--- loncom/lond	2007/01/10 20:22:30	1.355
+++ loncom/lond	2007/01/28 18:49:49	1.359
@@ -2,7 +2,7 @@
 # The LearningOnline Network
 # lond "LON Daemon" Server (port "LOND" 5663)
 #
-# $Id: lond,v 1.355 2007/01/10 20:22:30 albertel Exp $
+# $Id: lond,v 1.359 2007/01/28 18:49:49 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -44,7 +44,6 @@ use Digest::MD5 qw(md5_hex);
 use GDBM_File;
 use Authen::Krb4;
 use Authen::Krb5;
-use lib '/home/httpd/lib/perl/';
 use localauth;
 use localenroll;
 use localstudentphoto;
@@ -60,7 +59,7 @@ my $DEBUG = 0;		       # Non zero to ena
 my $status='';
 my $lastlog='';
 
-my $VERSION='$Revision: 1.355 $'; #' stupid emacs
+my $VERSION='$Revision: 1.359 $'; #' stupid emacs
 my $remoteVERSION;
 my $currenthostid="default";
 my $currentdomainid;
@@ -3293,13 +3292,14 @@ sub put_course_id_handler {
 	foreach my $pair (@pairs) {
             my ($key,$courseinfo) = split(/=/,$pair,2);
             $courseinfo =~ s/=/:/g;
-
-            my @current_items = split(/:/,$hashref->{$key});
+            my @current_items = split(/:/,$hashref->{$key},-1);
             shift(@current_items); # remove description
             pop(@current_items);   # remove last access
             my $numcurrent = scalar(@current_items);
-
-            my @new_items = split(/:/,$courseinfo);
+            if ($numcurrent > 3) {
+                $numcurrent = 3;
+            }
+            my @new_items = split(/:/,$courseinfo,-1);
             my $numnew = scalar(@new_items);
             if ($numcurrent > 0) {
                 if ($numnew <= $numcurrent) { # flushcourselogs() from pre 2.2 
@@ -5466,8 +5466,8 @@ sub make_new_child {
 #        my $tmpsnum=0;            # Now global
 #---------------------------------------------------- kerberos 5 initialization
         &Authen::Krb5::init_context();
-	unless (($dist eq 'fedora5') || ($dist eq 'fedora4') 
-		|| ($dist eq 'suse9.3')) {
+	unless (($dist eq 'fedora5') || ($dist eq 'fedora4') ||  
+		($dist eq 'fedora6') || ($dist eq 'suse9.3')) {
 	    &Authen::Krb5::init_ets();
 	}
 
@@ -5880,7 +5880,8 @@ sub validate_user {
 		my $krbservice = "krbtgt/".$contentpwd."\@".$contentpwd;
 		my $krbserver  = &Authen::Krb5::parse_name($krbservice);
 		my $credentials= &Authen::Krb5::cc_default();
-		$credentials->initialize($krbclient);
+		$credentials->initialize(&Authen::Krb5::parse_name($user.'@'
+                                                                 .$contentpwd));
 		my $krbreturn  = &Authen::Krb5::get_in_tkt_with_password($krbclient,
 									 $krbserver,
 									 $password,
@@ -5895,6 +5896,10 @@ sub validate_user {
 					       $password, 
 					       $contentpwd,
 					       $domain);
+	    if ($validated < 0) {
+		&logthis("localauth for $contentpwd $user:$domain returned a $validated");
+		$validated = 0;
+	    }
 	} else {			# Unrecognized auth is also bad.
 	    $validated = 0;
 	}