Generated files. Removes dependency on asn1_compile, etc.

70 files changed, 15884 insertions, 0 deletions

diff --git a/lib/libkrb5/generated/asn1_APOptions.c b/lib/libkrb5/generated/asn1_APOptions.c
new file mode 100644
index 00000000000..3eda096a9f5
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_APOptions.c
@@ -0,0 +1,122 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_APOptions(unsigned char *p, size_t len, const APOptions *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+{
+unsigned char c = 0;
+*p-- = c; len--; ret++;
+c = 0;
+*p-- = c; len--; ret++;
+c = 0;
+*p-- = c; len--; ret++;
+c = 0;
+if(data->mutual_required) c |= 1<<5;
+if(data->use_session_key) c |= 1<<6;
+if(data->reserved) c |= 1<<7;
+*p-- = c;
+*p-- = 0;
+len -= 2;
+ret += 2;
+}
+
+e = der_put_length_and_tag (p, len, ret, UNIV, PRIM,UT_BitString, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_APOptions(const unsigned char *p, size_t len, APOptions *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, UNIV, PRIM, UT_BitString,&reallen, &l);
+FORW;
+if(len < reallen)
+return ASN1_OVERRUN;
+p++;
+len--;
+reallen--;
+ret++;
+data->reserved = (*p >> 7) & 1;
+data->use_session_key = (*p >> 6) & 1;
+data->mutual_required = (*p >> 5) & 1;
+p += reallen; len -= reallen; ret += reallen;
+if(size) *size = ret;
+return 0;
+fail:
+free_APOptions(data);
+return e;
+}
+
+void
+free_APOptions(APOptions *data)
+{
+}
+
+size_t
+length_APOptions(const APOptions *data)
+{
+size_t ret = 0;
+ret += 7;
+return ret;
+}
+
+int
+copy_APOptions(const APOptions *from, APOptions *to)
+{
+*(to) = *(from);
+return 0;
+}
+
+unsigned APOptions2int(APOptions f)
+{
+unsigned r = 0;
+if(f.reserved) r |= (1U << 0);
+if(f.use_session_key) r |= (1U << 1);
+if(f.mutual_required) r |= (1U << 2);
+return r;
+}
+
+APOptions int2APOptions(unsigned n)
+{
+	APOptions flags;
+
+	flags.reserved = (n >> 0) & 1;
+	flags.use_session_key = (n >> 1) & 1;
+	flags.mutual_required = (n >> 2) & 1;
+	return flags;
+}
+
+struct units APOptions_units[] = {
+	{"mutual_required",	1U << 2},
+	{"use_session_key",	1U << 1},
+	{"reserved",	1U << 0},
+	{NULL,	0}
+};
+
diff --git a/lib/libkrb5/generated/asn1_AP_REP.c b/lib/libkrb5/generated/asn1_AP_REP.c
new file mode 100644
index 00000000000..1ffcc8ee044
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_AP_REP.c
@@ -0,0 +1,219 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_AP_REP(unsigned char *p, size_t len, const AP_REP *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+{
+int oldret = ret;
+ret = 0;
+e = encode_EncryptedData(p, len, &(data)->enc_part, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 2, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_MESSAGE_TYPE(p, len, &(data)->msg_type, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, &(data)->pvno, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 0, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, APPL, CONS, 15, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_AP_REP(const unsigned char *p, size_t len, AP_REP *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, APPL, CONS, 15, &reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 0, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_integer(p, len, &(data)->pvno, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_MESSAGE_TYPE(p, len, &(data)->msg_type, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 2, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_EncryptedData(p, len, &(data)->enc_part, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_AP_REP(data);
+return e;
+}
+
+void
+free_AP_REP(AP_REP *data)
+{
+free_MESSAGE_TYPE(&(data)->msg_type);
+free_EncryptedData(&(data)->enc_part);
+}
+
+size_t
+length_AP_REP(const AP_REP *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+ret = 0;
+ret += length_integer(&(data)->pvno);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_MESSAGE_TYPE(&(data)->msg_type);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_EncryptedData(&(data)->enc_part);
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+ret += 1 + length_len (ret);
+return ret;
+}
+
+int
+copy_AP_REP(const AP_REP *from, AP_REP *to)
+{
+*(&(to)->pvno) = *(&(from)->pvno);
+if(copy_MESSAGE_TYPE(&(from)->msg_type, &(to)->msg_type)) return ENOMEM;
+if(copy_EncryptedData(&(from)->enc_part, &(to)->enc_part)) return ENOMEM;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_AP_REQ.c b/lib/libkrb5/generated/asn1_AP_REQ.c
new file mode 100644
index 00000000000..adebca92306
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_AP_REQ.c
@@ -0,0 +1,305 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_AP_REQ(unsigned char *p, size_t len, const AP_REQ *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+{
+int oldret = ret;
+ret = 0;
+e = encode_EncryptedData(p, len, &(data)->authenticator, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 4, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_Ticket(p, len, &(data)->ticket, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 3, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_APOptions(p, len, &(data)->ap_options, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 2, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_MESSAGE_TYPE(p, len, &(data)->msg_type, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, &(data)->pvno, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 0, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, APPL, CONS, 14, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_AP_REQ(const unsigned char *p, size_t len, AP_REQ *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, APPL, CONS, 14, &reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 0, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_integer(p, len, &(data)->pvno, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_MESSAGE_TYPE(p, len, &(data)->msg_type, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 2, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_APOptions(p, len, &(data)->ap_options, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 3, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_Ticket(p, len, &(data)->ticket, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 4, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_EncryptedData(p, len, &(data)->authenticator, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_AP_REQ(data);
+return e;
+}
+
+void
+free_AP_REQ(AP_REQ *data)
+{
+free_MESSAGE_TYPE(&(data)->msg_type);
+free_APOptions(&(data)->ap_options);
+free_Ticket(&(data)->ticket);
+free_EncryptedData(&(data)->authenticator);
+}
+
+size_t
+length_AP_REQ(const AP_REQ *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+ret = 0;
+ret += length_integer(&(data)->pvno);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_MESSAGE_TYPE(&(data)->msg_type);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_APOptions(&(data)->ap_options);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_Ticket(&(data)->ticket);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_EncryptedData(&(data)->authenticator);
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+ret += 1 + length_len (ret);
+return ret;
+}
+
+int
+copy_AP_REQ(const AP_REQ *from, AP_REQ *to)
+{
+*(&(to)->pvno) = *(&(from)->pvno);
+if(copy_MESSAGE_TYPE(&(from)->msg_type, &(to)->msg_type)) return ENOMEM;
+if(copy_APOptions(&(from)->ap_options, &(to)->ap_options)) return ENOMEM;
+if(copy_Ticket(&(from)->ticket, &(to)->ticket)) return ENOMEM;
+if(copy_EncryptedData(&(from)->authenticator, &(to)->authenticator)) return ENOMEM;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_AS_REP.c b/lib/libkrb5/generated/asn1_AS_REP.c
new file mode 100644
index 00000000000..e0bcc901c10
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_AS_REP.c
@@ -0,0 +1,84 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_AS_REP(unsigned char *p, size_t len, const AS_REP *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+e = encode_KDC_REP(p, len, data, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, APPL, CONS, 11, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_AS_REP(const unsigned char *p, size_t len, AS_REP *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, APPL, CONS, 11, &reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+e = decode_KDC_REP(p, len, data, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_AS_REP(data);
+return e;
+}
+
+void
+free_AS_REP(AS_REP *data)
+{
+free_KDC_REP(data);
+}
+
+size_t
+length_AS_REP(const AS_REP *data)
+{
+size_t ret = 0;
+ret += length_KDC_REP(data);
+ret += 1 + length_len (ret);
+return ret;
+}
+
+int
+copy_AS_REP(const AS_REP *from, AS_REP *to)
+{
+if(copy_KDC_REP(from, to)) return ENOMEM;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_AS_REQ.c b/lib/libkrb5/generated/asn1_AS_REQ.c
new file mode 100644
index 00000000000..233f1c4a2c1
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_AS_REQ.c
@@ -0,0 +1,84 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_AS_REQ(unsigned char *p, size_t len, const AS_REQ *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+e = encode_KDC_REQ(p, len, data, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, APPL, CONS, 10, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_AS_REQ(const unsigned char *p, size_t len, AS_REQ *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, APPL, CONS, 10, &reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+e = decode_KDC_REQ(p, len, data, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_AS_REQ(data);
+return e;
+}
+
+void
+free_AS_REQ(AS_REQ *data)
+{
+free_KDC_REQ(data);
+}
+
+size_t
+length_AS_REQ(const AS_REQ *data)
+{
+size_t ret = 0;
+ret += length_KDC_REQ(data);
+ret += 1 + length_len (ret);
+return ret;
+}
+
+int
+copy_AS_REQ(const AS_REQ *from, AS_REQ *to)
+{
+if(copy_KDC_REQ(from, to)) return ENOMEM;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_Authenticator.c b/lib/libkrb5/generated/asn1_Authenticator.c
new file mode 100644
index 00000000000..a96cdfcad74
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_Authenticator.c
@@ -0,0 +1,520 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_Authenticator(unsigned char *p, size_t len, const Authenticator *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+if((data)->authorization_data)
+{
+int oldret = ret;
+ret = 0;
+e = encode_AuthorizationData(p, len, (data)->authorization_data, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 8, &l);
+BACK;
+ret += oldret;
+}
+if((data)->seq_number)
+{
+int oldret = ret;
+ret = 0;
+e = encode_UNSIGNED(p, len, (data)->seq_number, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 7, &l);
+BACK;
+ret += oldret;
+}
+if((data)->subkey)
+{
+int oldret = ret;
+ret = 0;
+e = encode_EncryptionKey(p, len, (data)->subkey, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 6, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_KerberosTime(p, len, &(data)->ctime, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 5, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, &(data)->cusec, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 4, &l);
+BACK;
+ret += oldret;
+}
+if((data)->cksum)
+{
+int oldret = ret;
+ret = 0;
+e = encode_Checksum(p, len, (data)->cksum, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 3, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_PrincipalName(p, len, &(data)->cname, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 2, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_Realm(p, len, &(data)->crealm, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, &(data)->authenticator_vno, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 0, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, APPL, CONS, 2, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_Authenticator(const unsigned char *p, size_t len, Authenticator *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, APPL, CONS, 2, &reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 0, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_integer(p, len, &(data)->authenticator_vno, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_Realm(p, len, &(data)->crealm, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 2, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_PrincipalName(p, len, &(data)->cname, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 3, &l);
+if (e)
+(data)->cksum = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->cksum = malloc(sizeof(*(data)->cksum));
+if((data)->cksum == NULL) return ENOMEM;
+e = decode_Checksum(p, len, (data)->cksum, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 4, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_integer(p, len, &(data)->cusec, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 5, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_KerberosTime(p, len, &(data)->ctime, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 6, &l);
+if (e)
+(data)->subkey = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->subkey = malloc(sizeof(*(data)->subkey));
+if((data)->subkey == NULL) return ENOMEM;
+e = decode_EncryptionKey(p, len, (data)->subkey, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 7, &l);
+if (e)
+(data)->seq_number = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->seq_number = malloc(sizeof(*(data)->seq_number));
+if((data)->seq_number == NULL) return ENOMEM;
+e = decode_UNSIGNED(p, len, (data)->seq_number, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 8, &l);
+if (e)
+(data)->authorization_data = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->authorization_data = malloc(sizeof(*(data)->authorization_data));
+if((data)->authorization_data == NULL) return ENOMEM;
+e = decode_AuthorizationData(p, len, (data)->authorization_data, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_Authenticator(data);
+return e;
+}
+
+void
+free_Authenticator(Authenticator *data)
+{
+free_Realm(&(data)->crealm);
+free_PrincipalName(&(data)->cname);
+if((data)->cksum) {
+free_Checksum((data)->cksum);
+free((data)->cksum);
+}
+free_KerberosTime(&(data)->ctime);
+if((data)->subkey) {
+free_EncryptionKey((data)->subkey);
+free((data)->subkey);
+}
+if((data)->seq_number) {
+free_UNSIGNED((data)->seq_number);
+free((data)->seq_number);
+}
+if((data)->authorization_data) {
+free_AuthorizationData((data)->authorization_data);
+free((data)->authorization_data);
+}
+}
+
+size_t
+length_Authenticator(const Authenticator *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+ret = 0;
+ret += length_integer(&(data)->authenticator_vno);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_Realm(&(data)->crealm);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_PrincipalName(&(data)->cname);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->cksum){
+int oldret = ret;
+ret = 0;
+ret += length_Checksum((data)->cksum);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_integer(&(data)->cusec);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_KerberosTime(&(data)->ctime);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->subkey){
+int oldret = ret;
+ret = 0;
+ret += length_EncryptionKey((data)->subkey);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->seq_number){
+int oldret = ret;
+ret = 0;
+ret += length_UNSIGNED((data)->seq_number);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->authorization_data){
+int oldret = ret;
+ret = 0;
+ret += length_AuthorizationData((data)->authorization_data);
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+ret += 1 + length_len (ret);
+return ret;
+}
+
+int
+copy_Authenticator(const Authenticator *from, Authenticator *to)
+{
+*(&(to)->authenticator_vno) = *(&(from)->authenticator_vno);
+if(copy_Realm(&(from)->crealm, &(to)->crealm)) return ENOMEM;
+if(copy_PrincipalName(&(from)->cname, &(to)->cname)) return ENOMEM;
+if((from)->cksum) {
+(to)->cksum = malloc(sizeof(*(to)->cksum));
+if((to)->cksum == NULL) return ENOMEM;
+if(copy_Checksum((from)->cksum, (to)->cksum)) return ENOMEM;
+}else
+(to)->cksum = NULL;
+*(&(to)->cusec) = *(&(from)->cusec);
+if(copy_KerberosTime(&(from)->ctime, &(to)->ctime)) return ENOMEM;
+if((from)->subkey) {
+(to)->subkey = malloc(sizeof(*(to)->subkey));
+if((to)->subkey == NULL) return ENOMEM;
+if(copy_EncryptionKey((from)->subkey, (to)->subkey)) return ENOMEM;
+}else
+(to)->subkey = NULL;
+if((from)->seq_number) {
+(to)->seq_number = malloc(sizeof(*(to)->seq_number));
+if((to)->seq_number == NULL) return ENOMEM;
+if(copy_UNSIGNED((from)->seq_number, (to)->seq_number)) return ENOMEM;
+}else
+(to)->seq_number = NULL;
+if((from)->authorization_data) {
+(to)->authorization_data = malloc(sizeof(*(to)->authorization_data));
+if((to)->authorization_data == NULL) return ENOMEM;
+if(copy_AuthorizationData((from)->authorization_data, (to)->authorization_data)) return ENOMEM;
+}else
+(to)->authorization_data = NULL;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_AuthorizationData.c b/lib/libkrb5/generated/asn1_AuthorizationData.c
new file mode 100644
index 00000000000..14b310d8f8d
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_AuthorizationData.c
@@ -0,0 +1,203 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_AuthorizationData(unsigned char *p, size_t len, const AuthorizationData *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+for(i = (data)->len - 1; i >= 0; --i) {
+int oldret = ret;
+ret = 0;
+{
+int oldret = ret;
+ret = 0;
+e = encode_octet_string(p, len, &(&(data)->val[i])->ad_data, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, &(&(data)->val[i])->ad_type, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 0, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_AuthorizationData(const unsigned char *p, size_t len, AuthorizationData *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+if(len < reallen)
+return ASN1_OVERRUN;
+len = reallen;
+{
+size_t origlen = len;
+int oldret = ret;
+ret = 0;
+(data)->len = 0;
+(data)->val = NULL;
+while(ret < origlen) {
+(data)->len++;
+(data)->val = realloc((data)->val, sizeof(*((data)->val)) * (data)->len);
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 0, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_integer(p, len, &(&(data)->val[(data)->len-1])->ad_type, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_octet_string(p, len, &(&(data)->val[(data)->len-1])->ad_data, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+len = origlen - ret;
+}
+ret += oldret;
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_AuthorizationData(data);
+return e;
+}
+
+void
+free_AuthorizationData(AuthorizationData *data)
+{
+while((data)->len){
+free_octet_string(&(&(data)->val[(data)->len-1])->ad_data);
+(data)->len--;
+}
+free((data)->val);
+}
+
+size_t
+length_AuthorizationData(const AuthorizationData *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+int i;
+ret = 0;
+for(i = (data)->len - 1; i >= 0; --i){
+{
+int oldret = ret;
+ret = 0;
+ret += length_integer(&(&(data)->val[i])->ad_type);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_octet_string(&(&(data)->val[i])->ad_data);
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+}
+ret += 1 + length_len(ret) + oldret;
+}
+return ret;
+}
+
+int
+copy_AuthorizationData(const AuthorizationData *from, AuthorizationData *to)
+{
+if(((to)->val = malloc((from)->len * sizeof(*(to)->val))) == NULL && (from)->len != 0)
+return ENOMEM;
+for((to)->len = 0; (to)->len < (from)->len; (to)->len++){
+*(&(&(to)->val[(to)->len])->ad_type) = *(&(&(from)->val[(to)->len])->ad_type);
+if(copy_octet_string(&(&(from)->val[(to)->len])->ad_data, &(&(to)->val[(to)->len])->ad_data)) return ENOMEM;
+}
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_CKSUMTYPE.c b/lib/libkrb5/generated/asn1_CKSUMTYPE.c
new file mode 100644
index 00000000000..38b26dc691d
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_CKSUMTYPE.c
@@ -0,0 +1,69 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_CKSUMTYPE(unsigned char *p, size_t len, const CKSUMTYPE *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+e = encode_integer(p, len, (const int*)data, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_CKSUMTYPE(const unsigned char *p, size_t len, CKSUMTYPE *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = decode_integer(p, len, (int*)data, &l);
+FORW;
+if(size) *size = ret;
+return 0;
+fail:
+free_CKSUMTYPE(data);
+return e;
+}
+
+void
+free_CKSUMTYPE(CKSUMTYPE *data)
+{
+}
+
+size_t
+length_CKSUMTYPE(const CKSUMTYPE *data)
+{
+size_t ret = 0;
+ret += length_integer((const int*)data);
+return ret;
+}
+
+int
+copy_CKSUMTYPE(const CKSUMTYPE *from, CKSUMTYPE *to)
+{
+*(to) = *(from);
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_Checksum.c b/lib/libkrb5/generated/asn1_Checksum.c
new file mode 100644
index 00000000000..63626216783
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_Checksum.c
@@ -0,0 +1,163 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_Checksum(unsigned char *p, size_t len, const Checksum *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+{
+int oldret = ret;
+ret = 0;
+e = encode_octet_string(p, len, &(data)->checksum, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_CKSUMTYPE(p, len, &(data)->cksumtype, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 0, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_Checksum(const unsigned char *p, size_t len, Checksum *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 0, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_CKSUMTYPE(p, len, &(data)->cksumtype, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_octet_string(p, len, &(data)->checksum, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_Checksum(data);
+return e;
+}
+
+void
+free_Checksum(Checksum *data)
+{
+free_CKSUMTYPE(&(data)->cksumtype);
+free_octet_string(&(data)->checksum);
+}
+
+size_t
+length_Checksum(const Checksum *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+ret = 0;
+ret += length_CKSUMTYPE(&(data)->cksumtype);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_octet_string(&(data)->checksum);
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+return ret;
+}
+
+int
+copy_Checksum(const Checksum *from, Checksum *to)
+{
+if(copy_CKSUMTYPE(&(from)->cksumtype, &(to)->cksumtype)) return ENOMEM;
+if(copy_octet_string(&(from)->checksum, &(to)->checksum)) return ENOMEM;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_ENCTYPE.c b/lib/libkrb5/generated/asn1_ENCTYPE.c
new file mode 100644
index 00000000000..e58f4e4e0c9
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_ENCTYPE.c
@@ -0,0 +1,69 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_ENCTYPE(unsigned char *p, size_t len, const ENCTYPE *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+e = encode_integer(p, len, (const int*)data, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_ENCTYPE(const unsigned char *p, size_t len, ENCTYPE *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = decode_integer(p, len, (int*)data, &l);
+FORW;
+if(size) *size = ret;
+return 0;
+fail:
+free_ENCTYPE(data);
+return e;
+}
+
+void
+free_ENCTYPE(ENCTYPE *data)
+{
+}
+
+size_t
+length_ENCTYPE(const ENCTYPE *data)
+{
+size_t ret = 0;
+ret += length_integer((const int*)data);
+return ret;
+}
+
+int
+copy_ENCTYPE(const ENCTYPE *from, ENCTYPE *to)
+{
+*(to) = *(from);
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_ETYPE_INFO.c b/lib/libkrb5/generated/asn1_ETYPE_INFO.c
new file mode 100644
index 00000000000..91141b63dc5
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_ETYPE_INFO.c
@@ -0,0 +1,111 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_ETYPE_INFO(unsigned char *p, size_t len, const ETYPE_INFO *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+for(i = (data)->len - 1; i >= 0; --i) {
+int oldret = ret;
+ret = 0;
+e = encode_ETYPE_INFO_ENTRY(p, len, &(data)->val[i], &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_ETYPE_INFO(const unsigned char *p, size_t len, ETYPE_INFO *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+if(len < reallen)
+return ASN1_OVERRUN;
+len = reallen;
+{
+size_t origlen = len;
+int oldret = ret;
+ret = 0;
+(data)->len = 0;
+(data)->val = NULL;
+while(ret < origlen) {
+(data)->len++;
+(data)->val = realloc((data)->val, sizeof(*((data)->val)) * (data)->len);
+e = decode_ETYPE_INFO_ENTRY(p, len, &(data)->val[(data)->len-1], &l);
+FORW;
+len = origlen - ret;
+}
+ret += oldret;
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_ETYPE_INFO(data);
+return e;
+}
+
+void
+free_ETYPE_INFO(ETYPE_INFO *data)
+{
+while((data)->len){
+free_ETYPE_INFO_ENTRY(&(data)->val[(data)->len-1]);
+(data)->len--;
+}
+free((data)->val);
+}
+
+size_t
+length_ETYPE_INFO(const ETYPE_INFO *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+int i;
+ret = 0;
+for(i = (data)->len - 1; i >= 0; --i){
+ret += length_ETYPE_INFO_ENTRY(&(data)->val[i]);
+}
+ret += 1 + length_len(ret) + oldret;
+}
+return ret;
+}
+
+int
+copy_ETYPE_INFO(const ETYPE_INFO *from, ETYPE_INFO *to)
+{
+if(((to)->val = malloc((from)->len * sizeof(*(to)->val))) == NULL && (from)->len != 0)
+return ENOMEM;
+for((to)->len = 0; (to)->len < (from)->len; (to)->len++){
+if(copy_ETYPE_INFO_ENTRY(&(from)->val[(to)->len], &(to)->val[(to)->len])) return ENOMEM;
+}
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_ETYPE_INFO_ENTRY.c b/lib/libkrb5/generated/asn1_ETYPE_INFO_ENTRY.c
new file mode 100644
index 00000000000..4d872477453
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_ETYPE_INFO_ENTRY.c
@@ -0,0 +1,227 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_ETYPE_INFO_ENTRY(unsigned char *p, size_t len, const ETYPE_INFO_ENTRY *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+if((data)->salttype)
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, (data)->salttype, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 2, &l);
+BACK;
+ret += oldret;
+}
+if((data)->salt)
+{
+int oldret = ret;
+ret = 0;
+e = encode_octet_string(p, len, (data)->salt, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_ENCTYPE(p, len, &(data)->etype, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 0, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_ETYPE_INFO_ENTRY(const unsigned char *p, size_t len, ETYPE_INFO_ENTRY *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 0, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_ENCTYPE(p, len, &(data)->etype, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+(data)->salt = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->salt = malloc(sizeof(*(data)->salt));
+if((data)->salt == NULL) return ENOMEM;
+e = decode_octet_string(p, len, (data)->salt, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 2, &l);
+if (e)
+(data)->salttype = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->salttype = malloc(sizeof(*(data)->salttype));
+if((data)->salttype == NULL) return ENOMEM;
+e = decode_integer(p, len, (data)->salttype, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_ETYPE_INFO_ENTRY(data);
+return e;
+}
+
+void
+free_ETYPE_INFO_ENTRY(ETYPE_INFO_ENTRY *data)
+{
+free_ENCTYPE(&(data)->etype);
+if((data)->salt) {
+free_octet_string((data)->salt);
+free((data)->salt);
+}
+if((data)->salttype) {
+free((data)->salttype);
+}
+}
+
+size_t
+length_ETYPE_INFO_ENTRY(const ETYPE_INFO_ENTRY *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+ret = 0;
+ret += length_ENCTYPE(&(data)->etype);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->salt){
+int oldret = ret;
+ret = 0;
+ret += length_octet_string((data)->salt);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->salttype){
+int oldret = ret;
+ret = 0;
+ret += length_integer((data)->salttype);
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+return ret;
+}
+
+int
+copy_ETYPE_INFO_ENTRY(const ETYPE_INFO_ENTRY *from, ETYPE_INFO_ENTRY *to)
+{
+if(copy_ENCTYPE(&(from)->etype, &(to)->etype)) return ENOMEM;
+if((from)->salt) {
+(to)->salt = malloc(sizeof(*(to)->salt));
+if((to)->salt == NULL) return ENOMEM;
+if(copy_octet_string((from)->salt, (to)->salt)) return ENOMEM;
+}else
+(to)->salt = NULL;
+if((from)->salttype) {
+(to)->salttype = malloc(sizeof(*(to)->salttype));
+if((to)->salttype == NULL) return ENOMEM;
+*((to)->salttype) = *((from)->salttype);
+}else
+(to)->salttype = NULL;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_EncAPRepPart.c b/lib/libkrb5/generated/asn1_EncAPRepPart.c
new file mode 100644
index 00000000000..0174bf5b38c
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_EncAPRepPart.c
@@ -0,0 +1,284 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_EncAPRepPart(unsigned char *p, size_t len, const EncAPRepPart *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+if((data)->seq_number)
+{
+int oldret = ret;
+ret = 0;
+e = encode_UNSIGNED(p, len, (data)->seq_number, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 3, &l);
+BACK;
+ret += oldret;
+}
+if((data)->subkey)
+{
+int oldret = ret;
+ret = 0;
+e = encode_EncryptionKey(p, len, (data)->subkey, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 2, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, &(data)->cusec, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_KerberosTime(p, len, &(data)->ctime, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 0, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, APPL, CONS, 27, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_EncAPRepPart(const unsigned char *p, size_t len, EncAPRepPart *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, APPL, CONS, 27, &reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 0, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_KerberosTime(p, len, &(data)->ctime, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_integer(p, len, &(data)->cusec, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 2, &l);
+if (e)
+(data)->subkey = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->subkey = malloc(sizeof(*(data)->subkey));
+if((data)->subkey == NULL) return ENOMEM;
+e = decode_EncryptionKey(p, len, (data)->subkey, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 3, &l);
+if (e)
+(data)->seq_number = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->seq_number = malloc(sizeof(*(data)->seq_number));
+if((data)->seq_number == NULL) return ENOMEM;
+e = decode_UNSIGNED(p, len, (data)->seq_number, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_EncAPRepPart(data);
+return e;
+}
+
+void
+free_EncAPRepPart(EncAPRepPart *data)
+{
+free_KerberosTime(&(data)->ctime);
+if((data)->subkey) {
+free_EncryptionKey((data)->subkey);
+free((data)->subkey);
+}
+if((data)->seq_number) {
+free_UNSIGNED((data)->seq_number);
+free((data)->seq_number);
+}
+}
+
+size_t
+length_EncAPRepPart(const EncAPRepPart *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+ret = 0;
+ret += length_KerberosTime(&(data)->ctime);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_integer(&(data)->cusec);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->subkey){
+int oldret = ret;
+ret = 0;
+ret += length_EncryptionKey((data)->subkey);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->seq_number){
+int oldret = ret;
+ret = 0;
+ret += length_UNSIGNED((data)->seq_number);
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+ret += 1 + length_len (ret);
+return ret;
+}
+
+int
+copy_EncAPRepPart(const EncAPRepPart *from, EncAPRepPart *to)
+{
+if(copy_KerberosTime(&(from)->ctime, &(to)->ctime)) return ENOMEM;
+*(&(to)->cusec) = *(&(from)->cusec);
+if((from)->subkey) {
+(to)->subkey = malloc(sizeof(*(to)->subkey));
+if((to)->subkey == NULL) return ENOMEM;
+if(copy_EncryptionKey((from)->subkey, (to)->subkey)) return ENOMEM;
+}else
+(to)->subkey = NULL;
+if((from)->seq_number) {
+(to)->seq_number = malloc(sizeof(*(to)->seq_number));
+if((to)->seq_number == NULL) return ENOMEM;
+if(copy_UNSIGNED((from)->seq_number, (to)->seq_number)) return ENOMEM;
+}else
+(to)->seq_number = NULL;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_EncASRepPart.c b/lib/libkrb5/generated/asn1_EncASRepPart.c
new file mode 100644
index 00000000000..1b3f096e335
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_EncASRepPart.c
@@ -0,0 +1,84 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_EncASRepPart(unsigned char *p, size_t len, const EncASRepPart *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+e = encode_EncKDCRepPart(p, len, data, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, APPL, CONS, 25, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_EncASRepPart(const unsigned char *p, size_t len, EncASRepPart *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, APPL, CONS, 25, &reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+e = decode_EncKDCRepPart(p, len, data, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_EncASRepPart(data);
+return e;
+}
+
+void
+free_EncASRepPart(EncASRepPart *data)
+{
+free_EncKDCRepPart(data);
+}
+
+size_t
+length_EncASRepPart(const EncASRepPart *data)
+{
+size_t ret = 0;
+ret += length_EncKDCRepPart(data);
+ret += 1 + length_len (ret);
+return ret;
+}
+
+int
+copy_EncASRepPart(const EncASRepPart *from, EncASRepPart *to)
+{
+if(copy_EncKDCRepPart(from, to)) return ENOMEM;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_EncKDCRepPart.c b/lib/libkrb5/generated/asn1_EncKDCRepPart.c
new file mode 100644
index 00000000000..86d5bb80924
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_EncKDCRepPart.c
@@ -0,0 +1,636 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_EncKDCRepPart(unsigned char *p, size_t len, const EncKDCRepPart *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+if((data)->caddr)
+{
+int oldret = ret;
+ret = 0;
+e = encode_HostAddresses(p, len, (data)->caddr, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 11, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_PrincipalName(p, len, &(data)->sname, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 10, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_Realm(p, len, &(data)->srealm, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 9, &l);
+BACK;
+ret += oldret;
+}
+if((data)->renew_till)
+{
+int oldret = ret;
+ret = 0;
+e = encode_KerberosTime(p, len, (data)->renew_till, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 8, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_KerberosTime(p, len, &(data)->endtime, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 7, &l);
+BACK;
+ret += oldret;
+}
+if((data)->starttime)
+{
+int oldret = ret;
+ret = 0;
+e = encode_KerberosTime(p, len, (data)->starttime, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 6, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_KerberosTime(p, len, &(data)->authtime, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 5, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_TicketFlags(p, len, &(data)->flags, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 4, &l);
+BACK;
+ret += oldret;
+}
+if((data)->key_expiration)
+{
+int oldret = ret;
+ret = 0;
+e = encode_KerberosTime(p, len, (data)->key_expiration, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 3, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, &(data)->nonce, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 2, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_LastReq(p, len, &(data)->last_req, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_EncryptionKey(p, len, &(data)->key, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 0, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_EncKDCRepPart(const unsigned char *p, size_t len, EncKDCRepPart *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 0, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_EncryptionKey(p, len, &(data)->key, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_LastReq(p, len, &(data)->last_req, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 2, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_integer(p, len, &(data)->nonce, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 3, &l);
+if (e)
+(data)->key_expiration = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->key_expiration = malloc(sizeof(*(data)->key_expiration));
+if((data)->key_expiration == NULL) return ENOMEM;
+e = decode_KerberosTime(p, len, (data)->key_expiration, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 4, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_TicketFlags(p, len, &(data)->flags, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 5, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_KerberosTime(p, len, &(data)->authtime, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 6, &l);
+if (e)
+(data)->starttime = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->starttime = malloc(sizeof(*(data)->starttime));
+if((data)->starttime == NULL) return ENOMEM;
+e = decode_KerberosTime(p, len, (data)->starttime, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 7, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_KerberosTime(p, len, &(data)->endtime, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 8, &l);
+if (e)
+(data)->renew_till = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->renew_till = malloc(sizeof(*(data)->renew_till));
+if((data)->renew_till == NULL) return ENOMEM;
+e = decode_KerberosTime(p, len, (data)->renew_till, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 9, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_Realm(p, len, &(data)->srealm, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 10, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_PrincipalName(p, len, &(data)->sname, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 11, &l);
+if (e)
+(data)->caddr = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->caddr = malloc(sizeof(*(data)->caddr));
+if((data)->caddr == NULL) return ENOMEM;
+e = decode_HostAddresses(p, len, (data)->caddr, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_EncKDCRepPart(data);
+return e;
+}
+
+void
+free_EncKDCRepPart(EncKDCRepPart *data)
+{
+free_EncryptionKey(&(data)->key);
+free_LastReq(&(data)->last_req);
+if((data)->key_expiration) {
+free_KerberosTime((data)->key_expiration);
+free((data)->key_expiration);
+}
+free_TicketFlags(&(data)->flags);
+free_KerberosTime(&(data)->authtime);
+if((data)->starttime) {
+free_KerberosTime((data)->starttime);
+free((data)->starttime);
+}
+free_KerberosTime(&(data)->endtime);
+if((data)->renew_till) {
+free_KerberosTime((data)->renew_till);
+free((data)->renew_till);
+}
+free_Realm(&(data)->srealm);
+free_PrincipalName(&(data)->sname);
+if((data)->caddr) {
+free_HostAddresses((data)->caddr);
+free((data)->caddr);
+}
+}
+
+size_t
+length_EncKDCRepPart(const EncKDCRepPart *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+ret = 0;
+ret += length_EncryptionKey(&(data)->key);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_LastReq(&(data)->last_req);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_integer(&(data)->nonce);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->key_expiration){
+int oldret = ret;
+ret = 0;
+ret += length_KerberosTime((data)->key_expiration);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_TicketFlags(&(data)->flags);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_KerberosTime(&(data)->authtime);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->starttime){
+int oldret = ret;
+ret = 0;
+ret += length_KerberosTime((data)->starttime);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_KerberosTime(&(data)->endtime);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->renew_till){
+int oldret = ret;
+ret = 0;
+ret += length_KerberosTime((data)->renew_till);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_Realm(&(data)->srealm);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_PrincipalName(&(data)->sname);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->caddr){
+int oldret = ret;
+ret = 0;
+ret += length_HostAddresses((data)->caddr);
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+return ret;
+}
+
+int
+copy_EncKDCRepPart(const EncKDCRepPart *from, EncKDCRepPart *to)
+{
+if(copy_EncryptionKey(&(from)->key, &(to)->key)) return ENOMEM;
+if(copy_LastReq(&(from)->last_req, &(to)->last_req)) return ENOMEM;
+*(&(to)->nonce) = *(&(from)->nonce);
+if((from)->key_expiration) {
+(to)->key_expiration = malloc(sizeof(*(to)->key_expiration));
+if((to)->key_expiration == NULL) return ENOMEM;
+if(copy_KerberosTime((from)->key_expiration, (to)->key_expiration)) return ENOMEM;
+}else
+(to)->key_expiration = NULL;
+if(copy_TicketFlags(&(from)->flags, &(to)->flags)) return ENOMEM;
+if(copy_KerberosTime(&(from)->authtime, &(to)->authtime)) return ENOMEM;
+if((from)->starttime) {
+(to)->starttime = malloc(sizeof(*(to)->starttime));
+if((to)->starttime == NULL) return ENOMEM;
+if(copy_KerberosTime((from)->starttime, (to)->starttime)) return ENOMEM;
+}else
+(to)->starttime = NULL;
+if(copy_KerberosTime(&(from)->endtime, &(to)->endtime)) return ENOMEM;
+if((from)->renew_till) {
+(to)->renew_till = malloc(sizeof(*(to)->renew_till));
+if((to)->renew_till == NULL) return ENOMEM;
+if(copy_KerberosTime((from)->renew_till, (to)->renew_till)) return ENOMEM;
+}else
+(to)->renew_till = NULL;
+if(copy_Realm(&(from)->srealm, &(to)->srealm)) return ENOMEM;
+if(copy_PrincipalName(&(from)->sname, &(to)->sname)) return ENOMEM;
+if((from)->caddr) {
+(to)->caddr = malloc(sizeof(*(to)->caddr));
+if((to)->caddr == NULL) return ENOMEM;
+if(copy_HostAddresses((from)->caddr, (to)->caddr)) return ENOMEM;
+}else
+(to)->caddr = NULL;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_EncKrbCredPart.c b/lib/libkrb5/generated/asn1_EncKrbCredPart.c
new file mode 100644
index 00000000000..25e111b306c
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_EncKrbCredPart.c
@@ -0,0 +1,443 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_EncKrbCredPart(unsigned char *p, size_t len, const EncKrbCredPart *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+if((data)->r_address)
+{
+int oldret = ret;
+ret = 0;
+e = encode_HostAddress(p, len, (data)->r_address, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 5, &l);
+BACK;
+ret += oldret;
+}
+if((data)->s_address)
+{
+int oldret = ret;
+ret = 0;
+e = encode_HostAddress(p, len, (data)->s_address, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 4, &l);
+BACK;
+ret += oldret;
+}
+if((data)->usec)
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, (data)->usec, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 3, &l);
+BACK;
+ret += oldret;
+}
+if((data)->timestamp)
+{
+int oldret = ret;
+ret = 0;
+e = encode_KerberosTime(p, len, (data)->timestamp, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 2, &l);
+BACK;
+ret += oldret;
+}
+if((data)->nonce)
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, (data)->nonce, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+for(i = (&(data)->ticket_info)->len - 1; i >= 0; --i) {
+int oldret = ret;
+ret = 0;
+e = encode_KrbCredInfo(p, len, &(&(data)->ticket_info)->val[i], &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 0, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, APPL, CONS, 29, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_EncKrbCredPart(const unsigned char *p, size_t len, EncKrbCredPart *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, APPL, CONS, 29, &reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 0, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+if(len < reallen)
+return ASN1_OVERRUN;
+len = reallen;
+{
+size_t origlen = len;
+int oldret = ret;
+ret = 0;
+(&(data)->ticket_info)->len = 0;
+(&(data)->ticket_info)->val = NULL;
+while(ret < origlen) {
+(&(data)->ticket_info)->len++;
+(&(data)->ticket_info)->val = realloc((&(data)->ticket_info)->val, sizeof(*((&(data)->ticket_info)->val)) * (&(data)->ticket_info)->len);
+e = decode_KrbCredInfo(p, len, &(&(data)->ticket_info)->val[(&(data)->ticket_info)->len-1], &l);
+FORW;
+len = origlen - ret;
+}
+ret += oldret;
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+(data)->nonce = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->nonce = malloc(sizeof(*(data)->nonce));
+if((data)->nonce == NULL) return ENOMEM;
+e = decode_integer(p, len, (data)->nonce, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 2, &l);
+if (e)
+(data)->timestamp = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->timestamp = malloc(sizeof(*(data)->timestamp));
+if((data)->timestamp == NULL) return ENOMEM;
+e = decode_KerberosTime(p, len, (data)->timestamp, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 3, &l);
+if (e)
+(data)->usec = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->usec = malloc(sizeof(*(data)->usec));
+if((data)->usec == NULL) return ENOMEM;
+e = decode_integer(p, len, (data)->usec, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 4, &l);
+if (e)
+(data)->s_address = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->s_address = malloc(sizeof(*(data)->s_address));
+if((data)->s_address == NULL) return ENOMEM;
+e = decode_HostAddress(p, len, (data)->s_address, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 5, &l);
+if (e)
+(data)->r_address = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->r_address = malloc(sizeof(*(data)->r_address));
+if((data)->r_address == NULL) return ENOMEM;
+e = decode_HostAddress(p, len, (data)->r_address, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_EncKrbCredPart(data);
+return e;
+}
+
+void
+free_EncKrbCredPart(EncKrbCredPart *data)
+{
+while((&(data)->ticket_info)->len){
+free_KrbCredInfo(&(&(data)->ticket_info)->val[(&(data)->ticket_info)->len-1]);
+(&(data)->ticket_info)->len--;
+}
+free((&(data)->ticket_info)->val);
+if((data)->nonce) {
+free((data)->nonce);
+}
+if((data)->timestamp) {
+free_KerberosTime((data)->timestamp);
+free((data)->timestamp);
+}
+if((data)->usec) {
+free((data)->usec);
+}
+if((data)->s_address) {
+free_HostAddress((data)->s_address);
+free((data)->s_address);
+}
+if((data)->r_address) {
+free_HostAddress((data)->r_address);
+free((data)->r_address);
+}
+}
+
+size_t
+length_EncKrbCredPart(const EncKrbCredPart *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+ret = 0;
+{
+int oldret = ret;
+int i;
+ret = 0;
+for(i = (&(data)->ticket_info)->len - 1; i >= 0; --i){
+ret += length_KrbCredInfo(&(&(data)->ticket_info)->val[i]);
+}
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->nonce){
+int oldret = ret;
+ret = 0;
+ret += length_integer((data)->nonce);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->timestamp){
+int oldret = ret;
+ret = 0;
+ret += length_KerberosTime((data)->timestamp);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->usec){
+int oldret = ret;
+ret = 0;
+ret += length_integer((data)->usec);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->s_address){
+int oldret = ret;
+ret = 0;
+ret += length_HostAddress((data)->s_address);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->r_address){
+int oldret = ret;
+ret = 0;
+ret += length_HostAddress((data)->r_address);
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+ret += 1 + length_len (ret);
+return ret;
+}
+
+int
+copy_EncKrbCredPart(const EncKrbCredPart *from, EncKrbCredPart *to)
+{
+if(((&(to)->ticket_info)->val = malloc((&(from)->ticket_info)->len * sizeof(*(&(to)->ticket_info)->val))) == NULL && (&(from)->ticket_info)->len != 0)
+return ENOMEM;
+for((&(to)->ticket_info)->len = 0; (&(to)->ticket_info)->len < (&(from)->ticket_info)->len; (&(to)->ticket_info)->len++){
+if(copy_KrbCredInfo(&(&(from)->ticket_info)->val[(&(to)->ticket_info)->len], &(&(to)->ticket_info)->val[(&(to)->ticket_info)->len])) return ENOMEM;
+}
+if((from)->nonce) {
+(to)->nonce = malloc(sizeof(*(to)->nonce));
+if((to)->nonce == NULL) return ENOMEM;
+*((to)->nonce) = *((from)->nonce);
+}else
+(to)->nonce = NULL;
+if((from)->timestamp) {
+(to)->timestamp = malloc(sizeof(*(to)->timestamp));
+if((to)->timestamp == NULL) return ENOMEM;
+if(copy_KerberosTime((from)->timestamp, (to)->timestamp)) return ENOMEM;
+}else
+(to)->timestamp = NULL;
+if((from)->usec) {
+(to)->usec = malloc(sizeof(*(to)->usec));
+if((to)->usec == NULL) return ENOMEM;
+*((to)->usec) = *((from)->usec);
+}else
+(to)->usec = NULL;
+if((from)->s_address) {
+(to)->s_address = malloc(sizeof(*(to)->s_address));
+if((to)->s_address == NULL) return ENOMEM;
+if(copy_HostAddress((from)->s_address, (to)->s_address)) return ENOMEM;
+}else
+(to)->s_address = NULL;
+if((from)->r_address) {
+(to)->r_address = malloc(sizeof(*(to)->r_address));
+if((to)->r_address == NULL) return ENOMEM;
+if(copy_HostAddress((from)->r_address, (to)->r_address)) return ENOMEM;
+}else
+(to)->r_address = NULL;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_EncKrbPrivPart.c b/lib/libkrb5/generated/asn1_EncKrbPrivPart.c
new file mode 100644
index 00000000000..d5d4e42dc5b
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_EncKrbPrivPart.c
@@ -0,0 +1,403 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_EncKrbPrivPart(unsigned char *p, size_t len, const EncKrbPrivPart *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+if((data)->r_address)
+{
+int oldret = ret;
+ret = 0;
+e = encode_HostAddress(p, len, (data)->r_address, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 5, &l);
+BACK;
+ret += oldret;
+}
+if((data)->s_address)
+{
+int oldret = ret;
+ret = 0;
+e = encode_HostAddress(p, len, (data)->s_address, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 4, &l);
+BACK;
+ret += oldret;
+}
+if((data)->seq_number)
+{
+int oldret = ret;
+ret = 0;
+e = encode_UNSIGNED(p, len, (data)->seq_number, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 3, &l);
+BACK;
+ret += oldret;
+}
+if((data)->usec)
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, (data)->usec, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 2, &l);
+BACK;
+ret += oldret;
+}
+if((data)->timestamp)
+{
+int oldret = ret;
+ret = 0;
+e = encode_KerberosTime(p, len, (data)->timestamp, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_octet_string(p, len, &(data)->user_data, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 0, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, APPL, CONS, 28, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_EncKrbPrivPart(const unsigned char *p, size_t len, EncKrbPrivPart *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, APPL, CONS, 28, &reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 0, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_octet_string(p, len, &(data)->user_data, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+(data)->timestamp = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->timestamp = malloc(sizeof(*(data)->timestamp));
+if((data)->timestamp == NULL) return ENOMEM;
+e = decode_KerberosTime(p, len, (data)->timestamp, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 2, &l);
+if (e)
+(data)->usec = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->usec = malloc(sizeof(*(data)->usec));
+if((data)->usec == NULL) return ENOMEM;
+e = decode_integer(p, len, (data)->usec, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 3, &l);
+if (e)
+(data)->seq_number = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->seq_number = malloc(sizeof(*(data)->seq_number));
+if((data)->seq_number == NULL) return ENOMEM;
+e = decode_UNSIGNED(p, len, (data)->seq_number, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 4, &l);
+if (e)
+(data)->s_address = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->s_address = malloc(sizeof(*(data)->s_address));
+if((data)->s_address == NULL) return ENOMEM;
+e = decode_HostAddress(p, len, (data)->s_address, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 5, &l);
+if (e)
+(data)->r_address = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->r_address = malloc(sizeof(*(data)->r_address));
+if((data)->r_address == NULL) return ENOMEM;
+e = decode_HostAddress(p, len, (data)->r_address, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_EncKrbPrivPart(data);
+return e;
+}
+
+void
+free_EncKrbPrivPart(EncKrbPrivPart *data)
+{
+free_octet_string(&(data)->user_data);
+if((data)->timestamp) {
+free_KerberosTime((data)->timestamp);
+free((data)->timestamp);
+}
+if((data)->usec) {
+free((data)->usec);
+}
+if((data)->seq_number) {
+free_UNSIGNED((data)->seq_number);
+free((data)->seq_number);
+}
+if((data)->s_address) {
+free_HostAddress((data)->s_address);
+free((data)->s_address);
+}
+if((data)->r_address) {
+free_HostAddress((data)->r_address);
+free((data)->r_address);
+}
+}
+
+size_t
+length_EncKrbPrivPart(const EncKrbPrivPart *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+ret = 0;
+ret += length_octet_string(&(data)->user_data);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->timestamp){
+int oldret = ret;
+ret = 0;
+ret += length_KerberosTime((data)->timestamp);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->usec){
+int oldret = ret;
+ret = 0;
+ret += length_integer((data)->usec);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->seq_number){
+int oldret = ret;
+ret = 0;
+ret += length_UNSIGNED((data)->seq_number);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->s_address){
+int oldret = ret;
+ret = 0;
+ret += length_HostAddress((data)->s_address);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->r_address){
+int oldret = ret;
+ret = 0;
+ret += length_HostAddress((data)->r_address);
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+ret += 1 + length_len (ret);
+return ret;
+}
+
+int
+copy_EncKrbPrivPart(const EncKrbPrivPart *from, EncKrbPrivPart *to)
+{
+if(copy_octet_string(&(from)->user_data, &(to)->user_data)) return ENOMEM;
+if((from)->timestamp) {
+(to)->timestamp = malloc(sizeof(*(to)->timestamp));
+if((to)->timestamp == NULL) return ENOMEM;
+if(copy_KerberosTime((from)->timestamp, (to)->timestamp)) return ENOMEM;
+}else
+(to)->timestamp = NULL;
+if((from)->usec) {
+(to)->usec = malloc(sizeof(*(to)->usec));
+if((to)->usec == NULL) return ENOMEM;
+*((to)->usec) = *((from)->usec);
+}else
+(to)->usec = NULL;
+if((from)->seq_number) {
+(to)->seq_number = malloc(sizeof(*(to)->seq_number));
+if((to)->seq_number == NULL) return ENOMEM;
+if(copy_UNSIGNED((from)->seq_number, (to)->seq_number)) return ENOMEM;
+}else
+(to)->seq_number = NULL;
+if((from)->s_address) {
+(to)->s_address = malloc(sizeof(*(to)->s_address));
+if((to)->s_address == NULL) return ENOMEM;
+if(copy_HostAddress((from)->s_address, (to)->s_address)) return ENOMEM;
+}else
+(to)->s_address = NULL;
+if((from)->r_address) {
+(to)->r_address = malloc(sizeof(*(to)->r_address));
+if((to)->r_address == NULL) return ENOMEM;
+if(copy_HostAddress((from)->r_address, (to)->r_address)) return ENOMEM;
+}else
+(to)->r_address = NULL;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_EncTGSRepPart.c b/lib/libkrb5/generated/asn1_EncTGSRepPart.c
new file mode 100644
index 00000000000..502ae2cd8a7
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_EncTGSRepPart.c
@@ -0,0 +1,84 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_EncTGSRepPart(unsigned char *p, size_t len, const EncTGSRepPart *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+e = encode_EncKDCRepPart(p, len, data, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, APPL, CONS, 26, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_EncTGSRepPart(const unsigned char *p, size_t len, EncTGSRepPart *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, APPL, CONS, 26, &reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+e = decode_EncKDCRepPart(p, len, data, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_EncTGSRepPart(data);
+return e;
+}
+
+void
+free_EncTGSRepPart(EncTGSRepPart *data)
+{
+free_EncKDCRepPart(data);
+}
+
+size_t
+length_EncTGSRepPart(const EncTGSRepPart *data)
+{
+size_t ret = 0;
+ret += length_EncKDCRepPart(data);
+ret += 1 + length_len (ret);
+return ret;
+}
+
+int
+copy_EncTGSRepPart(const EncTGSRepPart *from, EncTGSRepPart *to)
+{
+if(copy_EncKDCRepPart(from, to)) return ENOMEM;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_EncTicketPart.c b/lib/libkrb5/generated/asn1_EncTicketPart.c
new file mode 100644
index 00000000000..4773fa46046
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_EncTicketPart.c
@@ -0,0 +1,608 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_EncTicketPart(unsigned char *p, size_t len, const EncTicketPart *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+if((data)->authorization_data)
+{
+int oldret = ret;
+ret = 0;
+e = encode_AuthorizationData(p, len, (data)->authorization_data, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 10, &l);
+BACK;
+ret += oldret;
+}
+if((data)->caddr)
+{
+int oldret = ret;
+ret = 0;
+e = encode_HostAddresses(p, len, (data)->caddr, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 9, &l);
+BACK;
+ret += oldret;
+}
+if((data)->renew_till)
+{
+int oldret = ret;
+ret = 0;
+e = encode_KerberosTime(p, len, (data)->renew_till, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 8, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_KerberosTime(p, len, &(data)->endtime, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 7, &l);
+BACK;
+ret += oldret;
+}
+if((data)->starttime)
+{
+int oldret = ret;
+ret = 0;
+e = encode_KerberosTime(p, len, (data)->starttime, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 6, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_KerberosTime(p, len, &(data)->authtime, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 5, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_TransitedEncoding(p, len, &(data)->transited, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 4, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_PrincipalName(p, len, &(data)->cname, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 3, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_Realm(p, len, &(data)->crealm, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 2, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_EncryptionKey(p, len, &(data)->key, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_TicketFlags(p, len, &(data)->flags, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 0, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, APPL, CONS, 3, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_EncTicketPart(const unsigned char *p, size_t len, EncTicketPart *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, APPL, CONS, 3, &reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 0, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_TicketFlags(p, len, &(data)->flags, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_EncryptionKey(p, len, &(data)->key, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 2, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_Realm(p, len, &(data)->crealm, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 3, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_PrincipalName(p, len, &(data)->cname, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 4, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_TransitedEncoding(p, len, &(data)->transited, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 5, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_KerberosTime(p, len, &(data)->authtime, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 6, &l);
+if (e)
+(data)->starttime = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->starttime = malloc(sizeof(*(data)->starttime));
+if((data)->starttime == NULL) return ENOMEM;
+e = decode_KerberosTime(p, len, (data)->starttime, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 7, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_KerberosTime(p, len, &(data)->endtime, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 8, &l);
+if (e)
+(data)->renew_till = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->renew_till = malloc(sizeof(*(data)->renew_till));
+if((data)->renew_till == NULL) return ENOMEM;
+e = decode_KerberosTime(p, len, (data)->renew_till, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 9, &l);
+if (e)
+(data)->caddr = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->caddr = malloc(sizeof(*(data)->caddr));
+if((data)->caddr == NULL) return ENOMEM;
+e = decode_HostAddresses(p, len, (data)->caddr, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 10, &l);
+if (e)
+(data)->authorization_data = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->authorization_data = malloc(sizeof(*(data)->authorization_data));
+if((data)->authorization_data == NULL) return ENOMEM;
+e = decode_AuthorizationData(p, len, (data)->authorization_data, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_EncTicketPart(data);
+return e;
+}
+
+void
+free_EncTicketPart(EncTicketPart *data)
+{
+free_TicketFlags(&(data)->flags);
+free_EncryptionKey(&(data)->key);
+free_Realm(&(data)->crealm);
+free_PrincipalName(&(data)->cname);
+free_TransitedEncoding(&(data)->transited);
+free_KerberosTime(&(data)->authtime);
+if((data)->starttime) {
+free_KerberosTime((data)->starttime);
+free((data)->starttime);
+}
+free_KerberosTime(&(data)->endtime);
+if((data)->renew_till) {
+free_KerberosTime((data)->renew_till);
+free((data)->renew_till);
+}
+if((data)->caddr) {
+free_HostAddresses((data)->caddr);
+free((data)->caddr);
+}
+if((data)->authorization_data) {
+free_AuthorizationData((data)->authorization_data);
+free((data)->authorization_data);
+}
+}
+
+size_t
+length_EncTicketPart(const EncTicketPart *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+ret = 0;
+ret += length_TicketFlags(&(data)->flags);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_EncryptionKey(&(data)->key);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_Realm(&(data)->crealm);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_PrincipalName(&(data)->cname);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_TransitedEncoding(&(data)->transited);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_KerberosTime(&(data)->authtime);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->starttime){
+int oldret = ret;
+ret = 0;
+ret += length_KerberosTime((data)->starttime);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_KerberosTime(&(data)->endtime);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->renew_till){
+int oldret = ret;
+ret = 0;
+ret += length_KerberosTime((data)->renew_till);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->caddr){
+int oldret = ret;
+ret = 0;
+ret += length_HostAddresses((data)->caddr);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->authorization_data){
+int oldret = ret;
+ret = 0;
+ret += length_AuthorizationData((data)->authorization_data);
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+ret += 1 + length_len (ret);
+return ret;
+}
+
+int
+copy_EncTicketPart(const EncTicketPart *from, EncTicketPart *to)
+{
+if(copy_TicketFlags(&(from)->flags, &(to)->flags)) return ENOMEM;
+if(copy_EncryptionKey(&(from)->key, &(to)->key)) return ENOMEM;
+if(copy_Realm(&(from)->crealm, &(to)->crealm)) return ENOMEM;
+if(copy_PrincipalName(&(from)->cname, &(to)->cname)) return ENOMEM;
+if(copy_TransitedEncoding(&(from)->transited, &(to)->transited)) return ENOMEM;
+if(copy_KerberosTime(&(from)->authtime, &(to)->authtime)) return ENOMEM;
+if((from)->starttime) {
+(to)->starttime = malloc(sizeof(*(to)->starttime));
+if((to)->starttime == NULL) return ENOMEM;
+if(copy_KerberosTime((from)->starttime, (to)->starttime)) return ENOMEM;
+}else
+(to)->starttime = NULL;
+if(copy_KerberosTime(&(from)->endtime, &(to)->endtime)) return ENOMEM;
+if((from)->renew_till) {
+(to)->renew_till = malloc(sizeof(*(to)->renew_till));
+if((to)->renew_till == NULL) return ENOMEM;
+if(copy_KerberosTime((from)->renew_till, (to)->renew_till)) return ENOMEM;
+}else
+(to)->renew_till = NULL;
+if((from)->caddr) {
+(to)->caddr = malloc(sizeof(*(to)->caddr));
+if((to)->caddr == NULL) return ENOMEM;
+if(copy_HostAddresses((from)->caddr, (to)->caddr)) return ENOMEM;
+}else
+(to)->caddr = NULL;
+if((from)->authorization_data) {
+(to)->authorization_data = malloc(sizeof(*(to)->authorization_data));
+if((to)->authorization_data == NULL) return ENOMEM;
+if(copy_AuthorizationData((from)->authorization_data, (to)->authorization_data)) return ENOMEM;
+}else
+(to)->authorization_data = NULL;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_EncryptedData.c b/lib/libkrb5/generated/asn1_EncryptedData.c
new file mode 100644
index 00000000000..7625cc6597e
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_EncryptedData.c
@@ -0,0 +1,216 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_EncryptedData(unsigned char *p, size_t len, const EncryptedData *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+{
+int oldret = ret;
+ret = 0;
+e = encode_octet_string(p, len, &(data)->cipher, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 2, &l);
+BACK;
+ret += oldret;
+}
+if((data)->kvno)
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, (data)->kvno, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_ENCTYPE(p, len, &(data)->etype, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 0, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_EncryptedData(const unsigned char *p, size_t len, EncryptedData *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 0, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_ENCTYPE(p, len, &(data)->etype, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+(data)->kvno = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->kvno = malloc(sizeof(*(data)->kvno));
+if((data)->kvno == NULL) return ENOMEM;
+e = decode_integer(p, len, (data)->kvno, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 2, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_octet_string(p, len, &(data)->cipher, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_EncryptedData(data);
+return e;
+}
+
+void
+free_EncryptedData(EncryptedData *data)
+{
+free_ENCTYPE(&(data)->etype);
+if((data)->kvno) {
+free((data)->kvno);
+}
+free_octet_string(&(data)->cipher);
+}
+
+size_t
+length_EncryptedData(const EncryptedData *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+ret = 0;
+ret += length_ENCTYPE(&(data)->etype);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->kvno){
+int oldret = ret;
+ret = 0;
+ret += length_integer((data)->kvno);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_octet_string(&(data)->cipher);
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+return ret;
+}
+
+int
+copy_EncryptedData(const EncryptedData *from, EncryptedData *to)
+{
+if(copy_ENCTYPE(&(from)->etype, &(to)->etype)) return ENOMEM;
+if((from)->kvno) {
+(to)->kvno = malloc(sizeof(*(to)->kvno));
+if((to)->kvno == NULL) return ENOMEM;
+*((to)->kvno) = *((from)->kvno);
+}else
+(to)->kvno = NULL;
+if(copy_octet_string(&(from)->cipher, &(to)->cipher)) return ENOMEM;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_EncryptionKey.c b/lib/libkrb5/generated/asn1_EncryptionKey.c
new file mode 100644
index 00000000000..9fcd3cf4f77
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_EncryptionKey.c
@@ -0,0 +1,162 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_EncryptionKey(unsigned char *p, size_t len, const EncryptionKey *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+{
+int oldret = ret;
+ret = 0;
+e = encode_octet_string(p, len, &(data)->keyvalue, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, &(data)->keytype, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 0, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_EncryptionKey(const unsigned char *p, size_t len, EncryptionKey *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 0, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_integer(p, len, &(data)->keytype, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_octet_string(p, len, &(data)->keyvalue, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_EncryptionKey(data);
+return e;
+}
+
+void
+free_EncryptionKey(EncryptionKey *data)
+{
+free_octet_string(&(data)->keyvalue);
+}
+
+size_t
+length_EncryptionKey(const EncryptionKey *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+ret = 0;
+ret += length_integer(&(data)->keytype);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_octet_string(&(data)->keyvalue);
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+return ret;
+}
+
+int
+copy_EncryptionKey(const EncryptionKey *from, EncryptionKey *to)
+{
+*(&(to)->keytype) = *(&(from)->keytype);
+if(copy_octet_string(&(from)->keyvalue, &(to)->keyvalue)) return ENOMEM;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_Event.c b/lib/libkrb5/generated/asn1_Event.c
new file mode 100644
index 00000000000..401fc49b615
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_Event.c
@@ -0,0 +1,175 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/hdb/hdb.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <hdb_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_Event(unsigned char *p, size_t len, const Event *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+if((data)->principal)
+{
+int oldret = ret;
+ret = 0;
+e = encode_Principal(p, len, (data)->principal, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_KerberosTime(p, len, &(data)->time, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 0, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_Event(const unsigned char *p, size_t len, Event *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 0, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_KerberosTime(p, len, &(data)->time, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+(data)->principal = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->principal = malloc(sizeof(*(data)->principal));
+if((data)->principal == NULL) return ENOMEM;
+e = decode_Principal(p, len, (data)->principal, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_Event(data);
+return e;
+}
+
+void
+free_Event(Event *data)
+{
+free_KerberosTime(&(data)->time);
+if((data)->principal) {
+free_Principal((data)->principal);
+free((data)->principal);
+}
+}
+
+size_t
+length_Event(const Event *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+ret = 0;
+ret += length_KerberosTime(&(data)->time);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->principal){
+int oldret = ret;
+ret = 0;
+ret += length_Principal((data)->principal);
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+return ret;
+}
+
+int
+copy_Event(const Event *from, Event *to)
+{
+if(copy_KerberosTime(&(from)->time, &(to)->time)) return ENOMEM;
+if((from)->principal) {
+(to)->principal = malloc(sizeof(*(to)->principal));
+if((to)->principal == NULL) return ENOMEM;
+if(copy_Principal((from)->principal, (to)->principal)) return ENOMEM;
+}else
+(to)->principal = NULL;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_GENERATION.c b/lib/libkrb5/generated/asn1_GENERATION.c
new file mode 100644
index 00000000000..4a6b4055bf8
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_GENERATION.c
@@ -0,0 +1,205 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/hdb/hdb.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <hdb_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_GENERATION(unsigned char *p, size_t len, const GENERATION *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, &(data)->gen, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 2, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, &(data)->usec, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_KerberosTime(p, len, &(data)->time, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 0, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_GENERATION(const unsigned char *p, size_t len, GENERATION *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 0, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_KerberosTime(p, len, &(data)->time, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_integer(p, len, &(data)->usec, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 2, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_integer(p, len, &(data)->gen, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_GENERATION(data);
+return e;
+}
+
+void
+free_GENERATION(GENERATION *data)
+{
+free_KerberosTime(&(data)->time);
+}
+
+size_t
+length_GENERATION(const GENERATION *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+ret = 0;
+ret += length_KerberosTime(&(data)->time);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_integer(&(data)->usec);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_integer(&(data)->gen);
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+return ret;
+}
+
+int
+copy_GENERATION(const GENERATION *from, GENERATION *to)
+{
+if(copy_KerberosTime(&(from)->time, &(to)->time)) return ENOMEM;
+*(&(to)->usec) = *(&(from)->usec);
+*(&(to)->gen) = *(&(from)->gen);
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_HDBFlags.c b/lib/libkrb5/generated/asn1_HDBFlags.c
new file mode 100644
index 00000000000..3a1516b00c1
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_HDBFlags.c
@@ -0,0 +1,179 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/hdb/hdb.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <hdb_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_HDBFlags(unsigned char *p, size_t len, const HDBFlags *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+{
+unsigned char c = 0;
+*p-- = c; len--; ret++;
+c = 0;
+*p-- = c; len--; ret++;
+c = 0;
+if(data->immutable) c |= 1<<2;
+if(data->user_to_user) c |= 1<<3;
+if(data->ok_as_delegate) c |= 1<<4;
+if(data->require_hwauth) c |= 1<<5;
+if(data->change_pw) c |= 1<<6;
+if(data->require_preauth) c |= 1<<7;
+*p-- = c; len--; ret++;
+c = 0;
+if(data->invalid) c |= 1<<0;
+if(data->client) c |= 1<<1;
+if(data->server) c |= 1<<2;
+if(data->postdate) c |= 1<<3;
+if(data->renewable) c |= 1<<4;
+if(data->proxiable) c |= 1<<5;
+if(data->forwardable) c |= 1<<6;
+if(data->initial) c |= 1<<7;
+*p-- = c;
+*p-- = 0;
+len -= 2;
+ret += 2;
+}
+
+e = der_put_length_and_tag (p, len, ret, UNIV, PRIM,UT_BitString, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_HDBFlags(const unsigned char *p, size_t len, HDBFlags *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, UNIV, PRIM, UT_BitString,&reallen, &l);
+FORW;
+if(len < reallen)
+return ASN1_OVERRUN;
+p++;
+len--;
+reallen--;
+ret++;
+data->initial = (*p >> 7) & 1;
+data->forwardable = (*p >> 6) & 1;
+data->proxiable = (*p >> 5) & 1;
+data->renewable = (*p >> 4) & 1;
+data->postdate = (*p >> 3) & 1;
+data->server = (*p >> 2) & 1;
+data->client = (*p >> 1) & 1;
+data->invalid = (*p >> 0) & 1;
+p++; len--; reallen--; ret++;
+data->require_preauth = (*p >> 7) & 1;
+data->change_pw = (*p >> 6) & 1;
+data->require_hwauth = (*p >> 5) & 1;
+data->ok_as_delegate = (*p >> 4) & 1;
+data->user_to_user = (*p >> 3) & 1;
+data->immutable = (*p >> 2) & 1;
+p += reallen; len -= reallen; ret += reallen;
+if(size) *size = ret;
+return 0;
+fail:
+free_HDBFlags(data);
+return e;
+}
+
+void
+free_HDBFlags(HDBFlags *data)
+{
+}
+
+size_t
+length_HDBFlags(const HDBFlags *data)
+{
+size_t ret = 0;
+ret += 7;
+return ret;
+}
+
+int
+copy_HDBFlags(const HDBFlags *from, HDBFlags *to)
+{
+*(to) = *(from);
+return 0;
+}
+
+unsigned HDBFlags2int(HDBFlags f)
+{
+unsigned r = 0;
+if(f.initial) r |= (1U << 0);
+if(f.forwardable) r |= (1U << 1);
+if(f.proxiable) r |= (1U << 2);
+if(f.renewable) r |= (1U << 3);
+if(f.postdate) r |= (1U << 4);
+if(f.server) r |= (1U << 5);
+if(f.client) r |= (1U << 6);
+if(f.invalid) r |= (1U << 7);
+if(f.require_preauth) r |= (1U << 8);
+if(f.change_pw) r |= (1U << 9);
+if(f.require_hwauth) r |= (1U << 10);
+if(f.ok_as_delegate) r |= (1U << 11);
+if(f.user_to_user) r |= (1U << 12);
+if(f.immutable) r |= (1U << 13);
+return r;
+}
+
+HDBFlags int2HDBFlags(unsigned n)
+{
+	HDBFlags flags;
+
+	flags.initial = (n >> 0) & 1;
+	flags.forwardable = (n >> 1) & 1;
+	flags.proxiable = (n >> 2) & 1;
+	flags.renewable = (n >> 3) & 1;
+	flags.postdate = (n >> 4) & 1;
+	flags.server = (n >> 5) & 1;
+	flags.client = (n >> 6) & 1;
+	flags.invalid = (n >> 7) & 1;
+	flags.require_preauth = (n >> 8) & 1;
+	flags.change_pw = (n >> 9) & 1;
+	flags.require_hwauth = (n >> 10) & 1;
+	flags.ok_as_delegate = (n >> 11) & 1;
+	flags.user_to_user = (n >> 12) & 1;
+	flags.immutable = (n >> 13) & 1;
+	return flags;
+}
+
+struct units HDBFlags_units[] = {
+	{"immutable",	1U << 13},
+	{"user_to_user",	1U << 12},
+	{"ok_as_delegate",	1U << 11},
+	{"require_hwauth",	1U << 10},
+	{"change_pw",	1U << 9},
+	{"require_preauth",	1U << 8},
+	{"invalid",	1U << 7},
+	{"client",	1U << 6},
+	{"server",	1U << 5},
+	{"postdate",	1U << 4},
+	{"renewable",	1U << 3},
+	{"proxiable",	1U << 2},
+	{"forwardable",	1U << 1},
+	{"initial",	1U << 0},
+	{NULL,	0}
+};
+
diff --git a/lib/libkrb5/generated/asn1_HostAddress.c b/lib/libkrb5/generated/asn1_HostAddress.c
new file mode 100644
index 00000000000..7eb4012c5ed
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_HostAddress.c
@@ -0,0 +1,162 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_HostAddress(unsigned char *p, size_t len, const HostAddress *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+{
+int oldret = ret;
+ret = 0;
+e = encode_octet_string(p, len, &(data)->address, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, &(data)->addr_type, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 0, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_HostAddress(const unsigned char *p, size_t len, HostAddress *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 0, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_integer(p, len, &(data)->addr_type, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_octet_string(p, len, &(data)->address, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_HostAddress(data);
+return e;
+}
+
+void
+free_HostAddress(HostAddress *data)
+{
+free_octet_string(&(data)->address);
+}
+
+size_t
+length_HostAddress(const HostAddress *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+ret = 0;
+ret += length_integer(&(data)->addr_type);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_octet_string(&(data)->address);
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+return ret;
+}
+
+int
+copy_HostAddress(const HostAddress *from, HostAddress *to)
+{
+*(&(to)->addr_type) = *(&(from)->addr_type);
+if(copy_octet_string(&(from)->address, &(to)->address)) return ENOMEM;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_HostAddresses.c b/lib/libkrb5/generated/asn1_HostAddresses.c
new file mode 100644
index 00000000000..49d095ce2a5
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_HostAddresses.c
@@ -0,0 +1,111 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_HostAddresses(unsigned char *p, size_t len, const HostAddresses *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+for(i = (data)->len - 1; i >= 0; --i) {
+int oldret = ret;
+ret = 0;
+e = encode_HostAddress(p, len, &(data)->val[i], &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_HostAddresses(const unsigned char *p, size_t len, HostAddresses *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+if(len < reallen)
+return ASN1_OVERRUN;
+len = reallen;
+{
+size_t origlen = len;
+int oldret = ret;
+ret = 0;
+(data)->len = 0;
+(data)->val = NULL;
+while(ret < origlen) {
+(data)->len++;
+(data)->val = realloc((data)->val, sizeof(*((data)->val)) * (data)->len);
+e = decode_HostAddress(p, len, &(data)->val[(data)->len-1], &l);
+FORW;
+len = origlen - ret;
+}
+ret += oldret;
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_HostAddresses(data);
+return e;
+}
+
+void
+free_HostAddresses(HostAddresses *data)
+{
+while((data)->len){
+free_HostAddress(&(data)->val[(data)->len-1]);
+(data)->len--;
+}
+free((data)->val);
+}
+
+size_t
+length_HostAddresses(const HostAddresses *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+int i;
+ret = 0;
+for(i = (data)->len - 1; i >= 0; --i){
+ret += length_HostAddress(&(data)->val[i]);
+}
+ret += 1 + length_len(ret) + oldret;
+}
+return ret;
+}
+
+int
+copy_HostAddresses(const HostAddresses *from, HostAddresses *to)
+{
+if(((to)->val = malloc((from)->len * sizeof(*(to)->val))) == NULL && (from)->len != 0)
+return ENOMEM;
+for((to)->len = 0; (to)->len < (from)->len; (to)->len++){
+if(copy_HostAddress(&(from)->val[(to)->len], &(to)->val[(to)->len])) return ENOMEM;
+}
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_KDCOptions.c b/lib/libkrb5/generated/asn1_KDCOptions.c
new file mode 100644
index 00000000000..57f784b73f9
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_KDCOptions.c
@@ -0,0 +1,205 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_KDCOptions(unsigned char *p, size_t len, const KDCOptions *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+{
+unsigned char c = 0;
+if(data->validate) c |= 1<<0;
+if(data->renew) c |= 1<<1;
+if(data->enc_tkt_in_skey) c |= 1<<3;
+if(data->renewable_ok) c |= 1<<4;
+if(data->disable_transited_check) c |= 1<<5;
+*p-- = c; len--; ret++;
+c = 0;
+*p-- = c; len--; ret++;
+c = 0;
+if(data->canonicalize) c |= 1<<0;
+if(data->request_anonymous) c |= 1<<1;
+if(data->unused11) c |= 1<<4;
+if(data->unused10) c |= 1<<5;
+if(data->unused9) c |= 1<<6;
+if(data->renewable) c |= 1<<7;
+*p-- = c; len--; ret++;
+c = 0;
+if(data->unused7) c |= 1<<0;
+if(data->postdated) c |= 1<<1;
+if(data->allow_postdate) c |= 1<<2;
+if(data->proxy) c |= 1<<3;
+if(data->proxiable) c |= 1<<4;
+if(data->forwarded) c |= 1<<5;
+if(data->forwardable) c |= 1<<6;
+if(data->reserved) c |= 1<<7;
+*p-- = c;
+*p-- = 0;
+len -= 2;
+ret += 2;
+}
+
+e = der_put_length_and_tag (p, len, ret, UNIV, PRIM,UT_BitString, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_KDCOptions(const unsigned char *p, size_t len, KDCOptions *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, UNIV, PRIM, UT_BitString,&reallen, &l);
+FORW;
+if(len < reallen)
+return ASN1_OVERRUN;
+p++;
+len--;
+reallen--;
+ret++;
+data->reserved = (*p >> 7) & 1;
+data->forwardable = (*p >> 6) & 1;
+data->forwarded = (*p >> 5) & 1;
+data->proxiable = (*p >> 4) & 1;
+data->proxy = (*p >> 3) & 1;
+data->allow_postdate = (*p >> 2) & 1;
+data->postdated = (*p >> 1) & 1;
+data->unused7 = (*p >> 0) & 1;
+p++; len--; reallen--; ret++;
+data->renewable = (*p >> 7) & 1;
+data->unused9 = (*p >> 6) & 1;
+data->unused10 = (*p >> 5) & 1;
+data->unused11 = (*p >> 4) & 1;
+data->request_anonymous = (*p >> 1) & 1;
+data->canonicalize = (*p >> 0) & 1;
+p++; len--; reallen--; ret++;
+p++; len--; reallen--; ret++;
+data->disable_transited_check = (*p >> 5) & 1;
+data->renewable_ok = (*p >> 4) & 1;
+data->enc_tkt_in_skey = (*p >> 3) & 1;
+data->renew = (*p >> 1) & 1;
+data->validate = (*p >> 0) & 1;
+p += reallen; len -= reallen; ret += reallen;
+if(size) *size = ret;
+return 0;
+fail:
+free_KDCOptions(data);
+return e;
+}
+
+void
+free_KDCOptions(KDCOptions *data)
+{
+}
+
+size_t
+length_KDCOptions(const KDCOptions *data)
+{
+size_t ret = 0;
+ret += 7;
+return ret;
+}
+
+int
+copy_KDCOptions(const KDCOptions *from, KDCOptions *to)
+{
+*(to) = *(from);
+return 0;
+}
+
+unsigned KDCOptions2int(KDCOptions f)
+{
+unsigned r = 0;
+if(f.reserved) r |= (1U << 0);
+if(f.forwardable) r |= (1U << 1);
+if(f.forwarded) r |= (1U << 2);
+if(f.proxiable) r |= (1U << 3);
+if(f.proxy) r |= (1U << 4);
+if(f.allow_postdate) r |= (1U << 5);
+if(f.postdated) r |= (1U << 6);
+if(f.unused7) r |= (1U << 7);
+if(f.renewable) r |= (1U << 8);
+if(f.unused9) r |= (1U << 9);
+if(f.unused10) r |= (1U << 10);
+if(f.unused11) r |= (1U << 11);
+if(f.request_anonymous) r |= (1U << 14);
+if(f.canonicalize) r |= (1U << 15);
+if(f.disable_transited_check) r |= (1U << 26);
+if(f.renewable_ok) r |= (1U << 27);
+if(f.enc_tkt_in_skey) r |= (1U << 28);
+if(f.renew) r |= (1U << 30);
+if(f.validate) r |= (1U << 31);
+return r;
+}
+
+KDCOptions int2KDCOptions(unsigned n)
+{
+	KDCOptions flags;
+
+	flags.reserved = (n >> 0) & 1;
+	flags.forwardable = (n >> 1) & 1;
+	flags.forwarded = (n >> 2) & 1;
+	flags.proxiable = (n >> 3) & 1;
+	flags.proxy = (n >> 4) & 1;
+	flags.allow_postdate = (n >> 5) & 1;
+	flags.postdated = (n >> 6) & 1;
+	flags.unused7 = (n >> 7) & 1;
+	flags.renewable = (n >> 8) & 1;
+	flags.unused9 = (n >> 9) & 1;
+	flags.unused10 = (n >> 10) & 1;
+	flags.unused11 = (n >> 11) & 1;
+	flags.request_anonymous = (n >> 14) & 1;
+	flags.canonicalize = (n >> 15) & 1;
+	flags.disable_transited_check = (n >> 26) & 1;
+	flags.renewable_ok = (n >> 27) & 1;
+	flags.enc_tkt_in_skey = (n >> 28) & 1;
+	flags.renew = (n >> 30) & 1;
+	flags.validate = (n >> 31) & 1;
+	return flags;
+}
+
+struct units KDCOptions_units[] = {
+	{"validate",	1U << 31},
+	{"renew",	1U << 30},
+	{"enc_tkt_in_skey",	1U << 28},
+	{"renewable_ok",	1U << 27},
+	{"disable_transited_check",	1U << 26},
+	{"canonicalize",	1U << 15},
+	{"request_anonymous",	1U << 14},
+	{"unused11",	1U << 11},
+	{"unused10",	1U << 10},
+	{"unused9",	1U << 9},
+	{"renewable",	1U << 8},
+	{"unused7",	1U << 7},
+	{"postdated",	1U << 6},
+	{"allow_postdate",	1U << 5},
+	{"proxy",	1U << 4},
+	{"proxiable",	1U << 3},
+	{"forwarded",	1U << 2},
+	{"forwardable",	1U << 1},
+	{"reserved",	1U << 0},
+	{NULL,	0}
+};
+
diff --git a/lib/libkrb5/generated/asn1_KDC_REP.c b/lib/libkrb5/generated/asn1_KDC_REP.c
new file mode 100644
index 00000000000..14b7ddff225
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_KDC_REP.c
@@ -0,0 +1,388 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_KDC_REP(unsigned char *p, size_t len, const KDC_REP *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+{
+int oldret = ret;
+ret = 0;
+e = encode_EncryptedData(p, len, &(data)->enc_part, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 6, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_Ticket(p, len, &(data)->ticket, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 5, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_PrincipalName(p, len, &(data)->cname, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 4, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_Realm(p, len, &(data)->crealm, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 3, &l);
+BACK;
+ret += oldret;
+}
+if((data)->padata)
+{
+int oldret = ret;
+ret = 0;
+e = encode_METHOD_DATA(p, len, (data)->padata, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 2, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_MESSAGE_TYPE(p, len, &(data)->msg_type, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, &(data)->pvno, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 0, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_KDC_REP(const unsigned char *p, size_t len, KDC_REP *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 0, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_integer(p, len, &(data)->pvno, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_MESSAGE_TYPE(p, len, &(data)->msg_type, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 2, &l);
+if (e)
+(data)->padata = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->padata = malloc(sizeof(*(data)->padata));
+if((data)->padata == NULL) return ENOMEM;
+e = decode_METHOD_DATA(p, len, (data)->padata, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 3, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_Realm(p, len, &(data)->crealm, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 4, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_PrincipalName(p, len, &(data)->cname, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 5, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_Ticket(p, len, &(data)->ticket, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 6, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_EncryptedData(p, len, &(data)->enc_part, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_KDC_REP(data);
+return e;
+}
+
+void
+free_KDC_REP(KDC_REP *data)
+{
+free_MESSAGE_TYPE(&(data)->msg_type);
+if((data)->padata) {
+free_METHOD_DATA((data)->padata);
+free((data)->padata);
+}
+free_Realm(&(data)->crealm);
+free_PrincipalName(&(data)->cname);
+free_Ticket(&(data)->ticket);
+free_EncryptedData(&(data)->enc_part);
+}
+
+size_t
+length_KDC_REP(const KDC_REP *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+ret = 0;
+ret += length_integer(&(data)->pvno);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_MESSAGE_TYPE(&(data)->msg_type);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->padata){
+int oldret = ret;
+ret = 0;
+ret += length_METHOD_DATA((data)->padata);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_Realm(&(data)->crealm);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_PrincipalName(&(data)->cname);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_Ticket(&(data)->ticket);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_EncryptedData(&(data)->enc_part);
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+return ret;
+}
+
+int
+copy_KDC_REP(const KDC_REP *from, KDC_REP *to)
+{
+*(&(to)->pvno) = *(&(from)->pvno);
+if(copy_MESSAGE_TYPE(&(from)->msg_type, &(to)->msg_type)) return ENOMEM;
+if((from)->padata) {
+(to)->padata = malloc(sizeof(*(to)->padata));
+if((to)->padata == NULL) return ENOMEM;
+if(copy_METHOD_DATA((from)->padata, (to)->padata)) return ENOMEM;
+}else
+(to)->padata = NULL;
+if(copy_Realm(&(from)->crealm, &(to)->crealm)) return ENOMEM;
+if(copy_PrincipalName(&(from)->cname, &(to)->cname)) return ENOMEM;
+if(copy_Ticket(&(from)->ticket, &(to)->ticket)) return ENOMEM;
+if(copy_EncryptedData(&(from)->enc_part, &(to)->enc_part)) return ENOMEM;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_KDC_REQ.c b/lib/libkrb5/generated/asn1_KDC_REQ.c
new file mode 100644
index 00000000000..bb75ebeaf93
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_KDC_REQ.c
@@ -0,0 +1,259 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_KDC_REQ(unsigned char *p, size_t len, const KDC_REQ *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+{
+int oldret = ret;
+ret = 0;
+e = encode_KDC_REQ_BODY(p, len, &(data)->req_body, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 4, &l);
+BACK;
+ret += oldret;
+}
+if((data)->padata)
+{
+int oldret = ret;
+ret = 0;
+e = encode_METHOD_DATA(p, len, (data)->padata, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 3, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_MESSAGE_TYPE(p, len, &(data)->msg_type, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 2, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, &(data)->pvno, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_KDC_REQ(const unsigned char *p, size_t len, KDC_REQ *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_integer(p, len, &(data)->pvno, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 2, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_MESSAGE_TYPE(p, len, &(data)->msg_type, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 3, &l);
+if (e)
+(data)->padata = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->padata = malloc(sizeof(*(data)->padata));
+if((data)->padata == NULL) return ENOMEM;
+e = decode_METHOD_DATA(p, len, (data)->padata, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 4, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_KDC_REQ_BODY(p, len, &(data)->req_body, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_KDC_REQ(data);
+return e;
+}
+
+void
+free_KDC_REQ(KDC_REQ *data)
+{
+free_MESSAGE_TYPE(&(data)->msg_type);
+if((data)->padata) {
+free_METHOD_DATA((data)->padata);
+free((data)->padata);
+}
+free_KDC_REQ_BODY(&(data)->req_body);
+}
+
+size_t
+length_KDC_REQ(const KDC_REQ *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+ret = 0;
+ret += length_integer(&(data)->pvno);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_MESSAGE_TYPE(&(data)->msg_type);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->padata){
+int oldret = ret;
+ret = 0;
+ret += length_METHOD_DATA((data)->padata);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_KDC_REQ_BODY(&(data)->req_body);
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+return ret;
+}
+
+int
+copy_KDC_REQ(const KDC_REQ *from, KDC_REQ *to)
+{
+*(&(to)->pvno) = *(&(from)->pvno);
+if(copy_MESSAGE_TYPE(&(from)->msg_type, &(to)->msg_type)) return ENOMEM;
+if((from)->padata) {
+(to)->padata = malloc(sizeof(*(to)->padata));
+if((to)->padata == NULL) return ENOMEM;
+if(copy_METHOD_DATA((from)->padata, (to)->padata)) return ENOMEM;
+}else
+(to)->padata = NULL;
+if(copy_KDC_REQ_BODY(&(from)->req_body, &(to)->req_body)) return ENOMEM;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_KDC_REQ_BODY.c b/lib/libkrb5/generated/asn1_KDC_REQ_BODY.c
new file mode 100644
index 00000000000..e3fd4782c0e
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_KDC_REQ_BODY.c
@@ -0,0 +1,762 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_KDC_REQ_BODY(unsigned char *p, size_t len, const KDC_REQ_BODY *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+if((data)->additional_tickets)
+{
+int oldret = ret;
+ret = 0;
+for(i = ((data)->additional_tickets)->len - 1; i >= 0; --i) {
+int oldret = ret;
+ret = 0;
+e = encode_Ticket(p, len, &((data)->additional_tickets)->val[i], &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 11, &l);
+BACK;
+ret += oldret;
+}
+if((data)->enc_authorization_data)
+{
+int oldret = ret;
+ret = 0;
+e = encode_EncryptedData(p, len, (data)->enc_authorization_data, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 10, &l);
+BACK;
+ret += oldret;
+}
+if((data)->addresses)
+{
+int oldret = ret;
+ret = 0;
+e = encode_HostAddresses(p, len, (data)->addresses, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 9, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+for(i = (&(data)->etype)->len - 1; i >= 0; --i) {
+int oldret = ret;
+ret = 0;
+e = encode_ENCTYPE(p, len, &(&(data)->etype)->val[i], &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 8, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, &(data)->nonce, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 7, &l);
+BACK;
+ret += oldret;
+}
+if((data)->rtime)
+{
+int oldret = ret;
+ret = 0;
+e = encode_KerberosTime(p, len, (data)->rtime, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 6, &l);
+BACK;
+ret += oldret;
+}
+if((data)->till)
+{
+int oldret = ret;
+ret = 0;
+e = encode_KerberosTime(p, len, (data)->till, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 5, &l);
+BACK;
+ret += oldret;
+}
+if((data)->from)
+{
+int oldret = ret;
+ret = 0;
+e = encode_KerberosTime(p, len, (data)->from, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 4, &l);
+BACK;
+ret += oldret;
+}
+if((data)->sname)
+{
+int oldret = ret;
+ret = 0;
+e = encode_PrincipalName(p, len, (data)->sname, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 3, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_Realm(p, len, &(data)->realm, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 2, &l);
+BACK;
+ret += oldret;
+}
+if((data)->cname)
+{
+int oldret = ret;
+ret = 0;
+e = encode_PrincipalName(p, len, (data)->cname, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_KDCOptions(p, len, &(data)->kdc_options, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 0, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_KDC_REQ_BODY(const unsigned char *p, size_t len, KDC_REQ_BODY *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 0, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_KDCOptions(p, len, &(data)->kdc_options, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+(data)->cname = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->cname = malloc(sizeof(*(data)->cname));
+if((data)->cname == NULL) return ENOMEM;
+e = decode_PrincipalName(p, len, (data)->cname, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 2, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_Realm(p, len, &(data)->realm, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 3, &l);
+if (e)
+(data)->sname = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->sname = malloc(sizeof(*(data)->sname));
+if((data)->sname == NULL) return ENOMEM;
+e = decode_PrincipalName(p, len, (data)->sname, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 4, &l);
+if (e)
+(data)->from = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->from = malloc(sizeof(*(data)->from));
+if((data)->from == NULL) return ENOMEM;
+e = decode_KerberosTime(p, len, (data)->from, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 5, &l);
+if (e)
+(data)->till = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->till = malloc(sizeof(*(data)->till));
+if((data)->till == NULL) return ENOMEM;
+e = decode_KerberosTime(p, len, (data)->till, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 6, &l);
+if (e)
+(data)->rtime = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->rtime = malloc(sizeof(*(data)->rtime));
+if((data)->rtime == NULL) return ENOMEM;
+e = decode_KerberosTime(p, len, (data)->rtime, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 7, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_integer(p, len, &(data)->nonce, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 8, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+if(len < reallen)
+return ASN1_OVERRUN;
+len = reallen;
+{
+size_t origlen = len;
+int oldret = ret;
+ret = 0;
+(&(data)->etype)->len = 0;
+(&(data)->etype)->val = NULL;
+while(ret < origlen) {
+(&(data)->etype)->len++;
+(&(data)->etype)->val = realloc((&(data)->etype)->val, sizeof(*((&(data)->etype)->val)) * (&(data)->etype)->len);
+e = decode_ENCTYPE(p, len, &(&(data)->etype)->val[(&(data)->etype)->len-1], &l);
+FORW;
+len = origlen - ret;
+}
+ret += oldret;
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 9, &l);
+if (e)
+(data)->addresses = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->addresses = malloc(sizeof(*(data)->addresses));
+if((data)->addresses == NULL) return ENOMEM;
+e = decode_HostAddresses(p, len, (data)->addresses, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 10, &l);
+if (e)
+(data)->enc_authorization_data = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->enc_authorization_data = malloc(sizeof(*(data)->enc_authorization_data));
+if((data)->enc_authorization_data == NULL) return ENOMEM;
+e = decode_EncryptedData(p, len, (data)->enc_authorization_data, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 11, &l);
+if (e)
+(data)->additional_tickets = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->additional_tickets = malloc(sizeof(*(data)->additional_tickets));
+if((data)->additional_tickets == NULL) return ENOMEM;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+if(len < reallen)
+return ASN1_OVERRUN;
+len = reallen;
+{
+size_t origlen = len;
+int oldret = ret;
+ret = 0;
+((data)->additional_tickets)->len = 0;
+((data)->additional_tickets)->val = NULL;
+while(ret < origlen) {
+((data)->additional_tickets)->len++;
+((data)->additional_tickets)->val = realloc(((data)->additional_tickets)->val, sizeof(*(((data)->additional_tickets)->val)) * ((data)->additional_tickets)->len);
+e = decode_Ticket(p, len, &((data)->additional_tickets)->val[((data)->additional_tickets)->len-1], &l);
+FORW;
+len = origlen - ret;
+}
+ret += oldret;
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_KDC_REQ_BODY(data);
+return e;
+}
+
+void
+free_KDC_REQ_BODY(KDC_REQ_BODY *data)
+{
+free_KDCOptions(&(data)->kdc_options);
+if((data)->cname) {
+free_PrincipalName((data)->cname);
+free((data)->cname);
+}
+free_Realm(&(data)->realm);
+if((data)->sname) {
+free_PrincipalName((data)->sname);
+free((data)->sname);
+}
+if((data)->from) {
+free_KerberosTime((data)->from);
+free((data)->from);
+}
+if((data)->till) {
+free_KerberosTime((data)->till);
+free((data)->till);
+}
+if((data)->rtime) {
+free_KerberosTime((data)->rtime);
+free((data)->rtime);
+}
+while((&(data)->etype)->len){
+free_ENCTYPE(&(&(data)->etype)->val[(&(data)->etype)->len-1]);
+(&(data)->etype)->len--;
+}
+free((&(data)->etype)->val);
+if((data)->addresses) {
+free_HostAddresses((data)->addresses);
+free((data)->addresses);
+}
+if((data)->enc_authorization_data) {
+free_EncryptedData((data)->enc_authorization_data);
+free((data)->enc_authorization_data);
+}
+if((data)->additional_tickets) {
+while(((data)->additional_tickets)->len){
+free_Ticket(&((data)->additional_tickets)->val[((data)->additional_tickets)->len-1]);
+((data)->additional_tickets)->len--;
+}
+free(((data)->additional_tickets)->val);
+free((data)->additional_tickets);
+}
+}
+
+size_t
+length_KDC_REQ_BODY(const KDC_REQ_BODY *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+ret = 0;
+ret += length_KDCOptions(&(data)->kdc_options);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->cname){
+int oldret = ret;
+ret = 0;
+ret += length_PrincipalName((data)->cname);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_Realm(&(data)->realm);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->sname){
+int oldret = ret;
+ret = 0;
+ret += length_PrincipalName((data)->sname);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->from){
+int oldret = ret;
+ret = 0;
+ret += length_KerberosTime((data)->from);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->till){
+int oldret = ret;
+ret = 0;
+ret += length_KerberosTime((data)->till);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->rtime){
+int oldret = ret;
+ret = 0;
+ret += length_KerberosTime((data)->rtime);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_integer(&(data)->nonce);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+{
+int oldret = ret;
+int i;
+ret = 0;
+for(i = (&(data)->etype)->len - 1; i >= 0; --i){
+ret += length_ENCTYPE(&(&(data)->etype)->val[i]);
+}
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->addresses){
+int oldret = ret;
+ret = 0;
+ret += length_HostAddresses((data)->addresses);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->enc_authorization_data){
+int oldret = ret;
+ret = 0;
+ret += length_EncryptedData((data)->enc_authorization_data);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->additional_tickets){
+int oldret = ret;
+ret = 0;
+{
+int oldret = ret;
+int i;
+ret = 0;
+for(i = ((data)->additional_tickets)->len - 1; i >= 0; --i){
+ret += length_Ticket(&((data)->additional_tickets)->val[i]);
+}
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+return ret;
+}
+
+int
+copy_KDC_REQ_BODY(const KDC_REQ_BODY *from, KDC_REQ_BODY *to)
+{
+if(copy_KDCOptions(&(from)->kdc_options, &(to)->kdc_options)) return ENOMEM;
+if((from)->cname) {
+(to)->cname = malloc(sizeof(*(to)->cname));
+if((to)->cname == NULL) return ENOMEM;
+if(copy_PrincipalName((from)->cname, (to)->cname)) return ENOMEM;
+}else
+(to)->cname = NULL;
+if(copy_Realm(&(from)->realm, &(to)->realm)) return ENOMEM;
+if((from)->sname) {
+(to)->sname = malloc(sizeof(*(to)->sname));
+if((to)->sname == NULL) return ENOMEM;
+if(copy_PrincipalName((from)->sname, (to)->sname)) return ENOMEM;
+}else
+(to)->sname = NULL;
+if((from)->from) {
+(to)->from = malloc(sizeof(*(to)->from));
+if((to)->from == NULL) return ENOMEM;
+if(copy_KerberosTime((from)->from, (to)->from)) return ENOMEM;
+}else
+(to)->from = NULL;
+if((from)->till) {
+(to)->till = malloc(sizeof(*(to)->till));
+if((to)->till == NULL) return ENOMEM;
+if(copy_KerberosTime((from)->till, (to)->till)) return ENOMEM;
+}else
+(to)->till = NULL;
+if((from)->rtime) {
+(to)->rtime = malloc(sizeof(*(to)->rtime));
+if((to)->rtime == NULL) return ENOMEM;
+if(copy_KerberosTime((from)->rtime, (to)->rtime)) return ENOMEM;
+}else
+(to)->rtime = NULL;
+*(&(to)->nonce) = *(&(from)->nonce);
+if(((&(to)->etype)->val = malloc((&(from)->etype)->len * sizeof(*(&(to)->etype)->val))) == NULL && (&(from)->etype)->len != 0)
+return ENOMEM;
+for((&(to)->etype)->len = 0; (&(to)->etype)->len < (&(from)->etype)->len; (&(to)->etype)->len++){
+if(copy_ENCTYPE(&(&(from)->etype)->val[(&(to)->etype)->len], &(&(to)->etype)->val[(&(to)->etype)->len])) return ENOMEM;
+}
+if((from)->addresses) {
+(to)->addresses = malloc(sizeof(*(to)->addresses));
+if((to)->addresses == NULL) return ENOMEM;
+if(copy_HostAddresses((from)->addresses, (to)->addresses)) return ENOMEM;
+}else
+(to)->addresses = NULL;
+if((from)->enc_authorization_data) {
+(to)->enc_authorization_data = malloc(sizeof(*(to)->enc_authorization_data));
+if((to)->enc_authorization_data == NULL) return ENOMEM;
+if(copy_EncryptedData((from)->enc_authorization_data, (to)->enc_authorization_data)) return ENOMEM;
+}else
+(to)->enc_authorization_data = NULL;
+if((from)->additional_tickets) {
+(to)->additional_tickets = malloc(sizeof(*(to)->additional_tickets));
+if((to)->additional_tickets == NULL) return ENOMEM;
+if((((to)->additional_tickets)->val = malloc(((from)->additional_tickets)->len * sizeof(*((to)->additional_tickets)->val))) == NULL && ((from)->additional_tickets)->len != 0)
+return ENOMEM;
+for(((to)->additional_tickets)->len = 0; ((to)->additional_tickets)->len < ((from)->additional_tickets)->len; ((to)->additional_tickets)->len++){
+if(copy_Ticket(&((from)->additional_tickets)->val[((to)->additional_tickets)->len], &((to)->additional_tickets)->val[((to)->additional_tickets)->len])) return ENOMEM;
+}
+}else
+(to)->additional_tickets = NULL;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_KRB_CRED.c b/lib/libkrb5/generated/asn1_KRB_CRED.c
new file mode 100644
index 00000000000..f5bcb132cf4
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_KRB_CRED.c
@@ -0,0 +1,303 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_KRB_CRED(unsigned char *p, size_t len, const KRB_CRED *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+{
+int oldret = ret;
+ret = 0;
+e = encode_EncryptedData(p, len, &(data)->enc_part, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 3, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+for(i = (&(data)->tickets)->len - 1; i >= 0; --i) {
+int oldret = ret;
+ret = 0;
+e = encode_Ticket(p, len, &(&(data)->tickets)->val[i], &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 2, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_MESSAGE_TYPE(p, len, &(data)->msg_type, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, &(data)->pvno, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 0, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, APPL, CONS, 22, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_KRB_CRED(const unsigned char *p, size_t len, KRB_CRED *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, APPL, CONS, 22, &reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 0, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_integer(p, len, &(data)->pvno, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_MESSAGE_TYPE(p, len, &(data)->msg_type, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 2, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+if(len < reallen)
+return ASN1_OVERRUN;
+len = reallen;
+{
+size_t origlen = len;
+int oldret = ret;
+ret = 0;
+(&(data)->tickets)->len = 0;
+(&(data)->tickets)->val = NULL;
+while(ret < origlen) {
+(&(data)->tickets)->len++;
+(&(data)->tickets)->val = realloc((&(data)->tickets)->val, sizeof(*((&(data)->tickets)->val)) * (&(data)->tickets)->len);
+e = decode_Ticket(p, len, &(&(data)->tickets)->val[(&(data)->tickets)->len-1], &l);
+FORW;
+len = origlen - ret;
+}
+ret += oldret;
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 3, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_EncryptedData(p, len, &(data)->enc_part, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_KRB_CRED(data);
+return e;
+}
+
+void
+free_KRB_CRED(KRB_CRED *data)
+{
+free_MESSAGE_TYPE(&(data)->msg_type);
+while((&(data)->tickets)->len){
+free_Ticket(&(&(data)->tickets)->val[(&(data)->tickets)->len-1]);
+(&(data)->tickets)->len--;
+}
+free((&(data)->tickets)->val);
+free_EncryptedData(&(data)->enc_part);
+}
+
+size_t
+length_KRB_CRED(const KRB_CRED *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+ret = 0;
+ret += length_integer(&(data)->pvno);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_MESSAGE_TYPE(&(data)->msg_type);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+{
+int oldret = ret;
+int i;
+ret = 0;
+for(i = (&(data)->tickets)->len - 1; i >= 0; --i){
+ret += length_Ticket(&(&(data)->tickets)->val[i]);
+}
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_EncryptedData(&(data)->enc_part);
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+ret += 1 + length_len (ret);
+return ret;
+}
+
+int
+copy_KRB_CRED(const KRB_CRED *from, KRB_CRED *to)
+{
+*(&(to)->pvno) = *(&(from)->pvno);
+if(copy_MESSAGE_TYPE(&(from)->msg_type, &(to)->msg_type)) return ENOMEM;
+if(((&(to)->tickets)->val = malloc((&(from)->tickets)->len * sizeof(*(&(to)->tickets)->val))) == NULL && (&(from)->tickets)->len != 0)
+return ENOMEM;
+for((&(to)->tickets)->len = 0; (&(to)->tickets)->len < (&(from)->tickets)->len; (&(to)->tickets)->len++){
+if(copy_Ticket(&(&(from)->tickets)->val[(&(to)->tickets)->len], &(&(to)->tickets)->val[(&(to)->tickets)->len])) return ENOMEM;
+}
+if(copy_EncryptedData(&(from)->enc_part, &(to)->enc_part)) return ENOMEM;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_KRB_ERROR.c b/lib/libkrb5/generated/asn1_KRB_ERROR.c
new file mode 100644
index 00000000000..241bf8f06e2
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_KRB_ERROR.c
@@ -0,0 +1,712 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_KRB_ERROR(unsigned char *p, size_t len, const KRB_ERROR *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+if((data)->e_data)
+{
+int oldret = ret;
+ret = 0;
+e = encode_octet_string(p, len, (data)->e_data, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 12, &l);
+BACK;
+ret += oldret;
+}
+if((data)->e_text)
+{
+int oldret = ret;
+ret = 0;
+e = encode_general_string(p, len, (data)->e_text, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 11, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_PrincipalName(p, len, &(data)->sname, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 10, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_Realm(p, len, &(data)->realm, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 9, &l);
+BACK;
+ret += oldret;
+}
+if((data)->cname)
+{
+int oldret = ret;
+ret = 0;
+e = encode_PrincipalName(p, len, (data)->cname, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 8, &l);
+BACK;
+ret += oldret;
+}
+if((data)->crealm)
+{
+int oldret = ret;
+ret = 0;
+e = encode_Realm(p, len, (data)->crealm, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 7, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, &(data)->error_code, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 6, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, &(data)->susec, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 5, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_KerberosTime(p, len, &(data)->stime, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 4, &l);
+BACK;
+ret += oldret;
+}
+if((data)->cusec)
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, (data)->cusec, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 3, &l);
+BACK;
+ret += oldret;
+}
+if((data)->ctime)
+{
+int oldret = ret;
+ret = 0;
+e = encode_KerberosTime(p, len, (data)->ctime, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 2, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_MESSAGE_TYPE(p, len, &(data)->msg_type, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, &(data)->pvno, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 0, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, APPL, CONS, 30, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_KRB_ERROR(const unsigned char *p, size_t len, KRB_ERROR *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, APPL, CONS, 30, &reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 0, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_integer(p, len, &(data)->pvno, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_MESSAGE_TYPE(p, len, &(data)->msg_type, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 2, &l);
+if (e)
+(data)->ctime = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->ctime = malloc(sizeof(*(data)->ctime));
+if((data)->ctime == NULL) return ENOMEM;
+e = decode_KerberosTime(p, len, (data)->ctime, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 3, &l);
+if (e)
+(data)->cusec = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->cusec = malloc(sizeof(*(data)->cusec));
+if((data)->cusec == NULL) return ENOMEM;
+e = decode_integer(p, len, (data)->cusec, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 4, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_KerberosTime(p, len, &(data)->stime, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 5, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_integer(p, len, &(data)->susec, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 6, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_integer(p, len, &(data)->error_code, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 7, &l);
+if (e)
+(data)->crealm = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->crealm = malloc(sizeof(*(data)->crealm));
+if((data)->crealm == NULL) return ENOMEM;
+e = decode_Realm(p, len, (data)->crealm, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 8, &l);
+if (e)
+(data)->cname = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->cname = malloc(sizeof(*(data)->cname));
+if((data)->cname == NULL) return ENOMEM;
+e = decode_PrincipalName(p, len, (data)->cname, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 9, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_Realm(p, len, &(data)->realm, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 10, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_PrincipalName(p, len, &(data)->sname, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 11, &l);
+if (e)
+(data)->e_text = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->e_text = malloc(sizeof(*(data)->e_text));
+if((data)->e_text == NULL) return ENOMEM;
+e = decode_general_string(p, len, (data)->e_text, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 12, &l);
+if (e)
+(data)->e_data = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->e_data = malloc(sizeof(*(data)->e_data));
+if((data)->e_data == NULL) return ENOMEM;
+e = decode_octet_string(p, len, (data)->e_data, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_KRB_ERROR(data);
+return e;
+}
+
+void
+free_KRB_ERROR(KRB_ERROR *data)
+{
+free_MESSAGE_TYPE(&(data)->msg_type);
+if((data)->ctime) {
+free_KerberosTime((data)->ctime);
+free((data)->ctime);
+}
+if((data)->cusec) {
+free((data)->cusec);
+}
+free_KerberosTime(&(data)->stime);
+if((data)->crealm) {
+free_Realm((data)->crealm);
+free((data)->crealm);
+}
+if((data)->cname) {
+free_PrincipalName((data)->cname);
+free((data)->cname);
+}
+free_Realm(&(data)->realm);
+free_PrincipalName(&(data)->sname);
+if((data)->e_text) {
+free_general_string((data)->e_text);
+free((data)->e_text);
+}
+if((data)->e_data) {
+free_octet_string((data)->e_data);
+free((data)->e_data);
+}
+}
+
+size_t
+length_KRB_ERROR(const KRB_ERROR *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+ret = 0;
+ret += length_integer(&(data)->pvno);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_MESSAGE_TYPE(&(data)->msg_type);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->ctime){
+int oldret = ret;
+ret = 0;
+ret += length_KerberosTime((data)->ctime);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->cusec){
+int oldret = ret;
+ret = 0;
+ret += length_integer((data)->cusec);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_KerberosTime(&(data)->stime);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_integer(&(data)->susec);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_integer(&(data)->error_code);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->crealm){
+int oldret = ret;
+ret = 0;
+ret += length_Realm((data)->crealm);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->cname){
+int oldret = ret;
+ret = 0;
+ret += length_PrincipalName((data)->cname);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_Realm(&(data)->realm);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_PrincipalName(&(data)->sname);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->e_text){
+int oldret = ret;
+ret = 0;
+ret += length_general_string((data)->e_text);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->e_data){
+int oldret = ret;
+ret = 0;
+ret += length_octet_string((data)->e_data);
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+ret += 1 + length_len (ret);
+return ret;
+}
+
+int
+copy_KRB_ERROR(const KRB_ERROR *from, KRB_ERROR *to)
+{
+*(&(to)->pvno) = *(&(from)->pvno);
+if(copy_MESSAGE_TYPE(&(from)->msg_type, &(to)->msg_type)) return ENOMEM;
+if((from)->ctime) {
+(to)->ctime = malloc(sizeof(*(to)->ctime));
+if((to)->ctime == NULL) return ENOMEM;
+if(copy_KerberosTime((from)->ctime, (to)->ctime)) return ENOMEM;
+}else
+(to)->ctime = NULL;
+if((from)->cusec) {
+(to)->cusec = malloc(sizeof(*(to)->cusec));
+if((to)->cusec == NULL) return ENOMEM;
+*((to)->cusec) = *((from)->cusec);
+}else
+(to)->cusec = NULL;
+if(copy_KerberosTime(&(from)->stime, &(to)->stime)) return ENOMEM;
+*(&(to)->susec) = *(&(from)->susec);
+*(&(to)->error_code) = *(&(from)->error_code);
+if((from)->crealm) {
+(to)->crealm = malloc(sizeof(*(to)->crealm));
+if((to)->crealm == NULL) return ENOMEM;
+if(copy_Realm((from)->crealm, (to)->crealm)) return ENOMEM;
+}else
+(to)->crealm = NULL;
+if((from)->cname) {
+(to)->cname = malloc(sizeof(*(to)->cname));
+if((to)->cname == NULL) return ENOMEM;
+if(copy_PrincipalName((from)->cname, (to)->cname)) return ENOMEM;
+}else
+(to)->cname = NULL;
+if(copy_Realm(&(from)->realm, &(to)->realm)) return ENOMEM;
+if(copy_PrincipalName(&(from)->sname, &(to)->sname)) return ENOMEM;
+if((from)->e_text) {
+(to)->e_text = malloc(sizeof(*(to)->e_text));
+if((to)->e_text == NULL) return ENOMEM;
+if(copy_general_string((from)->e_text, (to)->e_text)) return ENOMEM;
+}else
+(to)->e_text = NULL;
+if((from)->e_data) {
+(to)->e_data = malloc(sizeof(*(to)->e_data));
+if((to)->e_data == NULL) return ENOMEM;
+if(copy_octet_string((from)->e_data, (to)->e_data)) return ENOMEM;
+}else
+(to)->e_data = NULL;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_KRB_PRIV.c b/lib/libkrb5/generated/asn1_KRB_PRIV.c
new file mode 100644
index 00000000000..3e460d6fcce
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_KRB_PRIV.c
@@ -0,0 +1,219 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_KRB_PRIV(unsigned char *p, size_t len, const KRB_PRIV *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+{
+int oldret = ret;
+ret = 0;
+e = encode_EncryptedData(p, len, &(data)->enc_part, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 3, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_MESSAGE_TYPE(p, len, &(data)->msg_type, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, &(data)->pvno, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 0, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, APPL, CONS, 21, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_KRB_PRIV(const unsigned char *p, size_t len, KRB_PRIV *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, APPL, CONS, 21, &reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 0, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_integer(p, len, &(data)->pvno, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_MESSAGE_TYPE(p, len, &(data)->msg_type, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 3, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_EncryptedData(p, len, &(data)->enc_part, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_KRB_PRIV(data);
+return e;
+}
+
+void
+free_KRB_PRIV(KRB_PRIV *data)
+{
+free_MESSAGE_TYPE(&(data)->msg_type);
+free_EncryptedData(&(data)->enc_part);
+}
+
+size_t
+length_KRB_PRIV(const KRB_PRIV *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+ret = 0;
+ret += length_integer(&(data)->pvno);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_MESSAGE_TYPE(&(data)->msg_type);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_EncryptedData(&(data)->enc_part);
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+ret += 1 + length_len (ret);
+return ret;
+}
+
+int
+copy_KRB_PRIV(const KRB_PRIV *from, KRB_PRIV *to)
+{
+*(&(to)->pvno) = *(&(from)->pvno);
+if(copy_MESSAGE_TYPE(&(from)->msg_type, &(to)->msg_type)) return ENOMEM;
+if(copy_EncryptedData(&(from)->enc_part, &(to)->enc_part)) return ENOMEM;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_KRB_SAFE.c b/lib/libkrb5/generated/asn1_KRB_SAFE.c
new file mode 100644
index 00000000000..f25ec1ce08a
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_KRB_SAFE.c
@@ -0,0 +1,262 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_KRB_SAFE(unsigned char *p, size_t len, const KRB_SAFE *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+{
+int oldret = ret;
+ret = 0;
+e = encode_Checksum(p, len, &(data)->cksum, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 3, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_KRB_SAFE_BODY(p, len, &(data)->safe_body, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 2, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_MESSAGE_TYPE(p, len, &(data)->msg_type, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, &(data)->pvno, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 0, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, APPL, CONS, 20, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_KRB_SAFE(const unsigned char *p, size_t len, KRB_SAFE *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, APPL, CONS, 20, &reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 0, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_integer(p, len, &(data)->pvno, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_MESSAGE_TYPE(p, len, &(data)->msg_type, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 2, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_KRB_SAFE_BODY(p, len, &(data)->safe_body, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 3, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_Checksum(p, len, &(data)->cksum, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_KRB_SAFE(data);
+return e;
+}
+
+void
+free_KRB_SAFE(KRB_SAFE *data)
+{
+free_MESSAGE_TYPE(&(data)->msg_type);
+free_KRB_SAFE_BODY(&(data)->safe_body);
+free_Checksum(&(data)->cksum);
+}
+
+size_t
+length_KRB_SAFE(const KRB_SAFE *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+ret = 0;
+ret += length_integer(&(data)->pvno);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_MESSAGE_TYPE(&(data)->msg_type);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_KRB_SAFE_BODY(&(data)->safe_body);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_Checksum(&(data)->cksum);
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+ret += 1 + length_len (ret);
+return ret;
+}
+
+int
+copy_KRB_SAFE(const KRB_SAFE *from, KRB_SAFE *to)
+{
+*(&(to)->pvno) = *(&(from)->pvno);
+if(copy_MESSAGE_TYPE(&(from)->msg_type, &(to)->msg_type)) return ENOMEM;
+if(copy_KRB_SAFE_BODY(&(from)->safe_body, &(to)->safe_body)) return ENOMEM;
+if(copy_Checksum(&(from)->cksum, &(to)->cksum)) return ENOMEM;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_KRB_SAFE_BODY.c b/lib/libkrb5/generated/asn1_KRB_SAFE_BODY.c
new file mode 100644
index 00000000000..09014c2eb65
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_KRB_SAFE_BODY.c
@@ -0,0 +1,389 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_KRB_SAFE_BODY(unsigned char *p, size_t len, const KRB_SAFE_BODY *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+if((data)->r_address)
+{
+int oldret = ret;
+ret = 0;
+e = encode_HostAddress(p, len, (data)->r_address, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 5, &l);
+BACK;
+ret += oldret;
+}
+if((data)->s_address)
+{
+int oldret = ret;
+ret = 0;
+e = encode_HostAddress(p, len, (data)->s_address, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 4, &l);
+BACK;
+ret += oldret;
+}
+if((data)->seq_number)
+{
+int oldret = ret;
+ret = 0;
+e = encode_UNSIGNED(p, len, (data)->seq_number, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 3, &l);
+BACK;
+ret += oldret;
+}
+if((data)->usec)
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, (data)->usec, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 2, &l);
+BACK;
+ret += oldret;
+}
+if((data)->timestamp)
+{
+int oldret = ret;
+ret = 0;
+e = encode_KerberosTime(p, len, (data)->timestamp, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_octet_string(p, len, &(data)->user_data, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 0, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_KRB_SAFE_BODY(const unsigned char *p, size_t len, KRB_SAFE_BODY *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 0, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_octet_string(p, len, &(data)->user_data, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+(data)->timestamp = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->timestamp = malloc(sizeof(*(data)->timestamp));
+if((data)->timestamp == NULL) return ENOMEM;
+e = decode_KerberosTime(p, len, (data)->timestamp, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 2, &l);
+if (e)
+(data)->usec = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->usec = malloc(sizeof(*(data)->usec));
+if((data)->usec == NULL) return ENOMEM;
+e = decode_integer(p, len, (data)->usec, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 3, &l);
+if (e)
+(data)->seq_number = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->seq_number = malloc(sizeof(*(data)->seq_number));
+if((data)->seq_number == NULL) return ENOMEM;
+e = decode_UNSIGNED(p, len, (data)->seq_number, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 4, &l);
+if (e)
+(data)->s_address = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->s_address = malloc(sizeof(*(data)->s_address));
+if((data)->s_address == NULL) return ENOMEM;
+e = decode_HostAddress(p, len, (data)->s_address, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 5, &l);
+if (e)
+(data)->r_address = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->r_address = malloc(sizeof(*(data)->r_address));
+if((data)->r_address == NULL) return ENOMEM;
+e = decode_HostAddress(p, len, (data)->r_address, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_KRB_SAFE_BODY(data);
+return e;
+}
+
+void
+free_KRB_SAFE_BODY(KRB_SAFE_BODY *data)
+{
+free_octet_string(&(data)->user_data);
+if((data)->timestamp) {
+free_KerberosTime((data)->timestamp);
+free((data)->timestamp);
+}
+if((data)->usec) {
+free((data)->usec);
+}
+if((data)->seq_number) {
+free_UNSIGNED((data)->seq_number);
+free((data)->seq_number);
+}
+if((data)->s_address) {
+free_HostAddress((data)->s_address);
+free((data)->s_address);
+}
+if((data)->r_address) {
+free_HostAddress((data)->r_address);
+free((data)->r_address);
+}
+}
+
+size_t
+length_KRB_SAFE_BODY(const KRB_SAFE_BODY *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+ret = 0;
+ret += length_octet_string(&(data)->user_data);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->timestamp){
+int oldret = ret;
+ret = 0;
+ret += length_KerberosTime((data)->timestamp);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->usec){
+int oldret = ret;
+ret = 0;
+ret += length_integer((data)->usec);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->seq_number){
+int oldret = ret;
+ret = 0;
+ret += length_UNSIGNED((data)->seq_number);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->s_address){
+int oldret = ret;
+ret = 0;
+ret += length_HostAddress((data)->s_address);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->r_address){
+int oldret = ret;
+ret = 0;
+ret += length_HostAddress((data)->r_address);
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+return ret;
+}
+
+int
+copy_KRB_SAFE_BODY(const KRB_SAFE_BODY *from, KRB_SAFE_BODY *to)
+{
+if(copy_octet_string(&(from)->user_data, &(to)->user_data)) return ENOMEM;
+if((from)->timestamp) {
+(to)->timestamp = malloc(sizeof(*(to)->timestamp));
+if((to)->timestamp == NULL) return ENOMEM;
+if(copy_KerberosTime((from)->timestamp, (to)->timestamp)) return ENOMEM;
+}else
+(to)->timestamp = NULL;
+if((from)->usec) {
+(to)->usec = malloc(sizeof(*(to)->usec));
+if((to)->usec == NULL) return ENOMEM;
+*((to)->usec) = *((from)->usec);
+}else
+(to)->usec = NULL;
+if((from)->seq_number) {
+(to)->seq_number = malloc(sizeof(*(to)->seq_number));
+if((to)->seq_number == NULL) return ENOMEM;
+if(copy_UNSIGNED((from)->seq_number, (to)->seq_number)) return ENOMEM;
+}else
+(to)->seq_number = NULL;
+if((from)->s_address) {
+(to)->s_address = malloc(sizeof(*(to)->s_address));
+if((to)->s_address == NULL) return ENOMEM;
+if(copy_HostAddress((from)->s_address, (to)->s_address)) return ENOMEM;
+}else
+(to)->s_address = NULL;
+if((from)->r_address) {
+(to)->r_address = malloc(sizeof(*(to)->r_address));
+if((to)->r_address == NULL) return ENOMEM;
+if(copy_HostAddress((from)->r_address, (to)->r_address)) return ENOMEM;
+}else
+(to)->r_address = NULL;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_KerberosTime.c b/lib/libkrb5/generated/asn1_KerberosTime.c
new file mode 100644
index 00000000000..c99bd75ac70
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_KerberosTime.c
@@ -0,0 +1,69 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_KerberosTime(unsigned char *p, size_t len, const KerberosTime *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+e = encode_generalized_time(p, len, data, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_KerberosTime(const unsigned char *p, size_t len, KerberosTime *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = decode_generalized_time(p, len, data, &l);
+FORW;
+if(size) *size = ret;
+return 0;
+fail:
+free_KerberosTime(data);
+return e;
+}
+
+void
+free_KerberosTime(KerberosTime *data)
+{
+}
+
+size_t
+length_KerberosTime(const KerberosTime *data)
+{
+size_t ret = 0;
+ret += length_generalized_time(data);
+return ret;
+}
+
+int
+copy_KerberosTime(const KerberosTime *from, KerberosTime *to)
+{
+*(to) = *(from);
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_Key.c b/lib/libkrb5/generated/asn1_Key.c
new file mode 100644
index 00000000000..84f9b1739b3
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_Key.c
@@ -0,0 +1,228 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/hdb/hdb.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <hdb_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_Key(unsigned char *p, size_t len, const Key *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+if((data)->salt)
+{
+int oldret = ret;
+ret = 0;
+e = encode_Salt(p, len, (data)->salt, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 2, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_EncryptionKey(p, len, &(data)->key, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+if((data)->mkvno)
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, (data)->mkvno, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 0, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_Key(const unsigned char *p, size_t len, Key *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 0, &l);
+if (e)
+(data)->mkvno = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->mkvno = malloc(sizeof(*(data)->mkvno));
+if((data)->mkvno == NULL) return ENOMEM;
+e = decode_integer(p, len, (data)->mkvno, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_EncryptionKey(p, len, &(data)->key, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 2, &l);
+if (e)
+(data)->salt = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->salt = malloc(sizeof(*(data)->salt));
+if((data)->salt == NULL) return ENOMEM;
+e = decode_Salt(p, len, (data)->salt, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_Key(data);
+return e;
+}
+
+void
+free_Key(Key *data)
+{
+if((data)->mkvno) {
+free((data)->mkvno);
+}
+free_EncryptionKey(&(data)->key);
+if((data)->salt) {
+free_Salt((data)->salt);
+free((data)->salt);
+}
+}
+
+size_t
+length_Key(const Key *data)
+{
+size_t ret = 0;
+if((data)->mkvno){
+int oldret = ret;
+ret = 0;
+ret += length_integer((data)->mkvno);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_EncryptionKey(&(data)->key);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->salt){
+int oldret = ret;
+ret = 0;
+ret += length_Salt((data)->salt);
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+return ret;
+}
+
+int
+copy_Key(const Key *from, Key *to)
+{
+if((from)->mkvno) {
+(to)->mkvno = malloc(sizeof(*(to)->mkvno));
+if((to)->mkvno == NULL) return ENOMEM;
+*((to)->mkvno) = *((from)->mkvno);
+}else
+(to)->mkvno = NULL;
+if(copy_EncryptionKey(&(from)->key, &(to)->key)) return ENOMEM;
+if((from)->salt) {
+(to)->salt = malloc(sizeof(*(to)->salt));
+if((to)->salt == NULL) return ENOMEM;
+if(copy_Salt((from)->salt, (to)->salt)) return ENOMEM;
+}else
+(to)->salt = NULL;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_KrbCredInfo.c b/lib/libkrb5/generated/asn1_KrbCredInfo.c
new file mode 100644
index 00000000000..8674330eba6
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_KrbCredInfo.c
@@ -0,0 +1,660 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_KrbCredInfo(unsigned char *p, size_t len, const KrbCredInfo *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+if((data)->caddr)
+{
+int oldret = ret;
+ret = 0;
+e = encode_HostAddresses(p, len, (data)->caddr, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 10, &l);
+BACK;
+ret += oldret;
+}
+if((data)->sname)
+{
+int oldret = ret;
+ret = 0;
+e = encode_PrincipalName(p, len, (data)->sname, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 9, &l);
+BACK;
+ret += oldret;
+}
+if((data)->srealm)
+{
+int oldret = ret;
+ret = 0;
+e = encode_Realm(p, len, (data)->srealm, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 8, &l);
+BACK;
+ret += oldret;
+}
+if((data)->renew_till)
+{
+int oldret = ret;
+ret = 0;
+e = encode_KerberosTime(p, len, (data)->renew_till, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 7, &l);
+BACK;
+ret += oldret;
+}
+if((data)->endtime)
+{
+int oldret = ret;
+ret = 0;
+e = encode_KerberosTime(p, len, (data)->endtime, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 6, &l);
+BACK;
+ret += oldret;
+}
+if((data)->starttime)
+{
+int oldret = ret;
+ret = 0;
+e = encode_KerberosTime(p, len, (data)->starttime, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 5, &l);
+BACK;
+ret += oldret;
+}
+if((data)->authtime)
+{
+int oldret = ret;
+ret = 0;
+e = encode_KerberosTime(p, len, (data)->authtime, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 4, &l);
+BACK;
+ret += oldret;
+}
+if((data)->flags)
+{
+int oldret = ret;
+ret = 0;
+e = encode_TicketFlags(p, len, (data)->flags, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 3, &l);
+BACK;
+ret += oldret;
+}
+if((data)->pname)
+{
+int oldret = ret;
+ret = 0;
+e = encode_PrincipalName(p, len, (data)->pname, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 2, &l);
+BACK;
+ret += oldret;
+}
+if((data)->prealm)
+{
+int oldret = ret;
+ret = 0;
+e = encode_Realm(p, len, (data)->prealm, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_EncryptionKey(p, len, &(data)->key, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 0, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_KrbCredInfo(const unsigned char *p, size_t len, KrbCredInfo *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 0, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_EncryptionKey(p, len, &(data)->key, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+(data)->prealm = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->prealm = malloc(sizeof(*(data)->prealm));
+if((data)->prealm == NULL) return ENOMEM;
+e = decode_Realm(p, len, (data)->prealm, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 2, &l);
+if (e)
+(data)->pname = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->pname = malloc(sizeof(*(data)->pname));
+if((data)->pname == NULL) return ENOMEM;
+e = decode_PrincipalName(p, len, (data)->pname, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 3, &l);
+if (e)
+(data)->flags = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->flags = malloc(sizeof(*(data)->flags));
+if((data)->flags == NULL) return ENOMEM;
+e = decode_TicketFlags(p, len, (data)->flags, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 4, &l);
+if (e)
+(data)->authtime = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->authtime = malloc(sizeof(*(data)->authtime));
+if((data)->authtime == NULL) return ENOMEM;
+e = decode_KerberosTime(p, len, (data)->authtime, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 5, &l);
+if (e)
+(data)->starttime = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->starttime = malloc(sizeof(*(data)->starttime));
+if((data)->starttime == NULL) return ENOMEM;
+e = decode_KerberosTime(p, len, (data)->starttime, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 6, &l);
+if (e)
+(data)->endtime = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->endtime = malloc(sizeof(*(data)->endtime));
+if((data)->endtime == NULL) return ENOMEM;
+e = decode_KerberosTime(p, len, (data)->endtime, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 7, &l);
+if (e)
+(data)->renew_till = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->renew_till = malloc(sizeof(*(data)->renew_till));
+if((data)->renew_till == NULL) return ENOMEM;
+e = decode_KerberosTime(p, len, (data)->renew_till, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 8, &l);
+if (e)
+(data)->srealm = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->srealm = malloc(sizeof(*(data)->srealm));
+if((data)->srealm == NULL) return ENOMEM;
+e = decode_Realm(p, len, (data)->srealm, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 9, &l);
+if (e)
+(data)->sname = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->sname = malloc(sizeof(*(data)->sname));
+if((data)->sname == NULL) return ENOMEM;
+e = decode_PrincipalName(p, len, (data)->sname, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 10, &l);
+if (e)
+(data)->caddr = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->caddr = malloc(sizeof(*(data)->caddr));
+if((data)->caddr == NULL) return ENOMEM;
+e = decode_HostAddresses(p, len, (data)->caddr, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_KrbCredInfo(data);
+return e;
+}
+
+void
+free_KrbCredInfo(KrbCredInfo *data)
+{
+free_EncryptionKey(&(data)->key);
+if((data)->prealm) {
+free_Realm((data)->prealm);
+free((data)->prealm);
+}
+if((data)->pname) {
+free_PrincipalName((data)->pname);
+free((data)->pname);
+}
+if((data)->flags) {
+free_TicketFlags((data)->flags);
+free((data)->flags);
+}
+if((data)->authtime) {
+free_KerberosTime((data)->authtime);
+free((data)->authtime);
+}
+if((data)->starttime) {
+free_KerberosTime((data)->starttime);
+free((data)->starttime);
+}
+if((data)->endtime) {
+free_KerberosTime((data)->endtime);
+free((data)->endtime);
+}
+if((data)->renew_till) {
+free_KerberosTime((data)->renew_till);
+free((data)->renew_till);
+}
+if((data)->srealm) {
+free_Realm((data)->srealm);
+free((data)->srealm);
+}
+if((data)->sname) {
+free_PrincipalName((data)->sname);
+free((data)->sname);
+}
+if((data)->caddr) {
+free_HostAddresses((data)->caddr);
+free((data)->caddr);
+}
+}
+
+size_t
+length_KrbCredInfo(const KrbCredInfo *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+ret = 0;
+ret += length_EncryptionKey(&(data)->key);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->prealm){
+int oldret = ret;
+ret = 0;
+ret += length_Realm((data)->prealm);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->pname){
+int oldret = ret;
+ret = 0;
+ret += length_PrincipalName((data)->pname);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->flags){
+int oldret = ret;
+ret = 0;
+ret += length_TicketFlags((data)->flags);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->authtime){
+int oldret = ret;
+ret = 0;
+ret += length_KerberosTime((data)->authtime);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->starttime){
+int oldret = ret;
+ret = 0;
+ret += length_KerberosTime((data)->starttime);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->endtime){
+int oldret = ret;
+ret = 0;
+ret += length_KerberosTime((data)->endtime);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->renew_till){
+int oldret = ret;
+ret = 0;
+ret += length_KerberosTime((data)->renew_till);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->srealm){
+int oldret = ret;
+ret = 0;
+ret += length_Realm((data)->srealm);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->sname){
+int oldret = ret;
+ret = 0;
+ret += length_PrincipalName((data)->sname);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->caddr){
+int oldret = ret;
+ret = 0;
+ret += length_HostAddresses((data)->caddr);
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+return ret;
+}
+
+int
+copy_KrbCredInfo(const KrbCredInfo *from, KrbCredInfo *to)
+{
+if(copy_EncryptionKey(&(from)->key, &(to)->key)) return ENOMEM;
+if((from)->prealm) {
+(to)->prealm = malloc(sizeof(*(to)->prealm));
+if((to)->prealm == NULL) return ENOMEM;
+if(copy_Realm((from)->prealm, (to)->prealm)) return ENOMEM;
+}else
+(to)->prealm = NULL;
+if((from)->pname) {
+(to)->pname = malloc(sizeof(*(to)->pname));
+if((to)->pname == NULL) return ENOMEM;
+if(copy_PrincipalName((from)->pname, (to)->pname)) return ENOMEM;
+}else
+(to)->pname = NULL;
+if((from)->flags) {
+(to)->flags = malloc(sizeof(*(to)->flags));
+if((to)->flags == NULL) return ENOMEM;
+if(copy_TicketFlags((from)->flags, (to)->flags)) return ENOMEM;
+}else
+(to)->flags = NULL;
+if((from)->authtime) {
+(to)->authtime = malloc(sizeof(*(to)->authtime));
+if((to)->authtime == NULL) return ENOMEM;
+if(copy_KerberosTime((from)->authtime, (to)->authtime)) return ENOMEM;
+}else
+(to)->authtime = NULL;
+if((from)->starttime) {
+(to)->starttime = malloc(sizeof(*(to)->starttime));
+if((to)->starttime == NULL) return ENOMEM;
+if(copy_KerberosTime((from)->starttime, (to)->starttime)) return ENOMEM;
+}else
+(to)->starttime = NULL;
+if((from)->endtime) {
+(to)->endtime = malloc(sizeof(*(to)->endtime));
+if((to)->endtime == NULL) return ENOMEM;
+if(copy_KerberosTime((from)->endtime, (to)->endtime)) return ENOMEM;
+}else
+(to)->endtime = NULL;
+if((from)->renew_till) {
+(to)->renew_till = malloc(sizeof(*(to)->renew_till));
+if((to)->renew_till == NULL) return ENOMEM;
+if(copy_KerberosTime((from)->renew_till, (to)->renew_till)) return ENOMEM;
+}else
+(to)->renew_till = NULL;
+if((from)->srealm) {
+(to)->srealm = malloc(sizeof(*(to)->srealm));
+if((to)->srealm == NULL) return ENOMEM;
+if(copy_Realm((from)->srealm, (to)->srealm)) return ENOMEM;
+}else
+(to)->srealm = NULL;
+if((from)->sname) {
+(to)->sname = malloc(sizeof(*(to)->sname));
+if((to)->sname == NULL) return ENOMEM;
+if(copy_PrincipalName((from)->sname, (to)->sname)) return ENOMEM;
+}else
+(to)->sname = NULL;
+if((from)->caddr) {
+(to)->caddr = malloc(sizeof(*(to)->caddr));
+if((to)->caddr == NULL) return ENOMEM;
+if(copy_HostAddresses((from)->caddr, (to)->caddr)) return ENOMEM;
+}else
+(to)->caddr = NULL;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_LR_TYPE.c b/lib/libkrb5/generated/asn1_LR_TYPE.c
new file mode 100644
index 00000000000..cc49961d075
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_LR_TYPE.c
@@ -0,0 +1,69 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_LR_TYPE(unsigned char *p, size_t len, const LR_TYPE *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+e = encode_integer(p, len, (const int*)data, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_LR_TYPE(const unsigned char *p, size_t len, LR_TYPE *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = decode_integer(p, len, (int*)data, &l);
+FORW;
+if(size) *size = ret;
+return 0;
+fail:
+free_LR_TYPE(data);
+return e;
+}
+
+void
+free_LR_TYPE(LR_TYPE *data)
+{
+}
+
+size_t
+length_LR_TYPE(const LR_TYPE *data)
+{
+size_t ret = 0;
+ret += length_integer((const int*)data);
+return ret;
+}
+
+int
+copy_LR_TYPE(const LR_TYPE *from, LR_TYPE *to)
+{
+*(to) = *(from);
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_LastReq.c b/lib/libkrb5/generated/asn1_LastReq.c
new file mode 100644
index 00000000000..eeda025df11
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_LastReq.c
@@ -0,0 +1,204 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_LastReq(unsigned char *p, size_t len, const LastReq *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+for(i = (data)->len - 1; i >= 0; --i) {
+int oldret = ret;
+ret = 0;
+{
+int oldret = ret;
+ret = 0;
+e = encode_KerberosTime(p, len, &(&(data)->val[i])->lr_value, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_LR_TYPE(p, len, &(&(data)->val[i])->lr_type, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 0, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_LastReq(const unsigned char *p, size_t len, LastReq *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+if(len < reallen)
+return ASN1_OVERRUN;
+len = reallen;
+{
+size_t origlen = len;
+int oldret = ret;
+ret = 0;
+(data)->len = 0;
+(data)->val = NULL;
+while(ret < origlen) {
+(data)->len++;
+(data)->val = realloc((data)->val, sizeof(*((data)->val)) * (data)->len);
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 0, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_LR_TYPE(p, len, &(&(data)->val[(data)->len-1])->lr_type, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_KerberosTime(p, len, &(&(data)->val[(data)->len-1])->lr_value, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+len = origlen - ret;
+}
+ret += oldret;
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_LastReq(data);
+return e;
+}
+
+void
+free_LastReq(LastReq *data)
+{
+while((data)->len){
+free_LR_TYPE(&(&(data)->val[(data)->len-1])->lr_type);
+free_KerberosTime(&(&(data)->val[(data)->len-1])->lr_value);
+(data)->len--;
+}
+free((data)->val);
+}
+
+size_t
+length_LastReq(const LastReq *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+int i;
+ret = 0;
+for(i = (data)->len - 1; i >= 0; --i){
+{
+int oldret = ret;
+ret = 0;
+ret += length_LR_TYPE(&(&(data)->val[i])->lr_type);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_KerberosTime(&(&(data)->val[i])->lr_value);
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+}
+ret += 1 + length_len(ret) + oldret;
+}
+return ret;
+}
+
+int
+copy_LastReq(const LastReq *from, LastReq *to)
+{
+if(((to)->val = malloc((from)->len * sizeof(*(to)->val))) == NULL && (from)->len != 0)
+return ENOMEM;
+for((to)->len = 0; (to)->len < (from)->len; (to)->len++){
+if(copy_LR_TYPE(&(&(from)->val[(to)->len])->lr_type, &(&(to)->val[(to)->len])->lr_type)) return ENOMEM;
+if(copy_KerberosTime(&(&(from)->val[(to)->len])->lr_value, &(&(to)->val[(to)->len])->lr_value)) return ENOMEM;
+}
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_MESSAGE_TYPE.c b/lib/libkrb5/generated/asn1_MESSAGE_TYPE.c
new file mode 100644
index 00000000000..4cf9346e6f8
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_MESSAGE_TYPE.c
@@ -0,0 +1,69 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_MESSAGE_TYPE(unsigned char *p, size_t len, const MESSAGE_TYPE *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+e = encode_integer(p, len, (const int*)data, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_MESSAGE_TYPE(const unsigned char *p, size_t len, MESSAGE_TYPE *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = decode_integer(p, len, (int*)data, &l);
+FORW;
+if(size) *size = ret;
+return 0;
+fail:
+free_MESSAGE_TYPE(data);
+return e;
+}
+
+void
+free_MESSAGE_TYPE(MESSAGE_TYPE *data)
+{
+}
+
+size_t
+length_MESSAGE_TYPE(const MESSAGE_TYPE *data)
+{
+size_t ret = 0;
+ret += length_integer((const int*)data);
+return ret;
+}
+
+int
+copy_MESSAGE_TYPE(const MESSAGE_TYPE *from, MESSAGE_TYPE *to)
+{
+*(to) = *(from);
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_METHOD_DATA.c b/lib/libkrb5/generated/asn1_METHOD_DATA.c
new file mode 100644
index 00000000000..101ddb9e8a7
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_METHOD_DATA.c
@@ -0,0 +1,111 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_METHOD_DATA(unsigned char *p, size_t len, const METHOD_DATA *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+for(i = (data)->len - 1; i >= 0; --i) {
+int oldret = ret;
+ret = 0;
+e = encode_PA_DATA(p, len, &(data)->val[i], &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_METHOD_DATA(const unsigned char *p, size_t len, METHOD_DATA *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+if(len < reallen)
+return ASN1_OVERRUN;
+len = reallen;
+{
+size_t origlen = len;
+int oldret = ret;
+ret = 0;
+(data)->len = 0;
+(data)->val = NULL;
+while(ret < origlen) {
+(data)->len++;
+(data)->val = realloc((data)->val, sizeof(*((data)->val)) * (data)->len);
+e = decode_PA_DATA(p, len, &(data)->val[(data)->len-1], &l);
+FORW;
+len = origlen - ret;
+}
+ret += oldret;
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_METHOD_DATA(data);
+return e;
+}
+
+void
+free_METHOD_DATA(METHOD_DATA *data)
+{
+while((data)->len){
+free_PA_DATA(&(data)->val[(data)->len-1]);
+(data)->len--;
+}
+free((data)->val);
+}
+
+size_t
+length_METHOD_DATA(const METHOD_DATA *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+int i;
+ret = 0;
+for(i = (data)->len - 1; i >= 0; --i){
+ret += length_PA_DATA(&(data)->val[i]);
+}
+ret += 1 + length_len(ret) + oldret;
+}
+return ret;
+}
+
+int
+copy_METHOD_DATA(const METHOD_DATA *from, METHOD_DATA *to)
+{
+if(((to)->val = malloc((from)->len * sizeof(*(to)->val))) == NULL && (from)->len != 0)
+return ENOMEM;
+for((to)->len = 0; (to)->len < (from)->len; (to)->len++){
+if(copy_PA_DATA(&(from)->val[(to)->len], &(to)->val[(to)->len])) return ENOMEM;
+}
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_NAME_TYPE.c b/lib/libkrb5/generated/asn1_NAME_TYPE.c
new file mode 100644
index 00000000000..1ad3dba1353
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_NAME_TYPE.c
@@ -0,0 +1,69 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_NAME_TYPE(unsigned char *p, size_t len, const NAME_TYPE *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+e = encode_integer(p, len, (const int*)data, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_NAME_TYPE(const unsigned char *p, size_t len, NAME_TYPE *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = decode_integer(p, len, (int*)data, &l);
+FORW;
+if(size) *size = ret;
+return 0;
+fail:
+free_NAME_TYPE(data);
+return e;
+}
+
+void
+free_NAME_TYPE(NAME_TYPE *data)
+{
+}
+
+size_t
+length_NAME_TYPE(const NAME_TYPE *data)
+{
+size_t ret = 0;
+ret += length_integer((const int*)data);
+return ret;
+}
+
+int
+copy_NAME_TYPE(const NAME_TYPE *from, NAME_TYPE *to)
+{
+*(to) = *(from);
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_PADATA_TYPE.c b/lib/libkrb5/generated/asn1_PADATA_TYPE.c
new file mode 100644
index 00000000000..33ca7728a8a
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_PADATA_TYPE.c
@@ -0,0 +1,69 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_PADATA_TYPE(unsigned char *p, size_t len, const PADATA_TYPE *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+e = encode_integer(p, len, (const int*)data, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_PADATA_TYPE(const unsigned char *p, size_t len, PADATA_TYPE *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = decode_integer(p, len, (int*)data, &l);
+FORW;
+if(size) *size = ret;
+return 0;
+fail:
+free_PADATA_TYPE(data);
+return e;
+}
+
+void
+free_PADATA_TYPE(PADATA_TYPE *data)
+{
+}
+
+size_t
+length_PADATA_TYPE(const PADATA_TYPE *data)
+{
+size_t ret = 0;
+ret += length_integer((const int*)data);
+return ret;
+}
+
+int
+copy_PADATA_TYPE(const PADATA_TYPE *from, PADATA_TYPE *to)
+{
+*(to) = *(from);
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_PA_DATA.c b/lib/libkrb5/generated/asn1_PA_DATA.c
new file mode 100644
index 00000000000..458ada841cf
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_PA_DATA.c
@@ -0,0 +1,163 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_PA_DATA(unsigned char *p, size_t len, const PA_DATA *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+{
+int oldret = ret;
+ret = 0;
+e = encode_octet_string(p, len, &(data)->padata_value, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 2, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_PADATA_TYPE(p, len, &(data)->padata_type, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_PA_DATA(const unsigned char *p, size_t len, PA_DATA *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_PADATA_TYPE(p, len, &(data)->padata_type, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 2, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_octet_string(p, len, &(data)->padata_value, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_PA_DATA(data);
+return e;
+}
+
+void
+free_PA_DATA(PA_DATA *data)
+{
+free_PADATA_TYPE(&(data)->padata_type);
+free_octet_string(&(data)->padata_value);
+}
+
+size_t
+length_PA_DATA(const PA_DATA *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+ret = 0;
+ret += length_PADATA_TYPE(&(data)->padata_type);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_octet_string(&(data)->padata_value);
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+return ret;
+}
+
+int
+copy_PA_DATA(const PA_DATA *from, PA_DATA *to)
+{
+if(copy_PADATA_TYPE(&(from)->padata_type, &(to)->padata_type)) return ENOMEM;
+if(copy_octet_string(&(from)->padata_value, &(to)->padata_value)) return ENOMEM;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_PA_ENC_TS_ENC.c b/lib/libkrb5/generated/asn1_PA_ENC_TS_ENC.c
new file mode 100644
index 00000000000..c4bd3870d8c
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_PA_ENC_TS_ENC.c
@@ -0,0 +1,173 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_PA_ENC_TS_ENC(unsigned char *p, size_t len, const PA_ENC_TS_ENC *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+if((data)->pausec)
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, (data)->pausec, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_KerberosTime(p, len, &(data)->patimestamp, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 0, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_PA_ENC_TS_ENC(const unsigned char *p, size_t len, PA_ENC_TS_ENC *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 0, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_KerberosTime(p, len, &(data)->patimestamp, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+(data)->pausec = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->pausec = malloc(sizeof(*(data)->pausec));
+if((data)->pausec == NULL) return ENOMEM;
+e = decode_integer(p, len, (data)->pausec, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_PA_ENC_TS_ENC(data);
+return e;
+}
+
+void
+free_PA_ENC_TS_ENC(PA_ENC_TS_ENC *data)
+{
+free_KerberosTime(&(data)->patimestamp);
+if((data)->pausec) {
+free((data)->pausec);
+}
+}
+
+size_t
+length_PA_ENC_TS_ENC(const PA_ENC_TS_ENC *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+ret = 0;
+ret += length_KerberosTime(&(data)->patimestamp);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->pausec){
+int oldret = ret;
+ret = 0;
+ret += length_integer((data)->pausec);
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+return ret;
+}
+
+int
+copy_PA_ENC_TS_ENC(const PA_ENC_TS_ENC *from, PA_ENC_TS_ENC *to)
+{
+if(copy_KerberosTime(&(from)->patimestamp, &(to)->patimestamp)) return ENOMEM;
+if((from)->pausec) {
+(to)->pausec = malloc(sizeof(*(to)->pausec));
+if((to)->pausec == NULL) return ENOMEM;
+*((to)->pausec) = *((from)->pausec);
+}else
+(to)->pausec = NULL;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_Principal.c b/lib/libkrb5/generated/asn1_Principal.c
new file mode 100644
index 00000000000..d0d1f9f359a
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_Principal.c
@@ -0,0 +1,163 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_Principal(unsigned char *p, size_t len, const Principal *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+{
+int oldret = ret;
+ret = 0;
+e = encode_Realm(p, len, &(data)->realm, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_PrincipalName(p, len, &(data)->name, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 0, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_Principal(const unsigned char *p, size_t len, Principal *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 0, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_PrincipalName(p, len, &(data)->name, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_Realm(p, len, &(data)->realm, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_Principal(data);
+return e;
+}
+
+void
+free_Principal(Principal *data)
+{
+free_PrincipalName(&(data)->name);
+free_Realm(&(data)->realm);
+}
+
+size_t
+length_Principal(const Principal *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+ret = 0;
+ret += length_PrincipalName(&(data)->name);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_Realm(&(data)->realm);
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+return ret;
+}
+
+int
+copy_Principal(const Principal *from, Principal *to)
+{
+if(copy_PrincipalName(&(from)->name, &(to)->name)) return ENOMEM;
+if(copy_Realm(&(from)->realm, &(to)->realm)) return ENOMEM;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_PrincipalName.c b/lib/libkrb5/generated/asn1_PrincipalName.c
new file mode 100644
index 00000000000..7151a9470e3
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_PrincipalName.c
@@ -0,0 +1,204 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_PrincipalName(unsigned char *p, size_t len, const PrincipalName *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+{
+int oldret = ret;
+ret = 0;
+for(i = (&(data)->name_string)->len - 1; i >= 0; --i) {
+int oldret = ret;
+ret = 0;
+e = encode_general_string(p, len, &(&(data)->name_string)->val[i], &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_NAME_TYPE(p, len, &(data)->name_type, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 0, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_PrincipalName(const unsigned char *p, size_t len, PrincipalName *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 0, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_NAME_TYPE(p, len, &(data)->name_type, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+if(len < reallen)
+return ASN1_OVERRUN;
+len = reallen;
+{
+size_t origlen = len;
+int oldret = ret;
+ret = 0;
+(&(data)->name_string)->len = 0;
+(&(data)->name_string)->val = NULL;
+while(ret < origlen) {
+(&(data)->name_string)->len++;
+(&(data)->name_string)->val = realloc((&(data)->name_string)->val, sizeof(*((&(data)->name_string)->val)) * (&(data)->name_string)->len);
+e = decode_general_string(p, len, &(&(data)->name_string)->val[(&(data)->name_string)->len-1], &l);
+FORW;
+len = origlen - ret;
+}
+ret += oldret;
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_PrincipalName(data);
+return e;
+}
+
+void
+free_PrincipalName(PrincipalName *data)
+{
+free_NAME_TYPE(&(data)->name_type);
+while((&(data)->name_string)->len){
+free_general_string(&(&(data)->name_string)->val[(&(data)->name_string)->len-1]);
+(&(data)->name_string)->len--;
+}
+free((&(data)->name_string)->val);
+}
+
+size_t
+length_PrincipalName(const PrincipalName *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+ret = 0;
+ret += length_NAME_TYPE(&(data)->name_type);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+{
+int oldret = ret;
+int i;
+ret = 0;
+for(i = (&(data)->name_string)->len - 1; i >= 0; --i){
+ret += length_general_string(&(&(data)->name_string)->val[i]);
+}
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+return ret;
+}
+
+int
+copy_PrincipalName(const PrincipalName *from, PrincipalName *to)
+{
+if(copy_NAME_TYPE(&(from)->name_type, &(to)->name_type)) return ENOMEM;
+if(((&(to)->name_string)->val = malloc((&(from)->name_string)->len * sizeof(*(&(to)->name_string)->val))) == NULL && (&(from)->name_string)->len != 0)
+return ENOMEM;
+for((&(to)->name_string)->len = 0; (&(to)->name_string)->len < (&(from)->name_string)->len; (&(to)->name_string)->len++){
+if(copy_general_string(&(&(from)->name_string)->val[(&(to)->name_string)->len], &(&(to)->name_string)->val[(&(to)->name_string)->len])) return ENOMEM;
+}
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_Realm.c b/lib/libkrb5/generated/asn1_Realm.c
new file mode 100644
index 00000000000..41624038935
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_Realm.c
@@ -0,0 +1,70 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_Realm(unsigned char *p, size_t len, const Realm *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+e = encode_general_string(p, len, data, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_Realm(const unsigned char *p, size_t len, Realm *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = decode_general_string(p, len, data, &l);
+FORW;
+if(size) *size = ret;
+return 0;
+fail:
+free_Realm(data);
+return e;
+}
+
+void
+free_Realm(Realm *data)
+{
+free_general_string(data);
+}
+
+size_t
+length_Realm(const Realm *data)
+{
+size_t ret = 0;
+ret += length_general_string(data);
+return ret;
+}
+
+int
+copy_Realm(const Realm *from, Realm *to)
+{
+if(copy_general_string(from, to)) return ENOMEM;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_Salt.c b/lib/libkrb5/generated/asn1_Salt.c
new file mode 100644
index 00000000000..8336acdb8ac
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_Salt.c
@@ -0,0 +1,163 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/hdb/hdb.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <hdb_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_Salt(unsigned char *p, size_t len, const Salt *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+{
+int oldret = ret;
+ret = 0;
+e = encode_octet_string(p, len, &(data)->salt, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, &(data)->type, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 0, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_Salt(const unsigned char *p, size_t len, Salt *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 0, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_integer(p, len, &(data)->type, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_octet_string(p, len, &(data)->salt, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_Salt(data);
+return e;
+}
+
+void
+free_Salt(Salt *data)
+{
+free_octet_string(&(data)->salt);
+}
+
+size_t
+length_Salt(const Salt *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+ret = 0;
+ret += length_integer(&(data)->type);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_octet_string(&(data)->salt);
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+return ret;
+}
+
+int
+copy_Salt(const Salt *from, Salt *to)
+{
+*(&(to)->type) = *(&(from)->type);
+if(copy_octet_string(&(from)->salt, &(to)->salt)) return ENOMEM;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_TGS_REP.c b/lib/libkrb5/generated/asn1_TGS_REP.c
new file mode 100644
index 00000000000..d8603ddae0b
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_TGS_REP.c
@@ -0,0 +1,84 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_TGS_REP(unsigned char *p, size_t len, const TGS_REP *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+e = encode_KDC_REP(p, len, data, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, APPL, CONS, 13, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_TGS_REP(const unsigned char *p, size_t len, TGS_REP *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, APPL, CONS, 13, &reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+e = decode_KDC_REP(p, len, data, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_TGS_REP(data);
+return e;
+}
+
+void
+free_TGS_REP(TGS_REP *data)
+{
+free_KDC_REP(data);
+}
+
+size_t
+length_TGS_REP(const TGS_REP *data)
+{
+size_t ret = 0;
+ret += length_KDC_REP(data);
+ret += 1 + length_len (ret);
+return ret;
+}
+
+int
+copy_TGS_REP(const TGS_REP *from, TGS_REP *to)
+{
+if(copy_KDC_REP(from, to)) return ENOMEM;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_TGS_REQ.c b/lib/libkrb5/generated/asn1_TGS_REQ.c
new file mode 100644
index 00000000000..39bdb2209fa
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_TGS_REQ.c
@@ -0,0 +1,84 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_TGS_REQ(unsigned char *p, size_t len, const TGS_REQ *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+e = encode_KDC_REQ(p, len, data, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, APPL, CONS, 12, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_TGS_REQ(const unsigned char *p, size_t len, TGS_REQ *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, APPL, CONS, 12, &reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+e = decode_KDC_REQ(p, len, data, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_TGS_REQ(data);
+return e;
+}
+
+void
+free_TGS_REQ(TGS_REQ *data)
+{
+free_KDC_REQ(data);
+}
+
+size_t
+length_TGS_REQ(const TGS_REQ *data)
+{
+size_t ret = 0;
+ret += length_KDC_REQ(data);
+ret += 1 + length_len (ret);
+return ret;
+}
+
+int
+copy_TGS_REQ(const TGS_REQ *from, TGS_REQ *to)
+{
+if(copy_KDC_REQ(from, to)) return ENOMEM;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_Ticket.c b/lib/libkrb5/generated/asn1_Ticket.c
new file mode 100644
index 00000000000..9562187ed16
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_Ticket.c
@@ -0,0 +1,262 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_Ticket(unsigned char *p, size_t len, const Ticket *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+{
+int oldret = ret;
+ret = 0;
+e = encode_EncryptedData(p, len, &(data)->enc_part, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 3, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_PrincipalName(p, len, &(data)->sname, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 2, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_Realm(p, len, &(data)->realm, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, &(data)->tkt_vno, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 0, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, APPL, CONS, 1, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_Ticket(const unsigned char *p, size_t len, Ticket *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, APPL, CONS, 1, &reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 0, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_integer(p, len, &(data)->tkt_vno, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_Realm(p, len, &(data)->realm, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 2, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_PrincipalName(p, len, &(data)->sname, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 3, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_EncryptedData(p, len, &(data)->enc_part, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_Ticket(data);
+return e;
+}
+
+void
+free_Ticket(Ticket *data)
+{
+free_Realm(&(data)->realm);
+free_PrincipalName(&(data)->sname);
+free_EncryptedData(&(data)->enc_part);
+}
+
+size_t
+length_Ticket(const Ticket *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+ret = 0;
+ret += length_integer(&(data)->tkt_vno);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_Realm(&(data)->realm);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_PrincipalName(&(data)->sname);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_EncryptedData(&(data)->enc_part);
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+ret += 1 + length_len (ret);
+return ret;
+}
+
+int
+copy_Ticket(const Ticket *from, Ticket *to)
+{
+*(&(to)->tkt_vno) = *(&(from)->tkt_vno);
+if(copy_Realm(&(from)->realm, &(to)->realm)) return ENOMEM;
+if(copy_PrincipalName(&(from)->sname, &(to)->sname)) return ENOMEM;
+if(copy_EncryptedData(&(from)->enc_part, &(to)->enc_part)) return ENOMEM;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_TicketFlags.c b/lib/libkrb5/generated/asn1_TicketFlags.c
new file mode 100644
index 00000000000..6e96fe82ecb
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_TicketFlags.c
@@ -0,0 +1,183 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_TicketFlags(unsigned char *p, size_t len, const TicketFlags *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+{
+unsigned char c = 0;
+*p-- = c; len--; ret++;
+c = 0;
+*p-- = c; len--; ret++;
+c = 0;
+if(data->anonymous) c |= 1<<1;
+if(data->ok_as_delegate) c |= 1<<2;
+if(data->transited_policy_checked) c |= 1<<3;
+if(data->hw_authent) c |= 1<<4;
+if(data->pre_authent) c |= 1<<5;
+if(data->initial) c |= 1<<6;
+if(data->renewable) c |= 1<<7;
+*p-- = c; len--; ret++;
+c = 0;
+if(data->invalid) c |= 1<<0;
+if(data->postdated) c |= 1<<1;
+if(data->may_postdate) c |= 1<<2;
+if(data->proxy) c |= 1<<3;
+if(data->proxiable) c |= 1<<4;
+if(data->forwarded) c |= 1<<5;
+if(data->forwardable) c |= 1<<6;
+if(data->reserved) c |= 1<<7;
+*p-- = c;
+*p-- = 0;
+len -= 2;
+ret += 2;
+}
+
+e = der_put_length_and_tag (p, len, ret, UNIV, PRIM,UT_BitString, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_TicketFlags(const unsigned char *p, size_t len, TicketFlags *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, UNIV, PRIM, UT_BitString,&reallen, &l);
+FORW;
+if(len < reallen)
+return ASN1_OVERRUN;
+p++;
+len--;
+reallen--;
+ret++;
+data->reserved = (*p >> 7) & 1;
+data->forwardable = (*p >> 6) & 1;
+data->forwarded = (*p >> 5) & 1;
+data->proxiable = (*p >> 4) & 1;
+data->proxy = (*p >> 3) & 1;
+data->may_postdate = (*p >> 2) & 1;
+data->postdated = (*p >> 1) & 1;
+data->invalid = (*p >> 0) & 1;
+p++; len--; reallen--; ret++;
+data->renewable = (*p >> 7) & 1;
+data->initial = (*p >> 6) & 1;
+data->pre_authent = (*p >> 5) & 1;
+data->hw_authent = (*p >> 4) & 1;
+data->transited_policy_checked = (*p >> 3) & 1;
+data->ok_as_delegate = (*p >> 2) & 1;
+data->anonymous = (*p >> 1) & 1;
+p += reallen; len -= reallen; ret += reallen;
+if(size) *size = ret;
+return 0;
+fail:
+free_TicketFlags(data);
+return e;
+}
+
+void
+free_TicketFlags(TicketFlags *data)
+{
+}
+
+size_t
+length_TicketFlags(const TicketFlags *data)
+{
+size_t ret = 0;
+ret += 7;
+return ret;
+}
+
+int
+copy_TicketFlags(const TicketFlags *from, TicketFlags *to)
+{
+*(to) = *(from);
+return 0;
+}
+
+unsigned TicketFlags2int(TicketFlags f)
+{
+unsigned r = 0;
+if(f.reserved) r |= (1U << 0);
+if(f.forwardable) r |= (1U << 1);
+if(f.forwarded) r |= (1U << 2);
+if(f.proxiable) r |= (1U << 3);
+if(f.proxy) r |= (1U << 4);
+if(f.may_postdate) r |= (1U << 5);
+if(f.postdated) r |= (1U << 6);
+if(f.invalid) r |= (1U << 7);
+if(f.renewable) r |= (1U << 8);
+if(f.initial) r |= (1U << 9);
+if(f.pre_authent) r |= (1U << 10);
+if(f.hw_authent) r |= (1U << 11);
+if(f.transited_policy_checked) r |= (1U << 12);
+if(f.ok_as_delegate) r |= (1U << 13);
+if(f.anonymous) r |= (1U << 14);
+return r;
+}
+
+TicketFlags int2TicketFlags(unsigned n)
+{
+	TicketFlags flags;
+
+	flags.reserved = (n >> 0) & 1;
+	flags.forwardable = (n >> 1) & 1;
+	flags.forwarded = (n >> 2) & 1;
+	flags.proxiable = (n >> 3) & 1;
+	flags.proxy = (n >> 4) & 1;
+	flags.may_postdate = (n >> 5) & 1;
+	flags.postdated = (n >> 6) & 1;
+	flags.invalid = (n >> 7) & 1;
+	flags.renewable = (n >> 8) & 1;
+	flags.initial = (n >> 9) & 1;
+	flags.pre_authent = (n >> 10) & 1;
+	flags.hw_authent = (n >> 11) & 1;
+	flags.transited_policy_checked = (n >> 12) & 1;
+	flags.ok_as_delegate = (n >> 13) & 1;
+	flags.anonymous = (n >> 14) & 1;
+	return flags;
+}
+
+struct units TicketFlags_units[] = {
+	{"anonymous",	1U << 14},
+	{"ok_as_delegate",	1U << 13},
+	{"transited_policy_checked",	1U << 12},
+	{"hw_authent",	1U << 11},
+	{"pre_authent",	1U << 10},
+	{"initial",	1U << 9},
+	{"renewable",	1U << 8},
+	{"invalid",	1U << 7},
+	{"postdated",	1U << 6},
+	{"may_postdate",	1U << 5},
+	{"proxy",	1U << 4},
+	{"proxiable",	1U << 3},
+	{"forwarded",	1U << 2},
+	{"forwardable",	1U << 1},
+	{"reserved",	1U << 0},
+	{NULL,	0}
+};
+
diff --git a/lib/libkrb5/generated/asn1_TransitedEncoding.c b/lib/libkrb5/generated/asn1_TransitedEncoding.c
new file mode 100644
index 00000000000..1f227005cac
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_TransitedEncoding.c
@@ -0,0 +1,162 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_TransitedEncoding(unsigned char *p, size_t len, const TransitedEncoding *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+{
+int oldret = ret;
+ret = 0;
+e = encode_octet_string(p, len, &(data)->contents, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, &(data)->tr_type, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 0, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_TransitedEncoding(const unsigned char *p, size_t len, TransitedEncoding *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 0, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_integer(p, len, &(data)->tr_type, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_octet_string(p, len, &(data)->contents, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_TransitedEncoding(data);
+return e;
+}
+
+void
+free_TransitedEncoding(TransitedEncoding *data)
+{
+free_octet_string(&(data)->contents);
+}
+
+size_t
+length_TransitedEncoding(const TransitedEncoding *data)
+{
+size_t ret = 0;
+{
+int oldret = ret;
+ret = 0;
+ret += length_integer(&(data)->tr_type);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_octet_string(&(data)->contents);
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+return ret;
+}
+
+int
+copy_TransitedEncoding(const TransitedEncoding *from, TransitedEncoding *to)
+{
+*(&(to)->tr_type) = *(&(from)->tr_type);
+if(copy_octet_string(&(from)->contents, &(to)->contents)) return ENOMEM;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_UNSIGNED.c b/lib/libkrb5/generated/asn1_UNSIGNED.c
new file mode 100644
index 00000000000..4f365702098
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_UNSIGNED.c
@@ -0,0 +1,69 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_UNSIGNED(unsigned char *p, size_t len, const UNSIGNED *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+e = encode_unsigned(p, len, data, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_UNSIGNED(const unsigned char *p, size_t len, UNSIGNED *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = decode_unsigned(p, len, data, &l);
+FORW;
+if(size) *size = ret;
+return 0;
+fail:
+free_UNSIGNED(data);
+return e;
+}
+
+void
+free_UNSIGNED(UNSIGNED *data)
+{
+}
+
+size_t
+length_UNSIGNED(const UNSIGNED *data)
+{
+size_t ret = 0;
+ret += length_unsigned(data);
+return ret;
+}
+
+int
+copy_UNSIGNED(const UNSIGNED *from, UNSIGNED *to)
+{
+*(to) = *(from);
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/asn1_err.c b/lib/libkrb5/generated/asn1_err.c
new file mode 100644
index 00000000000..44185d38c3c
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_err.c
@@ -0,0 +1,30 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/asn1_err.et */
+/* $KTH: asn1_err.et,v 1.5 1998/02/16 16:17:17 joda Exp $ */
+
+#include <stddef.h>
+#include <com_err.h>
+#include "asn1_err.h"
+
+static const char *text[] = {
+	/* 000 */ "ASN.1 failed call to system time library",
+	/* 001 */ "ASN.1 structure is missing a required field",
+	/* 002 */ "ASN.1 unexpected field number",
+	/* 003 */ "ASN.1 type numbers are inconsistent",
+	/* 004 */ "ASN.1 value too large",
+	/* 005 */ "ASN.1 encoding ended unexpectedly",
+	/* 006 */ "ASN.1 identifier doesn't match expected value",
+	/* 007 */ "ASN.1 length doesn't match expected value",
+	/* 008 */ "ASN.1 badly-formatted encoding",
+	/* 009 */ "ASN.1 parse error",
+	NULL
+};
+
+void initialize_asn1_error_table_r(struct et_list **list)
+{
+    initialize_error_table_r(list, text, asn1_num_errors, ERROR_TABLE_BASE_asn1);
+}
+
+void initialize_asn1_error_table(void)
+{
+    init_error_table(text, ERROR_TABLE_BASE_asn1, asn1_num_errors);
+}
diff --git a/lib/libkrb5/generated/asn1_err.h b/lib/libkrb5/generated/asn1_err.h
new file mode 100644
index 00000000000..47540dcab18
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_err.h
@@ -0,0 +1,30 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/asn1_err.et */
+/* $KTH: asn1_err.et,v 1.5 1998/02/16 16:17:17 joda Exp $ */
+
+#ifndef __asn1_err_h__
+#define __asn1_err_h__
+
+#include <com_err.h>
+
+void initialize_asn1_error_table_r(struct et_list **);
+
+void initialize_asn1_error_table(void);
+#define init_asn1_err_tbl initialize_asn1_error_table
+
+typedef enum asn1_error_number{
+	ERROR_TABLE_BASE_asn1 = 1859794432,
+	asn1_err_base = 1859794432,
+	ASN1_BAD_TIMEFORMAT = 1859794432,
+	ASN1_MISSING_FIELD = 1859794433,
+	ASN1_MISPLACED_FIELD = 1859794434,
+	ASN1_TYPE_MISMATCH = 1859794435,
+	ASN1_OVERFLOW = 1859794436,
+	ASN1_OVERRUN = 1859794437,
+	ASN1_BAD_ID = 1859794438,
+	ASN1_BAD_LENGTH = 1859794439,
+	ASN1_BAD_FORMAT = 1859794440,
+	ASN1_PARSE_ERROR = 1859794441,
+	asn1_num_errors = 10
+} asn1_error_number;
+
+#endif /* __asn1_err_h__ */
diff --git a/lib/libkrb5/generated/asn1_files b/lib/libkrb5/generated/asn1_files
new file mode 100644
index 00000000000..4941815faeb
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_files
@@ -0,0 +1 @@
+asn1_Salt.x asn1_Key.x asn1_Event.x asn1_HDBFlags.x asn1_GENERATION.x asn1_hdb_entry.x 
diff --git a/lib/libkrb5/generated/asn1_hdb_entry.c b/lib/libkrb5/generated/asn1_hdb_entry.c
new file mode 100644
index 00000000000..c4525a227b6
--- /dev/null
+++ b/lib/libkrb5/generated/asn1_hdb_entry.c
@@ -0,0 +1,814 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/hdb/hdb.asn1 */
+/* Do not edit */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+#include <krb5_asn1.h>
+#include <hdb_asn1.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <parse_units.h>
+
+#define BACK if (e) return e; p -= l; len -= l; ret += l
+
+int
+encode_hdb_entry(unsigned char *p, size_t len, const hdb_entry *data, size_t *size)
+{
+size_t ret = 0;
+size_t l;
+int i, e;
+
+i = 0;
+if((data)->generation)
+{
+int oldret = ret;
+ret = 0;
+e = encode_GENERATION(p, len, (data)->generation, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 12, &l);
+BACK;
+ret += oldret;
+}
+if((data)->etypes)
+{
+int oldret = ret;
+ret = 0;
+for(i = ((data)->etypes)->len - 1; i >= 0; --i) {
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, &((data)->etypes)->val[i], &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 11, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_HDBFlags(p, len, &(data)->flags, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 10, &l);
+BACK;
+ret += oldret;
+}
+if((data)->max_renew)
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, (data)->max_renew, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 9, &l);
+BACK;
+ret += oldret;
+}
+if((data)->max_life)
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, (data)->max_life, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 8, &l);
+BACK;
+ret += oldret;
+}
+if((data)->pw_end)
+{
+int oldret = ret;
+ret = 0;
+e = encode_KerberosTime(p, len, (data)->pw_end, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 7, &l);
+BACK;
+ret += oldret;
+}
+if((data)->valid_end)
+{
+int oldret = ret;
+ret = 0;
+e = encode_KerberosTime(p, len, (data)->valid_end, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 6, &l);
+BACK;
+ret += oldret;
+}
+if((data)->valid_start)
+{
+int oldret = ret;
+ret = 0;
+e = encode_KerberosTime(p, len, (data)->valid_start, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 5, &l);
+BACK;
+ret += oldret;
+}
+if((data)->modified_by)
+{
+int oldret = ret;
+ret = 0;
+e = encode_Event(p, len, (data)->modified_by, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 4, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_Event(p, len, &(data)->created_by, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 3, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+for(i = (&(data)->keys)->len - 1; i >= 0; --i) {
+int oldret = ret;
+ret = 0;
+e = encode_Key(p, len, &(&(data)->keys)->val[i], &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 2, &l);
+BACK;
+ret += oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+e = encode_integer(p, len, &(data)->kvno, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 1, &l);
+BACK;
+ret += oldret;
+}
+if((data)->principal)
+{
+int oldret = ret;
+ret = 0;
+e = encode_Principal(p, len, (data)->principal, &l);
+BACK;
+e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, 0, &l);
+BACK;
+ret += oldret;
+}
+e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);
+BACK;
+*size = ret;
+return 0;
+}
+
+#define FORW if(e) goto fail; p += l; len -= l; ret += l
+
+int
+decode_hdb_entry(const unsigned char *p, size_t len, hdb_entry *data, size_t *size)
+{
+size_t ret = 0, reallen;
+size_t l;
+int e;
+
+memset(data, 0, sizeof(*data));
+reallen = 0;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+{
+int dce_fix;
+if((dce_fix = fix_dce(reallen, &len)) < 0)
+return ASN1_BAD_FORMAT;
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 0, &l);
+if (e)
+(data)->principal = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->principal = malloc(sizeof(*(data)->principal));
+if((data)->principal == NULL) return ENOMEM;
+e = decode_Principal(p, len, (data)->principal, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 1, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_integer(p, len, &(data)->kvno, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 2, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+if(len < reallen)
+return ASN1_OVERRUN;
+len = reallen;
+{
+size_t origlen = len;
+int oldret = ret;
+ret = 0;
+(&(data)->keys)->len = 0;
+(&(data)->keys)->val = NULL;
+while(ret < origlen) {
+(&(data)->keys)->len++;
+(&(data)->keys)->val = realloc((&(data)->keys)->val, sizeof(*((&(data)->keys)->val)) * (&(data)->keys)->len);
+e = decode_Key(p, len, &(&(data)->keys)->val[(&(data)->keys)->len-1], &l);
+FORW;
+len = origlen - ret;
+}
+ret += oldret;
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 3, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_Event(p, len, &(data)->created_by, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 4, &l);
+if (e)
+(data)->modified_by = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->modified_by = malloc(sizeof(*(data)->modified_by));
+if((data)->modified_by == NULL) return ENOMEM;
+e = decode_Event(p, len, (data)->modified_by, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 5, &l);
+if (e)
+(data)->valid_start = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->valid_start = malloc(sizeof(*(data)->valid_start));
+if((data)->valid_start == NULL) return ENOMEM;
+e = decode_KerberosTime(p, len, (data)->valid_start, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 6, &l);
+if (e)
+(data)->valid_end = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->valid_end = malloc(sizeof(*(data)->valid_end));
+if((data)->valid_end == NULL) return ENOMEM;
+e = decode_KerberosTime(p, len, (data)->valid_end, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 7, &l);
+if (e)
+(data)->pw_end = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->pw_end = malloc(sizeof(*(data)->pw_end));
+if((data)->pw_end == NULL) return ENOMEM;
+e = decode_KerberosTime(p, len, (data)->pw_end, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 8, &l);
+if (e)
+(data)->max_life = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->max_life = malloc(sizeof(*(data)->max_life));
+if((data)->max_life == NULL) return ENOMEM;
+e = decode_integer(p, len, (data)->max_life, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 9, &l);
+if (e)
+(data)->max_renew = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->max_renew = malloc(sizeof(*(data)->max_renew));
+if((data)->max_renew == NULL) return ENOMEM;
+e = decode_integer(p, len, (data)->max_renew, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 10, &l);
+if (e)
+return e;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+e = decode_HDBFlags(p, len, &(data)->flags, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 11, &l);
+if (e)
+(data)->etypes = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->etypes = malloc(sizeof(*(data)->etypes));
+if((data)->etypes == NULL) return ENOMEM;
+e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,&reallen, &l);
+FORW;
+if(len < reallen)
+return ASN1_OVERRUN;
+len = reallen;
+{
+size_t origlen = len;
+int oldret = ret;
+ret = 0;
+((data)->etypes)->len = 0;
+((data)->etypes)->val = NULL;
+while(ret < origlen) {
+((data)->etypes)->len++;
+((data)->etypes)->val = realloc(((data)->etypes)->val, sizeof(*(((data)->etypes)->val)) * ((data)->etypes)->len);
+e = decode_integer(p, len, &((data)->etypes)->val[((data)->etypes)->len-1], &l);
+FORW;
+len = origlen - ret;
+}
+ret += oldret;
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+{
+size_t newlen, oldlen;
+
+e = der_match_tag (p, len, CONTEXT, CONS, 12, &l);
+if (e)
+(data)->generation = NULL;
+else {
+p += l;
+len -= l;
+ret += l;
+e = der_get_length (p, len, &newlen, &l);
+FORW;
+{
+int dce_fix;
+oldlen = len;
+if((dce_fix = fix_dce(newlen, &len)) < 0)return ASN1_BAD_FORMAT;
+(data)->generation = malloc(sizeof(*(data)->generation));
+if((data)->generation == NULL) return ENOMEM;
+e = decode_GENERATION(p, len, (data)->generation, &l);
+FORW;
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}else 
+len = oldlen - newlen;
+}
+}
+}
+if(dce_fix){
+e = der_match_tag_and_length (p, len, (Der_class)0, (Der_type)0, 0, &reallen, &l);
+FORW;
+}
+}
+if(size) *size = ret;
+return 0;
+fail:
+free_hdb_entry(data);
+return e;
+}
+
+void
+free_hdb_entry(hdb_entry *data)
+{
+if((data)->principal) {
+free_Principal((data)->principal);
+free((data)->principal);
+}
+while((&(data)->keys)->len){
+free_Key(&(&(data)->keys)->val[(&(data)->keys)->len-1]);
+(&(data)->keys)->len--;
+}
+free((&(data)->keys)->val);
+free_Event(&(data)->created_by);
+if((data)->modified_by) {
+free_Event((data)->modified_by);
+free((data)->modified_by);
+}
+if((data)->valid_start) {
+free_KerberosTime((data)->valid_start);
+free((data)->valid_start);
+}
+if((data)->valid_end) {
+free_KerberosTime((data)->valid_end);
+free((data)->valid_end);
+}
+if((data)->pw_end) {
+free_KerberosTime((data)->pw_end);
+free((data)->pw_end);
+}
+if((data)->max_life) {
+free((data)->max_life);
+}
+if((data)->max_renew) {
+free((data)->max_renew);
+}
+free_HDBFlags(&(data)->flags);
+if((data)->etypes) {
+while(((data)->etypes)->len){
+((data)->etypes)->len--;
+}
+free(((data)->etypes)->val);
+free((data)->etypes);
+}
+if((data)->generation) {
+free_GENERATION((data)->generation);
+free((data)->generation);
+}
+}
+
+size_t
+length_hdb_entry(const hdb_entry *data)
+{
+size_t ret = 0;
+if((data)->principal){
+int oldret = ret;
+ret = 0;
+ret += length_Principal((data)->principal);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_integer(&(data)->kvno);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+{
+int oldret = ret;
+int i;
+ret = 0;
+for(i = (&(data)->keys)->len - 1; i >= 0; --i){
+ret += length_Key(&(&(data)->keys)->val[i]);
+}
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_Event(&(data)->created_by);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->modified_by){
+int oldret = ret;
+ret = 0;
+ret += length_Event((data)->modified_by);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->valid_start){
+int oldret = ret;
+ret = 0;
+ret += length_KerberosTime((data)->valid_start);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->valid_end){
+int oldret = ret;
+ret = 0;
+ret += length_KerberosTime((data)->valid_end);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->pw_end){
+int oldret = ret;
+ret = 0;
+ret += length_KerberosTime((data)->pw_end);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->max_life){
+int oldret = ret;
+ret = 0;
+ret += length_integer((data)->max_life);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->max_renew){
+int oldret = ret;
+ret = 0;
+ret += length_integer((data)->max_renew);
+ret += 1 + length_len(ret) + oldret;
+}
+{
+int oldret = ret;
+ret = 0;
+ret += length_HDBFlags(&(data)->flags);
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->etypes){
+int oldret = ret;
+ret = 0;
+{
+int oldret = ret;
+int i;
+ret = 0;
+for(i = ((data)->etypes)->len - 1; i >= 0; --i){
+ret += length_integer(&((data)->etypes)->val[i]);
+}
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret) + oldret;
+}
+if((data)->generation){
+int oldret = ret;
+ret = 0;
+ret += length_GENERATION((data)->generation);
+ret += 1 + length_len(ret) + oldret;
+}
+ret += 1 + length_len(ret);
+return ret;
+}
+
+int
+copy_hdb_entry(const hdb_entry *from, hdb_entry *to)
+{
+if((from)->principal) {
+(to)->principal = malloc(sizeof(*(to)->principal));
+if((to)->principal == NULL) return ENOMEM;
+if(copy_Principal((from)->principal, (to)->principal)) return ENOMEM;
+}else
+(to)->principal = NULL;
+*(&(to)->kvno) = *(&(from)->kvno);
+if(((&(to)->keys)->val = malloc((&(from)->keys)->len * sizeof(*(&(to)->keys)->val))) == NULL && (&(from)->keys)->len != 0)
+return ENOMEM;
+for((&(to)->keys)->len = 0; (&(to)->keys)->len < (&(from)->keys)->len; (&(to)->keys)->len++){
+if(copy_Key(&(&(from)->keys)->val[(&(to)->keys)->len], &(&(to)->keys)->val[(&(to)->keys)->len])) return ENOMEM;
+}
+if(copy_Event(&(from)->created_by, &(to)->created_by)) return ENOMEM;
+if((from)->modified_by) {
+(to)->modified_by = malloc(sizeof(*(to)->modified_by));
+if((to)->modified_by == NULL) return ENOMEM;
+if(copy_Event((from)->modified_by, (to)->modified_by)) return ENOMEM;
+}else
+(to)->modified_by = NULL;
+if((from)->valid_start) {
+(to)->valid_start = malloc(sizeof(*(to)->valid_start));
+if((to)->valid_start == NULL) return ENOMEM;
+if(copy_KerberosTime((from)->valid_start, (to)->valid_start)) return ENOMEM;
+}else
+(to)->valid_start = NULL;
+if((from)->valid_end) {
+(to)->valid_end = malloc(sizeof(*(to)->valid_end));
+if((to)->valid_end == NULL) return ENOMEM;
+if(copy_KerberosTime((from)->valid_end, (to)->valid_end)) return ENOMEM;
+}else
+(to)->valid_end = NULL;
+if((from)->pw_end) {
+(to)->pw_end = malloc(sizeof(*(to)->pw_end));
+if((to)->pw_end == NULL) return ENOMEM;
+if(copy_KerberosTime((from)->pw_end, (to)->pw_end)) return ENOMEM;
+}else
+(to)->pw_end = NULL;
+if((from)->max_life) {
+(to)->max_life = malloc(sizeof(*(to)->max_life));
+if((to)->max_life == NULL) return ENOMEM;
+*((to)->max_life) = *((from)->max_life);
+}else
+(to)->max_life = NULL;
+if((from)->max_renew) {
+(to)->max_renew = malloc(sizeof(*(to)->max_renew));
+if((to)->max_renew == NULL) return ENOMEM;
+*((to)->max_renew) = *((from)->max_renew);
+}else
+(to)->max_renew = NULL;
+if(copy_HDBFlags(&(from)->flags, &(to)->flags)) return ENOMEM;
+if((from)->etypes) {
+(to)->etypes = malloc(sizeof(*(to)->etypes));
+if((to)->etypes == NULL) return ENOMEM;
+if((((to)->etypes)->val = malloc(((from)->etypes)->len * sizeof(*((to)->etypes)->val))) == NULL && ((from)->etypes)->len != 0)
+return ENOMEM;
+for(((to)->etypes)->len = 0; ((to)->etypes)->len < ((from)->etypes)->len; ((to)->etypes)->len++){
+*(&((to)->etypes)->val[((to)->etypes)->len]) = *(&((from)->etypes)->val[((to)->etypes)->len]);
+}
+}else
+(to)->etypes = NULL;
+if((from)->generation) {
+(to)->generation = malloc(sizeof(*(to)->generation));
+if((to)->generation == NULL) return ENOMEM;
+if(copy_GENERATION((from)->generation, (to)->generation)) return ENOMEM;
+}else
+(to)->generation = NULL;
+return 0;
+}
+
diff --git a/lib/libkrb5/generated/hdb_asn1.h b/lib/libkrb5/generated/hdb_asn1.h
new file mode 100644
index 00000000000..a61cf1baa4d
--- /dev/null
+++ b/lib/libkrb5/generated/hdb_asn1.h
@@ -0,0 +1,224 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/hdb/hdb.asn1 */
+/* Do not edit */
+
+#ifndef __hdb_asn1_h__
+#define __hdb_asn1_h__
+
+#include <stddef.h>
+#include <time.h>
+
+time_t timegm (struct tm*);
+
+#ifndef __asn1_common_definitions__
+#define __asn1_common_definitions__
+
+typedef struct octet_string {
+  size_t length;
+  void *data;
+} octet_string;
+
+typedef char *general_string;
+
+typedef struct oid {
+  size_t length;
+  unsigned *components;
+} oid;
+
+#define ASN1_MALLOC_ENCODE(T, B, BL, S, L, R)                  \
+  do {                                                         \
+    (BL) = length_##T((S));                                    \
+    (B) = malloc((BL));                                        \
+    if((B) == NULL) {                                          \
+      (R) = ENOMEM;                                            \
+    } else {                                                   \
+      (R) = encode_##T(((unsigned char*)(B)) + (BL) - 1, (BL), \
+                       (S), (L));                              \
+      if((R) != 0) {                                           \
+        free((B));                                             \
+        (B) = NULL;                                            \
+      }                                                        \
+    }                                                          \
+  } while (0)
+
+#endif
+
+enum { HDB_DB_FORMAT = 2 };
+
+enum { hdb_pw_salt = 3 };
+
+enum { hdb_afs3_salt = 10 };
+
+/*
+Salt ::= SEQUENCE {
+  type[0]         INTEGER,
+  salt[1]         OCTET STRING
+}
+*/
+
+typedef struct Salt {
+  int type;
+  octet_string salt;
+} Salt;
+
+int    encode_Salt(unsigned char *, size_t, const Salt *, size_t *);
+int    decode_Salt(const unsigned char *, size_t, Salt *, size_t *);
+void   free_Salt  (Salt *);
+size_t length_Salt(const Salt *);
+int    copy_Salt  (const Salt *, Salt *);
+
+
+/*
+Key ::= SEQUENCE {
+  mkvno[0]        INTEGER OPTIONAL,
+  key[1]          EncryptionKey,
+  salt[2]         Salt OPTIONAL
+}
+*/
+
+typedef struct Key {
+  int *mkvno;
+  EncryptionKey key;
+  Salt *salt;
+} Key;
+
+int    encode_Key(unsigned char *, size_t, const Key *, size_t *);
+int    decode_Key(const unsigned char *, size_t, Key *, size_t *);
+void   free_Key  (Key *);
+size_t length_Key(const Key *);
+int    copy_Key  (const Key *, Key *);
+
+
+/*
+Event ::= SEQUENCE {
+  time[0]         KerberosTime,
+  principal[1]    Principal OPTIONAL
+}
+*/
+
+typedef struct Event {
+  KerberosTime time;
+  Principal *principal;
+} Event;
+
+int    encode_Event(unsigned char *, size_t, const Event *, size_t *);
+int    decode_Event(const unsigned char *, size_t, Event *, size_t *);
+void   free_Event  (Event *);
+size_t length_Event(const Event *);
+int    copy_Event  (const Event *, Event *);
+
+
+/*
+HDBFlags ::= BIT STRING {
+  initial(0),
+  forwardable(1),
+  proxiable(2),
+  renewable(3),
+  postdate(4),
+  server(5),
+  client(6),
+  invalid(7),
+  require-preauth(8),
+  change-pw(9),
+  require-hwauth(10),
+  ok-as-delegate(11),
+  user-to-user(12),
+  immutable(13)
+}
+*/
+
+typedef struct HDBFlags {
+  unsigned int initial:1;
+  unsigned int forwardable:1;
+  unsigned int proxiable:1;
+  unsigned int renewable:1;
+  unsigned int postdate:1;
+  unsigned int server:1;
+  unsigned int client:1;
+  unsigned int invalid:1;
+  unsigned int require_preauth:1;
+  unsigned int change_pw:1;
+  unsigned int require_hwauth:1;
+  unsigned int ok_as_delegate:1;
+  unsigned int user_to_user:1;
+  unsigned int immutable:1;
+} HDBFlags;
+
+
+int    encode_HDBFlags(unsigned char *, size_t, const HDBFlags *, size_t *);
+int    decode_HDBFlags(const unsigned char *, size_t, HDBFlags *, size_t *);
+void   free_HDBFlags  (HDBFlags *);
+size_t length_HDBFlags(const HDBFlags *);
+int    copy_HDBFlags  (const HDBFlags *, HDBFlags *);
+unsigned HDBFlags2int(HDBFlags);
+HDBFlags int2HDBFlags(unsigned);
+extern struct units HDBFlags_units[];
+
+/*
+GENERATION ::= SEQUENCE {
+  time[0]         KerberosTime,
+  usec[1]         INTEGER,
+  gen[2]          INTEGER
+}
+*/
+
+typedef struct GENERATION {
+  KerberosTime time;
+  int usec;
+  int gen;
+} GENERATION;
+
+int    encode_GENERATION(unsigned char *, size_t, const GENERATION *, size_t *);
+int    decode_GENERATION(const unsigned char *, size_t, GENERATION *, size_t *);
+void   free_GENERATION  (GENERATION *);
+size_t length_GENERATION(const GENERATION *);
+int    copy_GENERATION  (const GENERATION *, GENERATION *);
+
+
+/*
+hdb_entry ::= SEQUENCE {
+  principal[0]    Principal OPTIONAL,
+  kvno[1]         INTEGER,
+  keys[2]         SEQUENCE OF Key,
+  created-by[3]   Event,
+  modified-by[4]  Event OPTIONAL,
+  valid-start[5]  KerberosTime OPTIONAL,
+  valid-end[6]    KerberosTime OPTIONAL,
+  pw-end[7]       KerberosTime OPTIONAL,
+  max-life[8]     INTEGER OPTIONAL,
+  max-renew[9]    INTEGER OPTIONAL,
+  flags[10]       HDBFlags,
+  etypes[11]      SEQUENCE OF INTEGER OPTIONAL,
+  generation[12]  GENERATION OPTIONAL
+}
+*/
+
+typedef struct hdb_entry {
+  Principal *principal;
+  int kvno;
+  struct  {
+    unsigned int len;
+    Key *val;
+  } keys;
+  Event created_by;
+  Event *modified_by;
+  KerberosTime *valid_start;
+  KerberosTime *valid_end;
+  KerberosTime *pw_end;
+  int *max_life;
+  int *max_renew;
+  HDBFlags flags;
+  struct  {
+    unsigned int len;
+    int *val;
+  } *etypes;
+  GENERATION *generation;
+} hdb_entry;
+
+int    encode_hdb_entry(unsigned char *, size_t, const hdb_entry *, size_t *);
+int    decode_hdb_entry(const unsigned char *, size_t, hdb_entry *, size_t *);
+void   free_hdb_entry  (hdb_entry *);
+size_t length_hdb_entry(const hdb_entry *);
+int    copy_hdb_entry  (const hdb_entry *, hdb_entry *);
+
+
+#endif /* __hdb_asn1_h__ */
diff --git a/lib/libkrb5/generated/hdb_err.c b/lib/libkrb5/generated/hdb_err.c
new file mode 100644
index 00000000000..dcf46f76368
--- /dev/null
+++ b/lib/libkrb5/generated/hdb_err.c
@@ -0,0 +1,33 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/hdb/hdb_err.et */
+/* $KTH: hdb_err.et,v 1.5 2001/01/28 23:05:52 assar Exp $ */
+
+#include <stddef.h>
+#include <com_err.h>
+#include "hdb_err.h"
+
+static const char *text[] = {
+	/* 000 */ "Reserved hdb error (0)",
+	/* 001 */ "Database store error",
+	/* 002 */ "Database read error",
+	/* 003 */ "No such entry in the database",
+	/* 004 */ "Database is locked or in use--try again later",
+	/* 005 */ "Database was modified during read",
+	/* 006 */ "Attempt to lock database twice",
+	/* 007 */ "Attempt to unlock database when not locked",
+	/* 008 */ "Invalid kdb lock mode",
+	/* 009 */ "Insufficient access to lock database",
+	/* 010 */ "Entry already exists in database",
+	/* 011 */ "Wrong database version",
+	/* 012 */ "No correct master key",
+	NULL
+};
+
+void initialize_hdb_error_table_r(struct et_list **list)
+{
+    initialize_error_table_r(list, text, hdb_num_errors, ERROR_TABLE_BASE_hdb);
+}
+
+void initialize_hdb_error_table(void)
+{
+    init_error_table(text, ERROR_TABLE_BASE_hdb, hdb_num_errors);
+}
diff --git a/lib/libkrb5/generated/hdb_err.h b/lib/libkrb5/generated/hdb_err.h
new file mode 100644
index 00000000000..b0cfa9f279f
--- /dev/null
+++ b/lib/libkrb5/generated/hdb_err.h
@@ -0,0 +1,32 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/hdb/hdb_err.et */
+/* $KTH: hdb_err.et,v 1.5 2001/01/28 23:05:52 assar Exp $ */
+
+#ifndef __hdb_err_h__
+#define __hdb_err_h__
+
+#include <com_err.h>
+
+void initialize_hdb_error_table_r(struct et_list **);
+
+void initialize_hdb_error_table(void);
+#define init_hdb_err_tbl initialize_hdb_error_table
+
+typedef enum hdb_error_number{
+	ERROR_TABLE_BASE_hdb = 36150272,
+	hdb_err_base = 36150272,
+	HDB_ERR_UK_SERROR = 36150273,
+	HDB_ERR_UK_RERROR = 36150274,
+	HDB_ERR_NOENTRY = 36150275,
+	HDB_ERR_DB_INUSE = 36150276,
+	HDB_ERR_DB_CHANGED = 36150277,
+	HDB_ERR_RECURSIVELOCK = 36150278,
+	HDB_ERR_NOTLOCKED = 36150279,
+	HDB_ERR_BADLOCKMODE = 36150280,
+	HDB_ERR_CANT_LOCK_DB = 36150281,
+	HDB_ERR_EXISTS = 36150282,
+	HDB_ERR_BADVERSION = 36150283,
+	HDB_ERR_NO_MKEY = 36150284,
+	hdb_num_errors = 13
+} hdb_error_number;
+
+#endif /* __hdb_err_h__ */
diff --git a/lib/libkrb5/generated/heim_err.c b/lib/libkrb5/generated/heim_err.c
new file mode 100644
index 00000000000..a4b6b7e7039
--- /dev/null
+++ b/lib/libkrb5/generated/heim_err.c
@@ -0,0 +1,160 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/krb5/heim_err.et */
+/* $KTH: heim_err.et,v 1.12 2001/06/21 03:51:36 assar Exp $ */
+
+#include <stddef.h>
+#include <com_err.h>
+#include "heim_err.h"
+
+static const char *text[] = {
+	/* 000 */ "Error parsing log destination",
+	/* 001 */ "Failed to convert v4 principal",
+	/* 002 */ "Salt type is not supported by enctype",
+	/* 003 */ "Host not found",
+	/* 004 */ "Operation not supported",
+	/* 005 */ "End of file",
+	/* 006 */ "Failed to get the master key",
+	/* 007 */ "Unacceptable service used",
+	/* 008 */ "Reserved heim error (8)",
+	/* 009 */ "Reserved heim error (9)",
+	/* 010 */ "Reserved heim error (10)",
+	/* 011 */ "Reserved heim error (11)",
+	/* 012 */ "Reserved heim error (12)",
+	/* 013 */ "Reserved heim error (13)",
+	/* 014 */ "Reserved heim error (14)",
+	/* 015 */ "Reserved heim error (15)",
+	/* 016 */ "Reserved heim error (16)",
+	/* 017 */ "Reserved heim error (17)",
+	/* 018 */ "Reserved heim error (18)",
+	/* 019 */ "Reserved heim error (19)",
+	/* 020 */ "Reserved heim error (20)",
+	/* 021 */ "Reserved heim error (21)",
+	/* 022 */ "Reserved heim error (22)",
+	/* 023 */ "Reserved heim error (23)",
+	/* 024 */ "Reserved heim error (24)",
+	/* 025 */ "Reserved heim error (25)",
+	/* 026 */ "Reserved heim error (26)",
+	/* 027 */ "Reserved heim error (27)",
+	/* 028 */ "Reserved heim error (28)",
+	/* 029 */ "Reserved heim error (29)",
+	/* 030 */ "Reserved heim error (30)",
+	/* 031 */ "Reserved heim error (31)",
+	/* 032 */ "Reserved heim error (32)",
+	/* 033 */ "Reserved heim error (33)",
+	/* 034 */ "Reserved heim error (34)",
+	/* 035 */ "Reserved heim error (35)",
+	/* 036 */ "Reserved heim error (36)",
+	/* 037 */ "Reserved heim error (37)",
+	/* 038 */ "Reserved heim error (38)",
+	/* 039 */ "Reserved heim error (39)",
+	/* 040 */ "Reserved heim error (40)",
+	/* 041 */ "Reserved heim error (41)",
+	/* 042 */ "Reserved heim error (42)",
+	/* 043 */ "Reserved heim error (43)",
+	/* 044 */ "Reserved heim error (44)",
+	/* 045 */ "Reserved heim error (45)",
+	/* 046 */ "Reserved heim error (46)",
+	/* 047 */ "Reserved heim error (47)",
+	/* 048 */ "Reserved heim error (48)",
+	/* 049 */ "Reserved heim error (49)",
+	/* 050 */ "Reserved heim error (50)",
+	/* 051 */ "Reserved heim error (51)",
+	/* 052 */ "Reserved heim error (52)",
+	/* 053 */ "Reserved heim error (53)",
+	/* 054 */ "Reserved heim error (54)",
+	/* 055 */ "Reserved heim error (55)",
+	/* 056 */ "Reserved heim error (56)",
+	/* 057 */ "Reserved heim error (57)",
+	/* 058 */ "Reserved heim error (58)",
+	/* 059 */ "Reserved heim error (59)",
+	/* 060 */ "Reserved heim error (60)",
+	/* 061 */ "Reserved heim error (61)",
+	/* 062 */ "Reserved heim error (62)",
+	/* 063 */ "Reserved heim error (63)",
+	/* 064 */ "Reserved heim error (64)",
+	/* 065 */ "Reserved heim error (65)",
+	/* 066 */ "Reserved heim error (66)",
+	/* 067 */ "Reserved heim error (67)",
+	/* 068 */ "Reserved heim error (68)",
+	/* 069 */ "Reserved heim error (69)",
+	/* 070 */ "Reserved heim error (70)",
+	/* 071 */ "Reserved heim error (71)",
+	/* 072 */ "Reserved heim error (72)",
+	/* 073 */ "Reserved heim error (73)",
+	/* 074 */ "Reserved heim error (74)",
+	/* 075 */ "Reserved heim error (75)",
+	/* 076 */ "Reserved heim error (76)",
+	/* 077 */ "Reserved heim error (77)",
+	/* 078 */ "Reserved heim error (78)",
+	/* 079 */ "Reserved heim error (79)",
+	/* 080 */ "Reserved heim error (80)",
+	/* 081 */ "Reserved heim error (81)",
+	/* 082 */ "Reserved heim error (82)",
+	/* 083 */ "Reserved heim error (83)",
+	/* 084 */ "Reserved heim error (84)",
+	/* 085 */ "Reserved heim error (85)",
+	/* 086 */ "Reserved heim error (86)",
+	/* 087 */ "Reserved heim error (87)",
+	/* 088 */ "Reserved heim error (88)",
+	/* 089 */ "Reserved heim error (89)",
+	/* 090 */ "Reserved heim error (90)",
+	/* 091 */ "Reserved heim error (91)",
+	/* 092 */ "Reserved heim error (92)",
+	/* 093 */ "Reserved heim error (93)",
+	/* 094 */ "Reserved heim error (94)",
+	/* 095 */ "Reserved heim error (95)",
+	/* 096 */ "Reserved heim error (96)",
+	/* 097 */ "Reserved heim error (97)",
+	/* 098 */ "Reserved heim error (98)",
+	/* 099 */ "Reserved heim error (99)",
+	/* 100 */ "Reserved heim error (100)",
+	/* 101 */ "Reserved heim error (101)",
+	/* 102 */ "Reserved heim error (102)",
+	/* 103 */ "Reserved heim error (103)",
+	/* 104 */ "Reserved heim error (104)",
+	/* 105 */ "Reserved heim error (105)",
+	/* 106 */ "Reserved heim error (106)",
+	/* 107 */ "Reserved heim error (107)",
+	/* 108 */ "Reserved heim error (108)",
+	/* 109 */ "Reserved heim error (109)",
+	/* 110 */ "Reserved heim error (110)",
+	/* 111 */ "Reserved heim error (111)",
+	/* 112 */ "Reserved heim error (112)",
+	/* 113 */ "Reserved heim error (113)",
+	/* 114 */ "Reserved heim error (114)",
+	/* 115 */ "Reserved heim error (115)",
+	/* 116 */ "Reserved heim error (116)",
+	/* 117 */ "Reserved heim error (117)",
+	/* 118 */ "Reserved heim error (118)",
+	/* 119 */ "Reserved heim error (119)",
+	/* 120 */ "Reserved heim error (120)",
+	/* 121 */ "Reserved heim error (121)",
+	/* 122 */ "Reserved heim error (122)",
+	/* 123 */ "Reserved heim error (123)",
+	/* 124 */ "Reserved heim error (124)",
+	/* 125 */ "Reserved heim error (125)",
+	/* 126 */ "Reserved heim error (126)",
+	/* 127 */ "Reserved heim error (127)",
+	/* 128 */ "unknown error from getaddrinfo",
+	/* 129 */ "address family for nodename not supported",
+	/* 130 */ "temporary failure in name resolution",
+	/* 131 */ "invalid value for ai_flags",
+	/* 132 */ "non-recoverable failure in name resolution",
+	/* 133 */ "ai_family not supported",
+	/* 134 */ "memory allocation failure",
+	/* 135 */ "no address associated with nodename",
+	/* 136 */ "nodename nor servname provided, or not known",
+	/* 137 */ "servname not supported for ai_socktype",
+	/* 138 */ "ai_socktype not supported",
+	/* 139 */ "system error returned in errno",
+	NULL
+};
+
+void initialize_heim_error_table_r(struct et_list **list)
+{
+    initialize_error_table_r(list, text, heim_num_errors, ERROR_TABLE_BASE_heim);
+}
+
+void initialize_heim_error_table(void)
+{
+    init_error_table(text, ERROR_TABLE_BASE_heim, heim_num_errors);
+}
diff --git a/lib/libkrb5/generated/heim_err.h b/lib/libkrb5/generated/heim_err.h
new file mode 100644
index 00000000000..853e62fe50d
--- /dev/null
+++ b/lib/libkrb5/generated/heim_err.h
@@ -0,0 +1,40 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/krb5/heim_err.et */
+/* $KTH: heim_err.et,v 1.12 2001/06/21 03:51:36 assar Exp $ */
+
+#ifndef __heim_err_h__
+#define __heim_err_h__
+
+#include <com_err.h>
+
+void initialize_heim_error_table_r(struct et_list **);
+
+void initialize_heim_error_table(void);
+#define init_heim_err_tbl initialize_heim_error_table
+
+typedef enum heim_error_number{
+	ERROR_TABLE_BASE_heim = -1980176640,
+	heim_err_base = -1980176640,
+	HEIM_ERR_LOG_PARSE = -1980176640,
+	HEIM_ERR_V4_PRINC_NO_CONV = -1980176639,
+	HEIM_ERR_SALTTYPE_NOSUPP = -1980176638,
+	HEIM_ERR_NOHOST = -1980176637,
+	HEIM_ERR_OPNOTSUPP = -1980176636,
+	HEIM_ERR_EOF = -1980176635,
+	HEIM_ERR_BAD_MKEY = -1980176634,
+	HEIM_ERR_SERVICE_NOMATCH = -1980176633,
+	HEIM_EAI_UNKNOWN = -1980176512,
+	HEIM_EAI_ADDRFAMILY = -1980176511,
+	HEIM_EAI_AGAIN = -1980176510,
+	HEIM_EAI_BADFLAGS = -1980176509,
+	HEIM_EAI_FAIL = -1980176508,
+	HEIM_EAI_FAMILY = -1980176507,
+	HEIM_EAI_MEMORY = -1980176506,
+	HEIM_EAI_NODATA = -1980176505,
+	HEIM_EAI_NONAME = -1980176504,
+	HEIM_EAI_SERVICE = -1980176503,
+	HEIM_EAI_SOCKTYPE = -1980176502,
+	HEIM_EAI_SYSTEM = -1980176501,
+	heim_num_errors = 140
+} heim_error_number;
+
+#endif /* __heim_err_h__ */
diff --git a/lib/libkrb5/generated/k524_err.c b/lib/libkrb5/generated/k524_err.c
new file mode 100644
index 00000000000..c85cadf3286
--- /dev/null
+++ b/lib/libkrb5/generated/k524_err.c
@@ -0,0 +1,28 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/krb5/k524_err.et */
+/* $KTH: k524_err.et,v 1.1 2001/06/20 02:44:11 joda Exp $ */
+
+#include <stddef.h>
+#include <com_err.h>
+#include "k524_err.h"
+
+static const char *text[] = {
+	/* 000 */ "wrong keytype in ticket",
+	/* 001 */ "incorrect network address",
+	/* 002 */ "cannot convert V5 principal",
+	/* 003 */ "V5 realm name longer than V4 maximum",
+	/* 004 */ "kerberos V4 error server",
+	/* 005 */ "encoding too large at server",
+	/* 006 */ "decoding out of data",
+	/* 007 */ "service not responding",
+	NULL
+};
+
+void initialize_k524_error_table_r(struct et_list **list)
+{
+    initialize_error_table_r(list, text, k524_num_errors, ERROR_TABLE_BASE_k524);
+}
+
+void initialize_k524_error_table(void)
+{
+    init_error_table(text, ERROR_TABLE_BASE_k524, k524_num_errors);
+}
diff --git a/lib/libkrb5/generated/k524_err.h b/lib/libkrb5/generated/k524_err.h
new file mode 100644
index 00000000000..d864645cbba
--- /dev/null
+++ b/lib/libkrb5/generated/k524_err.h
@@ -0,0 +1,28 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/krb5/k524_err.et */
+/* $KTH: k524_err.et,v 1.1 2001/06/20 02:44:11 joda Exp $ */
+
+#ifndef __k524_err_h__
+#define __k524_err_h__
+
+#include <com_err.h>
+
+void initialize_k524_error_table_r(struct et_list **);
+
+void initialize_k524_error_table(void);
+#define init_k524_err_tbl initialize_k524_error_table
+
+typedef enum k524_error_number{
+	ERROR_TABLE_BASE_k524 = -1750206208,
+	k524_err_base = -1750206208,
+	KRB524_BADKEY = -1750206208,
+	KRB524_BADADDR = -1750206207,
+	KRB524_BADPRINC = -1750206206,
+	KRB524_BADREALM = -1750206205,
+	KRB524_V4ERR = -1750206204,
+	KRB524_ENCFULL = -1750206203,
+	KRB524_DECEMPTY = -1750206202,
+	KRB524_NOTRESP = -1750206201,
+	k524_num_errors = 8
+} k524_error_number;
+
+#endif /* __k524_err_h__ */
diff --git a/lib/libkrb5/generated/krb5_asn1.h b/lib/libkrb5/generated/krb5_asn1.h
new file mode 100644
index 00000000000..96a376a421b
--- /dev/null
+++ b/lib/libkrb5/generated/krb5_asn1.h
@@ -0,0 +1,1281 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/asn1/k5.asn1 */
+/* Do not edit */
+
+#ifndef __krb5_asn1_h__
+#define __krb5_asn1_h__
+
+#include <stddef.h>
+#include <time.h>
+
+time_t timegm (struct tm*);
+
+#ifndef __asn1_common_definitions__
+#define __asn1_common_definitions__
+
+typedef struct octet_string {
+  size_t length;
+  void *data;
+} octet_string;
+
+typedef char *general_string;
+
+typedef struct oid {
+  size_t length;
+  unsigned *components;
+} oid;
+
+#define ASN1_MALLOC_ENCODE(T, B, BL, S, L, R)                  \
+  do {                                                         \
+    (BL) = length_##T((S));                                    \
+    (B) = malloc((BL));                                        \
+    if((B) == NULL) {                                          \
+      (R) = ENOMEM;                                            \
+    } else {                                                   \
+      (R) = encode_##T(((unsigned char*)(B)) + (BL) - 1, (BL), \
+                       (S), (L));                              \
+      if((R) != 0) {                                           \
+        free((B));                                             \
+        (B) = NULL;                                            \
+      }                                                        \
+    }                                                          \
+  } while (0)
+
+#endif
+
+/*
+NAME-TYPE ::= INTEGER
+*/
+
+typedef enum NAME_TYPE {
+  KRB5_NT_UNKNOWN = 0,
+  KRB5_NT_PRINCIPAL = 1,
+  KRB5_NT_SRV_INST = 2,
+  KRB5_NT_SRV_HST = 3,
+  KRB5_NT_SRV_XHST = 4,
+  KRB5_NT_UID = 5,
+  KRB5_NT_X500_PRINCIPAL = 6
+} NAME_TYPE;
+
+int    encode_NAME_TYPE(unsigned char *, size_t, const NAME_TYPE *, size_t *);
+int    decode_NAME_TYPE(const unsigned char *, size_t, NAME_TYPE *, size_t *);
+void   free_NAME_TYPE  (NAME_TYPE *);
+size_t length_NAME_TYPE(const NAME_TYPE *);
+int    copy_NAME_TYPE  (const NAME_TYPE *, NAME_TYPE *);
+
+
+/*
+MESSAGE-TYPE ::= INTEGER
+*/
+
+typedef enum MESSAGE_TYPE {
+  krb_as_req = 10,
+  krb_as_rep = 11,
+  krb_tgs_req = 12,
+  krb_tgs_rep = 13,
+  krb_ap_req = 14,
+  krb_ap_rep = 15,
+  krb_safe = 20,
+  krb_priv = 21,
+  krb_cred = 22,
+  krb_error = 30
+} MESSAGE_TYPE;
+
+int    encode_MESSAGE_TYPE(unsigned char *, size_t, const MESSAGE_TYPE *, size_t *);
+int    decode_MESSAGE_TYPE(const unsigned char *, size_t, MESSAGE_TYPE *, size_t *);
+void   free_MESSAGE_TYPE  (MESSAGE_TYPE *);
+size_t length_MESSAGE_TYPE(const MESSAGE_TYPE *);
+int    copy_MESSAGE_TYPE  (const MESSAGE_TYPE *, MESSAGE_TYPE *);
+
+
+/*
+PADATA-TYPE ::= INTEGER
+*/
+
+typedef enum PADATA_TYPE {
+  KRB5_PADATA_NONE = 0,
+  KRB5_PADATA_TGS_REQ = 1,
+  KRB5_PADATA_AP_REQ = 1,
+  KRB5_PADATA_ENC_TIMESTAMP = 2,
+  KRB5_PADATA_PW_SALT = 3,
+  KRB5_PADATA_ENC_UNIX_TIME = 5,
+  KRB5_PADATA_SANDIA_SECUREID = 6,
+  KRB5_PADATA_SESAME = 7,
+  KRB5_PADATA_OSF_DCE = 8,
+  KRB5_PADATA_CYBERSAFE_SECUREID = 9,
+  KRB5_PADATA_AFS3_SALT = 10,
+  KRB5_PADATA_ETYPE_INFO = 11,
+  KRB5_PADATA_SAM_CHALLENGE = 12,
+  KRB5_PADATA_SAM_RESPONSE = 13,
+  KRB5_PADATA_PK_AS_REQ = 14,
+  KRB5_PADATA_PK_AS_REP = 15,
+  KRB5_PADATA_PK_AS_SIGN = 16,
+  KRB5_PADATA_PK_KEY_REQ = 17,
+  KRB5_PADATA_PK_KEY_REP = 18,
+  KRB5_PADATA_USE_SPECIFIED_KVNO = 20,
+  KRB5_PADATA_SAM_REDIRECT = 21,
+  KRB5_PADATA_GET_FROM_TYPED_DATA = 22,
+  KRB5_PADATA_SAM_ETYPE_INFO = 23
+} PADATA_TYPE;
+
+int    encode_PADATA_TYPE(unsigned char *, size_t, const PADATA_TYPE *, size_t *);
+int    decode_PADATA_TYPE(const unsigned char *, size_t, PADATA_TYPE *, size_t *);
+void   free_PADATA_TYPE  (PADATA_TYPE *);
+size_t length_PADATA_TYPE(const PADATA_TYPE *);
+int    copy_PADATA_TYPE  (const PADATA_TYPE *, PADATA_TYPE *);
+
+
+/*
+CKSUMTYPE ::= INTEGER
+*/
+
+typedef enum CKSUMTYPE {
+  CKSUMTYPE_NONE = 0,
+  CKSUMTYPE_CRC32 = 1,
+  CKSUMTYPE_RSA_MD4 = 2,
+  CKSUMTYPE_RSA_MD4_DES = 3,
+  CKSUMTYPE_DES_MAC = 4,
+  CKSUMTYPE_DES_MAC_K = 5,
+  CKSUMTYPE_RSA_MD4_DES_K = 6,
+  CKSUMTYPE_RSA_MD5 = 7,
+  CKSUMTYPE_RSA_MD5_DES = 8,
+  CKSUMTYPE_RSA_MD5_DES3 = 9,
+  CKSUMTYPE_HMAC_SHA1_96_AES_128 = 10,
+  CKSUMTYPE_HMAC_SHA1_96_AES_256 = 11,
+  CKSUMTYPE_HMAC_SHA1_DES3 = 12,
+  CKSUMTYPE_SHA1 = 1000,
+  CKSUMTYPE_GSSAPI = 32771,
+  CKSUMTYPE_HMAC_MD5 = -138,
+  CKSUMTYPE_HMAC_MD5_ENC = -1138
+} CKSUMTYPE;
+
+int    encode_CKSUMTYPE(unsigned char *, size_t, const CKSUMTYPE *, size_t *);
+int    decode_CKSUMTYPE(const unsigned char *, size_t, CKSUMTYPE *, size_t *);
+void   free_CKSUMTYPE  (CKSUMTYPE *);
+size_t length_CKSUMTYPE(const CKSUMTYPE *);
+int    copy_CKSUMTYPE  (const CKSUMTYPE *, CKSUMTYPE *);
+
+
+/*
+ENCTYPE ::= INTEGER
+*/
+
+typedef enum ENCTYPE {
+  ETYPE_NULL = 0,
+  ETYPE_DES_CBC_CRC = 1,
+  ETYPE_DES_CBC_MD4 = 2,
+  ETYPE_DES_CBC_MD5 = 3,
+  ETYPE_DES3_CBC_MD5 = 5,
+  ETYPE_OLD_DES3_CBC_SHA1 = 7,
+  ETYPE_SIGN_DSA_GENERATE = 8,
+  ETYPE_ENCRYPT_RSA_PRIV = 9,
+  ETYPE_ENCRYPT_RSA_PUB = 10,
+  ETYPE_DES3_CBC_SHA1 = 16,
+  ETYPE_AES128_CTS_HMAC_SHA1_96 = 17,
+  ETYPE_AES256_CTS_HMAC_SHA1_96 = 18,
+  ETYPE_ARCFOUR_HMAC_MD5 = 23,
+  ETYPE_ARCFOUR_HMAC_MD5_56 = 24,
+  ETYPE_ENCTYPE_PK_CROSS = 48,
+  ETYPE_DES_CBC_NONE = -4096,
+  ETYPE_DES3_CBC_NONE = -4097,
+  ETYPE_DES_CFB64_NONE = -4098,
+  ETYPE_DES_PCBC_NONE = -4099
+} ENCTYPE;
+
+int    encode_ENCTYPE(unsigned char *, size_t, const ENCTYPE *, size_t *);
+int    decode_ENCTYPE(const unsigned char *, size_t, ENCTYPE *, size_t *);
+void   free_ENCTYPE  (ENCTYPE *);
+size_t length_ENCTYPE(const ENCTYPE *);
+int    copy_ENCTYPE  (const ENCTYPE *, ENCTYPE *);
+
+
+/*
+UNSIGNED ::= UNSIGNED INTEGER
+*/
+
+typedef unsigned int UNSIGNED;
+
+int    encode_UNSIGNED(unsigned char *, size_t, const UNSIGNED *, size_t *);
+int    decode_UNSIGNED(const unsigned char *, size_t, UNSIGNED *, size_t *);
+void   free_UNSIGNED  (UNSIGNED *);
+size_t length_UNSIGNED(const UNSIGNED *);
+int    copy_UNSIGNED  (const UNSIGNED *, UNSIGNED *);
+
+
+/*
+Realm ::= GeneralString
+*/
+
+typedef general_string Realm;
+
+int    encode_Realm(unsigned char *, size_t, const Realm *, size_t *);
+int    decode_Realm(const unsigned char *, size_t, Realm *, size_t *);
+void   free_Realm  (Realm *);
+size_t length_Realm(const Realm *);
+int    copy_Realm  (const Realm *, Realm *);
+
+
+/*
+PrincipalName ::= SEQUENCE {
+  name-type[0]    NAME-TYPE,
+  name-string[1]  SEQUENCE OF GeneralString
+}
+*/
+
+typedef struct PrincipalName {
+  NAME_TYPE name_type;
+  struct  {
+    unsigned int len;
+    general_string *val;
+  } name_string;
+} PrincipalName;
+
+int    encode_PrincipalName(unsigned char *, size_t, const PrincipalName *, size_t *);
+int    decode_PrincipalName(const unsigned char *, size_t, PrincipalName *, size_t *);
+void   free_PrincipalName  (PrincipalName *);
+size_t length_PrincipalName(const PrincipalName *);
+int    copy_PrincipalName  (const PrincipalName *, PrincipalName *);
+
+
+/*
+Principal ::= SEQUENCE {
+  name[0]         PrincipalName,
+  realm[1]        Realm
+}
+*/
+
+typedef struct Principal {
+  PrincipalName name;
+  Realm realm;
+} Principal;
+
+int    encode_Principal(unsigned char *, size_t, const Principal *, size_t *);
+int    decode_Principal(const unsigned char *, size_t, Principal *, size_t *);
+void   free_Principal  (Principal *);
+size_t length_Principal(const Principal *);
+int    copy_Principal  (const Principal *, Principal *);
+
+
+/*
+HostAddress ::= SEQUENCE {
+  addr-type[0]    INTEGER,
+  address[1]      OCTET STRING
+}
+*/
+
+typedef struct HostAddress {
+  int addr_type;
+  octet_string address;
+} HostAddress;
+
+int    encode_HostAddress(unsigned char *, size_t, const HostAddress *, size_t *);
+int    decode_HostAddress(const unsigned char *, size_t, HostAddress *, size_t *);
+void   free_HostAddress  (HostAddress *);
+size_t length_HostAddress(const HostAddress *);
+int    copy_HostAddress  (const HostAddress *, HostAddress *);
+
+
+/*
+HostAddresses ::= SEQUENCE OF HostAddress
+*/
+
+typedef struct HostAddresses {
+  unsigned int len;
+  HostAddress *val;
+} HostAddresses;
+
+int    encode_HostAddresses(unsigned char *, size_t, const HostAddresses *, size_t *);
+int    decode_HostAddresses(const unsigned char *, size_t, HostAddresses *, size_t *);
+void   free_HostAddresses  (HostAddresses *);
+size_t length_HostAddresses(const HostAddresses *);
+int    copy_HostAddresses  (const HostAddresses *, HostAddresses *);
+
+
+/*
+KerberosTime ::= GeneralizedTime
+*/
+
+typedef time_t KerberosTime;
+
+int    encode_KerberosTime(unsigned char *, size_t, const KerberosTime *, size_t *);
+int    decode_KerberosTime(const unsigned char *, size_t, KerberosTime *, size_t *);
+void   free_KerberosTime  (KerberosTime *);
+size_t length_KerberosTime(const KerberosTime *);
+int    copy_KerberosTime  (const KerberosTime *, KerberosTime *);
+
+
+/*
+AuthorizationData ::= SEQUENCE OF SEQUENCE {
+  ad-type[0]      INTEGER,
+  ad-data[1]      OCTET STRING
+}
+*/
+
+typedef struct AuthorizationData {
+  unsigned int len;
+  struct  {
+    int ad_type;
+    octet_string ad_data;
+  } *val;
+} AuthorizationData;
+
+int    encode_AuthorizationData(unsigned char *, size_t, const AuthorizationData *, size_t *);
+int    decode_AuthorizationData(const unsigned char *, size_t, AuthorizationData *, size_t *);
+void   free_AuthorizationData  (AuthorizationData *);
+size_t length_AuthorizationData(const AuthorizationData *);
+int    copy_AuthorizationData  (const AuthorizationData *, AuthorizationData *);
+
+
+/*
+APOptions ::= BIT STRING {
+  reserved(0),
+  use-session-key(1),
+  mutual-required(2)
+}
+*/
+
+typedef struct APOptions {
+  unsigned int reserved:1;
+  unsigned int use_session_key:1;
+  unsigned int mutual_required:1;
+} APOptions;
+
+
+int    encode_APOptions(unsigned char *, size_t, const APOptions *, size_t *);
+int    decode_APOptions(const unsigned char *, size_t, APOptions *, size_t *);
+void   free_APOptions  (APOptions *);
+size_t length_APOptions(const APOptions *);
+int    copy_APOptions  (const APOptions *, APOptions *);
+unsigned APOptions2int(APOptions);
+APOptions int2APOptions(unsigned);
+extern struct units APOptions_units[];
+
+/*
+TicketFlags ::= BIT STRING {
+  reserved(0),
+  forwardable(1),
+  forwarded(2),
+  proxiable(3),
+  proxy(4),
+  may-postdate(5),
+  postdated(6),
+  invalid(7),
+  renewable(8),
+  initial(9),
+  pre-authent(10),
+  hw-authent(11),
+  transited-policy-checked(12),
+  ok-as-delegate(13),
+  anonymous(14)
+}
+*/
+
+typedef struct TicketFlags {
+  unsigned int reserved:1;
+  unsigned int forwardable:1;
+  unsigned int forwarded:1;
+  unsigned int proxiable:1;
+  unsigned int proxy:1;
+  unsigned int may_postdate:1;
+  unsigned int postdated:1;
+  unsigned int invalid:1;
+  unsigned int renewable:1;
+  unsigned int initial:1;
+  unsigned int pre_authent:1;
+  unsigned int hw_authent:1;
+  unsigned int transited_policy_checked:1;
+  unsigned int ok_as_delegate:1;
+  unsigned int anonymous:1;
+} TicketFlags;
+
+
+int    encode_TicketFlags(unsigned char *, size_t, const TicketFlags *, size_t *);
+int    decode_TicketFlags(const unsigned char *, size_t, TicketFlags *, size_t *);
+void   free_TicketFlags  (TicketFlags *);
+size_t length_TicketFlags(const TicketFlags *);
+int    copy_TicketFlags  (const TicketFlags *, TicketFlags *);
+unsigned TicketFlags2int(TicketFlags);
+TicketFlags int2TicketFlags(unsigned);
+extern struct units TicketFlags_units[];
+
+/*
+KDCOptions ::= BIT STRING {
+  reserved(0),
+  forwardable(1),
+  forwarded(2),
+  proxiable(3),
+  proxy(4),
+  allow-postdate(5),
+  postdated(6),
+  unused7(7),
+  renewable(8),
+  unused9(9),
+  unused10(10),
+  unused11(11),
+  request-anonymous(14),
+  canonicalize(15),
+  disable-transited-check(26),
+  renewable-ok(27),
+  enc-tkt-in-skey(28),
+  renew(30),
+  validate(31)
+}
+*/
+
+typedef struct KDCOptions {
+  unsigned int reserved:1;
+  unsigned int forwardable:1;
+  unsigned int forwarded:1;
+  unsigned int proxiable:1;
+  unsigned int proxy:1;
+  unsigned int allow_postdate:1;
+  unsigned int postdated:1;
+  unsigned int unused7:1;
+  unsigned int renewable:1;
+  unsigned int unused9:1;
+  unsigned int unused10:1;
+  unsigned int unused11:1;
+  unsigned int request_anonymous:1;
+  unsigned int canonicalize:1;
+  unsigned int disable_transited_check:1;
+  unsigned int renewable_ok:1;
+  unsigned int enc_tkt_in_skey:1;
+  unsigned int renew:1;
+  unsigned int validate:1;
+} KDCOptions;
+
+
+int    encode_KDCOptions(unsigned char *, size_t, const KDCOptions *, size_t *);
+int    decode_KDCOptions(const unsigned char *, size_t, KDCOptions *, size_t *);
+void   free_KDCOptions  (KDCOptions *);
+size_t length_KDCOptions(const KDCOptions *);
+int    copy_KDCOptions  (const KDCOptions *, KDCOptions *);
+unsigned KDCOptions2int(KDCOptions);
+KDCOptions int2KDCOptions(unsigned);
+extern struct units KDCOptions_units[];
+
+/*
+LR-TYPE ::= INTEGER
+*/
+
+typedef enum LR_TYPE {
+  LR_NONE = 0,
+  LR_INITIAL_TGT = 1,
+  LR_INITIAL = 2,
+  LR_ISSUE_USE_TGT = 3,
+  LR_RENEWAL = 4,
+  LR_REQUEST = 5,
+  LR_PW_EXPTIME = 6,
+  LR_ACCT_EXPTIME = 7
+} LR_TYPE;
+
+int    encode_LR_TYPE(unsigned char *, size_t, const LR_TYPE *, size_t *);
+int    decode_LR_TYPE(const unsigned char *, size_t, LR_TYPE *, size_t *);
+void   free_LR_TYPE  (LR_TYPE *);
+size_t length_LR_TYPE(const LR_TYPE *);
+int    copy_LR_TYPE  (const LR_TYPE *, LR_TYPE *);
+
+
+/*
+LastReq ::= SEQUENCE OF SEQUENCE {
+  lr-type[0]      LR-TYPE,
+  lr-value[1]     KerberosTime
+}
+*/
+
+typedef struct LastReq {
+  unsigned int len;
+  struct  {
+    LR_TYPE lr_type;
+    KerberosTime lr_value;
+  } *val;
+} LastReq;
+
+int    encode_LastReq(unsigned char *, size_t, const LastReq *, size_t *);
+int    decode_LastReq(const unsigned char *, size_t, LastReq *, size_t *);
+void   free_LastReq  (LastReq *);
+size_t length_LastReq(const LastReq *);
+int    copy_LastReq  (const LastReq *, LastReq *);
+
+
+/*
+EncryptedData ::= SEQUENCE {
+  etype[0]        ENCTYPE,
+  kvno[1]         INTEGER OPTIONAL,
+  cipher[2]       OCTET STRING
+}
+*/
+
+typedef struct EncryptedData {
+  ENCTYPE etype;
+  int *kvno;
+  octet_string cipher;
+} EncryptedData;
+
+int    encode_EncryptedData(unsigned char *, size_t, const EncryptedData *, size_t *);
+int    decode_EncryptedData(const unsigned char *, size_t, EncryptedData *, size_t *);
+void   free_EncryptedData  (EncryptedData *);
+size_t length_EncryptedData(const EncryptedData *);
+int    copy_EncryptedData  (const EncryptedData *, EncryptedData *);
+
+
+/*
+EncryptionKey ::= SEQUENCE {
+  keytype[0]      INTEGER,
+  keyvalue[1]     OCTET STRING
+}
+*/
+
+typedef struct EncryptionKey {
+  int keytype;
+  octet_string keyvalue;
+} EncryptionKey;
+
+int    encode_EncryptionKey(unsigned char *, size_t, const EncryptionKey *, size_t *);
+int    decode_EncryptionKey(const unsigned char *, size_t, EncryptionKey *, size_t *);
+void   free_EncryptionKey  (EncryptionKey *);
+size_t length_EncryptionKey(const EncryptionKey *);
+int    copy_EncryptionKey  (const EncryptionKey *, EncryptionKey *);
+
+
+/*
+TransitedEncoding ::= SEQUENCE {
+  tr-type[0]      INTEGER,
+  contents[1]     OCTET STRING
+}
+*/
+
+typedef struct TransitedEncoding {
+  int tr_type;
+  octet_string contents;
+} TransitedEncoding;
+
+int    encode_TransitedEncoding(unsigned char *, size_t, const TransitedEncoding *, size_t *);
+int    decode_TransitedEncoding(const unsigned char *, size_t, TransitedEncoding *, size_t *);
+void   free_TransitedEncoding  (TransitedEncoding *);
+size_t length_TransitedEncoding(const TransitedEncoding *);
+int    copy_TransitedEncoding  (const TransitedEncoding *, TransitedEncoding *);
+
+
+/*
+Ticket ::= [APPLICATION 1] SEQUENCE {
+  tkt-vno[0]      INTEGER,
+  realm[1]        Realm,
+  sname[2]        PrincipalName,
+  enc-part[3]     EncryptedData
+}
+*/
+
+typedef struct  {
+  int tkt_vno;
+  Realm realm;
+  PrincipalName sname;
+  EncryptedData enc_part;
+} Ticket;
+
+int    encode_Ticket(unsigned char *, size_t, const Ticket *, size_t *);
+int    decode_Ticket(const unsigned char *, size_t, Ticket *, size_t *);
+void   free_Ticket  (Ticket *);
+size_t length_Ticket(const Ticket *);
+int    copy_Ticket  (const Ticket *, Ticket *);
+
+
+/*
+EncTicketPart ::= [APPLICATION 3] SEQUENCE {
+  flags[0]                TicketFlags,
+  key[1]                  EncryptionKey,
+  crealm[2]               Realm,
+  cname[3]                PrincipalName,
+  transited[4]            TransitedEncoding,
+  authtime[5]             KerberosTime,
+  starttime[6]            KerberosTime OPTIONAL,
+  endtime[7]              KerberosTime,
+  renew-till[8]           KerberosTime OPTIONAL,
+  caddr[9]                HostAddresses OPTIONAL,
+  authorization-data[10]  AuthorizationData OPTIONAL
+}
+*/
+
+typedef struct  {
+  TicketFlags flags;
+  EncryptionKey key;
+  Realm crealm;
+  PrincipalName cname;
+  TransitedEncoding transited;
+  KerberosTime authtime;
+  KerberosTime *starttime;
+  KerberosTime endtime;
+  KerberosTime *renew_till;
+  HostAddresses *caddr;
+  AuthorizationData *authorization_data;
+} EncTicketPart;
+
+int    encode_EncTicketPart(unsigned char *, size_t, const EncTicketPart *, size_t *);
+int    decode_EncTicketPart(const unsigned char *, size_t, EncTicketPart *, size_t *);
+void   free_EncTicketPart  (EncTicketPart *);
+size_t length_EncTicketPart(const EncTicketPart *);
+int    copy_EncTicketPart  (const EncTicketPart *, EncTicketPart *);
+
+
+/*
+Checksum ::= SEQUENCE {
+  cksumtype[0]    CKSUMTYPE,
+  checksum[1]     OCTET STRING
+}
+*/
+
+typedef struct Checksum {
+  CKSUMTYPE cksumtype;
+  octet_string checksum;
+} Checksum;
+
+int    encode_Checksum(unsigned char *, size_t, const Checksum *, size_t *);
+int    decode_Checksum(const unsigned char *, size_t, Checksum *, size_t *);
+void   free_Checksum  (Checksum *);
+size_t length_Checksum(const Checksum *);
+int    copy_Checksum  (const Checksum *, Checksum *);
+
+
+/*
+Authenticator ::= [APPLICATION 2] SEQUENCE {
+  authenticator-vno[0]   INTEGER,
+  crealm[1]              Realm,
+  cname[2]               PrincipalName,
+  cksum[3]               Checksum OPTIONAL,
+  cusec[4]               INTEGER,
+  ctime[5]               KerberosTime,
+  subkey[6]              EncryptionKey OPTIONAL,
+  seq-number[7]          UNSIGNED OPTIONAL,
+  authorization-data[8]  AuthorizationData OPTIONAL
+}
+*/
+
+typedef struct  {
+  int authenticator_vno;
+  Realm crealm;
+  PrincipalName cname;
+  Checksum *cksum;
+  int cusec;
+  KerberosTime ctime;
+  EncryptionKey *subkey;
+  UNSIGNED *seq_number;
+  AuthorizationData *authorization_data;
+} Authenticator;
+
+int    encode_Authenticator(unsigned char *, size_t, const Authenticator *, size_t *);
+int    decode_Authenticator(const unsigned char *, size_t, Authenticator *, size_t *);
+void   free_Authenticator  (Authenticator *);
+size_t length_Authenticator(const Authenticator *);
+int    copy_Authenticator  (const Authenticator *, Authenticator *);
+
+
+/*
+PA-DATA ::= SEQUENCE {
+  padata-type[1]   PADATA-TYPE,
+  padata-value[2]  OCTET STRING
+}
+*/
+
+typedef struct PA_DATA {
+  PADATA_TYPE padata_type;
+  octet_string padata_value;
+} PA_DATA;
+
+int    encode_PA_DATA(unsigned char *, size_t, const PA_DATA *, size_t *);
+int    decode_PA_DATA(const unsigned char *, size_t, PA_DATA *, size_t *);
+void   free_PA_DATA  (PA_DATA *);
+size_t length_PA_DATA(const PA_DATA *);
+int    copy_PA_DATA  (const PA_DATA *, PA_DATA *);
+
+
+/*
+ETYPE-INFO-ENTRY ::= SEQUENCE {
+  etype[0]        ENCTYPE,
+  salt[1]         OCTET STRING OPTIONAL,
+  salttype[2]     INTEGER OPTIONAL
+}
+*/
+
+typedef struct ETYPE_INFO_ENTRY {
+  ENCTYPE etype;
+  octet_string *salt;
+  int *salttype;
+} ETYPE_INFO_ENTRY;
+
+int    encode_ETYPE_INFO_ENTRY(unsigned char *, size_t, const ETYPE_INFO_ENTRY *, size_t *);
+int    decode_ETYPE_INFO_ENTRY(const unsigned char *, size_t, ETYPE_INFO_ENTRY *, size_t *);
+void   free_ETYPE_INFO_ENTRY  (ETYPE_INFO_ENTRY *);
+size_t length_ETYPE_INFO_ENTRY(const ETYPE_INFO_ENTRY *);
+int    copy_ETYPE_INFO_ENTRY  (const ETYPE_INFO_ENTRY *, ETYPE_INFO_ENTRY *);
+
+
+/*
+ETYPE-INFO ::= SEQUENCE OF ETYPE-INFO-ENTRY
+*/
+
+typedef struct ETYPE_INFO {
+  unsigned int len;
+  ETYPE_INFO_ENTRY *val;
+} ETYPE_INFO;
+
+int    encode_ETYPE_INFO(unsigned char *, size_t, const ETYPE_INFO *, size_t *);
+int    decode_ETYPE_INFO(const unsigned char *, size_t, ETYPE_INFO *, size_t *);
+void   free_ETYPE_INFO  (ETYPE_INFO *);
+size_t length_ETYPE_INFO(const ETYPE_INFO *);
+int    copy_ETYPE_INFO  (const ETYPE_INFO *, ETYPE_INFO *);
+
+
+/*
+METHOD-DATA ::= SEQUENCE OF PA-DATA
+*/
+
+typedef struct METHOD_DATA {
+  unsigned int len;
+  PA_DATA *val;
+} METHOD_DATA;
+
+int    encode_METHOD_DATA(unsigned char *, size_t, const METHOD_DATA *, size_t *);
+int    decode_METHOD_DATA(const unsigned char *, size_t, METHOD_DATA *, size_t *);
+void   free_METHOD_DATA  (METHOD_DATA *);
+size_t length_METHOD_DATA(const METHOD_DATA *);
+int    copy_METHOD_DATA  (const METHOD_DATA *, METHOD_DATA *);
+
+
+/*
+KDC-REQ-BODY ::= SEQUENCE {
+  kdc-options[0]              KDCOptions,
+  cname[1]                    PrincipalName OPTIONAL,
+  realm[2]                    Realm,
+  sname[3]                    PrincipalName OPTIONAL,
+  from[4]                     KerberosTime OPTIONAL,
+  till[5]                     KerberosTime OPTIONAL,
+  rtime[6]                    KerberosTime OPTIONAL,
+  nonce[7]                    INTEGER,
+  etype[8]                    SEQUENCE OF ENCTYPE,
+  addresses[9]                HostAddresses OPTIONAL,
+  enc-authorization-data[10]  EncryptedData OPTIONAL,
+  additional-tickets[11]      SEQUENCE OF Ticket OPTIONAL
+}
+*/
+
+typedef struct KDC_REQ_BODY {
+  KDCOptions kdc_options;
+  PrincipalName *cname;
+  Realm realm;
+  PrincipalName *sname;
+  KerberosTime *from;
+  KerberosTime *till;
+  KerberosTime *rtime;
+  int nonce;
+  struct  {
+    unsigned int len;
+    ENCTYPE *val;
+  } etype;
+  HostAddresses *addresses;
+  EncryptedData *enc_authorization_data;
+  struct  {
+    unsigned int len;
+    Ticket *val;
+  } *additional_tickets;
+} KDC_REQ_BODY;
+
+int    encode_KDC_REQ_BODY(unsigned char *, size_t, const KDC_REQ_BODY *, size_t *);
+int    decode_KDC_REQ_BODY(const unsigned char *, size_t, KDC_REQ_BODY *, size_t *);
+void   free_KDC_REQ_BODY  (KDC_REQ_BODY *);
+size_t length_KDC_REQ_BODY(const KDC_REQ_BODY *);
+int    copy_KDC_REQ_BODY  (const KDC_REQ_BODY *, KDC_REQ_BODY *);
+
+
+/*
+KDC-REQ ::= SEQUENCE {
+  pvno[1]         INTEGER,
+  msg-type[2]     MESSAGE-TYPE,
+  padata[3]       METHOD-DATA OPTIONAL,
+  req-body[4]     KDC-REQ-BODY
+}
+*/
+
+typedef struct KDC_REQ {
+  int pvno;
+  MESSAGE_TYPE msg_type;
+  METHOD_DATA *padata;
+  KDC_REQ_BODY req_body;
+} KDC_REQ;
+
+int    encode_KDC_REQ(unsigned char *, size_t, const KDC_REQ *, size_t *);
+int    decode_KDC_REQ(const unsigned char *, size_t, KDC_REQ *, size_t *);
+void   free_KDC_REQ  (KDC_REQ *);
+size_t length_KDC_REQ(const KDC_REQ *);
+int    copy_KDC_REQ  (const KDC_REQ *, KDC_REQ *);
+
+
+/*
+AS-REQ ::= [APPLICATION 10] KDC-REQ
+*/
+
+typedef KDC_REQ AS_REQ;
+
+int    encode_AS_REQ(unsigned char *, size_t, const AS_REQ *, size_t *);
+int    decode_AS_REQ(const unsigned char *, size_t, AS_REQ *, size_t *);
+void   free_AS_REQ  (AS_REQ *);
+size_t length_AS_REQ(const AS_REQ *);
+int    copy_AS_REQ  (const AS_REQ *, AS_REQ *);
+
+
+/*
+TGS-REQ ::= [APPLICATION 12] KDC-REQ
+*/
+
+typedef KDC_REQ TGS_REQ;
+
+int    encode_TGS_REQ(unsigned char *, size_t, const TGS_REQ *, size_t *);
+int    decode_TGS_REQ(const unsigned char *, size_t, TGS_REQ *, size_t *);
+void   free_TGS_REQ  (TGS_REQ *);
+size_t length_TGS_REQ(const TGS_REQ *);
+int    copy_TGS_REQ  (const TGS_REQ *, TGS_REQ *);
+
+
+/*
+PA-ENC-TS-ENC ::= SEQUENCE {
+  patimestamp[0]  KerberosTime,
+  pausec[1]       INTEGER OPTIONAL
+}
+*/
+
+typedef struct PA_ENC_TS_ENC {
+  KerberosTime patimestamp;
+  int *pausec;
+} PA_ENC_TS_ENC;
+
+int    encode_PA_ENC_TS_ENC(unsigned char *, size_t, const PA_ENC_TS_ENC *, size_t *);
+int    decode_PA_ENC_TS_ENC(const unsigned char *, size_t, PA_ENC_TS_ENC *, size_t *);
+void   free_PA_ENC_TS_ENC  (PA_ENC_TS_ENC *);
+size_t length_PA_ENC_TS_ENC(const PA_ENC_TS_ENC *);
+int    copy_PA_ENC_TS_ENC  (const PA_ENC_TS_ENC *, PA_ENC_TS_ENC *);
+
+
+/*
+KDC-REP ::= SEQUENCE {
+  pvno[0]         INTEGER,
+  msg-type[1]     MESSAGE-TYPE,
+  padata[2]       METHOD-DATA OPTIONAL,
+  crealm[3]       Realm,
+  cname[4]        PrincipalName,
+  ticket[5]       Ticket,
+  enc-part[6]     EncryptedData
+}
+*/
+
+typedef struct KDC_REP {
+  int pvno;
+  MESSAGE_TYPE msg_type;
+  METHOD_DATA *padata;
+  Realm crealm;
+  PrincipalName cname;
+  Ticket ticket;
+  EncryptedData enc_part;
+} KDC_REP;
+
+int    encode_KDC_REP(unsigned char *, size_t, const KDC_REP *, size_t *);
+int    decode_KDC_REP(const unsigned char *, size_t, KDC_REP *, size_t *);
+void   free_KDC_REP  (KDC_REP *);
+size_t length_KDC_REP(const KDC_REP *);
+int    copy_KDC_REP  (const KDC_REP *, KDC_REP *);
+
+
+/*
+AS-REP ::= [APPLICATION 11] KDC-REP
+*/
+
+typedef KDC_REP AS_REP;
+
+int    encode_AS_REP(unsigned char *, size_t, const AS_REP *, size_t *);
+int    decode_AS_REP(const unsigned char *, size_t, AS_REP *, size_t *);
+void   free_AS_REP  (AS_REP *);
+size_t length_AS_REP(const AS_REP *);
+int    copy_AS_REP  (const AS_REP *, AS_REP *);
+
+
+/*
+TGS-REP ::= [APPLICATION 13] KDC-REP
+*/
+
+typedef KDC_REP TGS_REP;
+
+int    encode_TGS_REP(unsigned char *, size_t, const TGS_REP *, size_t *);
+int    decode_TGS_REP(const unsigned char *, size_t, TGS_REP *, size_t *);
+void   free_TGS_REP  (TGS_REP *);
+size_t length_TGS_REP(const TGS_REP *);
+int    copy_TGS_REP  (const TGS_REP *, TGS_REP *);
+
+
+/*
+EncKDCRepPart ::= SEQUENCE {
+  key[0]             EncryptionKey,
+  last-req[1]        LastReq,
+  nonce[2]           INTEGER,
+  key-expiration[3]  KerberosTime OPTIONAL,
+  flags[4]           TicketFlags,
+  authtime[5]        KerberosTime,
+  starttime[6]       KerberosTime OPTIONAL,
+  endtime[7]         KerberosTime,
+  renew-till[8]      KerberosTime OPTIONAL,
+  srealm[9]          Realm,
+  sname[10]          PrincipalName,
+  caddr[11]          HostAddresses OPTIONAL
+}
+*/
+
+typedef struct EncKDCRepPart {
+  EncryptionKey key;
+  LastReq last_req;
+  int nonce;
+  KerberosTime *key_expiration;
+  TicketFlags flags;
+  KerberosTime authtime;
+  KerberosTime *starttime;
+  KerberosTime endtime;
+  KerberosTime *renew_till;
+  Realm srealm;
+  PrincipalName sname;
+  HostAddresses *caddr;
+} EncKDCRepPart;
+
+int    encode_EncKDCRepPart(unsigned char *, size_t, const EncKDCRepPart *, size_t *);
+int    decode_EncKDCRepPart(const unsigned char *, size_t, EncKDCRepPart *, size_t *);
+void   free_EncKDCRepPart  (EncKDCRepPart *);
+size_t length_EncKDCRepPart(const EncKDCRepPart *);
+int    copy_EncKDCRepPart  (const EncKDCRepPart *, EncKDCRepPart *);
+
+
+/*
+EncASRepPart ::= [APPLICATION 25] EncKDCRepPart
+*/
+
+typedef EncKDCRepPart EncASRepPart;
+
+int    encode_EncASRepPart(unsigned char *, size_t, const EncASRepPart *, size_t *);
+int    decode_EncASRepPart(const unsigned char *, size_t, EncASRepPart *, size_t *);
+void   free_EncASRepPart  (EncASRepPart *);
+size_t length_EncASRepPart(const EncASRepPart *);
+int    copy_EncASRepPart  (const EncASRepPart *, EncASRepPart *);
+
+
+/*
+EncTGSRepPart ::= [APPLICATION 26] EncKDCRepPart
+*/
+
+typedef EncKDCRepPart EncTGSRepPart;
+
+int    encode_EncTGSRepPart(unsigned char *, size_t, const EncTGSRepPart *, size_t *);
+int    decode_EncTGSRepPart(const unsigned char *, size_t, EncTGSRepPart *, size_t *);
+void   free_EncTGSRepPart  (EncTGSRepPart *);
+size_t length_EncTGSRepPart(const EncTGSRepPart *);
+int    copy_EncTGSRepPart  (const EncTGSRepPart *, EncTGSRepPart *);
+
+
+/*
+AP-REQ ::= [APPLICATION 14] SEQUENCE {
+  pvno[0]           INTEGER,
+  msg-type[1]       MESSAGE-TYPE,
+  ap-options[2]     APOptions,
+  ticket[3]         Ticket,
+  authenticator[4]  EncryptedData
+}
+*/
+
+typedef struct  {
+  int pvno;
+  MESSAGE_TYPE msg_type;
+  APOptions ap_options;
+  Ticket ticket;
+  EncryptedData authenticator;
+} AP_REQ;
+
+int    encode_AP_REQ(unsigned char *, size_t, const AP_REQ *, size_t *);
+int    decode_AP_REQ(const unsigned char *, size_t, AP_REQ *, size_t *);
+void   free_AP_REQ  (AP_REQ *);
+size_t length_AP_REQ(const AP_REQ *);
+int    copy_AP_REQ  (const AP_REQ *, AP_REQ *);
+
+
+/*
+AP-REP ::= [APPLICATION 15] SEQUENCE {
+  pvno[0]         INTEGER,
+  msg-type[1]     MESSAGE-TYPE,
+  enc-part[2]     EncryptedData
+}
+*/
+
+typedef struct  {
+  int pvno;
+  MESSAGE_TYPE msg_type;
+  EncryptedData enc_part;
+} AP_REP;
+
+int    encode_AP_REP(unsigned char *, size_t, const AP_REP *, size_t *);
+int    decode_AP_REP(const unsigned char *, size_t, AP_REP *, size_t *);
+void   free_AP_REP  (AP_REP *);
+size_t length_AP_REP(const AP_REP *);
+int    copy_AP_REP  (const AP_REP *, AP_REP *);
+
+
+/*
+EncAPRepPart ::= [APPLICATION 27] SEQUENCE {
+  ctime[0]        KerberosTime,
+  cusec[1]        INTEGER,
+  subkey[2]       EncryptionKey OPTIONAL,
+  seq-number[3]   UNSIGNED OPTIONAL
+}
+*/
+
+typedef struct  {
+  KerberosTime ctime;
+  int cusec;
+  EncryptionKey *subkey;
+  UNSIGNED *seq_number;
+} EncAPRepPart;
+
+int    encode_EncAPRepPart(unsigned char *, size_t, const EncAPRepPart *, size_t *);
+int    decode_EncAPRepPart(const unsigned char *, size_t, EncAPRepPart *, size_t *);
+void   free_EncAPRepPart  (EncAPRepPart *);
+size_t length_EncAPRepPart(const EncAPRepPart *);
+int    copy_EncAPRepPart  (const EncAPRepPart *, EncAPRepPart *);
+
+
+/*
+KRB-SAFE-BODY ::= SEQUENCE {
+  user-data[0]    OCTET STRING,
+  timestamp[1]    KerberosTime OPTIONAL,
+  usec[2]         INTEGER OPTIONAL,
+  seq-number[3]   UNSIGNED OPTIONAL,
+  s-address[4]    HostAddress OPTIONAL,
+  r-address[5]    HostAddress OPTIONAL
+}
+*/
+
+typedef struct KRB_SAFE_BODY {
+  octet_string user_data;
+  KerberosTime *timestamp;
+  int *usec;
+  UNSIGNED *seq_number;
+  HostAddress *s_address;
+  HostAddress *r_address;
+} KRB_SAFE_BODY;
+
+int    encode_KRB_SAFE_BODY(unsigned char *, size_t, const KRB_SAFE_BODY *, size_t *);
+int    decode_KRB_SAFE_BODY(const unsigned char *, size_t, KRB_SAFE_BODY *, size_t *);
+void   free_KRB_SAFE_BODY  (KRB_SAFE_BODY *);
+size_t length_KRB_SAFE_BODY(const KRB_SAFE_BODY *);
+int    copy_KRB_SAFE_BODY  (const KRB_SAFE_BODY *, KRB_SAFE_BODY *);
+
+
+/*
+KRB-SAFE ::= [APPLICATION 20] SEQUENCE {
+  pvno[0]         INTEGER,
+  msg-type[1]     MESSAGE-TYPE,
+  safe-body[2]    KRB-SAFE-BODY,
+  cksum[3]        Checksum
+}
+*/
+
+typedef struct  {
+  int pvno;
+  MESSAGE_TYPE msg_type;
+  KRB_SAFE_BODY safe_body;
+  Checksum cksum;
+} KRB_SAFE;
+
+int    encode_KRB_SAFE(unsigned char *, size_t, const KRB_SAFE *, size_t *);
+int    decode_KRB_SAFE(const unsigned char *, size_t, KRB_SAFE *, size_t *);
+void   free_KRB_SAFE  (KRB_SAFE *);
+size_t length_KRB_SAFE(const KRB_SAFE *);
+int    copy_KRB_SAFE  (const KRB_SAFE *, KRB_SAFE *);
+
+
+/*
+KRB-PRIV ::= [APPLICATION 21] SEQUENCE {
+  pvno[0]         INTEGER,
+  msg-type[1]     MESSAGE-TYPE,
+  enc-part[3]     EncryptedData
+}
+*/
+
+typedef struct  {
+  int pvno;
+  MESSAGE_TYPE msg_type;
+  EncryptedData enc_part;
+} KRB_PRIV;
+
+int    encode_KRB_PRIV(unsigned char *, size_t, const KRB_PRIV *, size_t *);
+int    decode_KRB_PRIV(const unsigned char *, size_t, KRB_PRIV *, size_t *);
+void   free_KRB_PRIV  (KRB_PRIV *);
+size_t length_KRB_PRIV(const KRB_PRIV *);
+int    copy_KRB_PRIV  (const KRB_PRIV *, KRB_PRIV *);
+
+
+/*
+EncKrbPrivPart ::= [APPLICATION 28] SEQUENCE {
+  user-data[0]    OCTET STRING,
+  timestamp[1]    KerberosTime OPTIONAL,
+  usec[2]         INTEGER OPTIONAL,
+  seq-number[3]   UNSIGNED OPTIONAL,
+  s-address[4]    HostAddress OPTIONAL,
+  r-address[5]    HostAddress OPTIONAL
+}
+*/
+
+typedef struct  {
+  octet_string user_data;
+  KerberosTime *timestamp;
+  int *usec;
+  UNSIGNED *seq_number;
+  HostAddress *s_address;
+  HostAddress *r_address;
+} EncKrbPrivPart;
+
+int    encode_EncKrbPrivPart(unsigned char *, size_t, const EncKrbPrivPart *, size_t *);
+int    decode_EncKrbPrivPart(const unsigned char *, size_t, EncKrbPrivPart *, size_t *);
+void   free_EncKrbPrivPart  (EncKrbPrivPart *);
+size_t length_EncKrbPrivPart(const EncKrbPrivPart *);
+int    copy_EncKrbPrivPart  (const EncKrbPrivPart *, EncKrbPrivPart *);
+
+
+/*
+KRB-CRED ::= [APPLICATION 22] SEQUENCE {
+  pvno[0]         INTEGER,
+  msg-type[1]     MESSAGE-TYPE,
+  tickets[2]      SEQUENCE OF Ticket,
+  enc-part[3]     EncryptedData
+}
+*/
+
+typedef struct  {
+  int pvno;
+  MESSAGE_TYPE msg_type;
+  struct  {
+    unsigned int len;
+    Ticket *val;
+  } tickets;
+  EncryptedData enc_part;
+} KRB_CRED;
+
+int    encode_KRB_CRED(unsigned char *, size_t, const KRB_CRED *, size_t *);
+int    decode_KRB_CRED(const unsigned char *, size_t, KRB_CRED *, size_t *);
+void   free_KRB_CRED  (KRB_CRED *);
+size_t length_KRB_CRED(const KRB_CRED *);
+int    copy_KRB_CRED  (const KRB_CRED *, KRB_CRED *);
+
+
+/*
+KrbCredInfo ::= SEQUENCE {
+  key[0]          EncryptionKey,
+  prealm[1]       Realm OPTIONAL,
+  pname[2]        PrincipalName OPTIONAL,
+  flags[3]        TicketFlags OPTIONAL,
+  authtime[4]     KerberosTime OPTIONAL,
+  starttime[5]    KerberosTime OPTIONAL,
+  endtime[6]      KerberosTime OPTIONAL,
+  renew-till[7]   KerberosTime OPTIONAL,
+  srealm[8]       Realm OPTIONAL,
+  sname[9]        PrincipalName OPTIONAL,
+  caddr[10]       HostAddresses OPTIONAL
+}
+*/
+
+typedef struct KrbCredInfo {
+  EncryptionKey key;
+  Realm *prealm;
+  PrincipalName *pname;
+  TicketFlags *flags;
+  KerberosTime *authtime;
+  KerberosTime *starttime;
+  KerberosTime *endtime;
+  KerberosTime *renew_till;
+  Realm *srealm;
+  PrincipalName *sname;
+  HostAddresses *caddr;
+} KrbCredInfo;
+
+int    encode_KrbCredInfo(unsigned char *, size_t, const KrbCredInfo *, size_t *);
+int    decode_KrbCredInfo(const unsigned char *, size_t, KrbCredInfo *, size_t *);
+void   free_KrbCredInfo  (KrbCredInfo *);
+size_t length_KrbCredInfo(const KrbCredInfo *);
+int    copy_KrbCredInfo  (const KrbCredInfo *, KrbCredInfo *);
+
+
+/*
+EncKrbCredPart ::= [APPLICATION 29] SEQUENCE {
+  ticket-info[0]  SEQUENCE OF KrbCredInfo,
+  nonce[1]        INTEGER OPTIONAL,
+  timestamp[2]    KerberosTime OPTIONAL,
+  usec[3]         INTEGER OPTIONAL,
+  s-address[4]    HostAddress OPTIONAL,
+  r-address[5]    HostAddress OPTIONAL
+}
+*/
+
+typedef struct  {
+  struct  {
+    unsigned int len;
+    KrbCredInfo *val;
+  } ticket_info;
+  int *nonce;
+  KerberosTime *timestamp;
+  int *usec;
+  HostAddress *s_address;
+  HostAddress *r_address;
+} EncKrbCredPart;
+
+int    encode_EncKrbCredPart(unsigned char *, size_t, const EncKrbCredPart *, size_t *);
+int    decode_EncKrbCredPart(const unsigned char *, size_t, EncKrbCredPart *, size_t *);
+void   free_EncKrbCredPart  (EncKrbCredPart *);
+size_t length_EncKrbCredPart(const EncKrbCredPart *);
+int    copy_EncKrbCredPart  (const EncKrbCredPart *, EncKrbCredPart *);
+
+
+/*
+KRB-ERROR ::= [APPLICATION 30] SEQUENCE {
+  pvno[0]         INTEGER,
+  msg-type[1]     MESSAGE-TYPE,
+  ctime[2]        KerberosTime OPTIONAL,
+  cusec[3]        INTEGER OPTIONAL,
+  stime[4]        KerberosTime,
+  susec[5]        INTEGER,
+  error-code[6]   INTEGER,
+  crealm[7]       Realm OPTIONAL,
+  cname[8]        PrincipalName OPTIONAL,
+  realm[9]        Realm,
+  sname[10]       PrincipalName,
+  e-text[11]      GeneralString OPTIONAL,
+  e-data[12]      OCTET STRING OPTIONAL
+}
+*/
+
+typedef struct  {
+  int pvno;
+  MESSAGE_TYPE msg_type;
+  KerberosTime *ctime;
+  int *cusec;
+  KerberosTime stime;
+  int susec;
+  int error_code;
+  Realm *crealm;
+  PrincipalName *cname;
+  Realm realm;
+  PrincipalName sname;
+  general_string *e_text;
+  octet_string *e_data;
+} KRB_ERROR;
+
+int    encode_KRB_ERROR(unsigned char *, size_t, const KRB_ERROR *, size_t *);
+int    decode_KRB_ERROR(const unsigned char *, size_t, KRB_ERROR *, size_t *);
+void   free_KRB_ERROR  (KRB_ERROR *);
+size_t length_KRB_ERROR(const KRB_ERROR *);
+int    copy_KRB_ERROR  (const KRB_ERROR *, KRB_ERROR *);
+
+
+enum { pvno = 5 };
+
+enum { DOMAIN_X500_COMPRESS = 1 };
+
+#endif /* __krb5_asn1_h__ */
diff --git a/lib/libkrb5/generated/krb5_err.c b/lib/libkrb5/generated/krb5_err.c
new file mode 100644
index 00000000000..1a81d394302
--- /dev/null
+++ b/lib/libkrb5/generated/krb5_err.c
@@ -0,0 +1,246 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/krb5/krb5_err.et */
+/* $KTH: krb5_err.et,v 1.9 2000/04/06 00:41:37 assar Exp $ */
+
+#include <stddef.h>
+#include <com_err.h>
+#include "krb5_err.h"
+
+static const char *text[] = {
+	/* 000 */ "No error",
+	/* 001 */ "Client's entry in database has expired",
+	/* 002 */ "Server's entry in database has expired",
+	/* 003 */ "Requested protocol version not supported",
+	/* 004 */ "Client's key is encrypted in an old master key",
+	/* 005 */ "Server's key is encrypted in an old master key",
+	/* 006 */ "Client not found in Kerberos database",
+	/* 007 */ "Server not found in Kerberos database",
+	/* 008 */ "Principal has multiple entries in Kerberos database",
+	/* 009 */ "Client or server has a null key",
+	/* 010 */ "Ticket is ineligible for postdating",
+	/* 011 */ "Requested effective lifetime is negative or too short",
+	/* 012 */ "KDC policy rejects request",
+	/* 013 */ "KDC can't fulfill requested option",
+	/* 014 */ "KDC has no support for encryption type",
+	/* 015 */ "KDC has no support for checksum type",
+	/* 016 */ "KDC has no support for padata type",
+	/* 017 */ "KDC has no support for transited type",
+	/* 018 */ "Clients credentials have been revoked",
+	/* 019 */ "Credentials for server have been revoked",
+	/* 020 */ "TGT has been revoked",
+	/* 021 */ "Client not yet valid - try again later",
+	/* 022 */ "Server not yet valid - try again later",
+	/* 023 */ "Password has expired",
+	/* 024 */ "Preauthentication failed",
+	/* 025 */ "Additional pre-authentication required",
+	/* 026 */ "Requested server and ticket don't match",
+	/* 027 */ "Reserved krb5 error (27)",
+	/* 028 */ "Reserved krb5 error (28)",
+	/* 029 */ "Reserved krb5 error (29)",
+	/* 030 */ "Reserved krb5 error (30)",
+	/* 031 */ "Decrypt integrity check failed",
+	/* 032 */ "Ticket expired",
+	/* 033 */ "Ticket not yet valid",
+	/* 034 */ "Request is a replay",
+	/* 035 */ "The ticket isn't for us",
+	/* 036 */ "Ticket/authenticator don't match",
+	/* 037 */ "Clock skew too great",
+	/* 038 */ "Incorrect net address",
+	/* 039 */ "Protocol version mismatch",
+	/* 040 */ "Invalid message type",
+	/* 041 */ "Message stream modified",
+	/* 042 */ "Message out of order",
+	/* 043 */ "Invalid cross-realm ticket",
+	/* 044 */ "Key version is not available",
+	/* 045 */ "Service key not available",
+	/* 046 */ "Mutual authentication failed",
+	/* 047 */ "Incorrect message direction",
+	/* 048 */ "Alternative authentication method required",
+	/* 049 */ "Incorrect sequence number in message",
+	/* 050 */ "Inappropriate type of checksum in message",
+	/* 051 */ "Policy rejects transited path",
+	/* 052 */ "Response too big for UDP, retry with TCP",
+	/* 053 */ "Reserved krb5 error (53)",
+	/* 054 */ "Reserved krb5 error (54)",
+	/* 055 */ "Reserved krb5 error (55)",
+	/* 056 */ "Reserved krb5 error (56)",
+	/* 057 */ "Reserved krb5 error (57)",
+	/* 058 */ "Reserved krb5 error (58)",
+	/* 059 */ "Reserved krb5 error (59)",
+	/* 060 */ "Generic error (see e-text)",
+	/* 061 */ "Field is too long for this implementation",
+	/* 062 */ "Client not trusted",
+	/* 063 */ "KDC not trusted",
+	/* 064 */ "Invalid signature",
+	/* 065 */ "Key too weak",
+	/* 066 */ "Certificate mismatch",
+	/* 067 */ "User to user required",
+	/* 068 */ "Cannot verify certificate",
+	/* 069 */ "Invalid certificate",
+	/* 070 */ "Revoked certificate",
+	/* 071 */ "Revocation status unknown",
+	/* 072 */ "Revocation status unavailable",
+	/* 073 */ "Client name mismatch",
+	/* 074 */ "KDC name mismatch",
+	/* 075 */ "Reserved krb5 error (75)",
+	/* 076 */ "Reserved krb5 error (76)",
+	/* 077 */ "Reserved krb5 error (77)",
+	/* 078 */ "Reserved krb5 error (78)",
+	/* 079 */ "Reserved krb5 error (79)",
+	/* 080 */ "Reserved krb5 error (80)",
+	/* 081 */ "Reserved krb5 error (81)",
+	/* 082 */ "Reserved krb5 error (82)",
+	/* 083 */ "Reserved krb5 error (83)",
+	/* 084 */ "Reserved krb5 error (84)",
+	/* 085 */ "Reserved krb5 error (85)",
+	/* 086 */ "Reserved krb5 error (86)",
+	/* 087 */ "Reserved krb5 error (87)",
+	/* 088 */ "Reserved krb5 error (88)",
+	/* 089 */ "Reserved krb5 error (89)",
+	/* 090 */ "Reserved krb5 error (90)",
+	/* 091 */ "Reserved krb5 error (91)",
+	/* 092 */ "Reserved krb5 error (92)",
+	/* 093 */ "Reserved krb5 error (93)",
+	/* 094 */ "Reserved krb5 error (94)",
+	/* 095 */ "Reserved krb5 error (95)",
+	/* 096 */ "Reserved krb5 error (96)",
+	/* 097 */ "Reserved krb5 error (97)",
+	/* 098 */ "Reserved krb5 error (98)",
+	/* 099 */ "Reserved krb5 error (99)",
+	/* 100 */ "Reserved krb5 error (100)",
+	/* 101 */ "Reserved krb5 error (101)",
+	/* 102 */ "Reserved krb5 error (102)",
+	/* 103 */ "Reserved krb5 error (103)",
+	/* 104 */ "Reserved krb5 error (104)",
+	/* 105 */ "Reserved krb5 error (105)",
+	/* 106 */ "Reserved krb5 error (106)",
+	/* 107 */ "Reserved krb5 error (107)",
+	/* 108 */ "Reserved krb5 error (108)",
+	/* 109 */ "Reserved krb5 error (109)",
+	/* 110 */ "Reserved krb5 error (110)",
+	/* 111 */ "Reserved krb5 error (111)",
+	/* 112 */ "Reserved krb5 error (112)",
+	/* 113 */ "Reserved krb5 error (113)",
+	/* 114 */ "Reserved krb5 error (114)",
+	/* 115 */ "Reserved krb5 error (115)",
+	/* 116 */ "Reserved krb5 error (116)",
+	/* 117 */ "Reserved krb5 error (117)",
+	/* 118 */ "Reserved krb5 error (118)",
+	/* 119 */ "Reserved krb5 error (119)",
+	/* 120 */ "Reserved krb5 error (120)",
+	/* 121 */ "Reserved krb5 error (121)",
+	/* 122 */ "Reserved krb5 error (122)",
+	/* 123 */ "Reserved krb5 error (123)",
+	/* 124 */ "Reserved krb5 error (124)",
+	/* 125 */ "Reserved krb5 error (125)",
+	/* 126 */ "Reserved krb5 error (126)",
+	/* 127 */ "Reserved krb5 error (127)",
+	/* 128 */ "$KTH: krb5_err.et,v 1.9 2000/04/06 00:41:37 assar Exp $",
+	/* 129 */ "Invalid flag for file lock mode",
+	/* 130 */ "Cannot read password",
+	/* 131 */ "Password mismatch",
+	/* 132 */ "Password read interrupted",
+	/* 133 */ "Invalid character in component name",
+	/* 134 */ "Malformed representation of principal",
+	/* 135 */ "Can't open/find configuration file",
+	/* 136 */ "Improper format of configuration file",
+	/* 137 */ "Insufficient space to return complete information",
+	/* 138 */ "Invalid message type specified for encoding",
+	/* 139 */ "Credential cache name malformed",
+	/* 140 */ "Unknown credential cache type",
+	/* 141 */ "Matching credential not found",
+	/* 142 */ "End of credential cache reached",
+	/* 143 */ "Request did not supply a ticket",
+	/* 144 */ "Wrong principal in request",
+	/* 145 */ "Ticket has invalid flag set",
+	/* 146 */ "Requested principal and ticket don't match",
+	/* 147 */ "KDC reply did not match expectations",
+	/* 148 */ "Clock skew too great in KDC reply",
+	/* 149 */ "Client/server realm mismatch in initial ticket request",
+	/* 150 */ "Program lacks support for encryption type",
+	/* 151 */ "Program lacks support for key type",
+	/* 152 */ "Requested encryption type not used in message",
+	/* 153 */ "Program lacks support for checksum type",
+	/* 154 */ "Cannot find KDC for requested realm",
+	/* 155 */ "Kerberos service unknown",
+	/* 156 */ "Cannot contact any KDC for requested realm",
+	/* 157 */ "No local name found for principal name",
+	/* 158 */ "Mutual authentication failed",
+	/* 159 */ "Replay cache type is already registered",
+	/* 160 */ "No more memory to allocate (in replay cache code)",
+	/* 161 */ "Replay cache type is unknown",
+	/* 162 */ "Generic unknown RC error",
+	/* 163 */ "Message is a replay",
+	/* 164 */ "Replay I/O operation failed XXX",
+	/* 165 */ "Replay cache type does not support non-volatile storage",
+	/* 166 */ "Replay cache name parse/format error",
+	/* 167 */ "End-of-file on replay cache I/O",
+	/* 168 */ "No more memory to allocate (in replay cache I/O code)",
+	/* 169 */ "Permission denied in replay cache code",
+	/* 170 */ "I/O error in replay cache i/o code",
+	/* 171 */ "Generic unknown RC/IO error",
+	/* 172 */ "Insufficient system space to store replay information",
+	/* 173 */ "Can't open/find realm translation file",
+	/* 174 */ "Improper format of realm translation file",
+	/* 175 */ "Can't open/find lname translation database",
+	/* 176 */ "No translation available for requested principal",
+	/* 177 */ "Improper format of translation database entry",
+	/* 178 */ "Cryptosystem internal error",
+	/* 179 */ "Key table name malformed",
+	/* 180 */ "Unknown Key table type",
+	/* 181 */ "Key table entry not found",
+	/* 182 */ "End of key table reached",
+	/* 183 */ "Cannot write to specified key table",
+	/* 184 */ "Error writing to key table",
+	/* 185 */ "Cannot find ticket for requested realm",
+	/* 186 */ "DES key has bad parity",
+	/* 187 */ "DES key is a weak key",
+	/* 188 */ "Bad encryption type",
+	/* 189 */ "Key size is incompatible with encryption type",
+	/* 190 */ "Message size is incompatible with encryption type",
+	/* 191 */ "Credentials cache type is already registered.",
+	/* 192 */ "Key table type is already registered.",
+	/* 193 */ "Credentials cache I/O operation failed XXX",
+	/* 194 */ "Credentials cache file permissions incorrect",
+	/* 195 */ "No credentials cache file found",
+	/* 196 */ "Internal file credentials cache error",
+	/* 197 */ "Error writing to credentials cache file",
+	/* 198 */ "No more memory to allocate (in credentials cache code)",
+	/* 199 */ "Bad format in credentials cache",
+	/* 200 */ "Invalid KDC option combination (library internal error)",
+	/* 201 */ "Request missing second ticket",
+	/* 202 */ "No credentials supplied to library routine",
+	/* 203 */ "Bad sendauth version was sent",
+	/* 204 */ "Bad application version was sent (via sendauth)",
+	/* 205 */ "Bad response (during sendauth exchange)",
+	/* 206 */ "Server rejected authentication (during sendauth exchange)",
+	/* 207 */ "Unsupported preauthentication type",
+	/* 208 */ "Required preauthentication key not supplied",
+	/* 209 */ "Generic preauthentication failure",
+	/* 210 */ "Unsupported replay cache format version number",
+	/* 211 */ "Unsupported credentials cache format version number",
+	/* 212 */ "Unsupported key table format version number",
+	/* 213 */ "Program lacks support for address type",
+	/* 214 */ "Message replay detection requires rcache parameter",
+	/* 215 */ "Hostname cannot be canonicalized",
+	/* 216 */ "Cannot determine realm for host",
+	/* 217 */ "Conversion to service principal undefined for name type",
+	/* 218 */ "Initial Ticket response appears to be Version 4",
+	/* 219 */ "Cannot resolve KDC for requested realm",
+	/* 220 */ "Requesting ticket can't get forwardable tickets",
+	/* 221 */ "Bad principal name while trying to forward credentials",
+	/* 222 */ "Looping detected inside krb5_get_in_tkt",
+	/* 223 */ "Configuration file does not specify default realm",
+	/* 224 */ "Bad SAM flags in obtain_sam_padata",
+	/* 225 */ "Keytab name too long",
+	NULL
+};
+
+void initialize_krb5_error_table_r(struct et_list **list)
+{
+    initialize_error_table_r(list, text, krb5_num_errors, ERROR_TABLE_BASE_krb5);
+}
+
+void initialize_krb5_error_table(void)
+{
+    init_error_table(text, ERROR_TABLE_BASE_krb5, krb5_num_errors);
+}
diff --git a/lib/libkrb5/generated/krb5_err.h b/lib/libkrb5/generated/krb5_err.h
new file mode 100644
index 00000000000..580fbef1398
--- /dev/null
+++ b/lib/libkrb5/generated/krb5_err.h
@@ -0,0 +1,182 @@
+/* Generated from /usr/src/lib/libkrb5/../../kerberosV/src/lib/krb5/krb5_err.et */
+/* $KTH: krb5_err.et,v 1.9 2000/04/06 00:41:37 assar Exp $ */
+
+#ifndef __krb5_err_h__
+#define __krb5_err_h__
+
+#include <com_err.h>
+
+void initialize_krb5_error_table_r(struct et_list **);
+
+void initialize_krb5_error_table(void);
+#define init_krb5_err_tbl initialize_krb5_error_table
+
+typedef enum krb5_error_number{
+	ERROR_TABLE_BASE_krb5 = -1765328384,
+	krb5_err_base = -1765328384,
+	KRB5KDC_ERR_NONE = -1765328384,
+	KRB5KDC_ERR_NAME_EXP = -1765328383,
+	KRB5KDC_ERR_SERVICE_EXP = -1765328382,
+	KRB5KDC_ERR_BAD_PVNO = -1765328381,
+	KRB5KDC_ERR_C_OLD_MAST_KVNO = -1765328380,
+	KRB5KDC_ERR_S_OLD_MAST_KVNO = -1765328379,
+	KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN = -1765328378,
+	KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN = -1765328377,
+	KRB5KDC_ERR_PRINCIPAL_NOT_UNIQUE = -1765328376,
+	KRB5KDC_ERR_NULL_KEY = -1765328375,
+	KRB5KDC_ERR_CANNOT_POSTDATE = -1765328374,
+	KRB5KDC_ERR_NEVER_VALID = -1765328373,
+	KRB5KDC_ERR_POLICY = -1765328372,
+	KRB5KDC_ERR_BADOPTION = -1765328371,
+	KRB5KDC_ERR_ETYPE_NOSUPP = -1765328370,
+	KRB5KDC_ERR_SUMTYPE_NOSUPP = -1765328369,
+	KRB5KDC_ERR_PADATA_TYPE_NOSUPP = -1765328368,
+	KRB5KDC_ERR_TRTYPE_NOSUPP = -1765328367,
+	KRB5KDC_ERR_CLIENT_REVOKED = -1765328366,
+	KRB5KDC_ERR_SERVICE_REVOKED = -1765328365,
+	KRB5KDC_ERR_TGT_REVOKED = -1765328364,
+	KRB5KDC_ERR_CLIENT_NOTYET = -1765328363,
+	KRB5KDC_ERR_SERVICE_NOTYET = -1765328362,
+	KRB5KDC_ERR_KEY_EXPIRED = -1765328361,
+	KRB5KDC_ERR_PREAUTH_FAILED = -1765328360,
+	KRB5KDC_ERR_PREAUTH_REQUIRED = -1765328359,
+	KRB5KDC_ERR_SERVER_NOMATCH = -1765328358,
+	KRB5KRB_AP_ERR_BAD_INTEGRITY = -1765328353,
+	KRB5KRB_AP_ERR_TKT_EXPIRED = -1765328352,
+	KRB5KRB_AP_ERR_TKT_NYV = -1765328351,
+	KRB5KRB_AP_ERR_REPEAT = -1765328350,
+	KRB5KRB_AP_ERR_NOT_US = -1765328349,
+	KRB5KRB_AP_ERR_BADMATCH = -1765328348,
+	KRB5KRB_AP_ERR_SKEW = -1765328347,
+	KRB5KRB_AP_ERR_BADADDR = -1765328346,
+	KRB5KRB_AP_ERR_BADVERSION = -1765328345,
+	KRB5KRB_AP_ERR_MSG_TYPE = -1765328344,
+	KRB5KRB_AP_ERR_MODIFIED = -1765328343,
+	KRB5KRB_AP_ERR_BADORDER = -1765328342,
+	KRB5KRB_AP_ERR_ILL_CR_TKT = -1765328341,
+	KRB5KRB_AP_ERR_BADKEYVER = -1765328340,
+	KRB5KRB_AP_ERR_NOKEY = -1765328339,
+	KRB5KRB_AP_ERR_MUT_FAIL = -1765328338,
+	KRB5KRB_AP_ERR_BADDIRECTION = -1765328337,
+	KRB5KRB_AP_ERR_METHOD = -1765328336,
+	KRB5KRB_AP_ERR_BADSEQ = -1765328335,
+	KRB5KRB_AP_ERR_INAPP_CKSUM = -1765328334,
+	KRB5KRB_AP_PATH_NOT_ACCEPTED = -1765328333,
+	KRB5KRB_ERR_RESPONSE_TOO_BIG = -1765328332,
+	KRB5KRB_ERR_GENERIC = -1765328324,
+	KRB5KRB_ERR_FIELD_TOOLONG = -1765328323,
+	KDC_ERROR_CLIENT_NOT_TRUSTED = -1765328322,
+	KDC_ERROR_KDC_NOT_TRUSTED = -1765328321,
+	KDC_ERROR_INVALID_SIG = -1765328320,
+	KDC_ERROR_KEY_TOO_WEAK = -1765328319,
+	KDC_ERROR_CERTIFICATE_MISMATCH = -1765328318,
+	KRB5_AP_ERR_USER_TO_USER_REQUIRED = -1765328317,
+	KDC_ERROR_CANT_VERIFY_CERTIFICATE = -1765328316,
+	KDC_ERROR_INVALID_CERTIFICATE = -1765328315,
+	KDC_ERROR_REVOKED_CERTIFICATE = -1765328314,
+	KDC_ERROR_REVOCATION_STATUS_UNKNOWN = -1765328313,
+	KDC_ERROR_REVOCATION_STATUS_UNAVAILABLE = -1765328312,
+	KDC_ERROR_CLIENT_NAME_MISMATCH = -1765328311,
+	KDC_ERROR_KDC_NAME_MISMATCH = -1765328310,
+	KRB5_ERR_RCSID = -1765328256,
+	KRB5_LIBOS_BADLOCKFLAG = -1765328255,
+	KRB5_LIBOS_CANTREADPWD = -1765328254,
+	KRB5_LIBOS_BADPWDMATCH = -1765328253,
+	KRB5_LIBOS_PWDINTR = -1765328252,
+	KRB5_PARSE_ILLCHAR = -1765328251,
+	KRB5_PARSE_MALFORMED = -1765328250,
+	KRB5_CONFIG_CANTOPEN = -1765328249,
+	KRB5_CONFIG_BADFORMAT = -1765328248,
+	KRB5_CONFIG_NOTENUFSPACE = -1765328247,
+	KRB5_BADMSGTYPE = -1765328246,
+	KRB5_CC_BADNAME = -1765328245,
+	KRB5_CC_UNKNOWN_TYPE = -1765328244,
+	KRB5_CC_NOTFOUND = -1765328243,
+	KRB5_CC_END = -1765328242,
+	KRB5_NO_TKT_SUPPLIED = -1765328241,
+	KRB5KRB_AP_WRONG_PRINC = -1765328240,
+	KRB5KRB_AP_ERR_TKT_INVALID = -1765328239,
+	KRB5_PRINC_NOMATCH = -1765328238,
+	KRB5_KDCREP_MODIFIED = -1765328237,
+	KRB5_KDCREP_SKEW = -1765328236,
+	KRB5_IN_TKT_REALM_MISMATCH = -1765328235,
+	KRB5_PROG_ETYPE_NOSUPP = -1765328234,
+	KRB5_PROG_KEYTYPE_NOSUPP = -1765328233,
+	KRB5_WRONG_ETYPE = -1765328232,
+	KRB5_PROG_SUMTYPE_NOSUPP = -1765328231,
+	KRB5_REALM_UNKNOWN = -1765328230,
+	KRB5_SERVICE_UNKNOWN = -1765328229,
+	KRB5_KDC_UNREACH = -1765328228,
+	KRB5_NO_LOCALNAME = -1765328227,
+	KRB5_MUTUAL_FAILED = -1765328226,
+	KRB5_RC_TYPE_EXISTS = -1765328225,
+	KRB5_RC_MALLOC = -1765328224,
+	KRB5_RC_TYPE_NOTFOUND = -1765328223,
+	KRB5_RC_UNKNOWN = -1765328222,
+	KRB5_RC_REPLAY = -1765328221,
+	KRB5_RC_IO = -1765328220,
+	KRB5_RC_NOIO = -1765328219,
+	KRB5_RC_PARSE = -1765328218,
+	KRB5_RC_IO_EOF = -1765328217,
+	KRB5_RC_IO_MALLOC = -1765328216,
+	KRB5_RC_IO_PERM = -1765328215,
+	KRB5_RC_IO_IO = -1765328214,
+	KRB5_RC_IO_UNKNOWN = -1765328213,
+	KRB5_RC_IO_SPACE = -1765328212,
+	KRB5_TRANS_CANTOPEN = -1765328211,
+	KRB5_TRANS_BADFORMAT = -1765328210,
+	KRB5_LNAME_CANTOPEN = -1765328209,
+	KRB5_LNAME_NOTRANS = -1765328208,
+	KRB5_LNAME_BADFORMAT = -1765328207,
+	KRB5_CRYPTO_INTERNAL = -1765328206,
+	KRB5_KT_BADNAME = -1765328205,
+	KRB5_KT_UNKNOWN_TYPE = -1765328204,
+	KRB5_KT_NOTFOUND = -1765328203,
+	KRB5_KT_END = -1765328202,
+	KRB5_KT_NOWRITE = -1765328201,
+	KRB5_KT_IOERR = -1765328200,
+	KRB5_NO_TKT_IN_RLM = -1765328199,
+	KRB5DES_BAD_KEYPAR = -1765328198,
+	KRB5DES_WEAK_KEY = -1765328197,
+	KRB5_BAD_ENCTYPE = -1765328196,
+	KRB5_BAD_KEYSIZE = -1765328195,
+	KRB5_BAD_MSIZE = -1765328194,
+	KRB5_CC_TYPE_EXISTS = -1765328193,
+	KRB5_KT_TYPE_EXISTS = -1765328192,
+	KRB5_CC_IO = -1765328191,
+	KRB5_FCC_PERM = -1765328190,
+	KRB5_FCC_NOFILE = -1765328189,
+	KRB5_FCC_INTERNAL = -1765328188,
+	KRB5_CC_WRITE = -1765328187,
+	KRB5_CC_NOMEM = -1765328186,
+	KRB5_CC_FORMAT = -1765328185,
+	KRB5_INVALID_FLAGS = -1765328184,
+	KRB5_NO_2ND_TKT = -1765328183,
+	KRB5_NOCREDS_SUPPLIED = -1765328182,
+	KRB5_SENDAUTH_BADAUTHVERS = -1765328181,
+	KRB5_SENDAUTH_BADAPPLVERS = -1765328180,
+	KRB5_SENDAUTH_BADRESPONSE = -1765328179,
+	KRB5_SENDAUTH_REJECTED = -1765328178,
+	KRB5_PREAUTH_BAD_TYPE = -1765328177,
+	KRB5_PREAUTH_NO_KEY = -1765328176,
+	KRB5_PREAUTH_FAILED = -1765328175,
+	KRB5_RCACHE_BADVNO = -1765328174,
+	KRB5_CCACHE_BADVNO = -1765328173,
+	KRB5_KEYTAB_BADVNO = -1765328172,
+	KRB5_PROG_ATYPE_NOSUPP = -1765328171,
+	KRB5_RC_REQUIRED = -1765328170,
+	KRB5_ERR_BAD_HOSTNAME = -1765328169,
+	KRB5_ERR_HOST_REALM_UNKNOWN = -1765328168,
+	KRB5_SNAME_UNSUPP_NAMETYPE = -1765328167,
+	KRB5KRB_AP_ERR_V4_REPLY = -1765328166,
+	KRB5_REALM_CANT_RESOLVE = -1765328165,
+	KRB5_TKT_NOT_FORWARDABLE = -1765328164,
+	KRB5_FWD_BAD_PRINCIPAL = -1765328163,
+	KRB5_GET_IN_TKT_LOOP = -1765328162,
+	KRB5_CONFIG_NODEFREALM = -1765328161,
+	KRB5_SAM_UNSUPPORTED = -1765328160,
+	KRB5_KT_NAME_TOOLONG = -1765328159,
+	krb5_num_errors = 226
+} krb5_error_number;
+
+#endif /* __krb5_err_h__ */