--- etc/afpd/auth.c.orig	Tue Sep 17 04:33:55 1996
+++ etc/afpd/auth.c	Tue Mar 16 18:25:36 1999
@@ -37,9 +37,15 @@
 #endif KRB AFS UAM_AFSKRB
 
 #if defined( KRB ) || defined( UAM_AFSKRB )
+#ifdef SOLARIS
+#include <kerberos/krb.h>
+#include <kerberos/des.h>
+#include <kerberos/prot.h>
+#else SOLARIS
 #include <krb.h>
 #include <des.h>
 #include <prot.h>
+#endif SOLARIS
 
 C_Block			seskey;
 Key_schedule		seskeysched;
@@ -101,7 +107,9 @@
 #ifdef KRB
     { "Kerberos IV",		krb4_login,	krb4_logincont,		0 },
 #endif KRB
+#ifndef AFS
     { "Cleartxt Passwrd",	clrtxt_login,	NULL,			0 },
+#endif AFS
 #ifdef UAM_AFSKRB
     { "AFS Kerberos",		afskrb_login,	afskrb_logincont,	0 },
 #endif UAM_AFSKRB
@@ -277,15 +285,15 @@
 	return( AFPERR_NOTAUTH );
     }
 
-    syslog( LOG_INFO, "login %s (uid %d, gid %d)", name, uid, gid );
-    if ( initgroups( name, gid ) < 0 || setgid( gid ) < 0 ||
-	    setuid( uid ) < 0 ) {
-	syslog( LOG_ERR, "login: %m" );
-	return( AFPERR_BADUAM );
+    if (( ngroups = getgroups( NGROUPS, groups )) < 0 ) {
+        syslog( LOG_ERR, "login: getgroups: %m" );
+        return( AFPERR_BADUAM );
     }
 
-    if (( ngroups = getgroups( NGROUPS, groups )) < 0 ) {
-	syslog( LOG_ERR, "login: getgroups: %m" );
+    syslog( LOG_INFO, "login %s (uid %d, gid %d)", name, uid, gid );
+    if ( initgroups( name, gid ) < 0 || setgroups(ngroups, groups) < 0 ||
+		setgid( gid ) < 0 || setuid( uid ) < 0 ) {
+	syslog( LOG_ERR, "login: %m" );
 	return( AFPERR_BADUAM );
     }
     uuid = uid;
@@ -448,7 +456,7 @@
 	bcopy( p, &cr, len );
 
 	pcbc_encrypt((C_Block *)&cr, (C_Block *)&cr, len, seskeysched,
-		seskey, DES_DECRYPT );
+		seskey, DECRYPT );
 
 	p = buf;
 	cr.ticket_st.length = ntohl( cr.ticket_st.length );
@@ -512,7 +520,7 @@
 
 extern char	*crypt();
 
-static char	clrtxtname[ 31 ];
+static char	clrtxtname[ 32 ];
 
 clrtxt_login( ibuf, ibuflen, rbuf, rbuflen )
     char	*ibuf, *rbuf;
@@ -527,13 +535,16 @@
 
     *rbuflen = 0;
 
-    len = *ibuf++;
+    len = *(unsigned char *)ibuf++;
     if ( len > 31 ) {
 	return( AFPERR_PARAM );
     }
     bcopy( ibuf, clrtxtname, len );
     ibuf += len;
     clrtxtname[ len ] = '\0';
+    while ( len-- ) {
+	clrtxtname[ len ] = tolower( clrtxtname[ len ] );
+    }
     username = clrtxtname;
     if (( pwd = getpwnam( clrtxtname )) == NULL ) {
 	return( AFPERR_NOTAUTH );
@@ -566,11 +577,6 @@
 	    ++ibuf;
 	}
 	ibuf[ 8 ] = '\0';
-#ifdef AFS
-	if ( kcheckuser( pwd, ibuf ) == 0 ) {
-	    return( login( pwd->pw_name, pwd->pw_uid, pwd->pw_gid ));
-	}
-#endif AFS
 	p = crypt( ibuf, pwd->pw_passwd );
 	if ( strcmp( p, pwd->pw_passwd ) == 0 ) {
 	    return( login( pwd->pw_name, pwd->pw_uid, pwd->pw_gid ));
@@ -579,96 +585,6 @@
     return( AFPERR_NOTAUTH );
 }
 
-#ifdef AFS
-#include <rx/rxkad.h>
-#include <afs/afsint.h>
-
-char *ka_LocalCell();
-
-void
-addrealm(realm,cells)
-    char *realm;
-	char ***cells;
-{
-    char **ptr;
-	int temp;
-
-	ptr= *cells;
-
-    for(;*ptr != 0 ;ptr++)
-        if(!strcmp(realm,*ptr))
-            return;
-
-	temp=ptr- *cells;
-	*cells=(char**)realloc(*cells,((2+temp)*sizeof(char*)));
-	ptr= *cells+temp;
-
-    *ptr=(char*)malloc(strlen(realm)+1);
-    strcpy(*ptr++,realm);
-	*ptr=0;
-    return;
-}
-
-int kcheckuser(pwd,passwd)
-	struct passwd *pwd;
-	char *passwd;
-{
-	long code;
-	char *instance="";
-	char realm[MAXKTCREALMLEN];
-	char lorealm[MAXKTCREALMLEN];
-	char *cell;
-	Date lifetime=MAXKTCTICKETLIFETIME;
-	int rval;
-	char **cells=(char **)malloc(sizeof(char*));
-	char *temp;
-	int rc,cellNum;
-	struct ktc_principal serviceName;
-
-	*cells=0;
-
-	code = ka_Init(0);
-
-	{
-		char *temp,*temp1;
-		temp=(char*)malloc(strlen(pwd->pw_dir)+1);
-		strcpy(temp,pwd->pw_dir);
-		temp1=temp;
-		temp=strtok(temp,"/");
-		temp=strtok('\0',"/");
-		ka_CellToRealm(temp,realm,0);
-		addrealm(realm,&cells);
-		free(temp1);
-	}
-
-	setpag();
-	authenticate(cells,pwd->pw_name,passwd);
-	cellNum=0;
-	rc=ktc_ListTokens(cellNum,&cellNum,&serviceName);
-	if(rc)
-		rval=1;
-	else{
-		rval=0;
-	}
-
-	return(rval);
-}
-
-authenticate(cells,name,passwd)
-	char **cells;
-	char *name;
-	char *passwd;
-{
-	char **ptr=cells;
-	char *errorstring;
-
-	while(*ptr){
-	    ka_UserAuthenticate(name,/*instance*/"",/*cell*/*ptr++,
-		    passwd,/*setpag*/0,&errorstring);
-	}
-}
-#endif AFS
-
 #if defined( UAM_AFSKRB ) && defined( AFS )
 afskrb_login( ibuf, ibuflen, rbuf, rbuflen )
     char	*ibuf, *rbuf;
@@ -793,7 +709,7 @@
     ibuf += sizeof( short );
 
     pcbc_encrypt((C_Block *)ibuf, (C_Block *)ibuf,
-	    clen, seskeysched, seskey, DES_DECRYPT );
+	    clen, seskeysched, seskey, DECRYPT );
     if ( kuam_set_in_tkt( name, instance, realm, TICKET_GRANTING_TICKET,
 	    realm, ibuf ) != INTK_OK ) {
 	return( AFPERR_PARAM );
