diff --git a/lib/hdb/hdb.h b/lib/hdb/hdb.h
index b7065b44f..a29a15fe5 100644
--- a/lib/hdb/hdb.h
+++ b/lib/hdb/hdb.h
@@ -44,8 +44,12 @@
 enum hdb_lockop{ HDB_RLOCK, HDB_WLOCK };
 
 /* flags for various functions */
-#define HDB_F_DECRYPT		1 /* decrypt keys */
-#define HDB_F_REPLACE		2 /* replace entry */
+#define HDB_F_DECRYPT		1	/* decrypt keys */
+#define HDB_F_REPLACE		2	/* replace entry */
+#define HDB_F_GET_CLIENT	4	/* fetch client */
+#define HDB_F_GET_SERVER	8	/* fetch server */
+#define HDB_F_GET_KRBTGT	16	/* fetch krbtgt */
+#define HDB_F_GET_ANY		28	/* fetch any of client,server,krbtgt */
 
 /* key usage for master key */
 #define HDB_KU_MKEY	0x484442
@@ -67,26 +71,57 @@ typedef struct HDB{
     hdb_master_key hdb_master_key;
     int hdb_openp;
 
-    krb5_error_code (*hdb_open)(krb5_context, struct HDB*, int, mode_t);
-    krb5_error_code (*hdb_close)(krb5_context, struct HDB*);
-    void	    (*hdb_free)(krb5_context,struct HDB*,hdb_entry_ex*);
-    krb5_error_code (*hdb_fetch)(krb5_context,struct HDB*,
-				 unsigned,hdb_entry_ex*);
-    krb5_error_code (*hdb_store)(krb5_context,struct HDB*,
-				 unsigned,hdb_entry_ex*);
-    krb5_error_code (*hdb_remove)(krb5_context, struct HDB*, hdb_entry_ex*);
-    krb5_error_code (*hdb_firstkey)(krb5_context, struct HDB*,
-				    unsigned, hdb_entry_ex*);
-    krb5_error_code (*hdb_nextkey)(krb5_context, struct HDB*,
-				   unsigned, hdb_entry_ex*);
-    krb5_error_code (*hdb_lock)(krb5_context, struct HDB*, int operation);
-    krb5_error_code (*hdb_unlock)(krb5_context, struct HDB*);
-    krb5_error_code (*hdb_rename)(krb5_context, struct HDB*, const char*);
-    krb5_error_code (*hdb__get)(krb5_context,struct HDB*,krb5_data,krb5_data*);
-    krb5_error_code (*hdb__put)(krb5_context, struct HDB*, int, 
-				krb5_data, krb5_data);
-    krb5_error_code (*hdb__del)(krb5_context, struct HDB*, krb5_data);
-    krb5_error_code (*hdb_destroy)(krb5_context, struct HDB*);
+    krb5_error_code (*hdb_open)(krb5_context,
+				struct HDB*,
+				int,
+				mode_t);
+    krb5_error_code (*hdb_close)(krb5_context, 
+				 struct HDB*);
+    void	    (*hdb_free)(krb5_context,
+				struct HDB*,
+				hdb_entry_ex*);
+    krb5_error_code (*hdb_fetch)(krb5_context,
+				 struct HDB*,
+				 krb5_const_principal,
+				 unsigned,
+				 hdb_entry_ex*);
+    krb5_error_code (*hdb_store)(krb5_context,
+				 struct HDB*,
+				 unsigned,
+				 hdb_entry_ex*);
+    krb5_error_code (*hdb_remove)(krb5_context,
+				  struct HDB*,
+				  krb5_const_principal);
+    krb5_error_code (*hdb_firstkey)(krb5_context,
+				    struct HDB*,
+				    unsigned,
+				    hdb_entry_ex*);
+    krb5_error_code (*hdb_nextkey)(krb5_context,
+				   struct HDB*,
+				   unsigned,
+				   hdb_entry_ex*);
+    krb5_error_code (*hdb_lock)(krb5_context,
+				struct HDB*,
+				int operation);
+    krb5_error_code (*hdb_unlock)(krb5_context,
+				  struct HDB*);
+    krb5_error_code (*hdb_rename)(krb5_context,
+				  struct HDB*,
+				  const char*);
+    krb5_error_code (*hdb__get)(krb5_context,
+				struct HDB*,
+				krb5_data,
+				krb5_data*);
+    krb5_error_code (*hdb__put)(krb5_context,
+				struct HDB*,
+				int, 
+				krb5_data,
+				krb5_data);
+    krb5_error_code (*hdb__del)(krb5_context, 
+				struct HDB*,
+				krb5_data);
+    krb5_error_code (*hdb_destroy)(krb5_context,
+				   struct HDB*);
 }HDB;
 
 #define HDB_INTERFACE_VERSION	3