diff options
| -rw-r--r-- | README | 252 | ||||
| -rw-r--r-- | doc/ChangeLog | 11 | ||||
| -rw-r--r-- | doc/admin.texinfo | 6 | ||||
| -rw-r--r-- | doc/api/ChangeLog | 4 | ||||
| -rw-r--r-- | doc/api/Makefile | 2 | ||||
| -rw-r--r-- | doc/build.texinfo | 19 | ||||
| -rw-r--r-- | src/ChangeLog | 18 | ||||
| -rw-r--r-- | src/aclocal.m4 | 44 | ||||
| -rw-r--r-- | src/appl/bsd/ChangeLog | 12 | ||||
| -rw-r--r-- | src/appl/bsd/login.c | 5 | ||||
| -rw-r--r-- | src/appl/bsd/rcp.M | 12 | ||||
| -rw-r--r-- | src/appl/bsd/rlogin.M | 11 | ||||
| -rw-r--r-- | src/appl/bsd/rsh.M | 11 | ||||
| -rw-r--r-- | src/config/ChangeLog | 5 | ||||
| -rw-r--r-- | src/config/win-pre.in | 20 | ||||
| -rw-r--r-- | src/kadmin/server/ChangeLog | 4 | ||||
| -rw-r--r-- | src/kadmin/server/server_stubs.c | 2 | ||||
| -rw-r--r-- | src/lib/gssapi/krb5/ChangeLog | 7 | ||||
| -rw-r--r-- | src/lib/gssapi/krb5/init_sec_context.c | 20 | ||||
| -rw-r--r-- | src/lib/krb5/krb/ChangeLog | 8 | ||||
| -rw-r--r-- | src/lib/krb5/krb/conv_princ.c | 8 | ||||
| -rw-r--r-- | src/lib/rpc/ChangeLog | 5 | ||||
| -rw-r--r-- | src/lib/rpc/svc_auth_gssapi.c | 2 | ||||
| -rw-r--r-- | src/lib/rpc/unit-test/ChangeLog | 5 | ||||
| -rw-r--r-- | src/lib/rpc/unit-test/server.c | 1 | ||||
| -rw-r--r-- | src/windows/ChangeLog | 5 | ||||
| -rw-r--r-- | src/windows/README | 44 |
27 files changed, 436 insertions, 107 deletions
@@ -1,5 +1,5 @@ these were the - Kerberos Version 5, Release 1.1 + Kerberos Version 5, Release 1.2 Release Notes which will be updated before the next release by @@ -9,11 +9,11 @@ Unpacking the Source Distribution --------------------------------- The source distribution of Kerberos 5 comes in three gzipped tarfiles, -krb5-1.1.src.tar.gz, krb5-1.1.doc.tar.gz, and krb5-1.1.crypto.tar.gz. -The krb5-1.1.doc.tar.gz contains the doc/ directory and this README -file. The krb5-1.1.src.tar.gz contains the src/ directory and this +krb5-1.2.src.tar.gz, krb5-1.2.doc.tar.gz, and krb5-1.2.crypto.tar.gz. +The krb5-1.2.doc.tar.gz contains the doc/ directory and this README +file. The krb5-1.2.src.tar.gz contains the src/ directory and this README file, except for the crypto library sources, which are in -krb5-1.1.crypto.tar.gz. +krb5-1.2.crypto.tar.gz. Instruction on how to extract the entire distribution follow. These directions assume that you want to extract into a directory called @@ -23,21 +23,21 @@ If you have the GNU tar program and gzip installed, you can simply do: mkdir DIST cd DIST - gtar zxpf krb5-1.1.src.tar.gz - gtar zxpf krb5-1.1.crypto.tar.gz - gtar zxpf krb5-1.1.doc.tar.gz + gtar zxpf krb5-1.2.src.tar.gz + gtar zxpf krb5-1.2.crypto.tar.gz + gtar zxpf krb5-1.2.doc.tar.gz If you don't have GNU tar, you will need to get the FSF gzip distribution and use gzcat: mkdir DIST cd DIST - gzcat krb5-1.1.src.tar.gz | tar xpf - - gzcat krb5-1.1.crypto.tar.gz | tar xpf - - gzcat krb5-1.1.doc.tar.gz | tar xpf - + gzcat krb5-1.2.src.tar.gz | tar xpf - + gzcat krb5-1.2.crypto.tar.gz | tar xpf - + gzcat krb5-1.2.doc.tar.gz | tar xpf - -Both of these methods will extract the sources into DIST/krb5-1.1/src -and the documentation into DIST/krb5-1.1/doc. +Both of these methods will extract the sources into DIST/krb5-1.2/src +and the documentation into DIST/krb5-1.2/doc. Building and Installing Kerberos 5 ---------------------------------- @@ -73,50 +73,170 @@ krb5-bugs@mit.edu. Notes, Major Changes, and Known Bugs ------------------------------------ -* Triple DES support is included; however, it is only usable for - service keys at the moment, due to a large number of compatibility - issues. For example, the GSSAPI library has some (buggy) support - for a triple DES session key, but it is intentionally disabled. - ** Do not use triple-DES in your config files except as described in - ** the documentation. - -* The principal database now uses the btree backend of Berkeley DB. - This should result in improved KDC performance. - -* The lib/rpc tests do not appear to work under NetBSD-1.4, for - reasons that are not completely clear at the moment, but probably - have something to do with portmapper interfacing. This should not - affect other operations, such as kadmind operation. - -* Shared library builds are under a new framework; at this point only - Solaris (2.x), Irix (6.5), NetBSD (1.4 i386), and possibly Linux are - known to work. All other working shared library builds may be - figments of your imagination. - -* Many existing databases, especially those converted from krb4 - original databases, may contain expiration dates in 1999. You - should make sure to update these expiration dates, and also change - any config file entries that have two-digit years. - -* Hardware preauthentication is known to be broken; this will be fixed - in an upcoming release. - -* krb524d now defaults to forking into the background; use - "krb524d -nofork" to avoid forking. - -* Not all reported bugs have been fixed in this release, due to time - constraints. We are planning to make another release in the near - future with more complete triple DES support, and additional - bugfixes. Many of the bugs in our database are reported against - what is now quite old code, or require hardware that we do not have, - which make them difficult to reproduce and debug. We will work on - these older bugs and some externally submitted patches for the - following release. +* Triple DES support, for session keys as well as user or service + keys, should be nearly complete in this release. Much of the work + that has been needed is generic multiple-cryptosystem support, so + the addition of another cryptosystem should be much easier. + + * GSSAPI support for 3DES has been added. An Internet Draft is + being worked on that will describe how this works; it is not + currently standardized. Some backwards-compatibility issues in + this area mean that enabling 3DES support must be done with + caution; service keys that are used for GSSAPI must not be updated + to 3DES until the services themselves are upgraded to support 3DES + under GSSAPI. + +* DNS support for locating KDCs is enabled by default. DNS support + for looking up the realm of a host is compiled in but disabled by + default (due to some concerns with DNS spoofing). + + We recommend that you publish your KDC information through DNS even + if you intend to rely on config files at your own site; otherwise, + sites that wish to communicate with you will have to keep their + config files updated with your information. One of the goals of + this code is to reduce the client-side configuration maintenance + requirements as much as is possible, without compromising security. + + See the administrator's guide for information on setting up DNS + information for your realm. + + One important effect of this for developers is that on many systems, + "-lresolv" must be added to the compiler command line when linking + Kerberos programs. + + Configure-time options are available to control the inclusion of the + DNS code and the setting of the defaults. Entries in krb5.conf will + also modify the behavior if the code has been compiled in. + +* Numerous buffer-overrun problems have been found and fixed. Many of + these were in locations we don't expect can be exploited in any + useful way (for example, overrunning a buffer of MAXPATHLEN bytes if + a compiled-in pathname is too long, in a program that has no special + privileges). It may be possible to exploit a few of these to + compromise system security. + +* Partial support for IPv6 addresses has been added. It can be + enabled or disabled at configure time with --enable-ipv6 or + --disable-ipv6; by default, the configure script will search for + certain types and macros, and enable the IPv6 code if they're found. + The IPv6 support at this time mostly consists of including the + addresses in credentials. + +* A protocol change has been made to the "rcmd" suite (rlogin, rsh, + rcp) to address several security problems described in Kris + Hildrum's paper presented at NDSS 2000. New command-line options + have been added to control the selection of protocol, since the + revised protocol is not compatible with the old one. + +* A security problem in login.krb5 has been fixed. This problem was + only present if the krb4 compatibility code was not compiled in. + +* A security problem with ftpd has been fixed. An error in the in the + yacc grammar permitted potential root access. + +* The client programs kinit, klist and kdestroy have been changed to + incorporate krb4 support. New command-line options control whether + krb4 behavior, krb5 behavior, or both are used. + +* Patches from Frank Cusack for much better hardware preauth support + have been incorporated. + +* Patches from Matt Crawford extend the kadmin ACL syntax so that + restrictions can be imposed on what certain administrators may do to + certain accounts. + +* A KDC on a host with multiple network addresses will now respond to + a client from the address that the client used to contact it. The + means used to implement this will however cause the KDC not to + listen on network addresses configured after the KDC has started. + +Minor changes +------------- + +* The shell code for searching for the Tcl package at configure time + has been modified. If a tclConfig.sh can be found, the information + it contains is used, otherwise the old searching method is tried. + Let us know if this new scheme causes any problems. + +* Shared library builds may work on HPUX, Rhapsody/MacOS X, and newer + Alpha systems now. + +* The Windows build will now include kvno and gss-sample. + +* The routine krb5_secure_config_files has been disabled. A new + routine, krb5_init_secure_context, has been added in its place. + +* The routine decode_krb5_ticket is now being exported as + krb5_decode_ticket. Any programs that used the old name (which + should be few) should be changed to use the new name; we will + probably eliminate the old name in the future. + +* The CCAPI-based credentials cache code has been changed to store the + local-clock time of issue and expiration rather than the KDC-clock + times. + +* On systems with large numbers of IP addresses, "kinit" should do a + better job of acquiring those addresses to put in the user's + credentials. + +* Several memory leaks in error cases in the gssrpc code have been + fixed. + +* A bug with login clobbering some internal static storage on AIX has + been fixed. + +* Per-library initialization and cleanup functions have been added, + for use in configurations that dynamically load and unload these + libraries. + +* Many compile-time warnings have been fixed. + +* The GSS sample programs have been updated to exercise more of the + API. + +* The telnet server should produce a more meaningful error message if + authentication is required but not provided. + +* Changes have been made to ksu to make it more difficult to use it to + leak information the user does not have access to. + +* The sample config file information for the CYGNUS.COM realm has been + updated, and the GNU.ORG realm has been added. + +* A configure-time option has been added to enable a replay cache in + the KDC. We recommend its use when hardware preauthentication is + being used. It is enabled by default, and can be disabled if + desired with the configure-time option --disable-kdc-replay-cache. + +* Some new routines have been added to the library and krb5.h. + +* A new routine has been added to the prompter interface to allow the + application to determine which of the strings prompted for is the + user's password, in case it is needed for other purposes. + +* The remote kadmin interface has been enhanced to support the + specification of key/salt types for a principal. + +* New keytab entries' key values can now be specified manually with a + new command in the ktutil program. + +* A longstanding bug where certain krb4 exchanges using the + compatibility library between systems with different byte orders + would fail half the time has been fixed. + +* A source file under the GPL has been replaced with an equivalent + under the BSD license. The file, strftime.c, was part of one of the + OpenVision admin system applications, and was only used on systems + that don't have strftime() in their C libraries. + +* Many bug reports are still outstanding in our database. We are + continuing to work on this backlog. + Copyright Notice and Legal Administrivia ---------------------------------------- -Copyright (C) 1985-1999 by the Massachusetts Institute of Technology. +Copyright (C) 1985-2000 by the Massachusetts Institute of Technology. All rights reserved. @@ -156,6 +276,8 @@ manner. It does NOT prevent a commercial firm from referring to the MIT trademarks in order to convey information (although in doing so, recognition of their trademark status should be given). +---- + The following copyright and permission notice applies to the OpenVision Kerberos Administration system located in kadmin/create, kadmin/dbutil, kadmin/passwd, kadmin/server, lib/kadm5, and portions @@ -194,6 +316,13 @@ of lib/rpc: and our gratitude for the valuable work which has been performed by MIT and the Kerberos community. +---- + + Portions contributed by Matt Crawford <crawdad@fnal.gov> were + work performed at Fermi National Accelerator Laboratory, which is + operated by Universities Research Association, Inc., under + contract DE-AC02-76CHO3000 with the U.S. Department of Energy. + Acknowledgements ---------------- @@ -222,13 +351,22 @@ as testing to ensure DCE interoperability. Thanks to Ken Hornstein at NRL for providing many bug fixes and suggestions. +Thanks to Matt Crawford at FNAL for bugfixes and enhancements. + Thanks to Sean Mullan and Bill Sommerfeld from Hewlett Packard for their many suggestions and bug fixes. +Thanks to Nalin Dahyabhai of RedHat and Chris Evans for locating and +providing patches for numerous buffer overruns. + +Thanks to Christopher Thompson and Marcus Watts for discovering the +ftpd security bug. + Thanks to the members of the Kerberos V5 development team at MIT, both past and present: Danillo Almeida, Jay Berkenbilt, Richard Basch, John Carr, Don Davis, Alexandra Ellwood, Nancy Gilman, Matt Hancher, Sam -Hartman, Paul Hill, Marc Horowitz, Eva Jacobus, Barry Jaspan, Geoffrey -King, John Kohl, Scott McGuire, Kevin Mitchell, Cliff Neuman, Paul -Park, Ezra Peisach, Chris Provenzano, Ken Raeburn, Jon Rochlis, Jeff -Schiller, Brad Thompson, Harry Tsai, Ted Ts'o, Marshall Vale, Tom Yu. +Hartman, Paul Hill, Marc Horowitz, Eva Jacobus, Miroslav Jurisic, +Barry Jaspan, Geoffrey King, John Kohl, Peter Litwack, Scott McGuire, +Kevin Mitchell, Cliff Neuman, Paul Park, Ezra Peisach, Chris +Provenzano, Ken Raeburn, Jon Rochlis, Jeff Schiller, Brad Thompson, +Harry Tsai, Ted Ts'o, Marshall Vale, Tom Yu. diff --git a/doc/ChangeLog b/doc/ChangeLog index a156febe48..0aa784fa82 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -1,3 +1,14 @@ +2000-06-30 Ken Raeburn <raeburn@mit.edu> + + * admin.texinfo (Kerberos V5 Database Library Error Codes): + Replace RCS Id strings with comments indicating that the RCS Id + string of the error table is used. + +2000-06-22 Tom Yu <tlyu@mit.edu> + + * build.texinfo (HPUX): Update note for HPUX compiler flags. + (Shared Library Support): Update shared lib support info. + 2000-06-16 Ken Raeburn <raeburn@mit.edu> * admin.texinfo: Update descriptions to indicate full support for diff --git a/doc/admin.texinfo b/doc/admin.texinfo index e60360abcc..77d066ab09 100644 --- a/doc/admin.texinfo +++ b/doc/admin.texinfo @@ -16,7 +16,7 @@ @include definitions.texinfo @set EDITION 1.0 -@set UPDATED November 27, 1996 +@set UPDATED June 16, 2000 @finalout @c don't print black warning boxes @@ -2644,7 +2644,7 @@ KRB5PLACEHOLD_126: KRB5 error code 126 @item KRB5PLACEHOLD_127: KRB5 error code 127 @item -KRB5_ERR_RCSID: $Id$ +KRB5_ERR_RCSID: (RCS Id string for the krb5 error table) @item KRB5_LIBOS_BADLOCKFLAG: Invalid flag for file lock mode @item @@ -2859,7 +2859,7 @@ This is the Kerberos v5 database library error code table. @c error table numbering starts at 0 @enumerate 0 @item -KRB5_KDB_RCSID: $Id$ +KRB5_KDB_RCSID: (RCS Id string for the kdb error table) @item KRB5_KDB_INUSE: Entry already exists in database @item diff --git a/doc/api/ChangeLog b/doc/api/ChangeLog index b1145f18f2..accc0c6ea2 100644 --- a/doc/api/ChangeLog +++ b/doc/api/ChangeLog @@ -1,3 +1,7 @@ +2000-06-22 Ken Raeburn <raeburn@mit.edu> + + * Makefile (lib1.stamp): Use texindex instead of index. + 1999-08-30 Ken Raeburn <raeburn@mit.edu> * libdes.tex: Don't use ncs style; it's availability is dependent diff --git a/doc/api/Makefile b/doc/api/Makefile index 3fd23f925a..dbb2f03ab2 100644 --- a/doc/api/Makefile +++ b/doc/api/Makefile @@ -28,7 +28,7 @@ library.dvi: lib1.stamp $(LIBTEX) $(STYLES) lib1.stamp: $(LIBTEX) $(STYLES) touch library.ind latex library - index library.idx + texindex library.idx date > lib1.stamp .tex.dvi: diff --git a/doc/build.texinfo b/doc/build.texinfo index fa83acbea3..18e51011a8 100644 --- a/doc/build.texinfo +++ b/doc/build.texinfo @@ -414,10 +414,15 @@ variables when using the programs. Except where noted, multiple versions of the libraries may be installed on the same system and continue to work. -Currently the supported platforms are -@comment NetBSD 1.0A, AIX 3.2.5, AIX 4.1, -Solaris 2.6 (aka SunOS 5.6) and Irix 6.5. -@comment Alpha OSF/1 >= 2.1, HP-UX >= 9.X. +Currently the supported platforms are Solaris 2.6 (aka SunOS 5.6) and Irix 6.5. + +Shared library support has been tested on the following platforms but +not exhaustively (they have been built but not necessarily tested in an +installed state): Tru64 (aka Alpha OSF/1 or Digital Unix) 4.0, NetBSD +1.4.x (i386), and HP/UX 10.20. + +Platforms for which there is shared library support but not significant +testing include FreeBSD, OpenBSD, MacOS 10, AIX, Linux, and SunOS 4.x. To enable shared libraries on the above platforms, run the configure script with the option @samp{--enable-shared}. @@ -500,9 +505,9 @@ NetBSD and FreeBSD.) The native (bundled) compiler for HPUX currently will not work, because it is not a full ANSI C compiler. The optional compiler (c89) should -work as long as you give it the @samp{+Olibcalls -D_HPUX_SOURCE} (this -has only been tested for HPUX 9.0). At this point, using GCC is -probably your best bet. +work as long as you give it the @samp{-D_HPUX_SOURCE} flag +(i.e. @samp{./configure --with-cc='c89 -D_HPUX_SOURCE'}). This has only +been tested recently for HPUX 10.20. @node Solaris versions 2.0 through 2.3, Solaris 2.X, HPUX, OS Incompatibilities @subsection Solaris versions 2.0 through 2.3 diff --git a/src/ChangeLog b/src/ChangeLog index def0d74238..0c4ed5ce26 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -1,3 +1,21 @@ +2000-06-30 Tom Yu <tlyu@mit.edu> + + * aclocal.m4 (CC_LINK_STATIC): Another fix for freebsd shared libs + from David Cross. + +2000-06-30 Ken Raeburn <raeburn@mit.edu> + + * aclocal.m4 (KRB5_AC_ENABLE_DNS): Rewrite to fix logic. Now + --enable-dns-for-XX really will be heeded for setting default + behavior. Also, DNS support can now be compiled in while still + turned off by default. Print out whether the DNS support will be + compiled in. + +2000-06-30 Tom Yu <tlyu@mit.edu> + + * aclocal.m4: Fix freebsd CC_LINK_SHARED to have correct rpath + flags. Thanks to David Cross. + 2000-06-23 Ken Raeburn <raeburn@mit.edu> * aclocal.m4 (KRB5_LIB_PARAMS): Don't need to display "checking" diff --git a/src/aclocal.m4 b/src/aclocal.m4 index df4a6c0abb..78a7a65d86 100644 --- a/src/aclocal.m4 +++ b/src/aclocal.m4 @@ -1245,7 +1245,7 @@ mips-*-netbsd*) PICFLAGS=-fpic if test "x$objformat" = "xelf" ; then SHLIBVEXT='.so.$(LIBMAJOR)' - CC_LINK_SHARED='$(CC) $(PROG_LIBPATH) -Wl,-rpath -Wl,-R$(PROG_RPATH)' + CC_LINK_SHARED='$(CC) $(PROG_LIBPATH) -Wl,-rpath -Wl,$(PROG_RPATH)' else SHLIBVEXT='.so.$(LIBMAJOR).$(LIBMINOR)' CC_LINK_SHARED='$(CC) $(PROG_LIBPATH) -R$(PROG_RPATH)' @@ -1419,32 +1419,50 @@ dnl dnl KRB5_AC_ENABLE_DNS dnl AC_DEFUN(KRB5_AC_ENABLE_DNS, [ - enable_dns_for_kdc=yes - enable_dns_for_realm=no +AC_MSG_CHECKING(if DNS Kerberos lookup support should be compiled in) AC_ARG_ENABLE([dns], -[ --enable-dns enable DNS lookups of Kerberos realm and servers], -[enable_dns_for_kdc="$enable_dns" -enable_dns_for_realm="$enable_dns"], -[enable_dns=no]) - if test "$enable_dns" = yes; then - AC_DEFINE(KRB5_DNS_LOOKUP) - fi +[ --enable-dns build in support for Kerberos-related DNS lookups], , +[enable_dns=default]) AC_ARG_ENABLE([dns-for-kdc], -[ --enable-dns-for-kdc enable DNS lookups of Kerberos servers only]) +[ --enable-dns-for-kdc enable DNS lookups of Kerberos KDCs (default=YES)], , +[case "$enable_dns" in + yes | no) enable_dns_for_kdc=$enable_dns ;; + *) enable_dns_for_kdc=yes ;; +esac]) if test "$enable_dns_for_kdc" = yes; then AC_DEFINE(KRB5_DNS_LOOKUP_KDC) fi AC_ARG_ENABLE([dns-for-realm], -[ --enable-dns-for-realm enable DNS lookups of Kerberos realm names only]) +[ --enable-dns-for-realm enable DNS lookups of Kerberos realm names], , +[case "$enable_dns" in + yes | no) enable_dns_for_realm=$enable_dns ;; + *) enable_dns_for_realm=no ;; +esac]) if test "$enable_dns_for_realm" = yes; then AC_DEFINE(KRB5_DNS_LOOKUP_REALM) fi - if test "$enable_dns_for_kdc" = yes || test "$enable_dns_for_realm" = yes ; then + if test "$enable_dns_for_kdc,$enable_dns_for_realm" != no,no + then + # must compile in the support code + if test "$enable_dns" = no ; then + AC_MSG_ERROR(cannot both enable some DNS options and disable DNS support) + fi enable_dns=yes + fi + if test "$enable_dns" = yes ; then AC_DEFINE(KRB5_DNS_LOOKUP) + else + enable_dns=no fi + +AC_MSG_RESULT($enable_dns) +dnl AC_MSG_CHECKING(if DNS should be used to find KDCs by default) +dnl AC_MSG_RESULT($enable_dns_for_kdc) +dnl AC_MSG_CHECKING(if DNS should be used to find realm name by default) +dnl AC_MSG_RESULT($enable_dns_for_realm) + ]) diff --git a/src/appl/bsd/ChangeLog b/src/appl/bsd/ChangeLog index 0eac15d6b0..4e0882a569 100644 --- a/src/appl/bsd/ChangeLog +++ b/src/appl/bsd/ChangeLog @@ -1,3 +1,15 @@ +2000-06-29 Ken Raeburn <raeburn@mit.edu> + + Patch from Donn Cave and Leonard Peirce from 1.1 release cycle: + * login.c (k_init): Call krb5_cc_set_default_name right after + setting the environment variable. + (main): Likewise. + +2000-06-23 Ken Raeburn <raeburn@mit.edu> + + * rcp.M, rsh.M, rlogin.M: Add description of new -PO, -PN + options. + 2000-06-19 Tom Yu <tlyu@mit.edu> * krshd.c (recvauth): Call krb5_recvauth_version() rather than diff --git a/src/appl/bsd/login.c b/src/appl/bsd/login.c index af703b3baa..826ea8a182 100644 --- a/src/appl/bsd/login.c +++ b/src/appl/bsd/login.c @@ -517,6 +517,7 @@ void k_init (ttyn) if (!getenv(KRB5_ENV_CCNAME)) { sprintf(ccfile, "FILE:/tmp/krb5cc_p%d", getpid()); setenv(KRB5_ENV_CCNAME, ccfile, 1); + krb5_cc_set_default_name(kcontext, ccfile); unlink(ccfile+strlen("FILE:")); } else { /* note it correctly */ @@ -1755,8 +1756,10 @@ int main(argc, argv) #ifdef KRB5_GET_TICKETS /* ccfile[0] is only set if we got tickets above */ - if (login_krb5_get_tickets && ccfile[0]) + if (login_krb5_get_tickets && ccfile[0]) { (void) setenv(KRB5_ENV_CCNAME, ccfile, 1); + krb5_cc_set_default_name(kcontext, ccfile); + } #endif /* KRB5_GET_TICKETS */ if (tty[sizeof("tty")-1] == 'd') diff --git a/src/appl/bsd/rcp.M b/src/appl/bsd/rcp.M index 46267a5dd6..e047db5d65 100644 --- a/src/appl/bsd/rcp.M +++ b/src/appl/bsd/rcp.M @@ -24,11 +24,13 @@ rcp \- remote file copy .B rcp [\fB\-p\fP] [\fB\-x\fP] [\fB\-k\fP \fIrealm\fP ] [\fB\-D\fP \fIport\fP] [\fB\-N\fP] +[\fB\-PN | \-PO\fP] .I file1 file2 .sp .B rcp [\fB\-p\fB] [\fB\-x\fP] [\fP\-k\fP \fIrealm\fP] [\fB\-r\fP] [\fB\-D\fP \fIport\fP] [\fB\-N\fP] +[\fB\-PN | \-PO\fP] .I file ... directory .SH DESCRIPTION .B Rcp @@ -93,6 +95,16 @@ instead of the remote host's realm as determined by if any of the source files are directories, copy each subtree rooted at that name; in this case the destination must be a directory. .TP +\fB-PN\fP +.TP +\fB-PO\fP +Explicitly request new or old version of the Kerberos ``rcmd'' +protocol. The new protocol avoids many security problems found in the +old one, but is not interoperable with older servers. (An +"input/output error" and a closed connection is the most likely result +of attempting this combination.) If neither option is specified, some +simple heuristics are used to guess which to try. +.TP \fB\-D\fP \fIport\fP connect to port .I port diff --git a/src/appl/bsd/rlogin.M b/src/appl/bsd/rlogin.M index 79ac327b14..601fe460b4 100644 --- a/src/appl/bsd/rlogin.M +++ b/src/appl/bsd/rlogin.M @@ -25,6 +25,7 @@ rlogin \- remote login .I rhost [\fB\-e\fP\fI\|c\fP] [\fB\-8\fP] [\fB\-c\fP] [ \fB\-a\fP] [\fB\-f\fP] [\fB\-F\fP] [\fB\-t\fP \fItermtype\fP] [\fB\-n\fP] [\fB\-7\fP] +[\fB\-PN | \-PO\fP] [\fB\-d\fP] [\fB\-k\fP \fIrealm\fP] [\fB\-x\fP] [\fB\-L\fP] [\fB\-l\fP \fIusername\fP] .PP @@ -133,6 +134,16 @@ instead of the remote host's realm as determined by turn on DES encryption for all data passed via the rlogin session. This significantly reduces response time and significantly increases CPU utilization. +.TP +\fB-PN\fP +.TP +\fB-PO\fP +Explicitly request new or old version of the Kerberos ``rcmd'' +protocol. The new protocol avoids many security problems found in the +old one, but is not interoperable with older servers. (An +"input/output error" and a closed connection is the most likely result +of attempting this combination.) If neither option is specified, some +simple heuristics are used to guess which to try. .SH SEE ALSO rsh(1), kerberos(3), krb_sendauth(3), krb_realmofhost(3), rlogin(1) [UCB version] diff --git a/src/appl/bsd/rsh.M b/src/appl/bsd/rsh.M index 2b342c3d2a..11a7290f5e 100644 --- a/src/appl/bsd/rsh.M +++ b/src/appl/bsd/rsh.M @@ -25,6 +25,7 @@ rsh \- remote shell .I host [\fB\-l\fP \fIusername\fP] [\fB\-n\fP] [\fB\-d\fP] [\fB\-k\fP \fIrealm\fP] [\fB\-f\fP | \fB\-F\fP] [\fB\-x\fP] +[\fB\-PN | \-PO\fP] .I command .SH DESCRIPTION .B Rsh @@ -101,6 +102,16 @@ on the TCP sockets used for communication with the remote host. redirects input from the special device .I /dev/null (see the BUGS section below). +.TP +\fB-PN\fP +.TP +\fB-PO\fP +Explicitly request new or old version of the Kerberos ``rcmd'' +protocol. The new protocol avoids many security problems found in the +old one, but is not interoperable with older servers. (An +"input/output error" and a closed connection is the most likely result +of attempting this combination.) If neither option is specified, some +simple heuristics are used to guess which to try. .PP If you omit .IR command , diff --git a/src/config/ChangeLog b/src/config/ChangeLog index 9c79034d2e..d49064567c 100644 --- a/src/config/ChangeLog +++ b/src/config/ChangeLog @@ -1,3 +1,8 @@ +2000-06-30 Danilo Almeida <dalmeida@mit.edu> + + * win-pre.in: Fix up DNS build flags to correspond to new DNS + build flags. Add support for not using wshelper. + 2000-06-30 Tom Yu <tlyu@mit.edu> * pre.in: Twiddle things around to support building libdb under diff --git a/src/config/win-pre.in b/src/config/win-pre.in index 73fdb2efad..d70aff31cf 100644 --- a/src/config/win-pre.in +++ b/src/config/win-pre.in @@ -83,17 +83,29 @@ C=.^\ srcdir = . SRCTOP = $(srcdir)\$(BUILDTOP) -!if defined(KRB5_USE_DNS) +!if defined(KRB5_USE_DNS) || defined(KRB5_USE_DNS_KDC) || defined(KRB5_USE_DNS_REALMS) +!if defined(KRB5_NO_WSHELPER) +DNSMSG=resolver +!else +DNSMSG=wshelper +DNSFLAGS=-DWSHELPER=1 +!endif !if !defined(DNS_INC) -!message Must define DNS_INC to point to wshelper includes dir! +!message Must define DNS_INC to point to $(DNSMSG) includes dir! !error !endif !if !defined(DNS_LIB) -!message Must define DNS_LIB to point to wshelper library! +!message Must define DNS_LIB to point to $(DNSMSG) library! !error !endif DNSLIBS=$(DNS_LIB) -DNSFLAGS=-I$(DNS_INC) -DKRB5_DNS_LOOKUP -DWSHELPER +DNSFLAGS=-I$(DNS_INC) $(DNSFLAGS) -DKRB5_DNS_LOOKUP=1 +!if defined(KRB5_USE_DNS_KDC) +DNSFLAGS=$(DNSFLAGS) -DKRB5_DNS_LOOKUP_KDC=1 +!endif +!if defined(KRB5_USE_DNS_REALMS) +DNSFLAGS=$(DNSFLAGS) -DKRB5_DNS_LOOKUP_REALMS=1 +!endif !else DNSLIBS= DNSFLAGS= diff --git a/src/kadmin/server/ChangeLog b/src/kadmin/server/ChangeLog index d1548c87fa..ee2192342e 100644 --- a/src/kadmin/server/ChangeLog +++ b/src/kadmin/server/ChangeLog @@ -1,3 +1,7 @@ +2000-06-30 Tom Yu <tlyu@mit.edu> + + * server_stubs.c: Kludge to rename xdr_free() properly. + 2000-06-29 Tom Yu <tlyu@mit.edu> * schpw.c (process_chpw_request): Add new argument to call to diff --git a/src/kadmin/server/server_stubs.c b/src/kadmin/server/server_stubs.c index 2eef601b22..f763677b3e 100644 --- a/src/kadmin/server/server_stubs.c +++ b/src/kadmin/server/server_stubs.c @@ -18,6 +18,8 @@ static char *rcsid = "$Header$"; #include <syslog.h> #include "misc.h" +#define xdr_free gssrpc_xdr_free /* XXX kludge */ + #define LOG_UNAUTH "Unauthorized request: %s, %s, client=%s, service=%s, addr=%s" #define LOG_DONE "Request: %s, %s, %s, client=%s, service=%s, addr=%s" diff --git a/src/lib/gssapi/krb5/ChangeLog b/src/lib/gssapi/krb5/ChangeLog index 087104e703..6f764457ee 100644 --- a/src/lib/gssapi/krb5/ChangeLog +++ b/src/lib/gssapi/krb5/ChangeLog @@ -1,3 +1,10 @@ +2000-06-27 Tom Yu <tlyu@mit.edu> + + * init_sec_context.c (get_credentials): Add initial iteration of + krb5_get_credentials in order to differentiate between an actual + missing credential and merely a bad match based on enctype. This + was causing problems with kadmin. + 2000-06-09 Tom Yu <tlyu@mit.edu> Ken Raeburn <raeburn@mit.edu> diff --git a/src/lib/gssapi/krb5/init_sec_context.c b/src/lib/gssapi/krb5/init_sec_context.c index 13a971ffa6..acac47184b 100644 --- a/src/lib/gssapi/krb5/init_sec_context.c +++ b/src/lib/gssapi/krb5/init_sec_context.c @@ -77,6 +77,10 @@ #include <stdlib.h> #include <assert.h> +/* + * $Id$ + */ + /* XXX This is for debugging only!!! Should become a real bitfield at some point */ int krb5_gss_dbg_client_expcreds = 0; @@ -109,11 +113,25 @@ static krb5_error_code get_credentials(context, cred, server, now, in_creds.keyblock.enctype = 0; + /* + * Initial iteration is necessary to catch a non-matching + * credential prior to looping through the GSSAPI-supported + * enctypes, since an enctype mismatch in the loop below will + * return KRB5_CC_NOTFOUND rather than one of the other error + * codes. + */ + code = krb5_get_credentials(context, 0, cred->ccache, + &in_creds, out_creds); + if (code) + goto cleanup; + krb5_free_creds(context, *out_creds); + *out_creds = NULL; for (i = 0; enctypes[i]; i++) { in_creds.keyblock.enctype = enctypes[i]; code = krb5_get_credentials(context, 0, cred->ccache, &in_creds, out_creds); - if (code != KRB5_CC_NOT_KTYPE && code != KRB5KDC_ERR_ETYPE_NOSUPP) + if (code != KRB5_CC_NOT_KTYPE && code != KRB5_CC_NOTFOUND + && code != KRB5KDC_ERR_ETYPE_NOSUPP) break; } if (enctypes[i] == 0) { diff --git a/src/lib/krb5/krb/ChangeLog b/src/lib/krb5/krb/ChangeLog index dfdf646c71..2d4546f3a5 100644 --- a/src/lib/krb5/krb/ChangeLog +++ b/src/lib/krb5/krb/ChangeLog @@ -1,3 +1,11 @@ +2000-06-30 Tom Yu <tlyu@mit.edu> + + * conv_princ.c (krb5_425_conv_principal): NULL, not nil. + +2000-06-30 Miro Jurisic <meeroh@mit.edu> + + * conv_princ.c (krb5_425_conv_principal): Fixed a memory leak + 2000-06-29 Ezra Peisach <epeisach@engrailed.mit.edu> * t_walk_rtree.c (main): Declare as returning int. diff --git a/src/lib/krb5/krb/conv_princ.c b/src/lib/krb5/krb/conv_princ.c index b2df0c60e3..f0d3d3d31e 100644 --- a/src/lib/krb5/krb/conv_princ.c +++ b/src/lib/krb5/krb/conv_princ.c @@ -272,6 +272,14 @@ krb5_425_conv_principal(context, name, instance, realm, princ) } else if ((retval == 0) && (realm_name == NULL)) { break; } + if (realm_name != NULL) { + profile_release_string (realm_name); + realm_name = NULL; + } + if (dummy_value != NULL) { + profile_release_string (dummy_value); + dummy_value = NULL; + } } if (instance) { diff --git a/src/lib/rpc/ChangeLog b/src/lib/rpc/ChangeLog index 7d0aa318ad..1f0a2779d7 100644 --- a/src/lib/rpc/ChangeLog +++ b/src/lib/rpc/ChangeLog @@ -1,3 +1,8 @@ +2000-06-21 Tom Yu <tlyu@mit.edu> + + * svc_auth_gssapi.c (_svcauth_gssapi): Missed a rename. From + Nathan Neulinger. + 2000-05-31 Ken Raeburn <raeburn@mit.edu> * pmap_rmt.c (GIFCONF_BUFSIZE): New macro. diff --git a/src/lib/rpc/svc_auth_gssapi.c b/src/lib/rpc/svc_auth_gssapi.c index 34ee0ef11a..9d831ad0de 100644 --- a/src/lib/rpc/svc_auth_gssapi.c +++ b/src/lib/rpc/svc_auth_gssapi.c @@ -548,7 +548,7 @@ enum auth_stat _svcauth_gssapi(rqst, msg, no_dispatch) &call_arg)) { PRINTF(("svcauth_gssapi: cannot decode args\n")); LOG_MISCERR("protocol error in call arguments"); - xdr_free(xdr_authgssapi_init_arg, &call_arg); + gssrpc_xdr_free(xdr_authgssapi_init_arg, &call_arg); ret = AUTH_BADCRED; goto error; } diff --git a/src/lib/rpc/unit-test/ChangeLog b/src/lib/rpc/unit-test/ChangeLog index b41a59d78e..a4b859b08a 100644 --- a/src/lib/rpc/unit-test/ChangeLog +++ b/src/lib/rpc/unit-test/ChangeLog @@ -1,3 +1,8 @@ +2000-06-30 Tom Yu <tlyu@mit.edu> + + * server.c: Include gssrpc/pmap_clnt.h in order to get renaming of + pmap_unset(). From Nathan Neulinger. + 2000-06-30 Ken Raeburn <raeburn@mit.edu> * rpc_test_setup.sh: Error out if server_handle doesn't get set in diff --git a/src/lib/rpc/unit-test/server.c b/src/lib/rpc/unit-test/server.c index 7270ea40d8..32f5de349f 100644 --- a/src/lib/rpc/unit-test/server.c +++ b/src/lib/rpc/unit-test/server.c @@ -14,6 +14,7 @@ static char *rcsid = "$Header$"; #include <string.h> #include <signal.h> #include <gssrpc/rpc.h> +#include <gssrpc/pmap_clnt.h> #include <arpa/inet.h> /* inet_ntoa */ #include <gssapi/gssapi.h> #include <gssapi/gssapi_generic.h> diff --git a/src/windows/ChangeLog b/src/windows/ChangeLog index 23bc3ec305..bc6926a887 100644 --- a/src/windows/ChangeLog +++ b/src/windows/ChangeLog @@ -1,3 +1,8 @@ +2000-06-21 Danilo Almeida <dalmeida@mit.edu> + + * README: Update documentation with DNS information. Fix up the + language a bit. + 2000-04-25 Danilo Almeida <dalmeida@mit.edu> * version.rc: Bump version to 1.2 beta. diff --git a/src/windows/README b/src/windows/README index f30d02992c..1bac4086ce 100644 --- a/src/windows/README +++ b/src/windows/README @@ -1,29 +1,35 @@ Building & Running Kerberos 5 on Windows ---------------------------------------- -Kerberos 5 Windows support now only includes Win32 and no longer -includes Win16. +Kerberos 5 builds on Windows with MSVC++ 6.0. It may or may not build +with other compilers or make utilities. -We build Kerberos 5 on Windows just with MSVC++ 6.0. You should -not need anything else. We do not know whether it currently -builds with other compilers or make utilities. - -These build instructions assume that you got a standalong source -distribution of Kerberos 5 rather than the MIT Kerberos for Win32 +These build instructions assume that you have the standalone source +distribution of Kerberos 5 rather than the MIT Kerberos for Windows distribution (which includes a working Kerberos 4). There are two methods for building a Windows version of Kerberos 5. The traditional method involves starting on a Unix machine and creating a distribution that can be built on Windows. The second method works from the sources that come from the Unix distribution if -you have certain Unix-type utilities. +you have certain Unix-type utilities (see below). -IMPORTANT NOTE: By default, the sources are build with debug +IMPORTANT NOTE: By default, the sources are built with debug information and linked against the debug version of the Microsoft C -Runtime library, which is not found on most Win32 systems unless they -have development tools. To build a release version, you need to +Runtime library, which is not found on most Windows systems unless +they have development tools. To build a release version, you need to define NODEBUG either in the environment or the nmake command-line. +DNS Support: To support DNS lookups, you will need to define +KRB5_DNS_LOOKUP, KRB5_DNS_LOOKUP_KDC, or KRB5_DNS_LOOKUP_REALMS. The +DNS code will default to trying to use the wshelper library. If you +would rather use a resolver library whose include files more closely +match the Unix resolver library, define KRB5_NO_WSHELPER. You will +also need to define DNS_INC to point to the include directory for the +library and DNS_LIB to library itself. The default is not to support +DNS because the build cannot know whether there is a DNS resolver +library around for it to use. + Traditional Build Method: ------------------------ @@ -36,13 +42,13 @@ On the Unix side On the PC side -1) md \krb5 # Create where we'll put the tree +1) md \krb5 # Create dir where we'll put the tree 2) cd \krb5 3) unzip kerbsrc.zip - or - pkunzip -d kerbsrc.zip -4) nmake [NODEBUG=1] # Build the sources -5) nmake install [NODEBUG=1] # Copy headers, libs, executables +4) nmake [NODEBUG=1] [DNS-options] # Build the sources +5) nmake install [NODEBUG=1] # Copy headers, libs, executables All-Windows Build Method: @@ -52,8 +58,8 @@ First, make sure you have sed, gawk, cat, and cp. 1) cd xxx/src # Go to where the source lives 2) nmake -f Makefile.in prep-windows # Create Makefile for Windows -3) nmake [NODEBUG=1] # Build the sources -4) nmake install [NODEBUG=1] # Copy headers, libs, executables +3) nmake [NODEBUG=1] [DNS-options # Build the sources +4) nmake install [NODEBUG=1] # Copy headers, libs, executables Notes on the install Target: @@ -82,7 +88,7 @@ able to run the applications that are built. Note that Kerberos 5 will not look for the krb5.ini file in your path. -Krb5.ini File: +krb5.ini File: ------------- WARNING: Despite its name, this is not a Windows .ini file. @@ -128,7 +134,7 @@ Othes Issues: The krb4_32.dll that is built (but not installed) is not supported. If you need Kerberos 4, you can use the krbv4w32.dll that MIT -distributes as part of the MIT Kerberos for Win32 distribution. +distributes as part of the MIT Kerberos for Windows distribution. More Information: |