---- openssh-5.9p1/configure.ac~ 2011-08-18 06:48:24.000000000 +0200
-+++ openssh-5.9p1/configure.ac 2011-09-06 19:00:46.856319713 +0200
-@@ -3424,13 +3424,13 @@
- [ AC_MSG_RESULT([yes])
- AC_DEFINE([HEIMDAL])
- K5LIBS="-lkrb5"
-- K5LIBS="$K5LIBS -lcom_err -lasn1"
-+ K5LIBS="$K5LIBS -lasn1"
- AC_CHECK_LIB([roken], [net_write],
- [K5LIBS="$K5LIBS -lroken"])
- AC_CHECK_LIB([des], [des_cbc_encrypt],
- [K5LIBS="$K5LIBS -ldes"])
- ], [ AC_MSG_RESULT([no])
-- K5LIBS="-lkrb5 -lk5crypto -lcom_err"
-+ K5LIBS="-lkrb5 -lk5crypto"
-
- ])
- AC_SEARCH_LIBS([dn_expand], [resolv])
-diff -ur openssh-5.8p1-orig/auth-krb5.c openssh-5.8p1/auth-krb5.c
---- openssh-5.8p1-orig/auth-krb5.c 2011-04-20 00:30:23.632652510 +0200
-+++ openssh-5.8p1/auth-krb5.c 2011-04-20 00:34:06.218117429 +0200
-@@ -88,6 +88,8 @@
- #ifndef HEIMDAL
- krb5_creds creds;
- krb5_principal server;
-+#else
-+ const char *ccache_type, *ccache_name;
- #endif
- krb5_error_code problem;
- krb5_ccache ccache = NULL;
-@@ -129,7 +131,11 @@
- if (problem)
- goto out;
-
-- problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_fcc_ops,
-+ problem = krb5_cc_set_default_name(authctxt->krb5_ctx, NULL);
-+ if (problem)
-+ goto out;
-+ problem = krb5_cc_new_unique(authctxt->krb5_ctx,
-+ krb5_cc_default_name(authctxt->krb5_ctx), NULL,
- &authctxt->krb5_fwd_ccache);
- if (problem)
- goto out;
-@@ -180,12 +186,23 @@
- goto out;
- #endif
-
-+#ifdef HEIMDAL
-+ ccache_type = krb5_cc_get_type(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache);
-+ ccache_name = krb5_cc_get_name(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache);
-+ if (strncmp(ccache_type, "FILE", 4) == 0) {
-+ authctxt->krb5_ticket_file = (char *)ccache_name;
-+ }
-+ len = strlen(ccache_type) + strlen(ccache_name) + 2;
-+ authctxt->krb5_ccname = xmalloc(len);
-+ snprintf(authctxt->krb5_ccname, len, "%s:%s", ccache_type, ccache_name);
-+#else
- authctxt->krb5_ticket_file = (char *)krb5_cc_get_name(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache);
-
- len = strlen(authctxt->krb5_ticket_file) + 6;
- authctxt->krb5_ccname = xmalloc(len);
- snprintf(authctxt->krb5_ccname, len, "FILE:%s",
- authctxt->krb5_ticket_file);
-+#endif
-
- #ifdef USE_PAM
- if (options.use_pam)
-diff -ur openssh-5.8p1-orig/gss-serv-krb5.c openssh-5.8p1/gss-serv-krb5.c
---- openssh-5.8p1-orig/gss-serv-krb5.c 2011-04-20 00:30:23.632652510 +0200
-+++ openssh-5.8p1/gss-serv-krb5.c 2011-04-20 00:34:06.218117429 +0200
-@@ -121,6 +121,9 @@
- krb5_principal princ;
- OM_uint32 maj_status, min_status;
- int len;
-+#ifdef HEIMDAL
-+ const char *ccache_type, *ccache_name;
-+#endif
-
- if (client->creds == NULL) {
- debug("No credentials stored");
-@@ -131,8 +134,14 @@
- return;
-
- #ifdef HEIMDAL
-- if ((problem = krb5_cc_gen_new(krb_context, &krb5_fcc_ops, &ccache))) {
-- logit("krb5_cc_gen_new(): %.100s",
-+ if ((problem = krb5_cc_set_default_name(krb_context, NULL))) {
-+ logit("krb5_cc_set_default_name(): %.100s",
-+ krb5_get_err_text(krb_context, problem));
-+ return;
-+ }
-+ if ((problem = krb5_cc_new_unique(krb_context,
-+ krb5_cc_default_name(krb_context), NULL, &ccache))) {
-+ logit("krb5_cc_new_unique(): %.100s",
- krb5_get_err_text(krb_context, problem));
- return;
- }
-@@ -169,11 +178,23 @@
- return;
- }
-
-+#ifdef HEIMDAL
-+ ccache_type = krb5_cc_get_type(krb_context, ccache);
-+ ccache_name = krb5_cc_get_name(krb_context, ccache);
-+ if (strncmp(ccache_type, "FILE", 4) == 0) {
-+ client->store.filename = xstrdup(ccache_name);
-+ }
-+ client->store.envvar = "KRB5CCNAME";
-+ len = strlen(ccache_type) + strlen(ccache_name) + 2;
-+ client->store.envval = xmalloc(len);
-+ snprintf(client->store.envval, len, "%s:%s", ccache_type, ccache_name);
-+#else
- client->store.filename = xstrdup(krb5_cc_get_name(krb_context, ccache));
- client->store.envvar = "KRB5CCNAME";
- len = strlen(client->store.filename) + 6;
- client->store.envval = xmalloc(len);
- snprintf(client->store.envval, len, "FILE:%s", client->store.filename);
-+#endif
-
- #ifdef USE_PAM
- if (options.use_pam)