diff --git a/appl/popper/pop_debug.c b/appl/popper/pop_debug.c
index 96ef2752a..0f1a4074e 100644
--- a/appl/popper/pop_debug.c
+++ b/appl/popper/pop_debug.c
@@ -121,6 +121,7 @@ doit_v4 (char *host, int port)
 }
 #endif
 
+#ifdef KRB5
 static int
 doit_v5 (char *host, int port)
 {
@@ -165,7 +166,7 @@ doit_v5 (char *host, int port)
      }
      loop (s);
 }
-
+#endif
 
 
 #ifdef KRB4
@@ -246,9 +247,11 @@ main(int argc, char **argv)
 	}
     }
 
+#ifdef KRB5
     if (ret && use_v5) {
 	ret = doit_v5 (argv[0], port);
     }
+#endif
 #ifdef KRB4
     if (ret && use_v4) {
 	ret = doit_v4 (argv[0], port);
diff --git a/appl/popper/pop_init.c b/appl/popper/pop_init.c
index 312ed8111..d3357c911 100644
--- a/appl/popper/pop_init.c
+++ b/appl/popper/pop_init.c
@@ -7,6 +7,19 @@
 #include <popper.h>
 RCSID("$Id$");
 
+
+#ifdef KERBEROS
+
+int net_read(POP *p, int fd, void *buf, size_t len)
+{
+#ifdef KRB5
+    return krb5_net_read(p->context, 0, buf, len);
+#elif defined(KRB4)
+    return krb_net_read(0, buf, len);
+#endif
+}
+#endif
+
 #ifdef KRB4
 static int
 krb4_authenticate (POP *p, int s, u_char *buf, struct sockaddr_in *addr)
@@ -19,7 +32,7 @@ krb4_authenticate (POP *p, int s, u_char *buf, struct sockaddr_in *addr)
   
     if (memcmp (buf, KRB_SENDAUTH_VERS, 4) != 0)
 	return -1;
-    if (krb5_net_read (p->context, s, buf + 4,
+    if (net_read (p, s, buf + 4,
 		       KRB_SENDAUTH_VLEN - 4) != KRB_SENDAUTH_VLEN - 4)
 	return -1;
     if (memcmp (buf, KRB_SENDAUTH_VERS, KRB_SENDAUTH_VLEN) != 0)
@@ -55,6 +68,7 @@ krb4_authenticate (POP *p, int s, u_char *buf, struct sockaddr_in *addr)
 }
 #endif /* KRB4 */
 
+#ifdef KRB5
 static int
 krb5_authenticate (POP *p, int s, u_char *buf, struct sockaddr_in *addr)
 {
@@ -103,6 +117,7 @@ krb5_authenticate (POP *p, int s, u_char *buf, struct sockaddr_in *addr)
     }
     return ret;
 }
+#endif
 
 static int
 krb_authenticate(POP *p, struct sockaddr_in *addr)
@@ -110,21 +125,24 @@ krb_authenticate(POP *p, struct sockaddr_in *addr)
 #ifdef KERBEROS
     u_char buf[BUFSIZ];
 
-    if (krb5_net_read (p->context, 0, buf, 4) != 4) {
+    if (net_read (p, 0, buf, 4) != 4) {
 	pop_msg(p, POP_FAILURE, "Reading four bytes: %s",
 		strerror(errno));
 	exit (1);
     }
 #ifdef KRB4
-    if (krb4_authenticate (p, 0, buf, addr) == 0)
+    if (krb4_authenticate (p, 0, buf, addr) == 0){
 	p->version = 4;
-    else
-#endif /* KRB4 */
-    if (krb5_authenticate (p, 0, buf, addr) == 0)
-	p->version = 5;
-    else {
-	exit (1);
+	return POP_SUCCESS;
     }
+#endif
+#ifdef KRB5
+    if (krb5_authenticate (p, 0, buf, addr) == 0){
+	p->version = 5;
+	return POP_SUCCESS;
+    }
+#endif
+    exit (1);
 	
 #endif /* KERBEROS */
 
@@ -167,6 +185,18 @@ static int num_args = sizeof(args) / sizeof(args[0]);
  *  init:   Start a Post Office Protocol session
  */
 
+int pop_getportbyname(POP *p, const char *service, 
+		      const char *proto, short def)
+{
+#ifdef KRB5
+    return krb5_getportbyname(p->context, service, proto, def);
+#elif defined(KRB4)
+    return k_getportbyname(service, proto, htons(def));
+#else
+    return htons(default);
+#endif
+}
+
 int
 pop_init(POP *p,int argcount,char **argmessage)
 {
@@ -189,7 +219,7 @@ pop_init(POP *p,int argcount,char **argmessage)
     /*  Get the name of our host */
     gethostname(p->myhost,MaxHostNameLen);
 
-#ifdef KERBEROS
+#ifdef KRB5
     krb5_init_context (&p->context);
 
     krb5_openlog(p->context, p->myname, &p->logf);
@@ -209,8 +239,13 @@ pop_init(POP *p,int argcount,char **argmessage)
 	arg_printusage(args, num_args, "");
 	exit(0);
     }
-    if(version_flag)
+    if(version_flag){
+#ifdef KRB5
 	krb5_errx(p->context, 0, "%s", heimdal_version);
+#else
+	errx(0, "%s", VERSION);
+#endif
+    }
 
     argcount -= optind;
     argmessage += optind;
@@ -255,8 +290,8 @@ pop_init(POP *p,int argcount,char **argmessage)
     if (interactive_flag) {
 	if (portnum == 0)
 	    portnum = p->kerberosp ?
-		krb5_getportbyname(p->context, "kpop", "tcp", 1109) :
-	    krb5_getportbyname(p->context, "pop", "tcp", 110);
+		pop_getportbyname(p, "kpop", "tcp", 1109) :
+	    pop_getportbyname(p, "pop", "tcp", 110);
 	mini_inetd (portnum);
     }
 
diff --git a/appl/popper/pop_log.c b/appl/popper/pop_log.c
index 4b2c61e0f..a0eb2bf59 100644
--- a/appl/popper/pop_log.c
+++ b/appl/popper/pop_log.c
@@ -24,7 +24,7 @@ pop_log(POP *p, int stat, char *format, ...)
         fprintf(p->trace,"%s\n",msgbuf);
         fflush(p->trace);
     } else {
-#ifdef KERBEROS
+#ifdef KRB5
 	krb5_log(p->context, p->logf, stat, "%s", msgbuf);
 #else
         syslog (stat,"%s",msgbuf);
diff --git a/appl/popper/pop_pass.c b/appl/popper/pop_pass.c
index 1c4b2c7e4..7165751ea 100644
--- a/appl/popper/pop_pass.c
+++ b/appl/popper/pop_pass.c
@@ -31,6 +31,7 @@ krb4_verify_password (POP *p)
 }
 #endif /* KRB4 */
 
+#ifdef KRB5
 static int
 krb5_verify_password (POP *p)
 {
@@ -95,7 +96,7 @@ krb5_verify_password (POP *p)
     krb5_free_creds_contents (p->context, &creds);
     return ret;
 }
-
+#endif
 /* 
  *  pass:   Obtain the user password from a POP client
  */
@@ -132,27 +133,29 @@ pop_pass (POP *p)
 		    p->ipaddr,
 		    p->kdata.pname, p->kdata.pinst, p->kdata.prealm,
 		    p->user);
-	} else
+	} 
 #endif /* KRB4 */
-	    if (p->version == 5) {
-		char *name;
-
-		if (!krb5_kuserok (p->context, p->principal, p->user)) {
-		    pop_log (p, POP_FAILURE,
-			     "krb5 permission denied");
-		    return pop_msg(p, POP_FAILURE,
-				   "Popping not authorized");
-		}
-		if(krb5_unparse_name (p->context, p->principal, &name) == 0) {
-		    pop_log(p, POP_INFO, "%s: %s -> %s",
-			    p->ipaddr, name, p->user);
-		    free (name);
-		}
-	    } else {
-		pop_log (p, POP_FAILURE, "kerberos authentication failed");
-		return pop_msg (p, POP_FAILURE,
-				"kerberos authentication failed");
+#ifdef KRB5
+	if (p->version == 5) {
+	    char *name;
+	    
+	    if (!krb5_kuserok (p->context, p->principal, p->user)) {
+		pop_log (p, POP_FAILURE,
+			 "krb5 permission denied");
+		return pop_msg(p, POP_FAILURE,
+			       "Popping not authorized");
 	    }
+	    if(krb5_unparse_name (p->context, p->principal, &name) == 0) {
+		pop_log(p, POP_INFO, "%s: %s -> %s",
+			p->ipaddr, name, p->user);
+		free (name);
+	    }
+	} else {
+	    pop_log (p, POP_FAILURE, "kerberos authentication failed");
+	    return pop_msg (p, POP_FAILURE,
+			    "kerberos authentication failed");
+	}
+#endif
     } else {
 	 /*  We don't accept connections from users with null passwords */
 	 if (pw->pw_passwd == NULL)
@@ -168,14 +171,15 @@ pop_pass (POP *p)
 			    "Password supplied for \"%s\" is incorrect.",
 			    p->user);
 	 else {
+	     int ret = -1;
 #ifdef KRB4
-	     if (krb4_verify_password (p) == 0)
-		 ;
-	     else
-#endif /* KRB4 */
-		 if (krb5_verify_password (p) == 0)
-		     ;
-	     else
+	     ret = krb4_verify_password (p);
+#endif
+#ifdef KRB5
+	     if(ret)
+		 ret = krb5_verify_password (p);
+#endif
+	     if(ret)
 		 return pop_msg(p, POP_FAILURE,
 				"Password incorrect");
 	 }
diff --git a/appl/popper/popper.h b/appl/popper/popper.h
index 1101aa0ef..6190e9a31 100644
--- a/appl/popper/popper.h
+++ b/appl/popper/popper.h
@@ -117,7 +117,9 @@
 #define   K_LOCK_UN   LOCK_UN         /* Unlock */
 #endif
 #endif
+#ifdef KRB5
 #include <krb5.h>
+#endif
 
 #define MAXUSERNAMELEN  65
 #define MAXDROPLEN      64
@@ -258,9 +260,11 @@ typedef struct  {                               /*  POP parameter block */
 #ifdef KRB4
     AUTH_DAT		kdata;
 #endif
+#ifdef KRB5
     krb5_context	context;
     krb5_principal	principal;              /*  principal auth as */
     krb5_log_facility*  logf;
+#endif
     int			version;                /*  4 or 5? */
     int			auth_level;		/*  Dont allow cleartext */
     OtpContext		otp_ctx;		/*  OTP context */