Initial revision

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@2611 dc483132-0cff-0310-8789-dd5450dbe970

36 files changed, 1945 insertions, 0 deletions

diff --git a/src/include/.rconf b/src/include/.rconf
new file mode 100644
index 0000000000..cbaf0c296b
--- /dev/null
+++ b/src/include/.rconf
@@ -0,0 +1,2 @@
+copy syslog.h
+link kerberosIV
diff --git a/src/include/bsdlib.h b/src/include/bsdlib.h
new file mode 100644
index 0000000000..60e203e579
--- /dev/null
+++ b/src/include/bsdlib.h
@@ -0,0 +1,197 @@
+/*
+ * generic #include file for BSD libc functions which have no other logical
+ * home.
+ */
+#ifndef __BSDLIB__
+#define __BSDLIB__
+#ifdef __STDC__
+/* compat-4.3 */
+extern char *ecvt  (double , int , int *, int *);
+extern char *fcvt  (double , int , int *, int *);
+extern char *gcvt  (double , int , char *);
+
+/* compat-4.1 */
+extern int getpw  (int , char []);
+extern int nice  (int );
+extern int pause  (void );
+extern int srand  (unsigned );
+extern int rand  (void );
+extern long tell  (int );
+extern int utime  (char *, const int []);
+extern int vlimit  (int , int );
+
+
+/* compat-sys5 */
+extern int getopt  (int , const char * const *, const char *);
+#ifdef FILE
+/* XXX depends on stdio #define of FILE */
+extern FILE *tmpfile (void);
+#endif
+
+
+extern char *tmpnam  (char *);
+extern char *tempnam  (const char *, const char *);
+
+
+/* other random stuff-- some goes into stdlib.h? */
+int abort  (void );
+int alarm  (int );
+int atoi  (const char *);
+long atol  (const char *);
+
+int setkey  (const char *);
+int encrypt  (char *, int );
+char *crypt  (const char *, const char *);
+
+int ffs  (long );
+
+char *getenv  (const char *);
+int setenv  (const char *, const char *, int );
+void unsetenv  (const char *);
+
+char *getlogin  (void );
+char *getpass  (const char *);
+char *getwd  (char *);
+
+char *getusershell  (void );
+int endusershell  (void );
+int setusershell  (void );
+
+int initgroups  (const char *, int );
+
+struct qelem {
+    struct qelem *q_forw;
+    struct qelem *q_back;
+    char q_data[1];
+};
+
+int insque  (struct qelem *, struct qelem *); 
+int remque  (struct qelem *); 
+
+int isatty  (int );
+
+int mkstemp  (char *);
+char *mktemp  (char *);
+
+int qsort  (char *, int, int, int (*)(char *, char *));
+
+int srandom  (unsigned );
+char *initstate  (unsigned , char *, int );
+char *setstate  (char *);
+long random  (void );
+
+char *re_comp  (const char *);
+int re_exec  (const char *);
+int backref  (int , const char *);
+int cclass  (const char *, int , int );
+
+int setegid  (int );
+int seteuid  (int );
+int setgid  (int );
+int setrgid  (int );
+int setruid  (int );
+int setuid  (int );
+
+int sleep  (unsigned );
+
+int swab  (char *, char *, int );
+
+int system  (const char *);
+
+char *ttyname  (int );
+int ttyslot  (void );
+
+unsigned ualarm  (unsigned , unsigned );
+int usleep  (unsigned );
+#else /* STDC */
+/* compat-4.3 */
+extern char *ecvt  ();
+extern char *fcvt  ();
+extern char *gcvt  ();
+
+/* compat-4.1 */
+extern int getpw  ();
+extern int nice  ();
+extern int pause  ();
+extern int srand  ();
+extern int rand  ();
+extern long tell  ();
+extern int utime  ();
+extern int vlimit  ();
+
+/* compat-sys5 */
+extern int getopt  ();
+#ifdef FILE
+/* XXX depends on stdio #define of FILE */
+extern FILE *tmpfile ();
+#endif
+extern char *tmpnam  ();
+extern char *tempnam  ();
+
+/* other random stuff-- some goes into stdlib.h? */
+int abort  ();
+int alarm  ();
+int atoi  ();
+long atol  ();
+
+int setkey  ();
+int encrypt  ();
+char *crypt  ();
+
+int ffs  ();
+
+char *getenv  ();
+int setenv  ();
+void unsetenv  ();
+
+char *getlogin  ();
+char *getpass  ();
+char *getwd  ();
+
+char *getusershell  ();
+int endusershell  ();
+int setusershell  ();
+
+int initgroups  ();
+
+int insque  (); 
+int remque  (); 
+
+int isatty  ();
+
+int mkstemp  ();
+char *mktemp  ();
+
+int qsort  ();
+
+int srandom  ();
+char *initstate  ();
+char *setstate  ();
+long random  ();
+
+char *re_comp  ();
+int re_exec  ();
+int backref  ();
+int cclass  ();
+
+int setegid  ();
+int seteuid  ();
+int setgid  ();
+int setrgid  ();
+int setruid  ();
+int setuid  ();
+
+int sleep  ();
+
+int swab  ();
+
+int system  ();
+
+char *ttyname  ();
+int ttyslot  ();
+
+unsigned ualarm  ();
+int usleep  ();
+#endif /* STDC */
+
+#endif /* __BSDLIB__ */
diff --git a/src/include/bstring.h b/src/include/bstring.h
new file mode 100644
index 0000000000..33d0ba6060
--- /dev/null
+++ b/src/include/bstring.h
@@ -0,0 +1,26 @@
+/*
+ * #include file for bstring(3) & sys5 version functions
+ * home.
+ */
+#ifndef __BSTRING__
+#define __BSTRING__
+#ifdef __STDC__
+/* compat-sys5 */
+/* these are in <string.h> */
+extern int bcmp  (const char *, const char *, int );
+extern int bcopy  (const char *, char *, int );
+extern int bzero  (char *, int );
+#else /* STDC */
+/* compat-sys5 */
+extern char *memccpy  ();
+extern char *memchr  ();
+extern int memcmp  ();
+extern char *memcpy  ();
+extern char *memset  ();
+
+extern int bcmp  ();
+extern int bcopy  ();
+extern int bzero  ();
+
+#endif /* STDC */
+#endif /* __BSTRING__ */
diff --git a/src/include/com_err.h b/src/include/com_err.h
new file mode 100644
index 0000000000..7bea010043
--- /dev/null
+++ b/src/include/com_err.h
@@ -0,0 +1,36 @@
+/*
+ * Header file for common error description library.
+ *
+ * Copyright 1988, Student Information Processing Board of the
+ * Massachusetts Institute of Technology.
+ *
+ * For copyright and distribution info, see the documentation supplied
+ * with this package.
+ */
+
+#ifndef __COM_ERR_H
+
+#ifdef __STDC__
+#ifndef __HIGHC__		/* gives us STDC but not stdarg */
+#include <stdarg.h>
+#else
+#include <varargs.h>
+#endif
+/* ANSI C -- use prototypes etc */
+void com_err (const char *, long, const char *, ...);
+char const *error_message (long);
+void (*com_err_hook) (const char *, long, const char *, va_list);
+void (*set_com_err_hook (void (*) (const char *, long, const char *, va_list)))
+    (const char *, long, const char *, va_list);
+void (*reset_com_err_hook ()) (const char *, long, const char *, va_list);
+#else
+/* no prototypes */
+void com_err ();
+char *error_message ();
+void (*com_err_hook) ();
+void (*set_com_err_hook ()) ();
+void (*reset_com_err_hook ()) ();
+#endif
+
+#define __COM_ERR_H
+#endif /* ! defined(__COM_ERR_H) */
diff --git a/src/include/kerberosIV/addr_comp.h b/src/include/kerberosIV/addr_comp.h
new file mode 100644
index 0000000000..43e6547ada
--- /dev/null
+++ b/src/include/kerberosIV/addr_comp.h
@@ -0,0 +1,39 @@
+/*
+ * $Source$
+ * $Author$
+ * $Header$
+ *
+ * Copyright 1987, 1988, 1989 by the Massachusetts Institute of Technology. 
+ *
+ * For copying and distribution information, please see the file
+ * <mit-copyright.h>. 
+ *
+ * Include file for address comparison macros.
+ */
+
+#include <mit-copyright.h>
+
+#ifndef ADDR_COMP_DEFS
+#define ADDR_COMP_DEFS
+
+/*
+** Look boys and girls, a big kludge
+** We need to compare the two internet addresses in network byte order, not
+**   local byte order.  This is a *really really slow way of doing that*
+** But.....
+**         .....it works
+** so we run with it
+**
+** long_less_than gets fed two (u_char *)'s....
+*/
+
+#define u_char_comp(x,y) \
+        (((x)>(y))?(1):(((x)==(y))?(0):(-1)))
+
+#define long_less_than(x,y) \
+        (u_char_comp((x)[0],(y)[0])?u_char_comp((x)[0],(y)[0]): \
+	 (u_char_comp((x)[1],(y)[1])?u_char_comp((x)[1],(y)[1]): \
+	  (u_char_comp((x)[2],(y)[2])?u_char_comp((x)[2],(y)[2]): \
+	   (u_char_comp((x)[3],(y)[3])))))
+
+#endif /* ADDR_COMP_DEFS */
diff --git a/src/include/kerberosIV/admin_server.h b/src/include/kerberosIV/admin_server.h
new file mode 100644
index 0000000000..b0657106d4
--- /dev/null
+++ b/src/include/kerberosIV/admin_server.h
@@ -0,0 +1,46 @@
+/*
+ * $Source$
+ * $Author$
+ * $Header$
+ *
+ * Copyright 1987, 1988 by the Massachusetts Institute of Technology. 
+ *
+ * For copying and distribution information, please see the file
+ * <mit-copyright.h>. 
+ *
+ * Include file for the Kerberos administration server. 
+ */
+
+#include <mit-copyright.h>
+
+#ifndef ADMIN_SERVER_DEFS
+#define ADMIN_SERVER_DEFS
+
+#define PW_SRV_VERSION		 2	/* version number */
+
+#define INSTALL_NEW_PW		(1<<0)	/*
+					 * ver, cmd, name, password,
+					 * old_pass, crypt_pass, uid
+					 */
+
+#define ADMIN_NEW_PW		(2<<1)	/*
+					 * ver, cmd, name, passwd,
+					 * old_pass
+					 * (grot), crypt_pass (grot)
+					 */
+
+#define ADMIN_SET_KDC_PASSWORD	(3<<1)	/* ditto */
+#define ADMIN_ADD_NEW_KEY	(4<<1)	/* ditto */
+#define ADMIN_ADD_NEW_KEY_ATTR	(5<<1)  /*
+					 * ver, cmd, name, passwd,
+					 * inst, attr (grot)
+					 */
+#define INSTALL_REPLY		(1<<1)	/* ver, cmd, name, password */
+#define	RETRY_LIMIT		 1
+#define	TIME_OUT		30
+#define USER_TIMEOUT		90
+#define MAX_KPW_LEN		40
+
+#define KADM	"changepw"		/* service name */
+
+#endif /* ADMIN_SERVER_DEFS */
diff --git a/src/include/kerberosIV/conf-bsd386i.h b/src/include/kerberosIV/conf-bsd386i.h
new file mode 100644
index 0000000000..4cda8fe1d1
--- /dev/null
+++ b/src/include/kerberosIV/conf-bsd386i.h
@@ -0,0 +1,20 @@
+/*
+ * $Source$
+ * $Author$
+ * $Header$
+ *
+ * Copyright 1989 by the Massachusetts Institute of Technology.
+ *
+ * For copying and distribution information, please see the file
+ * <mit-copyright.h>.
+ *
+ * Machine-type definitions: Sun 386i using SunOS (~BSD)
+ */
+
+#include <mit-copyright.h>
+
+#define BITS32
+#define BIG
+#define LSBFIRST
+#define BSDUNIX
+
diff --git a/src/include/kerberosIV/conf-bsdapollo.h b/src/include/kerberosIV/conf-bsdapollo.h
new file mode 100644
index 0000000000..693728f3a8
--- /dev/null
+++ b/src/include/kerberosIV/conf-bsdapollo.h
@@ -0,0 +1,27 @@
+/*
+ * $Source$
+ * $Author$
+ * $Header$
+ *
+ * Copyright 1988 by the Massachusetts Institute of Technology.
+ *
+ * For copying and distribution information, please see the file
+ * <mit-copyright.h>.
+ *
+ * Description.
+ */
+
+#include <mit-copyright.h>
+
+#define BSDUNIX
+#define BITS32
+#define BIG
+#define MSBFIRST
+#define DES_SHIFT_SHIFT
+/*
+ * As of SR10, the C compiler claims to be __STDC__, but doesn't support
+ * const.  Sigh.
+ */
+#define const
+
+	
diff --git a/src/include/kerberosIV/conf-bsdibm032.h b/src/include/kerberosIV/conf-bsdibm032.h
new file mode 100644
index 0000000000..ce77a07839
--- /dev/null
+++ b/src/include/kerberosIV/conf-bsdibm032.h
@@ -0,0 +1,22 @@
+/*
+ * $Source$
+ * $Author$
+ * $Header$
+ *
+ * Copyright 1988 by the Massachusetts Institute of Technology.
+ *
+ * For copying and distribution information, please see the file
+ * <mit-copyright.h>.
+ *
+ * Machine-type definitions: IBM 032 (RT/PC)
+ */
+
+#include <mit-copyright.h>
+
+#define BSDUNIX
+#define IBMWS
+#define IBMWSASM
+#define BITS32
+#define BIG
+#define MSBFIRST
+#define MUSTALIGN
diff --git a/src/include/kerberosIV/conf-bsdm68k.h b/src/include/kerberosIV/conf-bsdm68k.h
new file mode 100644
index 0000000000..12b9ddaa6e
--- /dev/null
+++ b/src/include/kerberosIV/conf-bsdm68k.h
@@ -0,0 +1,20 @@
+/*
+ * $Source$
+ * $Author$
+ * $Header$
+ *
+ * Copyright 1988 by the Massachusetts Institute of Technology.
+ *
+ * For copying and distribution information, please see the file
+ * <mit-copyright.h>.
+ *
+ * Machine-type definitions: 68000 with BSD Unix, e.g. SUN
+ */
+
+#include <mit-copyright.h>
+
+#define BITS32
+#define BIG
+#define MSBFIRST
+#define BSDUNIX
+
diff --git a/src/include/kerberosIV/conf-bsdsparc.h b/src/include/kerberosIV/conf-bsdsparc.h
new file mode 100644
index 0000000000..c9cdf4c02d
--- /dev/null
+++ b/src/include/kerberosIV/conf-bsdsparc.h
@@ -0,0 +1,21 @@
+/*
+ * $Source$
+ * $Author$
+ * $Header$
+ *
+ * Copyright 1988 by the Massachusetts Institute of Technology.
+ *
+ * For copying and distribution information, please see the file
+ * <mit-copyright.h>.
+ *
+ * Machine-type definitions: SPARC with BSD Unix, e.g. SUN-4
+ */
+
+#include <mit-copyright.h>
+
+#define BITS32
+#define BIG
+#define MSBFIRST
+#define BSDUNIX
+#define MUSTALIGN
+
diff --git a/src/include/kerberosIV/conf-bsdtahoe.h b/src/include/kerberosIV/conf-bsdtahoe.h
new file mode 100644
index 0000000000..f4818f063a
--- /dev/null
+++ b/src/include/kerberosIV/conf-bsdtahoe.h
@@ -0,0 +1,19 @@
+/*
+ * $Source$
+ * $Author$
+ * $Header$
+ *
+ * Copyright 1989 by the Regents of the University of California
+ *
+ * Machine Description : TAHOE.
+ */
+
+#include <mit-copyright.h>
+
+#define	TAHOE
+#define BSDUNIX
+#define BITS32
+#define BIG
+#define MSBFIRST
+#define	MUSTALIGN
+#define	NOASM
diff --git a/src/include/kerberosIV/conf-bsdvax.h b/src/include/kerberosIV/conf-bsdvax.h
new file mode 100644
index 0000000000..04416661a0
--- /dev/null
+++ b/src/include/kerberosIV/conf-bsdvax.h
@@ -0,0 +1,26 @@
+/*
+ * $Source$
+ * $Author$
+ * $Header$
+ *
+ * Copyright 1988 by the Massachusetts Institute of Technology.
+ *
+ * For copying and distribution information, please see the file
+ * <mit-copyright.h>.
+ *
+ * Machine-type definitions: VAX
+ */
+
+#include <mit-copyright.h>
+
+#define VAX
+#define BITS32
+#define BIG
+#define LSBFIRST
+#define BSDUNIX
+
+#ifndef __STDC__
+#ifndef NOASM
+#define VAXASM
+#endif /* no assembly */
+#endif /* standard C */
diff --git a/src/include/kerberosIV/conf-ibm370.h b/src/include/kerberosIV/conf-ibm370.h
new file mode 100644
index 0000000000..1fd620d1b8
--- /dev/null
+++ b/src/include/kerberosIV/conf-ibm370.h
@@ -0,0 +1,19 @@
+/*
+ * $Source$
+ * $Author$
+ * $Header$
+ *
+ * Copyright 1988 by the Massachusetts Institute of Technology.
+ *
+ * For copying and distribution information, please see the file
+ * <mit-copyright.h>.
+ *
+ * Machine-type definitions: IBM 370
+ */
+
+#include <mit-copyright.h>
+
+/* What else? */
+#define BIG
+#define NONASCII
+#define SHORTNAMES
diff --git a/src/include/kerberosIV/conf-pc.h b/src/include/kerberosIV/conf-pc.h
new file mode 100644
index 0000000000..09cc2d874b
--- /dev/null
+++ b/src/include/kerberosIV/conf-pc.h
@@ -0,0 +1,19 @@
+/*
+ * $Source$
+ * $Author$
+ * $Header$
+ *
+ * Copyright 1988 by the Massachusetts Institute of Technology.
+ *
+ * For copying and distribution information, please see the file
+ * <mit-copyright.h>.
+ *
+ * Machine-type definitions: IBM PC 8086
+ */
+
+#include <mit-copyright.h>
+
+#define IBMPC
+#define BITS16
+#define CROSSMSDOS
+#define LSBFIRST
diff --git a/src/include/kerberosIV/conf-pyr.h b/src/include/kerberosIV/conf-pyr.h
new file mode 100644
index 0000000000..08cd0e6fe3
--- /dev/null
+++ b/src/include/kerberosIV/conf-pyr.h
@@ -0,0 +1,19 @@
+/*
+ * $Source$
+ * $Author$
+ * $Header$
+ *
+ * Copyright 1989 by the Massachusetts Institute of Technology.
+ *
+ * For copying and distribution information, please see the file
+ * <mit-copyright.h>.
+ *
+ * Machine-type definitions: Pyramid
+ */
+
+#include <mit-copyright.h>
+
+#define BITS32
+#define BIG
+#define MSBFIRST
+#define BSDUNIX
diff --git a/src/include/kerberosIV/conf-ultmips2.h b/src/include/kerberosIV/conf-ultmips2.h
new file mode 100644
index 0000000000..cc14c76aea
--- /dev/null
+++ b/src/include/kerberosIV/conf-ultmips2.h
@@ -0,0 +1,21 @@
+/*
+ * $Source$
+ * $Author$
+ * $Header$
+ *
+ * Copyright 1988 by the Massachusetts Institute of Technology.
+ *
+ * For copying and distribution information, please see the file
+ * <mit-copyright.h>.
+ *
+ * Machine-type definitions: DECstation 3100 (MIPS R2000)
+ */
+ 
+#include <mit-copyright.h>
+ 
+#define MIPS2
+#define BITS32
+#define BIG
+#define LSBFIRST
+#define BSDUNIX
+#define MUSTALIGN
diff --git a/src/include/kerberosIV/conf.h b/src/include/kerberosIV/conf.h
new file mode 100644
index 0000000000..a438a72662
--- /dev/null
+++ b/src/include/kerberosIV/conf.h
@@ -0,0 +1,78 @@
+/*
+ * $Source$
+ * $Author$
+ * $Header$
+ *
+ * Copyright 1988 by the Massachusetts Institute of Technology.
+ *
+ * For copying and distribution information, please see the file
+ * <mit-copyright.h>.
+ *
+ * Configuration info for operating system, hardware description,
+ * language implementation, C library, etc.
+ *
+ * This file should be included in (almost) every file in the Kerberos
+ * sources, and probably should *not* be needed outside of those
+ * sources.  (How do we deal with /usr/include/des.h and
+ * /usr/include/krb.h?)
+ */
+
+#ifndef _CONF_H_
+
+#include <mit-copyright.h>
+
+#include "osconf.h"
+
+#ifdef SHORTNAMES
+#include "names.h"
+#endif
+
+/*
+ * Language implementation-specific definitions
+ */
+
+/* special cases */
+#ifdef __HIGHC__
+/* broken implementation of ANSI C */
+#undef __STDC__
+#endif
+
+#ifndef __STDC__
+#define const
+#define volatile
+#define signed
+typedef char *pointer;		/* pointer to generic data */
+#define PROTOTYPE(p) ()
+#else
+typedef void *pointer;
+#define PROTOTYPE(p) p
+#endif
+
+/* Does your compiler understand "void"? */
+#ifdef notdef
+#define void int
+#endif
+
+/*
+ * A few checks to see that necessary definitions are included.
+ */
+
+/* byte order */
+
+#ifndef MSBFIRST
+#ifndef LSBFIRST
+/* #error byte order not defined */
+Error: byte order not defined.
+#endif
+#endif
+
+/* machine size */
+#ifndef BITS16
+#ifndef BITS32
+Error: how big is this machine anyways?
+#endif
+#endif
+
+/* end of checks */
+
+#endif /* _CONF_H_ */
diff --git a/src/include/kerberosIV/des.h b/src/include/kerberosIV/des.h
new file mode 100644
index 0000000000..ce1f67f6db
--- /dev/null
+++ b/src/include/kerberosIV/des.h
@@ -0,0 +1,48 @@
+/*
+ * $Source$
+ * $Author$
+ * $Header$ 
+ *
+ * Copyright 1987, 1988 by the Massachusetts Institute of Technology.
+ *
+ * For copying and distribution information, please see the file
+ * <mit-copyright.h>.
+ *
+ * Include file for the Data Encryption Standard library.
+ */
+
+/* only do the whole thing once	 */
+#ifndef DES_DEFS
+#define DES_DEFS
+
+#include <mit-copyright.h>
+
+typedef unsigned char des_cblock[8];	/* crypto-block size */
+/* Key schedule */
+typedef struct des_ks_struct { des_cblock _; } des_key_schedule[16];
+
+#define DES_KEY_SZ 	(sizeof(des_cblock))
+#define DES_ENCRYPT	1
+#define DES_DECRYPT	0
+
+#ifndef NCOMPAT
+#define C_Block des_cblock
+#define Key_schedule des_key_schedule
+#define ENCRYPT DES_ENCRYPT
+#define DECRYPT DES_DECRYPT
+#define KEY_SZ DES_KEY_SZ
+#define string_to_key des_string_to_key
+#define read_pw_string des_read_pw_string
+#define random_key des_random_key
+#define pcbc_encrypt des_pcbc_encrypt
+#define key_sched des_key_sched
+#define cbc_encrypt des_cbc_encrypt
+#define cbc_cksum des_cbc_cksum
+#define C_Block_print des_cblock_print
+#define quad_cksum des_quad_cksum
+typedef struct des_ks_struct bit_64;
+#endif
+
+#define des_cblock_print(x) des_cblock_print_file(x, stdout)
+
+#endif	/* DES_DEFS */
diff --git a/src/include/kerberosIV/des_conf.h b/src/include/kerberosIV/des_conf.h
new file mode 100644
index 0000000000..673eb93fbb
--- /dev/null
+++ b/src/include/kerberosIV/des_conf.h
@@ -0,0 +1,2 @@
+This file is obsolete and should not be used any more.
+Use "conf.h" instead.
diff --git a/src/include/kerberosIV/highc.h b/src/include/kerberosIV/highc.h
new file mode 100644
index 0000000000..a217b0196f
--- /dev/null
+++ b/src/include/kerberosIV/highc.h
@@ -0,0 +1,36 @@
+/*
+ * $Source$
+ * $Author$
+ * $Header$
+ *
+ * Copyright 1988 by the Massachusetts Institute of Technology.
+ *
+ * For copying and distribution information, please see the file
+ * <mit-copyright.h>.
+ *
+ * Known breakage in the version of Metaware's High C compiler that
+ * we've got available....
+ */
+
+#include <mit-copyright.h>
+
+#define const
+/*#define volatile*/
+
+/*
+ * Some builtin functions we can take advantage of for inlining....
+ */
+
+#define abs			_abs
+/* the _max and _min builtins accept any number of arguments */
+#undef MAX
+#define MAX(x,y)		_max(x,y)
+#undef MIN
+#define MIN(x,y)		_min(x,y)
+/*
+ * I'm not sure if 65535 is a limit for this builtin, but it's
+ * reasonable for a string length.  Or is it?
+ */
+/*#define strlen(s)		_find_char(s,65535,0)*/
+#define bzero(ptr,len)		_fill_char(ptr,len,'\0')
+#define bcmp(b1,b2,len)		_compare(b1,b2,len)
diff --git a/src/include/kerberosIV/kadm.h b/src/include/kerberosIV/kadm.h
new file mode 100644
index 0000000000..f139340234
--- /dev/null
+++ b/src/include/kerberosIV/kadm.h
@@ -0,0 +1,141 @@
+/*
+ * $Source$
+ * $Author$
+ * $Header$
+ *
+ * Copyright 1988 by the Massachusetts Institute of Technology.
+ *
+ * For copying and distribution information, please see the file
+ * <mit-copyright.h>.
+ *
+ * Definitions for Kerberos administration server & client
+ */
+
+#ifndef KADM_DEFS
+#define KADM_DEFS
+
+#include <mit-copyright.h>
+/*
+ * kadm.h
+ * Header file for the fourth attempt at an admin server
+ * Doug Church, December 28, 1989, MIT Project Athena
+ */
+
+/* for those broken Unixes without this defined... should be in sys/param.h */
+#ifndef MAXHOSTNAMELEN
+#define MAXHOSTNAMELEN 64
+#endif
+
+#include <sys/types.h>
+#include <netinet/in.h>
+#include <krb.h>
+#include <des.h>
+
+/* The global structures for the client and server */
+typedef struct {
+  struct sockaddr_in admin_addr;
+  struct sockaddr_in my_addr;
+  int my_addr_len;
+  int admin_fd;			/* file descriptor for link to admin server */
+  char sname[ANAME_SZ];		/* the service name */
+  char sinst[INST_SZ];		/* the services instance */
+  char krbrlm[REALM_SZ];
+} Kadm_Client;
+
+typedef struct {		/* status of the server, i.e the parameters */
+   int inter;			/* Space for command line flags */
+   char *sysfile;		/* filename of server */
+} admin_params;			/* Well... it's the admin's parameters */
+
+/* Largest password length to be supported */
+#define MAX_KPW_LEN	128
+
+/* Largest packet the admin server will ever allow itself to return */
+#define KADM_RET_MAX 2048
+
+/* That's right, versions are 8 byte strings */
+#define KADM_VERSTR	"KADM0.0A"
+#define KADM_ULOSE	"KYOULOSE"	/* sent back when server can't
+					   decrypt client's msg */
+#define KADM_VERSIZE strlen(KADM_VERSTR)
+
+/* the lookups for the server instances */
+#define PWSERV_NAME  "changepw"
+#define KADM_SNAME   "kerberos_master"
+#define KADM_SINST   "kerberos"
+
+/* Attributes fields constants and macros */
+#define ALLOC        2
+#define RESERVED     3
+#define DEALLOC      4
+#define DEACTIVATED  5
+#define ACTIVE       6
+
+/* Kadm_vals structure for passing db fields into the server routines */
+#define FLDSZ        4
+
+typedef struct {
+    u_char         fields[FLDSZ];     /* The active fields in this struct */
+    char           name[ANAME_SZ];
+    char           instance[INST_SZ];
+    unsigned long  key_low;
+    unsigned long  key_high;
+    unsigned long  exp_date;
+    unsigned short attributes;
+    unsigned char  max_life;
+} Kadm_vals;                    /* The basic values structure in Kadm */
+
+/* Kadm_vals structure for passing db fields into the server routines */
+#define FLDSZ        4
+
+/* Need to define fields types here */
+#define KADM_NAME       31
+#define KADM_INST       30
+#define KADM_EXPDATE    29
+#define KADM_ATTR       28
+#define KADM_MAXLIFE    27
+#define KADM_DESKEY     26
+
+/* To set a field entry f in a fields structure d */
+#define SET_FIELD(f,d)  (d[3-(f/8)]|=(1<<(f%8)))
+
+/* To set a field entry f in a fields structure d */
+#define CLEAR_FIELD(f,d)  (d[3-(f/8)]&=(~(1<<(f%8))))
+
+/* Is field f in fields structure d */
+#define IS_FIELD(f,d)   (d[3-(f/8)]&(1<<(f%8)))
+
+/* Various return codes */
+#define KADM_SUCCESS    0
+
+#define WILDCARD_STR "*"
+
+enum acl_types {
+ADDACL,
+GETACL,
+MODACL
+};
+
+/* Various opcodes for the admin server's functions */
+#define CHANGE_PW    2
+#define ADD_ENT      3
+#define MOD_ENT      4
+#define GET_ENT      5
+
+extern long kdb_get_master_key();	/* XXX should be in krb_db.h */
+extern long kdb_verify_master_key();	/* XXX ditto */
+
+extern long krb_mk_priv(), krb_rd_priv(); /* XXX should be in krb.h */
+extern void krb_set_tkt_string();	/* XXX ditto */
+
+extern unsigned long quad_cksum();	/* XXX should be in des.h */
+
+/* XXX This doesn't belong here!!! */
+char *malloc(), *realloc();
+#ifdef POSIX
+typedef void sigtype;
+#else
+typedef int sigtype;
+#endif
+
+#endif KADM_DEFS
diff --git a/src/include/kerberosIV/kdc.h b/src/include/kerberosIV/kdc.h
new file mode 100644
index 0000000000..393fb0e203
--- /dev/null
+++ b/src/include/kerberosIV/kdc.h
@@ -0,0 +1,40 @@
+/*
+ * $Source$
+ * $Author$
+ * $Header$
+ *
+ * Copyright 1987, 1988 by the Massachusetts Institute of Technology. 
+ *
+ * For copying and distribution information, please see the file
+ * <mit-copyright.h>. 
+ *
+ * Include file for the Kerberos Key Distribution Center. 
+ */
+
+#include <mit-copyright.h>
+
+#ifndef KDC_DEFS
+#define KDC_DEFS
+
+#define S_AD_SZ		sizeof(struct sockaddr_in)
+
+#define max(a,b)	(a>b ? a : b)
+#define min(a,b)	(a<b ? a : b)
+
+#define TRUE		1
+#define FALSE		0
+
+#define MKEYFILE	"/.k"
+#define K_LOGFIL	"/kerberos/kpropd.log"
+#define KS_LOGFIL	"/kerberos/kerberos_slave.log"
+#define KRB_ACL		"/kerberos/kerberos.acl"
+#define KRB_PROG	"./kerberos"
+
+#define ONE_MINUTE	60
+#define FIVE_MINUTES	(5 * ONE_MINUTE)
+#define ONE_HOUR	(60 * ONE_MINUTE)
+#define ONE_DAY		(24 * ONE_HOUR)
+#define THREE_DAYS	(3 * ONE_DAY)
+
+#endif /* KDC_DEFS */
+
diff --git a/src/include/kerberosIV/klog.h b/src/include/kerberosIV/klog.h
new file mode 100644
index 0000000000..b795386d42
--- /dev/null
+++ b/src/include/kerberosIV/klog.h
@@ -0,0 +1,43 @@
+/*
+ * $Source$
+ * $Author$
+ * $Header$
+ *
+ * Copyright 1988 by the Massachusetts Institute of Technology.
+ *
+ * For copying and distribution information, please see the file
+ * <mit-copyright.h>.
+ *
+ * This file defines the types of log messages logged by klog.  Each
+ * type of message may be selectively turned on or off. 
+ */
+
+#include <mit-copyright.h>
+
+#ifndef KLOG_DEFS
+#define KLOG_DEFS
+
+#define KRBLOG 		"/kerberos/kerberos.log"  /* master server  */
+#define KRBSLAVELOG	"/kerberos/kerberos_slave.log"  /* master server  */
+#define	NLOGTYPE	100	/* Maximum number of log msg types  */
+
+#define L_NET_ERR	  1	/* Error in network code	    */
+#define L_NET_INFO	  2	/* Info on network activity	    */
+#define L_KRB_PERR	  3	/* Kerberos protocol errors	    */
+#define L_KRB_PINFO	  4	/* Kerberos protocol info	    */
+#define L_INI_REQ	  5	/* Request for initial ticket	    */
+#define L_NTGT_INTK       6	/* Initial request not for TGT	    */
+#define L_DEATH_REQ       7	/* Request for server death	    */
+#define L_TKT_REQ	  8	/* All ticket requests using a tgt  */
+#define L_ERR_SEXP	  9	/* Service expired		    */
+#define L_ERR_MKV	 10	/* Master key version incorrect     */
+#define L_ERR_NKY	 11	/* User's key is null		    */
+#define L_ERR_NUN	 12	/* Principal not unique		    */
+#define L_ERR_UNK	 13	/* Principal Unknown		    */
+#define L_ALL_REQ	 14	/* All requests			    */
+#define L_APPL_REQ	 15	/* Application requests (using tgt) */
+#define L_KRB_PWARN      16	/* Protocol warning messages	    */
+
+char   *klog();
+
+#endif /* KLOG_DEFS */
diff --git a/src/include/kerberosIV/krb.h b/src/include/kerberosIV/krb.h
new file mode 100644
index 0000000000..78e406ac02
--- /dev/null
+++ b/src/include/kerberosIV/krb.h
@@ -0,0 +1,380 @@
+/*
+ * $Source$
+ * $Author$
+ * $Header$ 
+ *
+ * Copyright 1987, 1988 by the Massachusetts Institute of Technology. 
+ *
+ * For copying and distribution information, please see the file
+ * <mit-copyright.h>. 
+ *
+ * Include file for the Kerberos library. 
+ */
+
+/* Only one time, please */
+#ifndef	KRB_DEFS
+#define KRB_DEFS
+
+#include <mit-copyright.h>
+
+/* Need some defs from des.h	 */
+#include <des.h>
+
+/* Text describing error codes */
+#define		MAX_KRB_ERRORS	256
+extern char *krb_err_txt[MAX_KRB_ERRORS];
+
+/* These are not defined for at least SunOS 3.3 and Ultrix 2.2 */
+#if defined(ULTRIX022) || (defined(SunOS) && SunOS < 40)
+#define FD_ZERO(p)  ((p)->fds_bits[0] = 0)
+#define FD_SET(n, p)   ((p)->fds_bits[0] |= (1 << (n)))
+#define FD_ISSET(n, p)   ((p)->fds_bits[0] & (1 << (n)))
+#endif /* ULTRIX022 || SunOS */
+
+/* General definitions */
+#define		KSUCCESS	0
+#define		KFAILURE	255
+
+#ifdef NO_UIDGID_T
+typedef unsigned short uid_t;
+typedef unsigned short gid_t;
+#endif /* NO_UIDGID_T */
+
+/*
+ * Kerberos specific definitions 
+ *
+ * KRBLOG is the log file for the kerberos master server. KRB_CONF is
+ * the configuration file where different host machines running master
+ * and slave servers can be found. KRB_MASTER is the name of the
+ * machine with the master database.  The admin_server runs on this
+ * machine, and all changes to the db (as opposed to read-only
+ * requests, which can go to slaves) must go to it. KRB_HOST is the
+ * default machine * when looking for a kerberos slave server.  Other
+ * possibilities are * in the KRB_CONF file. KRB_REALM is the name of
+ * the realm. 
+ */
+
+#ifdef notdef
+this is server - only, does not belong here;
+#define 	KRBLOG 		"/kerberos/kerberos.log"
+are these used anyplace '?';
+#define		VX_KRB_HSTFILE	"/etc/krbhst"
+#define		PC_KRB_HSTFILE	"\\kerberos\\krbhst"
+#endif
+
+#define		KRB_CONF	"/etc/krb.conf"
+#define		KRB_RLM_TRANS	"/etc/krb.realms"
+#define		KRB_MASTER	"kerberos"
+#define		KRB_HOST	 KRB_MASTER
+#define		KRB_REALM	"ATHENA.MIT.EDU"
+
+/* The maximum sizes for aname, realm, sname, and instance +1 */
+#define 	ANAME_SZ	40
+#define		REALM_SZ	40
+#define		SNAME_SZ	40
+#define		INST_SZ		40
+/* include space for '.' and '@' */
+#define		MAX_K_NAME_SZ	(ANAME_SZ + INST_SZ + REALM_SZ + 2)
+#define		KKEY_SZ		100
+#define		VERSION_SZ	1
+#define		MSG_TYPE_SZ	1
+#define		DATE_SZ		26	/* RTI date output */
+
+#define		MAX_HSTNM	100
+
+#ifndef DEFAULT_TKT_LIFE		/* allow compile-time override */
+#define		DEFAULT_TKT_LIFE	96 /* default lifetime for krb_mk_req
+					      & co., 8 hrs */
+#endif
+
+/* Definition of text structure used to pass text around */
+#define		MAX_KTXT_LEN	1250
+
+struct ktext {
+    int     length;		/* Length of the text */
+    unsigned char dat[MAX_KTXT_LEN];	/* The data itself */
+    unsigned long mbz;		/* zero to catch runaway strings */
+};
+
+typedef struct ktext *KTEXT;
+typedef struct ktext KTEXT_ST;
+
+
+/* Definitions for send_to_kdc */
+#define	CLIENT_KRB_TIMEOUT	4	/* time between retries */
+#define CLIENT_KRB_RETRY	5	/* retry this many times */
+#define	CLIENT_KRB_BUFLEN	512	/* max unfragmented packet */
+
+/* Definitions for ticket file utilities */
+#define	R_TKT_FIL	0
+#define	W_TKT_FIL	1
+
+/* Definitions for cl_get_tgt */
+#ifdef PC
+#define CL_GTGT_INIT_FILE		"\\kerberos\\k_in_tkts"
+#else
+#define CL_GTGT_INIT_FILE		"/etc/k_in_tkts"
+#endif /* PC */
+
+/* Parameters for rd_ap_req */
+/* Maximum alloable clock skew in seconds */
+#define 	CLOCK_SKEW	5*60
+/* Filename for readservkey */
+#define		KEYFILE		"/etc/srvtab"
+
+/* Structure definition for rd_ap_req */
+
+struct auth_dat {
+    unsigned char k_flags;	/* Flags from ticket */
+    char    pname[ANAME_SZ];	/* Principal's name */
+    char    pinst[INST_SZ];	/* His Instance */
+    char    prealm[REALM_SZ];	/* His Realm */
+    unsigned long checksum;	/* Data checksum (opt) */
+    C_Block session;		/* Session Key */
+    int     life;		/* Life of ticket */
+    unsigned long time_sec;	/* Time ticket issued */
+    unsigned long address;	/* Address in ticket */
+    KTEXT_ST reply;		/* Auth reply (opt) */
+};
+
+typedef struct auth_dat AUTH_DAT;
+
+/* Structure definition for credentials returned by get_cred */
+
+struct credentials {
+    char    service[ANAME_SZ];	/* Service name */
+    char    instance[INST_SZ];	/* Instance */
+    char    realm[REALM_SZ];	/* Auth domain */
+    C_Block session;		/* Session key */
+    int     lifetime;		/* Lifetime */
+    int     kvno;		/* Key version number */
+    KTEXT_ST ticket_st;		/* The ticket itself */
+    long    issue_date;		/* The issue time */
+    char    pname[ANAME_SZ];	/* Principal's name */
+    char    pinst[INST_SZ];	/* Principal's instance */
+};
+
+typedef struct credentials CREDENTIALS;
+
+/* Structure definition for rd_private_msg and rd_safe_msg */
+
+struct msg_dat {
+    unsigned char *app_data;	/* pointer to appl data */
+    unsigned long app_length;	/* length of appl data */
+    unsigned long hash;		/* hash to lookup replay */
+    int     swap;		/* swap bytes? */
+    long    time_sec;		/* msg timestamp seconds */
+    unsigned char time_5ms;	/* msg timestamp 5ms units */
+};
+
+typedef struct msg_dat MSG_DAT;
+
+
+/* Location of ticket file for save_cred and get_cred */
+#ifdef PC
+#define TKT_FILE        "\\kerberos\\ticket.ses"
+#else
+#define TKT_FILE        tkt_string()
+#define TKT_ROOT        "/tmp/tkt"
+#endif /* PC */
+
+/* Error codes returned from the KDC */
+#define		KDC_OK		0	/* Request OK */
+#define		KDC_NAME_EXP	1	/* Principal expired */
+#define		KDC_SERVICE_EXP	2	/* Service expired */
+#define		KDC_AUTH_EXP	3	/* Auth expired */
+#define		KDC_PKT_VER	4	/* Protocol version unknown */
+#define		KDC_P_MKEY_VER	5	/* Wrong master key version */
+#define		KDC_S_MKEY_VER 	6	/* Wrong master key version */
+#define		KDC_BYTE_ORDER	7	/* Byte order unknown */
+#define		KDC_PR_UNKNOWN	8	/* Principal unknown */
+#define		KDC_PR_N_UNIQUE 9	/* Principal not unique */
+#define		KDC_NULL_KEY   10	/* Principal has null key */
+#define		KDC_GEN_ERR    20	/* Generic error from KDC */
+
+
+/* Values returned by get_credentials */
+#define		GC_OK		0	/* Retrieve OK */
+#define		RET_OK		0	/* Retrieve OK */
+#define		GC_TKFIL       21	/* Can't read ticket file */
+#define		RET_TKFIL      21	/* Can't read ticket file */
+#define		GC_NOTKT       22	/* Can't find ticket or TGT */
+#define		RET_NOTKT      22	/* Can't find ticket or TGT */
+
+
+/* Values returned by mk_ap_req	 */
+#define		MK_AP_OK	0	/* Success */
+#define		MK_AP_TGTEXP   26	/* TGT Expired */
+
+/* Values returned by rd_ap_req */
+#define		RD_AP_OK	0	/* Request authentic */
+#define		RD_AP_UNDEC    31	/* Can't decode authenticator */
+#define		RD_AP_EXP      32	/* Ticket expired */
+#define		RD_AP_NYV      33	/* Ticket not yet valid */
+#define		RD_AP_REPEAT   34	/* Repeated request */
+#define		RD_AP_NOT_US   35	/* The ticket isn't for us */
+#define		RD_AP_INCON    36	/* Request is inconsistent */
+#define		RD_AP_TIME     37	/* delta_t too big */
+#define		RD_AP_BADD     38	/* Incorrect net address */
+#define		RD_AP_VERSION  39	/* protocol version mismatch */
+#define		RD_AP_MSG_TYPE 40	/* invalid msg type */
+#define		RD_AP_MODIFIED 41	/* message stream modified */
+#define		RD_AP_ORDER    42	/* message out of order */
+#define		RD_AP_UNAUTHOR 43	/* unauthorized request */
+
+/* Values returned by get_pw_tkt */
+#define		GT_PW_OK	0	/* Got password changing tkt */
+#define		GT_PW_NULL     51	/* Current PW is null */
+#define		GT_PW_BADPW    52	/* Incorrect current password */
+#define		GT_PW_PROT     53	/* Protocol Error */
+#define		GT_PW_KDCERR   54	/* Error returned by KDC */
+#define		GT_PW_NULLTKT  55	/* Null tkt returned by KDC */
+
+
+/* Values returned by send_to_kdc */
+#define		SKDC_OK		0	/* Response received */
+#define		SKDC_RETRY     56	/* Retry count exceeded */
+#define		SKDC_CANT      57	/* Can't send request */
+
+/*
+ * Values returned by get_intkt
+ * (can also return SKDC_* and KDC errors)
+ */
+
+#define		INTK_OK		0	/* Ticket obtained */
+#define		INTK_W_NOTALL  61	/* Not ALL tickets returned */
+#define		INTK_BADPW     62	/* Incorrect password */
+#define		INTK_PROT      63	/* Protocol Error */
+#define		INTK_ERR       70	/* Other error */
+
+/* Values returned by get_adtkt */
+#define         AD_OK           0	/* Ticket Obtained */
+#define         AD_NOTGT       71	/* Don't have tgt */
+
+/* Error codes returned by ticket file utilities */
+#define		NO_TKT_FIL	76	/* No ticket file found */
+#define		TKT_FIL_ACC	77	/* Couldn't access tkt file */
+#define		TKT_FIL_LCK	78	/* Couldn't lock ticket file */
+#define		TKT_FIL_FMT	79	/* Bad ticket file format */
+#define		TKT_FIL_INI	80	/* tf_init not called first */
+
+/* Error code returned by kparse_name */
+#define		KNAME_FMT	81	/* Bad Kerberos name format */
+
+/* Error code returned by krb_mk_safe */
+#define		SAFE_PRIV_ERROR	-1	/* syscall error */
+
+/*
+ * macros for byte swapping; also scratch space
+ * u_quad  0-->7, 1-->6, 2-->5, 3-->4, 4-->3, 5-->2, 6-->1, 7-->0
+ * u_long  0-->3, 1-->2, 2-->1, 3-->0
+ * u_short 0-->1, 1-->0
+ */
+
+#define     swap_u_16(x) {\
+ unsigned long   _krb_swap_tmp[4];\
+ swab(((char *) x) +0, ((char *)  _krb_swap_tmp) +14 ,2); \
+ swab(((char *) x) +2, ((char *)  _krb_swap_tmp) +12 ,2); \
+ swab(((char *) x) +4, ((char *)  _krb_swap_tmp) +10 ,2); \
+ swab(((char *) x) +6, ((char *)  _krb_swap_tmp) +8  ,2); \
+ swab(((char *) x) +8, ((char *)  _krb_swap_tmp) +6 ,2); \
+ swab(((char *) x) +10,((char *)  _krb_swap_tmp) +4 ,2); \
+ swab(((char *) x) +12,((char *)  _krb_swap_tmp) +2 ,2); \
+ swab(((char *) x) +14,((char *)  _krb_swap_tmp) +0 ,2); \
+ bcopy((char *)_krb_swap_tmp,(char *)x,16);\
+                            }
+
+#define     swap_u_12(x) {\
+ unsigned long   _krb_swap_tmp[4];\
+ swab(( char *) x,     ((char *)  _krb_swap_tmp) +10 ,2); \
+ swab(((char *) x) +2, ((char *)  _krb_swap_tmp) +8 ,2); \
+ swab(((char *) x) +4, ((char *)  _krb_swap_tmp) +6 ,2); \
+ swab(((char *) x) +6, ((char *)  _krb_swap_tmp) +4 ,2); \
+ swab(((char *) x) +8, ((char *)  _krb_swap_tmp) +2 ,2); \
+ swab(((char *) x) +10,((char *)  _krb_swap_tmp) +0 ,2); \
+ bcopy((char *)_krb_swap_tmp,(char *)x,12);\
+                            }
+
+#define     swap_C_Block(x) {\
+ unsigned long   _krb_swap_tmp[4];\
+ swab(( char *) x,    ((char *)  _krb_swap_tmp) +6 ,2); \
+ swab(((char *) x) +2,((char *)  _krb_swap_tmp) +4 ,2); \
+ swab(((char *) x) +4,((char *)  _krb_swap_tmp) +2 ,2); \
+ swab(((char *) x) +6,((char *)  _krb_swap_tmp)    ,2); \
+ bcopy((char *)_krb_swap_tmp,(char *)x,8);\
+                            }
+#define     swap_u_quad(x) {\
+ unsigned long   _krb_swap_tmp[4];\
+ swab(( char *) &x,    ((char *)  _krb_swap_tmp) +6 ,2); \
+ swab(((char *) &x) +2,((char *)  _krb_swap_tmp) +4 ,2); \
+ swab(((char *) &x) +4,((char *)  _krb_swap_tmp) +2 ,2); \
+ swab(((char *) &x) +6,((char *)  _krb_swap_tmp)    ,2); \
+ bcopy((char *)_krb_swap_tmp,(char *)&x,8);\
+                            }
+
+#define     swap_u_long(x) {\
+ unsigned long   _krb_swap_tmp[4];\
+ swab((char *)  &x,    ((char *)  _krb_swap_tmp) +2 ,2); \
+ swab(((char *) &x) +2,((char *)  _krb_swap_tmp),2); \
+ x = _krb_swap_tmp[0];   \
+                           }
+
+#define     swap_u_short(x) {\
+ unsigned short	_krb_swap_sh_tmp; \
+ swab((char *)  &x,    ( &_krb_swap_sh_tmp) ,2); \
+ x = (unsigned short) _krb_swap_sh_tmp; \
+                            }
+
+/* Kerberos ticket flag field bit definitions */
+#define K_FLAG_ORDER    0       /* bit 0 --> lsb */
+#define K_FLAG_1                /* reserved */
+#define K_FLAG_2                /* reserved */
+#define K_FLAG_3                /* reserved */
+#define K_FLAG_4                /* reserved */
+#define K_FLAG_5                /* reserved */
+#define K_FLAG_6                /* reserved */
+#define K_FLAG_7                /* reserved, bit 7 --> msb */
+
+#ifndef PC
+char *tkt_string();
+#endif	/* PC */
+
+#ifdef	OLDNAMES
+#define krb_mk_req	mk_ap_req
+#define krb_rd_req	rd_ap_req
+#define krb_kntoln	an_to_ln
+#define krb_set_key	set_serv_key
+#define krb_get_cred	get_credentials
+#define krb_mk_priv	mk_private_msg
+#define krb_rd_priv	rd_private_msg
+#define krb_mk_safe	mk_safe_msg
+#define krb_rd_safe	rd_safe_msg
+#define krb_mk_err	mk_appl_err_msg
+#define krb_rd_err	rd_appl_err_msg
+#define krb_ck_repl	check_replay
+#define	krb_get_pw_in_tkt	get_in_tkt
+#define krb_get_svc_in_tkt	get_svc_in_tkt
+#define krb_get_pw_tkt		get_pw_tkt
+#define krb_realmofhost		krb_getrealm
+#define krb_get_phost		get_phost
+#define krb_get_krbhst		get_krbhst
+#define krb_get_lrealm		get_krbrlm
+#endif	/* OLDNAMES */
+
+/* Defines for krb_sendauth and krb_recvauth */
+
+#define	KOPT_DONT_MK_REQ 0x00000001 /* don't call krb_mk_req */
+#define	KOPT_DO_MUTUAL   0x00000002 /* do mutual auth */
+
+#define	KOPT_DONT_CANON  0x00000004 /*
+				     * don't canonicalize inst as
+				     * a hostname
+				     */
+
+#define	KRB_SENDAUTH_VLEN 8	    /* length for version strings */
+
+#ifdef ATHENA_COMPAT
+#define	KOPT_DO_OLDSTYLE 0x00000008 /* use the old-style protocol */
+#endif /* ATHENA_COMPAT */
+
+#endif	/* KRB_DEFS */
diff --git a/src/include/kerberosIV/krb_db.h b/src/include/kerberosIV/krb_db.h
new file mode 100644
index 0000000000..3a3790624b
--- /dev/null
+++ b/src/include/kerberosIV/krb_db.h
@@ -0,0 +1,104 @@
+/*
+ * $Source$
+ * $Author$
+ * $Header$ 
+ *
+ * Copyright 1987, 1988 by the Massachusetts Institute of Technology. 
+ *
+ * For copying and distribution information, please see the file
+ * <mit-copyright.h>. 
+ *
+ * spm		Project Athena  8/85 
+ *
+ * This file defines data structures for the kerberos
+ * authentication/authorization database. 
+ *
+ * They MUST correspond to those defined in *.rel 
+ */
+
+#include <mit-copyright.h>
+
+#ifndef KRB_DB_DEFS
+#define KRB_DB_DEFS
+
+#define KERB_M_NAME		"K"	/* Kerberos */
+#define KERB_M_INST		"M"	/* Master */
+#define KERB_DEFAULT_NAME	"default"
+#define KERB_DEFAULT_INST	""
+#define	DBM_FILE		"/kerberos/principal"
+
+/* this also defines the number of queue headers */
+#define KERB_DB_HASH_MODULO 64
+
+
+/* Arguments to kerb_dbl_lock() */
+
+#define KERB_DBL_EXCLUSIVE 1
+#define KERB_DBL_SHARED 0
+
+/* arguments to kerb_db_set_lockmode() */
+
+#define KERB_DBL_BLOCKING 0
+#define KERB_DBL_NONBLOCKING 1
+
+/* Principal defines the structure of a principal's name */
+
+typedef struct {
+    char    name[ANAME_SZ];
+    char    instance[INST_SZ];
+
+    unsigned long key_low;
+    unsigned long key_high;
+    unsigned long exp_date;
+    char    exp_date_txt[DATE_SZ];
+    unsigned long mod_date;
+    char    mod_date_txt[DATE_SZ];
+    unsigned short attributes;
+    unsigned char max_life;
+    unsigned char kdc_key_ver;
+    unsigned char key_version;
+
+    char    mod_name[ANAME_SZ];
+    char    mod_instance[INST_SZ];
+    char   *old;		/* cast to (Principal *); not in db,
+				 * ptr to old vals */
+}
+        Principal;
+
+typedef struct {
+    long    cpu;
+    long    elapsed;
+    long    dio;
+    long    pfault;
+    long    t_stamp;
+    long    n_retrieve;
+    long    n_replace;
+    long    n_append;
+    long    n_get_stat;
+    long    n_put_stat;
+}
+        DB_stat;
+
+/* Dba defines the structure of a database administrator */
+
+typedef struct {
+    char    name[ANAME_SZ];
+    char    instance[INST_SZ];
+    unsigned short attributes;
+    unsigned long exp_date;
+    char    exp_date_txt[DATE_SZ];
+    char   *old;	/*
+			 * cast to (Dba *); not in db, ptr to
+			 * old vals
+			 */
+}
+        Dba;
+
+extern int kerb_get_principal();
+extern int kerb_put_principal();
+extern int kerb_db_get_stat();
+extern int kerb_db_put_stat();
+extern int kerb_get_dba();
+extern int kerb_db_get_dba();
+
+#endif /* KRB_DB_DEFS */
diff --git a/src/include/kerberosIV/lsb_addr_comp.h b/src/include/kerberosIV/lsb_addr_comp.h
new file mode 100644
index 0000000000..80b9b36fbb
--- /dev/null
+++ b/src/include/kerberosIV/lsb_addr_comp.h
@@ -0,0 +1,43 @@
+/*
+ * $Source$
+ * $Author$
+ * $Header$
+ *
+ * Copyright 1988 by the Massachusetts Institute of Technology.
+ *
+ * For copying and distribution information, please see the file
+ * <mit-copyright.h>.
+ *
+ * Comparison macros to emulate LSBFIRST comparison results of network
+ * byte-order quantities
+ */
+
+#include <mit-copyright.h>
+#ifndef LSB_ADDR_COMP_DEFS
+#define LSB_ADDR_COMP_DEFS
+
+#include "osconf.h"
+
+#ifdef LSBFIRST
+#define lsb_net_ulong_less(x,y) ((x < y) ? -1 : ((x > y) ? 1 : 0))
+#define lsb_net_ushort_less(x,y) ((x < y) ? -1 : ((x > y) ? 1 : 0))
+#else
+/* MSBFIRST */
+#define u_char_comp(x,y) \
+        (((x)>(y))?(1):(((x)==(y))?(0):(-1)))
+/* This is gross, but... */
+#define lsb_net_ulong_less(x, y) long_less_than((u_char *)&x, (u_char *)&y)
+#define lsb_net_ushort_less(x, y) short_less_than((u_char *)&x, (u_char *)&y)
+
+#define long_less_than(x,y) \
+        (u_char_comp((x)[3],(y)[3])?u_char_comp((x)[3],(y)[3]): \
+	 (u_char_comp((x)[2],(y)[2])?u_char_comp((x)[2],(y)[2]): \
+	  (u_char_comp((x)[1],(y)[1])?u_char_comp((x)[1],(y)[1]): \
+	   (u_char_comp((x)[0],(y)[0])))))
+#define short_less_than(x,y) \
+	  (u_char_comp((x)[1],(y)[1])?u_char_comp((x)[1],(y)[1]): \
+	   (u_char_comp((x)[0],(y)[0])))
+
+#endif /* LSBFIRST */
+
+#endif /*  LSB_ADDR_COMP_DEFS */
diff --git a/src/include/kerberosIV/mit-copyright.h b/src/include/kerberosIV/mit-copyright.h
new file mode 100644
index 0000000000..cd30580ce2
--- /dev/null
+++ b/src/include/kerberosIV/mit-copyright.h
@@ -0,0 +1,20 @@
+/* 
+  Copyright (C) 1989 by the Massachusetts Institute of Technology
+
+   Export of this software from the United States of America is assumed
+   to require a specific license from the United States Government.
+   It is the responsibility of any person or organization contemplating
+   export to obtain such a license before exporting.
+
+WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+distribute this software and its documentation for any purpose and
+without fee is hereby granted, provided that the above copyright
+notice appear in all copies and that both that copyright notice and
+this permission notice appear in supporting documentation, and that
+the name of M.I.T. not be used in advertising or publicity pertaining
+to distribution of the software without specific, written prior
+permission.  M.I.T. makes no representations about the suitability of
+this software for any purpose.  It is provided "as is" without express
+or implied warranty.
+
+  */
diff --git a/src/include/kerberosIV/osconf.h b/src/include/kerberosIV/osconf.h
new file mode 100644
index 0000000000..9d6a9bb06b
--- /dev/null
+++ b/src/include/kerberosIV/osconf.h
@@ -0,0 +1,50 @@
+/*
+ * $Source$
+ * $Author$
+ * $Header$
+ *
+ * Copyright 1988 by the Massachusetts Institute of Technology.
+ *
+ * For copying and distribution information, please see the file
+ * <mit-copyright.h>.
+ *
+ * Athena configuration.
+ */
+
+#include <mit-copyright.h>
+
+#ifdef tahoe
+#include "conf-bsdtahoe.h"
+#else /* !tahoe */
+#ifdef vax
+#include "conf-bsdvax.h"
+#else /* !vax */
+#if defined(mips) && defined(ultrix)
+#include "conf-ultmips2.h"
+#else /* !Ultrix MIPS-2 */
+#ifdef ibm032
+#include "conf-bsdibm032.h"
+#else /* !ibm032 */
+#ifdef apollo
+#include "conf-bsdapollo.h"
+#else /* !apollo */
+#ifdef sun
+#ifdef sparc
+#include "conf-bsdsparc.h"
+#else /* sun but not sparc */
+#ifdef i386
+#include "conf-bsd386i.h"
+#else /* sun but not (sparc or 386i) */
+#include "conf-bsdm68k.h"
+#endif /* i386 */
+#endif /* sparc */
+#else /* !sun */
+#ifdef pyr
+#include "conf-pyr.h"
+#endif /* pyr */
+#endif /* sun */
+#endif /* apollo */
+#endif /* ibm032 */
+#endif /* mips */
+#endif /* vax */
+#endif /* tahoe */
diff --git a/src/include/kerberosIV/passwd_server.h b/src/include/kerberosIV/passwd_server.h
new file mode 100644
index 0000000000..08bb2977e6
--- /dev/null
+++ b/src/include/kerberosIV/passwd_server.h
@@ -0,0 +1,32 @@
+/*
+ * $Source$
+ * $Author$
+ * $Header$ 
+ *
+ * Copyright 1987, 1988 by the Massachusetts Institute of Technology. 
+ *
+ * For copying and distribution information, please see the file
+ * <mit-copyright.h>. 
+ *
+ * Include file for password server
+ */
+
+#include <mit-copyright.h>
+
+#ifndef PASSWD_SERVER_DEFS
+#define PASSWD_SERVER_DEFS
+
+#define PW_SRV_VERSION	2	/* version number */
+#define	RETRY_LIMIT	1
+#define	TIME_OUT	30
+#define USER_TIMEOUT	90
+#define MAX_KPW_LEN	40	/* hey, seems like a good number */
+
+#define INSTALL_NEW_PW	(1<<0)	/*
+				 * ver, cmd, name, password, old_pass,
+				 * crypt_pass, uid
+				 */
+
+#define INSTALL_REPLY	(1<<1)	/* ver, cmd, name, password */
+
+#endif /* PASSWD_SERVER_DEFS */
diff --git a/src/include/kerberosIV/principal.h b/src/include/kerberosIV/principal.h
new file mode 100644
index 0000000000..f1149426e3
--- /dev/null
+++ b/src/include/kerberosIV/principal.h
@@ -0,0 +1,22 @@
+/*
+ * $Source$
+ * $Author$
+ * $Header$
+ *
+ * Copyright 1988 by the Massachusetts Institute of Technology.
+ *
+ * For copying and distribution information, please see the file
+ * <mit-copyright.h>.
+ *
+ * Definitions for principal names.
+ */
+
+#include <mit-copyright.h>
+
+#ifndef PRINCIPAL_DEFS
+#define PRINCIPAL_DEFS
+
+#define NAME_LEN	39
+#define INSTANCE_LEN	39
+
+#endif /* PRINCIPAL_DEFS */
diff --git a/src/include/kerberosIV/prot.h b/src/include/kerberosIV/prot.h
new file mode 100644
index 0000000000..ff792715f9
--- /dev/null
+++ b/src/include/kerberosIV/prot.h
@@ -0,0 +1,97 @@
+
+/*
+ * $Source$
+ * $Author$
+ * $Header$
+ *
+ * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute
+ * of Technology.
+ *
+ * For copying and distribution information, please see the file
+ * <mit-copyright.h>.
+ *
+ * Include file with authentication protocol information.
+ */
+
+#include <mit-copyright.h>
+
+#include <krb_conf.h>
+
+#ifndef PROT_DEFS
+#define PROT_DEFS
+
+#define		KRB_PORT		750	/* PC's don't have
+						 * /etc/services */
+#define		KRB_PROT_VERSION 	4
+#define 	MAX_PKT_LEN		1000
+#define		MAX_TXT_LEN		1000
+#define		TICKET_GRANTING_TICKET	"krbtgt"
+
+/* Macro's to obtain various fields from a packet */
+
+#define pkt_version(packet)  (unsigned int) *(packet->dat)
+#define pkt_msg_type(packet) (unsigned int) *(packet->dat+1)
+#define pkt_a_name(packet)   (packet->dat+2)
+#define pkt_a_inst(packet)   \
+	(packet->dat+3+strlen((char *)pkt_a_name(packet)))
+#define pkt_a_realm(packet)  \
+	(pkt_a_inst(packet)+1+strlen((char *)pkt_a_inst(packet)))
+
+/* Macro to obtain realm from application request */
+#define apreq_realm(auth)     (auth->dat + 3)
+
+#define pkt_time_ws(packet) (char *) \
+        (packet->dat+5+strlen((char *)pkt_a_name(packet)) + \
+	 strlen((char *)pkt_a_inst(packet)) + \
+	 strlen((char *)pkt_a_realm(packet)))
+
+#define pkt_no_req(packet) (unsigned short) \
+        *(packet->dat+9+strlen((char *)pkt_a_name(packet)) + \
+	  strlen((char *)pkt_a_inst(packet)) + \
+	  strlen((char *)pkt_a_realm(packet)))
+#define pkt_x_date(packet) (char *) \
+        (packet->dat+10+strlen((char *)pkt_a_name(packet)) + \
+	 strlen((char *)pkt_a_inst(packet)) + \
+	 strlen((char *)pkt_a_realm(packet)))
+#define pkt_err_code(packet) ( (char *) \
+        (packet->dat+9+strlen((char *)pkt_a_name(packet)) + \
+	 strlen((char *)pkt_a_inst(packet)) + \
+	 strlen((char *)pkt_a_realm(packet))))
+#define pkt_err_text(packet) \
+        (packet->dat+13+strlen((char *)pkt_a_name(packet)) + \
+	 strlen((char *)pkt_a_inst(packet)) + \
+	 strlen((char *)pkt_a_realm(packet)))
+
+/* Routines to create and read packets may be found in prot.c */
+
+KTEXT create_auth_reply();
+KTEXT create_death_packet();
+KTEXT pkt_cipher();
+
+/* Message types , always leave lsb for byte order */
+
+#define		AUTH_MSG_KDC_REQUEST			 1<<1
+#define 	AUTH_MSG_KDC_REPLY			 2<<1
+#define		AUTH_MSG_APPL_REQUEST			 3<<1
+#define		AUTH_MSG_APPL_REQUEST_MUTUAL		 4<<1
+#define		AUTH_MSG_ERR_REPLY			 5<<1
+#define		AUTH_MSG_PRIVATE			 6<<1
+#define		AUTH_MSG_SAFE				 7<<1
+#define		AUTH_MSG_APPL_ERR			 8<<1
+#define 	AUTH_MSG_DIE				63<<1
+
+/* values for kerb error codes */
+
+#define		KERB_ERR_OK				 0
+#define		KERB_ERR_NAME_EXP			 1
+#define		KERB_ERR_SERVICE_EXP			 2
+#define		KERB_ERR_AUTH_EXP			 3
+#define		KERB_ERR_PKT_VER			 4
+#define		KERB_ERR_NAME_MAST_KEY_VER		 5
+#define		KERB_ERR_SERV_MAST_KEY_VER		 6
+#define		KERB_ERR_BYTE_ORDER			 7
+#define		KERB_ERR_PRINCIPAL_UNKNOWN		 8
+#define		KERB_ERR_PRINCIPAL_NOT_UNIQUE		 9
+#define		KERB_ERR_NULL_KEY			10
+
+#endif /* PROT_DEFS */
diff --git a/src/include/krb5/.rconf b/src/include/krb5/.rconf
new file mode 100644
index 0000000000..0278bafa07
--- /dev/null
+++ b/src/include/krb5/.rconf
@@ -0,0 +1,5 @@
+ignore README.encryption
+copy error_tables
+link stock
+ignore config.h
+ignore osconf.h
diff --git a/src/include/krb5/asn.1/.rconf b/src/include/krb5/asn.1/.rconf
new file mode 100644
index 0000000000..6715bf4617
--- /dev/null
+++ b/src/include/krb5/asn.1/.rconf
@@ -0,0 +1 @@
+ignore KRB5-types.h
diff --git a/src/include/sys/syslog.h b/src/include/sys/syslog.h
new file mode 100644
index 0000000000..ff91205838
--- /dev/null
+++ b/src/include/sys/syslog.h
@@ -0,0 +1,112 @@
+/*
+ * Copyright (c) 1982, 1986, 1988 Regents of the University of California.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms are permitted
+ * provided that the above copyright notice and this paragraph are
+ * duplicated in all such forms and that any documentation,
+ * advertising materials, and other materials related to such
+ * distribution and use acknowledge that the software was developed
+ * by the University of California, Berkeley.  The name of the
+ * University may not be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ *
+ *	@(#)syslog.h	7.10 (Berkeley) 6/27/88
+ */
+
+/*
+ * RCS Info	
+ *	$Header$
+ *	$Locker$
+ */
+
+/*
+ *  Facility codes
+ */
+
+#define LOG_KERN	(0<<3)	/* kernel messages */
+#define LOG_USER	(1<<3)	/* random user-level messages */
+#define LOG_MAIL	(2<<3)	/* mail system */
+#define LOG_DAEMON	(3<<3)	/* system daemons */
+#define LOG_AUTH	(4<<3)	/* security/authorization messages */
+#define LOG_SYSLOG	(5<<3)	/* messages generated internally by syslogd */
+#define LOG_LPR		(6<<3)	/* line printer subsystem */
+#define LOG_NEWS	(7<<3)	/* network news subsystem */
+#define LOG_UUCP	(8<<3)	/* UUCP subsystem */
+	/* other codes through 15 reserved for system use */
+#define LOG_LOCAL0	(16<<3)	/* reserved for local use */
+#define LOG_LOCAL1	(17<<3)	/* reserved for local use */
+#define LOG_LOCAL2	(18<<3)	/* reserved for local use */
+#define LOG_LOCAL3	(19<<3)	/* reserved for local use */
+#define LOG_LOCAL4	(20<<3)	/* reserved for local use */
+#define LOG_LOCAL5	(21<<3)	/* reserved for local use */
+#define LOG_LOCAL6	(22<<3)	/* reserved for local use */
+#define LOG_LOCAL7	(23<<3)	/* reserved for local use */
+
+#define LOG_NFACILITIES	24	/* maximum number of facilities */
+#define LOG_FACMASK	0x03f8	/* mask to extract facility part */
+
+#define LOG_FAC(p)	(((p) & LOG_FACMASK) >> 3)	/* facility of pri */
+
+/*
+ *  Priorities (these are ordered)
+ */
+
+#define LOG_EMERG	0	/* system is unusable */
+#define LOG_ALERT	1	/* action must be taken immediately */
+#define LOG_CRIT	2	/* critical conditions */
+#define LOG_ERR		3	/* error conditions */
+#define LOG_WARNING	4	/* warning conditions */
+#define LOG_NOTICE	5	/* normal but signification condition */
+#define LOG_INFO	6	/* informational */
+#define LOG_DEBUG	7	/* debug-level messages */
+
+#define LOG_PRIMASK	0x0007	/* mask to extract priority part (internal) */
+#define LOG_PRI(p)	((p) & LOG_PRIMASK)	/* extract priority */
+
+#define	LOG_MAKEPRI(fac, pri)	(((fac) << 3) | (pri))
+
+#ifdef KERNEL
+#define LOG_PRINTF	-1	/* pseudo-priority to indicate use of printf */
+#endif
+
+/*
+ * arguments to setlogmask.
+ */
+#define	LOG_MASK(pri)	(1 << (pri))		/* mask for one priority */
+#define	LOG_UPTO(pri)	((1 << ((pri)+1)) - 1)	/* all priorities through pri */
+
+/*
+ *  Option flags for openlog.
+ *
+ *	LOG_ODELAY no longer does anything; LOG_NDELAY is the
+ *	inverse of what it used to be.
+ */
+#define	LOG_PID		0x01	/* log the pid with each message */
+#define	LOG_CONS	0x02	/* log on the console if errors in sending */
+#define	LOG_ODELAY	0x04	/* delay open until syslog() is called */
+#define LOG_NDELAY	0x08	/* don't delay open */
+#define LOG_NOWAIT	0x10	/* if forking to log on console, don't wait() */
+
+#ifndef KERNEL
+#if defined(__STDC__) || defined(KRB5_PROVIDE_PROTOTYPES)
+extern void syslog  (int , const char *, ... );
+#ifdef va_start				
+/* XXX depending on #define of va_start in <stdarg.h> */
+extern void vsyslog  (int , const char *, va_list );
+#endif
+extern void openlog  (const char *, int , int );
+extern void closelog  (void );
+extern int setlogmask  (int );
+#else /* STDC */
+extern void syslog  ();
+extern void vsyslog  ();
+extern void openlog  ();
+extern void closelog  ();
+extern int setlogmask  ();
+#endif /* STDC */
+
+#endif
diff --git a/src/include/syslog.h b/src/include/syslog.h
new file mode 100644
index 0000000000..ff91205838
--- /dev/null
+++ b/src/include/syslog.h
@@ -0,0 +1,112 @@
+/*
+ * Copyright (c) 1982, 1986, 1988 Regents of the University of California.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms are permitted
+ * provided that the above copyright notice and this paragraph are
+ * duplicated in all such forms and that any documentation,
+ * advertising materials, and other materials related to such
+ * distribution and use acknowledge that the software was developed
+ * by the University of California, Berkeley.  The name of the
+ * University may not be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ *
+ *	@(#)syslog.h	7.10 (Berkeley) 6/27/88
+ */
+
+/*
+ * RCS Info	
+ *	$Header$
+ *	$Locker$
+ */
+
+/*
+ *  Facility codes
+ */
+
+#define LOG_KERN	(0<<3)	/* kernel messages */
+#define LOG_USER	(1<<3)	/* random user-level messages */
+#define LOG_MAIL	(2<<3)	/* mail system */
+#define LOG_DAEMON	(3<<3)	/* system daemons */
+#define LOG_AUTH	(4<<3)	/* security/authorization messages */
+#define LOG_SYSLOG	(5<<3)	/* messages generated internally by syslogd */
+#define LOG_LPR		(6<<3)	/* line printer subsystem */
+#define LOG_NEWS	(7<<3)	/* network news subsystem */
+#define LOG_UUCP	(8<<3)	/* UUCP subsystem */
+	/* other codes through 15 reserved for system use */
+#define LOG_LOCAL0	(16<<3)	/* reserved for local use */
+#define LOG_LOCAL1	(17<<3)	/* reserved for local use */
+#define LOG_LOCAL2	(18<<3)	/* reserved for local use */
+#define LOG_LOCAL3	(19<<3)	/* reserved for local use */
+#define LOG_LOCAL4	(20<<3)	/* reserved for local use */
+#define LOG_LOCAL5	(21<<3)	/* reserved for local use */
+#define LOG_LOCAL6	(22<<3)	/* reserved for local use */
+#define LOG_LOCAL7	(23<<3)	/* reserved for local use */
+
+#define LOG_NFACILITIES	24	/* maximum number of facilities */
+#define LOG_FACMASK	0x03f8	/* mask to extract facility part */
+
+#define LOG_FAC(p)	(((p) & LOG_FACMASK) >> 3)	/* facility of pri */
+
+/*
+ *  Priorities (these are ordered)
+ */
+
+#define LOG_EMERG	0	/* system is unusable */
+#define LOG_ALERT	1	/* action must be taken immediately */
+#define LOG_CRIT	2	/* critical conditions */
+#define LOG_ERR		3	/* error conditions */
+#define LOG_WARNING	4	/* warning conditions */
+#define LOG_NOTICE	5	/* normal but signification condition */
+#define LOG_INFO	6	/* informational */
+#define LOG_DEBUG	7	/* debug-level messages */
+
+#define LOG_PRIMASK	0x0007	/* mask to extract priority part (internal) */
+#define LOG_PRI(p)	((p) & LOG_PRIMASK)	/* extract priority */
+
+#define	LOG_MAKEPRI(fac, pri)	(((fac) << 3) | (pri))
+
+#ifdef KERNEL
+#define LOG_PRINTF	-1	/* pseudo-priority to indicate use of printf */
+#endif
+
+/*
+ * arguments to setlogmask.
+ */
+#define	LOG_MASK(pri)	(1 << (pri))		/* mask for one priority */
+#define	LOG_UPTO(pri)	((1 << ((pri)+1)) - 1)	/* all priorities through pri */
+
+/*
+ *  Option flags for openlog.
+ *
+ *	LOG_ODELAY no longer does anything; LOG_NDELAY is the
+ *	inverse of what it used to be.
+ */
+#define	LOG_PID		0x01	/* log the pid with each message */
+#define	LOG_CONS	0x02	/* log on the console if errors in sending */
+#define	LOG_ODELAY	0x04	/* delay open until syslog() is called */
+#define LOG_NDELAY	0x08	/* don't delay open */
+#define LOG_NOWAIT	0x10	/* if forking to log on console, don't wait() */
+
+#ifndef KERNEL
+#if defined(__STDC__) || defined(KRB5_PROVIDE_PROTOTYPES)
+extern void syslog  (int , const char *, ... );
+#ifdef va_start				
+/* XXX depending on #define of va_start in <stdarg.h> */
+extern void vsyslog  (int , const char *, va_list );
+#endif
+extern void openlog  (const char *, int , int );
+extern void closelog  (void );
+extern int setlogmask  (int );
+#else /* STDC */
+extern void syslog  ();
+extern void vsyslog  ();
+extern void openlog  ();
+extern void closelog  ();
+extern int setlogmask  ();
+#endif /* STDC */
+
+#endif