--- file_not_specified_in_diff	
+++ file_not_specified_in_diff	
@@ -, +, @@ 
--- src/kdc/dispatch.c  (revision 20192)
+++ src/kdc/dispatch.c  (working copy)
@@ -1,7 +1,7 @@ 
 /*
  * kdc/dispatch.c
  *
- * Copyright 1990 by the Massachusetts Institute of Technology.
+ * Copyright 1990, 2007 by the Massachusetts Institute of Technology.
  *
  * Export of this software from the United States of America may
  *   require a specific license from the United States Government.
@@ -107,7 +107,7 @@ 
        retval = KRB5KRB_AP_ERR_MSG_TYPE;
 #ifndef NOCACHE
     /* put the response into the lookaside buffer */
-    if (!retval)
+    if (!retval && *response != NULL)
 #endif
 
--- src/kdc/kerberos_v4.c       (revision 20192)
+++ src/kdc/kerberos_v4.c       (working copy)
@@ -1,7 +1,7 @@ 
 /*
  * kdc/kerberos_v4.c
  *
- * Copyright 1985, 1986, 1987, 1988,1991 by the Massachusetts Institute
+ * Copyright 1985, 1986, 1987, 1988,1991,2007 by the Massachusetts Institute
  * of Technology.
  * All Rights Reserved.
  *
@@ -87,11 +87,6 @@ 
 #define                MSB_FIRST               0       /* 68000, IBM RT/PC */
 #define                LSB_FIRST               1       /* Vax, PC8086 */
 
-int     f;
-
-/* XXX several files in libkdb know about this */
-char *progname;
-
 #ifndef BACKWARD_COMPAT
 static Key_schedule master_key_schedule;
 static C_Block master_key;
@@ -143,10 +138,8 @@ 
 #include "com_err.h"
 #include "extern.h"            /* to pick up master_princ */
 
-static krb5_data *response;
-
-void kerberos_v4 (struct sockaddr_in *, KTEXT);
-void kerb_err_reply (struct sockaddr_in *, KTEXT, long, char *);
+static krb5_data *kerberos_v4 (struct sockaddr_in *, KTEXT);
+static krb5_data *kerb_err_reply (struct sockaddr_in *, KTEXT, long, char *);
 static int set_tgtkey (char *, krb5_kvno, krb5_boolean);
 
 /* Attributes converted from V5 to V4 - internal representation */
@@ -262,12 +255,12 @@ 
            (void) klog(L_KRB_PERR, "V4 request too long.");
            return KRB5KRB_ERR_FIELD_TOOLONG;
     }
+    memset( &v4_pkt, 0, sizeof(v4_pkt));
     v4_pkt.length = pkt->length;
     v4_pkt.mbz = 0;
     memcpy( v4_pkt.dat, pkt->data, pkt->length);
 
-    kerberos_v4( &client_sockaddr, &v4_pkt);
-    *resp = response;
+    *resp = kerberos_v4( &client_sockaddr, &v4_pkt);
     return(retval);
 }
 
@@ -300,19 +293,20 @@ 
 }
 
 static
-int krb4_sendto(int s, const char *msg, int len, int flags,
-		const struct sockaddr *to, int to_len)
+krb5_data *make_response(const char *msg, int len)
 {
+    krb5_data *response;
+
     if (  !(response = (krb5_data *) malloc( sizeof *response))) {
-	return ENOMEM;
+       return 0;
     }
     if ( !(response->data = (char *) malloc( len))) {
-	return ENOMEM;
+       return 0;
     }
     response->length = len;
     memcpy( response->data, msg, len);
-    return( 0);
+    return response;
 }
 static void
 hang(void)
@@ -586,7 +580,7 @@ 
        *cp = 0;
 }
 
-void
+static krb5_data *
 kerberos_v4(struct sockaddr_in *client, KTEXT pkt)
 {
     static KTEXT_ST rpkt_st;
@@ -599,8 +593,8 @@ 
     KTEXT   auth = &auth_st;
     AUTH_DAT ad_st;
     AUTH_DAT *ad = &ad_st;
+    krb5_data *response = 0;
 
-
     static struct in_addr client_host;
     static int msg_byte_order;
     static int swap_bytes;
@@ -637,8 +631,7 @@ 
-	kerb_err_reply(client, pkt, KERB_ERR_PKT_VER, lt);
-	return;
+       return kerb_err_reply(client, pkt, KERB_ERR_PKT_VER, lt);
     }
 
     /* check packet version */
@@ -648,8 +641,7 @@ 
-	kerb_err_reply(client, pkt, KERB_ERR_PKT_VER, lt);
-	return;
+       return kerb_err_reply(client, pkt, KERB_ERR_PKT_VER, lt);
     }
     msg_byte_order = req_msg_type & 1;
 
@@ -707,10 +699,10 @@ 
 
-		kerb_err_reply(client, pkt, i, "check_princ failed");
+               response = kerb_err_reply(client, pkt, i, "check_princ failed");
-		return;
+               return response;
@@ -722,11 +714,11 @@ 
-		kerb_err_reply(client, pkt, i, "check_princ failed");
+               response = kerb_err_reply(client, pkt, i, "check_princ failed");
-		return;
+               return response;
@@ -797,8 +789,7 @@ 
-	    krb4_sendto(f, (char *) rpkt->dat, rpkt->length, 0,
-		   (struct sockaddr *) client, sizeof (struct sockaddr_in));
+           response = make_response((char *) rpkt->dat, rpkt->length);
@@ -824,9 +815,8 @@ 
-		kerb_err_reply(client, pkt, RD_AP_INCON,
-			       "realm length too long");
-		return;
+               return kerb_err_reply(client, pkt, RD_AP_INCON,
+                                     "realm length too long");
 
@@ -835,9 +825,8 @@ 
-		kerb_err_reply(client, pkt, RD_AP_INCON,
-			       "funky tkt or req_id length");
-		return;
+               return kerb_err_reply(client, pkt, RD_AP_INCON,
+                                     "funky tkt or req_id length");
 
@@ -848,18 +837,16 @@ 
-	      kerb_err_reply(client, pkt,
-			       KERB_ERR_PRINCIPAL_UNKNOWN, lt);
-		return;
+             return kerb_err_reply(client, pkt,
+                                   KERB_ERR_PRINCIPAL_UNKNOWN, lt);
-	      lt = klog(L_ERR_UNK,
+	        lt = klog(L_ERR_UNK,
-		kerb_err_reply(client, pkt,
-			       KERB_ERR_PRINCIPAL_UNKNOWN, lt);
-		return;
+               return kerb_err_reply(client, pkt,
+                                     KERB_ERR_PRINCIPAL_UNKNOWN, lt);
@@ -869,9 +856,8 @@ 
-		    kerb_err_reply(client, pkt,
-				   KERB_ERR_PRINCIPAL_UNKNOWN, lt);
-		    return;
+                   return kerb_err_reply(client, pkt,
+                                         KERB_ERR_PRINCIPAL_UNKNOWN, lt);
@@ -881,8 +867,7 @@ 
-		kerb_err_reply(client, pkt, kerno, "krb_rd_req failed");
-		return;
+               return kerb_err_reply(client, pkt, kerno, "krb_rd_req failed");
 
@@ -904,22 +889,21 @@ 
 
-		kerb_err_reply(client, pkt, KERB_ERR_PRINCIPAL_UNKNOWN,
-		     "Can't hop realms");
-		return;
+               return kerb_err_reply(client, pkt, KERB_ERR_PRINCIPAL_UNKNOWN,
+                                     "Can't hop realms");
-		kerb_err_reply(client, pkt, KERB_ERR_PRINCIPAL_UNKNOWN,
-		     "Can't authorize password changed based on TGT");
-		return;
+               return kerb_err_reply(client, pkt, KERB_ERR_PRINCIPAL_UNKNOWN,
+                                     "Can't authorize password changed based on TGT");
-		kerb_err_reply(client, pkt, kerno, "check_princ failed");
+               response = kerb_err_reply(client, pkt, kerno,
+                                         "check_princ failed");
-		return;
+               return response;
@@ -975,8 +959,7 @@ 
-	    krb4_sendto(f, (char *) rpkt->dat, rpkt->length, 0,
-		   (struct sockaddr *) client, sizeof (struct sockaddr_in));
+           response = make_response((char *) rpkt->dat, rpkt->length);
@@ -1001,6 +984,7 @@ 
     }
+    return response;
 }
 
 
@@ -1010,7 +994,7 @@ 
  * client. 
  */
 
-void
+static krb5_data *
 kerb_err_reply(struct sockaddr_in *client, KTEXT pkt, long int err, char *string)
 {
     static KTEXT_ST e_pkt_st;
@@ -1021,9 +1005,7 @@ 
     strncat(e_msg, string, sizeof(e_msg) - 1 - 19);
     cr_err_reply(e_pkt, req_name_ptr, req_inst_ptr, req_realm_ptr,
-    krb4_sendto(f, (char *) e_pkt->dat, e_pkt->length, 0,
-	   (struct sockaddr *) client, sizeof (struct sockaddr_in));
-
+    return make_response((char *) e_pkt->dat, e_pkt->length);
 }
 
 static int
--- src/kdc/network.c   (revision 20192)
+++ src/kdc/network.c   (working copy)
@@ -1,7 +1,7 @@ 
 /*
  * kdc/network.c
  *
- * Copyright 1990,2000 by the Massachusetts Institute of Technology.
+ * Copyright 1990,2000,2007 by the Massachusetts Institute of Technology.
  *
  * Export of this software from the United States of America may
  *   require a specific license from the United States Government.
@@ -747,6 +747,8 @@ 
        com_err(prog, retval, "while dispatching (udp)");
        return;
     }
+    if (response == NULL)
+       return;
     cc = sendto(port_fd, response->data, (socklen_t) response->length, 0,
                (struct sockaddr *)&saddr, saddr_len);
     if (cc == -1) {