	".\Debug\get_krbrlm.obj" \
-	".\Debug\get_phost.obj" \
-	".\Debug\get_svc_in_tkt.obj" \
-	".\Debug\get_tf_fullname.obj" \
-	".\Debug\get_tf_realm.obj" \
-	".\Debug\getaddrs.obj" \
-	".\Debug\getrealm.obj" \
-	".\Debug\getst.obj" \
-	".\Debug\k_flock.obj" \
-	".\Debug\k_gethostname.obj" \
-	".\Debug\k_getport.obj" \
-	".\Debug\k_getsockinst.obj" \
-	".\Debug\k_localtime.obj" \
-	".\Debug\kdc_reply.obj" \
-	".\Debug\kntoln.obj" \
-	".\Debug\krb_check_auth.obj" \
-	".\Debug\krb_equiv.obj" \
-	".\Debug\krb_err_txt.obj" \
-	".\Debug\krb_get_in_tkt.obj" \
-	".\Debug\lifetime.obj" \
-	".\Debug\logging.obj" \
-	".\Debug\lsb_addr_comp.obj" \
-	".\Debug\mk_auth.obj" \
-	".\Debug\mk_err.obj" \
-	".\Debug\mk_priv.obj" \
-	".\Debug\mk_req.obj" \
-	".\Debug\mk_safe.obj" \
-	".\Debug\month_sname.obj" \
-	".\Debug\name2name.obj" \
-	".\Debug\netread.obj" \
-	".\Debug\netwrite.obj" \
-	".\Debug\one.obj" \
-	".\Debug\parse_name.obj" \
-	".\Debug\rd_err.obj" \
-	".\Debug\rd_priv.obj" \
-	".\Debug\rd_req.obj" \
-	".\Debug\rd_safe.obj" \
-	".\Debug\read_service_key.obj" \
-	".\Debug\realm_parse.obj" \
-	".\Debug\recvauth.obj" \
-	".\Debug\resolve.obj" \
-	".\Debug\rw.obj" \
-	".\Debug\save_credentials.obj" \
-	".\Debug\send_to_kdc.obj" \
-	".\Debug\sendauth.obj" \
-	".\Debug\stime.obj" \
-	".\Debug\str2key.obj" \
-	".\Debug\swab.obj" \
-	".\Debug\ticket_memory.obj" \
-	".\Debug\tkt_string.obj" \
-	".\Debug\unparse_name.obj" \
-	".\Debug\util.obj" \
-	".\Debug\verify_user.obj"
-
-".\Debug\krb.dll" : "$(OUTDIR)" $(DEF_FILE) $(LINK32_OBJS)
-    $(LINK32) @<<
-  $(LINK32_FLAGS) $(LINK32_OBJS)
-<<
-
-!ENDIF 
-
-.c{$(CPP_OBJS)}.obj:
-   $(CPP) $(CPP_PROJ) $<  
-
-.cpp{$(CPP_OBJS)}.obj:
-   $(CPP) $(CPP_PROJ) $<  
-
-.cxx{$(CPP_OBJS)}.obj:
-   $(CPP) $(CPP_PROJ) $<  
-
-.c{$(CPP_SBRS)}.sbr:
-   $(CPP) $(CPP_PROJ) $<  
-
-.cpp{$(CPP_SBRS)}.sbr:
-   $(CPP) $(CPP_PROJ) $<  
-
-.cxx{$(CPP_SBRS)}.sbr:
-   $(CPP) $(CPP_PROJ) $<  
-
-################################################################################
-# Begin Target
-
-# Name "krb - Win32 Release"
-# Name "krb - Win32 Debug"
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-!ENDIF 
-
-################################################################################
-# Begin Source File
-
-SOURCE=.\krb.def
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\get_tf_fullname.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_GET_T=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\get_tf_fullname.obj" : $(SOURCE) $(DEP_CPP_GET_T) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_GET_T=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\get_tf_fullname.obj" : $(SOURCE) $(DEP_CPP_GET_T) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\cr_err_reply.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_CR_ER=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\cr_err_reply.obj" : $(SOURCE) $(DEP_CPP_CR_ER) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_CR_ER=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\cr_err_reply.obj" : $(SOURCE) $(DEP_CPP_CR_ER) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\create_auth_reply.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_CREAT=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\create_auth_reply.obj" : $(SOURCE) $(DEP_CPP_CREAT) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_CREAT=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\create_auth_reply.obj" : $(SOURCE) $(DEP_CPP_CREAT) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\create_ciph.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_CREATE=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\create_ciph.obj" : $(SOURCE) $(DEP_CPP_CREATE) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_CREATE=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\create_ciph.obj" : $(SOURCE) $(DEP_CPP_CREATE) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\create_ticket.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_CREATE_=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\create_ticket.obj" : $(SOURCE) $(DEP_CPP_CREATE_) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_CREATE_=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\create_ticket.obj" : $(SOURCE) $(DEP_CPP_CREATE_) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\decomp_ticket.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_DECOM=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\decomp_ticket.obj" : $(SOURCE) $(DEP_CPP_DECOM) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_DECOM=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\decomp_ticket.obj" : $(SOURCE) $(DEP_CPP_DECOM) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\dllmain.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_DLLMA=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	".\ticket_memory.h"\
-	
-
-".\Release\dllmain.obj" : $(SOURCE) $(DEP_CPP_DLLMA) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_DLLMA=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	".\ticket_memory.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\dllmain.obj" : $(SOURCE) $(DEP_CPP_DLLMA) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\encrypt_ktext.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_ENCRY=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\encrypt_ktext.obj" : $(SOURCE) $(DEP_CPP_ENCRY) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_ENCRY=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\encrypt_ktext.obj" : $(SOURCE) $(DEP_CPP_ENCRY) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\et_list.c
-DEP_CPP_ET_LI=\
-	"..\..\include\win32\config.h"\
-	
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-
-".\Release\et_list.obj" : $(SOURCE) $(DEP_CPP_ET_LI) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-
-".\Debug\et_list.obj" : $(SOURCE) $(DEP_CPP_ET_LI) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\get_ad_tkt.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_GET_A=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\get_ad_tkt.obj" : $(SOURCE) $(DEP_CPP_GET_A) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_GET_A=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\get_ad_tkt.obj" : $(SOURCE) $(DEP_CPP_GET_A) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\get_cred.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_GET_C=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\get_cred.obj" : $(SOURCE) $(DEP_CPP_GET_C) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_GET_C=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\get_cred.obj" : $(SOURCE) $(DEP_CPP_GET_C) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\get_default_principal.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_GET_D=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\get_default_principal.obj" : $(SOURCE) $(DEP_CPP_GET_D) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_GET_D=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\get_default_principal.obj" : $(SOURCE) $(DEP_CPP_GET_D) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\get_host.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_GET_H=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\get_host.obj" : $(SOURCE) $(DEP_CPP_GET_H) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_GET_H=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\get_host.obj" : $(SOURCE) $(DEP_CPP_GET_H) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\get_in_tkt.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_GET_I=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\get_in_tkt.obj" : $(SOURCE) $(DEP_CPP_GET_I) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_GET_I=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\get_in_tkt.obj" : $(SOURCE) $(DEP_CPP_GET_I) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\get_krbrlm.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_GET_K=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\get_krbrlm.obj" : $(SOURCE) $(DEP_CPP_GET_K) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_GET_K=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\get_krbrlm.obj" : $(SOURCE) $(DEP_CPP_GET_K) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\get_phos
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\get_svc_in_tkt.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_GET_S=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\get_svc_in_tkt.obj" : $(SOURCE) $(DEP_CPP_GET_S) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_GET_S=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\get_svc_in_tkt.obj" : $(SOURCE) $(DEP_CPP_GET_S) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\get_phost.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_GET_P=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\get_phost.obj" : $(SOURCE) $(DEP_CPP_GET_P) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_GET_P=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\get_phost.obj" : $(SOURCE) $(DEP_CPP_GET_P) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\krb_equiv.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_KRB_E=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\krb_equiv.obj" : $(SOURCE) $(DEP_CPP_KRB_E) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_KRB_E=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\krb_equiv.obj" : $(SOURCE) $(DEP_CPP_KRB_E) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\getaddrs.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_GETAD=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\getaddrs.obj" : $(SOURCE) $(DEP_CPP_GETAD) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_GETAD=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\getaddrs.obj" : $(SOURCE) $(DEP_CPP_GETAD) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\getrealm.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_GETRE=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\getrealm.obj" : $(SOURCE) $(DEP_CPP_GETRE) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_GETRE=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\getrealm.obj" : $(SOURCE) $(DEP_CPP_GETRE) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\getst.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_GETST=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\getst.obj" : $(SOURCE) $(DEP_CPP_GETST) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_GETST=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\getst.obj" : $(SOURCE) $(DEP_CPP_GETST) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\k_flock.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_K_FLO=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\k_flock.obj" : $(SOURCE) $(DEP_CPP_K_FLO) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_K_FLO=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\k_flock.obj" : $(SOURCE) $(DEP_CPP_K_FLO) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\k_gethostname.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_K_GET=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\k_gethostname.obj" : $(SOURCE) $(DEP_CPP_K_GET) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_K_GET=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\k_gethostname.obj" : $(SOURCE) $(DEP_CPP_K_GET) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\k_getport.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_K_GETP=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\k_getport.obj" : $(SOURCE) $(DEP_CPP_K_GETP) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_K_GETP=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\k_getport.obj" : $(SOURCE) $(DEP_CPP_K_GETP) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\k_getsockinst.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_K_GETS=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\k_getsockinst.obj" : $(SOURCE) $(DEP_CPP_K_GETS) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_K_GETS=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\k_getsockinst.obj" : $(SOURCE) $(DEP_CPP_K_GETS) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\k_localtime.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_K_LOC=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\k_localtime.obj" : $(SOURCE) $(DEP_CPP_K_LOC) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_K_LOC=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\k_localtime.obj" : $(SOURCE) $(DEP_CPP_K_LOC) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\kdc_reply.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_KDC_R=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\kdc_reply.obj" : $(SOURCE) $(DEP_CPP_KDC_R) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_KDC_R=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\kdc_reply.obj" : $(SOURCE) $(DEP_CPP_KDC_R) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\kntoln.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_KNTOL=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Release\kntoln.obj" : $(SOURCE) $(DEP_CPP_KNTOL) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_KNTOL=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\kntoln.obj" : $(SOURCE) $(DEP_CPP_KNTOL) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\krb_check_auth.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_KRB_C=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\krb_check_auth.obj" : $(SOURCE) $(DEP_CPP_KRB_C) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_KRB_C=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\krb_check_auth.obj" : $(SOURCE) $(DEP_CPP_KRB_C) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\get_tf_realm.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_GET_TF=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\get_tf_realm.obj" : $(SOURCE) $(DEP_CPP_GET_TF) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_GET_TF=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\get_tf_realm.obj" : $(SOURCE) $(DEP_CPP_GET_TF) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\rd_safe.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_RD_SA=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	".\lsb_addr_comp.h"\
-	
-
-".\Release\rd_safe.obj" : $(SOURCE) $(DEP_CPP_RD_SA) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_RD_SA=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\lsb_addr_comp.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\rd_safe.obj" : $(SOURCE) $(DEP_CPP_RD_SA) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\krb_get_in_tkt.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_KRB_G=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\krb_get_in_tkt.obj" : $(SOURCE) $(DEP_CPP_KRB_G) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_KRB_G=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\krb_get_in_tkt.obj" : $(SOURCE) $(DEP_CPP_KRB_G) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\lifetime.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_LIFET=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\lifetime.obj" : $(SOURCE) $(DEP_CPP_LIFET) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_LIFET=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\lifetime.obj" : $(SOURCE) $(DEP_CPP_LIFET) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\lsb_addr_comp.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_LSB_A=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	".\lsb_addr_comp.h"\
-	
-
-".\Release\lsb_addr_comp.obj" : $(SOURCE) $(DEP_CPP_LSB_A) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_LSB_A=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\lsb_addr_comp.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\lsb_addr_comp.obj" : $(SOURCE) $(DEP_CPP_LSB_A) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\mk_auth.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_MK_AU=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\mk_auth.obj" : $(SOURCE) $(DEP_CPP_MK_AU) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_MK_AU=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\mk_auth.obj" : $(SOURCE) $(DEP_CPP_MK_AU) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\mk_err.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_MK_ER=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\mk_err.obj" : $(SOURCE) $(DEP_CPP_MK_ER) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_MK_ER=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\mk_err.obj" : $(SOURCE) $(DEP_CPP_MK_ER) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\mk_priv.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_MK_PR=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	".\lsb_addr_comp.h"\
-	
-
-".\Release\mk_priv.obj" : $(SOURCE) $(DEP_CPP_MK_PR) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_MK_PR=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\lsb_addr_comp.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\mk_priv.obj" : $(SOURCE) $(DEP_CPP_MK_PR) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\mk_req.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_MK_RE=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\mk_req.obj" : $(SOURCE) $(DEP_CPP_MK_RE) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_MK_RE=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\mk_req.obj" : $(SOURCE) $(DEP_CPP_MK_RE) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\mk_safe.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_MK_SA=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	".\lsb_addr_comp.h"\
-	
-
-".\Release\mk_safe.obj" : $(SOURCE) $(DEP_CPP_MK_SA) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_MK_SA=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\lsb_addr_comp.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\mk_safe.obj" : $(SOURCE) $(DEP_CPP_MK_SA) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\month_sname.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_MONTH=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\month_sname.obj" : $(SOURCE) $(DEP_CPP_MONTH) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_MONTH=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\month_sname.obj" : $(SOURCE) $(DEP_CPP_MONTH) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\name2name.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_NAME2=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\name2name.obj" : $(SOURCE) $(DEP_CPP_NAME2) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_NAME2=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\name2name.obj" : $(SOURCE) $(DEP_CPP_NAME2) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\netread.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_NETRE=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\netread.obj" : $(SOURCE) $(DEP_CPP_NETRE) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_NETRE=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\netread.obj" : $(SOURCE) $(DEP_CPP_NETRE) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\netwrite.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_NETWR=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\netwrite.obj" : $(SOURCE) $(DEP_CPP_NETWR) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_NETWR=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\netwrite.obj" : $(SOURCE) $(DEP_CPP_NETWR) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\one.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-
-".\Release\one.obj" : $(SOURCE) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-
-".\Debug\one.obj" : $(SOURCE) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\parse_name.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_PARSE=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\parse_name.obj" : $(SOURCE) $(DEP_CPP_PARSE) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_PARSE=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\parse_name.obj" : $(SOURCE) $(DEP_CPP_PARSE) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\rd_err.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_RD_ER=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\rd_err.obj" : $(SOURCE) $(DEP_CPP_RD_ER) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_RD_ER=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\rd_err.obj" : $(SOURCE) $(DEP_CPP_RD_ER) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\rd_priv.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_RD_PR=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	".\lsb_addr_comp.h"\
-	
-
-".\Release\rd_priv.obj" : $(SOURCE) $(DEP_CPP_RD_PR) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_RD_PR=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\lsb_addr_comp.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\rd_priv.obj" : $(SOURCE) $(DEP_CPP_RD_PR) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\rd_req.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_RD_RE=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\rd_req.obj" : $(SOURCE) $(DEP_CPP_RD_RE) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_RD_RE=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\rd_req.obj" : $(SOURCE) $(DEP_CPP_RD_RE) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\krb_err_txt.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_KRB_ER=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\krb_err_txt.obj" : $(SOURCE) $(DEP_CPP_KRB_ER) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_KRB_ER=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\krb_err_txt.obj" : $(SOURCE) $(DEP_CPP_KRB_ER) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\send_to_kdc.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_SEND_=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\send_to_kdc.obj" : $(SOURCE) $(DEP_CPP_SEND_) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_SEND_=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\send_to_kdc.obj" : $(SOURCE) $(DEP_CPP_SEND_) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\realm_parse.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_REALM=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\realm_parse.obj" : $(SOURCE) $(DEP_CPP_REALM) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_REALM=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\realm_parse.obj" : $(SOURCE) $(DEP_CPP_REALM) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\recvauth.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_RECVA=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\recvauth.obj" : $(SOURCE) $(DEP_CPP_RECVA) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_RECVA=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\recvauth.obj" : $(SOURCE) $(DEP_CPP_RECVA) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\resolve.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_RESOL=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	".\resolve.h"\
-	
-
-".\Release\resolve.obj" : $(SOURCE) $(DEP_CPP_RESOL) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_RESOL=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\resolve.obj" : $(SOURCE) $(DEP_CPP_RESOL) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\rw.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_RW_C68=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\version.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\rw.obj" : $(SOURCE) $(DEP_CPP_RW_C68) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_RW_C68=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\des\version.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\rw.obj" : $(SOURCE) $(DEP_CPP_RW_C68) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\save_credentials.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_SAVE_=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\save_credentials.obj" : $(SOURCE) $(DEP_CPP_SAVE_) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_SAVE_=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\save_credentials.obj" : $(SOURCE) $(DEP_CPP_SAVE_) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\read_service_key.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_READ_=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\read_service_key.obj" : $(SOURCE) $(DEP_CPP_READ_) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_READ_=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\read_service_key.obj" : $(SOURCE) $(DEP_CPP_READ_) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\verify_user.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_VERIF=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\verify_user.obj" : $(SOURCE) $(DEP_CPP_VERIF) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_VERIF=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\verify_user.obj" : $(SOURCE) $(DEP_CPP_VERIF) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\stime.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_STIME=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\stime.obj" : $(SOURCE) $(DEP_CPP_STIME) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_STIME=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\stime.obj" : $(SOURCE) $(DEP_CPP_STIME) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\swab.c
-DEP_CPP_SWAB_=\
-	"..\..\include\win32\config.h"\
-	
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-
-".\Release\swab.obj" : $(SOURCE) $(DEP_CPP_SWAB_) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-
-".\Debug\swab.obj" : $(SOURCE) $(DEP_CPP_SWAB_) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\ticket_memory.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_TICKE=\
-	".\krb_locl.h"\
-	".\ticket_memory.h"\
-	
-
-".\Release\ticket_memory.obj" : $(SOURCE) $(DEP_CPP_TICKE) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_TICKE=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	".\ticket_memory.h"\
-	
-
-".\Debug\ticket_memory.obj" : $(SOURCE) $(DEP_CPP_TICKE) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\tkt_string.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_TKT_S=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\tkt_string.obj" : $(SOURCE) $(DEP_CPP_TKT_S) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_TKT_S=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\tkt_string.obj" : $(SOURCE) $(DEP_CPP_TKT_S) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\unparse_name.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_UNPAR=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\unparse_name.obj" : $(SOURCE) $(DEP_CPP_UNPAR) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_UNPAR=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\unparse_name.obj" : $(SOURCE) $(DEP_CPP_UNPAR) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\util.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_UTIL_=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\util.obj" : $(SOURCE) $(DEP_CPP_UTIL_) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_UTIL_=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\util.obj" : $(SOURCE) $(DEP_CPP_UTIL_) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\sendauth.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_SENDA=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\sendauth.obj" : $(SOURCE) $(DEP_CPP_SENDA) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_SENDA=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\sendauth.obj" : $(SOURCE) $(DEP_CPP_SENDA) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\logging.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_LOGGI=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\klog.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\logging.obj" : $(SOURCE) $(DEP_CPP_LOGGI) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_LOGGI=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\klog.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\logging.obj" : $(SOURCE) $(DEP_CPP_LOGGI) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\str2key.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_STR2K=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\str2key.obj" : $(SOURCE) $(DEP_CPP_STR2K) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_STR2K=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\str2key.obj" : $(SOURCE) $(DEP_CPP_STR2K) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\debug_decl.c
-
-!IF  "$(CFG)" == "krb - Win32 Release"
-
-DEP_CPP_DEBUG=\
-	"..\..\include\protos.h"\
-	"..\..\include\win32\config.h"\
-	".\krb_locl.h"\
-	
-
-".\Release\debug_decl.obj" : $(SOURCE) $(DEP_CPP_DEBUG) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "krb - Win32 Debug"
-
-DEP_CPP_DEBUG=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\roken\roken.h"\
-	".\krb.h"\
-	".\krb_locl.h"\
-	".\prot.h"\
-	".\resolve.h"\
-	{$(INCLUDE)}"\sys\STAT.H"\
-	{$(INCLUDE)}"\sys\TYPES.H"\
-	
-
-".\Debug\debug_decl.obj" : $(SOURCE) $(DEP_CPP_DEBUG) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-# End Target
-# End Project
-################################################################################
diff --git a/crypto/kerberosIV/lib/krb/krb_check_auth.c b/crypto/kerberosIV/lib/krb/krb_check_auth.c
deleted file mode 100644
index 8bddbf55739b..000000000000
--- a/crypto/kerberosIV/lib/krb/krb_check_auth.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: krb_check_auth.c,v 1.4 1997/04/01 08:18:33 joda Exp $");
-
-/*
- *
- * Receive an mutual-authenticator for a server in `packet', with
- * `checksum', `session', and `schedule' having the appropriate values
- * and return the data in `msg_data'.
- *
- * Return KSUCCESS if the received checksum is correct.
- *
- */
-
-int
-krb_check_auth(KTEXT packet,
-	       u_int32_t checksum,
-	       MSG_DAT *msg_data,
-	       des_cblock *session,
-	       struct des_ks_struct *schedule,
-	       struct sockaddr_in *laddr,
-	       struct sockaddr_in *faddr)
-{
-  int ret;
-  u_int32_t checksum2;
-
-  ret = krb_rd_priv (packet->dat, packet->length, schedule, session, faddr,
-		     laddr, msg_data);
-  if (ret != RD_AP_OK)
-    return ret;
-  if (msg_data->app_length != 4)
-    return KFAILURE;
-  krb_get_int (msg_data->app_data, &checksum2, 4, 0);
-  if (checksum2 == checksum + 1)
-    return KSUCCESS;
-  else
-    return KFAILURE;
-}
diff --git a/crypto/kerberosIV/lib/krb/krb_equiv.c b/crypto/kerberosIV/lib/krb/krb_equiv.c
deleted file mode 100644
index 06f42f5ff61e..000000000000
--- a/crypto/kerberosIV/lib/krb/krb_equiv.c
+++ /dev/null
@@ -1,144 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/*
- * int krb_equiv(u_int32_t ipaddr_a, u_int32_t ipaddr_b);
- *
- * Given two IP adresses return true if they match
- * or are considered to belong to the same host.
- *
- * For example if /etc/krb.equiv looks like
- *
- *    130.237.223.3   192.16.126.3    # alv alv1
- *    130.237.223.4   192.16.126.4    # byse byse1
- *    130.237.228.152 192.16.126.9    # topsy topsy1
- *
- * krb_equiv(alv, alv1) would return true but
- * krb_equiv(alv, byse1) would not.
- *
- * A comment starts with an '#' and ends with '\n'.
- *
- */
-#include "krb_locl.h"
-
-RCSID("$Id: krb_equiv.c,v 1.13 1997/04/01 08:18:33 joda Exp $");
-
-int krb_ignore_ip_address = 0;
-
-int
-krb_equiv(u_int32_t a, u_int32_t b)
-{
-  FILE *fil;
-  char line[256];
-  int hit_a, hit_b;
-  int iscomment;
-  
-  if (a == b)			/* trivial match, also the common case */
-    return 1;
-  
-  if (krb_ignore_ip_address)
-    return 1;			/* if we have decided not to compare */
-
-  a = ntohl(a);
-  b = ntohl(b);
-
-  fil = fopen(KRB_EQUIV, "r");
-  if (fil == NULL)		/* open failed */
-    return 0;
-  
-  hit_a = hit_b = 0;
-  iscomment = 0;
-  while (fgets(line, sizeof(line)-1, fil) != NULL) /* for each line */
-    {
-      char *t = line;
-      int len = strlen(t);
-      
-      /* for each item on this line */
-      while (*t != 0)		/* more addresses on this line? */
-	if (*t == '\n') {
-	  iscomment = hit_a = hit_b = 0;
-	  break;
-	} else if (iscomment)
-	  t = line + len - 1;
-	else if (*t == '#') {		/* rest is comment */
-	  iscomment = 1;
-	  ++t;
-	} else if (*t == '\\' ) /* continuation */
-	  break;
-	else if (isspace(*t))	/* skip space */
-	  t++;
-	else if (isdigit(*t))	/* an address? */
-	  {
-	    u_int32_t tmp;
-	    u_int32_t tmpa, tmpb, tmpc, tmpd;
-	    
-	    sscanf(t, "%d.%d.%d.%d", &tmpa, &tmpb, &tmpc, &tmpd);
-	    tmp = (tmpa << 24) | (tmpb << 16) | (tmpc << 8) | tmpd;
-
-	    while (*t == '.' || isdigit(*t)) /* done with this address */
-	      t++;
-
-	    if (tmp != -1) {	/* an address (and not broadcast) */
-	      u_int32_t mask = (u_int32_t)~0;
-
-	      if (*t == '/') {
-		++t;
-		mask <<= 32 - atoi(t);
-
-		while(isdigit(*t))
-		  ++t;
-	      }
-
-	      if ((tmp & mask) == (a & mask))
-		hit_a = 1;
-	      if ((tmp & mask) == (b & mask))
-		hit_b = 1;
-	      if (hit_a && hit_b) {
-		fclose(fil);
-		return 1;
-	      }
-	    }
-	  }
-	else
-	  ++t;		/* garbage on this line, skip it */
-
-    }
-
-  fclose(fil);
-  return 0;
-}
diff --git a/crypto/kerberosIV/lib/krb/krb_err.et b/crypto/kerberosIV/lib/krb/krb_err.et
deleted file mode 100644
index 4e32aed5d102..000000000000
--- a/crypto/kerberosIV/lib/krb/krb_err.et
+++ /dev/null
@@ -1,257 +0,0 @@
-#	Copyright 1987,1988 Massachusetts Institute of Technology
-#
-#	For copying and distribution information, see the file
-#	"mit-copyright.h".
-# 
-#	$Id: krb_err.et,v 1.4 1996/10/27 13:30:28 bg Exp $
-#
-	error_table	krb
-
-	ec		KRBET_KSUCCESS,
-			"Kerberos successful"
-
-	ec		KRBET_KDC_NAME_EXP,
-			"Kerberos principal expired"
-
-	ec		KRBET_KDC_SERVICE_EXP,
-			"Kerberos service expired"
-
-	ec		KRBET_KDC_AUTH_EXP,
-			"Kerberos auth expired"
-
-	ec		KRBET_KDC_PKT_VER,
-			"Incorrect kerberos master key version"
-
-	ec		KRBET_KDC_P_MKEY_VER,
-			"Incorrect kerberos master key version"
-
-	ec		KRBET_KDC_S_MKEY_VER,
-			"Incorrect kerberos master key version"
-
-	ec		KRBET_KDC_BYTE_ORDER,
-			"Kerberos error: byte order unknown"
-
-	ec		KRBET_KDC_PR_UNKNOWN,
-			"Kerberos principal unknown"
-
-	ec		KRBET_KDC_PR_N_UNIQUE,
-			"Kerberos principal not unique"
-
-	ec		KRBET_KDC_NULL_KEY,
-			"Kerberos principal has null key"
-
-	ec		KRBET_KRB_RES11,
-		        "Reserved 11"
-
-	ec		KRBET_KRB_RES12,
-		        "Reserved 12"
-  
-	ec		KRBET_KRB_RES13,
-		        "Reserved 13"
-
-	ec		KRBET_KRB_RES14,
-		        "Reserved 14"
-
-	ec		KRBET_KRB_RES15,
-		        "Reserved 15"
-
-	ec		KRBET_KRB_RES16,
-		        "Reserved 16"
-
-	ec		KRBET_KRB_RES17,
-		        "Reserved 17"
-
-	ec		KRBET_KRB_RES18,
-		        "Reserved 18"
-
-	ec		KRBET_KRB_RES19,
-		        "Reserved 19"
-
-	ec		KRBET_KDC_GEN_ERR,
-			"Generic error from Kerberos KDC"
-
-	ec		KRBET_GC_TKFIL,
-			"Can't read Kerberos ticket file"
-
-	ec		KRBET_GC_NOTKT,
-			"Can't find Kerberos ticket or TGT"
-
-	ec		KRBET_KRB_RES23,
-			"Reserved 23"
-
-	ec		KRBET_KRB_RES24,
-			"Reserved 24"
-
-	ec		KRBET_KRB_RES25,
-			"Reserved 25"
-
-	ec		KRBET_MK_AP_TGTEXP,
-			"Kerberos TGT Expired"
-
-	ec		KRBET_KRB_RES27,
-			"Reserved 27"
-
-	ec		KRBET_KRB_RES28,
-			"Reserved 28"
-
-	ec		KRBET_KRB_RES29,
-			"Reserved 29"
-
-	ec		KRBET_KRB_RES30,
-			"Reserved 30"
-
-	ec		KRBET_RD_AP_UNDEC,
-			"Kerberos error: Can't decode authenticator"
-
-	ec		KRBET_RD_AP_EXP,
-			"Kerberos ticket expired"
-
-	ec		KRBET_RD_AP_NYV,
-			"Kerberos ticket not yet valid"
-
-	ec		KRBET_RD_AP_REPEAT,
-			"Kerberos error: Repeated request"
-
-	ec		KRBET_RD_AP_NOT_US,
-			"The kerberos ticket isn't for us"
-
-	ec		KRBET_RD_AP_INCON,
-			"Kerberos request inconsistent"
-
-	ec		KRBET_RD_AP_TIME,
-			"Kerberos error: delta_t too big"
-
-	ec		KRBET_RD_AP_BADD,
-			"Kerberos error: incorrect net address"
-
-	ec		KRBET_RD_AP_VERSION,
-			"Kerberos protocol version mismatch"
-
-	ec		KRBET_RD_AP_MSG_TYPE,
-			"Kerberos error: invalid msg type"
-
-	ec		KRBET_RD_AP_MODIFIED,
-			"Kerberos error: message stream modified"
-
-	ec		KRBET_RD_AP_ORDER,
-			"Kerberos error: message out of order"
-
-	ec		KRBET_RD_AP_UNAUTHOR,
-			"Kerberos error: unauthorized request"
-
-	ec		KRBET_KRB_RES44,
-			"Reserved 44"
-
-	ec		KRBET_KRB_RES45,
-			"Reserved 45"
-
-	ec		KRBET_KRB_RES46,
-			"Reserved 46"
-
-	ec		KRBET_KRB_RES47,
-			"Reserved 47"
-
-	ec		KRBET_KRB_RES48,
-			"Reserved 48"
-
-	ec		KRBET_KRB_RES49,
-			"Reserved 49"
-
-	ec		KRBET_KRB_RES50,
-			"Reserved 50"
-
-	ec		KRBET_GT_PW_NULL,
-			"Kerberos error: current PW is null"
-
-	ec		KRBET_GT_PW_BADPW,
-			"Kerberos error: Incorrect current password"
-
-	ec		KRBET_GT_PW_PROT,
-			"Kerberos protocol error"
-
-	ec		KRBET_GT_PW_KDCERR,
-			"Error returned by Kerberos KDC"
-
-	ec		KRBET_GT_PW_NULLTKT,
-			"Null Kerberos ticket returned by KDC"
-
-	ec		KRBET_SKDC_RETRY,
-			"Kerberos error: Retry count exceeded"
-
-	ec		KRBET_SKDC_CANT,
-			"Kerberos error: Can't send request"
-
-	ec		KRBET_KRB_RES58,
-			"Reserved 58"
-
-	ec		KRBET_KRB_RES59,
-			"Reserved 59"
-
-	ec		KRBET_KRB_RES60,
-			"Reserved 60"
-
-	ec		KRBET_INTK_W_NOTALL,
-			"Kerberos error: not all tickets returned"
-
-	ec		KRBET_INTK_BADPW,
-			"Kerberos error: incorrect password"
-
-	ec		KRBET_INTK_PROT,
-			"Kerberos error: Protocol Error"
-
-	ec		KRBET_KRB_RES64,
-			"Reserved 64"
-
-	ec		KRBET_KRB_RES65,
-			"Reserved 65"
-
-	ec		KRBET_KRB_RES66,
-			"Reserved 66"
-
-	ec		KRBET_KRB_RES67,
-			"Reserved 67"
-
-	ec		KRBET_KRB_RES68,
-			"Reserved 68"
-
-	ec		KRBET_KRB_RES69,
-			"Reserved 69"
-
-	ec		KRBET_INTK_ERR,
-			"Other error"
-
-	ec		KRBET_AD_NOTGT,
-			"Don't have Kerberos ticket-granting ticket"
-
-	ec		KRBET_KRB_RES72,
-			"Can't get Kerberos inter-realm ticket-granting ticket"
-
-	ec		KRBET_KRB_RES73,
-			"Reserved 73"
-
-	ec		KRBET_KRB_RES74,
-			"Reserved 74"
-
-	ec		KRBET_KRB_RES75,
-			"Reserved 75"
-
-	ec		KRBET_NO_TKT_FIL,
-			"No ticket file found"
-
-	ec		KRBET_TKT_FIL_ACC,
-			"Couldn't access ticket file"
-
-	ec		KRBET_TKT_FIL_LCK,
-			"Couldn't lock ticket file"
-
-	ec		KRBET_TKT_FIL_FMT,
-			"Bad ticket file format"
-
-	ec		KRBET_TKT_FIL_INI,
-			"tf_init not called first"
-
-	ec		KRBET_KNAME_FMT,
-			"Bad Kerberos name format"
-
-	end
-
diff --git a/crypto/kerberosIV/lib/krb/krb_err_txt.c b/crypto/kerberosIV/lib/krb/krb_err_txt.c
deleted file mode 100644
index 161aa0ffcca6..000000000000
--- a/crypto/kerberosIV/lib/krb/krb_err_txt.c
+++ /dev/null
@@ -1,299 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-#include "krb_locl.h"
-
-RCSID("$Id: krb_err_txt.c,v 1.12 1997/04/02 05:37:10 joda Exp $");
-
-/*
- * This file contains an array of error text strings.
- * The associated error codes (which are defined in "krb.h")
- * follow the string in the comments at the end of each line.
- */
-
-const char *krb_err_txt[256] = {
-  "OK",							/* 000 */
-  "Principal expired (kerberos)",			/* 001 */
-  "Service expired (kerberos)",				/* 002 */
-  "Authentication expired (kerberos)",			/* 003 */
-  "Unknown protocol version number (kerberos)", 	/* 004 */
-  "Principal: Incorrect master key version (kerberos)", /* 005 */
-  "Service: Incorrect master key version (kerberos)",   /* 006 */
-  "Bad byte order (kerberos)",				/* 007 */
-  "Principal unknown (kerberos)",			/* 008 */
-  "Principal not unique (kerberos)",			/* 009 */
-  "Principal has null key (kerberos)",			/* 010 */
-  "Timeout in request (kerberos)",			/* 011 */
-  "Reserved error message 12 (kerberos)",		/* 012 */
-  "Reserved error message 13 (kerberos)",		/* 013 */
-  "Reserved error message 14 (kerberos)",		/* 014 */
-  "Reserved error message 15 (kerberos)",		/* 015 */
-  "Reserved error message 16 (kerberos)",		/* 016 */
-  "Reserved error message 17 (kerberos)",		/* 017 */
-  "Reserved error message 18 (kerberos)",		/* 018 */
-  "Reserved error message 19 (kerberos)",		/* 019 */
-  "Permission Denied (kerberos)",			/* 020 */
-  "Can't read ticket file (krb_get_cred)",		/* 021 */
-  "Can't find ticket (krb_get_cred)",			/* 022 */
-  "Reserved error message 23 (krb_get_cred)",		/* 023 */
-  "Reserved error message 24 (krb_get_cred)",		/* 024 */
-  "Reserved error message 25 (krb_get_cred)",		/* 025 */
-  "Ticket granting ticket expired (krb_mk_req)",	/* 026 */
-  "Reserved error message 27 (krb_mk_req)",		/* 027 */
-  "Reserved error message 28 (krb_mk_req)",		/* 028 */
-  "Reserved error message 29 (krb_mk_req)",		/* 029 */
-  "Reserved error message 30 (krb_mk_req)",		/* 030 */
-  "Can't decode authenticator (krb_rd_req)",		/* 031 */
-  "Ticket expired (krb_rd_req)",			/* 032 */
-  "Ticket issue date too far in the future (krb_rd_req)",/* 033 */
-  "Repeat request (krb_rd_req)",			/* 034 */
-  "Ticket for wrong server (krb_rd_req)",		/* 035 */
-  "Request inconsistent (krb_rd_req)",			/* 036 */
-  "Time is out of bounds (krb_rd_req)",			/* 037 */
-  "Incorrect network address (krb_rd_req)",		/* 038 */
-  "Protocol version mismatch (krb_rd_req)",		/* 039 */
-  "Illegal message type (krb_rd_req)",			/* 040 */
-  "Message integrity error (krb_rd_req)",		/* 041 */
-  "Message duplicate or out of order (krb_rd_req)",	/* 042 */
-  "Unauthorized request (krb_rd_req)",			/* 043 */
-  "Reserved error message 44 (krb_rd_req)",		/* 044 */
-  "Reserved error message 45 (krb_rd_req)",		/* 045 */
-  "Reserved error message 46 (krb_rd_req)",		/* 046 */
-  "Reserved error message 47 (krb_rd_req)",		/* 047 */
-  "Reserved error message 48 (krb_rd_req)",		/* 048 */
-  "Reserved error message 49 (krb_rd_req)",		/* 049 */
-  "Reserved error message 50 (krb_rd_req)",		/* 050 */
-  "Current password is NULL (get_pw_tkt)",		/* 051 */
-  "Current password incorrect (get_pw_tkt)",		/* 052 */
-  "Protocol error (gt_pw_tkt)",				/* 053 */
-  "Error returned by KDC (gt_pw_tkt)",			/* 054 */
-  "Null ticket returned by KDC (gt_pw_tkt)",		/* 055 */
-  "Retry count exceeded (send_to_kdc)",			/* 056 */
-  "Can't send request (send_to_kdc)",			/* 057 */
-  "Reserved error message 58 (send_to_kdc)",		/* 058 */
-  "Reserved error message 59 (send_to_kdc)",		/* 059 */
-  "Reserved error message 60 (send_to_kdc)",		/* 060 */
-  "Warning: Not ALL tickets returned",			/* 061 */
-  "Password incorrect",					/* 062 */
-  "Protocol error (get_in_tkt)",			/* 063 */
-  "Reserved error message 64 (get_in_tkt)",		/* 064 */
-  "Reserved error message 65 (get_in_tkt)",		/* 065 */
-  "Reserved error message 66 (get_in_tkt)",		/* 066 */
-  "Reserved error message 67 (get_in_tkt)",		/* 067 */
-  "Reserved error message 68 (get_in_tkt)",		/* 068 */
-  "Reserved error message 69 (get_in_tkt)",		/* 069 */
-  "Generic error (get_in_tkt)(can't write ticket file)", /* 070 */
-  "Don't have ticket granting ticket (get_ad_tkt)",	/* 071 */
-  "Can't get inter-realm ticket granting ticket (get_ad_tkt)",	/* 072 */
-  "Reserved error message 73 (get_ad_tkt)",		/* 073 */
-  "Reserved error message 74 (get_ad_tkt)",		/* 074 */
-  "Reserved error message 75 (get_ad_tkt)",		/* 075 */
-  "No ticket file (tf_util)",				/* 076 */
-  "Can't access ticket file (tf_util)",			/* 077 */
-  "Can't lock ticket file; try later (tf_util)",	/* 078 */
-  "Bad ticket file format (tf_util)",			/* 079 */
-  "Read ticket file before tf_init (tf_util)",		/* 080 */
-  "Bad Kerberos name format (kname_parse)",		/* 081 */
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "Generic kerberos error (kfailure)",			/* 255 */
-};
-
-static const char err_failure[] = "Illegal error code passed (krb_get_err_text)";
-
-const char *
-krb_get_err_text(int code)
-{
-  if(code < 0 || code >= MAX_KRB_ERRORS)
-    return err_failure;
-  return krb_err_txt[code];
-}
diff --git a/crypto/kerberosIV/lib/krb/krb_get_in_tkt.c b/crypto/kerberosIV/lib/krb/krb_get_in_tkt.c
deleted file mode 100644
index d3e6cc171a70..000000000000
--- a/crypto/kerberosIV/lib/krb/krb_get_in_tkt.c
+++ /dev/null
@@ -1,175 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: krb_get_in_tkt.c,v 1.20 1997/04/01 08:18:34 joda Exp $");
-
-/*
- * decrypt_tkt(): Given user, instance, realm, passwd, key_proc
- * and the cipher text sent from the KDC, decrypt the cipher text
- * using the key returned by key_proc.
- */
-
-static int
-decrypt_tkt(char *user, char *instance, char *realm,
-	    void *arg, key_proc_t key_proc, KTEXT *cip)
-{
-    des_cblock key;		/* Key for decrypting cipher */
-    int ret;
-
-    ret = key_proc(user, instance, realm, arg, &key);
-    if (ret != 0)
-	return ret;
-    
-    encrypt_ktext(*cip, &key, DES_DECRYPT);
-
-    memset(&key, 0, sizeof(key));
-    return 0;
-}
-
-/*
- * krb_get_in_tkt() gets a ticket for a given principal to use a given
- * service and stores the returned ticket and session key for future
- * use.
- *
- * The "user", "instance", and "realm" arguments give the identity of
- * the client who will use the ticket.  The "service" and "sinstance"
- * arguments give the identity of the server that the client wishes
- * to use.  (The realm of the server is the same as the Kerberos server
- * to whom the request is sent.)  The "life" argument indicates the
- * desired lifetime of the ticket; the "key_proc" argument is a pointer
- * to the routine used for getting the client's private key to decrypt
- * the reply from Kerberos.  The "decrypt_proc" argument is a pointer
- * to the routine used to decrypt the reply from Kerberos; and "arg"
- * is an argument to be passed on to the "key_proc" routine.
- *
- * If all goes well, krb_get_in_tkt() returns INTK_OK, otherwise it
- * returns an error code:  If an AUTH_MSG_ERR_REPLY packet is returned
- * by Kerberos, then the error code it contains is returned.  Other
- * error codes returned by this routine include INTK_PROT to indicate
- * wrong protocol version, INTK_BADPW to indicate bad password (if
- * decrypted ticket didn't make sense), INTK_ERR if the ticket was for
- * the wrong server or the ticket store couldn't be initialized.
- *
- * The format of the message sent to Kerberos is as follows:
- *
- * Size			Variable		Field
- * ----			--------		-----
- *
- * 1 byte		KRB_PROT_VERSION	protocol version number
- * 1 byte		AUTH_MSG_KDC_REQUEST |	message type
- *			HOST_BYTE_ORDER		local byte order in lsb
- * string		user			client's name
- * string		instance		client's instance
- * string		realm			client's realm
- * 4 bytes		tlocal.tv_sec		timestamp in seconds
- * 1 byte		life			desired lifetime
- * string		service			service's name
- * string		sinstance		service's instance
- */
-
-int
-krb_get_in_tkt(char *user, char *instance, char *realm, 
-	       char *service, char *sinstance, int life,
-	       key_proc_t key_proc, decrypt_proc_t decrypt_proc, void *arg)
-{
-    KTEXT_ST pkt_st;
-    KTEXT pkt = &pkt_st;	/* Packet to KDC */
-    KTEXT_ST rpkt_st;
-    KTEXT rpkt = &rpkt_st;	/* Returned packet */
-
-    int kerror;
-    struct timeval tv;
-
-    /* BUILD REQUEST PACKET */
-
-    unsigned char *p = pkt->dat;
-    
-    p += krb_put_int(KRB_PROT_VERSION, p, 1);
-    p += krb_put_int(AUTH_MSG_KDC_REQUEST, p, 1);
-
-    p += krb_put_nir(user, instance, realm, p);
-
-    gettimeofday(&tv, NULL);
-    p += krb_put_int(tv.tv_sec, p, 4);
-    p += krb_put_int(life, p, 1);
-
-    p += krb_put_nir(service, sinstance, NULL, p);
-
-    pkt->length = p - pkt->dat;
-
-    rpkt->length = 0;
-
-    /* SEND THE REQUEST AND RECEIVE THE RETURN PACKET */
-
-    if ((kerror = send_to_kdc(pkt, rpkt, realm))) return(kerror);
-    
-    p = rpkt->dat;
-    
-    {
-	CREDENTIALS cred;
-	KTEXT_ST cip;
-	KTEXT foo = &cip; /* braindamage */
-	
-	kerror = kdc_reply_cipher(rpkt, &cip);
-	if(kerror != KSUCCESS)
-	    return kerror;
-
-	if (decrypt_proc == NULL)
-	    decrypt_proc = decrypt_tkt;
-	(*decrypt_proc)(user, instance, realm, arg, key_proc, &foo);
-
-	kerror = kdc_reply_cred(&cip, &cred);
-	if(kerror != KSUCCESS)
-	    return kerror;
-	
-	if (strcmp(cred.service, service) || 
-	    strcmp(cred.instance, sinstance) ||
-	    strcmp(cred.realm, realm))	/* not what we asked for */
-	    return INTK_ERR;	/* we need a better code here XXX */
-
-	if (abs((int)(tv.tv_sec - cred.issue_date)) > CLOCK_SKEW) {
-	    return RD_AP_TIME; /* XXX should probably be better code */
-	}
-
-	/* initialize ticket cache */
-
-	return tf_setup(&cred, user, instance);
-    }
-}
diff --git a/crypto/kerberosIV/lib/krb/krb_locl.h b/crypto/kerberosIV/lib/krb/krb_locl.h
deleted file mode 100644
index 4475883188ea..000000000000
--- a/crypto/kerberosIV/lib/krb/krb_locl.h
+++ /dev/null
@@ -1,163 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* $Id: krb_locl.h,v 1.42 1997/05/20 18:40:45 bg Exp $ */
-
-#ifndef __krb_locl_h
-#define __krb_locl_h
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-
-#include "protos.h"
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <assert.h>
-#include <stdarg.h>
-
-#include <errno.h>
-
-#ifdef HAVE_PWD_H
-#include <pwd.h>
-#endif
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-
-#ifdef HAVE_IO_H
-#include <io.h>
-#endif
-
-#ifdef TIME_WITH_SYS_TIME
-#include <sys/time.h>
-#include <time.h>
-#elif defined(HAVE_SYS_TIME_H)
-#include <sys/time.h>
-#else
-#include <time.h>
-#endif
-
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-#ifdef HAVE_SYS_FILE_H
-#include <sys/file.h>
-#endif
-#ifdef HAVE_SYS_SELECT_H
-#include <sys/select.h>
-#endif
-
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-
-#ifdef HAVE_WINSOCK_H
-#include <winsock.h>
-#endif
-
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-#ifdef HAVE_NETDB_H
-#include <netdb.h>
-#endif
-
-#ifdef HAVE_ARPA_NAMESER_H
-#include <arpa/nameser.h>
-#endif
-#ifdef HAVE_RESOLV_H
-#include <resolv.h>
-#endif
-
-#ifdef SOCKS
-#include <socks.h>
-#endif
-
-#include <roken.h>
-
-#include <krb.h>
-#include <prot.h>
-
-#include "resolve.h"
-
-/* --- */
-
-/* Globals! */
-extern int krb_debug;
-extern int krb_ap_req_debug;
-
-/* Utils */
-int krb_name_to_name(const char *, char *, size_t);
-
-void encrypt_ktext(KTEXT cip, des_cblock *key, int encrypt);
-int kdc_reply_cred(KTEXT cip, CREDENTIALS *cred);
-int kdc_reply_cipher(KTEXT reply, KTEXT cip);
-
-#ifndef HAVE_GETTIMEOFDAY
-int gettimeofday (struct timeval *, void *);
-#endif
-
-void k_ricercar(char*);
-
-/* safe multiple strcat */
-int k_concat(char*, size_t, ...);
-int k_vconcat(char*, size_t, va_list);
-
-/* mallocing versions of the above */
-size_t k_vmconcat (char**, size_t, va_list); 
-size_t k_mconcat (char**, size_t, ...);
-
-/* used in rd_safe.c and mk_safe.c */
-
-void fixup_quad_cksum(void *start, size_t len, des_cblock *key, 
-		      void *new_checksum, void *old_checksum, int little);
-
-#endif /*  __krb_locl_h */
diff --git a/crypto/kerberosIV/lib/krb/kuserok.c b/crypto/kerberosIV/lib/krb/kuserok.c
deleted file mode 100644
index e3d5e6b9f9c5..000000000000
--- a/crypto/kerberosIV/lib/krb/kuserok.c
+++ /dev/null
@@ -1,156 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: kuserok.c,v 1.21 1997/04/01 08:18:35 joda Exp $");
-
-#define OK 0
-#define NOTOK 1
-#define MAX_USERNAME 10
-
-/* 
- * Given a Kerberos principal and a local username, determine whether
- * user is authorized to login according to the authorization file
- * ("~luser/.klogin" by default).  Returns OK if authorized, NOTOK if
- * not authorized.
- *
- * IMPORTANT CHANGE: To eliminate the need of making a distinction
- * between the 3 cases:
- *
- * 1. We can't verify that a .klogin file doesn't exist (no home dir).
- * 2. It's there but we aren't allowed to read it.
- * 3. We can read it and ~luser@LOCALREALM is (not) included.
- *
- * We instead make the assumption that luser@LOCALREALM is *always*
- * included. Thus it is impossible to have an empty .klogin file and
- * also to exclude luser@LOCALREALM from it. Root is treated differently
- * since it's home should always be available.
- *
- * OLD STRATEGY:
- * If there is no account for "luser" on the local machine, returns
- * NOTOK.  If there is no authorization file, and the given Kerberos
- * name "kdata" translates to the same name as "luser" (using
- * krb_kntoln()), returns OK.  Otherwise, if the authorization file
- * can't be accessed, returns NOTOK.  Otherwise, the file is read for
- * a matching principal name, instance, and realm.  If one is found,
- * returns OK, if none is found, returns NOTOK.
- *
- * The file entries are in the format:
- *
- *	name.instance@realm
- *
- * one entry per line.
- *
- */
-
-int
-krb_kuserok(char *name, char *instance, char *realm, char *luser)
-{
-    struct passwd *pwd;
-    char lrealm[REALM_SZ];
-    FILE *f;
-    char line[1024];
-    char file[MaxPathLen];
-    struct stat st;
-
-    pwd = getpwnam(luser);
-    if(pwd == NULL)
-	return NOTOK;
-    if(krb_get_lrealm(lrealm, 1))
-	return NOTOK;
-    if(pwd->pw_uid != 0 &&
-       strcmp(name, luser) == 0 &&
-       strcmp(instance, "") == 0 &&
-       strcmp(realm, lrealm) == 0)
-	return OK;
-    strcpy(file, pwd->pw_dir);
-    strcat(file, "/.klogin");
-
-    f = fopen(file, "r");
-    if(f == NULL)
-	return NOTOK;
-    
-    /* this is not a working test in filesystems like AFS and DFS */
-    if(fstat(fileno(f), &st) < 0){
-	fclose(f);
-	return NOTOK;
-    }
-    
-    if(st.st_uid != pwd->pw_uid){
-	fclose(f);
-	return NOTOK;
-    }
-    
-    while(fgets(line, sizeof(line), f)){
-	char fname[ANAME_SZ], finst[INST_SZ], frealm[REALM_SZ];
-	if(line[strlen(line) - 1] != '\n')
-	    /* read till end of line */
-	    while(1){
-		int c = fgetc(f);
-		if(c == '\n' || c == EOF)
-		    break;
-	    }
-	else
-	    line[strlen(line) - 1] = 0;
-	
-	if(kname_parse(fname, finst, frealm, line))
-	    continue;
-	if(strcmp(name, fname))
-	    continue;
-	if(strcmp(instance, finst))
-	    continue;
-	if(frealm[0] == 0)
-	    strcpy(frealm, lrealm);
-	if(strcmp(realm, frealm))
-	    continue;
-	fclose(f);
-	return OK;
-    }
-    fclose(f);
-    return NOTOK;
-}
-
-/* compatibility interface */
-
-int
-kuserok(AUTH_DAT *auth, char *luser)
-{
-    return krb_kuserok(auth->pname, auth->pinst, auth->prealm, luser);
-}
-
diff --git a/crypto/kerberosIV/lib/krb/lifetime.c b/crypto/kerberosIV/lib/krb/lifetime.c
deleted file mode 100644
index 1866996669cf..000000000000
--- a/crypto/kerberosIV/lib/krb/lifetime.c
+++ /dev/null
@@ -1,213 +0,0 @@
-/*
- * Ticket lifetime.  This defines the table used to lookup lifetime
- * for the fixed part of rande of the one byte lifetime field.  Values
- * less than 0x80 are intrpreted as the number of 5 minute intervals.
- * Values from 0x80 to 0xBF should be looked up in this table.  The
- * value of 0x80 is the same using both methods: 10 and two-thirds
- * hours .  The lifetime of 0xBF is 30 days.  The intervening values
- * of have a fixed ratio of roughly 1.06914.  The value 0xFF is
- * defined to mean a ticket has no expiration time.  This should be
- * used advisedly since individual servers may impose defacto
- * upperbounds on ticket lifetimes.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: lifetime.c,v 1.9 1997/05/02 14:29:18 assar Exp $");
-
-/* If you want to disable this feature */
-int krb_no_long_lifetimes = 0;
-
-#define TKTLIFENUMFIXED 64
-#define TKTLIFEMINFIXED 0x80
-#define TKTLIFEMAXFIXED 0xBF
-#define TKTLIFENOEXPIRE 0xFF
-#define MAXTKTLIFETIME	(30*24*3600)	/* 30 days */
-#ifndef NEVERDATE
-#define NEVERDATE ((unsigned long)0x7fffffffL)
-#endif
-
-static const int tkt_lifetimes[TKTLIFENUMFIXED] = {
-    38400,				/* 10.67 hours, 0.44 days */ 
-    41055,				/* 11.40 hours, 0.48 days */ 
-    43894,				/* 12.19 hours, 0.51 days */ 
-    46929,				/* 13.04 hours, 0.54 days */ 
-    50174,				/* 13.94 hours, 0.58 days */ 
-    53643,				/* 14.90 hours, 0.62 days */ 
-    57352,				/* 15.93 hours, 0.66 days */ 
-    61318,				/* 17.03 hours, 0.71 days */ 
-    65558,				/* 18.21 hours, 0.76 days */ 
-    70091,				/* 19.47 hours, 0.81 days */ 
-    74937,				/* 20.82 hours, 0.87 days */ 
-    80119,				/* 22.26 hours, 0.93 days */ 
-    85658,				/* 23.79 hours, 0.99 days */ 
-    91581,				/* 25.44 hours, 1.06 days */ 
-    97914,				/* 27.20 hours, 1.13 days */ 
-    104684,				/* 29.08 hours, 1.21 days */ 
-    111922,				/* 31.09 hours, 1.30 days */ 
-    119661,				/* 33.24 hours, 1.38 days */ 
-    127935,				/* 35.54 hours, 1.48 days */ 
-    136781,				/* 37.99 hours, 1.58 days */ 
-    146239,				/* 40.62 hours, 1.69 days */ 
-    156350,				/* 43.43 hours, 1.81 days */ 
-    167161,				/* 46.43 hours, 1.93 days */ 
-    178720,				/* 49.64 hours, 2.07 days */ 
-    191077,				/* 53.08 hours, 2.21 days */ 
-    204289,				/* 56.75 hours, 2.36 days */ 
-    218415,				/* 60.67 hours, 2.53 days */ 
-    233517,				/* 64.87 hours, 2.70 days */ 
-    249664,				/* 69.35 hours, 2.89 days */ 
-    266926,				/* 74.15 hours, 3.09 days */ 
-    285383,				/* 79.27 hours, 3.30 days */ 
-    305116,				/* 84.75 hours, 3.53 days */ 
-    326213,				/* 90.61 hours, 3.78 days */ 
-    348769,				/* 96.88 hours, 4.04 days */ 
-    372885,				/* 103.58 hours, 4.32 days */ 
-    398668,				/* 110.74 hours, 4.61 days */ 
-    426234,				/* 118.40 hours, 4.93 days */ 
-    455705,				/* 126.58 hours, 5.27 days */ 
-    487215,				/* 135.34 hours, 5.64 days */ 
-    520904,				/* 144.70 hours, 6.03 days */ 
-    556921,				/* 154.70 hours, 6.45 days */ 
-    595430,				/* 165.40 hours, 6.89 days */ 
-    636601,				/* 176.83 hours, 7.37 days */ 
-    680618,				/* 189.06 hours, 7.88 days */ 
-    727680,				/* 202.13 hours, 8.42 days */ 
-    777995,				/* 216.11 hours, 9.00 days */ 
-    831789,				/* 231.05 hours, 9.63 days */ 
-    889303,				/* 247.03 hours, 10.29 days */ 
-    950794,				/* 264.11 hours, 11.00 days */ 
-    1016537,				/* 282.37 hours, 11.77 days */ 
-    1086825,				/* 301.90 hours, 12.58 days */ 
-    1161973,				/* 322.77 hours, 13.45 days */ 
-    1242318,				/* 345.09 hours, 14.38 days */ 
-    1328218,				/* 368.95 hours, 15.37 days */ 
-    1420057,				/* 394.46 hours, 16.44 days */ 
-    1518247,				/* 421.74 hours, 17.57 days */ 
-    1623226,				/* 450.90 hours, 18.79 days */ 
-    1735464,				/* 482.07 hours, 20.09 days */ 
-    1855462,				/* 515.41 hours, 21.48 days */ 
-    1983758,				/* 551.04 hours, 22.96 days */ 
-    2120925,				/* 589.15 hours, 24.55 days */ 
-    2267576,				/* 629.88 hours, 26.25 days */ 
-    2424367,				/* 673.44 hours, 28.06 days */ 
-    2592000};				/* 720.00 hours, 30.00 days */ 
-
-/*
- * krb_life_to_time - takes a start time and a Kerberos standard
- * lifetime char and returns the corresponding end time.  There are
- * four simple cases to be handled.  The first is a life of 0xff,
- * meaning no expiration, and results in an end time of 0xffffffff.
- * The second is when life is less than the values covered by the
- * table.  In this case, the end time is the start time plus the
- * number of 5 minute intervals specified by life.  The third case
- * returns start plus the MAXTKTLIFETIME if life is greater than
- * TKTLIFEMAXFIXED.  The last case, uses the life value (minus
- * TKTLIFEMINFIXED) as an index into the table to extract the lifetime
- * in seconds, which is added to start to produce the end time.
- */
-u_int32_t
-krb_life_to_time(u_int32_t start, int life_)
-{
-    unsigned char life = (unsigned char) life_;
-
-    if (krb_no_long_lifetimes) return start + life*5*60;
-
-    if (life == TKTLIFENOEXPIRE) return NEVERDATE;
-    if (life < TKTLIFEMINFIXED) return start + life*5*60;
-    if (life > TKTLIFEMAXFIXED) return start + MAXTKTLIFETIME;
-    return start + tkt_lifetimes[life - TKTLIFEMINFIXED];
-}
-
-/*
- * krb_time_to_life - takes start and end times for the ticket and
- * returns a Kerberos standard lifetime char, possibily using the
- * tkt_lifetimes table for lifetimes above 127*5 minutes.  First, the
- * special case of (end == NEVERDATE) is handled to mean no
- * expiration.  Then negative lifetimes and those greater than the
- * maximum ticket lifetime are rejected.  Then lifetimes less than the
- * first table entry are handled by rounding the requested lifetime
- * *up* to the next 5 minute interval.  The final step is to search
- * the table for the smallest entry *greater than or equal* to the
- * requested entry.
- */
-int krb_time_to_life(u_int32_t start, u_int32_t end)
-{
-    int i;
-    long lifetime = end - start;
-
-    if (krb_no_long_lifetimes) return (lifetime + 5*60 - 1)/(5*60);
-
-    if (end >= NEVERDATE) return TKTLIFENOEXPIRE;
-    if (lifetime > MAXTKTLIFETIME || lifetime <= 0) return 0;
-    if (lifetime < tkt_lifetimes[0]) return (lifetime + 5*60 - 1)/(5*60);
-    for (i=0; i<TKTLIFENUMFIXED; i++) {
-	if (lifetime <= tkt_lifetimes[i]) {
-	    return i+TKTLIFEMINFIXED;
-	}
-    }
-    return 0;
-}
-
-char *
-krb_life_to_atime(int life)
-{
-    static char atime[11+1+2+1+2+1+2+1];
-    unsigned long when;
-    int secs, mins, hours;
-
-    if (life == TKTLIFENOEXPIRE && !krb_no_long_lifetimes)
-	return("Forever");
-    when = krb_life_to_time(0, life);
-    secs = when%60;
-    when /= 60;
-    mins = when%60;
-    when /= 60;
-    hours = when%24;
-    when /= 24;
-    snprintf(atime, sizeof(atime), "%d+%02d:%02d:%02d", (int)when, hours, mins, secs);
-    return(atime);
-}
-
-int
-krb_atime_to_life(char *atime)
-{
-    unsigned long when = 0;
-    char *cp;
-    int colon = 0, plus = 0;
-    int n = 0;
-
-    if (strcasecmp(atime, "forever") == 0)
-	return(TKTLIFENOEXPIRE);
-    
-    for (cp=atime; *cp; cp++) {
-	switch(*cp) {
-	    case '0': case '1': case '2': case '3': case '4':
-	    case '5': case '6': case '7': case '8': case '9':
-		n = n*10 + *cp-'0';
-		break;
-	    case '+':
-		plus++;
-		when += n;
-		when *= 24;
-		n = 0;
-		break;
-	    case ':':
-		colon++;
-		when += n;
-		when *= 60;
-		n = 0;
-		break;
-	    default:
-		break;
-	}
-    }
-    when += n;
-    if (plus == 0 && colon == 0)
-	return((unsigned char)when);
-    while (colon < 2) {
-	when *= 60;
-	colon++;
-    }
-    return(krb_time_to_life(0,when));
-}
diff --git a/crypto/kerberosIV/lib/krb/logging.c b/crypto/kerberosIV/lib/krb/logging.c
deleted file mode 100644
index 15e5bde9707f..000000000000
--- a/crypto/kerberosIV/lib/krb/logging.c
+++ /dev/null
@@ -1,240 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-#include <klog.h>
-
-RCSID("$Id: logging.c,v 1.14 1997/05/11 09:01:40 assar Exp $");
-
-struct krb_log_facility {
-    char filename[MaxPathLen]; 
-    FILE *file; 
-    krb_log_func_t func;
-};
-
-int
-krb_vlogger(struct krb_log_facility *f, const char *format, va_list args)
-{
-    FILE *file = NULL;
-    int ret;
-
-    if (f->file != NULL)
-	file = f->file;
-    else if (f->filename && f->filename[0])
-	file = fopen(f->filename, "a");
-
-    ret = f->func(file, format, args);
-
-    if (file != f->file)
-	fclose(file);
-    return ret;
-}
-
-int
-krb_logger(struct krb_log_facility *f, const char *format, ...)
-{
-    va_list args;
-    int ret;
-    va_start(args, format);
-    ret = krb_vlogger(f, format, args);
-    va_end(args);
-    return ret;
-}
-
-/*
- * If FILE * is given log to it, otherwise, log to filename. When
- * given a file name the file is opened and closed for each log
- * record.
- */
-int
-krb_openlog(struct krb_log_facility *f,
-	    char *filename,
-	    FILE *file,
-	    krb_log_func_t func)
-{
-    strcpy(f->filename, filename);
-    f->file = file;
-    f->func = func;
-    return KSUCCESS;
-}
-
-/* ------------------------------------------------------------
-   Compatibility functions from warning.c
-   ------------------------------------------------------------ */
-
-static int
-log_tty(FILE *f, const char *format,  va_list args)
-{
-    if (f != NULL && isatty(fileno(f)))
-	vfprintf(f, format, args);
-    return KSUCCESS;
-}
-
-/* stderr */
-static struct krb_log_facility std_log = { "/dev/tty", NULL, log_tty };
-
-static void
-init_std_log ()
-{
-  static int done = 0;
-
-  if (!done) {
-    std_log.file = stderr;
-    done = 1;
-  }
-}
-
-/*
- *
- */
-void
-krb_set_warnfn (krb_warnfn_t newfunc)
-{
-    init_std_log ();
-    std_log.func =  newfunc;
-}
-
-/*
- *
- */
-krb_warnfn_t
-krb_get_warnfn (void)
-{
-    init_std_log ();
-    return std_log.func;
-}
-
-/*
- * Log warnings to stderr if it's a tty.
- */
-void
-krb_warning (const char *format, ...)
-{
-    va_list args;
-    
-    init_std_log ();
-    va_start(args, format);
-    krb_vlogger(&std_log, format, args);
-    va_end(args);
-}
-
-/* ------------------------------------------------------------
-   Compatibility functions from klog.c and log.c
-   ------------------------------------------------------------ */
-
-/*
- * Used by kerberos and kadmind daemons and in libkrb (rd_req.c).
- *
- * By default they log to the kerberos server log-file (KRBLOG) to be
- * backwards compatible.
- */
-
-static int
-log_with_timestamp_and_nl(FILE *file, const char *format, va_list args)
-{
-    time_t now;
-    if(file == NULL)
-	return KFAILURE;
-    time(&now);
-    fputs(krb_stime(&now), file);
-    fputs(": ", file);
-    vfprintf(file, format, args);
-    fputs("\n", file);
-    fflush(file);
-    return KSUCCESS;
-}
-
-static struct krb_log_facility
-file_log = { KRBLOG, NULL, log_with_timestamp_and_nl };
-
-/*
- * kset_logfile() changes the name of the file to which
- * messages are logged.  If kset_logfile() is not called,
- * the logfile defaults to KRBLOG, defined in "krb.h".
- */
-
-void
-kset_logfile(char *filename)
-{
-    krb_openlog(&file_log, filename, NULL, log_with_timestamp_and_nl);
-}
-
-/*
- * krb_log() and klog() is used to add entries to the logfile.
- *
- * The log entry consists of a timestamp and the given arguments
- * printed according to the given "format" string.
- *
- * The log file is opened and closed for each log entry.
- *
- * If the given log type "type" is unknown, or if the log file
- * cannot be opened, no entry is made to the log file.
- *
- * CHANGE: the type is always ignored
- *
- * The return value of klog() is always a pointer to the formatted log
- * text string "logtxt".
- */
-
-/* Used in kerberos.c only. */
-char *
-klog(int type, const char *format, ...)
-{
-    static char logtxt[1024];
-
-    va_list ap;
-
-    va_start(ap, format);
-    vsnprintf(logtxt, sizeof(logtxt), format, ap);
-    va_end(ap);
-    
-    krb_logger(&file_log, "%s", logtxt);
-    
-    return logtxt;
-}
-
-/* Used in kadmind and rd_req.c */
-void
-krb_log(const char *format, ...)
-{
-    va_list args;
-
-    va_start(args, format);
-    krb_vlogger(&file_log, format, args);
-    va_end(args);
-}
diff --git a/crypto/kerberosIV/lib/krb/lsb_addr_comp.c b/crypto/kerberosIV/lib/krb/lsb_addr_comp.c
deleted file mode 100644
index bc3c484dd613..000000000000
--- a/crypto/kerberosIV/lib/krb/lsb_addr_comp.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: lsb_addr_comp.c,v 1.9 1997/04/01 08:18:37 joda Exp $");
-
-#include "lsb_addr_comp.h"
-
-int
-krb_lsb_antinet_ulong_cmp(u_int32_t x, u_int32_t y)
-{
-    int i;
-    u_int32_t a = 0, b = 0;
-    u_int8_t *p = (u_int8_t*) &x;
-    u_int8_t *q = (u_int8_t*) &y;
-
-    for(i = sizeof(u_int32_t) - 1; i >= 0; i--){
-	a = (a << 8) | p[i];
-	b = (b << 8) | q[i];
-    }
-    if(a > b)
-	return 1;
-    if(a < b)
-	return -1;
-    return 0;
-}
-
-int
-krb_lsb_antinet_ushort_cmp(u_int16_t x, u_int16_t y)
-{
-    int i;
-    u_int16_t a = 0, b = 0;
-    u_int8_t *p = (u_int8_t*) &x;
-    u_int8_t *q = (u_int8_t*) &y;
-
-    for(i = sizeof(u_int16_t) - 1; i >= 0; i--){
-	a = (a << 8) | p[i];
-	b = (b << 8) | q[i];
-    }
-    if(a > b)
-	return 1;
-    if(a < b)
-	return -1;
-    return 0;
-}
-
-u_int32_t
-lsb_time(time_t t, struct sockaddr_in *src, struct sockaddr_in *dst)
-{
-    /*
-     * direction bit is the sign bit of the timestamp.  Ok until
-     * 2038??
-     */
-    /* For compatibility with broken old code, compares are done in VAX 
-       byte order (LSBFIRST) */ 
-    if (krb_lsb_antinet_ulong_less(src->sin_addr.s_addr, /* src < recv */ 
-				   dst->sin_addr.s_addr) < 0) 
-        t = -t;
-    else if (krb_lsb_antinet_ulong_less(src->sin_addr.s_addr, 
-					dst->sin_addr.s_addr)==0) 
-        if (krb_lsb_antinet_ushort_less(src->sin_port, dst->sin_port) < 0)
-            t = -t;
-    /*
-     * all that for one tiny bit!  Heaven help those that talk to
-     * themselves.
-     */
-    t = t & 0xffffffff;
-    return t;
-}
diff --git a/crypto/kerberosIV/lib/krb/lsb_addr_comp.h b/crypto/kerberosIV/lib/krb/lsb_addr_comp.h
deleted file mode 100644
index 21adf062c3eb..000000000000
--- a/crypto/kerberosIV/lib/krb/lsb_addr_comp.h
+++ /dev/null
@@ -1,26 +0,0 @@
-/*
- * $Id: lsb_addr_comp.h,v 1.6 1996/10/05 00:18:02 joda Exp $
- *
- * Copyright 1988 by the Massachusetts Institute of Technology.
- *
- * For copying and distribution information, please see the file
- * <mit-copyright.h>.
- *
- * Comparison macros to emulate LSBFIRST comparison results of network
- * byte-order quantities
- */
-
-#ifndef LSB_ADDR_COMP_DEFS
-#define LSB_ADDR_COMP_DEFS
-
-/* Compare x and y in VAX byte order, result is -1, 0 or 1. */
-
-#define krb_lsb_antinet_ulong_less(x, y) (((x) == (y)) ? 0 :  krb_lsb_antinet_ulong_cmp(x, y))
-
-#define krb_lsb_antinet_ushort_less(x, y) (((x) == (y)) ? 0 : krb_lsb_antinet_ushort_cmp(x, y))
-
-int krb_lsb_antinet_ulong_cmp(u_int32_t x, u_int32_t y);
-int krb_lsb_antinet_ushort_cmp(u_int16_t x, u_int16_t y);
-u_int32_t lsb_time(time_t t, struct sockaddr_in *src, struct sockaddr_in *dst);
-
-#endif /*  LSB_ADDR_COMP_DEFS */
diff --git a/crypto/kerberosIV/lib/krb/mk_auth.c b/crypto/kerberosIV/lib/krb/mk_auth.c
deleted file mode 100644
index 7cfb36bb2a46..000000000000
--- a/crypto/kerberosIV/lib/krb/mk_auth.c
+++ /dev/null
@@ -1,96 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: mk_auth.c,v 1.4 1997/04/01 08:18:35 joda Exp $");
-
-/*
- * Generate an authenticator for service.instance@realm.
- * instance is canonicalized by `krb_get_phost'
- * realm is set to the local realm if realm == NULL
- * The ticket acquired by `krb_mk_req' is returned in `ticket' and the
- * authenticator in `buf'.  
- * Options control the behaviour (see krb_sendauth).
- */
-
-int
-krb_mk_auth(int32_t options,
-	    KTEXT ticket,
-	    char *service,
-	    char *instance,
-	    char *realm,
-	    u_int32_t checksum,
-	    char *version,
-	    KTEXT buf)
-{
-  char realinst[INST_SZ];
-  char realrealm[REALM_SZ];
-  int ret;
-  unsigned char *p;
-
-  if (options & KOPT_DONT_CANON)
-    strncpy(realinst, instance, sizeof(realinst));
-  else
-    strncpy(realinst, krb_get_phost (instance), sizeof(realinst));
-
-  if (realm == NULL) {
-    ret = krb_get_lrealm (realrealm, 1);
-    if (ret != KSUCCESS)
-      return ret;
-    realm = realrealm;
-  }
-  
-  if(!(options & KOPT_DONT_MK_REQ)) {
-    ret = krb_mk_req (ticket, service, realinst, realm, checksum);
-    if (ret != KSUCCESS)
-      return ret;
-  }
-    
-  p = buf->dat;
-
-  memcpy (p, KRB_SENDAUTH_VERS, KRB_SENDAUTH_VLEN);
-  p += KRB_SENDAUTH_VLEN;
-  memcpy (p, version, KRB_SENDAUTH_VLEN);
-  p += KRB_SENDAUTH_VLEN;
-  p += krb_put_int(ticket->length, p, 4);
-  memcpy(p, ticket->dat, ticket->length);
-  p += ticket->length;
-  buf->length = p - buf->dat;
-  return KSUCCESS;
-}
diff --git a/crypto/kerberosIV/lib/krb/mk_err.c b/crypto/kerberosIV/lib/krb/mk_err.c
deleted file mode 100644
index 710587a5e075..000000000000
--- a/crypto/kerberosIV/lib/krb/mk_err.c
+++ /dev/null
@@ -1,56 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-#include "krb_locl.h"
-
-RCSID("$Id: mk_err.c,v 1.6 1997/03/23 03:53:14 joda Exp $");
-
-/*
- * This routine creates a general purpose error reply message.  It
- * doesn't use KTEXT because application protocol may have long
- * messages, and may want this part of buffer contiguous to other
- * stuff.
- *
- * The error reply is built in "p", using the error code "e" and
- * error text "e_string" given.  The length of the error reply is
- * returned.
- *
- * The error reply is in the following format:
- *
- * unsigned char	KRB_PROT_VERSION	protocol version no.
- * unsigned char	AUTH_MSG_APPL_ERR	message type
- * (least significant
- * bit of above)	HOST_BYTE_ORDER		local byte order
- * 4 bytes		e			given error code
- * string		e_string		given error text
- */
-
-int32_t
-krb_mk_err(u_char *p, int32_t e, char *e_string)
-{
-    unsigned char *start = p;
-    p += krb_put_int(KRB_PROT_VERSION, p, 1);
-    p += krb_put_int(AUTH_MSG_APPL_ERR, p, 1);
-    
-    p += krb_put_int(e, p, 4);
-    p += krb_put_string(e_string, p);
-    return p - start;
-}
diff --git a/crypto/kerberosIV/lib/krb/mk_priv.c b/crypto/kerberosIV/lib/krb/mk_priv.c
deleted file mode 100644
index b6a9cc4a24b6..000000000000
--- a/crypto/kerberosIV/lib/krb/mk_priv.c
+++ /dev/null
@@ -1,125 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: mk_priv.c,v 1.18 1997/04/01 08:18:37 joda Exp $");
-
-/* application include files */
-#include "lsb_addr_comp.h"
-
-/*
- * krb_mk_priv() constructs an AUTH_MSG_PRIVATE message.  It takes
- * some user data "in" of "length" bytes and creates a packet in "out"
- * consisting of the user data, a timestamp, and the sender's network
- * address.
- * The packet is encrypted by pcbc_encrypt(), using the given
- * "key" and "schedule".
- * The length of the resulting packet "out" is
- * returned.
- *
- * It is similar to krb_mk_safe() except for the additional key
- * schedule argument "schedule" and the fact that the data is encrypted
- * rather than appended with a checksum.  The protocol version is
- * KRB_PROT_VERSION, defined in "krb.h".
- *
- * The "out" packet consists of:
- *
- * Size			Variable		Field
- * ----			--------		-----
- *
- * 1 byte		KRB_PROT_VERSION	protocol version number
- * 1 byte		AUTH_MSG_PRIVATE |	message type plus local
- *			HOST_BYTE_ORDER		byte order in low bit
- *
- * 4 bytes		c_length		length of data
- * we encrypt from here with pcbc_encrypt
- * 
- * 4 bytes		length			length of user data
- * length		in			user data
- * 1 byte		msg_time_5ms		timestamp milliseconds
- * 4 bytes		sender->sin.addr.s_addr	sender's IP address
- *
- * 4 bytes		msg_time_sec or		timestamp seconds with
- *			-msg_time_sec		direction in sign bit
- *
- * 0<=n<=7  bytes	pad to 8 byte multiple	zeroes
- */
-
-int32_t
-krb_mk_priv(void *in, void *out, u_int32_t length, 
-	    struct des_ks_struct *schedule, des_cblock *key, 
-	    struct sockaddr_in *sender, struct sockaddr_in *receiver)
-{
-    unsigned char *p = (unsigned char*)out;
-    unsigned char *cipher;
-
-    struct timeval tv;
-    u_int32_t src_addr;
-    u_int32_t len;
-
-    p += krb_put_int(KRB_PROT_VERSION, p, 1);
-    p += krb_put_int(AUTH_MSG_PRIVATE, p, 1);
-
-    len = 4 + length + 1 + 4 + 4;
-    len = (len + 7) & ~7;
-    p += krb_put_int(len, p, 4);
-    
-    cipher = p;
-
-    p += krb_put_int(length, p, 4);
-    
-    memcpy(p, in, length);
-    p += length;
-    
-    gettimeofday(&tv, NULL);
-
-    *p++ =tv.tv_usec / 5000;
-    
-    src_addr = sender->sin_addr.s_addr;
-    p += krb_put_address(src_addr, p);
-
-    p += krb_put_int(lsb_time(tv.tv_sec, sender, receiver), p, 4);
-    
-    memset(p, 0, 7);
-
-    des_pcbc_encrypt((des_cblock *)cipher, (des_cblock *)cipher,
-		     len, schedule, key, DES_ENCRYPT);
-
-    return  (cipher - (unsigned char*)out) + len;
-}
diff --git a/crypto/kerberosIV/lib/krb/mk_req.c b/crypto/kerberosIV/lib/krb/mk_req.c
deleted file mode 100644
index 313ea0408f17..000000000000
--- a/crypto/kerberosIV/lib/krb/mk_req.c
+++ /dev/null
@@ -1,215 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: mk_req.c,v 1.17 1997/05/30 17:42:38 bg Exp $");
-
-static int lifetime = 255;	/* But no longer than TGT says. */
-
-
-static void
-build_request(KTEXT req, char *name, char *inst, char *realm, 
-	      u_int32_t checksum)
-{
-    struct timeval tv;
-    unsigned char *p = req->dat;
-    
-    p += krb_put_nir(name, inst, realm, p);
-    
-    p += krb_put_int(checksum, p, 4);
-
-
-    /* Fill in the times on the request id */
-    gettimeofday(&tv, NULL);
-
-    *p++ = tv.tv_usec / 5000; /* 5ms */
-    
-    p += krb_put_int(tv.tv_sec, p, 4);
-
-    /* Fill to a multiple of 8 bytes for DES */
-    req->length = ((p - req->dat + 7)/8) * 8;
-}
-
-
-/*
- * krb_mk_req takes a text structure in which an authenticator is to
- * be built, the name of a service, an instance, a realm,
- * and a checksum.  It then retrieves a ticket for
- * the desired service and creates an authenticator in the text
- * structure passed as the first argument.  krb_mk_req returns
- * KSUCCESS on success and a Kerberos error code on failure.
- *
- * The peer procedure on the other end is krb_rd_req.  When making
- * any changes to this routine it is important to make corresponding
- * changes to krb_rd_req.
- *
- * The authenticator consists of the following:
- *
- * authent->dat
- *
- * unsigned char	KRB_PROT_VERSION	protocol version no.
- * unsigned char	AUTH_MSG_APPL_REQUEST	message type
- * (least significant
- * bit of above)	HOST_BYTE_ORDER		local byte ordering
- * unsigned char	kvno from ticket	server's key version
- * string		realm			server's realm
- * unsigned char	tl			ticket length
- * unsigned char	idl			request id length
- * text			ticket->dat		ticket for server
- * text			req_id->dat		request id
- *
- * The ticket information is retrieved from the ticket cache or
- * fetched from Kerberos.  The request id (called the "authenticator"
- * in the papers on Kerberos) contains the following:
- *
- * req_id->dat
- *
- * string		cr.pname		{name, instance, and
- * string		cr.pinst		realm of principal
- * string		myrealm			making this request}
- * 4 bytes		checksum		checksum argument given
- * unsigned char	tv_local.tf_usec	time (milliseconds)
- * 4 bytes		tv_local.tv_sec		time (seconds)
- *
- * req_id->length = 3 strings + 3 terminating nulls + 5 bytes for time,
- *                  all rounded up to multiple of 8.
- */
-
-int
-krb_mk_req(KTEXT authent, char *service, char *instance, char *realm, 
-	   int32_t checksum)
-{
-    KTEXT_ST req_st;
-    KTEXT req_id = &req_st;
-
-    CREDENTIALS cr;             /* Credentials used by retr */
-    KTEXT ticket = &(cr.ticket_st); /* Pointer to tkt_st */
-    int retval;                 /* Returned by krb_get_cred */
-
-    char myrealm[REALM_SZ];
-
-    unsigned char *p = authent->dat;
-
-    p += krb_put_int(KRB_PROT_VERSION, p, 1);
-    
-    p += krb_put_int(AUTH_MSG_APPL_REQUEST, p, 1);
-    
-    /* Get the ticket and move it into the authenticator */
-    if (krb_ap_req_debug)
-        krb_warning("Realm: %s\n", realm);
-
-    retval = krb_get_cred(service,instance,realm,&cr);
-
-    if (retval == RET_NOTKT) {
-	retval = get_ad_tkt(service, instance, realm, lifetime);
-	if (retval == KSUCCESS)
-	    retval = krb_get_cred(service, instance, realm, &cr);
-    }
-
-    if (retval != KSUCCESS)
-	return retval;
-
-
-    /*
-     * With multi realm ticket files either find a matching TGT or
-     * else use the first TGT for inter-realm authentication.
-     *
-     * In myrealm hold the realm of the principal "owning" the
-     * corresponding ticket-granting-ticket.
-     */
-
-    retval = krb_get_cred(KRB_TICKET_GRANTING_TICKET, realm, realm, 0);
-    if (retval == KSUCCESS)
-      strncpy(myrealm, realm, REALM_SZ);
-    else
-      retval = krb_get_tf_realm(TKT_FILE, myrealm);
-    
-    if (retval != KSUCCESS)
-	return retval;
-    
-    if (krb_ap_req_debug)
-        krb_warning("serv=%s.%s@%s princ=%s.%s@%s\n", service, instance, realm,
-		    cr.pname, cr.pinst, myrealm);
-
-    p += krb_put_int(cr.kvno, p, 1);
-
-    p += krb_put_string(realm, p);
-
-    p += krb_put_int(ticket->length, p, 1);
-
-    build_request(req_id, cr.pname, cr.pinst, myrealm, checksum);
-    
-    encrypt_ktext(req_id, &cr.session, DES_ENCRYPT);
-
-    p += krb_put_int(req_id->length, p, 1);
-
-    memcpy(p, ticket->dat, ticket->length);
-    
-    p += ticket->length;
-    
-    memcpy(p, req_id->dat, req_id->length);
-    
-    p += req_id->length;
-
-    authent->length = p - authent->dat;
-    
-    memset(&cr, 0, sizeof(cr));
-    memset(&req_st, 0, sizeof(req_st));
-
-    if (krb_ap_req_debug)
-        krb_warning("Authent->length = %d\n", authent->length);
-
-    return KSUCCESS;
-}
-
-/* 
- * krb_set_lifetime sets the default lifetime for additional tickets
- * obtained via krb_mk_req().
- * 
- * It returns the previous value of the default lifetime.
- */
-
-int
-krb_set_lifetime(int newval)
-{
-    int olife = lifetime;
-
-    lifetime = newval;
-    return(olife);
-}
diff --git a/crypto/kerberosIV/lib/krb/mk_safe.c b/crypto/kerberosIV/lib/krb/mk_safe.c
deleted file mode 100644
index df5ca21ed0a7..000000000000
--- a/crypto/kerberosIV/lib/krb/mk_safe.c
+++ /dev/null
@@ -1,131 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: mk_safe.c,v 1.21 1997/04/19 23:18:03 joda Exp $");
-
-/* application include files */
-#include "lsb_addr_comp.h"
-
-
-/* from rd_safe.c */
-extern int dqc_type;
-void fixup_quad_cksum(void*, size_t, des_cblock*, void*, void*, int);
-
-/*
- * krb_mk_safe() constructs an AUTH_MSG_SAFE message.  It takes some
- * user data "in" of "length" bytes and creates a packet in "out"
- * consisting of the user data, a timestamp, and the sender's network
- * address, followed by a checksum computed on the above, using the
- * given "key".  The length of the resulting packet is returned.
- *
- * The "out" packet consists of:
- *
- * Size			Variable		Field
- * ----			--------		-----
- *
- * 1 byte		KRB_PROT_VERSION	protocol version number
- * 1 byte		AUTH_MSG_SAFE |		message type plus local
- *			HOST_BYTE_ORDER		byte order in low bit
- *
- * ===================== begin checksum ================================
- * 
- * 4 bytes		length			length of user data
- * length		in			user data
- * 1 byte		msg_time_5ms		timestamp milliseconds
- * 4 bytes		sender->sin.addr.s_addr	sender's IP address
- *
- * 4 bytes		msg_time_sec or		timestamp seconds with
- *			-msg_time_sec		direction in sign bit
- *
- * ======================= end checksum ================================
- *
- * 16 bytes		big_cksum		quadratic checksum of
- *						above using "key"
- */
-
-int32_t
-krb_mk_safe(void *in, void *out, u_int32_t length, des_cblock *key, 
-	    struct sockaddr_in *sender, struct sockaddr_in *receiver)
-{
-    unsigned char * p = (unsigned char*)out;
-    struct timeval tv;
-    unsigned char *start;
-    u_int32_t src_addr;
-
-    p += krb_put_int(KRB_PROT_VERSION, p, 1);
-    p += krb_put_int(AUTH_MSG_SAFE, p, 1);
-    
-    start = p;
-
-    p += krb_put_int(length, p, 4);
-
-    memcpy(p, in, length);
-    p += length;
-    
-    gettimeofday(&tv, NULL);
-
-    *p++ = tv.tv_usec/5000; /* 5ms */
-    
-    src_addr = sender->sin_addr.s_addr;
-    p += krb_put_address(src_addr, p);
-
-    p += krb_put_int(lsb_time(tv.tv_sec, sender, receiver), p, 4);
-
-    {
-	/* We are faking big endian mode, so we need to fix the
-	 * checksum (that is byte order dependent). We always send a
-	 * checksum of the new type, unless we know that we are
-	 * talking to an old client (this requires a call to
-	 * krb_rd_safe first).  
-	 */
-	unsigned char new_checksum[16];
-	unsigned char old_checksum[16];
-	fixup_quad_cksum(start, p - start, key, new_checksum, old_checksum, 0);
-	
-	if((dqc_type == DES_QUAD_GUESS && DES_QUAD_DEFAULT == DES_QUAD_OLD) || 
-	   dqc_type == DES_QUAD_OLD)
-	    memcpy(p, old_checksum, 16);
-	else
-	    memcpy(p, new_checksum, 16);
-    }
-    p += 16;
-
-    return p - (unsigned char*)out;
-}
diff --git a/crypto/kerberosIV/lib/krb/month_sname.c b/crypto/kerberosIV/lib/krb/month_sname.c
deleted file mode 100644
index aaceee5f094b..000000000000
--- a/crypto/kerberosIV/lib/krb/month_sname.c
+++ /dev/null
@@ -1,39 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-#include "krb_locl.h"
-
-RCSID("$Id: month_sname.c,v 1.5 1997/03/23 03:53:14 joda Exp $");
-
-/*
- * Given an integer 1-12, month_sname() returns a string
- * containing the first three letters of the corresponding
- * month.  Returns 0 if the argument is out of range.
- */
-
-const char *month_sname(int n)
-{
-    static const char *name[] = {
-        "Jan","Feb","Mar","Apr","May","Jun",
-        "Jul","Aug","Sep","Oct","Nov","Dec"
-    };
-    return((n < 1 || n > 12) ? 0 : name [n-1]);
-}
diff --git a/crypto/kerberosIV/lib/krb/name2name.c b/crypto/kerberosIV/lib/krb/name2name.c
deleted file mode 100644
index fa95b8914fb0..000000000000
--- a/crypto/kerberosIV/lib/krb/name2name.c
+++ /dev/null
@@ -1,102 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: name2name.c,v 1.15 1997/04/30 04:30:36 assar Exp $");
-
-/* convert host to a more fully qualified domain name, returns 0 if
- * phost is the same as host, 1 otherwise. phost should be
- * phost_size bytes long.
- */
-
-int
-krb_name_to_name(const char *host, char *phost, size_t phost_size)
-{
-    struct hostent *hp;
-    struct in_addr adr;
-    const char *tmp;
-    
-    adr.s_addr = inet_addr(host);
-    hp = gethostbyname(host);
-    if (hp == NULL && adr.s_addr != INADDR_NONE)
-	hp = gethostbyaddr((char *)&adr, sizeof(adr), AF_INET);
-    if (hp == NULL)
-	tmp = host;
-    else
-	tmp = hp->h_name;
-    strncpy (phost, tmp, phost_size);
-    phost[phost_size - 1] = '\0';
-
-    if (strcmp(phost, host) == 0)
-	return 0;
-    else
-	return 1;
-}
-
-/* lowercase and truncate */
-
-void
-k_ricercar(char *name)
-{
-    char *p = name;
-    while(*p && *p != '.'){
-	if(isupper(*p))
-	    *p = tolower(*p);
-	p++;
-    }
-    if(*p == '.')
-	*p = 0;
-}
-
-/*
- * This routine takes an alias for a host name and returns the first
- * field, in lower case, of its domain name.
- *
- * Example: "fOo.BAR.com" -> "foo"
- */
-
-char *
-krb_get_phost(const char *alias)
-{
-    static char phost[MaxHostNameLen+1];
-    
-    krb_name_to_name(alias, phost, sizeof(phost));
-    k_ricercar(phost);
-    return phost;
-}
diff --git a/crypto/kerberosIV/lib/krb/netread.c b/crypto/kerberosIV/lib/krb/netread.c
deleted file mode 100644
index cbc1bd12ce28..000000000000
--- a/crypto/kerberosIV/lib/krb/netread.c
+++ /dev/null
@@ -1,55 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-#include "krb_locl.h"
-
-RCSID("$Id: netread.c,v 1.6 1997/03/23 03:53:15 joda Exp $");
-
-/*
- * krb_net_read() reads from the file descriptor "fd" to the buffer
- * "buf", until either 1) "len" bytes have been read or 2) cannot
- * read anymore from "fd".  It returns the number of bytes read
- * or a read() error.  (The calling interface is identical to
- * read(2).)
- *
- * XXX must not use non-blocking I/O
- */
-
-int
-krb_net_read (int fd, void *v, size_t len)
-{
-    int cc, len2 = 0;
-    char *buf = v;
-
-    do {
-	cc = read(fd, buf, len);
-	if (cc < 0)
-	    return(cc);		 /* errno is already set */
-	else if (cc == 0) {
-	    return(len2);
-	} else {
-	    buf += cc;
-	    len2 += cc;
-	    len -= cc;
-	}
-    } while (len > 0);
-    return(len2);
-}
diff --git a/crypto/kerberosIV/lib/krb/netwrite.c b/crypto/kerberosIV/lib/krb/netwrite.c
deleted file mode 100644
index 0703d91b321f..000000000000
--- a/crypto/kerberosIV/lib/krb/netwrite.c
+++ /dev/null
@@ -1,52 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-#include "krb_locl.h"
-
-RCSID("$Id: netwrite.c,v 1.7 1997/03/23 03:53:15 joda Exp $");
-
-/*
- * krb_net_write() writes "len" bytes from "buf" to the file
- * descriptor "fd".  It returns the number of bytes written or
- * a write() error.  (The calling interface is identical to
- * write(2).)
- *
- * XXX must not use non-blocking I/O
- */
-
-int
-krb_net_write(int fd, const void *v, size_t len)
-{
-    int cc;
-    int wrlen = len;
-    const char *buf = (const char*)v;
-
-    do {
-	cc = write(fd, buf, wrlen);
-	if (cc < 0)
-	    return(cc);
-	else {
-	    buf += cc;
-	    wrlen -= cc;
-	}
-    } while (wrlen > 0);
-    return(len);
-}
diff --git a/crypto/kerberosIV/lib/krb/one.c b/crypto/kerberosIV/lib/krb/one.c
deleted file mode 100644
index d43b2840e08c..000000000000
--- a/crypto/kerberosIV/lib/krb/one.c
+++ /dev/null
@@ -1,27 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-  Export of this software from the United States of America is assumed
-  to require a specific license from the United States Government.
-  It is the responsibility of any person or organization contemplating
-  export to obtain such a license before exporting.
-  
-  WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-  distribute this software and its documentation for any purpose and
-  without fee is hereby granted, provided that the above copyright
-  notice appear in all copies and that both that copyright notice and
-  this permission notice appear in supporting documentation, and that
-  the name of M.I.T. not be used in advertising or publicity pertaining
-  to distribution of the software without specific, written prior
-  permission.  M.I.T. makes no representations about the suitability of
-  this software for any purpose.  It is provided "as is" without express
-  or implied warranty.
-  
-  */
-
-/*
- * definition of variable set to 1.
- * used in krb_conf.h to determine host byte order.
- */
-
-int krbONE = 1;
diff --git a/crypto/kerberosIV/lib/krb/parse_name.c b/crypto/kerberosIV/lib/krb/parse_name.c
deleted file mode 100644
index 1184330bd3c3..000000000000
--- a/crypto/kerberosIV/lib/krb/parse_name.c
+++ /dev/null
@@ -1,199 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: parse_name.c,v 1.4 1997/04/01 08:18:39 joda Exp $");
-
-int
-krb_parse_name(const char *fullname, krb_principal *principal)
-{
-    const char *p;
-    char *ns, *np;
-    enum {n, i, r} pos = n;
-    int quote = 0;
-    ns = np = principal->name;
-
-    principal->name[0] = 0;
-    principal->instance[0] = 0;
-    principal->realm[0] = 0;
-
-    for(p = fullname; *p; p++){
-	if(np - ns == ANAME_SZ - 1) /* XXX they have the same size */
-	    return KNAME_FMT;
-	if(quote){
-	    *np++ = *p;
-	    quote = 0;
-	    continue;
-	}
-	if(*p == '\\')
-	    quote = 1;
-	else if(*p == '.' && pos == n){
-	    *np = 0;
-	    ns = np = principal->instance;
-	    pos = i;
-	}else if(*p == '@' && (pos == n || pos == i)){
-	    *np = 0;
-	    ns = np = principal->realm;
-	    pos = r;
-	}else
-	    *np++ = *p;
-    }
-    *np = 0;
-    if(quote || principal->name[0] == 0)
-	return KNAME_FMT;
-    return KSUCCESS;
-}
-
-int
-kname_parse(char *np, char *ip, char *rp, char *fullname)
-{
-    krb_principal p;
-    int ret;
-    if((ret = krb_parse_name(fullname, &p)) == 0){
-	strcpy(np, p.name);
-	strcpy(ip, p.instance);
-	if(p.realm[0])
-	    strcpy(rp, p.realm);
-    }
-    return ret;
-}
-/*
- * k_isname() returns 1 if the given name is a syntactically legitimate
- * Kerberos name; returns 0 if it's not.
- */
-
-int
-k_isname(char *s)
-{
-    char c;
-    int backslash = 0;
-
-    if (!*s)
-        return 0;
-    if (strlen(s) > ANAME_SZ - 1)
-        return 0;
-    while ((c = *s++)) {
-        if (backslash) {
-            backslash = 0;
-            continue;
-        }
-        switch(c) {
-        case '\\':
-            backslash = 1;
-            break;
-        case '.':
-            return 0;
-            /* break; */
-        case '@':
-            return 0;
-            /* break; */
-        }
-    }
-    return 1;
-}
-
-
-/*
- * k_isinst() returns 1 if the given name is a syntactically legitimate
- * Kerberos instance; returns 0 if it's not.
- */
-
-int
-k_isinst(char *s)
-{
-    char c;
-    int backslash = 0;
-
-    if (strlen(s) > INST_SZ - 1)
-        return 0;
-    while ((c = *s++)) {
-        if (backslash) {
-            backslash = 0;
-            continue;
-        }
-        switch(c) {
-        case '\\':
-            backslash = 1;
-            break;
-        case '.':
-#if     INSTANCE_DOTS_OK
-            break;
-#else   /* INSTANCE_DOTS_OK */
-            return 0; 
-#endif  /* INSTANCE_DOTS_OK */
-            /* break; */
-        case '@':
-            return 0;
-            /* break; */
-        }
-    }
-    return 1;
-}
-
-/*
- * k_isrealm() returns 1 if the given name is a syntactically legitimate
- * Kerberos realm; returns 0 if it's not.
- */
-
-int
-k_isrealm(char *s)
-{
-    char c;
-    int backslash = 0;
-
-    if (!*s)
-        return 0;
-    if (strlen(s) > REALM_SZ - 1)
-        return 0;
-    while ((c = *s++)) {
-        if (backslash) {
-            backslash = 0;
-            continue;
-        }
-        switch(c) {
-        case '\\':
-            backslash = 1;
-            break;
-        case '@':
-            return 0;
-            /* break; */
-        }
-    }
-    return 1;
-}
diff --git a/crypto/kerberosIV/lib/krb/prot.h b/crypto/kerberosIV/lib/krb/prot.h
deleted file mode 100644
index e4825e1df911..000000000000
--- a/crypto/kerberosIV/lib/krb/prot.h
+++ /dev/null
@@ -1,105 +0,0 @@
-/*
- * $Id: prot.h,v 1.7 1997/03/23 03:52:27 joda Exp $
- *
- * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute
- * of Technology.
- *
- * For copying and distribution information, please see the file
- * <mit-copyright.h>.
- *
- * Include file with authentication protocol information.
- */
-
-#ifndef PROT_DEFS
-#define PROT_DEFS
-
-#define		KRB_SERVICE		"kerberos-iv"
-#define		KRB_PORT		750	/* PC's don't have
-						 * /etc/services */
-#define		KRB_PROT_VERSION 	4
-#define 	MAX_PKT_LEN		1000
-#define		MAX_TXT_LEN		1000
-
-/* Macro's to obtain various fields from a packet */
-
-#define pkt_version(packet)  (unsigned int) *(packet->dat)
-#define pkt_msg_type(packet) (unsigned int) *(packet->dat+1)
-#define pkt_a_name(packet)   (packet->dat+2)
-#define pkt_a_inst(packet)   \
-	(packet->dat+3+strlen((char *)pkt_a_name(packet)))
-#define pkt_a_realm(packet)  \
-	(pkt_a_inst(packet)+1+strlen((char *)pkt_a_inst(packet)))
-
-/* Macro to obtain realm from application request */
-#define apreq_realm(auth)     (auth->dat + 3)
-
-#define pkt_time_ws(packet) (char *) \
-        (packet->dat+5+strlen((char *)pkt_a_name(packet)) + \
-	 strlen((char *)pkt_a_inst(packet)) + \
-	 strlen((char *)pkt_a_realm(packet)))
-
-#define pkt_no_req(packet) (unsigned short) \
-        *(packet->dat+9+strlen((char *)pkt_a_name(packet)) + \
-	  strlen((char *)pkt_a_inst(packet)) + \
-	  strlen((char *)pkt_a_realm(packet)))
-#define pkt_x_date(packet) (char *) \
-        (packet->dat+10+strlen((char *)pkt_a_name(packet)) + \
-	 strlen((char *)pkt_a_inst(packet)) + \
-	 strlen((char *)pkt_a_realm(packet)))
-#define pkt_err_code(packet) ( (char *) \
-        (packet->dat+9+strlen((char *)pkt_a_name(packet)) + \
-	 strlen((char *)pkt_a_inst(packet)) + \
-	 strlen((char *)pkt_a_realm(packet))))
-#define pkt_err_text(packet) \
-        (packet->dat+13+strlen((char *)pkt_a_name(packet)) + \
-	 strlen((char *)pkt_a_inst(packet)) + \
-	 strlen((char *)pkt_a_realm(packet)))
-
-/* Routines to create and read packets may be found in prot.c */
-
-KTEXT create_auth_reply(char *pname, char *pinst, char *prealm, 
-			int32_t time_ws, int n, u_int32_t x_date, 
-			int kvno, KTEXT cipher);
-#ifdef DEBUG
-KTEXT krb_create_death_packet(char *a_name);
-#endif
-
-/* Message types , always leave lsb for byte order */
-
-#define		AUTH_MSG_KDC_REQUEST			 1<<1
-#define 	AUTH_MSG_KDC_REPLY			 2<<1
-#define		AUTH_MSG_APPL_REQUEST			 3<<1
-#define		AUTH_MSG_APPL_REQUEST_MUTUAL		 4<<1
-#define		AUTH_MSG_ERR_REPLY			 5<<1
-#define		AUTH_MSG_PRIVATE			 6<<1
-#define		AUTH_MSG_SAFE				 7<<1
-#define		AUTH_MSG_APPL_ERR			 8<<1
-#define		AUTH_MSG_KDC_FORWARD			 9<<1
-#define		AUTH_MSG_KDC_RENEW			10<<1
-#define 	AUTH_MSG_DIE				63<<1
-
-/* values for kerb error codes */
-
-#define		KERB_ERR_OK				 0
-#define		KERB_ERR_NAME_EXP			 1
-#define		KERB_ERR_SERVICE_EXP			 2
-#define		KERB_ERR_AUTH_EXP			 3
-#define		KERB_ERR_PKT_VER			 4
-#define		KERB_ERR_NAME_MAST_KEY_VER		 5
-#define		KERB_ERR_SERV_MAST_KEY_VER		 6
-#define		KERB_ERR_BYTE_ORDER			 7
-#define		KERB_ERR_PRINCIPAL_UNKNOWN		 8
-#define		KERB_ERR_PRINCIPAL_NOT_UNIQUE		 9
-#define		KERB_ERR_NULL_KEY			10
-#define		KERB_ERR_TIMEOUT			11
-
-/* sendauth - recvauth */
-
-/*
- * If the protocol changes, you will need to change the version string
- * be sure to support old versions of krb_sendauth!
- */
-
-#define	KRB_SENDAUTH_VERS "AUTHV0.1" /* MUST be KRB_SENDAUTH_VLEN chars */
-
-#endif /* PROT_DEFS */
diff --git a/crypto/kerberosIV/lib/krb/rd_err.c b/crypto/kerberosIV/lib/krb/rd_err.c
deleted file mode 100644
index 3382eabddf89..000000000000
--- a/crypto/kerberosIV/lib/krb/rd_err.c
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: rd_err.c,v 1.8 1997/04/01 08:18:40 joda Exp $");
-
-/*
- * Given an AUTH_MSG_APPL_ERR message, "in" and its length "in_length",
- * return the error code from the message in "code" and the text in
- * "m_data" as follows:
- *
- *	m_data->app_data	points to the error text
- *	m_data->app_length	points to the length of the error text
- *
- * If all goes well, return RD_AP_OK.  If the version number
- * is wrong, return RD_AP_VERSION, and if it's not an AUTH_MSG_APPL_ERR
- * type message, return RD_AP_MSG_TYPE.
- *
- * The AUTH_MSG_APPL_ERR message format can be found in mk_err.c
- */
-
-int
-krb_rd_err(u_char *in, u_int32_t in_length, int32_t *code, MSG_DAT *m_data)
-{
-    unsigned char *p = (unsigned char*)in;
-    
-    unsigned char pvno, type;
-    int little_endian;
-
-    pvno = *p++;
-    if(pvno != KRB_PROT_VERSION)
-	return RD_AP_VERSION;
-    
-    type = *p++;
-    little_endian = type & 1;
-    type &= ~1;
-    
-    if(type != AUTH_MSG_APPL_ERR)
-	return RD_AP_MSG_TYPE;
-    
-    p += krb_get_int(p, (u_int32_t *)&code, 4, little_endian);
-    
-    m_data->app_data = p;
-    m_data->app_length = in_length; /* XXX is this correct? */
-    return KSUCCESS;
-}
diff --git a/crypto/kerberosIV/lib/krb/rd_priv.c b/crypto/kerberosIV/lib/krb/rd_priv.c
deleted file mode 100644
index 58ecd9f7e38e..000000000000
--- a/crypto/kerberosIV/lib/krb/rd_priv.c
+++ /dev/null
@@ -1,129 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: rd_priv.c,v 1.24 1997/05/14 17:53:29 joda Exp $");
-
-/* application include files */
-#include "lsb_addr_comp.h"
-
-/*
- * krb_rd_priv() decrypts and checks the integrity of an
- * AUTH_MSG_PRIVATE message.  Given the message received, "in",
- * the length of that message, "in_length", the key "schedule"
- * and "key", and the network addresses of the
- * "sender" and "receiver" of the message, krb_rd_safe() returns
- * RD_AP_OK if the message is okay, otherwise some error code.
- *
- * The message data retrieved from "in" are returned in the structure
- * "m_data".  The pointer to the application data
- * (m_data->app_data) refers back to the appropriate place in "in".
- *
- * See the file "mk_priv.c" for the format of the AUTH_MSG_PRIVATE
- * message.  The structure containing the extracted message
- * information, MSG_DAT, is defined in "krb.h".
- */
-
-int32_t
-krb_rd_priv(void *in, u_int32_t in_length, 
-	    struct des_ks_struct *schedule, des_cblock *key, 
-	    struct sockaddr_in *sender, struct sockaddr_in *receiver, 
-	    MSG_DAT *m_data)
-{
-    unsigned char *p = (unsigned char*)in;
-    int little_endian;
-    u_int32_t clen;
-    struct timeval tv;
-    u_int32_t src_addr;
-    int delta_t;
-
-    unsigned char pvno, type;
-
-    pvno = *p++;
-    if(pvno != KRB_PROT_VERSION)
-	return RD_AP_VERSION;
-    
-    type = *p++;
-    little_endian = type & 1;
-    type &= ~1;
-
-    p += krb_get_int(p, &clen, 4, little_endian);
-    
-    if(clen + 2 > in_length)
-	return RD_AP_MODIFIED;
-
-    des_pcbc_encrypt((des_cblock*)p, (des_cblock*)p, clen, 
-		     schedule, key, DES_DECRYPT);
-    
-    p += krb_get_int(p, &m_data->app_length, 4, little_endian);
-    if(m_data->app_length + 17 > in_length)
-	return RD_AP_MODIFIED;
-
-    m_data->app_data = p;
-    p += m_data->app_length;
-    
-    m_data->time_5ms = *p++;
-
-    p += krb_get_address(p, &src_addr);
-
-    if (!krb_equiv(src_addr, sender->sin_addr.s_addr))
-	return RD_AP_BADD;
-
-    p += krb_get_int(p, (u_int32_t *)&m_data->time_sec, 4, little_endian);
-
-    m_data->time_sec = lsb_time(m_data->time_sec, sender, receiver);
-    
-    gettimeofday(&tv, NULL);
-
-    /* check the time integrity of the msg */
-    delta_t = abs((int)((long) tv.tv_sec - m_data->time_sec));
-    if (delta_t > CLOCK_SKEW)
-	return RD_AP_TIME;
-    if (krb_debug)
-      krb_warning("\ndelta_t = %d", (int) delta_t);
-
-    /*
-     * caller must check timestamps for proper order and
-     * replays, since server might have multiple clients
-     * each with its own timestamps and we don't assume
-     * tightly synchronized clocks.
-     */
-
-    return KSUCCESS;
-}
diff --git a/crypto/kerberosIV/lib/krb/rd_req.c b/crypto/kerberosIV/lib/krb/rd_req.c
deleted file mode 100644
index 1a3e848137b0..000000000000
--- a/crypto/kerberosIV/lib/krb/rd_req.c
+++ /dev/null
@@ -1,324 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: rd_req.c,v 1.24 1997/05/11 11:05:28 assar Exp $");
-
-static struct timeval t_local = { 0, 0 };
-
-/*
- * Keep the following information around for subsequent calls
- * to this routine by the same server using the same key.
- */
-
-static des_key_schedule serv_key;	/* Key sched to decrypt ticket */
-static des_cblock ky;              /* Initialization vector */
-static int st_kvno;		/* version number for this key */
-static char st_rlm[REALM_SZ];	/* server's realm */
-static char st_nam[ANAME_SZ];	/* service name */
-static char st_inst[INST_SZ];	/* server's instance */
-
-/*
- * This file contains two functions.  krb_set_key() takes a DES
- * key or password string and returns a DES key (either the original
- * key, or the password converted into a DES key) and a key schedule
- * for it.
- *
- * krb_rd_req() reads an authentication request and returns information
- * about the identity of the requestor, or an indication that the
- * identity information was not authentic.
- */
-
-/*
- * krb_set_key() takes as its first argument either a DES key or a
- * password string.  The "cvt" argument indicates how the first
- * argument "key" is to be interpreted: if "cvt" is null, "key" is
- * taken to be a DES key; if "cvt" is non-null, "key" is taken to
- * be a password string, and is converted into a DES key using
- * string_to_key().  In either case, the resulting key is returned
- * in the external static variable "ky".  A key schedule is
- * generated for "ky" and returned in the external static variable
- * "serv_key".
- *
- * This routine returns the return value of des_key_sched.
- *
- * krb_set_key() needs to be in the same .o file as krb_rd_req() so that
- * the key set by krb_set_key() is available in private storage for
- * krb_rd_req().
- */
-
-int
-krb_set_key(void *key, int cvt)
-{
-#ifdef NOENCRYPTION
-    memset(ky, 0, sizeof(ky));
-    return KSUCCESS;
-#else /* Encrypt */
-    if (cvt)
-        des_string_to_key((char*)key, &ky);
-    else
-        memcpy((char*)ky, key, 8);
-    return(des_key_sched(&ky, serv_key));
-#endif /* NOENCRYPTION */
-}
-
-
-/*
- * krb_rd_req() takes an AUTH_MSG_APPL_REQUEST or
- * AUTH_MSG_APPL_REQUEST_MUTUAL message created by krb_mk_req(),
- * checks its integrity and returns a judgement as to the requestor's
- * identity.
- *
- * The "authent" argument is a pointer to the received message.
- * The "service" and "instance" arguments name the receiving server,
- * and are used to get the service's ticket to decrypt the ticket
- * in the message, and to compare against the server name inside the
- * ticket.  "from_addr" is the network address of the host from which
- * the message was received; this is checked against the network
- * address in the ticket.  If "from_addr" is zero, the check is not
- * performed.  "ad" is an AUTH_DAT structure which is
- * filled in with information about the sender's identity according
- * to the authenticator and ticket sent in the message.  Finally,
- * "fn" contains the name of the file containing the server's key.
- * (If "fn" is NULL, the server's key is assumed to have been set
- * by krb_set_key().  If "fn" is the null string ("") the default
- * file KEYFILE, defined in "krb.h", is used.)
- *
- * krb_rd_req() returns RD_AP_OK if the authentication information
- * was genuine, or one of the following error codes (defined in
- * "krb.h"):
- *
- *	RD_AP_VERSION		- wrong protocol version number
- *	RD_AP_MSG_TYPE		- wrong message type
- *	RD_AP_UNDEC		- couldn't decipher the message
- *	RD_AP_INCON		- inconsistencies found
- *	RD_AP_BADD		- wrong network address
- *	RD_AP_TIME		- client time (in authenticator)
- *				  too far off server time
- *	RD_AP_NYV		- Kerberos time (in ticket) too
- *				  far off server time
- *	RD_AP_EXP		- ticket expired
- *
- * For the message format, see krb_mk_req().
- *
- * Mutual authentication is not implemented.
- */
-
-int
-krb_rd_req(KTEXT authent,	/* The received message */
-	   char *service,	/* Service name */
-	   char *instance,	/* Service instance */
-	   int32_t from_addr,	/* Net address of originating host */
-	   AUTH_DAT *ad,	/* Structure to be filled in */
-	   char *fn)		/* Filename to get keys from */
-{
-    static KTEXT_ST ticket;     /* Temp storage for ticket */
-    static KTEXT tkt = &ticket;
-    static KTEXT_ST req_id_st;  /* Temp storage for authenticator */
-    KTEXT req_id = &req_id_st;
-
-    char realm[REALM_SZ];	/* Realm of issuing kerberos */
-
-    unsigned char skey[KKEY_SZ]; /* Session key from ticket */
-    char sname[SNAME_SZ];	/* Service name from ticket */
-    char iname[INST_SZ];	/* Instance name from ticket */
-    char r_aname[ANAME_SZ];	/* Client name from authenticator */
-    char r_inst[INST_SZ];	/* Client instance from authenticator */
-    char r_realm[REALM_SZ];	/* Client realm from authenticator */
-    u_int32_t r_time_sec;	/* Coarse time from authenticator */
-    unsigned long delta_t;      /* Time in authenticator - local time */
-    long tkt_age;		/* Age of ticket */
-    static unsigned char s_kvno;/* Version number of the server's key
-				 * Kerberos used to encrypt ticket */
-
-    struct timeval tv;
-    int status;
-
-    int pvno;
-    int type;
-    int little_endian;
-
-    unsigned char *p;
-
-    if (authent->length <= 0)
-	return(RD_AP_MODIFIED);
-
-    p = authent->dat;
-
-    /* get msg version, type and byte order, and server key version */
-
-    pvno = *p++;
-
-    if(pvno != KRB_PROT_VERSION)
-	return RD_AP_VERSION;
-    
-    type = *p++;
-    
-    little_endian = type & 1;
-    type &= ~1;
-    
-    if(type != AUTH_MSG_APPL_REQUEST && type != AUTH_MSG_APPL_REQUEST_MUTUAL)
-	return RD_AP_MSG_TYPE;
-
-    s_kvno = *p++;
-
-    p += krb_get_string(p, realm);
-
-    /*
-     * If "fn" is NULL, key info should already be set; don't
-     * bother with ticket file.  Otherwise, check to see if we
-     * already have key info for the given server and key version
-     * (saved in the static st_* variables).  If not, go get it
-     * from the ticket file.  If "fn" is the null string, use the
-     * default ticket file.
-     */
-    if (fn && (strcmp(st_nam,service) || strcmp(st_inst,instance) ||
-               strcmp(st_rlm,realm) || (st_kvno != s_kvno))) {
-        if (*fn == 0) fn = KEYFILE;
-        st_kvno = s_kvno;
-        if (read_service_key(service, instance, realm, s_kvno,
-			     fn, (char *)skey))
-            return(RD_AP_UNDEC);
-        if ((status = krb_set_key((char*)skey, 0)))
-	    return(status);
-        strcpy(st_rlm, realm);
-        strcpy(st_nam, service);
-        strcpy(st_inst, instance);
-    }
-
-    tkt->length = *p++;
-
-    req_id->length = *p++;
-
-    if(tkt->length + (p - authent->dat) > authent->length)
-	return RD_AP_MODIFIED;
-
-    memcpy(tkt->dat, p, tkt->length);
-    p += tkt->length;
-
-    if (krb_ap_req_debug)
-        krb_log("ticket->length: %d",tkt->length);
-
-    /* Decrypt and take apart ticket */
-    if (decomp_ticket(tkt, &ad->k_flags, ad->pname, ad->pinst, ad->prealm,
-                      &ad->address, ad->session, &ad->life,
-                      &ad->time_sec, sname, iname, &ky, serv_key))
-        return RD_AP_UNDEC;
-    
-    if (krb_ap_req_debug) {
-        krb_log("Ticket Contents.");
-        krb_log(" Aname:   %s.%s",ad->pname, ad->prealm);
-        krb_log(" Service: %s", krb_unparse_name_long(sname, iname, NULL));
-    }
-
-    /* Extract the authenticator */
-    
-    if(req_id->length + (p - authent->dat) > authent->length)
-	return RD_AP_MODIFIED;
-
-    memcpy(req_id->dat, p, req_id->length);
-    p = req_id->dat;
-    
-#ifndef NOENCRYPTION
-    /* And decrypt it with the session key from the ticket */
-    if (krb_ap_req_debug) krb_log("About to decrypt authenticator");
-
-    encrypt_ktext(req_id, &ad->session, DES_DECRYPT);
-
-    if (krb_ap_req_debug) krb_log("Done.");
-#endif /* NOENCRYPTION */
-
-    /* cast req_id->length to int? */
-#define check_ptr() if ((ptr - (char *) req_id->dat) > req_id->length) return(RD_AP_MODIFIED);
-
-    p += krb_get_nir(p, r_aname, r_inst, r_realm); /* XXX no rangecheck */
-
-    p += krb_get_int(p, &ad->checksum, 4, little_endian);
-
-    p++; /* time_5ms is not used */
-
-    p += krb_get_int(p, &r_time_sec, 4, little_endian);
-
-    /* Check for authenticity of the request */
-    if (krb_ap_req_debug)
-        krb_log("Principal: %s.%s@%s / %s.%s@%s",ad->pname,ad->pinst, ad->prealm, 
-	      r_aname, r_inst, r_realm);
-    if (strcmp(ad->pname, r_aname) != 0 ||
-	strcmp(ad->pinst, r_inst) != 0 ||
-	strcmp(ad->prealm, r_realm) != 0)
-	return RD_AP_INCON;
-    
-    if (krb_ap_req_debug)
-        krb_log("Address: %x %x", ad->address, from_addr);
-
-    if (from_addr && (!krb_equiv(ad->address, from_addr)))
-        return RD_AP_BADD;
-
-    gettimeofday(&tv, NULL);
-    delta_t = abs((int)(tv.tv_sec - r_time_sec));
-    if (delta_t > CLOCK_SKEW) {
-        if (krb_ap_req_debug)
-            krb_log("Time out of range: %lu - %lu = %lu",
-		    (unsigned long)t_local.tv_sec,
-		    (unsigned long)r_time_sec,
-		    (unsigned long)delta_t);
-        return RD_AP_TIME;
-    }
-
-    /* Now check for expiration of ticket */
-
-    tkt_age = tv.tv_sec - ad->time_sec;
-    if (krb_ap_req_debug)
-        krb_log("Time: %ld Issue Date: %lu Diff: %ld Life %x",
-		(long)tv.tv_sec,
-		(unsigned long)ad->time_sec,
-		tkt_age,
-		ad->life);
-    
-    if ((tkt_age < 0) && (-tkt_age > CLOCK_SKEW))
-	return RD_AP_NYV;
-
-    if (tv.tv_sec > krb_life_to_time(ad->time_sec, ad->life))
-        return RD_AP_EXP;
-
-    /* All seems OK */
-    ad->reply.length = 0;
-
-    return(RD_AP_OK);
-}
diff --git a/crypto/kerberosIV/lib/krb/rd_safe.c b/crypto/kerberosIV/lib/krb/rd_safe.c
deleted file mode 100644
index 8471df02648c..000000000000
--- a/crypto/kerberosIV/lib/krb/rd_safe.c
+++ /dev/null
@@ -1,178 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: rd_safe.c,v 1.24 1997/04/19 23:18:20 joda Exp $");
-
-/* application include files */
-#include "lsb_addr_comp.h"
-
-/* Generate two checksums in the given byteorder of the data, one
- * new-form and one old-form. It has to be done this way to be
- * compatible with the old version of des_quad_cksum.
- */
-
-/* des_quad_chsum-type; 0 == unknown, 1 == new PL10++, 2 == old */
-int dqc_type = DES_QUAD_DEFAULT;
-
-void
-fixup_quad_cksum(void *start, size_t len, des_cblock *key, 
-		 void *new_checksum, void *old_checksum, int little)
-{
-    des_quad_cksum((des_cblock*)start, (des_cblock*)new_checksum, len, 2, key);
-    if(HOST_BYTE_ORDER){
-	if(little){
-	    memcpy(old_checksum, new_checksum, 16);
-	}else{
-	    u_int32_t *tmp = (u_int32_t*)new_checksum;
-	    memcpy(old_checksum, new_checksum, 16);
-	    swap_u_16(old_checksum);
-	    swap_u_long(tmp[0]);
-	    swap_u_long(tmp[1]);
-	    swap_u_long(tmp[2]);
-	    swap_u_long(tmp[3]);
-	}
-    }else{
-	if(little){
-	    u_int32_t *tmp = (u_int32_t*)new_checksum;
-	    swap_u_long(tmp[0]);
-	    swap_u_long(tmp[1]);
-	    swap_u_long(tmp[2]);
-	    swap_u_long(tmp[3]);
-	    memcpy(old_checksum, new_checksum, 16);
-	}else{
-	    u_int32_t tmp[4];
-	    tmp[0] = ((u_int32_t*)new_checksum)[3];
-	    tmp[1] = ((u_int32_t*)new_checksum)[2];
-	    tmp[2] = ((u_int32_t*)new_checksum)[1];
-	    tmp[3] = ((u_int32_t*)new_checksum)[0];
-	    memcpy(old_checksum, tmp, 16);
-	}
-    }
-}
-
-/*
- * krb_rd_safe() checks the integrity of an AUTH_MSG_SAFE message.
- * Given the message received, "in", the length of that message,
- * "in_length", the "key" to compute the checksum with, and the
- * network addresses of the "sender" and "receiver" of the message,
- * krb_rd_safe() returns RD_AP_OK if message is okay, otherwise
- * some error code.
- *
- * The message data retrieved from "in" is returned in the structure
- * "m_data".  The pointer to the application data (m_data->app_data)
- * refers back to the appropriate place in "in".
- *
- * See the file "mk_safe.c" for the format of the AUTH_MSG_SAFE
- * message.  The structure containing the extracted message
- * information, MSG_DAT, is defined in "krb.h".
- */
-
-int32_t
-krb_rd_safe(void *in, u_int32_t in_length, des_cblock *key, 
-	    struct sockaddr_in *sender, struct sockaddr_in *receiver, 
-	    MSG_DAT *m_data)
-{
-    unsigned char *p = (unsigned char*)in, *start;
-
-    unsigned char pvno, type;
-    int little_endian;
-    struct timeval tv;
-    u_int32_t src_addr;
-    int delta_t;
-    
-
-    pvno = *p++;
-    if(pvno != KRB_PROT_VERSION)
-	return RD_AP_VERSION;
-    
-    type = *p++;
-    little_endian = type & 1;
-    type &= ~1;
-    if(type != AUTH_MSG_SAFE)
-	return RD_AP_MSG_TYPE;
-
-    start = p;
-    
-    p += krb_get_int(p, &m_data->app_length, 4, little_endian);
-    
-    if(m_data->app_length + 31 > in_length)
-	return RD_AP_MODIFIED;
-    
-    m_data->app_data = p;
-
-    p += m_data->app_length;
-
-    m_data->time_5ms = *p++;
-
-    p += krb_get_address(p, &src_addr);
-
-    if (!krb_equiv(src_addr, sender->sin_addr.s_addr))
-        return RD_AP_BADD;
-
-    p += krb_get_int(p, (u_int32_t *)&m_data->time_sec, 4, little_endian);
-    m_data->time_sec = lsb_time(m_data->time_sec, sender, receiver);
-    
-    gettimeofday(&tv, NULL);
-
-    delta_t = abs((int)((long) tv.tv_sec - m_data->time_sec));
-    if (delta_t > CLOCK_SKEW) return RD_AP_TIME;
-
-    /*
-     * caller must check timestamps for proper order and replays, since
-     * server might have multiple clients each with its own timestamps
-     * and we don't assume tightly synchronized clocks.
-     */
-
-    {
-	unsigned char new_checksum[16];
-	unsigned char old_checksum[16];
-	fixup_quad_cksum(start, p - start, key, 
-			 new_checksum, old_checksum, little_endian);
-	if((dqc_type == DES_QUAD_GUESS || dqc_type == DES_QUAD_NEW) && 
-	   memcmp(new_checksum, p, 16) == 0)
-	    dqc_type = DES_QUAD_NEW;
-	else if((dqc_type == DES_QUAD_GUESS || dqc_type == DES_QUAD_OLD) && 
-		memcmp(old_checksum, p, 16) == 0)
-	    dqc_type = DES_QUAD_OLD;
-	else
-	    return RD_AP_MODIFIED;
-    }
-    return KSUCCESS;
-}
diff --git a/crypto/kerberosIV/lib/krb/read_service_key.c b/crypto/kerberosIV/lib/krb/read_service_key.c
deleted file mode 100644
index 6de5db273539..000000000000
--- a/crypto/kerberosIV/lib/krb/read_service_key.c
+++ /dev/null
@@ -1,116 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-#include "krb_locl.h"
-
-RCSID("$Id: read_service_key.c,v 1.8 1997/03/23 03:53:16 joda Exp $");
-
-/*
- * The private keys for servers on a given host are stored in a
- * "srvtab" file (typically "/etc/srvtab").  This routine extracts
- * a given server's key from the file.
- *
- * read_service_key() takes the server's name ("service"), "instance",
- * and "realm" and a key version number "kvno", and looks in the given
- * "file" for the corresponding entry, and if found, returns the entry's
- * key field in "key".
- * 
- * If "instance" contains the string "*", then it will match
- * any instance, and the chosen instance will be copied to that
- * string.  For this reason it is important that the there is enough
- * space beyond the "*" to receive the entry.
- *
- * If "kvno" is 0, it is treated as a wild card and the first
- * matching entry regardless of the "vno" field is returned.
- *
- * This routine returns KSUCCESS on success, otherwise KFAILURE.
- *
- * The format of each "srvtab" entry is as follows:
- *
- * Size			Variable		Field in file
- * ----			--------		-------------
- * string		serv			server name
- * string		inst			server instance
- * string		realm			server realm
- * 1 byte		vno			server key version #
- * 8 bytes		key			server's key
- * ...			...			...
- */
-
-
-int
-read_service_key(char *service,	/* Service Name */
-		 char *instance, /* Instance name or "*" */
-		 char *realm,	/* Realm */
-		 int kvno,	/* Key version number */
-		 char *file,	/* Filename */
-		 char *key)	/* Pointer to key to be filled in */
-{
-    char serv[SNAME_SZ];
-    char inst[INST_SZ];
-    char rlm[REALM_SZ];
-    unsigned char vno;          /* Key version number */
-    int wcard;
-
-    int stab;
-
-    if ((stab = open(file, O_RDONLY, 0)) < 0)
-        return(KFAILURE);
-
-    wcard = (instance[0] == '*') && (instance[1] == '\0');
-
-    while (getst(stab,serv,SNAME_SZ) > 0) { /* Read sname */
-        getst(stab,inst,INST_SZ); /* Instance */
-        getst(stab,rlm,REALM_SZ); /* Realm */
-        /* Vers number */
-        if (read(stab, &vno, 1) != 1) {
-	    close(stab);
-            return(KFAILURE);
-	}
-        /* Key */
-        if (read(stab,key,8) != 8) {
-	    close(stab);
-            return(KFAILURE);
-	}
-        /* Is this the right service */
-        if (strcmp(serv,service))
-            continue;
-        /* How about instance */
-        if (!wcard && strcmp(inst,instance))
-            continue;
-        if (wcard)
-            strncpy(instance,inst,INST_SZ);
-        /* Is this the right realm */
-        if (strcmp(rlm,realm)) 
-	    continue;
-
-        /* How about the key version number */
-        if (kvno && kvno != (int) vno)
-            continue;
-
-        close(stab);
-        return(KSUCCESS);
-    }
-
-    /* Can't find the requested service */
-    close(stab);
-    return(KFAILURE);
-}
diff --git a/crypto/kerberosIV/lib/krb/realm_parse.c b/crypto/kerberosIV/lib/krb/realm_parse.c
deleted file mode 100644
index 2ce852a340d4..000000000000
--- a/crypto/kerberosIV/lib/krb/realm_parse.c
+++ /dev/null
@@ -1,88 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: realm_parse.c,v 1.10 1997/06/01 03:14:50 assar Exp $");
-
-static int
-realm_parse(char *realm, int length, const char *file)
-{
-    FILE *F;
-    char tr[128];
-    char *p;
-    
-    if ((F = fopen(file,"r")) == NULL)
-	return -1;
-    
-    while(fgets(tr, sizeof(tr), F)){
-	char *unused = NULL;
-	p = strtok_r(tr, " \t\n\r", &unused);
-	if(p && strcasecmp(p, realm) == 0){
-	    fclose(F);
-	    strncpy(realm, p, length);
-	    return 0;
-	}
-    }
-    fclose(F);
-    return -1;
-}
-
-static const char *const files[] = KRB_CNF_FILES;
-
-int
-krb_realm_parse(char *realm, int length)
-{
-    int i;
-  
-    const char *dir = getenv("KRBCONFDIR");
-
-    /* First try user specified file */
-    if (dir != 0) {
-      char fname[MaxPathLen];
-
-      if(k_concat(fname, sizeof(fname), dir, "/krb.conf", NULL) == 0)
-	  if (realm_parse(realm, length, fname) == 0)
-	      return 0;
-    }
-
-    for (i = 0; files[i] != NULL; i++)
-	if (realm_parse(realm, length, files[i]) == 0)
-	    return 0;
-    return -1;
-}
diff --git a/crypto/kerberosIV/lib/krb/recvauth.c b/crypto/kerberosIV/lib/krb/recvauth.c
deleted file mode 100644
index 6c968974c4c1..000000000000
--- a/crypto/kerberosIV/lib/krb/recvauth.c
+++ /dev/null
@@ -1,190 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-#include "krb_locl.h"
-
-RCSID("$Id: recvauth.c,v 1.17 1997/03/23 03:53:16 joda Exp $");
-
-/*
- * krb_recvauth() reads (and optionally responds to) a message sent
- * using krb_sendauth().  The "options" argument is a bit-field of
- * selected options (see "sendauth.c" for options description).
- * The only option relevant to krb_recvauth() is KOPT_DO_MUTUAL
- * (mutual authentication requested).  The "fd" argument supplies
- * a file descriptor to read from (and write to, if mutual authenti-
- * cation is requested).
- *
- * Part of the received message will be a Kerberos ticket sent by the
- * client; this is read into the "ticket" argument.  The "service" and
- * "instance" arguments supply the server's Kerberos name.  If the
- * "instance" argument is the string "*", it is treated as a wild card
- * and filled in during the krb_rd_req() call (see read_service_key()).
- *
- * The "faddr" and "laddr" give the sending (client) and receiving
- * (local server) network addresses.  ("laddr" may be left NULL unless
- * mutual authentication is requested, in which case it must be set.)
- *
- * The authentication information extracted from the message is returned
- * in "kdata".  The "filename" argument indicates the file where the
- * server's key can be found.  (It is passed on to krb_rd_req().)  If
- * left null, the default "/etc/srvtab" will be used.
- *
- * If mutual authentication is requested, the session key schedule must
- * be computed in order to reply; this schedule is returned in the
- * "schedule" argument.  A string containing the application version
- * number from the received message is returned in "version", which
- * should be large enough to hold a KRB_SENDAUTH_VLEN-character string.
- *
- * See krb_sendauth() for the format of the received client message.
- *
- * krb_recvauth() first reads the protocol version string from the
- * given file descriptor.  If it doesn't match the current protocol
- * version (KRB_SENDAUTH_VERS), the old-style format is assumed.  In
- * that case, the string of characters up to the first space is read
- * and interpreted as the ticket length, then the ticket is read.
- *
- * If the first string did match KRB_SENDAUTH_VERS, krb_recvauth()
- * next reads the application protocol version string.  Then the
- * ticket length and ticket itself are read.
- *
- * The ticket is decrypted and checked by the call to krb_rd_req().
- * If no mutual authentication is required, the result of the
- * krb_rd_req() call is retured by this routine.  If mutual authenti-
- * cation is required, a message in the following format is returned
- * on "fd":
- *
- * Size			Variable		Field
- * ----			--------		-----
- *
- * 4 bytes		tkt_len			length of ticket or -1
- *						if error occurred
- *
- * priv_len		tmp_buf			"private" message created
- *						by krb_mk_priv() which
- *						contains the incremented
- *						checksum sent by the client
- *						encrypted in the session
- *						key.  (This field is not
- *						present in case of error.)
- *
- * If all goes well, KSUCCESS is returned; otherwise KFAILURE or some
- * other error code is returned.
- */
-
-static int
-send_error_reply(int fd)
-{
-    unsigned char tmp[4] = { 255, 255, 255, 255 };
-    if(krb_net_write(fd, tmp, sizeof(tmp)) != sizeof(tmp))
-	return -1;
-    return 0;
-}
-
-int
-krb_recvauth(int32_t options,	/* bit-pattern of options */
-	     int fd,		/* file descr. to read from */
-	     KTEXT ticket,	/* storage for client's ticket */
-	     char *service,	/* service expected */
-	     char *instance,	/* inst expected (may be filled in) */
-	     struct sockaddr_in *faddr,	/* address of foreign host on fd */
-	     struct sockaddr_in *laddr,	/* local address */
-	     AUTH_DAT *kdata,	/* kerberos data (returned) */
-	     char *filename,	/* name of file with service keys */
-	     struct des_ks_struct *schedule, /* key schedule (return) */
-	     char *version)	/* version string (filled in) */
-{
-    int cc;
-    char krb_vers[KRB_SENDAUTH_VLEN + 1]; /* + 1 for the null terminator */
-    int rem;
-    int32_t priv_len;
-    u_char tmp_buf[MAX_KTXT_LEN+max(KRB_SENDAUTH_VLEN+1,21)];
-
-    /* read the protocol version number */
-    if (krb_net_read(fd, krb_vers, KRB_SENDAUTH_VLEN) != KRB_SENDAUTH_VLEN)
-	return(errno);
-    krb_vers[KRB_SENDAUTH_VLEN] = '\0';
-
-    /* read the application version string */
-    if (krb_net_read(fd, version, KRB_SENDAUTH_VLEN) != KRB_SENDAUTH_VLEN)
-	return(errno);
-    version[KRB_SENDAUTH_VLEN] = '\0';
-
-    /* get the length of the ticket */
-    {
-	char tmp[4];
-	if (krb_net_read(fd, tmp, 4) != 4)
-	    return -1;
-	krb_get_int(tmp, &ticket->length, 4, 0);
-    }
-    
-    /* sanity check */
-    if (ticket->length <= 0 || ticket->length > MAX_KTXT_LEN) {
-	if (options & KOPT_DO_MUTUAL) {
-	    if(send_error_reply(fd))
-		return -1;
-	    return KFAILURE;
-	} else
-	    return KFAILURE; /* XXX there may still be junk on the fd? */
-    }
-
-    /* read the ticket */
-    if (krb_net_read(fd, ticket->dat, ticket->length) != ticket->length)
-	return -1;
-    /*
-     * now have the ticket.  decrypt it to get the authenticated
-     * data.
-     */
-    rem = krb_rd_req(ticket, service, instance, faddr->sin_addr.s_addr,
-		     kdata, filename);
-
-    /* if we are doing mutual auth, compose a response */
-    if (options & KOPT_DO_MUTUAL) {
-	if (rem != KSUCCESS){
-	    /* the krb_rd_req failed */
-	    if(send_error_reply(fd))
-		return -1;
-	    return rem;
-	}
-	
-	/* add one to the (formerly) sealed checksum, and re-seal it
-	   for return to the client */
-	{ 
-	    unsigned char cs[4];
-	    krb_put_int(kdata->checksum + 1, cs, 4);
-#ifndef NOENCRYPTION
-	    des_key_sched(&kdata->session,schedule);
-#endif
-	    priv_len = krb_mk_priv(cs, 
-				   tmp_buf+4, 
-				   4,
-				   schedule,
-				   &kdata->session,
-				   laddr,
-				   faddr);
-	}
-	/* mk_priv will never fail */
-	priv_len += krb_put_int(priv_len, tmp_buf, 4);
-	
-	if((cc = krb_net_write(fd, tmp_buf, priv_len)) != priv_len)
-	    return -1;
-    }
-    return rem;
-}
diff --git a/crypto/kerberosIV/lib/krb/resolve.c b/crypto/kerberosIV/lib/krb/resolve.c
deleted file mode 100644
index 7777c0e854b2..000000000000
--- a/crypto/kerberosIV/lib/krb/resolve.c
+++ /dev/null
@@ -1,288 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-#include "resolve.h"
-
-RCSID("$Id: resolve.c,v 1.11 1997/06/01 04:19:20 assar Exp $");
-
-#if defined(HAVE_RES_SEARCH) && defined(HAVE_DN_EXPAND)
-
-#define DECL(X) {#X, T_##X}
-
-static struct stot{
-    char *name;
-    int type;
-}stot[] = {
-    DECL(A),
-    DECL(NS),
-    DECL(CNAME),
-    DECL(PTR),
-    DECL(MX),
-    DECL(TXT),
-    DECL(AFSDB),
-    DECL(SRV),
-    {NULL, 	0}
-};
-
-static int
-string_to_type(const char *name)
-{
-    struct stot *p = stot;
-    for(p = stot; p->name; p++)
-	if(strcasecmp(name, p->name) == 0)
-	    return p->type;
-    return -1;
-}
-
-#if 0
-static char *
-type_to_string(int type)
-{
-    struct stot *p = stot;
-    for(p = stot; p->name; p++)
-	if(type == p->type)
-	    return p->name;
-    return NULL;
-}
-#endif
-
-void
-dns_free_data(struct dns_reply *r)
-{
-    struct resource_record *rr;
-    if(r->q.domain)
-	free(r->q.domain);
-    for(rr = r->head; rr;){
-	struct resource_record *tmp = rr;
-	if(rr->domain)
-	    free(rr->domain);
-	if(rr->u.data)
-	    free(rr->u.data);
-	rr = rr->next;
-	free(tmp);
-    }
-    free (r);
-}
-
-static struct dns_reply*
-parse_reply(unsigned char *data, int len)
-{
-    unsigned char *p;
-    char host[128];
-    int status;
-    
-    struct dns_reply *r;
-    struct resource_record **rr;
-    
-    r = (struct dns_reply*)malloc(sizeof(struct dns_reply));
-    memset(r, 0, sizeof(struct dns_reply));
-
-    p = data;
-    memcpy(&r->h, p, sizeof(HEADER));
-    p += sizeof(HEADER);
-    status = dn_expand(data, data + len, p, host, sizeof(host));
-    if(status < 0){
-	dns_free_data(r);
-	return NULL;
-    }
-    r->q.domain = strdup(host);
-    p += status;
-    r->q.type = (p[0] << 8 | p[1]);
-    p += 2;
-    r->q.class = (p[0] << 8 | p[1]);
-    p += 2;
-    rr = &r->head;
-    while(p < data + len){
-	int type, class, ttl, size;
-	status = dn_expand(data, data + len, p, host, sizeof(host));
-	if(status < 0){
-	    dns_free_data(r);
-	    return NULL;
-	}
-	p += status;
-	type = (p[0] << 8) | p[1];
-	p += 2;
-	class = (p[0] << 8) | p[1];
-	p += 2;
-	ttl = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3];
-	p += 4;
-	size = (p[0] << 8) | p[1];
-	p += 2;
-	*rr = (struct resource_record*)calloc(1, 
-					      sizeof(struct resource_record));
-	(*rr)->domain = strdup(host);
-	(*rr)->type = type;
-	(*rr)->class = class;
-	(*rr)->ttl = ttl;
-	(*rr)->size = size;
-	switch(type){
-	case T_NS:
-	case T_CNAME:
-	case T_PTR:
-	    status = dn_expand(data, data + len, p, host, sizeof(host));
-	    if(status < 0){
-		dns_free_data(r);
-		return NULL;
-	    }
-	    (*rr)->u.txt = strdup(host);
-	    break;
-	case T_MX:
-	case T_AFSDB:{
-	    status = dn_expand(data, data + len, p + 2, host, sizeof(host));
-	    if(status < 0){
-		dns_free_data(r);
-		return NULL;
-	    }
-	    (*rr)->u.mx = (struct mx_record*)malloc(sizeof(struct mx_record) + 
-						    strlen(host));
-	    (*rr)->u.mx->preference = (p[0] << 8) | p[1];
-	    strcpy((*rr)->u.mx->domain, host);
-	    break;
-	}
-	case T_SRV:{
-	    status = dn_expand(data, data + len, p + 6, host, sizeof(host));
-	    if(status < 0){
-		dns_free_data(r);
-		return NULL;
-	    }
-	    (*rr)->u.srv = 
-		(struct srv_record*)malloc(sizeof(struct srv_record) + 
-					   strlen(host));
-	    (*rr)->u.srv->priority = (p[0] << 8) | p[1];
-	    (*rr)->u.srv->weight = (p[2] << 8) | p[3];
-	    (*rr)->u.srv->port = (p[4] << 8) | p[5];
-	    strcpy((*rr)->u.srv->target, host);
-	    break;
-	}
-	case T_TXT:{
-	    (*rr)->u.txt = (char*)malloc(size + 1);
-	    strncpy((*rr)->u.txt, (char*)p + 1, *p);
-	    (*rr)->u.txt[*p] = 0;
-	    break;
-	}
-	    
-	default:
-	    (*rr)->u.data = (unsigned char*)malloc(size);
-	    memcpy((*rr)->u.data, p, size);
-	}
-	p += size;
-	rr = &(*rr)->next;
-    }
-    *rr = NULL;
-    return r;
-}
-
-
-
-struct dns_reply *
-dns_lookup(const char *domain, const char *type_name)
-{
-    unsigned char reply[1024];
-    int len;
-    int type;
-    struct dns_reply *r = NULL;
-    
-    type = string_to_type(type_name);
-    len = res_search(domain, C_IN, type, reply, sizeof(reply));
-    if(len >= 0)
-	r = parse_reply(reply, len);
-    return r;
-}
-
-#else /* defined(HAVE_RES_SEARCH) && defined(HAVE_DN_EXPAND) */
-
-struct dns_reply *
-dns_lookup(const char *domain, const char *type_name)
-{
-    return NULL;
-}
-
-void
-dns_free_data(struct dns_reply *r)
-{
-}
-
-#endif
-
-#ifdef TEST
-
-int 
-main(int argc, char **argv)
-{
-    struct dns_reply *r;
-    struct resource_record *rr;
-    r = dns_lookup(argv[1], argv[2]);
-    if(r == NULL){
-	printf("No reply.\n");
-	return 1;
-    }
-    for(rr = r->head; rr;rr=rr->next){
-	printf("%s %s %d ", rr->domain, type_to_string(rr->type), rr->ttl);
-	switch(rr->type){
-	case T_NS:
-	    printf("%s\n", (char*)rr->data);
-	    break;
-	case T_A:
-	    printf("%d.%d.%d.%d\n", 
-		   ((unsigned char*)rr->data)[0],
-		   ((unsigned char*)rr->data)[1],
-		   ((unsigned char*)rr->data)[2],
-		   ((unsigned char*)rr->data)[3]);
-	    break;
-	case T_MX:
-	case T_AFSDB:{
-	    struct mx_record *mx = (struct mx_record*)rr->data;
-	    printf("%d %s\n", mx->preference, mx->domain);
-	    break;
-	}
-	case T_SRV:{
-	    struct srv_record *srv = (struct srv_record*)rr->data;
-	    printf("%d %d %d %s\n", srv->priority, srv->weight, 
-		   srv->port, srv->target);
-	    break;
-	}
-	default:
-	    printf("\n");
-	    break;
-	}
-    }
-    
-    return 0;
-}
-#endif
diff --git a/crypto/kerberosIV/lib/krb/resolve.h b/crypto/kerberosIV/lib/krb/resolve.h
deleted file mode 100644
index dac9993f91fa..000000000000
--- a/crypto/kerberosIV/lib/krb/resolve.h
+++ /dev/null
@@ -1,110 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* $Id: resolve.h,v 1.5 1997/05/14 17:41:25 joda Exp $ */
-
-/* THIS IS NOT (yet) A PUBLIC INTERFACE */
-
-
-#ifndef __RESOLVE_H__
-#define __RESOLVE_H__
-
-/* We use these, but they are not always present in <arpa/nameser.h> */
-
-#ifndef T_TXT
-#define T_TXT		16
-#endif
-#ifndef T_AFSDB
-#define T_AFSDB		18
-#endif
-#ifndef T_SRV
-#define T_SRV		 33
-#endif
-
-struct dns_query{
-    char *domain;
-    unsigned type;
-    unsigned class;
-};
-
-struct mx_record{
-    unsigned  preference;
-    char domain[1];
-};
-
-struct srv_record{
-    unsigned priority;
-    unsigned weight;
-    unsigned port;
-    char target[1];
-};
-
-struct resource_record{
-    char *domain;
-    unsigned type;
-    unsigned class;
-    unsigned ttl;
-    unsigned size;
-    union {
-	void *data;
-	struct mx_record *mx;
-	struct mx_record *afsdb; /* mx and afsdb are identical */
-	struct srv_record *srv;
-	struct in_addr *a;
-	char *txt;
-    }u;
-    struct resource_record *next;
-};
-
-
-#ifndef HAVE_ARPA_NAMESER_H /* XXX */
-typedef int HEADER; /* will never be used */
-#endif
-
-struct dns_reply{
-    HEADER h;
-    struct dns_query q;
-    struct resource_record *head;
-};
-
-
-struct dns_reply* dns_lookup(const char *, const char *);
-
-void dns_free_data(struct dns_reply *r);
-
-#endif /* __RESOLVE_H__ */
diff --git a/crypto/kerberosIV/lib/krb/rw.c b/crypto/kerberosIV/lib/krb/rw.c
deleted file mode 100644
index 4b136aa097be..000000000000
--- a/crypto/kerberosIV/lib/krb/rw.c
+++ /dev/null
@@ -1,128 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* Almost all programs use these routines (implicitly) so it's a good
- * place to put the version string. */
-
-#include "version.h"
-
-#include "krb_locl.h"
-
-RCSID("$Id: rw.c,v 1.8 1997/04/01 08:18:44 joda Exp $");
-
-int
-krb_get_int(void *f, u_int32_t *to, int size, int lsb)
-{
-    int i;
-    unsigned char *from = (unsigned char *)f;
-
-    *to = 0;
-    if(lsb){
-	for(i = size-1; i >= 0; i--)
-	    *to = (*to << 8) | from[i];
-    }else{
-	for(i = 0; i < size; i++)
-	    *to = (*to << 8) | from[i];
-    }
-    return size;
-}
-
-int
-krb_put_int(u_int32_t from, void *to, int size)
-{
-    int i;
-    unsigned char *p = (unsigned char *)to;
-    for(i = size - 1; i >= 0; i--){
-	p[i] = from & 0xff;
-	from >>= 8;
-    }
-    return size;
-}
-
-
-/* addresses are always sent in network byte order */
-
-int
-krb_get_address(void *from, u_int32_t *to)
-{
-    unsigned char *p = (unsigned char*)from;
-    *to = htonl((p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]);
-    return 4;
-}
-
-int
-krb_put_address(u_int32_t addr, void *to)
-{
-    return krb_put_int(ntohl(addr), to, 4);
-}
-
-int
-krb_put_string(char *from, void *to)
-{
-    strcpy((char *)to, from);
-    return strlen(from) + 1;
-}
-
-int
-krb_get_string(void *from, char *to)
-{
-    return krb_put_string(from, to);
-}
-
-int
-krb_get_nir(void *from, char *name, char *instance, char *realm)
-{
-    char *p = (char *)from;
-
-    p += krb_get_string(p, name);
-    p += krb_get_string(p, instance);
-    if(realm)
-	p += krb_get_string(p, realm);
-    return p - (char *)from;
-}
-
-int
-krb_put_nir(char *name, char *instance, char *realm, void *to)
-{
-    char *p = (char *)to;
-    p += krb_put_string(name, p);
-    p += krb_put_string(instance, p);
-    if(realm)
-	p += krb_put_string(realm, p);
-    return p - (char *)to;
-}
diff --git a/crypto/kerberosIV/lib/krb/save_credentials.c b/crypto/kerberosIV/lib/krb/save_credentials.c
deleted file mode 100644
index cfd6c07eeceb..000000000000
--- a/crypto/kerberosIV/lib/krb/save_credentials.c
+++ /dev/null
@@ -1,59 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-#include "krb_locl.h"
-
-RCSID("$Id: save_credentials.c,v 1.5 1997/03/23 03:53:17 joda Exp $");
-
-/*
- * This routine takes a ticket and associated info and calls
- * tf_save_cred() to store them in the ticket cache.  The peer
- * routine for extracting a ticket and associated info from the
- * ticket cache is krb_get_cred().  When changes are made to
- * this routine, the corresponding changes should be made
- * in krb_get_cred() as well.
- *
- * Returns KSUCCESS if all goes well, otherwise an error returned
- * by the tf_init() or tf_save_cred() routines.
- */
-
-int
-save_credentials(char *service,	/* Service name */
-		 char *instance, /* Instance */
-		 char *realm,	/* Auth domain */
-		 unsigned char *session, /* Session key */
-		 int lifetime,	/* Lifetime */
-		 int kvno,	/* Key version number */
-		 KTEXT ticket,	/* The ticket itself */
-		 int32_t issue_date) /* The issue time */
-{
-    int tf_status;   /* return values of the tf_util calls */
-
-    /* Open and lock the ticket file for writing */
-    if ((tf_status = tf_init(TKT_FILE, W_TKT_FIL)) != KSUCCESS)
-	return(tf_status);
-
-    /* Save credentials by appending to the ticket file */
-    tf_status = tf_save_cred(service, instance, realm, session,
-			     lifetime, kvno, ticket, issue_date);
-    tf_close();
-    return (tf_status);
-}
diff --git a/crypto/kerberosIV/lib/krb/send_to_kdc.c b/crypto/kerberosIV/lib/krb/send_to_kdc.c
deleted file mode 100644
index 828b34d15138..000000000000
--- a/crypto/kerberosIV/lib/krb/send_to_kdc.c
+++ /dev/null
@@ -1,251 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-#include "krb_locl.h"
-
-RCSID("$Id: send_to_kdc.c,v 1.39 1997/05/15 21:02:31 joda Exp $");
-
-struct host {
-  struct sockaddr_in addr;
-  int proto;
-};
-
-static const char *prog = "send_to_kdc";
-static send_recv(KTEXT pkt, KTEXT rpkt, int f,
-		 struct sockaddr_in *_to, struct host *addrs,
-		 int h_hosts);
-
-/*
- * This file contains two routines, send_to_kdc() and send_recv().
- * send_recv() is a static routine used by send_to_kdc().
- */
-
-/*
- * send_to_kdc() sends a message to the Kerberos authentication
- * server(s) in the given realm and returns the reply message.
- * The "pkt" argument points to the message to be sent to Kerberos;
- * the "rpkt" argument will be filled in with Kerberos' reply.
- * The "realm" argument indicates the realm of the Kerberos server(s)
- * to transact with.  If the realm is null, the local realm is used.
- *
- * If more than one Kerberos server is known for a given realm,
- * different servers will be queried until one of them replies.
- * Several attempts (retries) are made for each server before
- * giving up entirely.
- *
- * If an answer was received from a Kerberos host, KSUCCESS is
- * returned.  The following errors can be returned:
- *
- * SKDC_CANT    - can't get local realm
- *              - can't find "kerberos" in /etc/services database
- *              - can't open socket
- *              - can't bind socket
- *              - all ports in use
- *              - couldn't find any Kerberos host
- *
- * SKDC_RETRY   - couldn't get an answer from any Kerberos server,
- *		  after several retries
- */
-
-int
-send_to_kdc(KTEXT pkt, KTEXT rpkt, char *realm)
-{
-    int i;
-    int no_host; /* was a kerberos host found? */
-    int retry;
-    int n_hosts;
-    int retval;
-    struct hostent *host;
-    char lrealm[REALM_SZ];
-    struct krb_host *k_host;
-    struct host *hosts = malloc(sizeof(*hosts));
-
-    if (hosts == NULL)
-      return SKDC_CANT;
-
-    /*
-     * If "realm" is non-null, use that, otherwise get the
-     * local realm.
-     */
-    if (realm)
-	strcpy(lrealm, realm);
-    else
-	if (krb_get_lrealm(lrealm,1)) {
-	    if (krb_debug)
-		krb_warning("%s: can't get local realm\n", prog);
-	    return(SKDC_CANT);
-	}
-    if (krb_debug)
-      krb_warning("lrealm is %s\n", lrealm);
-
-    no_host = 1;
-    /* get an initial allocation */
-    n_hosts = 0;
-    for (i = 1; (k_host = krb_get_host(i, lrealm, 0)); ++i) {
-	char *p;
-
-        if (krb_debug)
-	  krb_warning("Getting host entry for %s...", k_host->host);
-        host = gethostbyname(k_host->host);
-        if (krb_debug) {
-	  krb_warning("%s.\n",
-		      host ? "Got it" : "Didn't get it");
-        }
-        if (!host)
-            continue;
-        no_host = 0;    /* found at least one */
-	while ((p = *(host->h_addr_list)++)) {
-	    hosts = realloc(hosts, sizeof(*hosts) * (n_hosts + 1));
-	    if (hosts == NULL)
-		return SKDC_CANT;
-	    memset (&hosts[n_hosts].addr, 0, sizeof(hosts[n_hosts].addr));
-	    hosts[n_hosts].addr.sin_family = host->h_addrtype;
-	    hosts[n_hosts].addr.sin_port = htons(k_host->port);
-	    hosts[n_hosts].proto = k_host->proto;
-	    memcpy(&hosts[n_hosts].addr.sin_addr, p,
-		   sizeof(hosts[n_hosts].addr.sin_addr));
-	    ++n_hosts;
-	    if (send_recv(pkt, rpkt, hosts[n_hosts-1].proto,
-			  &hosts[n_hosts-1].addr, hosts, n_hosts)) {
-		retval = KSUCCESS;
-		goto rtn;
-	    }
-	    if (krb_debug) {
-		krb_warning("Timeout, error, or wrong descriptor\n");
-	    }
-	}
-    }
-    if (no_host) {
-	if (krb_debug)
-	    krb_warning("%s: can't find any Kerberos host.\n",
-			prog);
-        retval = SKDC_CANT;
-        goto rtn;
-    }
-    /* retry each host in sequence */
-    for (retry = 0; retry < CLIENT_KRB_RETRY; ++retry) {
-	for (i = 0; i < n_hosts; ++i) {
-	    if (send_recv(pkt, rpkt,
-			  hosts[i].proto,
-			  &hosts[i].addr,
-			  hosts,
-			  n_hosts)) {
-		retval = KSUCCESS;
-		goto rtn;
-	    }
-        }
-    }
-    retval = SKDC_RETRY;
-rtn:
-    free(hosts);
-    return(retval);
-}
-
-/*
- * try to send out and receive message.
- * return 1 on success, 0 on failure
- */
-
-static int
-send_recv_it(KTEXT pkt, KTEXT rpkt, int stream, int f, 
-	     struct sockaddr_in *_to, struct host *addrs, int n_hosts)
-{
-    fd_set readfds;
-    int numsent;
-    
-    /* CLIENT_KRB_TIMEOUT indicates the time to wait before
-     * retrying a server.  It's defined in "krb.h".
-     */
-    struct timeval timeout;
-    timeout.tv_sec = CLIENT_KRB_TIMEOUT;
-    timeout.tv_usec = 0;
-
-    if (krb_debug) {
-        if (_to->sin_family == AF_INET)
-	    krb_warning("Sending message to %s...",
-			inet_ntoa(_to->sin_addr));
-        else
-	    krb_warning("Sending message...");
-    }
-    if(stream){
-	unsigned char tmp[4];
-	krb_put_int(pkt->length, tmp, 4);
-	if((numsent = send(f, tmp, 4, 0)) != 4){
-	    if (krb_debug)
-		krb_warning("sent only %d/%d\n", numsent, 4);
-	    return 0;
-	}
-    }
-    if ((numsent = send(f, pkt->dat, pkt->length, 0)) != pkt->length) {
-        if (krb_debug)
-            krb_warning("sent only %d/%d\n",numsent, pkt->length);
-        return 0;
-    }
-    if (krb_debug)
-	krb_warning("Sent\nWaiting for reply...");
-    FD_ZERO(&readfds);
-    FD_SET(f, &readfds);
-    /* select - either recv is ready, or timeout */
-    /* see if timeout or error or wrong descriptor */
-    if (select(f + 1, &readfds, 0, 0, &timeout) < 1
-        || !FD_ISSET(f, &readfds)) {
-        if (krb_debug)
-            krb_warning("select failed: errno = %d", errno);
-        return 0;
-    }
-    if(stream){
-	if(krb_net_read(f, rpkt->dat, sizeof(rpkt->dat)) <= 0)
-	    return 0;
-    }else{
-	if (recv (f, rpkt->dat, sizeof(rpkt->dat), 0) < 0) {
-	    if (krb_debug)
-		krb_warning("recvfrom: errno = %d\n", errno);
-	    return 0;
-	}
-    }
-    return 1;
-}
-
-static int
-send_recv(KTEXT pkt, KTEXT rpkt, int proto, struct sockaddr_in *_to,
-	  struct host *addrs, int n_hosts)
-{
-    int f;
-    int ret = 0;
-    if(proto == IPPROTO_UDP)
-	f = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
-    else if(proto == IPPROTO_TCP)
-	f = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
-    else{
-	krb_warning("Unknown protocol `%d'.\n", proto);
-	return 0;
-    }
-    
-    if(connect(f, (struct sockaddr*)_to, sizeof(*_to)) < 0)
-	krb_warning("Connecting socket: errno = %d\n", errno);
-    else
-	ret = send_recv_it(pkt, rpkt, proto == IPPROTO_TCP, f, 
-			   _to, addrs, n_hosts);
-    
-    close(f);
-    return ret;
-}
-
diff --git a/crypto/kerberosIV/lib/krb/sendauth.c b/crypto/kerberosIV/lib/krb/sendauth.c
deleted file mode 100644
index 4240bcf98257..000000000000
--- a/crypto/kerberosIV/lib/krb/sendauth.c
+++ /dev/null
@@ -1,163 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-#include "krb_locl.h"
-
-RCSID("$Id: sendauth.c,v 1.15 1997/04/18 14:11:36 joda Exp $");
-
-/*
- * krb_sendauth() transmits a ticket over a file descriptor for a
- * desired service, instance, and realm, doing mutual authentication
- * with the server if desired.
- */
-
-/*
- * The first argument to krb_sendauth() contains a bitfield of
- * options (the options are defined in "krb.h"):
- *
- * KOPT_DONT_CANON	Don't canonicalize instance as a hostname.
- *			(If this option is not chosen, krb_get_phost()
- *			is called to canonicalize it.)
- *
- * KOPT_DONT_MK_REQ 	Don't request server ticket from Kerberos.
- *			A ticket must be supplied in the "ticket"
- *			argument.
- *			(If this option is not chosen, and there
- *			is no ticket for the given server in the
- *			ticket cache, one will be fetched using
- *			krb_mk_req() and returned in "ticket".)
- *
- * KOPT_DO_MUTUAL	Do mutual authentication, requiring that the
- * 			receiving server return the checksum+1 encrypted
- *			in the session key.  The mutual authentication
- *			is done using krb_mk_priv() on the other side
- *			(see "recvauth.c") and krb_rd_priv() on this
- *			side.
- *
- * The "fd" argument is a file descriptor to write to the remote
- * server on.  The "ticket" argument is used to store the new ticket
- * from the krb_mk_req() call. If the KOPT_DONT_MK_REQ options is
- * chosen, the ticket must be supplied in the "ticket" argument.
- * The "service", "inst", and "realm" arguments identify the ticket.
- * If "realm" is null, the local realm is used.
- *
- * The following arguments are only needed if the KOPT_DO_MUTUAL option
- * is chosen:
- *
- *   The "checksum" argument is a number that the server will add 1 to
- *   to authenticate itself back to the client; the "msg_data" argument
- *   holds the returned mutual-authentication message from the server
- *   (i.e., the checksum+1); the "cred" structure is used to hold the
- *   session key of the server, extracted from the ticket file, for use
- *   in decrypting the mutual authentication message from the server;
- *   and "schedule" holds the key schedule for that decryption.  The
- *   the local and server addresses are given in "laddr" and "faddr".
- *
- * The application protocol version number (of up to KRB_SENDAUTH_VLEN
- * characters) is passed in "version".
- *
- * If all goes well, KSUCCESS is returned, otherwise some error code.
- *
- * The format of the message sent to the server is:
- *
- * Size			Variable		Field
- * ----			--------		-----
- *
- * KRB_SENDAUTH_VLEN	KRB_SENDAUTH_VER	sendauth protocol
- * bytes					version number
- *
- * KRB_SENDAUTH_VLEN	version			application protocol
- * bytes					version number
- *
- * 4 bytes		ticket->length		length of ticket
- *
- * ticket->length	ticket->dat		ticket itself
- */
-
-int
-krb_sendauth(int32_t options,	/* bit-pattern of options */
-	     int fd,		/* file descriptor to write onto */
-	     KTEXT ticket,	/* where to put ticket (return); or
-				 * supplied in case of KOPT_DONT_MK_REQ */
-	     char *service,	/* service name, instance, realm */
-	     char *instance,
-	     char *realm,
-	     u_int32_t checksum, /* checksum to include in request */
-	     MSG_DAT *msg_data,	/* mutual auth MSG_DAT (return) */
-	     CREDENTIALS *cred,	/* credentials (return) */
-	     struct des_ks_struct *schedule, /* key schedule (return) */
-	     struct sockaddr_in *laddr, /* local address */
-	     struct sockaddr_in *faddr,	/* address of foreign host on fd */
-	     char *version)	/* version string */
-{
-    int ret;
-    KTEXT_ST buf;
-    char realrealm[REALM_SZ];
-
-    if (realm == NULL) {
-	ret = krb_get_lrealm (realrealm, 1);
-	if (ret != KSUCCESS)
-	    return ret;
-	realm = realrealm;
-    }
-    ret = krb_mk_auth (options, ticket, service, instance, realm, checksum,
-		       version, &buf);
-    if (ret != KSUCCESS)
-	return ret;
-    ret = krb_net_write(fd, buf.dat, buf.length);
-    if(ret < 0)
-	return -1;
-      
-    if (options & KOPT_DO_MUTUAL) {
-	char tmp[4];
-	u_int32_t len;
-	char inst[INST_SZ];
-
-	ret = krb_net_read (fd, tmp, 4);
-	if (ret < 0)
-	    return -1;
-
-	krb_get_int (tmp, &len, 4, 0);
-	if (len == 0xFFFFFFFF || len > sizeof(buf.dat))
-	    return KFAILURE;
-	buf.length = len;
-	ret = krb_net_read (fd, buf.dat, len);
-	if (ret < 0)
-	    return -1;
-
-	if (options & KOPT_DONT_CANON)
-	    strncpy (inst, instance, sizeof(inst));
-	else
-	    strncpy (inst, krb_get_phost(instance), sizeof(inst));
-
-	ret = krb_get_cred (service, inst, realm, cred);
-	if (ret != KSUCCESS)
-	    return ret;
-
-	des_key_sched(&cred->session, schedule);
-
-	ret = krb_check_auth (&buf, checksum, msg_data, &cred->session, 
-			      schedule, laddr, faddr);
-	if (ret != KSUCCESS)
-	    return ret;
-    }
-    return KSUCCESS;
-}
diff --git a/crypto/kerberosIV/lib/krb/sizetest.c b/crypto/kerberosIV/lib/krb/sizetest.c
deleted file mode 100644
index d64bbeb88ecc..000000000000
--- a/crypto/kerberosIV/lib/krb/sizetest.c
+++ /dev/null
@@ -1,41 +0,0 @@
-#include "krb_locl.h"
-
-RCSID("$Id: sizetest.c,v 1.5 1996/11/15 18:39:19 bg Exp $");
-
-static
-void
-err(const char *msg)
-{
-  fputs(msg, stderr);
-  exit(1);
-}
-
-int
-main()
-{
-  if (sizeof(u_int8_t) < 1)
-    err("sizeof(u_int8_t) is smaller than 1 byte\n");
-  if (sizeof(u_int16_t) < 2)
-    err("sizeof(u_int16_t) is smaller than 2 bytes\n");
-  if (sizeof(u_int32_t) < 4)
-    err("sizeof(u_int32_t) is smaller than 4 bytes\n");
-
-  if (sizeof(u_int8_t) > 1)
-    fputs("warning: sizeof(u_int8_t) is larger than 1 byte, "
-	  "some stuff may not work properly!\n", stderr);
-
-  {
-    u_int8_t u = 1;
-    int i;
-    for (i = 0; u != 0 && i < 100; i++)
-      u <<= 1;
-
-    if (i < 8)
-      err("u_int8_t is smaller than 8 bits\n");
-    else if (i > 8)
-      fputs("warning: u_int8_t is larger than 8 bits, "
-	    "some stuff may not work properly!\n", stderr);
-  }
-
-  exit(0);
-}
diff --git a/crypto/kerberosIV/lib/krb/stime.c b/crypto/kerberosIV/lib/krb/stime.c
deleted file mode 100644
index ec57d8fd301b..000000000000
--- a/crypto/kerberosIV/lib/krb/stime.c
+++ /dev/null
@@ -1,35 +0,0 @@
-/*
- * $Id: stime.c,v 1.6 1997/05/02 14:29:20 assar Exp $
- *
- * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute
- * of Technology.
- *
- * For copying and distribution information, please see the file
- * <mit-copyright.h>.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: stime.c,v 1.6 1997/05/02 14:29:20 assar Exp $");
-
-/*
- * Given a pointer to a long containing the number of seconds
- * since the beginning of time (midnight 1 Jan 1970 GMT), return
- * a string containing the local time in the form:
- *
- * "25-Jan-1988 10:17:56"
- */
-
-const char *
-krb_stime(time_t *t)
-{
-    static char st[40];
-    struct tm *tm;
-
-    tm = localtime(t);
-    snprintf(st, sizeof(st),
-	     "%2d-%s-%04d %02d:%02d:%02d",tm->tm_mday,
-	     month_sname(tm->tm_mon + 1),tm->tm_year + 1900,
-	     tm->tm_hour, tm->tm_min, tm->tm_sec);
-    return st;
-}
diff --git a/crypto/kerberosIV/lib/krb/str2key.c b/crypto/kerberosIV/lib/krb/str2key.c
deleted file mode 100644
index 2b00fc176eda..000000000000
--- a/crypto/kerberosIV/lib/krb/str2key.c
+++ /dev/null
@@ -1,103 +0,0 @@
-/* This defines the Andrew string_to_key function.  It accepts a password
- * string as input and converts its via a one-way encryption algorithm to a DES
- * encryption key.  It is compatible with the original Andrew authentication
- * service password database.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: str2key.c,v 1.10 1997/03/23 03:53:19 joda Exp $");
-
-static void
-mklower(char *s)
-{
-    for (; *s; s++)
-        if ('A' <= *s && *s <= 'Z')
-            *s = *s - 'A' + 'a';
-}
-
-/*
- * Short passwords, i.e 8 characters or less.
- */
-static void
-afs_cmu_StringToKey (char *str, char *cell, des_cblock *key)
-{
-    char  password[8+1];	/* crypt is limited to 8 chars anyway */
-    int   i;
-    int   passlen;
-
-    memset (key, 0, sizeof(key));
-    memset(password, 0, sizeof(password));
-
-    strncpy (password, cell, 8);
-    passlen = strlen (str);
-    if (passlen > 8) passlen = 8;
-
-    for (i=0; i<passlen; i++)
-        password[i] = str[i] ^ cell[i];	/* make sure cell is zero padded */
-
-    for (i=0; i<8; i++)
-        if (password[i] == '\0') password[i] = 'X';
-
-    /* crypt only considers the first 8 characters of password but for some
-       reason returns eleven characters of result (plus the two salt chars). */
-    strncpy((char *)key, (char *)crypt(password, "#~") + 2, sizeof(des_cblock));
-
-    /* parity is inserted into the LSB so leftshift each byte up one bit.  This
-       allows ascii characters with a zero MSB to retain as much significance
-       as possible. */
-    {   char *keybytes = (char *)key;
-        unsigned int temp;
-
-        for (i = 0; i < 8; i++) {
-            temp = (unsigned int) keybytes[i];
-            keybytes[i] = (unsigned char) (temp << 1);
-        }
-    }
-    des_fixup_key_parity (key);
-}
-
-/*
- * Long passwords, i.e 9 characters or more.
- */
-static void
-afs_transarc_StringToKey (char *str, char *cell, des_cblock *key)
-{
-    des_key_schedule schedule;
-    des_cblock temp_key;
-    des_cblock ivec;
-    char password[512];
-    int  passlen;
-
-    strncpy (password, str, sizeof(password));
-    if ((passlen = strlen (password)) < sizeof(password)-1)
-        strncat (password, cell, sizeof(password)-passlen);
-    if ((passlen = strlen(password)) > sizeof(password)) passlen = sizeof(password);
-
-    memcpy(&ivec, "kerberos", 8);
-    memcpy(&temp_key, "kerberos", 8);
-    des_fixup_key_parity (&temp_key);
-    des_key_sched (&temp_key, schedule);
-    des_cbc_cksum ((des_cblock *)password, &ivec, passlen, schedule, &ivec);
-
-    memcpy(&temp_key, &ivec, 8);
-    des_fixup_key_parity (&temp_key);
-    des_key_sched (&temp_key, schedule);
-    des_cbc_cksum ((des_cblock *)password, key, passlen, schedule, &ivec);
-
-    des_fixup_key_parity (key);
-}
-
-void
-afs_string_to_key(char *str, char *cell, des_cblock *key)
-{
-    char realm[REALM_SZ+1];
-    strncpy(realm, cell, REALM_SZ);
-    realm[REALM_SZ] = 0;
-    mklower(realm);
-
-    if (strlen(str) > 8)
-        afs_transarc_StringToKey (str, realm, key);
-    else
-        afs_cmu_StringToKey (str, realm, key);
-}
diff --git a/crypto/kerberosIV/lib/krb/swab.c b/crypto/kerberosIV/lib/krb/swab.c
deleted file mode 100644
index d68ce3d52246..000000000000
--- a/crypto/kerberosIV/lib/krb/swab.c
+++ /dev/null
@@ -1,56 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: swab.c,v 1.4 1997/04/01 08:18:45 joda Exp $");
-#endif
-
-#ifndef HAVE_SWAB
-void
-swab (char *from, char *to, int nbytes)
-{
-     while(nbytes >= 2) {
-	  *(to + 1) = *from;
-	  *to = *(from + 1);
-	  to += 2;
-	  from += 2;
-	  nbytes -= 2;
-     }
-}
-#endif
diff --git a/crypto/kerberosIV/lib/krb/tf_util.c b/crypto/kerberosIV/lib/krb/tf_util.c
deleted file mode 100644
index a196448e1f16..000000000000
--- a/crypto/kerberosIV/lib/krb/tf_util.c
+++ /dev/null
@@ -1,645 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-        
-#include "krb_locl.h"
-
-RCSID("$Id: tf_util.c,v 1.24 1997/04/20 06:24:32 assar Exp $");
-
-
-#define TOO_BIG -1
-#define TF_LCK_RETRY ((unsigned)2)	/* seconds to sleep before
-					 * retry if ticket file is
-					 * locked */
-#define	TF_LCK_RETRY_COUNT	(50)	/* number of retries	*/
-
-#ifndef O_BINARY
-#define O_BINARY 0
-#endif
-
-/*
- * fd must be initialized to something that won't ever occur as a real
- * file descriptor. Since open(2) returns only non-negative numbers as
- * valid file descriptors, and tf_init always stuffs the return value
- * from open in here even if it is an error flag, we must
- * 	a. Initialize fd to a negative number, to indicate that it is
- * 	   not initially valid.
- *	b. When checking for a valid fd, assume that negative values
- *	   are invalid (ie. when deciding whether tf_init has been
- *	   called.)
- *	c. In tf_close, be sure it gets reinitialized to a negative
- *	   number. 
- */
-static  int fd = -1;
-static	int curpos;				/* Position in tfbfr */
-static	int lastpos;			/* End of tfbfr */
-static	char tfbfr[BUFSIZ];		/* Buffer for ticket data */
-
-static int tf_gets(char *s, int n);
-static int tf_read(void *s, int n);
-
-/*
- * This file contains routines for manipulating the ticket cache file.
- *
- * The ticket file is in the following format:
- *
- *      principal's name        (null-terminated string)
- *      principal's instance    (null-terminated string)
- *      CREDENTIAL_1
- *      CREDENTIAL_2
- *      ...
- *      CREDENTIAL_n
- *      EOF
- *
- *      Where "CREDENTIAL_x" consists of the following fixed-length
- *      fields from the CREDENTIALS structure (see "krb.h"):
- *
- *              char            service[ANAME_SZ]
- *              char            instance[INST_SZ]
- *              char            realm[REALM_SZ]
- *              C_Block         session
- *              int             lifetime
- *              int             kvno
- *              KTEXT_ST        ticket_st
- *              u_int32_t            issue_date
- *
- * Short description of routines:
- *
- * tf_init() opens the ticket file and locks it.
- *
- * tf_get_pname() returns the principal's name.
- *
- * tf_put_pname() writes the principal's name to the ticket file.
- *
- * tf_get_pinst() returns the principal's instance (may be null).
- *
- * tf_put_pinst() writes the instance.
- *
- * tf_get_cred() returns the next CREDENTIALS record.
- *
- * tf_save_cred() appends a new CREDENTIAL record to the ticket file.
- *
- * tf_close() closes the ticket file and releases the lock.
- *
- * tf_gets() returns the next null-terminated string.  It's an internal
- * routine used by tf_get_pname(), tf_get_pinst(), and tf_get_cred().
- *
- * tf_read() reads a given number of bytes.  It's an internal routine
- * used by tf_get_cred().
- */
-
-/*
- * tf_init() should be called before the other ticket file routines.
- * It takes the name of the ticket file to use, "tf_name", and a
- * read/write flag "rw" as arguments. 
- *
- * It tries to open the ticket file, checks the mode, and if everything
- * is okay, locks the file.  If it's opened for reading, the lock is
- * shared.  If it's opened for writing, the lock is exclusive. 
- *
- * Returns KSUCCESS if all went well, otherwise one of the following: 
- *
- * NO_TKT_FIL   - file wasn't there
- * TKT_FIL_ACC  - file was in wrong mode, etc.
- * TKT_FIL_LCK  - couldn't lock the file, even after a retry
- */
-
-int
-tf_init(char *tf_name, int rw)
-{
-  /* Unix implementation */
-  int wflag;
-  struct stat stat_buf;
-  int i_retry;
-
-  switch (rw) {
-  case R_TKT_FIL:
-    wflag = 0;
-    break;
-  case W_TKT_FIL:
-    wflag = 1;
-    break;
-  default:
-    if (krb_debug)
-      krb_warning("tf_init: illegal parameter\n");
-    return TKT_FIL_ACC;
-  }
-  if (lstat(tf_name, &stat_buf) < 0)
-    switch (errno) {
-    case ENOENT:
-      return NO_TKT_FIL;
-    default:
-      return TKT_FIL_ACC;
-    }
-  /* The old code tried to guess when the calling program was
-   * running set-uid, this is now removed - the kerberos library
-   * does not (or shouldn't) know anything about user-ids.
-
-   * All library functions now assume that the right userids are set
-   * upon entry, therefore there is no need to test permissions like
-   * before. If the file is openable, just open it.
-   */
-
-  if(!S_ISREG(stat_buf.st_mode))
-    return TKT_FIL_ACC;
-
-
-  /*
-   * If "wflag" is set, open the ticket file in append-writeonly mode
-   * and lock the ticket file in exclusive mode.  If unable to lock
-   * the file, sleep and try again.  If we fail again, return with the
-   * proper error message. 
-   */
-
-  curpos = sizeof(tfbfr);
-
-    
-  if (wflag) {
-    fd = open(tf_name, O_RDWR | O_BINARY, 0600);
-    if (fd < 0) {
-      return TKT_FIL_ACC;
-    }
-    for (i_retry = 0; i_retry < TF_LCK_RETRY_COUNT; i_retry++) {
-      if (k_flock(fd, K_LOCK_EX | K_LOCK_NB) < 0) {
-	if (krb_debug)
-	  krb_warning("tf_init: retry %d of write lock of `%s'.\n",
-		      i_retry, tf_name);
-	sleep (TF_LCK_RETRY);
-      } else {
-	return KSUCCESS;		/* all done */
-      }
-    }
-    close (fd);
-    fd = -1;
-    return TKT_FIL_LCK;
-  }
-  /*
-   * Otherwise "wflag" is not set and the ticket file should be opened
-   * for read-only operations and locked for shared access. 
-   */
-
-  fd = open(tf_name, O_RDONLY | O_BINARY, 0600);
-  if (fd < 0) {
-    return TKT_FIL_ACC;
-  }
-
-  for (i_retry = 0; i_retry < TF_LCK_RETRY_COUNT; i_retry++) {
-    if (k_flock(fd, K_LOCK_SH | K_LOCK_NB) < 0) {
-      if (krb_debug)
-	krb_warning("tf_init: retry %d of read lock of `%s'.\n",
-		    i_retry, tf_name);
-      sleep (TF_LCK_RETRY);
-    } else {
-      return KSUCCESS;		/* all done */
-    }
-  }
-  /* failure */
-  close(fd);
-  fd = -1;
-  return TKT_FIL_LCK;
-}
-
-/*
- * tf_create() should be called when creating a new ticket file.
- * The only argument is the name of the ticket file.
- * After calling this, it should be possible to use other tf_* functions.
- *
- * New algoritm for creating ticket file:
- * 1. try to erase contents of existing file.
- * 2. try to remove old file.
- * 3. try to open with O_CREAT and O_EXCL
- * 4. if this fails, someone has created a file in between 1 and 2 and
- *    we should fail.  Otherwise, all is wonderful.
- */
-
-int
-tf_create(char *tf_name)
-{
-  struct stat statbuf;
-  char garbage[BUFSIZ];
-
-  fd = open(tf_name, O_RDWR | O_BINARY, 0);
-  if (fd >= 0) {
-    if (fstat (fd, &statbuf) == 0) {
-      int i;
-
-      for (i = 0; i < statbuf.st_size; i += sizeof(garbage))
-	write (fd, garbage, sizeof(garbage));
-    }
-    close (fd);
-  }
-
-  if (unlink (tf_name) && errno != ENOENT)
-    return TKT_FIL_ACC;
-
-  fd = open(tf_name, O_RDWR | O_CREAT | O_EXCL | O_BINARY, 0600);
-  if (fd < 0)
-    return TKT_FIL_ACC;
-  if (k_flock(fd, K_LOCK_EX | K_LOCK_NB) < 0) {
-    sleep(TF_LCK_RETRY);
-    if (k_flock(fd, K_LOCK_EX | K_LOCK_NB) < 0) {
-      close(fd);
-      fd = -1;
-      return TKT_FIL_LCK;
-    }
-  }
-  return KSUCCESS;
-}
-
-/*
- * tf_get_pname() reads the principal's name from the ticket file. It
- * should only be called after tf_init() has been called.  The
- * principal's name is filled into the "p" parameter.  If all goes well,
- * KSUCCESS is returned.  If tf_init() wasn't called, TKT_FIL_INI is
- * returned.  If the name was null, or EOF was encountered, or the name
- * was longer than ANAME_SZ, TKT_FIL_FMT is returned. 
- */
-
-int
-tf_get_pname(char *p)
-{
-  if (fd < 0) {
-    if (krb_debug)
-      krb_warning("tf_get_pname called before tf_init.\n");
-    return TKT_FIL_INI;
-  }
-  if (tf_gets(p, ANAME_SZ) < 2)	/* can't be just a null */
-    {
-      if (krb_debug) 
-	krb_warning ("tf_get_pname: pname < 2.\n");
-      return TKT_FIL_FMT;
-    }
-  return KSUCCESS;
-}
-
-/*
- * tf_put_pname() sets the principal's name in the ticket file. Call
- * after tf_create().
- */
-
-int
-tf_put_pname(char *p)
-{
-  unsigned count;
-
-  if (fd < 0) {
-    if (krb_debug)
-      krb_warning("tf_put_pname called before tf_create.\n");
-    return TKT_FIL_INI;
-  }
-  count = strlen(p)+1;
-  if (write(fd,p,count) != count)
-    return(KFAILURE);
-  return KSUCCESS;
-}
-
-/*
- * tf_get_pinst() reads the principal's instance from a ticket file.
- * It should only be called after tf_init() and tf_get_pname() have been
- * called.  The instance is filled into the "inst" parameter.  If all
- * goes well, KSUCCESS is returned.  If tf_init() wasn't called,
- * TKT_FIL_INI is returned.  If EOF was encountered, or the instance
- * was longer than ANAME_SZ, TKT_FIL_FMT is returned.  Note that the
- * instance may be null. 
- */
-
-int
-tf_get_pinst(char *inst)
-{
-  if (fd < 0) {
-    if (krb_debug)
-      krb_warning("tf_get_pinst called before tf_init.\n");
-    return TKT_FIL_INI;
-  }
-  if (tf_gets(inst, INST_SZ) < 1)
-    {
-      if (krb_debug)
-	krb_warning("tf_get_pinst: inst_sz < 1.\n");
-      return TKT_FIL_FMT;
-    }
-  return KSUCCESS;
-}
-
-/*
- * tf_put_pinst writes the principal's instance to the ticket file.
- * Call after tf_create.
- */
-
-int
-tf_put_pinst(char *inst)
-{
-  unsigned count;
-
-  if (fd < 0) {
-    if (krb_debug)
-      krb_warning("tf_put_pinst called before tf_create.\n");
-    return TKT_FIL_INI;
-  }
-  count = strlen(inst)+1;
-  if (write(fd,inst,count) != count)
-    return(KFAILURE);
-  return KSUCCESS;
-}
-
-/*
- * tf_get_cred() reads a CREDENTIALS record from a ticket file and fills
- * in the given structure "c".  It should only be called after tf_init(),
- * tf_get_pname(), and tf_get_pinst() have been called. If all goes well,
- * KSUCCESS is returned.  Possible error codes are: 
- *
- * TKT_FIL_INI  - tf_init wasn't called first
- * TKT_FIL_FMT  - bad format
- * EOF          - end of file encountered
- */
-
-int
-tf_get_cred(CREDENTIALS *c)
-{
-  KTEXT   ticket = &c->ticket_st;	/* pointer to ticket */
-  int     k_errno;
-
-  if (fd < 0) {
-    if (krb_debug)
-      krb_warning ("tf_get_cred called before tf_init.\n");
-    return TKT_FIL_INI;
-  }
-  if ((k_errno = tf_gets(c->service, SNAME_SZ)) < 2)
-    switch (k_errno) {
-    case TOO_BIG:
-      if (krb_debug)
-	krb_warning("tf_get_cred: too big service cred.\n");
-    case 1:		/* can't be just a null */
-      tf_close();
-      if (krb_debug)
-	krb_warning("tf_get_cred: null service cred.\n");
-      return TKT_FIL_FMT;
-    case 0:
-      return EOF;
-    }
-  if ((k_errno = tf_gets(c->instance, INST_SZ)) < 1)
-    switch (k_errno) {
-    case TOO_BIG:
-      if (krb_debug)
-	krb_warning ("tf_get_cred: too big instance cred.\n");
-      return TKT_FIL_FMT;
-    case 0:
-      return EOF;
-    }
-  if ((k_errno = tf_gets(c->realm, REALM_SZ)) < 2)
-    switch (k_errno) {
-    case TOO_BIG:
-      if (krb_debug)
-	krb_warning ("tf_get_cred: too big realm cred.\n");
-    case 1:		/* can't be just a null */
-      tf_close();
-      if (krb_debug)
-	krb_warning ("tf_get_cred: null realm cred.\n");
-      return TKT_FIL_FMT;
-    case 0:
-      return EOF;
-    }
-  if (
-      tf_read((c->session), DES_KEY_SZ) < 1 ||
-      tf_read(&(c->lifetime), sizeof(c->lifetime)) < 1 ||
-      tf_read(&(c->kvno), sizeof(c->kvno)) < 1 ||
-      tf_read(&(ticket->length), sizeof(ticket->length))
-      < 1 ||
-      /* don't try to read a silly amount into ticket->dat */
-      ticket->length > MAX_KTXT_LEN ||
-      tf_read((ticket->dat), ticket->length) < 1 ||
-      tf_read(&(c->issue_date), sizeof(c->issue_date)) < 1
-      ) {
-    tf_close();
-    if (krb_debug)
-      krb_warning ("tf_get_cred: failed tf_read.\n");
-    return TKT_FIL_FMT;
-  }
-  return KSUCCESS;
-}
-
-/*
- * tf_close() closes the ticket file and sets "fd" to -1. If "fd" is
- * not a valid file descriptor, it just returns.  It also clears the
- * buffer used to read tickets.
- *
- * The return value is not defined.
- */
-
-void
-tf_close(void)
-{
-  if (!(fd < 0)) {
-    k_flock(fd, K_LOCK_UN);
-    close(fd);
-    fd = -1;		/* see declaration of fd above */
-  }
-  memset(tfbfr, 0, sizeof(tfbfr));
-}
-
-/*
- * tf_gets() is an internal routine.  It takes a string "s" and a count
- * "n", and reads from the file until either it has read "n" characters,
- * or until it reads a null byte. When finished, what has been read exists
- * in "s". If it encounters EOF or an error, it closes the ticket file. 
- *
- * Possible return values are:
- *
- * n            the number of bytes read (including null terminator)
- *              when all goes well
- *
- * 0            end of file or read error
- *
- * TOO_BIG      if "count" characters are read and no null is
- *		encountered. This is an indication that the ticket
- *		file is seriously ill.
- */
-
-static int
-tf_gets(char *s, int n)
-{
-  int count;
-
-  if (fd < 0) {
-    if (krb_debug)
-      krb_warning ("tf_gets called before tf_init.\n");
-    return TKT_FIL_INI;
-  }
-  for (count = n - 1; count > 0; --count) {
-    if (curpos >= sizeof(tfbfr)) {
-      lastpos = read(fd, tfbfr, sizeof(tfbfr));
-      curpos = 0;
-    }
-    if (curpos == lastpos) {
-      tf_close();
-      return 0;
-    }
-    *s = tfbfr[curpos++];
-    if (*s++ == '\0')
-      return (n - count);
-  }
-  tf_close();
-  return TOO_BIG;
-}
-
-/*
- * tf_read() is an internal routine.  It takes a string "s" and a count
- * "n", and reads from the file until "n" bytes have been read.  When
- * finished, what has been read exists in "s".  If it encounters EOF or
- * an error, it closes the ticket file.
- *
- * Possible return values are:
- *
- * n		the number of bytes read when all goes well
- *
- * 0		on end of file or read error
- */
-
-static int
-tf_read(void *v, int n)
-{
-  char *s = (char *)v;
-  int count;
-    
-  for (count = n; count > 0; --count) {
-    if (curpos >= sizeof(tfbfr)) {
-      lastpos = read(fd, tfbfr, sizeof(tfbfr));
-      curpos = 0;
-    }
-    if (curpos == lastpos) {
-      tf_close();
-      return 0;
-    }
-    *s++ = tfbfr[curpos++];
-  }
-  return n;
-}
-     
-/*
- * tf_save_cred() appends an incoming ticket to the end of the ticket
- * file.  You must call tf_init() before calling tf_save_cred().
- *
- * The "service", "instance", and "realm" arguments specify the
- * server's name; "session" contains the session key to be used with
- * the ticket; "kvno" is the server key version number in which the
- * ticket is encrypted, "ticket" contains the actual ticket, and
- * "issue_date" is the time the ticket was requested (local host's time).
- *
- * Returns KSUCCESS if all goes well, TKT_FIL_INI if tf_init() wasn't
- * called previously, and KFAILURE for anything else that went wrong.
- */
- 
-int
-tf_save_cred(char *service,	/* Service name */
-	     char *instance,	/* Instance */
-	     char *realm,	/* Auth domain */
-	     unsigned char *session, /* Session key */
-	     int lifetime,	/* Lifetime */
-	     int kvno,		/* Key version number */
-	     KTEXT ticket,	/* The ticket itself */
-	     u_int32_t issue_date) /* The issue time */
-{
-  int count;			/* count for write */
-
-  if (fd < 0) {			/* fd is ticket file as set by tf_init */
-    if (krb_debug)
-      krb_warning ("tf_save_cred called before tf_init.\n");
-    return TKT_FIL_INI;
-  }
-  /* Find the end of the ticket file */
-  lseek(fd, 0L, SEEK_END);
-
-  /* Write the ticket and associated data */
-  /* Service */
-  count = strlen(service) + 1;
-  if (write(fd, service, count) != count)
-    goto bad;
-  /* Instance */
-  count = strlen(instance) + 1;
-  if (write(fd, instance, count) != count)
-    goto bad;
-  /* Realm */
-  count = strlen(realm) + 1;
-  if (write(fd, realm, count) != count)
-    goto bad;
-  /* Session key */
-  if (write(fd, session, 8) != 8)
-    goto bad;
-  /* Lifetime */
-  if (write(fd, &lifetime, sizeof(int)) != sizeof(int))
-    goto bad;
-  /* Key vno */
-  if (write(fd, &kvno, sizeof(int)) != sizeof(int))
-    goto bad;
-  /* Tkt length */
-  if (write(fd, &(ticket->length), sizeof(int)) !=
-      sizeof(int))
-    goto bad;
-  /* Ticket */
-  count = ticket->length;
-  if (write(fd, ticket->dat, count) != count)
-    goto bad;
-  /* Issue date */
-  if (write(fd, &issue_date, sizeof(issue_date)) != sizeof(issue_date))
-    goto bad;
-
-  return (KSUCCESS);
-bad:
-  return (KFAILURE);
-}
-	  
-int
-tf_setup(CREDENTIALS *cred, char *pname, char *pinst)
-{
-    int ret;
-    ret = tf_create(tkt_string());
-    if (ret != KSUCCESS)
-	return ret;
-
-    if (tf_put_pname(pname) != KSUCCESS ||
-	tf_put_pinst(pinst) != KSUCCESS) {
-	tf_close();
-	return INTK_ERR;
-    }
-
-    ret = tf_save_cred(cred->service, cred->instance, cred->realm, 
-		       cred->session, cred->lifetime, cred->kvno,
-		       &cred->ticket_st, cred->issue_date);
-    tf_close();
-    return ret;
-}
-
-int
-in_tkt(char *pname, char *pinst)
-{
-  int ret;
-  
-  ret = tf_create (tkt_string());
-  if (ret != KSUCCESS)
-    return ret;
-
-    if (tf_put_pname(pname) != KSUCCESS ||
-	tf_put_pinst(pinst) != KSUCCESS) {
-	tf_close();
-	return INTK_ERR;
-    }
-
-    tf_close();
-    return KSUCCESS;
-}
diff --git a/crypto/kerberosIV/lib/krb/ticket_memory.c b/crypto/kerberosIV/lib/krb/ticket_memory.c
deleted file mode 100644
index 04e20b648d66..000000000000
--- a/crypto/kerberosIV/lib/krb/ticket_memory.c
+++ /dev/null
@@ -1,438 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* ticket_memory.c - Storage for tickets in memory
- * Author: d93-jka@nada.kth.se - June 1996
- */
-
-#define WIN32_LEAN_AND_MEAN
-#include <Windows.h>
-#include "krb_locl.h"
-#include "ticket_memory.h"
-
-RCSID("$Id: ticket_memory.c,v 1.9 1997/04/20 18:07:36 assar Exp $");
-
-void msg(char *text, int error);
-
-/* Global variables for memory mapping. */
-HANDLE	SharedMemoryHandle;
-tktmem	*SharedMemory;
-
-static int CredIndex = -1;
-
-int
-newTktMem(const char *tf_name)
-{
-    if(!SharedMemory)
-    {
-	unsigned int MemorySize = sizeof(tktmem);
-	unsigned int MemorySizeHi = sizeof(tktmem)>>16;
-	unsigned int MemorySizeLo = MemorySize&0xFFFF;
-	SharedMemoryHandle = CreateFileMapping((HANDLE)(int)-1, 0,
-					       PAGE_READWRITE,
-					       MemorySizeHi, MemorySizeLo,
-					       "krb_memory");
-
-	if(!SharedMemoryHandle)
-	{
-	    msg("Could not create shared memory.", GetLastError());
-	    return KFAILURE;
-	}
-		
-	SharedMemory = MapViewOfFile(SharedMemoryHandle,
-				     FILE_MAP_WRITE, 0, 0, 0);
-	if(!SharedMemory)
-	{
-	    msg("Unable to alloc shared memory.", GetLastError());
-	    return KFAILURE;
-	}
-	if(GetLastError() != ERROR_ALREADY_EXISTS)
-	{
-	    if(tf_name)
-		strcpy(SharedMemory->tmname, tf_name);
-	    SharedMemory->last_cred_no = 0;
-	}
-    }
-	
-    CredIndex = 0;
-    return KSUCCESS;
-}
-
-int
-freeTktMem(const char *tf_name)
-{
-    if(SharedMemory)
-    {
-	UnmapViewOfFile(SharedMemory);
-	CloseHandle(SharedMemoryHandle);
-    }
-    return KSUCCESS;
-}
-
-
-
-tktmem *
-getTktMem(const char *tf_name)
-{
-    return SharedMemory;
-}
-
-void
-firstCred(void)
-{
-    if(getTktMem(0)->last_cred_no > 0)
-	CredIndex = 0;
-    else
-	CredIndex = -1;
-}
-	
-int
-nextCredIndex(void)
-{
-    const tktmem *mem;
-    int last;
-    mem = getTktMem(0);
-    last = mem->last_cred_no;
-    if(CredIndex >= 0 && CredIndex < last )
-	return CredIndex++;
-    else
-	return CredIndex = -1;
-}
-
-int
-currCredIndex(void)
-{
-    const tktmem *mem;
-    int last;
-    mem = getTktMem(0);
-    last = mem->last_cred_no;
-    if(CredIndex >= 0 && CredIndex < last)
-	return CredIndex;
-    else
-	return CredIndex = -1;
-}
-
-int
-nextFreeIndex(void)
-{
-    tktmem *mem = getTktMem(0);
-    if(mem->last_cred_no > CRED_VEC_SZ)
-	return -1;
-    else
-	return mem->last_cred_no++;
-}
-
-/*
- * in_tkt() is used to initialize the ticket store.  It creates the
- * file to contain the tickets and writes the given user's name "pname"
- * and instance "pinst" in the file.  in_tkt() returns KSUCCESS on
- * success, or KFAILURE if something goes wrong.
- */
-
-int
-in_tkt(char *pname, char *pinst)
-{
-    /* Here goes code to initialize shared memory, to store tickets in. */
-    /* Implemented somewhere else. */
-    return KFAILURE;
-}
-
-/*
- * dest_tkt() is used to destroy the ticket store upon logout.
- * If the ticket file does not exist, dest_tkt() returns RET_TKFIL.
- * Otherwise the function returns RET_OK on success, KFAILURE on
- * failure.
- *
- * The ticket file (TKT_FILE) is defined in "krb.h".
- */
-
-int
-dest_tkt(void)
-{
-    /* Here goes code to destroy tickets in shared memory. */
-    /* Not implemented yet. */
-    return KFAILURE;
-}
-
-/* Short description of routines:
- *
- * tf_init() opens the ticket file and locks it.
- *
- * tf_get_pname() returns the principal's name.
- *
- * tf_put_pname() writes the principal's name to the ticket file.
- *
- * tf_get_pinst() returns the principal's instance (may be null).
- *
- * tf_put_pinst() writes the instance.
- *
- * tf_get_cred() returns the next CREDENTIALS record.
- *
- * tf_save_cred() appends a new CREDENTIAL record to the ticket file.
- *
- * tf_close() closes the ticket file and releases the lock.
- *
- * tf_gets() returns the next null-terminated string.  It's an internal
- * routine used by tf_get_pname(), tf_get_pinst(), and tf_get_cred().
- *
- * tf_read() reads a given number of bytes.  It's an internal routine
- * used by tf_get_cred().
- */
-
-/*
- * tf_init() should be called before the other ticket file routines.
- * It takes the name of the ticket file to use, "tf_name", and a
- * read/write flag "rw" as arguments. 
- *
- * Returns KSUCCESS if all went well, otherwise one of the following: 
- *
- * NO_TKT_FIL   - file wasn't there
- * TKT_FIL_ACC  - file was in wrong mode, etc.
- * TKT_FIL_LCK  - couldn't lock the file, even after a retry
- */
-
-int
-tf_init(char *tf_name, int rw)
-{
-    if(!getTktMem(tf_name))
-	return NO_TKT_FIL;
-    firstCred();
-    return KSUCCESS;
-}
-
-/*
- * tf_create() should be called when creating a new ticket file.
- * The only argument is the name of the ticket file.
- * After calling this, it should be possible to use other tf_* functions.
- */
-
-int
-tf_create(char *tf_name)
-{
-    if(newTktMem(tf_name) != KSUCCESS)
-	return NO_TKT_FIL;
-    return KSUCCESS;
-}
-
-/*
- * tf_get_pname() reads the principal's name from the ticket file. It
- * should only be called after tf_init() has been called.  The
- * principal's name is filled into the "p" parameter.  If all goes well,
- * KSUCCESS is returned.  If tf_init() wasn't called, TKT_FIL_INI is
- * returned.  If the name was null, or EOF was encountered, or the name
- * was longer than ANAME_SZ, TKT_FIL_FMT is returned. 
- */
-
-int
-tf_get_pname(char *p)
-{
-    tktmem *TktStore;
-
-    if(!(TktStore =  getTktMem(0)))
-	return KFAILURE;
-    if(!TktStore->pname)
-	return KFAILURE;
-    strcpy(p, TktStore->pname);
-    return KSUCCESS;
-}
-
-/*
- * tf_put_pname() sets the principal's name in the ticket file. Call
- * after tf_create().
- */
-
-int
-tf_put_pname(char *p)
-{
-    tktmem *TktStore;
-
-    if(!(TktStore =  getTktMem(0)))
-	return KFAILURE;
-    if(!TktStore->pname)
-	return KFAILURE;
-    strcpy(TktStore->pname, p);
-    return KSUCCESS;
-}
-
-/*
- * tf_get_pinst() reads the principal's instance from a ticket file.
- * It should only be called after tf_init() and tf_get_pname() have been
- * called.  The instance is filled into the "inst" parameter.  If all
- * goes well, KSUCCESS is returned.  If tf_init() wasn't called,
- * TKT_FIL_INI is returned.  If EOF was encountered, or the instance
- * was longer than ANAME_SZ, TKT_FIL_FMT is returned.  Note that the
- * instance may be null. 
- */
-
-int
-tf_get_pinst(char *inst)
-{
-    tktmem *TktStore;
-
-    if(!(TktStore =  getTktMem(0)))
-	return KFAILURE;
-    if(!TktStore->pinst)
-	return KFAILURE;
-    strcpy(inst, TktStore->pinst);
-    return KSUCCESS;
-}
-
-/*
- * tf_put_pinst writes the principal's instance to the ticket file.
- * Call after tf_create.
- */
-
-int
-tf_put_pinst(char *inst)
-{
-    tktmem *TktStore;
-
-    if(!(TktStore =  getTktMem(0)))
-	return KFAILURE;
-    if(!TktStore->pinst)
-	return KFAILURE;
-    strcpy(TktStore->pinst, inst);
-    return KSUCCESS;
-}
-
-/*
- * tf_get_cred() reads a CREDENTIALS record from a ticket file and fills
- * in the given structure "c".  It should only be called after tf_init(),
- * tf_get_pname(), and tf_get_pinst() have been called. If all goes well,
- * KSUCCESS is returned.  Possible error codes are: 
- *
- * TKT_FIL_INI  - tf_init wasn't called first
- * TKT_FIL_FMT  - bad format
- * EOF          - end of file encountered
- */
-
-int
-tf_get_cred(CREDENTIALS *c)
-{
-    int index;
-    CREDENTIALS *cred;
-    tktmem *TktStore;
-
-    if(!(TktStore =  getTktMem(0)))
-	return KFAILURE;
-    if((index = nextCredIndex()) == -1)
-	return EOF;
-    if(!(cred = TktStore->cred_vec+index))
-       return KFAILURE;
-    if(!c)
-	return KFAILURE;
-    memcpy(c, cred, sizeof(*c));
-    return KSUCCESS;
-}
-
-/*
- * tf_close() closes the ticket file and sets "fd" to -1. If "fd" is
- * not a valid file descriptor, it just returns.  It also clears the
- * buffer used to read tickets.
- */
-
-void
-tf_close(void)
-{
-}
-
-/*
- * tf_save_cred() appends an incoming ticket to the end of the ticket
- * file.  You must call tf_init() before calling tf_save_cred().
- *
- * The "service", "instance", and "realm" arguments specify the
- * server's name; "session" contains the session key to be used with
- * the ticket; "kvno" is the server key version number in which the
- * ticket is encrypted, "ticket" contains the actual ticket, and
- * "issue_date" is the time the ticket was requested (local host's time).
- *
- * Returns KSUCCESS if all goes well, TKT_FIL_INI if tf_init() wasn't
- * called previously, and KFAILURE for anything else that went wrong.
- */
- 
-int
-tf_save_cred(char *service,	/* Service name */
-	     char *instance,	/* Instance */
-	     char *realm,	/* Auth domain */
-	     unsigned char *session, /* Session key */
-	     int lifetime,	/* Lifetime */
-	     int kvno,		/* Key version number */
-	     KTEXT ticket,	/* The ticket itself */
-	     u_int32_t issue_date) /* The issue time */
-{
-    CREDENTIALS *cred;
-    tktmem *mem =  getTktMem(0);
-    int last = nextFreeIndex();
-
-    if(last == -1)
-	return KFAILURE;
-    cred = mem->cred_vec+last;
-    strcpy(cred->service, service);
-    strcpy(cred->instance, instance);
-    strcpy(cred->realm, realm);
-    strcpy(cred->session, session);
-    cred->lifetime = lifetime;
-    cred->kvno = kvno;
-    memcpy(&(cred->ticket_st), ticket, sizeof(*ticket));
-    cred->issue_date = issue_date;
-    strcpy(cred->pname, mem->pname);
-    strcpy(cred->pinst, mem->pinst);
-    return KSUCCESS;
-}
-
-
-int
-tf_setup(CREDENTIALS *cred, char *pname, char *pinst)
-{
-    int ret;
-    ret = tf_create(tkt_string());
-    if (ret != KSUCCESS)
-	return ret;
-
-    if (tf_put_pname(pname) != KSUCCESS ||
-	tf_put_pinst(pinst) != KSUCCESS) {
-	tf_close();
-	return INTK_ERR;
-    }
-
-    ret = tf_save_cred(cred->service, cred->instance, cred->realm, 
-		       cred->session, cred->lifetime, cred->kvno,
-		       &cred->ticket_st, cred->issue_date);
-    tf_close();
-    return ret;
-}
diff --git a/crypto/kerberosIV/lib/krb/ticket_memory.h b/crypto/kerberosIV/lib/krb/ticket_memory.h
deleted file mode 100644
index e85e1a4cc6a3..000000000000
--- a/crypto/kerberosIV/lib/krb/ticket_memory.h
+++ /dev/null
@@ -1,69 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* ticket_memory.h - Storage for tickets in memory
- * Author: d93-jka@nada.kth.se - June 1996
- */
-
-/* $Id: ticket_memory.h,v 1.6 1997/04/20 06:25:12 assar Exp $ */
-
-#ifndef	TICKET_MEMORY_H
-#define TICKET_MEMORY_H
-
-#include "krb_locl.h"
-
-#define CRED_VEC_SZ	20
-
-typedef struct _tktmem
-{
-  char tmname[64];
-  char pname[ANAME_SZ];	/* Principal's name */
-  char pinst[INST_SZ];	/* Principal's instance */
-  int last_cred_no;
-  CREDENTIALS cred_vec[CRED_VEC_SZ];
-} tktmem;
-
-int newTktMem(const char *tf_name);
-int freeTktMem(const char *tf_name);
-tktmem *getTktMem(const char *tf_name);
-void firstCred(void);
-int nextCredIndex(void);
-int currCredIndex(void);
-int nextFreeIndex(void);
-
-#endif /* TICKET_MEMORY_H */
diff --git a/crypto/kerberosIV/lib/krb/tkt_string.c b/crypto/kerberosIV/lib/krb/tkt_string.c
deleted file mode 100644
index 2914abb12dca..000000000000
--- a/crypto/kerberosIV/lib/krb/tkt_string.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/* 
-  Copyright (C) 1989 by the Massachusetts Institute of Technology
-
-   Export of this software from the United States of America is assumed
-   to require a specific license from the United States Government.
-   It is the responsibility of any person or organization contemplating
-   export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission.  M.I.T. makes no representations about the suitability of
-this software for any purpose.  It is provided "as is" without express
-or implied warranty.
-
-  */
-
-#include "krb_locl.h"
-
-RCSID("$Id: tkt_string.c,v 1.10 1997/05/02 14:54:26 assar Exp $");
-
-/*
- * This routine is used to generate the name of the file that holds
- * the user's cache of server tickets and associated session keys.
- *
- * If it is set, krb_ticket_string contains the ticket file name.
- * Otherwise, the filename is constructed as follows:
- *
- * If it is set, the environment variable "KRBTKFILE" will be used as
- * the ticket file name.  Otherwise TKT_ROOT (defined in "krb.h") and
- * the user's uid are concatenated to produce the ticket file name
- * (e.g., "/tmp/tkt123").  A pointer to the string containing the ticket
- * file name is returned.
- */
-
-static char krb_ticket_string[MaxPathLen] = "";
-
-#ifndef HAVE_GETUID
-int getuid(void)
-{
-    return 27;
-}
-#endif
-
-char *tkt_string(void)
-{
-    char *env;
-
-    if (!*krb_ticket_string) {
-        if ((env = getenv("KRBTKFILE"))) {
-	    strncpy(krb_ticket_string, env,
-			   sizeof(krb_ticket_string)-1);
-	    krb_ticket_string[sizeof(krb_ticket_string)-1] = '\0';
-	} else {
-	    snprintf(krb_ticket_string, sizeof(krb_ticket_string),
-		     "%s%u",TKT_ROOT,(unsigned)getuid());
-        }
-    }
-    return krb_ticket_string;
-}
-
-/*
- * This routine is used to set the name of the file that holds the user's
- * cache of server tickets and associated session keys.
- *
- * The value passed in is copied into local storage.
- *
- * NOTE:  This routine should be called during initialization, before other
- * Kerberos routines are called; otherwise tkt_string() above may be called
- * and return an undesired ticket file name until this routine is called.
- */
-
-void
-krb_set_tkt_string(char *val)
-{
-
-    strncpy(krb_ticket_string, val, sizeof(krb_ticket_string)-1);
-    krb_ticket_string[sizeof(krb_ticket_string)-1] = '\0';
-
-    return;
-}
diff --git a/crypto/kerberosIV/lib/krb/unparse_name.c b/crypto/kerberosIV/lib/krb/unparse_name.c
deleted file mode 100644
index ddb938f49d53..000000000000
--- a/crypto/kerberosIV/lib/krb/unparse_name.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: unparse_name.c,v 1.7 1997/04/01 08:18:46 joda Exp $");
-
-static void
-quote_string(char *quote, char *from, char *to)
-{
-    while(*from){
-	if(strchr(quote, *from))
-	    *to++ = '\\';
-	*to++ = *from++;
-    }
-    *to = 0;
-}
-
-/* To be compatible with old functions, we quote differently in each
-   part of the principal*/
-
-char *
-krb_unparse_name_r(krb_principal *pr, char *fullname)
-{
-    quote_string("'@\\", pr->name, fullname);
-    if(pr->instance[0]){
-	strcat(fullname, ".");
-	quote_string("@\\", pr->instance, fullname + strlen(fullname));
-    }
-    if(pr->realm[0]){
-	strcat(fullname, "@");
-	quote_string("\\", pr->realm, fullname + strlen(fullname));
-    }
-    return fullname;
-}
-
-char *
-krb_unparse_name_long_r(char *name, char *instance, char *realm,
-			char *fullname)
-{
-    krb_principal pr;
-    memset(&pr, 0, sizeof(pr));
-    strcpy(pr.name, name);
-    if(instance)
-	strcpy(pr.instance, instance);
-    if(realm)
-	strcpy(pr.realm, realm);
-    return krb_unparse_name_r(&pr, fullname);
-}
-
-char *
-krb_unparse_name(krb_principal *pr)
-{
-    static char principal[MAX_K_NAME_SZ];
-    krb_unparse_name_r(pr, principal);
-    return principal;
-}
-
-char *
-krb_unparse_name_long(char *name, char *instance, char *realm)
-{
-    krb_principal pr;
-    memset(&pr, 0, sizeof(pr));
-    strcpy(pr.name, name);
-    if(instance)
-	strcpy(pr.instance, instance);
-    if(realm)
-	strcpy(pr.realm, realm);
-    return krb_unparse_name(&pr);
-}
diff --git a/crypto/kerberosIV/lib/krb/util.c b/crypto/kerberosIV/lib/krb/util.c
deleted file mode 100644
index 7b77bb8b0d32..000000000000
--- a/crypto/kerberosIV/lib/krb/util.c
+++ /dev/null
@@ -1,64 +0,0 @@
-/*
- *
- * Copyright 1988 by the Massachusetts Institute of Technology.
- *
- * For copying and distribution information, please see the file
- * <mit-copyright.h>.
- *
- * Miscellaneous debug printing utilities
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: util.c,v 1.6 1996/10/05 00:18:34 joda Exp $");
-
-/*
- * Print some of the contents of the given authenticator structure
- * (AUTH_DAT defined in "krb.h").  Fields printed are:
- *
- * pname, pinst, prealm, netaddr, flags, cksum, timestamp, session
- */
-
-void
-ad_print(AUTH_DAT *x)
-{
-    /*
-     * Print the contents of an auth_dat struct.
-     */
-    struct in_addr address;
-    address.s_addr = x->address;
-    printf("\n%s %s %s %s flags %u cksum 0x%X\n\ttkt_tm 0x%X sess_key",
-           x->pname, x->pinst, x->prealm,
-           inet_ntoa(address), x->k_flags,
-           x->checksum, x->time_sec);
-    printf("[8] =");
-#ifdef NOENCRYPTION
-    placebo_cblock_print(x->session);
-#else
-    des_cblock_print_file(&x->session,stdout);
-#endif
-    /* skip reply for now */
-}
-
-/*
- * Print in hex the 8 bytes of the given session key.
- *
- * Printed format is:  " 0x { x, x, x, x, x, x, x, x }"
- */
-
-#ifdef NOENCRYPTION
-placebo_cblock_print(x)
-    des_cblock x;
-{
-    unsigned char *y = (unsigned char *) x;
-    int i = 0;
-
-    printf(" 0x { ");
-
-    while (i++ <8) {
-        printf("%x",*y++);
-        if (i<8) printf(", ");
-    }
-    printf(" }");
-}
-#endif
diff --git a/crypto/kerberosIV/lib/krb/verify_user.c b/crypto/kerberosIV/lib/krb/verify_user.c
deleted file mode 100644
index ce22b59a049c..000000000000
--- a/crypto/kerberosIV/lib/krb/verify_user.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb_locl.h"
-
-RCSID("$Id: verify_user.c,v 1.8 1997/04/01 08:18:46 joda Exp $");
-
-/* Verify user with password. If secure, also verify against local
- * service key, this can (usually) only be done by root.
- *
- * As a side effect, fresh tickets are obtained.
- *
- * Returns zero if ok, a positive kerberos error or -1 for system
- * errors.
- */
-
-int
-krb_verify_user(char *name, char *instance, char *realm, char *password, 
-		int secure, char *linstance)
-{
-    int ret;
-    ret = krb_get_pw_in_tkt(name, instance, realm,
-			    KRB_TICKET_GRANTING_TICKET,
-			    realm,
-			    DEFAULT_TKT_LIFE, password);
-    if(ret != KSUCCESS)
-	return ret;
-
-    if(secure){
-	struct hostent *hp;
-	int32_t addr;
-	
-	KTEXT_ST ticket;
-	AUTH_DAT auth;
-
-	char lrealm[REALM_SZ];
-	char hostname[MaxHostNameLen];
-	char *phost;
-
-	if (k_gethostname(hostname, sizeof(hostname)) == -1) {
-	    dest_tkt();
-	    return -1;
-	}
-
-	hp = gethostbyname(hostname);
-	if(hp == NULL){
-	    dest_tkt();
-	    return -1;
-	}
-	memcpy(&addr, hp->h_addr, sizeof(addr));
-
-	ret = krb_get_lrealm(lrealm, 1);
-	if(ret != KSUCCESS){
-	    dest_tkt();
-	    return ret;
-	}
-	phost = krb_get_phost(hostname);
-	
-	if (linstance == NULL)
-	    linstance = "rcmd";
-
-	ret = krb_mk_req(&ticket, linstance, phost, lrealm, 33);
-	if(ret != KSUCCESS){
-	    dest_tkt();
-	    return ret;
-	}
-	
-	ret = krb_rd_req(&ticket, linstance, phost, addr, &auth, "");
-	if(ret != KSUCCESS){
-	    dest_tkt();
-	    return ret;
-	}
-    }
-    return 0;
-}
-		
diff --git a/crypto/kerberosIV/lib/roken/Makefile.in b/crypto/kerberosIV/lib/roken/Makefile.in
deleted file mode 100644
index 26f31425789d..000000000000
--- a/crypto/kerberosIV/lib/roken/Makefile.in
+++ /dev/null
@@ -1,94 +0,0 @@
-#
-# $Id: Makefile.in,v 1.34 1997/05/28 05:23:39 assar Exp $
-#
-
-SHELL = /bin/sh
-
-srcdir = @srcdir@
-VPATH = @srcdir@
-
-CC	= @CC@
-CPP	= @CPP@
-AR	= ar
-RANLIB	= @RANLIB@
-DEFS	= @DEFS@
-CFLAGS	= @CFLAGS@
-
-INSTALL = @INSTALL@
-INSTALL_DATA	= @INSTALL_DATA@
-MKINSTALLDIRS = @top_srcdir@/mkinstalldirs
-
-prefix = @prefix@
-exec_prefix = @exec_prefix@
-libdir = @libdir@
-
-PICFLAGS = # @PICFLAGS@
- 
-LIBNAME = $(LIBPREFIX)roken
-#LIBEXT = @LIBEXT@ Always build archive library and don't install!
-LIBEXT = a
-LIBPREFIX = @LIBPREFIX@
-SHLIBEXT = @SHLIBEXT@
-LDSHARED = @LDSHARED@
-LIB = $(LIBNAME).$(LIBEXT)
-
-SOURCES = \
-	chown.c daemon.c err.c errx.c fchown.c get_window_size.c \
-	getcwd.c getdtablesize.c getopt.c getusershell.c \
-	hstrerror.c inaddr2str.c inet_aton.c \
-	initgroups.c k_getpwnam.c k_getpwuid.c lstat.c \
-	memmove.c mini_inetd.c mkstemp.c putenv.c rcmd.c setegid.c \
-	setenv.c seteuid.c signal.c snprintf.c \
-	strcasecmp.c strdup.c strerror.c strftime.c \
-	strlwr.c strnlen.c strtok_r.c strupr.c tm2time.c \
-	unsetenv.c verify.c verr.c verrx.c vwarn.c \
-	vwarnx.c warn.c warnerr.c warnx.c
-
-OBJECTS = k_getpwuid.o k_getpwnam.o signal.o tm2time.o \
-	  verify.o inaddr2str.o mini_inetd.o get_window_size.o \
-	  warnerr.o snprintf.o @LIBOBJS@
-
-all: $(LIB)
-
-Wall:
-	make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__"
-
-.c.o:
-	$(CC) -c $(CPPFLAGS) $(DEFS) -I../../include -I$(srcdir) $(CFLAGS) $(PICFLAGS) $<
-
-install: all
-
-uninstall:
-
-TAGS: $(SOURCES)
-	etags $(SOURCES)
-
-check:
-
-clean:
-	rm -f $(LIB) *.o *.a
-
-mostlyclean: clean
-
-distclean: clean
-	rm -f Makefile *.tab.c *~
-
-realclean: distclean
-	rm -f TAGS
-
-dist: $(DISTFILES)
-	for file in $(DISTFILES); do \
-	  ln $$file ../`cat ../.fname`/lib \
-	    || cp -p $$file ../`cat ../.fname`/lib; \
-	done
-
-$(LIBNAME).a: $(OBJECTS)
-	rm -f $@
-	$(AR) cr $@ $(OBJECTS)
-	-$(RANLIB) $@
-
-$(LIBNAME).$(SHLIBEXT): $(OBJECTS)
-	rm -f $@
-	$(LDSHARED) -o $@ $(OBJECTS)
-
-$(OBJECTS): ../../include/config.h
diff --git a/crypto/kerberosIV/lib/roken/chown.c b/crypto/kerberosIV/lib/roken/chown.c
deleted file mode 100644
index 28550d982c1f..000000000000
--- a/crypto/kerberosIV/lib/roken/chown.c
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: chown.c,v 1.2 1997/04/01 08:18:58 joda Exp $");
-#endif
-
-#include "roken.h"
-
-int
-chown(const char *path, uid_t owner, gid_t group)
-{
-  return 0;
-}
diff --git a/crypto/kerberosIV/lib/roken/daemon.c b/crypto/kerberosIV/lib/roken/daemon.c
deleted file mode 100644
index ffab298c76b0..000000000000
--- a/crypto/kerberosIV/lib/roken/daemon.c
+++ /dev/null
@@ -1,89 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)daemon.c	8.1 (Berkeley) 6/4/93";
-#endif /* LIBC_SCCS and not lint */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-
-RCSID("$Id: daemon.c,v 1.2 1997/05/28 05:38:09 assar Exp $");
-
-#ifndef HAVE_DAEMON
-
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-#ifdef HAVE_PATHS_H
-#include <paths.h>
-#endif
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#include "roken.h"
-
-int
-daemon(nochdir, noclose)
-	int nochdir, noclose;
-{
-	int fd;
-
-	switch (fork()) {
-	case -1:
-		return (-1);
-	case 0:
-		break;
-	default:
-		_exit(0);
-	}
-
-	if (setsid() == -1)
-		return (-1);
-
-	if (!nochdir)
-		(void)chdir("/");
-
-	if (!noclose && (fd = open(_PATH_DEVNULL, O_RDWR, 0)) != -1) {
-		(void)dup2(fd, STDIN_FILENO);
-		(void)dup2(fd, STDOUT_FILENO);
-		(void)dup2(fd, STDERR_FILENO);
-		if (fd > 2)
-			(void)close (fd);
-	}
-	return (0);
-}
-
-#endif /* HAVE_DAEMON */
diff --git a/crypto/kerberosIV/lib/roken/err.c b/crypto/kerberosIV/lib/roken/err.c
deleted file mode 100644
index 029faa92c4d5..000000000000
--- a/crypto/kerberosIV/lib/roken/err.c
+++ /dev/null
@@ -1,53 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan 
- * (Royal Institute of Technology, Stockholm, Sweden).  
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: err.c,v 1.5 1997/03/30 08:05:37 joda Exp $");
-#endif
-
-#include "err.h"
-
-void
-err(int eval, const char *fmt, ...)
-{
-  va_list ap;
-  va_start(ap, fmt);
-  verr(eval, fmt, ap);
-  va_end(ap);
-}
diff --git a/crypto/kerberosIV/lib/roken/err.h b/crypto/kerberosIV/lib/roken/err.h
deleted file mode 100644
index 6f25435250b7..000000000000
--- a/crypto/kerberosIV/lib/roken/err.h
+++ /dev/null
@@ -1,76 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan 
- * (Royal Institute of Technology, Stockholm, Sweden).  
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* $Id: err.h,v 1.13 1997/05/02 14:29:30 assar Exp $ */
-
-#ifndef __ERR_H__
-#define __ERR_H__
-
-#include <errno.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <stdarg.h>
-
-extern const char *__progname;
-
-#if !defined(__GNUC__) && !defined(__attribute__)
-#define __attribute__(x)
-#endif
-
-void warnerr(int doexit, int eval, int doerrno, const char *fmt, va_list ap)
-     __attribute__ ((format (printf, 4, 0)));
-
-void verr(int eval, const char *fmt, va_list ap)
-     __attribute__ ((noreturn, format (printf, 2, 0)));
-void err(int eval, const char *fmt, ...)
-     __attribute__ ((noreturn, format (printf, 2, 3)));
-void verrx(int eval, const char *fmt, va_list ap)
-     __attribute__ ((noreturn, format (printf, 2, 0)));
-void errx(int eval, const char *fmt, ...)
-     __attribute__ ((noreturn, format (printf, 2, 3)));
-void vwarn(const char *fmt, va_list ap)
-     __attribute__ ((format (printf, 1, 0)));
-void warn(const char *fmt, ...)
-     __attribute__ ((format (printf, 1, 2)));
-void vwarnx(const char *fmt, va_list ap)
-     __attribute__ ((format (printf, 1, 0)));
-void warnx(const char *fmt, ...)
-     __attribute__ ((format (printf, 1, 2)));
-
-#endif /* __ERR_H__ */
diff --git a/crypto/kerberosIV/lib/roken/errx.c b/crypto/kerberosIV/lib/roken/errx.c
deleted file mode 100644
index 18969d51de67..000000000000
--- a/crypto/kerberosIV/lib/roken/errx.c
+++ /dev/null
@@ -1,53 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan 
- * (Royal Institute of Technology, Stockholm, Sweden).  
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: errx.c,v 1.5 1997/03/30 08:05:38 joda Exp $");
-#endif
-
-#include "err.h"
-
-void
-errx(int eval, const char *fmt, ...)
-{
-  va_list ap;
-  va_start(ap, fmt);
-  verrx(eval, fmt, ap);
-  va_end(ap);
-}
diff --git a/crypto/kerberosIV/lib/roken/fchown.c b/crypto/kerberosIV/lib/roken/fchown.c
deleted file mode 100644
index 2a94e3ac8704..000000000000
--- a/crypto/kerberosIV/lib/roken/fchown.c
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: fchown.c,v 1.2 1997/04/01 08:18:58 joda Exp $");
-#endif
-
-#include "roken.h"
-
-int
-fchown(int fd, uid_t owner, gid_t group)
-{
-  return 0;
-}
diff --git a/crypto/kerberosIV/lib/roken/get_window_size.c b/crypto/kerberosIV/lib/roken/get_window_size.c
deleted file mode 100644
index d31d18d431a8..000000000000
--- a/crypto/kerberosIV/lib/roken/get_window_size.c
+++ /dev/null
@@ -1,96 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: get_window_size.c,v 1.4 1997/04/01 08:18:59 joda Exp $");
-#endif
-
-#include <stdlib.h>
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-
-#if 0 /* Where were those needed? /confused */
-#ifdef HAVE_SYS_PROC_H
-#include <sys/proc.h>
-#endif
-
-#ifdef HAVE_SYS_TTY_H
-#include <sys/tty.h>
-#endif
-#endif
-
-#ifdef HAVE_TERMIOS_H
-#include <termios.h>
-#endif
-
-#include <roken.h>
-
-int
-get_window_size(int fd, struct winsize *wp)
-{
-#if defined(TIOCGWINSZ)
-  return ioctl(fd, TIOCGWINSZ, wp);
-#elif defined(TIOCGSIZE)
-  struct ttysize ts;
-  int error;
-
-  if ((error = ioctl(0, TIOCGSIZE, &ts)) != 0)
-    return (error);
-  wp->ws_row = ts.ts_lines;
-  wp->ws_col = ts.ts_cols;
-  wp->ws_xpixel = 0;
-  wp->ws_ypixel = 0;
-  return 0;
-#elif defined(HAVE__SCRSIZE)
-  int dst[2];
-
-  _scrsize(dst);
-  wp->ws_row = dst[1];
-  wp->ws_col = dst[0];
-  wp->ws_xpixel = 0;
-  wp->ws_ypixel = 0;
-  return 0;
-#else
-  return -1;
-#endif
-}
diff --git a/crypto/kerberosIV/lib/roken/getcwd.c b/crypto/kerberosIV/lib/roken/getcwd.c
deleted file mode 100644
index a27451fd9931..000000000000
--- a/crypto/kerberosIV/lib/roken/getcwd.c
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: getcwd.c,v 1.7 1997/04/01 08:19:00 joda Exp $");
-#endif
-
-#include <unistd.h>
-#include <sys/param.h>
-
-#include "protos.h"
-#include "roken.h"
-
-char*
-getcwd(char *path, size_t size)
-{
-    char xxx[MaxPathLen];
-    char *ret;
-    ret = getwd(xxx);
-    if(ret)
-	strncpy(path, xxx, size);
-    return ret;
-}
diff --git a/crypto/kerberosIV/lib/roken/getdtablesize.c b/crypto/kerberosIV/lib/roken/getdtablesize.c
deleted file mode 100644
index afd47d2b23f2..000000000000
--- a/crypto/kerberosIV/lib/roken/getdtablesize.c
+++ /dev/null
@@ -1,102 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: getdtablesize.c,v 1.8 1997/04/20 05:51:06 assar Exp $");
-#endif
-
-#include "roken.h"
-
-#include <sys/types.h>
-#ifdef TIME_WITH_SYS_TIME
-#include <sys/time.h>
-#include <time.h>
-#elif defined(HAVE_SYS_TIME_H)
-#include <sys/time.h>
-#else
-#include <time.h>
-#endif
-#ifdef HAVE_SYS_PARAM_H
-#include <sys/param.h>
-#endif
-#include <unistd.h>
-
-#ifdef HAVE_SYS_RESOURCE_H
-#include <sys/resource.h>
-#endif
-
-#ifdef HAVE_SYS_SYSCTL_H
-#include <sys/sysctl.h>
-#endif
-
-int getdtablesize(void)
-{
-  int files = -1;
-#if defined(HAVE_SYSCONF) && defined(_SC_OPEN_MAX)
-  files = sysconf(_SC_OPEN_MAX);
-#else /* !defined(HAVE_SYSCONF) */
-#if defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE)
-  struct rlimit res;
-  if (getrlimit(RLIMIT_NOFILE, &res) == 0)
-    files = res.rlim_cur;
-#else /* !definded(HAVE_GETRLIMIT) */
-#if defined(HAVE_SYSCTL) && defined(CTL_KERN) && defined(KERN_MAXFILES)
-  int mib[2];
-  size_t len;
-    
-  mib[0] = CTL_KERN;
-  mib[1] = KERN_MAXFILES;
-  len = sizeof(files);
-  sysctl(&mib, 2, &files, sizeof(nfil), NULL, 0);
-#endif /* defined(HAVE_SYSCTL) */
-#endif /* !definded(HAVE_GETRLIMIT) */
-#endif /* !defined(HAVE_SYSCONF) */
-
-#ifdef OPEN_MAX
-  if (files < 0)
-    files = OPEN_MAX;
-#endif
-
-#ifdef NOFILE
-  if (files < 0)
-    files = NOFILE;
-#endif    
-    
-  return files;
-}
diff --git a/crypto/kerberosIV/lib/roken/getopt.c b/crypto/kerberosIV/lib/roken/getopt.c
deleted file mode 100644
index fea4635fb524..000000000000
--- a/crypto/kerberosIV/lib/roken/getopt.c
+++ /dev/null
@@ -1,128 +0,0 @@
-/*
- * Copyright (c) 1987, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)getopt.c	8.1 (Berkeley) 6/4/93";
-#endif /* LIBC_SCCS and not lint */
-
-#ifndef __STDC__
-#define const
-#endif
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-/*
- * get option letter from argument vector
- */
-int	opterr = 1,		/* if error message should be printed */
-	optind = 1,		/* index into parent argv vector */
-	optopt,			/* character checked for validity */
-	optreset;		/* reset getopt */
-char	*optarg;		/* argument associated with option */
-
-#define	BADCH	(int)'?'
-#define	BADARG	(int)':'
-#define	EMSG	""
-
-int
-getopt(nargc, nargv, ostr)
-	int nargc;
-	char * const *nargv;
-	const char *ostr;
-{
-	static char *place = EMSG;		/* option letter processing */
-	char *oli;			/* option letter list index */
-	char *p;
-
-	if (optreset || !*place) {		/* update scanning pointer */
-		optreset = 0;
-		if (optind >= nargc || *(place = nargv[optind]) != '-') {
-			place = EMSG;
-			return(EOF);
-		}
-		if (place[1] && *++place == '-') {	/* found "--" */
-			++optind;
-			place = EMSG;
-			return(EOF);
-		}
-	}					/* option letter okay? */
-	if ((optopt = (int)*place++) == (int)':' ||
-	    !(oli = strchr(ostr, optopt))) {
-		/*
-		 * if the user didn't specify '-' as an option,
-		 * assume it means EOF.
-		 */
-		if (optopt == (int)'-')
-			return(EOF);
-		if (!*place)
-			++optind;
-		if (opterr && *ostr != ':') {
-			if (!(p = strrchr(*nargv, '/')))
-				p = *nargv;
-			else
-				++p;
-			fprintf(stderr, "%s: illegal option -- %c\n",
-			    p, optopt);
-		}
-		return(BADCH);
-	}
-	if (*++oli != ':') {			/* don't need argument */
-		optarg = NULL;
-		if (!*place)
-			++optind;
-	}
-	else {					/* need an argument */
-		if (*place)			/* no white space */
-			optarg = place;
-		else if (nargc <= ++optind) {	/* no arg */
-			place = EMSG;
-			if (!(p = strrchr(*nargv, '/')))
-				p = *nargv;
-			else
-				++p;
-			if (*ostr == ':')
-				return(BADARG);
-			if (opterr)
-				fprintf(stderr,
-				    "%s: option requires an argument -- %c\n",
-				    p, optopt);
-			return(BADCH);
-		}
-	 	else				/* white space */
-			optarg = nargv[optind];
-		place = EMSG;
-		++optind;
-	}
-	return(optopt);				/* dump back option letter */
-}
diff --git a/crypto/kerberosIV/lib/roken/getusershell.c b/crypto/kerberosIV/lib/roken/getusershell.c
deleted file mode 100644
index 87a48ece19b5..000000000000
--- a/crypto/kerberosIV/lib/roken/getusershell.c
+++ /dev/null
@@ -1,160 +0,0 @@
-/*
- * Copyright (c) 1985, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-
-RCSID("$Id: getusershell.c,v 1.8 1997/04/20 06:18:03 assar Exp $");
-
-#ifndef HAVE_GETUSERSHELL
-
-#include <stdio.h>
-#include <stdlib.h>
-#ifdef HAVE_PATHS_H
-#include <paths.h>
-#endif
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
-#ifdef HAVE_SYS_PARAM_H
-#include <sys/param.h>
-#endif
-
-#ifndef _PATH_SHELLS
-#define _PATH_SHELLS "/etc/shells"
-#endif
-
-#ifndef _PATH_BSHELL
-#define _PATH_BSHELL "/bin/sh"
-#endif
-
-#ifndef _PATH_CSHELL
-#define _PATH_CSHELL "/bin/csh"
-#endif
-
-/*
- * Local shells should NOT be added here.  They should be added in
- * /etc/shells.
- */
-
-static char *okshells[] = { _PATH_BSHELL, _PATH_CSHELL, NULL };
-static char **curshell, **shells, *strings;
-static char **initshells (void);
-
-/*
- * Get a list of shells from _PATH_SHELLS, if it exists.
- */
-char *
-getusershell()
-{
-	char *ret;
-
-	if (curshell == NULL)
-		curshell = initshells();
-	ret = *curshell;
-	if (ret != NULL)
-		curshell++;
-	return (ret);
-}
-
-void
-endusershell()
-{
-	
-	if (shells != NULL)
-		free(shells);
-	shells = NULL;
-	if (strings != NULL)
-		free(strings);
-	strings = NULL;
-	curshell = NULL;
-}
-
-void
-setusershell()
-{
-
-	curshell = initshells();
-}
-
-static char **
-initshells()
-{
-	char **sp, *cp;
-	FILE *fp;
-	struct stat statb;
-
-	if (shells != NULL)
-		free(shells);
-	shells = NULL;
-	if (strings != NULL)
-		free(strings);
-	strings = NULL;
-	if ((fp = fopen(_PATH_SHELLS, "r")) == NULL)
-		return (okshells);
-	if (fstat(fileno(fp), &statb) == -1) {
-		fclose(fp);
-		return (okshells);
-	}
-	if ((strings = malloc((u_int)statb.st_size)) == NULL) {
-		fclose(fp);
-		return (okshells);
-	}
-	shells = calloc((unsigned)statb.st_size / 3, sizeof (char *));
-	if (shells == NULL) {
-		fclose(fp);
-		free(strings);
-		strings = NULL;
-		return (okshells);
-	}
-	sp = shells;
-	cp = strings;
-	while (fgets(cp, MaxPathLen + 1, fp) != NULL) {
-		while (*cp != '#' && *cp != '/' && *cp != '\0')
-			cp++;
-		if (*cp == '#' || *cp == '\0')
-			continue;
-		*sp++ = cp;
-		while (!isspace(*cp) && *cp != '#' && *cp != '\0')
-			cp++;
-		*cp++ = '\0';
-	}
-	*sp = NULL;
-	fclose(fp);
-	return (shells);
-}
-#endif /* HAVE_GETUSERSHELL */
diff --git a/crypto/kerberosIV/lib/roken/hstrerror.c b/crypto/kerberosIV/lib/roken/hstrerror.c
deleted file mode 100644
index 9e47cb57dbb5..000000000000
--- a/crypto/kerberosIV/lib/roken/hstrerror.c
+++ /dev/null
@@ -1,87 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: hstrerror.c,v 1.17 1997/06/01 03:37:25 assar Exp $");
-#endif
-
-#include "roken.h"
-
-#ifndef HAVE_HSTRERROR
-
-#include <stdio.h>
-#include <netdb.h>
-
-#ifndef HAVE_H_ERRNO
-int h_errno = -17; /* Some magic number */
-#endif
-
-#if !(defined(HAVE_H_ERRLIST) && defined(HAVE_H_NERR))
-static const char *const h_errlist[] = {
-    "Resolver Error 0 (no error)",
-    "Unknown host",		/* 1 HOST_NOT_FOUND */
-    "Host name lookup failure",	/* 2 TRY_AGAIN */
-    "Unknown server error",	/* 3 NO_RECOVERY */
-    "No address associated with name", /* 4 NO_ADDRESS */
-};
-
-static
-const
-int h_nerr = { sizeof h_errlist / sizeof h_errlist[0] };
-#else
-
-#ifndef HAVE_H_ERRLIST_DECLARATION
-extern const char *h_errlist[];
-extern int h_nerr;
-#endif
-
-#endif
-
-char *
-hstrerror(int herr)
-{
-    if (0 <= herr && herr < h_nerr)
-	return (char *) h_errlist[herr];
-    else if(herr == -17)
-	return "unknown error";
-    else
-	return "Error number out of range (hstrerror)";
-}
-
-#endif
diff --git a/crypto/kerberosIV/lib/roken/inaddr2str.c b/crypto/kerberosIV/lib/roken/inaddr2str.c
deleted file mode 100644
index af158aa29374..000000000000
--- a/crypto/kerberosIV/lib/roken/inaddr2str.c
+++ /dev/null
@@ -1,88 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: inaddr2str.c,v 1.6 1997/04/01 08:19:02 joda Exp $");
-#endif
-
-#include <stdlib.h>
-#include <string.h>
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-#ifdef HAVE_NETDB_H
-#include <netdb.h>
-#endif
-#include "roken.h"
-
-/*
- * Get a verified name for `addr'.
- * If unable to find it in the DNS, return x.y.z.a
- */
-
-void
-inaddr2str(struct in_addr addr, char *s, size_t len)
-{
-  struct hostent *h;
-  char *p;
-
-  h = gethostbyaddr ((const char *)&addr, sizeof(addr), AF_INET);
-  if (h) {
-    h = gethostbyname (h->h_name);
-    if(h)
-      while ((p = *(h->h_addr_list)++))
-	if (memcmp (p, &addr, sizeof(addr)) == 0) {
-	  strncpy (s, h->h_name, len);
-	  s[len - 1] = '\0';
-	  return;
-	}
-  }
-  strncpy (s, inet_ntoa (addr), len);
-  s[len - 1] = '\0';
-  return;
-}
diff --git a/crypto/kerberosIV/lib/roken/inet_aton.c b/crypto/kerberosIV/lib/roken/inet_aton.c
deleted file mode 100644
index c97ef744c73b..000000000000
--- a/crypto/kerberosIV/lib/roken/inet_aton.c
+++ /dev/null
@@ -1,68 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: inet_aton.c,v 1.10 1997/05/20 19:57:03 bg Exp $");
-#endif
-
-#include "roken.h"
-
-#include <stdio.h>
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_NETDB_H
-#include <netdb.h>
-#endif
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-
-/* Minimal implementation of inet_aton.
- * Cannot distinguish between failure and a local broadcast address. */
-
-int
-inet_aton(const char *cp, struct in_addr *addr)
-{
-  addr->s_addr = inet_addr(cp);
-  return (addr->s_addr == INADDR_NONE) ? 0 : 1;
-}
diff --git a/crypto/kerberosIV/lib/roken/initgroups.c b/crypto/kerberosIV/lib/roken/initgroups.c
deleted file mode 100644
index a68aa6354aa5..000000000000
--- a/crypto/kerberosIV/lib/roken/initgroups.c
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: initgroups.c,v 1.2 1997/04/01 08:19:03 joda Exp $");
-#endif
-
-#include "roken.h"
-
-int
-initgroups(const char *name, gid_t basegid)
-{
-  return 0;
-}
diff --git a/crypto/kerberosIV/lib/roken/k_getpwnam.c b/crypto/kerberosIV/lib/roken/k_getpwnam.c
deleted file mode 100644
index 580b1a282888..000000000000
--- a/crypto/kerberosIV/lib/roken/k_getpwnam.c
+++ /dev/null
@@ -1,69 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: k_getpwnam.c,v 1.6 1997/04/01 08:19:03 joda Exp $");
-#endif /* HAVE_CONFIG_H */
-
-#include "roken.h"
-#ifdef HAVE_SHADOW_H
-#include <shadow.h>
-#endif
-
-struct passwd *
-k_getpwnam (char *user)
-{
-     struct passwd *p;
-
-     p = getpwnam (user);
-#ifdef HAVE_GETSPNAM
-     if(p)
-     {
-	  struct spwd *spwd;
-
-	  spwd = getspnam (user);
-	  if (spwd)
-	       p->pw_passwd = spwd->sp_pwdp;
-	  endspent ();
-     }
-#else
-     endpwent ();
-#endif
-     return p;
-}
diff --git a/crypto/kerberosIV/lib/roken/k_getpwuid.c b/crypto/kerberosIV/lib/roken/k_getpwuid.c
deleted file mode 100644
index a3a8f0437787..000000000000
--- a/crypto/kerberosIV/lib/roken/k_getpwuid.c
+++ /dev/null
@@ -1,69 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: k_getpwuid.c,v 1.6 1997/04/01 08:19:04 joda Exp $");
-#endif /* HAVE_CONFIG_H */
-
-#include "roken.h"
-#ifdef HAVE_SHADOW_H
-#include <shadow.h>
-#endif
-
-struct passwd *
-k_getpwuid (uid_t uid)
-{
-     struct passwd *p;
-
-     p = getpwuid (uid);
-#ifdef HAVE_GETSPUID
-     if (p)
-     {
-	  struct spwd *spwd;
-
-	  spwd = getspuid (uid);
-	  if (spwd)
-	       p->pw_passwd = spwd->sp_pwdp;
-	  endspent ();
-     }
-#else
-     endpwent ();
-#endif
-     return p;
-}
diff --git a/crypto/kerberosIV/lib/roken/lstat.c b/crypto/kerberosIV/lib/roken/lstat.c
deleted file mode 100644
index 881ad9aed566..000000000000
--- a/crypto/kerberosIV/lib/roken/lstat.c
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: lstat.c,v 1.3 1997/04/01 08:19:04 joda Exp $");
-#endif
-
-#include "roken.h"
-
-int
-lstat(const char *path, struct stat *buf)
-{
-  return stat(path, buf);
-}
diff --git a/crypto/kerberosIV/lib/roken/memmove.c b/crypto/kerberosIV/lib/roken/memmove.c
deleted file mode 100644
index 315ff05a1ef0..000000000000
--- a/crypto/kerberosIV/lib/roken/memmove.c
+++ /dev/null
@@ -1,67 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: memmove.c,v 1.5 1997/04/01 08:19:05 joda Exp $");
-#endif
-
-/* 
- * memmove for systems that doesn't have it 
- */
-
-#include <sys/types.h>
-
-void* memmove(void *s1, const void *s2, size_t n)
-{
-  char *s=(char*)s2, *d=(char*)s1;
-
-  if(d > s){
-    s+=n-1;
-    d+=n-1;
-    while(n){
-      *d--=*s--;
-      n--;
-    }
-  }else if(d < s)
-    while(n){
-      *d++=*s++;
-      n--;
-    }
-  return s1;
-}
diff --git a/crypto/kerberosIV/lib/roken/mini_inetd.c b/crypto/kerberosIV/lib/roken/mini_inetd.c
deleted file mode 100644
index ccfcfe75eaf0..000000000000
--- a/crypto/kerberosIV/lib/roken/mini_inetd.c
+++ /dev/null
@@ -1,99 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: mini_inetd.c,v 1.10 1997/05/02 14:30:07 assar Exp $");
-#endif
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-
-#include <roken.h>
-
-void
-mini_inetd (int port)
-{
-     struct sockaddr_in sa;
-     int s = socket(AF_INET, SOCK_STREAM, 0);
-     int s2;
-     int one = 1;
-     if(s < 0){
-	  perror("socket");
-	  exit(1);
-     }
-#if defined(SO_REUSEADDR) && defined(HAVE_SETSOCKOPT)
-     if(setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (void *)&one,
-		   sizeof(one)) < 0){
-	  perror("setsockopt");
-	  exit(1);
-     }
-#endif
-     memset(&sa, 0, sizeof(sa));
-     sa.sin_family = AF_INET;
-     sa.sin_port = port;
-     sa.sin_addr.s_addr = INADDR_ANY;
-     if(bind(s, (struct sockaddr*)&sa, sizeof(sa)) < 0){
-	  perror("bind");
-	  exit(1);
-     }
-     if(listen(s, SOMAXCONN) < 0){
-	  perror("listen");
-	  exit(1);
-     }
-     s2 = accept(s, NULL, 0);
-     if(s2 < 0){
-	  perror("accept");
-	  exit(1);
-     }
-     close(s);
-     dup2(s2, STDIN_FILENO);
-     dup2(s2, STDOUT_FILENO);
-     /* dup2(s2, STDERR_FILENO); */
-     close(s2);
-}
diff --git a/crypto/kerberosIV/lib/roken/mkstemp.c b/crypto/kerberosIV/lib/roken/mkstemp.c
deleted file mode 100644
index e55398a518e2..000000000000
--- a/crypto/kerberosIV/lib/roken/mkstemp.c
+++ /dev/null
@@ -1,89 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-
-#include <string.h>
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-#include <errno.h>
-
-RCSID("$Id: mkstemp.c,v 1.2 1997/05/25 02:36:43 joda Exp $");
-
-#ifndef HAVE_MKSTEMP
-
-int
-mkstemp(char *template)
-{
-    int start, i;
-    pid_t val;
-    val = getpid();
-    start = strlen(template) - 1;
-    while(template[start] == 'X') {
-	template[start] = '0' + val % 10;
-	val /= 10;
-	start--;
-    }
-    
-    do{
-	int fd;
-	fd = open(template, O_RDWR | O_CREAT | O_EXCL, 0600);
-	if(fd >= 0 || errno != EEXIST)
-	    return fd;
-	i = start + 1;
-	do{
-	    if(template[i] == 0)
-		return -1;
-	    template[i]++;
-	    if(template[i] == '9' + 1)
-		template[i] = 'a';
-	    if(template[i] <= 'z')
-		break;
-	    template[i] = 'a';
-	    i++;
-	}while(1);
-    }while(1);
-}
-
-#endif
diff --git a/crypto/kerberosIV/lib/roken/putenv.c b/crypto/kerberosIV/lib/roken/putenv.c
deleted file mode 100644
index 20d5a10dadf0..000000000000
--- a/crypto/kerberosIV/lib/roken/putenv.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: putenv.c,v 1.5 1997/04/01 08:19:06 joda Exp $");
-#endif
-
-#include <stdlib.h>
-
-extern char **environ;
-
-/*
- * putenv --
- *	String points to a string of the form name=value.
- *
- *      Makes the value of the environment variable name equal to
- *      value by altering an existing variable or creating a new one.
- */
-int putenv(const char *string)
-{
-    int i;
-    int len;
-    
-    len = string - strchr(string, '=') + 1;
-
-    if(environ == NULL){
-	environ = malloc(sizeof(char*));
-	if(environ == NULL)
-	    return 1;
-	environ[0] = NULL;
-    }
-
-    for(i = 0; environ[i]; i++)
-	if(strncmp(string, environ[i], len)){
-	    environ[len] = string;
-	    return 0;
-	}
-    environ = realloc(environ, sizeof(char*) * (i + 1));
-    if(environ == NULL)
-	return 1;
-    environ[i] = string;
-    environ[i+1] = NULL;
-    return 0;
-}
-
diff --git a/crypto/kerberosIV/lib/roken/rcmd.c b/crypto/kerberosIV/lib/roken/rcmd.c
deleted file mode 100644
index 6064d5074ac9..000000000000
--- a/crypto/kerberosIV/lib/roken/rcmd.c
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: rcmd.c,v 1.2 1997/04/01 08:19:06 joda Exp $");
-#endif
-
-#include "roken.h"
-#include <stdio.h>
-
-int
-rcmd(char **ahost,
-     unsigned short inport,
-     const char *locuser,
-     const char *remuser,
-     const char *cmd,
-     int *fd2p)
-{
-  fprintf(stderr, "Only kerberized services are implemented\n");
-  return -1;
-}
diff --git a/crypto/kerberosIV/lib/roken/roken.def b/crypto/kerberosIV/lib/roken/roken.def
deleted file mode 100644
index 13e357217546..000000000000
--- a/crypto/kerberosIV/lib/roken/roken.def
+++ /dev/null
@@ -1,4 +0,0 @@
-LIBRARY roken
-EXPORTS
-	gettimeofday
-	strcasecmp
diff --git a/crypto/kerberosIV/lib/roken/roken.h b/crypto/kerberosIV/lib/roken/roken.h
deleted file mode 100644
index 1204e3e2580e..000000000000
--- a/crypto/kerberosIV/lib/roken/roken.h
+++ /dev/null
@@ -1,338 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* $Id: roken.h,v 1.63 1997/05/28 05:38:09 assar Exp $ */
-
-#ifndef __ROKEN_H__
-#define __ROKEN_H__
-
-#include <stdlib.h>
-#include <stdarg.h>
-#include <string.h>
-#include <signal.h>
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-#ifdef HAVE_GRP_H
-#include <grp.h>
-#endif
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-
-#ifdef HAVE_TERMIOS_H
-#include <termios.h>
-#endif
-
-#if defined(HAVE_SYS_IOCTL_H) && SunOS != 4
-#include <sys/ioctl.h>
-#endif
-
-#include "protos.h"
-
-#if !defined(HAVE_SETSID) && defined(HAVE__SETSID)
-#define setsid _setsid
-#endif
-
-#ifndef HAVE_PUTENV
-int putenv(const char *string);
-#endif
-
-#ifndef HAVE_SETENV
-int setenv(const char *var, const char *val, int rewrite);
-#endif
-
-#ifndef HAVE_UNSETENV
-void unsetenv(const char *name);
-#endif
-
-#ifndef HAVE_GETUSERSHELL
-char *getusershell(void);
-#endif
-
-#if !defined(__GNUC__) && !defined(__attribute__)
-#define __attribute__(x)
-#endif
-
-#ifndef HAVE_SNPRINTF
-int snprintf (char *str, size_t sz, const char *format, ...)
-     __attribute__ ((format (printf, 3, 4)));
-#endif
-
-#ifndef HAVE_VSNPRINTF
-int vsnprintf (char *str, size_t sz, const char *format, va_list ap)
-     __attribute__((format (printf, 3, 0)));
-#endif
-
-#ifndef HAVE_ASPRINTF
-int asprintf (char **ret, const char *format, ...)
-     __attribute__ ((format (printf, 2, 3)));
-#endif
-
-#ifndef HAVE_VASPRINTF
-int vasprintf (char **ret, const char *format, va_list ap)
-     __attribute__((format (printf, 2, 0)));
-#endif
-
-#ifndef HAVE_ASNPRINTF
-int asnprintf (char **ret, size_t max_sz, const char *format, ...)
-     __attribute__ ((format (printf, 3, 4)));
-#endif
-
-#ifndef HAVE_VASNPRINTF
-int vasnprintf (char **ret, size_t max_sz, const char *format, va_list ap)
-     __attribute__((format (printf, 3, 0)));
-#endif
-
-#ifndef HAVE_STRDUP
-char * strdup(const char *old);
-#endif
-
-#ifndef HAVE_STRLWR
-char * strlwr(char *);
-#endif
-
-#ifndef HAVE_STRNLEN
-int strnlen(char*, int);
-#endif
-
-#ifndef HAVE_STRTOK_R
-char *strtok_r(char *s1, const char *s2, char **lasts);
-#endif
-
-#ifndef HAVE_STRUPR
-char * strupr(char *);
-#endif
-
-#ifndef HAVE_GETDTABLESIZE
-int getdtablesize(void);
-#endif
-
-#if IRIX != 4 /* fix for compiler bug */
-#ifdef RETSIGTYPE
-typedef RETSIGTYPE (*SigAction)(/* int??? */);
-SigAction signal(int iSig, SigAction pAction); /* BSD compatible */
-#endif
-#endif
-
-#ifndef SIG_ERR
-#define SIG_ERR ((RETSIGTYPE (*)())-1)
-#endif
-
-#if !defined(HAVE_STRERROR) && !defined(strerror)
-char *strerror(int eno);
-#endif
-
-#ifndef HAVE_HSTRERROR
-char *hstrerror(int herr);
-#endif
-
-#ifndef HAVE_H_ERRNO_DECLARATION
-extern int h_errno;
-#endif
-
-#ifndef HAVE_INET_ATON
-/* Minimal implementation of inet_aton. Doesn't handle hex numbers. */
-int inet_aton(const char *cp, struct in_addr *adr);
-#endif
-
-#if !defined(HAVE_GETCWD)
-char* getcwd(char *path, size_t size);
-#endif
-
-#ifndef HAVE_GETENT
-int getent(char *cp, char *name);
-#endif
-
-#ifdef HAVE_PWD_H
-#include <pwd.h>
-struct passwd *k_getpwnam (char *user);
-struct passwd *k_getpwuid (uid_t uid);
-#endif
-
-#ifndef HAVE_SETEUID
-int seteuid(int euid);
-#endif
-
-#ifndef HAVE_SETEGID
-int setegid(int egid);
-#endif
-
-#ifndef HAVE_LSTAT
-int lstat(const char *path, struct stat *buf);
-#endif
-
-#ifndef HAVE_MKSTEMP
-int mkstemp(char *);
-#endif
-
-#ifndef HAVE_INITGROUPS
-int initgroups(const char *name, gid_t basegid);
-#endif
-
-#ifndef HAVE_FCHOWN
-int fchown(int fd, uid_t owner, gid_t group);
-#endif
-
-#ifndef HAVE_CHOWN
-int chown(const char *path, uid_t owner, gid_t group);
-#endif
-
-#ifndef HAVE_RCMD
-int rcmd(char **ahost, unsigned short inport, const char *locuser,
-	 const char *remuser, const char *cmd, int *fd2p);
-#endif
-
-#ifdef TIME_WITH_SYS_TIME
-#include <sys/time.h>
-#include <time.h>
-#elif defined(HAVE_SYS_TIME_H)
-#include <sys/time.h>
-#else
-#include <time.h>
-#endif
-
-time_t tm2time (struct tm tm, int local);
-
-int unix_verify_user(char *user, char *password);
-
-void inaddr2str(struct in_addr addr, char *s, size_t len);
-
-void mini_inetd (int port);
-
-#ifndef HAVE_STRUCT_WINSIZE
-struct winsize {
-	unsigned short ws_row, ws_col;
-	unsigned short ws_xpixel, ws_ypixel;
-};
-#endif
-
-int get_window_size(int fd, struct winsize *);
-
-#ifndef INADDR_NONE
-#define INADDR_NONE 0xffffffff
-#endif
-
-#ifndef SOMAXCONN
-#define SOMAXCONN 5
-#endif
-
-#ifndef STDIN_FILENO
-#define STDIN_FILENO 0
-#endif
-
-#ifndef STDOUT_FILENO
-#define STDOUT_FILENO 1
-#endif
-
-#ifndef STDERR_FILENO
-#define STDERR_FILENO 2
-#endif
-
-#ifndef max
-#define max(a,b) (((a)>(b))?(a):(b))
-#endif
-
-#ifndef min
-#define min(a,b) (((a)<(b))?(a):(b))
-#endif
-
-#ifndef TRUE
-#define TRUE 1
-#endif
-
-#ifndef FALSE
-#define FALSE 0
-#endif
-
-#ifdef HAVE_SYSLOG_H
-#include <syslog.h>
-/* Misc definitions for old syslogs */
-
-#ifndef LOG_DAEMON
-#define openlog(id,option,facility) openlog((id),(option))
-#define	LOG_DAEMON	0
-#endif
-#ifndef LOG_ODELAY
-#define LOG_ODELAY 0
-#endif
-#ifndef LOG_NDELAY
-#define LOG_NDELAY 0x08
-#endif
-#ifndef LOG_CONS
-#define LOG_CONS 0
-#endif
-#ifndef LOG_AUTH
-#define LOG_AUTH 0
-#endif
-#ifndef LOG_AUTHPRIV
-#define LOG_AUTHPRIV LOG_AUTH
-#endif
-#endif
-
-#ifndef HAVE_OPTARG_DECLARATION
-extern char *optarg;
-#endif
-#ifndef HAVE_OPTIND_DECLARATION
-extern int optind;
-#endif
-#ifndef HAVE_OPTERR_DECLARATION
-extern int opterr;
-#endif
-
-#ifndef HAVE___PROGNAME_DECLARATION
-extern const char *__progname;
-#endif
-
-void set_progname(char *argv0);
-
-#ifdef HAVE_PATHS_H
-#include <paths.h>
-#endif
-
-#ifndef _PATH_DEVNULL
-#define _PATH_DEVNULL "/dev/null"
-#endif
-
-#endif /*  __ROKEN_H__ */
diff --git a/crypto/kerberosIV/lib/roken/roken.mak b/crypto/kerberosIV/lib/roken/roken.mak
deleted file mode 100644
index d0c4a6fa67e5..000000000000
--- a/crypto/kerberosIV/lib/roken/roken.mak
+++ /dev/null
@@ -1,278 +0,0 @@
-# Microsoft Developer Studio Generated NMAKE File, Format Version 4.10
-# ** DO NOT EDIT **
-
-# TARGTYPE "Win32 (x86) Dynamic-Link Library" 0x0102
-
-!IF "$(CFG)" == ""
-CFG=roken - Win32 Debug
-!MESSAGE No configuration specified.  Defaulting to roken - Win32 Debug.
-!ENDIF 
-
-!IF "$(CFG)" != "roken - Win32 Release" && "$(CFG)" != "roken - Win32 Debug"
-!MESSAGE Invalid configuration "$(CFG)" specified.
-!MESSAGE You can specify a configuration when running NMAKE on this makefile
-!MESSAGE by defining the macro CFG on the command line.  For example:
-!MESSAGE 
-!MESSAGE NMAKE /f "roken.mak" CFG="roken - Win32 Debug"
-!MESSAGE 
-!MESSAGE Possible choices for configuration are:
-!MESSAGE 
-!MESSAGE "roken - Win32 Release" (based on "Win32 (x86) Dynamic-Link Library")
-!MESSAGE "roken - Win32 Debug" (based on "Win32 (x86) Dynamic-Link Library")
-!MESSAGE 
-!ERROR An invalid configuration is specified.
-!ENDIF 
-
-!IF "$(OS)" == "Windows_NT"
-NULL=
-!ELSE 
-NULL=nul
-!ENDIF 
-################################################################################
-# Begin Project
-# PROP Target_Last_Scanned "roken - Win32 Debug"
-RSC=rc.exe
-MTL=mktyplib.exe
-CPP=cl.exe
-
-!IF  "$(CFG)" == "roken - Win32 Release"
-
-# PROP BASE Use_MFC 0
-# PROP BASE Use_Debug_Libraries 0
-# PROP BASE Output_Dir "Release"
-# PROP BASE Intermediate_Dir "Release"
-# PROP BASE Target_Dir ""
-# PROP Use_MFC 0
-# PROP Use_Debug_Libraries 0
-# PROP Output_Dir "Release"
-# PROP Intermediate_Dir "Release"
-# PROP Target_Dir ""
-OUTDIR=.\Release
-INTDIR=.\Release
-
-ALL : ".\Release\roken.dll"
-
-CLEAN : 
-	-@erase ".\Release\gettimeofday.obj"
-	-@erase ".\Release\roken.dll"
-	-@erase ".\Release\roken.exp"
-	-@erase ".\Release\roken.lib"
-	-@erase ".\Release\strcasecmp.obj"
-
-"$(OUTDIR)" :
-    if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)"
-
-# ADD BASE CPP /nologo /MT /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /YX /c
-# ADD CPP /nologo /MT /W3 /GX /O2 /I "..\krb" /I "..\des" /I "..\..\include" /I "..\..\include\win32" /I "." /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D "HAVE_CONFIG_H" /YX /c
-CPP_PROJ=/nologo /MT /W3 /GX /O2 /I "..\krb" /I "..\des" /I "..\..\include" /I\
- "..\..\include\win32" /I "." /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D\
- "HAVE_CONFIG_H" /Fp"$(INTDIR)/roken.pch" /YX /Fo"$(INTDIR)/" /c 
-CPP_OBJS=.\Release/
-CPP_SBRS=.\.
-# ADD BASE MTL /nologo /D "NDEBUG" /win32
-# ADD MTL /nologo /D "NDEBUG" /win32
-MTL_PROJ=/nologo /D "NDEBUG" /win32 
-# ADD BASE RSC /l 0x409 /d "NDEBUG"
-# ADD RSC /l 0x409 /d "NDEBUG"
-BSC32=bscmake.exe
-# ADD BASE BSC32 /nologo
-# ADD BSC32 /nologo
-BSC32_FLAGS=/nologo /o"$(OUTDIR)/roken.bsc" 
-BSC32_SBRS= \
-	
-LINK32=link.exe
-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /dll /machine:I386
-# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /dll /machine:I386
-LINK32_FLAGS=kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib\
- advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib\
- odbccp32.lib /nologo /subsystem:windows /dll /incremental:no\
- /pdb:"$(OUTDIR)/roken.pdb" /machine:I386 /def:".\roken.def"\
- /out:"$(OUTDIR)/roken.dll" /implib:"$(OUTDIR)/roken.lib" 
-DEF_FILE= \
-	".\roken.def"
-LINK32_OBJS= \
-	".\Release\gettimeofday.obj" \
-	".\Release\strcasecmp.obj"
-
-".\Release\roken.dll" : "$(OUTDIR)" $(DEF_FILE) $(LINK32_OBJS)
-    $(LINK32) @<<
-  $(LINK32_FLAGS) $(LINK32_OBJS)
-<<
-
-!ELSEIF  "$(CFG)" == "roken - Win32 Debug"
-
-# PROP BASE Use_MFC 0
-# PROP BASE Use_Debug_Libraries 1
-# PROP BASE Output_Dir "Debug"
-# PROP BASE Intermediate_Dir "Debug"
-# PROP BASE Target_Dir ""
-# PROP Use_MFC 0
-# PROP Use_Debug_Libraries 1
-# PROP Output_Dir "Debug"
-# PROP Intermediate_Dir "Debug"
-# PROP Target_Dir ""
-OUTDIR=.\Debug
-INTDIR=.\Debug
-
-ALL : ".\Debug\roken.dll"
-
-CLEAN : 
-	-@erase ".\Debug\gettimeofday.obj"
-	-@erase ".\Debug\roken.dll"
-	-@erase ".\Debug\roken.exp"
-	-@erase ".\Debug\roken.ilk"
-	-@erase ".\Debug\roken.lib"
-	-@erase ".\Debug\roken.pdb"
-	-@erase ".\Debug\strcasecmp.obj"
-	-@erase ".\Debug\vc40.idb"
-	-@erase ".\Debug\vc40.pdb"
-
-"$(OUTDIR)" :
-    if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)"
-
-# ADD BASE CPP /nologo /MTd /W3 /Gm /GX /Zi /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /YX /c
-# ADD CPP /nologo /MTd /W3 /Gm /GX /Zi /Od /I "..\krb" /I "..\des" /I "..\..\include" /I "..\..\include\win32" /I "." /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /D "HAVE_CONFIG_H" /YX /c
-CPP_PROJ=/nologo /MTd /W3 /Gm /GX /Zi /Od /I "..\krb" /I "..\des" /I\
- "..\..\include" /I "..\..\include\win32" /I "." /D "_DEBUG" /D "WIN32" /D\
- "_WINDOWS" /D "HAVE_CONFIG_H" /Fp"$(INTDIR)/roken.pch" /YX /Fo"$(INTDIR)/"\
- /Fd"$(INTDIR)/" /c 
-CPP_OBJS=.\Debug/
-CPP_SBRS=.\.
-# ADD BASE MTL /nologo /D "_DEBUG" /win32
-# ADD MTL /nologo /D "_DEBUG" /win32
-MTL_PROJ=/nologo /D "_DEBUG" /win32 
-# ADD BASE RSC /l 0x409 /d "_DEBUG"
-# ADD RSC /l 0x409 /d "_DEBUG"
-BSC32=bscmake.exe
-# ADD BASE BSC32 /nologo
-# ADD BSC32 /nologo
-BSC32_FLAGS=/nologo /o"$(OUTDIR)/roken.bsc" 
-BSC32_SBRS= \
-	
-LINK32=link.exe
-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /dll /debug /machine:I386
-# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /dll /debug /machine:I386
-LINK32_FLAGS=kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib\
- advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib\
- odbccp32.lib /nologo /subsystem:windows /dll /incremental:yes\
- /pdb:"$(OUTDIR)/roken.pdb" /debug /machine:I386 /def:".\roken.def"\
- /out:"$(OUTDIR)/roken.dll" /implib:"$(OUTDIR)/roken.lib" 
-DEF_FILE= \
-	".\roken.def"
-LINK32_OBJS= \
-	".\Debug\gettimeofday.obj" \
-	".\Debug\strcasecmp.obj"
-
-".\Debug\roken.dll" : "$(OUTDIR)" $(DEF_FILE) $(LINK32_OBJS)
-    $(LINK32) @<<
-  $(LINK32_FLAGS) $(LINK32_OBJS)
-<<
-
-!ENDIF 
-
-.c{$(CPP_OBJS)}.obj:
-   $(CPP) $(CPP_PROJ) $<  
-
-.cpp{$(CPP_OBJS)}.obj:
-   $(CPP) $(CPP_PROJ) $<  
-
-.cxx{$(CPP_OBJS)}.obj:
-   $(CPP) $(CPP_PROJ) $<  
-
-.c{$(CPP_SBRS)}.sbr:
-   $(CPP) $(CPP_PROJ) $<  
-
-.cpp{$(CPP_SBRS)}.sbr:
-   $(CPP) $(CPP_PROJ) $<  
-
-.cxx{$(CPP_SBRS)}.sbr:
-   $(CPP) $(CPP_PROJ) $<  
-
-################################################################################
-# Begin Target
-
-# Name "roken - Win32 Release"
-# Name "roken - Win32 Debug"
-
-!IF  "$(CFG)" == "roken - Win32 Release"
-
-!ELSEIF  "$(CFG)" == "roken - Win32 Debug"
-
-!ENDIF 
-
-################################################################################
-# Begin Source File
-
-SOURCE=\TEMP\jimpa3\lib\krb\gettimeofday.c
-DEP_CPP_GETTI=\
-	"..\..\include\protos.h"\
-	"..\..\include\sys/bitypes.h"\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	"..\des\des.h"\
-	"..\krb\krb.h"\
-	"..\krb\krb_locl.h"\
-	"..\krb\prot.h"\
-	"..\krb\resolve.h"\
-	".\roken.h"\
-	{$(INCLUDE)}"\sys\stat.h"\
-	{$(INCLUDE)}"\sys\types.h"\
-	
-
-!IF  "$(CFG)" == "roken - Win32 Release"
-
-
-".\Release\gettimeofday.obj" : $(SOURCE) $(DEP_CPP_GETTI) "$(INTDIR)"
-   $(CPP) $(CPP_PROJ) $(SOURCE)
-
-
-!ELSEIF  "$(CFG)" == "roken - Win32 Debug"
-
-
-".\Debug\gettimeofday.obj" : $(SOURCE) $(DEP_CPP_GETTI) "$(INTDIR)"
-   $(CPP) $(CPP_PROJ) $(SOURCE)
-
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\roken.def
-
-!IF  "$(CFG)" == "roken - Win32 Release"
-
-!ELSEIF  "$(CFG)" == "roken - Win32 Debug"
-
-!ENDIF 
-
-# End Source File
-################################################################################
-# Begin Source File
-
-SOURCE=.\strcasecmp.c
-DEP_CPP_STRCA=\
-	"..\..\include\sys/cdefs.h"\
-	"..\..\include\win32\config.h"\
-	{$(INCLUDE)}"\sys\types.h"\
-	
-
-!IF  "$(CFG)" == "roken - Win32 Release"
-
-
-".\Release\strcasecmp.obj" : $(SOURCE) $(DEP_CPP_STRCA) "$(INTDIR)"
-
-
-!ELSEIF  "$(CFG)" == "roken - Win32 Debug"
-
-
-".\Debug\strcasecmp.obj" : $(SOURCE) $(DEP_CPP_STRCA) "$(INTDIR)"
-
-
-!ENDIF 
-
-# End Source File
-# End Target
-# End Project
-################################################################################
diff --git a/crypto/kerberosIV/lib/roken/setegid.c b/crypto/kerberosIV/lib/roken/setegid.c
deleted file mode 100644
index b79bdd51adad..000000000000
--- a/crypto/kerberosIV/lib/roken/setegid.c
+++ /dev/null
@@ -1,60 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: setegid.c,v 1.7 1997/04/01 08:19:07 joda Exp $");
-#endif
-
-#include <unistd.h>
-
-#include "roken.h"
-
-int
-setegid(int egid)
-{
-#ifdef HAVE_SETREGID
-    return setregid(-1, egid);
-#endif
-
-#ifdef HAVE_SETRESGID
-    return setresgid(-1, egid, -1);
-#endif
-
-    return -1;
-}
diff --git a/crypto/kerberosIV/lib/roken/setenv.c b/crypto/kerberosIV/lib/roken/setenv.c
deleted file mode 100644
index c83591f65090..000000000000
--- a/crypto/kerberosIV/lib/roken/setenv.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: setenv.c,v 1.8 1997/05/02 14:29:32 assar Exp $");
-#endif
-
-#include "roken.h"
-
-#include <stdlib.h>
-#include <string.h>
-
-/*
- * This is the easy way out, use putenv to implement setenv. We might
- * leak some memory but that is ok since we are usally about to exec
- * anyway.
- */
-
-int
-setenv(const char *var, const char *val, int rewrite)
-{
-    char *t;
-
-    if (!rewrite && getenv(var) != 0)
-	return 0;
-  
-    asprintf (&t, "%s=%s", var, val);
-    if (t == NULL)
-	return -1;
-
-    if (putenv(t) == 0)
-	return 0;
-    else
-	return -1;
-}
diff --git a/crypto/kerberosIV/lib/roken/seteuid.c b/crypto/kerberosIV/lib/roken/seteuid.c
deleted file mode 100644
index b83131821bf3..000000000000
--- a/crypto/kerberosIV/lib/roken/seteuid.c
+++ /dev/null
@@ -1,60 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: seteuid.c,v 1.7 1997/04/01 08:19:08 joda Exp $");
-#endif
-
-#include <unistd.h>
-
-#include "roken.h"
-
-int
-seteuid(int euid)
-{
-#ifdef HAVE_SETREUID
-    return setreuid(-1, euid);
-#endif
-
-#ifdef HAVE_SETRESUID
-    return setresuid(-1, euid, -1);
-#endif
-
-    return -1;
-}
diff --git a/crypto/kerberosIV/lib/roken/signal.c b/crypto/kerberosIV/lib/roken/signal.c
deleted file mode 100644
index a39a19451c24..000000000000
--- a/crypto/kerberosIV/lib/roken/signal.c
+++ /dev/null
@@ -1,86 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: signal.c,v 1.8 1997/04/01 08:19:09 joda Exp $");
-#endif
-
-#include <signal.h>
-
-/*
- * We would like to always use this signal but there is a link error
- * on NEXTSTEP
- */
-#ifndef NeXT
-/*
- * Bugs:
- *
- * Do we need any extra hacks for SIGCLD and/or SIGCHLD?
- */
-
-typedef RETSIGTYPE (*SigAction)(/* int??? */);
-
-SigAction
-signal(int iSig, SigAction pAction)
-{
-    struct sigaction saNew, saOld;
-
-    saNew.sa_handler = pAction;
-    sigemptyset(&saNew.sa_mask);
-    saNew.sa_flags = 0;
-
-    if (iSig == SIGALRM)
-	{
-#ifdef SA_INTERRUPT
-	    saNew.sa_flags |= SA_INTERRUPT;
-#endif
-	}
-    else
-	{
-#ifdef SA_RESTART
-	    saNew.sa_flags |= SA_RESTART;
-#endif
-	}
-
-    if (sigaction(iSig, &saNew, &saOld) < 0)
-	return(SIG_ERR);
-
-    return(saOld.sa_handler);
-}
-#endif
diff --git a/crypto/kerberosIV/lib/roken/snprintf.c b/crypto/kerberosIV/lib/roken/snprintf.c
deleted file mode 100644
index b0757e551df1..000000000000
--- a/crypto/kerberosIV/lib/roken/snprintf.c
+++ /dev/null
@@ -1,520 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: snprintf.c,v 1.13 1997/05/25 02:00:31 assar Exp $");
-#endif
-#include <stdio.h>
-#include <stdarg.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <roken.h>
-
-/*
- * Common state
- */
-
-struct state {
-  char *str;
-  char *s;
-  char *theend;
-  size_t sz;
-  size_t max_sz;
-  int (*append_char)(struct state *, char);
-  int (*reserve)(struct state *, size_t);
-  /* XXX - methods */
-};
-
-static int
-sn_reserve (struct state *state, size_t n)
-{
-  return state->s + n > state->theend;
-}
-
-static int
-sn_append_char (struct state *state, char c)
-{
-  if (sn_reserve (state, 1)) {
-    *state->s++ = '\0';
-    return 1;
-  } else {
-    *state->s++ = c;
-    return 0;
-  }
-}
-
-static int
-as_reserve (struct state *state, size_t n)
-{
-  while (state->s + n > state->theend) {
-    int off = state->s - state->str;
-    char *tmp;
-
-    if (state->max_sz && state->sz >= state->max_sz)
-      return 1;
-
-    if (state->max_sz)
-      state->sz = min(state->max_sz, state->sz*2);
-    else
-      state->sz *= 2;
-    tmp = realloc (state->str, state->sz);
-    if (tmp == NULL)
-      return 1;
-    state->str = tmp;
-    state->s = state->str + off;
-    state->theend = state->str + state->sz - 1;
-  }
-  return 0;
-}
-
-static int
-as_append_char (struct state *state, char c)
-{
-  if(as_reserve (state, 1))
-    return 1;
-  else {
-    *state->s++ = c;
-    return 0;
-  }
-}
-
-static int
-append_number (struct state *state,
-	       unsigned long num, unsigned base, char *rep,
-	       int width, int zerop, int minusp)
-{
-  int i, len;
-
-  len = 0;
-  if (num == 0) {
-    ++len;
-    if((*state->append_char) (state, '0'))
-      return 1;
-  }
-  while (num > 0) {
-    ++len;
-    if ((*state->append_char) (state, rep[num % base]))
-      return 1;
-    num /= base;
-  }
-  if (minusp) {
-    ++len;
-    if ((*state->append_char) (state, '-'))
-      return 1;
-  }
-
-  for (i = 0; i < len / 2; ++i) {
-    char c;
-
-    c = state->s[-i-1];
-    state->s[-i-1] = state->s[-len+i];
-    state->s[-len+i] = c;
-  }
-
-  if (width > len) {
-    if ((*state->reserve) (state, width - len))
-      return 1;
-
-#ifdef HAVE_MEMMOVE
-    memmove (state->s + width - 2 * len, state->s - len, len);
-#else
-    bcopy (state->s - len, state->s + width - 2 * len, len);
-#endif
-    for (i = 0; i < width - len; ++i)
-      state->s[-len+i] = (zerop ? '0' : ' ');
-    state->s += width - len;
-
-  }
-  return 0;
-}
-
-static int
-append_string (struct state *state,
-	       char *arg,
-	       int prec)
-{
-  if (prec) {
-    while (*arg && prec--)
-      if ((*state->append_char) (state, *arg++))
-	return 1;
-  } else {
-    while (*arg)
-      if ((*state->append_char) (state, *arg++))
-	return 1;
-  }
-  return 0;
-}
-
-/*
- * This can't be made into a function...
- */
-
-#define PARSE_INT_FORMAT(res, arg, unsig) \
-if (long_flag) \
-     res = va_arg(arg, unsig long); \
-else if (short_flag) \
-     res = va_arg(arg, unsig short); \
-else \
-     res = va_arg(arg, unsig int)
-
-/*
- * zyxprintf - return 0 or -1
- */
-
-static int
-xyzprintf (struct state *state, const char *format, va_list ap)
-{
-  char c;
-
-  while((c = *format++)) {
-    if (c == '%') {
-      int zerop      = 0;
-      int width      = 0;
-      int prec       = 0;
-      int long_flag  = 0;
-      int short_flag = 0;
-
-      c = *format++;
-
-      /* flags */
-      if (c == '0') {
-	zerop = 1;
-	c = *format++;
-      }
-
-      /* width */
-      if (isdigit(c))
-	do {
-	  width = width * 10 + c - '0';
-	  c = *format++;
-	} while(isdigit(c));
-      else if(c == '*') {
-	width = va_arg(ap, int);
-	c = *format++;
-      }
-
-      /* precision */
-      if (c == '.') {
-	c = *format++;
-	if (isdigit(c))
-	  do {
-	    prec = prec * 10 + c - '0';
-	    c = *format++;
-	  } while(isdigit(c));
-	else if (c == '*') {
-	  prec = va_arg(ap, int);
-	  c = *format++;
-	}
-      }
-
-      /* size */
-
-      if (c == 'h') {
-	short_flag = 1;
-	c = *format++;
-      } else if (c == 'l') {
-	long_flag = 1;
-	c = *format++;
-      }
-
-      switch (c) {
-      case 'c' :
-	if ((*state->append_char)(state, (unsigned char)va_arg(ap, int)))
-	  return -1;
-	break;
-      case 's' :
-	if (append_string(state,
-			  va_arg(ap, char*),
-			  prec))
-	  return -1;
-	break;
-      case 'd' :
-      case 'i' : {
-	long arg;
-	unsigned long num;
-	int minusp = 0;
-
-	PARSE_INT_FORMAT(arg, ap, );
-
-	if (arg < 0) {
-	  minusp = 1;
-	  num = -arg;
-	} else
-	  num = arg;
-
-	if (append_number (state, num, 10, "0123456789",
-			   width, zerop, minusp))
-	  return -1;
-	break;
-      }
-      case 'u' : {
-	unsigned long arg;
-
-	PARSE_INT_FORMAT(arg, ap, unsigned);
-
-	if (append_number (state, arg, 10, "0123456789",
-			   width, zerop, 0))
-	  return -1;
-	break;
-      }
-      case 'o' : {
-	unsigned long arg;
-
-	PARSE_INT_FORMAT(arg, ap, unsigned);
-
-	if (append_number (state, arg, 010, "01234567",
-			   width, zerop, 0))
-	  return -1;
-	break;
-      }
-      case 'x' : {
-	unsigned long arg;
-
-	PARSE_INT_FORMAT(arg, ap, unsigned);
-
-	if (append_number (state, arg, 0x10, "0123456789abcdef",
-			   width, zerop, 0))
-	  return -1;
-	break;
-      }
-      case 'X' :{
-	unsigned long arg;
-
-	PARSE_INT_FORMAT(arg, ap, unsigned);
-
-	if (append_number (state, arg, 0x10, "0123456789ABCDEF",
-			   width, zerop, 0))
-	  return -1;
-	break;
-      }
-      case 'p' : {
-	unsigned long arg = (unsigned long)va_arg(ap, void*);
-
-	if (append_number (state, arg, 0x10, "0123456789ABCDEF",
-			   width, zerop, 0))
-	  return -1;
-	break;
-      }
-      case '%' :
-	if ((*state->append_char)(state, c))
-	  return -1;
-	break;
-      default :
-	if (   (*state->append_char)(state, '%')
-	    || (*state->append_char)(state, c))
-	  return -1;
-	break;
-      }
-    } else
-      if ((*state->append_char) (state, c))
-	return -1;
-  }
-  return 0;
-}
-
-#ifndef HAVE_SNPRINTF
-int
-snprintf (char *str, size_t sz, const char *format, ...)
-{
-  va_list args;
-  int ret;
-
-  va_start(args, format);
-  ret = vsnprintf (str, sz, format, args);
-
-#ifdef PARANOIA
-  {
-    int ret2;
-    char *tmp;
-
-    tmp = malloc (sz);
-    if (tmp == NULL)
-      abort ();
-
-    ret2 = vsprintf (tmp, format, args);
-    if (ret != ret2 || strcmp(str, tmp))
-      abort ();
-    free (tmp);
-  }
-#endif
-
-  va_end(args);
-  return ret;
-}
-#endif
-
-#ifndef HAVE_ASPRINTF
-int
-asprintf (char **ret, const char *format, ...)
-{
-  va_list args;
-  int val;
-
-  va_start(args, format);
-  val = vasprintf (ret, format, args);
-
-#ifdef PARANOIA
-  {
-    int ret2;
-    char *tmp;
-    tmp = malloc (val + 1);
-    if (tmp == NULL)
-      abort ();
-
-    ret2 = vsprintf (tmp, format, args);
-    if (val != ret2 || strcmp(*ret, tmp))
-      abort ();
-    free (tmp);
-  }
-#endif
-
-  va_end(args);
-  return val;
-}
-#endif
-
-#ifndef HAVE_ASNPRINTF
-int
-asnprintf (char **ret, size_t max_sz, const char *format, ...)
-{
-  va_list args;
-  int val;
-
-  va_start(args, format);
-  val = vasnprintf (ret, max_sz, format, args);
-
-#ifdef PARANOIA
-  {
-    int ret2;
-    char *tmp;
-    tmp = malloc (val + 1);
-    if (tmp == NULL)
-      abort ();
-
-    ret2 = vsprintf (tmp, format, args);
-    if (val != ret2 || strcmp(*ret, tmp))
-      abort ();
-    free (tmp);
-  }
-#endif
-
-  va_end(args);
-  return val;
-}
-#endif
-
-#ifndef HAVE_VASPRINTF
-int
-vasprintf (char **ret, const char *format, va_list args)
-{
-  return vasnprintf (ret, 0, format, args);
-}
-#endif
-
-
-#ifndef HAVE_VASNPRINTF
-int
-vasnprintf (char **ret, size_t max_sz, const char *format, va_list args)
-{
-  int st;
-  size_t len;
-  struct state state;
-
-  state.max_sz = max_sz;
-  if (max_sz)
-    state.sz   = min(1, max_sz);
-  else
-    state.sz   = 1;
-  state.str    = malloc(state.sz);
-  if (state.str == NULL) {
-    *ret = NULL;
-    return -1;
-  }
-  state.s = state.str;
-  state.theend = state.s + state.sz - 1;
-  state.append_char = as_append_char;
-  state.reserve     = as_reserve;
-
-  st = xyzprintf (&state, format, args);
-  if (st) {
-    free (state.str);
-    *ret = NULL;
-    return -1;
-  } else {
-    char *tmp;
-
-    *state.s = '\0';
-    len = state.s - state.str;
-    tmp = realloc (state.str, len+1);
-    if (state.str == NULL) {
-      free (state.str);
-      *ret = NULL;
-      return -1;
-    }
-    *ret = tmp;
-    return len;
-  }
-}
-#endif
-
-#ifndef HAVE_VSNPRINTF
-int
-vsnprintf (char *str, size_t sz, const char *format, va_list args)
-{
-  struct state state;
-  int ret;
-
-  state.max_sz = 0;
-  state.sz     = sz;
-  state.str    = str;
-  state.s      = str;
-  state.theend = str + sz - 1;
-  state.append_char = sn_append_char;
-  state.reserve     = sn_reserve;
-
-  ret = xyzprintf (&state, format, args);
-  *state.s = '\0';
-  if (ret)
-    return sz;
-  else
-    return state.s - state.str;
-}
-#endif
-
diff --git a/crypto/kerberosIV/lib/roken/strcasecmp.c b/crypto/kerberosIV/lib/roken/strcasecmp.c
deleted file mode 100644
index a268c295e067..000000000000
--- a/crypto/kerberosIV/lib/roken/strcasecmp.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/*
- * Copyright (c) 1987, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: strcasecmp.c,v 1.3 1997/04/20 18:04:23 assar Exp $");
-#endif
-
-#include <string.h>
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#include <sys/cdefs.h>
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)strcasecmp.c	8.1 (Berkeley) 6/4/93";
-#endif /* LIBC_SCCS and not lint */
-
-/*
- * This array is designed for mapping upper and lower case letter
- * together for a case independent comparison.  The mappings are
- * based upon ascii character sequences.
- */
-static const unsigned char charmap[] = {
-	'\000', '\001', '\002', '\003', '\004', '\005', '\006', '\007',
-	'\010', '\011', '\012', '\013', '\014', '\015', '\016', '\017',
-	'\020', '\021', '\022', '\023', '\024', '\025', '\026', '\027',
-	'\030', '\031', '\032', '\033', '\034', '\035', '\036', '\037',
-	'\040', '\041', '\042', '\043', '\044', '\045', '\046', '\047',
-	'\050', '\051', '\052', '\053', '\054', '\055', '\056', '\057',
-	'\060', '\061', '\062', '\063', '\064', '\065', '\066', '\067',
-	'\070', '\071', '\072', '\073', '\074', '\075', '\076', '\077',
-	'\100', '\141', '\142', '\143', '\144', '\145', '\146', '\147',
-	'\150', '\151', '\152', '\153', '\154', '\155', '\156', '\157',
-	'\160', '\161', '\162', '\163', '\164', '\165', '\166', '\167',
-	'\170', '\171', '\172', '\133', '\134', '\135', '\136', '\137',
-	'\140', '\141', '\142', '\143', '\144', '\145', '\146', '\147',
-	'\150', '\151', '\152', '\153', '\154', '\155', '\156', '\157',
-	'\160', '\161', '\162', '\163', '\164', '\165', '\166', '\167',
-	'\170', '\171', '\172', '\173', '\174', '\175', '\176', '\177',
-	'\200', '\201', '\202', '\203', '\204', '\205', '\206', '\207',
-	'\210', '\211', '\212', '\213', '\214', '\215', '\216', '\217',
-	'\220', '\221', '\222', '\223', '\224', '\225', '\226', '\227',
-	'\230', '\231', '\232', '\233', '\234', '\235', '\236', '\237',
-	'\240', '\241', '\242', '\243', '\244', '\245', '\246', '\247',
-	'\250', '\251', '\252', '\253', '\254', '\255', '\256', '\257',
-	'\260', '\261', '\262', '\263', '\264', '\265', '\266', '\267',
-	'\270', '\271', '\272', '\273', '\274', '\275', '\276', '\277',
-	'\300', '\301', '\302', '\303', '\304', '\305', '\306', '\307',
-	'\310', '\311', '\312', '\313', '\314', '\315', '\316', '\317',
-	'\320', '\321', '\322', '\323', '\324', '\325', '\326', '\327',
-	'\330', '\331', '\332', '\333', '\334', '\335', '\336', '\337',
-	'\340', '\341', '\342', '\343', '\344', '\345', '\346', '\347',
-	'\350', '\351', '\352', '\353', '\354', '\355', '\356', '\357',
-	'\360', '\361', '\362', '\363', '\364', '\365', '\366', '\367',
-	'\370', '\371', '\372', '\373', '\374', '\375', '\376', '\377',
-};
-
-int
-strcasecmp(const char *s1, const char *s2)
-{
-	const unsigned char *cm = charmap,
-			*us1 = (const unsigned char *)s1,
-			*us2 = (const unsigned char *)s2;
-
-	while (cm[*us1] == cm[*us2++])
-		if (*us1++ == '\0')
-			return (0);
-	return (cm[*us1] - cm[*--us2]);
-}
-
-int
-strncasecmp(const char *s1, const char *s2, size_t n)
-{
-	if (n != 0) {
-		const unsigned char *cm = charmap,
-				*us1 = (const unsigned char *)s1,
-				*us2 = (const unsigned char *)s2;
-
-		do {
-			if (cm[*us1] != cm[*us2++])
-				return (cm[*us1] - cm[*--us2]);
-			if (*us1++ == '\0')
-				break;
-		} while (--n != 0);
-	}
-	return (0);
-}
diff --git a/crypto/kerberosIV/lib/roken/strdup.c b/crypto/kerberosIV/lib/roken/strdup.c
deleted file mode 100644
index b16992ff272a..000000000000
--- a/crypto/kerberosIV/lib/roken/strdup.c
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: strdup.c,v 1.9 1997/04/01 08:19:10 joda Exp $");
-#endif
-#include <stdlib.h>
-#include <string.h>
-
-#ifndef HAVE_STRDUP
-char *
-strdup(const char *old)
-{
-	char *t = malloc(strlen(old)+1);
-	if (t != 0)
-		strcpy(t, old);
-	return t;
-}
-#endif
diff --git a/crypto/kerberosIV/lib/roken/strerror.c b/crypto/kerberosIV/lib/roken/strerror.c
deleted file mode 100644
index 3d7b45c08822..000000000000
--- a/crypto/kerberosIV/lib/roken/strerror.c
+++ /dev/null
@@ -1,62 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: strerror.c,v 1.8 1997/05/02 14:29:33 assar Exp $");
-#endif
-
-#include <stdio.h>
-#include <string.h>
-#include <errno.h>
-
-extern int sys_nerr;
-extern char *sys_errlist[];
-
-char*
-strerror(int eno)
-{
-    static char emsg[1024];
-
-    if(eno < 0 || eno >= sys_nerr)
-	snprintf(emsg, sizeof(emsg), "Error %d occurred.", eno);
-    else
-	strcpy(emsg, sys_errlist[eno]);
-
-    return emsg;
-}
diff --git a/crypto/kerberosIV/lib/roken/strftime.c b/crypto/kerberosIV/lib/roken/strftime.c
deleted file mode 100644
index 3473778fd826..000000000000
--- a/crypto/kerberosIV/lib/roken/strftime.c
+++ /dev/null
@@ -1,299 +0,0 @@
-/*
- * Copyright (c) 1989, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-#include <sys/types.h>
-#ifdef TIME_WITH_SYS_TIME
-#include <sys/time.h>
-#include <time.h>
-#elif defined(HAVE_SYS_TIME_H)
-#include <sys/time.h>
-#else
-#include <time.h>
-#endif
-#define TM_YEAR_BASE	1900	/* from <tzfile.h> */
-#include <string.h>
-
-static char *afmt[] = {
-	"Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat",
-};
-static char *Afmt[] = {
-	"Sunday", "Monday", "Tuesday", "Wednesday", "Thursday", "Friday",
-	"Saturday",
-};
-static char *bfmt[] = {
-	"Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", "Sep",
-	"Oct", "Nov", "Dec",
-};
-static char *Bfmt[] = {
-	"January", "February", "March", "April", "May", "June", "July",
-	"August", "September", "October", "November", "December",
-};
-
-static size_t gsize;
-static char *pt;
-
-static int _add (char *);
-static int _conv (int, int, int);
-#ifdef	HAVE_MKTIME
-static int _secs (const struct tm *);
-#endif	/* HAVE_MKTIME */
-static size_t _fmt (const char *, const struct tm *);
-
-size_t
-strftime(char *s, size_t maxsize, const char *format, const struct tm *t)
-{
-
-	pt = s;
-	if ((gsize = maxsize) < 1)
-		return(0);
-	if (_fmt(format, t)) {
-		*pt = '\0';
-		return(maxsize - gsize);
-	}
-	return(0);
-}
-
-static size_t
-_fmt(const char *format, const struct tm *t)
-{
-	for (; *format; ++format) {
-		if (*format == '%')
-			switch(*++format) {
-			case '\0':
-				--format;
-				break;
-			case 'A':
-				if (t->tm_wday < 0 || t->tm_wday > 6)
-					return(0);
-				if (!_add(Afmt[t->tm_wday]))
-					return(0);
-				continue;
-			case 'a':
-				if (t->tm_wday < 0 || t->tm_wday > 6)
-					return(0);
-				if (!_add(afmt[t->tm_wday]))
-					return(0);
-				continue;
-			case 'B':
-				if (t->tm_mon < 0 || t->tm_mon > 11)
-					return(0);
-				if (!_add(Bfmt[t->tm_mon]))
-					return(0);
-				continue;
-			case 'b':
-			case 'h':
-				if (t->tm_mon < 0 || t->tm_mon > 11)
-					return(0);
-				if (!_add(bfmt[t->tm_mon]))
-					return(0);
-				continue;
-			case 'C':
-				if (!_fmt("%a %b %e %H:%M:%S %Y", t))
-					return(0);
-				continue;
-			case 'c':
-				if (!_fmt("%m/%d/%y %H:%M:%S", t))
-					return(0);
-				continue;
-			case 'D':
-				if (!_fmt("%m/%d/%y", t))
-					return(0);
-				continue;
-			case 'd':
-				if (!_conv(t->tm_mday, 2, '0'))
-					return(0);
-				continue;
-			case 'e':
-				if (!_conv(t->tm_mday, 2, ' '))
-					return(0);
-				continue;
-			case 'H':
-				if (!_conv(t->tm_hour, 2, '0'))
-					return(0);
-				continue;
-			case 'I':
-				if (!_conv(t->tm_hour % 12 ?
-				    t->tm_hour % 12 : 12, 2, '0'))
-					return(0);
-				continue;
-			case 'j':
-				if (!_conv(t->tm_yday + 1, 3, '0'))
-					return(0);
-				continue;
-			case 'k':
-				if (!_conv(t->tm_hour, 2, ' '))
-					return(0);
-				continue;
-			case 'l':
-				if (!_conv(t->tm_hour % 12 ?
-				    t->tm_hour % 12 : 12, 2, ' '))
-					return(0);
-				continue;
-			case 'M':
-				if (!_conv(t->tm_min, 2, '0'))
-					return(0);
-				continue;
-			case 'm':
-				if (!_conv(t->tm_mon + 1, 2, '0'))
-					return(0);
-				continue;
-			case 'n':
-				if (!_add("\n"))
-					return(0);
-				continue;
-			case 'p':
-				if (!_add(t->tm_hour >= 12 ? "PM" : "AM"))
-					return(0);
-				continue;
-			case 'R':
-				if (!_fmt("%H:%M", t))
-					return(0);
-				continue;
-			case 'r':
-				if (!_fmt("%I:%M:%S %p", t))
-					return(0);
-				continue;
-			case 'S':
-				if (!_conv(t->tm_sec, 2, '0'))
-					return(0);
-				continue;
-#ifdef HAVE_MKTIME
-			case 's':
-				if (!_secs(t))
-					return(0);
-				continue;
-#endif	/* HAVE_MKTIME */
-			case 'T':
-			case 'X':
-				if (!_fmt("%H:%M:%S", t))
-					return(0);
-				continue;
-			case 't':
-				if (!_add("\t"))
-					return(0);
-				continue;
-			case 'U':
-				if (!_conv((t->tm_yday + 7 - t->tm_wday) / 7,
-				    2, '0'))
-					return(0);
-				continue;
-			case 'W':
-				if (!_conv((t->tm_yday + 7 -
-				    (t->tm_wday ? (t->tm_wday - 1) : 6))
-				    / 7, 2, '0'))
-					return(0);
-				continue;
-			case 'w':
-				if (!_conv(t->tm_wday, 1, '0'))
-					return(0);
-				continue;
-			case 'x':
-				if (!_fmt("%m/%d/%y", t))
-					return(0);
-				continue;
-			case 'y':
-				if (!_conv((t->tm_year + TM_YEAR_BASE)
-				    % 100, 2, '0'))
-					return(0);
-				continue;
-			case 'Y':
-				if (!_conv(t->tm_year + TM_YEAR_BASE, 4, '0'))
-					return(0);
-				continue;
-#ifdef notdef
-			case 'Z':
-				if (!t->tm_zone || !_add(t->tm_zone))
-					return(0);
-				continue;
-#endif
-			case '%':
-			/*
-			 * X311J/88-090 (4.12.3.5): if conversion char is
-			 * undefined, behavior is undefined.  Print out the
-			 * character itself as printf(3) does.
-			 */
-			default:
-				break;
-		}
-		if (!gsize--)
-			return(0);
-		*pt++ = *format;
-	}
-	return(gsize);
-}
-
-#ifdef HAVE_MKTIME
-static int
-_secs(const struct tm *t)
-{
-	static char buf[15];
-	time_t s;
-	char *p;
-	struct tm tmp;
-
-	/* Make a copy, mktime(3) modifies the tm struct. */
-	tmp = *t;
-	s = mktime(&tmp);
-	for (p = buf + sizeof(buf) - 2; s > 0 && p > buf; s /= 10)
-		*p-- = s % 10 + '0';
-	return(_add(++p));
-}
-#endif	/* HAVE_MKTIME */
-
-static int
-_conv(int n, int digits, int pad)
-{
-	static char buf[10];
-	char *p;
-
-	for (p = buf + sizeof(buf) - 2; n > 0 && p > buf; n /= 10, --digits)
-		*p-- = n % 10 + '0';
-	while (p > buf && digits-- > 0)
-		*p-- = pad;
-	return(_add(++p));
-}
-
-static int
-_add(str)
-	char *str;
-{
-	for (;; ++pt, --gsize) {
-		if (!gsize)
-			return(0);
-		if (!(*pt = *str++))
-			return(1);
-	}
-}
diff --git a/crypto/kerberosIV/lib/roken/strlwr.c b/crypto/kerberosIV/lib/roken/strlwr.c
deleted file mode 100644
index 0222d8cbbdae..000000000000
--- a/crypto/kerberosIV/lib/roken/strlwr.c
+++ /dev/null
@@ -1,58 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: strlwr.c,v 1.3 1997/04/01 08:19:11 joda Exp $");
-#endif
-#include <string.h>
-#include <ctype.h>
-
-#include <roken.h>
-
-#ifndef HAVE_STRLWR
-char *
-strlwr(char *str)
-{
-  char *s;
-
-  for(s = str; *s; s++)
-    *s = tolower(*s);
-  return str;
-}
-#endif
diff --git a/crypto/kerberosIV/lib/roken/strnlen.c b/crypto/kerberosIV/lib/roken/strnlen.c
deleted file mode 100644
index 51588f69b51f..000000000000
--- a/crypto/kerberosIV/lib/roken/strnlen.c
+++ /dev/null
@@ -1,53 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: strnlen.c,v 1.5 1997/04/01 08:19:11 joda Exp $");
-#endif
-
-#include "roken.h"
-
-int
-strnlen(char *s, int len)
-{
-    int i;
-    for(i = 0; i < len && s[i]; i++)
-	;
-    return i;
-}
diff --git a/crypto/kerberosIV/lib/roken/strtok_r.c b/crypto/kerberosIV/lib/roken/strtok_r.c
deleted file mode 100644
index 49164d9dde28..000000000000
--- a/crypto/kerberosIV/lib/roken/strtok_r.c
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: strtok_r.c,v 1.4 1997/05/19 03:05:47 assar Exp $");
-#endif
-
-#include <string.h>
-
-#include "roken.h"
-
-#ifndef HAVE_STRTOK_R
-
-char *
-strtok_r(char *s1, const char *s2, char **lasts)
-{
-  char *ret;
-
-  if (s1 == NULL)
-    s1 = *lasts;
-  while(*s1 && strchr(s2, *s1))
-    ++s1;
-  if(*s1 == '\0')
-    return NULL;
-  ret = s1;
-  while(*s1 && !strchr(s2, *s1))
-    ++s1;
-  if(*s1)
-    *s1++ = '\0';
-  *lasts = s1;
-  return ret;
-}
-
-#endif /* HAVE_STRTOK_R */
diff --git a/crypto/kerberosIV/lib/roken/strupr.c b/crypto/kerberosIV/lib/roken/strupr.c
deleted file mode 100644
index c5674f76c6f8..000000000000
--- a/crypto/kerberosIV/lib/roken/strupr.c
+++ /dev/null
@@ -1,58 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: strupr.c,v 1.3 1997/04/01 08:19:13 joda Exp $");
-#endif
-#include <string.h>
-#include <ctype.h>
-
-#include <roken.h>
-
-#ifndef HAVE_STRUPR
-char *
-strupr(char *str)
-{
-  char *s;
-
-  for(s = str; *s; s++)
-    *s = toupper(*s);
-  return str;
-}
-#endif
diff --git a/crypto/kerberosIV/lib/roken/tm2time.c b/crypto/kerberosIV/lib/roken/tm2time.c
deleted file mode 100644
index f4423ffe092e..000000000000
--- a/crypto/kerberosIV/lib/roken/tm2time.c
+++ /dev/null
@@ -1,66 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: tm2time.c,v 1.6 1997/04/20 05:51:30 assar Exp $");
-#endif
-
-#ifdef TIME_WITH_SYS_TIME
-#include <sys/time.h>
-#include <time.h>
-#elif defined(HAVE_SYS_TIME_H)
-#include <sys/time.h>
-#else
-#include <time.h>
-#endif
-#include "roken.h"
-
-time_t
-tm2time (struct tm tm, int local)
-{
-     time_t t;
-
-     tm.tm_isdst = -1;
-
-     t = mktime (&tm);
-
-     if (!local)
-       t += t - mktime (gmtime (&t));
-     return t;
-}
diff --git a/crypto/kerberosIV/lib/roken/unsetenv.c b/crypto/kerberosIV/lib/roken/unsetenv.c
deleted file mode 100644
index 67fb750138d4..000000000000
--- a/crypto/kerberosIV/lib/roken/unsetenv.c
+++ /dev/null
@@ -1,75 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: unsetenv.c,v 1.6 1997/04/01 08:19:14 joda Exp $");
-#endif
-
-#include <stdlib.h>
-#include <string.h>
-
-#include "roken.h"
-
-extern char **environ;
-
-/*
- * unsetenv --
- */
-void
-unsetenv(const char *name)
-{
-  int len;
-  const char *np;
-  char **p;
-
-  if (name == 0 || environ == 0)
-    return;
-
-  for (np = name; *np && *np != '='; np++)
-    /* nop */;
-  len = np - name;
-  
-  for (p = environ; *p != 0; p++)
-    if (strncmp(*p, name, len) == 0 && (*p)[len] == '=')
-      break;
-
-  for (; *p != 0; p++)
-    *p = *(p + 1);
-}
-
diff --git a/crypto/kerberosIV/lib/roken/verify.c b/crypto/kerberosIV/lib/roken/verify.c
deleted file mode 100644
index 65eafccb7e01..000000000000
--- a/crypto/kerberosIV/lib/roken/verify.c
+++ /dev/null
@@ -1,67 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: verify.c,v 1.12 1997/04/01 08:19:15 joda Exp $");
-#endif
-
-#include <stdio.h>
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-#ifdef HAVE_CRYPT_H
-#include <crypt.h>
-#endif
-#include "roken.h"
-
-int
-unix_verify_user(char *user, char *password)
-{
-    struct passwd *pw;
-    
-    pw = k_getpwnam(user);
-    if(pw == NULL)
-	return -1;
-    if(strlen(pw->pw_passwd) == 0 && strlen(password) == 0)
-	return 0;
-    if(strcmp(crypt(password, pw->pw_passwd), pw->pw_passwd) == 0)
-        return 0;
-    return -1;
-}
-
diff --git a/crypto/kerberosIV/lib/roken/verr.c b/crypto/kerberosIV/lib/roken/verr.c
deleted file mode 100644
index f5d8f25c48dc..000000000000
--- a/crypto/kerberosIV/lib/roken/verr.c
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan 
- * (Royal Institute of Technology, Stockholm, Sweden).  
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: verr.c,v 1.6 1997/03/30 08:05:38 joda Exp $");
-#endif
-
-#include "err.h"
-
-void
-verr(int eval, const char *fmt, va_list ap)
-{
-    warnerr(1, eval, 1, fmt, ap);
-}
diff --git a/crypto/kerberosIV/lib/roken/verrx.c b/crypto/kerberosIV/lib/roken/verrx.c
deleted file mode 100644
index bc25aa0cd8a4..000000000000
--- a/crypto/kerberosIV/lib/roken/verrx.c
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan 
- * (Royal Institute of Technology, Stockholm, Sweden).  
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: verrx.c,v 1.6 1997/03/30 08:05:39 joda Exp $");
-#endif
-
-#include "err.h"
-
-void
-verrx(int eval, const char *fmt, va_list ap)
-{
-    warnerr(1, eval, 0, fmt, ap);
-}
diff --git a/crypto/kerberosIV/lib/roken/vwarn.c b/crypto/kerberosIV/lib/roken/vwarn.c
deleted file mode 100644
index 144dd088f1fc..000000000000
--- a/crypto/kerberosIV/lib/roken/vwarn.c
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan 
- * (Royal Institute of Technology, Stockholm, Sweden).  
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: vwarn.c,v 1.6 1997/03/30 08:05:39 joda Exp $");
-#endif
-
-#include "err.h"
-
-void
-vwarn(const char *fmt, va_list ap)
-{
-    warnerr(0, 0, 1, fmt, ap);
-}
diff --git a/crypto/kerberosIV/lib/roken/vwarnx.c b/crypto/kerberosIV/lib/roken/vwarnx.c
deleted file mode 100644
index 540c2a650797..000000000000
--- a/crypto/kerberosIV/lib/roken/vwarnx.c
+++ /dev/null
@@ -1,51 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan 
- * (Royal Institute of Technology, Stockholm, Sweden).  
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: vwarnx.c,v 1.6 1997/03/30 08:05:40 joda Exp $");
-#endif
-
-#include "err.h"
-
-void
-vwarnx(const char *fmt, va_list ap)
-{
-    warnerr(0, 0, 0, fmt, ap);
-}
-
diff --git a/crypto/kerberosIV/lib/roken/warn.c b/crypto/kerberosIV/lib/roken/warn.c
deleted file mode 100644
index 5af5d8de1925..000000000000
--- a/crypto/kerberosIV/lib/roken/warn.c
+++ /dev/null
@@ -1,53 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan 
- * (Royal Institute of Technology, Stockholm, Sweden).  
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: warn.c,v 1.5 1997/03/30 08:05:40 joda Exp $");
-#endif
-
-#include "err.h"
-
-void
-warn(const char *fmt, ...)
-{
-  va_list ap;
-  va_start(ap, fmt);
-  vwarn(fmt, ap);
-  va_end(ap);
-}
diff --git a/crypto/kerberosIV/lib/roken/warnerr.c b/crypto/kerberosIV/lib/roken/warnerr.c
deleted file mode 100644
index 61fa26a2cbd2..000000000000
--- a/crypto/kerberosIV/lib/roken/warnerr.c
+++ /dev/null
@@ -1,86 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan 
- * (Royal Institute of Technology, Stockholm, Sweden).  
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: warnerr.c,v 1.6 1997/04/02 14:59:54 bg Exp $");
-#endif
-
-#include "roken.h"
-#include "err.h"
-
-#ifndef HAVE___PROGNAME
-const char *__progname;
-#endif
-
-void
-set_progname(char *argv0)
-{
-#ifndef HAVE___PROGNAME
-    char *p;
-    if(argv0 == NULL)
-	return;
-    p = strrchr(argv0, '/');
-    if(p == NULL)
-	p = argv0;
-    else
-	p++;
-    __progname = p;
-#endif
-}
-
-void
-warnerr(int doexit, int eval, int doerrno, const char *fmt, va_list ap)
-{
-    int sverrno = errno;
-    if(__progname != NULL){
-	fprintf(stderr, "%s", __progname);
-	if(fmt != NULL || doerrno)
-	    fprintf(stderr, ": ");
-    }
-    if (fmt != NULL){
-	vfprintf(stderr, fmt, ap);
-	if(doerrno)
-	    fprintf(stderr, ": ");
-    }
-    if(doerrno)
-	fprintf(stderr, "%s", strerror(sverrno));
-    fprintf(stderr, "\n");
-    if(doexit)
-	exit(eval);
-}
diff --git a/crypto/kerberosIV/lib/roken/warnx.c b/crypto/kerberosIV/lib/roken/warnx.c
deleted file mode 100644
index bf7b07664d38..000000000000
--- a/crypto/kerberosIV/lib/roken/warnx.c
+++ /dev/null
@@ -1,53 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan 
- * (Royal Institute of Technology, Stockholm, Sweden).  
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: warnx.c,v 1.5 1997/03/30 08:05:41 joda Exp $");
-#endif
-
-#include "err.h"
-
-void
-warnx(const char *fmt, ...)
-{
-  va_list ap;
-  va_start(ap, fmt);
-  vwarnx(fmt, ap);
-  va_end(ap);
-}
diff --git a/crypto/kerberosIV/lib/roken/xdbm.h b/crypto/kerberosIV/lib/roken/xdbm.h
deleted file mode 100644
index c3e4781bc244..000000000000
--- a/crypto/kerberosIV/lib/roken/xdbm.h
+++ /dev/null
@@ -1,75 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* $Id: xdbm.h,v 1.2 1997/04/01 08:19:16 joda Exp $ */
-
-/* Generic *dbm include file */
-
-#ifndef __XDBM_H__
-#define __XDBM_H__
-
-#ifdef HAVE_NDBM_H
-#include <ndbm.h>
-#elif defined(HAVE_DBM_H)
-#include <dbm.h>
-#elif defined(HAVE_RPCSVC_DBM_H)
-#include <rpcsvc/dbm.h>
-#endif
-
-/* Macros to convert ndbm names to dbm names.
- * Note that dbm_nextkey() cannot be simply converted using a macro, since
- * it is invoked giving the database, and nextkey() needs the previous key.
- *
- * Instead, all routines call "dbm_next" instead.
- */
-
-#ifndef NDBM
-typedef char DBM;
-
-#define dbm_open(file, flags, mode) ((dbminit(file) == 0)?"":((char *)0))
-#define dbm_fetch(db, key) fetch(key)
-#define dbm_store(db, key, content, flag) store(key, content)
-#define dbm_delete(db, key) delete(key)
-#define dbm_firstkey(db) firstkey()
-#define dbm_next(db,key) nextkey(key)
-#define dbm_close(db) dbmclose()
-#else
-#define dbm_next(db,key) dbm_nextkey(db)
-#endif
-
-#endif /* __XDBM_H__ */
diff --git a/crypto/kerberosIV/lib/sl/Makefile.in b/crypto/kerberosIV/lib/sl/Makefile.in
deleted file mode 100644
index b89799b8cc6c..000000000000
--- a/crypto/kerberosIV/lib/sl/Makefile.in
+++ /dev/null
@@ -1,84 +0,0 @@
-#
-# $Id: Makefile.in,v 1.8 1997/05/06 03:47:56 assar Exp $
-#
-
-SHELL = /bin/sh
-
-srcdir = @srcdir@
-VPATH = @srcdir@
-
-CC = @CC@
-AR = ar
-RANLIB = @RANLIB@
-DEFS = @DEFS@
-CFLAGS = @CFLAGS@
-
-INSTALL = @INSTALL@
-INSTALL_DATA	= @INSTALL_DATA@
-MKINSTALLDIRS = @top_srcdir@/mkinstalldirs
-
-prefix = @prefix@
-exec_prefix = @exec_prefix@
-libdir = @libdir@
-
-PICFLAGS = @PICFLAGS@
- 
-LIBNAME = $(LIBPREFIX)sl
-LIBEXT = @LIBEXT@
-SHLIBEXT = @SHLIBEXT@
-LIBPREFIX = @LIBPREFIX@
-LDSHARED = @LDSHARED@
-LIB = $(LIBNAME).$(LIBEXT)
-PROGS =
-
-LIB_SOURCES = sl.c
-
-SOURCES = $(LIB_SOURCES)
-
-LIB_OBJECTS = sl.o
-
-OBJECTS = $(LIB_OBJECTS)
-
-all: $(LIB) $(PROGS)
-
-Wall:
-	make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__"
-
-.c.o:
-	$(CC) -c $(CPPFLAGS) $(DEFS) -I../../include -I$(srcdir) -I$(srcdir)/../des $(CFLAGS) $(PICFLAGS) $<
-
-install: all
-	$(MKINSTALLDIRS) $(libdir)
-	$(INSTALL_DATA) -m 0555 $(LIB) $(libdir)
-
-uninstall:
-	rm -f $(libdir)/$(LIB)
-
-TAGS: $(SOURCES)
-	etags $(SOURCES)
-
-check:
-
-clean:
-	rm -f $(LIB) $(PROGS) *.o *.a
-
-mostlyclean: clean
-
-distclean: clean
-	rm -f Makefile *~
-
-realclean: distclean
-	rm -f TAGS
-
-$(LIBNAME).a: $(LIB_OBJECTS)
-	rm -f $@
-	$(AR) cr $@ $(LIB_OBJECTS)
-	-$(RANLIB) $@
-
-$(LIBNAME).$(SHLIBEXT): $(LIB_OBJECTS)
-	rm -f $@
-	$(LDSHARED) -o $@ $(LIB_OBJECTS)
-
-$(OBJECTS): ../../include/config.h
-
-.PHONY: all install uninstall check clean mostlyclean distclean realclean
diff --git a/crypto/kerberosIV/lib/sl/sl.c b/crypto/kerberosIV/lib/sl/sl.c
deleted file mode 100644
index adf71f534107..000000000000
--- a/crypto/kerberosIV/lib/sl/sl.c
+++ /dev/null
@@ -1,190 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: sl.c,v 1.12 1997/06/01 03:15:07 assar Exp $");
-#endif
-
-#include "sl_locl.h"
-
-static SL_cmd *
-sl_match (SL_cmd *cmds, char *cmd, int exactp)
-{
-    SL_cmd *c, *current = NULL, *partial_cmd = NULL;
-    int partial_match = 0;
-
-    for (c = cmds; c->name; ++c) {
-	if (c->func)
-	    current = c;
-	if (strcmp (cmd, c->name) == 0)
-	    return current;
-	else if (strncmp (cmd, c->name, strlen(cmd)) == 0 &&
-		 partial_cmd != current) {
-	    ++partial_match;
-	    partial_cmd = current;
-	}
-    }
-    if (partial_match == 1 && !exactp)
-	return partial_cmd;
-    else
-	return NULL;
-}
-
-void
-sl_help (SL_cmd *cmds, int argc, char **argv)
-{
-    SL_cmd *c, *prev_c;
-
-    if (argc == 1) {
-	prev_c = NULL;
-	for (c = cmds; c->name; ++c) {
-	    if (c->func) {
-		if(prev_c)
-		    printf ("\n\t%s%s", prev_c->usage ? prev_c->usage : "",
-			    prev_c->usage ? "\n" : "");
-		prev_c = c;
-		printf ("%s", c->name);
-	    } else
-		printf (", %s", c->name);
-	}
-	if(prev_c)
-	    printf ("\n\t%s%s", prev_c->usage ? prev_c->usage : "",
-		    prev_c->usage ? "\n" : "");
-    } else { 
-	c = sl_match (cmds, argv[1], 0);
-	if (c == NULL)
-	    printf ("No such command: %s. Try \"help\" for a list of all commands\n",
-		    argv[1]);
-	else {
-	    printf ("%s\t%s", c->name, c->usage);
-	    if((++c)->name && c->func == NULL) {
-		printf ("\nSynonyms:");
-		while (c->name && c->func == NULL)
-		    printf ("\t%s", (c++)->name);
-	    }
-	    printf ("\n");
-	}
-    }
-}
-
-#ifdef HAVE_READLINE
-
-char *readline(char *prompt);
-void add_history(char *p);
-
-#else
-
-static char *
-readline(char *prompt)
-{
-    char buf[BUFSIZ];
-    printf ("%s", prompt);
-    fflush (stdout);
-    if(fgets(buf, sizeof(buf), stdin) == NULL)
-	return NULL;
-    if (buf[strlen(buf) - 1] == '\n')
-	buf[strlen(buf) - 1] = '\0';
-    return strdup(buf);
-}
-
-static void
-add_history(char *p)
-{
-}
-
-#endif
-
-int
-sl_loop (SL_cmd *cmds, char *prompt)
-{
-    unsigned max_count;
-    char **ptr;
-
-    max_count = 17;
-    ptr = malloc(max_count * sizeof(*ptr));
-    if (ptr == NULL) {
-	printf ("sl_loop: failed to allocate %u bytes of memory\n",
-		(int) max_count * sizeof(*ptr));
-	return -1;
-    }
-
-    for (;;) {
-	char *buf;
-	unsigned count;
-	SL_cmd *c;
-
-	buf = readline(prompt);
-	if(buf == NULL)
-	    break;
-
-	if(*buf)
-	    add_history(buf);
-	count = 0;
-	{
-	    char *foo = NULL;
-	    char *p;
-
-	    for(p = strtok_r (buf, " \t", &foo);
-		p;
-		p = strtok_r (NULL, " \t", &foo)) {
-		if(count == max_count) {
-		    max_count *= 2;
-		    ptr = realloc (ptr, max_count * sizeof(*ptr));
-		    if (ptr == NULL) {
-			printf ("sl_loop: failed to allocate %u "
-				"bytes of memory\n",
-				(unsigned) max_count * sizeof(*ptr));
-			return -1;
-		    }
-		}
-		ptr[count++] = p;
-	    }
-	}
-	if (count > 0) {
-	    c = sl_match (cmds, ptr[0], 0);
-	    if (c)
-		(*c->func)(count, ptr);
-	    else
-		printf ("Unrecognized command: %s\n", ptr[0]);
-	}
-	free(buf);
-    }
-    free (ptr);
-    return 0;
-}
diff --git a/crypto/kerberosIV/lib/sl/sl.h b/crypto/kerberosIV/lib/sl/sl.h
deleted file mode 100644
index 158e5901d0a2..000000000000
--- a/crypto/kerberosIV/lib/sl/sl.h
+++ /dev/null
@@ -1,58 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* $Id: sl.h,v 1.2 1997/04/01 08:19:18 joda Exp $ */
-
-#ifndef _SL_H
-#define _SL_H
-
-typedef void (*cmd_func)(int, char **);
-
-struct sl_cmd {
-  char *name;
-  cmd_func func;
-  char *usage;
-  char *help;
-};
-
-typedef struct sl_cmd SL_cmd;
-
-void sl_help (SL_cmd *, int argc, char **argv);
-int  sl_loop (SL_cmd *, char *prompt);
-
-#endif /* _SL_H */
diff --git a/crypto/kerberosIV/lib/sl/sl_locl.h b/crypto/kerberosIV/lib/sl/sl_locl.h
deleted file mode 100644
index ddf25bbbdc90..000000000000
--- a/crypto/kerberosIV/lib/sl/sl_locl.h
+++ /dev/null
@@ -1,48 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* $Id: sl_locl.h,v 1.3 1997/04/01 08:19:18 joda Exp $ */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <roken.h>
-#include <protos.h>
-
-#include <sl.h>
diff --git a/crypto/kerberosIV/man/Makefile.in b/crypto/kerberosIV/man/Makefile.in
deleted file mode 100644
index a1b6e741c46e..000000000000
--- a/crypto/kerberosIV/man/Makefile.in
+++ /dev/null
@@ -1,95 +0,0 @@
-# Makefile.in,v 1.2 1994/05/13 05:02:46 assar Exp
-
-srcdir		= @srcdir@
-VPATH		= @srcdir@
-
-SHELL		= /bin/sh
-
-INSTALL		= @INSTALL@
-INSTALL_DATA	= @INSTALL_DATA@
-MKINSTALLDIRS = @top_srcdir@/mkinstalldirs
-
-prefix		= @prefix@
-mandir		= @mandir@
-transform=@program_transform_name@
-EXECSUFFIX=@EXECSUFFIX@
-
-MANRX = .*\.\([0-9]\)
-CATRX = \(.*\)\.cat\([0-9]\)
-CATSUFFIX=@CATSUFFIX@
-
-MAN1 = afslog.1 kauth.1 ftp.1 kdestroy.1 kinit.1 kpasswd.1 \
-	login.1 rlogin.1 su.1 kerberos.1 klist.1 ksrvtgt.1 pagsh.1 \
-	rcp.1 rsh.1 telnet.1 kx.1 rxterm.1 rxtelnet.1 tenletxr.1 \
-	des.1 movemail.1 \
-	otp.1 otpprint.1
-
-CAT1 = afslog.cat1 kauth.cat1 ftp.cat1 login.cat1 \
-	pagsh.cat1 rcp.cat1 rlogin.cat1 rsh.cat1 su.cat1 telnet.cat1 kx.cat1 \
-	rxterm.cat1 rxtelnet.cat1 tenletxr.cat1 movemail.cat1 \
-	otp.cat1 otpprint.cat1
-
-MAN3 =	acl_check.3 kafs.3 kerberos.3 krb_set_tkt_string.3 des_crypt.3 \
-	krb_realmofhost.3 kuserok.3 getusershell.3 krb_sendauth.3 \
-	tf_util.3
-
-CAT3 =	getusershell.cat3 kafs.cat3
-
-MAN5 =	krb.conf.5 krb.realms.5 krb.equiv.5 login.access.5 ftpusers.5
-
-CAT5 =	login.access.cat5 krb.equiv.cat5 ftpusers.cat5
-
-MAN8 =	ext_srvtab.8 kdb_destroy.8 kdb_util.8 ksrvutil.8 telnetd.8 rlogind.8 \
-	kadmin.8 kdb_edit.8 kstash.8 kadmind.8 kdb_init.8 rshd.8 kauthd.8 \
-	popper.8 kxd.8 kerberos.8
-
-CAT8 =	ftpd.cat8 rshd.cat8 telnetd.cat8 ksrvutil.cat8 rlogind.cat8 \
-	kauthd.cat8 kprop.cat8 kpropd.cat8 kxd.cat8 kerberos.cat8
-
-all: 
-
-cat: $(CAT1) $(CAT3) $(CAT5) $(CAT8)
-
-%.cat1: %.1
-	`grog -Tascii $<` > $@
-%.cat3: %.3
-	`grog -Tascii $<` > $@
-%.cat5: %.5
-	`grog -Tascii $<` > $@
-%.cat8: %.8
-	`grog -Tascii $<` > $@
-
-
-Wall:
-
-install: all
-		for x in man1 man3 man5 man8 cat1 cat3 cat5 cat8; do \
-			$(MKINSTALLDIRS) $(mandir)/$$x; done
-		(cd $(srcdir); \
-			for x in $(MAN1) $(MAN3) $(MAN5) $(MAN8); do \
-				s=`echo $$x | sed 's!$(MANRX)!\1!'` ; \
-				$(INSTALL_DATA) $$x $(mandir)/man$$s; done ;\
-			for x in $(CAT1) $(CAT3) $(CAT5) $(CAT8); do \
-				s=`echo $$x | sed 's!$(CATRX)!\2!'`; \
-				b=`echo $$x | sed 's!$(CATRX)!\1!'`; \
-			$(INSTALL_DATA) $$x $(mandir)/cat$$s/$$b.$(CATSUFFIX);\
-			 done )
-
-uninstall:
-		for x in $(MAN1) $(MAN3) $(MAN5) $(MAN8); do \
-			s=`echo $$x | sed 's!$(MANRX)!\1!'` ; \
-			rm -f $(mandir)/man$$s/$$x; done
-		for x in $(CAT1) $(CAT3) $(CAT5) $(CAT8); do \
-			s=`echo $$x | sed 's!$(CATRX)!\2!'`; \
-			b=`echo $$x | sed 's!$(CATRX)!\1!'`; \
-			rm -f $(mandir)/cat$$s/$$b.$(CATSUFFIX); done
-
-clean:
-
-mostlyclean:	clean
-
-distclean:
-	rm -f Makefile *~
-
-realclean:
-
diff --git a/crypto/kerberosIV/man/acl_check.3 b/crypto/kerberosIV/man/acl_check.3
deleted file mode 100644
index 53bb7c8bf961..000000000000
--- a/crypto/kerberosIV/man/acl_check.3
+++ /dev/null
@@ -1,182 +0,0 @@
-.\" $Id: acl_check.3,v 1.2 1996/06/12 21:29:08 bg Exp $
-.\" Copyright 1989 by the Massachusetts Institute of Technology.
-.\"
-.\" For copying and distribution information,
-.\" please see the file <mit-copyright.h>.
-.\"
-.TH ACL_CHECK 3 "Kerberos Version 4.0" "MIT Project Athena"
-.SH NAME
-acl_canonicalize_principal, acl_check, acl_exact_match, acl_add,
-acl_delete, acl_initialize \- Access control list routines
-.SH SYNOPSIS
-.nf
-.nj
-.ft B
-cc <files> \-lacl \-lkrb
-.PP
-.ft B
-#include <krb.h>
-.PP
-.ft B
-acl_canonicalize_principal(principal, buf)
-char *principal;
-char *buf;
-.PP
-.ft B
-acl_check(acl, principal)
-char *acl;
-char *principal;
-.PP
-.ft B
-acl_exact_match(acl, principal)
-char *acl;
-char *principal;
-.PP
-.ft B
-acl_add(acl, principal)
-char *acl;
-char *principal;
-.PP
-.ft B
-acl_delete(acl, principal)
-char *acl;
-char *principal;
-.PP
-.ft B
-acl_initialize(acl_file, mode)
-char *acl_file;
-int mode;
-.fi
-.ft R
-.SH DESCRIPTION
-.SS Introduction
-.PP
-An access control list (ACL) is a list of principals, where each
-principal is represented by a text string which cannot contain
-whitespace.  The library allows application programs to refer to named
-access control lists to test membership and to atomically add and
-delete principals using a natural and intuitive interface.  At
-present, the names of access control lists are required to be Unix
-filenames, and refer to human-readable Unix files; in the future, when
-a networked ACL server is implemented, the names may refer to a
-different namespace specific to the ACL service.
-.PP
-.SS Principal Names
-.PP
-Principal names have the form
-.nf
-.in +5n
-<name>[.<instance>][@<realm>]
-.in -5n
-e.g.:
-.in +5n
-asp
-asp.root
-asp@ATHENA.MIT.EDU
-asp.@ATHENA.MIT.EDU
-asp.root@ATHENA.MIT.EDU
-.in -5n
-.fi
-It is possible for principals to be underspecified.  If an instance is
-missing, it is assumed to be "".  If realm is missing, it is assumed
-to be the local realm as determined by
-.IR krb_get_lrealm (3).
-The canonical form contains all of name, instance,
-and realm; the acl_add and acl_delete routines will always
-leave the file in that form.  Note that the canonical form of
-asp@ATHENA.MIT.EDU is actually asp.@ATHENA.MIT.EDU.
-.SS Routines
-.PP
-.I acl_canonicalize_principal
-stores the canonical form of 
-.I principal
-in 
-.IR buf .
-.I Buf
-must contain enough
-space to store a principal, given the limits on the sizes of name,
-instance, and realm specified as ANAME_SZ, INST_SZ, and REALM_SZ,
-respectively, in
-.IR /usr/include/krb.h .
-.PP
-.I acl_check
-returns nonzero if
-.I principal
-appears in 
-.IR acl .
-Returns 0 if principal
-does not appear in acl, or if an error occurs.  Canonicalizes
-principal before checking, and allows the ACL to contain wildcards.  The
-only supported wildcards are entries of the form
-name.*@realm, *.*@realm, and *.*@*.  An asterisk matches any value for the
-its component field.  For example, "jtkohl.*@*" would match principal
-jtkohl, with any instance and any realm.
-.PP
-.I acl_exact_match
-performs like 
-.IR acl_check ,
-but does no canonicalization or wildcard matching.
-.PP
-.I acl_add
-atomically adds 
-.I principal
-to 
-.IR acl .
-Returns 0 if successful, nonzero otherwise.  It is considered a failure
-if
-.I principal
-is already in 
-.IR acl .
-This routine will canonicalize
-.IR principal ,
-but will treat wildcards literally.
-.PP
-.I acl_delete
-atomically deletes 
-.I principal
-from 
-.IR acl .
-Returns 0 if successful,
-nonzero otherwise.  It is considered a failure if 
-.I principal
-is not
-already in 
-.IR acl .
-This routine will canonicalize 
-.IR principal ,
-but will treat wildcards literally.
-.PP
-.I acl_initialize
-initializes
-.IR acl_file .
-If the file 
-.I acl_file
-does not exist,
-.I acl_initialize
-creates it with mode
-.IR mode .
-If the file
-.I acl_file
-exists,
-.I acl_initialize
-removes all members.  Returns 0 if successful,
-nonzero otherwise.  WARNING: Mode argument is likely to change with
-the eventual introduction of an ACL service.  
-.SH NOTES
-In the presence of concurrency, there is a very small chance that
-.I acl_add
-or
-.I acl_delete
-could report success even though it would have
-had no effect.  This is a necessary side effect of using lock files
-for concurrency control rather than flock(2), which is not supported
-by NFS.
-.PP
-The current implementation caches ACLs in memory in a hash-table
-format for increased efficiency in checking membership; one effect of
-the caching scheme is that one file descriptor will be kept open for
-each ACL cached, up to a maximum of 8.
-.SH SEE ALSO
-kerberos(3), krb_get_lrealm(3)
-.SH AUTHOR
-James Aspnes (MIT Project Athena)
diff --git a/crypto/kerberosIV/man/ext_srvtab.8 b/crypto/kerberosIV/man/ext_srvtab.8
deleted file mode 100644
index 4f2c12006be5..000000000000
--- a/crypto/kerberosIV/man/ext_srvtab.8
+++ /dev/null
@@ -1,62 +0,0 @@
-.\" $Id: ext_srvtab.8,v 1.3 1997/04/02 21:09:51 assar Exp $
-.\" Copyright 1989 by the Massachusetts Institute of Technology.
-.\"
-.\" For copying and distribution information,
-.\" please see the file <mit-copyright.h>.
-.\"
-.TH EXT_SRVTAB 8 "Kerberos Version 4.0" "MIT Project Athena"
-.SH NAME
-ext_srvtab \- extract service key files from Kerberos key distribution center database
-.SH SYNOPSIS
-ext_srvtab [
-.B \-n
-] [
-.B \-r realm
-] [
-.B hostname ...
-]
-.SH DESCRIPTION
-.I ext_srvtab
-extracts service key files from the Kerberos key distribution center
-(KDC) database.
-.PP
-Upon execution, it prompts the user to enter the master key string for
-the database.  If the
-.B \-n
-option is specified, the master key is instead fetched from the master
-key cache file.
-.PP
-For each
-.I hostname
-specified on the command line, 
-.I ext_srvtab
-creates the service key file
-.IR hostname -new-srvtab,
-containing all the entries in the database with an instance field of
-.I hostname.
-This new file contains all the keys registered for Kerberos-mediated
-service providing programs which use the 
-.IR krb_get_phost (3)
-principal and instance conventions to run on the host
-.IR hostname .
-If the
-.B \-r
-option is specified, the realm fields in the extracted file will
-match the given realm rather than the local realm.
-.SH DIAGNOSTICS
-.TP 20n
-"verify_master_key: Invalid master key, does not match database."
-The master key string entered was incorrect.
-.SH FILES
-.TP 20n
-.IR hostname -new-srvtab
-Service key file generated for
-.I hostname
-.TP
-/var/kerberos/principal.pag, /var/kerberos/principal.dir
-DBM files containing database
-.TP
-/.k
-Master key cache file.
-.SH SEE ALSO
-read_service_key(3), krb_get_phost(3)
diff --git a/crypto/kerberosIV/man/getusershell.3 b/crypto/kerberosIV/man/getusershell.3
deleted file mode 100644
index 84dc3ad932ba..000000000000
--- a/crypto/kerberosIV/man/getusershell.3
+++ /dev/null
@@ -1,99 +0,0 @@
-.\"	$NetBSD: getusershell.3,v 1.3 1995/02/27 04:13:24 cgd Exp $
-.\"
-.\" Copyright (c) 1985, 1991, 1993
-.\"	The Regents of the University of California.  All rights reserved.
-.\"
-.\" Redistribution and use in source and binary forms, with or without
-.\" modification, are permitted provided that the following conditions
-.\" are met:
-.\" 1. Redistributions of source code must retain the above copyright
-.\"    notice, this list of conditions and the following disclaimer.
-.\" 2. Redistributions in binary form must reproduce the above copyright
-.\"    notice, this list of conditions and the following disclaimer in the
-.\"    documentation and/or other materials provided with the distribution.
-.\" 3. All advertising materials mentioning features or use of this software
-.\"    must display the following acknowledgement:
-.\"	This product includes software developed by the University of
-.\"	California, Berkeley and its contributors.
-.\" 4. Neither the name of the University nor the names of its contributors
-.\"    may be used to endorse or promote products derived from this software
-.\"    without specific prior written permission.
-.\"
-.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
-.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
-.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-.\" SUCH DAMAGE.
-.\"
-.\"     @(#)getusershell.3	8.1 (Berkeley) 6/4/93
-.\"
-.Dd June 4, 1993
-.Dt GETUSERSHELL 3
-.Os BSD 4.3
-.Sh NAME
-.Nm getusershell ,
-.Nm setusershell ,
-.Nm endusershell
-.Nd get legal user shells
-.Sh SYNOPSIS
-.Ft char *
-.Fn getusershell void
-.Ft void
-.Fn setusershell void
-.Ft void
-.Fn endusershell void
-.Sh DESCRIPTION
-The
-.Fn getusershell
-function
-returns a pointer to a legal user shell as defined by the
-system manager in the file 
-.Pa /etc/shells .
-If 
-.Pa /etc/shells
-is unreadable or does not exist,
-.Fn getusershell
-behaves as if
-.Pa /bin/sh
-and
-.Pa /bin/csh
-were listed in the file.
-.Pp
-The
-.Fn getusershell
-function
-reads the next
-line (opening the file if necessary);
-.Fn setusershell
-rewinds the file;
-.Fn endusershell
-closes it.
-.Sh FILES
-.Bl -tag -width /etc/shells -compact
-.It Pa /etc/shells
-.El
-.Sh DIAGNOSTICS
-The routine
-.Fn getusershell
-returns a null pointer (0) on
-.Dv EOF .
-.Sh SEE ALSO
-.Xr shells 5
-.Sh HISTORY
-The
-.Fn getusershell
-function appeared in 
-.Bx 4.3 .
-.Sh BUGS
-The
-.Fn getusershell
-function leaves its result in an internal static object and returns
-a pointer to that object. Subsequent calls to
-.Fn getusershell
-will modify the same object.
diff --git a/crypto/kerberosIV/man/kadmin.8 b/crypto/kerberosIV/man/kadmin.8
deleted file mode 100644
index 3139b2513cc8..000000000000
--- a/crypto/kerberosIV/man/kadmin.8
+++ /dev/null
@@ -1,176 +0,0 @@
-.\" $Id: kadmin.8,v 1.4 1997/04/02 21:09:53 assar Exp $
-.\" Copyright 1989 by the Massachusetts Institute of Technology.
-.\"
-.\" For copying and distribution information,
-.\" please see the file <mit-copyright.h>.
-.\"
-.TH KADMIN 8 "Kerberos Version 4.0" "MIT Project Athena"
-.SH NAME
-kadmin \- network utility for Kerberos database administration
-.SH SYNOPSIS
-.B kadmin [-u user] [-r default_realm] [-m] [-t]
-.SH DESCRIPTION
-This utility provides a unified administration interface to
-the
-Kerberos
-master database.
-Kerberos
-administrators
-use
-.I kadmin
-to register new users and services to the master database,
-and to change information about existing database entries.
-For instance, an administrator can use
-.I kadmin
-to change a user's
-Kerberos
-password.
-A Kerberos administrator is a user with an ``admin'' instance
-whose name appears on one of the Kerberos administration access control
-lists.  If the \-u option is used, 
-.I user 
-will be used as the administrator instead of the local user.
-If the \-r option is used, 
-.I default_realm
-will be used as the default realm for transactions.  Otherwise,
-the local realm will be used by default.
-If the \-m option is used, multiple requests will be permitted 
-on only one entry of the admin password.  Some sites won't
-support this option.  The \-t option is used to tell kadmin to use the
-existing ticket file instead of creating a new one.
-
-The
-.I kadmin
-program communicates over the network with the
-.I kadmind
-program, which runs on the machine housing the Kerberos master
-database.
-The
-.I kadmind
-creates new entries and makes modifications to the database.
-
-When you enter the
-.I kadmin
-command,
-the program displays a message that welcomes you and explains
-how to ask for help.
-Then
-.I kadmin
-waits for you to enter commands (which are described below).
-It then asks you for your
-.I admin
-password before accessing the database.
-
-All commands can be abbreviated as long as they are unique.  Some
-short versions of the commands are also recognized for backwards
-compatibility.
-
-Use the
-.I add_new_key
-(or
-.I ank
-for short)
-command to register a new principal
-with the master database.
-The command requires one argument,
-the principal's name.  The name
-given can be fully qualified using 
-the standard 
-.I name.instance@realm
-convention.
-You are asked to enter your
-.I admin
-password,
-then prompted twice to enter the principal's
-new password.  If no realm is specified, 
-the local realm is used unless another was
-given on the commandline with the \-r flag.  
-If no instance is
-specified, a null instance is used.  If
-a realm other than the default realm is specified,
-you will need to supply your admin password for
-the other realm.
-
-Use the
-.I change_password (cpw)
-to change a principal's
-Kerberos
-password.
-The command requires one argument,
-the principal's
-name.
-You are asked to enter your
-.I admin
-password,
-then prompted twice to enter the principal's new password.
-The name
-given can be fully qualified using 
-the standard 
-.I name.instance@realm
-convention.
-
-Use the
-.I change_key (ckey)
-if you have a need to change the raw key of a particular principal.
-In other words, if you do not want to input a DES key instead of a
-password that will get converted into a DES key.
-
-Use the
-.I change_admin_password (cap)
-to change your
-.I admin
-instance password.
-This command requires no arguments.
-It prompts you for your old
-.I admin
-password, then prompts you twice to enter the new
-.I admin
-password.  If this is your first command, 
-the default realm is used.  Otherwise, the realm
-used in the last command is used.
-
-Use the
-.I del_entry (del)
-to remove an entry from the kerberos database.
-
-Use the
-.I mod_entry (mod)
-to modify a particular entry, for example to change the expire date.
-
-Use the
-.I destroy_tickets (dest)
-command to destroy your admin tickets explicitly.
-
-Use the
-.I list_requests (lr)
-command to get a list of possible commands.
-
-Use the
-.I help
-command to display
-.IR kadmin's
-various help messages.
-If entered without an argument,
-.I help
-displays a general help message.
-You can get detailed information on specific
-.I kadmin
-commands
-by entering 
-.I help
-.IR command_name .
-
-To quit the program, type
-.IR quit .
-
-.SH BUGS
-The user interface is primitive, and the command names could be better.
-
-.SH "SEE ALSO"
-kerberos(1), kadmind(8), kpasswd(1), ksrvutil(8)
-.br
-``A Subsystem Utilities Package for UNIX'' by Ken Raeburn
-.SH AUTHORS
-Jeffrey I. Schiller, MIT Project Athena
-.br
-Emanuel Jay Berkenbilt, MIT Project Athena
diff --git a/crypto/kerberosIV/man/kadmind.8 b/crypto/kerberosIV/man/kadmind.8
deleted file mode 100644
index 477511bb1d33..000000000000
--- a/crypto/kerberosIV/man/kadmind.8
+++ /dev/null
@@ -1,125 +0,0 @@
-.\" $Id: kadmind.8,v 1.4 1997/04/02 21:09:53 assar Exp $
-.\" Copyright 1989 by the Massachusetts Institute of Technology.
-.\"
-.\" For copying and distribution information,
-.\" please see the file <mit-copyright.h>.
-.\"
-.TH KADMIND 8 "Kerberos Version 4.0" "MIT Project Athena"
-.SH NAME
-kadmind \- network daemon for Kerberos database administration
-.SH SYNOPSIS
-.B kadmind
-[
-.B \-n
-] [
-.B \-m
-] [
-.B \-h
-] [
-.B \-r realm
-] [
-.B \-f filename
-] [
-.B \-d dbname
-] [
-.B \-a acldir
-]
-.SH DESCRIPTION
-.I kadmind
-is the network database server for the Kerberos password-changing and
-administration tools.
-.PP
-Upon execution, it fetches the master key from the key cache file.
-.PP
-If the
-.B \-m
-option is specified, it instead prompts the user to enter the master
-key string for the database.
-.PP
-The
-.B \-n
-option is a no-op and is left for compatibility reasons.
-.PP
-If the
-.B \-r
-.I realm
-option is specified, the admin server will pretend that its
-local realm is 
-.I realm
-instead of the actual local realm of the host it is running on.
-This makes it possible to run a server for a foreign kerberos
-realm.
-.PP
-If the
-.B \-f
-.I filename
-option is specified, then that file is used to hold the log information
-instead of the default.
-.PP
-If the
-.B \-d
-.I dbname
-option is specified, then that file is used as the database name instead
-of the default.
-.PP
-If the
-.B \-a
-.I acldir
-option is specified, then
-.I acldir
-is used as the directory in which to search for access control lists
-instead of the default.
-.PP
-If the
-.B \-h
-option is specified,
-.I kadmind
-prints out a short summary of the permissible control arguments, and
-then exits.
-.PP
-When performing requests on behalf of clients,
-.I kadmind
-checks access control lists (ACLs) to determine the authorization of the client
-to perform the requested action.
-Currently four distinct access types are supported:
-.TP 1i
-Addition
-(.add ACL file).  If a principal is on this list, it may add new
-principals to the database.
-.TP
-Retrieval
-(.get ACL file).  If a principal is on this list, it may retrieve
-database entries.  NOTE:  A principal's private key is never returned by
-the get functions.
-.TP
-Modification
-(.mod ACL file).  If a principal is on this list, it may modify entries
-in the database.
-.TP
-Deletions
-(.del ACL file).  If a principal is on this list, if may delete
-entries from the database.
-.PP
-A principal is always granted authorization to change its own password.
-.SH FILES
-.TP 20n
-/kerberos/admin_server.syslog
-Default log file.
-.TP 
-/kerberos
-Default access control list directory.
-.TP
-admin_acl.{add,get,mod}
-Access control list files (within the directory)
-.TP
-/kerberos/principal.pag, /kerberos/principal.dir
-Default DBM files containing database
-.TP
-/.k
-Master key cache file.
-.SH "SEE ALSO"
-kerberos(1), kpasswd(1), kadmin(8), acl_check(3)
-.SH AUTHORS
-Douglas A. Church, MIT Project Athena
-.br
-John T. Kohl, Project Athena/Digital Equipment Corporation
diff --git a/crypto/kerberosIV/man/kafs.3 b/crypto/kerberosIV/man/kafs.3
deleted file mode 100644
index 041fd23517b9..000000000000
--- a/crypto/kerberosIV/man/kafs.3
+++ /dev/null
@@ -1,122 +0,0 @@
-.\"	$Id: kafs.3,v 1.1 1997/05/07 21:49:02 joda Exp $
-.\"
-.Dd May 7, 1997
-.Os KTH-KRB
-.Dt KAFS 3
-.Sh NAME
-.Nm k_hasafs ,
-.Nm k_afsklog ,
-.Nm k_afsklog_uid ,
-.Nm k_pioctl ,
-.Nm k_unlog ,
-.Nm k_setpag ,
-.Nm k_afs_cell_of_file
-.Nd AFS library
-.Sh SYNOPSIS
-.Fd #include <kafs.h>
-.Ft int
-.Fn k_afsklog "char *cell" "char *realm"
-.Ft int
-.Fn k_afsklog_uid "char *cell" "char *realm" "uid_t uid"
-.Ft int
-.Fn k_afs_cell_of_file "const char *path" "char *cell" "int len"
-.Ft int
-.Fn k_hasafs
-.Ft int
-.Fn k_pioctl "char *a_path" "int o_opcode" "struct ViceIoctl *a_paramsP" "int a_followSymlinks"
-.Ft int
-.Fn k_setpag
-.Ft int
-.Fn k_unlog
-.Sh DESCRIPTION
-.Fn k_hasafs
-initializes some library internal structures, and tests for the
-presense of AFS in the kernel, none of the other functions should be
-called before 
-.Fn k_hasafs
-is called, or if it fails.
-
-.Fn k_afsklog ,
-and
-.Fn k_afsklog_uid
-obtains new tokens (and possibly tickets) for the specified
-.Fa cell
-and
-.Fa realm .
-If 
-.Fa cell
-is 
-.Dv NULL ,
-the local cell is used. If 
-.Fa realm 
-is
-.Dv NULL ,
-the function tries to guess what realm to use. Unless you  have some good knowledge of what cell or realm to use, you should pass
-.Dv NULL . 
-.Fn k_afsklog 
-will use the real user-id for the
-.Dv ViceId
-field in the token, 
-.Fn k_afsklog_uid
-will use
-.Fa uid .
-
-.Fn k_afs_cell_of_file
-will in 
-.Fa cell
-return the cell of a specified file, no more than
-.Fa len
-characters is put in 
-.Fa cell .
-
-.Fn k_pioctl
-does a 
-.Fn pioctl
-syscall with the specified arguments. This function is equivalent to
-.Fn lpioctl .
-
-.Fn k_setpag
-initializes a new PAG.
-
-.Fn k_unlog
-removes destroys all tokens in the current PAG.
-
-.Sh RETURN VALUES
-.Fn k_hasafs
-returns 1 if AFS is present in the kernel, 0 otherwise.
-.Fn k_afsklog
-and
-.Fn k_afsklog_uid
-returns 0 on success, or a kerberos error number on failure.
-.Fn k_afs_cell_of_file ,
-.Fn k_pioctl , 
-.Fn k_setpag ,
-and
-.Fn k_unlog
-all return the value of the underlaying system call, 0 on success.
-.Sh EXAMPLES
-The following code from
-.Nm login 
-will obtain a new PAG and tokens for the local cell and the cell of
-the users home directory.
-.Bd -literal
-if (k_hasafs()) {
-	char cell[64];
-	k_setpag();
-	if(k_afs_cell_of_file(pwd->pw_dir, cell, sizeof(cell)) == 0)
-		k_afsklog(cell, 0);
-	k_afsklog(0, 0);
-}
-.Ed
-.Sh ERRORS
-If any of these functions (appart from 
-.Fn k_hasafs )
-is called without AFS beeing present in the kernel, the process will
-usually (depending on the operating system) receive a SIGSYS signal.
-.Sh SEE ALSO
-.Rs
-.%A Transarc Corporation
-.%J AFS-3 Programmer's Reference
-.%T File Server/Cache Manager Interface
-.%D 1991
-.Re
\ No newline at end of file
diff --git a/crypto/kerberosIV/man/kauth.1 b/crypto/kerberosIV/man/kauth.1
deleted file mode 100644
index cc71b2913672..000000000000
--- a/crypto/kerberosIV/man/kauth.1
+++ /dev/null
@@ -1,65 +0,0 @@
-.\" $Id: kauth.1,v 1.1 1996/05/04 01:49:34 d91-jda Exp $
-.\"
-.Dd May 4, 1996
-.Dt KAUTH 1
-.Os KTH-KRB
-.Sh NAME
-.Nm kauth
-.Nd
-overworked Kerberos login program
-.Sh SYNOPSIS
-.Nm
-.Op Fl n Ar name
-.Op Fl r Ar remote user
-.Op Fl t Pa remote ticket file
-.Op Fl h Ar hosts...
-.Op Fl l Ar lifetime
-.Op Fl f Pa srvtab
-.Op Fl c Ar cell
-.Op Ar command ...
-.Sh DESCRIPTION
-The
-.Nm
-command obtains ticket granting tickets as well as AFS ticket and
-tokens. It also does a whole lot of other stuff.
-.Pp
-The following flags are supported:
-.Bl -tag -width xxxx
-.It Fl n
-Principal to get tickets for. If no other arguments are present this
-can be given without the
-.Fl n
-flag.
-.It Fl h
-Remote hosts to obtain tickets for. This works similar to the MIT
-Athena Kerberos 4 patchlevel 10 command
-.Xr rkinit 1 ,
-however not in a compatible way. It requires that the remote host runs
-the
-.Xr kauthd 8 ,
-server. The 
-.Fl r
-and
-.Fl t
-flags are useful only with this option.
-.It Fl r
-User on the remote host that should own the ticket file.
-.It Fl t 
-Ticket file on remote host.
-.It Fl l
-Lifetime of tickets i minutes
-.It Fl f
-Srvtab to get service keys from. Default is 
-.Pa /etc/srvtab .
-This is mainly used with batch services that need to run
-authenticated. If any command is given, it will be executed in an
-authenticated fashion and when the program exits the tickets are
-destroyed. For long running jobs the tickets will be renewed.
-.It Fl c
-AFS cell to get tokens for, default is your local cell.
-.El
-.Sh SEE ALSO
-.Xr kinit 1 ,
-.Xr kauthd 8
-.Sh BUGS
-There is no help-switch.
diff --git a/crypto/kerberosIV/man/kauthd.8 b/crypto/kerberosIV/man/kauthd.8
deleted file mode 100644
index 4978ff2c5c71..000000000000
--- a/crypto/kerberosIV/man/kauthd.8
+++ /dev/null
@@ -1,27 +0,0 @@
-.\" $Id: kauthd.8,v 1.2 1996/09/28 22:04:48 assar Exp $
-.\"
-.Dd September 27, 1996
-.Dt KAUTHD 8
-.Os KTH-KRB
-.Sh NAME
-.Nm kauthd
-.Nd
-remote Kerberos login daemon
-.Sh SYNOPSIS
-.Nm
-.Sh DESCRIPTION
-Daemon for the
-.Xr kauth 1
-command.
-.Pp
-Options supported by
-.Nm kauthd :
-.Bl -tag -width Ds
-.It Fl i
-Interactive.  Do not expect to be started by
-.Nm inetd,
-but allocate and listen to the socket yourself.  Handy for testing
-and debugging.
-.El
-.Sh SEE ALSO
-.Xr kauth 1
diff --git a/crypto/kerberosIV/man/kdb_destroy.8 b/crypto/kerberosIV/man/kdb_destroy.8
deleted file mode 100644
index c6e47396fa0f..000000000000
--- a/crypto/kerberosIV/man/kdb_destroy.8
+++ /dev/null
@@ -1,32 +0,0 @@
-.\" $Id: kdb_destroy.8,v 1.3 1997/04/02 21:09:54 assar Exp $
-.\" Copyright 1989 by the Massachusetts Institute of Technology.
-.\"
-.\" For copying and distribution information,
-.\" please see the file <mit-copyright.h>.
-.\"
-.TH KDB_DESTROY 8 "Kerberos Version 4.0" "MIT Project Athena"
-.SH NAME
-kdb_destroy \- destroy Kerberos key distribution center database
-.SH SYNOPSIS
-kdb_destroy
-.SH DESCRIPTION
-.I kdb_destroy
-deletes a Kerberos key distribution center database.
-.PP
-The user is prompted to verify that the database should be destroyed.  A
-response beginning with `y' or `Y' confirms deletion.
-Any other response aborts deletion.
-.SH DIAGNOSTICS
-.TP 20n
-"Database cannot be deleted at /var/kerberos/principal"
-The attempt to delete the database failed (probably due to a system or
-access permission error).
-.TP
-"Database not deleted."
-The user aborted the deletion.
-.SH FILES
-.TP 20n
-/var/kerberos/principal.pag, /var/kerberos/principal.dir
-DBM files containing database
-.SH SEE ALSO
-kdb_init(8)
diff --git a/crypto/kerberosIV/man/kdb_edit.8 b/crypto/kerberosIV/man/kdb_edit.8
deleted file mode 100644
index 14f7e92a0fd0..000000000000
--- a/crypto/kerberosIV/man/kdb_edit.8
+++ /dev/null
@@ -1,54 +0,0 @@
-.\" $Id: kdb_edit.8,v 1.3 1997/04/02 21:09:54 assar Exp $
-.\" Copyright 1989 by the Massachusetts Institute of Technology.
-.\"
-.\" For copying and distribution information,
-.\" please see the file <mit-copyright.h>.
-.\"
-.TH KDB_EDIT 8 "Kerberos Version 4.0" "MIT Project Athena"
-.SH NAME
-kdb_edit \-  Kerberos key distribution center database editing utility
-.SH SYNOPSIS
-kdb_edit [
-.B \-n
-]
-.SH DESCRIPTION
-.I kdb_edit
-is used to create or change principals stored in the Kerberos key
-distribution center (KDC) database.
-.PP
-When executed,
-.I kdb_edit
-prompts for the master key string and verifies that it matches the
-master key stored in the database.
-If the
-.B \-n
-option is specified, the master key is instead fetched from the master
-key cache file.
-.PP
-Once the master key has been verified,
-.I kdb_edit
-begins a prompt loop.  The user is prompted for the principal and
-instance to be modified.  If the entry is not found the user may create
-it.
-Once an entry is found or created, the user may set the password,
-expiration date, maximum ticket lifetime, and attributes.
-Default expiration dates, maximum ticket lifetimes, and attributes are
-presented in brackets; if the user presses return the default is selected.
-There is no default password.
-The password RANDOM is interpreted specially, and if entered
-the user may have the program select a random DES key for the
-principal.
-.PP
-Upon successfully creating or changing the entry, ``Edit O.K.'' is
-printed.
-.SH DIAGNOSTICS
-.TP 20n
-"verify_master_key: Invalid master key, does not match database."
-The master key string entered was incorrect.
-.SH FILES
-.TP 20n
-/var/kerberos/principal.pag, /var/kerberos/principal.dir
-DBM files containing database
-.TP
-/.k
-Master key cache file.
diff --git a/crypto/kerberosIV/man/kdb_init.8 b/crypto/kerberosIV/man/kdb_init.8
deleted file mode 100644
index f019dd4a413e..000000000000
--- a/crypto/kerberosIV/man/kdb_init.8
+++ /dev/null
@@ -1,37 +0,0 @@
-.\" $Id: kdb_init.8,v 1.3 1997/04/02 21:09:54 assar Exp $
-.\" Copyright 1989 by the Massachusetts Institute of Technology.
-.\"
-.\" For copying and distribution information,
-.\" please see the file <mit-copyright.h>.
-.\"
-.TH KDB_INIT 8 "Kerberos Version 4.0" "MIT Project Athena"
-.SH NAME
-kdb_init \- Initialize Kerberos key distribution center database
-.SH SYNOPSIS
-kdb_init [ 
-.B realm
-]
-.SH DESCRIPTION
-.I kdb_init
-initializes a Kerberos key distribution center database, creating the
-necessary principals.
-.PP
-If the optional
-.I realm
-argument is not present,
-.I kdb_init
-prompts for a realm name.
-After determining the realm to be created, it prompts for
-a master key password.  The master key password is used to encrypt
-every encryption key stored in the database.
-.SH DIAGNOSTICS
-.TP 20n
-"/var/kerberos/principal: File exists"
-An attempt was made to create a database on a machine which already had
-an existing database.
-.SH FILES
-.TP 20n
-/var/kerberos/principal.pag, /var/kerberos/principal.dir
-DBM files containing database
-.SH SEE ALSO
-kdb_destroy(8)
diff --git a/crypto/kerberosIV/man/kdb_util.8 b/crypto/kerberosIV/man/kdb_util.8
deleted file mode 100644
index 0e3c201a514c..000000000000
--- a/crypto/kerberosIV/man/kdb_util.8
+++ /dev/null
@@ -1,68 +0,0 @@
-.\" $Id: kdb_util.8,v 1.3 1997/04/02 20:45:38 assar Exp $
-.\" Copyright 1989 by the Massachusetts Institute of Technology.
-.\"
-.\" For copying and distribution information,
-.\" please see the file <mit-copyright.h>.
-.\"
-.TH KDB_UTIL 8 "Kerberos Version 4.0" "MIT Project Athena"
-.SH NAME
-kdb_util \-  Kerberos key distribution center database utility
-.SH SYNOPSIS
-kdb_util 
-.B operation filename
-.SH DESCRIPTION
-.I kdb_util
-allows the Kerberos key distribution center (KDC) database administrator to
-perform utility functions on the database.
-.PP
-.I Operation
-must be one of the following:
-.TP 10n
-.I load
-initializes the KDC database with the records described by the
-text contained in the file
-.IR filename .
-Any existing database is overwritten.
-.TP
-.I dump
-dumps the KDC database into a text representation in the file
-.IR filename .
-.TP
-.I slave_dump
-performs a database dump like the
-.I dump
-operation, and additionally creates a semaphore file signalling the
-propagation software that an update is available for distribution to
-slave KDC databases.
-.TP
-.I merge
-merges in the entries from
-.IR filename
-into the database.
-.TP
-.I new_master_key
-prompts for the old and new master key strings, and then dumps the KDC
-database into a text representation in the file
-.IR filename .
-The keys in the text representation are encrypted in the new master key.
-.TP
-.I convert_old_db
-prompts for the master key string, and then dumps the KDC database into
-a text representation in the file
-.IR filename .
-The existing database is assumed to be encrypted using the old format
-(encrypted by the key schedule of the master key); the dumped database
-is encrypted using the new format (encrypted directly with master key).
-.PP
-.SH DIAGNOSTICS
-.TP 20n
-"verify_master_key: Invalid master key, does not match database."
-The master key string entered was incorrect.
-.SH FILES
-.TP 20n
-/kerberos/principal.pag, /kerberos/principal.dir
-DBM files containing database
-.TP
-.IR filename .ok
-semaphore file created by
-.IR slave_dump.
diff --git a/crypto/kerberosIV/man/kdestroy.1 b/crypto/kerberosIV/man/kdestroy.1
deleted file mode 100644
index 66ffd39a7654..000000000000
--- a/crypto/kerberosIV/man/kdestroy.1
+++ /dev/null
@@ -1,88 +0,0 @@
-.\" $Id: kdestroy.1,v 1.3 1996/06/12 21:29:16 bg Exp $
-.\" Copyright 1989 by the Massachusetts Institute of Technology.
-.\"
-.\" For copying and distribution information,
-.\" please see the file <mit-copyright.h>.
-.\"
-.TH KDESTROY 1 "Kerberos Version 4.0" "MIT Project Athena"
-.SH NAME
-kdestroy \- destroy Kerberos tickets
-.SH SYNOPSIS
-.B kdestroy
-[
-.B \-f
-]
-[
-.B \-q
-]
-[
-.B \-t
-]
-.SH DESCRIPTION
-The
-.I kdestroy
-utility destroys the user's active
-Kerberos
-authorization tickets by writing zeros to the file that contains them.
-If the ticket file does not exist,
-.I kdestroy
-displays a message to that effect.
-.PP
-After overwriting the file,
-.I kdestroy
-removes the file from the system.
-The utility
-displays a message indicating the success or failure of the
-operation.
-If
-.I kdestroy
-is unable to destroy the ticket file,
-the utility will warn you by making your terminal beep.
-.PP
-In the Athena workstation environment,
-the
-.I toehold
-service automatically destroys your tickets when you
-end a workstation session.
-If your site does not provide a similar ticket-destroying mechanism,
-you can place the
-.I kdestroy
-command in your
-.I .logout
-file so that your tickets are destroyed automatically
-when you logout.
-.PP
-The options to
-.I kdestroy
-are as follows:
-.TP 7
-.B \-f
-.I kdestroy
-runs without displaying the status message.
-.TP
-.B \-q
-.I kdestroy
-will not make your terminal beep if it fails to destroy the tickets.
-.TP
-.B \-t
-.I kdestroy
-will not remove any afs-tokens. Without this flag the tokens
-associated with the current PAG is destroyed.
-.SH FILES
-KRBTKFILE environment variable if set, otherwise
-.br
-/tmp/tkt[uid]
-.SH SEE ALSO
-kerberos(1), kinit(1), klist(1)
-.SH BUGS
-.PP
-Only the tickets in the user's current ticket file are destroyed.
-Separate ticket files are used to hold root instance and password
-changing tickets.  These files should probably be destroyed too, or
-all of a user's tickets kept in a single ticket file.
-.SH AUTHORS
-Steve Miller, MIT Project Athena/Digital Equipment Corporation
-.br
-Clifford Neuman, MIT Project Athena
-.br
-Bill Sommerfeld, MIT Project Athena
diff --git a/crypto/kerberosIV/man/kerberos.1 b/crypto/kerberosIV/man/kerberos.1
deleted file mode 100644
index aced5a574066..000000000000
--- a/crypto/kerberosIV/man/kerberos.1
+++ /dev/null
@@ -1,258 +0,0 @@
-.\" $Id: kerberos.1,v 1.2 1996/06/12 21:29:16 bg Exp $
-.\" Copyright 1989 by the Massachusetts Institute of Technology.
-.\"
-.\" For copying and distribution information,
-.\" please see the file <mit-copyright.h>.
-.\"
-.TH KERBEROS 1 "Kerberos Version 4.0" "MIT Project Athena"
-.SH NAME
-kerberos \- introduction to the Kerberos system
-
-.SH DESCRIPTION
-The
-Kerberos
-system authenticates
-individual users in a network environment.
-After authenticating yourself to
-Kerberos,
-you can use network utilities such as
-.IR rlogin ,
-.IR rcp ,
-and
-.IR rsh
-without
-having to present passwords to remote hosts and without having to bother
-with
-.I \.rhosts
-files.
-Note that these utilities will work without passwords only if
-the remote machines you deal with
-support the
-Kerberos
-system.
-All Athena timesharing machines and public workstations support
-Kerberos.
-.PP
-Before you can use
-Kerberos,
-you must register as an Athena user,
-and you must make sure you have been added to
-the
-Kerberos
-database.
-You can use the
-.I kinit
-command to find out.
-This command
-tries to log you into the
-Kerberos
-system.
-.I kinit
-will prompt you for a username and password.
-Enter your username and password.
-If the utility lets you login without giving you a message,
-you have already been registered.
-.PP
-If you enter your username and
-.I kinit
-responds with this message:
-.nf
-
-Principal unknown (kerberos)
-
-.fi
-you haven't been registered as a
-Kerberos
-user.
-See your system administrator.
-.PP
-A Kerberos name contains three parts.
-The first is the
-.I principal name,
-which is usually a user's or service's name.
-The second is the
-.I instance,
-which in the case of a user is usually null.
-Some users may have privileged instances, however,
-such as ``root'' or ``admin''.
-In the case of a service, the instance is the
-name of the machine on which it runs; i.e. there
-can be an
-.I rlogin
-service running on the machine ABC, which
-is different from the rlogin service running on
-the machine XYZ.
-The third part of a Kerberos name
-is the
-.I realm.
-The realm corresponds to the Kerberos service providing
-authentication for the principal.
-For example, at MIT there is a Kerberos running at the
-Laboratory for Computer Science and one running at
-Project Athena.
-.PP
-When writing a Kerberos name, the principal name is
-separated from the instance (if not null) by a period,
-and the realm (if not the local realm) follows, preceded by
-an ``@'' sign.
-The following are examples of valid Kerberos names:
-.sp
-.nf
-.in +8
-billb
-jis.admin
-srz@lcs.mit.edu
-treese.root@athena.mit.edu
-.in -8
-.fi
-.PP
-When you authenticate yourself with
-Kerberos,
-through either the workstation
-.I toehold
-system or the
-.I kinit
-command,
-Kerberos
-gives you an initial
-Kerberos
-.IR ticket .
-(A
-Kerberos
-ticket
-is an encrypted protocol message that provides authentication.)
-Kerberos
-uses this ticket for network utilities
-such as
-.I rlogin
-and
-.IR rcp .
-The ticket transactions are done transparently,
-so you don't have to worry about their management.
-.PP
-Note, however, that tickets expire.
-Privileged tickets, such as root instance tickets,
-expire in a few minutes, while tickets that carry more ordinary
-privileges may be good for several hours or a day, depending on the
-installation's policy.
-If your login session extends beyond the time limit,
-you will have to re-authenticate yourself to
-Kerberos
-to get new tickets.
-Use the
-.IR kinit
-command to re-authenticate yourself.
-.PP
-If you use the
-.I kinit
-command to get your tickets,
-make sure you use the
-.I kdestroy
-command
-to destroy your tickets before you end your login session.
-You should probably put the
-.I kdestroy
-command in your
-.I \.logout
-file so that your tickets will be destroyed automatically when you logout.
-For more information about the
-.I kinit
-and
-.I kdestroy
-commands,
-see the
-.I kinit(1)
-and
-.I kdestroy(1)
-manual pages.
-.PP
-Currently,
-Kerberos
-supports the following network services:
-.IR rlogin ,
-.IR rsh ,
-and
-.IR rcp .
-Other services are being worked on,
-such as the
-.IR pop
-mail system and NFS (network file system),
-but are not yet available.
-
-.SH "SEE ALSO"
-kdestroy(1), kinit(1), klist(1), kpasswd(1), des_crypt(3), kerberos(3),
-kadmin(8)
-.SH BUGS
-Kerberos
-will not do authentication forwarding.
-In other words,
-if you use
-.I rlogin
-to login to a remote host,
-you cannot use
-Kerberos
-services from that host
-until you authenticate yourself explicitly on that host.
-Although you may need to authenticate yourself on the remote
-host,
-be aware that when you do so,
-.I rlogin
-sends your password across the network in clear text.
-
-.SH AUTHORS
-Steve Miller, MIT Project Athena/Digital Equipment Corporation
-.br
-Clifford Neuman, MIT Project Athena
-
-The following people helped out on various aspects of the system:
-
-Jeff Schiller designed and wrote the administration server and its
-user interface, kadmin.
-He also wrote the dbm version of the database management system.
-
-Mark Colan developed the
-Kerberos
-versions of
-.IR rlogin ,
-.IR rsh ,
-and
-.IR rcp ,
-as well as contributing work on the servers.
-
-John Ostlund developed the
-Kerberos
-versions of
-.I passwd
-and
-.IR userreg .
-
-Stan Zanarotti pioneered Kerberos in a foreign realm (LCS),
-and made many contributions based on that experience.
-
-Many people contributed code and/or useful ideas, including
-Jim Aspnes,
-Bob Baldwin,
-John Barba,
-Richard Basch,
-Jim Bloom,
-Bill Bryant,
-Rob French,
-Dan Geer,
-David Jedlinsky,
-John Kohl,
-John Kubiatowicz,
-Bob McKie,
-Brian Murphy,
-Ken Raeburn,
-Chris Reed,
-Jon Rochlis,
-Mike Shanzer,
-Bill Sommerfeld,
-Jennifer Steiner,
-Ted Ts'o,
-and
-Win Treese.
-
-.SH RESTRICTIONS
-
-COPYRIGHT 1985,1986 Massachusetts Institute of Technology
diff --git a/crypto/kerberosIV/man/kerberos.3 b/crypto/kerberosIV/man/kerberos.3
deleted file mode 100644
index 71da54dd2cd0..000000000000
--- a/crypto/kerberosIV/man/kerberos.3
+++ /dev/null
@@ -1,460 +0,0 @@
-.\" $Id: kerberos.3,v 1.2 1996/06/12 21:29:18 bg Exp $
-.\" Copyright 1989 by the Massachusetts Institute of Technology.
-.\"
-.\" For copying and distribution information,
-.\" please see the file <mit-copyright.h>.
-.\"
-.TH KERBEROS 3 "Kerberos Version 4.0" "MIT Project Athena"
-.SH NAME
-krb_mk_req, krb_rd_req, krb_kntoln, krb_set_key, krb_get_cred,
-krb_mk_priv, krb_rd_priv, krb_mk_safe, krb_rd_safe, krb_mk_err,
-krb_rd_err, krb_ck_repl \- Kerberos authentication library
-.SH SYNOPSIS
-.nf
-.nj
-.ft B
-#include <des.h>
-#include <krb.h>
-.PP
-.ft B
-extern char *krb_err_txt[];
-.PP
-.ft B
-int krb_mk_req(authent,service,instance,realm,checksum)
-KTEXT authent;
-char *service;
-char *instance;
-char *realm;
-u_long checksum;
-.PP
-.ft B
-int krb_rd_req(authent,service,instance,from_addr,ad,fn)
-KTEXT authent;
-char *service;
-char *instance;
-u_long from_addr;
-AUTH_DAT *ad;
-char *fn;
-.PP
-.ft B
-int krb_kntoln(ad,lname)
-AUTH_DAT *ad;
-char *lname;
-.PP
-.ft B
-int krb_set_key(key,cvt)
-char *key;
-int cvt;
-.PP
-.ft B
-int krb_get_cred(service,instance,realm,c)
-char *service;
-char *instance;
-char *realm;
-CREDENTIALS *c;
-.PP
-.ft B
-long krb_mk_priv(in,out,in_length,schedule,key,sender,receiver)
-u_char *in;
-u_char *out;
-u_long in_length;
-des_cblock key;
-des_key_schedule schedule;
-struct sockaddr_in *sender;
-struct sockaddr_in *receiver;
-.PP
-.ft B
-long krb_rd_priv(in,in_length,schedule,key,sender,receiver,msg_data)
-u_char *in;
-u_long in_length;
-Key_schedule schedule;
-des_cblock key;
-struct sockaddr_in *sender;
-struct sockaddr_in *receiver;
-MSG_DAT *msg_data;
-.PP
-.ft B
-long krb_mk_safe(in,out,in_length,key,sender,receiver)
-u_char *in;
-u_char *out;
-u_long in_length;
-des_cblock key;
-struct sockaddr_in *sender;
-struct sockaddr_in *receiver;
-.PP
-.ft B
-long krb_rd_safe(in,length,key,sender,receiver,msg_data)
-u_char *in;
-u_long length;
-des_cblock key;
-struct sockaddr_in *sender;
-struct sockaddr_in *receiver;
-MSG_DAT *msg_data;
-.PP
-.ft B
-long krb_mk_err(out,code,string)
-u_char *out;
-long code;
-char *string;
-.PP
-.ft B
-long krb_rd_err(in,length,code,msg_data)
-u_char *in;
-u_long length;
-long code;
-MSG_DAT *msg_data;
-.fi
-.ft R
-.SH DESCRIPTION
-This library supports network authentication and various related
-operations.  The library contains many routines beyond those described
-in this man page, but they are not intended to be used directly.
-Instead, they are called by the routines that are described, the
-authentication server and the login program.
-.PP
-.I krb_err_txt[]
-contains text string descriptions of various Kerberos error codes returned
-by some of the routines below.
-.PP
-.I krb_mk_req
-takes a pointer to a text structure in which an authenticator is to be
-built.  It also takes the name, instance, and realm of the service to be
-used and an optional checksum.  It is up to the application to decide
-how to generate the checksum.
-.I krb_mk_req
-then retrieves a ticket for the desired service and creates an
-authenticator.  The authenticator is built in
-.I authent
-and is accessible
-to the calling procedure.
-.PP
-It is up to the application to get the authenticator to the service
-where it will be read by
-.I krb_rd_req.
-Unless an attacker posesses the session key contained in the ticket, it
-will be unable to modify the authenticator.  Thus, the checksum can be
-used to verify the authenticity of the other data that will pass through
-a connection.
-.PP
-.I krb_rd_req
-takes an authenticator of type
-.B KTEXT,
-a service name, an instance, the address of the
-host originating the request, and a pointer to a structure of type
-.B AUTH_DAT
-which is filled in with information obtained from the authenticator.
-It also optionally takes the name of the file in which it will find the
-secret key(s) for the service.
-If the supplied
-.I instance
-contains "*", then the first service key with the same service name
-found in the service key file will be used, and the
-.I instance
-argument will be filled in with the chosen instance.  This means that
-the caller must provide space for such an instance name.
-.PP
-It is used to find out information about the principal when a request
-has been made to a service.  It is up to the application protocol to get
-the authenticator from the client to the service.  The authenticator is
-then passed to
-.I krb_rd_req
-to extract the desired information.
-.PP
-.I krb_rd_req
-returns zero (RD_AP_OK) upon successful authentication.  If a packet was
-forged, modified, or replayed, authentication will fail.  If the
-authentication fails, a non-zero value is returned indicating the
-particular problem encountered.  See
-.I krb.h
-for the list of error codes.
-.PP
-If the last argument is the null string (""), krb_rd_req will use the
-file /etc/srvtab to find its keys.  If the last argument is NULL, it
-will assume that the key has been set by
-.I krb_set_key
-and will not bother looking further.
-.PP
-.I krb_kntoln
-converts a Kerberos name to a local name.  It takes a structure
-of type AUTH_DAT and uses the name and instance to look in the database
-/etc/aname to find the corresponding local name.  The local name is
-returned and can be used by an application to change uids, directories,
-or other parameters.  It is not an integral part of Kerberos, but is
-instead provided to support the use of Kerberos in existing utilities.
-.PP
-.I krb_set_key
-takes as an argument a des key.  It then creates
-a key schedule from it and saves the original key to be used as an
-initialization vector.
-It is used to set the server's key which
-must be used to decrypt tickets.
-.PP
-If called with a non-zero second argument,
-.I krb_set_key
-will first convert the input from a string of arbitrary length to a DES
-key by encrypting it with a one-way function.
-.PP
-In most cases it should not be necessary to call
-.I krb_set_key.
-The necessary keys will usually be obtained and set inside
-.I krb_rd_req.  krb_set_key
-is provided for those applications that do not wish to place the
-application keys on disk.
-.PP
-.I krb_get_cred
-searches the caller's ticket file for a ticket for the given service, instance,
-and realm; and, if a ticket is found, fills in the given CREDENTIALS structure
-with the ticket information.
-.PP
-If the ticket was found,
-.I krb_get_cred
-returns GC_OK.
-If the ticket file can't be found, can't be read, doesn't belong to
-the user (other than root), isn't a regular file, or is in the wrong
-mode, the error GC_TKFIL is returned.
-.PP
-.I krb_mk_priv
-creates an encrypted, authenticated
-message from any arbitrary application data, pointed to by
-.I in
-and
-.I in_length
-bytes long.
-The private session key, pointed to by
-.I key
-and the key schedule,
-.I schedule,
-are used to encrypt the data and some header information using
-.I pcbc_encrypt.
-.I sender
-and
-.I receiver
-point to the Internet address of the two parties.
-In addition to providing privacy, this protocol message protects
-against modifications, insertions or replays.  The encapsulated message and
-header are placed in the area pointed to by
-.I out
-and the routine returns the length of the output, or -1 indicating
-an error.
-.PP
-.I krb_rd_priv
-decrypts and authenticates a received
-.I krb_mk_priv
-message.
-.I in
-points to the beginning of the received message, whose length
-is specified in
-.I in_length.
-The private session key, pointed to by
-.I key,
-and the key schedule,
-.I schedule,
-are used to decrypt and verify the received message.
-.I msg_data
-is a pointer to a
-.I MSG_DAT
-struct, defined in
-.I krb.h.
-The routine fills in the
-.I app_data
-field with a pointer to the decrypted application data,
-.I app_length
-with the length of the
-.I app_data
-field,
-.I time_sec
-and
-.I time_5ms
-with the timestamps in the message, and
-.I swap
-with a 1 if the byte order of the receiver is different than that of
-the sender.  (The application must still determine if it is appropriate
-to byte-swap application data; the Kerberos protocol fields are already taken
-care of).  The
-.I hash
-field returns a value useful as input to the
-.I krb_ck_repl
-routine.
-
-The routine returns zero if ok, or a Kerberos error code. Modified messages
-and old messages cause errors, but it is up to the caller to
-check the time sequence of messages, and to check against recently replayed
-messages using
-.I krb_ck_repl
-if so desired.
-.PP
-.I krb_mk_safe
-creates an authenticated, but unencrypted message from any arbitrary
-application data,
-pointed to by
-.I in
-and
-.I in_length
-bytes long.
-The private session key, pointed to by
-.I key,
-is used to seed the
-.I quad_cksum()
-checksum algorithm used as part of the authentication.
-.I sender
-and
-.I receiver
-point to the Internet address of the two parties.
-This message does not provide privacy, but does protect (via detection)
-against modifications, insertions or replays.  The encapsulated message and
-header are placed in the area pointed to by
-.I out
-and the routine returns the length of the output, or -1 indicating
-an error.
-The authentication provided by this routine is not as strong as that
-provided by
-.I krb_mk_priv
-or by computing the checksum using
-.I cbc_cksum
-instead, both of which authenticate via DES.
-.PP
-
-.I krb_rd_safe
-authenticates a received
-.I krb_mk_safe
-message.
-.I in
-points to the beginning of the received message, whose length
-is specified in
-.I in_length.
-The private session key, pointed to by
-.I key,
-is used to seed the quad_cksum() routine as part of the authentication.
-.I msg_data
-is a pointer to a
-.I MSG_DAT
-struct, defined in
-.I krb.h .
-The routine fills in these
-.I MSG_DAT
-fields:
-the
-.I app_data
-field with a pointer to the application data,
-.I app_length
-with the length of the
-.I app_data
-field,
-.I time_sec
-and
-.I time_5ms
-with the timestamps in the message, and
-.I swap
-with a 1 if the byte order of the receiver is different than that of
-the sender.
-(The application must still determine if it is appropriate
-to byte-swap application data; the Kerberos protocol fields are already taken
-care of).  The
-.I hash
-field returns a value useful as input to the
-.I krb_ck_repl
-routine.
-
-The routine returns zero if ok, or a Kerberos error code. Modified messages
-and old messages cause errors, but it is up to the caller to
-check the time sequence of messages, and to check against recently replayed
-messages using
-.I krb_ck_repl
-if so desired.
-.PP
-.I krb_mk_err
-constructs an application level error message that may be used along
-with
-.I krb_mk_priv
-or
-.I krb_mk_safe.
-.I out
-is a pointer to the output buffer,
-.I code
-is an application specific error code, and
-.I string
-is an application specific error string.
-
-.PP
-.I krb_rd_err
-unpacks a received
-.I krb_mk_err
-message.
-.I in
-points to the beginning of the received message, whose length
-is specified in
-.I in_length.
-.I code
-is a pointer to a value to be filled in with the error
-value provided by the application.
-.I msg_data
-is a pointer to a
-.I MSG_DAT
-struct, defined in
-.I krb.h .
-The routine fills in these
-.I MSG_DAT
-fields: the
-.I app_data
-field with a pointer to the application error text,
-.I app_length
-with the length of the
-.I app_data
-field, and
-.I swap
-with a 1 if the byte order of the receiver is different than that of
-the sender.  (The application must still determine if it is appropriate
-to byte-swap application data; the Kerberos protocol fields are already taken
-care of).
-
-The routine returns zero if the error message has been successfully received,
-or a Kerberos error code.
-.PP
-The
-.I KTEXT
-structure is used to pass around text of varying lengths.  It consists
-of a buffer for the data, and a length.  krb_rd_req takes an argument of this
-type containing the authenticator, and krb_mk_req returns the
-authenticator in a structure of this type.  KTEXT itself is really a
-pointer to the structure.   The actual structure is of type KTEXT_ST.
-.PP
-The
-.I AUTH_DAT
-structure is filled in by krb_rd_req.  It must be allocated before
-calling krb_rd_req, and a pointer to it is passed.  The structure is
-filled in with data obtained from Kerberos.
-.I MSG_DAT
-structure is filled in by either krb_rd_priv, krb_rd_safe, or
-krb_rd_err.  It must be allocated before the call and a pointer to it
-is passed.  The structure is
-filled in with data obtained from Kerberos.
-.PP
-.SH FILES
-/usr/include/krb.h
-.br
-/usr/lib/libkrb.a
-.br
-/usr/include/des.h
-.br
-/usr/lib/libdes.a
-.br
-/etc/aname
-.br
-/etc/srvtab
-.br
-/tmp/tkt[uid]
-.SH "SEE ALSO"
-kerberos(1), des_crypt(3)
-.SH DIAGNOSTICS
-.SH BUGS
-The caller of
-.I krb_rd_req, krb_rd_priv, and krb_rd_safe
-must check time order and for replay attempts.
-.I krb_ck_repl
-is not implemented yet.
-.SH AUTHORS
-Clifford Neuman, MIT Project Athena
-.br
-Steve Miller, MIT Project Athena/Digital Equipment Corporation
-.SH RESTRICTIONS
-COPYRIGHT 1985,1986,1989 Massachusetts Institute of Technology
diff --git a/crypto/kerberosIV/man/kerberos.8 b/crypto/kerberosIV/man/kerberos.8
deleted file mode 100644
index 6a64c57bbb6c..000000000000
--- a/crypto/kerberosIV/man/kerberos.8
+++ /dev/null
@@ -1,44 +0,0 @@
-.\" $Id: kerberos.8,v 1.1 1996/11/14 22:14:55 assar Exp $
-.\"
-.Dd November 14, 1996
-.Dt KERBEROS 8
-.Os KTH-KRB
-.Sh NAME
-.Nm kerberos
-.Nd The kerberos daemon
-.Sh SYNPOSIS
-.Nm
-.Op Fl snm
-.Op Fl p Ar pause
-.Op Fl a Ar max age
-.Op Fl l Ar log
-.Op Fl r Ar realm
-.Ar database
-.Sh DESCRIPTION
-This is the
-.Nm
-daemon.
-.Pp
-Options:
-.Bl -tag -width -ident
-.It Fl s
-Set slave parameters.  This will enable check to see if data is
-getting too stale relative to the master.
-.It Fl n
-Do not check max age. 
-.It Fl m
-Run manually and prompt for master key.
-.It Fl p
-Pause for
-.Ar pause
-before dying.
-.It Fl a
-Set the
-.Ar max age
-before the database is considered stale.
-.It Fl l
-Write the log to
-.Ar log
-.It Fl r
-Run as a server for realm
-.Ar realm
diff --git a/crypto/kerberosIV/man/kinit.1 b/crypto/kerberosIV/man/kinit.1
deleted file mode 100644
index 75f0e709c7d7..000000000000
--- a/crypto/kerberosIV/man/kinit.1
+++ /dev/null
@@ -1,136 +0,0 @@
-.\" $Id$
-.\" Copyright 1989 by the Massachusetts Institute of Technology.
-.\"
-.\" For copying and distribution information,
-.\" please see the file <mit-copyright.h>.
-.\"
-.TH KINIT 1 "Kerberos Version 4.0" "MIT Project Athena"
-.SH NAME
-kinit \- Kerberos login utility
-.SH SYNOPSIS
-.B kinit
-[
-.B \-irvlp
-]
-.SH DESCRIPTION
-The
-.I kinit
-command is used to login to the
-Kerberos
-authentication and authorization system.
-Note that only registered
-Kerberos
-users can use the
-Kerberos
-system.
-For information about registering as a
-Kerberos
-user,
-see the
-.I kerberos(1)
-manual page.
-.PP
-If you are logged in to a workstation that is running the
-.I toehold
-service,
-you do not have to use
-.I kinit.
-The
-.I toehold
-login procedure will log you into
-Kerberos
-automatically.
-You will need to use
-.I kinit
-only in those situations in which
-your original tickets have expired.
-(Tickets expire in about a day.)
-Note as well that
-.I toehold
-will automatically destroy your tickets when you logout from the workstation.
-.PP
-When you use
-.I kinit
-without options,
-the utility
-prompts for your username and Kerberos password,
-and tries to authenticate your login with the local
-Kerberos
-server.
-.PP
-If
-Kerberos
-authenticates the login attempt,
-.I kinit
-retrieves your initial ticket and puts it in the ticket file specified by
-your KRBTKFILE environment variable.
-If this variable is undefined,
-your ticket will be stored in the
-.IR /tmp
-directory,
-in the file
-.I tktuid ,
-where
-.I uid
-specifies your user identification number.
-.PP
-If you have logged in to
-Kerberos
-without the benefit of the workstation
-.I toehold
-system,
-make sure you use the
-.I kdestroy
-command to destroy any active tickets before you end your login session.
-You may want to put the
-.I kdestroy
-command in your
-.I \.logout
-file so that your tickets will be destroyed automatically when you logout.
-.PP
-The options to
-.I kinit
-are as follows:
-.TP 7
-.B \-i
-.I kinit
-prompts you for a
-Kerberos
-instance.
-.TP
-.B \-r
-.I kinit
-prompts you for a
-Kerberos
-realm.
-This option lets you authenticate yourself with a remote
-Kerberos
-server.
-.TP
-.B \-v
-Verbose mode.
-.I kinit
-prints the realm you are in, the name of the ticket file used, and
-a status message indicating the success or failure of
-your login attempt.
-.TP
-.B \-l
-.I kinit
-prompts you for a ticket lifetime in minutes.  Due to protocol
-restrictions in Kerberos Version 4, this value must be between 5 and
-1275 minutes.
-.TP
-.B \-p
-.I kinit
-will acquires a ticket for chpass.kerberos.
-.SH SEE ALSO
-.PP
-kerberos(1), kdestroy(1), klist(1), toehold(1)
-.SH BUGS
-The
-.B \-r
-option has not been fully implemented.
-.SH AUTHORS
-Steve Miller, MIT Project Athena/Digital Equipment Corporation
-.br
-Clifford Neuman, MIT Project Athena
diff --git a/crypto/kerberosIV/man/klist.1 b/crypto/kerberosIV/man/klist.1
deleted file mode 100644
index 76dec027bc95..000000000000
--- a/crypto/kerberosIV/man/klist.1
+++ /dev/null
@@ -1,83 +0,0 @@
-.\" $Id: klist.1,v 1.2 1996/06/12 21:29:19 bg Exp $
-.\" Copyright 1989 by the Massachusetts Institute of Technology.
-.\"
-.\" For copying and distribution information,
-.\" please see the file <mit-copyright.h>.
-.\"
-.TH KLIST 1 "Kerberos Version 4.0" "MIT Project Athena"
-.SH NAME
-klist \- list currently held Kerberos tickets
-.SH SYNOPSIS
-.B klist
-[
-\fB\-s \fR|\fB \-t\fR
-] [
-.B \-file
-name ] [
-.B \-srvtab
-]
-.br
-.SH DESCRIPTION
-.I klist
-prints the name of the tickets file and the
-identity of the principal the tickets are for (as listed in the
-tickets file), and 
-lists the principal names of all Kerberos tickets currently held by
-the user, along with the issue and expire time for each authenticator.
-Principal names are listed in the form
-.I name.instance@realm,
-with the '.' omitted if the instance is null,
-and the '@' omitted if the realm is null.
-
-If given the
-.B \-s
-option,
-.I klist
-does not print the issue and expire times, the name of the tickets file,
-or the identity of the principal.
-
-If given the
-.B \-t
-option, 
-.B klist
-checks for the existence of a non-expired ticket-granting-ticket in the
-ticket file.  If one is present, it exits with status 0, else it exits
-with status 1.  No output is generated when this option is specified. 
-
-If given the
-.B \-file
-option, the following argument is used as the ticket file.
-Otherwise, if the
-.B KRBTKFILE
-environment variable is set, it is used.
-If this environment variable
-is not set, the file
-.B /tmp/tkt[uid]
-is used, where
-.B uid
-is the current user-id of the user.
-
-If given the
-.B \-srvtab
-option, the file is treated as a service key file, and the names of the
-keys contained therein are printed.  If no file is
-specified with a
-.B \-file
-option, the default is
-.IR /etc/srvtab .
-.SH FILES
-.TP 2i
-/etc/krb.conf
-to get the name of the local realm
-.TP
-/tmp/tkt[uid]
-as the default ticket file ([uid] is the decimal UID of the user).
-.TP
-/etc/srvtab
-as the default service key file
-.SH SEE ALSO
-.PP
-kerberos(1), kinit(1), kdestroy(1)
-.SH BUGS
-When reading a file as a service key file, very little sanity or error
-checking is performed.
diff --git a/crypto/kerberosIV/man/kprop.8 b/crypto/kerberosIV/man/kprop.8
deleted file mode 100644
index 9f9acc228e25..000000000000
--- a/crypto/kerberosIV/man/kprop.8
+++ /dev/null
@@ -1,58 +0,0 @@
-.\" $Id: kprop.8,v 1.1.1.1 1997/09/04 06:04:32 markm Exp $
-.\"
-.Dd June 7, 1996
-.Dt KPROP 8
-.Os KTH-KRB
-.Sh NAME
-.Nm kprop
-.Nd
-the kerberos slave server update client
-.Sh SYNOPSIS
-.Nm
-.Op Fl force
-.Op Fl realm Ar realm
-.Op Ar dump-file
-.Op Ar slave-file
-.Sh DESCRIPTION
-Changes to the database, such as changed passwords, are only made to
-the master server through the
-.Nm kadmind
-service. To propagate these changes to the slave servers, 
-.Nm 
-should be run regularly on the master server.
-
-The following options are recognised.
-
-.Bl -tag -width -force
-.It Fl force
-Propagate even if there hasn't been an update to the dump file since
-last time.
-.It Fl realm
-Realm if other than the default.
-.It dump-file
-is a file created with 
-.Ic kdb_util slave_dump ,
-default is
-.Pa /var/kerberos/slave_dump .
-.It slave-file
-Contains the names of the slave servers. Default is
-.Pa /var/kerberos/slaves .
-.El
-
-.Nm
-will use the principal 
-.Nm rcmd.kerberos
-to authenticate to the master servers. This principal has to be added
-to the database, and it should also be put into the service key file
-on the master server.
-
-.Sh FILES
-.Bl -tag -width indent -compact
-.It Pa /var/kerberos/slave_dump
-.It Pa /var/kerberos/slaves
-.It Pa /etc/srvtab
-.El
-.Sh SEE ALSO
-.Xr kadmind 8 ,
-.Xr kerberos 8 ,
-.Xr kpropd 8
diff --git a/crypto/kerberosIV/man/kpropd.8 b/crypto/kerberosIV/man/kpropd.8
deleted file mode 100644
index 6b3046354bc1..000000000000
--- a/crypto/kerberosIV/man/kpropd.8
+++ /dev/null
@@ -1,63 +0,0 @@
-.\" $Id: kpropd.8,v 1.1.1.1 1997/09/04 06:04:32 markm Exp $
-.\"
-.Dd June 7, 1996
-.Dt KPROPD 8
-.Os KTH-KRB
-.Sh NAME
-.Nm kpropd
-.Nd
-the kerberos slave server update facility
-.Sh SYNOPSIS
-.Nm
-.Op Fl i
-.Op Fl d Ar database
-.Op Fl l Ar logfile
-.Op Fl m
-.Op Fl p Ar kdb_util
-.Op Fl r Ar realm
-.Op Fl s Ar srvtab
-.Sh DESCRIPTION
-The
-.Nm
-responds to database update requests from the
-.Nm kprop
-command. It can either be started from
-.Nm inetd
-or as an ordinary program.
-
-The following options are recognised:
-
-.Bl -tag -width xxxx
-.It Fl i
-Run stand-alone.  If this flag is not given, it is assumed to have
-been started by
-.Nm inetd .
-.It Fl d
-What database file to use, default is
-.Pa /var/kerberos/principal .
-.It Fl l
-Logfile to use, default is
-.Pa /var/log/kpropd.log .
-.It Fl m
-Treat data as changes to the database rather than a complete database.
-.It Fl p
-The path to
-.Nm kdb_util ,
-default is
-.Pa /usr/athena/sbin/kdb_util .
-.It Fl r
-Realm if other than the default realm.
-.It Fl s
-Srvtab if other than
-.Pa /etc/srvtab .
-.El
-.Sh FILES
-.Bl -tag -width indent -compact
-.It Pa /var/kerberos/principal.{db,dir,pag}
-.It Pa /var/log/kpropd.log
-.It Pa /etc/srvtab
-.El
-.Sh SEE ALSO
-.Xr kadmind 8 ,
-.Xr kerberos 8 ,
-.Xr kprop 8
diff --git a/crypto/kerberosIV/man/krb.conf.5 b/crypto/kerberosIV/man/krb.conf.5
deleted file mode 100644
index b122b9c391d3..000000000000
--- a/crypto/kerberosIV/man/krb.conf.5
+++ /dev/null
@@ -1,31 +0,0 @@
-.\" $Id: krb.conf.5,v 1.2 1996/06/12 21:29:21 bg Exp $
-.\" Copyright 1989 by the Massachusetts Institute of Technology.
-.\"
-.\" For copying and distribution information,
-.\" please see the file <mit-copyright.h>.
-.\"
-.TH KRB.CONF 5 "Kerberos Version 4.0" "MIT Project Athena"
-.SH NAME
-/etc/krb.conf \- Kerberos configuration file
-.SH DESCRIPTION
-.I krb.conf
-contains configuration information describing the Kerberos realm and the
-Kerberos key distribution center (KDC) servers for known realms.
-.PP
-.I krb.conf
-contains the name of the local realm in the first
-line, followed by lines indicating realm/host
-entries.  The first token is a realm name, and the second is the hostname
-of a host running a KDC for that realm.
-The words "admin server" following the hostname indicate that 
-the host also provides an administrative database server.
-For example:
-.nf
-.in +1i
-ATHENA.MIT.EDU
-ATHENA.MIT.EDU kerberos-1.mit.edu admin server
-ATHENA.MIT.EDU kerberos-2.mit.edu
-LCS.MIT.EDU kerberos.lcs.mit.edu admin server
-.in -1i
-.SH SEE ALSO
-krb.realms(5), krb_get_krbhst(3), krb_get_lrealm(3)
diff --git a/crypto/kerberosIV/man/krb.equiv.5 b/crypto/kerberosIV/man/krb.equiv.5
deleted file mode 100644
index e38f94bf6179..000000000000
--- a/crypto/kerberosIV/man/krb.equiv.5
+++ /dev/null
@@ -1,28 +0,0 @@
-.\"	$Id: krb.equiv.5,v 1.3 1996/06/18 16:26:20 joda Exp $
-.\"
-.Dd June 18, 1996
-.Dt KRB.EQUIV 5
-.Os KTH-KRB
-.Sh NAME
-.Nm krb.equiv
-.Nd
-Kerberos equivalent hosts file
-.Sh DESCRIPTION
-.Nm
-contains a list of IP addresses that is to be considered being the
-same host for Kerberos purposes. Plain addresses match a single
-host. Addresses followed by a slash (/) and a number is taken as a
-sub-network that should be considered equal.
-.Pp
-Hash (#) starts a comment. Backslash (\\) is a continuation character.
-.Sh EXAMPLES
-.Bd -literal
-# A machine with two interfaces.
-130.237.232.113 130.237.221.42  # emma emma-ether
-# A machine with *many* interfaces
-193.10.156.0/24 193.10.157.0/24 # syk-* syk-*-hps
-.Ed
-.Sh SEE ALSO
-.Xr krb_equiv 3 ,
-.Xr krb.conf 5 ,
-.Xr krb.realms 5
diff --git a/crypto/kerberosIV/man/krb.realms.5 b/crypto/kerberosIV/man/krb.realms.5
deleted file mode 100644
index 427c4550261e..000000000000
--- a/crypto/kerberosIV/man/krb.realms.5
+++ /dev/null
@@ -1,38 +0,0 @@
-.\" $Id: krb.realms.5,v 1.2 1996/06/12 21:29:22 bg Exp $
-.\" Copyright 1989 by the Massachusetts Institute of Technology.
-.\"
-.\" For copying and distribution information,
-.\" please see the file <mit-copyright.h>.
-.\"
-.TH KRB.REALMS 5 "Kerberos Version 4.0" "MIT Project Athena"
-.SH NAME
-/etc/krb.realms \- host to Kerberos realm translation file
-.SH DESCRIPTION
-.I krb.realms
-provides a translation from a hostname to the Kerberos realm name for
-the services provided by that host.
-.PP
-Each line of the translation file is in one of the following forms
-(domain_name should be of the form .XXX.YYY, e.g. .LCS.MIT.EDU):
-.nf
-.in +5n
-host_name kerberos_realm
-domain_name kerberos_realm
-.in -5n
-.fi
-If a hostname exactly matches the 
-.I host_name
-field in a line of the first
-form, the corresponding realm is the realm of the host.
-If a hostname does not match any 
-.I host_name
-in the file, but its
-domain exactly matches the 
-.I domain_name
-field in a line of the second
-form, the corresponding realm is the realm of the host.
-.PP
-If no translation entry applies, the host's realm is considered to be
-the hostname's domain portion converted to upper case.
-.SH SEE ALSO
-krb_realmofhost(3)
diff --git a/crypto/kerberosIV/man/krb_realmofhost.3 b/crypto/kerberosIV/man/krb_realmofhost.3
deleted file mode 100644
index ddbda7495074..000000000000
--- a/crypto/kerberosIV/man/krb_realmofhost.3
+++ /dev/null
@@ -1,160 +0,0 @@
-.\" $Id: krb_realmofhost.3,v 1.2 1996/06/12 21:29:23 bg Exp $
-.\" Copyright 1989 by the Massachusetts Institute of Technology.
-.\"
-.\" For copying and distribution information,
-.\" please see the file <mit-copyright.h>.
-.\"
-.TH KRB_REALMOFHOST 3 "Kerberos Version 4.0" "MIT Project Athena"
-.SH NAME
-krb_realmofhost, krb_get_phost, krb_get_krbhst, krb_get_admhst,
-krb_get_lrealm \- additional Kerberos utility routines
-.SH SYNOPSIS
-.nf
-.nj
-.ft B
-#include <krb.h>
-#include <des.h>
-#include <netinet/in.h>
-.PP
-.ft B
-char *krb_realmofhost(host)
-char *host;
-.PP
-.ft B
-char *krb_get_phost(alias)
-char *alias;
-.PP
-.ft B
-krb_get_krbhst(host,realm,n)
-char *host;
-char *realm;
-int n;
-.PP
-.ft B
-krb_get_admhst(host,realm,n)
-char *host;
-char *realm;
-int n;
-.PP
-.ft B
-krb_get_lrealm(realm,n)
-char *realm;
-int n;
-.fi
-.ft R
-.SH DESCRIPTION
-.I krb_realmofhost
-returns the Kerberos realm of the host
-.IR host ,
-as determined by the translation table
-.IR /etc/krb.realms .
-.I host
-should be the fully-qualified domain-style primary host name of the host
-in question.  In order to prevent certain security attacks, this routine
-must either have 
-.I a priori
-knowledge of a host's realm, or obtain such information securely.
-.PP
-The format of the translation file is described by 
-.IR krb.realms (5).
-If
-.I host
-exactly matches a host_name line, the corresponding realm
-is returned.
-Otherwise, if the domain portion of
-.I host
-matches a domain_name line, the corresponding realm
-is returned.
-If
-.I host
-contains a domain, but no translation is found,
-.IR host 's
-domain is converted to upper-case and returned.
-If 
-.I host
-contains no discernable domain, or an error occurs,
-the local realm name, as supplied by 
-.IR krb_get_lrealm (3),
-is returned.
-.PP
-.I krb_get_phost
-converts the hostname
-.I alias
-(which can be either an official name or an alias) into the instance
-name to be used in obtaining Kerberos tickets for most services,
-including the Berkeley rcmd suite (rlogin, rcp, rsh).
-.br
-The current convention is to return the first segment of the official
-domain-style name after conversion to lower case.
-.PP
-.I krb_get_krbhst
-fills in
-.I host
-with the hostname of the
-.IR n th
-host running a Kerberos key distribution center (KDC)
-for realm
-.IR realm ,
-as specified in the configuration file (\fI/etc/krb.conf\fR).
-The configuration file is described by 
-.IR krb.conf (5).
-If the host is successfully filled in, the routine
-returns KSUCCESS.
-If the file cannot be opened, and
-.I n
-equals 1, then the value of KRB_HOST as defined in
-.I <krb.h>
-is filled in, and KSUCCESS is returned.  If there are fewer than
-.I n
-hosts running a Kerberos KDC for the requested realm, or the
-configuration file is malformed, the routine
-returns KFAILURE.
-.PP
-.I krb_get_admhst
-fills in
-.I host
-with the hostname of the
-.IR n th
-host running a Kerberos KDC database administration server
-for realm
-.IR realm ,
-as specified in the configuration file (\fI/etc/krb.conf\fR).
-If the file cannot be opened or is malformed, or there are fewer than
-.I n
-hosts running a Kerberos KDC database administration server,
-the routine returns KFAILURE.
-.PP
-The character arrays used as return values for
-.IR krb_get_krbhst ,
-.IR krb_get_admhst ,
-should be large enough to
-hold any hostname (MAXHOSTNAMELEN from <sys/param.h>).
-.PP
-.I krb_get_lrealm
-fills in
-.I realm
-with the
-.IR n th
-realm of the local host, as specified in the configuration file.
-.I realm
-should be at least REALM_SZ (from
-.IR <krb.h>) characters long.
-.PP
-.SH SEE ALSO
-kerberos(3), krb.conf(5), krb.realms(5)
-.SH FILES
-.TP 20n
-/etc/krb.realms
-translation file for host-to-realm mapping.
-.TP
-/etc/krb.conf
-local realm-name and realm/server configuration file.
-.SH BUGS
-The current convention for instance names is too limited; the full
-domain name should be used.
-.PP
-.I krb_get_lrealm
-currently only supports 
-.I n
-= 1.  It should really consult the user's ticket cache to determine the
-user's current realm, rather than consulting a file on the host.
diff --git a/crypto/kerberosIV/man/krb_sendauth.3 b/crypto/kerberosIV/man/krb_sendauth.3
deleted file mode 100644
index 208b6bc90a7e..000000000000
--- a/crypto/kerberosIV/man/krb_sendauth.3
+++ /dev/null
@@ -1,347 +0,0 @@
-.\" $Id: krb_sendauth.3,v 1.2 1996/06/12 21:29:24 bg Exp $
-.\" Copyright 1988 by the Massachusetts Institute of Technology.
-.\"
-.\" For copying and distribution information,
-.\" please see the file <mit-copyright.h>.
-.\"
-.TH KRB_SENDAUTH 3 "Kerberos Version 4.0" "MIT Project Athena"
-.SH NAME
-krb_sendauth, krb_recvauth, krb_net_write, krb_net_read \-
-Kerberos routines for sending authentication via network stream sockets
-.SH SYNOPSIS
-.nf
-.nj
-.ft B
-#include <krb.h>
-#include <des.h>
-#include <netinet/in.h>
-.PP
-.fi
-.HP 1i
-.ft B
-int krb_sendauth(options, fd, ktext, service, inst, realm, checksum,
-msg_data, cred, schedule, laddr, faddr, version)
-.nf
-.RS 0
-.ft B
-long options;
-int fd;
-KTEXT ktext;
-char *service, *inst, *realm;
-u_long checksum;
-MSG_DAT *msg_data;
-CREDENTIALS *cred;
-Key_schedule schedule;
-struct sockaddr_in *laddr, *faddr;
-char *version;
-.PP
-.fi
-.HP 1i
-.ft B
-int krb_recvauth(options, fd, ktext, service, inst, faddr, laddr,
-auth_data, filename, schedule, version)
-.nf
-.RS 0
-.ft B
-long options;
-int fd;
-KTEXT ktext;
-char *service, *inst;
-struct sockaddr_in *faddr, *laddr;
-AUTH_DAT *auth_data;
-char *filename;
-Key_schedule schedule;
-char *version;			
-.PP
-.ft B
-int krb_net_write(fd, buf, len)
-int fd;
-char *buf;
-int len;
-.PP
-.ft B
-int krb_net_read(fd, buf, len)
-int fd;
-char *buf;
-int len;
-.fi
-.SH DESCRIPTION
-.PP
-These functions,
-which are built on top of the core Kerberos library,
-provide a convenient means for client and server
-programs to send authentication messages
-to one another through network connections.
-The
-.I krb_sendauth
-function sends an authenticated ticket from the client program to
-the server program by writing the ticket to a network socket.
-The
-.I krb_recvauth
-function receives the ticket from the client by
-reading from a network socket.
-
-.SH KRB_SENDAUTH
-.PP
-This function writes the ticket to
-the network socket specified by the
-file descriptor
-.IR fd,
-returning KSUCCESS if the write proceeds successfully,
-and an error code if it does not.
-
-The
-.I ktext
-argument should point to an allocated KTEXT_ST structure.
-The
-.IR service,
-.IR inst,
-and
-.IR realm
-arguments specify the server program's Kerberos principal name,
-instance, and realm.
-If you are writing a client that uses the local realm exclusively,
-you can set the
-.I realm
-argument to NULL.
-
-The
-.I version
-argument allows the client program to pass an application-specific
-version string that the server program can then match against
-its own version string.
-The
-.I version
-string can be up to KSEND_VNO_LEN (see 
-.IR <krb.h> )
-characters in length.
-
-The
-.I checksum
-argument can be used to pass checksum information to the
-server program.
-The client program is responsible for specifying this information.
-This checksum information is difficult to corrupt because
-.I krb_sendauth
-passes it over the network in encrypted form.
-The
-.I checksum
-argument is passed as the checksum argument to
-.IR krb_mk_req .
-
-You can set
-.IR krb_sendauth's
-other arguments to NULL unless you want the
-client and server programs to mutually authenticate
-themselves.
-In the case of mutual authentication,
-the client authenticates itself to the server program,
-and demands that the server in turn authenticate itself to
-the client.
-
-.SH KRB_SENDAUTH AND MUTUAL AUTHENTICATION
-.PP
-If you want mutual authentication,
-make sure that you read all pending data from the local socket
-before calling
-.IR krb_sendauth.
-Set
-.IR krb_sendauth's
-.I options
-argument to
-.BR KOPT_DO_MUTUAL
-(this macro is defined in the
-.IR krb.h
-file);
-make sure that the
-.I laddr
-argument points to
-the address of the local socket,
-and that
-.I faddr
-points to the foreign socket's network address.
-
-.I Krb_sendauth
-fills in the other arguments--
-.IR msg_data ,
-.IR cred ,
-and
-.IR schedule --before
-sending the ticket to the server program.
-You must, however, allocate space for these arguments
-before calling the function.
-
-.I Krb_sendauth
-supports two other options:
-.BR KOPT_DONT_MK_REQ,
-and
-.BR KOPT_DONT_CANON.
-If called with
-.I options
-set as KOPT_DONT_MK_REQ,
-.I krb_sendauth
-will not use the
-.I krb_mk_req
-function to retrieve the ticket from the Kerberos server.
-The
-.I ktext
-argument must point to an existing ticket and authenticator (such as
-would be created by 
-.IR krb_mk_req ),
-and the
-.IR service,
-.IR inst,
-and
-.IR realm
-arguments can be set to NULL.
-
-If called with
-.I options
-set as KOPT_DONT_CANON,
-.I krb_sendauth
-will not convert the service's instance to canonical form using 
-.IR krb_get_phost (3).
-
-If you want to call
-.I krb_sendauth
-with a multiple
-.I options
-specification,
-construct
-.I options
-as a bitwise-OR of the options you want to specify.
-
-.SH KRB_RECVAUTH
-.PP
-The
-.I krb_recvauth
-function
-reads a ticket/authenticator pair from the socket pointed to by the
-.I fd
-argument.
-Set the
-.I options
-argument
-as a bitwise-OR of the options desired.
-Currently only KOPT_DO_MUTUAL is useful to the receiver.
-
-The
-.I ktext
-argument
-should point to an allocated KTEXT_ST structure.
-.I Krb_recvauth
-fills
-.I ktext
-with the
-ticket/authenticator pair read from
-.IR fd ,
-then passes it to
-.IR krb_rd_req .
-
-The
-.I service
-and
-.I inst
-arguments
-specify the expected service and instance for which the ticket was
-generated.  They are also passed to
-.IR krb_rd_req.
-The
-.I inst
-argument may be set to "*" if the caller wishes
-.I krb_mk_req
-to fill in the instance used (note that there must be space in the
-.I inst
-argument to hold a full instance name, see 
-.IR krb_mk_req (3)).
-
-The
-.I faddr
-argument
-should point to the address of the peer which is presenting the ticket.
-It is also passed to
-.IR krb_rd_req .
-
-If the client and server plan to mutually authenticate
-one another,
-the
-.I laddr
-argument
-should point to the local address of the file descriptor.
-Otherwise you can set this argument to NULL.
-
-The
-.I auth_data
-argument
-should point to an allocated AUTH_DAT area.
-It is passed to and filled in by
-.IR krb_rd_req .
-The checksum passed to the corresponding
-.I krb_sendauth
-is available as part of the filled-in AUTH_DAT area.
-
-The
-.I filename
-argument
-specifies the filename
-which the service program should use to obtain its service key.
-.I Krb_recvauth
-passes
-.I filename
-to the
-.I krb_rd_req
-function.
-If you set this argument to "",
-.I krb_rd_req
-looks for the service key in the file
-.IR /etc/srvtab.
-
-If the client and server are performing mutual authenication,
-the
-.I schedule
-argument
-should point to an allocated Key_schedule.
-Otherwise it is ignored and may be NULL.
-
-The
-.I version
-argument should point to a character array of at least KSEND_VNO_LEN
-characters.  It is filled in with the version string passed by the client to
-.IR krb_sendauth.
-.PP
-.SH KRB_NET_WRITE AND KRB_NET_READ
-.PP
-The
-.I krb_net_write
-function
-emulates the write(2) system call, but guarantees that all data
-specified is written to
-.I fd
-before returning, unless an error condition occurs.
-.PP
-The
-.I krb_net_read
-function
-emulates the read(2) system call, but guarantees that the requested
-amount of data is read from
-.I fd
-before returning, unless an error condition occurs.
-.PP
-.SH BUGS
-.IR krb_sendauth,
-.IR krb_recvauth,
-.IR krb_net_write,
-and
-.IR krb_net_read
-will not work properly on sockets set to non-blocking I/O mode.
-
-.SH SEE ALSO
-
-krb_mk_req(3), krb_rd_req(3), krb_get_phost(3)
-
-.SH AUTHOR
-John T. Kohl, MIT Project Athena
-.SH RESTRICTIONS
-Copyright 1988, Massachusetts Instititute of Technology.
-For copying and distribution information,
-please see the file <mit-copyright.h>.
diff --git a/crypto/kerberosIV/man/krb_set_tkt_string.3 b/crypto/kerberosIV/man/krb_set_tkt_string.3
deleted file mode 100644
index 9d941435a8b8..000000000000
--- a/crypto/kerberosIV/man/krb_set_tkt_string.3
+++ /dev/null
@@ -1,42 +0,0 @@
-.\" $Id: krb_set_tkt_string.3,v 1.2 1996/06/12 21:29:24 bg Exp $
-.\" Copyright 1989 by the Massachusetts Institute of Technology.
-.\"
-.\" For copying and distribution information,
-.\" please see the file <mit-copyright.h>.
-.\"
-.TH KRB_SET_TKT_STRING 3 "Kerberos Version 4.0" "MIT Project Athena"
-.SH NAME
-krb_set_tkt_string \- set Kerberos ticket cache file name
-.SH SYNOPSIS
-.nf
-.nj
-.ft B
-#include <krb.h>
-.PP
-.ft B
-void krb_set_tkt_string(filename)
-char *filename;
-.fi
-.ft R
-.SH DESCRIPTION
-.I krb_set_tkt_string
-sets the name of the file that holds the user's
-cache of Kerberos server tickets and associated session keys.
-.PP
-The string 
-.I filename
-passed in is copied into local storage.
-Only MAXPATHLEN-1 (see <sys/param.h>) characters of the filename are
-copied in for use as the cache file name.
-.PP
-This routine should be called during initialization, before other
-Kerberos routines are called; otherwise the routines which fetch the
-ticket cache file name may be called and return an undesired ticket file
-name until this routine is called.
-.SH FILES
-.TP 20n
-/tmp/tkt[uid]
-default ticket file name, unless the environment variable KRBTKFILE is set.
-[uid] denotes the user's uid, in decimal.
-.SH SEE ALSO
-kerberos(3), setenv(3)
diff --git a/crypto/kerberosIV/man/ksrvtgt.1 b/crypto/kerberosIV/man/ksrvtgt.1
deleted file mode 100644
index ff8563cfbb9f..000000000000
--- a/crypto/kerberosIV/man/ksrvtgt.1
+++ /dev/null
@@ -1,50 +0,0 @@
-.\" $Id: ksrvtgt.1,v 1.2 1996/06/12 21:29:26 bg Exp $
-.\" Copyright 1989 by the Massachusetts Institute of Technology.
-.\"
-.\" For copying and distribution information,
-.\" please see the file <mit-copyright.h>.
-.\"
-.TH KSRVTGT 1 "Kerberos Version 4.0" "MIT Project Athena"
-.SH NAME
-ksrvtgt \- fetch and store Kerberos ticket-granting-ticket using a
-service key
-.SH SYNOPSIS
-.B ksrvtgt
-name instance [[realm] srvtab]
-.SH DESCRIPTION
-.I ksrvtgt
-retrieves a ticket-granting ticket with a lifetime of five (5) minutes
-for the principal
-.I name.instance@realm
-(or 
-.I name.instance@localrealm
-if
-.I realm
-is not supplied on the command line), decrypts the response using
-the service key found in
-.I srvtab
-(or in 
-.B /etc/srvtab
-if
-.I srvtab
-is not specified on the command line), and stores the ticket in the
-standard ticket cache.
-.PP
-This command is intended primarily for use in shell scripts and other
-batch-type facilities.
-.SH DIAGNOSTICS
-"Generic kerberos failure (kfailure)" can indicate a whole range of
-problems, the most common of which is the inability to read the service
-key file.
-.SH FILES
-.TP 2i
-/etc/krb.conf
-to get the name of the local realm.
-.TP
-/tmp/tkt[uid]
-The default ticket file.
-.TP
-/etc/srvtab
-The default service key file.
-.SH SEE ALSO
-kerberos(1), kinit(1), kdestroy(1)
diff --git a/crypto/kerberosIV/man/ksrvutil.8 b/crypto/kerberosIV/man/ksrvutil.8
deleted file mode 100644
index aee24d797986..000000000000
--- a/crypto/kerberosIV/man/ksrvutil.8
+++ /dev/null
@@ -1,104 +0,0 @@
-.\" $Id: ksrvutil.8,v 1.1.1.1 1997/09/04 06:04:32 markm Exp $
-.\" Copyright 1989 by the Massachusetts Institute of Technology.
-.\"
-.\" For copying and distribution information,
-.\" please see the file <mit-copyright.h>.
-.\"
-.Dd May 4, 1996
-.Dt KSRVUTIL 8
-.Os KTH-KRB
-
-.Sh NAME
-.Nm ksrvutil 
-host kerberos keyfile (srvtab) manipulation utility
-.Sh SYNOPSIS
-.Nm
-.Op Fl f Pa keyfile
-.Op Fl i
-.Op Fl k 
-.Op Fl p Ar principal
-.Op Fl r Ar realm
-.Ar operation
-
-.Sh DESCRIPTION
-.Nm
-allows a system manager to list or change keys currently in his
-keyfile or to add new keys to the keyfile.
-.Pp
-Operation must be one of the following:
-.Bl -tag -width indent
-.It list
-lists the keys in a keyfile showing version number and principal name.
-If the
-.Fl k
-option is given, keys will also be shown.
-.It change
-changes all the keys in the keyfile by using the regular admin
-protocol.  If the
-.Fl i
-flag is given,
-.Nm ksrvutil
-will prompt for yes or no before changing each key.  If the 
-.Fl k
-option is used, the old and new keys will be displayed.
-.It add
-allows the user to add a key.
-add
-prompts for name, instance, realm, and key version number, asks
-for confirmation, and then asks for a password.  
-.Nm
-then converts the password to a key and appends the keyfile with the
-new information.  If the
-.Fl k
-option is used, the key is displayed.
-.It get
-gets a service from the Kerberos server, possibly creating the
-principal. Names, instances and realms for the service keys to get are
-prompted for. The default principal used in the kadmin transcation is
-your root instance. This can be changed with the
-.Fl p
-option.
-.El
-.Pp
-In all cases, the default file used is KEY_FILE as defined in krb.h
-unless this is overridden by the
-.Fl f
-option.
-.Pp
-A good use for
-.Nm
-would be for adding keys to a keyfile.  A system manager could
-ask a kerberos administrator to create a new service key with 
-.Xr kadmin 8
-and could supply an initial password.  Then, he could use 
-.Nm
-to add the key to the keyfile and then to change the key so that it
-will be random and unknown to either the system manager or the
-kerberos administrator.
-
-.Nm
-always makes a backup copy of the keyfile before making any changes.
-
-.Sh DIAGNOSTICS
-If 
-.Nm
-should exit on an error condition at any time during a change or add,
-a copy of the original keyfile can be found in
-.Pa filename Ns .old
-where 
-.Pa filename
-is the name of the keyfile, and a copy of the file with all new
-keys changed or added so far can be found in 
-.Pa filename Ns .work.
-The original keyfile is left unmodified until the program exits at
-which point it is removed and replaced it with the workfile.
-Appending the workfile to the backup copy and replacing the keyfile
-with the result should always give a usable keyfile, although the
-resulting keyfile will have some out of date keys in it.
-
-.Sh SEE ALSO
-.Xr ksrvtgt 1 ,
-.Xr kadmin 8
-
-.Sh AUTHOR
-Emanuel Jay Berkenbilt, MIT Project Athena
diff --git a/crypto/kerberosIV/man/kstash.8 b/crypto/kerberosIV/man/kstash.8
deleted file mode 100644
index 0197a3d2d11a..000000000000
--- a/crypto/kerberosIV/man/kstash.8
+++ /dev/null
@@ -1,40 +0,0 @@
-.\" $Id: kstash.8,v 1.3 1997/04/02 21:09:56 assar Exp $
-.\" Copyright 1989 by the Massachusetts Institute of Technology.
-.\"
-.\" For copying and distribution information,
-.\" please see the file <mit-copyright.h>.
-.\"
-.TH KSTASH 8 "Kerberos Version 4.0" "MIT Project Athena"
-.SH NAME
-kstash \- stash Kerberos key distribution center database master key
-.SH SYNOPSIS
-kstash
-.SH DESCRIPTION
-.I kstash
-saves the Kerberos key distribution center (KDC) database master key in
-the master key cache file.
-.PP
-The user is prompted to enter the key, to verify the authenticity of the
-key and the authorization to store the key in the file.
-.SH DIAGNOSTICS
-.TP 20n
-"verify_master_key: Invalid master key, does not match database."
-The master key string entered was incorrect.
-.TP
-"kstash: Unable to open master key file"
-The attempt to open the cache file for writing failed (probably due to a
-system or access permission error).
-.TP
-"kstash: Write I/O error on master key file"
-The 
-.BR write (2)
-system call returned an error while
-.I kstash
-was attempting to write the key to the file.
-.SH FILES
-.TP 20n
-/var/kerberos/principal.pag, /var/kerberos/principal.dir
-DBM files containing database
-.TP
-/.k
-Master key cache file.
diff --git a/crypto/kerberosIV/man/kuserok.3 b/crypto/kerberosIV/man/kuserok.3
deleted file mode 100644
index 098730898be7..000000000000
--- a/crypto/kerberosIV/man/kuserok.3
+++ /dev/null
@@ -1,66 +0,0 @@
-.\" $Id: kuserok.3,v 1.3 1996/10/13 17:51:18 bg Exp $
-.\" Copyright 1989 by the Massachusetts Institute of Technology.
-.\"
-.\" For copying and distribution information,
-.\" please see the file <mit-copyright.h>.
-.\"
-.TH KUSEROK 3 "Kerberos Version 4.0" "MIT Project Athena"
-.SH NAME
-kuserok \- Kerberos version of ruserok
-.SH SYNOPSIS
-.nf
-.nj
-.ft B
-#include <krb.h>
-.PP
-.ft B
-kuserok(kdata, localuser)
-AUTH_DAT *auth_data;
-char   *localuser;
-.fi
-.ft R
-.SH DESCRIPTION
-.I kuserok
-determines whether a Kerberos principal described by the structure
-.I auth_data
-is authorized to login as user
-.I localuser
-according to the authorization file
-("~\fIlocaluser\fR/.klogin" by default).  It returns 0 (zero) if authorized,
-1 (one) if not authorized.
-.PP
-If there is no account for 
-.I localuser
-on the local machine, authorization is not granted.
-If there is no authorization file, and the Kerberos principal described
-by 
-.I auth_data
-translates to 
-.I localuser
-(using 
-.IR krb_kntoln (3)),
-authorization is granted.
-If the authorization file
-can't be accessed, or the file is not owned by
-.IR localuser,
-authorization is denied.  Otherwise, the file is searched for
-a matching principal name, instance, and realm.  If a match is found,
-authorization is granted, else authorization is denied.
-.PP
-The file entries are in the format:
-.nf
-.in +5n
-	name.instance@realm
-.in -5n
-.fi
-with one entry per line.
-
-For convenience ~localuser@LOCALREALM is
-always considered to be an entry in the file even when there is no
-file or the file is unreadable.
-.SH SEE ALSO
-kerberos(3), ruserok(3), krb_kntoln(3)
-.SH FILES
-.TP 20n
-~\fIlocaluser\fR/.klogin
-authorization list
diff --git a/crypto/kerberosIV/man/tf_util.3 b/crypto/kerberosIV/man/tf_util.3
deleted file mode 100644
index 3f98321d491c..000000000000
--- a/crypto/kerberosIV/man/tf_util.3
+++ /dev/null
@@ -1,150 +0,0 @@
-.\" $Id: tf_util.3,v 1.2 1996/06/12 21:29:29 bg Exp $
-.\" Copyright 1989 by the Massachusetts Institute of Technology.
-.\"
-.\" For copying and distribution information,
-.\" please see the file <mit-copyright.h>.
-.\"
-.TH TF_UTIL 3 "Kerberos Version 4.0" "MIT Project Athena"
-.SH NAME
-tf_init, tf_get_pname, tf_get_pinst, tf_get_cred, tf_close \
-\- Routines for manipulating a Kerberos ticket file
-.SH SYNOPSIS
-.nf
-.nj
-.ft B
-#include <krb.h>
-.PP
-.ft B
-extern char *krb_err_txt[];
-.PP
-.ft B
-tf_init(tf_name, rw)
-char *tf_name;
-int rw;
-.PP
-.ft B
-tf_get_pname(pname)
-char *pname;
-.PP
-.ft B
-tf_get_pinst(pinst)
-char *pinst;
-.PP
-.ft B
-tf_get_cred(c)
-CREDENTIALS *c;
-.PP
-.ft B
-tf_close()
-.PP
-.fi
-.SH DESCRIPTION
-This group of routines are provided to manipulate the Kerberos tickets
-file.  A ticket file has the following format:
-.nf
-.in +4
-.sp
-principal's name          (null-terminated string)
-principal's instance      (null-terminated string)
-CREDENTIAL_1
-CREDENTIAL_2
-  ...
-CREDENTIAL_n
-EOF
-.sp
-.in -4
-.LP
-Where "CREDENTIAL_x" consists of the following fixed-length
-fields from the CREDENTIALS structure (defined in <krb.h>):
-.nf
-.sp
-.in +4
-	char		service[ANAME_SZ]
-	char		instance[INST_SZ]
-	char		realm[REALM_SZ]
-	des_cblock	session
-	int		lifetime
-	int		kvno
-	KTEXT_ST	ticket_st
-	long		issue_date
-.in -4
-.sp
-.fi
-.PP
-.I tf_init
-must be called before the other ticket file
-routines.
-It takes the name of the ticket file to use,
-and a read/write flag as arguments.
-It tries to open the ticket file, checks the mode and if
-everything is okay, locks the file.  If it's opened for
-reading, the lock is shared.  If it's opened for writing,
-the lock is exclusive.
-KSUCCESS is returned if all went well, otherwise one of the
-following:
-.nf
-.sp
-NO_TKT_FIL	- file wasn't there
-TKT_FIL_ACC	- file was in wrong mode, etc.
-TKT_FIL_LCK	- couldn't lock the file, even after a retry
-.sp
-.fi
-.PP
-The
-.I tf_get_pname
-reads the principal's name from a ticket file.
-It should only be called after tf_init has been called.  The
-principal's name is filled into the 
-.I pname
-parameter.  If all goes
-well, KSUCCESS is returned.
-If tf_init wasn't called, TKT_FIL_INI
-is returned.
-If the principal's name was null, or EOF was encountered, or the
-name was longer than ANAME_SZ, TKT_FIL_FMT is returned.
-.PP
-The
-.I tf_get_pinst
-reads the principal's instance from a ticket file.
-It should only be called after tf_init and tf_get_pname
-have been called.
-The principal's instance is filled into the 
-.I pinst
-parameter.
-If all goes
-well, KSUCCESS is returned.
-If tf_init wasn't called, TKT_FIL_INI
-is returned.
-If EOF was encountered, or the
-name was longer than INST_SZ, TKT_FIL_FMT is returned.
-Note that, unlike the principal name, the instance name may be null.
-.PP
-The
-.I tf_get_cred
-routine reads a CREDENTIALS record from a ticket file and
-fills in the given structure.
-It should only be called after
-tf_init, tf_get_pname, and tf_get_pinst have been called.
-If all goes well, KSUCCESS is returned.  Possible error codes
-are:
-.nf
-.sp
-TKT_FIL_INI	- tf_init wasn't called first
-TKT_FIL_FMT	- bad format
-EOF		- end of file encountered
-.sp
-.fi
-.PP
-.I tf_close
-closes the ticket file and releases the lock on it.
-.SH "SEE ALSO"
-krb(3)
-.SH DIAGNOSTICS
-.SH BUGS
-The ticket file routines have to be called in a certain order.
-.SH AUTHORS
-Jennifer Steiner, MIT Project Athena
-.br
-Bill Bryant, MIT Project Athena
-.SH RESTRICTIONS
-Copyright 1987 Massachusetts Institute of Technology
diff --git a/crypto/kerberosIV/mkinstalldirs b/crypto/kerberosIV/mkinstalldirs
deleted file mode 100644
index 1c13a50fadb2..000000000000
--- a/crypto/kerberosIV/mkinstalldirs
+++ /dev/null
@@ -1,40 +0,0 @@
-#! /bin/sh
-# mkinstalldirs --- make directory hierarchy
-# Author: Noah Friedman <friedman@prep.ai.mit.edu>
-# Created: 1993-05-16
-# Public domain
-
-# $Id: mkinstalldirs,v 1.1 1996/06/27 01:12:51 joda Exp $
-
-errstatus=0
-
-for file
-do
-   set fnord `echo ":$file" | sed -ne 's/^:\//#/;s/^://;s/\// /g;s/^#/\//;p'`
-   shift
-
-   pathcomp=
-   for d
-   do
-     pathcomp="$pathcomp$d"
-     case "$pathcomp" in
-       -* ) pathcomp=./$pathcomp ;;
-     esac
-
-     if test ! -d "$pathcomp"; then
-        echo "mkdir $pathcomp" 1>&2
-
-        mkdir "$pathcomp" || lasterr=$?
-
-        if test ! -d "$pathcomp"; then
-  	  errstatus=$lasterr
-        fi
-     fi
-
-     pathcomp="$pathcomp/"
-   done
-done
-
-exit $errstatus
-
-# mkinstalldirs ends here
diff --git a/crypto/kerberosIV/server/Makefile.in b/crypto/kerberosIV/server/Makefile.in
deleted file mode 100644
index 64e7eb1ef21c..000000000000
--- a/crypto/kerberosIV/server/Makefile.in
+++ /dev/null
@@ -1,79 +0,0 @@
-# $Id: Makefile.in,v 1.24 1997/05/02 17:52:00 assar Exp $
-
-SHELL = /bin/sh
-
-srcdir = @srcdir@
-VPATH = @srcdir@
-
-CC = @CC@
-AR = ar
-RANLIB = @RANLIB@
-DEFS = @DEFS@
-CFLAGS = @CFLAGS@
-LD_FLAGS = @LD_FLAGS@
-
-INSTALL = @INSTALL@
-INSTALL_PROGRAM = @INSTALL_PROGRAM@
-MKINSTALLDIRS = @top_srcdir@/mkinstalldirs
-
-LIBS = @LIBS@
-LIB_DBM = @LIB_DBM@
-
-prefix = @prefix@
-exec_prefix = @exec_prefix@
-libdir = @libdir@
-libexecdir = @libexecdir@
-transform=@program_transform_name@
-EXECSUFFIX=@EXECSUFFIX@
-
-PROGS = kerberos$(EXECSUFFIX)
-
-SOURCES = kerberos.c
-
-OBJECTS = kerberos.o
-
-all: $(PROGS)
-
-Wall:
-	make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__"
-
-.c.o:
-	$(CC) -c $(CPPFLAGS) $(DEFS) -I../include -I$(srcdir) $(CFLAGS) $<
-
-install: all
-	$(MKINSTALLDIRS) $(libexecdir)
-	for x in $(PROGS); do \
-	  $(INSTALL_PROGRAM) $$x $(libexecdir)/`echo $$x | sed '$(transform)'`; \
-	done
-
-uninstall:
-	for x in $(PROGS); do \
-	  rm -f $(libexecdir)/`echo $$x | sed '$(transform)'`; \
-	done
-
-TAGS: $(SOURCES)
-	etags $(SOURCES)
-
-check:
-
-clean:
-	rm -f *.a *.o $(PROGS)
-
-mostlyclean: clean
-
-distclean: clean
-	rm -f Makefile *.tab.c *~
-
-realclean: distclean
-	rm -f TAGS
-
-dist: $(DISTFILES)
-	for file in $(DISTFILES); do \
-	  ln $$file ../`cat ../.fname`/lib \
-	    || cp -p $$file ../`cat ../.fname`/lib; \
-	done
-
-kerberos$(EXECSUFFIX): kerberos.o
-	$(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ kerberos.o -L../lib/kdb -lkdb -L../lib/krb -lkrb -L../lib/des -ldes -L../lib/roken -lroken $(LIB_DBM) $(LIBS) -lroken
-
-$(OBJECTS): ../include/config.h
diff --git a/crypto/kerberosIV/server/kerberos.c b/crypto/kerberosIV/server/kerberos.c
deleted file mode 100644
index 405e48d4837a..000000000000
--- a/crypto/kerberosIV/server/kerberos.c
+++ /dev/null
@@ -1,846 +0,0 @@
-/*
- * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute
- * of Technology.
- *
- * For copying and distribution information, please see the file
- * <mit-copyright.h>.
- */
-
-#include "config.h"
-#include "protos.h"
-
-RCSID("$Id: kerberos.c,v 1.64 1997/05/20 18:40:46 bg Exp $");
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-
-#ifdef TIME_WITH_SYS_TIME
-#include <sys/time.h>
-#include <time.h>
-#elif defined(HAVE_SYS_TIME_H)
-#include <sys/time.h>
-#else
-#include <time.h>
-#endif
-
-#ifdef HAVE_SYS_SELECT_H
-#include <sys/select.h>
-#endif
-
-#include <errno.h>
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-#if defined(HAVE_SYS_IOCTL_H) && SunOS != 4
-#include <sys/ioctl.h>
-#endif
-#ifdef HAVE_SYS_FILIO_H
-#include <sys/filio.h>
-#endif /* HAVE_SYS_FILIO_H */
-
-#ifdef HAVE_NETDB_H
-#include <netdb.h>
-#endif
-#include <err.h>
-
-#ifdef SOCKS
-#include <socks.h>
-#endif
-
-#include <roken.h>
-
-#include <des.h>
-#include <krb.h>
-#include <krb_db.h>
-#include <prot.h>
-#include <klog.h>
-
-#include <kdc.h>
-
-static des_key_schedule master_key_schedule;
-static des_cblock master_key;
-
-static struct timeval kerb_time;
-static u_char master_key_version;
-static char k_instance[INST_SZ];
-static char *lt;
-static int more;
-
-static int mflag;		/* Are we invoked manually? */
-static char *log_file;		/* name of alt. log file */
-static int nflag;		/* don't check max age */
-static int rflag;		/* alternate realm specified */
-
-/* fields within the received request packet */
-static char *req_name_ptr;
-static char *req_inst_ptr;
-static char *req_realm_ptr;
-static u_int32_t req_time_ws;
-
-static char local_realm[REALM_SZ];
-
-/* options */
-static int max_age = -1;
-static int pause_int = -1;
-
-/*
- * Print usage message and exit.
- */
-static void
-usage(void)
-{
-    fprintf(stderr, "Usage: %s [-s] [-m] [-n] [-p pause_seconds]"
-	    " [-a max_age] [-l log_file] [-r realm] [database_pathname]\n",
-	    __progname);
-    exit(1);
-}
-
-/*
- * kerb_err_reply creates an error reply packet and sends it to the
- * client. 
- */
-
-static void
-kerb_err_reply(int f, struct sockaddr_in *client, int err, char *string)
-{
-    static KTEXT_ST e_pkt_st;
-    KTEXT   e_pkt = &e_pkt_st;
-    static char e_msg[128];
-
-    strcpy(e_msg, "\nKerberos error -- ");
-    strcat(e_msg, string);
-    cr_err_reply(e_pkt, req_name_ptr, req_inst_ptr, req_realm_ptr,
-		 req_time_ws, err, e_msg);
-    sendto(f, (char*)e_pkt->dat, e_pkt->length, 0, (struct sockaddr *)client,
-	   sizeof(*client));
-}
-
-static void
-hang(void)
-{
-    if (pause_int == -1) {
-	klog(L_KRB_PERR, "Kerberos will pause so as not to loop init");
-	for (;;)
-	    pause();
-    } else {
-	char buf[256];
-	snprintf(buf, sizeof(buf),
-		 "Kerberos will wait %d seconds before dying so as not to loop init",
-		 pause_int);
-	klog(L_KRB_PERR, buf);
-	sleep(pause_int);
-	klog(L_KRB_PERR, "Do svedania....\n");
-	exit(1);
-    }
-}
-
-static int
-check_princ(char *p_name, char *instance, unsigned int lifetime, Principal *p)
-{
-    static int n;
-    static int more;
-
-    n = kerb_get_principal(p_name, instance, p, 1, &more);
-    
-    if (n < 0) {
-	lt = klog(L_KRB_PERR, "Database unavailable!");
-	hang();
-    }
-    
-    /*
-     * if more than one p_name, pick one, randomly create a session key,
-     * compute maximum lifetime, lookup authorizations if applicable,
-     * and stuff into cipher. 
-     */
-    if (n == 0) {
-	/* service unknown, log error, skip to next request */
-	lt = klog(L_ERR_UNK, "UNKNOWN %s.%s", p_name, instance);
-	return KERB_ERR_PRINCIPAL_UNKNOWN;
-    }
-    if (more) {
-	/* not unique, log error */
-	lt = klog(L_ERR_NUN, "Principal not unique %s.%s", p_name, instance);
-	return KERB_ERR_PRINCIPAL_NOT_UNIQUE;
-    }
-    /* If the user's key is null, we want to return an error */
-    if ((p->key_low == 0) && (p->key_high == 0)) {
-	/* User has a null key */
-	lt = klog(L_ERR_NKY, "Null key %s.%s", p_name, instance);
-	return KERB_ERR_NULL_KEY;
-    }
-    if (master_key_version != p->kdc_key_ver) {
-	/* log error reply */
-	lt = klog(L_ERR_MKV,
-		  "Incorrect master key version for %s.%s: %d (should be %d)",
-		  p->name, p->instance, p->kdc_key_ver, master_key_version);
-	return KERB_ERR_NAME_MAST_KEY_VER;
-    }
-    /* make sure the service hasn't expired */
-    if ((u_int32_t) p->exp_date < (u_int32_t) kerb_time.tv_sec) {
-	/* service did expire, log it */
-	time_t t = p->exp_date;
-	lt = klog(L_ERR_SEXP,
-		  "Principal %s.%s expired at %s", p->name, p->instance,
-		  krb_stime(&t));
-	return KERB_ERR_NAME_EXP;
-    }
-    /* ok is zero */
-    return 0;
-}
-
-static void
-unseal(des_cblock *key)
-{
-    kdb_encrypt_key(key, key, &master_key, master_key_schedule, DES_DECRYPT);
-}
-
-
-/* Set the key for krb_rd_req so we can check tgt */
-static int
-set_tgtkey(char *r)
-              			/* Realm for desired key */
-{
-    int     n;
-    static char lastrealm[REALM_SZ];
-    Principal p_st;
-    Principal *p = &p_st;
-    des_cblock key;
-
-    if (!strcmp(lastrealm, r))
-	return (KSUCCESS);
-
-    klog(L_ALL_REQ, "Getting key for %s", r);
-
-    n = kerb_get_principal(KRB_TICKET_GRANTING_TICKET, r, p, 1, &more);
-    if (n == 0)
-	return (KFAILURE);
-
-    /* unseal tgt key from master key */
-    copy_to_key(&p->key_low, &p->key_high, key);
-    unseal(&key);
-    krb_set_key(key, 0);
-    strcpy(lastrealm, r);
-    return (KSUCCESS);
-}
-
-
-static int
-kerberos(unsigned char *buf, int len, struct in_addr client, KTEXT rpkt)
-{
-    int pvno;
-    int msg_type;
-    int lsb;
-    int life;
-    int flags = 0;
-    char name[ANAME_SZ], inst[INST_SZ], realm[REALM_SZ];
-    char service[SNAME_SZ], sinst[INST_SZ];
-    u_int32_t req_time;
-    static KTEXT_ST ticket, cipher, adat;
-    KTEXT tk = &ticket, ciph = &cipher, auth = &adat;
-    AUTH_DAT ad;
-    des_cblock session, key;
-    int err;
-    Principal a_name, s_name;
-    
-    char *msg;
-    
-    
-    unsigned char *p = buf;
-    if(len < 2){
-	strcpy((char*)rpkt->dat, "Packet too short");
-	return KFAILURE;
-    }
-
-    gettimeofday(&kerb_time, NULL);
-
-    pvno = *p++;
-    if(pvno != KRB_PROT_VERSION){
-	msg = klog(L_KRB_PERR, "KRB protocol version mismatch (%d)", pvno);
-	strcpy((char*)rpkt->dat, msg);
-	return KERB_ERR_PKT_VER;
-    }
-    msg_type = *p++;
-    lsb = msg_type & 1;
-    msg_type &= ~1;
-    switch(msg_type){
-    case AUTH_MSG_KDC_REQUEST:
-	/* XXX range check */
-	p += krb_get_nir(p, name, inst, realm);
-	p += krb_get_int(p, &req_time, 4, lsb);
-	life = *p++;
-	p += krb_get_nir(p, service, sinst, NULL);
-	klog(L_INI_REQ, "AS REQ %s.%s@%s for %s.%s from %s", 
-	     name, inst, realm, service, sinst, inet_ntoa(client));
-	if((err = check_princ(name, inst, 0, &a_name))){
-	    strcpy((char*)rpkt->dat, krb_get_err_text(err));
-	    return err;
-	}
-	tk->length = 0;
-	if((err = check_princ(service, sinst, 0, &s_name))){
-	    strcpy((char*)rpkt->dat, krb_get_err_text(err));
-	    return err;
-	}
-	life = min(life, s_name.max_life);
-	life = min(life, a_name.max_life);
-    
-	des_new_random_key(&session);
-	copy_to_key(&s_name.key_low, &s_name.key_high, key);
-	unseal(&key);
-	krb_create_ticket(tk, flags, a_name.name, a_name.instance, 
-			  local_realm, client.s_addr, session, 
-			  life, kerb_time.tv_sec, 
-			  s_name.name, s_name.instance, &key);
-	copy_to_key(&a_name.key_low, &a_name.key_high, key);
-	unseal(&key);
-	create_ciph(ciph, session, s_name.name, s_name.instance,
-		    local_realm, life, s_name.key_version, tk, 
-		    kerb_time.tv_sec, &key);
-	memset(&session, 0, sizeof(session));
-	memset(&key, 0, sizeof(key));
-	{
-	    KTEXT r;
-	    r = create_auth_reply(name, inst, realm, req_time, 0, 
-				  a_name.exp_date, a_name.key_version, ciph);
-	    memcpy(rpkt, r, sizeof(*rpkt));
-	}
-	return 0;
-    case AUTH_MSG_APPL_REQUEST:
-	strcpy(realm, (char*)buf + 3);
-	if((err = set_tgtkey(realm))){
-	    msg = klog(L_ERR_UNK, "Unknown realm %s from %s", 
-		       realm, inet_ntoa(client));
-	    strcpy((char*)rpkt->dat, msg);
-	    return err;
-	}
-	p = buf + strlen(realm) + 4;
-	p = p + p[0] + p[1] + 2;
-	auth->length = p - buf;
-	memcpy(auth->dat, buf, auth->length);
-	err = krb_rd_req(auth, KRB_TICKET_GRANTING_TICKET,
-			 realm, client.s_addr, &ad, 0);
-	if(err){
-	    msg = klog(L_ERR_UNK, "krb_rd_req from %s: %s", 
-		       inet_ntoa(client), krb_get_err_text(err));
-	    strcpy((char*)rpkt->dat, msg);
-	    return err;
-	}
-	p += krb_get_int(p, &req_time, 4, lsb);
-	life = *p++;
-	p += krb_get_nir(p, service, sinst, NULL);
-	klog(L_APPL_REQ, "APPL REQ %s.%s@%s for %s.%s from %s",
-	     ad.pname, ad.pinst, ad.prealm, 
-	     service, sinst, 
-	     inet_ntoa(client));
-	if(strcmp(ad.prealm, realm)){
-	    msg = klog(L_ERR_UNK, "Can't hop realms: %s -> %s", 
-		       realm, ad.prealm);
-	    strcpy((char*)rpkt->dat, msg);
-	    return KERB_ERR_PRINCIPAL_UNKNOWN;
-	}
-
-	if(!strcmp(service, "changepw")){
-	    strcpy((char*)rpkt->dat, 
-		   "Can't authorize password changed based on TGT");
-	    return KERB_ERR_PRINCIPAL_UNKNOWN;
-	}
-
-	err = check_princ(service, sinst, life, &s_name);
-	if(err){
-	    strcpy((char*)rpkt->dat, krb_get_err_text(err));
-	    return err;
-	}
-	life = min(life, 
-		   krb_time_to_life(kerb_time.tv_sec, 
-				    krb_life_to_time(ad.time_sec, 
-						     ad.life)));
-	life = min(life, s_name.max_life);
-	copy_to_key(&s_name.key_low, &s_name.key_high, key);
-	unseal(&key);
-	des_new_random_key(&session);
-	krb_create_ticket(tk, flags, ad.pname, ad.pinst, ad.prealm,
-			  client.s_addr, &session, life, kerb_time.tv_sec,
-			  s_name.name, s_name.instance,
-			  &key);
-	
-	memset(&key, 0, sizeof(key));
-
-	create_ciph(ciph, session, service, sinst, local_realm,
-		    life, s_name.key_version, tk,
-		    kerb_time.tv_sec, &ad.session);
-
-	memset(&session, 0, sizeof(session));
-	memset(ad.session, 0, sizeof(ad.session));
-	{
-	    KTEXT r;
-	    r =create_auth_reply(ad.pname, ad.pinst, ad.prealm, 
-				 req_time, 0, 0, 0, ciph);
-	    memcpy(rpkt, r, sizeof(*rpkt));
-	}
-	memset(&s_name, 0, sizeof(s_name));
-	return 0;
-	
-    case AUTH_MSG_ERR_REPLY:
-	return -1;
-    default:
-	msg = klog(L_KRB_PERR, "Unknown message type: %d from %s", 
-		   msg_type, inet_ntoa(client));
-	strcpy((char*)rpkt->dat, msg);
-	return KFAILURE;
-    }
-}
-
-
-static void
-kerberos_wrap(int s, KTEXT data, struct sockaddr_in *client)
-{
-    KTEXT_ST pkt;
-    int err = kerberos(data->dat, data->length, client->sin_addr, &pkt);
-    if(err == -1)
-	return;
-    if(err){
-	kerb_err_reply(s, client, err, (char*)pkt.dat);
-	return;
-    }
-    sendto(s, pkt.dat, pkt.length, 0, (struct sockaddr *)client,
-	   sizeof(*client));
-}
-
-
-/*
- * setup_disc 
- *
- * disconnect all descriptors, remove ourself from the process
- * group that spawned us. 
- */
-
-static void
-setup_disc(void)
-{
-    int     s;
-
-    for (s = 0; s < 3; s++) {
-	close(s);
-    }
-
-    open("/dev/null", 0);
-    dup2(0, 1);
-    dup2(0, 2);
-
-    setsid();
-
-    chdir("/tmp");
-    return;
-}
-
-/*
- * Make sure that database isn't stale.
- *
- * Exit if it is; we don't want to tell lies.
- */
-
-static void
-check_db_age(void)
-{
-    long age;
-    
-    if (max_age != -1) {
-	/* Requires existance of kerb_get_db_age() */
-	gettimeofday(&kerb_time, 0);
-	age = kerb_get_db_age();
-	if (age == 0) {
-	    klog(L_KRB_PERR, "Database currently being updated!");
-	    hang();
-	}
-	if ((age + max_age) < kerb_time.tv_sec) {
-	    klog(L_KRB_PERR, "Database out of date!");
-	    hang();
-	    /* NOTREACHED */
-	}
-    }
-}
-
-struct descr{
-    int s;
-    KTEXT_ST buf;
-    int type;
-    int timeout;
-};
-
-static void
-mksocket(struct descr *d, struct in_addr addr, int type, 
-	 const char *service, int port)
-{
-    struct sockaddr_in sina;
-    int     on = 1;
-    int sock;
-
-    memset(d, 0, sizeof(struct descr));
-    if ((sock = socket(AF_INET, type, 0)) < 0)
-	err (1, "socket");
-#if defined(SO_REUSEADDR) && defined(HAVE_SETSOCKOPT)
-    if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *)&on,
-		   sizeof(on)) < 0)
-	warn ("setsockopt (SO_REUSEADDR)");
-#endif
-    memset(&sina, 0, sizeof(sina));
-    sina.sin_family = AF_INET;
-    sina.sin_port   = port;
-    sina.sin_addr   = addr;
-    if (bind(sock, (struct sockaddr *)&sina, sizeof(sina)) < 0)
-	err (1, "bind '%s/%s' (%d)",
-	     service, (type == SOCK_DGRAM) ? "udp" : "tcp",
-	     ntohs(sina.sin_port));
-    
-    if(type == SOCK_STREAM)
-	listen(sock, SOMAXCONN);
-    d->s = sock;
-    d->type = type;
-}
-
-
-static void loop(struct descr *fds, int maxfd);
-
-int
-main(int argc, char **argv)
-{
-    int     child;
-    int c;
-    struct descr *fds;
-    int nfds;
-    int i;
-    int n;
-    int     kerror;
-
-    umask(077);		/* Create protected files */
-
-    set_progname (argv[0]);
-
-    while ((c = getopt(argc, argv, "snmp:a:l:r:")) != EOF) {
-	switch(c) {
-	case 's':
-	    /*
-	     * Set parameters to slave server defaults.
-	     */
-	    if (max_age == -1 && !nflag)
-		max_age = ONE_DAY;	/* 24 hours */
-	    if (pause_int == -1)
-		pause_int = FIVE_MINUTES; /* 5 minutes */
-#if 0
-	    if (log_file == NULL) {
-		/* this is only silly */
-		log_file = KRBSLAVELOG;
-	    }
-#endif
-	    break;
-	case 'n':
-	    max_age = -1;	/* don't check max age. */
-	    nflag++;
-	    break;
-	case 'm':
-	    mflag++;		/* running manually; prompt for master key */
-	    break;
-	case 'p':
-	    /* Set pause interval. */
-	    if (!isdigit(optarg[0]))
-		usage();
-	    pause_int = atoi(optarg);
-	    if ((pause_int < 5) ||  (pause_int > ONE_HOUR)) {
-		fprintf(stderr, "pause_int must be between 5 and 3600 seconds.\n");
-		usage();
-	    }
-	    break;
-	case 'a':
-	    /* Set max age. */
-	    if (!isdigit(optarg[0])) 
-		usage();
-	    max_age = atoi(optarg);
-	    if ((max_age < ONE_HOUR) || (max_age > THREE_DAYS)) {
-		fprintf(stderr, "max_age must be between one hour and three days, in seconds\n");
-		usage();
-	    }
-	    break;
-	case 'l':
-	    /* Set alternate log file */
-	    log_file = optarg;
-	    break;
-	case 'r':
-	    /* Set realm name */
-	    rflag++;
-	    strcpy(local_realm, optarg);
-	    break;
-	default:
-	    usage();
-	    break;
-	}
-    }
-    
-    if(log_file == NULL)
-	log_file = KRBLOG;
-
-    if (optind == (argc-1)) {
-	if (kerb_db_set_name(argv[optind]) != 0) {
-	    fprintf(stderr, "Could not set alternate database name\n");
-	    exit(1);
-	}
-	optind++;
-    }
-
-    if (optind != argc)
-	usage();
-	
-    printf("Kerberos server starting\n");
-    
-    if ((!nflag) && (max_age != -1))
-	printf("\tMaximum database age: %d seconds\n", max_age);
-    if (pause_int != -1)
-	printf("\tSleep for %d seconds on error\n", pause_int);
-    else
-	printf("\tSleep forever on error\n");
-    if (mflag)
-	printf("\tMaster key will be entered manually\n");
-    
-    printf("\tLog file is %s\n", log_file);
-
-    kset_logfile(log_file);
-    
-    /* find our hostname, and use it as the instance */
-    if (k_gethostname(k_instance, INST_SZ))
-	err (1, "gethostname");
-
-    /*
-     * Yes this looks backwards but it has to be this way to enable a
-     * smooth migration to the new port 88.
-     */
-    {
-      int p1, p2;
-      struct in_addr *a;
-
-      p1 = k_getportbyname ("kerberos-iv", "udp", htons(750));
-      p2 = k_getportbyname ("kerberos-sec", "udp", htons(88));
-
-      if (p1 == p2)
-	{
-	  fprintf(stderr, "Either define kerberos-iv/udp as 750\n");
-	  fprintf(stderr, "      and kerberos-sec/udp as 88\n");
-	  fprintf(stderr, "or the other way around!");
-	  exit(1);
-	}
-
-      nfds = k_get_all_addrs (&a);
-      if (nfds < 0) {
-	   struct in_addr any;
-
-	   any.s_addr = INADDR_ANY;
-
-	   fprintf (stderr, "Could not get local addresses, "
-		    "binding to INADDR_ANY\n");
-	   nfds = 1;
-	   a = malloc(sizeof(*a) * nfds);
-	   memcpy(a, &any, sizeof(struct in_addr));
-      }
-      nfds *= 4;
-      fds = (struct descr*)malloc(nfds * sizeof(struct descr));
-      for (i = 0; i < nfds/4; i++) {
-	  mksocket(fds + 4 * i + 0, a[i], SOCK_DGRAM, "kerberos-iv", p1);
-	  mksocket(fds + 4 * i + 1, a[i], SOCK_DGRAM, "kerberos-sec", p2);
-	  mksocket(fds + 4 * i + 2, a[i], SOCK_STREAM, "kerberos-iv", p1);
-	  mksocket(fds + 4 * i + 3, a[i], SOCK_STREAM, "kerberos-sec", p2);
-      }
-      free (a);
-    }
-    /* do all the database and cache inits */
-    if ((n = kerb_init())) {
-	if (mflag) {
-	    printf("Kerberos db and cache init ");
-	    printf("failed = %d ...exiting\n", n);
-	    exit (1);
-	} else {
-	    klog(L_KRB_PERR,
-	    "Kerberos db and cache init failed = %d ...exiting", n);
-	    hang();
-	}
-    }
-
-    /* Make sure database isn't stale */
-    check_db_age();
-    
-    /* setup master key */
-    if (kdb_get_master_key (mflag, &master_key, master_key_schedule) != 0) {
-      klog (L_KRB_PERR, "kerberos: couldn't get master key.\n");
-      exit (1);
-    }
-    kerror = kdb_verify_master_key (&master_key, master_key_schedule, stdout);
-    if (kerror < 0) {
-      klog (L_KRB_PERR, "Can't verify master key.");
-      memset(master_key, 0, sizeof (master_key));
-      memset (master_key_schedule, 0, sizeof (master_key_schedule));
-      exit (1);
-    }
-
-    master_key_version = (u_char) kerror;
-
-    fprintf(stdout, "\nCurrent Kerberos master key version is %d\n",
-	    master_key_version);
-    des_init_random_number_generator(&master_key);
-
-    if (!rflag) {
-	/* Look up our local realm */
-	krb_get_lrealm(local_realm, 1);
-    }
-    fprintf(stdout, "Local realm: %s\n", local_realm);
-    fflush(stdout);
-
-    if (set_tgtkey(local_realm)) {
-	/* Ticket granting service unknown */
-	klog(L_KRB_PERR, "Ticket granting ticket service unknown");
-	fprintf(stderr, "Ticket granting ticket service unknown\n");
-	exit(1);
-    }
-    if (mflag) {
-	if ((child = fork()) != 0) {
-	    printf("Kerberos started, PID=%d\n", child);
-	    exit(0);
-	}
-	setup_disc();
-    }
-    
-    klog(L_ALL_REQ, "Starting Kerberos for %s (kvno %d)", 
-	 local_realm, master_key_version);
-    
-    /* receive loop */
-    loop(fds, nfds);
-    exit(1);
-}
-
-
-static void
-loop(struct descr *fds, int nfds)
-{
-    for (;;) {
-	int ret;
-        fd_set readfds;
-	struct timeval tv;
-	int maxfd = 0;
-	struct descr *n, *minfree;
-	
-	FD_ZERO(&readfds);
-	gettimeofday(&tv, NULL);
-	maxfd = 0;
-	minfree = NULL;
-	/* Remove expired TCP sockets, and add all other 
-	   to the set we are selecting on */
-	for(n = fds; n < fds + nfds; n++){
-	    if(n->s >= 0 && n->timeout && tv.tv_sec > n->timeout){
-		kerb_err_reply(n->s, NULL, KERB_ERR_TIMEOUT, "Timeout");
-		close(n->s);
-		n->s = -1;
-	    }
-	    if(n->s < 0){
-		if(minfree == NULL) minfree = n;
-		continue;
-	    }
-	    FD_SET(n->s, &readfds);
-	    maxfd = max(maxfd, n->s);
-	}
-	/* add more space for sockets */
-	if(minfree == NULL){
-	    int i = nfds;
-	    struct descr *new;
-	    nfds *=2;
-	    new = realloc(fds, sizeof(struct descr) * nfds);
-	    if(new){
-		fds = new;
-		minfree = fds + i;
-		for(; i < nfds; i++) fds[i].s = -1;
-	    }
-	}
-	ret = select(maxfd + 1, &readfds, 0, 0, 0);
-	for (n = fds; n < fds + nfds; n++){
-	    if(n->s < 0) continue;
-	    if (FD_ISSET(n->s, &readfds)){
-		if(n->type == SOCK_STREAM && n->timeout == 0){
-		    /* add accepted socket to list of sockets we are
-                       selecting on */
-		    int s = accept(n->s, NULL, 0);
-		    if(minfree == NULL){
-			kerb_err_reply(s, NULL, KFAILURE, "Out of memory");
-			close(s);
-		    }else{
-			minfree->s = s;
-			minfree->type = SOCK_STREAM;
-			gettimeofday(&tv, NULL);
-			minfree->timeout = tv.tv_sec + 4; /* XXX */
-		    }
-		}else{
-		    int b;
-		    struct sockaddr_in from;
-		    int fromlen = sizeof(from);
-		    b = recvfrom(n->s, n->buf.dat + n->buf.length, 
-				 MAX_PKT_LEN - n->buf.length, 0, 
-				 (struct sockaddr *)&from, &fromlen);
-		    if(b < 0){
-			if(n->type == SOCK_STREAM){
-			    close(n->s);
-			    n->s = -1;
-			}
-			n->buf.length = 0;
-			continue;
-		    }
-		    n->buf.length += b;
-		    if(n->type == SOCK_STREAM){
-			if(n->buf.length >= 4 && n->buf.dat[0] == 0){
-			    /* if this is a new type of packet (with
-                               the length attached to the head of the
-                               packet), and there is no more data to
-                               be read, fake an old packet, so the
-                               code below will work */
-			    u_int32_t len;
-			    krb_get_int(n->buf.dat, &len, 4, 0);
-			    if(n->buf.length == len + 4){
-				memmove(n->buf.dat, n->buf.dat + 4, len);
-				b = 0;
-			    }
-			}
-			if(b == 0){
-			    /* handle request if there are 
-			       no more bytes to read */
-			    fromlen = sizeof(from);
-			    getpeername(n->s,(struct sockaddr*)&from, &fromlen);
-			    kerberos_wrap(n->s, &n->buf, &from);
-			    n->buf.length = 0;
-			    close(n->s);
-			    n->s = -1;
-			}
-		    }else{
-			/* udp packets are atomic */
-			kerberos_wrap(n->s, &n->buf, &from);
-			n->buf.length = 0;
-		    }
-		}
-	    }
-	}
-    }
-}
diff --git a/crypto/kerberosIV/slave/Makefile.in b/crypto/kerberosIV/slave/Makefile.in
deleted file mode 100644
index ce355465d78a..000000000000
--- a/crypto/kerberosIV/slave/Makefile.in
+++ /dev/null
@@ -1,82 +0,0 @@
-# $Id: Makefile.in,v 1.27 1997/05/04 04:16:28 assar Exp $
-
-SHELL = /bin/sh
-
-srcdir = @srcdir@
-VPATH = @srcdir@
-
-CC = @CC@
-AR = ar
-RANLIB = @RANLIB@
-DEFS = @DEFS@ -DSBINDIR=\"$(sbindir)\"
-CFLAGS = @CFLAGS@
-LD_FLAGS = @LD_FLAGS@
-
-INSTALL = @INSTALL@
-INSTALL_PROGRAM = @INSTALL_PROGRAM@
-LIBS = @LIBS@
-MKINSTALLDIRS = @top_srcdir@/mkinstalldirs
-
-prefix = @prefix@
-exec_prefix = @exec_prefix@
-libdir = @libdir@
-libexecdir = @libexecdir@
-sbindir = @sbindir@
-transform=@program_transform_name@
-EXECSUFFIX=@EXECSUFFIX@
-
-PROGS = kpropd$(EXECSUFFIX) \
-	kprop$(EXECSUFFIX)
-
-SOURCES = kpropd.c kprop.c
-
-OBJECTS = kpropd.o kprop.o
-
-all: $(PROGS)
-
-Wall:
-	make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__"
-
-.c.o:
-	$(CC) -c $(CPPFLAGS) $(DEFS) -I../include -I$(srcdir) $(CFLAGS) $<
-
-install: all
-	$(MKINSTALLDIRS) $(libexecdir)
-	for x in $(PROGS); do \
-	  $(INSTALL_PROGRAM) $$x $(libexecdir)/`echo $$x | sed '$(transform)'`; \
-	done
-
-uninstall:
-	for x in $(PROGS); do \
-	  rm -f $(libexecdir)/`echo $$x | sed '$(transform)'`; \
-	done
-
-TAGS: $(SOURCES)
-	etags $(SOURCES)
-
-check:
-
-clean:
-	rm -f *.a *.o $(PROGS)
-
-mostlyclean: clean
-
-distclean: clean
-	rm -f Makefile *.tab.c *~
-
-realclean: distclean
-	rm -f TAGS
-
-dist: $(DISTFILES)
-	for file in $(DISTFILES); do \
-	  ln $$file ../`cat ../.fname`/lib \
-	    || cp -p $$file ../`cat ../.fname`/lib; \
-	done
-
-kprop$(EXECSUFFIX): kprop.o
-	$(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ kprop.o -L../lib/krb -lkrb -L../lib/des -ldes -L../lib/roken -lroken $(LIBS) -lroken
-
-kpropd$(EXECSUFFIX): kpropd.o
-	$(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ kpropd.o -L../lib/krb -lkrb -L../lib/des -ldes -L../lib/roken -lroken $(LIBS) -lroken
-
-$(OBJECTS): ../include/config.h
diff --git a/crypto/kerberosIV/slave/kprop.c b/crypto/kerberosIV/slave/kprop.c
deleted file mode 100644
index 89011212ea9a..000000000000
--- a/crypto/kerberosIV/slave/kprop.c
+++ /dev/null
@@ -1,530 +0,0 @@
-/*
-
-Copyright 1987, 1988 by the Student Information Processing Board
-	of the Massachusetts Institute of Technology
-
-Permission to use, copy, modify, and distribute this software
-and its documentation for any purpose and without fee is
-hereby granted, provided that the above copyright notice
-appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation,
-and that the names of M.I.T. and the M.I.T. S.I.P.B. not be
-used in advertising or publicity pertaining to distribution
-of the software without specific, written prior permission.
-M.I.T. and the M.I.T. S.I.P.B. make no representations about
-the suitability of this software for any purpose.  It is
-provided "as is" without express or implied warranty.
-
-*/
-
-#include "slav_locl.h"
-
-RCSID("$Id: kprop.c,v 1.29 1997/05/25 02:43:54 joda Exp $");
-
-#include "kprop.h"
-
-static char kprop_version[KPROP_PROT_VERSION_LEN] = KPROP_PROT_VERSION;
-
-int     debug = 0;
-
-char    my_realm[REALM_SZ];
-int     princ_data_size = 3 * sizeof(int32_t) + 3 * sizeof(unsigned char);
-short   transfer_mode, net_transfer_mode;
-int force_flag;
-static char ok[] = ".dump_ok";
-
-struct slave_host {
-    u_int32_t  net_addr;
-    char   *name;
-    char   *instance;
-    char   *realm;
-    int	   not_time_yet;
-    int    succeeded;
-    struct slave_host *next;
-};
-
-static
-int get_slaves(struct slave_host **psl, char *file, time_t ok_mtime)
-{
-    FILE   *fin;
-    char    namebuf[128], *inst;
-    char   *pc;
-    struct hostent *host;
-    struct slave_host **th;
-    char    path[256];
-    char   *ppath;
-    struct stat stbuf;
-
-    if ((fin = fopen(file, "r")) == NULL)
-	err (1, "open(%s)", file);
-    strcpy(path, file);
-    if ((ppath = strrchr(path, '/'))) {
-	ppath += 1;
-    } else {
-	ppath = path;
-    }
-    th = psl;
-    while(fgets(namebuf, sizeof(namebuf), fin)){
-	if ((pc = strchr(namebuf, '\n'))) {
-	    *pc = '\0';
-	} else {
-	    if(strlen(namebuf) == sizeof(namebuf) - 1){
-		warnx ("Hostname too long (>= %d chars) in '%s'.",
-		       (int) sizeof(namebuf), file);
-		do{
-		    if(fgets(namebuf, sizeof(namebuf), fin) == NULL)
-			break;
-		}while(strchr(namebuf, '\n') == NULL);
-		continue;
-	    }
-	}
-	if(namebuf[0] == 0 || namebuf[0] == '#')
-	    continue;
-	host = gethostbyname(namebuf);
-	if (host == NULL) {
-	    warnx ("Ignoring host '%s' in '%s': %s", 
-		   namebuf, file,
-#ifdef HAVE_H_ERRNO
-		   hstrerror(h_errno)
-#else
-		   "unknown error"
-#endif
-		   );
-	    continue;
-	}
-	(*th) = (struct slave_host *) malloc(sizeof(struct slave_host));
-	if (!*th)
-	    errx (1, "No memory reading host list from '%s'.",
-		    file);
-	memset(*th, 0, sizeof(struct slave_host));
-	(*th)->name = strdup(namebuf);
-	if ((*th)->name == NULL)
-	    errx (1, "No memory reading host list from '%s'.",
-		  file);
-	/* get kerberos cannonical instance name */
-	inst = krb_get_phost ((*th)->name);
-	(*th)->instance = strdup(inst);
-	if ((*th)->instance == NULL)
-	    errx (1, "No memory reading host list from '%s'.",
-		  file);
-	/* what a concept, slave servers in different realms! */
-	(*th)->realm = my_realm;
-	memcpy(&(*th)->net_addr, host->h_addr, sizeof((*th)->net_addr));
-	(*th)->not_time_yet = 0;
-	(*th)->succeeded = 0;
-	(*th)->next = NULL;
-	strcat(strcpy(ppath, (*th)->name), "-last-prop");
-	if (!force_flag && !stat(path, &stbuf) && stbuf.st_mtime > ok_mtime) {
-	    (*th)->not_time_yet = 1;
-	    (*th)->succeeded = 1;	/* no change since last success */
-	}
-	th = &(*th)->next;
-    }
-    fclose(fin);
-    return (1);
-}
-
-/* The master -> slave protocol looks like this:
-     1) 8 byte version string
-     2) 2 bytes of "transfer mode" (net byte order of course)
-     3) ticket/authentication send by sendauth
-     4) 4 bytes of "block" length (u_int32_t)
-     5) data
-
-     4 and 5 repeat til EOF ...
-*/
-
-static int
-prop_to_slaves(struct slave_host *sl, int fd, char *fslv)
-{
-    u_char buf[KPROP_BUFSIZ];
-    u_char obuf[KPROP_BUFSIZ + 64]; /* leave room for private msg overhead */
-    struct sockaddr_in sin, my_sin;
-    int     i, n, s;
-    struct slave_host *cs;	/* current slave */
-    char   path[256], my_host_name[MaxHostNameLen], *p_my_host_name;
-    char   kprop_service_instance[INST_SZ];
-    char   *pc;
-    u_int32_t cksum;
-    u_int32_t length, nlength;
-    long   kerror;
-    KTEXT_ST     ticket;
-    CREDENTIALS  cred;
-    MSG_DAT msg_dat;
-    static char tkstring[] = "/tmp/kproptktXXXXXX";
-    
-    des_key_schedule session_sched;
-
-    close(mkstemp(tkstring));
-    krb_set_tkt_string(tkstring);
-    
-    memset(&sin, 0, sizeof sin);
-    sin.sin_family = AF_INET;
-    sin.sin_port = k_getportbyname ("krb_prop", "tcp", htons(KPROP_PORT));
-    sin.sin_addr.s_addr = INADDR_ANY;
-
-    strcpy(path, fslv);
-    if ((pc = strrchr(path, '/'))) {
-	pc += 1;
-    } else {
-	pc = path;
-    }
-
-    for (i = 0; i < 5; i++) {	/* try each slave five times max */
-	for (cs = sl; cs; cs = cs->next) {
-	    if (!cs->succeeded) {
-		if ((s = socket(AF_INET, SOCK_STREAM, 0)) < 0)
-		    err (1, "socket");
-		memcpy(&sin.sin_addr, &cs->net_addr, 
-		      sizeof cs->net_addr);
-
-		if (connect(s, (struct sockaddr *) &sin, sizeof sin) < 0) {
-		    warn ("connect(%s)", cs->name);
-		    close(s);
-		    continue;	/*** NEXT SLAVE ***/
-		}
-		
-		/* for krb_mk_{priv, safe} */
-		memset(&my_sin, 0, sizeof my_sin);
-		n = sizeof my_sin;
-		if (getsockname (s, (struct sockaddr *) &my_sin, &n) != 0) {
-		    warn ("getsockname(%s)", cs->name);
-		    close (s);
-		    continue;	/*** NEXT SLAVE ***/
-		}
-		if (n != sizeof (my_sin)) {
-		    warnx ("can't get socketname %s length", cs->name);
-		    close (s);
-		    continue;	/*** NEXT SLAVE ***/
-		}
-		
-		/* Get ticket */
-		kerror = krb_mk_req (&ticket, KPROP_SERVICE_NAME, 
-				     cs->instance, cs->realm, (u_int32_t) 0);
-		/* if ticket has expired try to get a new one, but
-		 * first get a TGT ...
-		 */
-		if (kerror != MK_AP_OK) {
-		    if (k_gethostname (my_host_name, sizeof(my_host_name)) != 0) {
-			warnx ("gethostname(%s): %s",
-			       my_host_name,
-#ifdef HAVE_H_ERRNO
-			       hstrerror(h_errno)
-#else
-			       "unknown error"
-#endif			       
-			       );
-			close (s);
-			break;	/* next one can't work either! */
-		    }
-		    /* get canonical kerberos service instance name */
-		    p_my_host_name = krb_get_phost (my_host_name);
-		    /* copy it to make sure gethostbyname static doesn't
-		     * screw us. */
-		    strcpy (kprop_service_instance, p_my_host_name);
-		    kerror = krb_get_svc_in_tkt (KPROP_SERVICE_NAME, 
-#if 0
-						 kprop_service_instance,
-#else
-						 KRB_MASTER,
-#endif
-						 my_realm,
-						 KRB_TICKET_GRANTING_TICKET,
-						 my_realm,
-						 96,
-						 KPROP_SRVTAB);
-		    if (kerror != INTK_OK) {
-			warnx ("%s: %s.  While getting initial ticket\n",
-			       cs->name, krb_get_err_text(kerror));
-			close (s);
-			goto punt;
-		    }
-		    kerror = krb_mk_req (&ticket, KPROP_SERVICE_NAME, 
-					 cs->instance, cs->realm, (u_int32_t) 0);
-		}
-		if (kerror != MK_AP_OK) {
-		    warnx ("%s: krb_mk_req: %s",
-			   cs->name, krb_get_err_text(kerror));
-		    close (s);
-		    continue;	/*** NEXT SLAVE ***/
-		}		    
-
-		if (write(s, kprop_version, sizeof(kprop_version))
-		    != sizeof(kprop_version)) {
-		    warn ("%s", cs->name);
-		    close (s);
-		    continue;	/*** NEXT SLAVE ***/
-		}
-
-		net_transfer_mode = htons (transfer_mode);
-		if (write(s, &net_transfer_mode, sizeof(net_transfer_mode))
-		    != sizeof(net_transfer_mode)) {
-		    warn ("write(%s)", cs->name);
-		    close (s);
-		    continue;	/*** NEXT SLAVE ***/
-		}
-
-		kerror = krb_get_cred (KPROP_SERVICE_NAME, cs->instance,
-				       cs->realm, &cred);
-		if (kerror != KSUCCESS) {
-		    warnx ("%s: %s.  Getting session key.", 
-			   cs->name, krb_get_err_text(kerror));
-		    close (s);
-		    continue;	/*** NEXT SLAVE ***/
-		}
-#ifdef NOENCRYPTION
-		memset(session_sched, 0, sizeof(session_sched));
-#else
-		if (des_key_sched (&cred.session, session_sched)) {
-		    warnx ("%s: can't make key schedule.",
-			   cs->name);
-		    close (s);
-		    continue;	/*** NEXT SLAVE ***/
-		}
-#endif
-		/* SAFE (quad_cksum) and CLEAR are just not good enough */
-		cksum = 0;
-#ifdef not_working_yet
-		if (transfer_mode != KPROP_TRANSFER_PRIVATE) {
-		    cksum = get_data_checksum(fd, session_sched);
-		    lseek(fd, 0L, 0);
-		}
-		else
-#endif
-           	{
-		    struct stat st;
-		    fstat (fd, &st);
-		    cksum = st.st_size;
-	        }
-		kerror = krb_sendauth(KOPT_DO_MUTUAL,
-				      s,
-				      &ticket,
-				      KPROP_SERVICE_NAME,
-				      cs->instance,
-				      cs->realm,
-				      cksum,
-				      &msg_dat,
-				      &cred,
-				      session_sched,
-				      &my_sin,
-				      &sin,
-				      KPROP_PROT_VERSION);
-		if (kerror != KSUCCESS) {
-		    warnx ("%s: krb_sendauth: %s.",
-			   cs->name, krb_get_err_text(kerror));
-		    close (s);
-		    continue;	/*** NEXT SLAVE ***/
-		}
-
-		lseek(fd, 0L, SEEK_SET); /* Rewind file before rereading it. */
-		while ((n = read(fd, buf, sizeof buf))) {
-		    if (n < 0)
-			err (1, "read");
-		    switch (transfer_mode) {
-		    case KPROP_TRANSFER_PRIVATE:
-		    case KPROP_TRANSFER_SAFE:
-			if (transfer_mode == KPROP_TRANSFER_PRIVATE)
-			    length = krb_mk_priv (buf, obuf, n, 
-						  session_sched, &cred.session,
-						  &my_sin, &sin);
-			else
-			    length = krb_mk_safe (buf, obuf, n,
-						  &cred.session,
-						  &my_sin, &sin);
-			if (length == -1) {
-			    warnx ("%s: %s failed.",
-				   cs->name,
-				   (transfer_mode == KPROP_TRANSFER_PRIVATE) 
-				   ? "krb_rd_priv" : "krb_rd_safe");
-			    close (s);
-			    continue; /*** NEXT SLAVE ***/
-			}
-			nlength = htonl(length);
-			if (write(s, &nlength, sizeof nlength)
-			    != sizeof nlength) {
-			    warn ("write(%s)", cs->name);
-			    close (s);
-			    continue; /*** NEXT SLAVE ***/
-			}
-			if (write(s, obuf, length) != length) {
-			    warn ("write(%s)", cs->name);
-			    close(s);
-			    continue; /*** NEXT SLAVE ***/
-			}
-			break;
-		    case KPROP_TRANSFER_CLEAR:
-			if (write(s, buf, n) != n) {
-			    warn ("write(%s)", cs->name);
-			    close(s);
-			    continue; /*** NEXT SLAVE ***/
-			}
-			break;
-		    }
-		}
-		close(s);
-		cs->succeeded = 1;
-		fprintf(stderr, "%s: success.\n", cs->name);
-		strcat(strcpy(pc, cs->name), "-last-prop");
-		unlink(path);
-		close(creat(path, 0600));
-	    }
-	}
-    }
-punt:
-    
-    dest_tkt();
-    for (cs = sl; cs; cs = cs->next) {
-	if (!cs->succeeded)
-	    return (0);		/* didn't get this slave */
-    }
-    return (1);
-}
-
-static void
-usage()
-{
-    /* already got floc and fslv, what is this? */
-    fprintf(stderr,
-	    "\nUsage: kprop [-force] [-realm realm] [-private"
-#ifdef not_safe_yet
-	    "|-safe|-clear"
-#endif
-	    "] [data_file [slaves_file]]\n\n");
-    exit(1);
-}
-
-
-int
-main(int argc, char **argv)
-{
-    int     fd, i;
-    char   *floc, *floc_ok;
-    char   *fslv;
-    struct stat stbuf, stbuf_ok;
-    time_t   l_init, l_final;
-    char   *pc;
-    int    l_diff;
-    static struct slave_host *slave_host_list = NULL;
-    struct slave_host *sh;
-
-    set_progname (argv[0]);
-
-    transfer_mode = KPROP_TRANSFER_PRIVATE;
-
-    time(&l_init);
-    pc = ctime(&l_init);
-    pc[strlen(pc) - 1] = '\0';
-    printf("\nStart slave propagation: %s\n", pc);
- 
-    floc = NULL;
-    fslv = NULL;
-
-    if (krb_get_lrealm(my_realm,1) != KSUCCESS)
-      errx (1, "Getting my kerberos realm.  Check krb.conf");
-
-    for (i = 1; i < argc; i++) 
-      switch (argv[i][0]) {
-      case '-':
-	if (strcmp (argv[i], "-private") == 0) 
-	  transfer_mode = KPROP_TRANSFER_PRIVATE;
-#ifdef not_safe_yet
-	else if (strcmp (argv[i], "-safe") == 0) 
-	  transfer_mode = KPROP_TRANSFER_SAFE;
-	else if (strcmp (argv[i], "-clear") == 0) 
-	  transfer_mode = KPROP_TRANSFER_CLEAR;
-#endif
-	else if (strcmp (argv[i], "-realm") == 0) {
-	    i++;
-	    if (i < argc)
-		strcpy(my_realm, argv[i]);
-	    else
-		usage();
-	} else if (strcmp (argv[i], "-force") == 0)
-	    force_flag++;
-	else {
-	    warnx("unknown control argument %s.", argv[i]);
-	    usage ();
-	}
-	break;
-      default:
-	/* positional arguments are marginal at best ... */
-	if (floc == NULL)
-	  floc = argv[i];
-	else {
-	  if (fslv == NULL)
-	    fslv = argv[i];
-	  else 
-	      usage();
-	}
-      }
-    if(floc == NULL)
-	floc = DB_DIR "/slave_dump";
-    if(fslv == NULL)
-	fslv = DB_DIR "/slaves";
-	
-    asprintf (&floc_ok, "%s%s", floc, ok);
-    if (floc_ok == NULL)
-	errx (1, "out of memory in copying %s", floc);
-
-    if ((fd = open(floc, O_RDONLY)) < 0)
-	err (1, "open(%s)", floc);
-    if (k_flock(fd, K_LOCK_SH | K_LOCK_NB))
-	err (1, "flock(%s)", floc);
-    if (stat(floc, &stbuf))
-	err (1, "stat(%s)", floc);
-    if (stat(floc_ok, &stbuf_ok))
-	err (1, "stat(%s)", floc_ok);
-    if (stbuf.st_mtime > stbuf_ok.st_mtime)
-	errx (1, "'%s' more recent than '%s'.", floc, floc_ok);
-    if (!get_slaves(&slave_host_list, fslv, stbuf_ok.st_mtime))
-	errx (1, "can't read slave host file '%s'.", fslv);
-#ifdef KPROP_DBG
-    {
-	struct slave_host *sh;
-	int     i;
-	fprintf(stderr, "\n\n");
-	fflush(stderr);
-	for (sh = slave_host_list; sh; sh = sh->next) {
-	    fprintf(stderr, "slave %d: %s, %s", i++, sh->name,
-		    inet_ntoa(sh->net_addr));
-	    fflush(stderr);
-	}
-    }
-#endif				/* KPROP_DBG */
-
-    if (!prop_to_slaves(slave_host_list, fd, fslv))
-	errx (1, "propagation failed.");
-    if (k_flock(fd, K_LOCK_UN))
-	err (1, "flock(%s, LOCK_UN)", floc);
-    fprintf(stderr, "\n\n");
-    for (sh = slave_host_list; sh; sh = sh->next) {
-	fprintf(stderr, "%s:\t\t%s\n", sh->name,
-		(sh->not_time_yet? "Not time yet" : (sh->succeeded ? "Succeeded" : "FAILED")));
-    }
-
-    time(&l_final);
-    l_diff = l_final - l_init;
-    printf("propagation finished, %d:%02d:%02d elapsed\n",
-	   l_diff / 3600, (l_diff % 3600) / 60, l_diff % 60);
-
-    exit(0);
-}
-
-#ifdef doesnt_work_yet
-u_long get_data_checksum(fd, key_sched)
-     int fd;
-     des_key_schedule key_sched;
-{
-	u_int32_t cksum = 0;
-	int n;
-	char buf[BUFSIZ];
-	u_int32_t obuf[2];
-
-	while (n = read(fd, buf, sizeof buf)) {
-	    if (n < 0)
-		err (1, "read");
-	    cksum = cbc_cksum(buf, obuf, n, key_sched, key_sched);
-	}
-	return cksum;
-}
-#endif
diff --git a/crypto/kerberosIV/slave/kprop.h b/crypto/kerberosIV/slave/kprop.h
deleted file mode 100644
index d66f63f73474..000000000000
--- a/crypto/kerberosIV/slave/kprop.h
+++ /dev/null
@@ -1,19 +0,0 @@
-/* 
- * Copyright 1987 by the Massachusetts Institute of Technology.
- *
- * For copying and distribution information,
- * please see the file <mit-copyright.h>.
- *
- * $Id: kprop.h,v 1.5 1997/02/07 21:39:52 assar Exp $
- *
- */
-
-#define KPROP_SERVICE_NAME "rcmd"
-#define KPROP_SRVTAB "/etc/srvtab"
-#define KPROP_PROT_VERSION_LEN 8
-#define KPROP_PROT_VERSION "kprop01"
-#define KPROP_TRANSFER_PRIVATE 1
-#define KPROP_TRANSFER_SAFE 2
-#define KPROP_TRANSFER_CLEAR 3
-#define KPROP_BUFSIZ 32768
-#define KPROP_PORT 754
diff --git a/crypto/kerberosIV/slave/kpropd.c b/crypto/kerberosIV/slave/kpropd.c
deleted file mode 100644
index e2b5f0a2a293..000000000000
--- a/crypto/kerberosIV/slave/kpropd.c
+++ /dev/null
@@ -1,301 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "slav_locl.h"
-
-#include "kprop.h"
-
-RCSID("$Id: kpropd.c,v 2.21 1997/05/02 17:52:13 assar Exp $");
-
-#ifndef SBINDIR
-#define SBINDIR "/usr/athena/sbin"
-#endif
-
-struct sockaddr_in master, slave;
-
-char *database = DBM_FILE;
-
-char *lockfile = DB_DIR "/slave_propagation";
-
-char *logfile = K_LOGFIL;
-
-char *kdb_util = SBINDIR "/kdb_util";
-
-char *kdb_util_command = "load";
-
-char *srvtab = "";
-
-char realm[REALM_SZ];
-
-static
-int
-copy_data(int from, int to, des_cblock *session, des_key_schedule schedule)
-{
-    unsigned char tmp[4];
-    char buf[KPROP_BUFSIZ + 26];
-    u_int32_t length;
-    int n;
-    
-    int kerr;
-    MSG_DAT m;
-
-    while(1){
-	n = krb_net_read(from, tmp, 4);
-	if(n == 0)
-	    break;
-	if(n < 0){
-	    klog(L_KRB_PERR, "krb_net_read: %s", strerror(errno));
-	    return -1;
-	}
-	if(n != 4){
-	    klog(L_KRB_PERR, "Premature end of data");
-	    return -1;
-	}
-	length = (tmp[0] << 24) | (tmp[1] << 16) | (tmp[2] << 8) | tmp[3];
-	if(length > sizeof(buf)){
-	    klog(L_KRB_PERR, "Giant packet received: %d", length);
-	    return -1;
-	}
-	if(krb_net_read(from, buf, length) != length){
-	    klog(L_KRB_PERR, "Premature end of data");
-	    return -1;
-	}
-	kerr = krb_rd_priv (buf, length, schedule, session, &master, &slave, &m);
-	if(kerr != KSUCCESS){
-	    klog(L_KRB_PERR, "Kerberos error: %s", krb_get_err_text(kerr));
-	    return -1;
-	}
-	write(to, m.app_data, m.app_length);
-    }
-    return 0;
-}
-
-
-static
-int
-kprop(int s)
-{
-    char buf[128];
-    int n;
-    KTEXT_ST ticket;
-    AUTH_DAT ad;
-    char sinst[INST_SZ];
-    char command[1024];
-    des_key_schedule schedule;
-    int mode;
-    int kerr;
-    int lock;
-    
-    n = sizeof(master);
-    if(getpeername(s, (struct sockaddr*)&master, &n) < 0){
-	klog(L_KRB_PERR, "getpeername: %s", strerror(errno));
-	return 1;
-    }
-    
-    n = sizeof(slave);
-    if(getsockname(s, (struct sockaddr*)&slave, &n) < 0){
-	klog(L_KRB_PERR, "getsockname: %s", strerror(errno));
-	return 1;
-    }
-
-    klog(L_KRB_PERR, "Connection from %s", inet_ntoa(master.sin_addr));
-
-    n = krb_net_read(s, buf, KPROP_PROT_VERSION_LEN + 2);
-    if(n < KPROP_PROT_VERSION_LEN + 2){
-	klog(L_KRB_PERR, "Premature end of data");
-	return 1;
-    }
-    if(memcmp(buf, KPROP_PROT_VERSION, KPROP_PROT_VERSION_LEN) != 0){
-	klog(L_KRB_PERR, "Bad protocol version string received");
-	return 1;
-    }
-    mode = (buf[n-2] << 8) | buf[n-1];
-    if(mode != KPROP_TRANSFER_PRIVATE){
-	klog(L_KRB_PERR, "Bad transfer mode received: %d", mode);
-	return 1;
-    }
-    k_getsockinst(s, sinst, sizeof(sinst));
-    kerr = krb_recvauth(KOPT_DO_MUTUAL, s, &ticket,
-			KPROP_SERVICE_NAME, sinst,
-			&master, &slave,
-			&ad, srvtab, schedule, 
-			buf);
-    if(kerr != KSUCCESS){
-	klog(L_KRB_PERR, "Kerberos error: %s", krb_get_err_text(kerr));
-	return 1;
-    }
-    des_set_key(&ad.session, schedule);
-    
-    lock = open(lockfile, O_WRONLY|O_CREAT, 0600);
-    if(lock < 0){
-	klog(L_KRB_PERR, "Failed to open file: %s", strerror(errno));
-	return 1;
-    }
-    if(k_flock(lock, K_LOCK_EX | K_LOCK_NB)){
-	close(lock);
-	klog(L_KRB_PERR, "Failed to lock file: %s", strerror(errno));
-	return 1;
-    }
-    
-    if(ftruncate(lock, 0) < 0){
-	close(lock);
-	klog(L_KRB_PERR, "Failed to lock file: %s", strerror(errno));
-	return 1;
-    }
-
-    if(copy_data(s, lock, &ad.session, schedule)){
-	close(lock);
-	return 1;
-    }
-    close(lock);
-    snprintf(command, sizeof(command),
-	     "%s %s %s %s", kdb_util, kdb_util_command, 
-	    lockfile, database);
-    if(system(command) == 0){
-	klog(L_KRB_PERR, "Propagation finished successfully");
-	return 0;
-    }
-    klog(L_KRB_PERR, "*** Propagation failed ***");
-    return 1;
-}
-
-static int
-doit(void)
-{
-    return kprop(0);
-}
-
-static int
-doit_interactive(void)
-{
-    struct sockaddr_in sa;
-    int salen;
-    int s, s2;
-    int ret;
-
-    s = socket(AF_INET, SOCK_STREAM, 0);
-    if(s < 0){
-      klog(L_KRB_PERR, "socket: %s", strerror(errno));
-      return 1;
-    }
-    memset(&sa, 0, sizeof(sa));
-    sa.sin_family = AF_INET;
-    sa.sin_port = k_getportbyname ("krb_prop", "tcp", htons(KPROP_PORT));
-    ret = bind(s, (struct sockaddr*)&sa, sizeof(sa));
-    if (ret < 0) {
-      klog(L_KRB_PERR, "bind: %s", strerror(errno));
-      return 1;
-    }
-    ret = listen(s, SOMAXCONN);
-    if (ret < 0) {
-      klog(L_KRB_PERR, "listen: %s", strerror(errno));
-      return 1;
-    }
-    for(;;) {
-      salen = sizeof(sa);
-      s2 = accept(s, (struct sockaddr*)&sa, &salen);
-      switch(fork()){
-      case -1:
-	klog(L_KRB_PERR, "fork: %s", strerror(errno));
-	return 1;
-      case 0:
-	close(s);
-	kprop(s2);
-	return 1;
-      default: {
-	  int status;
-	  close(s2);
-	  wait(&status);
-	}
-      }
-    }
-}
-
-static void
-usage (void)
-{
-     fprintf (stderr, 
-	      "Usage: kpropd [-i] [-d database] [-l log] [-m] [-[p|P] program]"
-	      " [-r realm] [-s srvtab]\n");
-     exit (1);
-}
-
-int
-main(int argc, char **argv)
-{
-    int opt;
-    int interactive = 0;
-
-    krb_get_lrealm(realm, 1);
-    
-    while((opt = getopt(argc, argv, ":d:l:mp:P:r:s:i")) >= 0){
-	switch(opt){
-	case 'd':
-	    database = optarg;
-	    break;
-	case 'l':
-	    logfile = optarg;
-	    break;
-	case 'm':
-	    kdb_util_command = "merge";
-	    break;
-	case 'p':
-	case 'P':
-	    kdb_util = optarg;
-	    break;
-	case 'r':
-	    strcpy(realm, optarg);
-	    break;
-	case 's':
-	    srvtab = optarg;
-	    break;
-	case 'i':
-	    interactive = 1;
-	    break;
-	default:
-	    klog(L_KRB_PERR, "Bad option: -%c", optopt);
-	    usage ();
-	    exit(1);
-	}
-    }
-    kset_logfile(logfile);
-    if (interactive)
-      return doit_interactive ();
-    else
-      return doit ();
-}
diff --git a/crypto/kerberosIV/slave/slav_locl.h b/crypto/kerberosIV/slave/slav_locl.h
deleted file mode 100644
index 760fb9dbc751..000000000000
--- a/crypto/kerberosIV/slave/slav_locl.h
+++ /dev/null
@@ -1,101 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *      This product includes software developed by the Kungliga Tekniska
- *      Högskolan and its contributors.
- * 
- * 4. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* $Id: slav_locl.h,v 1.11 1997/05/20 18:40:47 bg Exp $ */
-
-#ifndef __slav_locl_h
-#define __slav_locl_h
-
-#include "config.h"
-#include "protos.h"
-
-#include <stdio.h>
-#include <stdarg.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-
-#include <errno.h>
-#include <unistd.h>
-
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-#include <time.h>
-#ifdef HAVE_SYS_FILE_H
-#include <sys/file.h>
-#endif
-#ifdef HAVE_SYS_WAIT_H
-#include <sys/wait.h>
-#endif
-
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#ifdef HAVE_NETDB_H
-#include <netdb.h>
-#endif
-#include <err.h>
-
-#ifdef SOCKS
-#include <socks.h>
-#endif
-
-#include <roken.h>
-
-#include <krb.h>
-#include <krb_db.h>
-#include <klog.h>
-#include <prot.h>
-#include <kdc.h>
-
-#include "kprop.h"
-
-#endif /*  __slav_locl_h */
diff --git a/crypto/telnet/arpa/telnet.h b/crypto/telnet/arpa/telnet.h
deleted file mode 100644
index 01601f16b24e..000000000000
--- a/crypto/telnet/arpa/telnet.h
+++ /dev/null
@@ -1,340 +0,0 @@
-/*
- * Copyright (c) 1983, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)telnet.h	8.2 (Berkeley) 12/15/93
- */
-
-#ifndef _ARPA_TELNET_H_
-#define	_ARPA_TELNET_H_
-
-/*
- * Definitions for the TELNET protocol.
- */
-#define	IAC	255		/* interpret as command: */
-#define	DONT	254		/* you are not to use option */
-#define	DO	253		/* please, you use option */
-#define	WONT	252		/* I won't use option */
-#define	WILL	251		/* I will use option */
-#define	SB	250		/* interpret as subnegotiation */
-#define	GA	249		/* you may reverse the line */
-#define	EL	248		/* erase the current line */
-#define	EC	247		/* erase the current character */
-#define	AYT	246		/* are you there */
-#define	AO	245		/* abort output--but let prog finish */
-#define	IP	244		/* interrupt process--permanently */
-#define	BREAK	243		/* break */
-#define	DM	242		/* data mark--for connect. cleaning */
-#define	NOP	241		/* nop */
-#define	SE	240		/* end sub negotiation */
-#define EOR     239             /* end of record (transparent mode) */
-#define	ABORT	238		/* Abort process */
-#define	SUSP	237		/* Suspend process */
-#define	xEOF	236		/* End of file: EOF is already used... */
-
-#define SYNCH	242		/* for telfunc calls */
-
-#ifdef TELCMDS
-char *telcmds[] = {
-	"EOF", "SUSP", "ABORT", "EOR",
-	"SE", "NOP", "DMARK", "BRK", "IP", "AO", "AYT", "EC",
-	"EL", "GA", "SB", "WILL", "WONT", "DO", "DONT", "IAC",
-	0
-};
-#else
-extern char *telcmds[];
-#endif
-
-#define	TELCMD_FIRST	xEOF
-#define	TELCMD_LAST	IAC
-#define	TELCMD_OK(x)	((unsigned int)(x) <= TELCMD_LAST && \
-			 (unsigned int)(x) >= TELCMD_FIRST)
-#define	TELCMD(x)	telcmds[(x)-TELCMD_FIRST]
-
-/* telnet options */
-#define TELOPT_BINARY	0	/* 8-bit data path */
-#define TELOPT_ECHO	1	/* echo */
-#define	TELOPT_RCP	2	/* prepare to reconnect */
-#define	TELOPT_SGA	3	/* suppress go ahead */
-#define	TELOPT_NAMS	4	/* approximate message size */
-#define	TELOPT_STATUS	5	/* give status */
-#define	TELOPT_TM	6	/* timing mark */
-#define	TELOPT_RCTE	7	/* remote controlled transmission and echo */
-#define TELOPT_NAOL 	8	/* negotiate about output line width */
-#define TELOPT_NAOP 	9	/* negotiate about output page size */
-#define TELOPT_NAOCRD	10	/* negotiate about CR disposition */
-#define TELOPT_NAOHTS	11	/* negotiate about horizontal tabstops */
-#define TELOPT_NAOHTD	12	/* negotiate about horizontal tab disposition */
-#define TELOPT_NAOFFD	13	/* negotiate about formfeed disposition */
-#define TELOPT_NAOVTS	14	/* negotiate about vertical tab stops */
-#define TELOPT_NAOVTD	15	/* negotiate about vertical tab disposition */
-#define TELOPT_NAOLFD	16	/* negotiate about output LF disposition */
-#define TELOPT_XASCII	17	/* extended ascic character set */
-#define	TELOPT_LOGOUT	18	/* force logout */
-#define	TELOPT_BM	19	/* byte macro */
-#define	TELOPT_DET	20	/* data entry terminal */
-#define	TELOPT_SUPDUP	21	/* supdup protocol */
-#define	TELOPT_SUPDUPOUTPUT 22	/* supdup output */
-#define	TELOPT_SNDLOC	23	/* send location */
-#define	TELOPT_TTYPE	24	/* terminal type */
-#define	TELOPT_EOR	25	/* end or record */
-#define	TELOPT_TUID	26	/* TACACS user identification */
-#define	TELOPT_OUTMRK	27	/* output marking */
-#define	TELOPT_TTYLOC	28	/* terminal location number */
-#define	TELOPT_3270REGIME 29	/* 3270 regime */
-#define	TELOPT_X3PAD	30	/* X.3 PAD */
-#define	TELOPT_NAWS	31	/* window size */
-#define	TELOPT_TSPEED	32	/* terminal speed */
-#define	TELOPT_LFLOW	33	/* remote flow control */
-#define TELOPT_LINEMODE	34	/* Linemode option */
-#define TELOPT_XDISPLOC	35	/* X Display Location */
-#define TELOPT_OLD_ENVIRON 36	/* Old - Environment variables */
-#define	TELOPT_AUTHENTICATION 37/* Authenticate */
-#define	TELOPT_ENCRYPT	38	/* Encryption option */
-#define TELOPT_NEW_ENVIRON 39	/* New - Environment variables */
-#define	TELOPT_EXOPL	255	/* extended-options-list */
-
-
-#define	NTELOPTS	(1+TELOPT_NEW_ENVIRON)
-#ifdef TELOPTS
-char *telopts[NTELOPTS+1] = {
-	"BINARY", "ECHO", "RCP", "SUPPRESS GO AHEAD", "NAME",
-	"STATUS", "TIMING MARK", "RCTE", "NAOL", "NAOP",
-	"NAOCRD", "NAOHTS", "NAOHTD", "NAOFFD", "NAOVTS",
-	"NAOVTD", "NAOLFD", "EXTEND ASCII", "LOGOUT", "BYTE MACRO",
-	"DATA ENTRY TERMINAL", "SUPDUP", "SUPDUP OUTPUT",
-	"SEND LOCATION", "TERMINAL TYPE", "END OF RECORD",
-	"TACACS UID", "OUTPUT MARKING", "TTYLOC",
-	"3270 REGIME", "X.3 PAD", "NAWS", "TSPEED", "LFLOW",
-	"LINEMODE", "XDISPLOC", "OLD-ENVIRON", "AUTHENTICATION",
-	"ENCRYPT", "NEW-ENVIRON",
-	0
-};
-#define	TELOPT_FIRST	TELOPT_BINARY
-#define	TELOPT_LAST	TELOPT_NEW_ENVIRON
-#define	TELOPT_OK(x)	((unsigned int)(x) <= TELOPT_LAST)
-#define	TELOPT(x)	telopts[(x)-TELOPT_FIRST]
-#endif
-
-/* sub-option qualifiers */
-#define	TELQUAL_IS	0	/* option is... */
-#define	TELQUAL_SEND	1	/* send option */
-#define	TELQUAL_INFO	2	/* ENVIRON: informational version of IS */
-#define	TELQUAL_REPLY	2	/* AUTHENTICATION: client version of IS */
-#define	TELQUAL_NAME	3	/* AUTHENTICATION: client version of IS */
-
-#define	LFLOW_OFF		0	/* Disable remote flow control */
-#define	LFLOW_ON		1	/* Enable remote flow control */
-#define	LFLOW_RESTART_ANY	2	/* Restart output on any char */
-#define	LFLOW_RESTART_XON	3	/* Restart output only on XON */
-
-/*
- * LINEMODE suboptions
- */
-
-#define	LM_MODE		1
-#define	LM_FORWARDMASK	2
-#define	LM_SLC		3
-
-#define	MODE_EDIT	0x01
-#define	MODE_TRAPSIG	0x02
-#define	MODE_ACK	0x04
-#define MODE_SOFT_TAB	0x08
-#define MODE_LIT_ECHO	0x10
-
-#define	MODE_MASK	0x1f
-
-/* Not part of protocol, but needed to simplify things... */
-#define MODE_FLOW		0x0100
-#define MODE_ECHO		0x0200
-#define MODE_INBIN		0x0400
-#define MODE_OUTBIN		0x0800
-#define MODE_FORCE		0x1000
-
-#define	SLC_SYNCH	1
-#define	SLC_BRK		2
-#define	SLC_IP		3
-#define	SLC_AO		4
-#define	SLC_AYT		5
-#define	SLC_EOR		6
-#define	SLC_ABORT	7
-#define	SLC_EOF		8
-#define	SLC_SUSP	9
-#define	SLC_EC		10
-#define	SLC_EL		11
-#define	SLC_EW		12
-#define	SLC_RP		13
-#define	SLC_LNEXT	14
-#define	SLC_XON		15
-#define	SLC_XOFF	16
-#define	SLC_FORW1	17
-#define	SLC_FORW2	18
-#define SLC_MCL         19
-#define SLC_MCR         20
-#define SLC_MCWL        21
-#define SLC_MCWR        22
-#define SLC_MCBOL       23
-#define SLC_MCEOL       24
-#define SLC_INSRT       25
-#define SLC_OVER        26
-#define SLC_ECR         27
-#define SLC_EWR         28
-#define SLC_EBOL        29
-#define SLC_EEOL        30
-
-#define	NSLC		30
-
-/*
- * For backwards compatability, we define SLC_NAMES to be the
- * list of names if SLC_NAMES is not defined.
- */
-#define	SLC_NAMELIST	"0", "SYNCH", "BRK", "IP", "AO", "AYT", "EOR", \
-			"ABORT", "EOF", "SUSP", "EC", "EL", "EW", "RP", \
-			"LNEXT", "XON", "XOFF", "FORW1", "FORW2",	\
-			"MCL", "MCR", "MCWL", "MCWR", "MCBOL",		\
-			"MCEOL", "INSRT", "OVER", "ECR", "EWR",		\
-			"EBOL", "EEOL",					\
-			0
-
-#ifdef	SLC_NAMES
-char *slc_names[] = {
-	SLC_NAMELIST
-};
-#else
-extern char *slc_names[];
-#define	SLC_NAMES SLC_NAMELIST
-#endif
-
-#define	SLC_NAME_OK(x)	((unsigned int)(x) <= NSLC)
-#define SLC_NAME(x)	slc_names[x]
-
-#define	SLC_NOSUPPORT	0
-#define	SLC_CANTCHANGE	1
-#define	SLC_VARIABLE	2
-#define	SLC_DEFAULT	3
-#define	SLC_LEVELBITS	0x03
-
-#define	SLC_FUNC	0
-#define	SLC_FLAGS	1
-#define	SLC_VALUE	2
-
-#define	SLC_ACK		0x80
-#define	SLC_FLUSHIN	0x40
-#define	SLC_FLUSHOUT	0x20
-
-#define	OLD_ENV_VAR	1
-#define	OLD_ENV_VALUE	0
-#define	NEW_ENV_VAR	0
-#define	NEW_ENV_VALUE	1
-#define	ENV_ESC		2
-#define ENV_USERVAR	3
-
-/*
- * AUTHENTICATION suboptions
- */
-
-/*
- * Who is authenticating who ...
- */
-#define	AUTH_WHO_CLIENT		0	/* Client authenticating server */
-#define	AUTH_WHO_SERVER		1	/* Server authenticating client */
-#define	AUTH_WHO_MASK		1
-
-/*
- * amount of authentication done
- */
-#define	AUTH_HOW_ONE_WAY	0
-#define	AUTH_HOW_MUTUAL		2
-#define	AUTH_HOW_MASK		2
-
-#define	AUTHTYPE_NULL		0
-#define	AUTHTYPE_KERBEROS_V4	1
-#define	AUTHTYPE_KERBEROS_V5	2
-#define	AUTHTYPE_SPX		3
-#define	AUTHTYPE_MINK		4
-#define	AUTHTYPE_CNT		5
-
-#define	AUTHTYPE_TEST		99
-
-#ifdef	AUTH_NAMES
-char *authtype_names[] = {
-	"NULL", "KERBEROS_V4", "KERBEROS_V5", "SPX", "MINK",
-	0
-};
-#else
-extern char *authtype_names[];
-#endif
-
-#define	AUTHTYPE_NAME_OK(x)	((unsigned int)(x) < AUTHTYPE_CNT)
-#define	AUTHTYPE_NAME(x)	authtype_names[x]
-
-/*
- * ENCRYPTion suboptions
- */
-#define	ENCRYPT_IS		0	/* I pick encryption type ... */
-#define	ENCRYPT_SUPPORT		1	/* I support encryption types ... */
-#define	ENCRYPT_REPLY		2	/* Initial setup response */
-#define	ENCRYPT_START		3	/* Am starting to send encrypted */
-#define	ENCRYPT_END		4	/* Am ending encrypted */
-#define	ENCRYPT_REQSTART	5	/* Request you start encrypting */
-#define	ENCRYPT_REQEND		6	/* Request you end encrypting */
-#define	ENCRYPT_ENC_KEYID	7
-#define	ENCRYPT_DEC_KEYID	8
-#define	ENCRYPT_CNT		9
-
-#define	ENCTYPE_ANY		0
-#define	ENCTYPE_DES_CFB64	1
-#define	ENCTYPE_DES_OFB64	2
-#define	ENCTYPE_CNT		3
-
-#ifdef	ENCRYPT_NAMES
-char *encrypt_names[] = {
-	"IS", "SUPPORT", "REPLY", "START", "END",
-	"REQUEST-START", "REQUEST-END", "ENC-KEYID", "DEC-KEYID",
-	0
-};
-char *enctype_names[] = {
-	"ANY", "DES_CFB64",  "DES_OFB64",
-	0
-};
-#else
-extern char *encrypt_names[];
-extern char *enctype_names[];
-#endif
-
-
-#define	ENCRYPT_NAME_OK(x)	((unsigned int)(x) < ENCRYPT_CNT)
-#define	ENCRYPT_NAME(x)		encrypt_names[x]
-
-#define	ENCTYPE_NAME_OK(x)	((unsigned int)(x) < ENCTYPE_CNT)
-#define	ENCTYPE_NAME(x)		enctype_names[x]
-
-#endif /* !_TELNET_H_ */
diff --git a/crypto/telnet/libtelnet/auth-proto.h b/crypto/telnet/libtelnet/auth-proto.h
deleted file mode 100644
index a1e9aa410ff6..000000000000
--- a/crypto/telnet/libtelnet/auth-proto.h
+++ /dev/null
@@ -1,100 +0,0 @@
-/*-
- * Copyright (c) 1991, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)auth-proto.h	8.1 (Berkeley) 6/4/93
- */
-
-/*
- * Copyright (C) 1990 by the Massachusetts Institute of Technology
- *
- * Export of this software from the United States of America is assumed
- * to require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- * 
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- */
-
-#if	!defined(P)
-#ifdef	__STDC__
-#define	P(x)	x
-#else
-#define	P(x)	()
-#endif
-#endif
-
-#if	defined(AUTHENTICATION)
-Authenticator *findauthenticator P((int, int));
-
-void auth_init P((char *, int));
-int auth_cmd P((int, char **));
-void auth_request P((void));
-void auth_send P((unsigned char *, int));
-void auth_send_retry P((void));
-void auth_is P((unsigned char *, int));
-void auth_reply P((unsigned char *, int));
-void auth_finished P((Authenticator *, int));
-int auth_wait P((char *));
-void auth_disable_name P((char *));
-void auth_gen_printsub P((unsigned char *, int, unsigned char *, int));
-void auth_name P((unsigned char *, int));
-void auth_printsub P((unsigned char *, int, unsigned char *, int));
-int auth_sendname P((unsigned char *, int));
-void auth_encrypt_user P((char *));
-
-#ifdef	KRB4
-int kerberos4_init P((Authenticator *, int));
-int kerberos4_send P((Authenticator *));
-void kerberos4_is P((Authenticator *, unsigned char *, int));
-void kerberos4_reply P((Authenticator *, unsigned char *, int));
-int kerberos4_status P((Authenticator *, char *, int));
-void kerberos4_printsub P((unsigned char *, int, unsigned char *, int));
-#endif
-
-#ifdef	KRB5
-int kerberos5_init P((Authenticator *, int));
-int kerberos5_send P((Authenticator *));
-void kerberos5_is P((Authenticator *, unsigned char *, int));
-void kerberos5_reply P((Authenticator *, unsigned char *, int));
-int kerberos5_status P((Authenticator *, char *, int));
-void kerberos5_printsub P((unsigned char *, int, unsigned char *, int));
-#endif
-#endif
diff --git a/crypto/telnet/libtelnet/auth.c b/crypto/telnet/libtelnet/auth.c
deleted file mode 100644
index 4262b55a100a..000000000000
--- a/crypto/telnet/libtelnet/auth.c
+++ /dev/null
@@ -1,674 +0,0 @@
-/*-
- * Copyright (c) 1991, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef lint
-static const char sccsid[] = "@(#)auth.c	8.3 (Berkeley) 5/30/95";
-#endif /* not lint */
-
-/*
- * Copyright (C) 1990 by the Massachusetts Institute of Technology
- *
- * Export of this software from the United States of America is assumed
- * to require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- */
-
-
-#if	defined(AUTHENTICATION)
-#include <stdio.h>
-#include <sys/types.h>
-#include <signal.h>
-#define	AUTH_NAMES
-#include <arpa/telnet.h>
-#ifdef	__STDC__
-#include <stdlib.h>
-#include <unistd.h>
-#endif
-#ifdef	NO_STRING_H
-#include <strings.h>
-#else
-#include <string.h>
-#endif
-
-#include "encrypt.h"
-#include "auth.h"
-#include "misc-proto.h"
-#include "auth-proto.h"
-
-#define	typemask(x)		(1<<((x)-1))
-
-#ifdef	KRB4_ENCPWD
-extern krb4encpwd_init();
-extern krb4encpwd_send();
-extern krb4encpwd_is();
-extern krb4encpwd_reply();
-extern krb4encpwd_status();
-extern krb4encpwd_printsub();
-#endif
-
-#ifdef	RSA_ENCPWD
-extern rsaencpwd_init();
-extern rsaencpwd_send();
-extern rsaencpwd_is();
-extern rsaencpwd_reply();
-extern rsaencpwd_status();
-extern rsaencpwd_printsub();
-#endif
-
-int auth_debug_mode = 0;
-static 	char	*Name = "Noname";
-static	int	Server = 0;
-static	Authenticator	*authenticated = 0;
-static	int	authenticating = 0;
-static	int	validuser = 0;
-static	unsigned char	_auth_send_data[256];
-static	unsigned char	*auth_send_data;
-static	int	auth_send_cnt = 0;
-
-int auth_onoff(char *type, int on);
-void auth_encrypt_user(char *name);
-
-/*
- * Authentication types supported.  Plese note that these are stored
- * in priority order, i.e. try the first one first.
- */
-Authenticator authenticators[] = {
-#ifdef	SPX
-	{ AUTHTYPE_SPX, AUTH_WHO_CLIENT|AUTH_HOW_MUTUAL,
-				spx_init,
-				spx_send,
-				spx_is,
-				spx_reply,
-				spx_status,
-				spx_printsub },
-	{ AUTHTYPE_SPX, AUTH_WHO_CLIENT|AUTH_HOW_ONE_WAY,
-				spx_init,
-				spx_send,
-				spx_is,
-				spx_reply,
-				spx_status,
-				spx_printsub },
-#endif
-#ifdef	KRB5
-# ifdef	ENCRYPTION
-	{ AUTHTYPE_KERBEROS_V5, AUTH_WHO_CLIENT|AUTH_HOW_MUTUAL,
-				kerberos5_init,
-				kerberos5_send,
-				kerberos5_is,
-				kerberos5_reply,
-				kerberos5_status,
-				kerberos5_printsub },
-# endif	/* ENCRYPTION */
-	{ AUTHTYPE_KERBEROS_V5, AUTH_WHO_CLIENT|AUTH_HOW_ONE_WAY,
-				kerberos5_init,
-				kerberos5_send,
-				kerberos5_is,
-				kerberos5_reply,
-				kerberos5_status,
-				kerberos5_printsub },
-#endif
-#ifdef	KRB4
-# ifdef ENCRYPTION
-	{ AUTHTYPE_KERBEROS_V4, AUTH_WHO_CLIENT|AUTH_HOW_MUTUAL,
-				kerberos4_init,
-				kerberos4_send,
-				kerberos4_is,
-				kerberos4_reply,
-				kerberos4_status,
-				kerberos4_printsub },
-# endif	/* ENCRYPTION */
-	{ AUTHTYPE_KERBEROS_V4, AUTH_WHO_CLIENT|AUTH_HOW_ONE_WAY,
-				kerberos4_init,
-				kerberos4_send,
-				kerberos4_is,
-				kerberos4_reply,
-				kerberos4_status,
-				kerberos4_printsub },
-#endif
-#ifdef	KRB4_ENCPWD
-	{ AUTHTYPE_KRB4_ENCPWD, AUTH_WHO_CLIENT|AUTH_HOW_MUTUAL,
-				krb4encpwd_init,
-				krb4encpwd_send,
-				krb4encpwd_is,
-				krb4encpwd_reply,
-				krb4encpwd_status,
-				krb4encpwd_printsub },
-#endif
-#ifdef	RSA_ENCPWD
-	{ AUTHTYPE_RSA_ENCPWD, AUTH_WHO_CLIENT|AUTH_HOW_ONE_WAY,
-				rsaencpwd_init,
-				rsaencpwd_send,
-				rsaencpwd_is,
-				rsaencpwd_reply,
-				rsaencpwd_status,
-				rsaencpwd_printsub },
-#endif
-	{ 0, },
-};
-
-static Authenticator NoAuth = { 0 };
-
-static int	i_support = 0;
-static int	i_wont_support = 0;
-
-	Authenticator *
-findauthenticator(type, way)
-	int type;
-	int way;
-{
-	Authenticator *ap = authenticators;
-
-	while (ap->type && (ap->type != type || ap->way != way))
-		++ap;
-	return(ap->type ? ap : 0);
-}
-
-	void
-auth_init(name, server)
-	char *name;
-	int server;
-{
-	Authenticator *ap = authenticators;
-
-	Server = server;
-	Name = name;
-
-	i_support = 0;
-	authenticated = 0;
-	authenticating = 0;
-	while (ap->type) {
-		if (!ap->init || (*ap->init)(ap, server)) {
-			i_support |= typemask(ap->type);
-			if (auth_debug_mode)
-				printf(">>>%s: I support auth type %d %d\r\n",
-					Name,
-					ap->type, ap->way);
-		}
-		else if (auth_debug_mode)
-			printf(">>>%s: Init failed: auth type %d %d\r\n",
-				Name, ap->type, ap->way);
-		++ap;
-	}
-}
-
-	void
-auth_disable_name(name)
-	char *name;
-{
-	int x;
-	for (x = 0; x < AUTHTYPE_CNT; ++x) {
-		if (!strcasecmp(name, AUTHTYPE_NAME(x))) {
-			i_wont_support |= typemask(x);
-			break;
-		}
-	}
-}
-
-	int
-getauthmask(type, maskp)
-	char *type;
-	int *maskp;
-{
-	register int x;
-
-	if (!strcasecmp(type, AUTHTYPE_NAME(0))) {
-		*maskp = -1;
-		return(1);
-	}
-
-	for (x = 1; x < AUTHTYPE_CNT; ++x) {
-		if (!strcasecmp(type, AUTHTYPE_NAME(x))) {
-			*maskp = typemask(x);
-			return(1);
-		}
-	}
-	return(0);
-}
-
-	int
-auth_enable(type)
-	char *type;
-{
-	return(auth_onoff(type, 1));
-}
-
-	int
-auth_disable(type)
-	char *type;
-{
-	return(auth_onoff(type, 0));
-}
-
-	int
-auth_onoff(type, on)
-	char *type;
-	int on;
-{
-	int i, mask = -1;
-	Authenticator *ap;
-
-	if (!strcasecmp(type, "?") || !strcasecmp(type, "help")) {
-		printf("auth %s 'type'\n", on ? "enable" : "disable");
-		printf("Where 'type' is one of:\n");
-		printf("\t%s\n", AUTHTYPE_NAME(0));
-		mask = 0;
-		for (ap = authenticators; ap->type; ap++) {
-			if ((mask & (i = typemask(ap->type))) != 0)
-				continue;
-			mask |= i;
-			printf("\t%s\n", AUTHTYPE_NAME(ap->type));
-		}
-		return(0);
-	}
-
-	if (!getauthmask(type, &mask)) {
-		printf("%s: invalid authentication type\n", type);
-		return(0);
-	}
-	if (on)
-		i_wont_support &= ~mask;
-	else
-		i_wont_support |= mask;
-	return(1);
-}
-
-	int
-auth_togdebug(on)
-	int on;
-{
-	if (on < 0)
-		auth_debug_mode ^= 1;
-	else
-		auth_debug_mode = on;
-	printf("auth debugging %s\n", auth_debug_mode ? "enabled" : "disabled");
-	return(1);
-}
-
-	int
-auth_status()
-{
-	Authenticator *ap;
-	int i, mask;
-
-	if (i_wont_support == -1)
-		printf("Authentication disabled\n");
-	else
-		printf("Authentication enabled\n");
-
-	mask = 0;
-	for (ap = authenticators; ap->type; ap++) {
-		if ((mask & (i = typemask(ap->type))) != 0)
-			continue;
-		mask |= i;
-		printf("%s: %s\n", AUTHTYPE_NAME(ap->type),
-			(i_wont_support & typemask(ap->type)) ?
-					"disabled" : "enabled");
-	}
-	return(1);
-}
-
-/*
- * This routine is called by the server to start authentication
- * negotiation.
- */
-	void
-auth_request()
-{
-	static unsigned char str_request[64] = { IAC, SB,
-						 TELOPT_AUTHENTICATION,
-						 TELQUAL_SEND, };
-	Authenticator *ap = authenticators;
-	unsigned char *e = str_request + 4;
-
-	if (!authenticating) {
-		authenticating = 1;
-		while (ap->type) {
-			if (i_support & ~i_wont_support & typemask(ap->type)) {
-				if (auth_debug_mode) {
-					printf(">>>%s: Sending type %d %d\r\n",
-						Name, ap->type, ap->way);
-				}
-				*e++ = ap->type;
-				*e++ = ap->way;
-			}
-			++ap;
-		}
-		*e++ = IAC;
-		*e++ = SE;
-		net_write(str_request, e - str_request);
-		printsub('>', &str_request[2], e - str_request - 2);
-	}
-}
-
-/*
- * This is called when an AUTH SEND is received.
- * It should never arrive on the server side (as only the server can
- * send an AUTH SEND).
- * You should probably respond to it if you can...
- *
- * If you want to respond to the types out of order (i.e. even
- * if he sends  LOGIN KERBEROS and you support both, you respond
- * with KERBEROS instead of LOGIN (which is against what the
- * protocol says)) you will have to hack this code...
- */
-	void
-auth_send(data, cnt)
-	unsigned char *data;
-	int cnt;
-{
-	Authenticator *ap;
-	static unsigned char str_none[] = { IAC, SB, TELOPT_AUTHENTICATION,
-					    TELQUAL_IS, AUTHTYPE_NULL, 0,
-					    IAC, SE };
-	if (Server) {
-		if (auth_debug_mode) {
-			printf(">>>%s: auth_send called!\r\n", Name);
-		}
-		return;
-	}
-
-	if (auth_debug_mode) {
-		printf(">>>%s: auth_send got:", Name);
-		printd(data, cnt); printf("\r\n");
-	}
-
-	/*
-	 * Save the data, if it is new, so that we can continue looking
-	 * at it if the authorization we try doesn't work
-	 */
-	if (data < _auth_send_data ||
-	    data > _auth_send_data + sizeof(_auth_send_data)) {
-		auth_send_cnt = cnt > sizeof(_auth_send_data)
-					? sizeof(_auth_send_data)
-					: cnt;
-		memmove((void *)_auth_send_data, (void *)data, auth_send_cnt);
-		auth_send_data = _auth_send_data;
-	} else {
-		/*
-		 * This is probably a no-op, but we just make sure
-		 */
-		auth_send_data = data;
-		auth_send_cnt = cnt;
-	}
-	while ((auth_send_cnt -= 2) >= 0) {
-		if (auth_debug_mode)
-			printf(">>>%s: He supports %d\r\n",
-				Name, *auth_send_data);
-		if ((i_support & ~i_wont_support) & typemask(*auth_send_data)) {
-			ap = findauthenticator(auth_send_data[0],
-					       auth_send_data[1]);
-			if (ap && ap->send) {
-				if (auth_debug_mode)
-					printf(">>>%s: Trying %d %d\r\n",
-						Name, auth_send_data[0],
-							auth_send_data[1]);
-				if ((*ap->send)(ap)) {
-					/*
-					 * Okay, we found one we like
-					 * and did it.
-					 * we can go home now.
-					 */
-					if (auth_debug_mode)
-						printf(">>>%s: Using type %d\r\n",
-							Name, *auth_send_data);
-					auth_send_data += 2;
-					return;
-				}
-			}
-			/* else
-			 *	just continue on and look for the
-			 *	next one if we didn't do anything.
-			 */
-		}
-		auth_send_data += 2;
-	}
-	net_write(str_none, sizeof(str_none));
-	printsub('>', &str_none[2], sizeof(str_none) - 2);
-	if (auth_debug_mode)
-		printf(">>>%s: Sent failure message\r\n", Name);
-	auth_finished(0, AUTH_REJECT);
-#ifdef KANNAN
-	/*
-	 *  We requested strong authentication, however no mechanisms worked.
-	 *  Therefore, exit on client end.
-	 */
-	printf("Unable to securely authenticate user ... exit\n");
-	exit(0);
-#endif /* KANNAN */
-}
-
-	void
-auth_send_retry()
-{
-	/*
-	 * if auth_send_cnt <= 0 then auth_send will end up rejecting
-	 * the authentication and informing the other side of this.
-	 */
-	auth_send(auth_send_data, auth_send_cnt);
-}
-
-	void
-auth_is(data, cnt)
-	unsigned char *data;
-	int cnt;
-{
-	Authenticator *ap;
-
-	if (cnt < 2)
-		return;
-
-	if (data[0] == AUTHTYPE_NULL) {
-		auth_finished(0, AUTH_REJECT);
-		return;
-	}
-
-	if ((ap = findauthenticator(data[0], data[1]))) {
-		if (ap->is)
-			(*ap->is)(ap, data+2, cnt-2);
-	} else if (auth_debug_mode)
-		printf(">>>%s: Invalid authentication in IS: %d\r\n",
-			Name, *data);
-}
-
-	void
-auth_reply(data, cnt)
-	unsigned char *data;
-	int cnt;
-{
-	Authenticator *ap;
-
-	if (cnt < 2)
-		return;
-
-	if ((ap = findauthenticator(data[0], data[1]))) {
-		if (ap->reply)
-			(*ap->reply)(ap, data+2, cnt-2);
-	} else if (auth_debug_mode)
-		printf(">>>%s: Invalid authentication in SEND: %d\r\n",
-			Name, *data);
-}
-
-	void
-auth_name(data, cnt)
-	unsigned char *data;
-	int cnt;
-{
-	unsigned char savename[256];
-
-	if (cnt < 1) {
-		if (auth_debug_mode)
-			printf(">>>%s: Empty name in NAME\r\n", Name);
-		return;
-	}
-	if (cnt > sizeof(savename) - 1) {
-		if (auth_debug_mode)
-			printf(">>>%s: Name in NAME (%d) exceeds %d length\r\n",
-					Name, cnt, sizeof(savename)-1);
-		return;
-	}
-	memmove((void *)savename, (void *)data, cnt);
-	savename[cnt] = '\0';	/* Null terminate */
-	if (auth_debug_mode)
-		printf(">>>%s: Got NAME [%s]\r\n", Name, savename);
-	auth_encrypt_user(savename);
-}
-
-	int
-auth_sendname(cp, len)
-	unsigned char *cp;
-	int len;
-{
-	static unsigned char str_request[256+6]
-			= { IAC, SB, TELOPT_AUTHENTICATION, TELQUAL_NAME, };
-	register unsigned char *e = str_request + 4;
-	register unsigned char *ee = &str_request[sizeof(str_request)-2];
-
-	while (--len >= 0) {
-		if ((*e++ = *cp++) == IAC)
-			*e++ = IAC;
-		if (e >= ee)
-			return(0);
-	}
-	*e++ = IAC;
-	*e++ = SE;
-	net_write(str_request, e - str_request);
-	printsub('>', &str_request[2], e - &str_request[2]);
-	return(1);
-}
-
-	void
-auth_finished(ap, result)
-	Authenticator *ap;
-	int result;
-{
-	if (!(authenticated = ap))
-		authenticated = &NoAuth;
-	validuser = result;
-}
-
-	/* ARGSUSED */
-	static void
-auth_intr(sig)
-	int sig;
-{
-	auth_finished(0, AUTH_REJECT);
-}
-
-	int
-auth_wait(name)
-	char *name;
-{
-	if (auth_debug_mode)
-		printf(">>>%s: in auth_wait.\r\n", Name);
-
-	if (Server && !authenticating)
-		return(0);
-
-	(void) signal(SIGALRM, auth_intr);
-	alarm(30);
-	while (!authenticated)
-		if (telnet_spin())
-			break;
-	alarm(0);
-	(void) signal(SIGALRM, SIG_DFL);
-
-	/*
-	 * Now check to see if the user is valid or not
-	 */
-	if (!authenticated || authenticated == &NoAuth)
-		return(AUTH_REJECT);
-
-	if (validuser == AUTH_VALID)
-		validuser = AUTH_USER;
-
-	if (authenticated->status)
-		validuser = (*authenticated->status)(authenticated,
-						     name, validuser);
-	return(validuser);
-}
-
-	void
-auth_debug(mode)
-	int mode;
-{
-	auth_debug_mode = mode;
-}
-
-	void
-auth_printsub(data, cnt, buf, buflen)
-	unsigned char *data, *buf;
-	int cnt, buflen;
-{
-	Authenticator *ap;
-
-	if ((ap = findauthenticator(data[1], data[2])) && ap->printsub)
-		(*ap->printsub)(data, cnt, buf, buflen);
-	else
-		auth_gen_printsub(data, cnt, buf, buflen);
-}
-
-	void
-auth_gen_printsub(data, cnt, buf, buflen)
-	unsigned char *data, *buf;
-	int cnt, buflen;
-{
-	register unsigned char *cp;
-	unsigned char tbuf[16];
-
-	cnt -= 3;
-	data += 3;
-	buf[buflen-1] = '\0';
-	buf[buflen-2] = '*';
-	buflen -= 2;
-	for (; cnt > 0; cnt--, data++) {
-		sprintf((char *)tbuf, " %d", *data);
-		for (cp = tbuf; *cp && buflen > 0; --buflen)
-			*buf++ = *cp++;
-		if (buflen <= 0)
-			return;
-	}
-	*buf = '\0';
-}
-#endif
diff --git a/crypto/telnet/libtelnet/auth.h b/crypto/telnet/libtelnet/auth.h
deleted file mode 100644
index 615e8a07b894..000000000000
--- a/crypto/telnet/libtelnet/auth.h
+++ /dev/null
@@ -1,87 +0,0 @@
-/*-
- * Copyright (c) 1991, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)auth.h	8.1 (Berkeley) 6/4/93
- */
-
-/*
- * Copyright (C) 1990 by the Massachusetts Institute of Technology
- *
- * Export of this software from the United States of America is assumed
- * to require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- */
-
-#ifndef	__AUTH__
-#define	__AUTH__
-
-#define	AUTH_REJECT	0	/* Rejected */
-#define	AUTH_UNKNOWN	1	/* We don't know who he is, but he's okay */
-#define	AUTH_OTHER	2	/* We know him, but not his name */
-#define	AUTH_USER	3	/* We know he name */
-#define	AUTH_VALID	4	/* We know him, and he needs no password */
-
-#if	!defined(P)
-#ifdef	__STDC__
-#define P(x)	x
-#else
-#define P(x)	()
-#endif
-#endif
-
-typedef struct XauthP {
-	int	type;
-	int	way;
-	int	(*init) P((struct XauthP *, int));
-	int	(*send) P((struct XauthP *));
-	void	(*is) P((struct XauthP *, unsigned char *, int));
-	void	(*reply) P((struct XauthP *, unsigned char *, int));
-	int	(*status) P((struct XauthP *, char *, int));
-	void	(*printsub) P((unsigned char *, int, unsigned char *, int));
-} Authenticator;
-
-#include "auth-proto.h"
-
-extern auth_debug_mode;
-#endif
diff --git a/crypto/telnet/libtelnet/enc-proto.h b/crypto/telnet/libtelnet/enc-proto.h
deleted file mode 100644
index 8e15ffdab8d1..000000000000
--- a/crypto/telnet/libtelnet/enc-proto.h
+++ /dev/null
@@ -1,126 +0,0 @@
-/*-
- * Copyright (c) 1991, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)enc-proto.h	8.1 (Berkeley) 6/4/93
- */
-
-/*
- * Copyright (C) 1990 by the Massachusetts Institute of Technology
- *
- * Export of this software from the United States of America is assumed
- * to require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- */
-#if	!defined(P)
-#ifdef	__STDC__
-#define	P(x)	x
-#else
-#define	P(x)	()
-#endif
-#endif
-
-#ifdef	ENCRYPTION
-void encrypt_init P((char *, int));
-Encryptions *findencryption P((int));
-void encrypt_send_supprt P((void));
-void encrypt_auto P((int));
-void decrypt_auto P((int));
-void encrypt_is P((unsigned char *, int));
-void encrypt_reply P((unsigned char *, int));
-void encrypt_start_input P((int));
-void encrypt_session_key P((Session_Key *, int));
-void encrypt_end_input P((void));
-void encrypt_start_output P((int));
-void encrypt_end_output P((void));
-void encrypt_send_request_start P((void));
-void encrypt_send_request_end P((void));
-void encrypt_send_end P((void));
-void encrypt_wait P((void));
-void encrypt_send_support P((void));
-void encrypt_send_keyid P((int, unsigned char *, int, int));
-void encrypt_start P((unsigned char *, int));
-void encrypt_end P((void));
-void encrypt_support P((unsigned char *, int));
-void encrypt_request_start P((unsigned char *, int));
-void encrypt_request_end P((void));
-void encrypt_enc_keyid P((unsigned char *, int));
-void encrypt_dec_keyid P((unsigned char *, int));
-void encrypt_printsub P((unsigned char *, int, unsigned char *, int));
-int net_write P((unsigned char *, int));
-
-#ifndef	TELENTD
-int encrypt_cmd P((int, char **));
-void encrypt_display P((void));
-#endif
-
-void krbdes_encrypt P((unsigned char *, int));
-int krbdes_decrypt P((int));
-int krbdes_is P((unsigned char *, int));
-int krbdes_reply P((unsigned char *, int));
-void krbdes_init P((int));
-int krbdes_start P((int, int));
-void krbdes_session P((Session_Key *, int));
-void krbdes_printsub P((unsigned char *, int, unsigned char *, int));
-
-void cfb64_encrypt P((unsigned char *, int));
-int cfb64_decrypt P((int));
-void cfb64_init P((int));
-int cfb64_start P((int, int));
-int cfb64_is P((unsigned char *, int));
-int cfb64_reply P((unsigned char *, int));
-void cfb64_session P((Session_Key *, int));
-int cfb64_keyid P((int, unsigned char *, int *));
-void cfb64_printsub P((unsigned char *, int, unsigned char *, int));
-
-void ofb64_encrypt P((unsigned char *, int));
-int ofb64_decrypt P((int));
-void ofb64_init P((int));
-int ofb64_start P((int, int));
-int ofb64_is P((unsigned char *, int));
-int ofb64_reply P((unsigned char *, int));
-void ofb64_session P((Session_Key *, int));
-int ofb64_keyid P((int, unsigned char *, int *));
-void ofb64_printsub P((unsigned char *, int, unsigned char *, int));
-
-#endif	/* ENCRYPTION */
diff --git a/crypto/telnet/libtelnet/enc_des.c b/crypto/telnet/libtelnet/enc_des.c
deleted file mode 100644
index 8e4b9a7f4b78..000000000000
--- a/crypto/telnet/libtelnet/enc_des.c
+++ /dev/null
@@ -1,720 +0,0 @@
-/*-
- * Copyright (c) 1991, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef lint
-static const char sccsid[] = "@(#)enc_des.c	8.3 (Berkeley) 5/30/95";
-#endif /* not lint */
-
-#ifdef	ENCRYPTION
-# ifdef	AUTHENTICATION
-#  ifdef DES_ENCRYPTION
-#include <arpa/telnet.h>
-#include <stdio.h>
-#ifdef	__STDC__
-#include <stdlib.h>
-#endif
-
-#include <des.h>
-#include <string.h>
-#include "encrypt.h"
-#include "key-proto.h"
-#include "misc-proto.h"
-
-extern encrypt_debug_mode;
-
-#define	CFB	0
-#define	OFB	1
-
-#define	NO_SEND_IV	1
-#define	NO_RECV_IV	2
-#define	NO_KEYID	4
-#define	IN_PROGRESS	(NO_SEND_IV|NO_RECV_IV|NO_KEYID)
-#define	SUCCESS		0
-#define	FAILED		-1
-
-
-struct fb {
-	Block krbdes_key;
-	Schedule krbdes_sched;
-	Block temp_feed;
-	unsigned char fb_feed[64];
-	int need_start;
-	int state[2];
-	int keyid[2];
-	int once;
-	struct stinfo {
-		Block		str_output;
-		Block		str_feed;
-		Block		str_iv;
-		Block		str_ikey;
-		Schedule	str_sched;
-		int		str_index;
-		int		str_flagshift;
-	} streams[2];
-};
-
-static struct fb fb[2];
-
-struct keyidlist {
-	char	*keyid;
-	int	keyidlen;
-	char	*key;
-	int	keylen;
-	int	flags;
-} keyidlist [] = {
-	{ "\0", 1, 0, 0, 0 },		/* default key of zero */
-	{ 0, 0, 0, 0, 0 }
-};
-
-#define	KEYFLAG_MASK	03
-
-#define	KEYFLAG_NOINIT	00
-#define	KEYFLAG_INIT	01
-#define	KEYFLAG_OK	02
-#define	KEYFLAG_BAD	03
-
-#define	KEYFLAG_SHIFT	2
-
-#define	SHIFT_VAL(a,b)	(KEYFLAG_SHIFT*((a)+((b)*2)))
-
-#define	FB64_IV		1
-#define	FB64_IV_OK	2
-#define	FB64_IV_BAD	3
-
-
-void fb64_stream_iv P((Block, struct stinfo *));
-void fb64_init P((struct fb *));
-static int fb64_start P((struct fb *, int, int));
-int fb64_is P((unsigned char *, int, struct fb *));
-int fb64_reply P((unsigned char *, int, struct fb *));
-static void fb64_session P((Session_Key *, int, struct fb *));
-void fb64_stream_key P((Block, struct stinfo *));
-int fb64_keyid P((int, unsigned char *, int *, struct fb *));
-
-	void
-cfb64_init(server)
-	int server;
-{
-	fb64_init(&fb[CFB]);
-	fb[CFB].fb_feed[4] = ENCTYPE_DES_CFB64;
-	fb[CFB].streams[0].str_flagshift = SHIFT_VAL(0, CFB);
-	fb[CFB].streams[1].str_flagshift = SHIFT_VAL(1, CFB);
-}
-
-	void
-ofb64_init(server)
-	int server;
-{
-	fb64_init(&fb[OFB]);
-	fb[OFB].fb_feed[4] = ENCTYPE_DES_OFB64;
-	fb[CFB].streams[0].str_flagshift = SHIFT_VAL(0, OFB);
-	fb[CFB].streams[1].str_flagshift = SHIFT_VAL(1, OFB);
-}
-
-	void
-fb64_init(fbp)
-	register struct fb *fbp;
-{
-	memset((void *)fbp, 0, sizeof(*fbp));
-	fbp->state[0] = fbp->state[1] = FAILED;
-	fbp->fb_feed[0] = IAC;
-	fbp->fb_feed[1] = SB;
-	fbp->fb_feed[2] = TELOPT_ENCRYPT;
-	fbp->fb_feed[3] = ENCRYPT_IS;
-}
-
-/*
- * Returns:
- *	-1: some error.  Negotiation is done, encryption not ready.
- *	 0: Successful, initial negotiation all done.
- *	 1: successful, negotiation not done yet.
- *	 2: Not yet.  Other things (like getting the key from
- *	    Kerberos) have to happen before we can continue.
- */
-	int
-cfb64_start(dir, server)
-	int dir;
-	int server;
-{
-	return(fb64_start(&fb[CFB], dir, server));
-}
-	int
-ofb64_start(dir, server)
-	int dir;
-	int server;
-{
-	return(fb64_start(&fb[OFB], dir, server));
-}
-
-	static int
-fb64_start(fbp, dir, server)
-	struct fb *fbp;
-	int dir;
-	int server;
-{
-	int x;
-	unsigned char *p;
-	register int state;
-
-	switch (dir) {
-	case DIR_DECRYPT:
-		/*
-		 * This is simply a request to have the other side
-		 * start output (our input).  He will negotiate an
-		 * IV so we need not look for it.
-		 */
-		state = fbp->state[dir-1];
-		if (state == FAILED)
-			state = IN_PROGRESS;
-		break;
-
-	case DIR_ENCRYPT:
-		state = fbp->state[dir-1];
-		if (state == FAILED)
-			state = IN_PROGRESS;
-		else if ((state & NO_SEND_IV) == 0)
-			break;
-
-		if (!VALIDKEY(fbp->krbdes_key)) {
-			fbp->need_start = 1;
-			break;
-		}
-		state &= ~NO_SEND_IV;
-		state |= NO_RECV_IV;
-		if (encrypt_debug_mode)
-			printf("Creating new feed\r\n");
-		/*
-		 * Create a random feed and send it over.
-		 */
-		des_new_random_key((Block *)fbp->temp_feed);
-		des_ecb_encrypt((Block *)fbp->temp_feed, (Block *)fbp->temp_feed,
-				fbp->krbdes_sched, 1);
-		p = fbp->fb_feed + 3;
-		*p++ = ENCRYPT_IS;
-		p++;
-		*p++ = FB64_IV;
-		for (x = 0; x < sizeof(Block); ++x) {
-			if ((*p++ = fbp->temp_feed[x]) == IAC)
-				*p++ = IAC;
-		}
-		*p++ = IAC;
-		*p++ = SE;
-		printsub('>', &fbp->fb_feed[2], p - &fbp->fb_feed[2]);
-		net_write(fbp->fb_feed, p - fbp->fb_feed);
-		break;
-	default:
-		return(FAILED);
-	}
-	return(fbp->state[dir-1] = state);
-}
-
-/*
- * Returns:
- *	-1: some error.  Negotiation is done, encryption not ready.
- *	 0: Successful, initial negotiation all done.
- *	 1: successful, negotiation not done yet.
- */
-	int
-cfb64_is(data, cnt)
-	unsigned char *data;
-	int cnt;
-{
-	return(fb64_is(data, cnt, &fb[CFB]));
-}
-	int
-ofb64_is(data, cnt)
-	unsigned char *data;
-	int cnt;
-{
-	return(fb64_is(data, cnt, &fb[OFB]));
-}
-
-	int
-fb64_is(data, cnt, fbp)
-	unsigned char *data;
-	int cnt;
-	struct fb *fbp;
-{
-	unsigned char *p;
-	register int state = fbp->state[DIR_DECRYPT-1];
-
-	if (cnt-- < 1)
-		goto failure;
-
-	switch (*data++) {
-	case FB64_IV:
-		if (cnt != sizeof(Block)) {
-			if (encrypt_debug_mode)
-				printf("CFB64: initial vector failed on size\r\n");
-			state = FAILED;
-			goto failure;
-		}
-
-		if (encrypt_debug_mode)
-			printf("CFB64: initial vector received\r\n");
-
-		if (encrypt_debug_mode)
-			printf("Initializing Decrypt stream\r\n");
-
-		fb64_stream_iv((void *)data, &fbp->streams[DIR_DECRYPT-1]);
-
-		p = fbp->fb_feed + 3;
-		*p++ = ENCRYPT_REPLY;
-		p++;
-		*p++ = FB64_IV_OK;
-		*p++ = IAC;
-		*p++ = SE;
-		printsub('>', &fbp->fb_feed[2], p - &fbp->fb_feed[2]);
-		net_write(fbp->fb_feed, p - fbp->fb_feed);
-
-		state = fbp->state[DIR_DECRYPT-1] = IN_PROGRESS;
-		break;
-
-	default:
-		if (encrypt_debug_mode) {
-			printf("Unknown option type: %d\r\n", *(data-1));
-			printd(data, cnt);
-			printf("\r\n");
-		}
-		/* FALL THROUGH */
-	failure:
-		/*
-		 * We failed.  Send an FB64_IV_BAD option
-		 * to the other side so it will know that
-		 * things failed.
-		 */
-		p = fbp->fb_feed + 3;
-		*p++ = ENCRYPT_REPLY;
-		p++;
-		*p++ = FB64_IV_BAD;
-		*p++ = IAC;
-		*p++ = SE;
-		printsub('>', &fbp->fb_feed[2], p - &fbp->fb_feed[2]);
-		net_write(fbp->fb_feed, p - fbp->fb_feed);
-
-		break;
-	}
-	return(fbp->state[DIR_DECRYPT-1] = state);
-}
-
-/*
- * Returns:
- *	-1: some error.  Negotiation is done, encryption not ready.
- *	 0: Successful, initial negotiation all done.
- *	 1: successful, negotiation not done yet.
- */
-	int
-cfb64_reply(data, cnt)
-	unsigned char *data;
-	int cnt;
-{
-	return(fb64_reply(data, cnt, &fb[CFB]));
-}
-	int
-ofb64_reply(data, cnt)
-	unsigned char *data;
-	int cnt;
-{
-	return(fb64_reply(data, cnt, &fb[OFB]));
-}
-
-
-	int
-fb64_reply(data, cnt, fbp)
-	unsigned char *data;
-	int cnt;
-	struct fb *fbp;
-{
-	register int state = fbp->state[DIR_ENCRYPT-1];
-
-	if (cnt-- < 1)
-		goto failure;
-
-	switch (*data++) {
-	case FB64_IV_OK:
-		fb64_stream_iv(fbp->temp_feed, &fbp->streams[DIR_ENCRYPT-1]);
-		if (state == FAILED)
-			state = IN_PROGRESS;
-		state &= ~NO_RECV_IV;
-		encrypt_send_keyid(DIR_ENCRYPT, (unsigned char *)"\0", 1, 1);
-		break;
-
-	case FB64_IV_BAD:
-		memset(fbp->temp_feed, 0, sizeof(Block));
-		fb64_stream_iv(fbp->temp_feed, &fbp->streams[DIR_ENCRYPT-1]);
-		state = FAILED;
-		break;
-
-	default:
-		if (encrypt_debug_mode) {
-			printf("Unknown option type: %d\r\n", data[-1]);
-			printd(data, cnt);
-			printf("\r\n");
-		}
-		/* FALL THROUGH */
-	failure:
-		state = FAILED;
-		break;
-	}
-	return(fbp->state[DIR_ENCRYPT-1] = state);
-}
-
-	void
-cfb64_session(key, server)
-	Session_Key *key;
-	int server;
-{
-	fb64_session(key, server, &fb[CFB]);
-}
-
-	void
-ofb64_session(key, server)
-	Session_Key *key;
-	int server;
-{
-	fb64_session(key, server, &fb[OFB]);
-}
-
-	static void
-fb64_session(key, server, fbp)
-	Session_Key *key;
-	int server;
-	struct fb *fbp;
-{
-
-	if (!key || key->type != SK_DES) {
-		if (encrypt_debug_mode)
-			printf("Can't set krbdes's session key (%d != %d)\r\n",
-				key ? key->type : -1, SK_DES);
-		return;
-	}
-	memmove((void *)fbp->krbdes_key, (void *)key->data, sizeof(Block));
-
-	fb64_stream_key(fbp->krbdes_key, &fbp->streams[DIR_ENCRYPT-1]);
-	fb64_stream_key(fbp->krbdes_key, &fbp->streams[DIR_DECRYPT-1]);
-
-	if (fbp->once == 0) {
-		des_set_random_generator_seed((Block *)fbp->krbdes_key);
-		fbp->once = 1;
-	}
-	des_key_sched((Block *)fbp->krbdes_key, fbp->krbdes_sched);
-	/*
-	 * Now look to see if krbdes_start() was was waiting for
-	 * the key to show up.  If so, go ahead an call it now
-	 * that we have the key.
-	 */
-	if (fbp->need_start) {
-		fbp->need_start = 0;
-		fb64_start(fbp, DIR_ENCRYPT, server);
-	}
-}
-
-/*
- * We only accept a keyid of 0.  If we get a keyid of
- * 0, then mark the state as SUCCESS.
- */
-	int
-cfb64_keyid(dir, kp, lenp)
-	int dir, *lenp;
-	unsigned char *kp;
-{
-	return(fb64_keyid(dir, kp, lenp, &fb[CFB]));
-}
-
-	int
-ofb64_keyid(dir, kp, lenp)
-	int dir, *lenp;
-	unsigned char *kp;
-{
-	return(fb64_keyid(dir, kp, lenp, &fb[OFB]));
-}
-
-	int
-fb64_keyid(dir, kp, lenp, fbp)
-	int dir, *lenp;
-	unsigned char *kp;
-	struct fb *fbp;
-{
-	register int state = fbp->state[dir-1];
-
-	if (*lenp != 1 || (*kp != '\0')) {
-		*lenp = 0;
-		return(state);
-	}
-
-	if (state == FAILED)
-		state = IN_PROGRESS;
-
-	state &= ~NO_KEYID;
-
-	return(fbp->state[dir-1] = state);
-}
-
-	void
-fb64_printsub(data, cnt, buf, buflen, type)
-	unsigned char *data, *buf, *type;
-	int cnt, buflen;
-{
-	char lbuf[32];
-	register int i;
-	char *cp;
-
-	buf[buflen-1] = '\0';		/* make sure it's NULL terminated */
-	buflen -= 1;
-
-	switch(data[2]) {
-	case FB64_IV:
-		sprintf(lbuf, "%s_IV", type);
-		cp = lbuf;
-		goto common;
-
-	case FB64_IV_OK:
-		sprintf(lbuf, "%s_IV_OK", type);
-		cp = lbuf;
-		goto common;
-
-	case FB64_IV_BAD:
-		sprintf(lbuf, "%s_IV_BAD", type);
-		cp = lbuf;
-		goto common;
-
-	default:
-		sprintf(lbuf, " %d (unknown)", data[2]);
-		cp = lbuf;
-	common:
-		for (; (buflen > 0) && (*buf = *cp++); buf++)
-			buflen--;
-		for (i = 3; i < cnt; i++) {
-			sprintf(lbuf, " %d", data[i]);
-			for (cp = lbuf; (buflen > 0) && (*buf = *cp++); buf++)
-				buflen--;
-		}
-		break;
-	}
-}
-
-	void
-cfb64_printsub(data, cnt, buf, buflen)
-	unsigned char *data, *buf;
-	int cnt, buflen;
-{
-	fb64_printsub(data, cnt, buf, buflen, "CFB64");
-}
-
-	void
-ofb64_printsub(data, cnt, buf, buflen)
-	unsigned char *data, *buf;
-	int cnt, buflen;
-{
-	fb64_printsub(data, cnt, buf, buflen, "OFB64");
-}
-
-	void
-fb64_stream_iv(seed, stp)
-	Block seed;
-	register struct stinfo *stp;
-{
-
-	memmove((void *)stp->str_iv, (void *)seed, sizeof(Block));
-	memmove((void *)stp->str_output, (void *)seed, sizeof(Block));
-
-	des_key_sched((Block *)stp->str_ikey, stp->str_sched);
-
-	stp->str_index = sizeof(Block);
-}
-
-	void
-fb64_stream_key(key, stp)
-	Block key;
-	register struct stinfo *stp;
-{
-	memmove((void *)stp->str_ikey, (void *)key, sizeof(Block));
-	des_key_sched((Block *)key, stp->str_sched);
-
-	memmove((void *)stp->str_output, (void *)stp->str_iv, sizeof(Block));
-
-	stp->str_index = sizeof(Block);
-}
-
-/*
- * DES 64 bit Cipher Feedback
- *
- *     key --->+-----+
- *          +->| DES |--+
- *          |  +-----+  |
- *	    |           v
- *  INPUT --(--------->(+)+---> DATA
- *          |             |
- *	    +-------------+
- *
- *
- * Given:
- *	iV: Initial vector, 64 bits (8 bytes) long.
- *	Dn: the nth chunk of 64 bits (8 bytes) of data to encrypt (decrypt).
- *	On: the nth chunk of 64 bits (8 bytes) of encrypted (decrypted) output.
- *
- *	V0 = DES(iV, key)
- *	On = Dn ^ Vn
- *	V(n+1) = DES(On, key)
- */
-
-	void
-cfb64_encrypt(s, c)
-	register unsigned char *s;
-	int c;
-{
-	register struct stinfo *stp = &fb[CFB].streams[DIR_ENCRYPT-1];
-	register int index;
-
-	index = stp->str_index;
-	while (c-- > 0) {
-		if (index == sizeof(Block)) {
-			Block b;
-			des_ecb_encrypt((Block *)stp->str_output, (Block *)b, stp->str_sched, 1);
-			memmove((void *)stp->str_feed, (void *)b, sizeof(Block));
-			index = 0;
-		}
-
-		/* On encryption, we store (feed ^ data) which is cypher */
-		*s = stp->str_output[index] = (stp->str_feed[index] ^ *s);
-		s++;
-		index++;
-	}
-	stp->str_index = index;
-}
-
-	int
-cfb64_decrypt(data)
-	int data;
-{
-	register struct stinfo *stp = &fb[CFB].streams[DIR_DECRYPT-1];
-	int index;
-
-	if (data == -1) {
-		/*
-		 * Back up one byte.  It is assumed that we will
-		 * never back up more than one byte.  If we do, this
-		 * may or may not work.
-		 */
-		if (stp->str_index)
-			--stp->str_index;
-		return(0);
-	}
-
-	index = stp->str_index++;
-	if (index == sizeof(Block)) {
-		Block b;
-		des_ecb_encrypt((Block *)stp->str_output, (Block *)b, stp->str_sched, 1);
-		memmove((void *)stp->str_feed, (void *)b, sizeof(Block));
-		stp->str_index = 1;	/* Next time will be 1 */
-		index = 0;		/* But now use 0 */
-	}
-
-	/* On decryption we store (data) which is cypher. */
-	stp->str_output[index] = data;
-	return(data ^ stp->str_feed[index]);
-}
-
-/*
- * DES 64 bit Output Feedback
- *
- * key --->+-----+
- *	+->| DES |--+
- *	|  +-----+  |
- *	+-----------+
- *	            v
- *  INPUT -------->(+) ----> DATA
- *
- * Given:
- *	iV: Initial vector, 64 bits (8 bytes) long.
- *	Dn: the nth chunk of 64 bits (8 bytes) of data to encrypt (decrypt).
- *	On: the nth chunk of 64 bits (8 bytes) of encrypted (decrypted) output.
- *
- *	V0 = DES(iV, key)
- *	V(n+1) = DES(Vn, key)
- *	On = Dn ^ Vn
- */
-	void
-ofb64_encrypt(s, c)
-	register unsigned char *s;
-	int c;
-{
-	register struct stinfo *stp = &fb[OFB].streams[DIR_ENCRYPT-1];
-	register int index;
-
-	index = stp->str_index;
-	while (c-- > 0) {
-		if (index == sizeof(Block)) {
-			Block b;
-			des_ecb_encrypt((Block *)stp->str_feed, (Block *)b, stp->str_sched, 1);
-			memmove((void *)stp->str_feed, (void *)b, sizeof(Block));
-			index = 0;
-		}
-		*s++ ^= stp->str_feed[index];
-		index++;
-	}
-	stp->str_index = index;
-}
-
-	int
-ofb64_decrypt(data)
-	int data;
-{
-	register struct stinfo *stp = &fb[OFB].streams[DIR_DECRYPT-1];
-	int index;
-
-	if (data == -1) {
-		/*
-		 * Back up one byte.  It is assumed that we will
-		 * never back up more than one byte.  If we do, this
-		 * may or may not work.
-		 */
-		if (stp->str_index)
-			--stp->str_index;
-		return(0);
-	}
-
-	index = stp->str_index++;
-	if (index == sizeof(Block)) {
-		Block b;
-		des_ecb_encrypt((Block *)stp->str_feed, (Block *)b, stp->str_sched, 1);
-		memmove((void *)stp->str_feed, (void *)b, sizeof(Block));
-		stp->str_index = 1;	/* Next time will be 1 */
-		index = 0;		/* But now use 0 */
-	}
-
-	return(data ^ stp->str_feed[index]);
-}
-#  endif /* DES_ENCRYPTION */
-# endif	/* AUTHENTICATION */
-#endif	/* ENCRYPTION */
diff --git a/crypto/telnet/libtelnet/encrypt.c b/crypto/telnet/libtelnet/encrypt.c
deleted file mode 100644
index 41dd5cc71044..000000000000
--- a/crypto/telnet/libtelnet/encrypt.c
+++ /dev/null
@@ -1,1016 +0,0 @@
-/*-
- * Copyright (c) 1991, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef lint
-static const char sccsid[] = "@(#)encrypt.c	8.2 (Berkeley) 5/30/95";
-#endif /* not lint */
-
-/*
- * Copyright (C) 1990 by the Massachusetts Institute of Technology
- *
- * Export of this software from the United States of America is assumed
- * to require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- */
-
-#ifdef	ENCRYPTION
-
-#define	ENCRYPT_NAMES
-#include <stdio.h>
-#include <arpa/telnet.h>
-
-#include "encrypt.h"
-#include "misc.h"
-
-#ifdef	__STDC__
-#include <stdlib.h>
-#endif
-#ifdef	NO_STRING_H
-#include <strings.h>
-#else
-#include <string.h>
-#endif
-
-/*
- * These functions pointers point to the current routines
- * for encrypting and decrypting data.
- */
-void	(*encrypt_output) P((unsigned char *, int));
-int	(*decrypt_input) P((int));
-
-int EncryptType(char *type, char *mode);
-int EncryptStart(char *mode);
-int EncryptStop(char *mode);
-int EncryptStartInput(void);
-int EncryptStartOutput(void);
-int EncryptStopInput(void);
-int EncryptStopOutput(void);
-
-int Ambiguous(char **s);
-int isprefix(char *s1, char *s2);
-char **genget(char *name, char **table, int stlen);
-
-int encrypt_debug_mode = 0;
-static int decrypt_mode = 0;
-static int encrypt_mode = 0;
-static int encrypt_verbose = 0;
-static int autoencrypt = 0;
-static int autodecrypt = 0;
-static int havesessionkey = 0;
-static int Server = 0;
-static char *Name = "Noname";
-
-#define	typemask(x)	((x) > 0 ? 1 << ((x)-1) : 0)
-
-static long i_support_encrypt = typemask(ENCTYPE_DES_CFB64)
-				| typemask(ENCTYPE_DES_OFB64);
-static long i_support_decrypt = typemask(ENCTYPE_DES_CFB64)
-				| typemask(ENCTYPE_DES_OFB64);
-static long i_wont_support_encrypt = 0;
-static long i_wont_support_decrypt = 0;
-#define	I_SUPPORT_ENCRYPT	(i_support_encrypt & ~i_wont_support_encrypt)
-#define	I_SUPPORT_DECRYPT	(i_support_decrypt & ~i_wont_support_decrypt)
-
-static long remote_supports_encrypt = 0;
-static long remote_supports_decrypt = 0;
-
-static Encryptions encryptions[] = {
-#ifdef	DES_ENCRYPTION
-    { "DES_CFB64",	ENCTYPE_DES_CFB64,
-			cfb64_encrypt,
-			cfb64_decrypt,
-			cfb64_init,
-			cfb64_start,
-			cfb64_is,
-			cfb64_reply,
-			cfb64_session,
-			cfb64_keyid,
-			cfb64_printsub },
-    { "DES_OFB64",	ENCTYPE_DES_OFB64,
-			ofb64_encrypt,
-			ofb64_decrypt,
-			ofb64_init,
-			ofb64_start,
-			ofb64_is,
-			ofb64_reply,
-			ofb64_session,
-			ofb64_keyid,
-			ofb64_printsub },
-#endif	/* DES_ENCRYPTION */
-    { 0, },
-};
-
-static unsigned char str_send[64] = { IAC, SB, TELOPT_ENCRYPT,
-					 ENCRYPT_SUPPORT };
-static unsigned char str_suplen = 0;
-static unsigned char str_start[72] = { IAC, SB, TELOPT_ENCRYPT };
-static unsigned char str_end[] = { IAC, SB, TELOPT_ENCRYPT, 0, IAC, SE };
-
-	Encryptions *
-findencryption(type)
-	int type;
-{
-	Encryptions *ep = encryptions;
-
-	if (!(I_SUPPORT_ENCRYPT & remote_supports_decrypt & typemask(type)))
-		return(0);
-	while (ep->type && ep->type != type)
-		++ep;
-	return(ep->type ? ep : 0);
-}
-
-	Encryptions *
-finddecryption(type)
-	int type;
-{
-	Encryptions *ep = encryptions;
-
-	if (!(I_SUPPORT_DECRYPT & remote_supports_encrypt & typemask(type)))
-		return(0);
-	while (ep->type && ep->type != type)
-		++ep;
-	return(ep->type ? ep : 0);
-}
-
-#define	MAXKEYLEN 64
-
-static struct key_info {
-	unsigned char keyid[MAXKEYLEN];
-	int keylen;
-	int dir;
-	int *modep;
-	Encryptions *(*getcrypt)();
-} ki[2] = {
-	{ { 0 }, 0, DIR_ENCRYPT, &encrypt_mode, findencryption },
-	{ { 0 }, 0, DIR_DECRYPT, &decrypt_mode, finddecryption },
-};
-
-static void encrypt_keyid(struct key_info *kp, unsigned char *keyid, int len);
-
-	void
-encrypt_init(name, server)
-	char *name;
-	int server;
-{
-	Encryptions *ep = encryptions;
-
-	Name = name;
-	Server = server;
-	i_support_encrypt = i_support_decrypt = 0;
-	remote_supports_encrypt = remote_supports_decrypt = 0;
-	encrypt_mode = 0;
-	decrypt_mode = 0;
-	encrypt_output = 0;
-	decrypt_input = 0;
-#ifdef notdef
-	encrypt_verbose = !server;
-#endif
-
-	str_suplen = 4;
-
-	while (ep->type) {
-		if (encrypt_debug_mode)
-			printf(">>>%s: I will support %s\r\n",
-				Name, ENCTYPE_NAME(ep->type));
-		i_support_encrypt |= typemask(ep->type);
-		i_support_decrypt |= typemask(ep->type);
-		if ((i_wont_support_decrypt & typemask(ep->type)) == 0)
-			if ((str_send[str_suplen++] = ep->type) == IAC)
-				str_send[str_suplen++] = IAC;
-		if (ep->init)
-			(*ep->init)(Server);
-		++ep;
-	}
-	str_send[str_suplen++] = IAC;
-	str_send[str_suplen++] = SE;
-}
-
-	void
-encrypt_list_types()
-{
-	Encryptions *ep = encryptions;
-
-	printf("Valid encryption types:\n");
-	while (ep->type) {
-		printf("\t%s (%d)\r\n", ENCTYPE_NAME(ep->type), ep->type);
-		++ep;
-	}
-}
-
-	int
-EncryptEnable(type, mode)
-	char *type, *mode;
-{
-	if (isprefix(type, "help") || isprefix(type, "?")) {
-		printf("Usage: encrypt enable <type> [input|output]\n");
-		encrypt_list_types();
-		return(0);
-	}
-	if (EncryptType(type, mode))
-		return(EncryptStart(mode));
-	return(0);
-}
-
-	int
-EncryptDisable(type, mode)
-	char *type, *mode;
-{
-	register Encryptions *ep;
-	int ret = 0;
-
-	if (isprefix(type, "help") || isprefix(type, "?")) {
-		printf("Usage: encrypt disable <type> [input|output]\n");
-		encrypt_list_types();
-	} else if ((ep = (Encryptions *)genget(type, (char **)encryptions,
-						sizeof(Encryptions))) == 0) {
-		printf("%s: invalid encryption type\n", type);
-	} else if (Ambiguous((char **)ep)) {
-		printf("Ambiguous type '%s'\n", type);
-	} else {
-		if ((mode == 0) || (isprefix(mode, "input") ? 1 : 0)) {
-			if (decrypt_mode == ep->type)
-				EncryptStopInput();
-			i_wont_support_decrypt |= typemask(ep->type);
-			ret = 1;
-		}
-		if ((mode == 0) || (isprefix(mode, "output"))) {
-			if (encrypt_mode == ep->type)
-				EncryptStopOutput();
-			i_wont_support_encrypt |= typemask(ep->type);
-			ret = 1;
-		}
-		if (ret == 0)
-			printf("%s: invalid encryption mode\n", mode);
-	}
-	return(ret);
-}
-
-	int
-EncryptType(type, mode)
-	char *type;
-	char *mode;
-{
-	register Encryptions *ep;
-	int ret = 0;
-
-	if (isprefix(type, "help") || isprefix(type, "?")) {
-		printf("Usage: encrypt type <type> [input|output]\n");
-		encrypt_list_types();
-	} else if ((ep = (Encryptions *)genget(type, (char **)encryptions,
-						sizeof(Encryptions))) == 0) {
-		printf("%s: invalid encryption type\n", type);
-	} else if (Ambiguous((char **)ep)) {
-		printf("Ambiguous type '%s'\n", type);
-	} else {
-		if ((mode == 0) || isprefix(mode, "input")) {
-			decrypt_mode = ep->type;
-			i_wont_support_decrypt &= ~typemask(ep->type);
-			ret = 1;
-		}
-		if ((mode == 0) || isprefix(mode, "output")) {
-			encrypt_mode = ep->type;
-			i_wont_support_encrypt &= ~typemask(ep->type);
-			ret = 1;
-		}
-		if (ret == 0)
-			printf("%s: invalid encryption mode\n", mode);
-	}
-	return(ret);
-}
-
-	int
-EncryptStart(mode)
-	char *mode;
-{
-	register int ret = 0;
-	if (mode) {
-		if (isprefix(mode, "input"))
-			return(EncryptStartInput());
-		if (isprefix(mode, "output"))
-			return(EncryptStartOutput());
-		if (isprefix(mode, "help") || isprefix(mode, "?")) {
-			printf("Usage: encrypt start [input|output]\n");
-			return(0);
-		}
-		printf("%s: invalid encryption mode 'encrypt start ?' for help\n", mode);
-		return(0);
-	}
-	ret += EncryptStartInput();
-	ret += EncryptStartOutput();
-	return(ret);
-}
-
-	int
-EncryptStartInput()
-{
-	if (decrypt_mode) {
-		encrypt_send_request_start();
-		return(1);
-	}
-	printf("No previous decryption mode, decryption not enabled\r\n");
-	return(0);
-}
-
-	int
-EncryptStartOutput()
-{
-	if (encrypt_mode) {
-		encrypt_start_output(encrypt_mode);
-		return(1);
-	}
-	printf("No previous encryption mode, encryption not enabled\r\n");
-	return(0);
-}
-
-	int
-EncryptStop(mode)
-	char *mode;
-{
-	int ret = 0;
-	if (mode) {
-		if (isprefix(mode, "input"))
-			return(EncryptStopInput());
-		if (isprefix(mode, "output"))
-			return(EncryptStopOutput());
-		if (isprefix(mode, "help") || isprefix(mode, "?")) {
-			printf("Usage: encrypt stop [input|output]\n");
-			return(0);
-		}
-		printf("%s: invalid encryption mode 'encrypt stop ?' for help\n", mode);
-		return(0);
-	}
-	ret += EncryptStopInput();
-	ret += EncryptStopOutput();
-	return(ret);
-}
-
-	int
-EncryptStopInput()
-{
-	encrypt_send_request_end();
-	return(1);
-}
-
-	int
-EncryptStopOutput()
-{
-	encrypt_send_end();
-	return(1);
-}
-
-	void
-encrypt_display()
-{
-	if (encrypt_output)
-		printf("Currently encrypting output with %s\r\n",
-			ENCTYPE_NAME(encrypt_mode));
-	if (decrypt_input)
-		printf("Currently decrypting input with %s\r\n",
-			ENCTYPE_NAME(decrypt_mode));
-}
-
-	int
-EncryptStatus()
-{
-	if (encrypt_output)
-		printf("Currently encrypting output with %s\r\n",
-			ENCTYPE_NAME(encrypt_mode));
-	else if (encrypt_mode) {
-		printf("Currently output is clear text.\r\n");
-		printf("Last encryption mode was %s\r\n",
-			ENCTYPE_NAME(encrypt_mode));
-	}
-	if (decrypt_input) {
-		printf("Currently decrypting input with %s\r\n",
-			ENCTYPE_NAME(decrypt_mode));
-	} else if (decrypt_mode) {
-		printf("Currently input is clear text.\r\n");
-		printf("Last decryption mode was %s\r\n",
-			ENCTYPE_NAME(decrypt_mode));
-	}
-	return 1;
-}
-
-	void
-encrypt_send_support()
-{
-	if (str_suplen) {
-		/*
-		 * If the user has requested that decryption start
-		 * immediatly, then send a "REQUEST START" before
-		 * we negotiate the type.
-		 */
-		if (!Server && autodecrypt)
-			encrypt_send_request_start();
-		net_write(str_send, str_suplen);
-		printsub('>', &str_send[2], str_suplen - 2);
-		str_suplen = 0;
-	}
-}
-
-	int
-EncryptDebug(on)
-	int on;
-{
-	if (on < 0)
-		encrypt_debug_mode ^= 1;
-	else
-		encrypt_debug_mode = on;
-	printf("Encryption debugging %s\r\n",
-		encrypt_debug_mode ? "enabled" : "disabled");
-	return(1);
-}
-
-	int
-EncryptVerbose(on)
-	int on;
-{
-	if (on < 0)
-		encrypt_verbose ^= 1;
-	else
-		encrypt_verbose = on;
-	printf("Encryption %s verbose\r\n",
-		encrypt_verbose ? "is" : "is not");
-	return(1);
-}
-
-	int
-EncryptAutoEnc(on)
-	int on;
-{
-	encrypt_auto(on);
-	printf("Automatic encryption of output is %s\r\n",
-		autoencrypt ? "enabled" : "disabled");
-	return(1);
-}
-
-	int
-EncryptAutoDec(on)
-	int on;
-{
-	decrypt_auto(on);
-	printf("Automatic decryption of input is %s\r\n",
-		autodecrypt ? "enabled" : "disabled");
-	return(1);
-}
-
-/*
- * Called when ENCRYPT SUPPORT is received.
- */
-	void
-encrypt_support(typelist, cnt)
-	unsigned char *typelist;
-	int cnt;
-{
-	register int type, use_type = 0;
-	Encryptions *ep;
-
-	/*
-	 * Forget anything the other side has previously told us.
-	 */
-	remote_supports_decrypt = 0;
-
-	while (cnt-- > 0) {
-		type = *typelist++;
-		if (encrypt_debug_mode)
-			printf(">>>%s: He is supporting %s (%d)\r\n",
-				Name,
-				ENCTYPE_NAME(type), type);
-		if ((type < ENCTYPE_CNT) &&
-		    (I_SUPPORT_ENCRYPT & typemask(type))) {
-			remote_supports_decrypt |= typemask(type);
-			if (use_type == 0)
-				use_type = type;
-		}
-	}
-	if (use_type) {
-		ep = findencryption(use_type);
-		if (!ep)
-			return;
-		type = ep->start ? (*ep->start)(DIR_ENCRYPT, Server) : 0;
-		if (encrypt_debug_mode)
-			printf(">>>%s: (*ep->start)() returned %d\r\n",
-					Name, type);
-		if (type < 0)
-			return;
-		encrypt_mode = use_type;
-		if (type == 0)
-			encrypt_start_output(use_type);
-	}
-}
-
-	void
-encrypt_is(data, cnt)
-	unsigned char *data;
-	int cnt;
-{
-	Encryptions *ep;
-	register int type, ret;
-
-	if (--cnt < 0)
-		return;
-	type = *data++;
-	if (type < ENCTYPE_CNT)
-		remote_supports_encrypt |= typemask(type);
-	if (!(ep = finddecryption(type))) {
-		if (encrypt_debug_mode)
-			printf(">>>%s: Can't find type %s (%d) for initial negotiation\r\n",
-				Name,
-				ENCTYPE_NAME_OK(type)
-					? ENCTYPE_NAME(type) : "(unknown)",
-				type);
-		return;
-	}
-	if (!ep->is) {
-		if (encrypt_debug_mode)
-			printf(">>>%s: No initial negotiation needed for type %s (%d)\r\n",
-				Name,
-				ENCTYPE_NAME_OK(type)
-					? ENCTYPE_NAME(type) : "(unknown)",
-				type);
-		ret = 0;
-	} else {
-		ret = (*ep->is)(data, cnt);
-		if (encrypt_debug_mode)
-			printf("(*ep->is)(%p, %d) returned %s(%d)\n", data, cnt,
-				(ret < 0) ? "FAIL " :
-				(ret == 0) ? "SUCCESS " : "MORE_TO_DO ", ret);
-	}
-	if (ret < 0) {
-		autodecrypt = 0;
-	} else {
-		decrypt_mode = type;
-		if (ret == 0 && autodecrypt)
-			encrypt_send_request_start();
-	}
-}
-
-	void
-encrypt_reply(data, cnt)
-	unsigned char *data;
-	int cnt;
-{
-	Encryptions *ep;
-	register int ret, type;
-
-	if (--cnt < 0)
-		return;
-	type = *data++;
-	if (!(ep = findencryption(type))) {
-		if (encrypt_debug_mode)
-			printf(">>>%s: Can't find type %s (%d) for initial negotiation\r\n",
-				Name,
-				ENCTYPE_NAME_OK(type)
-					? ENCTYPE_NAME(type) : "(unknown)",
-				type);
-		return;
-	}
-	if (!ep->reply) {
-		if (encrypt_debug_mode)
-			printf(">>>%s: No initial negotiation needed for type %s (%d)\r\n",
-				Name,
-				ENCTYPE_NAME_OK(type)
-					? ENCTYPE_NAME(type) : "(unknown)",
-				type);
-		ret = 0;
-	} else {
-		ret = (*ep->reply)(data, cnt);
-		if (encrypt_debug_mode)
-			printf("(*ep->reply)(%p, %d) returned %s(%d)\n",
-				data, cnt,
-				(ret < 0) ? "FAIL " :
-				(ret == 0) ? "SUCCESS " : "MORE_TO_DO ", ret);
-	}
-	if (encrypt_debug_mode)
-		printf(">>>%s: encrypt_reply returned %d\n", Name, ret);
-	if (ret < 0) {
-		autoencrypt = 0;
-	} else {
-		encrypt_mode = type;
-		if (ret == 0 && autoencrypt)
-			encrypt_start_output(type);
-	}
-}
-
-/*
- * Called when a ENCRYPT START command is received.
- */
-	void
-encrypt_start(data, cnt)
-	unsigned char *data;
-	int cnt;
-{
-	Encryptions *ep;
-
-	if (!decrypt_mode) {
-		/*
-		 * Something is wrong.  We should not get a START
-		 * command without having already picked our
-		 * decryption scheme.  Send a REQUEST-END to
-		 * attempt to clear the channel...
-		 */
-		printf("%s: Warning, Cannot decrypt input stream!!!\r\n", Name);
-		encrypt_send_request_end();
-		return;
-	}
-
-	if ((ep = finddecryption(decrypt_mode))) {
-		decrypt_input = ep->input;
-		if (encrypt_verbose)
-			printf("[ Input is now decrypted with type %s ]\r\n",
-				ENCTYPE_NAME(decrypt_mode));
-		if (encrypt_debug_mode)
-			printf(">>>%s: Start to decrypt input with type %s\r\n",
-				Name, ENCTYPE_NAME(decrypt_mode));
-	} else {
-		printf("%s: Warning, Cannot decrypt type %s (%d)!!!\r\n",
-				Name,
-				ENCTYPE_NAME_OK(decrypt_mode)
-					? ENCTYPE_NAME(decrypt_mode)
-					: "(unknown)",
-				decrypt_mode);
-		encrypt_send_request_end();
-	}
-}
-
-	void
-encrypt_session_key(key, server)
-	Session_Key *key;
-	int server;
-{
-	Encryptions *ep = encryptions;
-
-	havesessionkey = 1;
-
-	while (ep->type) {
-		if (ep->session)
-			(*ep->session)(key, server);
-#ifdef notdef
-		if (!encrypt_output && autoencrypt && !server)
-			encrypt_start_output(ep->type);
-		if (!decrypt_input && autodecrypt && !server)
-			encrypt_send_request_start();
-#endif
-		++ep;
-	}
-}
-
-/*
- * Called when ENCRYPT END is received.
- */
-	void
-encrypt_end()
-{
-	decrypt_input = 0;
-	if (encrypt_debug_mode)
-		printf(">>>%s: Input is back to clear text\r\n", Name);
-	if (encrypt_verbose)
-		printf("[ Input is now clear text ]\r\n");
-}
-
-/*
- * Called when ENCRYPT REQUEST-END is received.
- */
-	void
-encrypt_request_end()
-{
-	encrypt_send_end();
-}
-
-/*
- * Called when ENCRYPT REQUEST-START is received.  If we receive
- * this before a type is picked, then that indicates that the
- * other side wants us to start encrypting data as soon as we
- * can.
- */
-	void
-encrypt_request_start(data, cnt)
-	unsigned char *data;
-	int cnt;
-{
-	if (encrypt_mode == 0)  {
-		if (Server)
-			autoencrypt = 1;
-		return;
-	}
-	encrypt_start_output(encrypt_mode);
-}
-
-static unsigned char str_keyid[(MAXKEYLEN*2)+5] = { IAC, SB, TELOPT_ENCRYPT };
-
-	void
-encrypt_enc_keyid(keyid, len)
-	unsigned char *keyid;
-	int len;
-{
-	encrypt_keyid(&ki[1], keyid, len);
-}
-
-	void
-encrypt_dec_keyid(keyid, len)
-	unsigned char *keyid;
-	int len;
-{
-	encrypt_keyid(&ki[0], keyid, len);
-}
-
-	void
-encrypt_keyid(kp, keyid, len)
-	struct key_info *kp;
-	unsigned char *keyid;
-	int len;
-{
-	Encryptions *ep;
-	int dir = kp->dir;
-	register int ret = 0;
-
-	if (!(ep = (*kp->getcrypt)(*kp->modep))) {
-		if (len == 0)
-			return;
-		kp->keylen = 0;
-	} else if (len == 0) {
-		/*
-		 * Empty option, indicates a failure.
-		 */
-		if (kp->keylen == 0)
-			return;
-		kp->keylen = 0;
-		if (ep->keyid)
-			(void)(*ep->keyid)(dir, kp->keyid, &kp->keylen);
-
-	} else if ((len != kp->keylen) ||
-		   (memcmp(keyid, kp->keyid, len) != 0)) {
-		/*
-		 * Length or contents are different
-		 */
-		kp->keylen = len;
-		memmove(kp->keyid, keyid, len);
-		if (ep->keyid)
-			(void)(*ep->keyid)(dir, kp->keyid, &kp->keylen);
-	} else {
-		if (ep->keyid)
-			ret = (*ep->keyid)(dir, kp->keyid, &kp->keylen);
-		if ((ret == 0) && (dir == DIR_ENCRYPT) && autoencrypt)
-			encrypt_start_output(*kp->modep);
-		return;
-	}
-
-	encrypt_send_keyid(dir, kp->keyid, kp->keylen, 0);
-}
-
-	void
-encrypt_send_keyid(dir, keyid, keylen, saveit)
-	int dir;
-	unsigned char *keyid;
-	int keylen;
-	int saveit;
-{
-	unsigned char *strp;
-
-	str_keyid[3] = (dir == DIR_ENCRYPT)
-			? ENCRYPT_ENC_KEYID : ENCRYPT_DEC_KEYID;
-	if (saveit) {
-		struct key_info *kp = &ki[(dir == DIR_ENCRYPT) ? 0 : 1];
-		memmove(kp->keyid, keyid, keylen);
-		kp->keylen = keylen;
-	}
-
-	for (strp = &str_keyid[4]; keylen > 0; --keylen) {
-		if ((*strp++ = *keyid++) == IAC)
-			*strp++ = IAC;
-	}
-	*strp++ = IAC;
-	*strp++ = SE;
-	net_write(str_keyid, strp - str_keyid);
-	printsub('>', &str_keyid[2], strp - str_keyid - 2);
-}
-
-	void
-encrypt_auto(on)
-	int on;
-{
-	if (on < 0)
-		autoencrypt ^= 1;
-	else
-		autoencrypt = on ? 1 : 0;
-}
-
-	void
-decrypt_auto(on)
-	int on;
-{
-	if (on < 0)
-		autodecrypt ^= 1;
-	else
-		autodecrypt = on ? 1 : 0;
-}
-
-	void
-encrypt_start_output(type)
-	int type;
-{
-	Encryptions *ep;
-	register unsigned char *p;
-	register int i;
-
-	if (!(ep = findencryption(type))) {
-		if (encrypt_debug_mode) {
-			printf(">>>%s: Can't encrypt with type %s (%d)\r\n",
-				Name,
-				ENCTYPE_NAME_OK(type)
-					? ENCTYPE_NAME(type) : "(unknown)",
-				type);
-		}
-		return;
-	}
-	if (ep->start) {
-		i = (*ep->start)(DIR_ENCRYPT, Server);
-		if (encrypt_debug_mode) {
-			printf(">>>%s: Encrypt start: %s (%d) %s\r\n",
-				Name,
-				(i < 0) ? "failed" :
-					"initial negotiation in progress",
-				i, ENCTYPE_NAME(type));
-		}
-		if (i)
-			return;
-	}
-	p = str_start + 3;
-	*p++ = ENCRYPT_START;
-	for (i = 0; i < ki[0].keylen; ++i) {
-		if ((*p++ = ki[0].keyid[i]) == IAC)
-			*p++ = IAC;
-	}
-	*p++ = IAC;
-	*p++ = SE;
-	net_write(str_start, p - str_start);
-	net_encrypt();
-	printsub('>', &str_start[2], p - &str_start[2]);
-	/*
-	 * If we are already encrypting in some mode, then
-	 * encrypt the ring (which includes our request) in
-	 * the old mode, mark it all as "clear text" and then
-	 * switch to the new mode.
-	 */
-	encrypt_output = ep->output;
-	encrypt_mode = type;
-	if (encrypt_debug_mode)
-		printf(">>>%s: Started to encrypt output with type %s\r\n",
-			Name, ENCTYPE_NAME(type));
-	if (encrypt_verbose)
-		printf("[ Output is now encrypted with type %s ]\r\n",
-			ENCTYPE_NAME(type));
-}
-
-	void
-encrypt_send_end()
-{
-	if (!encrypt_output)
-		return;
-
-	str_end[3] = ENCRYPT_END;
-	net_write(str_end, sizeof(str_end));
-	net_encrypt();
-	printsub('>', &str_end[2], sizeof(str_end) - 2);
-	/*
-	 * Encrypt the output buffer now because it will not be done by
-	 * netflush...
-	 */
-	encrypt_output = 0;
-	if (encrypt_debug_mode)
-		printf(">>>%s: Output is back to clear text\r\n", Name);
-	if (encrypt_verbose)
-		printf("[ Output is now clear text ]\r\n");
-}
-
-	void
-encrypt_send_request_start()
-{
-	register unsigned char *p;
-	register int i;
-
-	p = &str_start[3];
-	*p++ = ENCRYPT_REQSTART;
-	for (i = 0; i < ki[1].keylen; ++i) {
-		if ((*p++ = ki[1].keyid[i]) == IAC)
-			*p++ = IAC;
-	}
-	*p++ = IAC;
-	*p++ = SE;
-	net_write(str_start, p - str_start);
-	printsub('>', &str_start[2], p - &str_start[2]);
-	if (encrypt_debug_mode)
-		printf(">>>%s: Request input to be encrypted\r\n", Name);
-}
-
-	void
-encrypt_send_request_end()
-{
-	str_end[3] = ENCRYPT_REQEND;
-	net_write(str_end, sizeof(str_end));
-	printsub('>', &str_end[2], sizeof(str_end) - 2);
-
-	if (encrypt_debug_mode)
-		printf(">>>%s: Request input to be clear text\r\n", Name);
-}
-
-	void
-encrypt_wait()
-{
-	if (encrypt_debug_mode)
-		printf(">>>%s: in encrypt_wait\r\n", Name);
-	if (!havesessionkey || !(I_SUPPORT_ENCRYPT & remote_supports_decrypt))
-		return;
-	while (autoencrypt && !encrypt_output)
-		if (telnet_spin())
-			return;
-}
-
-	void
-encrypt_debug(mode)
-	int mode;
-{
-	encrypt_debug_mode = mode;
-}
-
-	void
-encrypt_gen_printsub(data, cnt, buf, buflen)
-	unsigned char *data, *buf;
-	int cnt, buflen;
-{
-	char tbuf[16], *cp;
-
-	cnt -= 2;
-	data += 2;
-	buf[buflen-1] = '\0';
-	buf[buflen-2] = '*';
-	buflen -= 2;;
-	for (; cnt > 0; cnt--, data++) {
-		sprintf(tbuf, " %d", *data);
-		for (cp = tbuf; *cp && buflen > 0; --buflen)
-			*buf++ = *cp++;
-		if (buflen <= 0)
-			return;
-	}
-	*buf = '\0';
-}
-
-	void
-encrypt_printsub(data, cnt, buf, buflen)
-	unsigned char *data, *buf;
-	int cnt, buflen;
-{
-	Encryptions *ep;
-	register int type = data[1];
-
-	for (ep = encryptions; ep->type && ep->type != type; ep++)
-		;
-
-	if (ep->printsub)
-		(*ep->printsub)(data, cnt, buf, buflen);
-	else
-		encrypt_gen_printsub(data, cnt, buf, buflen);
-}
-#endif	/* ENCRYPTION */
diff --git a/crypto/telnet/libtelnet/encrypt.h b/crypto/telnet/libtelnet/encrypt.h
deleted file mode 100644
index 1c942dc6e7e8..000000000000
--- a/crypto/telnet/libtelnet/encrypt.h
+++ /dev/null
@@ -1,108 +0,0 @@
-/*-
- * Copyright (c) 1991, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)encrypt.h	8.1 (Berkeley) 6/4/93
- */
-
-/*
- * Copyright (C) 1990 by the Massachusetts Institute of Technology
- *
- * Export of this software from the United States of America is assumed
- * to require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- */
-
-#ifdef	ENCRYPTION
-# ifndef __ENCRYPTION__
-# define __ENCRYPTION__
-
-#define	DIR_DECRYPT		1
-#define	DIR_ENCRYPT		2
-
-typedef	unsigned char Block[8];
-typedef unsigned char *BlockT;
-typedef struct { Block __; } Schedule[16];
-
-#define	VALIDKEY(key)	( key[0] | key[1] | key[2] | key[3] | \
-			  key[4] | key[5] | key[6] | key[7])
-
-#define	SAMEKEY(k1, k2)	(!bcmp((void *)k1, (void *)k2, sizeof(Block)))
-
-typedef	struct {
-	short		type;
-	int		length;
-	unsigned char	*data;
-} Session_Key;
-
-# if !defined(P)
-#  ifdef __STDC__
-#   define P(x)	x
-#  else
-#   define P(x)	()
-#  endif
-# endif
-
-typedef struct {
-	char	*name;
-	int	type;
-	void	(*output) P((unsigned char *, int));
-	int	(*input) P((int));
-	void	(*init) P((int));
-	int	(*start) P((int, int));
-	int	(*is) P((unsigned char *, int));
-	int	(*reply) P((unsigned char *, int));
-	void	(*session) P((Session_Key *, int));
-	int	(*keyid) P((int, unsigned char *, int *));
-	void	(*printsub) P((unsigned char *, int, unsigned char *, int));
-} Encryptions;
-
-#define	SK_DES		1	/* Matched Kerberos v5 KEYTYPE_DES */
-
-#include "enc-proto.h"
-
-extern int encrypt_debug_mode;
-extern int (*decrypt_input) P((int));
-extern void (*encrypt_output) P((unsigned char *, int));
-# endif /* __ENCRYPTION__ */
-#endif /* ENCRYPTION */
diff --git a/crypto/telnet/libtelnet/genget.c b/crypto/telnet/libtelnet/genget.c
deleted file mode 100644
index 8668db47a700..000000000000
--- a/crypto/telnet/libtelnet/genget.c
+++ /dev/null
@@ -1,104 +0,0 @@
-/*-
- * Copyright (c) 1991, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef lint
-static const char sccsid[] = "@(#)genget.c	8.2 (Berkeley) 5/30/95";
-#endif /* not lint */
-
-
-#include <ctype.h>
-
-#define	LOWER(x) (isupper(x) ? tolower(x) : (x))
-/*
- * The prefix function returns 0 if *s1 is not a prefix
- * of *s2.  If *s1 exactly matches *s2, the negative of
- * the length is returned.  If *s1 is a prefix of *s2,
- * the length of *s1 is returned.
- */
-	int
-isprefix(s1, s2)
-	register char *s1, *s2;
-{
-	char *os1;
-	register char c1, c2;
-
-	if (*s1 == '\0')
-		return(-1);
-	os1 = s1;
-	c1 = *s1;
-	c2 = *s2;
-	while (LOWER(c1) == LOWER(c2)) {
-		if (c1 == '\0')
-			break;
-		c1 = *++s1;
-		c2 = *++s2;
-	}
-	return(*s1 ? 0 : (*s2 ? (s1 - os1) : (os1 - s1)));
-}
-
-static char *ambiguous;		/* special return value for command routines */
-
-	char **
-genget(name, table, stlen)
-	char	*name;		/* name to match */
-	char	**table;	/* name entry in table */
-	int	stlen;
-{
-	register char **c, **found;
-	register int n;
-
-	if (name == 0)
-	    return 0;
-
-	found = 0;
-	for (c = table; *c != 0; c = (char **)((char *)c + stlen)) {
-		if ((n = isprefix(name, *c)) == 0)
-			continue;
-		if (n < 0)		/* exact match */
-			return(c);
-		if (found)
-			return(&ambiguous);
-		found = c;
-	}
-	return(found);
-}
-
-/*
- * Function call version of Ambiguous()
- */
-	int
-Ambiguous(s)
-	char **s;
-{
-	return(s == &ambiguous);
-}
diff --git a/crypto/telnet/libtelnet/getent.c b/crypto/telnet/libtelnet/getent.c
deleted file mode 100644
index 05626f11d413..000000000000
--- a/crypto/telnet/libtelnet/getent.c
+++ /dev/null
@@ -1,68 +0,0 @@
-/*-
- * Copyright (c) 1991, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef lint
-static char sccsid[] = "@(#)getent.c	8.2 (Berkeley) 12/15/93";
-#endif /* not lint */
-
-static char *area;
-
-/*ARGSUSED*/
-getent(cp, name)
-char *cp, *name;
-{
-#ifdef	HAS_CGETENT
-	char *dba[2];
-
-	dba[0] = "/etc/gettytab";
-	dba[1] = 0;
-	return((cgetent(&area, dba, name) == 0) ? 1 : 0);
-#else
-	return(0);
-#endif
-}
-
-#ifndef	SOLARIS
-/*ARGSUSED*/
-char *
-getstr(id, cpp)
-char *id, **cpp;
-{
-# ifdef	HAS_CGETENT
-	char *answer;
-	return((cgetstr(area, id, &answer) > 0) ? answer : 0);
-# else
-	return(0);
-# endif
-}
-#endif
diff --git a/crypto/telnet/libtelnet/kerberos.c b/crypto/telnet/libtelnet/kerberos.c
deleted file mode 100644
index 738a57f35ce6..000000000000
--- a/crypto/telnet/libtelnet/kerberos.c
+++ /dev/null
@@ -1,550 +0,0 @@
-/*-
- * Copyright (c) 1991, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef lint
-static const char sccsid[] = "@(#)kerberos.c	8.3 (Berkeley) 5/30/95";
-#endif /* not lint */
-
-/*
- * Copyright (C) 1990 by the Massachusetts Institute of Technology
- *
- * Export of this software from the United States of America is assumed
- * to require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- */
-
-#ifdef	KRB4
-#include <sys/types.h>
-#include <arpa/telnet.h>
-#include <stdio.h>
-#include <des.h>	/* BSD wont include this in krb.h, so we do it here */
-#include <krb.h>
-#ifdef	__STDC__
-#include <stdlib.h>
-#endif
-#ifdef	NO_STRING_H
-#include <strings.h>
-#else
-#include <string.h>
-#endif
-
-#include "encrypt.h"
-#include "auth.h"
-#include "misc.h"
-
-int kerberos4_cksum P((unsigned char *, int));
-int kuserok P((AUTH_DAT *, char *));
-
-extern auth_debug_mode;
-
-static unsigned char str_data[1024] = { IAC, SB, TELOPT_AUTHENTICATION, 0,
-			  		AUTHTYPE_KERBEROS_V4, };
-
-#define	KRB_AUTH	0		/* Authentication data follows */
-#define	KRB_REJECT	1		/* Rejected (reason might follow) */
-#define	KRB_ACCEPT	2		/* Accepted */
-#define	KRB_CHALLENGE	3		/* Challenge for mutual auth. */
-#define	KRB_RESPONSE	4		/* Response for mutual auth. */
-
-#define KRB_SERVICE_NAME   "rcmd"
-
-static	KTEXT_ST auth;
-static	char name[ANAME_SZ];
-static	AUTH_DAT adat = { 0 };
-#ifdef	ENCRYPTION
-static Block	session_key	= { 0 };
-static des_key_schedule sched;
-static Block	challenge	= { 0 };
-#endif	/* ENCRYPTION */
-
-	static int
-Data(ap, type, d, c)
-	Authenticator *ap;
-	int type;
-	void *d;
-	int c;
-{
-	unsigned char *p = str_data + 4;
-	unsigned char *cd = (unsigned char *)d;
-
-	if (c == -1)
-		c = strlen((char *)cd);
-
-	if (auth_debug_mode) {
-		printf("%s:%d: [%d] (%d)",
-			str_data[3] == TELQUAL_IS ? ">>>IS" : ">>>REPLY",
-			str_data[3],
-			type, c);
-		printd(d, c);
-		printf("\r\n");
-	}
-	*p++ = ap->type;
-	*p++ = ap->way;
-	*p++ = type;
-	while (c-- > 0) {
-		if ((*p++ = *cd++) == IAC)
-			*p++ = IAC;
-	}
-	*p++ = IAC;
-	*p++ = SE;
-	if (str_data[3] == TELQUAL_IS)
-		printsub('>', &str_data[2], p - (&str_data[2]));
-	return(net_write(str_data, p - str_data));
-}
-
-	int
-kerberos4_init(ap, server)
-	Authenticator *ap;
-	int server;
-{
-	FILE *fp;
-
-	if (server) {
-		str_data[3] = TELQUAL_REPLY;
-		if ((fp = fopen(KEYFILE, "r")) == NULL)
-			return(0);
-		fclose(fp);
-	} else {
-		str_data[3] = TELQUAL_IS;
-	}
-	return(1);
-}
-
-char dst_realm_buf[REALM_SZ], *dest_realm = NULL;
-int dst_realm_sz = REALM_SZ;
-
-	int
-kerberos4_send(ap)
-	Authenticator *ap;
-{
-	KTEXT_ST auth;
-	char instance[INST_SZ];
-	char *realm;
-	char *krb_realmofhost();
-	char *krb_get_phost();
-	CREDENTIALS cred;
-	int r;
-
-	printf("[ Trying KERBEROS4 ... ]\n");
-	if (!UserNameRequested) {
-		if (auth_debug_mode) {
-			printf("Kerberos V4: no user name supplied\r\n");
-		}
-		return(0);
-	}
-
-	memset(instance, 0, sizeof(instance));
-
-	if ((realm = krb_get_phost(RemoteHostName)))
-		strncpy(instance, realm, sizeof(instance));
-
-	instance[sizeof(instance)-1] = '\0';
-
-	realm = dest_realm ? dest_realm : krb_realmofhost(RemoteHostName);
-
-	if (!realm) {
-		printf("Kerberos V4: no realm for %s\r\n", RemoteHostName);
-		return(0);
-	}
-	if ((r = krb_mk_req(&auth, KRB_SERVICE_NAME, instance, realm, 0L))) {
-		printf("mk_req failed: %s\r\n", krb_err_txt[r]);
-		return(0);
-	}
-	if ((r = krb_get_cred(KRB_SERVICE_NAME, instance, realm, &cred))) {
-		printf("get_cred failed: %s\r\n", krb_err_txt[r]);
-		return(0);
-	}
-	if (!auth_sendname(UserNameRequested, strlen(UserNameRequested))) {
-		if (auth_debug_mode)
-			printf("Not enough room for user name\r\n");
-		return(0);
-	}
-	if (auth_debug_mode)
-		printf("Sent %d bytes of authentication data\r\n", auth.length);
-	if (!Data(ap, KRB_AUTH, (void *)auth.dat, auth.length)) {
-		if (auth_debug_mode)
-			printf("Not enough room for authentication data\r\n");
-		return(0);
-	}
-#ifdef	ENCRYPTION
-	/*
-	 * If we are doing mutual authentication, get set up to send
-	 * the challenge, and verify it when the response comes back.
-	 */
-	if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) {
-		register int i;
-
-		des_key_sched(&cred.session, sched);
-		des_init_random_number_generator(&cred.session);
-		des_new_random_key(&session_key);
-		des_ecb_encrypt(&session_key, &session_key, sched, 0);
-		des_ecb_encrypt(&session_key, &challenge, sched, 0);
-		/*
-		 * Increment the challenge by 1, and encrypt it for
-		 * later comparison.
-		 */
-		for (i = 7; i >= 0; --i) {
-			register int x;
-			x = (unsigned int)challenge[i] + 1;
-			challenge[i] = x;	/* ignore overflow */
-			if (x < 256)		/* if no overflow, all done */
-				break;
-		}
-		des_ecb_encrypt(&challenge, &challenge, sched, 1);
-	}
-#endif	/* ENCRYPTION */
-
-	if (auth_debug_mode) {
-		printf("CK: %d:", kerberos4_cksum(auth.dat, auth.length));
-		printd(auth.dat, auth.length);
-		printf("\r\n");
-		printf("Sent Kerberos V4 credentials to server\r\n");
-	}
-	return(1);
-}
-
-	void
-kerberos4_is(ap, data, cnt)
-	Authenticator *ap;
-	unsigned char *data;
-	int cnt;
-{
-#ifdef	ENCRYPTION
-	Session_Key skey;
-	Block datablock;
-#endif	/* ENCRYPTION */
-	char realm[REALM_SZ];
-	char instance[INST_SZ];
-	int r;
-
-	if (cnt-- < 1)
-		return;
-	switch (*data++) {
-	case KRB_AUTH:
-		if (krb_get_lrealm(realm, 1) != KSUCCESS) {
-			Data(ap, KRB_REJECT, (void *)"No local V4 Realm.", -1);
-			auth_finished(ap, AUTH_REJECT);
-			if (auth_debug_mode)
-				printf("No local realm\r\n");
-			return;
-		}
-		memmove((void *)auth.dat, (void *)data, auth.length = cnt);
-		if (auth_debug_mode) {
-			printf("Got %d bytes of authentication data\r\n", cnt);
-			printf("CK: %d:", kerberos4_cksum(auth.dat, auth.length));
-			printd(auth.dat, auth.length);
-			printf("\r\n");
-		}
-		instance[0] = '*'; instance[1] = 0;
-		if ((r = krb_rd_req(&auth, KRB_SERVICE_NAME,
-				   instance, 0, &adat, ""))) {
-			if (auth_debug_mode)
-				printf("Kerberos failed him as %s\r\n", name);
-			Data(ap, KRB_REJECT, (void *)krb_err_txt[r], -1);
-			auth_finished(ap, AUTH_REJECT);
-			return;
-		}
-#ifdef	ENCRYPTION
-		memmove((void *)session_key, (void *)adat.session, sizeof(Block));
-#endif	/* ENCRYPTION */
-		krb_kntoln(&adat, name);
-
-		if (UserNameRequested && !kuserok(&adat, UserNameRequested))
-			Data(ap, KRB_ACCEPT, (void *)0, 0);
-		else
-			Data(ap, KRB_REJECT,
-				(void *)"user is not authorized", -1);
-		auth_finished(ap, AUTH_USER);
-		break;
-
-	case KRB_CHALLENGE:
-#ifndef	ENCRYPTION
-		Data(ap, KRB_RESPONSE, (void *)0, 0);
-#else	/* ENCRYPTION */
-		if (!VALIDKEY(session_key)) {
-			/*
-			 * We don't have a valid session key, so just
-			 * send back a response with an empty session
-			 * key.
-			 */
-			Data(ap, KRB_RESPONSE, (void *)0, 0);
-			break;
-		}
-
-		/*
-		 * Initialize the random number generator since it's
-		 * used later on by the encryption routine.
-		 */
-		des_init_random_number_generator(&session_key);
-		des_key_sched(&session_key, sched);
-		memmove((void *)datablock, (void *)data, sizeof(Block));
-		/*
-		 * Take the received encrypted challenge, and encrypt
-		 * it again to get a unique session_key for the
-		 * ENCRYPT option.
-		 */
-		des_ecb_encrypt(&datablock, &session_key, sched, 1);
-		skey.type = SK_DES;
-		skey.length = 8;
-		skey.data = session_key;
-		encrypt_session_key(&skey, 1);
-		/*
-		 * Now decrypt the received encrypted challenge,
-		 * increment by one, re-encrypt it and send it back.
-		 */
-		des_ecb_encrypt(&datablock, &challenge, sched, 0);
-		for (r = 7; r >= 0; r--) {
-			register int t;
-			t = (unsigned int)challenge[r] + 1;
-			challenge[r] = t;	/* ignore overflow */
-			if (t < 256)		/* if no overflow, all done */
-				break;
-		}
-		des_ecb_encrypt(&challenge, &challenge, sched, 1);
-		Data(ap, KRB_RESPONSE, (void *)challenge, sizeof(challenge));
-#endif	/* ENCRYPTION */
-		break;
-
-	default:
-		if (auth_debug_mode)
-			printf("Unknown Kerberos option %d\r\n", data[-1]);
-		Data(ap, KRB_REJECT, 0, 0);
-		break;
-	}
-}
-
-	void
-kerberos4_reply(ap, data, cnt)
-	Authenticator *ap;
-	unsigned char *data;
-	int cnt;
-{
-#ifdef	ENCRYPTION
-	Session_Key skey;
-#endif	/* ENCRYPTION */
-
-	if (cnt-- < 1)
-		return;
-	switch (*data++) {
-	case KRB_REJECT:
-		if (cnt > 0) {
-			printf("[ Kerberos V4 refuses authentication because %.*s ]\r\n",
-				cnt, data);
-		} else
-			printf("[ Kerberos V4 refuses authentication ]\r\n");
-		auth_send_retry();
-		return;
-	case KRB_ACCEPT:
-		printf("[ Kerberos V4 accepts you ]\n");
-		if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) {
-			/*
-			 * Send over the encrypted challenge.
-		 	 */
-#ifndef	ENCRYPTION
-			Data(ap, KRB_CHALLENGE, (void *)0, 0);
-#else	/* ENCRYPTION */
-			Data(ap, KRB_CHALLENGE, (void *)session_key,
-						sizeof(session_key));
-			des_ecb_encrypt(&session_key, &session_key, sched, 1);
-			skey.type = SK_DES;
-			skey.length = 8;
-			skey.data = session_key;
-			encrypt_session_key(&skey, 0);
-#endif	/* ENCRYPTION */
-			return;
-		}
-		auth_finished(ap, AUTH_USER);
-		return;
-	case KRB_RESPONSE:
-#ifdef	ENCRYPTION
-		/*
-		 * Verify that the response to the challenge is correct.
-		 */
-		if ((cnt != sizeof(Block)) ||
-		    (0 != memcmp((void *)data, (void *)challenge,
-						sizeof(challenge))))
-		{
-#endif	/* ENCRYPTION */
-			printf("[ Kerberos V4 challenge failed!!! ]\r\n");
-			auth_send_retry();
-			return;
-#ifdef	ENCRYPTION
-		}
-		printf("[ Kerberos V4 challenge successful ]\r\n");
-		auth_finished(ap, AUTH_USER);
-#endif	/* ENCRYPTION */
-		break;
-	default:
-		if (auth_debug_mode)
-			printf("Unknown Kerberos option %d\r\n", data[-1]);
-		return;
-	}
-}
-
-	int
-kerberos4_status(ap, name, level)
-	Authenticator *ap;
-	char *name;
-	int level;
-{
-	if (level < AUTH_USER)
-		return(level);
-
-	if (UserNameRequested && !kuserok(&adat, UserNameRequested)) {
-		strcpy(name, UserNameRequested);
-		return(AUTH_VALID);
-	} else
-		return(AUTH_USER);
-}
-
-#define	BUMP(buf, len)		while (*(buf)) {++(buf), --(len);}
-#define	ADDC(buf, len, c)	if ((len) > 0) {*(buf)++ = (c); --(len);}
-
-	void
-kerberos4_printsub(data, cnt, buf, buflen)
-	unsigned char *data, *buf;
-	int cnt, buflen;
-{
-	char lbuf[32];
-	register int i;
-
-	buf[buflen-1] = '\0';		/* make sure its NULL terminated */
-	buflen -= 1;
-
-	switch(data[3]) {
-	case KRB_REJECT:		/* Rejected (reason might follow) */
-		strncpy((char *)buf, " REJECT ", buflen);
-		goto common;
-
-	case KRB_ACCEPT:		/* Accepted (name might follow) */
-		strncpy((char *)buf, " ACCEPT ", buflen);
-	common:
-		BUMP(buf, buflen);
-		if (cnt <= 4)
-			break;
-		ADDC(buf, buflen, '"');
-		for (i = 4; i < cnt; i++)
-			ADDC(buf, buflen, data[i]);
-		ADDC(buf, buflen, '"');
-		ADDC(buf, buflen, '\0');
-		break;
-
-	case KRB_AUTH:			/* Authentication data follows */
-		strncpy((char *)buf, " AUTH", buflen);
-		goto common2;
-
-	case KRB_CHALLENGE:
-		strncpy((char *)buf, " CHALLENGE", buflen);
-		goto common2;
-
-	case KRB_RESPONSE:
-		strncpy((char *)buf, " RESPONSE", buflen);
-		goto common2;
-
-	default:
-		sprintf(lbuf, " %d (unknown)", data[3]);
-		strncpy((char *)buf, lbuf, buflen);
-	common2:
-		BUMP(buf, buflen);
-		for (i = 4; i < cnt; i++) {
-			sprintf(lbuf, " %d", data[i]);
-			strncpy((char *)buf, lbuf, buflen);
-			BUMP(buf, buflen);
-		}
-		break;
-	}
-}
-
-	int
-kerberos4_cksum(d, n)
-	unsigned char *d;
-	int n;
-{
-	int ck = 0;
-
-	/*
-	 * A comment is probably needed here for those not
-	 * well versed in the "C" language.  Yes, this is
-	 * supposed to be a "switch" with the body of the
-	 * "switch" being a "while" statement.  The whole
-	 * purpose of the switch is to allow us to jump into
-	 * the middle of the while() loop, and then not have
-	 * to do any more switch()s.
-	 *
-	 * Some compilers will spit out a warning message
-	 * about the loop not being entered at the top.
-	 */
-	switch (n&03)
-	while (n > 0) {
-	case 0:
-		ck ^= (int)*d++ << 24;
-		--n;
-	case 3:
-		ck ^= (int)*d++ << 16;
-		--n;
-	case 2:
-		ck ^= (int)*d++ << 8;
-		--n;
-	case 1:
-		ck ^= (int)*d++;
-		--n;
-	}
-	return(ck);
-}
-#endif
-
-#ifdef notdef
-
-prkey(msg, key)
-	char *msg;
-	unsigned char *key;
-{
-	register int i;
-	printf("%s:", msg);
-	for (i = 0; i < 8; i++)
-		printf(" %3d", key[i]);
-	printf("\r\n");
-}
-#endif
diff --git a/crypto/telnet/libtelnet/kerberos5.c b/crypto/telnet/libtelnet/kerberos5.c
deleted file mode 100644
index bcf1a9f0c348..000000000000
--- a/crypto/telnet/libtelnet/kerberos5.c
+++ /dev/null
@@ -1,764 +0,0 @@
-/*
- *	$Source: /mit/krb5/.cvsroot/src/appl/telnet/libtelnet/kerberos5.c,v $
- *	$Author: tytso $
- *	$Id: kerberos5.c,v 1.1 1997/09/04 06:11:15 markm Exp $
- */
-
-#if !defined(lint) && !defined(SABER)
-static
-#ifdef __STDC__
-const
-#endif
-char rcsid_kerberos5_c[] = "$Id: kerberos5.c,v 1.1 1997/09/04 06:11:15 markm Exp $";
-#endif /* lint */
-
-/*-
- * Copyright (c) 1991, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef lint
-static char sccsid[] = "@(#)kerberos5.c	8.3 (Berkeley) 5/30/95";
-#endif /* not lint */
-
-/*
- * Copyright (C) 1990 by the Massachusetts Institute of Technology
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- */
-
-
-#ifdef	KRB5
-#include <arpa/telnet.h>
-#include <stdio.h>
-#include <krb5/krb5.h>
-#include <krb5/asn1.h>
-#include <krb5/crc-32.h>
-#include <krb5/los-proto.h>
-#include <krb5/ext-proto.h>
-#include <com_err.h>
-#include <netdb.h>
-#include <ctype.h>
-
-/* kerberos 5 include files (ext-proto.h) will get an appropriate stdlib.h
-   and string.h/strings.h */
-
-#include "encrypt.h"
-#include "auth.h"
-#include "misc.h"
-
-extern auth_debug_mode;
-
-#ifdef	FORWARD
-int forward_flags = 0;  /* Flags get set in telnet/main.c on -f and -F */
-
-/* These values need to be the same as those defined in telnet/main.c. */
-/* Either define them in both places, or put in some common header file. */
-#define OPTS_FORWARD_CREDS	0x00000002
-#define OPTS_FORWARDABLE_CREDS	0x00000001
-
-void kerberos5_forward();
-
-#endif	/* FORWARD */
-
-static unsigned char str_data[1024] = { IAC, SB, TELOPT_AUTHENTICATION, 0,
-			  		AUTHTYPE_KERBEROS_V5, };
-/*static unsigned char str_name[1024] = { IAC, SB, TELOPT_AUTHENTICATION,
-					TELQUAL_NAME, };*/
-
-#define	KRB_AUTH		0	/* Authentication data follows */
-#define	KRB_REJECT		1	/* Rejected (reason might follow) */
-#define	KRB_ACCEPT		2	/* Accepted */
-#define	KRB_RESPONSE		3	/* Response for mutual auth. */
-
-#ifdef	FORWARD
-#define KRB_FORWARD     	4       /* Forwarded credentials follow */
-#define KRB_FORWARD_ACCEPT     	5       /* Forwarded credentials accepted */
-#define KRB_FORWARD_REJECT     	6       /* Forwarded credentials rejected */
-#endif	/* FORWARD */
-
-static	krb5_data auth;
-	/* telnetd gets session key from here */
-static	krb5_tkt_authent *authdat = NULL;
-/* telnet matches the AP_REQ and AP_REP with this */
-static	krb5_authenticator authenticator;
-
-/* some compilers can't hack void *, so we use the Kerberos krb5_pointer,
-   which is either void * or char *, depending on the compiler. */
-
-#define Voidptr krb5_pointer
-
-Block	session_key;
-
-	static int
-Data(ap, type, d, c)
-	Authenticator *ap;
-	int type;
-	Voidptr d;
-	int c;
-{
-	unsigned char *p = str_data + 4;
-	unsigned char *cd = (unsigned char *)d;
-
-	if (c == -1)
-		c = strlen((char *)cd);
-
-	if (auth_debug_mode) {
-		printf("%s:%d: [%d] (%d)",
-			str_data[3] == TELQUAL_IS ? ">>>IS" : ">>>REPLY",
-			str_data[3],
-			type, c);
-		printd(d, c);
-		printf("\r\n");
-	}
-	*p++ = ap->type;
-	*p++ = ap->way;
-	*p++ = type;
-	while (c-- > 0) {
-		if ((*p++ = *cd++) == IAC)
-			*p++ = IAC;
-	}
-	*p++ = IAC;
-	*p++ = SE;
-	if (str_data[3] == TELQUAL_IS)
-		printsub('>', &str_data[2], p - &str_data[2]);
-	return(net_write(str_data, p - str_data));
-}
-
-	int
-kerberos5_init(ap, server)
-	Authenticator *ap;
-	int server;
-{
-	if (server)
-		str_data[3] = TELQUAL_REPLY;
-	else
-		str_data[3] = TELQUAL_IS;
-	krb5_init_ets();
-	return(1);
-}
-
-	int
-kerberos5_send(ap)
-	Authenticator *ap;
-{
-	char **realms;
-	char *name;
-	char *p1, *p2;
-	krb5_checksum ksum;
-	krb5_octet sum[CRC32_CKSUM_LENGTH];
- 	krb5_principal server;
-	krb5_error_code r;
-	krb5_ccache ccache;
-	krb5_creds creds;		/* telnet gets session key from here */
-	extern krb5_flags krb5_kdc_default_options;
-	int ap_opts;
-
-#ifdef	ENCRYPTION
-	krb5_keyblock *newkey = 0;
-#endif	/* ENCRYPTION */
-
-	ksum.checksum_type = CKSUMTYPE_CRC32;
-	ksum.contents = sum;
-	ksum.length = sizeof(sum);
-	memset((Voidptr )sum, 0, sizeof(sum));
-
-	if (!UserNameRequested) {
-		if (auth_debug_mode) {
-			printf("Kerberos V5: no user name supplied\r\n");
-		}
-		return(0);
-	}
-
-	if (r = krb5_cc_default(&ccache)) {
-		if (auth_debug_mode) {
-			printf("Kerberos V5: could not get default ccache\r\n");
-		}
-		return(0);
-	}
-
-	if ((name = malloc(strlen(RemoteHostName)+1)) == NULL) {
-		if (auth_debug_mode)
-			printf("Out of memory for hostname in Kerberos V5\r\n");
-		return(0);
-	}
-
-	if (r = krb5_get_host_realm(RemoteHostName, &realms)) {
-		if (auth_debug_mode)
-			printf("Kerberos V5: no realm for %s\r\n", RemoteHostName);
-		free(name);
-		return(0);
-	}
-
-	p1 = RemoteHostName;
-	p2 = name;
-
-	while (*p2 = *p1++) {
-		if (isupper(*p2))
-			*p2 |= 040;
-		++p2;
-	}
-
-	if (r = krb5_build_principal_ext(&server,
-					 strlen(realms[0]), realms[0],
-					 4, "host",
-					 p2 - name, name,
-					 0)) {
-		if (auth_debug_mode) {
-			printf("Kerberos V5: failure setting up principal (%s)\r\n",
-			       error_message(r));
-		}
-		free(name);
-		krb5_free_host_realm(realms);
-		return(0);
-	}
-
-
-	memset((char *)&creds, 0, sizeof(creds));
-	creds.server = server;
-
-	if (r = krb5_cc_get_principal(ccache, &creds.client)) {
-		if (auth_debug_mode) {
-			printf("Kerberos V5: failure on principal (%s)\r\n",
-				error_message(r));
-		}
-		free(name);
-		krb5_free_principal(server);
-		krb5_free_host_realm(realms);
-		return(0);
-	}
-
-	if (r = krb5_get_credentials(krb5_kdc_default_options, ccache, &creds)) {
-		if (auth_debug_mode) {
-			printf("Kerberos V5: failure on credentials(%d)\r\n",r);
-		}
-		free(name);
-		krb5_free_host_realm(realms);
-		krb5_free_principal(server);
-		return(0);
-	}
-
-	if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL)
-	    ap_opts = AP_OPTS_MUTUAL_REQUIRED;
-	else
-	    ap_opts = 0;
-
-	r = krb5_mk_req_extended(ap_opts, &ksum, krb5_kdc_default_options, 0,
-#ifdef	ENCRYPTION
-				 &newkey,
-#else	/* ENCRYPTION */
-				 0,
-#endif	/* ENCRYPTION */
-				 ccache, &creds, &authenticator, &auth);
-	/* don't let the key get freed if we clean up the authenticator */
-	authenticator.subkey = 0;
-
-	free(name);
-	krb5_free_host_realm(realms);
-	krb5_free_principal(server);
-#ifdef	ENCRYPTION
-	if (newkey) {
-	    /* keep the key in our private storage, but don't use it
-	       yet---see kerberos5_reply() below */
-	    if (newkey->keytype != KEYTYPE_DES) {
-		if (creds.keyblock.keytype == KEYTYPE_DES)
-		    /* use the session key in credentials instead */
-		    memmove((char *)session_key,
-			   (char *)creds.keyblock.contents, sizeof(Block));
-		else
-		    /* XXX ? */;
-	    } else {
-		memmove((char *)session_key, (char *)newkey->contents,
-		       sizeof(Block));
-	    }
-	    krb5_free_keyblock(newkey);
-	}
-#endif	/* ENCRYPTION */
-	if (r) {
-		if (auth_debug_mode) {
-			printf("Kerberos V5: mk_req failed (%s)\r\n",
-			       error_message(r));
-		}
-		return(0);
-	}
-
-	if (!auth_sendname(UserNameRequested, strlen(UserNameRequested))) {
-		if (auth_debug_mode)
-			printf("Not enough room for user name\r\n");
-		return(0);
-	}
-	if (!Data(ap, KRB_AUTH, auth.data, auth.length)) {
-		if (auth_debug_mode)
-			printf("Not enough room for authentication data\r\n");
-		return(0);
-	}
-	if (auth_debug_mode) {
-		printf("Sent Kerberos V5 credentials to server\r\n");
-	}
-	return(1);
-}
-
-	void
-kerberos5_is(ap, data, cnt)
-	Authenticator *ap;
-	unsigned char *data;
-	int cnt;
-{
-	int r;
-	struct hostent *hp;
-	char *p1, *p2;
-	static char *realm = NULL;
-	krb5_principal server;
-	krb5_ap_rep_enc_part reply;
-	krb5_data outbuf;
-#ifdef ENCRYPTION
-	Session_Key skey;
-#endif	/* ENCRYPTION */
-	char *name;
-	char *getenv();
-	krb5_data inbuf;
-
-	if (cnt-- < 1)
-		return;
-	switch (*data++) {
-	case KRB_AUTH:
-		auth.data = (char *)data;
-		auth.length = cnt;
-
-		if (!(hp = gethostbyname(LocalHostName))) {
-			if (auth_debug_mode)
-				printf("Cannot resolve local host name\r\n");
-			Data(ap, KRB_REJECT, "Unknown local hostname.", -1);
-			auth_finished(ap, AUTH_REJECT);
-			return;
-		}
-
-		if (!realm && (krb5_get_default_realm(&realm))) {
-			if (auth_debug_mode)
-				printf("Could not get default realm\r\n");
-			Data(ap, KRB_REJECT, "Could not get default realm.", -1);
-			auth_finished(ap, AUTH_REJECT);
-			return;
-		}
-
-		if ((name = malloc(strlen(hp->h_name)+1)) == NULL) {
-			if (auth_debug_mode)
-				printf("Out of memory for hostname in Kerberos V5\r\n");
-			Data(ap, KRB_REJECT, "Out of memory.", -1);
-			auth_finished(ap, AUTH_REJECT);
-			return;
-		}
-
-		p1 = hp->h_name;
-		p2 = name;
-
-		while (*p2 = *p1++) {
-			if (isupper(*p2))
-				*p2 |= 040;
-			++p2;
-		}
-
-		if (authdat)
-			krb5_free_tkt_authent(authdat);
-
-		r = krb5_build_principal_ext(&server,
-					     strlen(realm), realm,
-					     4, "host",
-					     p2 - name, name,
-					     0);
-		if (!r) {
-		    r = krb5_rd_req_simple(&auth, server, 0, &authdat);
-		    krb5_free_principal(server);
-		}
-		if (r) {
-			char errbuf[128];
-
-		    errout:
-			authdat = 0;
-			(void) strcpy(errbuf, "Read req failed: ");
-			(void) strcat(errbuf, error_message(r));
-			Data(ap, KRB_REJECT, errbuf, -1);
-			if (auth_debug_mode)
-				printf("%s\r\n", errbuf);
-			return;
-		}
-		free(name);
-		if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) {
-		    /* do ap_rep stuff here */
-		    reply.ctime = authdat->authenticator->ctime;
-		    reply.cusec = authdat->authenticator->cusec;
-		    reply.subkey = 0;	/* use the one he gave us, so don't
-					   need to return one here */
-		    reply.seq_number = 0; /* we don't do seq #'s. */
-
-		    if (r = krb5_mk_rep(&reply,
-					authdat->authenticator->subkey ?
-					authdat->authenticator->subkey :
-					authdat->ticket->enc_part2->session,
-					&outbuf)) {
-			goto errout;
-		    }
-		    Data(ap, KRB_RESPONSE, outbuf.data, outbuf.length);
-		}
-		if (krb5_unparse_name(authdat->ticket->enc_part2 ->client,
-				      					&name))
-			name = 0;
-		Data(ap, KRB_ACCEPT, name, name ? -1 : 0);
-		if (auth_debug_mode) {
-			printf("Kerberos5 identifies him as ``%s''\r\n",
-							name ? name : "");
-		}
-		auth_finished(ap, AUTH_USER);
-
-		free(name);
-	    	if (authdat->authenticator->subkey &&
-		    authdat->authenticator->subkey->keytype == KEYTYPE_DES) {
-		    memmove((Voidptr )session_key,
-			   (Voidptr )authdat->authenticator->subkey->contents,
-			   sizeof(Block));
-		} else if (authdat->ticket->enc_part2->session->keytype ==
-			   KEYTYPE_DES) {
-		    memmove((Voidptr )session_key,
-			(Voidptr )authdat->ticket->enc_part2->session->contents,
-			sizeof(Block));
-		} else
-		    break;
-
-#ifdef ENCRYPTION
-		skey.type = SK_DES;
-		skey.length = 8;
-		skey.data = session_key;
-		encrypt_session_key(&skey, 1);
-#endif	/* ENCRYPTION */
-		break;
-#ifdef	FORWARD
-	case KRB_FORWARD:
-		inbuf.data = (char *)data;
-		inbuf.length = cnt;
-		if (r = rd_and_store_for_creds(&inbuf, authdat->ticket,
-					       UserNameRequested)) {
-		    char errbuf[128];
-
-		    (void) strcpy(errbuf, "Read forwarded creds failed: ");
-		    (void) strcat(errbuf, error_message(r));
-		    Data(ap, KRB_FORWARD_REJECT, errbuf, -1);
-		    if (auth_debug_mode)
-		      printf("Could not read forwarded credentials\r\n");
-		}
-		else
-		  Data(ap, KRB_FORWARD_ACCEPT, 0, 0);
-		  if (auth_debug_mode)
-		    printf("Forwarded credentials obtained\r\n");
-		break;
-#endif	/* FORWARD */
-	default:
-		if (auth_debug_mode)
-			printf("Unknown Kerberos option %d\r\n", data[-1]);
-		Data(ap, KRB_REJECT, 0, 0);
-		break;
-	}
-}
-
-	void
-kerberos5_reply(ap, data, cnt)
-	Authenticator *ap;
-	unsigned char *data;
-	int cnt;
-{
-	Session_Key skey;
-	static int mutual_complete = 0;
-
-	if (cnt-- < 1)
-		return;
-	switch (*data++) {
-	case KRB_REJECT:
-		if (cnt > 0) {
-			printf("[ Kerberos V5 refuses authentication because %.*s ]\r\n",
-				cnt, data);
-		} else
-			printf("[ Kerberos V5 refuses authentication ]\r\n");
-		auth_send_retry();
-		return;
-	case KRB_ACCEPT:
-		if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL &&
-		    !mutual_complete) {
-		    printf("[ Kerberos V5 accepted you, but didn't provide mutual authentication! ]\n");
-		    auth_send_retry();
-		    return;
-		}
-		if (cnt)
-		    printf("[ Kerberos V5 accepts you as ``%.*s'' ]\n", cnt, data);
-		else
-		    printf("[ Kerberos V5 accepts you ]\n");
-		auth_finished(ap, AUTH_USER);
-#ifdef	FORWARD
-		if (forward_flags & OPTS_FORWARD_CREDS)
-		  kerberos5_forward(ap);
-#endif	/* FORWARD */
-		break;
-	case KRB_RESPONSE:
-		if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) {
-		    /* the rest of the reply should contain a krb_ap_rep */
-		    krb5_ap_rep_enc_part *reply;
-		    krb5_data inbuf;
-		    krb5_error_code r;
-		    krb5_keyblock tmpkey;
-
-		    inbuf.length = cnt;
-		    inbuf.data = (char *)data;
-
-		    tmpkey.keytype = KEYTYPE_DES;
-		    tmpkey.contents = session_key;
-		    tmpkey.length = sizeof(Block);
-
-		    if (r = krb5_rd_rep(&inbuf, &tmpkey, &reply)) {
-			printf("[ Mutual authentication failed: %s ]\n",
-			       error_message(r));
-			auth_send_retry();
-			return;
-		    }
-		    if (reply->ctime != authenticator.ctime ||
-			reply->cusec != authenticator.cusec) {
-			printf("[ Mutual authentication failed (mismatched KRB_AP_REP) ]\n");
-			auth_send_retry();
-			return;
-		    }
-		    krb5_free_ap_rep_enc_part(reply);
-#ifdef	ENCRYPTION
-			skey.type = SK_DES;
-			skey.length = 8;
-			skey.data = session_key;
-			encrypt_session_key(&skey, 0);
-#endif	/* ENCRYPTION */
-		    mutual_complete = 1;
-		}
-		return;
-#ifdef	FORWARD
-	case KRB_FORWARD_ACCEPT:
-		printf("[ Kerberos V5 accepted forwarded credentials ]\n");
-		return;
-	case KRB_FORWARD_REJECT:
-		printf("[ Kerberos V5 refuses forwarded credentials because %.*s ]\r\n",
-				cnt, data);
-		return;
-#endif	/* FORWARD */
-	default:
-		if (auth_debug_mode)
-			printf("Unknown Kerberos option %d\r\n", data[-1]);
-		return;
-	}
-}
-
-	int
-kerberos5_status(ap, name, level)
-	Authenticator *ap;
-	char *name;
-	int level;
-{
-	if (level < AUTH_USER)
-		return(level);
-
-	if (UserNameRequested &&
-	    krb5_kuserok(authdat->ticket->enc_part2->client, UserNameRequested))
-	{
-		strcpy(name, UserNameRequested);
-		return(AUTH_VALID);
-	} else
-		return(AUTH_USER);
-}
-
-#define	BUMP(buf, len)		while (*(buf)) {++(buf), --(len);}
-#define	ADDC(buf, len, c)	if ((len) > 0) {*(buf)++ = (c); --(len);}
-
-	void
-kerberos5_printsub(data, cnt, buf, buflen)
-	unsigned char *data, *buf;
-	int cnt, buflen;
-{
-	char lbuf[32];
-	register int i;
-
-	buf[buflen-1] = '\0';		/* make sure its NULL terminated */
-	buflen -= 1;
-
-	switch(data[3]) {
-	case KRB_REJECT:		/* Rejected (reason might follow) */
-		strncpy((char *)buf, " REJECT ", buflen);
-		goto common;
-
-	case KRB_ACCEPT:		/* Accepted (name might follow) */
-		strncpy((char *)buf, " ACCEPT ", buflen);
-	common:
-		BUMP(buf, buflen);
-		if (cnt <= 4)
-			break;
-		ADDC(buf, buflen, '"');
-		for (i = 4; i < cnt; i++)
-			ADDC(buf, buflen, data[i]);
-		ADDC(buf, buflen, '"');
-		ADDC(buf, buflen, '\0');
-		break;
-
-
-	case KRB_AUTH:			/* Authentication data follows */
-		strncpy((char *)buf, " AUTH", buflen);
-		goto common2;
-
-	case KRB_RESPONSE:
-		strncpy((char *)buf, " RESPONSE", buflen);
-		goto common2;
-
-#ifdef	FORWARD
-	case KRB_FORWARD:		/* Forwarded credentials follow */
-		strncpy((char *)buf, " FORWARD", buflen);
-		goto common2;
-
-	case KRB_FORWARD_ACCEPT:	/* Forwarded credentials accepted */
-		strncpy((char *)buf, " FORWARD_ACCEPT", buflen);
-		goto common2;
-
-	case KRB_FORWARD_REJECT:	/* Forwarded credentials rejected */
-					       /* (reason might follow) */
-		strncpy((char *)buf, " FORWARD_REJECT", buflen);
-		goto common2;
-#endif	/* FORWARD */
-
-	default:
-		sprintf(lbuf, " %d (unknown)", data[3]);
-		strncpy((char *)buf, lbuf, buflen);
-	common2:
-		BUMP(buf, buflen);
-		for (i = 4; i < cnt; i++) {
-			sprintf(lbuf, " %d", data[i]);
-			strncpy((char *)buf, lbuf, buflen);
-			BUMP(buf, buflen);
-		}
-		break;
-	}
-}
-
-#ifdef	FORWARD
-	void
-kerberos5_forward(ap)
-     Authenticator *ap;
-{
-    struct hostent *hp;
-    krb5_creds *local_creds;
-    krb5_error_code r;
-    krb5_data forw_creds;
-    extern krb5_cksumtype krb5_kdc_req_sumtype;
-    krb5_ccache ccache;
-    int i;
-
-    if (!(local_creds = (krb5_creds *)
-	  calloc(1, sizeof(*local_creds)))) {
-	if (auth_debug_mode)
-	  printf("Kerberos V5: could not allocate memory for credentials\r\n");
-	return;
-    }
-
-    if (r = krb5_sname_to_principal(RemoteHostName, "host", 1,
-				    &local_creds->server)) {
-	if (auth_debug_mode)
-	  printf("Kerberos V5: could not build server name - %s\r\n",
-		 error_message(r));
-	krb5_free_creds(local_creds);
-	return;
-    }
-
-    if (r = krb5_cc_default(&ccache)) {
-	if (auth_debug_mode)
-	  printf("Kerberos V5: could not get default ccache - %s\r\n",
-		 error_message(r));
-	krb5_free_creds(local_creds);
-	return;
-    }
-
-    if (r = krb5_cc_get_principal(ccache, &local_creds->client)) {
-	if (auth_debug_mode)
-	  printf("Kerberos V5: could not get default principal - %s\r\n",
-		 error_message(r));
-	krb5_free_creds(local_creds);
-	return;
-    }
-
-    /* Get ticket from credentials cache */
-    if (r = krb5_get_credentials(KRB5_GC_CACHED, ccache, local_creds)) {
-	if (auth_debug_mode)
-	  printf("Kerberos V5: could not obtain credentials - %s\r\n",
-		 error_message(r));
-	krb5_free_creds(local_creds);
-	return;
-    }
-
-    if (r = get_for_creds(ETYPE_DES_CBC_CRC,
-			  krb5_kdc_req_sumtype,
-			  RemoteHostName,
-			  local_creds->client,
-			  &local_creds->keyblock,
-			  forward_flags & OPTS_FORWARDABLE_CREDS,
-			  &forw_creds)) {
-	if (auth_debug_mode)
-	  printf("Kerberos V5: error getting forwarded creds - %s\r\n",
-		 error_message(r));
-	krb5_free_creds(local_creds);
-	return;
-    }
-
-    /* Send forwarded credentials */
-    if (!Data(ap, KRB_FORWARD, forw_creds.data, forw_creds.length)) {
-	if (auth_debug_mode)
-	  printf("Not enough room for authentication data\r\n");
-    }
-    else {
-	if (auth_debug_mode)
-	  printf("Forwarded local Kerberos V5 credentials to server\r\n");
-    }
-
-    krb5_free_creds(local_creds);
-}
-#endif	/* FORWARD */
-
-#endif /* KRB5 */
diff --git a/crypto/telnet/libtelnet/key-proto.h b/crypto/telnet/libtelnet/key-proto.h
deleted file mode 100644
index 9668a775be50..000000000000
--- a/crypto/telnet/libtelnet/key-proto.h
+++ /dev/null
@@ -1,71 +0,0 @@
-/*-
- * Copyright (c) 1991, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)key-proto.h	8.1 (Berkeley) 6/4/93
- */
-
-/*
- * Copyright (C) 1990 by the Massachusetts Institute of Technology
- *
- * Export of this software from the United States of America is assumed
- * to require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- */
-
-#ifndef	__KEY_PROTO__
-#define	__KEY_PROTO__
-
-#if	!defined(P)
-#ifdef	__STDC__
-#define	P(x)	x
-#else
-#define	P(x)	()
-#endif
-#endif
-
-int key_file_exists P((void));
-void key_lookup P((unsigned char *, Block));
-void key_stream_init P((Block, Block, int));
-unsigned char key_stream P((int, int));
-#endif
diff --git a/crypto/telnet/libtelnet/krb4encpwd.c b/crypto/telnet/libtelnet/krb4encpwd.c
deleted file mode 100644
index cb9523c99205..000000000000
--- a/crypto/telnet/libtelnet/krb4encpwd.c
+++ /dev/null
@@ -1,445 +0,0 @@
-/*-
- * Copyright (c) 1992, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef lint
-static char sccsid[] = "@(#)krb4encpwd.c	8.3 (Berkeley) 5/30/95";
-#endif /* not lint */
-
-
-#ifdef	KRB4_ENCPWD
-/*
- * COPYRIGHT (C) 1990 DIGITAL EQUIPMENT CORPORATION
- * ALL RIGHTS RESERVED
- *
- * "Digital Equipment Corporation authorizes the reproduction,
- * distribution and modification of this software subject to the following
- * restrictions:
- *
- * 1.  Any partial or whole copy of this software, or any modification
- * thereof, must include this copyright notice in its entirety.
- *
- * 2.  This software is supplied "as is" with no warranty of any kind,
- * expressed or implied, for any purpose, including any warranty of fitness
- * or merchantibility.  DIGITAL assumes no responsibility for the use or
- * reliability of this software, nor promises to provide any form of
- * support for it on any basis.
- *
- * 3.  Distribution of this software is authorized only if no profit or
- * remuneration of any kind is received in exchange for such distribution.
- *
- * 4.  This software produces public key authentication certificates
- * bearing an expiration date established by DIGITAL and RSA Data
- * Security, Inc.  It may cease to generate certificates after the expiration
- * date.  Any modification of this software that changes or defeats
- * the expiration date or its effect is unauthorized.
- *
- * 5.  Software that will renew or extend the expiration date of
- * authentication certificates produced by this software may be obtained
- * from RSA Data Security, Inc., 10 Twin Dolphin Drive, Redwood City, CA
- * 94065, (415)595-8782, or from DIGITAL"
- *
- */
-
-#include <sys/types.h>
-#include <arpa/telnet.h>
-#include <pwd.h>
-#include <stdio.h>
-
-#include <des.h>
-#include <krb.h>
-#ifdef	__STDC__
-#include <stdlib.h>
-#endif
-#ifdef	NO_STRING_H
-#include <strings.h>
-#else
-#include <string.h>
-#endif
-
-#include "encrypt.h"
-#include "auth.h"
-#include "misc.h"
-
-int krb_mk_encpwd_req P((KTEXT, char *, char *, char *, char *, char *, char *));
-int krb_rd_encpwd_req P((KTEXT, char *, char *, u_long, AUTH_DAT *, char *, char *, char *, char *));
-
-extern auth_debug_mode;
-
-static unsigned char str_data[1024] = { IAC, SB, TELOPT_AUTHENTICATION, 0,
-			  		AUTHTYPE_KRB4_ENCPWD, };
-static unsigned char str_name[1024] = { IAC, SB, TELOPT_AUTHENTICATION,
-					TELQUAL_NAME, };
-
-#define	KRB4_ENCPWD_AUTH	0	/* Authentication data follows */
-#define	KRB4_ENCPWD_REJECT	1	/* Rejected (reason might follow) */
-#define KRB4_ENCPWD_ACCEPT	2	/* Accepted */
-#define	KRB4_ENCPWD_CHALLENGE	3	/* Challenge for mutual auth. */
-#define	KRB4_ENCPWD_ACK		4	/* Acknowledge */
-
-#define KRB_SERVICE_NAME    "rcmd"
-
-static	KTEXT_ST auth;
-static	char name[ANAME_SZ];
-static	char user_passwd[ANAME_SZ];
-static	AUTH_DAT adat = { 0 };
-#ifdef	ENCRYPTION
-static Block	session_key	= { 0 };
-#endif	/* ENCRYPTION */
-static char  challenge[REALM_SZ];
-
-	static int
-Data(ap, type, d, c)
-	Authenticator *ap;
-	int type;
-	void *d;
-	int c;
-{
-	unsigned char *p = str_data + 4;
-	unsigned char *cd = (unsigned char *)d;
-
-	if (c == -1)
-		c = strlen((char *)cd);
-
-	if (0) {
-		printf("%s:%d: [%d] (%d)",
-			str_data[3] == TELQUAL_IS ? ">>>IS" : ">>>REPLY",
-			str_data[3],
-			type, c);
-		printd(d, c);
-		printf("\r\n");
-	}
-	*p++ = ap->type;
-	*p++ = ap->way;
-	*p++ = type;
-	while (c-- > 0) {
-		if ((*p++ = *cd++) == IAC)
-			*p++ = IAC;
-	}
-	*p++ = IAC;
-	*p++ = SE;
-	if (str_data[3] == TELQUAL_IS)
-		printsub('>', &str_data[2], p - (&str_data[2]));
-	return(net_write(str_data, p - str_data));
-}
-
-	int
-krb4encpwd_init(ap, server)
-	Authenticator *ap;
-	int server;
-{
-	char hostname[80], *cp, *realm;
-	C_Block skey;
-
-	if (server) {
-		str_data[3] = TELQUAL_REPLY;
-	} else {
-		str_data[3] = TELQUAL_IS;
-		gethostname(hostname, sizeof(hostname));
-		realm = krb_realmofhost(hostname);
-		cp = strchr(hostname, '.');
-		if (*cp != NULL) *cp = NULL;
-		if (read_service_key(KRB_SERVICE_NAME, hostname, realm, 0,
-					KEYFILE, (char *)skey)) {
-		  return(0);
-		}
-	}
-	return(1);
-}
-
-	int
-krb4encpwd_send(ap)
-	Authenticator *ap;
-{
-
-	printf("[ Trying KRB4ENCPWD ... ]\n");
-	if (!UserNameRequested) {
-		return(0);
-	}
-	if (!auth_sendname(UserNameRequested, strlen(UserNameRequested))) {
-		return(0);
-	}
-
-	if (!Data(ap, KRB4_ENCPWD_ACK, (void *)NULL, 0)) {
-		return(0);
-	}
-
-	return(1);
-}
-
-	void
-krb4encpwd_is(ap, data, cnt)
-	Authenticator *ap;
-	unsigned char *data;
-	int cnt;
-{
-	Session_Key skey;
-	Block datablock;
-	char  r_passwd[ANAME_SZ], r_user[ANAME_SZ];
-	char  lhostname[ANAME_SZ], *cp;
-	int r;
-	time_t now;
-
-	if (cnt-- < 1)
-		return;
-	switch (*data++) {
-	case KRB4_ENCPWD_AUTH:
-		memmove((void *)auth.dat, (void *)data, auth.length = cnt);
-
-		gethostname(lhostname, sizeof(lhostname));
-		if ((cp = strchr(lhostname, '.')) != 0)  *cp = '\0';
-
-		if (r = krb_rd_encpwd_req(&auth, KRB_SERVICE_NAME, lhostname, 0, &adat, NULL, challenge, r_user, r_passwd)) {
-			Data(ap, KRB4_ENCPWD_REJECT, (void *)"Auth failed", -1);
-			auth_finished(ap, AUTH_REJECT);
-			return;
-		}
-		auth_encrypt_userpwd(r_passwd);
-		if (passwdok(UserNameRequested, UserPassword) == 0) {
-		  /*
-		   *  illegal username and password
-		   */
-		  Data(ap, KRB4_ENCPWD_REJECT, (void *)"Illegal password", -1);
-		  auth_finished(ap, AUTH_REJECT);
-		  return;
-		}
-
-		memmove((void *)session_key, (void *)adat.session, sizeof(Block));
-		Data(ap, KRB4_ENCPWD_ACCEPT, (void *)0, 0);
-		auth_finished(ap, AUTH_USER);
-		break;
-
-	case KRB4_ENCPWD_CHALLENGE:
-		/*
-		 *  Take the received random challenge text and save
-		 *  for future authentication.
-		 */
-		memmove((void *)challenge, (void *)data, sizeof(Block));
-		break;
-
-
-	case KRB4_ENCPWD_ACK:
-		/*
-		 *  Receive ack, if mutual then send random challenge
-		 */
-
-		/*
-		 * If we are doing mutual authentication, get set up to send
-		 * the challenge, and verify it when the response comes back.
-		 */
-
-		if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) {
-		  register int i;
-
-		  time(&now);
-		  sprintf(challenge, "%x", now);
-		  Data(ap, KRB4_ENCPWD_CHALLENGE, (void *)challenge, strlen(challenge));
-		}
-		break;
-
-	default:
-		Data(ap, KRB4_ENCPWD_REJECT, 0, 0);
-		break;
-	}
-}
-
-
-	void
-krb4encpwd_reply(ap, data, cnt)
-	Authenticator *ap;
-	unsigned char *data;
-	int cnt;
-{
-	Session_Key skey;
-	KTEXT_ST krb_token;
-	Block enckey;
-	CREDENTIALS cred;
-	int r;
-	char	randchal[REALM_SZ], instance[ANAME_SZ], *cp;
-	char	hostname[80], *realm;
-
-	if (cnt-- < 1)
-		return;
-	switch (*data++) {
-	case KRB4_ENCPWD_REJECT:
-		if (cnt > 0) {
-			printf("[ KRB4_ENCPWD refuses authentication because %.*s ]\r\n",
-				cnt, data);
-		} else
-			printf("[ KRB4_ENCPWD refuses authentication ]\r\n");
-		auth_send_retry();
-		return;
-	case KRB4_ENCPWD_ACCEPT:
-		printf("[ KRB4_ENCPWD accepts you ]\n");
-		auth_finished(ap, AUTH_USER);
-		return;
-	case KRB4_ENCPWD_CHALLENGE:
-		/*
-		 * Verify that the response to the challenge is correct.
-		 */
-
-		gethostname(hostname, sizeof(hostname));
-		realm = krb_realmofhost(hostname);
-		memmove((void *)challenge, (void *)data, cnt);
-		memset(user_passwd, 0, sizeof(user_passwd));
-		local_des_read_pw_string(user_passwd, sizeof(user_passwd)-1, "Password: ", 0);
-		UserPassword = user_passwd;
-		Challenge = challenge;
-		strcpy(instance, RemoteHostName);
-		if ((cp = strchr(instance, '.')) != 0)  *cp = '\0';
-
-		if (r = krb_mk_encpwd_req(&krb_token, KRB_SERVICE_NAME, instance, realm, Challenge, UserNameRequested, user_passwd)) {
-		  krb_token.length = 0;
-		}
-
-		if (!Data(ap, KRB4_ENCPWD_AUTH, (void *)krb_token.dat, krb_token.length)) {
-		  return;
-		}
-
-		break;
-
-	default:
-		return;
-	}
-}
-
-	int
-krb4encpwd_status(ap, name, level)
-	Authenticator *ap;
-	char *name;
-	int level;
-{
-
-	if (level < AUTH_USER)
-		return(level);
-
-	if (UserNameRequested && passwdok(UserNameRequested, UserPassword)) {
-		strcpy(name, UserNameRequested);
-		return(AUTH_VALID);
-	} else {
-		return(AUTH_USER);
-	}
-}
-
-#define	BUMP(buf, len)		while (*(buf)) {++(buf), --(len);}
-#define	ADDC(buf, len, c)	if ((len) > 0) {*(buf)++ = (c); --(len);}
-
-	void
-krb4encpwd_printsub(data, cnt, buf, buflen)
-	unsigned char *data, *buf;
-	int cnt, buflen;
-{
-	char lbuf[32];
-	register int i;
-
-	buf[buflen-1] = '\0';		/* make sure its NULL terminated */
-	buflen -= 1;
-
-	switch(data[3]) {
-	case KRB4_ENCPWD_REJECT:	/* Rejected (reason might follow) */
-		strncpy((char *)buf, " REJECT ", buflen);
-		goto common;
-
-	case KRB4_ENCPWD_ACCEPT:	/* Accepted (name might follow) */
-		strncpy((char *)buf, " ACCEPT ", buflen);
-	common:
-		BUMP(buf, buflen);
-		if (cnt <= 4)
-			break;
-		ADDC(buf, buflen, '"');
-		for (i = 4; i < cnt; i++)
-			ADDC(buf, buflen, data[i]);
-		ADDC(buf, buflen, '"');
-		ADDC(buf, buflen, '\0');
-		break;
-
-	case KRB4_ENCPWD_AUTH:		/* Authentication data follows */
-		strncpy((char *)buf, " AUTH", buflen);
-		goto common2;
-
-	case KRB4_ENCPWD_CHALLENGE:
-		strncpy((char *)buf, " CHALLENGE", buflen);
-		goto common2;
-
-	case KRB4_ENCPWD_ACK:
-		strncpy((char *)buf, " ACK", buflen);
-		goto common2;
-
-	default:
-		sprintf(lbuf, " %d (unknown)", data[3]);
-		strncpy((char *)buf, lbuf, buflen);
-	common2:
-		BUMP(buf, buflen);
-		for (i = 4; i < cnt; i++) {
-			sprintf(lbuf, " %d", data[i]);
-			strncpy((char *)buf, lbuf, buflen);
-			BUMP(buf, buflen);
-		}
-		break;
-	}
-}
-
-int passwdok(name, passwd)
-char *name, *passwd;
-{
-  char *crypt();
-  char *salt, *p;
-  struct passwd *pwd;
-  int   passwdok_status = 0;
-
-  if (pwd = getpwnam(name))
-    salt = pwd->pw_passwd;
-  else salt = "xx";
-
-  p = crypt(passwd, salt);
-
-  if (pwd && !strcmp(p, pwd->pw_passwd)) {
-    passwdok_status = 1;
-  } else passwdok_status = 0;
-  return(passwdok_status);
-}
-
-#endif
-
-#ifdef notdef
-
-prkey(msg, key)
-	char *msg;
-	unsigned char *key;
-{
-	register int i;
-	printf("%s:", msg);
-	for (i = 0; i < 8; i++)
-		printf(" %3d", key[i]);
-	printf("\r\n");
-}
-#endif
diff --git a/crypto/telnet/libtelnet/misc-proto.h b/crypto/telnet/libtelnet/misc-proto.h
deleted file mode 100644
index e5f334a9bdd0..000000000000
--- a/crypto/telnet/libtelnet/misc-proto.h
+++ /dev/null
@@ -1,79 +0,0 @@
-/*-
- * Copyright (c) 1991, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)misc-proto.h	8.1 (Berkeley) 6/4/93
- */
-
-/*
- * Copyright (C) 1990 by the Massachusetts Institute of Technology
- *
- * Export of this software from the United States of America is assumed
- * to require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- */
-
-#ifndef	__MISC_PROTO__
-#define	__MISC_PROTO__
-
-#if	!defined(P)
-#ifdef	__STDC__
-#define	P(x)	x
-#else
-#define	P(x)	()
-#endif
-#endif
-
-void auth_encrypt_init P((char *, char *, char *, int));
-void auth_encrypt_connect P((int));
-void printd P((unsigned char *, int));
-
-/*
- * These functions are imported from the application
- */
-int net_write P((unsigned char *, int));
-void net_encrypt P((void));
-int telnet_spin P((void));
-char *telnet_getenv P((char *));
-char *telnet_gets P((char *, char *, int, int));
-#endif
diff --git a/crypto/telnet/libtelnet/misc.c b/crypto/telnet/libtelnet/misc.c
deleted file mode 100644
index 4f8f8d53644b..000000000000
--- a/crypto/telnet/libtelnet/misc.c
+++ /dev/null
@@ -1,98 +0,0 @@
-/*-
- * Copyright (c) 1991, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef lint
-static const char sccsid[] = "@(#)misc.c	8.1 (Berkeley) 6/4/93";
-#endif /* not lint */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include "misc.h"
-#include "auth.h"
-#include "encrypt.h"
-
-char *RemoteHostName;
-char *LocalHostName;
-char *UserNameRequested = 0;
-int ConnectedCount = 0;
-
-	void
-auth_encrypt_init(local, remote, name, server)
-	char *local;
-	char *remote;
-	char *name;
-	int server;
-{
-	RemoteHostName = remote;
-	LocalHostName = local;
-#if	defined(AUTHENTICATION)
-	auth_init(name, server);
-#endif
-#ifdef	ENCRYPTION
-	encrypt_init(name, server);
-#endif	/* ENCRYPTION */
-	if (UserNameRequested) {
-		free(UserNameRequested);
-		UserNameRequested = 0;
-	}
-}
-
-	void
-auth_encrypt_user(name)
-	char *name;
-{
-	extern char *strdup();
-
-	if (UserNameRequested)
-		free(UserNameRequested);
-	UserNameRequested = name ? strdup(name) : 0;
-}
-
-	void
-auth_encrypt_connect(cnt)
-	int cnt;
-{
-}
-
-	void
-printd(data, cnt)
-	unsigned char *data;
-	int cnt;
-{
-	if (cnt > 16)
-		cnt = 16;
-	while (cnt-- > 0) {
-		printf(" %02x", *data);
-		++data;
-	}
-}
diff --git a/crypto/telnet/libtelnet/misc.h b/crypto/telnet/libtelnet/misc.h
deleted file mode 100644
index 41ffa7f67aa7..000000000000
--- a/crypto/telnet/libtelnet/misc.h
+++ /dev/null
@@ -1,42 +0,0 @@
-/*-
- * Copyright (c) 1991, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)misc.h	8.1 (Berkeley) 6/4/93
- */
-
-extern char *UserNameRequested;
-extern char *LocalHostName;
-extern char *RemoteHostName;
-extern int ConnectedCount;
-extern int ReservedPort;
-
-#include "misc-proto.h"
diff --git a/crypto/telnet/libtelnet/read_password.c b/crypto/telnet/libtelnet/read_password.c
deleted file mode 100644
index 4676ed3a01bb..000000000000
--- a/crypto/telnet/libtelnet/read_password.c
+++ /dev/null
@@ -1,145 +0,0 @@
-/*-
- * Copyright (c) 1992, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef lint
-static char sccsid[] = "@(#)read_password.c	8.3 (Berkeley) 5/30/95";
-#endif /* not lint */
-
-/*
- * $Source: /mit/kerberos/src/lib/des/RCS/read_password.c,v $
- * $Author: jon $
- *
- * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute
- * of Technology.
- *
- * For copying and distribution information, please see the file
- * <mit-copyright.h>.
- *
- * This routine prints the supplied string to standard
- * output as a prompt, and reads a password string without
- * echoing.
- */
-
-#if	defined(RSA_ENCPWD) || defined(KRB4_ENCPWD)
-
-#include <stdio.h>
-#include <strings.h>
-#include <sys/ioctl.h>
-#include <signal.h>
-#include <setjmp.h>
-
-static jmp_buf env;
-
-/*** Routines ****************************************************** */
-/*
- * This version just returns the string, doesn't map to key.
- *
- * Returns 0 on success, non-zero on failure.
- */
-
-int
-local_des_read_pw_string(s,max,prompt,verify)
-    char *s;
-    int	max;
-    char *prompt;
-    int	verify;
-{
-    int ok = 0;
-    char *ptr;
-
-    jmp_buf old_env;
-    struct sgttyb tty_state;
-    char key_string[BUFSIZ];
-
-    if (max > BUFSIZ) {
-	return -1;
-    }
-
-    /* XXX assume jmp_buf is typedef'ed to an array */
-    memmove((char *)env, (char *)old_env, sizeof(env));
-    if (setjmp(env))
-	goto lose;
-
-    /* save terminal state*/
-    if (ioctl(0,TIOCGETP,(char *)&tty_state) == -1)
-	return -1;
-/*
-    push_signals();
-*/
-    /* Turn off echo */
-    tty_state.sg_flags &= ~ECHO;
-    if (ioctl(0,TIOCSETP,(char *)&tty_state) == -1)
-	return -1;
-    while (!ok) {
-	(void) printf(prompt);
-	(void) fflush(stdout);
-	while (!fgets(s, max, stdin));
-
-	if ((ptr = strchr(s, '\n')))
-	    *ptr = '\0';
-	if (verify) {
-	    printf("\nVerifying, please re-enter %s",prompt);
-	    (void) fflush(stdout);
-	    if (!fgets(key_string, sizeof(key_string), stdin)) {
-		clearerr(stdin);
-		continue;
-	    }
-	    if ((ptr = strchr(key_string, '\n')))
-	    *ptr = '\0';
-	    if (strcmp(s,key_string)) {
-		printf("\n\07\07Mismatch - try again\n");
-		(void) fflush(stdout);
-		continue;
-	    }
-	}
-	ok = 1;
-    }
-
-lose:
-    if (!ok)
-	memset(s, 0, max);
-    printf("\n");
-    /* turn echo back on */
-    tty_state.sg_flags |= ECHO;
-    if (ioctl(0,TIOCSETP,(char *)&tty_state))
-	ok = 0;
-/*
-    pop_signals();
-*/
-    memmove((char *)old_env, (char *)env, sizeof(env));
-    if (verify)
-	memset(key_string, 0, sizeof (key_string));
-    s[max-1] = 0;		/* force termination */
-    return !ok;			/* return nonzero if not okay */
-}
-#endif	/* defined(RSA_ENCPWD) || defined(KRB4_ENCPWD) */
diff --git a/crypto/telnet/libtelnet/rsaencpwd.c b/crypto/telnet/libtelnet/rsaencpwd.c
deleted file mode 100644
index 5906d999af68..000000000000
--- a/crypto/telnet/libtelnet/rsaencpwd.c
+++ /dev/null
@@ -1,492 +0,0 @@
-/*-
- * Copyright (c) 1992, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef lint
-static char sccsid[] = "@(#)rsaencpwd.c	8.3 (Berkeley) 5/30/95";
-#endif /* not lint */
-
-
-#ifdef	RSA_ENCPWD
-/*
- * COPYRIGHT (C) 1990 DIGITAL EQUIPMENT CORPORATION
- * ALL RIGHTS RESERVED
- *
- * "Digital Equipment Corporation authorizes the reproduction,
- * distribution and modification of this software subject to the following
- * restrictions:
- *
- * 1.  Any partial or whole copy of this software, or any modification
- * thereof, must include this copyright notice in its entirety.
- *
- * 2.  This software is supplied "as is" with no warranty of any kind,
- * expressed or implied, for any purpose, including any warranty of fitness
- * or merchantibility.  DIGITAL assumes no responsibility for the use or
- * reliability of this software, nor promises to provide any form of
- * support for it on any basis.
- *
- * 3.  Distribution of this software is authorized only if no profit or
- * remuneration of any kind is received in exchange for such distribution.
- *
- * 4.  This software produces public key authentication certificates
- * bearing an expiration date established by DIGITAL and RSA Data
- * Security, Inc.  It may cease to generate certificates after the expiration
- * date.  Any modification of this software that changes or defeats
- * the expiration date or its effect is unauthorized.
- *
- * 5.  Software that will renew or extend the expiration date of
- * authentication certificates produced by this software may be obtained
- * from RSA Data Security, Inc., 10 Twin Dolphin Drive, Redwood City, CA
- * 94065, (415)595-8782, or from DIGITAL"
- *
- */
-
-#include <sys/types.h>
-#include <arpa/telnet.h>
-#include <pwd.h>
-#include <stdio.h>
-
-#ifdef	__STDC__
-#include <stdlib.h>
-#endif
-#ifdef	NO_STRING_H
-#include <strings.h>
-#else
-#include <string.h>
-#endif
-
-#include "encrypt.h"
-#include "auth.h"
-#include "misc.h"
-#include "cdc.h"
-
-extern auth_debug_mode;
-
-static unsigned char str_data[1024] = { IAC, SB, TELOPT_AUTHENTICATION, 0,
-			  		AUTHTYPE_RSA_ENCPWD, };
-static unsigned char str_name[1024] = { IAC, SB, TELOPT_AUTHENTICATION,
-					TELQUAL_NAME, };
-
-#define	RSA_ENCPWD_AUTH	0	/* Authentication data follows */
-#define	RSA_ENCPWD_REJECT	1	/* Rejected (reason might follow) */
-#define RSA_ENCPWD_ACCEPT	2	/* Accepted */
-#define	RSA_ENCPWD_CHALLENGEKEY	3	/* Challenge and public key */
-
-#define NAME_SZ   40
-#define CHAL_SZ   20
-#define PWD_SZ    40
-
-static	KTEXT_ST auth;
-static	char name[NAME_SZ];
-static	char user_passwd[PWD_SZ];
-static  char key_file[2*NAME_SZ];
-static  char lhostname[NAME_SZ];
-static char  challenge[CHAL_SZ];
-static int   challenge_len;
-
-	static int
-Data(ap, type, d, c)
-	Authenticator *ap;
-	int type;
-	void *d;
-	int c;
-{
-	unsigned char *p = str_data + 4;
-	unsigned char *cd = (unsigned char *)d;
-
-	if (c == -1)
-		c = strlen((char *)cd);
-
-	if (0) {
-		printf("%s:%d: [%d] (%d)",
-			str_data[3] == TELQUAL_IS ? ">>>IS" : ">>>REPLY",
-			str_data[3],
-			type, c);
-		printd(d, c);
-		printf("\r\n");
-	}
-	*p++ = ap->type;
-	*p++ = ap->way;
-	if (type != NULL) *p++ = type;
-	while (c-- > 0) {
-		if ((*p++ = *cd++) == IAC)
-			*p++ = IAC;
-	}
-	*p++ = IAC;
-	*p++ = SE;
-	if (str_data[3] == TELQUAL_IS)
-		printsub('>', &str_data[2], p - (&str_data[2]));
-	return(net_write(str_data, p - str_data));
-}
-
-	int
-rsaencpwd_init(ap, server)
-	Authenticator *ap;
-	int server;
-{
-	char  *cp;
-	FILE  *fp;
-
-	if (server) {
-		str_data[3] = TELQUAL_REPLY;
-		memset(key_file, 0, sizeof(key_file));
-		gethostname(lhostname, sizeof(lhostname));
-		if ((cp = strchr(lhostname, '.')) != 0)  *cp = '\0';
-		strcpy(key_file, "/etc/.");
-		strcat(key_file, lhostname);
-		strcat(key_file, "_privkey");
-		if ((fp=fopen(key_file, "r"))==NULL) return(0);
-		fclose(fp);
-	} else {
-		str_data[3] = TELQUAL_IS;
-	}
-	return(1);
-}
-
-	int
-rsaencpwd_send(ap)
-	Authenticator *ap;
-{
-
-	printf("[ Trying RSAENCPWD ... ]\n");
-	if (!UserNameRequested) {
-		return(0);
-	}
-	if (!auth_sendname(UserNameRequested, strlen(UserNameRequested))) {
-		return(0);
-	}
-	if (!Data(ap, NULL, (void *)NULL, 0)) {
-		return(0);
-	}
-
-
-	return(1);
-}
-
-	void
-rsaencpwd_is(ap, data, cnt)
-	Authenticator *ap;
-	unsigned char *data;
-	int cnt;
-{
-	Session_Key skey;
-	Block datablock;
-	char  r_passwd[PWD_SZ], r_user[NAME_SZ];
-	char  *cp, key[160];
-	char  chalkey[160], *ptr;
-	FILE  *fp;
-	int r, i, j, chalkey_len, len;
-	time_t now;
-
-	cnt--;
-	switch (*data++) {
-	case RSA_ENCPWD_AUTH:
-		memmove((void *)auth.dat, (void *)data, auth.length = cnt);
-
-		if ((fp=fopen(key_file, "r"))==NULL) {
-		  Data(ap, RSA_ENCPWD_REJECT, (void *)"Auth failed", -1);
-		  auth_finished(ap, AUTH_REJECT);
-		  return;
-		}
-		/*
-		 *  get privkey
-		 */
-		fscanf(fp, "%x;", &len);
-		for (i=0;i<len;i++) {
-		  j = getc(fp);  key[i]=j;
-		}
-		fclose(fp);
-
-		r = accept_rsa_encpwd(&auth, key, challenge,
-				      challenge_len, r_passwd);
-		if (r < 0) {
-		  Data(ap, RSA_ENCPWD_REJECT, (void *)"Auth failed", -1);
-		  auth_finished(ap, AUTH_REJECT);
-		  return;
-		}
-		auth_encrypt_userpwd(r_passwd);
-		if (rsaencpwd_passwdok(UserNameRequested, UserPassword) == 0) {
-		  /*
-		   *  illegal username and password
-		   */
-		  Data(ap, RSA_ENCPWD_REJECT, (void *)"Illegal password", -1);
-		  auth_finished(ap, AUTH_REJECT);
-		  return;
-		}
-
-		Data(ap, RSA_ENCPWD_ACCEPT, (void *)0, 0);
-		auth_finished(ap, AUTH_USER);
-		break;
-
-
-	case IAC:
-
-		/*
-		 * If we are doing mutual authentication, get set up to send
-		 * the challenge, and verify it when the response comes back.
-		 */
-		if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_ONE_WAY) {
-		  register int i;
-
-
-		  time(&now);
-		  if ((now % 2) == 0) {
-		    sprintf(challenge, "%x", now);
-		    challenge_len = strlen(challenge);
-		  } else {
-		    strcpy(challenge, "randchal");
-		    challenge_len = 8;
-		  }
-
-		  if ((fp=fopen(key_file, "r"))==NULL) {
-		    Data(ap, RSA_ENCPWD_REJECT, (void *)"Auth failed", -1);
-		    auth_finished(ap, AUTH_REJECT);
-		    return;
-		  }
-		  /*
-		   *  skip privkey
-		   */
-		  fscanf(fp, "%x;", &len);
-		  for (i=0;i<len;i++) {
-		    j = getc(fp);
-		  }
-		  /*
-		   * get pubkey
-		   */
-		  fscanf(fp, "%x;", &len);
-		  for (i=0;i<len;i++) {
-		    j = getc(fp);  key[i]=j;
-		  }
-		  fclose(fp);
-		  chalkey[0] = 0x30;
-		  ptr = (char *) &chalkey[1];
-		  chalkey_len = 1+NumEncodeLengthOctets(i)+i+1+NumEncodeLengthOctets(challenge_len)+challenge_len;
-		  EncodeLength(ptr, chalkey_len);
-		  ptr +=NumEncodeLengthOctets(chalkey_len);
-		  *ptr++ = 0x04;  /* OCTET STRING */
-		  *ptr++ = challenge_len;
-		  memmove(ptr, challenge, challenge_len);
-		  ptr += challenge_len;
-		  *ptr++ = 0x04;  /* OCTET STRING */
-		  EncodeLength(ptr, i);
-		  ptr += NumEncodeLengthOctets(i);
-		  memmove(ptr, key, i);
-		  chalkey_len = 1+NumEncodeLengthOctets(chalkey_len)+chalkey_len;
-		  Data(ap, RSA_ENCPWD_CHALLENGEKEY, (void *)chalkey, chalkey_len);
-		}
-		break;
-
-	default:
-		Data(ap, RSA_ENCPWD_REJECT, 0, 0);
-		break;
-	}
-}
-
-
-	void
-rsaencpwd_reply(ap, data, cnt)
-	Authenticator *ap;
-	unsigned char *data;
-	int cnt;
-{
-	Session_Key skey;
-	KTEXT_ST token;
-	Block enckey;
-	int r, pubkey_len;
-	char	randchal[CHAL_SZ], *cp;
-	char	chalkey[160], pubkey[128], *ptr;
-
-	if (cnt-- < 1)
-		return;
-	switch (*data++) {
-	case RSA_ENCPWD_REJECT:
-		if (cnt > 0) {
-			printf("[ RSA_ENCPWD refuses authentication because %.*s ]\r\n",
-				cnt, data);
-		} else
-			printf("[ RSA_ENCPWD refuses authentication ]\r\n");
-		auth_send_retry();
-		return;
-	case RSA_ENCPWD_ACCEPT:
-		printf("[ RSA_ENCPWD accepts you ]\n");
-		auth_finished(ap, AUTH_USER);
-		return;
-	case RSA_ENCPWD_CHALLENGEKEY:
-		/*
-		 * Verify that the response to the challenge is correct.
-		 */
-
-		memmove((void *)chalkey, (void *)data, cnt);
-		ptr = (char *) &chalkey[0];
-		ptr += DecodeHeaderLength(chalkey);
-		if (*ptr != 0x04) {
-		  return;
-		}
-		*ptr++;
-		challenge_len = DecodeValueLength(ptr);
-		ptr += NumEncodeLengthOctets(challenge_len);
-		memmove(challenge, ptr, challenge_len);
-		ptr += challenge_len;
-		if (*ptr != 0x04) {
-		  return;
-		}
-		*ptr++;
-		pubkey_len = DecodeValueLength(ptr);
-		ptr += NumEncodeLengthOctets(pubkey_len);
-		memmove(pubkey, ptr, pubkey_len);
-		memset(user_passwd, 0, sizeof(user_passwd));
-		local_des_read_pw_string(user_passwd, sizeof(user_passwd)-1, "Password: ", 0);
-		UserPassword = user_passwd;
-		Challenge = challenge;
-		r = init_rsa_encpwd(&token, user_passwd, challenge, challenge_len, pubkey);
-		if (r < 0) {
-		  token.length = 1;
-		}
-
-		if (!Data(ap, RSA_ENCPWD_AUTH, (void *)token.dat, token.length)) {
-		  return;
-		}
-
-		break;
-
-	default:
-		return;
-	}
-}
-
-	int
-rsaencpwd_status(ap, name, level)
-	Authenticator *ap;
-	char *name;
-	int level;
-{
-
-	if (level < AUTH_USER)
-		return(level);
-
-	if (UserNameRequested && rsaencpwd_passwdok(UserNameRequested, UserPassword)) {
-		strcpy(name, UserNameRequested);
-		return(AUTH_VALID);
-	} else {
-		return(AUTH_USER);
-	}
-}
-
-#define	BUMP(buf, len)		while (*(buf)) {++(buf), --(len);}
-#define	ADDC(buf, len, c)	if ((len) > 0) {*(buf)++ = (c); --(len);}
-
-	void
-rsaencpwd_printsub(data, cnt, buf, buflen)
-	unsigned char *data, *buf;
-	int cnt, buflen;
-{
-	char lbuf[32];
-	register int i;
-
-	buf[buflen-1] = '\0';		/* make sure its NULL terminated */
-	buflen -= 1;
-
-	switch(data[3]) {
-	case RSA_ENCPWD_REJECT:	/* Rejected (reason might follow) */
-		strncpy((char *)buf, " REJECT ", buflen);
-		goto common;
-
-	case RSA_ENCPWD_ACCEPT:	/* Accepted (name might follow) */
-		strncpy((char *)buf, " ACCEPT ", buflen);
-	common:
-		BUMP(buf, buflen);
-		if (cnt <= 4)
-			break;
-		ADDC(buf, buflen, '"');
-		for (i = 4; i < cnt; i++)
-			ADDC(buf, buflen, data[i]);
-		ADDC(buf, buflen, '"');
-		ADDC(buf, buflen, '\0');
-		break;
-
-	case RSA_ENCPWD_AUTH:		/* Authentication data follows */
-		strncpy((char *)buf, " AUTH", buflen);
-		goto common2;
-
-	case RSA_ENCPWD_CHALLENGEKEY:
-		strncpy((char *)buf, " CHALLENGEKEY", buflen);
-		goto common2;
-
-	default:
-		sprintf(lbuf, " %d (unknown)", data[3]);
-		strncpy((char *)buf, lbuf, buflen);
-	common2:
-		BUMP(buf, buflen);
-		for (i = 4; i < cnt; i++) {
-			sprintf(lbuf, " %d", data[i]);
-			strncpy((char *)buf, lbuf, buflen);
-			BUMP(buf, buflen);
-		}
-		break;
-	}
-}
-
-int rsaencpwd_passwdok(name, passwd)
-char *name, *passwd;
-{
-  char *crypt();
-  char *salt, *p;
-  struct passwd *pwd;
-  int   passwdok_status = 0;
-
-  if (pwd = getpwnam(name))
-    salt = pwd->pw_passwd;
-  else salt = "xx";
-
-  p = crypt(passwd, salt);
-
-  if (pwd && !strcmp(p, pwd->pw_passwd)) {
-    passwdok_status = 1;
-  } else passwdok_status = 0;
-  return(passwdok_status);
-}
-
-#endif
-
-#ifdef notdef
-
-prkey(msg, key)
-	char *msg;
-	unsigned char *key;
-{
-	register int i;
-	printf("%s:", msg);
-	for (i = 0; i < 8; i++)
-		printf(" %3d", key[i]);
-	printf("\r\n");
-}
-#endif
diff --git a/crypto/telnet/libtelnet/spx.c b/crypto/telnet/libtelnet/spx.c
deleted file mode 100644
index 90c37a47ebd6..000000000000
--- a/crypto/telnet/libtelnet/spx.c
+++ /dev/null
@@ -1,587 +0,0 @@
-/*-
- * Copyright (c) 1992, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef lint
-static char sccsid[] = "@(#)spx.c	8.2 (Berkeley) 5/30/95";
-#endif /* not lint */
-
-#ifdef	SPX
-/*
- * COPYRIGHT (C) 1990 DIGITAL EQUIPMENT CORPORATION
- * ALL RIGHTS RESERVED
- *
- * "Digital Equipment Corporation authorizes the reproduction,
- * distribution and modification of this software subject to the following
- * restrictions:
- *
- * 1.  Any partial or whole copy of this software, or any modification
- * thereof, must include this copyright notice in its entirety.
- *
- * 2.  This software is supplied "as is" with no warranty of any kind,
- * expressed or implied, for any purpose, including any warranty of fitness
- * or merchantibility.  DIGITAL assumes no responsibility for the use or
- * reliability of this software, nor promises to provide any form of
- * support for it on any basis.
- *
- * 3.  Distribution of this software is authorized only if no profit or
- * remuneration of any kind is received in exchange for such distribution.
- *
- * 4.  This software produces public key authentication certificates
- * bearing an expiration date established by DIGITAL and RSA Data
- * Security, Inc.  It may cease to generate certificates after the expiration
- * date.  Any modification of this software that changes or defeats
- * the expiration date or its effect is unauthorized.
- *
- * 5.  Software that will renew or extend the expiration date of
- * authentication certificates produced by this software may be obtained
- * from RSA Data Security, Inc., 10 Twin Dolphin Drive, Redwood City, CA
- * 94065, (415)595-8782, or from DIGITAL"
- *
- */
-
-#include <sys/types.h>
-#include <arpa/telnet.h>
-#include <stdio.h>
-#include "gssapi_defs.h"
-#ifdef	__STDC__
-#include <stdlib.h>
-#endif
-#ifdef	NO_STRING_H
-#include <strings.h>
-#else
-#include <string.h>
-#endif
-
-#include <pwd.h>
-#include "encrypt.h"
-#include "auth.h"
-#include "misc.h"
-
-extern auth_debug_mode;
-
-static unsigned char str_data[1024] = { IAC, SB, TELOPT_AUTHENTICATION, 0,
-			  		AUTHTYPE_SPX, };
-static unsigned char str_name[1024] = { IAC, SB, TELOPT_AUTHENTICATION,
-					TELQUAL_NAME, };
-
-#define	SPX_AUTH	0		/* Authentication data follows */
-#define	SPX_REJECT	1		/* Rejected (reason might follow) */
-#define SPX_ACCEPT	2		/* Accepted */
-
-#ifdef	ENCRYPTION
-static Block	session_key	= { 0 };
-#endif	/* ENCRYPTION */
-static Block	challenge	= { 0 };
-
-
-/*******************************************************************/
-
-gss_OID_set		actual_mechs;
-gss_OID			actual_mech_type, output_name_type;
-int			major_status, status, msg_ctx = 0, new_status;
-int			req_flags = 0, ret_flags, lifetime_rec;
-gss_cred_id_t		gss_cred_handle;
-gss_ctx_id_t		actual_ctxhandle, context_handle;
-gss_buffer_desc		output_token, input_token, input_name_buffer;
-gss_buffer_desc		status_string;
-gss_name_t		desired_targname, src_name;
-gss_channel_bindings	input_chan_bindings;
-char			lhostname[GSS_C_MAX_PRINTABLE_NAME];
-char			targ_printable[GSS_C_MAX_PRINTABLE_NAME];
-int			to_addr=0, from_addr=0;
-char			*address;
-gss_buffer_desc		fullname_buffer;
-gss_OID			fullname_type;
-gss_cred_id_t		gss_delegated_cred_handle;
-
-/*******************************************************************/
-
-
-
-	static int
-Data(ap, type, d, c)
-	Authenticator *ap;
-	int type;
-	void *d;
-	int c;
-{
-	unsigned char *p = str_data + 4;
-	unsigned char *cd = (unsigned char *)d;
-
-	if (c == -1)
-		c = strlen((char *)cd);
-
-	if (0) {
-		printf("%s:%d: [%d] (%d)",
-			str_data[3] == TELQUAL_IS ? ">>>IS" : ">>>REPLY",
-			str_data[3],
-			type, c);
-		printd(d, c);
-		printf("\r\n");
-	}
-	*p++ = ap->type;
-	*p++ = ap->way;
-	*p++ = type;
-	while (c-- > 0) {
-		if ((*p++ = *cd++) == IAC)
-			*p++ = IAC;
-	}
-	*p++ = IAC;
-	*p++ = SE;
-	if (str_data[3] == TELQUAL_IS)
-		printsub('>', &str_data[2], p - (&str_data[2]));
-	return(net_write(str_data, p - str_data));
-}
-
-	int
-spx_init(ap, server)
-	Authenticator *ap;
-	int server;
-{
-	gss_cred_id_t	tmp_cred_handle;
-
-	if (server) {
-		str_data[3] = TELQUAL_REPLY;
-		gethostname(lhostname, sizeof(lhostname));
-		strcpy(targ_printable, "SERVICE:rcmd@");
-		strcat(targ_printable, lhostname);
-		input_name_buffer.length = strlen(targ_printable);
-		input_name_buffer.value = targ_printable;
-		major_status = gss_import_name(&status,
-					&input_name_buffer,
-					GSS_C_NULL_OID,
-					&desired_targname);
-		major_status = gss_acquire_cred(&status,
-					desired_targname,
-					0,
-					GSS_C_NULL_OID_SET,
-					GSS_C_ACCEPT,
-					&tmp_cred_handle,
-					&actual_mechs,
-					&lifetime_rec);
-		if (major_status != GSS_S_COMPLETE) return(0);
-	} else {
-		str_data[3] = TELQUAL_IS;
-	}
-	return(1);
-}
-
-	int
-spx_send(ap)
-	Authenticator *ap;
-{
-	Block enckey;
-	int r;
-
-	gss_OID	actual_mech_type, output_name_type;
-	int	msg_ctx = 0, new_status, status;
-	int	req_flags = 0, ret_flags, lifetime_rec, major_status;
-	gss_buffer_desc  output_token, input_token, input_name_buffer;
-	gss_buffer_desc  output_name_buffer, status_string;
-	gss_name_t    desired_targname;
-	gss_channel_bindings  input_chan_bindings;
-	char targ_printable[GSS_C_MAX_PRINTABLE_NAME];
-	int  from_addr=0, to_addr=0, myhostlen, j;
-	int  deleg_flag=1, mutual_flag=0, replay_flag=0, seq_flag=0;
-	char *address;
-
-	printf("[ Trying SPX ... ]\n");
-	strcpy(targ_printable, "SERVICE:rcmd@");
-	strcat(targ_printable, RemoteHostName);
-
-	input_name_buffer.length = strlen(targ_printable);
-	input_name_buffer.value = targ_printable;
-
-	if (!UserNameRequested) {
-		return(0);
-	}
-
-	major_status = gss_import_name(&status,
-					&input_name_buffer,
-					GSS_C_NULL_OID,
-					&desired_targname);
-
-
-	major_status = gss_display_name(&status,
-					desired_targname,
-					&output_name_buffer,
-					&output_name_type);
-
-	printf("target is '%s'\n", output_name_buffer.value); fflush(stdout);
-
-	major_status = gss_release_buffer(&status, &output_name_buffer);
-
-	input_chan_bindings = (gss_channel_bindings)
-	  malloc(sizeof(gss_channel_bindings_desc));
-
-	input_chan_bindings->initiator_addrtype = GSS_C_AF_INET;
-	input_chan_bindings->initiator_address.length = 4;
-	address = (char *) malloc(4);
-	input_chan_bindings->initiator_address.value = (char *) address;
-	address[0] = ((from_addr & 0xff000000) >> 24);
-	address[1] = ((from_addr & 0xff0000) >> 16);
-	address[2] = ((from_addr & 0xff00) >> 8);
-	address[3] = (from_addr & 0xff);
-	input_chan_bindings->acceptor_addrtype = GSS_C_AF_INET;
-	input_chan_bindings->acceptor_address.length = 4;
-	address = (char *) malloc(4);
-	input_chan_bindings->acceptor_address.value = (char *) address;
-	address[0] = ((to_addr & 0xff000000) >> 24);
-	address[1] = ((to_addr & 0xff0000) >> 16);
-	address[2] = ((to_addr & 0xff00) >> 8);
-	address[3] = (to_addr & 0xff);
-	input_chan_bindings->application_data.length = 0;
-
-	req_flags = 0;
-	if (deleg_flag)  req_flags = req_flags | 1;
-	if (mutual_flag) req_flags = req_flags | 2;
-	if (replay_flag) req_flags = req_flags | 4;
-	if (seq_flag)    req_flags = req_flags | 8;
-
-	major_status = gss_init_sec_context(&status,         /* minor status */
-					GSS_C_NO_CREDENTIAL, /* cred handle */
-					&actual_ctxhandle,   /* ctx handle */
-					desired_targname,    /* target name */
-					GSS_C_NULL_OID,      /* mech type */
-					req_flags,           /* req flags */
-					0,                   /* time req */
-					input_chan_bindings, /* chan binding */
-					GSS_C_NO_BUFFER,     /* input token */
-					&actual_mech_type,   /* actual mech */
-					&output_token,       /* output token */
-					&ret_flags,          /* ret flags */
-					&lifetime_rec);      /* time rec */
-
-	if ((major_status != GSS_S_COMPLETE) &&
-	    (major_status != GSS_S_CONTINUE_NEEDED)) {
-	  gss_display_status(&new_status,
-				status,
-				GSS_C_MECH_CODE,
-				GSS_C_NULL_OID,
-				&msg_ctx,
-				&status_string);
-	  printf("%s\n", status_string.value);
-	  return(0);
-	}
-
-	if (!auth_sendname(UserNameRequested, strlen(UserNameRequested))) {
-		return(0);
-	}
-
-	if (!Data(ap, SPX_AUTH, (void *)output_token.value, output_token.length)) {
-		return(0);
-	}
-
-	return(1);
-}
-
-	void
-spx_is(ap, data, cnt)
-	Authenticator *ap;
-	unsigned char *data;
-	int cnt;
-{
-	Session_Key skey;
-	Block datablock;
-	int r;
-
-	if (cnt-- < 1)
-		return;
-	switch (*data++) {
-	case SPX_AUTH:
-		input_token.length = cnt;
-		input_token.value = (char *) data;
-
-		gethostname(lhostname, sizeof(lhostname));
-
-		strcpy(targ_printable, "SERVICE:rcmd@");
-		strcat(targ_printable, lhostname);
-
-		input_name_buffer.length = strlen(targ_printable);
-		input_name_buffer.value = targ_printable;
-
-		major_status = gss_import_name(&status,
-					&input_name_buffer,
-					GSS_C_NULL_OID,
-					&desired_targname);
-
-		major_status = gss_acquire_cred(&status,
-					desired_targname,
-					0,
-					GSS_C_NULL_OID_SET,
-					GSS_C_ACCEPT,
-					&gss_cred_handle,
-					&actual_mechs,
-					&lifetime_rec);
-
-		major_status = gss_release_name(&status, desired_targname);
-
-		input_chan_bindings = (gss_channel_bindings)
-		  malloc(sizeof(gss_channel_bindings_desc));
-
-		input_chan_bindings->initiator_addrtype = GSS_C_AF_INET;
-		input_chan_bindings->initiator_address.length = 4;
-		address = (char *) malloc(4);
-		input_chan_bindings->initiator_address.value = (char *) address;
-		address[0] = ((from_addr & 0xff000000) >> 24);
-		address[1] = ((from_addr & 0xff0000) >> 16);
-		address[2] = ((from_addr & 0xff00) >> 8);
-		address[3] = (from_addr & 0xff);
-		input_chan_bindings->acceptor_addrtype = GSS_C_AF_INET;
-		input_chan_bindings->acceptor_address.length = 4;
-		address = (char *) malloc(4);
-		input_chan_bindings->acceptor_address.value = (char *) address;
-		address[0] = ((to_addr & 0xff000000) >> 24);
-		address[1] = ((to_addr & 0xff0000) >> 16);
-		address[2] = ((to_addr & 0xff00) >> 8);
-		address[3] = (to_addr & 0xff);
-		input_chan_bindings->application_data.length = 0;
-
-		major_status = gss_accept_sec_context(&status,
-						&context_handle,
-						gss_cred_handle,
-						&input_token,
-						input_chan_bindings,
-						&src_name,
-						&actual_mech_type,
-						&output_token,
-						&ret_flags,
-						&lifetime_rec,
-						&gss_delegated_cred_handle);
-
-
-		if (major_status != GSS_S_COMPLETE) {
-
-		  major_status = gss_display_name(&status,
-					src_name,
-					&fullname_buffer,
-					&fullname_type);
-			Data(ap, SPX_REJECT, (void *)"auth failed", -1);
-			auth_finished(ap, AUTH_REJECT);
-			return;
-		}
-
-		major_status = gss_display_name(&status,
-					src_name,
-					&fullname_buffer,
-					&fullname_type);
-
-
-		Data(ap, SPX_ACCEPT, (void *)output_token.value, output_token.length);
-		auth_finished(ap, AUTH_USER);
-		break;
-
-	default:
-		Data(ap, SPX_REJECT, 0, 0);
-		break;
-	}
-}
-
-
-	void
-spx_reply(ap, data, cnt)
-	Authenticator *ap;
-	unsigned char *data;
-	int cnt;
-{
-	Session_Key skey;
-
-	if (cnt-- < 1)
-		return;
-	switch (*data++) {
-	case SPX_REJECT:
-		if (cnt > 0) {
-			printf("[ SPX refuses authentication because %.*s ]\r\n",
-				cnt, data);
-		} else
-			printf("[ SPX refuses authentication ]\r\n");
-		auth_send_retry();
-		return;
-	case SPX_ACCEPT:
-		printf("[ SPX accepts you ]\n");
-		if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) {
-			/*
-			 * Send over the encrypted challenge.
-		 	 */
-		  input_token.value = (char *) data;
-		  input_token.length = cnt;
-
-		  major_status = gss_init_sec_context(&status, /* minor stat */
-					GSS_C_NO_CREDENTIAL, /* cred handle */
-					&actual_ctxhandle,   /* ctx handle */
-					desired_targname,    /* target name */
-					GSS_C_NULL_OID,      /* mech type */
-					req_flags,           /* req flags */
-					0,                   /* time req */
-					input_chan_bindings, /* chan binding */
-					&input_token,        /* input token */
-					&actual_mech_type,   /* actual mech */
-					&output_token,       /* output token */
-					&ret_flags,          /* ret flags */
-					&lifetime_rec);      /* time rec */
-
-		  if (major_status != GSS_S_COMPLETE) {
-		    gss_display_status(&new_status,
-					status,
-					GSS_C_MECH_CODE,
-					GSS_C_NULL_OID,
-					&msg_ctx,
-					&status_string);
-		    printf("[ SPX mutual response fails ... '%s' ]\r\n",
-			 status_string.value);
-		    auth_send_retry();
-		    return;
-		  }
-		}
-		auth_finished(ap, AUTH_USER);
-		return;
-
-	default:
-		return;
-	}
-}
-
-	int
-spx_status(ap, name, level)
-	Authenticator *ap;
-	char *name;
-	int level;
-{
-
-	gss_buffer_desc  fullname_buffer, acl_file_buffer;
-	gss_OID          fullname_type;
-	char acl_file[160], fullname[160];
-	int major_status, status = 0;
-	struct passwd  *pwd;
-
-	/*
-	 * hard code fullname to
-	 *   "SPX:/C=US/O=Digital/OU=LKG/OU=Sphinx/OU=Users/CN=Kannan Alagappan"
-	 * and acl_file to "~kannan/.sphinx"
-	 */
-
-	pwd = getpwnam(UserNameRequested);
-	if (pwd == NULL) {
-	  return(AUTH_USER);   /*  not authenticated  */
-	}
-
-	strcpy(acl_file, pwd->pw_dir);
-	strcat(acl_file, "/.sphinx");
-	acl_file_buffer.value = acl_file;
-	acl_file_buffer.length = strlen(acl_file);
-
-	major_status = gss_display_name(&status,
-					src_name,
-					&fullname_buffer,
-					&fullname_type);
-
-	if (level < AUTH_USER)
-		return(level);
-
-	major_status = gss__check_acl(&status, &fullname_buffer,
-					&acl_file_buffer);
-
-	if (major_status == GSS_S_COMPLETE) {
-	  strcpy(name, UserNameRequested);
-	  return(AUTH_VALID);
-	} else {
-	   return(AUTH_USER);
-	}
-
-}
-
-#define	BUMP(buf, len)		while (*(buf)) {++(buf), --(len);}
-#define	ADDC(buf, len, c)	if ((len) > 0) {*(buf)++ = (c); --(len);}
-
-	void
-spx_printsub(data, cnt, buf, buflen)
-	unsigned char *data, *buf;
-	int cnt, buflen;
-{
-	char lbuf[32];
-	register int i;
-
-	buf[buflen-1] = '\0';		/* make sure its NULL terminated */
-	buflen -= 1;
-
-	switch(data[3]) {
-	case SPX_REJECT:		/* Rejected (reason might follow) */
-		strncpy((char *)buf, " REJECT ", buflen);
-		goto common;
-
-	case SPX_ACCEPT:		/* Accepted (name might follow) */
-		strncpy((char *)buf, " ACCEPT ", buflen);
-	common:
-		BUMP(buf, buflen);
-		if (cnt <= 4)
-			break;
-		ADDC(buf, buflen, '"');
-		for (i = 4; i < cnt; i++)
-			ADDC(buf, buflen, data[i]);
-		ADDC(buf, buflen, '"');
-		ADDC(buf, buflen, '\0');
-		break;
-
-	case SPX_AUTH:			/* Authentication data follows */
-		strncpy((char *)buf, " AUTH", buflen);
-		goto common2;
-
-	default:
-		sprintf(lbuf, " %d (unknown)", data[3]);
-		strncpy((char *)buf, lbuf, buflen);
-	common2:
-		BUMP(buf, buflen);
-		for (i = 4; i < cnt; i++) {
-			sprintf(lbuf, " %d", data[i]);
-			strncpy((char *)buf, lbuf, buflen);
-			BUMP(buf, buflen);
-		}
-		break;
-	}
-}
-
-#endif
-
-#ifdef notdef
-
-prkey(msg, key)
-	char *msg;
-	unsigned char *key;
-{
-	register int i;
-	printf("%s:", msg);
-	for (i = 0; i < 8; i++)
-		printf(" %3d", key[i]);
-	printf("\r\n");
-}
-#endif
diff --git a/crypto/telnet/telnet/authenc.c b/crypto/telnet/telnet/authenc.c
deleted file mode 100644
index f829b1a741a9..000000000000
--- a/crypto/telnet/telnet/authenc.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/*-
- * Copyright (c) 1991, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef lint
-static const char sccsid[] = "@(#)authenc.c	8.1 (Berkeley) 6/6/93";
-#endif /* not lint */
-
-#if	defined(AUTHENTICATION) || defined(ENCRYPTION)
-#include <sys/types.h>
-#include <arpa/telnet.h>
-#include <libtelnet/encrypt.h>
-#include <libtelnet/misc.h>
-
-#include "general.h"
-#include "ring.h"
-#include "externs.h"
-#include "defines.h"
-#include "types.h"
-
-	int
-net_write(str, len)
-	unsigned char *str;
-	int len;
-{
-	if (NETROOM() > len) {
-		ring_supply_data(&netoring, str, len);
-		if (str[0] == IAC && str[1] == SE)
-			printsub('>', &str[2], len-2);
-		return(len);
-	}
-	return(0);
-}
-
-	void
-net_encrypt()
-{
-#ifdef	ENCRYPTION
-	if (encrypt_output)
-		ring_encrypt(&netoring, encrypt_output);
-	else
-		ring_clearto(&netoring);
-#endif	/* ENCRYPTION */
-}
-
-	int
-telnet_spin()
-{
-	return(-1);
-}
-
-	char *
-telnet_getenv(val)
-	char *val;
-{
-	return((char *)env_getvalue((unsigned char *)val));
-}
-
-	char *
-telnet_gets(prompt, result, length, echo)
-	char *prompt;
-	char *result;
-	int length;
-	int echo;
-{
-	extern char *getpass();
-	extern int globalmode;
-	int om = globalmode;
-	char *res;
-
-	TerminalNewMode(-1);
-	if (echo) {
-		printf("%s", prompt);
-		res = fgets(result, length, stdin);
-	} else if ((res = getpass(prompt))) {
-		strncpy(result, res, length);
-		res = result;
-	}
-	TerminalNewMode(om);
-	return(res);
-}
-#endif	/* defined(AUTHENTICATION) || defined(ENCRYPTION) */
diff --git a/crypto/telnet/telnet/commands.c b/crypto/telnet/telnet/commands.c
deleted file mode 100644
index 8073fb50f120..000000000000
--- a/crypto/telnet/telnet/commands.c
+++ /dev/null
@@ -1,3002 +0,0 @@
-/*
- * Copyright (c) 1988, 1990, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef lint
-static const char sccsid[] = "@(#)commands.c	8.4 (Berkeley) 5/30/95";
-#endif /* not lint */
-
-#if	defined(unix)
-#include <sys/param.h>
-#if	defined(CRAY) || defined(sysV88)
-#include <sys/types.h>
-#endif
-#include <sys/file.h>
-#else
-#include <sys/types.h>
-#endif	/* defined(unix) */
-#include <sys/socket.h>
-#include <netinet/in.h>
-#ifdef	CRAY
-#include <fcntl.h>
-#endif	/* CRAY */
-
-#include <signal.h>
-#include <netdb.h>
-#include <ctype.h>
-#include <pwd.h>
-#include <varargs.h>
-#include <errno.h>
-#include <unistd.h>
-#include <stdlib.h>
-
-#include <arpa/telnet.h>
-
-#include "general.h"
-
-#include "ring.h"
-
-#include "externs.h"
-#include "defines.h"
-#include "types.h"
-
-#if	defined(AUTHENTICATION)
-#include <libtelnet/auth.h>
-#endif
-#if	defined(ENCRYPTION)
-#include <libtelnet/encrypt.h>
-#endif
-
-#if !defined(CRAY) && !defined(sysV88)
-#include <netinet/in_systm.h>
-# if (defined(vax) || defined(tahoe) || defined(hp300)) && !defined(ultrix)
-# include <machine/endian.h>
-# endif /* vax */
-#endif /* !defined(CRAY) && !defined(sysV88) */
-#include <netinet/ip.h>
-
-
-#ifndef	MAXHOSTNAMELEN
-#define	MAXHOSTNAMELEN 64
-#endif	MAXHOSTNAMELEN
-
-#if	defined(IPPROTO_IP) && defined(IP_TOS)
-int tos = -1;
-#endif	/* defined(IPPROTO_IP) && defined(IP_TOS) */
-
-char	*hostname;
-static char _hostname[MAXHOSTNAMELEN];
-
-extern char *getenv();
-
-extern int isprefix();
-extern char **genget();
-extern int Ambiguous();
-
-static int help(int argc, char *argv[]);
-static int call();
-static void cmdrc(char *m1, char *m2);
-
-int quit(void);
-
-typedef struct {
-	char	*name;		/* command name */
-	char	*help;		/* help string (NULL for no help) */
-	int	(*handler)();	/* routine which executes command */
-	int	needconnect;	/* Do we need to be connected to execute? */
-} Command;
-
-static char line[256];
-static char saveline[256];
-static int margc;
-static char *margv[20];
-
-#if	defined(SKEY)
-#include <sys/wait.h>
-#define PATH_SKEY	"/usr/bin/key"
-    int
-skey_calc(argc, argv)
-	int argc;
-	char **argv;
-{
-	int status;
-
-	if(argc != 3) {
-		printf("%s sequence challenge\n", argv[0]);
-		return;
-	}
-
-	switch(fork()) {
-	case 0:
-		execv(PATH_SKEY, argv);
-		exit (1);
-	case -1:
-		perror("fork");
-		break;
-	default:
-		(void) wait(&status);
-		if (WIFEXITED(status))
-			return (WEXITSTATUS(status));
-		return (0);
-	}
-}
-#endif
-
-    static void
-makeargv()
-{
-    register char *cp, *cp2, c;
-    register char **argp = margv;
-
-    margc = 0;
-    cp = line;
-    if (*cp == '!') {		/* Special case shell escape */
-	strcpy(saveline, line);	/* save for shell command */
-	*argp++ = "!";		/* No room in string to get this */
-	margc++;
-	cp++;
-    }
-    while ((c = *cp)) {
-	register int inquote = 0;
-	while (isspace(c))
-	    c = *++cp;
-	if (c == '\0')
-	    break;
-	*argp++ = cp;
-	margc += 1;
-	for (cp2 = cp; c != '\0'; c = *++cp) {
-	    if (inquote) {
-		if (c == inquote) {
-		    inquote = 0;
-		    continue;
-		}
-	    } else {
-		if (c == '\\') {
-		    if ((c = *++cp) == '\0')
-			break;
-		} else if (c == '"') {
-		    inquote = '"';
-		    continue;
-		} else if (c == '\'') {
-		    inquote = '\'';
-		    continue;
-		} else if (isspace(c))
-		    break;
-	    }
-	    *cp2++ = c;
-	}
-	*cp2 = '\0';
-	if (c == '\0')
-	    break;
-	cp++;
-    }
-    *argp++ = 0;
-}
-
-/*
- * Make a character string into a number.
- *
- * Todo:  1.  Could take random integers (12, 0x12, 012, 0b1).
- */
-
-	static int
-special(s)
-	register char *s;
-{
-	register char c;
-	char b;
-
-	switch (*s) {
-	case '^':
-		b = *++s;
-		if (b == '?') {
-		    c = b | 0x40;		/* DEL */
-		} else {
-		    c = b & 0x1f;
-		}
-		break;
-	default:
-		c = *s;
-		break;
-	}
-	return c;
-}
-
-/*
- * Construct a control character sequence
- * for a special character.
- */
-	static char *
-control(c)
-	register cc_t c;
-{
-	static char buf[5];
-	/*
-	 * The only way I could get the Sun 3.5 compiler
-	 * to shut up about
-	 *	if ((unsigned int)c >= 0x80)
-	 * was to assign "c" to an unsigned int variable...
-	 * Arggg....
-	 */
-	register unsigned int uic = (unsigned int)c;
-
-	if (uic == 0x7f)
-		return ("^?");
-	if (c == (cc_t)_POSIX_VDISABLE) {
-		return "off";
-	}
-	if (uic >= 0x80) {
-		buf[0] = '\\';
-		buf[1] = ((c>>6)&07) + '0';
-		buf[2] = ((c>>3)&07) + '0';
-		buf[3] = (c&07) + '0';
-		buf[4] = 0;
-	} else if (uic >= 0x20) {
-		buf[0] = c;
-		buf[1] = 0;
-	} else {
-		buf[0] = '^';
-		buf[1] = '@'+c;
-		buf[2] = 0;
-	}
-	return (buf);
-}
-
-
-
-/*
- *	The following are data structures and routines for
- *	the "send" command.
- *
- */
-
-struct sendlist {
-    char	*name;		/* How user refers to it (case independent) */
-    char	*help;		/* Help information (0 ==> no help) */
-    int		needconnect;	/* Need to be connected */
-    int		narg;		/* Number of arguments */
-    int		(*handler)();	/* Routine to perform (for special ops) */
-    int		nbyte;		/* Number of bytes to send this command */
-    int		what;		/* Character to be sent (<0 ==> special) */
-};
-
-
-static int
-	send_esc P((void)),
-	send_help P((void)),
-	send_docmd P((char *)),
-	send_dontcmd P((char *)),
-	send_willcmd P((char *)),
-	send_wontcmd P((char *));
-
-static struct sendlist Sendlist[] = {
-    { "ao",	"Send Telnet Abort output",		1, 0, 0, 2, AO },
-    { "ayt",	"Send Telnet 'Are You There'",		1, 0, 0, 2, AYT },
-    { "brk",	"Send Telnet Break",			1, 0, 0, 2, BREAK },
-    { "break",	0,					1, 0, 0, 2, BREAK },
-    { "ec",	"Send Telnet Erase Character",		1, 0, 0, 2, EC },
-    { "el",	"Send Telnet Erase Line",		1, 0, 0, 2, EL },
-    { "escape",	"Send current escape character",	1, 0, send_esc, 1, 0 },
-    { "ga",	"Send Telnet 'Go Ahead' sequence",	1, 0, 0, 2, GA },
-    { "ip",	"Send Telnet Interrupt Process",	1, 0, 0, 2, IP },
-    { "intp",	0,					1, 0, 0, 2, IP },
-    { "interrupt", 0,					1, 0, 0, 2, IP },
-    { "intr",	0,					1, 0, 0, 2, IP },
-    { "nop",	"Send Telnet 'No operation'",		1, 0, 0, 2, NOP },
-    { "eor",	"Send Telnet 'End of Record'",		1, 0, 0, 2, EOR },
-    { "abort",	"Send Telnet 'Abort Process'",		1, 0, 0, 2, ABORT },
-    { "susp",	"Send Telnet 'Suspend Process'",	1, 0, 0, 2, SUSP },
-    { "eof",	"Send Telnet End of File Character",	1, 0, 0, 2, xEOF },
-    { "synch",	"Perform Telnet 'Synch operation'",	1, 0, dosynch, 2, 0 },
-    { "getstatus", "Send request for STATUS",		1, 0, get_status, 6, 0 },
-    { "?",	"Display send options",			0, 0, send_help, 0, 0 },
-    { "help",	0,					0, 0, send_help, 0, 0 },
-    { "do",	0,					0, 1, send_docmd, 3, 0 },
-    { "dont",	0,					0, 1, send_dontcmd, 3, 0 },
-    { "will",	0,					0, 1, send_willcmd, 3, 0 },
-    { "wont",	0,					0, 1, send_wontcmd, 3, 0 },
-    { 0 }
-};
-
-#define	GETSEND(name) ((struct sendlist *) genget(name, (char **) Sendlist, \
-				sizeof(struct sendlist)))
-
-    static int
-sendcmd(argc, argv)
-    int  argc;
-    char **argv;
-{
-    int count;		/* how many bytes we are going to need to send */
-    int i;
-    struct sendlist *s;	/* pointer to current command */
-    int success = 0;
-    int needconnect = 0;
-
-    if (argc < 2) {
-	printf("need at least one argument for 'send' command\n");
-	printf("'send ?' for help\n");
-	return 0;
-    }
-    /*
-     * First, validate all the send arguments.
-     * In addition, we see how much space we are going to need, and
-     * whether or not we will be doing a "SYNCH" operation (which
-     * flushes the network queue).
-     */
-    count = 0;
-    for (i = 1; i < argc; i++) {
-	s = GETSEND(argv[i]);
-	if (s == 0) {
-	    printf("Unknown send argument '%s'\n'send ?' for help.\n",
-			argv[i]);
-	    return 0;
-	} else if (Ambiguous(s)) {
-	    printf("Ambiguous send argument '%s'\n'send ?' for help.\n",
-			argv[i]);
-	    return 0;
-	}
-	if (i + s->narg >= argc) {
-	    fprintf(stderr,
-	    "Need %d argument%s to 'send %s' command.  'send %s ?' for help.\n",
-		s->narg, s->narg == 1 ? "" : "s", s->name, s->name);
-	    return 0;
-	}
-	count += s->nbyte;
-	if (s->handler == send_help) {
-	    send_help();
-	    return 0;
-	}
-
-	i += s->narg;
-	needconnect += s->needconnect;
-    }
-    if (!connected && needconnect) {
-	printf("?Need to be connected first.\n");
-	printf("'send ?' for help\n");
-	return 0;
-    }
-    /* Now, do we have enough room? */
-    if (NETROOM() < count) {
-	printf("There is not enough room in the buffer TO the network\n");
-	printf("to process your request.  Nothing will be done.\n");
-	printf("('send synch' will throw away most data in the network\n");
-	printf("buffer, if this might help.)\n");
-	return 0;
-    }
-    /* OK, they are all OK, now go through again and actually send */
-    count = 0;
-    for (i = 1; i < argc; i++) {
-	if ((s = GETSEND(argv[i])) == 0) {
-	    fprintf(stderr, "Telnet 'send' error - argument disappeared!\n");
-	    (void) quit();
-	    /*NOTREACHED*/
-	}
-	if (s->handler) {
-	    count++;
-	    success += (*s->handler)((s->narg > 0) ? argv[i+1] : 0,
-				  (s->narg > 1) ? argv[i+2] : 0);
-	    i += s->narg;
-	} else {
-	    NET2ADD(IAC, s->what);
-	    printoption("SENT", IAC, s->what);
-	}
-    }
-    return (count == success);
-}
-
-    static int
-send_esc()
-{
-    NETADD(escape);
-    return 1;
-}
-
-    static int
-send_docmd(name)
-    char *name;
-{
-    return(send_tncmd(send_do, "do", name));
-}
-
-    static int
-send_dontcmd(name)
-    char *name;
-{
-    return(send_tncmd(send_dont, "dont", name));
-}
-    static int
-send_willcmd(name)
-    char *name;
-{
-    return(send_tncmd(send_will, "will", name));
-}
-    static int
-send_wontcmd(name)
-    char *name;
-{
-    return(send_tncmd(send_wont, "wont", name));
-}
-
-    int
-send_tncmd(func, cmd, name)
-    void	(*func)();
-    char	*cmd, *name;
-{
-    char **cpp;
-    extern char *telopts[];
-    register int val = 0;
-
-    if (isprefix(name, "help") || isprefix(name, "?")) {
-	register int col, len;
-
-	printf("Usage: send %s <value|option>\n", cmd);
-	printf("\"value\" must be from 0 to 255\n");
-	printf("Valid options are:\n\t");
-
-	col = 8;
-	for (cpp = telopts; *cpp; cpp++) {
-	    len = strlen(*cpp) + 3;
-	    if (col + len > 65) {
-		printf("\n\t");
-		col = 8;
-	    }
-	    printf(" \"%s\"", *cpp);
-	    col += len;
-	}
-	printf("\n");
-	return 0;
-    }
-    cpp = (char **)genget(name, telopts, sizeof(char *));
-    if (Ambiguous(cpp)) {
-	fprintf(stderr,"'%s': ambiguous argument ('send %s ?' for help).\n",
-					name, cmd);
-	return 0;
-    }
-    if (cpp) {
-	val = cpp - telopts;
-    } else {
-	register char *cp = name;
-
-	while (*cp >= '0' && *cp <= '9') {
-	    val *= 10;
-	    val += *cp - '0';
-	    cp++;
-	}
-	if (*cp != 0) {
-	    fprintf(stderr, "'%s': unknown argument ('send %s ?' for help).\n",
-					name, cmd);
-	    return 0;
-	} else if (val < 0 || val > 255) {
-	    fprintf(stderr, "'%s': bad value ('send %s ?' for help).\n",
-					name, cmd);
-	    return 0;
-	}
-    }
-    if (!connected) {
-	printf("?Need to be connected first.\n");
-	return 0;
-    }
-    (*func)(val, 1);
-    return 1;
-}
-
-    static int
-send_help()
-{
-    struct sendlist *s;	/* pointer to current command */
-    for (s = Sendlist; s->name; s++) {
-	if (s->help)
-	    printf("%-15s %s\n", s->name, s->help);
-    }
-    return(0);
-}
-
-/*
- * The following are the routines and data structures referred
- * to by the arguments to the "toggle" command.
- */
-
-    static int
-lclchars()
-{
-    donelclchars = 1;
-    return 1;
-}
-
-    static int
-togdebug()
-{
-#ifndef	NOT43
-    if (net > 0 &&
-	(SetSockOpt(net, SOL_SOCKET, SO_DEBUG, debug)) < 0) {
-	    perror("setsockopt (SO_DEBUG)");
-    }
-#else	/* NOT43 */
-    if (debug) {
-	if (net > 0 && SetSockOpt(net, SOL_SOCKET, SO_DEBUG, 1) < 0)
-	    perror("setsockopt (SO_DEBUG)");
-    } else
-	printf("Cannot turn off socket debugging\n");
-#endif	/* NOT43 */
-    return 1;
-}
-
-
-    static int
-togcrlf()
-{
-    if (crlf) {
-	printf("Will send carriage returns as telnet <CR><LF>.\n");
-    } else {
-	printf("Will send carriage returns as telnet <CR><NUL>.\n");
-    }
-    return 1;
-}
-
-int binmode;
-
-    static int
-togbinary(val)
-    int val;
-{
-    donebinarytoggle = 1;
-
-    if (val >= 0) {
-	binmode = val;
-    } else {
-	if (my_want_state_is_will(TELOPT_BINARY) &&
-				my_want_state_is_do(TELOPT_BINARY)) {
-	    binmode = 1;
-	} else if (my_want_state_is_wont(TELOPT_BINARY) &&
-				my_want_state_is_dont(TELOPT_BINARY)) {
-	    binmode = 0;
-	}
-	val = binmode ? 0 : 1;
-    }
-
-    if (val == 1) {
-	if (my_want_state_is_will(TELOPT_BINARY) &&
-					my_want_state_is_do(TELOPT_BINARY)) {
-	    printf("Already operating in binary mode with remote host.\n");
-	} else {
-	    printf("Negotiating binary mode with remote host.\n");
-	    tel_enter_binary(3);
-	}
-    } else {
-	if (my_want_state_is_wont(TELOPT_BINARY) &&
-					my_want_state_is_dont(TELOPT_BINARY)) {
-	    printf("Already in network ascii mode with remote host.\n");
-	} else {
-	    printf("Negotiating network ascii mode with remote host.\n");
-	    tel_leave_binary(3);
-	}
-    }
-    return 1;
-}
-
-    static int
-togrbinary(val)
-    int val;
-{
-    donebinarytoggle = 1;
-
-    if (val == -1)
-	val = my_want_state_is_do(TELOPT_BINARY) ? 0 : 1;
-
-    if (val == 1) {
-	if (my_want_state_is_do(TELOPT_BINARY)) {
-	    printf("Already receiving in binary mode.\n");
-	} else {
-	    printf("Negotiating binary mode on input.\n");
-	    tel_enter_binary(1);
-	}
-    } else {
-	if (my_want_state_is_dont(TELOPT_BINARY)) {
-	    printf("Already receiving in network ascii mode.\n");
-	} else {
-	    printf("Negotiating network ascii mode on input.\n");
-	    tel_leave_binary(1);
-	}
-    }
-    return 1;
-}
-
-    static int
-togxbinary(val)
-    int val;
-{
-    donebinarytoggle = 1;
-
-    if (val == -1)
-	val = my_want_state_is_will(TELOPT_BINARY) ? 0 : 1;
-
-    if (val == 1) {
-	if (my_want_state_is_will(TELOPT_BINARY)) {
-	    printf("Already transmitting in binary mode.\n");
-	} else {
-	    printf("Negotiating binary mode on output.\n");
-	    tel_enter_binary(2);
-	}
-    } else {
-	if (my_want_state_is_wont(TELOPT_BINARY)) {
-	    printf("Already transmitting in network ascii mode.\n");
-	} else {
-	    printf("Negotiating network ascii mode on output.\n");
-	    tel_leave_binary(2);
-	}
-    }
-    return 1;
-}
-
-
-static int togglehelp P((void));
-#if	defined(AUTHENTICATION)
-extern int auth_togdebug P((int));
-#endif
-#ifdef	ENCRYPTION
-extern int EncryptAutoEnc P((int));
-extern int EncryptAutoDec P((int));
-extern int EncryptDebug P((int));
-extern int EncryptVerbose P((int));
-#endif	/* ENCRYPTION */
-
-struct togglelist {
-    char	*name;		/* name of toggle */
-    char	*help;		/* help message */
-    int		(*handler)();	/* routine to do actual setting */
-    int		*variable;
-    char	*actionexplanation;
-};
-
-static struct togglelist Togglelist[] = {
-    { "autoflush",
-	"flushing of output when sending interrupt characters",
-	    0,
-		&autoflush,
-		    "flush output when sending interrupt characters" },
-    { "autosynch",
-	"automatic sending of interrupt characters in urgent mode",
-	    0,
-		&autosynch,
-		    "send interrupt characters in urgent mode" },
-#if	defined(AUTHENTICATION)
-    { "autologin",
-	"automatic sending of login and/or authentication info",
-	    0,
-		&autologin,
-		    "send login name and/or authentication information" },
-    { "authdebug",
-	"Toggle authentication debugging",
-	    auth_togdebug,
-		0,
-		     "print authentication debugging information" },
-#endif
-#ifdef	ENCRYPTION
-    { "autoencrypt",
-	"automatic encryption of data stream",
-	    EncryptAutoEnc,
-		0,
-		    "automatically encrypt output" },
-    { "autodecrypt",
-	"automatic decryption of data stream",
-	    EncryptAutoDec,
-		0,
-		    "automatically decrypt input" },
-    { "verbose_encrypt",
-	"Toggle verbose encryption output",
-	    EncryptVerbose,
-		0,
-		    "print verbose encryption output" },
-    { "encdebug",
-	"Toggle encryption debugging",
-	    EncryptDebug,
-		0,
-		    "print encryption debugging information" },
-#endif	/* ENCRYPTION */
-    { "skiprc",
-	"don't read ~/.telnetrc file",
-	    0,
-		&skiprc,
-		    "skip reading of ~/.telnetrc file" },
-    { "binary",
-	"sending and receiving of binary data",
-	    togbinary,
-		0,
-		    0 },
-    { "inbinary",
-	"receiving of binary data",
-	    togrbinary,
-		0,
-		    0 },
-    { "outbinary",
-	"sending of binary data",
-	    togxbinary,
-		0,
-		    0 },
-    { "crlf",
-	"sending carriage returns as telnet <CR><LF>",
-	    togcrlf,
-		&crlf,
-		    0 },
-    { "crmod",
-	"mapping of received carriage returns",
-	    0,
-		&crmod,
-		    "map carriage return on output" },
-    { "localchars",
-	"local recognition of certain control characters",
-	    lclchars,
-		&localchars,
-		    "recognize certain control characters" },
-    { " ", "", 0 },		/* empty line */
-#if	defined(unix) && defined(TN3270)
-    { "apitrace",
-	"(debugging) toggle tracing of API transactions",
-	    0,
-		&apitrace,
-		    "trace API transactions" },
-    { "cursesdata",
-	"(debugging) toggle printing of hexadecimal curses data",
-	    0,
-		&cursesdata,
-		    "print hexadecimal representation of curses data" },
-#endif	/* defined(unix) && defined(TN3270) */
-    { "debug",
-	"debugging",
-	    togdebug,
-		&debug,
-		    "turn on socket level debugging" },
-    { "netdata",
-	"printing of hexadecimal network data (debugging)",
-	    0,
-		&netdata,
-		    "print hexadecimal representation of network traffic" },
-    { "prettydump",
-	"output of \"netdata\" to user readable format (debugging)",
-	    0,
-		&prettydump,
-		    "print user readable output for \"netdata\"" },
-    { "options",
-	"viewing of options processing (debugging)",
-	    0,
-		&showoptions,
-		    "show option processing" },
-#if	defined(unix)
-    { "termdata",
-	"(debugging) toggle printing of hexadecimal terminal data",
-	    0,
-		&termdata,
-		    "print hexadecimal representation of terminal traffic" },
-#endif	/* defined(unix) */
-    { "?",
-	0,
-	    togglehelp },
-    { "help",
-	0,
-	    togglehelp },
-    { 0 }
-};
-
-    static int
-togglehelp()
-{
-    struct togglelist *c;
-
-    for (c = Togglelist; c->name; c++) {
-	if (c->help) {
-	    if (*c->help)
-		printf("%-15s toggle %s\n", c->name, c->help);
-	    else
-		printf("\n");
-	}
-    }
-    printf("\n");
-    printf("%-15s %s\n", "?", "display help information");
-    return 0;
-}
-
-    static void
-settogglehelp(set)
-    int set;
-{
-    struct togglelist *c;
-
-    for (c = Togglelist; c->name; c++) {
-	if (c->help) {
-	    if (*c->help)
-		printf("%-15s %s %s\n", c->name, set ? "enable" : "disable",
-						c->help);
-	    else
-		printf("\n");
-	}
-    }
-}
-
-#define	GETTOGGLE(name) (struct togglelist *) \
-		genget(name, (char **) Togglelist, sizeof(struct togglelist))
-
-    static int
-toggle(argc, argv)
-    int  argc;
-    char *argv[];
-{
-    int retval = 1;
-    char *name;
-    struct togglelist *c;
-
-    if (argc < 2) {
-	fprintf(stderr,
-	    "Need an argument to 'toggle' command.  'toggle ?' for help.\n");
-	return 0;
-    }
-    argc--;
-    argv++;
-    while (argc--) {
-	name = *argv++;
-	c = GETTOGGLE(name);
-	if (Ambiguous(c)) {
-	    fprintf(stderr, "'%s': ambiguous argument ('toggle ?' for help).\n",
-					name);
-	    return 0;
-	} else if (c == 0) {
-	    fprintf(stderr, "'%s': unknown argument ('toggle ?' for help).\n",
-					name);
-	    return 0;
-	} else {
-	    if (c->variable) {
-		*c->variable = !*c->variable;		/* invert it */
-		if (c->actionexplanation) {
-		    printf("%s %s.\n", *c->variable? "Will" : "Won't",
-							c->actionexplanation);
-		}
-	    }
-	    if (c->handler) {
-		retval &= (*c->handler)(-1);
-	    }
-	}
-    }
-    return retval;
-}
-
-/*
- * The following perform the "set" command.
- */
-
-#ifdef	USE_TERMIO
-struct termio new_tc = { 0 };
-#endif
-
-struct setlist {
-    char *name;				/* name */
-    char *help;				/* help information */
-    void (*handler)();
-    cc_t *charp;			/* where it is located at */
-};
-
-static struct setlist Setlist[] = {
-#ifdef	KLUDGELINEMODE
-    { "echo", 	"character to toggle local echoing on/off", 0, &echoc },
-#endif
-    { "escape",	"character to escape back to telnet command mode", 0, &escape },
-    { "rlogin", "rlogin escape character", 0, &rlogin },
-    { "tracefile", "file to write trace information to", SetNetTrace, (cc_t *)NetTraceFile},
-    { " ", "" },
-    { " ", "The following need 'localchars' to be toggled true", 0, 0 },
-    { "flushoutput", "character to cause an Abort Output", 0, termFlushCharp },
-    { "interrupt", "character to cause an Interrupt Process", 0, termIntCharp },
-    { "quit",	"character to cause an Abort process", 0, termQuitCharp },
-    { "eof",	"character to cause an EOF ", 0, termEofCharp },
-    { " ", "" },
-    { " ", "The following are for local editing in linemode", 0, 0 },
-    { "erase",	"character to use to erase a character", 0, termEraseCharp },
-    { "kill",	"character to use to erase a line", 0, termKillCharp },
-    { "lnext",	"character to use for literal next", 0, termLiteralNextCharp },
-    { "susp",	"character to cause a Suspend Process", 0, termSuspCharp },
-    { "reprint", "character to use for line reprint", 0, termRprntCharp },
-    { "worderase", "character to use to erase a word", 0, termWerasCharp },
-    { "start",	"character to use for XON", 0, termStartCharp },
-    { "stop",	"character to use for XOFF", 0, termStopCharp },
-    { "forw1",	"alternate end of line character", 0, termForw1Charp },
-    { "forw2",	"alternate end of line character", 0, termForw2Charp },
-    { "ayt",	"alternate AYT character", 0, termAytCharp },
-    { 0 }
-};
-
-#if	defined(CRAY) && !defined(__STDC__)
-/* Work around compiler bug in pcc 4.1.5 */
-    void
-_setlist_init()
-{
-#ifndef	KLUDGELINEMODE
-#define	N 5
-#else
-#define	N 6
-#endif
-	Setlist[N+0].charp = &termFlushChar;
-	Setlist[N+1].charp = &termIntChar;
-	Setlist[N+2].charp = &termQuitChar;
-	Setlist[N+3].charp = &termEofChar;
-	Setlist[N+6].charp = &termEraseChar;
-	Setlist[N+7].charp = &termKillChar;
-	Setlist[N+8].charp = &termLiteralNextChar;
-	Setlist[N+9].charp = &termSuspChar;
-	Setlist[N+10].charp = &termRprntChar;
-	Setlist[N+11].charp = &termWerasChar;
-	Setlist[N+12].charp = &termStartChar;
-	Setlist[N+13].charp = &termStopChar;
-	Setlist[N+14].charp = &termForw1Char;
-	Setlist[N+15].charp = &termForw2Char;
-	Setlist[N+16].charp = &termAytChar;
-#undef	N
-}
-#endif	/* defined(CRAY) && !defined(__STDC__) */
-
-    static struct setlist *
-getset(name)
-    char *name;
-{
-    return (struct setlist *)
-		genget(name, (char **) Setlist, sizeof(struct setlist));
-}
-
-    void
-set_escape_char(s)
-    char *s;
-{
-	if (rlogin != _POSIX_VDISABLE) {
-		rlogin = (s && *s) ? special(s) : _POSIX_VDISABLE;
-		printf("Telnet rlogin escape character is '%s'.\n",
-					control(rlogin));
-	} else {
-		escape = (s && *s) ? special(s) : _POSIX_VDISABLE;
-		printf("Telnet escape character is '%s'.\n", control(escape));
-	}
-}
-
-    static int
-setcmd(argc, argv)
-    int  argc;
-    char *argv[];
-{
-    int value;
-    struct setlist *ct;
-    struct togglelist *c;
-
-    if (argc < 2 || argc > 3) {
-	printf("Format is 'set Name Value'\n'set ?' for help.\n");
-	return 0;
-    }
-    if ((argc == 2) && (isprefix(argv[1], "?") || isprefix(argv[1], "help"))) {
-	for (ct = Setlist; ct->name; ct++)
-	    printf("%-15s %s\n", ct->name, ct->help);
-	printf("\n");
-	settogglehelp(1);
-	printf("%-15s %s\n", "?", "display help information");
-	return 0;
-    }
-
-    ct = getset(argv[1]);
-    if (ct == 0) {
-	c = GETTOGGLE(argv[1]);
-	if (c == 0) {
-	    fprintf(stderr, "'%s': unknown argument ('set ?' for help).\n",
-			argv[1]);
-	    return 0;
-	} else if (Ambiguous(c)) {
-	    fprintf(stderr, "'%s': ambiguous argument ('set ?' for help).\n",
-			argv[1]);
-	    return 0;
-	}
-	if (c->variable) {
-	    if ((argc == 2) || (strcmp("on", argv[2]) == 0))
-		*c->variable = 1;
-	    else if (strcmp("off", argv[2]) == 0)
-		*c->variable = 0;
-	    else {
-		printf("Format is 'set togglename [on|off]'\n'set ?' for help.\n");
-		return 0;
-	    }
-	    if (c->actionexplanation) {
-		printf("%s %s.\n", *c->variable? "Will" : "Won't",
-							c->actionexplanation);
-	    }
-	}
-	if (c->handler)
-	    (*c->handler)(1);
-    } else if (argc != 3) {
-	printf("Format is 'set Name Value'\n'set ?' for help.\n");
-	return 0;
-    } else if (Ambiguous(ct)) {
-	fprintf(stderr, "'%s': ambiguous argument ('set ?' for help).\n",
-			argv[1]);
-	return 0;
-    } else if (ct->handler) {
-	(*ct->handler)(argv[2]);
-	printf("%s set to \"%s\".\n", ct->name, (char *)ct->charp);
-    } else {
-	if (strcmp("off", argv[2])) {
-	    value = special(argv[2]);
-	} else {
-	    value = _POSIX_VDISABLE;
-	}
-	*(ct->charp) = (cc_t)value;
-	printf("%s character is '%s'.\n", ct->name, control(*(ct->charp)));
-    }
-    slc_check();
-    return 1;
-}
-
-    static int
-unsetcmd(argc, argv)
-    int  argc;
-    char *argv[];
-{
-    struct setlist *ct;
-    struct togglelist *c;
-    register char *name;
-
-    if (argc < 2) {
-	fprintf(stderr,
-	    "Need an argument to 'unset' command.  'unset ?' for help.\n");
-	return 0;
-    }
-    if (isprefix(argv[1], "?") || isprefix(argv[1], "help")) {
-	for (ct = Setlist; ct->name; ct++)
-	    printf("%-15s %s\n", ct->name, ct->help);
-	printf("\n");
-	settogglehelp(0);
-	printf("%-15s %s\n", "?", "display help information");
-	return 0;
-    }
-
-    argc--;
-    argv++;
-    while (argc--) {
-	name = *argv++;
-	ct = getset(name);
-	if (ct == 0) {
-	    c = GETTOGGLE(name);
-	    if (c == 0) {
-		fprintf(stderr, "'%s': unknown argument ('unset ?' for help).\n",
-			name);
-		return 0;
-	    } else if (Ambiguous(c)) {
-		fprintf(stderr, "'%s': ambiguous argument ('unset ?' for help).\n",
-			name);
-		return 0;
-	    }
-	    if (c->variable) {
-		*c->variable = 0;
-		if (c->actionexplanation) {
-		    printf("%s %s.\n", *c->variable? "Will" : "Won't",
-							c->actionexplanation);
-		}
-	    }
-	    if (c->handler)
-		(*c->handler)(0);
-	} else if (Ambiguous(ct)) {
-	    fprintf(stderr, "'%s': ambiguous argument ('unset ?' for help).\n",
-			name);
-	    return 0;
-	} else if (ct->handler) {
-	    (*ct->handler)(0);
-	    printf("%s reset to \"%s\".\n", ct->name, (char *)ct->charp);
-	} else {
-	    *(ct->charp) = _POSIX_VDISABLE;
-	    printf("%s character is '%s'.\n", ct->name, control(*(ct->charp)));
-	}
-    }
-    return 1;
-}
-
-/*
- * The following are the data structures and routines for the
- * 'mode' command.
- */
-#ifdef	KLUDGELINEMODE
-extern int kludgelinemode;
-
-    static void
-dokludgemode()
-{
-    kludgelinemode = 1;
-    send_wont(TELOPT_LINEMODE, 1);
-    send_dont(TELOPT_SGA, 1);
-    send_dont(TELOPT_ECHO, 1);
-}
-#endif
-
-    static int
-dolinemode()
-{
-#ifdef	KLUDGELINEMODE
-    if (kludgelinemode)
-	send_dont(TELOPT_SGA, 1);
-#endif
-    send_will(TELOPT_LINEMODE, 1);
-    send_dont(TELOPT_ECHO, 1);
-    return 1;
-}
-
-    static int
-docharmode()
-{
-#ifdef	KLUDGELINEMODE
-    if (kludgelinemode)
-	send_do(TELOPT_SGA, 1);
-    else
-#endif
-    send_wont(TELOPT_LINEMODE, 1);
-    send_do(TELOPT_ECHO, 1);
-    return 1;
-}
-
-    static int
-dolmmode(bit, on)
-    int bit, on;
-{
-    unsigned char c;
-    extern int linemode;
-
-    if (my_want_state_is_wont(TELOPT_LINEMODE)) {
-	printf("?Need to have LINEMODE option enabled first.\n");
-	printf("'mode ?' for help.\n");
-	return 0;
-    }
-
-    if (on)
-	c = (linemode | bit);
-    else
-	c = (linemode & ~bit);
-    lm_mode(&c, 1, 1);
-    return 1;
-}
-
-    int
-setmod(bit)
-{
-    return dolmmode(bit, 1);
-}
-
-    int
-clearmode(bit)
-{
-    return dolmmode(bit, 0);
-}
-
-struct modelist {
-	char	*name;		/* command name */
-	char	*help;		/* help string */
-	int	(*handler)();	/* routine which executes command */
-	int	needconnect;	/* Do we need to be connected to execute? */
-	int	arg1;
-};
-
-extern int modehelp();
-
-static struct modelist ModeList[] = {
-    { "character", "Disable LINEMODE option",	docharmode, 1 },
-#ifdef	KLUDGELINEMODE
-    { "",	"(or disable obsolete line-by-line mode)", 0 },
-#endif
-    { "line",	"Enable LINEMODE option",	dolinemode, 1 },
-#ifdef	KLUDGELINEMODE
-    { "",	"(or enable obsolete line-by-line mode)", 0 },
-#endif
-    { "", "", 0 },
-    { "",	"These require the LINEMODE option to be enabled", 0 },
-    { "isig",	"Enable signal trapping",	setmod, 1, MODE_TRAPSIG },
-    { "+isig",	0,				setmod, 1, MODE_TRAPSIG },
-    { "-isig",	"Disable signal trapping",	clearmode, 1, MODE_TRAPSIG },
-    { "edit",	"Enable character editing",	setmod, 1, MODE_EDIT },
-    { "+edit",	0,				setmod, 1, MODE_EDIT },
-    { "-edit",	"Disable character editing",	clearmode, 1, MODE_EDIT },
-    { "softtabs", "Enable tab expansion",	setmod, 1, MODE_SOFT_TAB },
-    { "+softtabs", 0,				setmod, 1, MODE_SOFT_TAB },
-    { "-softtabs", "Disable character editing",	clearmode, 1, MODE_SOFT_TAB },
-    { "litecho", "Enable literal character echo", setmod, 1, MODE_LIT_ECHO },
-    { "+litecho", 0,				setmod, 1, MODE_LIT_ECHO },
-    { "-litecho", "Disable literal character echo", clearmode, 1, MODE_LIT_ECHO },
-    { "help",	0,				modehelp, 0 },
-#ifdef	KLUDGELINEMODE
-    { "kludgeline", 0,				dokludgemode, 1 },
-#endif
-    { "", "", 0 },
-    { "?",	"Print help information",	modehelp, 0 },
-    { 0 },
-};
-
-
-    int
-modehelp()
-{
-    struct modelist *mt;
-
-    printf("format is:  'mode Mode', where 'Mode' is one of:\n\n");
-    for (mt = ModeList; mt->name; mt++) {
-	if (mt->help) {
-	    if (*mt->help)
-		printf("%-15s %s\n", mt->name, mt->help);
-	    else
-		printf("\n");
-	}
-    }
-    return 0;
-}
-
-#define	GETMODECMD(name) (struct modelist *) \
-		genget(name, (char **) ModeList, sizeof(struct modelist))
-
-    static int
-modecmd(argc, argv)
-    int  argc;
-    char *argv[];
-{
-    struct modelist *mt;
-
-    if (argc != 2) {
-	printf("'mode' command requires an argument\n");
-	printf("'mode ?' for help.\n");
-    } else if ((mt = GETMODECMD(argv[1])) == 0) {
-	fprintf(stderr, "Unknown mode '%s' ('mode ?' for help).\n", argv[1]);
-    } else if (Ambiguous(mt)) {
-	fprintf(stderr, "Ambiguous mode '%s' ('mode ?' for help).\n", argv[1]);
-    } else if (mt->needconnect && !connected) {
-	printf("?Need to be connected first.\n");
-	printf("'mode ?' for help.\n");
-    } else if (mt->handler) {
-	return (*mt->handler)(mt->arg1);
-    }
-    return 0;
-}
-
-/*
- * The following data structures and routines implement the
- * "display" command.
- */
-
-    static int
-display(argc, argv)
-    int  argc;
-    char *argv[];
-{
-    struct togglelist *tl;
-    struct setlist *sl;
-
-#define	dotog(tl)	if (tl->variable && tl->actionexplanation) { \
-			    if (*tl->variable) { \
-				printf("will"); \
-			    } else { \
-				printf("won't"); \
-			    } \
-			    printf(" %s.\n", tl->actionexplanation); \
-			}
-
-#define	doset(sl)   if (sl->name && *sl->name != ' ') { \
-			if (sl->handler == 0) \
-			    printf("%-15s [%s]\n", sl->name, control(*sl->charp)); \
-			else \
-			    printf("%-15s \"%s\"\n", sl->name, (char *)sl->charp); \
-		    }
-
-    if (argc == 1) {
-	for (tl = Togglelist; tl->name; tl++) {
-	    dotog(tl);
-	}
-	printf("\n");
-	for (sl = Setlist; sl->name; sl++) {
-	    doset(sl);
-	}
-    } else {
-	int i;
-
-	for (i = 1; i < argc; i++) {
-	    sl = getset(argv[i]);
-	    tl = GETTOGGLE(argv[i]);
-	    if (Ambiguous(sl) || Ambiguous(tl)) {
-		printf("?Ambiguous argument '%s'.\n", argv[i]);
-		return 0;
-	    } else if (!sl && !tl) {
-		printf("?Unknown argument '%s'.\n", argv[i]);
-		return 0;
-	    } else {
-		if (tl) {
-		    dotog(tl);
-		}
-		if (sl) {
-		    doset(sl);
-		}
-	    }
-	}
-    }
-/*@*/optionstatus();
-#ifdef	ENCRYPTION
-    EncryptStatus();
-#endif	/* ENCRYPTION */
-    return 1;
-#undef	doset
-#undef	dotog
-}
-
-/*
- * The following are the data structures, and many of the routines,
- * relating to command processing.
- */
-
-/*
- * Set the escape character.
- */
-	static int
-setescape(argc, argv)
-	int argc;
-	char *argv[];
-{
-	register char *arg;
-	char buf[50];
-
-	printf(
-	    "Deprecated usage - please use 'set escape%s%s' in the future.\n",
-				(argc > 2)? " ":"", (argc > 2)? argv[1]: "");
-	if (argc > 2)
-		arg = argv[1];
-	else {
-		printf("new escape character: ");
-		(void) fgets(buf, sizeof(buf), stdin);
-		arg = buf;
-	}
-	if (arg[0] != '\0')
-		escape = arg[0];
-	if (!In3270) {
-		printf("Escape character is '%s'.\n", control(escape));
-	}
-	(void) fflush(stdout);
-	return 1;
-}
-
-    /*VARARGS*/
-    static int
-togcrmod()
-{
-    crmod = !crmod;
-    printf("Deprecated usage - please use 'toggle crmod' in the future.\n");
-    printf("%s map carriage return on output.\n", crmod ? "Will" : "Won't");
-    (void) fflush(stdout);
-    return 1;
-}
-
-    /*VARARGS*/
-    int
-suspend()
-{
-#ifdef	SIGTSTP
-    setcommandmode();
-    {
-	long oldrows, oldcols, newrows, newcols, err;
-
-	err = (TerminalWindowSize(&oldrows, &oldcols) == 0) ? 1 : 0;
-	(void) kill(0, SIGTSTP);
-	/*
-	 * If we didn't get the window size before the SUSPEND, but we
-	 * can get them now (?), then send the NAWS to make sure that
-	 * we are set up for the right window size.
-	 */
-	if (TerminalWindowSize(&newrows, &newcols) && connected &&
-	    (err || ((oldrows != newrows) || (oldcols != newcols)))) {
-		sendnaws();
-	}
-    }
-    /* reget parameters in case they were changed */
-    TerminalSaveState();
-    setconnmode(0);
-#else
-    printf("Suspend is not supported.  Try the '!' command instead\n");
-#endif
-    return 1;
-}
-
-#if	!defined(TN3270)
-    /*ARGSUSED*/
-    int
-shell(argc, argv)
-    int argc;
-    char *argv[];
-{
-    long oldrows, oldcols, newrows, newcols, err;
-
-    setcommandmode();
-
-    err = (TerminalWindowSize(&oldrows, &oldcols) == 0) ? 1 : 0;
-    switch(vfork()) {
-    case -1:
-	perror("Fork failed\n");
-	break;
-
-    case 0:
-	{
-	    /*
-	     * Fire up the shell in the child.
-	     */
-	    register char *shellp, *shellname;
-	    extern char *strrchr();
-
-	    shellp = getenv("SHELL");
-	    if (shellp == NULL)
-		shellp = "/bin/sh";
-	    if ((shellname = strrchr(shellp, '/')) == 0)
-		shellname = shellp;
-	    else
-		shellname++;
-	    if (argc > 1)
-		execl(shellp, shellname, "-c", &saveline[1], 0);
-	    else
-		execl(shellp, shellname, 0);
-	    perror("Execl");
-	    _exit(1);
-	}
-    default:
-	    (void)wait((int *)0);	/* Wait for the shell to complete */
-
-	    if (TerminalWindowSize(&newrows, &newcols) && connected &&
-		(err || ((oldrows != newrows) || (oldcols != newcols)))) {
-		    sendnaws();
-	    }
-	    break;
-    }
-    return 1;
-}
-#else	/* !defined(TN3270) */
-extern int shell();
-#endif	/* !defined(TN3270) */
-
-    /*VARARGS*/
-    static int
-bye(argc, argv)
-    int  argc;		/* Number of arguments */
-    char *argv[];	/* arguments */
-{
-    extern int resettermname;
-
-    if (connected) {
-	(void) shutdown(net, 2);
-	printf("Connection closed.\n");
-	(void) NetClose(net);
-	connected = 0;
-	resettermname = 1;
-#if	defined(AUTHENTICATION) || defined(ENCRYPTION)
-	auth_encrypt_connect(connected);
-#endif	/* defined(AUTHENTICATION) || defined(ENCRYPTION) */
-	/* reset options */
-	tninit();
-#if	defined(TN3270)
-	SetIn3270();		/* Get out of 3270 mode */
-#endif	/* defined(TN3270) */
-    }
-    if ((argc != 2) || (strcmp(argv[1], "fromquit") != 0)) {
-	longjmp(toplevel, 1);
-	/* NOTREACHED */
-    }
-    return 1;			/* Keep lint, etc., happy */
-}
-
-/*VARARGS*/
-	int
-quit()
-{
-	(void) call(bye, "bye", "fromquit", 0);
-	Exit(0);
-	/*NOTREACHED*/
-}
-
-/*VARARGS*/
-	int
-logout()
-{
-	send_do(TELOPT_LOGOUT, 1);
-	(void) netflush();
-	return 1;
-}
-
-
-/*
- * The SLC command.
- */
-
-struct slclist {
-	char	*name;
-	char	*help;
-	void	(*handler)();
-	int	arg;
-};
-
-static void slc_help();
-
-struct slclist SlcList[] = {
-    { "export",	"Use local special character definitions",
-						slc_mode_export,	0 },
-    { "import",	"Use remote special character definitions",
-						slc_mode_import,	1 },
-    { "check",	"Verify remote special character definitions",
-						slc_mode_import,	0 },
-    { "help",	0,				slc_help,		0 },
-    { "?",	"Print help information",	slc_help,		0 },
-    { 0 },
-};
-
-    static void
-slc_help()
-{
-    struct slclist *c;
-
-    for (c = SlcList; c->name; c++) {
-	if (c->help) {
-	    if (*c->help)
-		printf("%-15s %s\n", c->name, c->help);
-	    else
-		printf("\n");
-	}
-    }
-}
-
-    static struct slclist *
-getslc(name)
-    char *name;
-{
-    return (struct slclist *)
-		genget(name, (char **) SlcList, sizeof(struct slclist));
-}
-
-    static int
-slccmd(argc, argv)
-    int  argc;
-    char *argv[];
-{
-    struct slclist *c;
-
-    if (argc != 2) {
-	fprintf(stderr,
-	    "Need an argument to 'slc' command.  'slc ?' for help.\n");
-	return 0;
-    }
-    c = getslc(argv[1]);
-    if (c == 0) {
-	fprintf(stderr, "'%s': unknown argument ('slc ?' for help).\n",
-    				argv[1]);
-	return 0;
-    }
-    if (Ambiguous(c)) {
-	fprintf(stderr, "'%s': ambiguous argument ('slc ?' for help).\n",
-    				argv[1]);
-	return 0;
-    }
-    (*c->handler)(c->arg);
-    slcstate();
-    return 1;
-}
-
-/*
- * The ENVIRON command.
- */
-
-struct envlist {
-	char	*name;
-	char	*help;
-	void	(*handler)();
-	int	narg;
-};
-
-extern struct env_lst *
-	env_define P((unsigned char *, unsigned char *));
-extern void
-	env_undefine P((unsigned char *)),
-	env_export P((unsigned char *)),
-	env_unexport P((unsigned char *)),
-	env_send P((unsigned char *)),
-#if defined(OLD_ENVIRON) && defined(ENV_HACK)
-	env_varval P((unsigned char *)),
-#endif
-	env_list P((void));
-static void
-	env_help P((void));
-
-struct envlist EnvList[] = {
-    { "define",	"Define an environment variable",
-						(void (*)())env_define,	2 },
-    { "undefine", "Undefine an environment variable",
-						env_undefine,	1 },
-    { "export",	"Mark an environment variable for automatic export",
-						env_export,	1 },
-    { "unexport", "Don't mark an environment variable for automatic export",
-						env_unexport,	1 },
-    { "send",	"Send an environment variable", env_send,	1 },
-    { "list",	"List the current environment variables",
-						env_list,	0 },
-#if defined(OLD_ENVIRON) && defined(ENV_HACK)
-    { "varval", "Reverse VAR and VALUE (auto, right, wrong, status)",
-						env_varval,    1 },
-#endif
-    { "help",	0,				env_help,		0 },
-    { "?",	"Print help information",	env_help,		0 },
-    { 0 },
-};
-
-    static void
-env_help()
-{
-    struct envlist *c;
-
-    for (c = EnvList; c->name; c++) {
-	if (c->help) {
-	    if (*c->help)
-		printf("%-15s %s\n", c->name, c->help);
-	    else
-		printf("\n");
-	}
-    }
-}
-
-    static struct envlist *
-getenvcmd(name)
-    char *name;
-{
-    return (struct envlist *)
-		genget(name, (char **) EnvList, sizeof(struct envlist));
-}
-
-	int
-env_cmd(argc, argv)
-    int  argc;
-    char *argv[];
-{
-    struct envlist *c;
-
-    if (argc < 2) {
-	fprintf(stderr,
-	    "Need an argument to 'environ' command.  'environ ?' for help.\n");
-	return 0;
-    }
-    c = getenvcmd(argv[1]);
-    if (c == 0) {
-	fprintf(stderr, "'%s': unknown argument ('environ ?' for help).\n",
-    				argv[1]);
-	return 0;
-    }
-    if (Ambiguous(c)) {
-	fprintf(stderr, "'%s': ambiguous argument ('environ ?' for help).\n",
-    				argv[1]);
-	return 0;
-    }
-    if (c->narg + 2 != argc) {
-	fprintf(stderr,
-	    "Need %s%d argument%s to 'environ %s' command.  'environ ?' for help.\n",
-		c->narg < argc + 2 ? "only " : "",
-		c->narg, c->narg == 1 ? "" : "s", c->name);
-	return 0;
-    }
-    (*c->handler)(argv[2], argv[3]);
-    return 1;
-}
-
-struct env_lst {
-	struct env_lst *next;	/* pointer to next structure */
-	struct env_lst *prev;	/* pointer to previous structure */
-	unsigned char *var;	/* pointer to variable name */
-	unsigned char *value;	/* pointer to variable value */
-	int export;		/* 1 -> export with default list of variables */
-	int welldefined;	/* A well defined variable */
-};
-
-struct env_lst envlisthead;
-
-	struct env_lst *
-env_find(var)
-	unsigned char *var;
-{
-	register struct env_lst *ep;
-
-	for (ep = envlisthead.next; ep; ep = ep->next) {
-		if (strcmp((char *)ep->var, (char *)var) == 0)
-			return(ep);
-	}
-	return(NULL);
-}
-
-	void
-env_init()
-{
-	extern char **environ;
-	register char **epp, *cp;
-	register struct env_lst *ep;
-	extern char *strchr();
-
-	for (epp = environ; *epp; epp++) {
-		if ((cp = strchr(*epp, '='))) {
-			*cp = '\0';
-			ep = env_define((unsigned char *)*epp,
-					(unsigned char *)cp+1);
-			ep->export = 0;
-			*cp = '=';
-		}
-	}
-	/*
-	 * Special case for DISPLAY variable.  If it is ":0.0" or
-	 * "unix:0.0", we have to get rid of "unix" and insert our
-	 * hostname.
-	 */
-	if ((ep = env_find("DISPLAY"))
-	    && ((*ep->value == ':')
-		|| (strncmp((char *)ep->value, "unix:", 5) == 0))) {
-		char hbuf[256+1];
-		char *cp2 = strchr((char *)ep->value, ':');
-
-		gethostname(hbuf, 256);
-		hbuf[256] = '\0';
-		cp = (char *)malloc(strlen(hbuf) + strlen(cp2) + 1);
-		sprintf((char *)cp, "%s%s", hbuf, cp2);
-		free(ep->value);
-		ep->value = (unsigned char *)cp;
-	}
-	/*
-	 * If USER is not defined, but LOGNAME is, then add
-	 * USER with the value from LOGNAME.  By default, we
-	 * don't export the USER variable.
-	 */
-	if ((env_find("USER") == NULL) && (ep = env_find("LOGNAME"))) {
-		env_define((unsigned char *)"USER", ep->value);
-		env_unexport((unsigned char *)"USER");
-	}
-	env_export((unsigned char *)"DISPLAY");
-	env_export((unsigned char *)"PRINTER");
-}
-
-	struct env_lst *
-env_define(var, value)
-	unsigned char *var, *value;
-{
-	register struct env_lst *ep;
-
-	if ((ep = env_find(var))) {
-		if (ep->var)
-			free(ep->var);
-		if (ep->value)
-			free(ep->value);
-	} else {
-		ep = (struct env_lst *)malloc(sizeof(struct env_lst));
-		ep->next = envlisthead.next;
-		envlisthead.next = ep;
-		ep->prev = &envlisthead;
-		if (ep->next)
-			ep->next->prev = ep;
-	}
-	ep->welldefined = opt_welldefined(var);
-	ep->export = 1;
-	ep->var = (unsigned char *)strdup((char *)var);
-	ep->value = (unsigned char *)strdup((char *)value);
-	return(ep);
-}
-
-	void
-env_undefine(var)
-	unsigned char *var;
-{
-	register struct env_lst *ep;
-
-	if ((ep = env_find(var))) {
-		ep->prev->next = ep->next;
-		if (ep->next)
-			ep->next->prev = ep->prev;
-		if (ep->var)
-			free(ep->var);
-		if (ep->value)
-			free(ep->value);
-		free(ep);
-	}
-}
-
-	void
-env_export(var)
-	unsigned char *var;
-{
-	register struct env_lst *ep;
-
-	if ((ep = env_find(var)))
-		ep->export = 1;
-}
-
-	void
-env_unexport(var)
-	unsigned char *var;
-{
-	register struct env_lst *ep;
-
-	if ((ep = env_find(var)))
-		ep->export = 0;
-}
-
-	void
-env_send(var)
-	unsigned char *var;
-{
-	register struct env_lst *ep;
-
-	if (my_state_is_wont(TELOPT_NEW_ENVIRON)
-#ifdef	OLD_ENVIRON
-	    && my_state_is_wont(TELOPT_OLD_ENVIRON)
-#endif
-		) {
-		fprintf(stderr,
-		    "Cannot send '%s': Telnet ENVIRON option not enabled\n",
-									var);
-		return;
-	}
-	ep = env_find(var);
-	if (ep == 0) {
-		fprintf(stderr, "Cannot send '%s': variable not defined\n",
-									var);
-		return;
-	}
-	env_opt_start_info();
-	env_opt_add(ep->var);
-	env_opt_end(0);
-}
-
-	void
-env_list()
-{
-	register struct env_lst *ep;
-
-	for (ep = envlisthead.next; ep; ep = ep->next) {
-		printf("%c %-20s %s\n", ep->export ? '*' : ' ',
-					ep->var, ep->value);
-	}
-}
-
-	unsigned char *
-env_default(init, welldefined)
-	int init;
-{
-	static struct env_lst *nep = NULL;
-
-	if (init) {
-		nep = &envlisthead;
-		return(NULL);
-	}
-	if (nep) {
-		while ((nep = nep->next)) {
-			if (nep->export && (nep->welldefined == welldefined))
-				return(nep->var);
-		}
-	}
-	return(NULL);
-}
-
-	unsigned char *
-env_getvalue(var)
-	unsigned char *var;
-{
-	register struct env_lst *ep;
-
-	if ((ep = env_find(var)))
-		return(ep->value);
-	return(NULL);
-}
-
-#if defined(OLD_ENVIRON) && defined(ENV_HACK)
-	void
-env_varval(what)
-	unsigned char *what;
-{
-	extern int old_env_var, old_env_value, env_auto;
-	int len = strlen((char *)what);
-
-	if (len == 0)
-		goto unknown;
-
-	if (strncasecmp((char *)what, "status", len) == 0) {
-		if (env_auto)
-			printf("%s%s", "VAR and VALUE are/will be ",
-					"determined automatically\n");
-		if (old_env_var == OLD_ENV_VAR)
-			printf("VAR and VALUE set to correct definitions\n");
-		else
-			printf("VAR and VALUE definitions are reversed\n");
-	} else if (strncasecmp((char *)what, "auto", len) == 0) {
-		env_auto = 1;
-		old_env_var = OLD_ENV_VALUE;
-		old_env_value = OLD_ENV_VAR;
-	} else if (strncasecmp((char *)what, "right", len) == 0) {
-		env_auto = 0;
-		old_env_var = OLD_ENV_VAR;
-		old_env_value = OLD_ENV_VALUE;
-	} else if (strncasecmp((char *)what, "wrong", len) == 0) {
-		env_auto = 0;
-		old_env_var = OLD_ENV_VALUE;
-		old_env_value = OLD_ENV_VAR;
-	} else {
-unknown:
-		printf("Unknown \"varval\" command. (\"auto\", \"right\", \"wrong\", \"status\")\n");
-	}
-}
-#endif
-
-#if	defined(AUTHENTICATION)
-/*
- * The AUTHENTICATE command.
- */
-
-struct authlist {
-	char	*name;
-	char	*help;
-	int	(*handler)();
-	int	narg;
-};
-
-extern int
-	auth_enable P((char *)),
-	auth_disable P((char *)),
-	auth_status P((void));
-static int
-	auth_help P((void));
-
-struct authlist AuthList[] = {
-    { "status",	"Display current status of authentication information",
-						auth_status,	0 },
-    { "disable", "Disable an authentication type ('auth disable ?' for more)",
-						auth_disable,	1 },
-    { "enable", "Enable an authentication type ('auth enable ?' for more)",
-						auth_enable,	1 },
-    { "help",	0,				auth_help,		0 },
-    { "?",	"Print help information",	auth_help,		0 },
-    { 0 },
-};
-
-    static int
-auth_help()
-{
-    struct authlist *c;
-
-    for (c = AuthList; c->name; c++) {
-	if (c->help) {
-	    if (*c->help)
-		printf("%-15s %s\n", c->name, c->help);
-	    else
-		printf("\n");
-	}
-    }
-    return 0;
-}
-
-	int
-auth_cmd(argc, argv)
-    int  argc;
-    char *argv[];
-{
-    struct authlist *c;
-
-    if (argc < 2) {
-	fprintf(stderr,
-	    "Need an argument to 'auth' command.  'auth ?' for help.\n");
-	return 0;
-    }
-
-    c = (struct authlist *)
-		genget(argv[1], (char **) AuthList, sizeof(struct authlist));
-    if (c == 0) {
-	fprintf(stderr, "'%s': unknown argument ('auth ?' for help).\n",
-    				argv[1]);
-	return 0;
-    }
-    if (Ambiguous(c)) {
-	fprintf(stderr, "'%s': ambiguous argument ('auth ?' for help).\n",
-    				argv[1]);
-	return 0;
-    }
-    if (c->narg + 2 != argc) {
-	fprintf(stderr,
-	    "Need %s%d argument%s to 'auth %s' command.  'auth ?' for help.\n",
-		c->narg < argc + 2 ? "only " : "",
-		c->narg, c->narg == 1 ? "" : "s", c->name);
-	return 0;
-    }
-    return((*c->handler)(argv[2], argv[3]));
-}
-#endif
-
-#ifdef	ENCRYPTION
-/*
- * The ENCRYPT command.
- */
-
-struct encryptlist {
-	char	*name;
-	char	*help;
-	int	(*handler)();
-	int	needconnect;
-	int	minarg;
-	int	maxarg;
-};
-
-extern int
-	EncryptEnable P((char *, char *)),
-	EncryptDisable P((char *, char *)),
-	EncryptType P((char *, char *)),
-	EncryptStart P((char *)),
-	EncryptStartInput P((void)),
-	EncryptStartOutput P((void)),
-	EncryptStop P((char *)),
-	EncryptStopInput P((void)),
-	EncryptStopOutput P((void)),
-	EncryptStatus P((void));
-static int
-	EncryptHelp P((void));
-
-struct encryptlist EncryptList[] = {
-    { "enable", "Enable encryption. ('encrypt enable ?' for more)",
-						EncryptEnable, 1, 1, 2 },
-    { "disable", "Disable encryption. ('encrypt enable ?' for more)",
-						EncryptDisable, 0, 1, 2 },
-    { "type", "Set encryption type. ('encrypt type ?' for more)",
-						EncryptType, 0, 1, 1 },
-    { "start", "Start encryption. ('encrypt start ?' for more)",
-						EncryptStart, 1, 0, 1 },
-    { "stop", "Stop encryption. ('encrypt stop ?' for more)",
-						EncryptStop, 1, 0, 1 },
-    { "input", "Start encrypting the input stream",
-						EncryptStartInput, 1, 0, 0 },
-    { "-input", "Stop encrypting the input stream",
-						EncryptStopInput, 1, 0, 0 },
-    { "output", "Start encrypting the output stream",
-						EncryptStartOutput, 1, 0, 0 },
-    { "-output", "Stop encrypting the output stream",
-						EncryptStopOutput, 1, 0, 0 },
-
-    { "status",	"Display current status of authentication information",
-						EncryptStatus,	0, 0, 0 },
-    { "help",	0,				EncryptHelp,	0, 0, 0 },
-    { "?",	"Print help information",	EncryptHelp,	0, 0, 0 },
-    { 0 },
-};
-
-    static int
-EncryptHelp()
-{
-    struct encryptlist *c;
-
-    for (c = EncryptList; c->name; c++) {
-	if (c->help) {
-	    if (*c->help)
-		printf("%-15s %s\n", c->name, c->help);
-	    else
-		printf("\n");
-	}
-    }
-    return 0;
-}
-
-	int
-encrypt_cmd(argc, argv)
-    int  argc;
-    char *argv[];
-{
-    struct encryptlist *c;
-
-    if (argc < 2) {
-	fprintf(stderr,
-	    "Need an argument to 'encrypt' command.  'encrypt ?' for help.\n");
-	return 0;
-    }
-
-    c = (struct encryptlist *)
-		genget(argv[1], (char **) EncryptList, sizeof(struct encryptlist));
-    if (c == 0) {
-	fprintf(stderr, "'%s': unknown argument ('encrypt ?' for help).\n",
-    				argv[1]);
-	return 0;
-    }
-    if (Ambiguous(c)) {
-	fprintf(stderr, "'%s': ambiguous argument ('encrypt ?' for help).\n",
-    				argv[1]);
-	return 0;
-    }
-    argc -= 2;
-    if (argc < c->minarg || argc > c->maxarg) {
-	if (c->minarg == c->maxarg) {
-	    fprintf(stderr, "Need %s%d argument%s ",
-		c->minarg < argc ? "only " : "", c->minarg,
-		c->minarg == 1 ? "" : "s");
-	} else {
-	    fprintf(stderr, "Need %s%d-%d arguments ",
-		c->maxarg < argc ? "only " : "", c->minarg, c->maxarg);
-	}
-	fprintf(stderr, "to 'encrypt %s' command.  'encrypt ?' for help.\n",
-		c->name);
-	return 0;
-    }
-    if (c->needconnect && !connected) {
-	if (!(argc && (isprefix(argv[2], "help") || isprefix(argv[2], "?")))) {
-	    printf("?Need to be connected first.\n");
-	    return 0;
-	}
-    }
-    return ((*c->handler)(argc > 0 ? argv[2] : 0,
-			argc > 1 ? argv[3] : 0,
-			argc > 2 ? argv[4] : 0));
-}
-#endif	/* ENCRYPTION */
-
-#if	defined(unix) && defined(TN3270)
-    static void
-filestuff(fd)
-    int fd;
-{
-    int res;
-
-#ifdef	F_GETOWN
-    setconnmode(0);
-    res = fcntl(fd, F_GETOWN, 0);
-    setcommandmode();
-
-    if (res == -1) {
-	perror("fcntl");
-	return;
-    }
-    printf("\tOwner is %d.\n", res);
-#endif
-
-    setconnmode(0);
-    res = fcntl(fd, F_GETFL, 0);
-    setcommandmode();
-
-    if (res == -1) {
-	perror("fcntl");
-	return;
-    }
-#ifdef notdef
-    printf("\tFlags are 0x%x: %s\n", res, decodeflags(res));
-#endif
-}
-#endif /* defined(unix) && defined(TN3270) */
-
-/*
- * Print status about the connection.
- */
-    /*ARGSUSED*/
-    static int
-status(argc, argv)
-    int	 argc;
-    char *argv[];
-{
-    if (connected) {
-	printf("Connected to %s.\n", hostname);
-	if ((argc < 2) || strcmp(argv[1], "notmuch")) {
-	    int mode = getconnmode();
-
-	    if (my_want_state_is_will(TELOPT_LINEMODE)) {
-		printf("Operating with LINEMODE option\n");
-		printf("%s line editing\n", (mode&MODE_EDIT) ? "Local" : "No");
-		printf("%s catching of signals\n",
-					(mode&MODE_TRAPSIG) ? "Local" : "No");
-		slcstate();
-#ifdef	KLUDGELINEMODE
-	    } else if (kludgelinemode && my_want_state_is_dont(TELOPT_SGA)) {
-		printf("Operating in obsolete linemode\n");
-#endif
-	    } else {
-		printf("Operating in single character mode\n");
-		if (localchars)
-		    printf("Catching signals locally\n");
-	    }
-	    printf("%s character echo\n", (mode&MODE_ECHO) ? "Local" : "Remote");
-	    if (my_want_state_is_will(TELOPT_LFLOW))
-		printf("%s flow control\n", (mode&MODE_FLOW) ? "Local" : "No");
-#ifdef	ENCRYPTION
-	    encrypt_display();
-#endif	/* ENCRYPTION */
-	}
-    } else {
-	printf("No connection.\n");
-    }
-#   if !defined(TN3270)
-    printf("Escape character is '%s'.\n", control(escape));
-    (void) fflush(stdout);
-#   else /* !defined(TN3270) */
-    if ((!In3270) && ((argc < 2) || strcmp(argv[1], "notmuch"))) {
-	printf("Escape character is '%s'.\n", control(escape));
-    }
-#   if defined(unix)
-    if ((argc >= 2) && !strcmp(argv[1], "everything")) {
-	printf("SIGIO received %d time%s.\n",
-				sigiocount, (sigiocount == 1)? "":"s");
-	if (In3270) {
-	    printf("Process ID %d, process group %d.\n",
-					    getpid(), getpgrp(getpid()));
-	    printf("Terminal input:\n");
-	    filestuff(tin);
-	    printf("Terminal output:\n");
-	    filestuff(tout);
-	    printf("Network socket:\n");
-	    filestuff(net);
-	}
-    }
-    if (In3270 && transcom) {
-       printf("Transparent mode command is '%s'.\n", transcom);
-    }
-#   endif /* defined(unix) */
-    (void) fflush(stdout);
-    if (In3270) {
-	return 0;
-    }
-#   endif /* defined(TN3270) */
-    return 1;
-}
-
-#ifdef	SIGINFO
-/*
- * Function that gets called when SIGINFO is received.
- */
-	void
-ayt_status()
-{
-    (void) call(status, "status", "notmuch", 0);
-}
-#endif
-
-unsigned long inet_addr();
-
-    int
-tn(argc, argv)
-    int argc;
-    char *argv[];
-{
-    register struct hostent *host = 0;
-    struct sockaddr_in sin;
-    struct servent *sp = 0;
-    unsigned long temp;
-    extern char *inet_ntoa();
-#if	defined(IP_OPTIONS) && defined(IPPROTO_IP)
-    char *srp = 0, *strrchr();
-    unsigned long sourceroute(), srlen;
-#endif
-    char *cmd, *hostp = 0, *portp = 0, *user = 0;
-
-    /* clear the socket address prior to use */
-    memset((char *)&sin, 0, sizeof(sin));
-
-    if (connected) {
-	printf("?Already connected to %s\n", hostname);
-	setuid(getuid());
-	return 0;
-    }
-    if (argc < 2) {
-	(void) strcpy(line, "open ");
-	printf("(to) ");
-	(void) fgets(&line[strlen(line)], sizeof(line) - strlen(line), stdin);
-	makeargv();
-	argc = margc;
-	argv = margv;
-    }
-    cmd = *argv;
-    --argc; ++argv;
-    while (argc) {
-	if (strcmp(*argv, "help") == 0 || isprefix(*argv, "?"))
-	    goto usage;
-	if (strcmp(*argv, "-l") == 0) {
-	    --argc; ++argv;
-	    if (argc == 0)
-		goto usage;
-	    user = *argv++;
-	    --argc;
-	    continue;
-	}
-	if (strcmp(*argv, "-a") == 0) {
-	    --argc; ++argv;
-	    autologin = 1;
-	    continue;
-	}
-	if (hostp == 0) {
-	    hostp = *argv++;
-	    --argc;
-	    continue;
-	}
-	if (portp == 0) {
-	    portp = *argv++;
-	    --argc;
-	    continue;
-	}
-    usage:
-	printf("usage: %s [-l user] [-a] host-name [port]\n", cmd);
-	setuid(getuid());
-	return 0;
-    }
-    if (hostp == 0)
-	goto usage;
-
-#if	defined(IP_OPTIONS) && defined(IPPROTO_IP)
-    if (hostp[0] == '@' || hostp[0] == '!') {
-	if ((hostname = strrchr(hostp, ':')) == NULL)
-	    hostname = strrchr(hostp, '@');
-	hostname++;
-	srp = 0;
-	temp = sourceroute(hostp, &srp, &srlen);
-	if (temp == 0) {
-	    herror(srp);
-	    setuid(getuid());
-	    return 0;
-	} else if (temp == -1) {
-	    printf("Bad source route option: %s\n", hostp);
-	    setuid(getuid());
-	    return 0;
-	} else {
-	    sin.sin_addr.s_addr = temp;
-	    sin.sin_family = AF_INET;
-	}
-    } else {
-#endif
-	temp = inet_addr(hostp);
- 	if (temp != INADDR_NONE) {
-	    sin.sin_addr.s_addr = temp;
-	    sin.sin_family = AF_INET;
- 	    host = gethostbyaddr((char *)&temp, sizeof(temp), AF_INET);
- 	    if (host)
- 	        (void) strncpy(_hostname, host->h_name, sizeof(_hostname));
- 	    else
- 		(void) strncpy(_hostname, hostp, sizeof(_hostname));
- 	    _hostname[sizeof(_hostname)-1] = '\0';
-	    hostname = _hostname;
-	} else {
-	    host = gethostbyname(hostp);
-	    if (host) {
-		sin.sin_family = host->h_addrtype;
-#if	defined(h_addr)		/* In 4.3, this is a #define */
-		memmove((caddr_t)&sin.sin_addr,
-				host->h_addr_list[0], host->h_length);
-#else	/* defined(h_addr) */
-		memmove((caddr_t)&sin.sin_addr, host->h_addr, host->h_length);
-#endif	/* defined(h_addr) */
-		strncpy(_hostname, host->h_name, sizeof(_hostname));
-		_hostname[sizeof(_hostname)-1] = '\0';
-		hostname = _hostname;
-	    } else {
-		herror(hostp);
-		setuid(getuid());
-		return 0;
-	    }
-	}
-#if	defined(IP_OPTIONS) && defined(IPPROTO_IP)
-    }
-#endif
-    if (portp) {
-	if (*portp == '-') {
-	    portp++;
-	    telnetport = 1;
-	} else
-	    telnetport = 0;
-	sin.sin_port = atoi(portp);
-	if (sin.sin_port == 0) {
-	    sp = getservbyname(portp, "tcp");
-	    if (sp)
-		sin.sin_port = sp->s_port;
-	    else {
-		printf("%s: bad port number\n", portp);
-		setuid(getuid());
-		return 0;
-	    }
-	} else {
-#if	!defined(htons)
-	    u_short htons P((unsigned short));
-#endif	/* !defined(htons) */
-	    sin.sin_port = htons(sin.sin_port);
-	}
-    } else {
-	if (sp == 0) {
-	    sp = getservbyname("telnet", "tcp");
-	    if (sp == 0) {
-		fprintf(stderr, "telnet: tcp/telnet: unknown service\n");
-		setuid(getuid());
-		return 0;
-	    }
-	    sin.sin_port = sp->s_port;
-	}
-	telnetport = 1;
-    }
-    printf("Trying %s...\n", inet_ntoa(sin.sin_addr));
-    do {
-	net = socket(AF_INET, SOCK_STREAM, 0);
-	setuid(getuid());
-	if (net < 0) {
-	    perror("telnet: socket");
-	    return 0;
-	}
-#if	defined(IP_OPTIONS) && defined(IPPROTO_IP)
-	if (srp && setsockopt(net, IPPROTO_IP, IP_OPTIONS, (char *)srp, srlen) < 0)
-		perror("setsockopt (IP_OPTIONS)");
-#endif
-#if	defined(IPPROTO_IP) && defined(IP_TOS)
-	{
-# if	defined(HAS_GETTOS)
-	    struct tosent *tp;
-	    if (tos < 0 && (tp = gettosbyname("telnet", "tcp")))
-		tos = tp->t_tos;
-# endif
-	    if (tos < 0)
-		tos = 020;	/* Low Delay bit */
-	    if (tos
-		&& (setsockopt(net, IPPROTO_IP, IP_TOS,
-		    (char *)&tos, sizeof(int)) < 0)
-		&& (errno != ENOPROTOOPT))
-		    perror("telnet: setsockopt (IP_TOS) (ignored)");
-	}
-#endif	/* defined(IPPROTO_IP) && defined(IP_TOS) */
-
-	if (debug && SetSockOpt(net, SOL_SOCKET, SO_DEBUG, 1) < 0) {
-		perror("setsockopt (SO_DEBUG)");
-	}
-
-	if (connect(net, (struct sockaddr *)&sin, sizeof (sin)) < 0) {
-#if	defined(h_addr)		/* In 4.3, this is a #define */
-	    if (host && host->h_addr_list[1]) {
-		int oerrno = errno;
-
-		fprintf(stderr, "telnet: connect to address %s: ",
-						inet_ntoa(sin.sin_addr));
-		errno = oerrno;
-		perror((char *)0);
-		host->h_addr_list++;
-		memmove((caddr_t)&sin.sin_addr,
-			host->h_addr_list[0], host->h_length);
-		(void) NetClose(net);
-		continue;
-	    }
-#endif	/* defined(h_addr) */
-	    perror("telnet: Unable to connect to remote host");
-	    return 0;
-	}
-	connected++;
-#if	defined(AUTHENTICATION) || defined(ENCRYPTION)
-	auth_encrypt_connect(connected);
-#endif	/* defined(AUTHENTICATION) || defined(ENCRYPTION) */
-    } while (connected == 0);
-    cmdrc(hostp, hostname);
-    if (autologin && user == NULL) {
-	struct passwd *pw;
-
-	user = getenv("USER");
-	if (user == NULL ||
-	    ((pw = getpwnam(user)) && pw->pw_uid != getuid())) {
-		if ((pw = getpwuid(getuid())))
-			user = pw->pw_name;
-		else
-			user = NULL;
-	}
-    }
-    if (user) {
-	env_define((unsigned char *)"USER", (unsigned char *)user);
-	env_export((unsigned char *)"USER");
-    }
-    (void) call(status, "status", "notmuch", 0);
-    if (setjmp(peerdied) == 0)
-	telnet(user);
-    (void) NetClose(net);
-    ExitString("Connection closed by foreign host.\n",1);
-    /*NOTREACHED*/
-}
-
-#define HELPINDENT (sizeof ("connect"))
-
-static char
-	openhelp[] =	"connect to a site",
-	closehelp[] =	"close current connection",
-	logouthelp[] =	"forcibly logout remote user and close the connection",
-	quithelp[] =	"exit telnet",
-	statushelp[] =	"print status information",
-	helphelp[] =	"print help information",
-	sendhelp[] =	"transmit special characters ('send ?' for more)",
-	sethelp[] = 	"set operating parameters ('set ?' for more)",
-	unsethelp[] = 	"unset operating parameters ('unset ?' for more)",
-	togglestring[] ="toggle operating parameters ('toggle ?' for more)",
-	slchelp[] =	"change state of special charaters ('slc ?' for more)",
-	displayhelp[] =	"display operating parameters",
-#if	defined(TN3270) && defined(unix)
-	transcomhelp[] = "specify Unix command for transparent mode pipe",
-#endif	/* defined(TN3270) && defined(unix) */
-#if	defined(AUTHENTICATION)
-	authhelp[] =	"turn on (off) authentication ('auth ?' for more)",
-#endif
-#ifdef	ENCRYPTION
-	encrypthelp[] =	"turn on (off) encryption ('encrypt ?' for more)",
-#endif	/* ENCRYPTION */
-#if	defined(unix)
-	zhelp[] =	"suspend telnet",
-#endif	/* defined(unix) */
-#if	defined(SKEY)
-	skeyhelp[] =    "compute response to s/key challenge",
-#endif
-	shellhelp[] =	"invoke a subshell",
-	envhelp[] =	"change environment variables ('environ ?' for more)",
-	modestring[] = "try to enter line or character mode ('mode ?' for more)";
-
-static Command cmdtab[] = {
-	{ "close",	closehelp,	bye,		1 },
-	{ "logout",	logouthelp,	logout,		1 },
-	{ "display",	displayhelp,	display,	0 },
-	{ "mode",	modestring,	modecmd,	0 },
-	{ "open",	openhelp,	tn,		0 },
-	{ "quit",	quithelp,	quit,		0 },
-	{ "send",	sendhelp,	sendcmd,	0 },
-	{ "set",	sethelp,	setcmd,		0 },
-	{ "unset",	unsethelp,	unsetcmd,	0 },
-	{ "status",	statushelp,	status,		0 },
-	{ "toggle",	togglestring,	toggle,		0 },
-	{ "slc",	slchelp,	slccmd,		0 },
-#if	defined(TN3270) && defined(unix)
-	{ "transcom",	transcomhelp,	settranscom,	0 },
-#endif	/* defined(TN3270) && defined(unix) */
-#if	defined(AUTHENTICATION)
-	{ "auth",	authhelp,	auth_cmd,	0 },
-#endif
-#ifdef	ENCRYPTION
-	{ "encrypt",	encrypthelp,	encrypt_cmd,	0 },
-#endif	/* ENCRYPTION */
-#if	defined(unix)
-	{ "z",		zhelp,		suspend,	0 },
-#endif	/* defined(unix) */
-#if	defined(TN3270)
-	{ "!",		shellhelp,	shell,		1 },
-#else
-	{ "!",		shellhelp,	shell,		0 },
-#endif
-	{ "environ",	envhelp,	env_cmd,	0 },
-	{ "?",		helphelp,	help,		0 },
-#if	defined(SKEY)
-	{ "skey",       skeyhelp,       skey_calc,      0 },
-#endif		
-	{ 0, 0, 0, 0 }
-};
-
-static char	crmodhelp[] =	"deprecated command -- use 'toggle crmod' instead";
-static char	escapehelp[] =	"deprecated command -- use 'set escape' instead";
-
-static Command cmdtab2[] = {
-	{ "help",	0,		help,		0 },
-	{ "escape",	escapehelp,	setescape,	0 },
-	{ "crmod",	crmodhelp,	togcrmod,	0 },
-	{ 0, 0, 0, 0 }
-};
-
-
-/*
- * Call routine with argc, argv set from args (terminated by 0).
- */
-
-    /*VARARGS1*/
-    static int
-call(va_alist)
-    va_dcl
-{
-    va_list ap;
-    typedef int (*intrtn_t)();
-    intrtn_t routine;
-    char *args[100];
-    int argno = 0;
-
-    va_start(ap);
-    routine = (va_arg(ap, intrtn_t));
-    while ((args[argno++] = va_arg(ap, char *)) != 0) {
-	;
-    }
-    va_end(ap);
-    return (*routine)(argno-1, args);
-}
-
-
-    static Command *
-getcmd(name)
-    char *name;
-{
-    Command *cm;
-
-    if ((cm = (Command *) genget(name, (char **) cmdtab, sizeof(Command))))
-	return cm;
-    return (Command *) genget(name, (char **) cmdtab2, sizeof(Command));
-}
-
-    void
-command(top, tbuf, cnt)
-    int top;
-    char *tbuf;
-    int cnt;
-{
-    register Command *c;
-
-    setcommandmode();
-    if (!top) {
-	putchar('\n');
-#if	defined(unix)
-    } else {
-	(void) signal(SIGINT, SIG_DFL);
-	(void) signal(SIGQUIT, SIG_DFL);
-#endif	/* defined(unix) */
-    }
-    for (;;) {
-	if (rlogin == _POSIX_VDISABLE)
-		printf("%s> ", prompt);
-	if (tbuf) {
-	    register char *cp;
-	    cp = line;
-	    while (cnt > 0 && (*cp++ = *tbuf++) != '\n')
-		cnt--;
-	    tbuf = 0;
-	    if (cp == line || *--cp != '\n' || cp == line)
-		goto getline;
-	    *cp = '\0';
-	    if (rlogin == _POSIX_VDISABLE)
-		printf("%s\n", line);
-	} else {
-	getline:
-	    if (rlogin != _POSIX_VDISABLE)
-		printf("%s> ", prompt);
-	    if (fgets(line, sizeof(line), stdin) == NULL) {
-		if (feof(stdin) || ferror(stdin)) {
-		    (void) quit();
-		    /*NOTREACHED*/
-		}
-		break;
-	    }
-	}
-	if (line[0] == 0)
-	    break;
-	makeargv();
-	if (margv[0] == 0) {
-	    break;
-	}
-	c = getcmd(margv[0]);
-	if (Ambiguous(c)) {
-	    printf("?Ambiguous command\n");
-	    continue;
-	}
-	if (c == 0) {
-	    printf("?Invalid command\n");
-	    continue;
-	}
-	if (c->needconnect && !connected) {
-	    printf("?Need to be connected first.\n");
-	    continue;
-	}
-	if ((*c->handler)(margc, margv)) {
-	    break;
-	}
-    }
-    if (!top) {
-	if (!connected) {
-	    longjmp(toplevel, 1);
-	    /*NOTREACHED*/
-	}
-#if	defined(TN3270)
-	if (shell_active == 0) {
-	    setconnmode(0);
-	}
-#else	/* defined(TN3270) */
-	setconnmode(0);
-#endif	/* defined(TN3270) */
-    }
-}
-
-/*
- * Help command.
- */
-	static int
-help(argc, argv)
-	int argc;
-	char *argv[];
-{
-	register Command *c;
-
-	if (argc == 1) {
-		printf("Commands may be abbreviated.  Commands are:\n\n");
-		for (c = cmdtab; c->name; c++)
-			if (c->help) {
-				printf("%-*s\t%s\n", HELPINDENT, c->name,
-								    c->help);
-			}
-	}
-	else while (--argc > 0) {
-		register char *arg;
-		arg = *++argv;
-		c = getcmd(arg);
-		if (Ambiguous(c))
-			printf("?Ambiguous help command %s\n", arg);
-		else if (c == (Command *)0)
-			printf("?Invalid help command %s\n", arg);
-		else
-			printf("%s\n", c->help);
-	}
-	return(0);
-}
-
-static char *rcname = 0;
-static char rcbuf[128];
-
-	void
-cmdrc(m1, m2)
-	char *m1, *m2;
-{
-    register Command *c;
-    FILE *rcfile;
-    int gotmachine = 0;
-    int l1 = strlen(m1);
-    int l2 = strlen(m2);
-    char m1save[64];
-
-    if (skiprc)
-	return;
-
-    strcpy(m1save, m1);
-    m1 = m1save;
-
-    if (rcname == 0) {
-	rcname = getenv("HOME");
-	if (rcname && (strlen(rcname) + 10) < sizeof(rcbuf))
-	    strcpy(rcbuf, rcname);
-	else
-	    rcbuf[0] = '\0';
-	strcat(rcbuf, "/.telnetrc");
-	rcname = rcbuf;
-    }
-
-    if ((rcfile = fopen(rcname, "r")) == 0) {
-	return;
-    }
-
-    for (;;) {
-	if (fgets(line, sizeof(line), rcfile) == NULL)
-	    break;
-	if (line[0] == 0)
-	    break;
-	if (line[0] == '#')
-	    continue;
-	if (gotmachine) {
-	    if (!isspace(line[0]))
-		gotmachine = 0;
-	}
-	if (gotmachine == 0) {
-	    if (isspace(line[0]))
-		continue;
-	    if (strncasecmp(line, m1, l1) == 0)
-		strncpy(line, &line[l1], sizeof(line) - l1);
-	    else if (strncasecmp(line, m2, l2) == 0)
-		strncpy(line, &line[l2], sizeof(line) - l2);
-	    else if (strncasecmp(line, "DEFAULT", 7) == 0)
-		strncpy(line, &line[7], sizeof(line) - 7);
-	    else
-		continue;
-	    if (line[0] != ' ' && line[0] != '\t' && line[0] != '\n')
-		continue;
-	    gotmachine = 1;
-	}
-	makeargv();
-	if (margv[0] == 0)
-	    continue;
-	c = getcmd(margv[0]);
-	if (Ambiguous(c)) {
-	    printf("?Ambiguous command: %s\n", margv[0]);
-	    continue;
-	}
-	if (c == 0) {
-	    printf("?Invalid command: %s\n", margv[0]);
-	    continue;
-	}
-	/*
-	 * This should never happen...
-	 */
-	if (c->needconnect && !connected) {
-	    printf("?Need to be connected first for %s.\n", margv[0]);
-	    continue;
-	}
-	(*c->handler)(margc, margv);
-    }
-    fclose(rcfile);
-}
-
-#if	defined(IP_OPTIONS) && defined(IPPROTO_IP)
-
-/*
- * Source route is handed in as
- *	[!]@hop1@hop2...[@|:]dst
- * If the leading ! is present, it is a
- * strict source route, otherwise it is
- * assmed to be a loose source route.
- *
- * We fill in the source route option as
- *	hop1,hop2,hop3...dest
- * and return a pointer to hop1, which will
- * be the address to connect() to.
- *
- * Arguments:
- *	arg:	pointer to route list to decipher
- *
- *	cpp: 	If *cpp is not equal to NULL, this is a
- *		pointer to a pointer to a character array
- *		that should be filled in with the option.
- *
- *	lenp:	pointer to an integer that contains the
- *		length of *cpp if *cpp != NULL.
- *
- * Return values:
- *
- *	Returns the address of the host to connect to.  If the
- *	return value is -1, there was a syntax error in the
- *	option, either unknown characters, or too many hosts.
- *	If the return value is 0, one of the hostnames in the
- *	path is unknown, and *cpp is set to point to the bad
- *	hostname.
- *
- *	*cpp:	If *cpp was equal to NULL, it will be filled
- *		in with a pointer to our static area that has
- *		the option filled in.  This will be 32bit aligned.
- *
- *	*lenp:	This will be filled in with how long the option
- *		pointed to by *cpp is.
- *
- */
-	unsigned long
-sourceroute(arg, cpp, lenp)
-	char	*arg;
-	char	**cpp;
-	int	*lenp;
-{
-	static char lsr[44];
-#ifdef	sysV88
-	static IOPTN ipopt;
-#endif
-	char *cp, *cp2, *lsrp, *lsrep;
-	register int tmp;
-	struct in_addr sin_addr;
-	register struct hostent *host = 0;
-	register char c;
-
-	/*
-	 * Verify the arguments, and make sure we have
-	 * at least 7 bytes for the option.
-	 */
-	if (cpp == NULL || lenp == NULL)
-		return((unsigned long)-1);
-	if (*cpp != NULL && *lenp < 7)
-		return((unsigned long)-1);
-	/*
-	 * Decide whether we have a buffer passed to us,
-	 * or if we need to use our own static buffer.
-	 */
-	if (*cpp) {
-		lsrp = *cpp;
-		lsrep = lsrp + *lenp;
-	} else {
-		*cpp = lsrp = lsr;
-		lsrep = lsrp + 44;
-	}
-
-	cp = arg;
-
-	/*
-	 * Next, decide whether we have a loose source
-	 * route or a strict source route, and fill in
-	 * the begining of the option.
-	 */
-#ifndef	sysV88
-	if (*cp == '!') {
-		cp++;
-		*lsrp++ = IPOPT_SSRR;
-	} else
-		*lsrp++ = IPOPT_LSRR;
-#else
-	if (*cp == '!') {
-		cp++;
-		ipopt.io_type = IPOPT_SSRR;
-	} else
-		ipopt.io_type = IPOPT_LSRR;
-#endif
-
-	if (*cp != '@')
-		return((unsigned long)-1);
-
-#ifndef	sysV88
-	lsrp++;		/* skip over length, we'll fill it in later */
-	*lsrp++ = 4;
-#endif
-
-	cp++;
-
-	sin_addr.s_addr = 0;
-
-	for (c = 0;;) {
-		if (c == ':')
-			cp2 = 0;
-		else for (cp2 = cp; (c = *cp2); cp2++) {
-			if (c == ',') {
-				*cp2++ = '\0';
-				if (*cp2 == '@')
-					cp2++;
-			} else if (c == '@') {
-				*cp2++ = '\0';
-			} else if (c == ':') {
-				*cp2++ = '\0';
-			} else
-				continue;
-			break;
-		}
-		if (!c)
-			cp2 = 0;
-
-		if ((tmp = inet_addr(cp)) != -1) {
-			sin_addr.s_addr = tmp;
-		} else if ((host = gethostbyname(cp))) {
-#if	defined(h_addr)
-			memmove((caddr_t)&sin_addr,
-				host->h_addr_list[0], host->h_length);
-#else
-			memmove((caddr_t)&sin_addr, host->h_addr, host->h_length);
-#endif
-		} else {
-			*cpp = cp;
-			return(0);
-		}
-		memmove(lsrp, (char *)&sin_addr, 4);
-		lsrp += 4;
-		if (cp2)
-			cp = cp2;
-		else
-			break;
-		/*
-		 * Check to make sure there is space for next address
-		 */
-		if (lsrp + 4 > lsrep)
-			return((unsigned long)-1);
-	}
-#ifndef	sysV88
-	if ((*(*cpp+IPOPT_OLEN) = lsrp - *cpp) <= 7) {
-		*cpp = 0;
-		*lenp = 0;
-		return((unsigned long)-1);
-	}
-	*lsrp++ = IPOPT_NOP; /* 32 bit word align it */
-	*lenp = lsrp - *cpp;
-#else
-	ipopt.io_len = lsrp - *cpp;
-	if (ipopt.io_len <= 5) {		/* Is 3 better ? */
-		*cpp = 0;
-		*lenp = 0;
-		return((unsigned long)-1);
-	}
-	*lenp = sizeof(ipopt);
-	*cpp = (char *) &ipopt;
-#endif
-	return(sin_addr.s_addr);
-}
-#endif
diff --git a/crypto/telnet/telnet/defines.h b/crypto/telnet/telnet/defines.h
deleted file mode 100644
index 0978173ea995..000000000000
--- a/crypto/telnet/telnet/defines.h
+++ /dev/null
@@ -1,61 +0,0 @@
-/*
- * Copyright (c) 1988, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)defines.h	8.1 (Berkeley) 6/6/93
- */
-
-#define	settimer(x)	clocks.x = clocks.system++
-
-#if	!defined(TN3270)
-
-#define	SetIn3270()
-
-#endif	/* !defined(TN3270) */
-
-#define	NETADD(c)	{ *netoring.supply = c; ring_supplied(&netoring, 1); }
-#define	NET2ADD(c1,c2)	{ NETADD(c1); NETADD(c2); }
-#define	NETBYTES()	(ring_full_count(&netoring))
-#define	NETROOM()	(ring_empty_count(&netoring))
-
-#define	TTYADD(c)	if (!(SYNCHing||flushout)) { \
-				*ttyoring.supply = c; \
-				ring_supplied(&ttyoring, 1); \
-			}
-#define	TTYBYTES()	(ring_full_count(&ttyoring))
-#define	TTYROOM()	(ring_empty_count(&ttyoring))
-
-/*	Various modes */
-#define	MODE_LOCAL_CHARS(m)	((m)&(MODE_EDIT|MODE_TRAPSIG))
-#define	MODE_LOCAL_ECHO(m)	((m)&MODE_ECHO)
-#define	MODE_COMMAND_LINE(m)	((m)==-1)
-
-#define	CONTROL(x)	((x)&0x1f)		/* CTRL(x) is not portable */
diff --git a/crypto/telnet/telnet/externs.h b/crypto/telnet/telnet/externs.h
deleted file mode 100644
index a834c61c39df..000000000000
--- a/crypto/telnet/telnet/externs.h
+++ /dev/null
@@ -1,491 +0,0 @@
-/*
- * Copyright (c) 1988, 1990, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)externs.h	8.3 (Berkeley) 5/30/95
- */
-
-#ifndef	BSD
-# define BSD 43
-#endif
-
-/*
- * ucb stdio.h defines BSD as something wierd
- */
-#if defined(sun) && defined(__svr4__)
-#define BSD 43
-#endif
-
-#ifndef	USE_TERMIO
-# if BSD > 43 || defined(SYSV_TERMIO)
-#  define USE_TERMIO
-# endif
-#endif
-
-#include <stdio.h>
-#include <setjmp.h>
-#if defined(CRAY) && !defined(NO_BSD_SETJMP)
-#include <bsdsetjmp.h>
-#endif
-#ifndef	FILIO_H
-#include <sys/ioctl.h>
-#else
-#include <sys/filio.h>
-#endif
-#ifdef CRAY
-# include <errno.h>
-#endif /* CRAY */
-#ifdef	USE_TERMIO
-# ifndef	VINTR
-#  ifdef SYSV_TERMIO
-#   include <sys/termio.h>
-#  else
-#   include <sys/termios.h>
-#   define termio termios
-#  endif
-# endif
-#endif
-#if defined(NO_CC_T) || !defined(USE_TERMIO)
-# if !defined(USE_TERMIO)
-typedef char cc_t;
-# else
-typedef unsigned char cc_t;
-# endif
-#endif
-
-#ifndef	NO_STRING_H
-#include <string.h>
-#else
-#include <strings.h>
-#endif
-
-#ifndef	_POSIX_VDISABLE
-# ifdef sun
-#  include <sys/param.h>	/* pick up VDISABLE definition, mayby */
-# endif
-# ifdef VDISABLE
-#  define _POSIX_VDISABLE VDISABLE
-# else
-#  define _POSIX_VDISABLE ((cc_t)'\377')
-# endif
-#endif
-
-#define	SUBBUFSIZE	256
-
-#ifndef CRAY
-extern int errno;		/* outside this world */
-#endif /* !CRAY */
-
-#if	!defined(P)
-# ifdef	__STDC__
-#  define	P(x)	x
-# else
-#  define	P(x)	()
-# endif
-#endif
-
-extern int
-    autologin,		/* Autologin enabled */
-    skiprc,		/* Don't process the ~/.telnetrc file */
-    eight,		/* use eight bit mode (binary in and/or out */
-    flushout,		/* flush output */
-    connected,		/* Are we connected to the other side? */
-    globalmode,		/* Mode tty should be in */
-    In3270,		/* Are we in 3270 mode? */
-    telnetport,		/* Are we connected to the telnet port? */
-    localflow,		/* Flow control handled locally */
-    restartany,		/* If flow control, restart output on any character */
-    localchars,		/* we recognize interrupt/quit */
-    donelclchars,	/* the user has set "localchars" */
-    showoptions,
-    net,		/* Network file descriptor */
-    tin,		/* Terminal input file descriptor */
-    tout,		/* Terminal output file descriptor */
-    crlf,		/* Should '\r' be mapped to <CR><LF> (or <CR><NUL>)? */
-    autoflush,		/* flush output when interrupting? */
-    autosynch,		/* send interrupt characters with SYNCH? */
-    SYNCHing,		/* Is the stream in telnet SYNCH mode? */
-    donebinarytoggle,	/* the user has put us in binary */
-    dontlecho,		/* do we suppress local echoing right now? */
-    crmod,
-    netdata,		/* Print out network data flow */
-    prettydump,		/* Print "netdata" output in user readable format */
-#if	defined(unix)
-#if	defined(TN3270)
-    cursesdata,		/* Print out curses data flow */
-    apitrace,		/* Trace API transactions */
-#endif	/* defined(TN3270) */
-    termdata,		/* Print out terminal data flow */
-#endif	/* defined(unix) */
-    debug,		/* Debug level */
-    clienteof;		/* Client received EOF */
-
-extern cc_t escape;	/* Escape to command mode */
-extern cc_t rlogin;	/* Rlogin mode escape character */
-#ifdef	KLUDGELINEMODE
-extern cc_t echoc;	/* Toggle local echoing */
-#endif
-
-extern char
-    *prompt;		/* Prompt for command. */
-
-extern char
-    doopt[],
-    dont[],
-    will[],
-    wont[],
-    options[],		/* All the little options */
-    *hostname;		/* Who are we connected to? */
-#ifdef	ENCRYPTION
-extern void (*encrypt_output) P((unsigned char *, int));
-extern int (*decrypt_input) P((int));
-#endif	/* ENCRYPTION */
-
-/*
- * We keep track of each side of the option negotiation.
- */
-
-#define	MY_STATE_WILL		0x01
-#define	MY_WANT_STATE_WILL	0x02
-#define	MY_STATE_DO		0x04
-#define	MY_WANT_STATE_DO	0x08
-
-/*
- * Macros to check the current state of things
- */
-
-#define	my_state_is_do(opt)		(options[opt]&MY_STATE_DO)
-#define	my_state_is_will(opt)		(options[opt]&MY_STATE_WILL)
-#define my_want_state_is_do(opt)	(options[opt]&MY_WANT_STATE_DO)
-#define my_want_state_is_will(opt)	(options[opt]&MY_WANT_STATE_WILL)
-
-#define	my_state_is_dont(opt)		(!my_state_is_do(opt))
-#define	my_state_is_wont(opt)		(!my_state_is_will(opt))
-#define my_want_state_is_dont(opt)	(!my_want_state_is_do(opt))
-#define my_want_state_is_wont(opt)	(!my_want_state_is_will(opt))
-
-#define	set_my_state_do(opt)		{options[opt] |= MY_STATE_DO;}
-#define	set_my_state_will(opt)		{options[opt] |= MY_STATE_WILL;}
-#define	set_my_want_state_do(opt)	{options[opt] |= MY_WANT_STATE_DO;}
-#define	set_my_want_state_will(opt)	{options[opt] |= MY_WANT_STATE_WILL;}
-
-#define	set_my_state_dont(opt)		{options[opt] &= ~MY_STATE_DO;}
-#define	set_my_state_wont(opt)		{options[opt] &= ~MY_STATE_WILL;}
-#define	set_my_want_state_dont(opt)	{options[opt] &= ~MY_WANT_STATE_DO;}
-#define	set_my_want_state_wont(opt)	{options[opt] &= ~MY_WANT_STATE_WILL;}
-
-/*
- * Make everything symetrical
- */
-
-#define	HIS_STATE_WILL			MY_STATE_DO
-#define	HIS_WANT_STATE_WILL		MY_WANT_STATE_DO
-#define HIS_STATE_DO			MY_STATE_WILL
-#define HIS_WANT_STATE_DO		MY_WANT_STATE_WILL
-
-#define	his_state_is_do			my_state_is_will
-#define	his_state_is_will		my_state_is_do
-#define his_want_state_is_do		my_want_state_is_will
-#define his_want_state_is_will		my_want_state_is_do
-
-#define	his_state_is_dont		my_state_is_wont
-#define	his_state_is_wont		my_state_is_dont
-#define his_want_state_is_dont		my_want_state_is_wont
-#define his_want_state_is_wont		my_want_state_is_dont
-
-#define	set_his_state_do		set_my_state_will
-#define	set_his_state_will		set_my_state_do
-#define	set_his_want_state_do		set_my_want_state_will
-#define	set_his_want_state_will		set_my_want_state_do
-
-#define	set_his_state_dont		set_my_state_wont
-#define	set_his_state_wont		set_my_state_dont
-#define	set_his_want_state_dont		set_my_want_state_wont
-#define	set_his_want_state_wont		set_my_want_state_dont
-
-
-extern FILE
-    *NetTrace;		/* Where debugging output goes */
-extern unsigned char
-    NetTraceFile[];	/* Name of file where debugging output goes */
-extern void
-    SetNetTrace P((char *));	/* Function to change where debugging goes */
-
-extern jmp_buf
-    peerdied,
-    toplevel;		/* For error conditions. */
-
-extern void
-    command P((int, char *, int)),
-    Dump P((int, unsigned char *, int)),
-    ExitString P((char *, int)),
-    init_3270 P((void)),
-    printoption P((char *, int, int)),
-    printsub P((int, unsigned char *, int)),
-    sendnaws P((void)),
-    setconnmode P((int)),
-    setcommandmode P((void)),
-    setneturg P((void)),
-    sys_telnet_init P((void)),
-    telnet P((char *)),
-    tel_enter_binary P((int)),
-    TerminalFlushOutput P((void)),
-    TerminalNewMode P((int)),
-    TerminalRestoreState P((void)),
-    TerminalSaveState P((void)),
-    tninit P((void)),
-    upcase P((char *)),
-    willoption P((int)),
-    wontoption P((int));
-
-extern void
-    send_do P((int, int)),
-    send_dont P((int, int)),
-    send_will P((int, int)),
-    send_wont P((int, int));
-
-extern void
-    lm_will P((unsigned char *, int)),
-    lm_wont P((unsigned char *, int)),
-    lm_do P((unsigned char *, int)),
-    lm_dont P((unsigned char *, int)),
-    lm_mode P((unsigned char *, int, int));
-
-extern void
-    slc_init P((void)),
-    slcstate P((void)),
-    slc_mode_export P((void)),
-    slc_mode_import P((int)),
-    slc_import P((int)),
-    slc_export P((void)),
-    slc P((unsigned char *, int)),
-    slc_check P((void)),
-    slc_start_reply P((void)),
-    slc_add_reply P((int, int, int)),
-    slc_end_reply P((void));
-extern int
-    NetClose P((int)),
-    netflush P((void)),
-    SetSockOpt P((int, int, int, int)),
-    slc_update P((void)),
-    telrcv P((void)),
-    TerminalWrite P((char *, int)),
-    TerminalAutoFlush P((void)),
-    ttyflush P((int));
-
-extern void
-    env_opt P((unsigned char *, int)),
-    env_opt_start P((void)),
-    env_opt_start_info P((void)),
-    env_opt_add P((unsigned char *)),
-    env_opt_end P((int));
-
-extern unsigned char
-    *env_default P((int, int)),
-    *env_getvalue P((unsigned char *));
-
-extern int
-    get_status P((void)),
-    dosynch P((void));
-
-extern cc_t
-    *tcval P((int));
-
-#ifndef	USE_TERMIO
-
-extern struct	tchars ntc;
-extern struct	ltchars nltc;
-extern struct	sgttyb nttyb;
-
-# define termEofChar		ntc.t_eofc
-# define termEraseChar		nttyb.sg_erase
-# define termFlushChar		nltc.t_flushc
-# define termIntChar		ntc.t_intrc
-# define termKillChar		nttyb.sg_kill
-# define termLiteralNextChar	nltc.t_lnextc
-# define termQuitChar		ntc.t_quitc
-# define termSuspChar		nltc.t_suspc
-# define termRprntChar		nltc.t_rprntc
-# define termWerasChar		nltc.t_werasc
-# define termStartChar		ntc.t_startc
-# define termStopChar		ntc.t_stopc
-# define termForw1Char		ntc.t_brkc
-extern cc_t termForw2Char;
-extern cc_t termAytChar;
-
-# define termEofCharp		(cc_t *)&ntc.t_eofc
-# define termEraseCharp		(cc_t *)&nttyb.sg_erase
-# define termFlushCharp		(cc_t *)&nltc.t_flushc
-# define termIntCharp		(cc_t *)&ntc.t_intrc
-# define termKillCharp		(cc_t *)&nttyb.sg_kill
-# define termLiteralNextCharp	(cc_t *)&nltc.t_lnextc
-# define termQuitCharp		(cc_t *)&ntc.t_quitc
-# define termSuspCharp		(cc_t *)&nltc.t_suspc
-# define termRprntCharp		(cc_t *)&nltc.t_rprntc
-# define termWerasCharp		(cc_t *)&nltc.t_werasc
-# define termStartCharp		(cc_t *)&ntc.t_startc
-# define termStopCharp		(cc_t *)&ntc.t_stopc
-# define termForw1Charp		(cc_t *)&ntc.t_brkc
-# define termForw2Charp		(cc_t *)&termForw2Char
-# define termAytCharp		(cc_t *)&termAytChar
-
-# else
-
-extern struct	termio new_tc;
-
-# define termEofChar		new_tc.c_cc[VEOF]
-# define termEraseChar		new_tc.c_cc[VERASE]
-# define termIntChar		new_tc.c_cc[VINTR]
-# define termKillChar		new_tc.c_cc[VKILL]
-# define termQuitChar		new_tc.c_cc[VQUIT]
-
-# ifndef	VSUSP
-extern cc_t termSuspChar;
-# else
-#  define termSuspChar		new_tc.c_cc[VSUSP]
-# endif
-# if	defined(VFLUSHO) && !defined(VDISCARD)
-#  define VDISCARD VFLUSHO
-# endif
-# ifndef	VDISCARD
-extern cc_t termFlushChar;
-# else
-#  define termFlushChar		new_tc.c_cc[VDISCARD]
-# endif
-# ifndef VWERASE
-extern cc_t termWerasChar;
-# else
-#  define termWerasChar		new_tc.c_cc[VWERASE]
-# endif
-# ifndef	VREPRINT
-extern cc_t termRprntChar;
-# else
-#  define termRprntChar		new_tc.c_cc[VREPRINT]
-# endif
-# ifndef	VLNEXT
-extern cc_t termLiteralNextChar;
-# else
-#  define termLiteralNextChar	new_tc.c_cc[VLNEXT]
-# endif
-# ifndef	VSTART
-extern cc_t termStartChar;
-# else
-#  define termStartChar		new_tc.c_cc[VSTART]
-# endif
-# ifndef	VSTOP
-extern cc_t termStopChar;
-# else
-#  define termStopChar		new_tc.c_cc[VSTOP]
-# endif
-# ifndef	VEOL
-extern cc_t termForw1Char;
-# else
-#  define termForw1Char		new_tc.c_cc[VEOL]
-# endif
-# ifndef	VEOL2
-extern cc_t termForw2Char;
-# else
-#  define termForw2Char		new_tc.c_cc[VEOL]
-# endif
-# ifndef	VSTATUS
-extern cc_t termAytChar;
-#else
-#  define termAytChar		new_tc.c_cc[VSTATUS]
-#endif
-
-# if !defined(CRAY) || defined(__STDC__)
-#  define termEofCharp		&termEofChar
-#  define termEraseCharp	&termEraseChar
-#  define termIntCharp		&termIntChar
-#  define termKillCharp		&termKillChar
-#  define termQuitCharp		&termQuitChar
-#  define termSuspCharp		&termSuspChar
-#  define termFlushCharp	&termFlushChar
-#  define termWerasCharp	&termWerasChar
-#  define termRprntCharp	&termRprntChar
-#  define termLiteralNextCharp	&termLiteralNextChar
-#  define termStartCharp	&termStartChar
-#  define termStopCharp		&termStopChar
-#  define termForw1Charp	&termForw1Char
-#  define termForw2Charp	&termForw2Char
-#  define termAytCharp		&termAytChar
-# else
-	/* Work around a compiler bug */
-#  define termEofCharp		0
-#  define termEraseCharp	0
-#  define termIntCharp		0
-#  define termKillCharp		0
-#  define termQuitCharp		0
-#  define termSuspCharp		0
-#  define termFlushCharp	0
-#  define termWerasCharp	0
-#  define termRprntCharp	0
-#  define termLiteralNextCharp	0
-#  define termStartCharp	0
-#  define termStopCharp		0
-#  define termForw1Charp	0
-#  define termForw2Charp	0
-#  define termAytCharp		0
-# endif
-#endif
-
-
-/* Ring buffer structures which are shared */
-
-extern Ring
-    netoring,
-    netiring,
-    ttyoring,
-    ttyiring;
-
-/* Tn3270 section */
-#if	defined(TN3270)
-
-extern int
-    HaveInput,		/* Whether an asynchronous I/O indication came in */
-    noasynchtty,	/* Don't do signals on I/O (SIGURG, SIGIO) */
-    noasynchnet,	/* Don't do signals on I/O (SIGURG, SIGIO) */
-    sigiocount,		/* Count of SIGIO receptions */
-    shell_active;	/* Subshell is active */
-
-extern char
-    *Ibackp,		/* Oldest byte of 3270 data */
-    Ibuf[],		/* 3270 buffer */
-    *Ifrontp,		/* Where next 3270 byte goes */
-    tline[],
-    *transcom;		/* Transparent command */
-
-extern int
-    settranscom P((int, char**));
-
-extern void
-    inputAvailable P((int));
-#endif	/* defined(TN3270) */
diff --git a/crypto/telnet/telnet/fdset.h b/crypto/telnet/telnet/fdset.h
deleted file mode 100644
index 045bb7221419..000000000000
--- a/crypto/telnet/telnet/fdset.h
+++ /dev/null
@@ -1,49 +0,0 @@
-/*
- * Copyright (c) 1988, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)fdset.h	8.1 (Berkeley) 6/6/93
- */
-
-/*
- * The following is defined just in case someone should want to run
- * this telnet on a 4.2 system.
- *
- */
-
-#ifndef	FD_SETSIZE
-
-#define	FD_SET(n, p)	((p)->fds_bits[0] |= (1<<(n)))
-#define	FD_CLR(n, p)	((p)->fds_bits[0] &= ~(1<<(n)))
-#define	FD_ISSET(n, p)	((p)->fds_bits[0] & (1<<(n)))
-#define FD_ZERO(p)	((p)->fds_bits[0] = 0)
-
-#endif
diff --git a/crypto/telnet/telnet/general.h b/crypto/telnet/telnet/general.h
deleted file mode 100644
index 4efa9519469e..000000000000
--- a/crypto/telnet/telnet/general.h
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Copyright (c) 1988, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)general.h	8.1 (Berkeley) 6/6/93
- */
-
-/*
- * Some general definitions.
- */
-
-
-#define	numberof(x)	(sizeof x/sizeof x[0])
-#define	highestof(x)	(numberof(x)-1)
-
-#define	ClearElement(x)		memset((char *)&x, 0, sizeof x)
-#define	ClearArray(x)		memset((char *)x, 0, sizeof x)
diff --git a/crypto/telnet/telnet/main.c b/crypto/telnet/telnet/main.c
deleted file mode 100644
index 9049385e200f..000000000000
--- a/crypto/telnet/telnet/main.c
+++ /dev/null
@@ -1,337 +0,0 @@
-/*
- * Copyright (c) 1988, 1990, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef lint
-static const char copyright[] =
-"@(#) Copyright (c) 1988, 1990, 1993\n\
-	The Regents of the University of California.  All rights reserved.\n";
-#endif /* not lint */
-
-#ifndef lint
-static const char sccsid[] = "@(#)main.c	8.3 (Berkeley) 5/30/95";
-#endif /* not lint */
-
-#include <sys/types.h>
-#include <stdlib.h>
-
-#include "ring.h"
-#include "externs.h"
-#include "defines.h"
-
-#if	defined(AUTHENTICATION)
-#include <libtelnet/auth.h>
-#endif
-#if	defined(ENCRYPTION)
-#include <libtelnet/encrypt.h>
-#endif
-
-/* These values need to be the same as defined in libtelnet/kerberos5.c */
-/* Either define them in both places, or put in some common header file. */
-#define OPTS_FORWARD_CREDS	0x00000002
-#define OPTS_FORWARDABLE_CREDS	0x00000001
-
-#if 0
-#define FORWARD
-#endif
-
-void init_terminal(void);
-void init_network(void);
-void init_telnet(void);
-void init_sys(void);
-void init_3270(void);
-
-/*
- * Initialize variables.
- */
-    void
-tninit()
-{
-    init_terminal();
-
-    init_network();
-
-    init_telnet();
-
-    init_sys();
-
-#if defined(TN3270)
-    init_3270();
-#endif
-}
-
-	void
-usage()
-{
-	fprintf(stderr, "Usage: %s %s%s%s%s\n",
-	    prompt,
-#ifdef	AUTHENTICATION
-	    "[-8] [-E] [-K] [-L] [-S tos] [-X atype] [-a] [-c] [-d] [-e char]",
-	    "\n\t[-k realm] [-l user] [-f/-F] [-n tracefile] ",
-#else
-	    "[-8] [-E] [-L] [-S tos] [-a] [-c] [-d] [-e char] [-l user]",
-	    "\n\t[-n tracefile]",
-#endif
-#if defined(TN3270) && defined(unix)
-# ifdef AUTHENTICATION
-	    "[-noasynch] [-noasynctty]\n\t[-noasyncnet] [-r] [-t transcom] ",
-# else
-	    "[-noasynch] [-noasynctty] [-noasyncnet] [-r]\n\t[-t transcom]",
-# endif
-#else
-	    "[-r] ",
-#endif
-#ifdef	ENCRYPTION
-	    "[-x] [host-name [port]]"
-#else	/* ENCRYPTION */
-	    "[host-name [port]]"
-#endif	/* ENCRYPTION */
-	);
-	exit(1);
-}
-
-/*
- * main.  Parse arguments, invoke the protocol or command parser.
- */
-
-	int
-main(argc, argv)
-	int argc;
-	char *argv[];
-{
-	extern char *optarg;
-	extern int optind;
-	int ch;
-	char *user, *strrchr();
-#ifdef	FORWARD
-	extern int forward_flags;
-#endif	/* FORWARD */
-
-	tninit();		/* Clear out things */
-#if	defined(CRAY) && !defined(__STDC__)
-	_setlist_init();	/* Work around compiler bug */
-#endif
-
-	TerminalSaveState();
-
-	if ((prompt = strrchr(argv[0], '/')))
-		++prompt;
-	else
-		prompt = argv[0];
-
-	user = NULL;
-
-	rlogin = (strncmp(prompt, "rlog", 4) == 0) ? '~' : _POSIX_VDISABLE;
-	autologin = -1;
-
-	while ((ch = getopt(argc, argv, "8EKLS:X:acde:fFk:l:n:rt:x")) != EOF) {
-		switch(ch) {
-		case '8':
-			eight = 3;	/* binary output and input */
-			break;
-		case 'E':
-			rlogin = escape = _POSIX_VDISABLE;
-			break;
-		case 'K':
-#ifdef	AUTHENTICATION
-			autologin = 0;
-#endif
-			break;
-		case 'L':
-			eight |= 2;	/* binary output only */
-			break;
-		case 'S':
-		    {
-#ifdef	HAS_GETTOS
-			extern int tos;
-
-			if ((tos = parsetos(optarg, "tcp")) < 0)
-				fprintf(stderr, "%s%s%s%s\n",
-					prompt, ": Bad TOS argument '",
-					optarg,
-					"; will try to use default TOS");
-#else
-			fprintf(stderr,
-			   "%s: Warning: -S ignored, no parsetos() support.\n",
-								prompt);
-#endif
-		    }
-			break;
-		case 'X':
-#ifdef	AUTHENTICATION
-			auth_disable_name(optarg);
-#endif
-			break;
-		case 'a':
-			autologin = 1;
-			break;
-		case 'c':
-			skiprc = 1;
-			break;
-		case 'd':
-			debug = 1;
-			break;
-		case 'e':
-			set_escape_char(optarg);
-			break;
-		case 'f':
-#if defined(AUTHENTICATION) && defined(KRB5) && defined(FORWARD)
-			if (forward_flags & OPTS_FORWARD_CREDS) {
-			    fprintf(stderr,
-				    "%s: Only one of -f and -F allowed.\n",
-				    prompt);
-			    usage();
-			}
-			forward_flags |= OPTS_FORWARD_CREDS;
-#else
-			fprintf(stderr,
-			 "%s: Warning: -f ignored, no Kerberos V5 support.\n",
-				prompt);
-#endif
-			break;
-		case 'F':
-#if defined(AUTHENTICATION) && defined(KRB5) && defined(FORWARD)
-			if (forward_flags & OPTS_FORWARD_CREDS) {
-			    fprintf(stderr,
-				    "%s: Only one of -f and -F allowed.\n",
-				    prompt);
-			    usage();
-			}
-			forward_flags |= OPTS_FORWARD_CREDS;
-			forward_flags |= OPTS_FORWARDABLE_CREDS;
-#else
-			fprintf(stderr,
-			 "%s: Warning: -F ignored, no Kerberos V5 support.\n",
-				prompt);
-#endif
-			break;
-		case 'k':
-#if defined(AUTHENTICATION) && defined(KRB4)
-		    {
-			extern char *dest_realm, dst_realm_buf[], dst_realm_sz;
-			dest_realm = dst_realm_buf;
-			(void)strncpy(dest_realm, optarg, dst_realm_sz);
-		    }
-#else
-			fprintf(stderr,
-			   "%s: Warning: -k ignored, no Kerberos V4 support.\n",
-								prompt);
-#endif
-			break;
-		case 'l':
-			autologin = 1;
-			user = optarg;
-			break;
-		case 'n':
-#if defined(TN3270) && defined(unix)
-			/* distinguish between "-n oasynch" and "-noasynch" */
-			if (argv[optind - 1][0] == '-' && argv[optind - 1][1]
-			    == 'n' && argv[optind - 1][2] == 'o') {
-				if (!strcmp(optarg, "oasynch")) {
-					noasynchtty = 1;
-					noasynchnet = 1;
-				} else if (!strcmp(optarg, "oasynchtty"))
-					noasynchtty = 1;
-				else if (!strcmp(optarg, "oasynchnet"))
-					noasynchnet = 1;
-			} else
-#endif	/* defined(TN3270) && defined(unix) */
-				SetNetTrace(optarg);
-			break;
-		case 'r':
-			rlogin = '~';
-			break;
-		case 't':
-#if defined(TN3270) && defined(unix)
-			transcom = tline;
-			(void)strcpy(transcom, optarg);
-#else
-			fprintf(stderr,
-			   "%s: Warning: -t ignored, no TN3270 support.\n",
-								prompt);
-#endif
-			break;
-		case 'x':
-#ifdef	ENCRYPTION
-			encrypt_auto(1);
-			decrypt_auto(1);
-#else	/* ENCRYPTION */
-			fprintf(stderr,
-			    "%s: Warning: -x ignored, no ENCRYPT support.\n",
-								prompt);
-#endif	/* ENCRYPTION */
-			break;
-		case '?':
-		default:
-			usage();
-			/* NOTREACHED */
-		}
-	}
-	if (autologin == -1)
-		autologin = (rlogin == _POSIX_VDISABLE) ? 0 : 1;
-
-	argc -= optind;
-	argv += optind;
-
-	if (argc) {
-		char *args[7], **argp = args;
-
-		if (argc > 2)
-			usage();
-		*argp++ = prompt;
-		if (user) {
-			*argp++ = "-l";
-			*argp++ = user;
-		}
-		*argp++ = argv[0];		/* host */
-		if (argc > 1)
-			*argp++ = argv[1];	/* port */
-		*argp = 0;
-
-		if (setjmp(toplevel) != 0)
-			Exit(0);
-		if (tn(argp - args, args) == 1)
-			return (0);
-		else
-			return (1);
-	}
-	(void)setjmp(toplevel);
-	for (;;) {
-#ifdef TN3270
-		if (shell_active)
-			shell_continue();
-		else
-#endif
-			command(1, 0, 0);
-	}
-	return 0;
-}
diff --git a/crypto/telnet/telnet/network.c b/crypto/telnet/telnet/network.c
deleted file mode 100644
index 9964bc205cef..000000000000
--- a/crypto/telnet/telnet/network.c
+++ /dev/null
@@ -1,178 +0,0 @@
-/*
- * Copyright (c) 1988, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef lint
-static const char sccsid[] = "@(#)network.c	8.2 (Berkeley) 12/15/93";
-#endif /* not lint */
-
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <sys/time.h>
-
-#include <errno.h>
-
-#include <arpa/telnet.h>
-#include <unistd.h>
-
-#include "ring.h"
-
-#include "defines.h"
-#include "externs.h"
-#include "fdset.h"
-
-Ring		netoring, netiring;
-unsigned char	netobuf[2*BUFSIZ], netibuf[BUFSIZ];
-
-/*
- * Initialize internal network data structures.
- */
-
-    void
-init_network()
-{
-    if (ring_init(&netoring, netobuf, sizeof netobuf) != 1) {
-	exit(1);
-    }
-    if (ring_init(&netiring, netibuf, sizeof netibuf) != 1) {
-	exit(1);
-    }
-    NetTrace = stdout;
-}
-
-
-/*
- * Check to see if any out-of-band data exists on a socket (for
- * Telnet "synch" processing).
- */
-
-    int
-stilloob()
-{
-    static struct timeval timeout = { 0 };
-    fd_set	excepts;
-    int value;
-
-    do {
-	FD_ZERO(&excepts);
-	FD_SET(net, &excepts);
-	value = select(net+1, (fd_set *)0, (fd_set *)0, &excepts, &timeout);
-    } while ((value == -1) && (errno == EINTR));
-
-    if (value < 0) {
-	perror("select");
-	(void) quit();
-	/* NOTREACHED */
-    }
-    if (FD_ISSET(net, &excepts)) {
-	return 1;
-    } else {
-	return 0;
-    }
-}
-
-
-/*
- *  setneturg()
- *
- *	Sets "neturg" to the current location.
- */
-
-    void
-setneturg()
-{
-    ring_mark(&netoring);
-}
-
-
-/*
- *  netflush
- *		Send as much data as possible to the network,
- *	handling requests for urgent data.
- *
- *		The return value indicates whether we did any
- *	useful work.
- */
-
-
-    int
-netflush()
-{
-    register int n, n1;
-
-#ifdef	ENCRYPTION
-    if (encrypt_output)
-	ring_encrypt(&netoring, encrypt_output);
-#endif	/* ENCRYPTION */
-    if ((n1 = n = ring_full_consecutive(&netoring)) > 0) {
-	if (!ring_at_mark(&netoring)) {
-	    n = send(net, (char *)netoring.consume, n, 0); /* normal write */
-	} else {
-	    /*
-	     * In 4.2 (and 4.3) systems, there is some question about
-	     * what byte in a sendOOB operation is the "OOB" data.
-	     * To make ourselves compatible, we only send ONE byte
-	     * out of band, the one WE THINK should be OOB (though
-	     * we really have more the TCP philosophy of urgent data
-	     * rather than the Unix philosophy of OOB data).
-	     */
-	    n = send(net, (char *)netoring.consume, 1, MSG_OOB);/* URGENT data */
-	}
-    }
-    if (n < 0) {
-	if (errno != ENOBUFS && errno != EWOULDBLOCK) {
-	    setcommandmode();
-	    perror(hostname);
-	    (void)NetClose(net);
-	    ring_clear_mark(&netoring);
-	    longjmp(peerdied, -1);
-	    /*NOTREACHED*/
-	}
-	n = 0;
-    }
-    if (netdata && n) {
-	Dump('>', netoring.consume, n);
-    }
-    if (n) {
-	ring_consumed(&netoring, n);
-	/*
-	 * If we sent all, and more to send, then recurse to pick
-	 * up the other half.
-	 */
-	if ((n1 == n) && ring_full_consecutive(&netoring)) {
-	    (void) netflush();
-	}
-	return 1;
-    } else {
-	return 0;
-    }
-}
diff --git a/crypto/telnet/telnet/ring.c b/crypto/telnet/telnet/ring.c
deleted file mode 100644
index 13fe6c2b79cb..000000000000
--- a/crypto/telnet/telnet/ring.c
+++ /dev/null
@@ -1,364 +0,0 @@
-/*
- * Copyright (c) 1988, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef lint
-static const char sccsid[] = "@(#)ring.c	8.2 (Berkeley) 5/30/95";
-#endif /* not lint */
-
-/*
- * This defines a structure for a ring buffer.
- *
- * The circular buffer has two parts:
- *(((
- *	full:	[consume, supply)
- *	empty:	[supply, consume)
- *]]]
- *
- */
-
-#include	<stdio.h>
-#include	<errno.h>
-#include	<string.h>
-
-#ifdef	size_t
-#undef	size_t
-#endif
-
-#include	<sys/types.h>
-#ifndef	FILIO_H
-#include	<sys/ioctl.h>
-#endif
-#include	<sys/socket.h>
-
-#include	"ring.h"
-#include	"general.h"
-
-/* Internal macros */
-
-#if	!defined(MIN)
-#define	MIN(a,b)	(((a)<(b))? (a):(b))
-#endif	/* !defined(MIN) */
-
-#define	ring_subtract(d,a,b)	(((a)-(b) >= 0)? \
-					(a)-(b): (((a)-(b))+(d)->size))
-
-#define	ring_increment(d,a,c)	(((a)+(c) < (d)->top)? \
-					(a)+(c) : (((a)+(c))-(d)->size))
-
-#define	ring_decrement(d,a,c)	(((a)-(c) >= (d)->bottom)? \
-					(a)-(c) : (((a)-(c))-(d)->size))
-
-
-/*
- * The following is a clock, used to determine full, empty, etc.
- *
- * There is some trickiness here.  Since the ring buffers are initialized
- * to ZERO on allocation, we need to make sure, when interpreting the
- * clock, that when the times are EQUAL, then the buffer is FULL.
- */
-static u_long ring_clock = 0;
-
-
-#define	ring_empty(d) (((d)->consume == (d)->supply) && \
-				((d)->consumetime >= (d)->supplytime))
-#define	ring_full(d) (((d)->supply == (d)->consume) && \
-				((d)->supplytime > (d)->consumetime))
-
-
-
-
-
-/* Buffer state transition routines */
-
-	int
-    ring_init(ring, buffer, count)
-Ring *ring;
-    unsigned char *buffer;
-    int count;
-{
-    memset((char *)ring, 0, sizeof *ring);
-
-    ring->size = count;
-
-    ring->supply = ring->consume = ring->bottom = buffer;
-
-    ring->top = ring->bottom+ring->size;
-
-#ifdef	ENCRYPTION
-    ring->clearto = 0;
-#endif	/* ENCRYPTION */
-
-    return 1;
-}
-
-/* Mark routines */
-
-/*
- * Mark the most recently supplied byte.
- */
-
-    void
-ring_mark(ring)
-    Ring *ring;
-{
-    ring->mark = ring_decrement(ring, ring->supply, 1);
-}
-
-/*
- * Is the ring pointing to the mark?
- */
-
-    int
-ring_at_mark(ring)
-    Ring *ring;
-{
-    if (ring->mark == ring->consume) {
-	return 1;
-    } else {
-	return 0;
-    }
-}
-
-/*
- * Clear any mark set on the ring.
- */
-
-    void
-ring_clear_mark(ring)
-    Ring *ring;
-{
-    ring->mark = 0;
-}
-
-/*
- * Add characters from current segment to ring buffer.
- */
-    void
-ring_supplied(ring, count)
-    Ring *ring;
-    int count;
-{
-    ring->supply = ring_increment(ring, ring->supply, count);
-    ring->supplytime = ++ring_clock;
-}
-
-/*
- * We have just consumed "c" bytes.
- */
-    void
-ring_consumed(ring, count)
-    Ring *ring;
-    int count;
-{
-    if (count == 0)	/* don't update anything */
-	return;
-
-    if (ring->mark &&
-		(ring_subtract(ring, ring->mark, ring->consume) < count)) {
-	ring->mark = 0;
-    }
-#ifdef	ENCRYPTION
-    if (ring->consume < ring->clearto &&
-		ring->clearto <= ring->consume + count)
-	ring->clearto = 0;
-    else if (ring->consume + count > ring->top &&
-		ring->bottom <= ring->clearto &&
-		ring->bottom + ((ring->consume + count) - ring->top))
-	ring->clearto = 0;
-#endif	/* ENCRYPTION */
-    ring->consume = ring_increment(ring, ring->consume, count);
-    ring->consumetime = ++ring_clock;
-    /*
-     * Try to encourage "ring_empty_consecutive()" to be large.
-     */
-    if (ring_empty(ring)) {
-	ring->consume = ring->supply = ring->bottom;
-    }
-}
-
-
-
-/* Buffer state query routines */
-
-
-/* Number of bytes that may be supplied */
-    int
-ring_empty_count(ring)
-    Ring *ring;
-{
-    if (ring_empty(ring)) {	/* if empty */
-	    return ring->size;
-    } else {
-	return ring_subtract(ring, ring->consume, ring->supply);
-    }
-}
-
-/* number of CONSECUTIVE bytes that may be supplied */
-    int
-ring_empty_consecutive(ring)
-    Ring *ring;
-{
-    if ((ring->consume < ring->supply) || ring_empty(ring)) {
-			    /*
-			     * if consume is "below" supply, or empty, then
-			     * return distance to the top
-			     */
-	return ring_subtract(ring, ring->top, ring->supply);
-    } else {
-				    /*
-				     * else, return what we may.
-				     */
-	return ring_subtract(ring, ring->consume, ring->supply);
-    }
-}
-
-/* Return the number of bytes that are available for consuming
- * (but don't give more than enough to get to cross over set mark)
- */
-
-    int
-ring_full_count(ring)
-    Ring *ring;
-{
-    if ((ring->mark == 0) || (ring->mark == ring->consume)) {
-	if (ring_full(ring)) {
-	    return ring->size;	/* nothing consumed, but full */
-	} else {
-	    return ring_subtract(ring, ring->supply, ring->consume);
-	}
-    } else {
-	return ring_subtract(ring, ring->mark, ring->consume);
-    }
-}
-
-/*
- * Return the number of CONSECUTIVE bytes available for consuming.
- * However, don't return more than enough to cross over set mark.
- */
-    int
-ring_full_consecutive(ring)
-    Ring *ring;
-{
-    if ((ring->mark == 0) || (ring->mark == ring->consume)) {
-	if ((ring->supply < ring->consume) || ring_full(ring)) {
-	    return ring_subtract(ring, ring->top, ring->consume);
-	} else {
-	    return ring_subtract(ring, ring->supply, ring->consume);
-	}
-    } else {
-	if (ring->mark < ring->consume) {
-	    return ring_subtract(ring, ring->top, ring->consume);
-	} else {	/* Else, distance to mark */
-	    return ring_subtract(ring, ring->mark, ring->consume);
-	}
-    }
-}
-
-/*
- * Move data into the "supply" portion of of the ring buffer.
- */
-    void
-ring_supply_data(ring, buffer, count)
-    Ring *ring;
-    unsigned char *buffer;
-    int count;
-{
-    int i;
-
-    while (count) {
-	i = MIN(count, ring_empty_consecutive(ring));
-	memmove(ring->supply, buffer, i);
-	ring_supplied(ring, i);
-	count -= i;
-	buffer += i;
-    }
-}
-
-#ifdef notdef
-
-/*
- * Move data from the "consume" portion of the ring buffer
- */
-    void
-ring_consume_data(ring, buffer, count)
-    Ring *ring;
-    unsigned char *buffer;
-    int count;
-{
-    int i;
-
-    while (count) {
-	i = MIN(count, ring_full_consecutive(ring));
-	memmove(buffer, ring->consume, i);
-	ring_consumed(ring, i);
-	count -= i;
-	buffer += i;
-    }
-}
-#endif
-
-#ifdef	ENCRYPTION
-    void
-ring_encrypt(ring, encryptor)
-    Ring *ring;
-    void (*encryptor)();
-{
-    unsigned char *s, *c;
-
-    if (ring_empty(ring) || ring->clearto == ring->supply)
-	return;
-
-    if (!(c = ring->clearto))
-	c = ring->consume;
-
-    s = ring->supply;
-
-    if (s <= c) {
-	(*encryptor)(c, ring->top - c);
-	(*encryptor)(ring->bottom, s - ring->bottom);
-    } else
-	(*encryptor)(c, s - c);
-
-    ring->clearto = ring->supply;
-}
-
-    void
-ring_clearto(ring)
-    Ring *ring;
-{
-    if (!ring_empty(ring))
-	ring->clearto = ring->supply;
-    else
-	ring->clearto = 0;
-}
-#endif	/* ENCRYPTION */
diff --git a/crypto/telnet/telnet/ring.h b/crypto/telnet/telnet/ring.h
deleted file mode 100644
index 2a36781e5ae5..000000000000
--- a/crypto/telnet/telnet/ring.h
+++ /dev/null
@@ -1,105 +0,0 @@
-/*
- * Copyright (c) 1988, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)ring.h	8.1 (Berkeley) 6/6/93
- */
-
-#if defined(P)
-# undef P
-#endif
-
-#if defined(__STDC__) || defined(LINT_ARGS)
-# define	P(x)	x
-#else
-# define	P(x)	()
-#endif
-
-/*
- * This defines a structure for a ring buffer.
- *
- * The circular buffer has two parts:
- *(((
- *	full:	[consume, supply)
- *	empty:	[supply, consume)
- *]]]
- *
- */
-typedef struct {
-    unsigned char	*consume,	/* where data comes out of */
-			*supply,	/* where data comes in to */
-			*bottom,	/* lowest address in buffer */
-			*top,		/* highest address+1 in buffer */
-			*mark;		/* marker (user defined) */
-#ifdef	ENCRYPTION
-    unsigned char	*clearto;	/* Data to this point is clear text */
-    unsigned char	*encryyptedto;	/* Data is encrypted to here */
-#endif	/* ENCRYPTION */
-    int		size;		/* size in bytes of buffer */
-    u_long	consumetime,	/* help us keep straight full, empty, etc. */
-		supplytime;
-} Ring;
-
-/* Here are some functions and macros to deal with the ring buffer */
-
-/* Initialization routine */
-extern int
-	ring_init P((Ring *ring, unsigned char *buffer, int count));
-
-/* Data movement routines */
-extern void
-	ring_supply_data P((Ring *ring, unsigned char *buffer, int count));
-#ifdef notdef
-extern void
-	ring_consume_data P((Ring *ring, unsigned char *buffer, int count));
-#endif
-
-/* Buffer state transition routines */
-extern void
-	ring_supplied P((Ring *ring, int count)),
-	ring_consumed P((Ring *ring, int count));
-
-/* Buffer state query routines */
-extern int
-	ring_empty_count P((Ring *ring)),
-	ring_empty_consecutive P((Ring *ring)),
-	ring_full_count P((Ring *ring)),
-	ring_full_consecutive P((Ring *ring));
-
-#ifdef	ENCRYPTION
-extern void
-	ring_encrypt P((Ring *ring, void (*func)())),
-	ring_clearto P((Ring *ring));
-#endif	/* ENCRYPTION */
-
-extern void
-    ring_clear_mark(),
-    ring_mark();
diff --git a/crypto/telnet/telnet/sys_bsd.c b/crypto/telnet/telnet/sys_bsd.c
deleted file mode 100644
index ed5f459e957c..000000000000
--- a/crypto/telnet/telnet/sys_bsd.c
+++ /dev/null
@@ -1,1221 +0,0 @@
-/*
- * Copyright (c) 1988, 1990, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef lint
-static const char sccsid[] = "@(#)sys_bsd.c	8.4 (Berkeley) 5/30/95";
-#endif /* not lint */
-
-/*
- * The following routines try to encapsulate what is system dependent
- * (at least between 4.x and dos) which is used in telnet.c.
- */
-
-
-#include <fcntl.h>
-#include <sys/types.h>
-#include <sys/time.h>
-#include <sys/socket.h>
-#include <signal.h>
-#include <errno.h>
-#include <arpa/telnet.h>
-#include <unistd.h>
-
-#include "ring.h"
-
-#include "fdset.h"
-
-#include "defines.h"
-#include "externs.h"
-#include "types.h"
-
-#if	defined(CRAY) || (defined(USE_TERMIO) && !defined(SYSV_TERMIO))
-#define	SIG_FUNC_RET	void
-#else
-#define	SIG_FUNC_RET	int
-#endif
-
-#ifdef	SIGINFO
-extern SIG_FUNC_RET ayt_status();
-#endif
-
-int
-	tout,			/* Output file descriptor */
-	tin,			/* Input file descriptor */
-	net;
-
-#ifndef	USE_TERMIO
-struct	tchars otc = { 0 }, ntc = { 0 };
-struct	ltchars oltc = { 0 }, nltc = { 0 };
-struct	sgttyb ottyb = { 0 }, nttyb = { 0 };
-int	olmode = 0;
-# define cfgetispeed(ptr)	(ptr)->sg_ispeed
-# define cfgetospeed(ptr)	(ptr)->sg_ospeed
-# define old_tc ottyb
-
-#else	/* USE_TERMIO */
-struct	termio old_tc = { 0 };
-extern struct termio new_tc;
-
-# ifndef	TCSANOW
-#  ifdef TCSETS
-#   define	TCSANOW		TCSETS
-#   define	TCSADRAIN	TCSETSW
-#   define	tcgetattr(f, t) ioctl(f, TCGETS, (char *)t)
-#  else
-#   ifdef TCSETA
-#    define	TCSANOW		TCSETA
-#    define	TCSADRAIN	TCSETAW
-#    define	tcgetattr(f, t) ioctl(f, TCGETA, (char *)t)
-#   else
-#    define	TCSANOW		TIOCSETA
-#    define	TCSADRAIN	TIOCSETAW
-#    define	tcgetattr(f, t) ioctl(f, TIOCGETA, (char *)t)
-#   endif
-#  endif
-#  define	tcsetattr(f, a, t) ioctl(f, a, (char *)t)
-#  define	cfgetospeed(ptr)	((ptr)->c_cflag&CBAUD)
-#  ifdef CIBAUD
-#   define	cfgetispeed(ptr)	(((ptr)->c_cflag&CIBAUD) >> IBSHIFT)
-#  else
-#   define	cfgetispeed(ptr)	cfgetospeed(ptr)
-#  endif
-# endif /* TCSANOW */
-# ifdef	sysV88
-# define TIOCFLUSH TC_PX_DRAIN
-# endif
-#endif	/* USE_TERMIO */
-
-static fd_set ibits, obits, xbits;
-
-
-    void
-init_sys()
-{
-    tout = fileno(stdout);
-    tin = fileno(stdin);
-    FD_ZERO(&ibits);
-    FD_ZERO(&obits);
-    FD_ZERO(&xbits);
-
-    errno = 0;
-}
-
-
-    int
-TerminalWrite(buf, n)
-    char *buf;
-    int  n;
-{
-    return write(tout, buf, n);
-}
-
-    int
-TerminalRead(buf, n)
-    char *buf;
-    int  n;
-{
-    return read(tin, buf, n);
-}
-
-/*
- *
- */
-
-    int
-TerminalAutoFlush()
-{
-#if	defined(LNOFLSH)
-    int flush;
-
-    ioctl(0, TIOCLGET, (char *)&flush);
-    return !(flush&LNOFLSH);	/* if LNOFLSH, no autoflush */
-#else	/* LNOFLSH */
-    return 1;
-#endif	/* LNOFLSH */
-}
-
-#ifdef	KLUDGELINEMODE
-extern int kludgelinemode;
-#endif
-/*
- * TerminalSpecialChars()
- *
- * Look at an input character to see if it is a special character
- * and decide what to do.
- *
- * Output:
- *
- *	0	Don't add this character.
- *	1	Do add this character
- */
-
-extern void xmitAO(), xmitEL(), xmitEC(), intp(), sendbrk();
-
-    int
-TerminalSpecialChars(c)
-    int	c;
-{
-    if (c == termIntChar) {
-	intp();
-	return 0;
-    } else if (c == termQuitChar) {
-#ifdef	KLUDGELINEMODE
-	if (kludgelinemode)
-	    sendbrk();
-	else
-#endif
-	    sendabort();
-	return 0;
-    } else if (c == termEofChar) {
-	if (my_want_state_is_will(TELOPT_LINEMODE)) {
-	    sendeof();
-	    return 0;
-	}
-	return 1;
-    } else if (c == termSuspChar) {
-	sendsusp();
-	return(0);
-    } else if (c == termFlushChar) {
-	xmitAO();		/* Transmit Abort Output */
-	return 0;
-    } else if (!MODE_LOCAL_CHARS(globalmode)) {
-	if (c == termKillChar) {
-	    xmitEL();
-	    return 0;
-	} else if (c == termEraseChar) {
-	    xmitEC();		/* Transmit Erase Character */
-	    return 0;
-	}
-    }
-    return 1;
-}
-
-
-/*
- * Flush output to the terminal
- */
-
-    void
-TerminalFlushOutput()
-{
-#ifdef	TIOCFLUSH
-    (void) ioctl(fileno(stdout), TIOCFLUSH, (char *) 0);
-#else
-    (void) ioctl(fileno(stdout), TCFLSH, (char *) 0);
-#endif
-}
-
-    void
-TerminalSaveState()
-{
-#ifndef	USE_TERMIO
-    ioctl(0, TIOCGETP, (char *)&ottyb);
-    ioctl(0, TIOCGETC, (char *)&otc);
-    ioctl(0, TIOCGLTC, (char *)&oltc);
-    ioctl(0, TIOCLGET, (char *)&olmode);
-
-    ntc = otc;
-    nltc = oltc;
-    nttyb = ottyb;
-
-#else	/* USE_TERMIO */
-    tcgetattr(0, &old_tc);
-
-    new_tc = old_tc;
-
-#ifndef	VDISCARD
-    termFlushChar = CONTROL('O');
-#endif
-#ifndef	VWERASE
-    termWerasChar = CONTROL('W');
-#endif
-#ifndef	VREPRINT
-    termRprntChar = CONTROL('R');
-#endif
-#ifndef	VLNEXT
-    termLiteralNextChar = CONTROL('V');
-#endif
-#ifndef	VSTART
-    termStartChar = CONTROL('Q');
-#endif
-#ifndef	VSTOP
-    termStopChar = CONTROL('S');
-#endif
-#ifndef	VSTATUS
-    termAytChar = CONTROL('T');
-#endif
-#endif	/* USE_TERMIO */
-}
-
-    cc_t *
-tcval(func)
-    register int func;
-{
-    switch(func) {
-    case SLC_IP:	return(&termIntChar);
-    case SLC_ABORT:	return(&termQuitChar);
-    case SLC_EOF:	return(&termEofChar);
-    case SLC_EC:	return(&termEraseChar);
-    case SLC_EL:	return(&termKillChar);
-    case SLC_XON:	return(&termStartChar);
-    case SLC_XOFF:	return(&termStopChar);
-    case SLC_FORW1:	return(&termForw1Char);
-#ifdef	USE_TERMIO
-    case SLC_FORW2:	return(&termForw2Char);
-# ifdef	VDISCARD
-    case SLC_AO:	return(&termFlushChar);
-# endif
-# ifdef	VSUSP
-    case SLC_SUSP:	return(&termSuspChar);
-# endif
-# ifdef	VWERASE
-    case SLC_EW:	return(&termWerasChar);
-# endif
-# ifdef	VREPRINT
-    case SLC_RP:	return(&termRprntChar);
-# endif
-# ifdef	VLNEXT
-    case SLC_LNEXT:	return(&termLiteralNextChar);
-# endif
-# ifdef	VSTATUS
-    case SLC_AYT:	return(&termAytChar);
-# endif
-#endif
-
-    case SLC_SYNCH:
-    case SLC_BRK:
-    case SLC_EOR:
-    default:
-	return((cc_t *)0);
-    }
-}
-
-    void
-TerminalDefaultChars()
-{
-#ifndef	USE_TERMIO
-    ntc = otc;
-    nltc = oltc;
-    nttyb.sg_kill = ottyb.sg_kill;
-    nttyb.sg_erase = ottyb.sg_erase;
-#else	/* USE_TERMIO */
-    memmove(new_tc.c_cc, old_tc.c_cc, sizeof(old_tc.c_cc));
-# ifndef	VDISCARD
-    termFlushChar = CONTROL('O');
-# endif
-# ifndef	VWERASE
-    termWerasChar = CONTROL('W');
-# endif
-# ifndef	VREPRINT
-    termRprntChar = CONTROL('R');
-# endif
-# ifndef	VLNEXT
-    termLiteralNextChar = CONTROL('V');
-# endif
-# ifndef	VSTART
-    termStartChar = CONTROL('Q');
-# endif
-# ifndef	VSTOP
-    termStopChar = CONTROL('S');
-# endif
-# ifndef	VSTATUS
-    termAytChar = CONTROL('T');
-# endif
-#endif	/* USE_TERMIO */
-}
-
-#ifdef notdef
-void
-TerminalRestoreState()
-{
-}
-#endif
-
-/*
- * TerminalNewMode - set up terminal to a specific mode.
- *	MODE_ECHO: do local terminal echo
- *	MODE_FLOW: do local flow control
- *	MODE_TRAPSIG: do local mapping to TELNET IAC sequences
- *	MODE_EDIT: do local line editing
- *
- *	Command mode:
- *		MODE_ECHO|MODE_EDIT|MODE_FLOW|MODE_TRAPSIG
- *		local echo
- *		local editing
- *		local xon/xoff
- *		local signal mapping
- *
- *	Linemode:
- *		local/no editing
- *	Both Linemode and Single Character mode:
- *		local/remote echo
- *		local/no xon/xoff
- *		local/no signal mapping
- */
-
-
-    void
-TerminalNewMode(f)
-    register int f;
-{
-    static int prevmode = 0;
-#ifndef	USE_TERMIO
-    struct tchars tc;
-    struct ltchars ltc;
-    struct sgttyb sb;
-    int lmode;
-#else	/* USE_TERMIO */
-    struct termio tmp_tc;
-#endif	/* USE_TERMIO */
-    int onoff;
-    int old;
-    cc_t esc;
-
-    globalmode = f&~MODE_FORCE;
-    if (prevmode == f)
-	return;
-
-    /*
-     * Write any outstanding data before switching modes
-     * ttyflush() returns 0 only when there is no more data
-     * left to write out, it returns -1 if it couldn't do
-     * anything at all, otherwise it returns 1 + the number
-     * of characters left to write.
-#ifndef	USE_TERMIO
-     * We would really like ask the kernel to wait for the output
-     * to drain, like we can do with the TCSADRAIN, but we don't have
-     * that option.  The only ioctl that waits for the output to
-     * drain, TIOCSETP, also flushes the input queue, which is NOT
-     * what we want (TIOCSETP is like TCSADFLUSH).
-#endif
-     */
-    old = ttyflush(SYNCHing|flushout);
-    if (old < 0 || old > 1) {
-#ifdef	USE_TERMIO
-	tcgetattr(tin, &tmp_tc);
-#endif	/* USE_TERMIO */
-	do {
-	    /*
-	     * Wait for data to drain, then flush again.
-	     */
-#ifdef	USE_TERMIO
-	    tcsetattr(tin, TCSADRAIN, &tmp_tc);
-#endif	/* USE_TERMIO */
-	    old = ttyflush(SYNCHing|flushout);
-	} while (old < 0 || old > 1);
-    }
-
-    old = prevmode;
-    prevmode = f&~MODE_FORCE;
-#ifndef	USE_TERMIO
-    sb = nttyb;
-    tc = ntc;
-    ltc = nltc;
-    lmode = olmode;
-#else
-    tmp_tc = new_tc;
-#endif
-
-    if (f&MODE_ECHO) {
-#ifndef	USE_TERMIO
-	sb.sg_flags |= ECHO;
-#else
-	tmp_tc.c_lflag |= ECHO;
-	tmp_tc.c_oflag |= ONLCR;
-	if (crlf)
-		tmp_tc.c_iflag |= ICRNL;
-#endif
-    } else {
-#ifndef	USE_TERMIO
-	sb.sg_flags &= ~ECHO;
-#else
-	tmp_tc.c_lflag &= ~ECHO;
-	tmp_tc.c_oflag &= ~ONLCR;
-# ifdef notdef
-	if (crlf)
-		tmp_tc.c_iflag &= ~ICRNL;
-# endif
-#endif
-    }
-
-    if ((f&MODE_FLOW) == 0) {
-#ifndef	USE_TERMIO
-	tc.t_startc = _POSIX_VDISABLE;
-	tc.t_stopc = _POSIX_VDISABLE;
-#else
-	tmp_tc.c_iflag &= ~(IXOFF|IXON);	/* Leave the IXANY bit alone */
-    } else {
-	if (restartany < 0) {
-		tmp_tc.c_iflag |= IXOFF|IXON;	/* Leave the IXANY bit alone */
-	} else if (restartany > 0) {
-		tmp_tc.c_iflag |= IXOFF|IXON|IXANY;
-	} else {
-		tmp_tc.c_iflag |= IXOFF|IXON;
-		tmp_tc.c_iflag &= ~IXANY;
-	}
-#endif
-    }
-
-    if ((f&MODE_TRAPSIG) == 0) {
-#ifndef	USE_TERMIO
-	tc.t_intrc = _POSIX_VDISABLE;
-	tc.t_quitc = _POSIX_VDISABLE;
-	tc.t_eofc = _POSIX_VDISABLE;
-	ltc.t_suspc = _POSIX_VDISABLE;
-	ltc.t_dsuspc = _POSIX_VDISABLE;
-#else
-	tmp_tc.c_lflag &= ~ISIG;
-#endif
-	localchars = 0;
-    } else {
-#ifdef	USE_TERMIO
-	tmp_tc.c_lflag |= ISIG;
-#endif
-	localchars = 1;
-    }
-
-    if (f&MODE_EDIT) {
-#ifndef	USE_TERMIO
-	sb.sg_flags &= ~CBREAK;
-	sb.sg_flags |= CRMOD;
-#else
-	tmp_tc.c_lflag |= ICANON;
-#endif
-    } else {
-#ifndef	USE_TERMIO
-	sb.sg_flags |= CBREAK;
-	if (f&MODE_ECHO)
-	    sb.sg_flags |= CRMOD;
-	else
-	    sb.sg_flags &= ~CRMOD;
-#else
-	tmp_tc.c_lflag &= ~ICANON;
-	tmp_tc.c_iflag &= ~ICRNL;
-	tmp_tc.c_cc[VMIN] = 1;
-	tmp_tc.c_cc[VTIME] = 0;
-#endif
-    }
-
-    if ((f&(MODE_EDIT|MODE_TRAPSIG)) == 0) {
-#ifndef	USE_TERMIO
-	ltc.t_lnextc = _POSIX_VDISABLE;
-#else
-# ifdef VLNEXT
-	tmp_tc.c_cc[VLNEXT] = (cc_t)(_POSIX_VDISABLE);
-# endif
-#endif
-    }
-
-    if (f&MODE_SOFT_TAB) {
-#ifndef USE_TERMIO
-	sb.sg_flags |= XTABS;
-#else
-# ifdef	OXTABS
-	tmp_tc.c_oflag |= OXTABS;
-# endif
-# ifdef	TABDLY
-	tmp_tc.c_oflag &= ~TABDLY;
-	tmp_tc.c_oflag |= TAB3;
-# endif
-#endif
-    } else {
-#ifndef USE_TERMIO
-	sb.sg_flags &= ~XTABS;
-#else
-# ifdef	OXTABS
-	tmp_tc.c_oflag &= ~OXTABS;
-# endif
-# ifdef	TABDLY
-	tmp_tc.c_oflag &= ~TABDLY;
-# endif
-#endif
-    }
-
-    if (f&MODE_LIT_ECHO) {
-#ifndef USE_TERMIO
-	lmode &= ~LCTLECH;
-#else
-# ifdef	ECHOCTL
-	tmp_tc.c_lflag &= ~ECHOCTL;
-# endif
-#endif
-    } else {
-#ifndef USE_TERMIO
-	lmode |= LCTLECH;
-#else
-# ifdef	ECHOCTL
-	tmp_tc.c_lflag |= ECHOCTL;
-# endif
-#endif
-    }
-
-    if (f == -1) {
-	onoff = 0;
-    } else {
-#ifndef	USE_TERMIO
-	if (f & MODE_OUTBIN)
-		lmode |= LLITOUT;
-	else
-		lmode &= ~LLITOUT;
-
-	if (f & MODE_INBIN)
-		lmode |= LPASS8;
-	else
-		lmode &= ~LPASS8;
-#else
-	if (f & MODE_INBIN)
-		tmp_tc.c_iflag &= ~ISTRIP;
-	else
-		tmp_tc.c_iflag |= ISTRIP;
-	if (f & MODE_OUTBIN) {
-		tmp_tc.c_cflag &= ~(CSIZE|PARENB);
-		tmp_tc.c_cflag |= CS8;
-		tmp_tc.c_oflag &= ~OPOST;
-	} else {
-		tmp_tc.c_cflag &= ~(CSIZE|PARENB);
-		tmp_tc.c_cflag |= old_tc.c_cflag & (CSIZE|PARENB);
-		tmp_tc.c_oflag |= OPOST;
-	}
-#endif
-	onoff = 1;
-    }
-
-    if (f != -1) {
-#ifdef	SIGTSTP
-	SIG_FUNC_RET susp();
-#endif	/* SIGTSTP */
-#ifdef	SIGINFO
-	SIG_FUNC_RET ayt();
-#endif
-
-#ifdef	SIGTSTP
-	(void) signal(SIGTSTP, susp);
-#endif	/* SIGTSTP */
-#ifdef	SIGINFO
-	(void) signal(SIGINFO, ayt);
-#endif
-#if	defined(USE_TERMIO) && defined(NOKERNINFO)
-	tmp_tc.c_lflag |= NOKERNINFO;
-#endif
-	/*
-	 * We don't want to process ^Y here.  It's just another
-	 * character that we'll pass on to the back end.  It has
-	 * to process it because it will be processed when the
-	 * user attempts to read it, not when we send it.
-	 */
-#ifndef	USE_TERMIO
-	ltc.t_dsuspc = _POSIX_VDISABLE;
-#else
-# ifdef	VDSUSP
-	tmp_tc.c_cc[VDSUSP] = (cc_t)(_POSIX_VDISABLE);
-# endif
-#endif
-#ifdef	USE_TERMIO
-	/*
-	 * If the VEOL character is already set, then use VEOL2,
-	 * otherwise use VEOL.
-	 */
-	esc = (rlogin != _POSIX_VDISABLE) ? rlogin : escape;
-	if ((tmp_tc.c_cc[VEOL] != esc)
-# ifdef	VEOL2
-	    && (tmp_tc.c_cc[VEOL2] != esc)
-# endif
-	    ) {
-		if (tmp_tc.c_cc[VEOL] == (cc_t)(_POSIX_VDISABLE))
-		    tmp_tc.c_cc[VEOL] = esc;
-# ifdef	VEOL2
-		else if (tmp_tc.c_cc[VEOL2] == (cc_t)(_POSIX_VDISABLE))
-		    tmp_tc.c_cc[VEOL2] = esc;
-# endif
-	}
-#else
-	if (tc.t_brkc == (cc_t)(_POSIX_VDISABLE))
-		tc.t_brkc = esc;
-#endif
-    } else {
-#ifdef	SIGINFO
-	SIG_FUNC_RET ayt_status();
-
-	(void) signal(SIGINFO, ayt_status);
-#endif
-#ifdef	SIGTSTP
-	(void) signal(SIGTSTP, SIG_DFL);
-# ifndef SOLARIS
-	(void) sigsetmask(sigblock(0) & ~(1<<(SIGTSTP-1)));
-# else	SOLARIS
-	(void) sigrelse(SIGTSTP);
-# endif	SOLARIS
-#endif	/* SIGTSTP */
-#ifndef USE_TERMIO
-	ltc = oltc;
-	tc = otc;
-	sb = ottyb;
-	lmode = olmode;
-#else
-	tmp_tc = old_tc;
-#endif
-    }
-#ifndef USE_TERMIO
-    ioctl(tin, TIOCLSET, (char *)&lmode);
-    ioctl(tin, TIOCSLTC, (char *)&ltc);
-    ioctl(tin, TIOCSETC, (char *)&tc);
-    ioctl(tin, TIOCSETN, (char *)&sb);
-#else
-    if (tcsetattr(tin, TCSADRAIN, &tmp_tc) < 0)
-	tcsetattr(tin, TCSANOW, &tmp_tc);
-#endif
-
-#if	(!defined(TN3270)) || ((!defined(NOT43)) || defined(PUTCHAR))
-# if	!defined(sysV88)
-    ioctl(tin, FIONBIO, (char *)&onoff);
-    ioctl(tout, FIONBIO, (char *)&onoff);
-# endif
-#endif	/* (!defined(TN3270)) || ((!defined(NOT43)) || defined(PUTCHAR)) */
-#if	defined(TN3270)
-    if (noasynchtty == 0) {
-	ioctl(tin, FIOASYNC, (char *)&onoff);
-    }
-#endif	/* defined(TN3270) */
-
-}
-
-/*
- * Try to guess whether speeds are "encoded" (4.2BSD) or just numeric (4.4BSD).
- */
-#if B4800 != 4800
-#define	DECODE_BAUD
-#endif
-
-#ifdef	DECODE_BAUD
-#ifndef	B7200
-#define B7200   B4800
-#endif
-
-#ifndef	B14400
-#define B14400  B9600
-#endif
-
-#ifndef	B19200
-# define B19200 B14400
-#endif
-
-#ifndef	B28800
-#define B28800  B19200
-#endif
-
-#ifndef	B38400
-# define B38400 B28800
-#endif
-
-#ifndef B57600
-#define B57600  B38400
-#endif
-
-#ifndef B76800
-#define B76800  B57600
-#endif
-
-#ifndef B115200
-#define B115200 B76800
-#endif
-
-#ifndef B230400
-#define B230400 B115200
-#endif
-
-
-/*
- * This code assumes that the values B0, B50, B75...
- * are in ascending order.  They do not have to be
- * contiguous.
- */
-struct termspeeds {
-	long speed;
-	long value;
-} termspeeds[] = {
-	{ 0,      B0 },      { 50,    B50 },    { 75,     B75 },
-	{ 110,    B110 },    { 134,   B134 },   { 150,    B150 },
-	{ 200,    B200 },    { 300,   B300 },   { 600,    B600 },
-	{ 1200,   B1200 },   { 1800,  B1800 },  { 2400,   B2400 },
-	{ 4800,   B4800 },   { 7200,  B7200 },  { 9600,   B9600 },
-	{ 14400,  B14400 },  { 19200, B19200 }, { 28800,  B28800 },
-	{ 38400,  B38400 },  { 57600, B57600 }, { 115200, B115200 },
-	{ 230400, B230400 }, { -1,    B230400 }
-};
-#endif	/* DECODE_BAUD */
-
-    void
-TerminalSpeeds(ispeed, ospeed)
-    long *ispeed;
-    long *ospeed;
-{
-#ifdef	DECODE_BAUD
-    register struct termspeeds *tp;
-#endif	/* DECODE_BAUD */
-    register long in, out;
-
-    out = cfgetospeed(&old_tc);
-    in = cfgetispeed(&old_tc);
-    if (in == 0)
-	in = out;
-
-#ifdef	DECODE_BAUD
-    tp = termspeeds;
-    while ((tp->speed != -1) && (tp->value < in))
-	tp++;
-    *ispeed = tp->speed;
-
-    tp = termspeeds;
-    while ((tp->speed != -1) && (tp->value < out))
-	tp++;
-    *ospeed = tp->speed;
-#else	/* DECODE_BAUD */
-	*ispeed = in;
-	*ospeed = out;
-#endif	/* DECODE_BAUD */
-}
-
-    int
-TerminalWindowSize(rows, cols)
-    long *rows, *cols;
-{
-#ifdef	TIOCGWINSZ
-    struct winsize ws;
-
-    if (ioctl(fileno(stdin), TIOCGWINSZ, (char *)&ws) >= 0) {
-	*rows = ws.ws_row;
-	*cols = ws.ws_col;
-	return 1;
-    }
-#endif	/* TIOCGWINSZ */
-    return 0;
-}
-
-    int
-NetClose(fd)
-    int	fd;
-{
-    return close(fd);
-}
-
-
-    void
-NetNonblockingIO(fd, onoff)
-    int fd;
-    int onoff;
-{
-    ioctl(fd, FIONBIO, (char *)&onoff);
-}
-
-#if	defined(TN3270)
-    void
-NetSigIO(fd, onoff)
-    int fd;
-    int onoff;
-{
-    ioctl(fd, FIOASYNC, (char *)&onoff);	/* hear about input */
-}
-
-    void
-NetSetPgrp(fd)
-    int fd;
-{
-    int myPid;
-
-    myPid = getpid();
-    fcntl(fd, F_SETOWN, myPid);
-}
-#endif	/*defined(TN3270)*/
-
-/*
- * Various signal handling routines.
- */
-
-    /* ARGSUSED */
-    SIG_FUNC_RET
-deadpeer(sig)
-    int sig;
-{
-	setcommandmode();
-	longjmp(peerdied, -1);
-}
-
-    /* ARGSUSED */
-    SIG_FUNC_RET
-intr(sig)
-    int sig;
-{
-    if (localchars) {
-	intp();
-	return;
-    }
-    setcommandmode();
-    longjmp(toplevel, -1);
-}
-
-    /* ARGSUSED */
-    SIG_FUNC_RET
-intr2(sig)
-    int sig;
-{
-    if (localchars) {
-#ifdef	KLUDGELINEMODE
-	if (kludgelinemode)
-	    sendbrk();
-	else
-#endif
-	    sendabort();
-	return;
-    }
-}
-
-#ifdef	SIGTSTP
-    /* ARGSUSED */
-    SIG_FUNC_RET
-susp(sig)
-    int sig;
-{
-    if ((rlogin != _POSIX_VDISABLE) && rlogin_susp())
-	return;
-    if (localchars)
-	sendsusp();
-}
-#endif
-
-#ifdef	SIGWINCH
-    /* ARGSUSED */
-    SIG_FUNC_RET
-sendwin(sig)
-    int sig;
-{
-    if (connected) {
-	sendnaws();
-    }
-}
-#endif
-
-#ifdef	SIGINFO
-    /* ARGSUSED */
-    SIG_FUNC_RET
-ayt(sig)
-    int sig;
-{
-    if (connected)
-	sendayt();
-    else
-	ayt_status();
-}
-#endif
-
-
-    void
-sys_telnet_init()
-{
-    (void) signal(SIGINT, intr);
-    (void) signal(SIGQUIT, intr2);
-    (void) signal(SIGPIPE, deadpeer);
-#ifdef	SIGWINCH
-    (void) signal(SIGWINCH, sendwin);
-#endif
-#ifdef	SIGTSTP
-    (void) signal(SIGTSTP, susp);
-#endif
-#ifdef	SIGINFO
-    (void) signal(SIGINFO, ayt);
-#endif
-
-    setconnmode(0);
-
-    NetNonblockingIO(net, 1);
-
-#if	defined(TN3270)
-    if (noasynchnet == 0) {			/* DBX can't handle! */
-	NetSigIO(net, 1);
-	NetSetPgrp(net);
-    }
-#endif	/* defined(TN3270) */
-
-#if	defined(SO_OOBINLINE)
-    if (SetSockOpt(net, SOL_SOCKET, SO_OOBINLINE, 1) == -1) {
-	perror("SetSockOpt");
-    }
-#endif	/* defined(SO_OOBINLINE) */
-}
-
-/*
- * Process rings -
- *
- *	This routine tries to fill up/empty our various rings.
- *
- *	The parameter specifies whether this is a poll operation,
- *	or a block-until-something-happens operation.
- *
- *	The return value is 1 if something happened, 0 if not.
- */
-
-    int
-process_rings(netin, netout, netex, ttyin, ttyout, poll)
-    int poll;		/* If 0, then block until something to do */
-{
-    register int c;
-		/* One wants to be a bit careful about setting returnValue
-		 * to one, since a one implies we did some useful work,
-		 * and therefore probably won't be called to block next
-		 * time (TN3270 mode only).
-		 */
-    int returnValue = 0;
-    static struct timeval TimeValue = { 0 };
-
-    if (netout) {
-	FD_SET(net, &obits);
-    }
-    if (ttyout) {
-	FD_SET(tout, &obits);
-    }
-#if	defined(TN3270)
-    if (ttyin) {
-	FD_SET(tin, &ibits);
-    }
-#else	/* defined(TN3270) */
-    if (ttyin) {
-	FD_SET(tin, &ibits);
-    }
-#endif	/* defined(TN3270) */
-#if	defined(TN3270)
-    if (netin) {
-	FD_SET(net, &ibits);
-    }
-#   else /* !defined(TN3270) */
-    if (netin) {
-	FD_SET(net, &ibits);
-    }
-#   endif /* !defined(TN3270) */
-    if (netex) {
-	FD_SET(net, &xbits);
-    }
-    if ((c = select(16, &ibits, &obits, &xbits,
-			(poll == 0)? (struct timeval *)0 : &TimeValue)) < 0) {
-	if (c == -1) {
-		    /*
-		     * we can get EINTR if we are in line mode,
-		     * and the user does an escape (TSTP), or
-		     * some other signal generator.
-		     */
-	    if (errno == EINTR) {
-		return 0;
-	    }
-#	    if defined(TN3270)
-		    /*
-		     * we can get EBADF if we were in transparent
-		     * mode, and the transcom process died.
-		    */
-	    if (errno == EBADF) {
-			/*
-			 * zero the bits (even though kernel does it)
-			 * to make sure we are selecting on the right
-			 * ones.
-			*/
-		FD_ZERO(&ibits);
-		FD_ZERO(&obits);
-		FD_ZERO(&xbits);
-		return 0;
-	    }
-#	    endif /* defined(TN3270) */
-		    /* I don't like this, does it ever happen? */
-	    printf("sleep(5) from telnet, after select: %s\r\n", strerror(errno));
-	    sleep(5);
-	}
-	return 0;
-    }
-
-    /*
-     * Any urgent data?
-     */
-    if (FD_ISSET(net, &xbits)) {
-	FD_CLR(net, &xbits);
-	SYNCHing = 1;
-	(void) ttyflush(1);	/* flush already enqueued data */
-    }
-
-    /*
-     * Something to read from the network...
-     */
-    if (FD_ISSET(net, &ibits)) {
-	int canread;
-
-	FD_CLR(net, &ibits);
-	canread = ring_empty_consecutive(&netiring);
-#if	!defined(SO_OOBINLINE)
-	    /*
-	     * In 4.2 (and some early 4.3) systems, the
-	     * OOB indication and data handling in the kernel
-	     * is such that if two separate TCP Urgent requests
-	     * come in, one byte of TCP data will be overlaid.
-	     * This is fatal for Telnet, but we try to live
-	     * with it.
-	     *
-	     * In addition, in 4.2 (and...), a special protocol
-	     * is needed to pick up the TCP Urgent data in
-	     * the correct sequence.
-	     *
-	     * What we do is:  if we think we are in urgent
-	     * mode, we look to see if we are "at the mark".
-	     * If we are, we do an OOB receive.  If we run
-	     * this twice, we will do the OOB receive twice,
-	     * but the second will fail, since the second
-	     * time we were "at the mark", but there wasn't
-	     * any data there (the kernel doesn't reset
-	     * "at the mark" until we do a normal read).
-	     * Once we've read the OOB data, we go ahead
-	     * and do normal reads.
-	     *
-	     * There is also another problem, which is that
-	     * since the OOB byte we read doesn't put us
-	     * out of OOB state, and since that byte is most
-	     * likely the TELNET DM (data mark), we would
-	     * stay in the TELNET SYNCH (SYNCHing) state.
-	     * So, clocks to the rescue.  If we've "just"
-	     * received a DM, then we test for the
-	     * presence of OOB data when the receive OOB
-	     * fails (and AFTER we did the normal mode read
-	     * to clear "at the mark").
-	     */
-	if (SYNCHing) {
-	    int atmark;
-	    static int bogus_oob = 0, first = 1;
-
-	    ioctl(net, SIOCATMARK, (char *)&atmark);
-	    if (atmark) {
-		c = recv(net, netiring.supply, canread, MSG_OOB);
-		if ((c == -1) && (errno == EINVAL)) {
-		    c = recv(net, netiring.supply, canread, 0);
-		    if (clocks.didnetreceive < clocks.gotDM) {
-			SYNCHing = stilloob(net);
-		    }
-		} else if (first && c > 0) {
-		    /*
-		     * Bogosity check.  Systems based on 4.2BSD
-		     * do not return an error if you do a second
-		     * recv(MSG_OOB).  So, we do one.  If it
-		     * succeeds and returns exactly the same
-		     * data, then assume that we are running
-		     * on a broken system and set the bogus_oob
-		     * flag.  (If the data was different, then
-		     * we probably got some valid new data, so
-		     * increment the count...)
-		     */
-		    int i;
-		    i = recv(net, netiring.supply + c, canread - c, MSG_OOB);
-		    if (i == c &&
-			 memcmp(netiring.supply, netiring.supply + c, i) == 0) {
-			bogus_oob = 1;
-			first = 0;
-		    } else if (i < 0) {
-			bogus_oob = 0;
-			first = 0;
-		    } else
-			c += i;
-		}
-		if (bogus_oob && c > 0) {
-		    int i;
-		    /*
-		     * Bogosity.  We have to do the read
-		     * to clear the atmark to get out of
-		     * an infinate loop.
-		     */
-		    i = read(net, netiring.supply + c, canread - c);
-		    if (i > 0)
-			c += i;
-		}
-	    } else {
-		c = recv(net, netiring.supply, canread, 0);
-	    }
-	} else {
-	    c = recv(net, netiring.supply, canread, 0);
-	}
-	settimer(didnetreceive);
-#else	/* !defined(SO_OOBINLINE) */
-	c = recv(net, (char *)netiring.supply, canread, 0);
-#endif	/* !defined(SO_OOBINLINE) */
-	if (c < 0 && errno == EWOULDBLOCK) {
-	    c = 0;
-	} else if (c <= 0) {
-	    return -1;
-	}
-	if (netdata) {
-	    Dump('<', netiring.supply, c);
-	}
-	if (c)
-	    ring_supplied(&netiring, c);
-	returnValue = 1;
-    }
-
-    /*
-     * Something to read from the tty...
-     */
-    if (FD_ISSET(tin, &ibits)) {
-	FD_CLR(tin, &ibits);
-	c = TerminalRead(ttyiring.supply, ring_empty_consecutive(&ttyiring));
-	if (c < 0 && errno == EIO)
-	    c = 0;
-	if (c < 0 && errno == EWOULDBLOCK) {
-	    c = 0;
-	} else {
-	    /* EOF detection for line mode!!!! */
-	    if ((c == 0) && MODE_LOCAL_CHARS(globalmode) && isatty(tin)) {
-			/* must be an EOF... */
-		*ttyiring.supply = termEofChar;
-		c = 1;
-	    }
-	    if (c <= 0) {
-		return -1;
-	    }
-	    if (termdata) {
-		Dump('<', ttyiring.supply, c);
-	    }
-	    ring_supplied(&ttyiring, c);
-	}
-	returnValue = 1;		/* did something useful */
-    }
-
-    if (FD_ISSET(net, &obits)) {
-	FD_CLR(net, &obits);
-	returnValue |= netflush();
-    }
-    if (FD_ISSET(tout, &obits)) {
-	FD_CLR(tout, &obits);
-	returnValue |= (ttyflush(SYNCHing|flushout) > 0);
-    }
-
-    return returnValue;
-}
diff --git a/crypto/telnet/telnet/telnet.1 b/crypto/telnet/telnet/telnet.1
deleted file mode 100644
index b996fea3b2b4..000000000000
--- a/crypto/telnet/telnet/telnet.1
+++ /dev/null
@@ -1,1366 +0,0 @@
-.\" Copyright (c) 1983, 1990, 1993
-.\"	The Regents of the University of California.  All rights reserved.
-.\"
-.\" Redistribution and use in source and binary forms, with or without
-.\" modification, are permitted provided that the following conditions
-.\" are met:
-.\" 1. Redistributions of source code must retain the above copyright
-.\"    notice, this list of conditions and the following disclaimer.
-.\" 2. Redistributions in binary form must reproduce the above copyright
-.\"    notice, this list of conditions and the following disclaimer in the
-.\"    documentation and/or other materials provided with the distribution.
-.\" 3. All advertising materials mentioning features or use of this software
-.\"    must display the following acknowledgement:
-.\"	This product includes software developed by the University of
-.\"	California, Berkeley and its contributors.
-.\" 4. Neither the name of the University nor the names of its contributors
-.\"    may be used to endorse or promote products derived from this software
-.\"    without specific prior written permission.
-.\"
-.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
-.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
-.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-.\" SUCH DAMAGE.
-.\"
-.\"	@(#)telnet.1	8.6 (Berkeley) 6/1/94
-.\"
-.Dd June 1, 1994
-.Dt TELNET 1
-.Os BSD 4.2
-.Sh NAME
-.Nm telnet
-.Nd user interface to the 
-.Tn TELNET
-protocol
-.Sh SYNOPSIS
-.Nm telnet
-.Op Fl 8EFKLacdfrx
-.Op Fl S Ar tos
-.Op Fl X Ar authtype
-.Op Fl e Ar escapechar
-.Op Fl k Ar realm
-.Op Fl l Ar user
-.Op Fl n Ar tracefile
-.Oo
-.Ar host
-.Op port
-.Oc
-.Sh DESCRIPTION
-The
-.Nm telnet
-command
-is used to communicate with another host using the 
-.Tn TELNET
-protocol.
-If
-.Nm telnet
-is invoked without the
-.Ar host
-argument, it enters command mode,
-indicated by its prompt
-.Pq Nm telnet\&> .
-In this mode, it accepts and executes the commands listed below.
-If it is invoked with arguments, it performs an
-.Ic open
-command with those arguments.
-.Pp
-Options:
-.Bl -tag -width indent
-.It Fl 8
-Specifies an 8-bit data path.  This causes an attempt to
-negotiate the
-.Dv TELNET BINARY
-option on both input and output.
-.It Fl E
-Stops any character from being recognized as an escape character.
-.It Fl F
-If Kerberos V5 authentication is being used, the
-.Fl F
-option allows the local credentials to be forwarded
-to the remote system, including any credentials that
-have already been forwarded into the local environment.
-.It Fl K
-Specifies no automatic login to the remote system.
-.It Fl L
-Specifies an 8-bit data path on output.  This causes the
-BINARY option to be negotiated on output.
-.It Fl S Ar tos
-Sets the IP type-of-service (TOS) option for the telnet
-connection to the value
-.Ar tos,
-which can be a numeric TOS value
-or, on systems that support it, a symbolic
-TOS name found in the /etc/iptos file.
-.It Fl X Ar atype 
-Disables the
-.Ar atype
-type of authentication.
-.It Fl a
-Attempt automatic login.
-Currently, this sends the user name via the
-.Ev USER
-variable
-of the
-.Ev ENVIRON
-option if supported by the remote system.
-The name used is that of the current user as returned by
-.Xr getlogin 2
-if it agrees with the current user ID,
-otherwise it is the name associated with the user ID.
-.It Fl c
-Disables the reading of the user's
-.Pa \&.telnetrc
-file.  (See the
-.Ic toggle skiprc
-command on this man page.)
-.It Fl d
-Sets the initial value of the
-.Ic debug
-toggle to
-.Dv TRUE
-.It Fl e Ar escape char 
-Sets the initial
-.Nm
-.Nm telnet
-escape character to
-.Ar escape char.
-If
-.Ar escape char
-is omitted, then
-there will be no escape character.
-.It Fl f
-If Kerberos V5 authentication is being used, the
-.Fl f
-option allows the local credentials to be forwarded to the remote system.
-.ne 1i
-.It Fl k Ar realm
-If Kerberos authentication is being used, the
-.Fl k
-option requests that telnet obtain tickets for the remote host in
-realm realm instead of the remote host's realm, as determined
-by
-.Xr krb_realmofhost 3 .
-.It Fl l Ar user 
-When connecting to the remote system, if the remote system
-understands the
-.Ev ENVIRON
-option, then
-.Ar user
-will be sent to the remote system as the value for the variable USER.
-This option implies the
-.Fl a
-option.
-This option may also be used with the
-.Ic open
-command.
-.It Fl n Ar tracefile 
-Opens
-.Ar tracefile
-for recording trace information.
-See the
-.Ic set tracefile
-command below.
-.It Fl r
-Specifies a user interface similar to
-.Xr rlogin 1 .
-In this
-mode, the escape character is set to the tilde (~) character,
-unless modified by the -e option.
-.It Fl x
-Turns on encryption of the data stream if possible.  This
-option is not available outside of the United States and
-Canada.
-.It Ar host
-Indicates the official name, an alias, or the Internet address
-of a remote host.
-.It Ar port
-Indicates a port number (address of an application).  If a number is
-not specified, the default
-.Nm telnet
-port is used.
-.El
-.Pp
-When in rlogin mode, a line of the form ~.  disconnects from the
-remote host; ~ is the telnet escape character.
-Similarly, the line ~^Z suspends the telnet session.
-The line ~^] escapes to the normal telnet escape prompt.
-.Pp
-Once a connection has been opened,
-.Nm telnet
-will attempt to enable the
-.Dv TELNET LINEMODE
-option.
-If this fails, then
-.Nm telnet
-will revert to one of two input modes:
-either \*(Lqcharacter at a time\*(Rq
-or \*(Lqold line by line\*(Rq
-depending on what the remote system supports.
-.Pp
-When 
-.Dv LINEMODE
-is enabled, character processing is done on the
-local system, under the control of the remote system.  When input
-editing or character echoing is to be disabled, the remote system
-will relay that information.  The remote system will also relay
-changes to any special characters that happen on the remote
-system, so that they can take effect on the local system.
-.Pp
-In \*(Lqcharacter at a time\*(Rq mode, most
-text typed is immediately sent to the remote host for processing.
-.Pp
-In \*(Lqold line by line\*(Rq mode, all text is echoed locally,
-and (normally) only completed lines are sent to the remote host.
-The \*(Lqlocal echo character\*(Rq (initially \*(Lq^E\*(Rq) may be used
-to turn off and on the local echo
-(this would mostly be used to enter passwords
-without the password being echoed).
-.Pp
-If the 
-.Dv LINEMODE
-option is enabled, or if the
-.Ic localchars
-toggle is
-.Dv TRUE
-(the default for \*(Lqold line by line\*(Lq; see below),
-the user's
-.Ic quit  ,
-.Ic intr ,
-and
-.Ic flush
-characters are trapped locally, and sent as
-.Tn TELNET
-protocol sequences to the remote side.
-If 
-.Dv LINEMODE
-has ever been enabled, then the user's
-.Ic susp
-and
-.Ic eof
-are also sent as
-.Tn TELNET
-protocol sequences,
-and
-.Ic quit
-is sent as a 
-.Dv TELNET ABORT
-instead of 
-.Dv BREAK
-There are options (see
-.Ic toggle
-.Ic autoflush
-and
-.Ic toggle
-.Ic autosynch
-below)
-which cause this action to flush subsequent output to the terminal
-(until the remote host acknowledges the
-.Tn TELNET
-sequence) and flush previous terminal input
-(in the case of
-.Ic quit
-and
-.Ic intr  ) .
-.Pp
-While connected to a remote host,
-.Nm telnet
-command mode may be entered by typing the
-.Nm telnet
-\*(Lqescape character\*(Rq (initially \*(Lq^]\*(Rq).
-When in command mode, the normal terminal editing conventions are available.
-.Pp
-The following
-.Nm telnet
-commands are available.
-Only enough of each command to uniquely identify it need be typed
-(this is also true for arguments to the
-.Ic mode  ,
-.Ic set ,
-.Ic toggle  ,
-.Ic unset ,
-.Ic slc  ,
-.Ic environ ,
-and
-.Ic display
-commands).
-.Pp
-.Bl -tag -width "mode type"
-.It Ic auth Ar argument ... 
-The auth command manipulates the information sent through the
-.Dv TELNET AUTHENTICATE
-option.  Valid arguments for the
-auth command are as follows:
-.Bl -tag -width "disable type"
-.It Ic disable Ar type
-Disables the specified type of authentication.  To
-obtain a list of available types, use the
-.Ic auth disable \&?
-command.
-.It Ic enable Ar type
-Enables the specified type of authentication.  To
-obtain a list of available types, use the
-.Ic auth enable \&?
-command.
-.It Ic status
-Lists the current status of the various types of
-authentication.
-.El
-.It Ic close
-Close a
-.Tn TELNET
-session and return to command mode.
-.It Ic display Ar argument ... 
-Displays all, or some, of the
-.Ic set
-and
-.Ic toggle
-values (see below).
-.It Ic encrypt Ar argument ...
-The encrypt command manipulates the information sent through the
-.Dv TELNET ENCRYPT
-option.
-.Pp
-Note:  Because of export controls, the
-.Dv TELNET ENCRYPT
-option is not supported outside of the United States and Canada.
-.Pp
-Valid arguments for the encrypt command are as follows:
-.Bl -tag -width Ar
-.It Ic disable Ar type Ic [input|output]
-Disables the specified type of encryption.  If you
-omit the input and output, both input and output
-are disabled.  To obtain a list of available
-types, use the
-.Ic encrypt disable \&?
-command.
-.It Ic enable Ar type Ic [input|output]
-Enables the specified type of encryption.  If you
-omit input and output, both input and output are
-enabled.  To obtain a list of available types, use the
-.Ic encrypt enable \&?
-command.
-.It Ic input
-This is the same as the
-.Ic encrypt start input
-command.
-.It Ic -input
-This is the same as the
-.Ic encrypt stop input
-command.
-.It Ic output
-This is the same as the
-.Ic encrypt start output
-command.
-.It Ic -output
-This is the same as the
-.Ic encrypt stop output
-command.
-.It Ic start Ic [input|output]
-Attempts to start encryption.  If you omit
-.Ic input
-and
-.Ic output,
-both input and output are enabled.  To
-obtain a list of available types, use the
-.Ic encrypt enable \&?
-command.
-.It Ic status
-Lists the current status of encryption.
-.It Ic stop Ic [input|output]
-Stops encryption.  If you omit input and output,
-encryption is on both input and output.
-.It Ic type Ar type
-Sets the default type of encryption to be used
-with later
-.Ic encrypt start
-or
-.Ic encrypt stop
-commands.
-.El
-.It Ic environ Ar arguments... 
-The
-.Ic environ
-command is used to manipulate the
-the variables that my be sent through the
-.Dv TELNET ENVIRON
-option.
-The initial set of variables is taken from the users
-environment, with only the
-.Ev DISPLAY
-and
-.Ev PRINTER
-variables being exported by default.
-The
-.Ev USER
-variable is also exported if the
-.Fl a
-or
-.Fl l
-options are used.
-.br
-Valid arguments for the
-.Ic environ
-command are:
-.Bl -tag -width Fl
-.It Ic define Ar variable value 
-Define the variable
-.Ar variable
-to have a value of
-.Ar value.
-Any variables defined by this command are automatically exported.
-The
-.Ar value
-may be enclosed in single or double quotes so
-that tabs and spaces may be included.
-.It Ic undefine Ar variable 
-Remove
-.Ar variable
-from the list of environment variables.
-.It Ic export Ar variable 
-Mark the variable
-.Ar variable
-to be exported to the remote side.
-.It Ic unexport Ar variable 
-Mark the variable
-.Ar variable
-to not be exported unless
-explicitly asked for by the remote side.
-.It Ic list
-List the current set of environment variables.
-Those marked with a
-.Cm *
-will be sent automatically,
-other variables will only be sent if explicitly requested.
-.It Ic \&?
-Prints out help information for the
-.Ic environ
-command.
-.El
-.It Ic logout
-Sends the
-.Dv TELNET LOGOUT
-option to the remote side.
-This command is similar to a
-.Ic close
-command; however, if the remote side does not support the
-.Dv LOGOUT
-option, nothing happens.
-If, however, the remote side does support the
-.Dv LOGOUT
-option, this command should cause the remote side to close the
-.Tn TELNET
-connection.
-If the remote side also supports the concept of
-suspending a user's session for later reattachment,
-the logout argument indicates that you
-should terminate the session immediately.
-.It Ic mode Ar type 
-.Ar Type
-is one of several options, depending on the state of the
-.Tn TELNET
-session.
-The remote host is asked for permission to go into the requested mode.
-If the remote host is capable of entering that mode, the requested
-mode will be entered.
-.Bl -tag -width Ar
-.It Ic character
-Disable the
-.Dv TELNET LINEMODE
-option, or, if the remote side does not understand the
-.Dv LINEMODE
-option, then enter \*(Lqcharacter at a time\*(Lq mode.
-.It Ic line
-Enable the
-.Dv TELNET LINEMODE
-option, or, if the remote side does not understand the
-.Dv LINEMODE
-option, then attempt to enter \*(Lqold-line-by-line\*(Lq mode.
-.It Ic isig Pq Ic \-isig 
-Attempt to enable (disable) the 
-.Dv TRAPSIG
-mode of the 
-.Dv LINEMODE
-option.
-This requires that the 
-.Dv LINEMODE
-option be enabled.
-.It Ic edit Pq Ic \-edit 
-Attempt to enable (disable) the 
-.Dv EDIT
-mode of the 
-.Dv LINEMODE
-option.
-This requires that the 
-.Dv LINEMODE
-option be enabled.
-.It Ic softtabs Pq Ic \-softtabs 
-Attempt to enable (disable) the 
-.Dv SOFT_TAB
-mode of the 
-.Dv LINEMODE
-option.
-This requires that the 
-.Dv LINEMODE
-option be enabled.
-.ne 1i
-.It Ic litecho Pq Ic \-litecho 
-Attempt to enable (disable) the 
-.Dv LIT_ECHO
-mode of the 
-.Dv LINEMODE
-option.
-This requires that the 
-.Dv LINEMODE
-option be enabled.
-.It Ic \&?
-Prints out help information for the
-.Ic mode
-command.
-.El
-.It Xo
-.Ic open Ar host
-.Oo Op Fl l
-.Ar user
-.Oc Ns Oo Fl
-.Ar port Oc
-.Xc
-Open a connection to the named host.
-If no port number
-is specified,
-.Nm telnet
-will attempt to contact a
-.Tn TELNET
-server at the default port.
-The host specification may be either a host name (see
-.Xr hosts  5  )
-or an Internet address specified in the \*(Lqdot notation\*(Rq (see
-.Xr inet 3 ) .
-The
-.Op Fl l
-option may be used to specify the user name
-to be passed to the remote system via the
-.Ev ENVIRON
-option.
-When connecting to a non-standard port,
-.Nm telnet
-omits any automatic initiation of
-.Tn TELNET
-options.  When the port number is preceded by a minus sign,
-the initial option negotiation is done.
-After establishing a connection, the file
-.Pa \&.telnetrc
-in the
-users home directory is opened.  Lines beginning with a # are
-comment lines.  Blank lines are ignored.  Lines that begin
-without white space are the start of a machine entry.  The
-first thing on the line is the name of the machine that is
-being connected to.  The rest of the line, and successive
-lines that begin with white space are assumed to be
-.Nm telnet
-commands and are processed as if they had been typed
-in manually to the
-.Nm telnet
-command prompt.
-.It Ic quit
-Close any open
-.Tn TELNET
-session and exit
-.Nm telnet  .
-An end of file (in command mode) will also close a session and exit.
-.It Ic send Ar arguments 
-Sends one or more special character sequences to the remote host.
-The following are the arguments which may be specified
-(more than one argument may be specified at a time):
-.Pp
-.Bl -tag -width escape
-.It Ic abort
-Sends the
-.Dv TELNET ABORT
-(Abort
-processes)
-sequence.
-.It Ic ao
-Sends the
-.Dv TELNET AO
-(Abort Output) sequence, which should cause the remote system to flush
-all output
-.Em from
-the remote system
-.Em to
-the user's terminal.
-.It Ic ayt
-Sends the
-.Dv TELNET AYT
-(Are You There)
-sequence, to which the remote system may or may not choose to respond.
-.It Ic brk
-Sends the
-.Dv TELNET BRK
-(Break) sequence, which may have significance to the remote
-system.
-.It Ic ec
-Sends the
-.Dv TELNET EC
-(Erase Character)
-sequence, which should cause the remote system to erase the last character
-entered.
-.It Ic el
-Sends the
-.Dv TELNET EL
-(Erase Line)
-sequence, which should cause the remote system to erase the line currently
-being entered.
-.It Ic eof
-Sends the
-.Dv TELNET EOF
-(End Of File)
-sequence.
-.It Ic eor
-Sends the
-.Dv TELNET EOR
-(End of Record)
-sequence.
-.It Ic escape
-Sends the current
-.Nm telnet
-escape character (initially \*(Lq^\*(Rq).
-.It Ic ga
-Sends the
-.Dv TELNET GA
-(Go Ahead)
-sequence, which likely has no significance to the remote system.
-.It Ic getstatus
-If the remote side supports the
-.Dv TELNET STATUS
-command,
-.Ic getstatus
-will send the subnegotiation to request that the server send
-its current option status.
-.ne 1i
-.It Ic ip
-Sends the
-.Dv TELNET IP
-(Interrupt Process) sequence, which should cause the remote
-system to abort the currently running process.
-.It Ic nop
-Sends the
-.Dv TELNET NOP
-(No OPeration)
-sequence.
-.It Ic susp
-Sends the
-.Dv TELNET SUSP
-(SUSPend process)
-sequence.
-.It Ic synch
-Sends the
-.Dv TELNET SYNCH
-sequence.
-This sequence causes the remote system to discard all previously typed
-(but not yet read) input.
-This sequence is sent as
-.Tn TCP
-urgent
-data (and may not work if the remote system is a
-.Bx 4.2
-system -- if
-it doesn't work, a lower case \*(Lqr\*(Rq may be echoed on the terminal).
-.It Ic do Ar cmd
-.It Ic dont Ar cmd
-.It Ic will Ar cmd
-.It Ic wont Ar cmd
-Sends the
-.Dv TELNET DO
-.Ar cmd
-sequence.
-.Ar Cmd
-can be either a decimal number between 0 and 255,
-or a symbolic name for a specific
-.Dv TELNET
-command.
-.Ar Cmd
-can also be either
-.Ic help
-or
-.Ic \&?
-to print out help information, including
-a list of known symbolic names.
-.It Ic \&?
-Prints out help information for the
-.Ic send
-command.
-.El
-.It Ic set Ar argument value 
-.It Ic unset Ar argument value 
-The
-.Ic set
-command will set any one of a number of
-.Nm telnet
-variables to a specific value or to
-.Dv TRUE .
-The special value
-.Ic off
-turns off the function associated with
-the variable, this is equivalent to using the
-.Ic unset
-command.
-The
-.Ic unset
-command will disable or set to
-.Dv FALSE
-any of the specified functions.
-The values of variables may be interrogated with the
-.Ic display
-command.
-The variables which may be set or unset, but not toggled, are
-listed here.  In addition, any of the variables for the
-.Ic toggle
-command may be explicitly set or unset using
-the
-.Ic set
-and
-.Ic unset
-commands.
-.Bl -tag -width escape
-.It Ic ayt
-If
-.Tn TELNET
-is in localchars mode, or
-.Dv LINEMODE
-is enabled, and the status character is typed, a
-.Dv TELNET AYT
-sequence (see
-.Ic send ayt
-preceding) is sent to the
-remote host.  The initial value for the "Are You There"
-character is the terminal's status character.
-.It Ic echo
-This is the value (initially \*(Lq^E\*(Rq) which, when in
-\*(Lqline by line\*(Rq mode, toggles between doing local echoing
-of entered characters (for normal processing), and suppressing
-echoing of entered characters (for entering, say, a password).
-.It Ic eof
-If
-.Nm telnet
-is operating in
-.Dv LINEMODE
-or \*(Lqold line by line\*(Rq mode, entering this character
-as the first character on a line will cause this character to be
-sent to the remote system.
-The initial value of the eof character is taken to be the terminal's
-.Ic eof
-character.
-.It Ic erase
-If
-.Nm telnet
-is in
-.Ic localchars
-mode (see
-.Ic toggle
-.Ic localchars
-below),
-.Sy and
-if
-.Nm telnet
-is operating in \*(Lqcharacter at a time\*(Rq mode, then when this
-character is typed, a
-.Dv TELNET EC
-sequence (see
-.Ic send
-.Ic ec
-above)
-is sent to the remote system.
-The initial value for the erase character is taken to be
-the terminal's
-.Ic erase
-character.
-.It Ic escape
-This is the
-.Nm telnet
-escape character (initially \*(Lq^[\*(Rq) which causes entry
-into
-.Nm telnet
-command mode (when connected to a remote system).
-.It Ic flushoutput
-If
-.Nm telnet
-is in
-.Ic localchars
-mode (see
-.Ic toggle
-.Ic localchars
-below)
-and the
-.Ic flushoutput
-character is typed, a
-.Dv TELNET AO
-sequence (see
-.Ic send
-.Ic ao
-above)
-is sent to the remote host.
-The initial value for the flush character is taken to be
-the terminal's
-.Ic flush
-character.
-.It Ic forw1
-.It Ic forw2
-If
-.Tn TELNET
-is operating in
-.Dv LINEMODE ,
-these are the
-characters that, when typed, cause partial lines to be
-forwarded to the remote system.  The initial value for
-the forwarding characters are taken from the terminal's
-eol and eol2 characters.
-.It Ic interrupt
-If
-.Nm telnet
-is in
-.Ic localchars
-mode (see
-.Ic toggle
-.Ic localchars
-below)
-and the
-.Ic interrupt
-character is typed, a
-.Dv TELNET IP
-sequence (see
-.Ic send
-.Ic ip
-above)
-is sent to the remote host.
-The initial value for the interrupt character is taken to be
-the terminal's
-.Ic intr
-character.
-.It Ic kill
-If
-.Nm telnet
-is in
-.Ic localchars
-mode (see
-.Ic toggle
-.Ic localchars
-below),
-.Ic and
-if
-.Nm telnet
-is operating in \*(Lqcharacter at a time\*(Rq mode, then when this
-character is typed, a
-.Dv TELNET EL
-sequence (see
-.Ic send
-.Ic el
-above)
-is sent to the remote system.
-The initial value for the kill character is taken to be
-the terminal's
-.Ic kill
-character.
-.It Ic lnext
-If
-.Nm telnet
-is operating in
-.Dv LINEMODE
-or \*(Lqold line by line\*(Lq mode, then this character is taken to
-be the terminal's
-.Ic lnext
-character.
-The initial value for the lnext character is taken to be
-the terminal's
-.Ic lnext
-character.
-.It Ic quit
-If
-.Nm telnet
-is in
-.Ic localchars
-mode (see
-.Ic toggle
-.Ic localchars
-below)
-and the
-.Ic quit
-character is typed, a
-.Dv TELNET BRK
-sequence (see
-.Ic send
-.Ic brk
-above)
-is sent to the remote host.
-The initial value for the quit character is taken to be
-the terminal's
-.Ic quit
-character.
-.It Ic reprint
-If
-.Nm telnet
-is operating in
-.Dv LINEMODE
-or \*(Lqold line by line\*(Lq mode, then this character is taken to
-be the terminal's
-.Ic reprint
-character.
-The initial value for the reprint character is taken to be
-the terminal's
-.Ic reprint
-character.
-.It Ic rlogin
-This is the rlogin escape character.
-If set, the normal
-.Tn TELNET
-escape character is ignored unless it is
-preceded by this character at the beginning of a line.
-This character, at the beginning of a line followed by
-a "."  closes the connection; when followed by a ^Z it
-suspends the telnet command.  The initial state is to
-disable the rlogin escape character.
-.It Ic start
-If the
-.Dv TELNET TOGGLE-FLOW-CONTROL
-option has been enabled,
-then this character is taken to
-be the terminal's
-.Ic start
-character.
-The initial value for the kill character is taken to be
-the terminal's
-.Ic start
-character.
-.It Ic stop
-If the
-.Dv TELNET TOGGLE-FLOW-CONTROL
-option has been enabled,
-then this character is taken to
-be the terminal's
-.Ic stop
-character.
-The initial value for the kill character is taken to be
-the terminal's
-.Ic stop
-character.
-.It Ic susp
-If
-.Nm telnet
-is in
-.Ic localchars
-mode, or
-.Dv LINEMODE
-is enabled, and the
-.Ic suspend
-character is typed, a
-.Dv TELNET SUSP
-sequence (see
-.Ic send
-.Ic susp
-above)
-is sent to the remote host.
-The initial value for the suspend character is taken to be
-the terminal's
-.Ic suspend
-character.
-.ne 1i
-.It Ic tracefile
-This is the file to which the output, caused by
-.Ic netdata
-or
-.Ic option
-tracing being
-.Dv TRUE ,
-will be written.  If it is set to
-.Dq Fl ,
-then tracing information will be written to standard output (the default).
-.It Ic worderase
-If
-.Nm telnet
-is operating in
-.Dv LINEMODE
-or \*(Lqold line by line\*(Lq mode, then this character is taken to
-be the terminal's
-.Ic worderase
-character.
-The initial value for the worderase character is taken to be
-the terminal's
-.Ic worderase
-character.
-.It Ic \&?
-Displays the legal
-.Ic set
-.Pq Ic unset
-commands.
-.El
-.It Ic slc Ar state 
-The
-.Ic slc
-command (Set Local Characters) is used to set
-or change the state of the the special
-characters when the 
-.Dv TELNET LINEMODE
-option has
-been enabled.  Special characters are characters that get
-mapped to 
-.Tn TELNET
-commands sequences (like
-.Ic ip
-or
-.Ic quit  )
-or line editing characters (like
-.Ic erase
-and
-.Ic kill  ) .
-By default, the local special characters are exported.
-.Bl -tag -width Fl
-.It Ic check
-Verify the current settings for the current special characters.
-The remote side is requested to send all the current special
-character settings, and if there are any discrepancies with
-the local side, the local side will switch to the remote value.
-.It Ic export
-Switch to the local defaults for the special characters.  The
-local default characters are those of the local terminal at
-the time when
-.Nm telnet
-was started.
-.It Ic import
-Switch to the remote defaults for the special characters.
-The remote default characters are those of the remote system
-at the time when the 
-.Tn TELNET
-connection was established.
-.It Ic \&?
-Prints out help information for the
-.Ic slc
-command.
-.El
-.It Ic status
-Show the current status of
-.Nm telnet  .
-This includes the peer one is connected to, as well
-as the current mode.
-.It Ic toggle Ar arguments ... 
-Toggle (between
-.Dv TRUE
-and
-.Dv FALSE )
-various flags that control how
-.Nm telnet
-responds to events.
-These flags may be set explicitly to
-.Dv TRUE
-or
-.Dv FALSE
-using the
-.Ic set
-and
-.Ic unset
-commands listed above.
-More than one argument may be specified.
-The state of these flags may be interrogated with the
-.Ic display
-command.
-Valid arguments are:
-.Bl -tag -width Ar
-.It Ic authdebug
-Turns on debugging information for the authentication code.
-.It Ic autoflush
-If
-.Ic autoflush
-and
-.Ic localchars
-are both
-.Dv TRUE ,
-then when the
-.Ic ao  ,
-or
-.Ic quit
-characters are recognized (and transformed into
-.Tn TELNET
-sequences; see
-.Ic set
-above for details),
-.Nm telnet
-refuses to display any data on the user's terminal
-until the remote system acknowledges (via a
-.Dv TELNET TIMING MARK
-option)
-that it has processed those
-.Tn TELNET
-sequences.
-The initial value for this toggle is
-.Dv TRUE
-if the terminal user had not
-done an "stty noflsh", otherwise
-.Dv FALSE
-(see
-.Xr stty  1  ) .
-.It Ic autodecrypt
-When the
-.Dv TELNET ENCRYPT
-option is negotiated, by
-default the actual encryption (decryption) of the data
-stream does not start automatically.  The autoencrypt
-(autodecrypt) command states that encryption of the
-output (input) stream should be enabled as soon as
-possible.
-.sp
-.Pp
-Note:  Because of export controls, the
-.Dv TELNET ENCRYPT
-option is not supported outside the United States and Canada.
-.It Ic autologin
-If the remote side supports the
-.Dv TELNET AUTHENTICATION
-option
-.Tn TELNET
-attempts to use it to perform automatic authentication.  If the
-.Dv AUTHENTICATION
-option is not supported, the user's login
-name are propagated through the
-.Dv TELNET ENVIRON
-option.
-This command is the same as specifying
-.Ar a
-option on the
-.Ic open
-command.
-.It Ic autosynch
-If
-.Ic autosynch
-and
-.Ic localchars
-are both
-.Dv TRUE ,
-then when either the
-.Ic intr
-or
-.Ic quit
-characters is typed (see
-.Ic set
-above for descriptions of the
-.Ic intr
-and
-.Ic quit
-characters), the resulting
-.Tn TELNET
-sequence sent is followed by the
-.Dv TELNET SYNCH
-sequence.
-This procedure
-.Ic should
-cause the remote system to begin throwing away all previously
-typed input until both of the
-.Tn TELNET
-sequences have been read and acted upon.
-The initial value of this toggle is
-.Dv FALSE .
-.It Ic binary
-Enable or disable the
-.Dv TELNET BINARY
-option on both input and output.
-.It Ic inbinary
-Enable or disable the
-.Dv TELNET BINARY
-option on input.
-.It Ic outbinary
-Enable or disable the
-.Dv TELNET BINARY
-option on output.
-.It Ic crlf
-If this is
-.Dv TRUE ,
-then carriage returns will be sent as
-.Li <CR><LF> .
-If this is
-.Dv FALSE ,
-then carriage returns will be send as
-.Li <CR><NUL> .
-The initial value for this toggle is
-.Dv FALSE .
-.It Ic crmod
-Toggle carriage return mode.
-When this mode is enabled, most carriage return characters received from
-the remote host will be mapped into a carriage return followed by
-a line feed.
-This mode does not affect those characters typed by the user, only
-those received from the remote host.
-This mode is not very useful unless the remote host
-only sends carriage return, but never line feed.
-The initial value for this toggle is
-.Dv FALSE .
-.It Ic debug
-Toggles socket level debugging (useful only to the
-.Ic super user  ) .
-The initial value for this toggle is
-.Dv FALSE .
-.It Ic encdebug
-Turns on debugging information for the encryption code.
-.It Ic localchars
-If this is
-.Dv TRUE ,
-then the
-.Ic flush  ,
-.Ic interrupt ,
-.Ic quit  ,
-.Ic erase ,
-and
-.Ic kill
-characters (see
-.Ic set
-above) are recognized locally, and transformed into (hopefully) appropriate
-.Tn TELNET
-control sequences
-(respectively
-.Ic ao  ,
-.Ic ip ,
-.Ic brk  ,
-.Ic ec ,
-and
-.Ic el  ;
-see
-.Ic send
-above).
-The initial value for this toggle is
-.Dv TRUE
-in \*(Lqold line by line\*(Rq mode,
-and
-.Dv FALSE
-in \*(Lqcharacter at a time\*(Rq mode.
-When the
-.Dv LINEMODE
-option is enabled, the value of
-.Ic localchars
-is ignored, and assumed to always be
-.Dv TRUE .
-If
-.Dv LINEMODE
-has ever been enabled, then
-.Ic quit
-is sent as
-.Ic abort  ,
-and
-.Ic eof and
-.B suspend
-are sent as
-.Ic eof and
-.Ic susp ,
-see
-.Ic send
-above).
-.It Ic netdata
-Toggles the display of all network data (in hexadecimal format).
-The initial value for this toggle is
-.Dv FALSE .
-.It Ic options
-Toggles the display of some internal
-.Nm telnet
-protocol processing (having to do with
-.Tn TELNET
-options).
-The initial value for this toggle is
-.Dv FALSE .
-.ne 1i
-.It Ic prettydump
-When the
-.Ic netdata
-toggle is enabled, if
-.Ic prettydump
-is enabled the output from the
-.Ic netdata
-command will be formatted in a more user readable format.
-Spaces are put between each character in the output, and the
-beginning of any
-.Tn TELNET
-escape sequence is preceded by a '*' to aid in locating them.
-.It Ic skiprc
-When the skiprc toggle is
-.Dv TRUE ,
-.Tn TELNET
-skips the reading of the
-.Pa \&.telnetrc
-file in the users home
-directory when connections are opened.  The initial
-value for this toggle is
-.Dv FALSE.
-.It Ic termdata
-Toggles the display of all terminal data (in hexadecimal format).
-The initial value for this toggle is
-.Dv FALSE .
-.It Ic verbose_encrypt
-When the
-.Ic verbose_encrypt
-toggle is
-.Dv TRUE ,
-.Tn TELNET
-prints out a message each time encryption is enabled or
-disabled.  The initial value for this toggle is
-.Dv FALSE.
-Note:  Because of export controls, data encryption
-is not supported outside of the United States and Canada.
-.It Ic \&?
-Displays the legal
-.Ic toggle
-commands.
-.El
-.It Ic z
-Suspend
-.Nm telnet  .
-This command only works when the user is using the
-.Xr csh  1  .
-.It Ic \&! Op Ar command 
-Execute a single command in a subshell on the local
-system.  If
-.Ic command
-is omitted, then an interactive
-subshell is invoked.
-.It Ic \&? Op Ar command 
-Get help.  With no arguments,
-.Nm telnet
-prints a help summary.
-If a command is specified,
-.Nm telnet
-will print the help information for just that command.
-.El
-.Sh ENVIRONMENT
-.Nm Telnet
-uses at least the
-.Ev HOME ,
-.Ev SHELL ,
-.Ev DISPLAY ,
-and
-.Ev TERM
-environment variables.
-Other environment variables may be propagated
-to the other side via the
-.Dv TELNET ENVIRON
-option.
-.Sh FILES
-.Bl -tag -width ~/.telnetrc -compact
-.It Pa ~/.telnetrc
-user customized telnet startup values
-.El
-.Sh HISTORY
-The
-.Nm Telnet
-command appeared in
-.Bx 4.2 .
-.Sh NOTES
-.Pp
-On some remote systems, echo has to be turned off manually when in
-\*(Lqold line by line\*(Rq mode.
-.Pp
-In \*(Lqold line by line\*(Rq mode or 
-.Dv LINEMODE
-the terminal's
-.Ic eof
-character is only recognized (and sent to the remote system)
-when it is the first character on a line.
diff --git a/crypto/telnet/telnet/telnet.c b/crypto/telnet/telnet/telnet.c
deleted file mode 100644
index 1c1ee333fa72..000000000000
--- a/crypto/telnet/telnet/telnet.c
+++ /dev/null
@@ -1,2662 +0,0 @@
-/*
- * Copyright (c) 1988, 1990, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef lint
-static const char sccsid[] = "@(#)telnet.c	8.4 (Berkeley) 5/30/95";
-#endif /* not lint */
-
-#include <sys/types.h>
-
-#if	defined(unix)
-#include <signal.h>
-/* By the way, we need to include curses.h before telnet.h since,
- * among other things, telnet.h #defines 'DO', which is a variable
- * declared in curses.h.
- */
-#endif	/* defined(unix) */
-
-#include <arpa/telnet.h>
-
-#include <ctype.h>
-
-#include <stdlib.h>
-#include <unistd.h>
-#include <termcap.h>
-
-#include "ring.h"
-
-#include "defines.h"
-#include "externs.h"
-#include "types.h"
-#include "general.h"
-
-#if	defined(AUTHENTICATION)
-#include <libtelnet/auth.h>
-#endif
-#if	defined(ENCRYPTION)
-#include <libtelnet/encrypt.h>
-#endif
-#include <libtelnet/misc.h>
-
-#define	strip(x) ((my_want_state_is_wont(TELOPT_BINARY)) ? ((x)&0x7f) : (x))
-
-static unsigned char	subbuffer[SUBBUFSIZE],
-			*subpointer, *subend;	 /* buffer for sub-options */
-#define	SB_CLEAR()	subpointer = subbuffer;
-#define	SB_TERM()	{ subend = subpointer; SB_CLEAR(); }
-#define	SB_ACCUM(c)	if (subpointer < (subbuffer+sizeof subbuffer)) { \
-				*subpointer++ = (c); \
-			}
-
-#define	SB_GET()	((*subpointer++)&0xff)
-#define	SB_PEEK()	((*subpointer)&0xff)
-#define	SB_EOF()	(subpointer >= subend)
-#define	SB_LEN()	(subend - subpointer)
-
-char	options[256];		/* The combined options */
-char	do_dont_resp[256];
-char	will_wont_resp[256];
-
-int
-	eight = 0,
-	autologin = 0,	/* Autologin anyone? */
-	skiprc = 0,
-	connected,
-	showoptions,
-	In3270,		/* Are we in 3270 mode? */
-	ISend,		/* trying to send network data in */
-	debug = 0,
-	crmod,
-	netdata,	/* Print out network data flow */
-	crlf,		/* Should '\r' be mapped to <CR><LF> (or <CR><NUL>)? */
-#if	defined(TN3270)
-	noasynchtty = 0,/* User specified "-noasynch" on command line */
-	noasynchnet = 0,/* User specified "-noasynch" on command line */
-	askedSGA = 0,	/* We have talked about suppress go ahead */
-#endif	/* defined(TN3270) */
-	telnetport,
-	SYNCHing,	/* we are in TELNET SYNCH mode */
-	flushout,	/* flush output */
-	autoflush = 0,	/* flush output when interrupting? */
-	autosynch,	/* send interrupt characters with SYNCH? */
-	localflow,	/* we handle flow control locally */
-	restartany,	/* if flow control enabled, restart on any character */
-	localchars,	/* we recognize interrupt/quit */
-	donelclchars,	/* the user has set "localchars" */
-	donebinarytoggle,	/* the user has put us in binary */
-	dontlecho,	/* do we suppress local echoing right now? */
-	globalmode,
-	clienteof = 0;
-
-char *prompt = 0;
-
-cc_t escape;
-cc_t rlogin;
-#ifdef	KLUDGELINEMODE
-cc_t echoc;
-#endif
-
-/*
- * Telnet receiver states for fsm
- */
-#define	TS_DATA		0
-#define	TS_IAC		1
-#define	TS_WILL		2
-#define	TS_WONT		3
-#define	TS_DO		4
-#define	TS_DONT		5
-#define	TS_CR		6
-#define	TS_SB		7		/* sub-option collection */
-#define	TS_SE		8		/* looking for sub-option end */
-
-static int	telrcv_state;
-#ifdef	OLD_ENVIRON
-unsigned char telopt_environ = TELOPT_NEW_ENVIRON;
-#else
-# define telopt_environ TELOPT_NEW_ENVIRON
-#endif
-
-jmp_buf	toplevel = { 0 };
-jmp_buf	peerdied;
-
-int	flushline;
-int	linemode;
-
-#ifdef	KLUDGELINEMODE
-int	kludgelinemode = 1;
-#endif
-
-/*
- * The following are some clocks used to decide how to interpret
- * the relationship between various variables.
- */
-
-Clocks clocks;
-
-#ifdef	notdef
-Modelist modelist[] = {
-	{ "telnet command mode", COMMAND_LINE },
-	{ "character-at-a-time mode", 0 },
-	{ "character-at-a-time mode (local echo)", LOCAL_ECHO|LOCAL_CHARS },
-	{ "line-by-line mode (remote echo)", LINE | LOCAL_CHARS },
-	{ "line-by-line mode", LINE | LOCAL_ECHO | LOCAL_CHARS },
-	{ "line-by-line mode (local echoing suppressed)", LINE | LOCAL_CHARS },
-	{ "3270 mode", 0 },
-};
-#endif
-
-
-/*
- * Initialize telnet environment.
- */
-
-    void
-init_telnet()
-{
-    env_init();
-
-    SB_CLEAR();
-    ClearArray(options);
-
-    connected = In3270 = ISend = localflow = donebinarytoggle = 0;
-#if	defined(AUTHENTICATION) || defined(ENCRYPTION)
-    auth_encrypt_connect(connected);
-#endif	/* defined(AUTHENTICATION) || defined(ENCRYPTION)  */
-    restartany = -1;
-
-    SYNCHing = 0;
-
-    /* Don't change NetTrace */
-
-    escape = CONTROL(']');
-    rlogin = _POSIX_VDISABLE;
-#ifdef	KLUDGELINEMODE
-    echoc = CONTROL('E');
-#endif
-
-    flushline = 1;
-    telrcv_state = TS_DATA;
-}
-
-
-#ifdef	notdef
-#include <varargs.h>
-
-    /*VARARGS*/
-    static void
-printring(va_alist)
-    va_dcl
-{
-    va_list ap;
-    char buffer[100];		/* where things go */
-    char *ptr;
-    char *format;
-    char *string;
-    Ring *ring;
-    int i;
-
-    va_start(ap);
-
-    ring = va_arg(ap, Ring *);
-    format = va_arg(ap, char *);
-    ptr = buffer;
-
-    while ((i = *format++) != 0) {
-	if (i == '%') {
-	    i = *format++;
-	    switch (i) {
-	    case 'c':
-		*ptr++ = va_arg(ap, int);
-		break;
-	    case 's':
-		string = va_arg(ap, char *);
-		ring_supply_data(ring, buffer, ptr-buffer);
-		ring_supply_data(ring, string, strlen(string));
-		ptr = buffer;
-		break;
-	    case 0:
-		ExitString("printring: trailing %%.\n", 1);
-		/*NOTREACHED*/
-	    default:
-		ExitString("printring: unknown format character.\n", 1);
-		/*NOTREACHED*/
-	    }
-	} else {
-	    *ptr++ = i;
-	}
-    }
-    ring_supply_data(ring, buffer, ptr-buffer);
-}
-#endif
-
-/*
- * These routines are in charge of sending option negotiations
- * to the other side.
- *
- * The basic idea is that we send the negotiation if either side
- * is in disagreement as to what the current state should be.
- */
-
-    void
-send_do(c, init)
-    register int c, init;
-{
-    if (init) {
-	if (((do_dont_resp[c] == 0) && my_state_is_do(c)) ||
-				my_want_state_is_do(c))
-	    return;
-	set_my_want_state_do(c);
-	do_dont_resp[c]++;
-    }
-    NET2ADD(IAC, DO);
-    NETADD(c);
-    printoption("SENT", DO, c);
-}
-
-    void
-send_dont(c, init)
-    register int c, init;
-{
-    if (init) {
-	if (((do_dont_resp[c] == 0) && my_state_is_dont(c)) ||
-				my_want_state_is_dont(c))
-	    return;
-	set_my_want_state_dont(c);
-	do_dont_resp[c]++;
-    }
-    NET2ADD(IAC, DONT);
-    NETADD(c);
-    printoption("SENT", DONT, c);
-}
-
-    void
-send_will(c, init)
-    register int c, init;
-{
-    if (init) {
-	if (((will_wont_resp[c] == 0) && my_state_is_will(c)) ||
-				my_want_state_is_will(c))
-	    return;
-	set_my_want_state_will(c);
-	will_wont_resp[c]++;
-    }
-    NET2ADD(IAC, WILL);
-    NETADD(c);
-    printoption("SENT", WILL, c);
-}
-
-    void
-send_wont(c, init)
-    register int c, init;
-{
-    if (init) {
-	if (((will_wont_resp[c] == 0) && my_state_is_wont(c)) ||
-				my_want_state_is_wont(c))
-	    return;
-	set_my_want_state_wont(c);
-	will_wont_resp[c]++;
-    }
-    NET2ADD(IAC, WONT);
-    NETADD(c);
-    printoption("SENT", WONT, c);
-}
-
-
-	void
-willoption(option)
-	int option;
-{
-	int new_state_ok = 0;
-
-	if (do_dont_resp[option]) {
-	    --do_dont_resp[option];
-	    if (do_dont_resp[option] && my_state_is_do(option))
-		--do_dont_resp[option];
-	}
-
-	if ((do_dont_resp[option] == 0) && my_want_state_is_dont(option)) {
-
-	    switch (option) {
-
-	    case TELOPT_ECHO:
-#	    if defined(TN3270)
-		/*
-		 * The following is a pain in the rear-end.
-		 * Various IBM servers (some versions of Wiscnet,
-		 * possibly Fibronics/Spartacus, and who knows who
-		 * else) will NOT allow us to send "DO SGA" too early
-		 * in the setup proceedings.  On the other hand,
-		 * 4.2 servers (telnetd) won't set SGA correctly.
-		 * So, we are stuck.  Empirically (but, based on
-		 * a VERY small sample), the IBM servers don't send
-		 * out anything about ECHO, so we postpone our sending
-		 * "DO SGA" until we see "WILL ECHO" (which 4.2 servers
-		 * DO send).
-		  */
-		{
-		    if (askedSGA == 0) {
-			askedSGA = 1;
-			if (my_want_state_is_dont(TELOPT_SGA))
-			    send_do(TELOPT_SGA, 1);
-		    }
-		}
-		    /* Fall through */
-	    case TELOPT_EOR:
-#endif	    /* defined(TN3270) */
-	    case TELOPT_BINARY:
-	    case TELOPT_SGA:
-		settimer(modenegotiated);
-		/* FALL THROUGH */
-	    case TELOPT_STATUS:
-#if	defined(AUTHENTICATION)
-	    case TELOPT_AUTHENTICATION:
-#endif
-#ifdef	ENCRYPTION
-	    case TELOPT_ENCRYPT:
-#endif /* ENCRYPTION */
-		new_state_ok = 1;
-		break;
-
-	    case TELOPT_TM:
-		if (flushout)
-		    flushout = 0;
-		/*
-		 * Special case for TM.  If we get back a WILL,
-		 * pretend we got back a WONT.
-		 */
-		set_my_want_state_dont(option);
-		set_my_state_dont(option);
-		return;			/* Never reply to TM will's/wont's */
-
-	    case TELOPT_LINEMODE:
-	    default:
-		break;
-	    }
-
-	    if (new_state_ok) {
-		set_my_want_state_do(option);
-		send_do(option, 0);
-		setconnmode(0);		/* possibly set new tty mode */
-	    } else {
-		do_dont_resp[option]++;
-		send_dont(option, 0);
-	    }
-	}
-	set_my_state_do(option);
-#ifdef	ENCRYPTION
-	if (option == TELOPT_ENCRYPT)
-		encrypt_send_support();
-#endif	/* ENCRYPTION */
-}
-
-	void
-wontoption(option)
-	int option;
-{
-	if (do_dont_resp[option]) {
-	    --do_dont_resp[option];
-	    if (do_dont_resp[option] && my_state_is_dont(option))
-		--do_dont_resp[option];
-	}
-
-	if ((do_dont_resp[option] == 0) && my_want_state_is_do(option)) {
-
-	    switch (option) {
-
-#ifdef	KLUDGELINEMODE
-	    case TELOPT_SGA:
-		if (!kludgelinemode)
-		    break;
-		/* FALL THROUGH */
-#endif
-	    case TELOPT_ECHO:
-		settimer(modenegotiated);
-		break;
-
-	    case TELOPT_TM:
-		if (flushout)
-		    flushout = 0;
-		set_my_want_state_dont(option);
-		set_my_state_dont(option);
-		return;		/* Never reply to TM will's/wont's */
-
-	    default:
-		break;
-	    }
-	    set_my_want_state_dont(option);
-	    if (my_state_is_do(option))
-		send_dont(option, 0);
-	    setconnmode(0);			/* Set new tty mode */
-	} else if (option == TELOPT_TM) {
-	    /*
-	     * Special case for TM.
-	     */
-	    if (flushout)
-		flushout = 0;
-	    set_my_want_state_dont(option);
-	}
-	set_my_state_dont(option);
-}
-
-	static void
-dooption(option)
-	int option;
-{
-	int new_state_ok = 0;
-
-	if (will_wont_resp[option]) {
-	    --will_wont_resp[option];
-	    if (will_wont_resp[option] && my_state_is_will(option))
-		--will_wont_resp[option];
-	}
-
-	if (will_wont_resp[option] == 0) {
-	  if (my_want_state_is_wont(option)) {
-
-	    switch (option) {
-
-	    case TELOPT_TM:
-		/*
-		 * Special case for TM.  We send a WILL, but pretend
-		 * we sent WONT.
-		 */
-		send_will(option, 0);
-		set_my_want_state_wont(TELOPT_TM);
-		set_my_state_wont(TELOPT_TM);
-		return;
-
-#	if defined(TN3270)
-	    case TELOPT_EOR:		/* end of record */
-#	endif	/* defined(TN3270) */
-	    case TELOPT_BINARY:		/* binary mode */
-	    case TELOPT_NAWS:		/* window size */
-	    case TELOPT_TSPEED:		/* terminal speed */
-	    case TELOPT_LFLOW:		/* local flow control */
-	    case TELOPT_TTYPE:		/* terminal type option */
-	    case TELOPT_SGA:		/* no big deal */
-#ifdef	ENCRYPTION
-	    case TELOPT_ENCRYPT:	/* encryption variable option */
-#endif	/* ENCRYPTION */
-		new_state_ok = 1;
-		break;
-
-	    case TELOPT_NEW_ENVIRON:	/* New environment variable option */
-#ifdef	OLD_ENVIRON
-		if (my_state_is_will(TELOPT_OLD_ENVIRON))
-			send_wont(TELOPT_OLD_ENVIRON, 1); /* turn off the old */
-		goto env_common;
-	    case TELOPT_OLD_ENVIRON:	/* Old environment variable option */
-		if (my_state_is_will(TELOPT_NEW_ENVIRON))
-			break;		/* Don't enable if new one is in use! */
-	    env_common:
-		telopt_environ = option;
-#endif
-		new_state_ok = 1;
-		break;
-
-#if	defined(AUTHENTICATION)
-	    case TELOPT_AUTHENTICATION:
-		if (autologin)
-			new_state_ok = 1;
-		break;
-#endif
-
-	    case TELOPT_XDISPLOC:	/* X Display location */
-		if (env_getvalue((unsigned char *)"DISPLAY"))
-		    new_state_ok = 1;
-		break;
-
-	    case TELOPT_LINEMODE:
-#ifdef	KLUDGELINEMODE
-		kludgelinemode = 0;
-		send_do(TELOPT_SGA, 1);
-#endif
-		set_my_want_state_will(TELOPT_LINEMODE);
-		send_will(option, 0);
-		set_my_state_will(TELOPT_LINEMODE);
-		slc_init();
-		return;
-
-	    case TELOPT_ECHO:		/* We're never going to echo... */
-	    default:
-		break;
-	    }
-
-	    if (new_state_ok) {
-		set_my_want_state_will(option);
-		send_will(option, 0);
-		setconnmode(0);			/* Set new tty mode */
-	    } else {
-		will_wont_resp[option]++;
-		send_wont(option, 0);
-	    }
-	  } else {
-	    /*
-	     * Handle options that need more things done after the
-	     * other side has acknowledged the option.
-	     */
-	    switch (option) {
-	    case TELOPT_LINEMODE:
-#ifdef	KLUDGELINEMODE
-		kludgelinemode = 0;
-		send_do(TELOPT_SGA, 1);
-#endif
-		set_my_state_will(option);
-		slc_init();
-		send_do(TELOPT_SGA, 0);
-		return;
-	    }
-	  }
-	}
-	set_my_state_will(option);
-}
-
-	static void
-dontoption(option)
-	int option;
-{
-
-	if (will_wont_resp[option]) {
-	    --will_wont_resp[option];
-	    if (will_wont_resp[option] && my_state_is_wont(option))
-		--will_wont_resp[option];
-	}
-
-	if ((will_wont_resp[option] == 0) && my_want_state_is_will(option)) {
-	    switch (option) {
-	    case TELOPT_LINEMODE:
-		linemode = 0;	/* put us back to the default state */
-		break;
-#ifdef	OLD_ENVIRON
-	    case TELOPT_NEW_ENVIRON:
-		/*
-		 * The new environ option wasn't recognized, try
-		 * the old one.
-		 */
-		send_will(TELOPT_OLD_ENVIRON, 1);
-		telopt_environ = TELOPT_OLD_ENVIRON;
-		break;
-#endif
-	    }
-	    /* we always accept a DONT */
-	    set_my_want_state_wont(option);
-	    if (my_state_is_will(option))
-		send_wont(option, 0);
-	    setconnmode(0);			/* Set new tty mode */
-	}
-	set_my_state_wont(option);
-}
-
-/*
- * Given a buffer returned by tgetent(), this routine will turn
- * the pipe seperated list of names in the buffer into an array
- * of pointers to null terminated names.  We toss out any bad,
- * duplicate, or verbose names (names with spaces).
- */
-
-static char *name_unknown = "UNKNOWN";
-static char *unknown[] = { 0, 0 };
-
-	char **
-mklist(buf, name)
-	char *buf, *name;
-{
-	register int n;
-	register char c, *cp, **argvp, *cp2, **argv, **avt;
-
-	if (name) {
-		if ((int)strlen(name) > 40) {
-			name = 0;
-			unknown[0] = name_unknown;
-		} else {
-			unknown[0] = name;
-			upcase(name);
-		}
-	} else
-		unknown[0] = name_unknown;
-	/*
-	 * Count up the number of names.
-	 */
-	for (n = 1, cp = buf; *cp && *cp != ':'; cp++) {
-		if (*cp == '|')
-			n++;
-	}
-	/*
-	 * Allocate an array to put the name pointers into
-	 */
-	argv = (char **)malloc((n+3)*sizeof(char *));
-	if (argv == 0)
-		return(unknown);
-
-	/*
-	 * Fill up the array of pointers to names.
-	 */
-	*argv = 0;
-	argvp = argv+1;
-	n = 0;
-	for (cp = cp2 = buf; (c = *cp);  cp++) {
-		if (c == '|' || c == ':') {
-			*cp++ = '\0';
-			/*
-			 * Skip entries that have spaces or are over 40
-			 * characters long.  If this is our environment
-			 * name, then put it up front.  Otherwise, as
-			 * long as this is not a duplicate name (case
-			 * insensitive) add it to the list.
-			 */
-			if (n || (cp - cp2 > 41))
-				;
-			else if (name && (strncasecmp(name, cp2, cp-cp2) == 0))
-				*argv = cp2;
-			else if (is_unique(cp2, argv+1, argvp))
-				*argvp++ = cp2;
-			if (c == ':')
-				break;
-			/*
-			 * Skip multiple delimiters. Reset cp2 to
-			 * the beginning of the next name. Reset n,
-			 * the flag for names with spaces.
-			 */
-			while ((c = *cp) == '|')
-				cp++;
-			cp2 = cp;
-			n = 0;
-		}
-		/*
-		 * Skip entries with spaces or non-ascii values.
-		 * Convert lower case letters to upper case.
-		 */
-		if ((c == ' ') || !isascii(c))
-			n = 1;
-		else if (islower(c))
-			*cp = toupper(c);
-	}
-
-	/*
-	 * Check for an old V6 2 character name.  If the second
-	 * name points to the beginning of the buffer, and is
-	 * only 2 characters long, move it to the end of the array.
-	 */
-	if ((argv[1] == buf) && (strlen(argv[1]) == 2)) {
-		--argvp;
-		for (avt = &argv[1]; avt < argvp; avt++)
-			*avt = *(avt+1);
-		*argvp++ = buf;
-	}
-
-	/*
-	 * Duplicate last name, for TTYPE option, and null
-	 * terminate the array.  If we didn't find a match on
-	 * our terminal name, put that name at the beginning.
-	 */
-	cp = *(argvp-1);
-	*argvp++ = cp;
-	*argvp = 0;
-
-	if (*argv == 0) {
-		if (name)
-			*argv = name;
-		else {
-			--argvp;
-			for (avt = argv; avt < argvp; avt++)
-				*avt = *(avt+1);
-		}
-	}
-	if (*argv)
-		return(argv);
-	else
-		return(unknown);
-}
-
-	int
-is_unique(name, as, ae)
-	register char *name, **as, **ae;
-{
-	register char **ap;
-	register int n;
-
-	n = strlen(name) + 1;
-	for (ap = as; ap < ae; ap++)
-		if (strncasecmp(*ap, name, n) == 0)
-			return(0);
-	return (1);
-}
-
-#ifdef	TERMCAP
-char termbuf[1024];
-
-	/*ARGSUSED*/
-	int
-setupterm(tname, fd, errp)
-	char *tname;
-	int fd, *errp;
-{
-	if (tgetent(termbuf, tname) == 1) {
-		termbuf[1023] = '\0';
-		if (errp)
-			*errp = 1;
-		return(0);
-	}
-	if (errp)
-		*errp = 0;
-	return(-1);
-}
-#else
-#define	termbuf	ttytype
-extern char ttytype[];
-#endif
-
-int resettermname = 1;
-
-	char *
-gettermname()
-{
-	char *tname;
-	static char **tnamep = 0;
-	static char **next;
-	int err;
-
-	if (resettermname) {
-		resettermname = 0;
-		if (tnamep && tnamep != unknown)
-			free(tnamep);
-		if ((tname = (char *)env_getvalue((unsigned char *)"TERM")) &&
-				(setupterm(tname, 1, &err) == 0)) {
-			tnamep = mklist(termbuf, tname);
-		} else {
-			if (tname && ((int)strlen(tname) <= 40)) {
-				unknown[0] = tname;
-				upcase(tname);
-			} else
-				unknown[0] = name_unknown;
-			tnamep = unknown;
-		}
-		next = tnamep;
-	}
-	if (*next == 0)
-		next = tnamep;
-	return(*next++);
-}
-/*
- * suboption()
- *
- *	Look at the sub-option buffer, and try to be helpful to the other
- * side.
- *
- *	Currently we recognize:
- *
- *		Terminal type, send request.
- *		Terminal speed (send request).
- *		Local flow control (is request).
- *		Linemode
- */
-
-    static void
-suboption()
-{
-    unsigned char subchar;
-
-    printsub('<', subbuffer, SB_LEN()+2);
-    switch (subchar = SB_GET()) {
-    case TELOPT_TTYPE:
-	if (my_want_state_is_wont(TELOPT_TTYPE))
-	    return;
-	if (SB_EOF() || SB_GET() != TELQUAL_SEND) {
-	    return;
-	} else {
-	    char *name;
-	    unsigned char temp[50];
-	    int len;
-
-#if	defined(TN3270)
-	    if (tn3270_ttype()) {
-		return;
-	    }
-#endif	/* defined(TN3270) */
-	    name = gettermname();
-	    len = strlen(name) + 4 + 2;
-	    if (len < NETROOM()) {
-		sprintf((char *)temp, "%c%c%c%c%s%c%c", IAC, SB, TELOPT_TTYPE,
-				TELQUAL_IS, name, IAC, SE);
-		ring_supply_data(&netoring, temp, len);
-		printsub('>', &temp[2], len-2);
-	    } else {
-		ExitString("No room in buffer for terminal type.\n", 1);
-		/*NOTREACHED*/
-	    }
-	}
-	break;
-    case TELOPT_TSPEED:
-	if (my_want_state_is_wont(TELOPT_TSPEED))
-	    return;
-	if (SB_EOF())
-	    return;
-	if (SB_GET() == TELQUAL_SEND) {
-	    long ospeed, ispeed;
-	    unsigned char temp[50];
-	    int len;
-
-	    TerminalSpeeds(&ispeed, &ospeed);
-
-	    sprintf((char *)temp, "%c%c%c%c%ld,%ld%c%c", IAC, SB, TELOPT_TSPEED,
-		    TELQUAL_IS, ospeed, ispeed, IAC, SE);
-	    len = strlen((char *)temp+4) + 4;	/* temp[3] is 0 ... */
-
-	    if (len < NETROOM()) {
-		ring_supply_data(&netoring, temp, len);
-		printsub('>', temp+2, len - 2);
-	    }
-/*@*/	    else printf("lm_will: not enough room in buffer\n");
-	}
-	break;
-    case TELOPT_LFLOW:
-	if (my_want_state_is_wont(TELOPT_LFLOW))
-	    return;
-	if (SB_EOF())
-	    return;
-	switch(SB_GET()) {
-	case LFLOW_RESTART_ANY:
-	    restartany = 1;
-	    break;
-	case LFLOW_RESTART_XON:
-	    restartany = 0;
-	    break;
-	case LFLOW_ON:
-	    localflow = 1;
-	    break;
-	case LFLOW_OFF:
-	    localflow = 0;
-	    break;
-	default:
-	    return;
-	}
-	setcommandmode();
-	setconnmode(0);
-	break;
-
-    case TELOPT_LINEMODE:
-	if (my_want_state_is_wont(TELOPT_LINEMODE))
-	    return;
-	if (SB_EOF())
-	    return;
-	switch (SB_GET()) {
-	case WILL:
-	    lm_will(subpointer, SB_LEN());
-	    break;
-	case WONT:
-	    lm_wont(subpointer, SB_LEN());
-	    break;
-	case DO:
-	    lm_do(subpointer, SB_LEN());
-	    break;
-	case DONT:
-	    lm_dont(subpointer, SB_LEN());
-	    break;
-	case LM_SLC:
-	    slc(subpointer, SB_LEN());
-	    break;
-	case LM_MODE:
-	    lm_mode(subpointer, SB_LEN(), 0);
-	    break;
-	default:
-	    break;
-	}
-	break;
-
-#ifdef	OLD_ENVIRON
-    case TELOPT_OLD_ENVIRON:
-#endif
-    case TELOPT_NEW_ENVIRON:
-	if (SB_EOF())
-	    return;
-	switch(SB_PEEK()) {
-	case TELQUAL_IS:
-	case TELQUAL_INFO:
-	    if (my_want_state_is_dont(subchar))
-		return;
-	    break;
-	case TELQUAL_SEND:
-	    if (my_want_state_is_wont(subchar)) {
-		return;
-	    }
-	    break;
-	default:
-	    return;
-	}
-	env_opt(subpointer, SB_LEN());
-	break;
-
-    case TELOPT_XDISPLOC:
-	if (my_want_state_is_wont(TELOPT_XDISPLOC))
-	    return;
-	if (SB_EOF())
-	    return;
-	if (SB_GET() == TELQUAL_SEND) {
-	    unsigned char temp[50], *dp;
-	    int len;
-
-	    if ((dp = env_getvalue((unsigned char *)"DISPLAY")) == NULL) {
-		/*
-		 * Something happened, we no longer have a DISPLAY
-		 * variable.  So, turn off the option.
-		 */
-		send_wont(TELOPT_XDISPLOC, 1);
-		break;
-	    }
-	    sprintf((char *)temp, "%c%c%c%c%s%c%c", IAC, SB, TELOPT_XDISPLOC,
-		    TELQUAL_IS, dp, IAC, SE);
-	    len = strlen((char *)temp+4) + 4;	/* temp[3] is 0 ... */
-
-	    if (len < NETROOM()) {
-		ring_supply_data(&netoring, temp, len);
-		printsub('>', temp+2, len - 2);
-	    }
-/*@*/	    else printf("lm_will: not enough room in buffer\n");
-	}
-	break;
-
-#if	defined(AUTHENTICATION)
-	case TELOPT_AUTHENTICATION: {
-		if (!autologin)
-			break;
-		if (SB_EOF())
-			return;
-		switch(SB_GET()) {
-		case TELQUAL_IS:
-			if (my_want_state_is_dont(TELOPT_AUTHENTICATION))
-				return;
-			auth_is(subpointer, SB_LEN());
-			break;
-		case TELQUAL_SEND:
-			if (my_want_state_is_wont(TELOPT_AUTHENTICATION))
-				return;
-			auth_send(subpointer, SB_LEN());
-			break;
-		case TELQUAL_REPLY:
-			if (my_want_state_is_wont(TELOPT_AUTHENTICATION))
-				return;
-			auth_reply(subpointer, SB_LEN());
-			break;
-		case TELQUAL_NAME:
-			if (my_want_state_is_dont(TELOPT_AUTHENTICATION))
-				return;
-			auth_name(subpointer, SB_LEN());
-			break;
-		}
-	}
-	break;
-#endif
-#ifdef	ENCRYPTION
-	case TELOPT_ENCRYPT:
-		if (SB_EOF())
-			return;
-		switch(SB_GET()) {
-		case ENCRYPT_START:
-			if (my_want_state_is_dont(TELOPT_ENCRYPT))
-				return;
-			encrypt_start(subpointer, SB_LEN());
-			break;
-		case ENCRYPT_END:
-			if (my_want_state_is_dont(TELOPT_ENCRYPT))
-				return;
-			encrypt_end();
-			break;
-		case ENCRYPT_SUPPORT:
-			if (my_want_state_is_wont(TELOPT_ENCRYPT))
-				return;
-			encrypt_support(subpointer, SB_LEN());
-			break;
-		case ENCRYPT_REQSTART:
-			if (my_want_state_is_wont(TELOPT_ENCRYPT))
-				return;
-			encrypt_request_start(subpointer, SB_LEN());
-			break;
-		case ENCRYPT_REQEND:
-			if (my_want_state_is_wont(TELOPT_ENCRYPT))
-				return;
-			/*
-			 * We can always send an REQEND so that we cannot
-			 * get stuck encrypting.  We should only get this
-			 * if we have been able to get in the correct mode
-			 * anyhow.
-			 */
-			encrypt_request_end();
-			break;
-		case ENCRYPT_IS:
-			if (my_want_state_is_dont(TELOPT_ENCRYPT))
-				return;
-			encrypt_is(subpointer, SB_LEN());
-			break;
-		case ENCRYPT_REPLY:
-			if (my_want_state_is_wont(TELOPT_ENCRYPT))
-				return;
-			encrypt_reply(subpointer, SB_LEN());
-			break;
-		case ENCRYPT_ENC_KEYID:
-			if (my_want_state_is_dont(TELOPT_ENCRYPT))
-				return;
-			encrypt_enc_keyid(subpointer, SB_LEN());
-			break;
-		case ENCRYPT_DEC_KEYID:
-			if (my_want_state_is_wont(TELOPT_ENCRYPT))
-				return;
-			encrypt_dec_keyid(subpointer, SB_LEN());
-			break;
-		default:
-			break;
-		}
-		break;
-#endif	/* ENCRYPTION */
-    default:
-	break;
-    }
-}
-
-static unsigned char str_lm[] = { IAC, SB, TELOPT_LINEMODE, 0, 0, IAC, SE };
-
-    void
-lm_will(cmd, len)
-    unsigned char *cmd;
-    int len;
-{
-    if (len < 1) {
-/*@*/	printf("lm_will: no command!!!\n");	/* Should not happen... */
-	return;
-    }
-    switch(cmd[0]) {
-    case LM_FORWARDMASK:	/* We shouldn't ever get this... */
-    default:
-	str_lm[3] = DONT;
-	str_lm[4] = cmd[0];
-	if (NETROOM() > sizeof(str_lm)) {
-	    ring_supply_data(&netoring, str_lm, sizeof(str_lm));
-	    printsub('>', &str_lm[2], sizeof(str_lm)-2);
-	}
-/*@*/	else printf("lm_will: not enough room in buffer\n");
-	break;
-    }
-}
-
-    void
-lm_wont(cmd, len)
-    unsigned char *cmd;
-    int len;
-{
-    if (len < 1) {
-/*@*/	printf("lm_wont: no command!!!\n");	/* Should not happen... */
-	return;
-    }
-    switch(cmd[0]) {
-    case LM_FORWARDMASK:	/* We shouldn't ever get this... */
-    default:
-	/* We are always DONT, so don't respond */
-	return;
-    }
-}
-
-    void
-lm_do(cmd, len)
-    unsigned char *cmd;
-    int len;
-{
-    if (len < 1) {
-/*@*/	printf("lm_do: no command!!!\n");	/* Should not happen... */
-	return;
-    }
-    switch(cmd[0]) {
-    case LM_FORWARDMASK:
-    default:
-	str_lm[3] = WONT;
-	str_lm[4] = cmd[0];
-	if (NETROOM() > sizeof(str_lm)) {
-	    ring_supply_data(&netoring, str_lm, sizeof(str_lm));
-	    printsub('>', &str_lm[2], sizeof(str_lm)-2);
-	}
-/*@*/	else printf("lm_do: not enough room in buffer\n");
-	break;
-    }
-}
-
-    void
-lm_dont(cmd, len)
-    unsigned char *cmd;
-    int len;
-{
-    if (len < 1) {
-/*@*/	printf("lm_dont: no command!!!\n");	/* Should not happen... */
-	return;
-    }
-    switch(cmd[0]) {
-    case LM_FORWARDMASK:
-    default:
-	/* we are always WONT, so don't respond */
-	break;
-    }
-}
-
-static unsigned char str_lm_mode[] = {
-	IAC, SB, TELOPT_LINEMODE, LM_MODE, 0, IAC, SE
-};
-
-	void
-lm_mode(cmd, len, init)
-	unsigned char *cmd;
-	int len, init;
-{
-	if (len != 1)
-		return;
-	if ((linemode&MODE_MASK&~MODE_ACK) == *cmd)
-		return;
-	if (*cmd&MODE_ACK)
-		return;
-	linemode = *cmd&(MODE_MASK&~MODE_ACK);
-	str_lm_mode[4] = linemode;
-	if (!init)
-	    str_lm_mode[4] |= MODE_ACK;
-	if (NETROOM() > sizeof(str_lm_mode)) {
-	    ring_supply_data(&netoring, str_lm_mode, sizeof(str_lm_mode));
-	    printsub('>', &str_lm_mode[2], sizeof(str_lm_mode)-2);
-	}
-/*@*/	else printf("lm_mode: not enough room in buffer\n");
-	setconnmode(0);	/* set changed mode */
-}
-
-
-
-/*
- * slc()
- * Handle special character suboption of LINEMODE.
- */
-
-struct spc {
-	cc_t val;
-	cc_t *valp;
-	char flags;	/* Current flags & level */
-	char mylevel;	/* Maximum level & flags */
-} spc_data[NSLC+1];
-
-#define SLC_IMPORT	0
-#define	SLC_EXPORT	1
-#define SLC_RVALUE	2
-static int slc_mode = SLC_EXPORT;
-
-	void
-slc_init()
-{
-	register struct spc *spcp;
-
-	localchars = 1;
-	for (spcp = spc_data; spcp < &spc_data[NSLC+1]; spcp++) {
-		spcp->val = 0;
-		spcp->valp = 0;
-		spcp->flags = spcp->mylevel = SLC_NOSUPPORT;
-	}
-
-#define	initfunc(func, flags) { \
-					spcp = &spc_data[func]; \
-					if ((spcp->valp = tcval(func))) { \
-					    spcp->val = *spcp->valp; \
-					    spcp->mylevel = SLC_VARIABLE|flags; \
-					} else { \
-					    spcp->val = 0; \
-					    spcp->mylevel = SLC_DEFAULT; \
-					} \
-				    }
-
-	initfunc(SLC_SYNCH, 0);
-	/* No BRK */
-	initfunc(SLC_AO, 0);
-	initfunc(SLC_AYT, 0);
-	/* No EOR */
-	initfunc(SLC_ABORT, SLC_FLUSHIN|SLC_FLUSHOUT);
-	initfunc(SLC_EOF, 0);
-#ifndef	SYSV_TERMIO
-	initfunc(SLC_SUSP, SLC_FLUSHIN);
-#endif
-	initfunc(SLC_EC, 0);
-	initfunc(SLC_EL, 0);
-#ifndef	SYSV_TERMIO
-	initfunc(SLC_EW, 0);
-	initfunc(SLC_RP, 0);
-	initfunc(SLC_LNEXT, 0);
-#endif
-	initfunc(SLC_XON, 0);
-	initfunc(SLC_XOFF, 0);
-#ifdef	SYSV_TERMIO
-	spc_data[SLC_XON].mylevel = SLC_CANTCHANGE;
-	spc_data[SLC_XOFF].mylevel = SLC_CANTCHANGE;
-#endif
-	initfunc(SLC_FORW1, 0);
-#ifdef	USE_TERMIO
-	initfunc(SLC_FORW2, 0);
-	/* No FORW2 */
-#endif
-
-	initfunc(SLC_IP, SLC_FLUSHIN|SLC_FLUSHOUT);
-#undef	initfunc
-
-	if (slc_mode == SLC_EXPORT)
-		slc_export();
-	else
-		slc_import(1);
-
-}
-
-    void
-slcstate()
-{
-    printf("Special characters are %s values\n",
-		slc_mode == SLC_IMPORT ? "remote default" :
-		slc_mode == SLC_EXPORT ? "local" :
-					 "remote");
-}
-
-    void
-slc_mode_export()
-{
-    slc_mode = SLC_EXPORT;
-    if (my_state_is_will(TELOPT_LINEMODE))
-	slc_export();
-}
-
-    void
-slc_mode_import(def)
-    int def;
-{
-    slc_mode = def ? SLC_IMPORT : SLC_RVALUE;
-    if (my_state_is_will(TELOPT_LINEMODE))
-	slc_import(def);
-}
-
-unsigned char slc_import_val[] = {
-	IAC, SB, TELOPT_LINEMODE, LM_SLC, 0, SLC_VARIABLE, 0, IAC, SE
-};
-unsigned char slc_import_def[] = {
-	IAC, SB, TELOPT_LINEMODE, LM_SLC, 0, SLC_DEFAULT, 0, IAC, SE
-};
-
-    void
-slc_import(def)
-    int def;
-{
-    if (NETROOM() > sizeof(slc_import_val)) {
-	if (def) {
-	    ring_supply_data(&netoring, slc_import_def, sizeof(slc_import_def));
-	    printsub('>', &slc_import_def[2], sizeof(slc_import_def)-2);
-	} else {
-	    ring_supply_data(&netoring, slc_import_val, sizeof(slc_import_val));
-	    printsub('>', &slc_import_val[2], sizeof(slc_import_val)-2);
-	}
-    }
-/*@*/ else printf("slc_import: not enough room\n");
-}
-
-    void
-slc_export()
-{
-    register struct spc *spcp;
-
-    TerminalDefaultChars();
-
-    slc_start_reply();
-    for (spcp = &spc_data[1]; spcp < &spc_data[NSLC+1]; spcp++) {
-	if (spcp->mylevel != SLC_NOSUPPORT) {
-	    if (spcp->val == (cc_t)(_POSIX_VDISABLE))
-		spcp->flags = SLC_NOSUPPORT;
-	    else
-		spcp->flags = spcp->mylevel;
-	    if (spcp->valp)
-		spcp->val = *spcp->valp;
-	    slc_add_reply(spcp - spc_data, spcp->flags, spcp->val);
-	}
-    }
-    slc_end_reply();
-    (void)slc_update();
-    setconnmode(1);	/* Make sure the character values are set */
-}
-
-	void
-slc(cp, len)
-	register unsigned char *cp;
-	int len;
-{
-	register struct spc *spcp;
-	register int func,level;
-
-	slc_start_reply();
-
-	for (; len >= 3; len -=3, cp +=3) {
-
-		func = cp[SLC_FUNC];
-
-		if (func == 0) {
-			/*
-			 * Client side: always ignore 0 function.
-			 */
-			continue;
-		}
-		if (func > NSLC) {
-			if ((cp[SLC_FLAGS] & SLC_LEVELBITS) != SLC_NOSUPPORT)
-				slc_add_reply(func, SLC_NOSUPPORT, 0);
-			continue;
-		}
-
-		spcp = &spc_data[func];
-
-		level = cp[SLC_FLAGS]&(SLC_LEVELBITS|SLC_ACK);
-
-		if ((cp[SLC_VALUE] == (unsigned char)spcp->val) &&
-		    ((level&SLC_LEVELBITS) == (spcp->flags&SLC_LEVELBITS))) {
-			continue;
-		}
-
-		if (level == (SLC_DEFAULT|SLC_ACK)) {
-			/*
-			 * This is an error condition, the SLC_ACK
-			 * bit should never be set for the SLC_DEFAULT
-			 * level.  Our best guess to recover is to
-			 * ignore the SLC_ACK bit.
-			 */
-			cp[SLC_FLAGS] &= ~SLC_ACK;
-		}
-
-		if (level == ((spcp->flags&SLC_LEVELBITS)|SLC_ACK)) {
-			spcp->val = (cc_t)cp[SLC_VALUE];
-			spcp->flags = cp[SLC_FLAGS];	/* include SLC_ACK */
-			continue;
-		}
-
-		level &= ~SLC_ACK;
-
-		if (level <= (spcp->mylevel&SLC_LEVELBITS)) {
-			spcp->flags = cp[SLC_FLAGS]|SLC_ACK;
-			spcp->val = (cc_t)cp[SLC_VALUE];
-		}
-		if (level == SLC_DEFAULT) {
-			if ((spcp->mylevel&SLC_LEVELBITS) != SLC_DEFAULT)
-				spcp->flags = spcp->mylevel;
-			else
-				spcp->flags = SLC_NOSUPPORT;
-		}
-		slc_add_reply(func, spcp->flags, spcp->val);
-	}
-	slc_end_reply();
-	if (slc_update())
-		setconnmode(1);	/* set the  new character values */
-}
-
-    void
-slc_check()
-{
-    register struct spc *spcp;
-
-    slc_start_reply();
-    for (spcp = &spc_data[1]; spcp < &spc_data[NSLC+1]; spcp++) {
-	if (spcp->valp && spcp->val != *spcp->valp) {
-	    spcp->val = *spcp->valp;
-	    if (spcp->val == (cc_t)(_POSIX_VDISABLE))
-		spcp->flags = SLC_NOSUPPORT;
-	    else
-		spcp->flags = spcp->mylevel;
-	    slc_add_reply(spcp - spc_data, spcp->flags, spcp->val);
-	}
-    }
-    slc_end_reply();
-    setconnmode(1);
-}
-
-
-unsigned char slc_reply[128];
-unsigned char *slc_replyp;
-
-	void
-slc_start_reply()
-{
-	slc_replyp = slc_reply;
-	*slc_replyp++ = IAC;
-	*slc_replyp++ = SB;
-	*slc_replyp++ = TELOPT_LINEMODE;
-	*slc_replyp++ = LM_SLC;
-}
-
-	void
-slc_add_reply(func, flags, value)
-	unsigned char func;
-	unsigned char flags;
-	cc_t value;
-{
-	if ((*slc_replyp++ = func) == IAC)
-		*slc_replyp++ = IAC;
-	if ((*slc_replyp++ = flags) == IAC)
-		*slc_replyp++ = IAC;
-	if ((*slc_replyp++ = (unsigned char)value) == IAC)
-		*slc_replyp++ = IAC;
-}
-
-    void
-slc_end_reply()
-{
-    register int len;
-
-    *slc_replyp++ = IAC;
-    *slc_replyp++ = SE;
-    len = slc_replyp - slc_reply;
-    if (len <= 6)
-	return;
-    if (NETROOM() > len) {
-	ring_supply_data(&netoring, slc_reply, slc_replyp - slc_reply);
-	printsub('>', &slc_reply[2], slc_replyp - slc_reply - 2);
-    }
-/*@*/else printf("slc_end_reply: not enough room\n");
-}
-
-	int
-slc_update()
-{
-	register struct spc *spcp;
-	int need_update = 0;
-
-	for (spcp = &spc_data[1]; spcp < &spc_data[NSLC+1]; spcp++) {
-		if (!(spcp->flags&SLC_ACK))
-			continue;
-		spcp->flags &= ~SLC_ACK;
-		if (spcp->valp && (*spcp->valp != spcp->val)) {
-			*spcp->valp = spcp->val;
-			need_update = 1;
-		}
-	}
-	return(need_update);
-}
-
-#ifdef	OLD_ENVIRON
-# ifdef	ENV_HACK
-/*
- * Earlier version of telnet/telnetd from the BSD code had
- * the definitions of VALUE and VAR reversed.  To ensure
- * maximum interoperability, we assume that the server is
- * an older BSD server, until proven otherwise.  The newer
- * BSD servers should be able to handle either definition,
- * so it is better to use the wrong values if we don't
- * know what type of server it is.
- */
-int env_auto = 1;
-int old_env_var = OLD_ENV_VAR;
-int old_env_value = OLD_ENV_VALUE;
-# else
-#  define old_env_var OLD_ENV_VAR
-#  define old_env_value OLD_ENV_VALUE
-# endif
-#endif
-
-	void
-env_opt(buf, len)
-	register unsigned char *buf;
-	register int len;
-{
-	register unsigned char *ep = 0, *epc = 0;
-	register int i;
-
-	switch(buf[0]&0xff) {
-	case TELQUAL_SEND:
-		env_opt_start();
-		if (len == 1) {
-			env_opt_add(NULL);
-		} else for (i = 1; i < len; i++) {
-			switch (buf[i]&0xff) {
-#ifdef	OLD_ENVIRON
-			case OLD_ENV_VAR:
-# ifdef	ENV_HACK
-				if (telopt_environ == TELOPT_OLD_ENVIRON
-				    && env_auto) {
-					/* Server has the same definitions */
-					old_env_var = OLD_ENV_VAR;
-					old_env_value = OLD_ENV_VALUE;
-				}
-				/* FALL THROUGH */
-# endif
-			case OLD_ENV_VALUE:
-				/*
-				 * Although OLD_ENV_VALUE is not legal, we will
-				 * still recognize it, just in case it is an
-				 * old server that has VAR & VALUE mixed up...
-				 */
-				/* FALL THROUGH */
-#else
-			case NEW_ENV_VAR:
-#endif
-			case ENV_USERVAR:
-				if (ep) {
-					*epc = 0;
-					env_opt_add(ep);
-				}
-				ep = epc = &buf[i+1];
-				break;
-			case ENV_ESC:
-				i++;
-				/*FALL THROUGH*/
-			default:
-				if (epc)
-					*epc++ = buf[i];
-				break;
-			}
-		}
-		if (ep) {
-			*epc = 0;
-			env_opt_add(ep);
-		}
-		env_opt_end(1);
-		break;
-
-	case TELQUAL_IS:
-	case TELQUAL_INFO:
-		/* Ignore for now.  We shouldn't get it anyway. */
-		break;
-
-	default:
-		break;
-	}
-}
-
-#define	OPT_REPLY_SIZE	256
-unsigned char *opt_reply;
-unsigned char *opt_replyp;
-unsigned char *opt_replyend;
-
-	void
-env_opt_start()
-{
-	if (opt_reply)
-		opt_reply = (unsigned char *)realloc(opt_reply, OPT_REPLY_SIZE);
-	else
-		opt_reply = (unsigned char *)malloc(OPT_REPLY_SIZE);
-	if (opt_reply == NULL) {
-/*@*/		printf("env_opt_start: malloc()/realloc() failed!!!\n");
-		opt_reply = opt_replyp = opt_replyend = NULL;
-		return;
-	}
-	opt_replyp = opt_reply;
-	opt_replyend = opt_reply + OPT_REPLY_SIZE;
-	*opt_replyp++ = IAC;
-	*opt_replyp++ = SB;
-	*opt_replyp++ = telopt_environ;
-	*opt_replyp++ = TELQUAL_IS;
-}
-
-	void
-env_opt_start_info()
-{
-	env_opt_start();
-	if (opt_replyp)
-	    opt_replyp[-1] = TELQUAL_INFO;
-}
-
-	void
-env_opt_add(ep)
-	register unsigned char *ep;
-{
-	register unsigned char *vp, c;
-
-	if (opt_reply == NULL)		/*XXX*/
-		return;			/*XXX*/
-
-	if (ep == NULL || *ep == '\0') {
-		/* Send user defined variables first. */
-		env_default(1, 0);
-		while ((ep = env_default(0, 0)))
-			env_opt_add(ep);
-
-		/* Now add the list of well know variables.  */
-		env_default(1, 1);
-		while ((ep = env_default(0, 1)))
-			env_opt_add(ep);
-		return;
-	}
-	vp = env_getvalue(ep);
-	if (opt_replyp + (vp ? strlen((char *)vp) : 0) +
-				strlen((char *)ep) + 6 > opt_replyend)
-	{
-		register int len;
-		opt_replyend += OPT_REPLY_SIZE;
-		len = opt_replyend - opt_reply;
-		opt_reply = (unsigned char *)realloc(opt_reply, len);
-		if (opt_reply == NULL) {
-/*@*/			printf("env_opt_add: realloc() failed!!!\n");
-			opt_reply = opt_replyp = opt_replyend = NULL;
-			return;
-		}
-		opt_replyp = opt_reply + len - (opt_replyend - opt_replyp);
-		opt_replyend = opt_reply + len;
-	}
-	if (opt_welldefined(ep))
-#ifdef	OLD_ENVIRON
-		if (telopt_environ == TELOPT_OLD_ENVIRON)
-			*opt_replyp++ = old_env_var;
-		else
-#endif
-			*opt_replyp++ = NEW_ENV_VAR;
-	else
-		*opt_replyp++ = ENV_USERVAR;
-	for (;;) {
-		while ((c = *ep++)) {
-			switch(c&0xff) {
-			case IAC:
-				*opt_replyp++ = IAC;
-				break;
-			case NEW_ENV_VAR:
-			case NEW_ENV_VALUE:
-			case ENV_ESC:
-			case ENV_USERVAR:
-				*opt_replyp++ = ENV_ESC;
-				break;
-			}
-			*opt_replyp++ = c;
-		}
-		if ((ep = vp)) {
-#ifdef	OLD_ENVIRON
-			if (telopt_environ == TELOPT_OLD_ENVIRON)
-				*opt_replyp++ = old_env_value;
-			else
-#endif
-				*opt_replyp++ = NEW_ENV_VALUE;
-			vp = NULL;
-		} else
-			break;
-	}
-}
-
-	int
-opt_welldefined(ep)
-	char *ep;
-{
-	if ((strcmp(ep, "USER") == 0) ||
-	    (strcmp(ep, "DISPLAY") == 0) ||
-	    (strcmp(ep, "PRINTER") == 0) ||
-	    (strcmp(ep, "SYSTEMTYPE") == 0) ||
-	    (strcmp(ep, "JOB") == 0) ||
-	    (strcmp(ep, "ACCT") == 0))
-		return(1);
-	return(0);
-}
-	void
-env_opt_end(emptyok)
-	register int emptyok;
-{
-	register int len;
-
-	len = opt_replyp - opt_reply + 2;
-	if (emptyok || len > 6) {
-		*opt_replyp++ = IAC;
-		*opt_replyp++ = SE;
-		if (NETROOM() > len) {
-			ring_supply_data(&netoring, opt_reply, len);
-			printsub('>', &opt_reply[2], len - 2);
-		}
-/*@*/		else printf("slc_end_reply: not enough room\n");
-	}
-	if (opt_reply) {
-		free(opt_reply);
-		opt_reply = opt_replyp = opt_replyend = NULL;
-	}
-}
-
-
-
-    int
-telrcv()
-{
-    register int c;
-    register int scc;
-    register unsigned char *sbp;
-    int count;
-    int returnValue = 0;
-
-    scc = 0;
-    count = 0;
-    while (TTYROOM() > 2) {
-	if (scc == 0) {
-	    if (count) {
-		ring_consumed(&netiring, count);
-		returnValue = 1;
-		count = 0;
-	    }
-	    sbp = netiring.consume;
-	    scc = ring_full_consecutive(&netiring);
-	    if (scc == 0) {
-		/* No more data coming in */
-		break;
-	    }
-	}
-
-	c = *sbp++ & 0xff, scc--; count++;
-#ifdef	ENCRYPTION
-	if (decrypt_input)
-		c = (*decrypt_input)(c);
-#endif	/* ENCRYPTION */
-
-	switch (telrcv_state) {
-
-	case TS_CR:
-	    telrcv_state = TS_DATA;
-	    if (c == '\0') {
-		break;	/* Ignore \0 after CR */
-	    }
-	    else if ((c == '\n') && my_want_state_is_dont(TELOPT_ECHO) && !crmod) {
-		TTYADD(c);
-		break;
-	    }
-	    /* Else, fall through */
-
-	case TS_DATA:
-	    if (c == IAC) {
-		telrcv_state = TS_IAC;
-		break;
-	    }
-#	    if defined(TN3270)
-	    if (In3270) {
-		*Ifrontp++ = c;
-		while (scc > 0) {
-		    c = *sbp++ & 0377, scc--; count++;
-#ifdef	ENCRYPTION
-		    if (decrypt_input)
-			c = (*decrypt_input)(c);
-#endif	/* ENCRYPTION */
-		    if (c == IAC) {
-			telrcv_state = TS_IAC;
-			break;
-		    }
-		    *Ifrontp++ = c;
-		}
-	    } else
-#	    endif /* defined(TN3270) */
-		    /*
-		     * The 'crmod' hack (see following) is needed
-		     * since we can't * set CRMOD on output only.
-		     * Machines like MULTICS like to send \r without
-		     * \n; since we must turn off CRMOD to get proper
-		     * input, the mapping is done here (sigh).
-		     */
-	    if ((c == '\r') && my_want_state_is_dont(TELOPT_BINARY)) {
-		if (scc > 0) {
-		    c = *sbp&0xff;
-#ifdef	ENCRYPTION
-		    if (decrypt_input)
-			c = (*decrypt_input)(c);
-#endif	/* ENCRYPTION */
-		    if (c == 0) {
-			sbp++, scc--; count++;
-			/* a "true" CR */
-			TTYADD('\r');
-		    } else if (my_want_state_is_dont(TELOPT_ECHO) &&
-					(c == '\n')) {
-			sbp++, scc--; count++;
-			TTYADD('\n');
-		    } else {
-#ifdef	ENCRYPTION
-			if (decrypt_input)
-			    (*decrypt_input)(-1);
-#endif	/* ENCRYPTION */
-
-			TTYADD('\r');
-			if (crmod) {
-				TTYADD('\n');
-			}
-		    }
-		} else {
-		    telrcv_state = TS_CR;
-		    TTYADD('\r');
-		    if (crmod) {
-			    TTYADD('\n');
-		    }
-		}
-	    } else {
-		TTYADD(c);
-	    }
-	    continue;
-
-	case TS_IAC:
-process_iac:
-	    switch (c) {
-
-	    case WILL:
-		telrcv_state = TS_WILL;
-		continue;
-
-	    case WONT:
-		telrcv_state = TS_WONT;
-		continue;
-
-	    case DO:
-		telrcv_state = TS_DO;
-		continue;
-
-	    case DONT:
-		telrcv_state = TS_DONT;
-		continue;
-
-	    case DM:
-		    /*
-		     * We may have missed an urgent notification,
-		     * so make sure we flush whatever is in the
-		     * buffer currently.
-		     */
-		printoption("RCVD", IAC, DM);
-		SYNCHing = 1;
-		(void) ttyflush(1);
-		SYNCHing = stilloob();
-		settimer(gotDM);
-		break;
-
-	    case SB:
-		SB_CLEAR();
-		telrcv_state = TS_SB;
-		continue;
-
-#	    if defined(TN3270)
-	    case EOR:
-		if (In3270) {
-		    if (Ibackp == Ifrontp) {
-			Ibackp = Ifrontp = Ibuf;
-			ISend = 0;	/* should have been! */
-		    } else {
-			Ibackp += DataFromNetwork(Ibackp, Ifrontp-Ibackp, 1);
-			ISend = 1;
-		    }
-		}
-		printoption("RCVD", IAC, EOR);
-		break;
-#	    endif /* defined(TN3270) */
-
-	    case IAC:
-#	    if !defined(TN3270)
-		TTYADD(IAC);
-#	    else /* !defined(TN3270) */
-		if (In3270) {
-		    *Ifrontp++ = IAC;
-		} else {
-		    TTYADD(IAC);
-		}
-#	    endif /* !defined(TN3270) */
-		break;
-
-	    case NOP:
-	    case GA:
-	    default:
-		printoption("RCVD", IAC, c);
-		break;
-	    }
-	    telrcv_state = TS_DATA;
-	    continue;
-
-	case TS_WILL:
-	    printoption("RCVD", WILL, c);
-	    willoption(c);
-	    SetIn3270();
-	    telrcv_state = TS_DATA;
-	    continue;
-
-	case TS_WONT:
-	    printoption("RCVD", WONT, c);
-	    wontoption(c);
-	    SetIn3270();
-	    telrcv_state = TS_DATA;
-	    continue;
-
-	case TS_DO:
-	    printoption("RCVD", DO, c);
-	    dooption(c);
-	    SetIn3270();
-	    if (c == TELOPT_NAWS) {
-		sendnaws();
-	    } else if (c == TELOPT_LFLOW) {
-		localflow = 1;
-		setcommandmode();
-		setconnmode(0);
-	    }
-	    telrcv_state = TS_DATA;
-	    continue;
-
-	case TS_DONT:
-	    printoption("RCVD", DONT, c);
-	    dontoption(c);
-	    flushline = 1;
-	    setconnmode(0);	/* set new tty mode (maybe) */
-	    SetIn3270();
-	    telrcv_state = TS_DATA;
-	    continue;
-
-	case TS_SB:
-	    if (c == IAC) {
-		telrcv_state = TS_SE;
-	    } else {
-		SB_ACCUM(c);
-	    }
-	    continue;
-
-	case TS_SE:
-	    if (c != SE) {
-		if (c != IAC) {
-		    /*
-		     * This is an error.  We only expect to get
-		     * "IAC IAC" or "IAC SE".  Several things may
-		     * have happend.  An IAC was not doubled, the
-		     * IAC SE was left off, or another option got
-		     * inserted into the suboption are all possibilities.
-		     * If we assume that the IAC was not doubled,
-		     * and really the IAC SE was left off, we could
-		     * get into an infinate loop here.  So, instead,
-		     * we terminate the suboption, and process the
-		     * partial suboption if we can.
-		     */
-		    SB_ACCUM(IAC);
-		    SB_ACCUM(c);
-		    subpointer -= 2;
-		    SB_TERM();
-
-		    printoption("In SUBOPTION processing, RCVD", IAC, c);
-		    suboption();	/* handle sub-option */
-		    SetIn3270();
-		    telrcv_state = TS_IAC;
-		    goto process_iac;
-		}
-		SB_ACCUM(c);
-		telrcv_state = TS_SB;
-	    } else {
-		SB_ACCUM(IAC);
-		SB_ACCUM(SE);
-		subpointer -= 2;
-		SB_TERM();
-		suboption();	/* handle sub-option */
-		SetIn3270();
-		telrcv_state = TS_DATA;
-	    }
-	}
-    }
-    if (count)
-	ring_consumed(&netiring, count);
-    return returnValue||count;
-}
-
-static int bol = 1, local = 0;
-
-    int
-rlogin_susp()
-{
-    if (local) {
-	local = 0;
-	bol = 1;
-	command(0, "z\n", 2);
-	return(1);
-    }
-    return(0);
-}
-
-    static int
-telsnd()
-{
-    int tcc;
-    int count;
-    int returnValue = 0;
-    unsigned char *tbp;
-
-    tcc = 0;
-    count = 0;
-    while (NETROOM() > 2) {
-	register int sc;
-	register int c;
-
-	if (tcc == 0) {
-	    if (count) {
-		ring_consumed(&ttyiring, count);
-		returnValue = 1;
-		count = 0;
-	    }
-	    tbp = ttyiring.consume;
-	    tcc = ring_full_consecutive(&ttyiring);
-	    if (tcc == 0) {
-		break;
-	    }
-	}
-	c = *tbp++ & 0xff, sc = strip(c), tcc--; count++;
-	if (rlogin != _POSIX_VDISABLE) {
-		if (bol) {
-			bol = 0;
-			if (sc == rlogin) {
-				local = 1;
-				continue;
-			}
-		} else if (local) {
-			local = 0;
-			if (sc == '.' || c == termEofChar) {
-				bol = 1;
-				command(0, "close\n", 6);
-				continue;
-			}
-			if (sc == termSuspChar) {
-				bol = 1;
-				command(0, "z\n", 2);
-				continue;
-			}
-			if (sc == escape) {
-				command(0, (char *)tbp, tcc);
-				bol = 1;
-				count += tcc;
-				tcc = 0;
-				flushline = 1;
-				break;
-			}
-			if (sc != rlogin) {
-				++tcc;
-				--tbp;
-				--count;
-				c = sc = rlogin;
-			}
-		}
-		if ((sc == '\n') || (sc == '\r'))
-			bol = 1;
-	} else if (sc == escape) {
-	    /*
-	     * Double escape is a pass through of a single escape character.
-	     */
-	    if (tcc && strip(*tbp) == escape) {
-		tbp++;
-		tcc--;
-		count++;
-		bol = 0;
-	    } else {
-		command(0, (char *)tbp, tcc);
-		bol = 1;
-		count += tcc;
-		tcc = 0;
-		flushline = 1;
-		break;
-	    }
-	} else
-	    bol = 0;
-#ifdef	KLUDGELINEMODE
-	if (kludgelinemode && (globalmode&MODE_EDIT) && (sc == echoc)) {
-	    if (tcc > 0 && strip(*tbp) == echoc) {
-		tcc--; tbp++; count++;
-	    } else {
-		dontlecho = !dontlecho;
-		settimer(echotoggle);
-		setconnmode(0);
-		flushline = 1;
-		break;
-	    }
-	}
-#endif
-	if (MODE_LOCAL_CHARS(globalmode)) {
-	    if (TerminalSpecialChars(sc) == 0) {
-		bol = 1;
-		break;
-	    }
-	}
-	if (my_want_state_is_wont(TELOPT_BINARY)) {
-	    switch (c) {
-	    case '\n':
-		    /*
-		     * If we are in CRMOD mode (\r ==> \n)
-		     * on our local machine, then probably
-		     * a newline (unix) is CRLF (TELNET).
-		     */
-		if (MODE_LOCAL_CHARS(globalmode)) {
-		    NETADD('\r');
-		}
-		NETADD('\n');
-		bol = flushline = 1;
-		break;
-	    case '\r':
-		if (!crlf) {
-		    NET2ADD('\r', '\0');
-		} else {
-		    NET2ADD('\r', '\n');
-		}
-		bol = flushline = 1;
-		break;
-	    case IAC:
-		NET2ADD(IAC, IAC);
-		break;
-	    default:
-		NETADD(c);
-		break;
-	    }
-	} else if (c == IAC) {
-	    NET2ADD(IAC, IAC);
-	} else {
-	    NETADD(c);
-	}
-    }
-    if (count)
-	ring_consumed(&ttyiring, count);
-    return returnValue||count;		/* Non-zero if we did anything */
-}
-
-/*
- * Scheduler()
- *
- * Try to do something.
- *
- * If we do something useful, return 1; else return 0.
- *
- */
-
-
-    int
-Scheduler(block)
-    int	block;			/* should we block in the select ? */
-{
-		/* One wants to be a bit careful about setting returnValue
-		 * to one, since a one implies we did some useful work,
-		 * and therefore probably won't be called to block next
-		 * time (TN3270 mode only).
-		 */
-    int returnValue;
-    int netin, netout, netex, ttyin, ttyout;
-
-    /* Decide which rings should be processed */
-
-    netout = ring_full_count(&netoring) &&
-	    (flushline ||
-		(my_want_state_is_wont(TELOPT_LINEMODE)
-#ifdef	KLUDGELINEMODE
-			&& (!kludgelinemode || my_want_state_is_do(TELOPT_SGA))
-#endif
-		) ||
-			my_want_state_is_will(TELOPT_BINARY));
-    ttyout = ring_full_count(&ttyoring);
-
-#if	defined(TN3270)
-    ttyin = ring_empty_count(&ttyiring) && (clienteof == 0) && (shell_active == 0);
-#else	/* defined(TN3270) */
-    ttyin = ring_empty_count(&ttyiring) && (clienteof == 0);
-#endif	/* defined(TN3270) */
-
-#if	defined(TN3270)
-    netin = ring_empty_count(&netiring);
-#   else /* !defined(TN3270) */
-    netin = !ISend && ring_empty_count(&netiring);
-#   endif /* !defined(TN3270) */
-
-    netex = !SYNCHing;
-
-    /* If we have seen a signal recently, reset things */
-#   if defined(TN3270) && defined(unix)
-    if (HaveInput) {
-	HaveInput = 0;
-	(void) signal(SIGIO, inputAvailable);
-    }
-#endif	/* defined(TN3270) && defined(unix) */
-
-    /* Call to system code to process rings */
-
-    returnValue = process_rings(netin, netout, netex, ttyin, ttyout, !block);
-
-    /* Now, look at the input rings, looking for work to do. */
-
-    if (ring_full_count(&ttyiring)) {
-#   if defined(TN3270)
-	if (In3270) {
-	    int c;
-
-	    c = DataFromTerminal(ttyiring.consume,
-					ring_full_consecutive(&ttyiring));
-	    if (c) {
-		returnValue = 1;
-		ring_consumed(&ttyiring, c);
-	    }
-	} else {
-#   endif /* defined(TN3270) */
-	    returnValue |= telsnd();
-#   if defined(TN3270)
-	}
-#   endif /* defined(TN3270) */
-    }
-
-    if (ring_full_count(&netiring)) {
-#	if !defined(TN3270)
-	returnValue |= telrcv();
-#	else /* !defined(TN3270) */
-	returnValue = Push3270();
-#	endif /* !defined(TN3270) */
-    }
-    return returnValue;
-}
-
-/*
- * Select from tty and network...
- */
-    void
-telnet(user)
-    char *user;
-{
-    sys_telnet_init();
-
-#if	defined(AUTHENTICATION) || defined(ENCRYPTION)
-    {
-	static char local_host[256] = { 0 };
-
-	if (!local_host[0]) {
-		gethostname(local_host, sizeof(local_host));
-		local_host[sizeof(local_host)-1] = 0;
-	}
-	auth_encrypt_init(local_host, hostname, "TELNET", 0);
-	auth_encrypt_user(user);
-    }
-#endif	/* defined(AUTHENTICATION) || defined(ENCRYPTION)  */
-#   if !defined(TN3270)
-    if (telnetport) {
-#if	defined(AUTHENTICATION)
-	if (autologin)
-		send_will(TELOPT_AUTHENTICATION, 1);
-#endif
-#ifdef	ENCRYPTION
-	send_do(TELOPT_ENCRYPT, 1);
-	send_will(TELOPT_ENCRYPT, 1);
-#endif	/* ENCRYPTION */
-	send_do(TELOPT_SGA, 1);
-	send_will(TELOPT_TTYPE, 1);
-	send_will(TELOPT_NAWS, 1);
-	send_will(TELOPT_TSPEED, 1);
-	send_will(TELOPT_LFLOW, 1);
-	send_will(TELOPT_LINEMODE, 1);
-	send_will(TELOPT_NEW_ENVIRON, 1);
-	send_do(TELOPT_STATUS, 1);
-	if (env_getvalue((unsigned char *)"DISPLAY"))
-	    send_will(TELOPT_XDISPLOC, 1);
-	if (eight)
-	    tel_enter_binary(eight);
-    }
-#   endif /* !defined(TN3270) */
-
-#   if !defined(TN3270)
-    for (;;) {
-	int schedValue;
-
-	while ((schedValue = Scheduler(0)) != 0) {
-	    if (schedValue == -1) {
-		setcommandmode();
-		return;
-	    }
-	}
-
-	if (Scheduler(1) == -1) {
-	    setcommandmode();
-	    return;
-	}
-    }
-#   else /* !defined(TN3270) */
-    for (;;) {
-	int schedValue;
-
-	while (!In3270 && !shell_active) {
-	    if (Scheduler(1) == -1) {
-		setcommandmode();
-		return;
-	    }
-	}
-
-	while ((schedValue = Scheduler(0)) != 0) {
-	    if (schedValue == -1) {
-		setcommandmode();
-		return;
-	    }
-	}
-		/* If there is data waiting to go out to terminal, don't
-		 * schedule any more data for the terminal.
-		 */
-	if (ring_full_count(&ttyoring)) {
-	    schedValue = 1;
-	} else {
-	    if (shell_active) {
-		if (shell_continue() == 0) {
-		    ConnectScreen();
-		}
-	    } else if (In3270) {
-		schedValue = DoTerminalOutput();
-	    }
-	}
-	if (schedValue && (shell_active == 0)) {
-	    if (Scheduler(1) == -1) {
-		setcommandmode();
-		return;
-	    }
-	}
-    }
-#   endif /* !defined(TN3270) */
-}
-
-#if	0	/* XXX - this not being in is a bug */
-/*
- * nextitem()
- *
- *	Return the address of the next "item" in the TELNET data
- * stream.  This will be the address of the next character if
- * the current address is a user data character, or it will
- * be the address of the character following the TELNET command
- * if the current address is a TELNET IAC ("I Am a Command")
- * character.
- */
-
-    static char *
-nextitem(current)
-    char *current;
-{
-    if ((*current&0xff) != IAC) {
-	return current+1;
-    }
-    switch (*(current+1)&0xff) {
-    case DO:
-    case DONT:
-    case WILL:
-    case WONT:
-	return current+3;
-    case SB:		/* loop forever looking for the SE */
-	{
-	    register char *look = current+2;
-
-	    for (;;) {
-		if ((*look++&0xff) == IAC) {
-		    if ((*look++&0xff) == SE) {
-			return look;
-		    }
-		}
-	    }
-	}
-    default:
-	return current+2;
-    }
-}
-#endif	/* 0 */
-
-/*
- * netclear()
- *
- *	We are about to do a TELNET SYNCH operation.  Clear
- * the path to the network.
- *
- *	Things are a bit tricky since we may have sent the first
- * byte or so of a previous TELNET command into the network.
- * So, we have to scan the network buffer from the beginning
- * until we are up to where we want to be.
- *
- *	A side effect of what we do, just to keep things
- * simple, is to clear the urgent data pointer.  The principal
- * caller should be setting the urgent data pointer AFTER calling
- * us in any case.
- */
-
-    static void
-netclear()
-{
-#if	0	/* XXX */
-    register char *thisitem, *next;
-    char *good;
-#define	wewant(p)	((nfrontp > p) && ((*p&0xff) == IAC) && \
-				((*(p+1)&0xff) != EC) && ((*(p+1)&0xff) != EL))
-
-    thisitem = netobuf;
-
-    while ((next = nextitem(thisitem)) <= netobuf.send) {
-	thisitem = next;
-    }
-
-    /* Now, thisitem is first before/at boundary. */
-
-    good = netobuf;	/* where the good bytes go */
-
-    while (netoring.add > thisitem) {
-	if (wewant(thisitem)) {
-	    int length;
-
-	    next = thisitem;
-	    do {
-		next = nextitem(next);
-	    } while (wewant(next) && (nfrontp > next));
-	    length = next-thisitem;
-	    memmove(good, thisitem, length);
-	    good += length;
-	    thisitem = next;
-	} else {
-	    thisitem = nextitem(thisitem);
-	}
-    }
-
-#endif	/* 0 */
-}
-
-/*
- * These routines add various telnet commands to the data stream.
- */
-
-    static void
-doflush()
-{
-    NET2ADD(IAC, DO);
-    NETADD(TELOPT_TM);
-    flushline = 1;
-    flushout = 1;
-    (void) ttyflush(1);			/* Flush/drop output */
-    /* do printoption AFTER flush, otherwise the output gets tossed... */
-    printoption("SENT", DO, TELOPT_TM);
-}
-
-    void
-xmitAO()
-{
-    NET2ADD(IAC, AO);
-    printoption("SENT", IAC, AO);
-    if (autoflush) {
-	doflush();
-    }
-}
-
-
-    void
-xmitEL()
-{
-    NET2ADD(IAC, EL);
-    printoption("SENT", IAC, EL);
-}
-
-    void
-xmitEC()
-{
-    NET2ADD(IAC, EC);
-    printoption("SENT", IAC, EC);
-}
-
-
-    int
-dosynch()
-{
-    netclear();			/* clear the path to the network */
-    NETADD(IAC);
-    setneturg();
-    NETADD(DM);
-    printoption("SENT", IAC, DM);
-    return 1;
-}
-
-int want_status_response = 0;
-
-    int
-get_status()
-{
-    unsigned char tmp[16];
-    register unsigned char *cp;
-
-    if (my_want_state_is_dont(TELOPT_STATUS)) {
-	printf("Remote side does not support STATUS option\n");
-	return 0;
-    }
-    cp = tmp;
-
-    *cp++ = IAC;
-    *cp++ = SB;
-    *cp++ = TELOPT_STATUS;
-    *cp++ = TELQUAL_SEND;
-    *cp++ = IAC;
-    *cp++ = SE;
-    if (NETROOM() >= cp - tmp) {
-	ring_supply_data(&netoring, tmp, cp-tmp);
-	printsub('>', tmp+2, cp - tmp - 2);
-    }
-    ++want_status_response;
-    return 1;
-}
-
-    void
-intp()
-{
-    NET2ADD(IAC, IP);
-    printoption("SENT", IAC, IP);
-    flushline = 1;
-    if (autoflush) {
-	doflush();
-    }
-    if (autosynch) {
-	dosynch();
-    }
-}
-
-    void
-sendbrk()
-{
-    NET2ADD(IAC, BREAK);
-    printoption("SENT", IAC, BREAK);
-    flushline = 1;
-    if (autoflush) {
-	doflush();
-    }
-    if (autosynch) {
-	dosynch();
-    }
-}
-
-    void
-sendabort()
-{
-    NET2ADD(IAC, ABORT);
-    printoption("SENT", IAC, ABORT);
-    flushline = 1;
-    if (autoflush) {
-	doflush();
-    }
-    if (autosynch) {
-	dosynch();
-    }
-}
-
-    void
-sendsusp()
-{
-    NET2ADD(IAC, SUSP);
-    printoption("SENT", IAC, SUSP);
-    flushline = 1;
-    if (autoflush) {
-	doflush();
-    }
-    if (autosynch) {
-	dosynch();
-    }
-}
-
-    void
-sendeof()
-{
-    NET2ADD(IAC, xEOF);
-    printoption("SENT", IAC, xEOF);
-}
-
-    void
-sendayt()
-{
-    NET2ADD(IAC, AYT);
-    printoption("SENT", IAC, AYT);
-}
-
-/*
- * Send a window size update to the remote system.
- */
-
-    void
-sendnaws()
-{
-    long rows, cols;
-    unsigned char tmp[16];
-    register unsigned char *cp;
-
-    if (my_state_is_wont(TELOPT_NAWS))
-	return;
-
-#define	PUTSHORT(cp, x) { if ((*cp++ = ((x)>>8)&0xff) == IAC) *cp++ = IAC; \
-			    if ((*cp++ = ((x))&0xff) == IAC) *cp++ = IAC; }
-
-    if (TerminalWindowSize(&rows, &cols) == 0) {	/* Failed */
-	return;
-    }
-
-    cp = tmp;
-
-    *cp++ = IAC;
-    *cp++ = SB;
-    *cp++ = TELOPT_NAWS;
-    PUTSHORT(cp, cols);
-    PUTSHORT(cp, rows);
-    *cp++ = IAC;
-    *cp++ = SE;
-    if (NETROOM() >= cp - tmp) {
-	ring_supply_data(&netoring, tmp, cp-tmp);
-	printsub('>', tmp+2, cp - tmp - 2);
-    }
-}
-
-    void
-tel_enter_binary(rw)
-    int rw;
-{
-    if (rw&1)
-	send_do(TELOPT_BINARY, 1);
-    if (rw&2)
-	send_will(TELOPT_BINARY, 1);
-}
-
-    void
-tel_leave_binary(rw)
-    int rw;
-{
-    if (rw&1)
-	send_dont(TELOPT_BINARY, 1);
-    if (rw&2)
-	send_wont(TELOPT_BINARY, 1);
-}
diff --git a/crypto/telnet/telnet/terminal.c b/crypto/telnet/telnet/terminal.c
deleted file mode 100644
index a2383d9e6696..000000000000
--- a/crypto/telnet/telnet/terminal.c
+++ /dev/null
@@ -1,244 +0,0 @@
-/*
- * Copyright (c) 1988, 1990, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef lint
-static const char sccsid[] = "@(#)terminal.c	8.2 (Berkeley) 2/16/95";
-#endif /* not lint */
-
-#include <arpa/telnet.h>
-#include <sys/types.h>
-
-#include "ring.h"
-
-#include "externs.h"
-#include "types.h"
-
-#if	defined(ENCRYPTION)
-#include <libtelnet/encrypt.h>
-#endif
-
-Ring		ttyoring, ttyiring;
-unsigned char	ttyobuf[2*BUFSIZ], ttyibuf[BUFSIZ];
-
-int termdata;			/* Debugging flag */
-
-#ifdef	USE_TERMIO
-# ifndef VDISCARD
-cc_t termFlushChar;
-# endif
-# ifndef VLNEXT
-cc_t termLiteralNextChar;
-# endif
-# ifndef VSUSP
-cc_t termSuspChar;
-# endif
-# ifndef VWERASE
-cc_t termWerasChar;
-# endif
-# ifndef VREPRINT
-cc_t termRprntChar;
-# endif
-# ifndef VSTART
-cc_t termStartChar;
-# endif
-# ifndef VSTOP
-cc_t termStopChar;
-# endif
-# ifndef VEOL
-cc_t termForw1Char;
-# endif
-# ifndef VEOL2
-cc_t termForw2Char;
-# endif
-# ifndef VSTATUS
-cc_t termAytChar;
-# endif
-#else
-cc_t termForw2Char;
-cc_t termAytChar;
-#endif
-
-/*
- * initialize the terminal data structures.
- */
-
-    void
-init_terminal()
-{
-    if (ring_init(&ttyoring, ttyobuf, sizeof ttyobuf) != 1) {
-	exit(1);
-    }
-    if (ring_init(&ttyiring, ttyibuf, sizeof ttyibuf) != 1) {
-	exit(1);
-    }
-    autoflush = TerminalAutoFlush();
-}
-
-
-/*
- *		Send as much data as possible to the terminal.
- *
- *		Return value:
- *			-1: No useful work done, data waiting to go out.
- *			 0: No data was waiting, so nothing was done.
- *			 1: All waiting data was written out.
- *			 n: All data - n was written out.
- */
-
-
-    int
-ttyflush(drop)
-    int drop;
-{
-    register int n, n0, n1;
-
-    n0 = ring_full_count(&ttyoring);
-    if ((n1 = n = ring_full_consecutive(&ttyoring)) > 0) {
-	if (drop) {
-	    TerminalFlushOutput();
-	    /* we leave 'n' alone! */
-	} else {
-	    n = TerminalWrite(ttyoring.consume, n);
-	}
-    }
-    if (n > 0) {
-	if (termdata && n) {
-	    Dump('>', ttyoring.consume, n);
-	}
-	/*
-	 * If we wrote everything, and the full count is
-	 * larger than what we wrote, then write the
-	 * rest of the buffer.
-	 */
-	if (n1 == n && n0 > n) {
-		n1 = n0 - n;
-		if (!drop)
-			n1 = TerminalWrite(ttyoring.bottom, n1);
-		if (n1 > 0)
-			n += n1;
-	}
-	ring_consumed(&ttyoring, n);
-    }
-    if (n < 0)
-	return -1;
-    if (n == n0) {
-	if (n0)
-	    return -1;
-	return 0;
-    }
-    return n0 - n + 1;
-}
-
-
-/*
- * These routines decides on what the mode should be (based on the values
- * of various global variables).
- */
-
-
-    int
-getconnmode()
-{
-    extern int linemode;
-    int mode = 0;
-#ifdef	KLUDGELINEMODE
-    extern int kludgelinemode;
-#endif
-
-    if (In3270)
-	return(MODE_FLOW);
-
-    if (my_want_state_is_dont(TELOPT_ECHO))
-	mode |= MODE_ECHO;
-
-    if (localflow)
-	mode |= MODE_FLOW;
-
-    if (my_want_state_is_will(TELOPT_BINARY))
-	mode |= MODE_INBIN;
-
-    if (his_want_state_is_will(TELOPT_BINARY))
-	mode |= MODE_OUTBIN;
-
-#ifdef	KLUDGELINEMODE
-    if (kludgelinemode) {
-	if (my_want_state_is_dont(TELOPT_SGA)) {
-	    mode |= (MODE_TRAPSIG|MODE_EDIT);
-	    if (dontlecho && (clocks.echotoggle > clocks.modenegotiated)) {
-		mode &= ~MODE_ECHO;
-	    }
-	}
-	return(mode);
-    }
-#endif
-    if (my_want_state_is_will(TELOPT_LINEMODE))
-	mode |= linemode;
-    return(mode);
-}
-
-    void
-setconnmode(force)
-    int force;
-{
-#ifdef	ENCRYPTION
-    static int enc_passwd = 0;
-#endif	/* ENCRYPTION */
-    register int newmode;
-
-    newmode = getconnmode()|(force?MODE_FORCE:0);
-
-    TerminalNewMode(newmode);
-
-#ifdef  ENCRYPTION
-    if ((newmode & (MODE_ECHO|MODE_EDIT)) == MODE_EDIT) {
-	if (my_want_state_is_will(TELOPT_ENCRYPT)
-				&& (enc_passwd == 0) && !encrypt_output) {
-	    encrypt_request_start(0, 0);
-	    enc_passwd = 1;
-	}
-    } else {
-	if (enc_passwd) {
-	    encrypt_request_end();
-	    enc_passwd = 0;
-	}
-    }
-#endif	/* ENCRYPTION */
-
-}
-
-
-    void
-setcommandmode()
-{
-    TerminalNewMode(-1);
-}
diff --git a/crypto/telnet/telnet/tn3270.c b/crypto/telnet/telnet/tn3270.c
deleted file mode 100644
index 5a453d98cc5b..000000000000
--- a/crypto/telnet/telnet/tn3270.c
+++ /dev/null
@@ -1,411 +0,0 @@
-/*
- * Copyright (c) 1988, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef lint
-static const char sccsid[] = "@(#)tn3270.c	8.2 (Berkeley) 5/30/95";
-#endif /* not lint */
-
-#include <sys/types.h>
-#include <arpa/telnet.h>
-
-#include "general.h"
-
-#include "defines.h"
-#include "ring.h"
-#include "externs.h"
-#include "fdset.h"
-
-#if	defined(TN3270)
-
-#include "../ctlr/screen.h"
-#include "../general/globals.h"
-
-#include "../sys_curses/telextrn.h"
-#include "../ctlr/externs.h"
-
-#if	defined(unix)
-int
-	HaveInput,		/* There is input available to scan */
-	cursesdata,		/* Do we dump curses data? */
-	sigiocount;		/* Number of times we got a SIGIO */
-
-char	tline[200];
-char	*transcom = 0;	/* transparent mode command (default: none) */
-#endif	/* defined(unix) */
-
-char	Ibuf[8*BUFSIZ], *Ifrontp, *Ibackp;
-
-static char	sb_terminal[] = { IAC, SB,
-			TELOPT_TTYPE, TELQUAL_IS,
-			'I', 'B', 'M', '-', '3', '2', '7', '8', '-', '2',
-			IAC, SE };
-#define	SBTERMMODEL	13
-
-static int
-	Sent3270TerminalType;	/* Have we said we are a 3270? */
-
-#endif	/* defined(TN3270) */
-
-
-    void
-init_3270()
-{
-#if	defined(TN3270)
-#if	defined(unix)
-    HaveInput = 0;
-    sigiocount = 0;
-#endif	/* defined(unix) */
-    Sent3270TerminalType = 0;
-    Ifrontp = Ibackp = Ibuf;
-    init_ctlr();		/* Initialize some things */
-    init_keyboard();
-    init_screen();
-    init_system();
-#endif	/* defined(TN3270) */
-}
-
-
-#if	defined(TN3270)
-
-/*
- * DataToNetwork - queue up some data to go to network.  If "done" is set,
- * then when last byte is queued, we add on an IAC EOR sequence (so,
- * don't call us with "done" until you want that done...)
- *
- * We actually do send all the data to the network buffer, since our
- * only client needs for us to do that.
- */
-
-    int
-DataToNetwork(buffer, count, done)
-    register char *buffer;	/* where the data is */
-    register int  count;	/* how much to send */
-    int		  done;		/* is this the last of a logical block */
-{
-    register int loop, c;
-    int origCount;
-
-    origCount = count;
-
-    while (count) {
-	/* If not enough room for EORs, IACs, etc., wait */
-	if (NETROOM() < 6) {
-	    fd_set o;
-
-	    FD_ZERO(&o);
-	    netflush();
-	    while (NETROOM() < 6) {
-		FD_SET(net, &o);
-		(void) select(net+1, (fd_set *) 0, &o, (fd_set *) 0,
-						(struct timeval *) 0);
-		netflush();
-	    }
-	}
-	c = ring_empty_count(&netoring);
-	if (c > count) {
-	    c = count;
-	}
-	loop = c;
-	while (loop) {
-	    if (((unsigned char)*buffer) == IAC) {
-		break;
-	    }
-	    buffer++;
-	    loop--;
-	}
-	if ((c = c-loop)) {
-	    ring_supply_data(&netoring, buffer-c, c);
-	    count -= c;
-	}
-	if (loop) {
-	    NET2ADD(IAC, IAC);
-	    count--;
-	    buffer++;
-	}
-    }
-
-    if (done) {
-	NET2ADD(IAC, EOR);
-	netflush();		/* try to move along as quickly as ... */
-    }
-    return(origCount - count);
-}
-
-
-#if	defined(unix)
-    void
-inputAvailable(signo)
-	int signo;
-{
-    HaveInput = 1;
-    sigiocount++;
-}
-#endif	/* defined(unix) */
-
-    void
-outputPurge()
-{
-    (void) ttyflush(1);
-}
-
-
-/*
- * The following routines are places where the various tn3270
- * routines make calls into telnet.c.
- */
-
-/*
- * DataToTerminal - queue up some data to go to terminal.
- *
- * Note: there are people who call us and depend on our processing
- * *all* the data at one time (thus the select).
- */
-
-    int
-DataToTerminal(buffer, count)
-    register char	*buffer;		/* where the data is */
-    register int	count;			/* how much to send */
-{
-    register int c;
-    int origCount;
-
-    origCount = count;
-
-    while (count) {
-	if (TTYROOM() == 0) {
-#if	defined(unix)
-	    fd_set o;
-
-	    FD_ZERO(&o);
-#endif	/* defined(unix) */
-	    (void) ttyflush(0);
-	    while (TTYROOM() == 0) {
-#if	defined(unix)
-		FD_SET(tout, &o);
-		(void) select(tout+1, (fd_set *) 0, &o, (fd_set *) 0,
-						(struct timeval *) 0);
-#endif	/* defined(unix) */
-		(void) ttyflush(0);
-	    }
-	}
-	c = TTYROOM();
-	if (c > count) {
-	    c = count;
-	}
-	ring_supply_data(&ttyoring, buffer, c);
-	count -= c;
-	buffer += c;
-    }
-    return(origCount);
-}
-
-
-/*
- * Push3270 - Try to send data along the 3270 output (to screen) direction.
- */
-
-    int
-Push3270()
-{
-    int save = ring_full_count(&netiring);
-
-    if (save) {
-	if (Ifrontp+save > Ibuf+sizeof Ibuf) {
-	    if (Ibackp != Ibuf) {
-		memmove(Ibuf, Ibackp, Ifrontp-Ibackp);
-		Ifrontp -= (Ibackp-Ibuf);
-		Ibackp = Ibuf;
-	    }
-	}
-	if (Ifrontp+save < Ibuf+sizeof Ibuf) {
-	    (void)telrcv();
-	}
-    }
-    return save != ring_full_count(&netiring);
-}
-
-
-/*
- * Finish3270 - get the last dregs of 3270 data out to the terminal
- *		before quitting.
- */
-
-    void
-Finish3270()
-{
-    while (Push3270() || !DoTerminalOutput()) {
-#if	defined(unix)
-	HaveInput = 0;
-#endif	/* defined(unix) */
-	;
-    }
-}
-
-
-/* StringToTerminal - output a null terminated string to the terminal */
-
-    void
-StringToTerminal(s)
-    char *s;
-{
-    int count;
-
-    count = strlen(s);
-    if (count) {
-	(void) DataToTerminal(s, count);	/* we know it always goes... */
-    }
-}
-
-
-#if	((!defined(NOT43)) || defined(PUTCHAR))
-/* _putchar - output a single character to the terminal.  This name is so that
- *	curses(3x) can call us to send out data.
- */
-
-    void
-_putchar(c)
-    char c;
-{
-#if	defined(sun)		/* SunOS 4.0 bug */
-    c &= 0x7f;
-#endif	/* defined(sun) */
-    if (cursesdata) {
-	Dump('>', &c, 1);
-    }
-    if (!TTYROOM()) {
-	(void) DataToTerminal(&c, 1);
-    } else {
-	TTYADD(c);
-    }
-}
-#endif	/* ((!defined(NOT43)) || defined(PUTCHAR)) */
-
-    void
-SetIn3270()
-{
-    if (Sent3270TerminalType && my_want_state_is_will(TELOPT_BINARY)
-		&& my_want_state_is_do(TELOPT_BINARY) && !donebinarytoggle) {
-	if (!In3270) {
-	    In3270 = 1;
-	    Init3270();		/* Initialize 3270 functions */
-	    /* initialize terminal key mapping */
-	    InitTerminal();	/* Start terminal going */
-	    setconnmode(0);
-	}
-    } else {
-	if (In3270) {
-	    StopScreen(1);
-	    In3270 = 0;
-	    Stop3270();		/* Tell 3270 we aren't here anymore */
-	    setconnmode(0);
-	}
-    }
-}
-
-/*
- * tn3270_ttype()
- *
- *	Send a response to a terminal type negotiation.
- *
- *	Return '0' if no more responses to send; '1' if a response sent.
- */
-
-    int
-tn3270_ttype()
-{
-    /*
-     * Try to send a 3270 type terminal name.  Decide which one based
-     * on the format of our screen, and (in the future) color
-     * capaiblities.
-     */
-    InitTerminal();		/* Sets MaxNumberColumns, MaxNumberLines */
-    if ((MaxNumberLines >= 24) && (MaxNumberColumns >= 80)) {
-	Sent3270TerminalType = 1;
-	if ((MaxNumberLines >= 27) && (MaxNumberColumns >= 132)) {
-	    MaxNumberLines = 27;
-	    MaxNumberColumns = 132;
-	    sb_terminal[SBTERMMODEL] = '5';
-	} else if (MaxNumberLines >= 43) {
-	    MaxNumberLines = 43;
-	    MaxNumberColumns = 80;
-	    sb_terminal[SBTERMMODEL] = '4';
-	} else if (MaxNumberLines >= 32) {
-	    MaxNumberLines = 32;
-	    MaxNumberColumns = 80;
-	    sb_terminal[SBTERMMODEL] = '3';
-	} else {
-	    MaxNumberLines = 24;
-	    MaxNumberColumns = 80;
-	    sb_terminal[SBTERMMODEL] = '2';
-	}
-	NumberLines = 24;		/* before we start out... */
-	NumberColumns = 80;
-	ScreenSize = NumberLines*NumberColumns;
-	if ((MaxNumberLines*MaxNumberColumns) > MAXSCREENSIZE) {
-	    ExitString("Programming error:  MAXSCREENSIZE too small.\n",
-								1);
-	    /*NOTREACHED*/
-	}
-	printsub('>', sb_terminal+2, sizeof sb_terminal-2);
-	ring_supply_data(&netoring, sb_terminal, sizeof sb_terminal);
-	return 1;
-    } else {
-	return 0;
-    }
-}
-
-#if	defined(unix)
-	int
-settranscom(argc, argv)
-	int argc;
-	char *argv[];
-{
-	int i;
-
-	if (argc == 1 && transcom) {
-	   transcom = 0;
-	}
-	if (argc == 1) {
-	   return 1;
-	}
-	transcom = tline;
-	(void) strcpy(transcom, argv[1]);
-	for (i = 2; i < argc; ++i) {
-	    (void) strcat(transcom, " ");
-	    (void) strcat(transcom, argv[i]);
-	}
-	return 1;
-}
-#endif	/* defined(unix) */
-
-#endif	/* defined(TN3270) */
diff --git a/crypto/telnet/telnet/types.h b/crypto/telnet/telnet/types.h
deleted file mode 100644
index 191d311fd154..000000000000
--- a/crypto/telnet/telnet/types.h
+++ /dev/null
@@ -1,52 +0,0 @@
-/*
- * Copyright (c) 1988, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)types.h	8.1 (Berkeley) 6/6/93
- */
-
-typedef struct {
-    char *modedescriptions;
-    char modetype;
-} Modelist;
-
-extern Modelist modelist[];
-
-typedef struct {
-    int
-	system,			/* what the current time is */
-	echotoggle,		/* last time user entered echo character */
-	modenegotiated,		/* last time operating mode negotiated */
-	didnetreceive,		/* last time we read data from network */
-	gotDM;			/* when did we last see a data mark */
-} Clocks;
-
-extern Clocks clocks;
diff --git a/crypto/telnet/telnet/utilities.c b/crypto/telnet/telnet/utilities.c
deleted file mode 100644
index 0ee882ebd87c..000000000000
--- a/crypto/telnet/telnet/utilities.c
+++ /dev/null
@@ -1,946 +0,0 @@
-/*
- * Copyright (c) 1988, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef lint
-static const char sccsid[] = "@(#)utilities.c	8.3 (Berkeley) 5/30/95";
-#endif /* not lint */
-
-#define	TELOPTS
-#define	TELCMDS
-#define	SLC_NAMES
-#include <arpa/telnet.h>
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <sys/time.h>
-#include <unistd.h>
-
-#include <ctype.h>
-
-#include "general.h"
-
-#include "fdset.h"
-
-#include "ring.h"
-
-#include "defines.h"
-
-#include "externs.h"
-
-#if	defined(AUTHENTICATION)
-#include <libtelnet/auth.h>
-#endif
-#if	defined(ENCRYPTION)
-#include <libtelnet/encrypt.h>
-#endif
-
-FILE	*NetTrace = 0;		/* Not in bss, since needs to stay */
-int	prettydump;
-
-/*
- * upcase()
- *
- *	Upcase (in place) the argument.
- */
-
-    void
-upcase(argument)
-    register char *argument;
-{
-    register int c;
-
-    while ((c = *argument) != 0) {
-	if (islower(c)) {
-	    *argument = toupper(c);
-	}
-	argument++;
-    }
-}
-
-/*
- * SetSockOpt()
- *
- * Compensate for differences in 4.2 and 4.3 systems.
- */
-
-    int
-SetSockOpt(fd, level, option, yesno)
-    int fd, level, option, yesno;
-{
-#ifndef	NOT43
-    return setsockopt(fd, level, option,
-				(char *)&yesno, sizeof yesno);
-#else	/* NOT43 */
-    if (yesno == 0) {		/* Can't do that in 4.2! */
-	fprintf(stderr, "Error: attempt to turn off an option 0x%x.\n",
-				option);
-	return -1;
-    }
-    return setsockopt(fd, level, option, 0, 0);
-#endif	/* NOT43 */
-}
-
-/*
- * The following are routines used to print out debugging information.
- */
-
-unsigned char NetTraceFile[256] = "(standard output)";
-
-    void
-SetNetTrace(file)
-    register char *file;
-{
-    if (NetTrace && NetTrace != stdout)
-	fclose(NetTrace);
-    if (file  && (strcmp(file, "-") != 0)) {
-	NetTrace = fopen(file, "w");
-	if (NetTrace) {
-	    strcpy((char *)NetTraceFile, file);
-	    return;
-	}
-	fprintf(stderr, "Cannot open %s.\n", file);
-    }
-    NetTrace = stdout;
-    strcpy((char *)NetTraceFile, "(standard output)");
-}
-
-    void
-Dump(direction, buffer, length)
-    char direction;
-    unsigned char *buffer;
-    int length;
-{
-#   define BYTES_PER_LINE	32
-#   define min(x,y)	((x<y)? x:y)
-    unsigned char *pThis;
-    int offset;
-
-    offset = 0;
-
-    while (length) {
-	/* print one line */
-	fprintf(NetTrace, "%c 0x%x\t", direction, offset);
-	pThis = buffer;
-	if (prettydump) {
-	    buffer = buffer + min(length, BYTES_PER_LINE/2);
-	    while (pThis < buffer) {
-		fprintf(NetTrace, "%c%.2x",
-		    (((*pThis)&0xff) == 0xff) ? '*' : ' ',
-		    (*pThis)&0xff);
-		pThis++;
-	    }
-	    length -= BYTES_PER_LINE/2;
-	    offset += BYTES_PER_LINE/2;
-	} else {
-	    buffer = buffer + min(length, BYTES_PER_LINE);
-	    while (pThis < buffer) {
-		fprintf(NetTrace, "%.2x", (*pThis)&0xff);
-		pThis++;
-	    }
-	    length -= BYTES_PER_LINE;
-	    offset += BYTES_PER_LINE;
-	}
-	if (NetTrace == stdout) {
-	    fprintf(NetTrace, "\r\n");
-	} else {
-	    fprintf(NetTrace, "\n");
-	}
-	if (length < 0) {
-	    fflush(NetTrace);
-	    return;
-	}
-	/* find next unique line */
-    }
-    fflush(NetTrace);
-}
-
-
-	void
-printoption(direction, cmd, option)
-	char *direction;
-	int cmd, option;
-{
-	if (!showoptions)
-		return;
-	if (cmd == IAC) {
-		if (TELCMD_OK(option))
-		    fprintf(NetTrace, "%s IAC %s", direction, TELCMD(option));
-		else
-		    fprintf(NetTrace, "%s IAC %d", direction, option);
-	} else {
-		register char *fmt;
-		fmt = (cmd == WILL) ? "WILL" : (cmd == WONT) ? "WONT" :
-			(cmd == DO) ? "DO" : (cmd == DONT) ? "DONT" : 0;
-		if (fmt) {
-		    fprintf(NetTrace, "%s %s ", direction, fmt);
-		    if (TELOPT_OK(option))
-			fprintf(NetTrace, "%s", TELOPT(option));
-		    else if (option == TELOPT_EXOPL)
-			fprintf(NetTrace, "EXOPL");
-		    else
-			fprintf(NetTrace, "%d", option);
-		} else
-		    fprintf(NetTrace, "%s %d %d", direction, cmd, option);
-	}
-	if (NetTrace == stdout) {
-	    fprintf(NetTrace, "\r\n");
-	    fflush(NetTrace);
-	} else {
-	    fprintf(NetTrace, "\n");
-	}
-	return;
-}
-
-    void
-optionstatus()
-{
-    register int i;
-    extern char will_wont_resp[], do_dont_resp[];
-
-    for (i = 0; i < 256; i++) {
-	if (do_dont_resp[i]) {
-	    if (TELOPT_OK(i))
-		printf("resp DO_DONT %s: %d\n", TELOPT(i), do_dont_resp[i]);
-	    else if (TELCMD_OK(i))
-		printf("resp DO_DONT %s: %d\n", TELCMD(i), do_dont_resp[i]);
-	    else
-		printf("resp DO_DONT %d: %d\n", i,
-				do_dont_resp[i]);
-	    if (my_want_state_is_do(i)) {
-		if (TELOPT_OK(i))
-		    printf("want DO   %s\n", TELOPT(i));
-		else if (TELCMD_OK(i))
-		    printf("want DO   %s\n", TELCMD(i));
-		else
-		    printf("want DO   %d\n", i);
-	    } else {
-		if (TELOPT_OK(i))
-		    printf("want DONT %s\n", TELOPT(i));
-		else if (TELCMD_OK(i))
-		    printf("want DONT %s\n", TELCMD(i));
-		else
-		    printf("want DONT %d\n", i);
-	    }
-	} else {
-	    if (my_state_is_do(i)) {
-		if (TELOPT_OK(i))
-		    printf("     DO   %s\n", TELOPT(i));
-		else if (TELCMD_OK(i))
-		    printf("     DO   %s\n", TELCMD(i));
-		else
-		    printf("     DO   %d\n", i);
-	    }
-	}
-	if (will_wont_resp[i]) {
-	    if (TELOPT_OK(i))
-		printf("resp WILL_WONT %s: %d\n", TELOPT(i), will_wont_resp[i]);
-	    else if (TELCMD_OK(i))
-		printf("resp WILL_WONT %s: %d\n", TELCMD(i), will_wont_resp[i]);
-	    else
-		printf("resp WILL_WONT %d: %d\n",
-				i, will_wont_resp[i]);
-	    if (my_want_state_is_will(i)) {
-		if (TELOPT_OK(i))
-		    printf("want WILL %s\n", TELOPT(i));
-		else if (TELCMD_OK(i))
-		    printf("want WILL %s\n", TELCMD(i));
-		else
-		    printf("want WILL %d\n", i);
-	    } else {
-		if (TELOPT_OK(i))
-		    printf("want WONT %s\n", TELOPT(i));
-		else if (TELCMD_OK(i))
-		    printf("want WONT %s\n", TELCMD(i));
-		else
-		    printf("want WONT %d\n", i);
-	    }
-	} else {
-	    if (my_state_is_will(i)) {
-		if (TELOPT_OK(i))
-		    printf("     WILL %s\n", TELOPT(i));
-		else if (TELCMD_OK(i))
-		    printf("     WILL %s\n", TELCMD(i));
-		else
-		    printf("     WILL %d\n", i);
-	    }
-	}
-    }
-
-}
-
-    void
-printsub(direction, pointer, length)
-    char direction;	/* '<' or '>' */
-    unsigned char *pointer;	/* where suboption data sits */
-    int		  length;	/* length of suboption data */
-{
-    register int i;
-    char buf[512];
-    extern int want_status_response;
-
-    if (showoptions || direction == 0 ||
-	(want_status_response && (pointer[0] == TELOPT_STATUS))) {
-	if (direction) {
-	    fprintf(NetTrace, "%s IAC SB ",
-				(direction == '<')? "RCVD":"SENT");
-	    if (length >= 3) {
-		register int j;
-
-		i = pointer[length-2];
-		j = pointer[length-1];
-
-		if (i != IAC || j != SE) {
-		    fprintf(NetTrace, "(terminated by ");
-		    if (TELOPT_OK(i))
-			fprintf(NetTrace, "%s ", TELOPT(i));
-		    else if (TELCMD_OK(i))
-			fprintf(NetTrace, "%s ", TELCMD(i));
-		    else
-			fprintf(NetTrace, "%d ", i);
-		    if (TELOPT_OK(j))
-			fprintf(NetTrace, "%s", TELOPT(j));
-		    else if (TELCMD_OK(j))
-			fprintf(NetTrace, "%s", TELCMD(j));
-		    else
-			fprintf(NetTrace, "%d", j);
-		    fprintf(NetTrace, ", not IAC SE!) ");
-		}
-	    }
-	    length -= 2;
-	}
-	if (length < 1) {
-	    fprintf(NetTrace, "(Empty suboption??\?)");
-	    if (NetTrace == stdout)
-		fflush(NetTrace);
-	    return;
-	}
-	switch (pointer[0]) {
-	case TELOPT_TTYPE:
-	    fprintf(NetTrace, "TERMINAL-TYPE ");
-	    switch (pointer[1]) {
-	    case TELQUAL_IS:
-		fprintf(NetTrace, "IS \"%.*s\"", length-2, (char *)pointer+2);
-		break;
-	    case TELQUAL_SEND:
-		fprintf(NetTrace, "SEND");
-		break;
-	    default:
-		fprintf(NetTrace,
-				"- unknown qualifier %d (0x%x).",
-				pointer[1], pointer[1]);
-	    }
-	    break;
-	case TELOPT_TSPEED:
-	    fprintf(NetTrace, "TERMINAL-SPEED");
-	    if (length < 2) {
-		fprintf(NetTrace, " (empty suboption??\?)");
-		break;
-	    }
-	    switch (pointer[1]) {
-	    case TELQUAL_IS:
-		fprintf(NetTrace, " IS ");
-		fprintf(NetTrace, "%.*s", length-2, (char *)pointer+2);
-		break;
-	    default:
-		if (pointer[1] == 1)
-		    fprintf(NetTrace, " SEND");
-		else
-		    fprintf(NetTrace, " %d (unknown)", pointer[1]);
-		for (i = 2; i < length; i++)
-		    fprintf(NetTrace, " ?%d?", pointer[i]);
-		break;
-	    }
-	    break;
-
-	case TELOPT_LFLOW:
-	    fprintf(NetTrace, "TOGGLE-FLOW-CONTROL");
-	    if (length < 2) {
-		fprintf(NetTrace, " (empty suboption??\?)");
-		break;
-	    }
-	    switch (pointer[1]) {
-	    case LFLOW_OFF:
-		fprintf(NetTrace, " OFF"); break;
-	    case LFLOW_ON:
-		fprintf(NetTrace, " ON"); break;
-	    case LFLOW_RESTART_ANY:
-		fprintf(NetTrace, " RESTART-ANY"); break;
-	    case LFLOW_RESTART_XON:
-		fprintf(NetTrace, " RESTART-XON"); break;
-	    default:
-		fprintf(NetTrace, " %d (unknown)", pointer[1]);
-	    }
-	    for (i = 2; i < length; i++)
-		fprintf(NetTrace, " ?%d?", pointer[i]);
-	    break;
-
-	case TELOPT_NAWS:
-	    fprintf(NetTrace, "NAWS");
-	    if (length < 2) {
-		fprintf(NetTrace, " (empty suboption??\?)");
-		break;
-	    }
-	    if (length == 2) {
-		fprintf(NetTrace, " ?%d?", pointer[1]);
-		break;
-	    }
-	    fprintf(NetTrace, " %d %d (%d)",
-		pointer[1], pointer[2],
-		(int)((((unsigned int)pointer[1])<<8)|((unsigned int)pointer[2])));
-	    if (length == 4) {
-		fprintf(NetTrace, " ?%d?", pointer[3]);
-		break;
-	    }
-	    fprintf(NetTrace, " %d %d (%d)",
-		pointer[3], pointer[4],
-		(int)((((unsigned int)pointer[3])<<8)|((unsigned int)pointer[4])));
-	    for (i = 5; i < length; i++)
-		fprintf(NetTrace, " ?%d?", pointer[i]);
-	    break;
-
-#if	defined(AUTHENTICATION)
-	case TELOPT_AUTHENTICATION:
-	    fprintf(NetTrace, "AUTHENTICATION");
-	    if (length < 2) {
-		fprintf(NetTrace, " (empty suboption??\?)");
-		break;
-	    }
-	    switch (pointer[1]) {
-	    case TELQUAL_REPLY:
-	    case TELQUAL_IS:
-		fprintf(NetTrace, " %s ", (pointer[1] == TELQUAL_IS) ?
-							"IS" : "REPLY");
-		if (AUTHTYPE_NAME_OK(pointer[2]))
-		    fprintf(NetTrace, "%s ", AUTHTYPE_NAME(pointer[2]));
-		else
-		    fprintf(NetTrace, "%d ", pointer[2]);
-		if (length < 3) {
-		    fprintf(NetTrace, "(partial suboption??\?)");
-		    break;
-		}
-		fprintf(NetTrace, "%s|%s",
-			((pointer[3] & AUTH_WHO_MASK) == AUTH_WHO_CLIENT) ?
-			"CLIENT" : "SERVER",
-			((pointer[3] & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ?
-			"MUTUAL" : "ONE-WAY");
-
-		auth_printsub(&pointer[1], length - 1, buf, sizeof(buf));
-		fprintf(NetTrace, "%s", buf);
-		break;
-
-	    case TELQUAL_SEND:
-		i = 2;
-		fprintf(NetTrace, " SEND ");
-		while (i < length) {
-		    if (AUTHTYPE_NAME_OK(pointer[i]))
-			fprintf(NetTrace, "%s ", AUTHTYPE_NAME(pointer[i]));
-		    else
-			fprintf(NetTrace, "%d ", pointer[i]);
-		    if (++i >= length) {
-			fprintf(NetTrace, "(partial suboption??\?)");
-			break;
-		    }
-		    fprintf(NetTrace, "%s|%s ",
-			((pointer[i] & AUTH_WHO_MASK) == AUTH_WHO_CLIENT) ?
-							"CLIENT" : "SERVER",
-			((pointer[i] & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ?
-							"MUTUAL" : "ONE-WAY");
-		    ++i;
-		}
-		break;
-
-	    case TELQUAL_NAME:
-		i = 2;
-		fprintf(NetTrace, " NAME \"");
-		while (i < length)
-		    putc(pointer[i++], NetTrace);
-		putc('"', NetTrace);
-		break;
-
-	    default:
-		    for (i = 2; i < length; i++)
-			fprintf(NetTrace, " ?%d?", pointer[i]);
-		    break;
-	    }
-	    break;
-#endif
-
-#ifdef	ENCRYPTION
-	case TELOPT_ENCRYPT:
-	    fprintf(NetTrace, "ENCRYPT");
-	    if (length < 2) {
-		fprintf(NetTrace, " (empty suboption??\?)");
-		break;
-	    }
-	    switch (pointer[1]) {
-	    case ENCRYPT_START:
-		fprintf(NetTrace, " START");
-		break;
-
-	    case ENCRYPT_END:
-		fprintf(NetTrace, " END");
-		break;
-
-	    case ENCRYPT_REQSTART:
-		fprintf(NetTrace, " REQUEST-START");
-		break;
-
-	    case ENCRYPT_REQEND:
-		fprintf(NetTrace, " REQUEST-END");
-		break;
-
-	    case ENCRYPT_IS:
-	    case ENCRYPT_REPLY:
-		fprintf(NetTrace, " %s ", (pointer[1] == ENCRYPT_IS) ?
-							"IS" : "REPLY");
-		if (length < 3) {
-		    fprintf(NetTrace, " (partial suboption??\?)");
-		    break;
-		}
-		if (ENCTYPE_NAME_OK(pointer[2]))
-		    fprintf(NetTrace, "%s ", ENCTYPE_NAME(pointer[2]));
-		else
-		    fprintf(NetTrace, " %d (unknown)", pointer[2]);
-
-		encrypt_printsub(&pointer[1], length - 1, buf, sizeof(buf));
-		fprintf(NetTrace, "%s", buf);
-		break;
-
-	    case ENCRYPT_SUPPORT:
-		i = 2;
-		fprintf(NetTrace, " SUPPORT ");
-		while (i < length) {
-		    if (ENCTYPE_NAME_OK(pointer[i]))
-			fprintf(NetTrace, "%s ", ENCTYPE_NAME(pointer[i]));
-		    else
-			fprintf(NetTrace, "%d ", pointer[i]);
-		    i++;
-		}
-		break;
-
-	    case ENCRYPT_ENC_KEYID:
-		fprintf(NetTrace, " ENC_KEYID ");
-		goto encommon;
-
-	    case ENCRYPT_DEC_KEYID:
-		fprintf(NetTrace, " DEC_KEYID ");
-		goto encommon;
-
-	    default:
-		fprintf(NetTrace, " %d (unknown)", pointer[1]);
-	    encommon:
-		for (i = 2; i < length; i++)
-		    fprintf(NetTrace, " %d", pointer[i]);
-		break;
-	    }
-	    break;
-#endif	/* ENCRYPTION */
-
-	case TELOPT_LINEMODE:
-	    fprintf(NetTrace, "LINEMODE ");
-	    if (length < 2) {
-		fprintf(NetTrace, " (empty suboption??\?)");
-		break;
-	    }
-	    switch (pointer[1]) {
-	    case WILL:
-		fprintf(NetTrace, "WILL ");
-		goto common;
-	    case WONT:
-		fprintf(NetTrace, "WONT ");
-		goto common;
-	    case DO:
-		fprintf(NetTrace, "DO ");
-		goto common;
-	    case DONT:
-		fprintf(NetTrace, "DONT ");
-	    common:
-		if (length < 3) {
-		    fprintf(NetTrace, "(no option??\?)");
-		    break;
-		}
-		switch (pointer[2]) {
-		case LM_FORWARDMASK:
-		    fprintf(NetTrace, "Forward Mask");
-		    for (i = 3; i < length; i++)
-			fprintf(NetTrace, " %x", pointer[i]);
-		    break;
-		default:
-		    fprintf(NetTrace, "%d (unknown)", pointer[2]);
-		    for (i = 3; i < length; i++)
-			fprintf(NetTrace, " %d", pointer[i]);
-		    break;
-		}
-		break;
-
-	    case LM_SLC:
-		fprintf(NetTrace, "SLC");
-		for (i = 2; i < length - 2; i += 3) {
-		    if (SLC_NAME_OK(pointer[i+SLC_FUNC]))
-			fprintf(NetTrace, " %s", SLC_NAME(pointer[i+SLC_FUNC]));
-		    else
-			fprintf(NetTrace, " %d", pointer[i+SLC_FUNC]);
-		    switch (pointer[i+SLC_FLAGS]&SLC_LEVELBITS) {
-		    case SLC_NOSUPPORT:
-			fprintf(NetTrace, " NOSUPPORT"); break;
-		    case SLC_CANTCHANGE:
-			fprintf(NetTrace, " CANTCHANGE"); break;
-		    case SLC_VARIABLE:
-			fprintf(NetTrace, " VARIABLE"); break;
-		    case SLC_DEFAULT:
-			fprintf(NetTrace, " DEFAULT"); break;
-		    }
-		    fprintf(NetTrace, "%s%s%s",
-			pointer[i+SLC_FLAGS]&SLC_ACK ? "|ACK" : "",
-			pointer[i+SLC_FLAGS]&SLC_FLUSHIN ? "|FLUSHIN" : "",
-			pointer[i+SLC_FLAGS]&SLC_FLUSHOUT ? "|FLUSHOUT" : "");
-		    if (pointer[i+SLC_FLAGS]& ~(SLC_ACK|SLC_FLUSHIN|
-						SLC_FLUSHOUT| SLC_LEVELBITS))
-			fprintf(NetTrace, "(0x%x)", pointer[i+SLC_FLAGS]);
-		    fprintf(NetTrace, " %d;", pointer[i+SLC_VALUE]);
-		    if ((pointer[i+SLC_VALUE] == IAC) &&
-			(pointer[i+SLC_VALUE+1] == IAC))
-				i++;
-		}
-		for (; i < length; i++)
-		    fprintf(NetTrace, " ?%d?", pointer[i]);
-		break;
-
-	    case LM_MODE:
-		fprintf(NetTrace, "MODE ");
-		if (length < 3) {
-		    fprintf(NetTrace, "(no mode??\?)");
-		    break;
-		}
-		{
-		    char tbuf[64];
-		    sprintf(tbuf, "%s%s%s%s%s",
-			pointer[2]&MODE_EDIT ? "|EDIT" : "",
-			pointer[2]&MODE_TRAPSIG ? "|TRAPSIG" : "",
-			pointer[2]&MODE_SOFT_TAB ? "|SOFT_TAB" : "",
-			pointer[2]&MODE_LIT_ECHO ? "|LIT_ECHO" : "",
-			pointer[2]&MODE_ACK ? "|ACK" : "");
-		    fprintf(NetTrace, "%s", tbuf[1] ? &tbuf[1] : "0");
-		}
-		if (pointer[2]&~(MODE_MASK))
-		    fprintf(NetTrace, " (0x%x)", pointer[2]);
-		for (i = 3; i < length; i++)
-		    fprintf(NetTrace, " ?0x%x?", pointer[i]);
-		break;
-	    default:
-		fprintf(NetTrace, "%d (unknown)", pointer[1]);
-		for (i = 2; i < length; i++)
-		    fprintf(NetTrace, " %d", pointer[i]);
-	    }
-	    break;
-
-	case TELOPT_STATUS: {
-	    register char *cp;
-	    register int j, k;
-
-	    fprintf(NetTrace, "STATUS");
-
-	    switch (pointer[1]) {
-	    default:
-		if (pointer[1] == TELQUAL_SEND)
-		    fprintf(NetTrace, " SEND");
-		else
-		    fprintf(NetTrace, " %d (unknown)", pointer[1]);
-		for (i = 2; i < length; i++)
-		    fprintf(NetTrace, " ?%d?", pointer[i]);
-		break;
-	    case TELQUAL_IS:
-		if (--want_status_response < 0)
-		    want_status_response = 0;
-		if (NetTrace == stdout)
-		    fprintf(NetTrace, " IS\r\n");
-		else
-		    fprintf(NetTrace, " IS\n");
-
-		for (i = 2; i < length; i++) {
-		    switch(pointer[i]) {
-		    case DO:	cp = "DO"; goto common2;
-		    case DONT:	cp = "DONT"; goto common2;
-		    case WILL:	cp = "WILL"; goto common2;
-		    case WONT:	cp = "WONT"; goto common2;
-		    common2:
-			i++;
-			if (TELOPT_OK((int)pointer[i]))
-			    fprintf(NetTrace, " %s %s", cp, TELOPT(pointer[i]));
-			else
-			    fprintf(NetTrace, " %s %d", cp, pointer[i]);
-
-			if (NetTrace == stdout)
-			    fprintf(NetTrace, "\r\n");
-			else
-			    fprintf(NetTrace, "\n");
-			break;
-
-		    case SB:
-			fprintf(NetTrace, " SB ");
-			i++;
-			j = k = i;
-			while (j < length) {
-			    if (pointer[j] == SE) {
-				if (j+1 == length)
-				    break;
-				if (pointer[j+1] == SE)
-				    j++;
-				else
-				    break;
-			    }
-			    pointer[k++] = pointer[j++];
-			}
-			printsub(0, &pointer[i], k - i);
-			if (i < length) {
-			    fprintf(NetTrace, " SE");
-			    i = j;
-			} else
-			    i = j - 1;
-
-			if (NetTrace == stdout)
-			    fprintf(NetTrace, "\r\n");
-			else
-			    fprintf(NetTrace, "\n");
-
-			break;
-
-		    default:
-			fprintf(NetTrace, " %d", pointer[i]);
-			break;
-		    }
-		}
-		break;
-	    }
-	    break;
-	  }
-
-	case TELOPT_XDISPLOC:
-	    fprintf(NetTrace, "X-DISPLAY-LOCATION ");
-	    switch (pointer[1]) {
-	    case TELQUAL_IS:
-		fprintf(NetTrace, "IS \"%.*s\"", length-2, (char *)pointer+2);
-		break;
-	    case TELQUAL_SEND:
-		fprintf(NetTrace, "SEND");
-		break;
-	    default:
-		fprintf(NetTrace, "- unknown qualifier %d (0x%x).",
-				pointer[1], pointer[1]);
-	    }
-	    break;
-
-	case TELOPT_NEW_ENVIRON:
-	    fprintf(NetTrace, "NEW-ENVIRON ");
-#ifdef	OLD_ENVIRON
-	    goto env_common1;
-	case TELOPT_OLD_ENVIRON:
-	    fprintf(NetTrace, "OLD-ENVIRON");
-	env_common1:
-#endif
-	    switch (pointer[1]) {
-	    case TELQUAL_IS:
-		fprintf(NetTrace, "IS ");
-		goto env_common;
-	    case TELQUAL_SEND:
-		fprintf(NetTrace, "SEND ");
-		goto env_common;
-	    case TELQUAL_INFO:
-		fprintf(NetTrace, "INFO ");
-	    env_common:
-		{
-		    register int noquote = 2;
-#if defined(ENV_HACK) && defined(OLD_ENVIRON)
-		    extern int old_env_var, old_env_value;
-#endif
-		    for (i = 2; i < length; i++ ) {
-			switch (pointer[i]) {
-			case NEW_ENV_VALUE:
-#ifdef OLD_ENVIRON
-		     /*	case NEW_ENV_OVAR: */
-			    if (pointer[0] == TELOPT_OLD_ENVIRON) {
-# ifdef	ENV_HACK
-				if (old_env_var == OLD_ENV_VALUE)
-				    fprintf(NetTrace, "\" (VALUE) " + noquote);
-				else
-# endif
-				    fprintf(NetTrace, "\" VAR " + noquote);
-			    } else
-#endif /* OLD_ENVIRON */
-				fprintf(NetTrace, "\" VALUE " + noquote);
-			    noquote = 2;
-			    break;
-
-			case NEW_ENV_VAR:
-#ifdef OLD_ENVIRON
-		     /* case OLD_ENV_VALUE: */
-			    if (pointer[0] == TELOPT_OLD_ENVIRON) {
-# ifdef	ENV_HACK
-				if (old_env_value == OLD_ENV_VAR)
-				    fprintf(NetTrace, "\" (VAR) " + noquote);
-				else
-# endif
-				    fprintf(NetTrace, "\" VALUE " + noquote);
-			    } else
-#endif /* OLD_ENVIRON */
-				fprintf(NetTrace, "\" VAR " + noquote);
-			    noquote = 2;
-			    break;
-
-			case ENV_ESC:
-			    fprintf(NetTrace, "\" ESC " + noquote);
-			    noquote = 2;
-			    break;
-
-			case ENV_USERVAR:
-			    fprintf(NetTrace, "\" USERVAR " + noquote);
-			    noquote = 2;
-			    break;
-
-			default:
-			    if (isprint(pointer[i]) && pointer[i] != '"') {
-				if (noquote) {
-				    putc('"', NetTrace);
-				    noquote = 0;
-				}
-				putc(pointer[i], NetTrace);
-			    } else {
-				fprintf(NetTrace, "\" %03o " + noquote,
-							pointer[i]);
-				noquote = 2;
-			    }
-			    break;
-			}
-		    }
-		    if (!noquote)
-			putc('"', NetTrace);
-		    break;
-		}
-	    }
-	    break;
-
-	default:
-	    if (TELOPT_OK(pointer[0]))
-		fprintf(NetTrace, "%s (unknown)", TELOPT(pointer[0]));
-	    else
-		fprintf(NetTrace, "%d (unknown)", pointer[0]);
-	    for (i = 1; i < length; i++)
-		fprintf(NetTrace, " %d", pointer[i]);
-	    break;
-	}
-	if (direction) {
-	    if (NetTrace == stdout)
-		fprintf(NetTrace, "\r\n");
-	    else
-		fprintf(NetTrace, "\n");
-	}
-	if (NetTrace == stdout)
-	    fflush(NetTrace);
-    }
-}
-
-/* EmptyTerminal - called to make sure that the terminal buffer is empty.
- *			Note that we consider the buffer to run all the
- *			way to the kernel (thus the select).
- */
-
-    void
-EmptyTerminal()
-{
-#if	defined(unix)
-    fd_set	o;
-
-    FD_ZERO(&o);
-#endif	/* defined(unix) */
-
-    if (TTYBYTES() == 0) {
-#if	defined(unix)
-	FD_SET(tout, &o);
-	(void) select(tout+1, (fd_set *) 0, &o, (fd_set *) 0,
-			(struct timeval *) 0);	/* wait for TTLOWAT */
-#endif	/* defined(unix) */
-    } else {
-	while (TTYBYTES()) {
-	    (void) ttyflush(0);
-#if	defined(unix)
-	    FD_SET(tout, &o);
-	    (void) select(tout+1, (fd_set *) 0, &o, (fd_set *) 0,
-				(struct timeval *) 0);	/* wait for TTLOWAT */
-#endif	/* defined(unix) */
-	}
-    }
-}
-
-    void
-SetForExit()
-{
-    setconnmode(0);
-#if	defined(TN3270)
-    if (In3270) {
-	Finish3270();
-    }
-#else	/* defined(TN3270) */
-    do {
-	(void)telrcv();			/* Process any incoming data */
-	EmptyTerminal();
-    } while (ring_full_count(&netiring));	/* While there is any */
-#endif	/* defined(TN3270) */
-    setcommandmode();
-    fflush(stdout);
-    fflush(stderr);
-#if	defined(TN3270)
-    if (In3270) {
-	StopScreen(1);
-    }
-#endif	/* defined(TN3270) */
-    setconnmode(0);
-    EmptyTerminal();			/* Flush the path to the tty */
-    setcommandmode();
-}
-
-    void
-Exit(returnCode)
-    int returnCode;
-{
-    SetForExit();
-    exit(returnCode);
-}
-
-    void
-ExitString(string, returnCode)
-    char *string;
-    int returnCode;
-{
-    SetForExit();
-    fwrite(string, 1, strlen(string), stderr);
-    exit(returnCode);
-}
diff --git a/crypto/telnet/telnetd/authenc.c b/crypto/telnet/telnetd/authenc.c
deleted file mode 100644
index 347875391088..000000000000
--- a/crypto/telnet/telnetd/authenc.c
+++ /dev/null
@@ -1,94 +0,0 @@
-/*-
- * Copyright (c) 1991, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef lint
-#if 0
-static const char sccsid[] = "@(#)authenc.c	8.2 (Berkeley) 5/30/95";
-#endif
-static const char rcsid[] =
-	"$Id$";
-#endif /* not lint */
-
-#if	defined(AUTHENTICATION) || defined(ENCRYPTION)
-#include "telnetd.h"
-#include <libtelnet/misc.h>
-
-	int
-net_write(str, len)
-	unsigned char *str;
-	int len;
-{
-	if (nfrontp + len < netobuf + BUFSIZ) {
-		memmove((void *)nfrontp, (void *)str, len);
-		nfrontp += len;
-		return(len);
-	}
-	return(0);
-}
-
-	void
-net_encrypt()
-{
-#ifdef	ENCRYPTION
-	char *s = (nclearto > nbackp) ? nclearto : nbackp;
-	if (s < nfrontp && encrypt_output) {
-		(*encrypt_output)((unsigned char *)s, nfrontp - s);
-	}
-	nclearto = nfrontp;
-#endif /* ENCRYPTION */
-}
-
-	int
-telnet_spin()
-{
-	ttloop();
-	return(0);
-}
-
-	char *
-telnet_getenv(val)
-	char *val;
-{
-	return(getenv(val));
-}
-
-	char *
-telnet_gets(prompt, result, length, echo)
-	char *prompt;
-	char *result;
-	int length;
-	int echo;
-{
-	return((char *)0);
-}
-#endif	/* defined(AUTHENTICATION) || defined(ENCRYPTION) */
diff --git a/crypto/telnet/telnetd/defs.h b/crypto/telnet/telnetd/defs.h
deleted file mode 100644
index a73d4a619978..000000000000
--- a/crypto/telnet/telnetd/defs.h
+++ /dev/null
@@ -1,296 +0,0 @@
-/*
- * Copyright (c) 1989, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)defs.h	8.1 (Berkeley) 6/4/93
- */
-
-/*
- * Telnet server defines
- */
-#include <sys/types.h>
-#include <sys/param.h>
-
-#ifndef	BSD
-# define	BSD 43
-#endif
-
-#if	defined(CRAY) && !defined(LINEMODE)
-# define SYSV_TERMIO
-# define LINEMODE
-# define KLUDGELINEMODE
-# define DIAGNOSTICS
-# if defined(UNICOS50) && !defined(UNICOS5)
-#  define UNICOS5
-# endif
-# if !defined(UNICOS5)
-#  define BFTPDAEMON
-#  define HAS_IP_TOS
-# endif
-#endif /* CRAY */
-#if defined(UNICOS5) && !defined(NO_SETSID)
-# define NO_SETSID
-#endif
-
-#if defined(PRINTOPTIONS) && defined(DIAGNOSTICS)
-#define TELOPTS
-#define TELCMDS
-#define	SLC_NAMES
-#endif
-
-#if	defined(SYSV_TERMIO) && !defined(USE_TERMIO)
-# define	USE_TERMIO
-#endif
-
-#include <sys/socket.h>
-#ifndef	CRAY
-#include <sys/wait.h>
-#endif	/* CRAY */
-#include <fcntl.h>
-#include <sys/file.h>
-#include <sys/stat.h>
-#include <sys/time.h>
-#ifndef	FILIO_H
-#include <sys/ioctl.h>
-#else
-#include <sys/filio.h>
-#endif
-
-#include <netinet/in.h>
-
-#include <arpa/telnet.h>
-
-#include <stdio.h>
-#ifdef	__STDC__
-#include <stdlib.h>
-#endif
-#include <signal.h>
-#include <errno.h>
-#include <netdb.h>
-#include <syslog.h>
-#ifndef	LOG_DAEMON
-#define	LOG_DAEMON	0
-#endif
-#ifndef	LOG_ODELAY
-#define	LOG_ODELAY	0
-#endif
-#include <ctype.h>
-#ifndef NO_STRING_H
-#include <string.h>
-#else
-#include <strings.h>
-#endif
-
-#ifndef	USE_TERMIO
-#include <sgtty.h>
-#else
-# ifdef	SYSV_TERMIO
-# include <termio.h>
-# else
-# include <termios.h>
-# endif
-#endif
-#if !defined(USE_TERMIO) || defined(NO_CC_T)
-typedef unsigned char cc_t;
-#endif
-
-#ifdef	__STDC__
-#include <unistd.h>
-#endif
-
-#ifndef _POSIX_VDISABLE
-# ifdef VDISABLE
-#  define _POSIX_VDISABLE VDISABLE
-# else
-#  define _POSIX_VDISABLE ((unsigned char)'\377')
-# endif
-#endif
-
-
-#ifdef	CRAY
-# ifdef	CRAY1
-# include <sys/pty.h>
-#  ifndef FD_ZERO
-# include <sys/select.h>
-#  endif /* FD_ZERO */
-# endif	/* CRAY1 */
-
-#include <memory.h>
-#endif	/* CRAY */
-
-#ifdef __hpux
-#include <sys/ptyio.h>
-#endif
-
-#if	!defined(TIOCSCTTY) && defined(TCSETCTTY)
-# define	TIOCSCTTY TCSETCTTY
-#endif
-
-#ifndef	FD_SET
-#ifndef	HAVE_fd_set
-typedef struct fd_set { int fds_bits[1]; } fd_set;
-#endif
-
-#define	FD_SET(n, p)	((p)->fds_bits[0] |= (1<<(n)))
-#define	FD_CLR(n, p)	((p)->fds_bits[0] &= ~(1<<(n)))
-#define	FD_ISSET(n, p)	((p)->fds_bits[0] & (1<<(n)))
-#define FD_ZERO(p)	((p)->fds_bits[0] = 0)
-#endif	/* FD_SET */
-
-/*
- * I/O data buffers defines
- */
-#define	NETSLOP	64
-#ifdef CRAY
-#undef BUFSIZ
-#define BUFSIZ  2048
-#endif
-
-#define	NIACCUM(c)	{   *netip++ = c; \
-			    ncc++; \
-			}
-
-/* clock manipulations */
-#define	settimer(x)	(clocks.x = ++clocks.system)
-#define	sequenceIs(x,y)	(clocks.x < clocks.y)
-
-/*
- * Linemode support states, in decreasing order of importance
- */
-#define REAL_LINEMODE	0x04
-#define KLUDGE_OK	0x03
-#define	NO_AUTOKLUDGE	0x02
-#define KLUDGE_LINEMODE	0x01
-#define NO_LINEMODE	0x00
-
-/*
- * Structures of information for each special character function.
- */
-typedef struct {
-	unsigned char	flag;		/* the flags for this function */
-	cc_t		val;		/* the value of the special character */
-} slcent, *Slcent;
-
-typedef struct {
-	slcent		defset;		/* the default settings */
-	slcent		current;	/* the current settings */
-	cc_t		*sptr;		/* a pointer to the char in */
-					/* system data structures */
-} slcfun, *Slcfun;
-
-#ifdef DIAGNOSTICS
-/*
- * Diagnostics capabilities
- */
-#define	TD_REPORT	0x01	/* Report operations to client */
-#define TD_EXERCISE	0x02	/* Exercise client's implementation */
-#define TD_NETDATA	0x04	/* Display received data stream */
-#define TD_PTYDATA	0x08	/* Display data passed to pty */
-#define	TD_OPTIONS	0x10	/* Report just telnet options */
-#endif /* DIAGNOSTICS */
-
-/*
- * We keep track of each side of the option negotiation.
- */
-
-#define	MY_STATE_WILL		0x01
-#define	MY_WANT_STATE_WILL	0x02
-#define	MY_STATE_DO		0x04
-#define	MY_WANT_STATE_DO	0x08
-
-/*
- * Macros to check the current state of things
- */
-
-#define	my_state_is_do(opt)		(options[opt]&MY_STATE_DO)
-#define	my_state_is_will(opt)		(options[opt]&MY_STATE_WILL)
-#define my_want_state_is_do(opt)	(options[opt]&MY_WANT_STATE_DO)
-#define my_want_state_is_will(opt)	(options[opt]&MY_WANT_STATE_WILL)
-
-#define	my_state_is_dont(opt)		(!my_state_is_do(opt))
-#define	my_state_is_wont(opt)		(!my_state_is_will(opt))
-#define my_want_state_is_dont(opt)	(!my_want_state_is_do(opt))
-#define my_want_state_is_wont(opt)	(!my_want_state_is_will(opt))
-
-#define	set_my_state_do(opt)		(options[opt] |= MY_STATE_DO)
-#define	set_my_state_will(opt)		(options[opt] |= MY_STATE_WILL)
-#define	set_my_want_state_do(opt)	(options[opt] |= MY_WANT_STATE_DO)
-#define	set_my_want_state_will(opt)	(options[opt] |= MY_WANT_STATE_WILL)
-
-#define	set_my_state_dont(opt)		(options[opt] &= ~MY_STATE_DO)
-#define	set_my_state_wont(opt)		(options[opt] &= ~MY_STATE_WILL)
-#define	set_my_want_state_dont(opt)	(options[opt] &= ~MY_WANT_STATE_DO)
-#define	set_my_want_state_wont(opt)	(options[opt] &= ~MY_WANT_STATE_WILL)
-
-/*
- * Tricky code here.  What we want to know is if the MY_STATE_WILL
- * and MY_WANT_STATE_WILL bits have the same value.  Since the two
- * bits are adjacent, a little arithmatic will show that by adding
- * in the lower bit, the upper bit will be set if the two bits were
- * different, and clear if they were the same.
- */
-#define my_will_wont_is_changing(opt) \
-			((options[opt]+MY_STATE_WILL) & MY_WANT_STATE_WILL)
-
-#define my_do_dont_is_changing(opt) \
-			((options[opt]+MY_STATE_DO) & MY_WANT_STATE_DO)
-
-/*
- * Make everything symetrical
- */
-
-#define	HIS_STATE_WILL			MY_STATE_DO
-#define	HIS_WANT_STATE_WILL		MY_WANT_STATE_DO
-#define HIS_STATE_DO			MY_STATE_WILL
-#define HIS_WANT_STATE_DO		MY_WANT_STATE_WILL
-
-#define	his_state_is_do			my_state_is_will
-#define	his_state_is_will		my_state_is_do
-#define his_want_state_is_do		my_want_state_is_will
-#define his_want_state_is_will		my_want_state_is_do
-
-#define	his_state_is_dont		my_state_is_wont
-#define	his_state_is_wont		my_state_is_dont
-#define his_want_state_is_dont		my_want_state_is_wont
-#define his_want_state_is_wont		my_want_state_is_dont
-
-#define	set_his_state_do		set_my_state_will
-#define	set_his_state_will		set_my_state_do
-#define	set_his_want_state_do		set_my_want_state_will
-#define	set_his_want_state_will		set_my_want_state_do
-
-#define	set_his_state_dont		set_my_state_wont
-#define	set_his_state_wont		set_my_state_dont
-#define	set_his_want_state_dont		set_my_want_state_wont
-#define	set_his_want_state_wont		set_my_want_state_dont
-
-#define his_will_wont_is_changing	my_do_dont_is_changing
-#define his_do_dont_is_changing		my_will_wont_is_changing
diff --git a/crypto/telnet/telnetd/ext.h b/crypto/telnet/telnetd/ext.h
deleted file mode 100644
index f60139e078ac..000000000000
--- a/crypto/telnet/telnetd/ext.h
+++ /dev/null
@@ -1,242 +0,0 @@
-/*
- * Copyright (c) 1989, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)ext.h	8.2 (Berkeley) 12/15/93
- */
-
-/*
- * Telnet server variable declarations
- */
-extern char	options[256];
-extern char	do_dont_resp[256];
-extern char	will_wont_resp[256];
-extern int	linemode;	/* linemode on/off */
-#ifdef	LINEMODE
-extern int	uselinemode;	/* what linemode to use (on/off) */
-extern int	editmode;	/* edit modes in use */
-extern int	useeditmode;	/* edit modes to use */
-extern int	alwayslinemode;	/* command line option */
-extern int	lmodetype;	/* Client support for linemode */
-#endif	/* LINEMODE */
-extern int	flowmode;	/* current flow control state */
-extern int	restartany;	/* restart output on any character state */
-#ifdef DIAGNOSTICS
-extern int	diagnostic;	/* telnet diagnostic capabilities */
-#endif /* DIAGNOSTICS */
-#ifdef BFTPDAEMON
-extern int	bftpd;		/* behave as bftp daemon */
-#endif /* BFTPDAEMON */
-#if	defined(SecurID)
-extern int	require_SecurID;
-#endif
-#if	defined(AUTHENTICATION)
-extern int	auth_level;
-#endif
-
-extern slcfun	slctab[NSLC + 1];	/* slc mapping table */
-
-char	*terminaltype;
-
-/*
- * I/O data buffers, pointers, and counters.
- */
-extern char	ptyobuf[BUFSIZ+NETSLOP], *pfrontp, *pbackp;
-
-extern char	netibuf[BUFSIZ], *netip;
-
-extern char	netobuf[BUFSIZ+NETSLOP], *nfrontp, *nbackp;
-extern char	*neturg;		/* one past last bye of urgent data */
-
-extern int	pcc, ncc;
-
-#if defined(CRAY2) && defined(UNICOS5)
-extern int unpcc;  /* characters left unprocessed by CRAY-2 terminal routine */
-extern char *unptyip;  /* pointer to remaining characters in buffer */
-#endif
-
-extern int	pty, net;
-extern char	*line;
-extern int	SYNCHing;		/* we are in TELNET SYNCH mode */
-
-#ifndef	P
-# ifdef	__STDC__
-#  define P(x)	x
-# else
-#  define P(x)	()
-# endif
-#endif
-
-extern void
-	_termstat P((void)),
-	add_slc P((int, int, int)),
-	check_slc P((void)),
-	change_slc P((int, int, int)),
-	cleanup P((int)),
-	clientstat P((int, int, int)),
-	copy_termbuf P((char *, int)),
-	deferslc P((void)),
-	defer_terminit P((void)),
-	do_opt_slc P((unsigned char *, int)),
-	doeof P((void)),
-	dooption P((int)),
-	dontoption P((int)),
-	edithost P((char *, char *)),
-	fatal P((int, char *)),
-	fatalperror P((int, char *)),
-	get_slc_defaults P((void)),
-	init_env P((void)),
-	init_termbuf P((void)),
-	interrupt P((void)),
-	localstat P((void)),
-	flowstat P((void)),
-	netclear P((void)),
-	netflush P((void)),
-#ifdef DIAGNOSTICS
-	printoption P((char *, int)),
-	printdata P((char *, char *, int)),
-	printsub P((int, unsigned char *, int)),
-#endif
-	ptyflush P((void)),
-	putchr P((int)),
-	putf P((char *, char *)),
-	recv_ayt P((void)),
-	send_do P((int, int)),
-	send_dont P((int, int)),
-	send_slc P((void)),
-	send_status P((void)),
-	send_will P((int, int)),
-	send_wont P((int, int)),
-	sendbrk P((void)),
-	sendsusp P((void)),
-	set_termbuf P((void)),
-	start_login P((char *, int, char *)),
-	start_slc P((int)),
-#if	defined(AUTHENTICATION)
-	start_slave P((char *)),
-#else
-	start_slave P((char *, int, char *)),
-#endif
-	suboption P((void)),
-	telrcv P((void)),
-	ttloop P((void)),
-	tty_binaryin P((int)),
-	tty_binaryout P((int));
-
-extern int
-	end_slc P((unsigned char **)),
-	getnpty P((void)),
-#ifndef convex
-	getpty P((int *)),
-#endif
-	login_tty P((int)),
-	spcset P((int, cc_t *, cc_t **)),
-	stilloob P((int)),
-	terminit P((void)),
-	termstat P((void)),
-	tty_flowmode P((void)),
-	tty_restartany P((void)),
-	tty_isbinaryin P((void)),
-	tty_isbinaryout P((void)),
-	tty_iscrnl P((void)),
-	tty_isecho P((void)),
-	tty_isediting P((void)),
-	tty_islitecho P((void)),
-	tty_isnewmap P((void)),
-	tty_israw P((void)),
-	tty_issofttab P((void)),
-	tty_istrapsig P((void)),
-	tty_linemode P((void));
-
-extern void
-	tty_rspeed P((int)),
-	tty_setecho P((int)),
-	tty_setedit P((int)),
-	tty_setlinemode P((int)),
-	tty_setlitecho P((int)),
-	tty_setsig P((int)),
-	tty_setsofttab P((int)),
-	tty_tspeed P((int)),
-	willoption P((int)),
-	wontoption P((int)),
-	writenet P((unsigned char *, int));
-
-#ifdef	ENCRYPTION
-extern void	(*encrypt_output) P((unsigned char *, int));
-extern int	(*decrypt_input) P((int));
-extern char	*nclearto;
-#endif	/* ENCRYPTION */
-
-
-/*
- * The following are some clocks used to decide how to interpret
- * the relationship between various variables.
- */
-
-extern struct {
-    int
-	system,			/* what the current time is */
-	echotoggle,		/* last time user entered echo character */
-	modenegotiated,		/* last time operating mode negotiated */
-	didnetreceive,		/* last time we read data from network */
-	ttypesubopt,		/* ttype subopt is received */
-	tspeedsubopt,		/* tspeed subopt is received */
-	environsubopt,		/* environ subopt is received */
-	oenvironsubopt,		/* old environ subopt is received */
-	xdisplocsubopt,		/* xdisploc subopt is received */
-	baseline,		/* time started to do timed action */
-	gotDM;			/* when did we last see a data mark */
-} clocks;
-
-
-#if	defined(CRAY2) && defined(UNICOS5)
-extern int	needtermstat;
-#endif
-
-#ifndef	DEFAULT_IM
-# ifdef CRAY
-#  define DEFAULT_IM	"\r\n\r\nCray UNICOS (%h) (%t)\r\n\r\r\n\r"
-# else
-#  ifdef sun
-#   define DEFAULT_IM	"\r\n\r\nSunOS UNIX (%h) (%t)\r\n\r\r\n\r"
-#  else
-#   ifdef ultrix
-#    define DEFAULT_IM	"\r\n\r\nULTRIX (%h) (%t)\r\n\r\r\n\r"
-#   else
-#    ifdef __FreeBSD__
-#     define DEFAULT_IM  "\r\n\r\nFreeBSD (%h) (%t)\r\n\r\r\n\r"
-#    else
-#    define DEFAULT_IM	"\r\n\r\n4.4 BSD UNIX (%h) (%t)\r\n\r\r\n\r"
-#    endif
-#   endif
-#  endif
-# endif
-#endif
diff --git a/crypto/telnet/telnetd/global.c b/crypto/telnet/telnetd/global.c
deleted file mode 100644
index d66c6862284d..000000000000
--- a/crypto/telnet/telnetd/global.c
+++ /dev/null
@@ -1,52 +0,0 @@
-/*
- * Copyright (c) 1989, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef lint
-#if 0
-static const char sccsid[] = "@(#)global.c	8.1 (Berkeley) 6/4/93";
-#endif
-static const char rcsid[] =
-	"$Id$";
-#endif /* not lint */
-
-/*
- * Allocate global variables.  We do this
- * by including the header file that defines
- * them all as externs, but first we define
- * the keyword "extern" to be nothing, so that
- * we will actually allocate the space.
- */
-
-#include "defs.h"
-#define extern
-#include "ext.h"
diff --git a/crypto/telnet/telnetd/pathnames.h b/crypto/telnet/telnetd/pathnames.h
deleted file mode 100644
index c8b0806e7814..000000000000
--- a/crypto/telnet/telnetd/pathnames.h
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * Copyright (c) 1989, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)pathnames.h	8.1 (Berkeley) 6/4/93
- */
-
-#if BSD > 43
-
-# include <paths.h>
-
-# ifndef _PATH_LOGIN
-#  define	_PATH_LOGIN	"/usr/bin/login"
-# endif
-
-#else
- 
-# define	_PATH_TTY	"/dev/tty"
-# ifndef _PATH_LOGIN
-#  define	_PATH_LOGIN	"/bin/login"
-# endif
-
-#endif
-
-#ifdef BFTPDAEMON
-#define		BFTPPATH	"/usr/ucb/bftp"
-#endif  /* BFTPDAEMON */
diff --git a/crypto/telnet/telnetd/slc.c b/crypto/telnet/telnetd/slc.c
deleted file mode 100644
index 90780f308670..000000000000
--- a/crypto/telnet/telnetd/slc.c
+++ /dev/null
@@ -1,495 +0,0 @@
-/*
- * Copyright (c) 1989, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef lint
-#if 0
-static const char sccsid[] = "@(#)slc.c	8.2 (Berkeley) 5/30/95";
-#endif
-static const char rcsid[] =
-	"$Id$";
-#endif /* not lint */
-
-#include "telnetd.h"
-
-#ifdef	LINEMODE
-/*
- * local variables
- */
-static unsigned char	*def_slcbuf = (unsigned char *)0;
-static int		def_slclen = 0;
-static int		slcchange;	/* change to slc is requested */
-static unsigned char	*slcptr;	/* pointer into slc buffer */
-static unsigned char	slcbuf[NSLC*6];	/* buffer for slc negotiation */
-
-/*
- * send_slc
- *
- * Write out the current special characters to the client.
- */
-	void
-send_slc()
-{
-	register int i;
-
-	/*
-	 * Send out list of triplets of special characters
-	 * to client.  We only send info on the characters
-	 * that are currently supported.
-	 */
-	for (i = 1; i <= NSLC; i++) {
-		if ((slctab[i].defset.flag & SLC_LEVELBITS) == SLC_NOSUPPORT)
-			continue;
-		add_slc((unsigned char)i, slctab[i].current.flag,
-							slctab[i].current.val);
-	}
-
-}  /* end of send_slc */
-
-/*
- * default_slc
- *
- * Set pty special characters to all the defaults.
- */
-	void
-default_slc()
-{
-	register int i;
-
-	for (i = 1; i <= NSLC; i++) {
-		slctab[i].current.val = slctab[i].defset.val;
-		if (slctab[i].current.val == (cc_t)(_POSIX_VDISABLE))
-			slctab[i].current.flag = SLC_NOSUPPORT;
-		else
-			slctab[i].current.flag = slctab[i].defset.flag;
-		if (slctab[i].sptr) {
-			*(slctab[i].sptr) = slctab[i].defset.val;
-		}
-	}
-	slcchange = 1;
-
-}  /* end of default_slc */
-#endif	/* LINEMODE */
-
-/*
- * get_slc_defaults
- *
- * Initialize the slc mapping table.
- */
-	void
-get_slc_defaults()
-{
-	register int i;
-
-	init_termbuf();
-
-	for (i = 1; i <= NSLC; i++) {
-		slctab[i].defset.flag =
-			spcset(i, &slctab[i].defset.val, &slctab[i].sptr);
-		slctab[i].current.flag = SLC_NOSUPPORT;
-		slctab[i].current.val = 0;
-	}
-
-}  /* end of get_slc_defaults */
-
-#ifdef	LINEMODE
-/*
- * add_slc
- *
- * Add an slc triplet to the slc buffer.
- */
-	void
-add_slc(func, flag, val)
-	register char func, flag;
-	register cc_t val;
-{
-
-	if ((*slcptr++ = (unsigned char)func) == 0xff)
-		*slcptr++ = 0xff;
-
-	if ((*slcptr++ = (unsigned char)flag) == 0xff)
-		*slcptr++ = 0xff;
-
-	if ((*slcptr++ = (unsigned char)val) == 0xff)
-		*slcptr++ = 0xff;
-
-}  /* end of add_slc */
-
-/*
- * start_slc
- *
- * Get ready to process incoming slc's and respond to them.
- *
- * The parameter getit is non-zero if it is necessary to grab a copy
- * of the terminal control structures.
- */
-	void
-start_slc(getit)
-	register int getit;
-{
-
-	slcchange = 0;
-	if (getit)
-		init_termbuf();
-	(void) sprintf((char *)slcbuf, "%c%c%c%c",
-					IAC, SB, TELOPT_LINEMODE, LM_SLC);
-	slcptr = slcbuf + 4;
-
-}  /* end of start_slc */
-
-/*
- * end_slc
- *
- * Finish up the slc negotiation.  If something to send, then send it.
- */
-	int
-end_slc(bufp)
-	register unsigned char **bufp;
-{
-	register int len;
-	void netflush();
-
-	/*
-	 * If a change has occured, store the new terminal control
-	 * structures back to the terminal driver.
-	 */
-	if (slcchange) {
-		set_termbuf();
-	}
-
-	/*
-	 * If the pty state has not yet been fully processed and there is a
-	 * deferred slc request from the client, then do not send any
-	 * sort of slc negotiation now.  We will respond to the client's
-	 * request very soon.
-	 */
-	if (def_slcbuf && (terminit() == 0)) {
-		return(0);
-	}
-
-	if (slcptr > (slcbuf + 4)) {
-		if (bufp) {
-			*bufp = &slcbuf[4];
-			return(slcptr - slcbuf - 4);
-		} else {
-			(void) sprintf((char *)slcptr, "%c%c", IAC, SE);
-			slcptr += 2;
-			len = slcptr - slcbuf;
-			writenet(slcbuf, len);
-			netflush();  /* force it out immediately */
-			DIAG(TD_OPTIONS, printsub('>', slcbuf+2, len-2););
-		}
-	}
-	return (0);
-
-}  /* end of end_slc */
-
-/*
- * process_slc
- *
- * Figure out what to do about the client's slc
- */
-	void
-process_slc(func, flag, val)
-	register unsigned char func, flag;
-	register cc_t val;
-{
-	register int hislevel, mylevel, ack;
-
-	/*
-	 * Ensure that we know something about this function
-	 */
-	if (func > NSLC) {
-		add_slc(func, SLC_NOSUPPORT, 0);
-		return;
-	}
-
-	/*
-	 * Process the special case requests of 0 SLC_DEFAULT 0
-	 * and 0 SLC_VARIABLE 0.  Be a little forgiving here, don't
-	 * worry about whether the value is actually 0 or not.
-	 */
-	if (func == 0) {
-		if ((flag = flag & SLC_LEVELBITS) == SLC_DEFAULT) {
-			default_slc();
-			send_slc();
-		} else if (flag == SLC_VARIABLE) {
-			send_slc();
-		}
-		return;
-	}
-
-	/*
-	 * Appears to be a function that we know something about.  So
-	 * get on with it and see what we know.
-	 */
-
-	hislevel = flag & SLC_LEVELBITS;
-	mylevel = slctab[func].current.flag & SLC_LEVELBITS;
-	ack = flag & SLC_ACK;
-	/*
-	 * ignore the command if:
-	 * the function value and level are the same as what we already have;
-	 * or the level is the same and the ack bit is set
-	 */
-	if (hislevel == mylevel && (val == slctab[func].current.val || ack)) {
-		return;
-	} else if (ack) {
-		/*
-		 * If we get here, we got an ack, but the levels don't match.
-		 * This shouldn't happen.  If it does, it is probably because
-		 * we have sent two requests to set a variable without getting
-		 * a response between them, and this is the first response.
-		 * So, ignore it, and wait for the next response.
-		 */
-		return;
-	} else {
-		change_slc(func, flag, val);
-	}
-
-}  /* end of process_slc */
-
-/*
- * change_slc
- *
- * Process a request to change one of our special characters.
- * Compare client's request with what we are capable of supporting.
- */
-	void
-change_slc(func, flag, val)
-	register char func, flag;
-	register cc_t val;
-{
-	register int hislevel, mylevel;
-
-	hislevel = flag & SLC_LEVELBITS;
-	mylevel = slctab[(int)func].defset.flag & SLC_LEVELBITS;
-	/*
-	 * If client is setting a function to NOSUPPORT
-	 * or DEFAULT, then we can easily and directly
-	 * accomodate the request.
-	 */
-	if (hislevel == SLC_NOSUPPORT) {
-		slctab[(int)func].current.flag = flag;
-		slctab[(int)func].current.val = (cc_t)_POSIX_VDISABLE;
-		flag |= SLC_ACK;
-		add_slc(func, flag, val);
-		return;
-	}
-	if (hislevel == SLC_DEFAULT) {
-		/*
-		 * Special case here.  If client tells us to use
-		 * the default on a function we don't support, then
-		 * return NOSUPPORT instead of what we may have as a
-		 * default level of DEFAULT.
-		 */
-		if (mylevel == SLC_DEFAULT) {
-			slctab[(int)func].current.flag = SLC_NOSUPPORT;
-		} else {
-			slctab[(int)func].current.flag = slctab[(int)func].defset.flag;
-		}
-		slctab[(int)func].current.val = slctab[(int)func].defset.val;
-		add_slc(func, slctab[(int)func].current.flag,
-						slctab[(int)func].current.val);
-		return;
-	}
-
-	/*
-	 * Client wants us to change to a new value or he
-	 * is telling us that he can't change to our value.
-	 * Some of the slc's we support and can change,
-	 * some we do support but can't change,
-	 * and others we don't support at all.
-	 * If we can change it then we have a pointer to
-	 * the place to put the new value, so change it,
-	 * otherwise, continue the negotiation.
-	 */
-	if (slctab[(int)func].sptr) {
-		/*
-		 * We can change this one.
-		 */
-		slctab[(int)func].current.val = val;
-		*(slctab[(int)func].sptr) = val;
-		slctab[(int)func].current.flag = flag;
-		flag |= SLC_ACK;
-		slcchange = 1;
-		add_slc(func, flag, val);
-	} else {
-		/*
-		* It is not possible for us to support this
-		* request as he asks.
-		*
-		* If our level is DEFAULT, then just ack whatever was
-		* sent.
-		*
-		* If he can't change and we can't change,
-		* then degenerate to NOSUPPORT.
-		*
-		* Otherwise we send our level back to him, (CANTCHANGE
-		* or NOSUPPORT) and if CANTCHANGE, send
-		* our value as well.
-		*/
-		if (mylevel == SLC_DEFAULT) {
-			slctab[(int)func].current.flag = flag;
-			slctab[(int)func].current.val = val;
-			flag |= SLC_ACK;
-		} else if (hislevel == SLC_CANTCHANGE &&
-				    mylevel == SLC_CANTCHANGE) {
-			flag &= ~SLC_LEVELBITS;
-			flag |= SLC_NOSUPPORT;
-			slctab[(int)func].current.flag = flag;
-		} else {
-			flag &= ~SLC_LEVELBITS;
-			flag |= mylevel;
-			slctab[(int)func].current.flag = flag;
-			if (mylevel == SLC_CANTCHANGE) {
-				slctab[(int)func].current.val =
-					slctab[(int)func].defset.val;
-				val = slctab[(int)func].current.val;
-			}
-		}
-		add_slc(func, flag, val);
-	}
-
-}  /* end of change_slc */
-
-#if	defined(USE_TERMIO) && (VEOF == VMIN)
-cc_t oldeofc = '\004';
-#endif
-
-/*
- * check_slc
- *
- * Check the special characters in use and notify the client if any have
- * changed.  Only those characters that are capable of being changed are
- * likely to have changed.  If a local change occurs, kick the support level
- * and flags up to the defaults.
- */
-	void
-check_slc()
-{
-	register int i;
-
-	for (i = 1; i <= NSLC; i++) {
-#if	defined(USE_TERMIO) && (VEOF == VMIN)
-		/*
-		 * In a perfect world this would be a neat little
-		 * function.  But in this world, we should not notify
-		 * client of changes to the VEOF char when
-		 * ICANON is off, because it is not representing
-		 * a special character.
-		 */
-		if (i == SLC_EOF) {
-			if (!tty_isediting())
-				continue;
-			else if (slctab[i].sptr)
-				oldeofc = *(slctab[i].sptr);
-		}
-#endif	/* defined(USE_TERMIO) && defined(SYSV_TERMIO) */
-		if (slctab[i].sptr &&
-				(*(slctab[i].sptr) != slctab[i].current.val)) {
-			slctab[i].current.val = *(slctab[i].sptr);
-			if (*(slctab[i].sptr) == (cc_t)_POSIX_VDISABLE)
-				slctab[i].current.flag = SLC_NOSUPPORT;
-			else
-				slctab[i].current.flag = slctab[i].defset.flag;
-			add_slc((unsigned char)i, slctab[i].current.flag,
-						slctab[i].current.val);
-		}
-	}
-}  /* check_slc */
-
-/*
- * do_opt_slc
- *
- * Process an slc option buffer.  Defer processing of incoming slc's
- * until after the terminal state has been processed.  Save the first slc
- * request that comes along, but discard all others.
- *
- * ptr points to the beginning of the buffer, len is the length.
- */
-	void
-do_opt_slc(ptr, len)
-	register unsigned char *ptr;
-	register int len;
-{
-	register unsigned char func, flag;
-	cc_t val;
-	register unsigned char *end = ptr + len;
-
-	if (terminit()) {  /* go ahead */
-		while (ptr < end) {
-			func = *ptr++;
-			if (ptr >= end) break;
-			flag = *ptr++;
-			if (ptr >= end) break;
-			val = (cc_t)*ptr++;
-
-			process_slc(func, flag, val);
-
-		}
-	} else {
-		/*
-		 * save this slc buffer if it is the first, otherwise dump
-		 * it.
-		 */
-		if (def_slcbuf == (unsigned char *)0) {
-			def_slclen = len;
-			def_slcbuf = (unsigned char *)malloc((unsigned)len);
-			if (def_slcbuf == (unsigned char *)0)
-				return;  /* too bad */
-			memmove(def_slcbuf, ptr, len);
-		}
-	}
-
-}  /* end of do_opt_slc */
-
-/*
- * deferslc
- *
- * Do slc stuff that was deferred.
- */
-	void
-deferslc()
-{
-	if (def_slcbuf) {
-		start_slc(1);
-		do_opt_slc(def_slcbuf, def_slclen);
-		(void) end_slc(0);
-		free(def_slcbuf);
-		def_slcbuf = (unsigned char *)0;
-		def_slclen = 0;
-	}
-
-}  /* end of deferslc */
-
-#endif	/* LINEMODE */
diff --git a/crypto/telnet/telnetd/state.c b/crypto/telnet/telnetd/state.c
deleted file mode 100644
index 2aef1dc104b7..000000000000
--- a/crypto/telnet/telnetd/state.c
+++ /dev/null
@@ -1,1619 +0,0 @@
-/*
- * Copyright (c) 1989, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef lint
-#if 0
-static const char sccsid[] = "@(#)state.c	8.5 (Berkeley) 5/30/95";
-#endif
-static const char rcsid[] =
-	"$Id$";
-#endif /* not lint */
-
-#include "telnetd.h"
-#if	defined(AUTHENTICATION)
-#include <libtelnet/auth.h>
-#endif
-#if	defined(ENCRYPTION)
-#include <libtelnet/encrypt.h>
-#endif
-
-unsigned char	doopt[] = { IAC, DO, '%', 'c', 0 };
-unsigned char	dont[] = { IAC, DONT, '%', 'c', 0 };
-unsigned char	will[] = { IAC, WILL, '%', 'c', 0 };
-unsigned char	wont[] = { IAC, WONT, '%', 'c', 0 };
-int	not42 = 1;
-
-/*
- * Buffer for sub-options, and macros
- * for suboptions buffer manipulations
- */
-unsigned char subbuffer[512], *subpointer= subbuffer, *subend= subbuffer;
-
-#define	SB_CLEAR()	subpointer = subbuffer
-#define	SB_TERM()	{ subend = subpointer; SB_CLEAR(); }
-#define	SB_ACCUM(c)	if (subpointer < (subbuffer+sizeof subbuffer)) { \
-				*subpointer++ = (c); \
-			}
-#define	SB_GET()	((*subpointer++)&0xff)
-#define	SB_EOF()	(subpointer >= subend)
-#define	SB_LEN()	(subend - subpointer)
-
-#ifdef	ENV_HACK
-unsigned char *subsave;
-#define SB_SAVE()	subsave = subpointer;
-#define	SB_RESTORE()	subpointer = subsave;
-#endif
-
-
-/*
- * State for recv fsm
- */
-#define	TS_DATA		0	/* base state */
-#define	TS_IAC		1	/* look for double IAC's */
-#define	TS_CR		2	/* CR-LF ->'s CR */
-#define	TS_SB		3	/* throw away begin's... */
-#define	TS_SE		4	/* ...end's (suboption negotiation) */
-#define	TS_WILL		5	/* will option negotiation */
-#define	TS_WONT		6	/* wont " */
-#define	TS_DO		7	/* do " */
-#define	TS_DONT		8	/* dont " */
-
-	void
-telrcv()
-{
-	register int c;
-	static int state = TS_DATA;
-#if	defined(CRAY2) && defined(UNICOS5)
-	char *opfrontp = pfrontp;
-#endif
-
-	while (ncc > 0) {
-		if ((&ptyobuf[BUFSIZ] - pfrontp) < 2)
-			break;
-		c = *netip++ & 0377, ncc--;
-#ifdef	ENCRYPTION
-		if (decrypt_input)
-			c = (*decrypt_input)(c);
-#endif	/* ENCRYPTION */
-		switch (state) {
-
-		case TS_CR:
-			state = TS_DATA;
-			/* Strip off \n or \0 after a \r */
-			if ((c == 0) || (c == '\n')) {
-				break;
-			}
-			/* FALL THROUGH */
-
-		case TS_DATA:
-			if (c == IAC) {
-				state = TS_IAC;
-				break;
-			}
-			/*
-			 * We now map \r\n ==> \r for pragmatic reasons.
-			 * Many client implementations send \r\n when
-			 * the user hits the CarriageReturn key.
-			 *
-			 * We USED to map \r\n ==> \n, since \r\n says
-			 * that we want to be in column 1 of the next
-			 * printable line, and \n is the standard
-			 * unix way of saying that (\r is only good
-			 * if CRMOD is set, which it normally is).
-			 */
-			if ((c == '\r') && his_state_is_wont(TELOPT_BINARY)) {
-				int nc = *netip;
-#ifdef	ENCRYPTION
-				if (decrypt_input)
-					nc = (*decrypt_input)(nc & 0xff);
-#endif	/* ENCRYPTION */
-#ifdef	LINEMODE
-				/*
-				 * If we are operating in linemode,
-				 * convert to local end-of-line.
-				 */
-				if (linemode && (ncc > 0) && (('\n' == nc) ||
-					 ((0 == nc) && tty_iscrnl())) ) {
-					netip++; ncc--;
-					c = '\n';
-				} else
-#endif
-				{
-#ifdef	ENCRYPTION
-					if (decrypt_input)
-						(void)(*decrypt_input)(-1);
-#endif	/* ENCRYPTION */
-					state = TS_CR;
-				}
-			}
-			*pfrontp++ = c;
-			break;
-
-		case TS_IAC:
-gotiac:			switch (c) {
-
-			/*
-			 * Send the process on the pty side an
-			 * interrupt.  Do this with a NULL or
-			 * interrupt char; depending on the tty mode.
-			 */
-			case IP:
-				DIAG(TD_OPTIONS,
-					printoption("td: recv IAC", c));
-				interrupt();
-				break;
-
-			case BREAK:
-				DIAG(TD_OPTIONS,
-					printoption("td: recv IAC", c));
-				sendbrk();
-				break;
-
-			/*
-			 * Are You There?
-			 */
-			case AYT:
-				DIAG(TD_OPTIONS,
-					printoption("td: recv IAC", c));
-				recv_ayt();
-				break;
-
-			/*
-			 * Abort Output
-			 */
-			case AO:
-			    {
-				DIAG(TD_OPTIONS,
-					printoption("td: recv IAC", c));
-				ptyflush();	/* half-hearted */
-				init_termbuf();
-
-				if (slctab[SLC_AO].sptr &&
-				    *slctab[SLC_AO].sptr != (cc_t)(_POSIX_VDISABLE)) {
-				    *pfrontp++ =
-					(unsigned char)*slctab[SLC_AO].sptr;
-				}
-
-				netclear();	/* clear buffer back */
-				*nfrontp++ = IAC;
-				*nfrontp++ = DM;
-				neturg = nfrontp-1; /* off by one XXX */
-				DIAG(TD_OPTIONS,
-					printoption("td: send IAC", DM));
-				break;
-			    }
-
-			/*
-			 * Erase Character and
-			 * Erase Line
-			 */
-			case EC:
-			case EL:
-			    {
-				cc_t ch;
-
-				DIAG(TD_OPTIONS,
-					printoption("td: recv IAC", c));
-				ptyflush();	/* half-hearted */
-				init_termbuf();
-				if (c == EC)
-					ch = *slctab[SLC_EC].sptr;
-				else
-					ch = *slctab[SLC_EL].sptr;
-				if (ch != (cc_t)(_POSIX_VDISABLE))
-					*pfrontp++ = (unsigned char)ch;
-				break;
-			    }
-
-			/*
-			 * Check for urgent data...
-			 */
-			case DM:
-				DIAG(TD_OPTIONS,
-					printoption("td: recv IAC", c));
-				SYNCHing = stilloob(net);
-				settimer(gotDM);
-				break;
-
-
-			/*
-			 * Begin option subnegotiation...
-			 */
-			case SB:
-				state = TS_SB;
-				SB_CLEAR();
-				continue;
-
-			case WILL:
-				state = TS_WILL;
-				continue;
-
-			case WONT:
-				state = TS_WONT;
-				continue;
-
-			case DO:
-				state = TS_DO;
-				continue;
-
-			case DONT:
-				state = TS_DONT;
-				continue;
-			case EOR:
-				if (his_state_is_will(TELOPT_EOR))
-					doeof();
-				break;
-
-			/*
-			 * Handle RFC 10xx Telnet linemode option additions
-			 * to command stream (EOF, SUSP, ABORT).
-			 */
-			case xEOF:
-				doeof();
-				break;
-
-			case SUSP:
-				sendsusp();
-				break;
-
-			case ABORT:
-				sendbrk();
-				break;
-
-			case IAC:
-				*pfrontp++ = c;
-				break;
-			}
-			state = TS_DATA;
-			break;
-
-		case TS_SB:
-			if (c == IAC) {
-				state = TS_SE;
-			} else {
-				SB_ACCUM(c);
-			}
-			break;
-
-		case TS_SE:
-			if (c != SE) {
-				if (c != IAC) {
-					/*
-					 * bad form of suboption negotiation.
-					 * handle it in such a way as to avoid
-					 * damage to local state.  Parse
-					 * suboption buffer found so far,
-					 * then treat remaining stream as
-					 * another command sequence.
-					 */
-
-					/* for DIAGNOSTICS */
-					SB_ACCUM(IAC);
-					SB_ACCUM(c);
-					subpointer -= 2;
-
-					SB_TERM();
-					suboption();
-					state = TS_IAC;
-					goto gotiac;
-				}
-				SB_ACCUM(c);
-				state = TS_SB;
-			} else {
-				/* for DIAGNOSTICS */
-				SB_ACCUM(IAC);
-				SB_ACCUM(SE);
-				subpointer -= 2;
-
-				SB_TERM();
-				suboption();	/* handle sub-option */
-				state = TS_DATA;
-			}
-			break;
-
-		case TS_WILL:
-			willoption(c);
-			state = TS_DATA;
-			continue;
-
-		case TS_WONT:
-			wontoption(c);
-			state = TS_DATA;
-			continue;
-
-		case TS_DO:
-			dooption(c);
-			state = TS_DATA;
-			continue;
-
-		case TS_DONT:
-			dontoption(c);
-			state = TS_DATA;
-			continue;
-
-		default:
-			syslog(LOG_ERR, "panic state=%d", state);
-			printf("telnetd: panic state=%d\n", state);
-			exit(1);
-		}
-	}
-#if	defined(CRAY2) && defined(UNICOS5)
-	if (!linemode) {
-		char	xptyobuf[BUFSIZ+NETSLOP];
-		char	xbuf2[BUFSIZ];
-		register char *cp;
-		int n = pfrontp - opfrontp, oc;
-		memmove(xptyobuf, opfrontp, n);
-		pfrontp = opfrontp;
-		pfrontp += term_input(xptyobuf, pfrontp, n, BUFSIZ+NETSLOP,
-					xbuf2, &oc, BUFSIZ);
-		for (cp = xbuf2; oc > 0; --oc)
-			if ((*nfrontp++ = *cp++) == IAC)
-				*nfrontp++ = IAC;
-	}
-#endif	/* defined(CRAY2) && defined(UNICOS5) */
-}  /* end of telrcv */
-
-/*
- * The will/wont/do/dont state machines are based on Dave Borman's
- * Telnet option processing state machine.
- *
- * These correspond to the following states:
- *	my_state = the last negotiated state
- *	want_state = what I want the state to go to
- *	want_resp = how many requests I have sent
- * All state defaults are negative, and resp defaults to 0.
- *
- * When initiating a request to change state to new_state:
- *
- * if ((want_resp == 0 && new_state == my_state) || want_state == new_state) {
- *	do nothing;
- * } else {
- *	want_state = new_state;
- *	send new_state;
- *	want_resp++;
- * }
- *
- * When receiving new_state:
- *
- * if (want_resp) {
- *	want_resp--;
- *	if (want_resp && (new_state == my_state))
- *		want_resp--;
- * }
- * if ((want_resp == 0) && (new_state != want_state)) {
- *	if (ok_to_switch_to new_state)
- *		want_state = new_state;
- *	else
- *		want_resp++;
- *	send want_state;
- * }
- * my_state = new_state;
- *
- * Note that new_state is implied in these functions by the function itself.
- * will and do imply positive new_state, wont and dont imply negative.
- *
- * Finally, there is one catch.  If we send a negative response to a
- * positive request, my_state will be the positive while want_state will
- * remain negative.  my_state will revert to negative when the negative
- * acknowlegment arrives from the peer.  Thus, my_state generally tells
- * us not only the last negotiated state, but also tells us what the peer
- * wants to be doing as well.  It is important to understand this difference
- * as we may wish to be processing data streams based on our desired state
- * (want_state) or based on what the peer thinks the state is (my_state).
- *
- * This all works fine because if the peer sends a positive request, the data
- * that we receive prior to negative acknowlegment will probably be affected
- * by the positive state, and we can process it as such (if we can; if we
- * can't then it really doesn't matter).  If it is that important, then the
- * peer probably should be buffering until this option state negotiation
- * is complete.
- *
- */
-	void
-send_do(option, init)
-	int option, init;
-{
-	if (init) {
-		if ((do_dont_resp[option] == 0 && his_state_is_will(option)) ||
-		    his_want_state_is_will(option))
-			return;
-		/*
-		 * Special case for TELOPT_TM:  We send a DO, but pretend
-		 * that we sent a DONT, so that we can send more DOs if
-		 * we want to.
-		 */
-		if (option == TELOPT_TM)
-			set_his_want_state_wont(option);
-		else
-			set_his_want_state_will(option);
-		do_dont_resp[option]++;
-	}
-	(void) sprintf(nfrontp, (char *)doopt, option);
-	nfrontp += sizeof (dont) - 2;
-
-	DIAG(TD_OPTIONS, printoption("td: send do", option));
-}
-
-#ifdef	AUTHENTICATION
-extern void auth_request();
-#endif
-#ifdef	LINEMODE
-extern void doclientstat();
-#endif
-#ifdef	ENCRYPTION
-extern void encrypt_send_support();
-#endif	/* ENCRYPTION */
-
-	void
-willoption(option)
-	int option;
-{
-	int changeok = 0;
-	void (*func)() = 0;
-
-	/*
-	 * process input from peer.
-	 */
-
-	DIAG(TD_OPTIONS, printoption("td: recv will", option));
-
-	if (do_dont_resp[option]) {
-		do_dont_resp[option]--;
-		if (do_dont_resp[option] && his_state_is_will(option))
-			do_dont_resp[option]--;
-	}
-	if (do_dont_resp[option] == 0) {
-	    if (his_want_state_is_wont(option)) {
-		switch (option) {
-
-		case TELOPT_BINARY:
-			init_termbuf();
-			tty_binaryin(1);
-			set_termbuf();
-			changeok++;
-			break;
-
-		case TELOPT_ECHO:
-			/*
-			 * See comments below for more info.
-			 */
-			not42 = 0;	/* looks like a 4.2 system */
-			break;
-
-		case TELOPT_TM:
-#if	defined(LINEMODE) && defined(KLUDGELINEMODE)
-			/*
-			 * This telnetd implementation does not really
-			 * support timing marks, it just uses them to
-			 * support the kludge linemode stuff.  If we
-			 * receive a will or wont TM in response to our
-			 * do TM request that may have been sent to
-			 * determine kludge linemode support, process
-			 * it, otherwise TM should get a negative
-			 * response back.
-			 */
-			/*
-			 * Handle the linemode kludge stuff.
-			 * If we are not currently supporting any
-			 * linemode at all, then we assume that this
-			 * is the client telling us to use kludge
-			 * linemode in response to our query.  Set the
-			 * linemode type that is to be supported, note
-			 * that the client wishes to use linemode, and
-			 * eat the will TM as though it never arrived.
-			 */
-			if (lmodetype < KLUDGE_LINEMODE) {
-				lmodetype = KLUDGE_LINEMODE;
-				clientstat(TELOPT_LINEMODE, WILL, 0);
-				send_wont(TELOPT_SGA, 1);
-			} else if (lmodetype == NO_AUTOKLUDGE) {
-				lmodetype = KLUDGE_OK;
-			}
-#endif	/* defined(LINEMODE) && defined(KLUDGELINEMODE) */
-			/*
-			 * We never respond to a WILL TM, and
-			 * we leave the state WONT.
-			 */
-			return;
-
-		case TELOPT_LFLOW:
-			/*
-			 * If we are going to support flow control
-			 * option, then don't worry peer that we can't
-			 * change the flow control characters.
-			 */
-			slctab[SLC_XON].defset.flag &= ~SLC_LEVELBITS;
-			slctab[SLC_XON].defset.flag |= SLC_DEFAULT;
-			slctab[SLC_XOFF].defset.flag &= ~SLC_LEVELBITS;
-			slctab[SLC_XOFF].defset.flag |= SLC_DEFAULT;
-		case TELOPT_TTYPE:
-		case TELOPT_SGA:
-		case TELOPT_NAWS:
-		case TELOPT_TSPEED:
-		case TELOPT_XDISPLOC:
-		case TELOPT_NEW_ENVIRON:
-		case TELOPT_OLD_ENVIRON:
-			changeok++;
-			break;
-
-#ifdef	LINEMODE
-		case TELOPT_LINEMODE:
-# ifdef	KLUDGELINEMODE
-			/*
-			 * Note client's desire to use linemode.
-			 */
-			lmodetype = REAL_LINEMODE;
-# endif	/* KLUDGELINEMODE */
-			func = doclientstat;
-			changeok++;
-			break;
-#endif	/* LINEMODE */
-
-#ifdef	AUTHENTICATION
-		case TELOPT_AUTHENTICATION:
-			func = auth_request;
-			changeok++;
-			break;
-#endif
-
-#ifdef	ENCRYPTION
-		case TELOPT_ENCRYPT:
-			func = encrypt_send_support;
-			changeok++;
-			break;
-#endif	/* ENCRYPTION */
-
-		default:
-			break;
-		}
-		if (changeok) {
-			set_his_want_state_will(option);
-			send_do(option, 0);
-		} else {
-			do_dont_resp[option]++;
-			send_dont(option, 0);
-		}
-	    } else {
-		/*
-		 * Option processing that should happen when
-		 * we receive conformation of a change in
-		 * state that we had requested.
-		 */
-		switch (option) {
-		case TELOPT_ECHO:
-			not42 = 0;	/* looks like a 4.2 system */
-			/*
-			 * Egads, he responded "WILL ECHO".  Turn
-			 * it off right now!
-			 */
-			send_dont(option, 1);
-			/*
-			 * "WILL ECHO".  Kludge upon kludge!
-			 * A 4.2 client is now echoing user input at
-			 * the tty.  This is probably undesireable and
-			 * it should be stopped.  The client will
-			 * respond WONT TM to the DO TM that we send to
-			 * check for kludge linemode.  When the WONT TM
-			 * arrives, linemode will be turned off and a
-			 * change propogated to the pty.  This change
-			 * will cause us to process the new pty state
-			 * in localstat(), which will notice that
-			 * linemode is off and send a WILL ECHO
-			 * so that we are properly in character mode and
-			 * all is well.
-			 */
-			break;
-#ifdef	LINEMODE
-		case TELOPT_LINEMODE:
-# ifdef	KLUDGELINEMODE
-			/*
-			 * Note client's desire to use linemode.
-			 */
-			lmodetype = REAL_LINEMODE;
-# endif	/* KLUDGELINEMODE */
-			func = doclientstat;
-			break;
-#endif	/* LINEMODE */
-
-#ifdef	AUTHENTICATION
-		case TELOPT_AUTHENTICATION:
-			func = auth_request;
-			break;
-#endif
-
-#ifdef	ENCRYPTION
-		case TELOPT_ENCRYPT:
-			func = encrypt_send_support;
-			break;
-#endif	/* ENCRYPTION */
-		case TELOPT_LFLOW:
-			func = flowstat;
-			break;
-		}
-	    }
-	}
-	set_his_state_will(option);
-	if (func)
-		(*func)();
-}  /* end of willoption */
-
-	void
-send_dont(option, init)
-	int option, init;
-{
-	if (init) {
-		if ((do_dont_resp[option] == 0 && his_state_is_wont(option)) ||
-		    his_want_state_is_wont(option))
-			return;
-		set_his_want_state_wont(option);
-		do_dont_resp[option]++;
-	}
-	(void) sprintf(nfrontp, (char *)dont, option);
-	nfrontp += sizeof (doopt) - 2;
-
-	DIAG(TD_OPTIONS, printoption("td: send dont", option));
-}
-
-	void
-wontoption(option)
-	int option;
-{
-	/*
-	 * Process client input.
-	 */
-
-	DIAG(TD_OPTIONS, printoption("td: recv wont", option));
-
-	if (do_dont_resp[option]) {
-		do_dont_resp[option]--;
-		if (do_dont_resp[option] && his_state_is_wont(option))
-			do_dont_resp[option]--;
-	}
-	if (do_dont_resp[option] == 0) {
-	    if (his_want_state_is_will(option)) {
-		/* it is always ok to change to negative state */
-		switch (option) {
-		case TELOPT_ECHO:
-			not42 = 1; /* doesn't seem to be a 4.2 system */
-			break;
-
-		case TELOPT_BINARY:
-			init_termbuf();
-			tty_binaryin(0);
-			set_termbuf();
-			break;
-
-#ifdef	LINEMODE
-		case TELOPT_LINEMODE:
-# ifdef	KLUDGELINEMODE
-			/*
-			 * If real linemode is supported, then client is
-			 * asking to turn linemode off.
-			 */
-			if (lmodetype != REAL_LINEMODE)
-				break;
-# endif	/* KLUDGELINEMODE */
-			clientstat(TELOPT_LINEMODE, WONT, 0);
-			break;
-#endif	/* LINEMODE */
-
-		case TELOPT_TM:
-			/*
-			 * If we get a WONT TM, and had sent a DO TM,
-			 * don't respond with a DONT TM, just leave it
-			 * as is.  Short circut the state machine to
-			 * achive this.
-			 */
-			set_his_want_state_wont(TELOPT_TM);
-			return;
-
-		case TELOPT_LFLOW:
-			/*
-			 * If we are not going to support flow control
-			 * option, then let peer know that we can't
-			 * change the flow control characters.
-			 */
-			slctab[SLC_XON].defset.flag &= ~SLC_LEVELBITS;
-			slctab[SLC_XON].defset.flag |= SLC_CANTCHANGE;
-			slctab[SLC_XOFF].defset.flag &= ~SLC_LEVELBITS;
-			slctab[SLC_XOFF].defset.flag |= SLC_CANTCHANGE;
-			break;
-
-#if	defined(AUTHENTICATION)
-		case TELOPT_AUTHENTICATION:
-			auth_finished(0, AUTH_REJECT);
-			break;
-#endif
-
-		/*
-		 * For options that we might spin waiting for
-		 * sub-negotiation, if the client turns off the
-		 * option rather than responding to the request,
-		 * we have to treat it here as if we got a response
-		 * to the sub-negotiation, (by updating the timers)
-		 * so that we'll break out of the loop.
-		 */
-		case TELOPT_TTYPE:
-			settimer(ttypesubopt);
-			break;
-
-		case TELOPT_TSPEED:
-			settimer(tspeedsubopt);
-			break;
-
-		case TELOPT_XDISPLOC:
-			settimer(xdisplocsubopt);
-			break;
-
-		case TELOPT_OLD_ENVIRON:
-			settimer(oenvironsubopt);
-			break;
-
-		case TELOPT_NEW_ENVIRON:
-			settimer(environsubopt);
-			break;
-
-		default:
-			break;
-		}
-		set_his_want_state_wont(option);
-		if (his_state_is_will(option))
-			send_dont(option, 0);
-	    } else {
-		switch (option) {
-		case TELOPT_TM:
-#if	defined(LINEMODE) && defined(KLUDGELINEMODE)
-			if (lmodetype < NO_AUTOKLUDGE) {
-				lmodetype = NO_LINEMODE;
-				clientstat(TELOPT_LINEMODE, WONT, 0);
-				send_will(TELOPT_SGA, 1);
-				send_will(TELOPT_ECHO, 1);
-			}
-#endif	/* defined(LINEMODE) && defined(KLUDGELINEMODE) */
-			break;
-
-#if	defined(AUTHENTICATION)
-		case TELOPT_AUTHENTICATION:
-			auth_finished(0, AUTH_REJECT);
-			break;
-#endif
-		default:
-			break;
-		}
-	    }
-	}
-	set_his_state_wont(option);
-
-}  /* end of wontoption */
-
-	void
-send_will(option, init)
-	int option, init;
-{
-	if (init) {
-		if ((will_wont_resp[option] == 0 && my_state_is_will(option))||
-		    my_want_state_is_will(option))
-			return;
-		set_my_want_state_will(option);
-		will_wont_resp[option]++;
-	}
-	(void) sprintf(nfrontp, (char *)will, option);
-	nfrontp += sizeof (doopt) - 2;
-
-	DIAG(TD_OPTIONS, printoption("td: send will", option));
-}
-
-#if	!defined(LINEMODE) || !defined(KLUDGELINEMODE)
-/*
- * When we get a DONT SGA, we will try once to turn it
- * back on.  If the other side responds DONT SGA, we
- * leave it at that.  This is so that when we talk to
- * clients that understand KLUDGELINEMODE but not LINEMODE,
- * we'll keep them in char-at-a-time mode.
- */
-int turn_on_sga = 0;
-#endif
-
-	void
-dooption(option)
-	int option;
-{
-	int changeok = 0;
-
-	/*
-	 * Process client input.
-	 */
-
-	DIAG(TD_OPTIONS, printoption("td: recv do", option));
-
-	if (will_wont_resp[option]) {
-		will_wont_resp[option]--;
-		if (will_wont_resp[option] && my_state_is_will(option))
-			will_wont_resp[option]--;
-	}
-	if ((will_wont_resp[option] == 0) && (my_want_state_is_wont(option))) {
-		switch (option) {
-		case TELOPT_ECHO:
-#ifdef	LINEMODE
-# ifdef	KLUDGELINEMODE
-			if (lmodetype == NO_LINEMODE)
-# else
-			if (his_state_is_wont(TELOPT_LINEMODE))
-# endif
-#endif
-			{
-				init_termbuf();
-				tty_setecho(1);
-				set_termbuf();
-			}
-			changeok++;
-			break;
-
-		case TELOPT_BINARY:
-			init_termbuf();
-			tty_binaryout(1);
-			set_termbuf();
-			changeok++;
-			break;
-
-		case TELOPT_SGA:
-#if	defined(LINEMODE) && defined(KLUDGELINEMODE)
-			/*
-			 * If kludge linemode is in use, then we must
-			 * process an incoming do SGA for linemode
-			 * purposes.
-			 */
-			if (lmodetype == KLUDGE_LINEMODE) {
-				/*
-				 * Receipt of "do SGA" in kludge
-				 * linemode is the peer asking us to
-				 * turn off linemode.  Make note of
-				 * the request.
-				 */
-				clientstat(TELOPT_LINEMODE, WONT, 0);
-				/*
-				 * If linemode did not get turned off
-				 * then don't tell peer that we did.
-				 * Breaking here forces a wont SGA to
-				 * be returned.
-				 */
-				if (linemode)
-					break;
-			}
-#else
-			turn_on_sga = 0;
-#endif	/* defined(LINEMODE) && defined(KLUDGELINEMODE) */
-			changeok++;
-			break;
-
-		case TELOPT_STATUS:
-			changeok++;
-			break;
-
-		case TELOPT_TM:
-			/*
-			 * Special case for TM.  We send a WILL, but
-			 * pretend we sent a WONT.
-			 */
-			send_will(option, 0);
-			set_my_want_state_wont(option);
-			set_my_state_wont(option);
-			return;
-
-		case TELOPT_LOGOUT:
-			/*
-			 * When we get a LOGOUT option, respond
-			 * with a WILL LOGOUT, make sure that
-			 * it gets written out to the network,
-			 * and then just go away...
-			 */
-			set_my_want_state_will(TELOPT_LOGOUT);
-			send_will(TELOPT_LOGOUT, 0);
-			set_my_state_will(TELOPT_LOGOUT);
-			(void)netflush();
-			cleanup(0);
-			/* NOT REACHED */
-			break;
-
-#ifdef	ENCRYPTION
-		case TELOPT_ENCRYPT:
-			changeok++;
-			break;
-#endif	/* ENCRYPTION */
-		case TELOPT_LINEMODE:
-		case TELOPT_TTYPE:
-		case TELOPT_NAWS:
-		case TELOPT_TSPEED:
-		case TELOPT_LFLOW:
-		case TELOPT_XDISPLOC:
-#ifdef	TELOPT_ENVIRON
-		case TELOPT_NEW_ENVIRON:
-#endif
-		case TELOPT_OLD_ENVIRON:
-		default:
-			break;
-		}
-		if (changeok) {
-			set_my_want_state_will(option);
-			send_will(option, 0);
-		} else {
-			will_wont_resp[option]++;
-			send_wont(option, 0);
-		}
-	}
-	set_my_state_will(option);
-
-}  /* end of dooption */
-
-	void
-send_wont(option, init)
-	int option, init;
-{
-	if (init) {
-		if ((will_wont_resp[option] == 0 && my_state_is_wont(option)) ||
-		    my_want_state_is_wont(option))
-			return;
-		set_my_want_state_wont(option);
-		will_wont_resp[option]++;
-	}
-	(void) sprintf(nfrontp, (char *)wont, option);
-	nfrontp += sizeof (wont) - 2;
-
-	DIAG(TD_OPTIONS, printoption("td: send wont", option));
-}
-
-	void
-dontoption(option)
-	int option;
-{
-	/*
-	 * Process client input.
-	 */
-
-
-	DIAG(TD_OPTIONS, printoption("td: recv dont", option));
-
-	if (will_wont_resp[option]) {
-		will_wont_resp[option]--;
-		if (will_wont_resp[option] && my_state_is_wont(option))
-			will_wont_resp[option]--;
-	}
-	if ((will_wont_resp[option] == 0) && (my_want_state_is_will(option))) {
-		switch (option) {
-		case TELOPT_BINARY:
-			init_termbuf();
-			tty_binaryout(0);
-			set_termbuf();
-			break;
-
-		case TELOPT_ECHO:	/* we should stop echoing */
-#ifdef	LINEMODE
-# ifdef	KLUDGELINEMODE
-			if ((lmodetype != REAL_LINEMODE) &&
-			    (lmodetype != KLUDGE_LINEMODE))
-# else
-			if (his_state_is_wont(TELOPT_LINEMODE))
-# endif
-#endif
-			{
-				init_termbuf();
-				tty_setecho(0);
-				set_termbuf();
-			}
-			break;
-
-		case TELOPT_SGA:
-#if	defined(LINEMODE) && defined(KLUDGELINEMODE)
-			/*
-			 * If kludge linemode is in use, then we
-			 * must process an incoming do SGA for
-			 * linemode purposes.
-			 */
-			if ((lmodetype == KLUDGE_LINEMODE) ||
-			    (lmodetype == KLUDGE_OK)) {
-				/*
-				 * The client is asking us to turn
-				 * linemode on.
-				 */
-				lmodetype = KLUDGE_LINEMODE;
-				clientstat(TELOPT_LINEMODE, WILL, 0);
-				/*
-				 * If we did not turn line mode on,
-				 * then what do we say?  Will SGA?
-				 * This violates design of telnet.
-				 * Gross.  Very Gross.
-				 */
-			}
-			break;
-#else
-			set_my_want_state_wont(option);
-			if (my_state_is_will(option))
-				send_wont(option, 0);
-			set_my_state_wont(option);
-			if (turn_on_sga ^= 1)
-				send_will(option, 1);
-			return;
-#endif	/* defined(LINEMODE) && defined(KLUDGELINEMODE) */
-
-		default:
-			break;
-		}
-
-		set_my_want_state_wont(option);
-		if (my_state_is_will(option))
-			send_wont(option, 0);
-	}
-	set_my_state_wont(option);
-
-}  /* end of dontoption */
-
-#ifdef	ENV_HACK
-int env_ovar = -1;
-int env_ovalue = -1;
-#else	/* ENV_HACK */
-# define env_ovar OLD_ENV_VAR
-# define env_ovalue OLD_ENV_VALUE
-#endif	/* ENV_HACK */
-
-/*
- * suboption()
- *
- *	Look at the sub-option buffer, and try to be helpful to the other
- * side.
- *
- *	Currently we recognize:
- *
- *	Terminal type is
- *	Linemode
- *	Window size
- *	Terminal speed
- */
-	void
-suboption()
-{
-    register int subchar;
-
-    DIAG(TD_OPTIONS, {netflush(); printsub('<', subpointer, SB_LEN()+2);});
-
-    subchar = SB_GET();
-    switch (subchar) {
-    case TELOPT_TSPEED: {
-	register int xspeed, rspeed;
-
-	if (his_state_is_wont(TELOPT_TSPEED))	/* Ignore if option disabled */
-		break;
-
-	settimer(tspeedsubopt);
-
-	if (SB_EOF() || SB_GET() != TELQUAL_IS)
-		return;
-
-	xspeed = atoi((char *)subpointer);
-
-	while (SB_GET() != ',' && !SB_EOF());
-	if (SB_EOF())
-		return;
-
-	rspeed = atoi((char *)subpointer);
-	clientstat(TELOPT_TSPEED, xspeed, rspeed);
-
-	break;
-
-    }  /* end of case TELOPT_TSPEED */
-
-    case TELOPT_TTYPE: {		/* Yaaaay! */
-	static char terminalname[41];
-
-	if (his_state_is_wont(TELOPT_TTYPE))	/* Ignore if option disabled */
-		break;
-	settimer(ttypesubopt);
-
-	if (SB_EOF() || SB_GET() != TELQUAL_IS) {
-	    return;		/* ??? XXX but, this is the most robust */
-	}
-
-	terminaltype = terminalname;
-
-	while ((terminaltype < (terminalname + sizeof terminalname-1)) &&
-								    !SB_EOF()) {
-	    register int c;
-
-	    c = SB_GET();
-	    if (isupper(c)) {
-		c = tolower(c);
-	    }
-	    *terminaltype++ = c;    /* accumulate name */
-	}
-	*terminaltype = 0;
-	terminaltype = terminalname;
-	break;
-    }  /* end of case TELOPT_TTYPE */
-
-    case TELOPT_NAWS: {
-	register int xwinsize, ywinsize;
-
-	if (his_state_is_wont(TELOPT_NAWS))	/* Ignore if option disabled */
-		break;
-
-	if (SB_EOF())
-		return;
-	xwinsize = SB_GET() << 8;
-	if (SB_EOF())
-		return;
-	xwinsize |= SB_GET();
-	if (SB_EOF())
-		return;
-	ywinsize = SB_GET() << 8;
-	if (SB_EOF())
-		return;
-	ywinsize |= SB_GET();
-	clientstat(TELOPT_NAWS, xwinsize, ywinsize);
-
-	break;
-
-    }  /* end of case TELOPT_NAWS */
-
-#ifdef	LINEMODE
-    case TELOPT_LINEMODE: {
-	register int request;
-
-	if (his_state_is_wont(TELOPT_LINEMODE))	/* Ignore if option disabled */
-		break;
-	/*
-	 * Process linemode suboptions.
-	 */
-	if (SB_EOF())
-	    break;		/* garbage was sent */
-	request = SB_GET();	/* get will/wont */
-
-	if (SB_EOF())
-	    break;		/* another garbage check */
-
-	if (request == LM_SLC) {  /* SLC is not preceeded by WILL or WONT */
-		/*
-		 * Process suboption buffer of slc's
-		 */
-		start_slc(1);
-		do_opt_slc(subpointer, subend - subpointer);
-		(void) end_slc(0);
-		break;
-	} else if (request == LM_MODE) {
-		if (SB_EOF())
-		    return;
-		useeditmode = SB_GET();  /* get mode flag */
-		clientstat(LM_MODE, 0, 0);
-		break;
-	}
-
-	if (SB_EOF())
-	    break;
-	switch (SB_GET()) {  /* what suboption? */
-	case LM_FORWARDMASK:
-		/*
-		 * According to spec, only server can send request for
-		 * forwardmask, and client can only return a positive response.
-		 * So don't worry about it.
-		 */
-
-	default:
-		break;
-	}
-	break;
-    }  /* end of case TELOPT_LINEMODE */
-#endif
-    case TELOPT_STATUS: {
-	int mode;
-
-	if (SB_EOF())
-	    break;
-	mode = SB_GET();
-	switch (mode) {
-	case TELQUAL_SEND:
-	    if (my_state_is_will(TELOPT_STATUS))
-		send_status();
-	    break;
-
-	case TELQUAL_IS:
-	    break;
-
-	default:
-	    break;
-	}
-	break;
-    }  /* end of case TELOPT_STATUS */
-
-    case TELOPT_XDISPLOC: {
-	if (SB_EOF() || SB_GET() != TELQUAL_IS)
-		return;
-	settimer(xdisplocsubopt);
-	subpointer[SB_LEN()] = '\0';
-	(void)setenv("DISPLAY", (char *)subpointer, 1);
-	break;
-    }  /* end of case TELOPT_XDISPLOC */
-
-#ifdef	TELOPT_NEW_ENVIRON
-    case TELOPT_NEW_ENVIRON:
-#endif
-    case TELOPT_OLD_ENVIRON: {
-	register int c;
-	register char *cp, *varp, *valp;
-
-	if (SB_EOF())
-		return;
-	c = SB_GET();
-	if (c == TELQUAL_IS) {
-		if (subchar == TELOPT_OLD_ENVIRON)
-			settimer(oenvironsubopt);
-		else
-			settimer(environsubopt);
-	} else if (c != TELQUAL_INFO) {
-		return;
-	}
-
-#ifdef	TELOPT_NEW_ENVIRON
-	if (subchar == TELOPT_NEW_ENVIRON) {
-	    while (!SB_EOF()) {
-		c = SB_GET();
-		if ((c == NEW_ENV_VAR) || (c == ENV_USERVAR))
-			break;
-	    }
-	} else
-#endif
-	{
-#ifdef	ENV_HACK
-	    /*
-	     * We only want to do this if we haven't already decided
-	     * whether or not the other side has its VALUE and VAR
-	     * reversed.
-	     */
-	    if (env_ovar < 0) {
-		register int last = -1;		/* invalid value */
-		int empty = 0;
-		int got_var = 0, got_value = 0, got_uservar = 0;
-
-		/*
-		 * The other side might have its VALUE and VAR values
-		 * reversed.  To be interoperable, we need to determine
-		 * which way it is.  If the first recognized character
-		 * is a VAR or VALUE, then that will tell us what
-		 * type of client it is.  If the fist recognized
-		 * character is a USERVAR, then we continue scanning
-		 * the suboption looking for two consecutive
-		 * VAR or VALUE fields.  We should not get two
-		 * consecutive VALUE fields, so finding two
-		 * consecutive VALUE or VAR fields will tell us
-		 * what the client is.
-		 */
-		SB_SAVE();
-		while (!SB_EOF()) {
-			c = SB_GET();
-			switch(c) {
-			case OLD_ENV_VAR:
-				if (last < 0 || last == OLD_ENV_VAR
-				    || (empty && (last == OLD_ENV_VALUE)))
-					goto env_ovar_ok;
-				got_var++;
-				last = OLD_ENV_VAR;
-				break;
-			case OLD_ENV_VALUE:
-				if (last < 0 || last == OLD_ENV_VALUE
-				    || (empty && (last == OLD_ENV_VAR)))
-					goto env_ovar_wrong;
-				got_value++;
-				last = OLD_ENV_VALUE;
-				break;
-			case ENV_USERVAR:
-				/* count strings of USERVAR as one */
-				if (last != ENV_USERVAR)
-					got_uservar++;
-				if (empty) {
-					if (last == OLD_ENV_VALUE)
-						goto env_ovar_ok;
-					if (last == OLD_ENV_VAR)
-						goto env_ovar_wrong;
-				}
-				last = ENV_USERVAR;
-				break;
-			case ENV_ESC:
-				if (!SB_EOF())
-					c = SB_GET();
-				/* FALL THROUGH */
-			default:
-				empty = 0;
-				continue;
-			}
-			empty = 1;
-		}
-		if (empty) {
-			if (last == OLD_ENV_VALUE)
-				goto env_ovar_ok;
-			if (last == OLD_ENV_VAR)
-				goto env_ovar_wrong;
-		}
-		/*
-		 * Ok, the first thing was a USERVAR, and there
-		 * are not two consecutive VAR or VALUE commands,
-		 * and none of the VAR or VALUE commands are empty.
-		 * If the client has sent us a well-formed option,
-		 * then the number of VALUEs received should always
-		 * be less than or equal to the number of VARs and
-		 * USERVARs received.
-		 *
-		 * If we got exactly as many VALUEs as VARs and
-		 * USERVARs, the client has the same definitions.
-		 *
-		 * If we got exactly as many VARs as VALUEs and
-		 * USERVARS, the client has reversed definitions.
-		 */
-		if (got_uservar + got_var == got_value) {
-	    env_ovar_ok:
-			env_ovar = OLD_ENV_VAR;
-			env_ovalue = OLD_ENV_VALUE;
-		} else if (got_uservar + got_value == got_var) {
-	    env_ovar_wrong:
-			env_ovar = OLD_ENV_VALUE;
-			env_ovalue = OLD_ENV_VAR;
-			DIAG(TD_OPTIONS, {sprintf(nfrontp,
-				"ENVIRON VALUE and VAR are reversed!\r\n");
-				nfrontp += strlen(nfrontp);});
-
-		}
-	    }
-	    SB_RESTORE();
-#endif
-
-	    while (!SB_EOF()) {
-		c = SB_GET();
-		if ((c == env_ovar) || (c == ENV_USERVAR))
-			break;
-	    }
-	}
-
-	if (SB_EOF())
-		return;
-
-	cp = varp = (char *)subpointer;
-	valp = 0;
-
-	while (!SB_EOF()) {
-		c = SB_GET();
-		if (subchar == TELOPT_OLD_ENVIRON) {
-			if (c == env_ovar)
-				c = NEW_ENV_VAR;
-			else if (c == env_ovalue)
-				c = NEW_ENV_VALUE;
-		}
-		switch (c) {
-
-		case NEW_ENV_VALUE:
-			*cp = '\0';
-			cp = valp = (char *)subpointer;
-			break;
-
-		case NEW_ENV_VAR:
-		case ENV_USERVAR:
-			*cp = '\0';
-			if (valp)
-				(void)setenv(varp, valp, 1);
-			else
-				unsetenv(varp);
-			cp = varp = (char *)subpointer;
-			valp = 0;
-			break;
-
-		case ENV_ESC:
-			if (SB_EOF())
-				break;
-			c = SB_GET();
-			/* FALL THROUGH */
-		default:
-			*cp++ = c;
-			break;
-		}
-	}
-	*cp = '\0';
-	if (valp)
-		(void)setenv(varp, valp, 1);
-	else
-		unsetenv(varp);
-	break;
-    }  /* end of case TELOPT_NEW_ENVIRON */
-#if	defined(AUTHENTICATION)
-    case TELOPT_AUTHENTICATION:
-	if (SB_EOF())
-		break;
-	switch(SB_GET()) {
-	case TELQUAL_SEND:
-	case TELQUAL_REPLY:
-		/*
-		 * These are sent by us and cannot be sent by
-		 * the client.
-		 */
-		break;
-	case TELQUAL_IS:
-		auth_is(subpointer, SB_LEN());
-		break;
-	case TELQUAL_NAME:
-		auth_name(subpointer, SB_LEN());
-		break;
-	}
-	break;
-#endif
-#ifdef	ENCRYPTION
-    case TELOPT_ENCRYPT:
-	if (SB_EOF())
-		break;
-	switch(SB_GET()) {
-	case ENCRYPT_SUPPORT:
-		encrypt_support(subpointer, SB_LEN());
-		break;
-	case ENCRYPT_IS:
-		encrypt_is(subpointer, SB_LEN());
-		break;
-	case ENCRYPT_REPLY:
-		encrypt_reply(subpointer, SB_LEN());
-		break;
-	case ENCRYPT_START:
-		encrypt_start(subpointer, SB_LEN());
-		break;
-	case ENCRYPT_END:
-		encrypt_end();
-		break;
-	case ENCRYPT_REQSTART:
-		encrypt_request_start(subpointer, SB_LEN());
-		break;
-	case ENCRYPT_REQEND:
-		/*
-		 * We can always send an REQEND so that we cannot
-		 * get stuck encrypting.  We should only get this
-		 * if we have been able to get in the correct mode
-		 * anyhow.
-		 */
-		encrypt_request_end();
-		break;
-	case ENCRYPT_ENC_KEYID:
-		encrypt_enc_keyid(subpointer, SB_LEN());
-		break;
-	case ENCRYPT_DEC_KEYID:
-		encrypt_dec_keyid(subpointer, SB_LEN());
-		break;
-	default:
-		break;
-	}
-	break;
-#endif	/* ENCRYPTION */
-
-    default:
-	break;
-    }  /* end of switch */
-
-}  /* end of suboption */
-
-	void
-doclientstat()
-{
-	clientstat(TELOPT_LINEMODE, WILL, 0);
-}
-
-#define	ADD(c)	 *ncp++ = c
-#define	ADD_DATA(c) { *ncp++ = c; if (c == SE || c == IAC) *ncp++ = c; }
-	void
-send_status()
-{
-	unsigned char statusbuf[256];
-	register unsigned char *ncp;
-	register unsigned char i;
-
-	ncp = statusbuf;
-
-	netflush();	/* get rid of anything waiting to go out */
-
-	ADD(IAC);
-	ADD(SB);
-	ADD(TELOPT_STATUS);
-	ADD(TELQUAL_IS);
-
-	/*
-	 * We check the want_state rather than the current state,
-	 * because if we received a DO/WILL for an option that we
-	 * don't support, and the other side didn't send a DONT/WONT
-	 * in response to our WONT/DONT, then the "state" will be
-	 * WILL/DO, and the "want_state" will be WONT/DONT.  We
-	 * need to go by the latter.
-	 */
-	for (i = 0; i < (unsigned char)NTELOPTS; i++) {
-		if (my_want_state_is_will(i)) {
-			ADD(WILL);
-			ADD_DATA(i);
-		}
-		if (his_want_state_is_will(i)) {
-			ADD(DO);
-			ADD_DATA(i);
-		}
-	}
-
-	if (his_want_state_is_will(TELOPT_LFLOW)) {
-		ADD(SB);
-		ADD(TELOPT_LFLOW);
-		if (flowmode) {
-			ADD(LFLOW_ON);
-		} else {
-			ADD(LFLOW_OFF);
-		}
-		ADD(SE);
-
-		if (restartany >= 0) {
-			ADD(SB);
-			ADD(TELOPT_LFLOW);
-			if (restartany) {
-				ADD(LFLOW_RESTART_ANY);
-			} else {
-				ADD(LFLOW_RESTART_XON);
-			}
-			ADD(SE);
-		}
-	}
-
-#ifdef	LINEMODE
-	if (his_want_state_is_will(TELOPT_LINEMODE)) {
-		unsigned char *cp, *cpe;
-		int len;
-
-		ADD(SB);
-		ADD(TELOPT_LINEMODE);
-		ADD(LM_MODE);
-		ADD_DATA(editmode);
-		ADD(SE);
-
-		ADD(SB);
-		ADD(TELOPT_LINEMODE);
-		ADD(LM_SLC);
-		start_slc(0);
-		send_slc();
-		len = end_slc(&cp);
-		for (cpe = cp + len; cp < cpe; cp++)
-			ADD_DATA(*cp);
-		ADD(SE);
-	}
-#endif	/* LINEMODE */
-
-	ADD(IAC);
-	ADD(SE);
-
-	writenet(statusbuf, ncp - statusbuf);
-	netflush();	/* Send it on its way */
-
-	DIAG(TD_OPTIONS,
-		{printsub('>', statusbuf, ncp - statusbuf); netflush();});
-}
diff --git a/crypto/telnet/telnetd/sys_term.c b/crypto/telnet/telnetd/sys_term.c
deleted file mode 100644
index 591c9630053c..000000000000
--- a/crypto/telnet/telnetd/sys_term.c
+++ /dev/null
@@ -1,2335 +0,0 @@
-/*
- * Copyright (c) 1989, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef lint
-#if 0
-static const char sccsid[] = "@(#)sys_term.c	8.4+1 (Berkeley) 5/30/95";
-#endif
-static const char rcsid[] =
-	"$Id: sys_term.c,v 1.3 1997/12/08 07:41:12 charnier Exp $";
-#endif /* not lint */
-
-#include "telnetd.h"
-#include "pathnames.h"
-
-#if	defined(AUTHENTICATION)
-#include <libtelnet/auth.h>
-#endif
-
-extern char *altlogin;
-int cleanopen(char *line);
-void scrub_env(void);
-
-#if defined(CRAY) || defined(__hpux)
-# define PARENT_DOES_UTMP
-#endif
-
-int     utmp_len = MAXHOSTNAMELEN;
-#ifdef	NEWINIT
-#include <initreq.h>
-#else	/* NEWINIT*/
-# ifdef	UTMPX
-# include <utmpx.h>
-struct	utmpx wtmp;
-# else
-# include <utmp.h>
-struct	utmp wtmp;
-# endif /* UTMPX */
-
-# ifndef PARENT_DOES_UTMP
-#ifdef _PATH_WTMP
-char    wtmpf[] = _PATH_WTMP;
-#else
-char	wtmpf[]	= "/usr/adm/wtmp";
-#endif
-#ifdef _PATH_UTMP
-char    utmpf[] = _PATH_UTMP;
-#else
-char	utmpf[] = "/etc/utmp";
-#endif
-# else /* PARENT_DOES_UTMP */
-char	wtmpf[]	= "/etc/wtmp";
-# endif /* PARENT_DOES_UTMP */
-
-#include <libutil.h>
-
-# ifdef CRAY
-#include <tmpdir.h>
-#include <sys/wait.h>
-#  if (UNICOS_LVL == '7.0') || (UNICOS_LVL == '7.1')
-#   define UNICOS7x
-#  endif
-
-#  ifdef UNICOS7x
-#include <sys/sysv.h>
-#include <sys/secstat.h>
-extern int secflag;
-extern struct sysv sysv;
-#  endif /* UNICOS7x */
-# endif	/* CRAY */
-#endif	/* NEWINIT */
-
-#ifdef	STREAMSPTY
-#include <sac.h>
-#include <sys/stropts.h>
-#endif
-
-#define SCPYN(a, b)	(void) strncpy(a, b, sizeof(a))
-#define SCMPN(a, b)	strncmp(a, b, sizeof(a))
-
-#ifdef	STREAMS
-#include <sys/stream.h>
-#endif
-#ifdef __hpux
-#include <sys/resource.h>
-#include <sys/proc.h>
-#endif
-#include <sys/tty.h>
-#ifdef	t_erase
-#undef	t_erase
-#undef	t_kill
-#undef	t_intrc
-#undef	t_quitc
-#undef	t_startc
-#undef	t_stopc
-#undef	t_eofc
-#undef	t_brkc
-#undef	t_suspc
-#undef	t_dsuspc
-#undef	t_rprntc
-#undef	t_flushc
-#undef	t_werasc
-#undef	t_lnextc
-#endif
-
-#if defined(UNICOS5) && defined(CRAY2) && !defined(EXTPROC)
-# define EXTPROC 0400
-#endif
-
-#ifndef	USE_TERMIO
-struct termbuf {
-	struct sgttyb sg;
-	struct tchars tc;
-	struct ltchars ltc;
-	int state;
-	int lflags;
-} termbuf, termbuf2;
-# define	cfsetospeed(tp, val)	(tp)->sg.sg_ospeed = (val)
-# define	cfsetispeed(tp, val)	(tp)->sg.sg_ispeed = (val)
-# define	cfgetospeed(tp)		(tp)->sg.sg_ospeed
-# define	cfgetispeed(tp)		(tp)->sg.sg_ispeed
-#else	/* USE_TERMIO */
-# ifdef	SYSV_TERMIO
-#	define termios termio
-# endif
-# ifndef	TCSANOW
-#  ifdef TCSETS
-#   define	TCSANOW		TCSETS
-#   define	TCSADRAIN	TCSETSW
-#   define	tcgetattr(f, t)	ioctl(f, TCGETS, (char *)t)
-#  else
-#   ifdef TCSETA
-#    define	TCSANOW		TCSETA
-#    define	TCSADRAIN	TCSETAW
-#    define	tcgetattr(f, t)	ioctl(f, TCGETA, (char *)t)
-#   else
-#    define	TCSANOW		TIOCSETA
-#    define	TCSADRAIN	TIOCSETAW
-#    define	tcgetattr(f, t)	ioctl(f, TIOCGETA, (char *)t)
-#   endif
-#  endif
-#  define	tcsetattr(f, a, t)	ioctl(f, a, t)
-#  define	cfsetospeed(tp, val)	(tp)->c_cflag &= ~CBAUD; \
-					(tp)->c_cflag |= (val)
-#  define	cfgetospeed(tp)		((tp)->c_cflag & CBAUD)
-#  ifdef CIBAUD
-#   define	cfsetispeed(tp, val)	(tp)->c_cflag &= ~CIBAUD; \
-					(tp)->c_cflag |= ((val)<<IBSHIFT)
-#   define	cfgetispeed(tp)		(((tp)->c_cflag & CIBAUD)>>IBSHIFT)
-#  else
-#   define	cfsetispeed(tp, val)	(tp)->c_cflag &= ~CBAUD; \
-					(tp)->c_cflag |= (val)
-#   define	cfgetispeed(tp)		((tp)->c_cflag & CBAUD)
-#  endif
-# endif /* TCSANOW */
-struct termios termbuf, termbuf2;	/* pty control structure */
-# ifdef  STREAMSPTY
-int ttyfd = -1;
-# endif
-#endif	/* USE_TERMIO */
-
-#include <sys/types.h>
-#include <libutil.h>
-
-int cleanopen __P((char *));
-void scrub_env __P((void));
-
-/*
- * init_termbuf()
- * copy_termbuf(cp)
- * set_termbuf()
- *
- * These three routines are used to get and set the "termbuf" structure
- * to and from the kernel.  init_termbuf() gets the current settings.
- * copy_termbuf() hands in a new "termbuf" to write to the kernel, and
- * set_termbuf() writes the structure into the kernel.
- */
-
-	void
-init_termbuf()
-{
-#ifndef	USE_TERMIO
-	(void) ioctl(pty, TIOCGETP, (char *)&termbuf.sg);
-	(void) ioctl(pty, TIOCGETC, (char *)&termbuf.tc);
-	(void) ioctl(pty, TIOCGLTC, (char *)&termbuf.ltc);
-# ifdef	TIOCGSTATE
-	(void) ioctl(pty, TIOCGSTATE, (char *)&termbuf.state);
-# endif
-#else
-# ifdef  STREAMSPTY
-	(void) tcgetattr(ttyfd, &termbuf);
-# else
-	(void) tcgetattr(pty, &termbuf);
-# endif
-#endif
-	termbuf2 = termbuf;
-}
-
-#if	defined(LINEMODE) && defined(TIOCPKT_IOCTL)
-	void
-copy_termbuf(cp, len)
-	char *cp;
-	int len;
-{
-	if (len > sizeof(termbuf))
-		len = sizeof(termbuf);
-	memmove((char *)&termbuf, cp, len);
-	termbuf2 = termbuf;
-}
-#endif	/* defined(LINEMODE) && defined(TIOCPKT_IOCTL) */
-
-	void
-set_termbuf()
-{
-	/*
-	 * Only make the necessary changes.
-	 */
-#ifndef	USE_TERMIO
-	if (memcmp((char *)&termbuf.sg, (char *)&termbuf2.sg,
-							sizeof(termbuf.sg)))
-		(void) ioctl(pty, TIOCSETN, (char *)&termbuf.sg);
-	if (memcmp((char *)&termbuf.tc, (char *)&termbuf2.tc,
-							sizeof(termbuf.tc)))
-		(void) ioctl(pty, TIOCSETC, (char *)&termbuf.tc);
-	if (memcmp((char *)&termbuf.ltc, (char *)&termbuf2.ltc,
-							sizeof(termbuf.ltc)))
-		(void) ioctl(pty, TIOCSLTC, (char *)&termbuf.ltc);
-	if (termbuf.lflags != termbuf2.lflags)
-		(void) ioctl(pty, TIOCLSET, (char *)&termbuf.lflags);
-#else	/* USE_TERMIO */
-	if (memcmp((char *)&termbuf, (char *)&termbuf2, sizeof(termbuf)))
-# ifdef  STREAMSPTY
-		(void) tcsetattr(ttyfd, TCSANOW, &termbuf);
-# else
-		(void) tcsetattr(pty, TCSANOW, &termbuf);
-# endif
-# if	defined(CRAY2) && defined(UNICOS5)
-	needtermstat = 1;
-# endif
-#endif	/* USE_TERMIO */
-}
-
-
-/*
- * spcset(func, valp, valpp)
- *
- * This function takes various special characters (func), and
- * sets *valp to the current value of that character, and
- * *valpp to point to where in the "termbuf" structure that
- * value is kept.
- *
- * It returns the SLC_ level of support for this function.
- */
-
-#ifndef	USE_TERMIO
-	int
-spcset(func, valp, valpp)
-	int func;
-	cc_t *valp;
-	cc_t **valpp;
-{
-	switch(func) {
-	case SLC_EOF:
-		*valp = termbuf.tc.t_eofc;
-		*valpp = (cc_t *)&termbuf.tc.t_eofc;
-		return(SLC_VARIABLE);
-	case SLC_EC:
-		*valp = termbuf.sg.sg_erase;
-		*valpp = (cc_t *)&termbuf.sg.sg_erase;
-		return(SLC_VARIABLE);
-	case SLC_EL:
-		*valp = termbuf.sg.sg_kill;
-		*valpp = (cc_t *)&termbuf.sg.sg_kill;
-		return(SLC_VARIABLE);
-	case SLC_IP:
-		*valp = termbuf.tc.t_intrc;
-		*valpp = (cc_t *)&termbuf.tc.t_intrc;
-		return(SLC_VARIABLE|SLC_FLUSHIN|SLC_FLUSHOUT);
-	case SLC_ABORT:
-		*valp = termbuf.tc.t_quitc;
-		*valpp = (cc_t *)&termbuf.tc.t_quitc;
-		return(SLC_VARIABLE|SLC_FLUSHIN|SLC_FLUSHOUT);
-	case SLC_XON:
-		*valp = termbuf.tc.t_startc;
-		*valpp = (cc_t *)&termbuf.tc.t_startc;
-		return(SLC_VARIABLE);
-	case SLC_XOFF:
-		*valp = termbuf.tc.t_stopc;
-		*valpp = (cc_t *)&termbuf.tc.t_stopc;
-		return(SLC_VARIABLE);
-	case SLC_AO:
-		*valp = termbuf.ltc.t_flushc;
-		*valpp = (cc_t *)&termbuf.ltc.t_flushc;
-		return(SLC_VARIABLE);
-	case SLC_SUSP:
-		*valp = termbuf.ltc.t_suspc;
-		*valpp = (cc_t *)&termbuf.ltc.t_suspc;
-		return(SLC_VARIABLE);
-	case SLC_EW:
-		*valp = termbuf.ltc.t_werasc;
-		*valpp = (cc_t *)&termbuf.ltc.t_werasc;
-		return(SLC_VARIABLE);
-	case SLC_RP:
-		*valp = termbuf.ltc.t_rprntc;
-		*valpp = (cc_t *)&termbuf.ltc.t_rprntc;
-		return(SLC_VARIABLE);
-	case SLC_LNEXT:
-		*valp = termbuf.ltc.t_lnextc;
-		*valpp = (cc_t *)&termbuf.ltc.t_lnextc;
-		return(SLC_VARIABLE);
-	case SLC_FORW1:
-		*valp = termbuf.tc.t_brkc;
-		*valpp = (cc_t *)&termbuf.ltc.t_lnextc;
-		return(SLC_VARIABLE);
-	case SLC_BRK:
-	case SLC_SYNCH:
-	case SLC_AYT:
-	case SLC_EOR:
-		*valp = (cc_t)0;
-		*valpp = (cc_t *)0;
-		return(SLC_DEFAULT);
-	default:
-		*valp = (cc_t)0;
-		*valpp = (cc_t *)0;
-		return(SLC_NOSUPPORT);
-	}
-}
-
-#else	/* USE_TERMIO */
-
-	int
-spcset(func, valp, valpp)
-	int func;
-	cc_t *valp;
-	cc_t **valpp;
-{
-
-#define	setval(a, b)	*valp = termbuf.c_cc[a]; \
-			*valpp = &termbuf.c_cc[a]; \
-			return(b);
-#define	defval(a) *valp = ((cc_t)a); *valpp = (cc_t *)0; return(SLC_DEFAULT);
-
-	switch(func) {
-	case SLC_EOF:
-		setval(VEOF, SLC_VARIABLE);
-	case SLC_EC:
-		setval(VERASE, SLC_VARIABLE);
-	case SLC_EL:
-		setval(VKILL, SLC_VARIABLE);
-	case SLC_IP:
-		setval(VINTR, SLC_VARIABLE|SLC_FLUSHIN|SLC_FLUSHOUT);
-	case SLC_ABORT:
-		setval(VQUIT, SLC_VARIABLE|SLC_FLUSHIN|SLC_FLUSHOUT);
-	case SLC_XON:
-#ifdef	VSTART
-		setval(VSTART, SLC_VARIABLE);
-#else
-		defval(0x13);
-#endif
-	case SLC_XOFF:
-#ifdef	VSTOP
-		setval(VSTOP, SLC_VARIABLE);
-#else
-		defval(0x11);
-#endif
-	case SLC_EW:
-#ifdef	VWERASE
-		setval(VWERASE, SLC_VARIABLE);
-#else
-		defval(0);
-#endif
-	case SLC_RP:
-#ifdef	VREPRINT
-		setval(VREPRINT, SLC_VARIABLE);
-#else
-		defval(0);
-#endif
-	case SLC_LNEXT:
-#ifdef	VLNEXT
-		setval(VLNEXT, SLC_VARIABLE);
-#else
-		defval(0);
-#endif
-	case SLC_AO:
-#if	!defined(VDISCARD) && defined(VFLUSHO)
-# define VDISCARD VFLUSHO
-#endif
-#ifdef	VDISCARD
-		setval(VDISCARD, SLC_VARIABLE|SLC_FLUSHOUT);
-#else
-		defval(0);
-#endif
-	case SLC_SUSP:
-#ifdef	VSUSP
-		setval(VSUSP, SLC_VARIABLE|SLC_FLUSHIN);
-#else
-		defval(0);
-#endif
-#ifdef	VEOL
-	case SLC_FORW1:
-		setval(VEOL, SLC_VARIABLE);
-#endif
-#ifdef	VEOL2
-	case SLC_FORW2:
-		setval(VEOL2, SLC_VARIABLE);
-#endif
-	case SLC_AYT:
-#ifdef	VSTATUS
-		setval(VSTATUS, SLC_VARIABLE);
-#else
-		defval(0);
-#endif
-
-	case SLC_BRK:
-	case SLC_SYNCH:
-	case SLC_EOR:
-		defval(0);
-
-	default:
-		*valp = 0;
-		*valpp = 0;
-		return(SLC_NOSUPPORT);
-	}
-}
-#endif	/* USE_TERMIO */
-
-#ifdef CRAY
-/*
- * getnpty()
- *
- * Return the number of pty's configured into the system.
- */
-	int
-getnpty()
-{
-#ifdef _SC_CRAY_NPTY
-	int numptys;
-
-	if ((numptys = sysconf(_SC_CRAY_NPTY)) != -1)
-		return numptys;
-	else
-#endif /* _SC_CRAY_NPTY */
-		return 128;
-}
-#endif /* CRAY */
-
-#ifndef	convex
-/*
- * getpty()
- *
- * Allocate a pty.  As a side effect, the external character
- * array "line" contains the name of the slave side.
- *
- * Returns the file descriptor of the opened pty.
- */
-#ifndef	__GNUC__
-char *line = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
-#else
-static char Xline[] = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
-char *line = Xline;
-#endif
-#ifdef	CRAY
-char *myline = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
-#endif	/* CRAY */
-
-	int
-getpty(ptynum)
-int *ptynum;
-{
-	register int p;
-#ifdef	STREAMSPTY
-	int t;
-	char *ptsname();
-
-	p = open("/dev/ptmx", 2);
-	if (p > 0) {
-		grantpt(p);
-		unlockpt(p);
-		strcpy(line, ptsname(p));
-		return(p);
-	}
-
-#else	/* ! STREAMSPTY */
-#ifndef CRAY
-	register char *cp, *p1, *p2;
-	register int i;
-#if defined(sun) && defined(TIOCGPGRP) && BSD < 199207
-	int dummy;
-#endif
-
-#ifndef	__hpux
-	(void) strcpy(line, "/dev/ptyXX");
-	p1 = &line[8];
-	p2 = &line[9];
-#else
-	(void) strcpy(line, "/dev/ptym/ptyXX");
-	p1 = &line[13];
-	p2 = &line[14];
-#endif
-
-	for (cp = "pqrsPQRS"; *cp; cp++) {
-		struct stat stb;
-
-		*p1 = *cp;
-		*p2 = '0';
-		/*
-		 * This stat() check is just to keep us from
-		 * looping through all 256 combinations if there
-		 * aren't that many ptys available.
-		 */
-		if (stat(line, &stb) < 0)
-			break;
-		for (i = 0; i < 32; i++) {
-			*p2 = "0123456789abcdefghijklmnopqrstuv"[i];
-			p = open(line, 2);
-			if (p > 0) {
-#ifndef	__hpux
-				line[5] = 't';
-#else
-				for (p1 = &line[8]; *p1; p1++)
-					*p1 = *(p1+1);
-				line[9] = 't';
-#endif
-				chown(line, 0, 0);
-				chmod(line, 0600);
-#if defined(sun) && defined(TIOCGPGRP) && BSD < 199207
-				if (ioctl(p, TIOCGPGRP, &dummy) == 0
-				    || errno != EIO) {
-					chmod(line, 0666);
-					close(p);
-					line[5] = 'p';
-				} else
-#endif /* defined(sun) && defined(TIOCGPGRP) && BSD < 199207 */
-					return(p);
-			}
-		}
-	}
-#else	/* CRAY */
-	extern lowpty, highpty;
-	struct stat sb;
-
-	for (*ptynum = lowpty; *ptynum <= highpty; (*ptynum)++) {
-		(void) sprintf(myline, "/dev/pty/%03d", *ptynum);
-		p = open(myline, 2);
-		if (p < 0)
-			continue;
-		(void) sprintf(line, "/dev/ttyp%03d", *ptynum);
-		/*
-		 * Here are some shenanigans to make sure that there
-		 * are no listeners lurking on the line.
-		 */
-		if(stat(line, &sb) < 0) {
-			(void) close(p);
-			continue;
-		}
-		if(sb.st_uid || sb.st_gid || sb.st_mode != 0600) {
-			chown(line, 0, 0);
-			chmod(line, 0600);
-			(void)close(p);
-			p = open(myline, 2);
-			if (p < 0)
-				continue;
-		}
-		/*
-		 * Now it should be safe...check for accessability.
-		 */
-		if (access(line, 6) == 0)
-			return(p);
-		else {
-			/* no tty side to pty so skip it */
-			(void) close(p);
-		}
-	}
-#endif	/* CRAY */
-#endif	/* STREAMSPTY */
-	return(-1);
-}
-#endif	/* convex */
-
-#ifdef	LINEMODE
-/*
- * tty_flowmode()	Find out if flow control is enabled or disabled.
- * tty_linemode()	Find out if linemode (external processing) is enabled.
- * tty_setlinemod(on)	Turn on/off linemode.
- * tty_isecho()		Find out if echoing is turned on.
- * tty_setecho(on)	Enable/disable character echoing.
- * tty_israw()		Find out if terminal is in RAW mode.
- * tty_binaryin(on)	Turn on/off BINARY on input.
- * tty_binaryout(on)	Turn on/off BINARY on output.
- * tty_isediting()	Find out if line editing is enabled.
- * tty_istrapsig()	Find out if signal trapping is enabled.
- * tty_setedit(on)	Turn on/off line editing.
- * tty_setsig(on)	Turn on/off signal trapping.
- * tty_issofttab()	Find out if tab expansion is enabled.
- * tty_setsofttab(on)	Turn on/off soft tab expansion.
- * tty_islitecho()	Find out if typed control chars are echoed literally
- * tty_setlitecho()	Turn on/off literal echo of control chars
- * tty_tspeed(val)	Set transmit speed to val.
- * tty_rspeed(val)	Set receive speed to val.
- */
-
-#ifdef convex
-static int linestate;
-#endif
-
-	int
-tty_linemode()
-{
-#ifndef convex
-#ifndef	USE_TERMIO
-	return(termbuf.state & TS_EXTPROC);
-#else
-	return(termbuf.c_lflag & EXTPROC);
-#endif
-#else
-	return(linestate);
-#endif
-}
-
-	void
-tty_setlinemode(on)
-	int on;
-{
-#ifdef	TIOCEXT
-# ifndef convex
-	set_termbuf();
-# else
-	linestate = on;
-# endif
-	(void) ioctl(pty, TIOCEXT, (char *)&on);
-# ifndef convex
-	init_termbuf();
-# endif
-#else	/* !TIOCEXT */
-# ifdef	EXTPROC
-	if (on)
-		termbuf.c_lflag |= EXTPROC;
-	else
-		termbuf.c_lflag &= ~EXTPROC;
-# endif
-#endif	/* TIOCEXT */
-}
-#endif	/* LINEMODE */
-
-	int
-tty_isecho()
-{
-#ifndef USE_TERMIO
-	return (termbuf.sg.sg_flags & ECHO);
-#else
-	return (termbuf.c_lflag & ECHO);
-#endif
-}
-
-	int
-tty_flowmode()
-{
-#ifndef USE_TERMIO
-	return(((termbuf.tc.t_startc) > 0 && (termbuf.tc.t_stopc) > 0) ? 1 : 0);
-#else
-	return((termbuf.c_iflag & IXON) ? 1 : 0);
-#endif
-}
-
-	int
-tty_restartany()
-{
-#ifndef USE_TERMIO
-# ifdef	DECCTQ
-	return((termbuf.lflags & DECCTQ) ? 0 : 1);
-# else
-	return(-1);
-# endif
-#else
-	return((termbuf.c_iflag & IXANY) ? 1 : 0);
-#endif
-}
-
-	void
-tty_setecho(on)
-	int on;
-{
-#ifndef	USE_TERMIO
-	if (on)
-		termbuf.sg.sg_flags |= ECHO|CRMOD;
-	else
-		termbuf.sg.sg_flags &= ~(ECHO|CRMOD);
-#else
-	if (on)
-		termbuf.c_lflag |= ECHO;
-	else
-		termbuf.c_lflag &= ~ECHO;
-#endif
-}
-
-	int
-tty_israw()
-{
-#ifndef USE_TERMIO
-	return(termbuf.sg.sg_flags & RAW);
-#else
-	return(!(termbuf.c_lflag & ICANON));
-#endif
-}
-
-#if	defined (AUTHENTICATION) && defined(NO_LOGIN_F) && defined(LOGIN_R)
-	int
-tty_setraw(on)
-{
-#  ifndef USE_TERMIO
-	if (on)
-		termbuf.sg.sg_flags |= RAW;
-	else
-		termbuf.sg.sg_flags &= ~RAW;
-#  else
-	if (on)
-		termbuf.c_lflag &= ~ICANON;
-	else
-		termbuf.c_lflag |= ICANON;
-#  endif
-}
-#endif
-
-	void
-tty_binaryin(on)
-	int on;
-{
-#ifndef	USE_TERMIO
-	if (on)
-		termbuf.lflags |= LPASS8;
-	else
-		termbuf.lflags &= ~LPASS8;
-#else
-	if (on) {
-		termbuf.c_iflag &= ~ISTRIP;
-	} else {
-		termbuf.c_iflag |= ISTRIP;
-	}
-#endif
-}
-
-	void
-tty_binaryout(on)
-	int on;
-{
-#ifndef	USE_TERMIO
-	if (on)
-		termbuf.lflags |= LLITOUT;
-	else
-		termbuf.lflags &= ~LLITOUT;
-#else
-	if (on) {
-		termbuf.c_cflag &= ~(CSIZE|PARENB);
-		termbuf.c_cflag |= CS8;
-		termbuf.c_oflag &= ~OPOST;
-	} else {
-		termbuf.c_cflag &= ~CSIZE;
-		termbuf.c_cflag |= CS7|PARENB;
-		termbuf.c_oflag |= OPOST;
-	}
-#endif
-}
-
-	int
-tty_isbinaryin()
-{
-#ifndef	USE_TERMIO
-	return(termbuf.lflags & LPASS8);
-#else
-	return(!(termbuf.c_iflag & ISTRIP));
-#endif
-}
-
-	int
-tty_isbinaryout()
-{
-#ifndef	USE_TERMIO
-	return(termbuf.lflags & LLITOUT);
-#else
-	return(!(termbuf.c_oflag&OPOST));
-#endif
-}
-
-#ifdef	LINEMODE
-	int
-tty_isediting()
-{
-#ifndef USE_TERMIO
-	return(!(termbuf.sg.sg_flags & (CBREAK|RAW)));
-#else
-	return(termbuf.c_lflag & ICANON);
-#endif
-}
-
-	int
-tty_istrapsig()
-{
-#ifndef USE_TERMIO
-	return(!(termbuf.sg.sg_flags&RAW));
-#else
-	return(termbuf.c_lflag & ISIG);
-#endif
-}
-
-	void
-tty_setedit(on)
-	int on;
-{
-#ifndef USE_TERMIO
-	if (on)
-		termbuf.sg.sg_flags &= ~CBREAK;
-	else
-		termbuf.sg.sg_flags |= CBREAK;
-#else
-	if (on)
-		termbuf.c_lflag |= ICANON;
-	else
-		termbuf.c_lflag &= ~ICANON;
-#endif
-}
-
-	void
-tty_setsig(on)
-	int on;
-{
-#ifndef	USE_TERMIO
-	if (on)
-		;
-#else
-	if (on)
-		termbuf.c_lflag |= ISIG;
-	else
-		termbuf.c_lflag &= ~ISIG;
-#endif
-}
-#endif	/* LINEMODE */
-
-	int
-tty_issofttab()
-{
-#ifndef	USE_TERMIO
-	return (termbuf.sg.sg_flags & XTABS);
-#else
-# ifdef	OXTABS
-	return (termbuf.c_oflag & OXTABS);
-# endif
-# ifdef	TABDLY
-	return ((termbuf.c_oflag & TABDLY) == TAB3);
-# endif
-#endif
-}
-
-	void
-tty_setsofttab(on)
-	int on;
-{
-#ifndef	USE_TERMIO
-	if (on)
-		termbuf.sg.sg_flags |= XTABS;
-	else
-		termbuf.sg.sg_flags &= ~XTABS;
-#else
-	if (on) {
-# ifdef	OXTABS
-		termbuf.c_oflag |= OXTABS;
-# endif
-# ifdef	TABDLY
-		termbuf.c_oflag &= ~TABDLY;
-		termbuf.c_oflag |= TAB3;
-# endif
-	} else {
-# ifdef	OXTABS
-		termbuf.c_oflag &= ~OXTABS;
-# endif
-# ifdef	TABDLY
-		termbuf.c_oflag &= ~TABDLY;
-		termbuf.c_oflag |= TAB0;
-# endif
-	}
-#endif
-}
-
-	int
-tty_islitecho()
-{
-#ifndef	USE_TERMIO
-	return (!(termbuf.lflags & LCTLECH));
-#else
-# ifdef	ECHOCTL
-	return (!(termbuf.c_lflag & ECHOCTL));
-# endif
-# ifdef	TCTLECH
-	return (!(termbuf.c_lflag & TCTLECH));
-# endif
-# if	!defined(ECHOCTL) && !defined(TCTLECH)
-	return (0);	/* assumes ctl chars are echoed '^x' */
-# endif
-#endif
-}
-
-	void
-tty_setlitecho(on)
-	int on;
-{
-#ifndef	USE_TERMIO
-	if (on)
-		termbuf.lflags &= ~LCTLECH;
-	else
-		termbuf.lflags |= LCTLECH;
-#else
-# ifdef	ECHOCTL
-	if (on)
-		termbuf.c_lflag &= ~ECHOCTL;
-	else
-		termbuf.c_lflag |= ECHOCTL;
-# endif
-# ifdef	TCTLECH
-	if (on)
-		termbuf.c_lflag &= ~TCTLECH;
-	else
-		termbuf.c_lflag |= TCTLECH;
-# endif
-#endif
-}
-
-	int
-tty_iscrnl()
-{
-#ifndef	USE_TERMIO
-	return (termbuf.sg.sg_flags & CRMOD);
-#else
-	return (termbuf.c_iflag & ICRNL);
-#endif
-}
-
-/*
- * Try to guess whether speeds are "encoded" (4.2BSD) or just numeric (4.4BSD).
- */
-#if B4800 != 4800
-#define	DECODE_BAUD
-#endif
-
-#ifdef	DECODE_BAUD
-
-/*
- * A table of available terminal speeds
- */
-struct termspeeds {
-	int	speed;
-	int	value;
-} termspeeds[] = {
-	{ 0,      B0 },      { 50,    B50 },    { 75,     B75 },
-	{ 110,    B110 },    { 134,   B134 },   { 150,    B150 },
-	{ 200,    B200 },    { 300,   B300 },   { 600,    B600 },
-	{ 1200,   B1200 },   { 1800,  B1800 },  { 2400,   B2400 },
-	{ 4800,   B4800 },
-#ifdef	B7200
-	{ 7200,  B7200 },
-#endif
-	{ 9600,   B9600 },
-#ifdef	B14400
-	{ 14400,  B14400 },
-#endif
-#ifdef	B19200
-	{ 19200,  B19200 },
-#endif
-#ifdef	B28800
-	{ 28800,  B28800 },
-#endif
-#ifdef	B38400
-	{ 38400,  B38400 },
-#endif
-#ifdef	B57600
-	{ 57600,  B57600 },
-#endif
-#ifdef	B115200
-	{ 115200, B115200 },
-#endif
-#ifdef	B230400
-	{ 230400, B230400 },
-#endif
-	{ -1,     0 }
-};
-#endif	/* DECODE_BAUD */
-
-	void
-tty_tspeed(val)
-	int val;
-{
-#ifdef	DECODE_BAUD
-	register struct termspeeds *tp;
-
-	for (tp = termspeeds; (tp->speed != -1) && (val > tp->speed); tp++)
-		;
-	if (tp->speed == -1)	/* back up to last valid value */
-		--tp;
-	cfsetospeed(&termbuf, tp->value);
-#else	/* DECODE_BAUD */
-	cfsetospeed(&termbuf, val);
-#endif	/* DECODE_BAUD */
-}
-
-	void
-tty_rspeed(val)
-	int val;
-{
-#ifdef	DECODE_BAUD
-	register struct termspeeds *tp;
-
-	for (tp = termspeeds; (tp->speed != -1) && (val > tp->speed); tp++)
-		;
-	if (tp->speed == -1)	/* back up to last valid value */
-		--tp;
-	cfsetispeed(&termbuf, tp->value);
-#else	/* DECODE_BAUD */
-	cfsetispeed(&termbuf, val);
-#endif	/* DECODE_BAUD */
-}
-
-#if	defined(CRAY2) && defined(UNICOS5)
-	int
-tty_isnewmap()
-{
-	return((termbuf.c_oflag & OPOST) && (termbuf.c_oflag & ONLCR) &&
-			!(termbuf.c_oflag & ONLRET));
-}
-#endif
-
-#ifdef PARENT_DOES_UTMP
-# ifndef NEWINIT
-extern	struct utmp wtmp;
-extern char wtmpf[];
-# else	/* NEWINIT */
-int	gotalarm;
-
-	/* ARGSUSED */
-	void
-nologinproc(sig)
-	int sig;
-{
-	gotalarm++;
-}
-# endif	/* NEWINIT */
-#endif /* PARENT_DOES_UTMP */
-
-#ifndef	NEWINIT
-# ifdef PARENT_DOES_UTMP
-extern void utmp_sig_init P((void));
-extern void utmp_sig_reset P((void));
-extern void utmp_sig_wait P((void));
-extern void utmp_sig_notify P((int));
-# endif /* PARENT_DOES_UTMP */
-#endif
-
-/*
- * getptyslave()
- *
- * Open the slave side of the pty, and do any initialization
- * that is necessary.
- */
-	void
-getptyslave()
-{
-	register int t = -1;
-	char erase;
-
-#if	!defined(CRAY) || !defined(NEWINIT)
-# ifdef	LINEMODE
-	int waslm;
-# endif
-# ifdef	TIOCGWINSZ
-	struct winsize ws;
-	extern int def_row, def_col;
-# endif
-	extern int def_tspeed, def_rspeed;
-	/*
-	 * Opening the slave side may cause initilization of the
-	 * kernel tty structure.  We need remember the state of
-	 * 	if linemode was turned on
-	 *	terminal window size
-	 *	terminal speed
-	 *	erase character
-	 * so that we can re-set them if we need to.
-	 */
-# ifdef	LINEMODE
-	waslm = tty_linemode();
-# endif
-	erase = termbuf.c_cc[VERASE];
-
-	/*
-	 * Make sure that we don't have a controlling tty, and
-	 * that we are the session (process group) leader.
-	 */
-# ifdef	TIOCNOTTY
-	t = open(_PATH_TTY, O_RDWR);
-	if (t >= 0) {
-		(void) ioctl(t, TIOCNOTTY, (char *)0);
-		(void) close(t);
-	}
-# endif
-
-
-# ifdef PARENT_DOES_UTMP
-	/*
-	 * Wait for our parent to get the utmp stuff to get done.
-	 */
-	utmp_sig_wait();
-# endif
-
-	t = cleanopen(line);
-	if (t < 0)
-		fatalperror(net, line);
-
-#ifdef  STREAMSPTY
-#ifdef	USE_TERMIO
-	ttyfd = t;
-#endif
-	if (ioctl(t, I_PUSH, "ptem") < 0)
-		fatal(net, "I_PUSH ptem");
-	if (ioctl(t, I_PUSH, "ldterm") < 0)
-		fatal(net, "I_PUSH ldterm");
-	if (ioctl(t, I_PUSH, "ttcompat") < 0)
-		fatal(net, "I_PUSH ttcompat");
-	if (ioctl(pty, I_PUSH, "pckt") < 0)
-		fatal(net, "I_PUSH pckt");
-#endif
-
-	/*
-	 * set up the tty modes as we like them to be.
-	 */
-	init_termbuf();
-# ifdef	TIOCGWINSZ
-	if (def_row || def_col) {
-		memset((char *)&ws, 0, sizeof(ws));
-		ws.ws_col = def_col;
-		ws.ws_row = def_row;
-		(void)ioctl(t, TIOCSWINSZ, (char *)&ws);
-	}
-# endif
-
-	/*
-	 * Settings for sgtty based systems
-	 */
-# ifndef	USE_TERMIO
-	termbuf.sg.sg_flags |= CRMOD|ANYP|ECHO|XTABS;
-# endif	/* USE_TERMIO */
-
-	/*
-	 * Settings for UNICOS (and HPUX)
-	 */
-# if defined(CRAY) || defined(__hpux)
-	termbuf.c_oflag = OPOST|ONLCR|TAB3;
-	termbuf.c_iflag = IGNPAR|ISTRIP|ICRNL|IXON;
-	termbuf.c_lflag = ISIG|ICANON|ECHO|ECHOE|ECHOK;
-	termbuf.c_cflag = EXTB|HUPCL|CS8;
-# endif
-
-	/*
-	 * Settings for all other termios/termio based
-	 * systems, other than 4.4BSD.  In 4.4BSD the
-	 * kernel does the initial terminal setup.
-	 */
-# if defined(USE_TERMIO) && !(defined(CRAY) || defined(__hpux)) && (BSD <= 43)
-#  ifndef	OXTABS
-#   define OXTABS	0
-#  endif
-	termbuf.c_lflag |= ECHO;
-	termbuf.c_oflag |= ONLCR|OXTABS;
-	termbuf.c_iflag |= ICRNL;
-	termbuf.c_iflag &= ~IXOFF;
-# endif /* defined(USE_TERMIO) && !defined(CRAY) && (BSD <= 43) */
-	tty_rspeed((def_rspeed > 0) ? def_rspeed : 9600);
-	tty_tspeed((def_tspeed > 0) ? def_tspeed : 9600);
-	if (erase)
-		termbuf.c_cc[VERASE] = erase;
-# ifdef	LINEMODE
-	if (waslm)
-		tty_setlinemode(1);
-# endif	/* LINEMODE */
-
-	/*
-	 * Set the tty modes, and make this our controlling tty.
-	 */
-	set_termbuf();
-	if (login_tty(t) == -1)
-		fatalperror(net, "login_tty");
-#endif	/* !defined(CRAY) || !defined(NEWINIT) */
-	if (net > 2)
-		(void) close(net);
-#if	defined(AUTHENTICATION) && defined(NO_LOGIN_F) && defined(LOGIN_R)
-	/*
-	 * Leave the pty open so that we can write out the rlogin
-	 * protocol for /bin/login, if the authentication works.
-	 */
-#else
-	if (pty > 2) {
-		(void) close(pty);
-		pty = -1;
-	}
-#endif
-}
-
-#if	!defined(CRAY) || !defined(NEWINIT)
-#ifndef	O_NOCTTY
-#define	O_NOCTTY	0
-#endif
-/*
- * Open the specified slave side of the pty,
- * making sure that we have a clean tty.
- */
-	int
-cleanopen(line)
-	char *line;
-{
-	register int t;
-#ifdef	UNICOS7x
-	struct secstat secbuf;
-#endif	/* UNICOS7x */
-
-#ifndef STREAMSPTY
-	/*
-	 * Make sure that other people can't open the
-	 * slave side of the connection.
-	 */
-	(void) chown(line, 0, 0);
-	(void) chmod(line, 0600);
-#endif
-
-# if !defined(CRAY) && (BSD > 43)
-	(void) revoke(line);
-# endif
-#ifdef	UNICOS7x
-	if (secflag) {
-		if (secstat(line, &secbuf) < 0)
-			return(-1);
-		if (setulvl(secbuf.st_slevel) < 0)
-			return(-1);
-		if (setucmp(secbuf.st_compart) < 0)
-			return(-1);
-	}
-#endif	/* UNICOS7x */
-
-	t = open(line, O_RDWR|O_NOCTTY);
-
-#ifdef	UNICOS7x
-	if (secflag) {
-		if (setulvl(sysv.sy_minlvl) < 0)
-			return(-1);
-		if (setucmp(0) < 0)
-			return(-1);
-	}
-#endif	/* UNICOS7x */
-
-	if (t < 0)
-		return(-1);
-
-	/*
-	 * Hangup anybody else using this ttyp, then reopen it for
-	 * ourselves.
-	 */
-# if !(defined(CRAY) || defined(__hpux)) && (BSD <= 43) && !defined(STREAMSPTY)
-	(void) signal(SIGHUP, SIG_IGN);
-	vhangup();
-	(void) signal(SIGHUP, SIG_DFL);
-	t = open(line, O_RDWR|O_NOCTTY);
-	if (t < 0)
-		return(-1);
-# endif
-# if	defined(CRAY) && defined(TCVHUP)
-	{
-		register int i;
-		(void) signal(SIGHUP, SIG_IGN);
-		(void) ioctl(t, TCVHUP, (char *)0);
-		(void) signal(SIGHUP, SIG_DFL);
-
-#ifdef	UNICOS7x
-		if (secflag) {
-			if (secstat(line, &secbuf) < 0)
-				return(-1);
-			if (setulvl(secbuf.st_slevel) < 0)
-				return(-1);
-			if (setucmp(secbuf.st_compart) < 0)
-				return(-1);
-		}
-#endif	/* UNICOS7x */
-
-		i = open(line, O_RDWR);
-
-#ifdef	UNICOS7x
-		if (secflag) {
-			if (setulvl(sysv.sy_minlvl) < 0)
-				return(-1);
-			if (setucmp(0) < 0)
-				return(-1);
-		}
-#endif	/* UNICOS7x */
-
-		if (i < 0)
-			return(-1);
-		(void) close(t);
-		t = i;
-	}
-# endif	/* defined(CRAY) && defined(TCVHUP) */
-	return(t);
-}
-#endif	/* !defined(CRAY) || !defined(NEWINIT) */
-
-#if BSD <= 43
-
-	int
-login_tty(t)
-	int t;
-{
-	if (setsid() < 0) {
-#ifdef ultrix
-		/*
-		 * The setsid() may have failed because we
-		 * already have a pgrp == pid.  Zero out
-		 * our pgrp and try again...
-		 */
-		if ((setpgrp(0, 0) < 0) || (setsid() < 0))
-#endif
-			fatalperror(net, "setsid()");
-	}
-# ifdef	TIOCSCTTY
-	if (ioctl(t, TIOCSCTTY, (char *)0) < 0)
-		fatalperror(net, "ioctl(sctty)");
-#  if defined(CRAY)
-	/*
-	 * Close the hard fd to /dev/ttypXXX, and re-open through
-	 * the indirect /dev/tty interface.
-	 */
-	close(t);
-	if ((t = open("/dev/tty", O_RDWR)) < 0)
-		fatalperror(net, "open(/dev/tty)");
-#  endif
-# else
-	/*
-	 * We get our controlling tty assigned as a side-effect
-	 * of opening up a tty device.  But on BSD based systems,
-	 * this only happens if our process group is zero.  The
-	 * setsid() call above may have set our pgrp, so clear
-	 * it out before opening the tty...
-	 */
-#  ifndef SOLARIS
-	(void) setpgrp(0, 0);
-#  else
-	(void) setpgrp();
-#  endif
-	close(open(line, O_RDWR));
-# endif
-	if (t != 0)
-		(void) dup2(t, 0);
-	if (t != 1)
-		(void) dup2(t, 1);
-	if (t != 2)
-		(void) dup2(t, 2);
-	if (t > 2)
-		close(t);
-	return(0);
-}
-#endif	/* BSD <= 43 */
-
-#ifdef	NEWINIT
-char *gen_id = "fe";
-#endif
-
-/*
- * startslave(host)
- *
- * Given a hostname, do whatever
- * is necessary to startup the login process on the slave side of the pty.
- */
-
-/* ARGSUSED */
-	void
-startslave(host, autologin, autoname)
-	char *host;
-	int autologin;
-	char *autoname;
-{
-	register int i;
-	long time();
-#ifdef	NEWINIT
-	extern char *ptyip;
-	struct init_request request;
-	void nologinproc();
-	register int n;
-#endif	/* NEWINIT */
-
-#if	defined(AUTHENTICATION)
-	if (!autoname || !autoname[0])
-		autologin = 0;
-
-	if (autologin < auth_level) {
-		fatal(net, "Authorization failed");
-		exit(1);
-	}
-#endif
-
-#ifndef	NEWINIT
-# ifdef	PARENT_DOES_UTMP
-	utmp_sig_init();
-# endif	/* PARENT_DOES_UTMP */
-
-	if ((i = fork()) < 0)
-		fatalperror(net, "fork");
-	if (i) {
-# ifdef PARENT_DOES_UTMP
-		/*
-		 * Cray parent will create utmp entry for child and send
-		 * signal to child to tell when done.  Child waits for signal
-		 * before doing anything important.
-		 */
-		register int pid = i;
-		void sigjob P((int));
-
-		setpgrp();
-		utmp_sig_reset();		/* reset handler to default */
-		/*
-		 * Create utmp entry for child
-		 */
-		(void) time(&wtmp.ut_time);
-		wtmp.ut_type = LOGIN_PROCESS;
-		wtmp.ut_pid = pid;
-		SCPYN(wtmp.ut_user, "LOGIN");
-		SCPYN(wtmp.ut_host, host);
-		SCPYN(wtmp.ut_line, line + sizeof("/dev/") - 1);
-#ifndef	__hpux
-		SCPYN(wtmp.ut_id, wtmp.ut_line+3);
-#else
-		SCPYN(wtmp.ut_id, wtmp.ut_line+7);
-#endif
-		pututline(&wtmp);
-		endutent();
-		if ((i = open(wtmpf, O_WRONLY|O_APPEND)) >= 0) {
-			(void) write(i, (char *)&wtmp, sizeof(struct utmp));
-			(void) close(i);
-		}
-#ifdef	CRAY
-		(void) signal(WJSIGNAL, sigjob);
-#endif
-		utmp_sig_notify(pid);
-# endif	/* PARENT_DOES_UTMP */
-	} else {
-		getptyslave(autologin);
-		start_login(host, autologin, autoname);
-		/*NOTREACHED*/
-	}
-#else	/* NEWINIT */
-
-	/*
-	 * Init will start up login process if we ask nicely.  We only wait
-	 * for it to start up and begin normal telnet operation.
-	 */
-	if ((i = open(INIT_FIFO, O_WRONLY)) < 0) {
-		char tbuf[128];
-		(void) snprintf(tbuf, sizeof(tbuf), "Can't open %s\n", INIT_FIFO);
-		fatalperror(net, tbuf);
-	}
-	memset((char *)&request, 0, sizeof(request));
-	request.magic = INIT_MAGIC;
-	SCPYN(request.gen_id, gen_id);
-	SCPYN(request.tty_id, &line[8]);
-	SCPYN(request.host, host);
-	SCPYN(request.term_type, terminaltype ? terminaltype : "network");
-#if	!defined(UNICOS5)
-	request.signal = SIGCLD;
-	request.pid = getpid();
-#endif
-#ifdef BFTPDAEMON
-	/*
-	 * Are we working as the bftp daemon?
-	 */
-	if (bftpd) {
-		SCPYN(request.exec_name, BFTPPATH);
-	}
-#endif /* BFTPDAEMON */
-	if (write(i, (char *)&request, sizeof(request)) < 0) {
-		char tbuf[128];
-		(void) snprintf(tbuf, sizeof(tbuf), "Can't write to %s\n", INIT_FIFO);
-		fatalperror(net, tbuf);
-	}
-	(void) close(i);
-	(void) signal(SIGALRM, nologinproc);
-	for (i = 0; ; i++) {
-		char tbuf[128];
-		alarm(15);
-		n = read(pty, ptyip, BUFSIZ);
-		if (i == 3 || n >= 0 || !gotalarm)
-			break;
-		gotalarm = 0;
-		snprintf(tbuf, sizeof(tbuf), "telnetd: waiting for /etc/init to start login process on %s\r\n", line);
-		(void) write(net, tbuf, strlen(tbuf));
-	}
-	if (n < 0 && gotalarm)
-		fatal(net, "/etc/init didn't start login process");
-	pcc += n;
-	alarm(0);
-	(void) signal(SIGALRM, SIG_DFL);
-
-	return;
-#endif	/* NEWINIT */
-}
-
-char	*envinit[3];
-extern char **environ;
-
-	void
-init_env()
-{
-	extern char *getenv();
-	char **envp;
-
-	envp = envinit;
-	if ((*envp = getenv("TZ")))
-		*envp++ -= 3;
-#if	defined(CRAY) || defined(__hpux)
-	else
-		*envp++ = "TZ=GMT0";
-#endif
-	*envp = 0;
-	environ = envinit;
-}
-
-#ifndef	NEWINIT
-
-/*
- * start_login(host)
- *
- * Assuming that we are now running as a child processes, this
- * function will turn us into the login process.
- */
-
-	void
-start_login(host, autologin, name)
-	char *host;
-	int autologin;
-	char *name;
-{
-	register char **argv;
-	char **addarg(), *user;
-	extern char *getenv();
-#ifdef	UTMPX
-	register int pid = getpid();
-	struct utmpx utmpx;
-#endif
-#ifdef SOLARIS
-	char *term;
-	char termbuf[64];
-#endif
-
-#ifdef	UTMPX
-	/*
-	 * Create utmp entry for child
-	 */
-
-	memset(&utmpx, 0, sizeof(utmpx));
-	SCPYN(utmpx.ut_user, ".telnet");
-	SCPYN(utmpx.ut_line, line + sizeof("/dev/") - 1);
-	utmpx.ut_pid = pid;
-	utmpx.ut_id[0] = 't';
-	utmpx.ut_id[1] = 'n';
-	utmpx.ut_id[2] = SC_WILDC;
-	utmpx.ut_id[3] = SC_WILDC;
-	utmpx.ut_type = LOGIN_PROCESS;
-	(void) time(&utmpx.ut_tv.tv_sec);
-	if (makeutx(&utmpx) == NULL)
-		fatal(net, "makeutx failed");
-#endif
-
-	scrub_env();
-
-	/*
-	 * -h : pass on name of host.
-	 *		WARNING:  -h is accepted by login if and only if
-	 *			getuid() == 0.
-	 * -p : don't clobber the environment (so terminal type stays set).
-	 *
-	 * -f : force this login, he has already been authenticated
-	 */
-	argv = addarg(0, "login");
-
-#if	!defined(NO_LOGIN_H)
-
-# if	defined (AUTHENTICATION) && defined(NO_LOGIN_F) && defined(LOGIN_R)
-	/*
-	 * Don't add the "-h host" option if we are going
-	 * to be adding the "-r host" option down below...
-	 */
-	if ((auth_level < 0) || (autologin != AUTH_VALID))
-# endif
-	{
-		argv = addarg(argv, "-h");
-		argv = addarg(argv, host);
-#ifdef	SOLARIS
-		/*
-		 * SVR4 version of -h takes TERM= as second arg, or -
-		 */
-		term = getenv("TERM");
-		if (term == NULL || term[0] == 0) {
-			term = "-";
-		} else {
-			strcpy(termbuf, "TERM=");
-			strncat(termbuf, term, sizeof(termbuf) - 6);
-			term = termbuf;
-		}
-		argv = addarg(argv, term);
-#endif
-	}
-#endif
-#if	!defined(NO_LOGIN_P)
-	argv = addarg(argv, "-p");
-#endif
-#ifdef	LINEMODE
-	/*
-	 * Set the environment variable "LINEMODE" to either
-	 * "real" or "kludge" if we are operating in either
-	 * real or kludge linemode.
-	 */
-	if (lmodetype == REAL_LINEMODE)
-		setenv("LINEMODE", "real", 1);
-# ifdef KLUDGELINEMODE
-	else if (lmodetype == KLUDGE_LINEMODE || lmodetype == KLUDGE_OK)
-		setenv("LINEMODE", "kludge", 1);
-# endif
-#endif
-#ifdef	BFTPDAEMON
-	/*
-	 * Are we working as the bftp daemon?  If so, then ask login
-	 * to start bftp instead of shell.
-	 */
-	if (bftpd) {
-		argv = addarg(argv, "-e");
-		argv = addarg(argv, BFTPPATH);
-	} else
-#endif
-#if	defined (SecurID)
-	/*
-	 * don't worry about the -f that might get sent.
-	 * A -s is supposed to override it anyhow.
-	 */
-	if (require_SecurID)
-		argv = addarg(argv, "-s");
-#endif
-#if	defined (AUTHENTICATION)
-	if (auth_level >= 0 && autologin == AUTH_VALID) {
-# if	!defined(NO_LOGIN_F)
-		argv = addarg(argv, "-f");
-		argv = addarg(argv, "--");
-		argv = addarg(argv, name);
-# else
-#  if defined(LOGIN_R)
-		/*
-		 * We don't have support for "login -f", but we
-		 * can fool /bin/login into thinking that we are
-		 * rlogind, and allow us to log in without a
-		 * password.  The rlogin protocol expects
-		 *	local-user\0remote-user\0term/speed\0
-		 */
-
-		if (pty > 2) {
-			register char *cp;
-			char speed[128];
-			int isecho, israw, xpty, len;
-			extern int def_rspeed;
-#  ifndef LOGIN_HOST
-			/*
-			 * Tell login that we are coming from "localhost".
-			 * If we passed in the real host name, then the
-			 * user would have to allow .rhost access from
-			 * every machine that they want authenticated
-			 * access to work from, which sort of defeats
-			 * the purpose of an authenticated login...
-			 * So, we tell login that the session is coming
-			 * from "localhost", and the user will only have
-			 * to have "localhost" in their .rhost file.
-			 */
-#			define LOGIN_HOST "localhost"
-#  endif
-			argv = addarg(argv, "-r");
-			argv = addarg(argv, LOGIN_HOST);
-
-			xpty = pty;
-# ifndef  STREAMSPTY
-			pty = 0;
-# else
-			ttyfd = 0;
-# endif
-			init_termbuf();
-			isecho = tty_isecho();
-			israw = tty_israw();
-			if (isecho || !israw) {
-				tty_setecho(0);		/* Turn off echo */
-				tty_setraw(1);		/* Turn on raw */
-				set_termbuf();
-			}
-			len = strlen(name)+1;
-			write(xpty, name, len);
-			write(xpty, name, len);
-			snprintf(speed, sizeof(speed),
-				"%s/%d", (cp = getenv("TERM")) ? cp : "",
-				(def_rspeed > 0) ? def_rspeed : 9600);
-			len = strlen(speed)+1;
-			write(xpty, speed, len);
-
-			if (isecho || !israw) {
-				init_termbuf();
-				tty_setecho(isecho);
-				tty_setraw(israw);
-				set_termbuf();
-				if (!israw) {
-					/*
-					 * Write a newline to ensure
-					 * that login will be able to
-					 * read the line...
-					 */
-					write(xpty, "\n", 1);
-				}
-			}
-			pty = xpty;
-		}
-#  else
-		argv = addarg(argv, "--");
-		argv = addarg(argv, name);
-#  endif
-# endif
-	} else
-#endif
-	if (getenv("USER")) {
- 		argv = addarg(argv, "--");
-		argv = addarg(argv, getenv("USER"));
-#if	defined(LOGIN_ARGS) && defined(NO_LOGIN_P)
-		{
-			register char **cpp;
-			for (cpp = environ; *cpp; cpp++)
-				argv = addarg(argv, *cpp);
-		}
-#endif
-		/*
-		 * Assume that login will set the USER variable
-		 * correctly.  For SysV systems, this means that
-		 * USER will no longer be set, just LOGNAME by
-		 * login.  (The problem is that if the auto-login
-		 * fails, and the user then specifies a different
-		 * account name, he can get logged in with both
-		 * LOGNAME and USER in his environment, but the
-		 * USER value will be wrong.
-		 */
-		unsetenv("USER");
-	}
-#ifdef	SOLARIS
-	else {
-		char **p;
-
-		argv = addarg(argv, "");	/* no login name */
-		for (p = environ; *p; p++) {
-			argv = addarg(argv, *p);
-		}
-	}
-#endif	/* SOLARIS */
-#if	defined(AUTHENTICATION) && defined(NO_LOGIN_F) && defined(LOGIN_R)
-	if (pty > 2)
-		close(pty);
-#endif
-	closelog();
-
-	if (altlogin == NULL) {
-		altlogin = _PATH_LOGIN;
-	}
-	execv(altlogin, argv);
-
-	syslog(LOG_ERR, "%s: %m", altlogin);
-	fatalperror(net, altlogin);
-	/*NOTREACHED*/
-}
-
-	char **
-addarg(argv, val)
-	register char **argv;
-	register char *val;
-{
-	register char **cpp;
-
-	if (argv == NULL) {
-		/*
-		 * 10 entries, a leading length, and a null
-		 */
-		argv = (char **)malloc(sizeof(*argv) * 12);
-		if (argv == NULL)
-			return(NULL);
-		*argv++ = (char *)10;
-		*argv = (char *)0;
-	}
-	for (cpp = argv; *cpp; cpp++)
-		;
-	if (cpp == &argv[(int)argv[-1]]) {
-		--argv;
-		*argv = (char *)((int)(*argv) + 10);
-		argv = (char **)realloc(argv, sizeof(*argv)*((int)(*argv) + 2));
-		if (argv == NULL)
-			return(NULL);
-		argv++;
-		cpp = &argv[(int)argv[-1] - 10];
-	}
-	*cpp++ = val;
-	*cpp = 0;
-	return(argv);
-}
-#endif	/* NEWINIT */
-
-/*
- * scrub_env()
- *
- * Remove a few things from the environment that
- * don't need to be there.
- */
-	void
-scrub_env()
-{
-	register char **cpp, **cpp2;
-
-	for (cpp2 = cpp = environ; *cpp; cpp++) {
-#ifdef __FreeBSD__
-		if (strncmp(*cpp, "LD_LIBRARY_PATH=", 16) &&
-		    strncmp(*cpp, "LD_PRELOAD=", 11) &&
-#else
-		if (strncmp(*cpp, "LD_", 3) &&
-		    strncmp(*cpp, "_RLD_", 5) &&
-		    strncmp(*cpp, "LIBPATH=", 8) &&
-#endif
-		    strncmp(*cpp, "IFS=", 4))
-			*cpp2++ = *cpp;
-	}
-	*cpp2 = 0;
-}
-
-/*
- * cleanup()
- *
- * This is the routine to call when we are all through, to
- * clean up anything that needs to be cleaned up.
- */
-	/* ARGSUSED */
-	void
-cleanup(sig)
-	int sig;
-{
-#ifndef	PARENT_DOES_UTMP
-# if (BSD > 43) || defined(convex)
-	char *p;
-
-	p = line + sizeof("/dev/") - 1;
-	if (logout(p))
-		logwtmp(p, "", "");
-	(void)chmod(line, 0666);
-	(void)chown(line, 0, 0);
-	*p = 'p';
-	(void)chmod(line, 0666);
-	(void)chown(line, 0, 0);
-	(void) shutdown(net, 2);
-	exit(1);
-# else
-	void rmut();
-
-	rmut();
-	vhangup();	/* XXX */
-	(void) shutdown(net, 2);
-	exit(1);
-# endif
-#else	/* PARENT_DOES_UTMP */
-# ifdef	NEWINIT
-	(void) shutdown(net, 2);
-	exit(1);
-# else	/* NEWINIT */
-#  ifdef CRAY
-	static int incleanup = 0;
-	register int t;
-	int child_status; /* status of child process as returned by waitpid */
-	int flags = WNOHANG|WUNTRACED;
-
-	/*
-	 * 1: Pick up the zombie, if we are being called
-	 *    as the signal handler.
-	 * 2: If we are a nested cleanup(), return.
-	 * 3: Try to clean up TMPDIR.
-	 * 4: Fill in utmp with shutdown of process.
-	 * 5: Close down the network and pty connections.
-	 * 6: Finish up the TMPDIR cleanup, if needed.
-	 */
-	if (sig == SIGCHLD) {
-		while (waitpid(-1, &child_status, flags) > 0)
-			;	/* VOID */
-		/* Check if the child process was stopped
-		 * rather than exited.  We want cleanup only if
-		 * the child has died.
-		 */
-		if (WIFSTOPPED(child_status)) {
-			return;
-		}
-	}
-	t = sigblock(sigmask(SIGCHLD));
-	if (incleanup) {
-		sigsetmask(t);
-		return;
-	}
-	incleanup = 1;
-	sigsetmask(t);
-#ifdef	UNICOS7x
-	if (secflag) {
-		/*
-		 *	We need to set ourselves back to a null
-		 *	label to clean up.
-		 */
-
-		setulvl(sysv.sy_minlvl);
-		setucmp((long)0);
-	}
-#endif	/* UNICOS7x */
-
-	t = cleantmp(&wtmp);
-	setutent();	/* just to make sure */
-#  endif /* CRAY */
-	rmut(line);
-	close(pty);
-	(void) shutdown(net, 2);
-#  ifdef CRAY
-	if (t == 0)
-		cleantmp(&wtmp);
-#  endif /* CRAY */
-	exit(1);
-# endif	/* NEWINT */
-#endif	/* PARENT_DOES_UTMP */
-}
-
-#if defined(PARENT_DOES_UTMP) && !defined(NEWINIT)
-/*
- * _utmp_sig_rcv
- * utmp_sig_init
- * utmp_sig_wait
- *	These three functions are used to coordinate the handling of
- *	the utmp file between the server and the soon-to-be-login shell.
- *	The server actually creates the utmp structure, the child calls
- *	utmp_sig_wait(), until the server calls utmp_sig_notify() and
- *	signals the future-login shell to proceed.
- */
-static int caught=0;		/* NZ when signal intercepted */
-static void (*func)();		/* address of previous handler */
-
-	void
-_utmp_sig_rcv(sig)
-	int sig;
-{
-	caught = 1;
-	(void) signal(SIGUSR1, func);
-}
-
-	void
-utmp_sig_init()
-{
-	/*
-	 * register signal handler for UTMP creation
-	 */
-	if ((int)(func = signal(SIGUSR1, _utmp_sig_rcv)) == -1)
-		fatalperror(net, "telnetd/signal");
-}
-
-	void
-utmp_sig_reset()
-{
-	(void) signal(SIGUSR1, func);	/* reset handler to default */
-}
-
-# ifdef __hpux
-# define sigoff() /* do nothing */
-# define sigon() /* do nothing */
-# endif
-
-	void
-utmp_sig_wait()
-{
-	/*
-	 * Wait for parent to write our utmp entry.
-	 */
-	sigoff();
-	while (caught == 0) {
-		pause();	/* wait until we get a signal (sigon) */
-		sigoff();	/* turn off signals while we check caught */
-	}
-	sigon();		/* turn on signals again */
-}
-
-	void
-utmp_sig_notify(pid)
-{
-	kill(pid, SIGUSR1);
-}
-
-# ifdef CRAY
-static int gotsigjob = 0;
-
-	/*ARGSUSED*/
-	void
-sigjob(sig)
-	int sig;
-{
-	register int jid;
-	register struct jobtemp *jp;
-
-	while ((jid = waitjob(NULL)) != -1) {
-		if (jid == 0) {
-			return;
-		}
-		gotsigjob++;
-		jobend(jid, NULL, NULL);
-	}
-}
-
-/*
- *	jid_getutid:
- *		called by jobend() before calling cleantmp()
- *		to find the correct $TMPDIR to cleanup.
- */
-
-	struct utmp *
-jid_getutid(jid)
-	int jid;
-{
-	struct utmp *cur = NULL;
-
-	setutent();	/* just to make sure */
-	while (cur = getutent()) {
-		if ( (cur->ut_type != NULL) && (jid == cur->ut_jid) ) {
-			return(cur);
-		}
-	}
-
-	return(0);
-}
-
-/*
- * Clean up the TMPDIR that login created.
- * The first time this is called we pick up the info
- * from the utmp.  If the job has already gone away,
- * then we'll clean up and be done.  If not, then
- * when this is called the second time it will wait
- * for the signal that the job is done.
- */
-	int
-cleantmp(wtp)
-	register struct utmp *wtp;
-{
-	struct utmp *utp;
-	static int first = 1;
-	register int mask, omask, ret;
-	extern struct utmp *getutid P((const struct utmp *_Id));
-
-
-	mask = sigmask(WJSIGNAL);
-
-	if (first == 0) {
-		omask = sigblock(mask);
-		while (gotsigjob == 0)
-			sigpause(omask);
-		return(1);
-	}
-	first = 0;
-	setutent();	/* just to make sure */
-
-	utp = getutid(wtp);
-	if (utp == 0) {
-		syslog(LOG_ERR, "can't get /etc/utmp entry to clean TMPDIR");
-		return(-1);
-	}
-	/*
-	 * Nothing to clean up if the user shell was never started.
-	 */
-	if (utp->ut_type != USER_PROCESS || utp->ut_jid == 0)
-		return(1);
-
-	/*
-	 * Block the WJSIGNAL while we are in jobend().
-	 */
-	omask = sigblock(mask);
-	ret = jobend(utp->ut_jid, utp->ut_tpath, utp->ut_user);
-	sigsetmask(omask);
-	return(ret);
-}
-
-	int
-jobend(jid, path, user)
-	register int jid;
-	register char *path;
-	register char *user;
-{
-	static int saved_jid = 0;
-	static int pty_saved_jid = 0;
-	static char saved_path[sizeof(wtmp.ut_tpath)+1];
-	static char saved_user[sizeof(wtmp.ut_user)+1];
-
-	/*
-	 * this little piece of code comes into play
-	 * only when ptyreconnect is used to reconnect
-	 * to an previous session.
-	 *
-	 * this is the only time when the
-	 * "saved_jid != jid" code is executed.
-	 */
-
-	if ( saved_jid && saved_jid != jid ) {
-		if (!path) {	/* called from signal handler */
-			pty_saved_jid = jid;
-		} else {
-			pty_saved_jid = saved_jid;
-		}
-	}
-
-	if (path) {
-		strncpy(saved_path, path, sizeof(wtmp.ut_tpath));
-		strncpy(saved_user, user, sizeof(wtmp.ut_user));
-		saved_path[sizeof(saved_path)] = '\0';
-		saved_user[sizeof(saved_user)] = '\0';
-	}
-	if (saved_jid == 0) {
-		saved_jid = jid;
-		return(0);
-	}
-
-	/* if the jid has changed, get the correct entry from the utmp file */
-
-	if ( saved_jid != jid ) {
-		struct utmp *utp = NULL;
-		struct utmp *jid_getutid();
-
-		utp = jid_getutid(pty_saved_jid);
-
-		if (utp == 0) {
-			syslog(LOG_ERR, "Can't get /etc/utmp entry to clean TMPDIR");
-			return(-1);
-		}
-
-		cleantmpdir(jid, utp->ut_tpath, utp->ut_user);
-		return(1);
-	}
-
-	cleantmpdir(jid, saved_path, saved_user);
-	return(1);
-}
-
-/*
- * Fork a child process to clean up the TMPDIR
- */
-cleantmpdir(jid, tpath, user)
-	register int jid;
-	register char *tpath;
-	register char *user;
-{
-	switch(fork()) {
-	case -1:
-		syslog(LOG_ERR, "TMPDIR cleanup(%s): fork() failed: %m",
-							tpath);
-		break;
-	case 0:
-		execl(CLEANTMPCMD, CLEANTMPCMD, user, tpath, 0);
-		syslog(LOG_ERR, "TMPDIR cleanup(%s): execl(%s) failed: %m",
-							tpath, CLEANTMPCMD);
-		exit(1);
-	default:
-		/*
-		 * Forget about child.  We will exit, and
-		 * /etc/init will pick it up.
-		 */
-		break;
-	}
-}
-# endif /* CRAY */
-#endif	/* defined(PARENT_DOES_UTMP) && !defined(NEWINIT) */
-
-/*
- * rmut()
- *
- * This is the function called by cleanup() to
- * remove the utmp entry for this person.
- */
-
-#ifdef	UTMPX
-	void
-rmut()
-{
-	register f;
-	int found = 0;
-	struct utmp *u, *utmp;
-	int nutmp;
-	struct stat statbf;
-
-	struct utmpx *utxp, utmpx;
-
-	/*
-	 * This updates the utmpx and utmp entries and make a wtmp/x entry
-	 */
-
-	SCPYN(utmpx.ut_line, line + sizeof("/dev/") - 1);
-	utxp = getutxline(&utmpx);
-	if (utxp) {
-		utxp->ut_type = DEAD_PROCESS;
-		utxp->ut_exit.e_termination = 0;
-		utxp->ut_exit.e_exit = 0;
-		(void) time(&utmpx.ut_tv.tv_sec);
-		utmpx.ut_tv.tv_usec = 0;
-		modutx(utxp);
-	}
-	endutxent();
-}  /* end of rmut */
-#endif
-
-#if	!defined(UTMPX) && !(defined(CRAY) || defined(__hpux)) && BSD <= 43
-	void
-rmut()
-{
-	register f;
-	int found = 0;
-	struct utmp *u, *utmp;
-	int nutmp;
-	struct stat statbf;
-
-	f = open(utmpf, O_RDWR);
-	if (f >= 0) {
-		(void) fstat(f, &statbf);
-		utmp = (struct utmp *)malloc((unsigned)statbf.st_size);
-		if (!utmp)
-			syslog(LOG_ERR, "utmp malloc failed");
-		if (statbf.st_size && utmp) {
-			nutmp = read(f, (char *)utmp, (int)statbf.st_size);
-			nutmp /= sizeof(struct utmp);
-
-			for (u = utmp ; u < &utmp[nutmp] ; u++) {
-				if (SCMPN(u->ut_line, line+5) ||
-				    u->ut_name[0]==0)
-					continue;
-				(void) lseek(f, ((long)u)-((long)utmp), L_SET);
-				SCPYN(u->ut_name, "");
-				SCPYN(u->ut_host, "");
-				(void) time(&u->ut_time);
-				(void) write(f, (char *)u, sizeof(wtmp));
-				found++;
-			}
-		}
-		(void) close(f);
-	}
-	if (found) {
-		f = open(wtmpf, O_WRONLY|O_APPEND);
-		if (f >= 0) {
-			SCPYN(wtmp.ut_line, line+5);
-			SCPYN(wtmp.ut_name, "");
-			SCPYN(wtmp.ut_host, "");
-			(void) time(&wtmp.ut_time);
-			(void) write(f, (char *)&wtmp, sizeof(wtmp));
-			(void) close(f);
-		}
-	}
-	(void) chmod(line, 0666);
-	(void) chown(line, 0, 0);
-	line[strlen("/dev/")] = 'p';
-	(void) chmod(line, 0666);
-	(void) chown(line, 0, 0);
-}  /* end of rmut */
-#endif	/* CRAY */
-
-#ifdef __hpux
-rmut (line)
-char *line;
-{
-	struct utmp utmp;
-	struct utmp *utptr;
-	int fd;			/* for /etc/wtmp */
-
-	utmp.ut_type = USER_PROCESS;
-	(void) strncpy(utmp.ut_id, line+12, sizeof(utmp.ut_id));
-	(void) setutent();
-	utptr = getutid(&utmp);
-	/* write it out only if it exists */
-	if (utptr) {
-		utptr->ut_type = DEAD_PROCESS;
-		utptr->ut_time = time((long *) 0);
-		(void) pututline(utptr);
-		/* set wtmp entry if wtmp file exists */
-		if ((fd = open(wtmpf, O_WRONLY | O_APPEND)) >= 0) {
-			(void) write(fd, utptr, sizeof(utmp));
-			(void) close(fd);
-		}
-	}
-	(void) endutent();
-
-	(void) chmod(line, 0666);
-	(void) chown(line, 0, 0);
-	line[14] = line[13];
-	line[13] = line[12];
-	line[8] = 'm';
-	line[9] = '/';
-	line[10] = 'p';
-	line[11] = 't';
-	line[12] = 'y';
-	(void) chmod(line, 0666);
-	(void) chown(line, 0, 0);
-}
-#endif
diff --git a/crypto/telnet/telnetd/telnetd.8 b/crypto/telnet/telnetd/telnetd.8
deleted file mode 100644
index e03f290daaa9..000000000000
--- a/crypto/telnet/telnetd/telnetd.8
+++ /dev/null
@@ -1,612 +0,0 @@
-.\" Copyright (c) 1983, 1993
-.\"	The Regents of the University of California.  All rights reserved.
-.\"
-.\" Redistribution and use in source and binary forms, with or without
-.\" modification, are permitted provided that the following conditions
-.\" are met:
-.\" 1. Redistributions of source code must retain the above copyright
-.\"    notice, this list of conditions and the following disclaimer.
-.\" 2. Redistributions in binary form must reproduce the above copyright
-.\"    notice, this list of conditions and the following disclaimer in the
-.\"    documentation and/or other materials provided with the distribution.
-.\" 3. All advertising materials mentioning features or use of this software
-.\"    must display the following acknowledgement:
-.\"	This product includes software developed by the University of
-.\"	California, Berkeley and its contributors.
-.\" 4. Neither the name of the University nor the names of its contributors
-.\"    may be used to endorse or promote products derived from this software
-.\"    without specific prior written permission.
-.\"
-.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
-.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
-.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-.\" SUCH DAMAGE.
-.\"
-.\"	@(#)telnetd.8	8.4 (Berkeley) 6/1/94
-.\"
-.Dd June 1, 1994
-.Dt TELNETD 8
-.Os BSD 4.2
-.Sh NAME
-.Nm telnetd
-.Nd DARPA
-.Tn TELNET
-protocol server
-.Sh SYNOPSIS
-.Nm /usr/libexec/telnetd
-.Op Fl BUhlkns
-.Op Fl D Ar debugmode
-.Op Fl I Ns Ar initid
-.Op Fl S Ar tos
-.Op Fl X Ar authtype
-.Op Fl a Ar authmode
-.Op Fl edebug
-.Op Fl p Ar loginprog
-.Op Fl r Ns Ar lowpty-highpty
-.Op Fl u Ar len
-.Op Fl debug Op Ar port
-.Sh DESCRIPTION
-The
-.Nm
-command is a server which supports the
-.Tn DARPA
-standard
-.Tn TELNET
-virtual terminal protocol.
-.Nm Telnetd
-is normally invoked by the internet server (see
-.Xr inetd 8 )
-for requests to connect to the
-.Tn TELNET
-port as indicated by the
-.Pa /etc/services
-file (see
-.Xr services 5 ).
-The
-.Fl debug
-option may be used to start up
-.Nm
-manually, instead of through
-.Xr inetd 8 .
-If started up this way, 
-.Ar port
-may be specified to run
-.Nm
-on an alternate
-.Tn TCP
-port number.
-.Pp
-The
-.Nm
-command accepts the following options:
-.Bl -tag -width indent
-.It Fl a Ar authmode
-This option may be used for specifying what mode should
-be used for authentication.
-Note that this option is only useful if
-.Nm
-has been compiled with support for the
-.Dv AUTHENTICATION
-option.
-There are several valid values for
-.Ar authmode :
-.Bl -tag -width debug
-.It Cm debug
-Turn on authentication debugging code.
-.It Cm user
-Only allow connections when the remote user
-can provide valid authentication information
-to identify the remote user,
-and is allowed access to the specified account
-without providing a password.
-.It Cm valid
-Only allow connections when the remote user
-can provide valid authentication information
-to identify the remote user.
-The
-.Xr login 1
-command will provide any additional user verification
-needed if the remote user is not allowed automatic
-access to the specified account.
-.It Cm other
-Only allow connections that supply some authentication information.
-This option is currently not supported
-by any of the existing authentication mechanisms,
-and is thus the same as specifying
-.Fl a
-.Cm valid .
-.It Cm none
-This is the default state.
-Authentication information is not required.
-If no or insufficient authentication information
-is provided, then the
-.Xr login 1
-program will provide the necessary user
-verification.
-.It Cm off
-Disable the authentication code.
-All user verification will happen through the
-.Xr login 1
-program.
-.El
-.It Fl B
-Specify bftp server mode.  In this mode,
-.Nm
-causes login to start a
-.Xr bftp 1
-session rather than the user's
-normal shell.  In bftp daemon mode normal
-logins are not supported, and it must be used
-on a port other than the normal
-.Tn TELNET
-port.
-.It Fl D Ar debugmode
-This option may be used for debugging purposes.
-This allows
-.Nm
-to print out debugging information
-to the connection, allowing the user to see what
-.Nm
-is doing.
-There are several possible values for 
-.Ar debugmode :
-.Bl -tag -width exercise
-.It Cm options
-Print information about the negotiation of
-.Tn TELNET
-options.
-.It Cm report
-Print the 
-.Cm options
-information, plus some additional information
-about what processing is going on.
-.It Cm netdata
-Display the data stream received by
-.Nm Ns .
-.It Cm ptydata
-Display data written to the pty.
-.It Cm exercise
-Has not been implemented yet.
-.El
-.It Fl debug
-Enable debugging on each socket created by
-.Nm
-(see
-.Dv SO_DEBUG
-in
-.Xr socket 2 ) .
-.It Fl edebug
-If
-.Nm
-has been compiled with support for data encryption, then the
-.Fl edebug
-option may be used to enable encryption debugging code.
-.It Fl p Ar loginprog
-Specify an alternate
-.Xr login 1
-command to run to complete the login.  The alternate command must
-understand the same command arguments as the standard login.
-.It Fl h
-Disable the printing of host-specific information before
-login has been completed.
-.It Fl I Ar initid
-This option is only applicable to
-.Tn UNICOS
-systems prior to 7.0.
-It specifies the
-.Dv ID
-from
-.Pa /etc/inittab
-to use when init starts login sessions.  The default
-.Dv ID
-is
-.Dv fe.
-.It Fl k
-This option is only useful if
-.Nm
-has been compiled with both linemode and kludge linemode
-support.  If the
-.Fl k
-option is specified, then if the remote client does not
-support the
-.Dv LINEMODE
-option, then
-.Nm
-will operate in character at a time mode.
-It will still support kludge linemode, but will only
-go into kludge linemode if the remote client requests
-it.
-(This is done by the client sending
-.Dv DONT SUPPRESS-GO-AHEAD
-and
-.Dv DONT ECHO . )
-The
-.Fl k
-option is most useful when there are remote clients
-that do not support kludge linemode, but pass the heuristic
-(if they respond with
-.Dv WILL TIMING-MARK
-in response to a
-.Dv DO TIMING-MARK)
-for kludge linemode support.
-.It Fl l
-Specify line mode. Try to force clients to use line-
-at-a-time mode.
-If the
-.Dv LINEMODE
-option is not supported, it will go
-into kludge linemode.
-.It Fl n
-Disable
-.Dv TCP
-keep-alives.  Normally
-.Nm
-enables the
-.Tn TCP
-keep-alive mechanism to probe connections that
-have been idle for some period of time to determine
-if the client is still there, so that idle connections
-from machines that have crashed or can no longer
-be reached may be cleaned up.
-.It Fl r Ar lowpty-highpty
-This option is only enabled when
-.Nm
-is compiled for
-.Dv UNICOS.
-It specifies an inclusive range of pseudo-terminal devices to
-use.  If the system has sysconf variable
-.Dv _SC_CRAY_NPTY
-configured, the default pty search range is 0 to
-.Dv _SC_CRAY_NPTY;
-otherwise, the default range is 0 to 128.  Either
-.Ar lowpty
-or
-.Ar highpty
-may be omitted to allow changing
-either end of the search range.  If
-.Ar lowpty
-is omitted, the - character is still required so that
-.Nm
-can differentiate
-.Ar highpty
-from
-.Ar lowpty .
-.It Fl s
-This option is only enabled if
-.Nm
-is compiled with support for
-.Tn SecurID
-cards.
-It causes the
-.Fl s
-option to be passed on to
-.Xr login 1 ,
-and thus is only useful if
-.Xr login 1
-supports the
-.Fl s
-flag to indicate that only
-.Tn SecurID
-validated logins are allowed, and is
-usually useful for controlling remote logins
-from outside of a firewall.
-.It Fl S Ar tos
-.It Fl u Ar len
-This option is used to specify the size of the field
-in the
-.Dv utmp
-structure that holds the remote host name.
-If the resolved host name is longer than
-.Ar len ,
-the dotted decimal value will be used instead.
-This allows hosts with very long host names that
-overflow this field to still be uniquely identified.
-Specifying
-.Fl u0
-indicates that only dotted decimal addresses
-should be put into the
-.Pa utmp
-file.
-.ne 1i
-.It Fl U
-This option causes
-.Nm
-to refuse connections from addresses that
-cannot be mapped back into a symbolic name
-via the
-.Xr gethostbyaddr 3
-routine.
-.It Fl X Ar authtype
-This option is only valid if
-.Nm
-has been built with support for the authentication option.
-It disables the use of
-.Ar authtype
-authentication, and
-can be used to temporarily disable
-a specific authentication type without having to recompile
-.Nm Ns .
-.El
-.Pp
-.Nm Telnetd
-operates by allocating a pseudo-terminal device (see
-.Xr pty 4 )
-for a client, then creating a login process which has
-the slave side of the pseudo-terminal as 
-.Dv stdin ,
-.Dv stdout
-and
-.Dv stderr .
-.Nm Telnetd
-manipulates the master side of the pseudo-terminal,
-implementing the
-.Tn TELNET
-protocol and passing characters
-between the remote client and the login process.
-.Pp
-When a
-.Tn TELNET
-session is started up, 
-.Nm
-sends
-.Tn TELNET
-options to the client side indicating
-a willingness to do the
-following
-.Tn TELNET
-options, which are described in more detail below:
-.Bd -literal -offset indent
-DO AUTHENTICATION
-WILL ENCRYPT
-DO TERMINAL TYPE
-DO TSPEED
-DO XDISPLOC
-DO NEW-ENVIRON
-DO ENVIRON
-WILL SUPPRESS GO AHEAD
-DO ECHO
-DO LINEMODE
-DO NAWS
-WILL STATUS
-DO LFLOW
-DO TIMING-MARK
-.Ed
-.Pp
-The pseudo-terminal allocated to the client is configured
-to operate in \*(lqcooked\*(rq mode, and with
-.Dv XTABS and
-.Dv CRMOD
-enabled (see
-.Xr tty 4 ) .
-.Pp
-.Nm Telnetd
-has support for enabling locally the following
-.Tn TELNET
-options:
-.Bl -tag -width "DO AUTHENTICATION"
-.It "WILL ECHO"
-When the
-.Dv LINEMODE
-option is enabled, a
-.Dv WILL ECHO
-or
-.Dv WONT ECHO
-will be sent to the client to indicate the
-current state of terminal echoing.
-When terminal echo is not desired, a
-.Dv WILL ECHO
-is sent to indicate that
-.Nm
-will take care of echoing any data that needs to be
-echoed to the terminal, and then nothing is echoed.
-When terminal echo is desired, a
-.Dv WONT ECHO
-is sent to indicate that
-.Nm
-will not be doing any terminal echoing, so the
-client should do any terminal echoing that is needed.
-.It "WILL BINARY"
-Indicate that the client is willing to send a
-8 bits of data, rather than the normal 7 bits
-of the Network Virtual Terminal.
-.It "WILL SGA"
-Indicate that it will not be sending
-.Dv IAC GA,
-go ahead, commands.
-.It "WILL STATUS"
-Indicate a willingness to send the client, upon
-request, of the current status of all
-.Tn TELNET
-options.
-.It "WILL TIMING-MARK"
-Whenever a
-.Dv DO TIMING-MARK
-command is received, it is always responded
-to with a
-.Dv WILL TIMING-MARK
-.ne 1i
-.It "WILL LOGOUT"
-When a
-.Dv DO LOGOUT
-is received, a
-.Dv WILL LOGOUT
-is sent in response, and the
-.Tn TELNET
-session is shut down.
-.It "WILL ENCRYPT"
-Only sent if
-.Nm
-is compiled with support for data encryption, and
-indicates a willingness to decrypt
-the data stream.
-.El
-.Pp
-.Nm Telnetd
-has support for enabling remotely the following
-.Tn TELNET
-options:
-.Bl -tag -width "DO AUTHENTICATION"
-.It "DO BINARY"
-Sent to indicate that
-.Nm
-is willing to receive an 8 bit data stream.
-.It "DO LFLOW"
-Requests that the client handle flow control
-characters remotely.
-.It "DO ECHO"
-This is not really supported, but is sent to identify a 4.2BSD
-.Xr telnet 1
-client, which will improperly respond with
-.Dv WILL ECHO.
-If a
-.Dv WILL ECHO
-is received, a
-.Dv DONT ECHO
-will be sent in response.
-.It "DO TERMINAL-TYPE"
-Indicate a desire to be able to request the
-name of the type of terminal that is attached
-to the client side of the connection.
-.It "DO SGA"
-Indicate that it does not need to receive
-.Dv IAC GA,
-the go ahead command.
-.It "DO NAWS"
-Requests that the client inform the server when
-the window (display) size changes.
-.It "DO TERMINAL-SPEED"
-Indicate a desire to be able to request information
-about the speed of the serial line to which
-the client is attached.
-.It "DO XDISPLOC"
-Indicate a desire to be able to request the name
-of the X Window System display that is associated with
-the telnet client.
-.It "DO NEW-ENVIRON"
-Indicate a desire to be able to request environment
-variable information, as described in RFC 1572.
-.It "DO ENVIRON"
-Indicate a desire to be able to request environment
-variable information, as described in RFC 1408.
-.It "DO LINEMODE"
-Only sent if
-.Nm
-is compiled with support for linemode, and
-requests that the client do line by line processing.
-.It "DO TIMING-MARK"
-Only sent if
-.Nm
-is compiled with support for both linemode and
-kludge linemode, and the client responded with
-.Dv WONT LINEMODE.
-If the client responds with
-.Dv WILL TM,
-the it is assumed that the client supports
-kludge linemode.
-Note that the
-.Op Fl k
-option can be used to disable this.
-.It "DO AUTHENTICATION"
-Only sent if
-.Nm
-is compiled with support for authentication, and
-indicates a willingness to receive authentication
-information for automatic login.
-.It "DO ENCRYPT"
-Only sent if
-.Nm
-is compiled with support for data encryption, and
-indicates a willingness to decrypt
-the data stream.
-.Sh ENVIRONMENT
-.Sh FILES
-.Bl -tag -width /usr/ucb/bftp -compact
-.It Pa /etc/services
-.It Pa /etc/inittab
-(UNICOS systems only)
-.It Pa /etc/iptos
-(if supported)
-.It Pa /usr/ucb/bftp
-(if supported)
-.El
-.Sh "SEE ALSO"
-.Xr bftp 1 ,
-.Xr login 1 ,
-.Xr telnet 1
-(if supported)
-.Sh STANDARDS
-.Bl -tag -compact -width RFC-1572
-.It Cm RFC-854
-.Tn TELNET
-PROTOCOL SPECIFICATION
-.It Cm RFC-855
-TELNET OPTION SPECIFICATIONS
-.It Cm RFC-856
-TELNET BINARY TRANSMISSION
-.It Cm RFC-857
-TELNET ECHO OPTION
-.It Cm RFC-858
-TELNET SUPPRESS GO AHEAD OPTION
-.It Cm RFC-859
-TELNET STATUS OPTION
-.It Cm RFC-860
-TELNET TIMING MARK OPTION
-.It Cm RFC-861
-TELNET EXTENDED OPTIONS - LIST OPTION
-.It Cm RFC-885
-TELNET END OF RECORD OPTION
-.It Cm RFC-1073
-Telnet Window Size Option
-.It Cm RFC-1079
-Telnet Terminal Speed Option
-.It Cm RFC-1091
-Telnet Terminal-Type Option
-.It Cm RFC-1096
-Telnet X Display Location Option
-.It Cm RFC-1123
-Requirements for Internet Hosts -- Application and Support
-.It Cm RFC-1184
-Telnet Linemode Option
-.It Cm RFC-1372
-Telnet Remote Flow Control Option
-.It Cm RFC-1416
-Telnet Authentication Option
-.It Cm RFC-1411
-Telnet Authentication: Kerberos Version 4
-.It Cm RFC-1412
-Telnet Authentication: SPX
-.It Cm RFC-1571
-Telnet Environment Option Interoperability Issues
-.It Cm RFC-1572
-Telnet Environment Option
-.Sh BUGS
-Some
-.Tn TELNET
-commands are only partially implemented.
-.Pp
-Because of bugs in the original 4.2 BSD
-.Xr telnet 1 ,
-.Nm
-performs some dubious protocol exchanges to try to discover if the remote
-client is, in fact, a 4.2 BSD
-.Xr telnet 1 .
-.Pp
-Binary mode
-has no common interpretation except between similar operating systems
-(Unix in this case).
-.Pp
-The terminal type name received from the remote client is converted to
-lower case.
-.Pp
-.Nm Telnetd
-never sends
-.Tn TELNET
-.Dv IAC GA
-(go ahead) commands.
diff --git a/crypto/telnet/telnetd/telnetd.c b/crypto/telnet/telnetd/telnetd.c
deleted file mode 100644
index f6eb9fb0fdb7..000000000000
--- a/crypto/telnet/telnetd/telnetd.c
+++ /dev/null
@@ -1,1618 +0,0 @@
-/*
- * Copyright (c) 1989, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef lint
-static const char copyright[] =
-"@(#) Copyright (c) 1989, 1993\n\
-	The Regents of the University of California.  All rights reserved.\n";
-#endif /* not lint */
-
-#ifndef lint
-#if 0
-static const char sccsid[] = "@(#)telnetd.c	8.4 (Berkeley) 5/30/95";
-#endif
-static const char rcsid[] =
-	"$Id$";
-#endif /* not lint */
-
-#include "telnetd.h"
-#include "pathnames.h"
-
-#if	defined(_SC_CRAY_SECURE_SYS) && !defined(SCM_SECURITY)
-/*
- * UNICOS 6.0/6.1 do not have SCM_SECURITY defined, so we can
- * use it to tell us to turn off all the socket security code,
- * since that is only used in UNICOS 7.0 and later.
- */
-# undef _SC_CRAY_SECURE_SYS
-#endif
-
-#include <err.h>
-#include <arpa/inet.h>
-
-#if	defined(_SC_CRAY_SECURE_SYS)
-#include <sys/sysv.h>
-#include <sys/secdev.h>
-# ifdef SO_SEC_MULTI		/* 8.0 code */
-#include <sys/secparm.h>
-#include <sys/usrv.h>
-# endif /* SO_SEC_MULTI */
-int	secflag;
-char	tty_dev[16];
-struct	secdev dv;
-struct	sysv sysv;
-# ifdef SO_SEC_MULTI		/* 8.0 code */
-struct	socksec ss;
-# else /* SO_SEC_MULTI */	/* 7.0 code */
-struct	socket_security ss;
-# endif /* SO_SEC_MULTI */
-#endif	/* _SC_CRAY_SECURE_SYS */
-
-#if	defined(AUTHENTICATION)
-#include <libtelnet/auth.h>
-int	auth_level = 0;
-#endif
-#if	defined(ENCRYPTION)
-#include <libtelnet/encrypt.h>
-#endif
-#include <libtelnet/misc.h>
-#if	defined(SecurID)
-int	require_SecurID = 0;
-#endif
-
-extern	int utmp_len;
-int	registerd_host_only = 0;
-
-#ifdef	STREAMSPTY
-# include <stropts.h>
-# include <termio.h>
-/* make sure we don't get the bsd version */
-# include "/usr/include/sys/tty.h"
-# include <sys/ptyvar.h>
-
-/*
- * Because of the way ptyibuf is used with streams messages, we need
- * ptyibuf+1 to be on a full-word boundary.  The following wierdness
- * is simply to make that happen.
- */
-long	ptyibufbuf[BUFSIZ/sizeof(long)+1];
-char	*ptyibuf = ((char *)&ptyibufbuf[1])-1;
-char	*ptyip = ((char *)&ptyibufbuf[1])-1;
-char	ptyibuf2[BUFSIZ];
-unsigned char ctlbuf[BUFSIZ];
-struct	strbuf strbufc, strbufd;
-
-#else	/* ! STREAMPTY */
-
-/*
- * I/O data buffers,
- * pointers, and counters.
- */
-char	ptyibuf[BUFSIZ], *ptyip = ptyibuf;
-char	ptyibuf2[BUFSIZ];
-
-# include <termcap.h>
-
-int readstream(int p, char *ibuf, int bufsize);
-void doit(struct sockaddr_in *who);
-int terminaltypeok(char *s);
-void startslave(char *host, int autologin, char *autoname);
-
-#endif /* ! STREAMPTY */
-
-int	hostinfo = 1;			/* do we print login banner? */
-
-#ifdef	CRAY
-extern int      newmap; /* nonzero if \n maps to ^M^J */
-int	lowpty = 0, highpty;	/* low, high pty numbers */
-#endif /* CRAY */
-
-int debug = 0;
-int keepalive = 1;
-char *altlogin;
-
-void doit __P((struct sockaddr_in *));
-int terminaltypeok __P((char *));
-void startslave __P((char *, int, char *));
-extern void usage P((void));
-
-/*
- * The string to pass to getopt().  We do it this way so
- * that only the actual options that we support will be
- * passed off to getopt().
- */
-char valid_opts[] = {
-	'd', ':', 'h', 'k', 'n', 'p', ':', 'S', ':', 'u', ':', 'U',
-#ifdef	AUTHENTICATION
-	'a', ':', 'X', ':',
-#endif
-#ifdef BFTPDAEMON
-	'B',
-#endif
-#ifdef DIAGNOSTICS
-	'D', ':',
-#endif
-#ifdef	ENCRYPTION
-	'e', ':',
-#endif
-#if	defined(CRAY) && defined(NEWINIT)
-	'I', ':',
-#endif
-#ifdef	LINEMODE
-	'l',
-#endif
-#ifdef CRAY
-	'r', ':',
-#endif
-#ifdef	SecurID
-	's',
-#endif
-	'\0'
-};
-
-	int
-main(argc, argv)
-	char *argv[];
-{
-	struct sockaddr_in from;
-	int on = 1, fromlen;
-	register int ch;
-#if	defined(IPPROTO_IP) && defined(IP_TOS)
-	int tos = -1;
-#endif
-
-	pfrontp = pbackp = ptyobuf;
-	netip = netibuf;
-	nfrontp = nbackp = netobuf;
-#ifdef	ENCRYPTION
-	nclearto = 0;
-#endif	/* ENCRYPTION */
-
-	/*
-	 * This initialization causes linemode to default to a configuration
-	 * that works on all telnet clients, including the FreeBSD client.
-	 * This is not quite the same as the telnet client issuing a "mode
-	 * character" command, but has most of the same benefits, and is
-	 * preferable since some clients (like usofts) don't have the
-	 * mode character command anyway and linemode breaks things.
-	 * The most notable symptom of fix is that csh "set filec" operations
-	 * like <ESC> (filename completion) and ^D (choices) keys now work
-	 * in telnet sessions and can be used more than once on the same line.
-	 * CR/LF handling is also corrected in some termio modes.  This 
-	 * change resolves problem reports bin/771 and bin/1037.
-	 */
-
-	linemode=1;	/*Default to mode that works on bulk of clients*/
-
-#ifdef CRAY
-	/*
-	 * Get number of pty's before trying to process options,
-	 * which may include changing pty range.
-	 */
-	highpty = getnpty();
-#endif /* CRAY */
-
-	while ((ch = getopt(argc, argv, valid_opts)) != -1) {
-		switch(ch) {
-
-#ifdef	AUTHENTICATION
-		case 'a':
-			/*
-			 * Check for required authentication level
-			 */
-			if (strcmp(optarg, "debug") == 0) {
-				extern int auth_debug_mode;
-				auth_debug_mode = 1;
-			} else if (strcasecmp(optarg, "none") == 0) {
-				auth_level = 0;
-			} else if (strcasecmp(optarg, "other") == 0) {
-				auth_level = AUTH_OTHER;
-			} else if (strcasecmp(optarg, "user") == 0) {
-				auth_level = AUTH_USER;
-			} else if (strcasecmp(optarg, "valid") == 0) {
-				auth_level = AUTH_VALID;
-			} else if (strcasecmp(optarg, "off") == 0) {
-				/*
-				 * This hack turns off authentication
-				 */
-				auth_level = -1;
-			} else {
-				warnx("unknown authorization level for -a");
-			}
-			break;
-#endif	/* AUTHENTICATION */
-
-#ifdef BFTPDAEMON
-		case 'B':
-			bftpd++;
-			break;
-#endif /* BFTPDAEMON */
-
-		case 'd':
-			if (strcmp(optarg, "ebug") == 0) {
-				debug++;
-				break;
-			}
-			usage();
-			/* NOTREACHED */
-			break;
-
-#ifdef DIAGNOSTICS
-		case 'D':
-			/*
-			 * Check for desired diagnostics capabilities.
-			 */
-			if (!strcmp(optarg, "report")) {
-				diagnostic |= TD_REPORT|TD_OPTIONS;
-			} else if (!strcmp(optarg, "exercise")) {
-				diagnostic |= TD_EXERCISE;
-			} else if (!strcmp(optarg, "netdata")) {
-				diagnostic |= TD_NETDATA;
-			} else if (!strcmp(optarg, "ptydata")) {
-				diagnostic |= TD_PTYDATA;
-			} else if (!strcmp(optarg, "options")) {
-				diagnostic |= TD_OPTIONS;
-			} else {
-				usage();
-				/* NOT REACHED */
-			}
-			break;
-#endif /* DIAGNOSTICS */
-
-#ifdef	ENCRYPTION
-		case 'e':
-			if (strcmp(optarg, "debug") == 0) {
-				extern int encrypt_debug_mode;
-				encrypt_debug_mode = 1;
-				break;
-			}
-			usage();
-			/* NOTREACHED */
-			break;
-#endif	/* ENCRYPTION */
-
-		case 'h':
-			hostinfo = 0;
-			break;
-
-#if	defined(CRAY) && defined(NEWINIT)
-		case 'I':
-		    {
-			extern char *gen_id;
-			gen_id = optarg;
-			break;
-		    }
-#endif	/* defined(CRAY) && defined(NEWINIT) */
-
-#ifdef	LINEMODE
-		case 'l':
-			alwayslinemode = 1;
-			break;
-#endif	/* LINEMODE */
-
-		case 'k':
-#if	defined(LINEMODE) && defined(KLUDGELINEMODE)
-			lmodetype = NO_AUTOKLUDGE;
-#else
-			/* ignore -k option if built without kludge linemode */
-#endif	/* defined(LINEMODE) && defined(KLUDGELINEMODE) */
-			break;
-
-		case 'n':
-			keepalive = 0;
-			break;
-
-		case 'p':
-			altlogin = optarg;
-			break;
-
-#ifdef CRAY
-		case 'r':
-		    {
-			char *strchr();
-			char *c;
-
-			/*
-			 * Allow the specification of alterations
-			 * to the pty search range.  It is legal to
-			 * specify only one, and not change the
-			 * other from its default.
-			 */
-			c = strchr(optarg, '-');
-			if (c) {
-				*c++ = '\0';
-				highpty = atoi(c);
-			}
-			if (*optarg != '\0')
-				lowpty = atoi(optarg);
-			if ((lowpty > highpty) || (lowpty < 0) ||
-							(highpty > 32767)) {
-				usage();
-				/* NOT REACHED */
-			}
-			break;
-		    }
-#endif	/* CRAY */
-
-#ifdef	SecurID
-		case 's':
-			/* SecurID required */
-			require_SecurID = 1;
-			break;
-#endif	/* SecurID */
-		case 'S':
-#ifdef	HAS_GETTOS
-			if ((tos = parsetos(optarg, "tcp")) < 0)
-				warnx("%s%s%s",
-					"bad TOS argument '", optarg,
-					"'; will try to use default TOS");
-#else
-			warnx("TOS option unavailable; -S flag not supported");
-#endif
-			break;
-
-		case 'u':
-			utmp_len = atoi(optarg);
-			break;
-
-		case 'U':
-			registerd_host_only = 1;
-			break;
-
-#ifdef	AUTHENTICATION
-		case 'X':
-			/*
-			 * Check for invalid authentication types
-			 */
-			auth_disable_name(optarg);
-			break;
-#endif	/* AUTHENTICATION */
-
-		default:
-			warnx("%c: unknown option", ch);
-			/* FALLTHROUGH */
-		case '?':
-			usage();
-			/* NOTREACHED */
-		}
-	}
-
-	argc -= optind;
-	argv += optind;
-
-	if (debug) {
-	    int s, ns, foo;
-	    struct servent *sp;
-	    static struct sockaddr_in sin = { AF_INET };
-
-	    if (argc > 1) {
-		usage();
-		/* NOT REACHED */
-	    } else if (argc == 1) {
-		    if ((sp = getservbyname(*argv, "tcp"))) {
-			sin.sin_port = sp->s_port;
-		    } else {
-			sin.sin_port = atoi(*argv);
-			if ((int)sin.sin_port <= 0) {
-			    warnx("%s: bad port #", *argv);
-			    usage();
-			    /* NOT REACHED */
-			}
-			sin.sin_port = htons((u_short)sin.sin_port);
-		   }
-	    } else {
-		sp = getservbyname("telnet", "tcp");
-		if (sp == 0)
-		    errx(1, "tcp/telnet: unknown service");
-		sin.sin_port = sp->s_port;
-	    }
-
-	    s = socket(AF_INET, SOCK_STREAM, 0);
-	    if (s < 0)
-		    err(1, "socket");
-	    (void) setsockopt(s, SOL_SOCKET, SO_REUSEADDR,
-				(char *)&on, sizeof(on));
-	    if (bind(s, (struct sockaddr *)&sin, sizeof sin) < 0)
-		err(1, "bind");
-	    if (listen(s, 1) < 0)
-		err(1, "listen");
-	    foo = sizeof sin;
-	    ns = accept(s, (struct sockaddr *)&sin, &foo);
-	    if (ns < 0)
-		err(1, "accept");
-	    (void) dup2(ns, 0);
-	    (void) close(ns);
-	    (void) close(s);
-#ifdef convex
-	} else if (argc == 1) {
-		; /* VOID*/		/* Just ignore the host/port name */
-#endif
-	} else if (argc > 0) {
-		usage();
-		/* NOT REACHED */
-	}
-
-#if	defined(_SC_CRAY_SECURE_SYS)
-	secflag = sysconf(_SC_CRAY_SECURE_SYS);
-
-	/*
-	 *	Get socket's security label
-	 */
-	if (secflag)  {
-		int szss = sizeof(ss);
-#ifdef SO_SEC_MULTI			/* 8.0 code */
-		int sock_multi;
-		int szi = sizeof(int);
-#endif /* SO_SEC_MULTI */
-
-		memset((char *)&dv, 0, sizeof(dv));
-
-		if (getsysv(&sysv, sizeof(struct sysv)) != 0)
-			err(1, "getsysv");
-
-		/*
-		 *	Get socket security label and set device values
-		 *	   {security label to be set on ttyp device}
-		 */
-#ifdef SO_SEC_MULTI			/* 8.0 code */
-		if ((getsockopt(0, SOL_SOCKET, SO_SECURITY,
-			       (char *)&ss, &szss) < 0) ||
-		    (getsockopt(0, SOL_SOCKET, SO_SEC_MULTI,
-				(char *)&sock_multi, &szi) < 0)) {
-			err(1, "getsockopt");
-		} else {
-			dv.dv_actlvl = ss.ss_actlabel.lt_level;
-			dv.dv_actcmp = ss.ss_actlabel.lt_compart;
-			if (!sock_multi) {
-				dv.dv_minlvl = dv.dv_maxlvl = dv.dv_actlvl;
-				dv.dv_valcmp = dv.dv_actcmp;
-			} else {
-				dv.dv_minlvl = ss.ss_minlabel.lt_level;
-				dv.dv_maxlvl = ss.ss_maxlabel.lt_level;
-				dv.dv_valcmp = ss.ss_maxlabel.lt_compart;
-			}
-			dv.dv_devflg = 0;
-		}
-#else /* SO_SEC_MULTI */		/* 7.0 code */
-		if (getsockopt(0, SOL_SOCKET, SO_SECURITY,
-				(char *)&ss, &szss) >= 0) {
-			dv.dv_actlvl = ss.ss_slevel;
-			dv.dv_actcmp = ss.ss_compart;
-			dv.dv_minlvl = ss.ss_minlvl;
-			dv.dv_maxlvl = ss.ss_maxlvl;
-			dv.dv_valcmp = ss.ss_maxcmp;
-		}
-#endif /* SO_SEC_MULTI */
-	}
-#endif	/* _SC_CRAY_SECURE_SYS */
-
-	openlog("telnetd", LOG_PID | LOG_ODELAY, LOG_DAEMON);
-	fromlen = sizeof (from);
-	if (getpeername(0, (struct sockaddr *)&from, &fromlen) < 0) {
-		warn("getpeername");
-		_exit(1);
-	}
-	if (keepalive &&
-	    setsockopt(0, SOL_SOCKET, SO_KEEPALIVE,
-			(char *)&on, sizeof (on)) < 0) {
-		syslog(LOG_WARNING, "setsockopt (SO_KEEPALIVE): %m");
-	}
-
-#if	defined(IPPROTO_IP) && defined(IP_TOS)
-	{
-# if	defined(HAS_GETTOS)
-		struct tosent *tp;
-		if (tos < 0 && (tp = gettosbyname("telnet", "tcp")))
-			tos = tp->t_tos;
-# endif
-		if (tos < 0)
-			tos = 020;	/* Low Delay bit */
-		if (tos
-		   && (setsockopt(0, IPPROTO_IP, IP_TOS,
-				  (char *)&tos, sizeof(tos)) < 0)
-		   && (errno != ENOPROTOOPT) )
-			syslog(LOG_WARNING, "setsockopt (IP_TOS): %m");
-	}
-#endif	/* defined(IPPROTO_IP) && defined(IP_TOS) */
-	net = 0;
-	doit(&from);
-	/* NOTREACHED */
-	return(0);
-}  /* end of main */
-
-	void
-usage()
-{
-	fprintf(stderr, "usage: telnetd");
-#ifdef	AUTHENTICATION
-	fprintf(stderr, " [-a (debug|other|user|valid|off|none)]\n\t");
-#endif
-#ifdef BFTPDAEMON
-	fprintf(stderr, " [-B]");
-#endif
-	fprintf(stderr, " [-debug]");
-#ifdef DIAGNOSTICS
-	fprintf(stderr, " [-D (options|report|exercise|netdata|ptydata)]\n\t");
-#endif
-#ifdef	AUTHENTICATION
-	fprintf(stderr, " [-edebug]");
-#endif
-	fprintf(stderr, " [-h]");
-#if	defined(CRAY) && defined(NEWINIT)
-	fprintf(stderr, " [-Iinitid]");
-#endif
-#if	defined(LINEMODE) && defined(KLUDGELINEMODE)
-	fprintf(stderr, " [-k]");
-#endif
-#ifdef LINEMODE
-	fprintf(stderr, " [-l]");
-#endif
-	fprintf(stderr, " [-n]");
-#ifdef	CRAY
-	fprintf(stderr, " [-r[lowpty]-[highpty]]");
-#endif
-	fprintf(stderr, "\n\t");
-#ifdef	SecurID
-	fprintf(stderr, " [-s]");
-#endif
-#ifdef	HAS_GETTOS
-	fprintf(stderr, " [-S tos]");
-#endif
-#ifdef	AUTHENTICATION
-	fprintf(stderr, " [-X auth-type]");
-#endif
-	fprintf(stderr, " [-u utmp_hostname_length] [-U]");
-	fprintf(stderr, " [port]\n");
-	exit(1);
-}
-
-/*
- * getterminaltype
- *
- *	Ask the other end to send along its terminal type and speed.
- * Output is the variable terminaltype filled in.
- */
-static unsigned char ttytype_sbbuf[] = {
-	IAC, SB, TELOPT_TTYPE, TELQUAL_SEND, IAC, SE
-};
-
-    int
-getterminaltype(name)
-    char *name;
-{
-    int retval = -1;
-    void _gettermname();
-
-    settimer(baseline);
-#if	defined(AUTHENTICATION)
-    /*
-     * Handle the Authentication option before we do anything else.
-     */
-    send_do(TELOPT_AUTHENTICATION, 1);
-    while (his_will_wont_is_changing(TELOPT_AUTHENTICATION))
-	ttloop();
-    if (his_state_is_will(TELOPT_AUTHENTICATION)) {
-	retval = auth_wait(name);
-    }
-#endif
-
-#ifdef	ENCRYPTION
-    send_will(TELOPT_ENCRYPT, 1);
-#endif	/* ENCRYPTION */
-    send_do(TELOPT_TTYPE, 1);
-    send_do(TELOPT_TSPEED, 1);
-    send_do(TELOPT_XDISPLOC, 1);
-    send_do(TELOPT_NEW_ENVIRON, 1);
-    send_do(TELOPT_OLD_ENVIRON, 1);
-    while (
-#ifdef	ENCRYPTION
-	   his_do_dont_is_changing(TELOPT_ENCRYPT) ||
-#endif	/* ENCRYPTION */
-	   his_will_wont_is_changing(TELOPT_TTYPE) ||
-	   his_will_wont_is_changing(TELOPT_TSPEED) ||
-	   his_will_wont_is_changing(TELOPT_XDISPLOC) ||
-	   his_will_wont_is_changing(TELOPT_NEW_ENVIRON) ||
-	   his_will_wont_is_changing(TELOPT_OLD_ENVIRON)) {
-	ttloop();
-    }
-#ifdef	ENCRYPTION
-    /*
-     * Wait for the negotiation of what type of encryption we can
-     * send with.  If autoencrypt is not set, this will just return.
-     */
-    if (his_state_is_will(TELOPT_ENCRYPT)) {
-	encrypt_wait();
-    }
-#endif	/* ENCRYPTION */
-    if (his_state_is_will(TELOPT_TSPEED)) {
-	static unsigned char sb[] =
-			{ IAC, SB, TELOPT_TSPEED, TELQUAL_SEND, IAC, SE };
-
-	memmove(nfrontp, sb, sizeof sb);
-	nfrontp += sizeof sb;
-	DIAG(TD_OPTIONS, printsub('>', sb + 2, sizeof sb - 2););
-    }
-    if (his_state_is_will(TELOPT_XDISPLOC)) {
-	static unsigned char sb[] =
-			{ IAC, SB, TELOPT_XDISPLOC, TELQUAL_SEND, IAC, SE };
-
-	memmove(nfrontp, sb, sizeof sb);
-	nfrontp += sizeof sb;
-	DIAG(TD_OPTIONS, printsub('>', sb + 2, sizeof sb - 2););
-    }
-    if (his_state_is_will(TELOPT_NEW_ENVIRON)) {
-	static unsigned char sb[] =
-			{ IAC, SB, TELOPT_NEW_ENVIRON, TELQUAL_SEND, IAC, SE };
-
-	memmove(nfrontp, sb, sizeof sb);
-	nfrontp += sizeof sb;
-	DIAG(TD_OPTIONS, printsub('>', sb + 2, sizeof sb - 2););
-    }
-    else if (his_state_is_will(TELOPT_OLD_ENVIRON)) {
-	static unsigned char sb[] =
-			{ IAC, SB, TELOPT_OLD_ENVIRON, TELQUAL_SEND, IAC, SE };
-
-	memmove(nfrontp, sb, sizeof sb);
-	nfrontp += sizeof sb;
-	DIAG(TD_OPTIONS, printsub('>', sb + 2, sizeof sb - 2););
-    }
-    if (his_state_is_will(TELOPT_TTYPE)) {
-
-	memmove(nfrontp, ttytype_sbbuf, sizeof ttytype_sbbuf);
-	nfrontp += sizeof ttytype_sbbuf;
-	DIAG(TD_OPTIONS, printsub('>', ttytype_sbbuf + 2,
-					sizeof ttytype_sbbuf - 2););
-    }
-    if (his_state_is_will(TELOPT_TSPEED)) {
-	while (sequenceIs(tspeedsubopt, baseline))
-	    ttloop();
-    }
-    if (his_state_is_will(TELOPT_XDISPLOC)) {
-	while (sequenceIs(xdisplocsubopt, baseline))
-	    ttloop();
-    }
-    if (his_state_is_will(TELOPT_NEW_ENVIRON)) {
-	while (sequenceIs(environsubopt, baseline))
-	    ttloop();
-    }
-    if (his_state_is_will(TELOPT_OLD_ENVIRON)) {
-	while (sequenceIs(oenvironsubopt, baseline))
-	    ttloop();
-    }
-    if (his_state_is_will(TELOPT_TTYPE)) {
-	char first[256], last[256];
-
-	while (sequenceIs(ttypesubopt, baseline))
-	    ttloop();
-
-	/*
-	 * If the other side has already disabled the option, then
-	 * we have to just go with what we (might) have already gotten.
-	 */
-	if (his_state_is_will(TELOPT_TTYPE) && !terminaltypeok(terminaltype)) {
-	    (void) strncpy(first, terminaltype, sizeof(first)-1);
-	    first[sizeof(first)-1] = '\0';
-	    for(;;) {
-		/*
-		 * Save the unknown name, and request the next name.
-		 */
-		(void) strncpy(last, terminaltype, sizeof(last)-1);
-		last[sizeof(last)-1] = '\0';
-		_gettermname();
-		if (terminaltypeok(terminaltype))
-		    break;
-		if ((strncmp(last, terminaltype, sizeof(last)) == 0) ||
-		    his_state_is_wont(TELOPT_TTYPE)) {
-		    /*
-		     * We've hit the end.  If this is the same as
-		     * the first name, just go with it.
-		     */
-		    if (strncmp(first, terminaltype, sizeof(first)) == 0)
-			break;
-		    /*
-		     * Get the terminal name one more time, so that
-		     * RFC1091 compliant telnets will cycle back to
-		     * the start of the list.
-		     */
-		     _gettermname();
-		    if (strncmp(first, terminaltype, sizeof(first)) != 0) {
-			(void) strncpy(terminaltype, first, sizeof(terminaltype)-1);
-			terminaltype[sizeof(terminaltype)-1] = '\0';
-		    }
-		    break;
-		}
-	    }
-	}
-    }
-    return(retval);
-}  /* end of getterminaltype */
-
-    void
-_gettermname()
-{
-    /*
-     * If the client turned off the option,
-     * we can't send another request, so we
-     * just return.
-     */
-    if (his_state_is_wont(TELOPT_TTYPE))
-	return;
-    settimer(baseline);
-    memmove(nfrontp, ttytype_sbbuf, sizeof ttytype_sbbuf);
-    nfrontp += sizeof ttytype_sbbuf;
-    DIAG(TD_OPTIONS, printsub('>', ttytype_sbbuf + 2,
-					sizeof ttytype_sbbuf - 2););
-    while (sequenceIs(ttypesubopt, baseline))
-	ttloop();
-}
-
-    int
-terminaltypeok(s)
-    char *s;
-{
-    char buf[1024];
-
-    if (terminaltype == NULL)
-	return(1);
-
-    /*
-     * tgetent() will return 1 if the type is known, and
-     * 0 if it is not known.  If it returns -1, it couldn't
-     * open the database.  But if we can't open the database,
-     * it won't help to say we failed, because we won't be
-     * able to verify anything else.  So, we treat -1 like 1.
-     */
-    if (tgetent(buf, s) == 0)
-	return(0);
-    return(1);
-}
-
-#ifndef	MAXHOSTNAMELEN
-#define	MAXHOSTNAMELEN 64
-#endif	/* MAXHOSTNAMELEN */
-
-char *hostname;
-char host_name[MAXHOSTNAMELEN];
-char remote_host_name[MAXHOSTNAMELEN];
-
-extern void telnet P((int, int, char *));
-
-int level;
-char user_name[256];
-/*
- * Get a pty, scan input lines.
- */
-	void
-doit(who)
-	struct sockaddr_in *who;
-{
-	char *host = NULL;
-	struct hostent *hp;
-	int ptynum;
-
-	/*
-	 * Find an available pty to use.
-	 */
-#ifndef	convex
-	pty = getpty(&ptynum);
-	if (pty < 0)
-		fatal(net, "All network ports in use");
-#else
-	for (;;) {
-		char *lp;
-		extern char *line, *getpty();
-
-		if ((lp = getpty()) == NULL)
-			fatal(net, "Out of ptys");
-
-		if ((pty = open(lp, 2)) >= 0) {
-			strcpy(line,lp);
-			line[5] = 't';
-			break;
-		}
-	}
-#endif
-
-#if	defined(_SC_CRAY_SECURE_SYS)
-	/*
-	 *	set ttyp line security label
-	 */
-	if (secflag) {
-		char slave_dev[16];
-
-		sprintf(tty_dev, "/dev/pty/%03d", ptynum);
-		if (setdevs(tty_dev, &dv) < 0)
-		 	fatal(net, "cannot set pty security");
-		sprintf(slave_dev, "/dev/ttyp%03d", ptynum);
-		if (setdevs(slave_dev, &dv) < 0)
-		 	fatal(net, "cannot set tty security");
-	}
-#endif	/* _SC_CRAY_SECURE_SYS */
-
-	/* get name of connected client */
-	hp = gethostbyaddr((char *)&who->sin_addr, sizeof (struct in_addr),
-		who->sin_family);
-
-	if (hp == NULL && registerd_host_only) {
-		fatal(net, "Couldn't resolve your address into a host name.\r\n\
-	 Please contact your net administrator");
-	} else if (hp &&
-	    (strlen(hp->h_name) <= (unsigned int)((utmp_len < 0) ? -utmp_len
-								 : utmp_len))) {
-		host = hp->h_name;
-	} else {
-		host = inet_ntoa(who->sin_addr);
-	}
-	/*
-	 * We must make a copy because Kerberos is probably going
-	 * to also do a gethost* and overwrite the static data...
-	 */
-	strncpy(remote_host_name, host, sizeof(remote_host_name)-1);
-	remote_host_name[sizeof(remote_host_name)-1] = 0;
-	host = remote_host_name;
-
-	(void) gethostname(host_name, sizeof (host_name));
-	hostname = host_name;
-
-#if	defined(AUTHENTICATION) || defined(ENCRYPTION)
-	auth_encrypt_init(hostname, host, "TELNETD", 1);
-#endif
-
-	init_env();
-	/*
-	 * get terminal type.
-	 */
-	*user_name = 0;
-	level = getterminaltype(user_name);
-	setenv("TERM", terminaltype ? terminaltype : "network", 1);
-
-#if	defined(_SC_CRAY_SECURE_SYS)
-	if (secflag) {
-		if (setulvl(dv.dv_actlvl) < 0)
-			fatal(net,"cannot setulvl()");
-		if (setucmp(dv.dv_actcmp) < 0)
-			fatal(net, "cannot setucmp()");
-	}
-#endif	/* _SC_CRAY_SECURE_SYS */
-
-	telnet(net, pty, host);		/* begin server process */
-
-	/*NOTREACHED*/
-}  /* end of doit */
-
-#if	defined(CRAY2) && defined(UNICOS5) && defined(UNICOS50)
-	int
-Xterm_output(ibufp, obuf, icountp, ocount)
-	char **ibufp, *obuf;
-	int *icountp, ocount;
-{
-	int ret;
-	ret = term_output(*ibufp, obuf, *icountp, ocount);
-	*ibufp += *icountp;
-	*icountp = 0;
-	return(ret);
-}
-#define	term_output	Xterm_output
-#endif	/* defined(CRAY2) && defined(UNICOS5) && defined(UNICOS50) */
-
-/*
- * Main loop.  Select from pty and network, and
- * hand data to telnet receiver finite state machine.
- */
-	void
-telnet(f, p, host)
-	int f, p;
-	char *host;
-{
-	int on = 1;
-#define	TABBUFSIZ	512
-	char	defent[TABBUFSIZ];
-	char	defstrs[TABBUFSIZ];
-#undef	TABBUFSIZ
-	char *HE;
-	char *HN;
-	char *IM;
-	void netflush();
-	int nfd;
-
-	/*
-	 * Initialize the slc mapping table.
-	 */
-	get_slc_defaults();
-
-	/*
-	 * Do some tests where it is desireable to wait for a response.
-	 * Rather than doing them slowly, one at a time, do them all
-	 * at once.
-	 */
-	if (my_state_is_wont(TELOPT_SGA))
-		send_will(TELOPT_SGA, 1);
-	/*
-	 * Is the client side a 4.2 (NOT 4.3) system?  We need to know this
-	 * because 4.2 clients are unable to deal with TCP urgent data.
-	 *
-	 * To find out, we send out a "DO ECHO".  If the remote system
-	 * answers "WILL ECHO" it is probably a 4.2 client, and we note
-	 * that fact ("WILL ECHO" ==> that the client will echo what
-	 * WE, the server, sends it; it does NOT mean that the client will
-	 * echo the terminal input).
-	 */
-	send_do(TELOPT_ECHO, 1);
-
-#ifdef	LINEMODE
-	if (his_state_is_wont(TELOPT_LINEMODE)) {
-		/* Query the peer for linemode support by trying to negotiate
-		 * the linemode option.
-		 */
-		linemode = 0;
-		editmode = 0;
-		send_do(TELOPT_LINEMODE, 1);  /* send do linemode */
-	}
-#endif	/* LINEMODE */
-
-	/*
-	 * Send along a couple of other options that we wish to negotiate.
-	 */
-	send_do(TELOPT_NAWS, 1);
-	send_will(TELOPT_STATUS, 1);
-	flowmode = 1;		/* default flow control state */
-	restartany = -1;	/* uninitialized... */
-	send_do(TELOPT_LFLOW, 1);
-
-	/*
-	 * Spin, waiting for a response from the DO ECHO.  However,
-	 * some REALLY DUMB telnets out there might not respond
-	 * to the DO ECHO.  So, we spin looking for NAWS, (most dumb
-	 * telnets so far seem to respond with WONT for a DO that
-	 * they don't understand...) because by the time we get the
-	 * response, it will already have processed the DO ECHO.
-	 * Kludge upon kludge.
-	 */
-	while (his_will_wont_is_changing(TELOPT_NAWS))
-		ttloop();
-
-	/*
-	 * But...
-	 * The client might have sent a WILL NAWS as part of its
-	 * startup code; if so, we'll be here before we get the
-	 * response to the DO ECHO.  We'll make the assumption
-	 * that any implementation that understands about NAWS
-	 * is a modern enough implementation that it will respond
-	 * to our DO ECHO request; hence we'll do another spin
-	 * waiting for the ECHO option to settle down, which is
-	 * what we wanted to do in the first place...
-	 */
-	if (his_want_state_is_will(TELOPT_ECHO) &&
-	    his_state_is_will(TELOPT_NAWS)) {
-		while (his_will_wont_is_changing(TELOPT_ECHO))
-			ttloop();
-	}
-	/*
-	 * On the off chance that the telnet client is broken and does not
-	 * respond to the DO ECHO we sent, (after all, we did send the
-	 * DO NAWS negotiation after the DO ECHO, and we won't get here
-	 * until a response to the DO NAWS comes back) simulate the
-	 * receipt of a will echo.  This will also send a WONT ECHO
-	 * to the client, since we assume that the client failed to
-	 * respond because it believes that it is already in DO ECHO
-	 * mode, which we do not want.
-	 */
-	if (his_want_state_is_will(TELOPT_ECHO)) {
-		DIAG(TD_OPTIONS,
-			{sprintf(nfrontp, "td: simulating recv\r\n");
-			 nfrontp += strlen(nfrontp);});
-		willoption(TELOPT_ECHO);
-	}
-
-	/*
-	 * Finally, to clean things up, we turn on our echo.  This
-	 * will break stupid 4.2 telnets out of local terminal echo.
-	 */
-
-	if (my_state_is_wont(TELOPT_ECHO))
-		send_will(TELOPT_ECHO, 1);
-
-#ifndef	STREAMSPTY
-	/*
-	 * Turn on packet mode
-	 */
-	(void) ioctl(p, TIOCPKT, (char *)&on);
-#endif
-
-#if	defined(LINEMODE) && defined(KLUDGELINEMODE)
-	/*
-	 * Continuing line mode support.  If client does not support
-	 * real linemode, attempt to negotiate kludge linemode by sending
-	 * the do timing mark sequence.
-	 */
-	if (lmodetype < REAL_LINEMODE)
-		send_do(TELOPT_TM, 1);
-#endif	/* defined(LINEMODE) && defined(KLUDGELINEMODE) */
-
-	/*
-	 * Call telrcv() once to pick up anything received during
-	 * terminal type negotiation, 4.2/4.3 determination, and
-	 * linemode negotiation.
-	 */
-	telrcv();
-
-	(void) ioctl(f, FIONBIO, (char *)&on);
-	(void) ioctl(p, FIONBIO, (char *)&on);
-#if	defined(CRAY2) && defined(UNICOS5)
-	init_termdriver(f, p, interrupt, sendbrk);
-#endif
-
-#if	defined(SO_OOBINLINE)
-	(void) setsockopt(net, SOL_SOCKET, SO_OOBINLINE,
-				(char *)&on, sizeof on);
-#endif	/* defined(SO_OOBINLINE) */
-
-#ifdef	SIGTSTP
-	(void) signal(SIGTSTP, SIG_IGN);
-#endif
-#ifdef	SIGTTOU
-	/*
-	 * Ignoring SIGTTOU keeps the kernel from blocking us
-	 * in ttioct() in /sys/tty.c.
-	 */
-	(void) signal(SIGTTOU, SIG_IGN);
-#endif
-
-	(void) signal(SIGCHLD, cleanup);
-
-#if	defined(CRAY2) && defined(UNICOS5)
-	/*
-	 * Cray-2 will send a signal when pty modes are changed by slave
-	 * side.  Set up signal handler now.
-	 */
-	if ((int)signal(SIGUSR1, termstat) < 0)
-		warn("signal");
-	else if (ioctl(p, TCSIGME, (char *)SIGUSR1) < 0)
-		warn("ioctl:TCSIGME");
-	/*
-	 * Make processing loop check terminal characteristics early on.
-	 */
-	termstat();
-#endif
-
-#ifdef  TIOCNOTTY
-	{
-		register int t;
-		t = open(_PATH_TTY, O_RDWR);
-		if (t >= 0) {
-			(void) ioctl(t, TIOCNOTTY, (char *)0);
-			(void) close(t);
-		}
-	}
-#endif
-
-#if	defined(CRAY) && defined(NEWINIT) && defined(TIOCSCTTY)
-	(void) setsid();
-	ioctl(p, TIOCSCTTY, 0);
-#endif
-
-	/*
-	 * Show banner that getty never gave.
-	 *
-	 * We put the banner in the pty input buffer.  This way, it
-	 * gets carriage return null processing, etc., just like all
-	 * other pty --> client data.
-	 */
-
-#if	!defined(CRAY) || !defined(NEWINIT)
-	if (getenv("USER"))
-		hostinfo = 0;
-#endif
-
-	if (getent(defent, "default") == 1) {
-		char *getstr();
-		char *cp=defstrs;
-
-		HE = getstr("he", &cp);
-		HN = getstr("hn", &cp);
-		IM = getstr("im", &cp);
-		if (HN && *HN)
-			(void) strcpy(host_name, HN);
-		if (IM == 0)
-			IM = "";
-	} else {
-		IM = DEFAULT_IM;
-		HE = 0;
-	}
-	edithost(HE, host_name);
-	if (hostinfo && *IM)
-		putf(IM, ptyibuf2);
-
-	if (pcc)
-		(void) strncat(ptyibuf2, ptyip, pcc+1);
-	ptyip = ptyibuf2;
-	pcc = strlen(ptyip);
-#ifdef	LINEMODE
-	/*
-	 * Last check to make sure all our states are correct.
-	 */
-	init_termbuf();
-	localstat();
-#endif	/* LINEMODE */
-
-	DIAG(TD_REPORT,
-		{sprintf(nfrontp, "td: Entering processing loop\r\n");
-		 nfrontp += strlen(nfrontp);});
-
-	/*
-	 * Startup the login process on the slave side of the terminal
-	 * now.  We delay this until here to insure option negotiation
-	 * is complete.
-	 */
-	startslave(host, level, user_name);
-
-	nfd = ((f > p) ? f : p) + 1;
-	for (;;) {
-		fd_set ibits, obits, xbits;
-		register int c;
-
-		if (ncc < 0 && pcc < 0)
-			break;
-
-#if	defined(CRAY2) && defined(UNICOS5)
-		if (needtermstat)
-			_termstat();
-#endif	/* defined(CRAY2) && defined(UNICOS5) */
-		FD_ZERO(&ibits);
-		FD_ZERO(&obits);
-		FD_ZERO(&xbits);
-		/*
-		 * Never look for input if there's still
-		 * stuff in the corresponding output buffer
-		 */
-		if (nfrontp - nbackp || pcc > 0) {
-			FD_SET(f, &obits);
-		} else {
-			FD_SET(p, &ibits);
-		}
-		if (pfrontp - pbackp || ncc > 0) {
-			FD_SET(p, &obits);
-		} else {
-			FD_SET(f, &ibits);
-		}
-		if (!SYNCHing) {
-			FD_SET(f, &xbits);
-		}
-		if ((c = select(nfd, &ibits, &obits, &xbits,
-						(struct timeval *)0)) < 1) {
-			if (c == -1) {
-				if (errno == EINTR) {
-					continue;
-				}
-			}
-			sleep(5);
-			continue;
-		}
-
-		/*
-		 * Any urgent data?
-		 */
-		if (FD_ISSET(net, &xbits)) {
-		    SYNCHing = 1;
-		}
-
-		/*
-		 * Something to read from the network...
-		 */
-		if (FD_ISSET(net, &ibits)) {
-#if	!defined(SO_OOBINLINE)
-			/*
-			 * In 4.2 (and 4.3 beta) systems, the
-			 * OOB indication and data handling in the kernel
-			 * is such that if two separate TCP Urgent requests
-			 * come in, one byte of TCP data will be overlaid.
-			 * This is fatal for Telnet, but we try to live
-			 * with it.
-			 *
-			 * In addition, in 4.2 (and...), a special protocol
-			 * is needed to pick up the TCP Urgent data in
-			 * the correct sequence.
-			 *
-			 * What we do is:  if we think we are in urgent
-			 * mode, we look to see if we are "at the mark".
-			 * If we are, we do an OOB receive.  If we run
-			 * this twice, we will do the OOB receive twice,
-			 * but the second will fail, since the second
-			 * time we were "at the mark", but there wasn't
-			 * any data there (the kernel doesn't reset
-			 * "at the mark" until we do a normal read).
-			 * Once we've read the OOB data, we go ahead
-			 * and do normal reads.
-			 *
-			 * There is also another problem, which is that
-			 * since the OOB byte we read doesn't put us
-			 * out of OOB state, and since that byte is most
-			 * likely the TELNET DM (data mark), we would
-			 * stay in the TELNET SYNCH (SYNCHing) state.
-			 * So, clocks to the rescue.  If we've "just"
-			 * received a DM, then we test for the
-			 * presence of OOB data when the receive OOB
-			 * fails (and AFTER we did the normal mode read
-			 * to clear "at the mark").
-			 */
-		    if (SYNCHing) {
-			int atmark;
-
-			(void) ioctl(net, SIOCATMARK, (char *)&atmark);
-			if (atmark) {
-			    ncc = recv(net, netibuf, sizeof (netibuf), MSG_OOB);
-			    if ((ncc == -1) && (errno == EINVAL)) {
-				ncc = read(net, netibuf, sizeof (netibuf));
-				if (sequenceIs(didnetreceive, gotDM)) {
-				    SYNCHing = stilloob(net);
-				}
-			    }
-			} else {
-			    ncc = read(net, netibuf, sizeof (netibuf));
-			}
-		    } else {
-			ncc = read(net, netibuf, sizeof (netibuf));
-		    }
-		    settimer(didnetreceive);
-#else	/* !defined(SO_OOBINLINE)) */
-		    ncc = read(net, netibuf, sizeof (netibuf));
-#endif	/* !defined(SO_OOBINLINE)) */
-		    if (ncc < 0 && errno == EWOULDBLOCK)
-			ncc = 0;
-		    else {
-			if (ncc <= 0) {
-			    break;
-			}
-			netip = netibuf;
-		    }
-		    DIAG((TD_REPORT | TD_NETDATA),
-			    {sprintf(nfrontp, "td: netread %d chars\r\n", ncc);
-			     nfrontp += strlen(nfrontp);});
-		    DIAG(TD_NETDATA, printdata("nd", netip, ncc));
-		}
-
-		/*
-		 * Something to read from the pty...
-		 */
-		if (FD_ISSET(p, &ibits)) {
-#ifndef	STREAMSPTY
-			pcc = read(p, ptyibuf, BUFSIZ);
-#else
-			pcc = readstream(p, ptyibuf, BUFSIZ);
-#endif
-			/*
-			 * On some systems, if we try to read something
-			 * off the master side before the slave side is
-			 * opened, we get EIO.
-			 */
-			if (pcc < 0 && (errno == EWOULDBLOCK ||
-#ifdef	EAGAIN
-					errno == EAGAIN ||
-#endif
-					errno == EIO)) {
-				pcc = 0;
-			} else {
-				if (pcc <= 0)
-					break;
-#if	!defined(CRAY2) || !defined(UNICOS5)
-#ifdef	LINEMODE
-				/*
-				 * If ioctl from pty, pass it through net
-				 */
-				if (ptyibuf[0] & TIOCPKT_IOCTL) {
-					copy_termbuf(ptyibuf+1, pcc-1);
-					localstat();
-					pcc = 1;
-				}
-#endif	/* LINEMODE */
-				if (ptyibuf[0] & TIOCPKT_FLUSHWRITE) {
-					netclear();	/* clear buffer back */
-#ifndef	NO_URGENT
-					/*
-					 * There are client telnets on some
-					 * operating systems get screwed up
-					 * royally if we send them urgent
-					 * mode data.
-					 */
-					*nfrontp++ = IAC;
-					*nfrontp++ = DM;
-					neturg = nfrontp-1; /* off by one XXX */
-					DIAG(TD_OPTIONS,
-					    printoption("td: send IAC", DM));
-
-#endif
-				}
-				if (his_state_is_will(TELOPT_LFLOW) &&
-				    (ptyibuf[0] &
-				     (TIOCPKT_NOSTOP|TIOCPKT_DOSTOP))) {
-					int newflow =
-					    ptyibuf[0] & TIOCPKT_DOSTOP ? 1 : 0;
-					if (newflow != flowmode) {
-						flowmode = newflow;
-						(void) sprintf(nfrontp,
-							"%c%c%c%c%c%c",
-							IAC, SB, TELOPT_LFLOW,
-							flowmode ? LFLOW_ON
-								 : LFLOW_OFF,
-							IAC, SE);
-						nfrontp += 6;
-						DIAG(TD_OPTIONS, printsub('>',
-						    (unsigned char *)nfrontp-4,
-						    4););
-					}
-				}
-				pcc--;
-				ptyip = ptyibuf+1;
-#else	/* defined(CRAY2) && defined(UNICOS5) */
-				if (!uselinemode) {
-					unpcc = pcc;
-					unptyip = ptyibuf;
-					pcc = term_output(&unptyip, ptyibuf2,
-								&unpcc, BUFSIZ);
-					ptyip = ptyibuf2;
-				} else
-					ptyip = ptyibuf;
-#endif	/* defined(CRAY2) && defined(UNICOS5) */
-			}
-		}
-
-		while (pcc > 0) {
-			if ((&netobuf[BUFSIZ] - nfrontp) < 2)
-				break;
-			c = *ptyip++ & 0377, pcc--;
-			if (c == IAC)
-				*nfrontp++ = c;
-#if	defined(CRAY2) && defined(UNICOS5)
-			else if (c == '\n' &&
-				     my_state_is_wont(TELOPT_BINARY) && newmap)
-				*nfrontp++ = '\r';
-#endif	/* defined(CRAY2) && defined(UNICOS5) */
-			*nfrontp++ = c;
-			if ((c == '\r') && (my_state_is_wont(TELOPT_BINARY))) {
-				if (pcc > 0 && ((*ptyip & 0377) == '\n')) {
-					*nfrontp++ = *ptyip++ & 0377;
-					pcc--;
-				} else
-					*nfrontp++ = '\0';
-			}
-		}
-#if	defined(CRAY2) && defined(UNICOS5)
-		/*
-		 * If chars were left over from the terminal driver,
-		 * note their existence.
-		 */
-		if (!uselinemode && unpcc) {
-			pcc = unpcc;
-			unpcc = 0;
-			ptyip = unptyip;
-		}
-#endif	/* defined(CRAY2) && defined(UNICOS5) */
-
-		if (FD_ISSET(f, &obits) && (nfrontp - nbackp) > 0)
-			netflush();
-		if (ncc > 0)
-			telrcv();
-		if (FD_ISSET(p, &obits) && (pfrontp - pbackp) > 0)
-			ptyflush();
-	}
-	cleanup(0);
-}  /* end of telnet */
-
-#ifndef	TCSIG
-# ifdef	TIOCSIG
-#  define TCSIG TIOCSIG
-# endif
-#endif
-
-#ifdef	STREAMSPTY
-
-int flowison = -1;  /* current state of flow: -1 is unknown */
-
-int readstream(p, ibuf, bufsize)
-	int p;
-	char *ibuf;
-	int bufsize;
-{
-	int flags = 0;
-	int ret = 0;
-	struct termios *tsp;
-	struct termio *tp;
-	struct iocblk *ip;
-	char vstop, vstart;
-	int ixon;
-	int newflow;
-
-	strbufc.maxlen = BUFSIZ;
-	strbufc.buf = (char *)ctlbuf;
-	strbufd.maxlen = bufsize-1;
-	strbufd.len = 0;
-	strbufd.buf = ibuf+1;
-	ibuf[0] = 0;
-
-	ret = getmsg(p, &strbufc, &strbufd, &flags);
-	if (ret < 0)  /* error of some sort -- probably EAGAIN */
-		return(-1);
-
-	if (strbufc.len <= 0 || ctlbuf[0] == M_DATA) {
-		/* data message */
-		if (strbufd.len > 0) {			/* real data */
-			return(strbufd.len + 1);	/* count header char */
-		} else {
-			/* nothing there */
-			errno = EAGAIN;
-			return(-1);
-		}
-	}
-
-	/*
-	 * It's a control message.  Return 1, to look at the flag we set
-	 */
-
-	switch (ctlbuf[0]) {
-	case M_FLUSH:
-		if (ibuf[1] & FLUSHW)
-			ibuf[0] = TIOCPKT_FLUSHWRITE;
-		return(1);
-
-	case M_IOCTL:
-		ip = (struct iocblk *) (ibuf+1);
-
-		switch (ip->ioc_cmd) {
-		case TCSETS:
-		case TCSETSW:
-		case TCSETSF:
-			tsp = (struct termios *)
-					(ibuf+1 + sizeof(struct iocblk));
-			vstop = tsp->c_cc[VSTOP];
-			vstart = tsp->c_cc[VSTART];
-			ixon = tsp->c_iflag & IXON;
-			break;
-		case TCSETA:
-		case TCSETAW:
-		case TCSETAF:
-			tp = (struct termio *) (ibuf+1 + sizeof(struct iocblk));
-			vstop = tp->c_cc[VSTOP];
-			vstart = tp->c_cc[VSTART];
-			ixon = tp->c_iflag & IXON;
-			break;
-		default:
-			errno = EAGAIN;
-			return(-1);
-		}
-
-		newflow =  (ixon && (vstart == 021) && (vstop == 023)) ? 1 : 0;
-		if (newflow != flowison) {  /* it's a change */
-			flowison = newflow;
-			ibuf[0] = newflow ? TIOCPKT_DOSTOP : TIOCPKT_NOSTOP;
-			return(1);
-		}
-	}
-
-	/* nothing worth doing anything about */
-	errno = EAGAIN;
-	return(-1);
-}
-#endif /* STREAMSPTY */
-
-/*
- * Send interrupt to process on other side of pty.
- * If it is in raw mode, just write NULL;
- * otherwise, write intr char.
- */
-	void
-interrupt()
-{
-	ptyflush();	/* half-hearted */
-
-#if defined(STREAMSPTY) && defined(TIOCSIGNAL)
-	/* Streams PTY style ioctl to post a signal */
-	{
-		int sig = SIGINT;
-		(void) ioctl(pty, TIOCSIGNAL, &sig);
-		(void) ioctl(pty, I_FLUSH, FLUSHR);
-	}
-#else
-#ifdef	TCSIG
-	(void) ioctl(pty, TCSIG, (char *)SIGINT);
-#else	/* TCSIG */
-	init_termbuf();
-	*pfrontp++ = slctab[SLC_IP].sptr ?
-			(unsigned char)*slctab[SLC_IP].sptr : '\177';
-#endif	/* TCSIG */
-#endif
-}
-
-/*
- * Send quit to process on other side of pty.
- * If it is in raw mode, just write NULL;
- * otherwise, write quit char.
- */
-	void
-sendbrk()
-{
-	ptyflush();	/* half-hearted */
-#ifdef	TCSIG
-	(void) ioctl(pty, TCSIG, (char *)SIGQUIT);
-#else	/* TCSIG */
-	init_termbuf();
-	*pfrontp++ = slctab[SLC_ABORT].sptr ?
-			(unsigned char)*slctab[SLC_ABORT].sptr : '\034';
-#endif	/* TCSIG */
-}
-
-	void
-sendsusp()
-{
-#ifdef	SIGTSTP
-	ptyflush();	/* half-hearted */
-# ifdef	TCSIG
-	(void) ioctl(pty, TCSIG, (char *)SIGTSTP);
-# else	/* TCSIG */
-	*pfrontp++ = slctab[SLC_SUSP].sptr ?
-			(unsigned char)*slctab[SLC_SUSP].sptr : '\032';
-# endif	/* TCSIG */
-#endif	/* SIGTSTP */
-}
-
-/*
- * When we get an AYT, if ^T is enabled, use that.  Otherwise,
- * just send back "[Yes]".
- */
-	void
-recv_ayt()
-{
-#if	defined(SIGINFO) && defined(TCSIG)
-	if (slctab[SLC_AYT].sptr && *slctab[SLC_AYT].sptr != _POSIX_VDISABLE) {
-		(void) ioctl(pty, TCSIG, (char *)SIGINFO);
-		return;
-	}
-#endif
-	(void) strcpy(nfrontp, "\r\n[Yes]\r\n");
-	nfrontp += 9;
-}
-
-	void
-doeof()
-{
-	init_termbuf();
-
-#if	defined(LINEMODE) && defined(USE_TERMIO) && (VEOF == VMIN)
-	if (!tty_isediting()) {
-		extern char oldeofc;
-		*pfrontp++ = oldeofc;
-		return;
-	}
-#endif
-	*pfrontp++ = slctab[SLC_EOF].sptr ?
-			(unsigned char)*slctab[SLC_EOF].sptr : '\004';
-}
diff --git a/crypto/telnet/telnetd/telnetd.h b/crypto/telnet/telnetd/telnetd.h
deleted file mode 100644
index 234b9739e758..000000000000
--- a/crypto/telnet/telnetd/telnetd.h
+++ /dev/null
@@ -1,49 +0,0 @@
-/*
- * Copyright (c) 1989, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)telnetd.h	8.1 (Berkeley) 6/4/93
- */
-
-
-#include "defs.h"
-#include "ext.h"
-
-#ifdef	DIAGNOSTICS
-#define	DIAG(a,b)	if (diagnostic & (a)) b
-#else
-#define	DIAG(a,b)
-#endif
-
-/* other external variables */
-extern	char **environ;
-extern	int errno;
-
diff --git a/crypto/telnet/telnetd/termstat.c b/crypto/telnet/telnetd/termstat.c
deleted file mode 100644
index 99fa3ddfe308..000000000000
--- a/crypto/telnet/telnetd/termstat.c
+++ /dev/null
@@ -1,677 +0,0 @@
-/*
- * Copyright (c) 1989, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef lint
-#if 0
-static const char sccsid[] = "@(#)termstat.c	8.2 (Berkeley) 5/30/95";
-#endif
-static const char rcsid[] =
-	"$Id$";
-#endif /* not lint */
-
-#include "telnetd.h"
-
-#if	defined(ENCRYPTION)
-#include <libtelnet/encrypt.h>
-#endif
-
-/*
- * local variables
- */
-int def_tspeed = -1, def_rspeed = -1;
-#ifdef	TIOCSWINSZ
-int def_row = 0, def_col = 0;
-#endif
-#ifdef	LINEMODE
-static int _terminit = 0;
-#endif	/* LINEMODE */
-
-#if	defined(CRAY2) && defined(UNICOS5)
-int	newmap = 1;	/* nonzero if \n maps to ^M^J */
-#endif
-
-#ifdef	LINEMODE
-/*
- * localstat
- *
- * This function handles all management of linemode.
- *
- * Linemode allows the client to do the local editing of data
- * and send only complete lines to the server.  Linemode state is
- * based on the state of the pty driver.  If the pty is set for
- * external processing, then we can use linemode.  Further, if we
- * can use real linemode, then we can look at the edit control bits
- * in the pty to determine what editing the client should do.
- *
- * Linemode support uses the following state flags to keep track of
- * current and desired linemode state.
- *	alwayslinemode : true if -l was specified on the telnetd
- * 	command line.  It means to have linemode on as much as
- *	possible.
- *
- * 	lmodetype: signifies whether the client can
- *	handle real linemode, or if use of kludgeomatic linemode
- *	is preferred.  It will be set to one of the following:
- *		REAL_LINEMODE : use linemode option
- *		NO_KLUDGE : don't initiate kludge linemode.
- *		KLUDGE_LINEMODE : use kludge linemode
- *		NO_LINEMODE : client is ignorant of linemode
- *
- *	linemode, uselinemode : linemode is true if linemode
- *	is currently on, uselinemode is the state that we wish
- *	to be in.  If another function wishes to turn linemode
- *	on or off, it sets or clears uselinemode.
- *
- *	editmode, useeditmode : like linemode/uselinemode, but
- *	these contain the edit mode states (edit and trapsig).
- *
- * The state variables correspond to some of the state information
- * in the pty.
- *	linemode:
- *		In real linemode, this corresponds to whether the pty
- *		expects external processing of incoming data.
- *		In kludge linemode, this more closely corresponds to the
- *		whether normal processing is on or not.  (ICANON in
- *		system V, or COOKED mode in BSD.)
- *		If the -l option was specified (alwayslinemode), then
- *		an attempt is made to force external processing on at
- *		all times.
- *
- * The following heuristics are applied to determine linemode
- * handling within the server.
- *	1) Early on in starting up the server, an attempt is made
- *	   to negotiate the linemode option.  If this succeeds
- *	   then lmodetype is set to REAL_LINEMODE and all linemode
- *	   processing occurs in the context of the linemode option.
- *	2) If the attempt to negotiate the linemode option failed,
- *	   and the "-k" (don't initiate kludge linemode) isn't set,
- *	   then we try to use kludge linemode.  We test for this
- *	   capability by sending "do Timing Mark".  If a positive
- *	   response comes back, then we assume that the client
- *	   understands kludge linemode (ech!) and the
- *	   lmodetype flag is set to KLUDGE_LINEMODE.
- *	3) Otherwise, linemode is not supported at all and
- *	   lmodetype remains set to NO_LINEMODE (which happens
- *	   to be 0 for convenience).
- *	4) At any time a command arrives that implies a higher
- *	   state of linemode support in the client, we move to that
- *	   linemode support.
- *
- * A short explanation of kludge linemode is in order here.
- *	1) The heuristic to determine support for kludge linemode
- *	   is to send a do timing mark.  We assume that a client
- *	   that supports timing marks also supports kludge linemode.
- *	   A risky proposition at best.
- *	2) Further negotiation of linemode is done by changing the
- *	   the server's state regarding SGA.  If server will SGA,
- *	   then linemode is off, if server won't SGA, then linemode
- *	   is on.
- */
-	void
-localstat()
-{
-	void netflush();
-	int need_will_echo = 0;
-
-#if	defined(CRAY2) && defined(UNICOS5)
-	/*
-	 * Keep track of that ol' CR/NL mapping while we're in the
-	 * neighborhood.
-	 */
-	newmap = tty_isnewmap();
-#endif	/* defined(CRAY2) && defined(UNICOS5) */
-
-	/*
-	 * Check for changes to flow control if client supports it.
-	 */
-	flowstat();
-
-	/*
-	 * Check linemode on/off state
-	 */
-	uselinemode = tty_linemode();
-
-	/*
-	 * If alwayslinemode is on, and pty is changing to turn it off, then
-	 * force linemode back on.
-	 */
-	if (alwayslinemode && linemode && !uselinemode) {
-		uselinemode = 1;
-		tty_setlinemode(uselinemode);
-	}
-
-	if (uselinemode) {
-		/*
-	 * Check for state of BINARY options.
-		 *
-		 * We only need to do the binary dance if we are actually going
-		 * to use linemode.  As this confuses some telnet clients
-		 * that don't support linemode, and doesn't gain us
-		 * anything, we don't do it unless we're doing linemode.
-		 * -Crh (henrich@msu.edu)
-	 */
-
-	if (tty_isbinaryin()) {
-		if (his_want_state_is_wont(TELOPT_BINARY))
-			send_do(TELOPT_BINARY, 1);
-	} else {
-		if (his_want_state_is_will(TELOPT_BINARY))
-			send_dont(TELOPT_BINARY, 1);
-	}
-
-	if (tty_isbinaryout()) {
-		if (my_want_state_is_wont(TELOPT_BINARY))
-			send_will(TELOPT_BINARY, 1);
-	} else {
-		if (my_want_state_is_will(TELOPT_BINARY))
-			send_wont(TELOPT_BINARY, 1);
-	}
-	}
-
-#ifdef	ENCRYPTION
-	/*
-	 * If the terminal is not echoing, but editing is enabled,
-	 * something like password input is going to happen, so
-	 * if we the other side is not currently sending encrypted
-	 * data, ask the other side to start encrypting.
-	 */
-	if (his_state_is_will(TELOPT_ENCRYPT)) {
-		static int enc_passwd = 0;
-		if (uselinemode && !tty_isecho() && tty_isediting()
-		    && (enc_passwd == 0) && !decrypt_input) {
-			encrypt_send_request_start();
-			enc_passwd = 1;
-		} else if (enc_passwd) {
-			encrypt_send_request_end();
-			enc_passwd = 0;
-		}
-	}
-#endif	/* ENCRYPTION */
-
-	/*
-	 * Do echo mode handling as soon as we know what the
-	 * linemode is going to be.
-	 * If the pty has echo turned off, then tell the client that
-	 * the server will echo.  If echo is on, then the server
-	 * will echo if in character mode, but in linemode the
-	 * client should do local echoing.  The state machine will
-	 * not send anything if it is unnecessary, so don't worry
-	 * about that here.
-	 *
-	 * If we need to send the WILL ECHO (because echo is off),
-	 * then delay that until after we have changed the MODE.
-	 * This way, when the user is turning off both editing
-	 * and echo, the client will get editing turned off first.
-	 * This keeps the client from going into encryption mode
-	 * and then right back out if it is doing auto-encryption
-	 * when passwords are being typed.
-	 */
-	if (uselinemode) {
-		if (tty_isecho())
-			send_wont(TELOPT_ECHO, 1);
-		else
-			need_will_echo = 1;
-#ifdef	KLUDGELINEMODE
-		if (lmodetype == KLUDGE_OK)
-			lmodetype = KLUDGE_LINEMODE;
-#endif
-	}
-
-	/*
-	 * If linemode is being turned off, send appropriate
-	 * command and then we're all done.
-	 */
-	 if (!uselinemode && linemode) {
-# ifdef	KLUDGELINEMODE
-		if (lmodetype == REAL_LINEMODE) {
-# endif	/* KLUDGELINEMODE */
-			send_dont(TELOPT_LINEMODE, 1);
-# ifdef	KLUDGELINEMODE
-		} else if (lmodetype == KLUDGE_LINEMODE)
-			send_will(TELOPT_SGA, 1);
-# endif	/* KLUDGELINEMODE */
-		send_will(TELOPT_ECHO, 1);
-		linemode = uselinemode;
-		goto done;
-	}
-
-# ifdef	KLUDGELINEMODE
-	/*
-	 * If using real linemode check edit modes for possible later use.
-	 * If we are in kludge linemode, do the SGA negotiation.
-	 */
-	if (lmodetype == REAL_LINEMODE) {
-# endif	/* KLUDGELINEMODE */
-		useeditmode = 0;
-		if (tty_isediting())
-			useeditmode |= MODE_EDIT;
-		if (tty_istrapsig())
-			useeditmode |= MODE_TRAPSIG;
-		if (tty_issofttab())
-			useeditmode |= MODE_SOFT_TAB;
-		if (tty_islitecho())
-			useeditmode |= MODE_LIT_ECHO;
-# ifdef	KLUDGELINEMODE
-	} else if (lmodetype == KLUDGE_LINEMODE) {
-		if (tty_isediting() && uselinemode)
-			send_wont(TELOPT_SGA, 1);
-		else
-			send_will(TELOPT_SGA, 1);
-	}
-# endif	/* KLUDGELINEMODE */
-
-	/*
-	 * Negotiate linemode on if pty state has changed to turn it on.
-	 * Send appropriate command and send along edit mode, then all done.
-	 */
-	if (uselinemode && !linemode) {
-# ifdef	KLUDGELINEMODE
-		if (lmodetype == KLUDGE_LINEMODE) {
-			send_wont(TELOPT_SGA, 1);
-		} else if (lmodetype == REAL_LINEMODE) {
-# endif	/* KLUDGELINEMODE */
-			send_do(TELOPT_LINEMODE, 1);
-			/* send along edit modes */
-			(void) sprintf(nfrontp, "%c%c%c%c%c%c%c", IAC, SB,
-				TELOPT_LINEMODE, LM_MODE, useeditmode,
-				IAC, SE);
-			nfrontp += 7;
-			editmode = useeditmode;
-# ifdef	KLUDGELINEMODE
-		}
-# endif	/* KLUDGELINEMODE */
-		linemode = uselinemode;
-		goto done;
-	}
-
-# ifdef	KLUDGELINEMODE
-	/*
-	 * None of what follows is of any value if not using
-	 * real linemode.
-	 */
-	if (lmodetype < REAL_LINEMODE)
-		goto done;
-# endif	/* KLUDGELINEMODE */
-
-	if (linemode && his_state_is_will(TELOPT_LINEMODE)) {
-		/*
-		 * If edit mode changed, send edit mode.
-		 */
-		 if (useeditmode != editmode) {
-			/*
-			 * Send along appropriate edit mode mask.
-			 */
-			(void) sprintf(nfrontp, "%c%c%c%c%c%c%c", IAC, SB,
-				TELOPT_LINEMODE, LM_MODE, useeditmode,
-				IAC, SE);
-			nfrontp += 7;
-			editmode = useeditmode;
-		}
-
-
-		/*
-		 * Check for changes to special characters in use.
-		 */
-		start_slc(0);
-		check_slc();
-		(void) end_slc(0);
-	}
-
-done:
-	if (need_will_echo)
-		send_will(TELOPT_ECHO, 1);
-	/*
-	 * Some things should be deferred until after the pty state has
-	 * been set by the local process.  Do those things that have been
-	 * deferred now.  This only happens once.
-	 */
-	if (_terminit == 0) {
-		_terminit = 1;
-		defer_terminit();
-	}
-
-	netflush();
-	set_termbuf();
-	return;
-
-}  /* end of localstat */
-#endif	/* LINEMODE */
-
-/*
- * flowstat
- *
- * Check for changes to flow control
- */
-	void
-flowstat()
-{
-	if (his_state_is_will(TELOPT_LFLOW)) {
-		if (tty_flowmode() != flowmode) {
-			flowmode = tty_flowmode();
-			(void) sprintf(nfrontp, "%c%c%c%c%c%c",
-					IAC, SB, TELOPT_LFLOW,
-					flowmode ? LFLOW_ON : LFLOW_OFF,
-					IAC, SE);
-			nfrontp += 6;
-		}
-		if (tty_restartany() != restartany) {
-			restartany = tty_restartany();
-			(void) sprintf(nfrontp, "%c%c%c%c%c%c",
-					IAC, SB, TELOPT_LFLOW,
-					restartany ? LFLOW_RESTART_ANY
-						   : LFLOW_RESTART_XON,
-					IAC, SE);
-			nfrontp += 6;
-		}
-	}
-}
-
-/*
- * clientstat
- *
- * Process linemode related requests from the client.
- * Client can request a change to only one of linemode, editmode or slc's
- * at a time, and if using kludge linemode, then only linemode may be
- * affected.
- */
-	void
-clientstat(code, parm1, parm2)
-	register int code, parm1, parm2;
-{
-	void netflush();
-
-	/*
-	 * Get a copy of terminal characteristics.
-	 */
-	init_termbuf();
-
-	/*
-	 * Process request from client. code tells what it is.
-	 */
-	switch (code) {
-#ifdef	LINEMODE
-	case TELOPT_LINEMODE:
-		/*
-		 * Don't do anything unless client is asking us to change
-		 * modes.
-		 */
-		uselinemode = (parm1 == WILL);
-		if (uselinemode != linemode) {
-# ifdef	KLUDGELINEMODE
-			/*
-			 * If using kludge linemode, make sure that
-			 * we can do what the client asks.
-			 * We can not turn off linemode if alwayslinemode
-			 * and the ICANON bit is set.
-			 */
-			if (lmodetype == KLUDGE_LINEMODE) {
-				if (alwayslinemode && tty_isediting()) {
-					uselinemode = 1;
-				}
-			}
-
-			/*
-			 * Quit now if we can't do it.
-			 */
-			if (uselinemode == linemode)
-				return;
-
-			/*
-			 * If using real linemode and linemode is being
-			 * turned on, send along the edit mode mask.
-			 */
-			if (lmodetype == REAL_LINEMODE && uselinemode)
-# else	/* KLUDGELINEMODE */
-			if (uselinemode)
-# endif	/* KLUDGELINEMODE */
-			{
-				useeditmode = 0;
-				if (tty_isediting())
-					useeditmode |= MODE_EDIT;
-				if (tty_istrapsig)
-					useeditmode |= MODE_TRAPSIG;
-				if (tty_issofttab())
-					useeditmode |= MODE_SOFT_TAB;
-				if (tty_islitecho())
-					useeditmode |= MODE_LIT_ECHO;
-				(void) sprintf(nfrontp, "%c%c%c%c%c%c%c", IAC,
-					SB, TELOPT_LINEMODE, LM_MODE,
-							useeditmode, IAC, SE);
-				nfrontp += 7;
-				editmode = useeditmode;
-			}
-
-
-			tty_setlinemode(uselinemode);
-
-			linemode = uselinemode;
-
-			if (!linemode)
-				send_will(TELOPT_ECHO, 1);
-		}
-		break;
-
-	case LM_MODE:
-	    {
-		register int ack, changed;
-
-		/*
-		 * Client has sent along a mode mask.  If it agrees with
-		 * what we are currently doing, ignore it; if not, it could
-		 * be viewed as a request to change.  Note that the server
-		 * will change to the modes in an ack if it is different from
-		 * what we currently have, but we will not ack the ack.
-		 */
-		 useeditmode &= MODE_MASK;
-		 ack = (useeditmode & MODE_ACK);
-		 useeditmode &= ~MODE_ACK;
-
-		 if ((changed = (useeditmode ^ editmode))) {
-			/*
-			 * This check is for a timing problem.  If the
-			 * state of the tty has changed (due to the user
-			 * application) we need to process that info
-			 * before we write in the state contained in the
-			 * ack!!!  This gets out the new MODE request,
-			 * and when the ack to that command comes back
-			 * we'll set it and be in the right mode.
-			 */
-			if (ack)
-				localstat();
-			if (changed & MODE_EDIT)
-				tty_setedit(useeditmode & MODE_EDIT);
-
-			if (changed & MODE_TRAPSIG)
-				tty_setsig(useeditmode & MODE_TRAPSIG);
-
-			if (changed & MODE_SOFT_TAB)
-				tty_setsofttab(useeditmode & MODE_SOFT_TAB);
-
-			if (changed & MODE_LIT_ECHO)
-				tty_setlitecho(useeditmode & MODE_LIT_ECHO);
-
-			set_termbuf();
-
- 			if (!ack) {
- 				(void) sprintf(nfrontp, "%c%c%c%c%c%c%c", IAC,
-					SB, TELOPT_LINEMODE, LM_MODE,
- 					useeditmode|MODE_ACK,
- 					IAC, SE);
- 				nfrontp += 7;
- 			}
-
-			editmode = useeditmode;
-		}
-
-		break;
-
-	    }  /* end of case LM_MODE */
-#endif	/* LINEMODE */
-
-	case TELOPT_NAWS:
-#ifdef	TIOCSWINSZ
-	    {
-		struct winsize ws;
-
-		def_col = parm1;
-		def_row = parm2;
-#ifdef	LINEMODE
-		/*
-		 * Defer changing window size until after terminal is
-		 * initialized.
-		 */
-		if (terminit() == 0)
-			return;
-#endif	/* LINEMODE */
-
-		/*
-		 * Change window size as requested by client.
-		 */
-
-		ws.ws_col = parm1;
-		ws.ws_row = parm2;
-		(void) ioctl(pty, TIOCSWINSZ, (char *)&ws);
-	    }
-#endif	/* TIOCSWINSZ */
-
-		break;
-
-	case TELOPT_TSPEED:
-	    {
-		def_tspeed = parm1;
-		def_rspeed = parm2;
-#ifdef	LINEMODE
-		/*
-		 * Defer changing the terminal speed.
-		 */
-		if (terminit() == 0)
-			return;
-#endif	/* LINEMODE */
-		/*
-		 * Change terminal speed as requested by client.
-		 * We set the receive speed first, so that if we can't
-		 * store seperate receive and transmit speeds, the transmit
-		 * speed will take precedence.
-		 */
-		tty_rspeed(parm2);
-		tty_tspeed(parm1);
-		set_termbuf();
-
-		break;
-
-	    }  /* end of case TELOPT_TSPEED */
-
-	default:
-		/* What? */
-		break;
-	}  /* end of switch */
-
-#if	defined(CRAY2) && defined(UNICOS5)
-	/*
-	 * Just in case of the likely event that we changed the pty state.
-	 */
-	rcv_ioctl();
-#endif	/* defined(CRAY2) && defined(UNICOS5) */
-
-	netflush();
-
-}  /* end of clientstat */
-
-#if	defined(CRAY2) && defined(UNICOS5)
-	void
-termstat()
-{
-	needtermstat = 1;
-}
-
-	void
-_termstat()
-{
-	needtermstat = 0;
-	init_termbuf();
-	localstat();
-	rcv_ioctl();
-}
-#endif	/* defined(CRAY2) && defined(UNICOS5) */
-
-#ifdef	LINEMODE
-/*
- * defer_terminit
- *
- * Some things should not be done until after the login process has started
- * and all the pty modes are set to what they are supposed to be.  This
- * function is called when the pty state has been processed for the first time.
- * It calls other functions that do things that were deferred in each module.
- */
-	void
-defer_terminit()
-{
-
-	/*
-	 * local stuff that got deferred.
-	 */
-	if (def_tspeed != -1) {
-		clientstat(TELOPT_TSPEED, def_tspeed, def_rspeed);
-		def_tspeed = def_rspeed = 0;
-	}
-
-#ifdef	TIOCSWINSZ
-	if (def_col || def_row) {
-		struct winsize ws;
-
-		memset((char *)&ws, 0, sizeof(ws));
-		ws.ws_col = def_col;
-		ws.ws_row = def_row;
-		(void) ioctl(pty, TIOCSWINSZ, (char *)&ws);
-	}
-#endif
-
-	/*
-	 * The only other module that currently defers anything.
-	 */
-	deferslc();
-
-}  /* end of defer_terminit */
-
-/*
- * terminit
- *
- * Returns true if the pty state has been processed yet.
- */
-	int
-terminit()
-{
-	return(_terminit);
-
-}  /* end of terminit */
-#endif	/* LINEMODE */
diff --git a/crypto/telnet/telnetd/utility.c b/crypto/telnet/telnetd/utility.c
deleted file mode 100644
index 4c9dec1c118e..000000000000
--- a/crypto/telnet/telnetd/utility.c
+++ /dev/null
@@ -1,1217 +0,0 @@
-/*
- * Copyright (c) 1989, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef lint
-#if 0
-static const char sccsid[] = "@(#)utility.c	8.4 (Berkeley) 5/30/95";
-#endif
-static const char rcsid[] =
-	"$Id$";
-#endif /* not lint */
-
-#ifdef __FreeBSD__
-#include <locale.h>
-#endif
-#define PRINTOPTIONS
-#include "telnetd.h"
-
-#if	defined(AUTHENTICATION)
-#include <libtelnet/auth.h>
-#endif
-#if	defined(ENCRYPTION)
-#include <libtelnet/encrypt.h>
-#endif
-
-/*
- * utility functions performing io related tasks
- */
-
-/*
- * ttloop
- *
- *	A small subroutine to flush the network output buffer, get some data
- * from the network, and pass it through the telnet state machine.  We
- * also flush the pty input buffer (by dropping its data) if it becomes
- * too full.
- */
-
-    void
-ttloop()
-{
-    void netflush();
-
-    DIAG(TD_REPORT, {sprintf(nfrontp, "td: ttloop\r\n");
-		     nfrontp += strlen(nfrontp);});
-    if (nfrontp-nbackp) {
-	netflush();
-    }
-    ncc = read(net, netibuf, sizeof netibuf);
-    if (ncc < 0) {
-	syslog(LOG_INFO, "ttloop:  read: %m");
-	exit(1);
-    } else if (ncc == 0) {
-	syslog(LOG_INFO, "ttloop:  peer died: %m");
-	exit(1);
-    }
-    DIAG(TD_REPORT, {sprintf(nfrontp, "td: ttloop read %d chars\r\n", ncc);
-		     nfrontp += strlen(nfrontp);});
-    netip = netibuf;
-    telrcv();			/* state machine */
-    if (ncc > 0) {
-	pfrontp = pbackp = ptyobuf;
-	telrcv();
-    }
-}  /* end of ttloop */
-
-/*
- * Check a descriptor to see if out of band data exists on it.
- */
-    int
-stilloob(s)
-    int	s;		/* socket number */
-{
-    static struct timeval timeout = { 0 };
-    fd_set	excepts;
-    int value;
-
-    do {
-	FD_ZERO(&excepts);
-	FD_SET(s, &excepts);
-	memset((char *)&timeout, 0, sizeof timeout);
-	value = select(s+1, (fd_set *)0, (fd_set *)0, &excepts, &timeout);
-    } while ((value == -1) && (errno == EINTR));
-
-    if (value < 0) {
-	fatalperror(pty, "select");
-    }
-    if (FD_ISSET(s, &excepts)) {
-	return 1;
-    } else {
-	return 0;
-    }
-}
-
-	void
-ptyflush()
-{
-	int n;
-
-	if ((n = pfrontp - pbackp) > 0) {
-		DIAG((TD_REPORT | TD_PTYDATA),
-			{ sprintf(nfrontp, "td: ptyflush %d chars\r\n", n);
-			  nfrontp += strlen(nfrontp); });
-		DIAG(TD_PTYDATA, printdata("pd", pbackp, n));
-		n = write(pty, pbackp, n);
-	}
-	if (n < 0) {
-		if (errno == EWOULDBLOCK || errno == EINTR)
-			return;
-		cleanup(0);
-	}
-	pbackp += n;
-	if (pbackp == pfrontp)
-		pbackp = pfrontp = ptyobuf;
-}
-
-/*
- * nextitem()
- *
- *	Return the address of the next "item" in the TELNET data
- * stream.  This will be the address of the next character if
- * the current address is a user data character, or it will
- * be the address of the character following the TELNET command
- * if the current address is a TELNET IAC ("I Am a Command")
- * character.
- */
-    char *
-nextitem(current)
-    char	*current;
-{
-    if ((*current&0xff) != IAC) {
-	return current+1;
-    }
-    switch (*(current+1)&0xff) {
-    case DO:
-    case DONT:
-    case WILL:
-    case WONT:
-	return current+3;
-    case SB:		/* loop forever looking for the SE */
-	{
-	    register char *look = current+2;
-
-	    for (;;) {
-		if ((*look++&0xff) == IAC) {
-		    if ((*look++&0xff) == SE) {
-			return look;
-		    }
-		}
-	    }
-	}
-    default:
-	return current+2;
-    }
-}  /* end of nextitem */
-
-
-/*
- * netclear()
- *
- *	We are about to do a TELNET SYNCH operation.  Clear
- * the path to the network.
- *
- *	Things are a bit tricky since we may have sent the first
- * byte or so of a previous TELNET command into the network.
- * So, we have to scan the network buffer from the beginning
- * until we are up to where we want to be.
- *
- *	A side effect of what we do, just to keep things
- * simple, is to clear the urgent data pointer.  The principal
- * caller should be setting the urgent data pointer AFTER calling
- * us in any case.
- */
-    void
-netclear()
-{
-    register char *thisitem, *next;
-    char *good;
-#define	wewant(p)	((nfrontp > p) && ((*p&0xff) == IAC) && \
-				((*(p+1)&0xff) != EC) && ((*(p+1)&0xff) != EL))
-
-#ifdef	ENCRYPTION
-    thisitem = nclearto > netobuf ? nclearto : netobuf;
-#else	/* ENCRYPTION */
-    thisitem = netobuf;
-#endif	/* ENCRYPTION */
-
-    while ((next = nextitem(thisitem)) <= nbackp) {
-	thisitem = next;
-    }
-
-    /* Now, thisitem is first before/at boundary. */
-
-#ifdef	ENCRYPTION
-    good = nclearto > netobuf ? nclearto : netobuf;
-#else	/* ENCRYPTION */
-    good = netobuf;	/* where the good bytes go */
-#endif	/* ENCRYPTION */
-
-    while (nfrontp > thisitem) {
-	if (wewant(thisitem)) {
-	    int length;
-
-	    next = thisitem;
-	    do {
-		next = nextitem(next);
-	    } while (wewant(next) && (nfrontp > next));
-	    length = next-thisitem;
-	    memmove(good, thisitem, length);
-	    good += length;
-	    thisitem = next;
-	} else {
-	    thisitem = nextitem(thisitem);
-	}
-    }
-
-    nbackp = netobuf;
-    nfrontp = good;		/* next byte to be sent */
-    neturg = 0;
-}  /* end of netclear */
-
-/*
- *  netflush
- *		Send as much data as possible to the network,
- *	handling requests for urgent data.
- */
-    void
-netflush()
-{
-    int n;
-    extern int not42;
-
-    if ((n = nfrontp - nbackp) > 0) {
-	DIAG(TD_REPORT,
-	    { sprintf(nfrontp, "td: netflush %d chars\r\n", n);
-	      n += strlen(nfrontp);  /* get count first */
-	      nfrontp += strlen(nfrontp);  /* then move pointer */
-	    });
-#ifdef	ENCRYPTION
-	if (encrypt_output) {
-		char *s = nclearto ? nclearto : nbackp;
-		if (nfrontp - s > 0) {
-			(*encrypt_output)((unsigned char *)s, nfrontp-s);
-			nclearto = nfrontp;
-		}
-	}
-#endif	/* ENCRYPTION */
-	/*
-	 * if no urgent data, or if the other side appears to be an
-	 * old 4.2 client (and thus unable to survive TCP urgent data),
-	 * write the entire buffer in non-OOB mode.
-	 */
-	if ((neturg == 0) || (not42 == 0)) {
-	    n = write(net, nbackp, n);	/* normal write */
-	} else {
-	    n = neturg - nbackp;
-	    /*
-	     * In 4.2 (and 4.3) systems, there is some question about
-	     * what byte in a sendOOB operation is the "OOB" data.
-	     * To make ourselves compatible, we only send ONE byte
-	     * out of band, the one WE THINK should be OOB (though
-	     * we really have more the TCP philosophy of urgent data
-	     * rather than the Unix philosophy of OOB data).
-	     */
-	    if (n > 1) {
-		n = send(net, nbackp, n-1, 0);	/* send URGENT all by itself */
-	    } else {
-		n = send(net, nbackp, n, MSG_OOB);	/* URGENT data */
-	    }
-	}
-    }
-    if (n < 0) {
-	if (errno == EWOULDBLOCK || errno == EINTR)
-		return;
-	cleanup(0);
-    }
-    nbackp += n;
-#ifdef	ENCRYPTION
-    if (nbackp > nclearto)
-	nclearto = 0;
-#endif	/* ENCRYPTION */
-    if (nbackp >= neturg) {
-	neturg = 0;
-    }
-    if (nbackp == nfrontp) {
-	nbackp = nfrontp = netobuf;
-#ifdef	ENCRYPTION
-	nclearto = 0;
-#endif	/* ENCRYPTION */
-    }
-    return;
-}  /* end of netflush */
-
-
-/*
- * writenet
- *
- * Just a handy little function to write a bit of raw data to the net.
- * It will force a transmit of the buffer if necessary
- *
- * arguments
- *    ptr - A pointer to a character string to write
- *    len - How many bytes to write
- */
-	void
-writenet(ptr, len)
-	register unsigned char *ptr;
-	register int len;
-{
-	/* flush buffer if no room for new data) */
-	if ((&netobuf[BUFSIZ] - nfrontp) < len) {
-		/* if this fails, don't worry, buffer is a little big */
-		netflush();
-	}
-
-	memmove(nfrontp, ptr, len);
-	nfrontp += len;
-
-}  /* end of writenet */
-
-
-/*
- * miscellaneous functions doing a variety of little jobs follow ...
- */
-
-
-	void
-fatal(f, msg)
-	int f;
-	char *msg;
-{
-	char buf[BUFSIZ];
-
-	(void) sprintf(buf, "telnetd: %s.\r\n", msg);
-#ifdef	ENCRYPTION
-	if (encrypt_output) {
-		/*
-		 * Better turn off encryption first....
-		 * Hope it flushes...
-		 */
-		encrypt_send_end();
-		netflush();
-	}
-#endif	/* ENCRYPTION */
-	(void) write(f, buf, (int)strlen(buf));
-	sleep(1);	/*XXX*/
-	exit(1);
-}
-
-	void
-fatalperror(f, msg)
-	int f;
-	char *msg;
-{
-	char buf[BUFSIZ], *strerror();
-
-	(void) sprintf(buf, "%s: %s", msg, strerror(errno));
-	fatal(f, buf);
-}
-
-char editedhost[32];
-
-	void
-edithost(pat, host)
-	register char *pat;
-	register char *host;
-{
-	register char *res = editedhost;
-
-	if (!pat)
-		pat = "";
-	while (*pat) {
-		switch (*pat) {
-
-		case '#':
-			if (*host)
-				host++;
-			break;
-
-		case '@':
-			if (*host)
-				*res++ = *host++;
-			break;
-
-		default:
-			*res++ = *pat;
-			break;
-		}
-		if (res == &editedhost[sizeof editedhost - 1]) {
-			*res = '\0';
-			return;
-		}
-		pat++;
-	}
-	if (*host)
-		(void) strncpy(res, host,
-				sizeof editedhost - (res - editedhost) -1);
-	else
-		*res = '\0';
-	editedhost[sizeof editedhost - 1] = '\0';
-}
-
-static char *putlocation;
-
-	void
-putstr(s)
-	register char *s;
-{
-
-	while (*s)
-		putchr(*s++);
-}
-
-	void
-putchr(cc)
-	int cc;
-{
-	*putlocation++ = cc;
-}
-
-#ifdef __FreeBSD__
-static char fmtstr[] = { "%+" };
-#else
-/*
- * This is split on two lines so that SCCS will not see the M
- * between two % signs and expand it...
- */
-static char fmtstr[] = { "%l:%M\
-%P on %A, %d %B %Y" };
-#endif
-
-	void
-putf(cp, where)
-	register char *cp;
-	char *where;
-{
-	char *slash;
-	time_t t;
-	char db[100];
-#ifdef	STREAMSPTY
-	extern char *strchr();
-#else
-	extern char *strrchr();
-#endif
-
-	putlocation = where;
-
-	while (*cp) {
-		if (*cp != '%') {
-			putchr(*cp++);
-			continue;
-		}
-		switch (*++cp) {
-
-		case 't':
-#ifdef	STREAMSPTY
-			/* names are like /dev/pts/2 -- we want pts/2 */
-			slash = strchr(line+1, '/');
-#else
-			slash = strrchr(line, '/');
-#endif
-			if (slash == (char *) 0)
-				putstr(line);
-			else
-				putstr(&slash[1]);
-			break;
-
-		case 'h':
-			putstr(editedhost);
-			break;
-
-		case 'd':
-#ifdef __FreeBSD__
-			setlocale(LC_TIME, "");
-#endif
-			(void)time(&t);
-			(void)strftime(db, sizeof(db), fmtstr, localtime(&t));
-			putstr(db);
-			break;
-
-		case '%':
-			putchr('%');
-			break;
-		}
-		cp++;
-	}
-}
-
-#ifdef DIAGNOSTICS
-/*
- * Print telnet options and commands in plain text, if possible.
- */
-	void
-printoption(fmt, option)
-	register char *fmt;
-	register int option;
-{
-	if (TELOPT_OK(option))
-		sprintf(nfrontp, "%s %s\r\n", fmt, TELOPT(option));
-	else if (TELCMD_OK(option))
-		sprintf(nfrontp, "%s %s\r\n", fmt, TELCMD(option));
-	else
-		sprintf(nfrontp, "%s %d\r\n", fmt, option);
-	nfrontp += strlen(nfrontp);
-	return;
-}
-
-    void
-printsub(direction, pointer, length)
-    char		direction;	/* '<' or '>' */
-    unsigned char	*pointer;	/* where suboption data sits */
-    int			length;		/* length of suboption data */
-{
-    register int i = 0;
-
-	if (!(diagnostic & TD_OPTIONS))
-		return;
-
-	if (direction) {
-	    sprintf(nfrontp, "td: %s suboption ",
-					direction == '<' ? "recv" : "send");
-	    nfrontp += strlen(nfrontp);
-	    if (length >= 3) {
-		register int j;
-
-		i = pointer[length-2];
-		j = pointer[length-1];
-
-		if (i != IAC || j != SE) {
-		    sprintf(nfrontp, "(terminated by ");
-		    nfrontp += strlen(nfrontp);
-		    if (TELOPT_OK(i))
-			sprintf(nfrontp, "%s ", TELOPT(i));
-		    else if (TELCMD_OK(i))
-			sprintf(nfrontp, "%s ", TELCMD(i));
-		    else
-			sprintf(nfrontp, "%d ", i);
-		    nfrontp += strlen(nfrontp);
-		    if (TELOPT_OK(j))
-			sprintf(nfrontp, "%s", TELOPT(j));
-		    else if (TELCMD_OK(j))
-			sprintf(nfrontp, "%s", TELCMD(j));
-		    else
-			sprintf(nfrontp, "%d", j);
-		    nfrontp += strlen(nfrontp);
-		    sprintf(nfrontp, ", not IAC SE!) ");
-		    nfrontp += strlen(nfrontp);
-		}
-	    }
-	    length -= 2;
-	}
-	if (length < 1) {
-	    sprintf(nfrontp, "(Empty suboption??\?)");
-	    nfrontp += strlen(nfrontp);
-	    return;
-	}
-	switch (pointer[0]) {
-	case TELOPT_TTYPE:
-	    sprintf(nfrontp, "TERMINAL-TYPE ");
-	    nfrontp += strlen(nfrontp);
-	    switch (pointer[1]) {
-	    case TELQUAL_IS:
-		sprintf(nfrontp, "IS \"%.*s\"", length-2, (char *)pointer+2);
-		break;
-	    case TELQUAL_SEND:
-		sprintf(nfrontp, "SEND");
-		break;
-	    default:
-		sprintf(nfrontp,
-				"- unknown qualifier %d (0x%x).",
-				pointer[1], pointer[1]);
-	    }
-	    nfrontp += strlen(nfrontp);
-	    break;
-	case TELOPT_TSPEED:
-	    sprintf(nfrontp, "TERMINAL-SPEED");
-	    nfrontp += strlen(nfrontp);
-	    if (length < 2) {
-		sprintf(nfrontp, " (empty suboption??\?)");
-		nfrontp += strlen(nfrontp);
-		break;
-	    }
-	    switch (pointer[1]) {
-	    case TELQUAL_IS:
-		sprintf(nfrontp, " IS %.*s", length-2, (char *)pointer+2);
-		nfrontp += strlen(nfrontp);
-		break;
-	    default:
-		if (pointer[1] == 1)
-		    sprintf(nfrontp, " SEND");
-		else
-		    sprintf(nfrontp, " %d (unknown)", pointer[1]);
-		nfrontp += strlen(nfrontp);
-		for (i = 2; i < length; i++) {
-		    sprintf(nfrontp, " ?%d?", pointer[i]);
-		    nfrontp += strlen(nfrontp);
-		}
-		break;
-	    }
-	    break;
-
-	case TELOPT_LFLOW:
-	    sprintf(nfrontp, "TOGGLE-FLOW-CONTROL");
-	    nfrontp += strlen(nfrontp);
-	    if (length < 2) {
-		sprintf(nfrontp, " (empty suboption??\?)");
-		nfrontp += strlen(nfrontp);
-		break;
-	    }
-	    switch (pointer[1]) {
-	    case LFLOW_OFF:
-		sprintf(nfrontp, " OFF"); break;
-	    case LFLOW_ON:
-		sprintf(nfrontp, " ON"); break;
-	    case LFLOW_RESTART_ANY:
-		sprintf(nfrontp, " RESTART-ANY"); break;
-	    case LFLOW_RESTART_XON:
-		sprintf(nfrontp, " RESTART-XON"); break;
-	    default:
-		sprintf(nfrontp, " %d (unknown)", pointer[1]);
-	    }
-	    nfrontp += strlen(nfrontp);
-	    for (i = 2; i < length; i++) {
-		sprintf(nfrontp, " ?%d?", pointer[i]);
-		nfrontp += strlen(nfrontp);
-	    }
-	    break;
-
-	case TELOPT_NAWS:
-	    sprintf(nfrontp, "NAWS");
-	    nfrontp += strlen(nfrontp);
-	    if (length < 2) {
-		sprintf(nfrontp, " (empty suboption??\?)");
-		nfrontp += strlen(nfrontp);
-		break;
-	    }
-	    if (length == 2) {
-		sprintf(nfrontp, " ?%d?", pointer[1]);
-		nfrontp += strlen(nfrontp);
-		break;
-	    }
-	    sprintf(nfrontp, " %d %d (%d)",
-		pointer[1], pointer[2],
-		(int)((((unsigned int)pointer[1])<<8)|((unsigned int)pointer[2])));
-	    nfrontp += strlen(nfrontp);
-	    if (length == 4) {
-		sprintf(nfrontp, " ?%d?", pointer[3]);
-		nfrontp += strlen(nfrontp);
-		break;
-	    }
-	    sprintf(nfrontp, " %d %d (%d)",
-		pointer[3], pointer[4],
-		(int)((((unsigned int)pointer[3])<<8)|((unsigned int)pointer[4])));
-	    nfrontp += strlen(nfrontp);
-	    for (i = 5; i < length; i++) {
-		sprintf(nfrontp, " ?%d?", pointer[i]);
-		nfrontp += strlen(nfrontp);
-	    }
-	    break;
-
-	case TELOPT_LINEMODE:
-	    sprintf(nfrontp, "LINEMODE ");
-	    nfrontp += strlen(nfrontp);
-	    if (length < 2) {
-		sprintf(nfrontp, " (empty suboption??\?)");
-		nfrontp += strlen(nfrontp);
-		break;
-	    }
-	    switch (pointer[1]) {
-	    case WILL:
-		sprintf(nfrontp, "WILL ");
-		goto common;
-	    case WONT:
-		sprintf(nfrontp, "WONT ");
-		goto common;
-	    case DO:
-		sprintf(nfrontp, "DO ");
-		goto common;
-	    case DONT:
-		sprintf(nfrontp, "DONT ");
-	    common:
-		nfrontp += strlen(nfrontp);
-		if (length < 3) {
-		    sprintf(nfrontp, "(no option??\?)");
-		    nfrontp += strlen(nfrontp);
-		    break;
-		}
-		switch (pointer[2]) {
-		case LM_FORWARDMASK:
-		    sprintf(nfrontp, "Forward Mask");
-		    nfrontp += strlen(nfrontp);
-		    for (i = 3; i < length; i++) {
-			sprintf(nfrontp, " %x", pointer[i]);
-			nfrontp += strlen(nfrontp);
-		    }
-		    break;
-		default:
-		    sprintf(nfrontp, "%d (unknown)", pointer[2]);
-		    nfrontp += strlen(nfrontp);
-		    for (i = 3; i < length; i++) {
-			sprintf(nfrontp, " %d", pointer[i]);
-			nfrontp += strlen(nfrontp);
-		    }
-		    break;
-		}
-		break;
-
-	    case LM_SLC:
-		sprintf(nfrontp, "SLC");
-		nfrontp += strlen(nfrontp);
-		for (i = 2; i < length - 2; i += 3) {
-		    if (SLC_NAME_OK(pointer[i+SLC_FUNC]))
-			sprintf(nfrontp, " %s", SLC_NAME(pointer[i+SLC_FUNC]));
-		    else
-			sprintf(nfrontp, " %d", pointer[i+SLC_FUNC]);
-		    nfrontp += strlen(nfrontp);
-		    switch (pointer[i+SLC_FLAGS]&SLC_LEVELBITS) {
-		    case SLC_NOSUPPORT:
-			sprintf(nfrontp, " NOSUPPORT"); break;
-		    case SLC_CANTCHANGE:
-			sprintf(nfrontp, " CANTCHANGE"); break;
-		    case SLC_VARIABLE:
-			sprintf(nfrontp, " VARIABLE"); break;
-		    case SLC_DEFAULT:
-			sprintf(nfrontp, " DEFAULT"); break;
-		    }
-		    nfrontp += strlen(nfrontp);
-		    sprintf(nfrontp, "%s%s%s",
-			pointer[i+SLC_FLAGS]&SLC_ACK ? "|ACK" : "",
-			pointer[i+SLC_FLAGS]&SLC_FLUSHIN ? "|FLUSHIN" : "",
-			pointer[i+SLC_FLAGS]&SLC_FLUSHOUT ? "|FLUSHOUT" : "");
-		    nfrontp += strlen(nfrontp);
-		    if (pointer[i+SLC_FLAGS]& ~(SLC_ACK|SLC_FLUSHIN|
-						SLC_FLUSHOUT| SLC_LEVELBITS)) {
-			sprintf(nfrontp, "(0x%x)", pointer[i+SLC_FLAGS]);
-			nfrontp += strlen(nfrontp);
-		    }
-		    sprintf(nfrontp, " %d;", pointer[i+SLC_VALUE]);
-		    nfrontp += strlen(nfrontp);
-		    if ((pointer[i+SLC_VALUE] == IAC) &&
-			(pointer[i+SLC_VALUE+1] == IAC))
-				i++;
-		}
-		for (; i < length; i++) {
-		    sprintf(nfrontp, " ?%d?", pointer[i]);
-		    nfrontp += strlen(nfrontp);
-		}
-		break;
-
-	    case LM_MODE:
-		sprintf(nfrontp, "MODE ");
-		nfrontp += strlen(nfrontp);
-		if (length < 3) {
-		    sprintf(nfrontp, "(no mode??\?)");
-		    nfrontp += strlen(nfrontp);
-		    break;
-		}
-		{
-		    char tbuf[32];
-		    sprintf(tbuf, "%s%s%s%s%s",
-			pointer[2]&MODE_EDIT ? "|EDIT" : "",
-			pointer[2]&MODE_TRAPSIG ? "|TRAPSIG" : "",
-			pointer[2]&MODE_SOFT_TAB ? "|SOFT_TAB" : "",
-			pointer[2]&MODE_LIT_ECHO ? "|LIT_ECHO" : "",
-			pointer[2]&MODE_ACK ? "|ACK" : "");
-		    sprintf(nfrontp, "%s", tbuf[1] ? &tbuf[1] : "0");
-		    nfrontp += strlen(nfrontp);
-		}
-		if (pointer[2]&~(MODE_EDIT|MODE_TRAPSIG|MODE_ACK)) {
-		    sprintf(nfrontp, " (0x%x)", pointer[2]);
-		    nfrontp += strlen(nfrontp);
-		}
-		for (i = 3; i < length; i++) {
-		    sprintf(nfrontp, " ?0x%x?", pointer[i]);
-		    nfrontp += strlen(nfrontp);
-		}
-		break;
-	    default:
-		sprintf(nfrontp, "%d (unknown)", pointer[1]);
-		nfrontp += strlen(nfrontp);
-		for (i = 2; i < length; i++) {
-		    sprintf(nfrontp, " %d", pointer[i]);
-		    nfrontp += strlen(nfrontp);
-		}
-	    }
-	    break;
-
-	case TELOPT_STATUS: {
-	    register char *cp;
-	    register int j, k;
-
-	    sprintf(nfrontp, "STATUS");
-	    nfrontp += strlen(nfrontp);
-
-	    switch (pointer[1]) {
-	    default:
-		if (pointer[1] == TELQUAL_SEND)
-		    sprintf(nfrontp, " SEND");
-		else
-		    sprintf(nfrontp, " %d (unknown)", pointer[1]);
-		nfrontp += strlen(nfrontp);
-		for (i = 2; i < length; i++) {
-		    sprintf(nfrontp, " ?%d?", pointer[i]);
-		    nfrontp += strlen(nfrontp);
-		}
-		break;
-	    case TELQUAL_IS:
-		sprintf(nfrontp, " IS\r\n");
-		nfrontp += strlen(nfrontp);
-
-		for (i = 2; i < length; i++) {
-		    switch(pointer[i]) {
-		    case DO:	cp = "DO"; goto common2;
-		    case DONT:	cp = "DONT"; goto common2;
-		    case WILL:	cp = "WILL"; goto common2;
-		    case WONT:	cp = "WONT"; goto common2;
-		    common2:
-			i++;
-			if (TELOPT_OK(pointer[i]))
-			    sprintf(nfrontp, " %s %s", cp, TELOPT(pointer[i]));
-			else
-			    sprintf(nfrontp, " %s %d", cp, pointer[i]);
-			nfrontp += strlen(nfrontp);
-
-			sprintf(nfrontp, "\r\n");
-			nfrontp += strlen(nfrontp);
-			break;
-
-		    case SB:
-			sprintf(nfrontp, " SB ");
-			nfrontp += strlen(nfrontp);
-			i++;
-			j = k = i;
-			while (j < length) {
-			    if (pointer[j] == SE) {
-				if (j+1 == length)
-				    break;
-				if (pointer[j+1] == SE)
-				    j++;
-				else
-				    break;
-			    }
-			    pointer[k++] = pointer[j++];
-			}
-			printsub(0, &pointer[i], k - i);
-			if (i < length) {
-			    sprintf(nfrontp, " SE");
-			    nfrontp += strlen(nfrontp);
-			    i = j;
-			} else
-			    i = j - 1;
-
-			sprintf(nfrontp, "\r\n");
-			nfrontp += strlen(nfrontp);
-
-			break;
-
-		    default:
-			sprintf(nfrontp, " %d", pointer[i]);
-			nfrontp += strlen(nfrontp);
-			break;
-		    }
-		}
-		break;
-	    }
-	    break;
-	  }
-
-	case TELOPT_XDISPLOC:
-	    sprintf(nfrontp, "X-DISPLAY-LOCATION ");
-	    nfrontp += strlen(nfrontp);
-	    switch (pointer[1]) {
-	    case TELQUAL_IS:
-		sprintf(nfrontp, "IS \"%.*s\"", length-2, (char *)pointer+2);
-		break;
-	    case TELQUAL_SEND:
-		sprintf(nfrontp, "SEND");
-		break;
-	    default:
-		sprintf(nfrontp, "- unknown qualifier %d (0x%x).",
-				pointer[1], pointer[1]);
-	    }
-	    nfrontp += strlen(nfrontp);
-	    break;
-
-	case TELOPT_NEW_ENVIRON:
-	    sprintf(nfrontp, "NEW-ENVIRON ");
-	    goto env_common1;
-	case TELOPT_OLD_ENVIRON:
-	    sprintf(nfrontp, "OLD-ENVIRON");
-	env_common1:
-	    nfrontp += strlen(nfrontp);
-	    switch (pointer[1]) {
-	    case TELQUAL_IS:
-		sprintf(nfrontp, "IS ");
-		goto env_common;
-	    case TELQUAL_SEND:
-		sprintf(nfrontp, "SEND ");
-		goto env_common;
-	    case TELQUAL_INFO:
-		sprintf(nfrontp, "INFO ");
-	    env_common:
-		nfrontp += strlen(nfrontp);
-		{
-		    register int noquote = 2;
-		    for (i = 2; i < length; i++ ) {
-			switch (pointer[i]) {
-			case NEW_ENV_VAR:
-			    sprintf(nfrontp, "\" VAR " + noquote);
-			    nfrontp += strlen(nfrontp);
-			    noquote = 2;
-			    break;
-
-			case NEW_ENV_VALUE:
-			    sprintf(nfrontp, "\" VALUE " + noquote);
-			    nfrontp += strlen(nfrontp);
-			    noquote = 2;
-			    break;
-
-			case ENV_ESC:
-			    sprintf(nfrontp, "\" ESC " + noquote);
-			    nfrontp += strlen(nfrontp);
-			    noquote = 2;
-			    break;
-
-			case ENV_USERVAR:
-			    sprintf(nfrontp, "\" USERVAR " + noquote);
-			    nfrontp += strlen(nfrontp);
-			    noquote = 2;
-			    break;
-
-			default:
-			    if (isprint(pointer[i]) && pointer[i] != '"') {
-				if (noquote) {
-				    *nfrontp++ = '"';
-				    noquote = 0;
-				}
-				*nfrontp++ = pointer[i];
-			    } else {
-				sprintf(nfrontp, "\" %03o " + noquote,
-							pointer[i]);
-				nfrontp += strlen(nfrontp);
-				noquote = 2;
-			    }
-			    break;
-			}
-		    }
-		    if (!noquote)
-			*nfrontp++ = '"';
-		    break;
-		}
-	    }
-	    break;
-
-#if	defined(AUTHENTICATION)
-	case TELOPT_AUTHENTICATION:
-	    sprintf(nfrontp, "AUTHENTICATION");
-	    nfrontp += strlen(nfrontp);
-
-	    if (length < 2) {
-		sprintf(nfrontp, " (empty suboption??\?)");
-		nfrontp += strlen(nfrontp);
-		break;
-	    }
-	    switch (pointer[1]) {
-	    case TELQUAL_REPLY:
-	    case TELQUAL_IS:
-		sprintf(nfrontp, " %s ", (pointer[1] == TELQUAL_IS) ?
-							"IS" : "REPLY");
-		nfrontp += strlen(nfrontp);
-		if (AUTHTYPE_NAME_OK(pointer[2]))
-		    sprintf(nfrontp, "%s ", AUTHTYPE_NAME(pointer[2]));
-		else
-		    sprintf(nfrontp, "%d ", pointer[2]);
-		nfrontp += strlen(nfrontp);
-		if (length < 3) {
-		    sprintf(nfrontp, "(partial suboption??\?)");
-		    nfrontp += strlen(nfrontp);
-		    break;
-		}
-		sprintf(nfrontp, "%s|%s",
-			((pointer[3] & AUTH_WHO_MASK) == AUTH_WHO_CLIENT) ?
-			"CLIENT" : "SERVER",
-			((pointer[3] & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ?
-			"MUTUAL" : "ONE-WAY");
-		nfrontp += strlen(nfrontp);
-
-    		{
-		    char buf[512];
-		    auth_printsub(&pointer[1], length - 1, buf, sizeof(buf));
-		    sprintf(nfrontp, "%s", buf);
-		}
-		nfrontp += strlen(nfrontp);
-		break;
-
-	    case TELQUAL_SEND:
-		i = 2;
-		sprintf(nfrontp, " SEND ");
-		nfrontp += strlen(nfrontp);
-		while (i < length) {
-		    if (AUTHTYPE_NAME_OK(pointer[i]))
-			sprintf(nfrontp, "%s ", AUTHTYPE_NAME(pointer[i]));
-		    else
-			sprintf(nfrontp, "%d ", pointer[i]);
-		    nfrontp += strlen(nfrontp);
-		    if (++i >= length) {
-			sprintf(nfrontp, "(partial suboption??\?)");
-			nfrontp += strlen(nfrontp);
-			break;
-		    }
-		    sprintf(nfrontp, "%s|%s ",
-			((pointer[i] & AUTH_WHO_MASK) == AUTH_WHO_CLIENT) ?
-							"CLIENT" : "SERVER",
-			((pointer[i] & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ?
-							"MUTUAL" : "ONE-WAY");
-		    nfrontp += strlen(nfrontp);
-		    ++i;
-		}
-		break;
-
-	    case TELQUAL_NAME:
-		i = 2;
-		sprintf(nfrontp, " NAME \"");
-		nfrontp += strlen(nfrontp);
-		while (i < length)
-		    *nfrontp += pointer[i++];
-		*nfrontp += '"';
-		break;
-
-	    default:
-		    for (i = 2; i < length; i++) {
-			sprintf(nfrontp, " ?%d?", pointer[i]);
-			nfrontp += strlen(nfrontp);
-		    }
-		    break;
-	    }
-	    break;
-#endif
-
-#ifdef	ENCRYPTION
-	case TELOPT_ENCRYPT:
-	    sprintf(nfrontp, "ENCRYPT");
-	    nfrontp += strlen(nfrontp);
-	    if (length < 2) {
-		sprintf(nfrontp, " (empty suboption??\?)");
-		nfrontp += strlen(nfrontp);
-		break;
-	    }
-	    switch (pointer[1]) {
-	    case ENCRYPT_START:
-		sprintf(nfrontp, " START");
-		nfrontp += strlen(nfrontp);
-		break;
-
-	    case ENCRYPT_END:
-		sprintf(nfrontp, " END");
-		nfrontp += strlen(nfrontp);
-		break;
-
-	    case ENCRYPT_REQSTART:
-		sprintf(nfrontp, " REQUEST-START");
-		nfrontp += strlen(nfrontp);
-		break;
-
-	    case ENCRYPT_REQEND:
-		sprintf(nfrontp, " REQUEST-END");
-		nfrontp += strlen(nfrontp);
-		break;
-
-	    case ENCRYPT_IS:
-	    case ENCRYPT_REPLY:
-		sprintf(nfrontp, " %s ", (pointer[1] == ENCRYPT_IS) ?
-							"IS" : "REPLY");
-		nfrontp += strlen(nfrontp);
-		if (length < 3) {
-		    sprintf(nfrontp, " (partial suboption??\?)");
-		    nfrontp += strlen(nfrontp);
-		    break;
-		}
-		if (ENCTYPE_NAME_OK(pointer[2]))
-		    sprintf(nfrontp, "%s ", ENCTYPE_NAME(pointer[2]));
-		else
-		    sprintf(nfrontp, " %d (unknown)", pointer[2]);
-		nfrontp += strlen(nfrontp);
-
-		{
-		    char buf[512];
-		    encrypt_printsub(&pointer[1], length - 1, buf, sizeof(buf));
-		    sprintf(nfrontp, "%s", buf);
-		}
-		nfrontp += strlen(nfrontp);
-		break;
-
-	    case ENCRYPT_SUPPORT:
-		i = 2;
-		sprintf(nfrontp, " SUPPORT ");
-		nfrontp += strlen(nfrontp);
-		while (i < length) {
-		    if (ENCTYPE_NAME_OK(pointer[i]))
-			sprintf(nfrontp, "%s ", ENCTYPE_NAME(pointer[i]));
-		    else
-			sprintf(nfrontp, "%d ", pointer[i]);
-		    nfrontp += strlen(nfrontp);
-		    i++;
-		}
-		break;
-
-	    case ENCRYPT_ENC_KEYID:
-		sprintf(nfrontp, " ENC_KEYID");
-		nfrontp += strlen(nfrontp);
-		goto encommon;
-
-	    case ENCRYPT_DEC_KEYID:
-		sprintf(nfrontp, " DEC_KEYID");
-		nfrontp += strlen(nfrontp);
-		goto encommon;
-
-	    default:
-		sprintf(nfrontp, " %d (unknown)", pointer[1]);
-		nfrontp += strlen(nfrontp);
-	    encommon:
-		for (i = 2; i < length; i++) {
-		    sprintf(nfrontp, " %d", pointer[i]);
-		    nfrontp += strlen(nfrontp);
-		}
-		break;
-	    }
-	    break;
-#endif	/* ENCRYPTION */
-
-	default:
-	    if (TELOPT_OK(pointer[0]))
-		sprintf(nfrontp, "%s (unknown)", TELOPT(pointer[0]));
-	    else
-		sprintf(nfrontp, "%d (unknown)", pointer[i]);
-	    nfrontp += strlen(nfrontp);
-	    for (i = 1; i < length; i++) {
-		sprintf(nfrontp, " %d", pointer[i]);
-		nfrontp += strlen(nfrontp);
-	    }
-	    break;
-	}
-	sprintf(nfrontp, "\r\n");
-	nfrontp += strlen(nfrontp);
-}
-
-/*
- * Dump a data buffer in hex and ascii to the output data stream.
- */
-	void
-printdata(tag, ptr, cnt)
-	register char *tag;
-	register char *ptr;
-	register int cnt;
-{
-	register int i;
-	char xbuf[30];
-
-	while (cnt) {
-		/* flush net output buffer if no room for new data) */
-		if ((&netobuf[BUFSIZ] - nfrontp) < 80) {
-			netflush();
-		}
-
-		/* add a line of output */
-		sprintf(nfrontp, "%s: ", tag);
-		nfrontp += strlen(nfrontp);
-		for (i = 0; i < 20 && cnt; i++) {
-			sprintf(nfrontp, "%02x", *ptr);
-			nfrontp += strlen(nfrontp);
-			if (isprint(*ptr)) {
-				xbuf[i] = *ptr;
-			} else {
-				xbuf[i] = '.';
-			}
-			if (i % 2) {
-				*nfrontp = ' ';
-				nfrontp++;
-			}
-			cnt--;
-			ptr++;
-		}
-		xbuf[i] = '\0';
-		sprintf(nfrontp, " %s\r\n", xbuf );
-		nfrontp += strlen(nfrontp);
-	}
-}
-#endif /* DIAGNOSTICS */