1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
|
Kerberos Version 5, Release 1.3.5
Release Notes
The MIT Kerberos Team
Unpacking the Source Distribution
---------------------------------
The source distribution of Kerberos 5 comes in a gzipped tarfile,
krb5-1.3.5.tar.gz. Instructions on how to extract the entire
distribution follow.
If you have the GNU tar program and gzip installed, you can simply do:
gtar zxpf krb5-1.3.5.tar.gz
If you don't have GNU tar, you will need to get the FSF gzip
distribution and use gzcat:
gzcat krb5-1.3.5.tar.gz | tar xpf -
Both of these methods will extract the sources into krb5-1.3.5/src and
the documentation into krb5-1.3.5/doc.
Building and Installing Kerberos 5
----------------------------------
The first file you should look at is doc/install-guide.ps; it contains
the notes for building and installing Kerberos 5. The info file
krb5-install.info has the same information in info file format. You
can view this using the GNU emacs info-mode, or by using the
standalone info file viewer from the Free Software Foundation. This
is also available as an HTML file, install.html.
Other good files to look at are admin-guide.ps and user-guide.ps,
which contain the system administrator's guide, and the user's guide,
respectively. They are also available as info files
kerberos-admin.info and krb5-user.info, respectively. These files are
also available as HTML files.
If you are attempting to build under Windows, please see the
src/windows/README file.
Reporting Bugs
--------------
Please report any problems/bugs/comments using the krb5-send-pr
program. The krb5-send-pr program will be installed in the sbin
directory once you have successfully compiled and installed Kerberos
V5 (or if you have installed one of our binary distributions).
If you are not able to use krb5-send-pr because you haven't been able
compile and install Kerberos V5 on any platform, you may send mail to
krb5-bugs@mit.edu.
You may view bug reports by visiting
http://krbdev.mit.edu/rt/
and logging in as "guest" with password "guest".
Major changes in 1.3.5
----------------------
* [2682] Fix ftpd hang caused by empty PASS command.
* [2686] Fix double-free errors. [MITKRB5-SA-2004-002]
* [2687] Fix denial-of-service vulnerability in ASN.1
decoder. [MITKRB5-SA-2004-003]
Minor changes in 1.3.5
----------------------
* [2016] Fix build problem in fake-addrinfo.h by including stdio.h so
that sprintf() gets prototyped where needed on some platforms.
* [2353] Add missing prototype for gss_krb5int_unseal_token_v3().
* [2607] Fix enctype filtering and some memory leaks in MSLSA ccache.
* [2608] Remove incorrect localization in MSLSA ccache which was
resulting in crashes.
* [2619] Update MSLSA ccache to support new LSA flag.
* [2623] Update MSLSA ccache to reflect differences in registry layout
between Windows client and server OSes.
* [2624] Do not ignore the cache when obtaining TGTs from the MSLSA if
the requested enctype is the NULL enctype.
* [2626] Add Terminal Server compatibility for KfW.
* [2627] Fix cc_mslsa thread safety.
* [2634] Remove the caching of the ccache principal name from
krb5_context.
* [2643] Fix another problem with krb4 ticket backdating.
* [2675] Add new WiX-based MSI installer for KfW.
* [2677] Add "-c ccache" option to kvno; use consistent memory
management to avoid crashes on Windows.
* [2689] Misc MSLSA ccache fixes.
* [2691] Improve documentation of ANSI C requirement.
Major changes in 1.3.4
----------------------
* [2024, 2583, 2584] Fixed buffer overflows in
krb5_aname_to_localname(). [MITKRB-SA-2004-001]
Minor changes in 1.3.4
----------------------
* [957] The auth_to_local rules now allow for the client realm to be
examined.
* [2527, 2528, 2531] Keytab file names lacking a "FILE:" prefix now work
under Windows.
* [2533] Updated installer scripts for Windows.
* [2534] Fixed memory leak for when an incorrect password is input to
krb5_get_init_creds_password().
* [2535] Added missing newline to dnssrv.c.
* [2551, 2564] Use compile-time checks to determine endianness.
* [2558] krb5_send_tgs() now correctly sets message_type after
receiving a KRB_ERROR message.
* [2561, 2574] Fixed memory allocation errors in the MSLSA ccache.
* [2562] The Windows installer works around cases where DLLs cannot be
unloaded.
* [2585] Documentation correctly describes AES support in GSSAPI.
Major changes in 1.3.3
----------------------
* [2284] Fixed accept_sec_context to use a replay cache in the
GSS_C_NO_CREDENTIAL case. Reported by Cesar Garcia.
* [2426] Fixed a spurious SIGPIPE that happened in the TCP sendto_kdc
code on AIX. Thanks to Bill Dodd.
* [2430] Fixed a crash in the MSLSA ccache.
* [2453] The AES string-to-key function no longer returns a pointer to
stack memory when given a password longer than 64 characters.
Minor changes in 1.3.3
----------------------
* [2277] In sendto_kdc, a socket leak on connection failure was fixed.
Thanks to Bill Dodd.
* [2384] A memory leak in the TCP handling code in the KDC has been
fixed. Thanks to Will Fiveash.
* [2521] The Windows NSIS installer scripts are in the source tree.
* [2522] The MSLSA ccache now supports Windows 9x.
Major changes in 1.3.2
----------------------
* [2040, 1471, 2067, 2077, 2079, 2166, 2167, 2220, 2266] Support for
AES in GSSAPI has been implemented. This corresponds to the
in-progress work in the IETF (CFX).
* [2049, 2139, 2148, 2153, 2182, 2183, 2184, 2190, 2202] Added a new
ccache type "MSLSA:" for read-only access to the MS Windows LSA
cache.
* [982] On windows, krb5.exe now has a checkbox to request addressless
tickets.
* [2189, 2234] To avoid compatibility problems, unrecognized TGS
options will now be ignored. Thanks to Wyllys Ingersoll for finding
a problem with a previous fix.
* [2218] 128-bit AES has been added to the default enctypes.
* [2223, 2229] AES cryptosystem now chains IVs. This WILL break
backwards compatibility for the kcmd applications, if they are using
AES session keys. Thanks to Wyllys Ingersoll for finding a problem
with a previous fix.
Minor changes in 1.3.2
----------------------
* [1437] Applied patch from Stephen Grau so kinit returns non-zero
status under certain failure conditions where it had previously
returned zero.
* [1586] On Windows, the krb4 CREDENTIALS structure has been changed
to align with KfW's version of the structure.
* [1613] Applied patch from Dave Shrimpton to avoid truncation of
dates output from the kadmin CLI when long time zone names are
used.
* [1622] krshd no longer calls syslog from inside a signal handler, in
an effort to avoid deadlocks on exit.
* [1649] A com_err test program compiles properly on Darwin now.
* [1692] A new configuration file tag "master_kdc" has been added to
allow master KDCs to be designated separately from admin servers.
* [1702] krb5_get_host_realm() and krb5_free_host_realm() are no
longer marked as KRB5_PRIVATE.
* [1711] Applied patch from Harry McGavran Jr to allow fake-addrinfo.h
to compile on libc5 Linux platforms.
* [1712] Applied patch from Cesar Garcia to fix lifetime computation
in krb524 ticket conversion.
* [1714] Fixed a 64-bit endianness bug in ticket starttime encoding in
krb524d. Found by Cesar Garcia.
* [1715] kadmind4 and v5passwdd are no longer installed on Mac OS X.
* [1718] The krb4 library configure script now recognizes
OpenDarwin/x86. Bug found by Rob Braun.
* [1721] krb5_get_init_creds_password() no longer returns a spurious
KRB5_REALM_UNKNOWN if DNS SRV record support is turned off.
* [1730] krb_mk_auth() no longer overzealously clears the key
schedule.
* [1731] A double-free related to reading forwarded credentials has
been fixed. Found by Joseph Galbraith.
* [1770] Applied patch from Maurice Massar to fix a foreachaddr()
problem that was causing the KDC to segfault on startup.
* [1790] The Linux build uses $(CC) to create shared libraries,
avoiding a libgcc problem when building libdb.
* [1792] The lib/kadm5 unit tests now work around a Solaris 9
pty-close bug.
* [1793] The test suite works around some Tru64 and Irix RPATH
issues, which previously could prevent tests from running on a build
with shared libraries enabled.
* [1799] kadmind supports callouts to the Apple password server.
* [1893] KRB-SAFE messages from older releases can now be read
successfully. Prior 1.3.x releases did not save the encoded
KRB-SAFE message, and experienced problems when re-encoding. Found
by Scooter Morris.
* [1962] MS LSA tickets with short remaining lifetimes will be
rejected in favor of retrieving tickets bypassing the LSA cache.
* [1973] sendto_kdc.c now closes sockets with closesocket() instead of
close(), avoiding a descriptor leak on Windows.
* [1979] An erroneously short initial sequence number mask has been
fixed.
* [2028] KfW now displays a kinit dialog when GSS fails to find
tickets.
* [2051] Missing exports have been added to krb4_32.def on Windows.
* [2058] Some problems with krb4 ticket lifetime backdating have
fixed.
* [2060] GSSAPI's idea of the default ccache is less sticky now.
* [2068] The profile library includes prof-int.h before conditionals
that rely on it.
* [2084] The resolver library is no longer referenced by library code
if not building with DNS SRV record support.
* [2085] Updated Windows README file to reflect current compilation
requirements, etc.
* [2104] On Windows, only define strcasecmp and strncasecmp
replacement macros if said functions are missing.
* [2106] Return an error for unimplemented ccache functions, rather
than calling through a null pointer.
* [2118] Applied patch from Will Fiveash to use correct parameter for
KDC TCP listening sockets.
* [2144,2230] Memory management errors in the Windows gss.exe test
client have been fixed.
* [2171] krb5_locate_kpasswd() now correctly calls htons() on the
kpasswd port number. Found by Arlene Berry.
* [2180] The profile library now includes pthread.h when compiled with
USE_PTHREADS.
* [2181, 2224] A timeout has been added to gss-server, and a missing
parameter to sign_server() has been added.
* [2196] config.{guess,sub} have been updated from autoconf-2.59.
* [2204] Windows gss.exe now has support for specifying credentials
cache, as well as some minor bugfixes.
* [2210] GSSAPI accept_sec_context() no longer unconditionally sets
INTEG and CONF flags in contradiction to what the initiator sent.
* [2212] The GSS sample application has some additional options to
support testing of SSPI vs GSSAPI.
* [2217] Windows gss.exe has new UI elements to support more flag
settings.
* [2225] In the gss sample client, some extraneous parameters have
been removed from client_establish_context().
* [2228] Copyright notices updated in GSS sample apps.
* [2233] On Windows compiles with KRB5_KFW_COMPILE, the lib path for
krbcc32.lib is now correct.
* [2195, 2236, 2241, 2245] The Solaris 9 pty-close bug, which was
affecting the test suite, has been worked around by hacking
scheduler priorities. See the installation notes for details.
Thanks to Bill Sommerfeld for some useful hints.
* [2258] An incorrect memcpy() statement in fakeka has been fixed.
Reported by David Thompson.
Notes, Major Changes, and Known Bugs for 1.3.1
----------------------------------------------
* [1681] The incorrect encoding of the ETYPE-INFO2 preauthentication
hint is no longer emitted, and the both the incorrect and the
correct encodings of ETYPE-INFO2 are now accepted. We STRONGLY
encourage deploying krb5-1.3.1 in preference to 1.3, especially on
client installations, as the 1.3 release did not conform to the
internet-draft for the revised Kerberos protocol in its encoding of
ETYPE-INFO2.
* [1683] The non-caching getaddrinfo() API on Mac OS X, which was
causing significant slowdowns under some circumstances, has been
worked around.
Minor changes in 1.3.1
----------------------
* [1015] gss_accept_sec_context() now passes correct arguments to
TREAD_STR() when reading options beyond the forwarded credential
option. Thanks to Emily Ratliff.
* [1365] The GSSAPI initiator credentials are no longer cached inside
the GSSAPI library.
* [1651] A buffer overflow in krb_get_admhst() has been fixed.
* [1655] krb5_get_permitted_enctypes() and krb5_set_real_time() are
now exported for use by Samba.
* [1656] gss_init_sec_context() no longer leaks credentials under some
error conditions.
* [1657] krb_get_lrealm() no longer returns "ATHENA.MIT.EDU"
inappropriately.
* [1664] The crypto library no longer has bogus dependencies on
com_err.
* [1665] krb5_init_context() no longer multiply registers error tables
when called more than once, preventing a memory leak.
* [1666] The GSS_C_NT_* symbols are now exported from gssapi32.dll on
Windows.
* [1667] ms2mit now imports any tickets with supported enctypes, and
does not import invalid tickets.
* [1677] krb5_gss_register_acceptor_identity() no longer has an
off-by-one in its memory allocation.
* [1679] krb5_principal2salt is now exported on all platforms.
* [1684] The file credentials cache is now supported if USE_CCAPI is
defined, i.e., for KfM and KfW.
* [1691] Documentation for the obsolete kdc_supported_enctypes config
variable has been removed.
Notes, Major Changes, and Known Bugs for 1.3
--------------------------------------------
* We now install the compile_et program, so other packages can use the
installed com_err library with their own error tables. (If you use
our com_err code, that is; see below.)
* The header files we install now assume ANSI/ISO C ('89, not '99).
We have stopped testing on SunOS 4, even with gcc. Some of our code
now has C89-based assumptions, like free(NULL) being well defined,
that will probably frustrate any attempts to run this code under SunOS
4 or other pre-C89 systems.
* Some new code, bug fixes, and cleanup for IPv6 support. Most of the
code should support IPv6 transparently now. The RPC code (and
therefore the admin system, which is based on it) does not yet
support IPv6. The support for Kerberos 4 may work with IPv6 in very
limited ways, if the address checking is turned off. The FTP client
and server do not have support for the new protocol messages needed
for IPv6 support (RFC 2428).
* We have upgraded to autoconf 2.52 (or later), and the syntax for
specifying certain configuration options have changed. For example,
autoconf 2.52 configure scripts let you specify command-line options
like "configure CC=/some/path/foo-cc", so we have removed some of
our old options like --with-cc in favor of this approach.
* The client libraries can now use TCP to connect to the KDC. This
may be necessary when talking to Microsoft KDCs (domain controllers),
if they issue you tickets with lots of PAC data.
* If you have versions of the com_err or ss installed locally, you can
use the --with-system-et and --with-system-ss configure options to
use them rather than using the versions supplied here. Note that
the interfaces are assumed to be similar to those we supply; in
particular, some older, divergent versions of the com_err library
may not work with the krb5 sources. Many configure-time variables
can be used to help the compiler and linker find the installed
packages; see the build documentation for details.
* The AES cryptosystem has been implemented. However, support in the
Kerberos GSSAPI mechanism has not been written (or even fully
specified), so it's not fully enabled. See the documentation for
details.
Major changes listed by ticket ID
---------------------------------
* [492] PRNG breakage on 64-bit platforms no longer an issue due to
new PRNG implementation.
* [523] Client library is now compatible with the RC4-based
cryptosystem used by Windows 2000.
* [709] krb4 long lifetime support has been implemented.
* [880] krb5_gss_register_acceptor_identity() implemented (is called
gsskrb5_register_acceptor_identity() by Heimdal).
* [1087] ftpd no longer requires channel bindings, allowing easier use
of ftp from behind a NAT.
* [1156, 1209] It is now possible to use the system com_err to build
this release.
* [1174] TCP support added to client library.
* [1175] TCP support added to the KDC, but is disabled by default.
* [1176] autoconf-2.5x is now required by the build system.
* [1184] It is now possible to use the system Berkeley/Sleepycat DB
library to build this release.
* [1189, 1251] The KfM krb4 library source base has been merged.
* [1190] The default KDC master key type is now triple-DES. KDCs
being updated may need their config files updated if they are not
already specifying the master key type.
* [1190] The default ticket lifetime and default maximum renewable
ticket lifetime have been extended to one day and one week,
respectively.
* [1191] A new script, k5srvutil, may be used to manipulate keytabs in
ways similar to the krb4 ksrvutil utility.
* [1281] The "fakeka" program, which emulates the AFS kaserver, has
been integrated. Thanks to Ken Hornstein.
* [1343] The KDC now defaults to not answering krb4 requests.
* [1344] Addressless tickets are requested by default now.
* [1372] There is no longer a need to create a special keytab for
kadmind. The legacy administration daemons "kadmind4" and
"v5passwdd" will still require a keytab, though.
* [1377, 1442, 1443] The Microsoft set-password protocol has been
implemented. Thanks to Paul Nelson.
* [1385, 1395, 1410] The krb4 protocol vulnerabilities
[MITKRB5-SA-2003-004] have been worked around. Note that this will
disable krb4 cross-realm functionality, as well as krb4 triple-DES
functionality. Please see doc/krb4-xrealm.txt for details of the
patch.
* [1393] The xdrmem integer overflows [MITKRB5-SA-2003-003] have
been fixed.
* [1397] The krb5_principal buffer bounds problems
[MITKRB5-SA-2003-005] have been fixed. Thanks to Nalin Dahyabhai.
* [1415] Subsession key negotiation has been fixed to allow for
server-selected subsession keys in the future.
* [1418, 1429, 1446, 1484, 1486, 1487, 1535, 1621] The AES
cryptosystem has been implemented. It is not usable for GSSAPI,
though.
* [1491] The client-side functionality of the krb524 library has been
moved into the krb5 library.
* [1550] SRV record support exists for Kerberos v4.
* [1551] The heuristic for locating the Kerberos v4 KDC by prepending
"kerberos." to the realm name if no config file or DNS information
is available has been removed.
* [1568, 1067] A krb524 stub library is built on Windows.
Minor changes listed by ticket ID
---------------------------------
* [90] default_principal_flags documented.
* [175] Docs refer to appropriate example domains/IPs now.
* [299] kadmin no longer complains about missing kdc.conf parameters
when it really means krb5.conf parameters.
* [318] Run-time load path for tcl is set now when linking test
programs.
* [443] --includedir honored now.
* [479] unused argument in try_krb4() in login.c deleted.
* [590] The des_read_pw_string() function in libdes425 has been
aligned with the original krb4 and CNS APIs.
* [608] login.krb5 handles SIGHUP more sanely now and thus avoids
getting the session into a weird state w.r.t. job control.
* [620] krb4 encrypted rcp should work a little better now. Thanks to
Greg Hudson.
* [647] libtelnet/kerberos5.c no longer uses internal include files.
* [673] Weird echoing of admin password in kadmin client worked around
by not using buffered stdio calls to read passwords.
* [677] The build system has been reworked to allow the user to set
CFLAGS, LDFLAGS, CPPFLAGS, etc. reasonably.
* [680] Related to [673], rewrite krb5_prompter_posix() to no longer
use longjmp(), thus avoiding some bugs relating to non-restoration
of terminal settings.
* [697] login.krb5 no longer zeroes out the terminal window size.
* [710] decomp_ticket() in libkrb4 now looks up the local realm name
more correctly. Thanks to Booker Bense.
* [771] .rconf files are excluded from the release now.
* [772] LOG_AUTHPRIV syslog facility is now usable for logging on
systems that support it.
* [844] krshd now syslogs using the LOG_AUTH facility.
* [850] Berekely DB build is better integrated into the krb5 library
build process.
* [866] lib/krb5/os/localaddr.c and kdc/network.c use a common source
for local address enumeration now.
* [882] gss-client now correctly deletes the context on error.
* [919] kdc/network.c problems relating to SIOCGIFCONF have been
fixed.
* [922] An overflow in the string-to-time conversion routines has been
fixed.
* [933] krb524d now handles single-DES session keys other than of type
des-cbc-crc.
* [935] des-cbc-md4 now included in default enctypes.
* [939] A minor grammatical error has been fixed in a telnet client
error message.
* [953] des3 no longer failing on Windows due to SHA1 implementation
problems.
* [964] kdb_init_hist() no longer fails if master_key_enctype is not
in supported_enctypes.
* [970] A minor inconsistency in ccache.tex has been fixed.
* [971] option parsing bugs rendered irrelevant by removal of unused
gss mechanism.
* [976] make install mentioned in build documentation.
* [986] Related to [677], problems with the ordering of LDFLAGS
initialization rendered irrelevant by use of native autoconf
idioms.
* [992] Related to [677], quirks with --with-cc no longer relevant as
AC_PROG_CC is used instead now.
* [999] The kdc_default_options configuration variable is now honored.
Thanks to Emily Ratliff.
* [1006] Client library, as well as KDC, now perform reasonable
sorting of ETYPE-INFO preauthentication data.
* [1055] NULL pointer dereferences in code calling
krb5_change_password() have been fixed.
* [1063] Initial credentials acquisition failures related to client
host having a large number of local network interfaces should be
fixed now.
* [1064] Incorrect option parsing in the gssapi library is no longer
relevant due to removal of the "v2" mechanism.
* [1065, 1225] krb5_get_init_creds_password() should properly warn about
password expiration.
* [1066] printf() argument mismatches in rpc unit tests fixed.
* [1085] The krb5.conf manpage has been re-synchronized with other
documentation.
* [1102] gssapi_generic.h should now work with C++.
* [1135] The kadm5 ACL system is better documented.
* [1136] Some documentation for the setup of cross-realm
authentication has been added.
* [1164] krb5_auth_con_gen_addrs() now properly returns errno instead
of -1 if getpeername() fails.
* [1173] Address-less forwardable tickets will remain address-less
when forwarded.
* [1178, 1228, 1244, 1246, 1249] Test suite has been stabilized
somewhat.
* [1188] As part of the modernization of our usage of autoconf,
AC_CONFIG_FILES is now used instead of passing a list of files to
AC_OUTPUT.
* [1194] configure will no longer recurse out of the top of the source
tree when attempting to locate the top of the source tree.
* [1192] Documentation for the krb5 afs functionality of krb524d has
been written.
* [1195] Example krb5.conf file modified to include all enctypes
supported by the release.
* [1202] The KDC no longer rejects unrecognized flags.
* [1203] krb5_get_init_creds_keytab() no longer does a double-free.
* [1211] The ASN.1 code no longer passes (harmless) uninitialized
values around.
* [1212] libkadm5 now allows for persistent exclusive database locks.
* [1217] krb5_read_password() and des_read_password() are now
implemented via krb5_prompter_posix().
* [1224] For SAM challenges, omitted optional strings are no longer
encoded as zero-length strings.
* [1226] Client-side support for SAM hardware-based preauth
implemented.
* [1229] The keytab search logic no longer fails prematurely if an
incorrect encryption type is found. Thanks to Wyllys Ingersoll.
* [1232] If the master KDC cannot be resolved, but a slave is
reachable, the client library now returns the real error from the
slave rather than the resolution failure from the master. Thanks to
Ben Cox.
* [1234] Assigned numbers for SAM preauth have been corrected.
sam-pk-for-sad implementation has been aligned.
* [1237] Profile-sharing optimizations from KfM have been merged.
* [1240] Windows calling conventions for krb5int_c_combine_keys() have
been aligned.
* [1242] Build system incompatibilities with Debian's chimeric
autoconf installation have been worked around.
* [1256] Incorrect sizes passed to memset() in combine_keys()
operations have been corrected.
* [1260] Client credential lookup now gets new service tickets in
preference to attempting to use expired ticketes. Thanks to Ben
Cox.
* [1262, 1572] Sequence numbers are now unsigned; negative sequence
numbers will be accepted for the purposes of backwards
compatibility.
* [1263] A heuristic for matching the incorrectly encoded sequence
numbers emitted by Heimdal implementations has been written.
* [1284] kshd accepts connections by IPv6 now.
* [1292] kvno manpage title fixed.
* [1293] Source files no longer explicitly attempt to declare errno.
* [1304] kadmind4 no longer leaves sa_flags uninitialized.
* [1305] Expired tickets now cause KfM to pop up a password dialog.
* [1309] krb5_send_tgs() no longer leaks the storage associated with
the TGS-REQ.
* [1310] kadm5_get_either() no longer leaks regexp library memory.
* [1311] Output from krb5-config no longer contains spurious uses of
$(PURE).
* [1324] The KDC no longer logs an inappropriate "no matching key"
error when an encrypted timestamp preauth password is incorrect.
* [1334] The KDC now returns a clockskew error when the timestamp in
the encrypted timestamp preauth is out of bounds, rather than just
returning a preauthentcation failure.
* [1342] gawk is no longer required for building kerbsrc.zip for the
Windows build.
* [1346] gss_krb5_ccache_name() no longer attempts to return a pointer
to freed memory.
* [1351] The filename globbing vulnerability [CERT VU#258721] in the
ftp client's handling of filenames beginning with "|" or "-"
returned from the "mget" command has been fixed.
* [1352] GSS_C_PROT_READY_FLAG is no longer asserted inappropriately
during GSSAPI context establishment.
* [1356] krb5_gss_accept_sec_context() no longer attempts to validate
a null credential if one is passed in.
* [1362] The "-a user" option to telnetd now does the right thing.
Thanks to Nathan Neulinger.
* [1363] ksu no longer inappropriately syslogs to stderr.
* [1357] krb__get_srvtab_name() no longer leaks memory.
* [1370] GSS_C_NO_CREDENTIAL now accepts any principal in the keytab.
* [1373] Handling of SAM preauth no longer attempts to stuff a size_t
into an unsigned int.
* [1387] BIND versions later than 8 now supported.
* [1392] The getaddrinfo() wrapper should work better on AIX.
* [1400] If DO_TIME is not set in the auth_context, and no replay
cache is available, no replay cache will be used.
* [1406, 1108] libdb is no longer installed. If you installed
krb5-1.3-alpha1, you should ensure that no spurious libdb is left in
your install tree.
* [1412] ETYPE_INFO handling no longer goes into an infinite loop.
* [1414] libtelnet is now built using the same library build framework
as the rest of the tree.
* [1417] A minor memory leak in krb5_read_password() has been fixed.
* [1419] A memory leak in asn1_decode_kdc_req_body() has been fixed.
* [1435] inet_ntop() is now emulated when needed.
* [1439] krb5_free_pwd_sequences() now correctly frees the entire
sequence of elements.
* [1440] errno is no longer explicitly declared.
* [1441] kadmind should now return useful errors if an unrecognized
version is received in a changepw request.
* [1454, 1480, 1517, 1525] The etype-info2 preauth type is now
supported.
* [1459] (KfM/KLL internal) config file resolution can now be
prevented from accessing the user's homedir.
* [1463] Preauth handling in the KDC has been reorganized.
* [1470] Double-free in client-side preauth code fixed.
* [1473] Ticket forwarding when the TGS and the end service have
different enctypes should work somewhat better now.
* [1474] ASN.1 testsuite memory management has been cleaned up a
little to allow for memory leak checking.
* [1476] Documentation updated to reflect default krb4 mode.
* [1482] RFC-1964 OIDs now provided using the suggested symbolic
names.
* [1483, 1528] KRB5_DEPRECATED is now false by default on all
platforms.
* [1488] The KDC will now return integrity errors if a decryption
error is responsible for preauthentication failure.
* [1492] The autom4te.cache directories are now deleted from the
release tarfiles.
* [1501] Writable keytabs are registered by default.
* [1515] The check for cross-realm TGTs no longer reads past the end
of an array.
* [1518] The kdc_default_options option is now actually honored.
* [1519] The changepw protocol implementation in kadmind now logs
password changes.
* [1520] Documentation of OS-specific build options has been updated.
* [1536] A missing prototype for krb5_db_iterate_ext() has been
added.
* [1537] An incorrect path to kdc.conf show in the kdc.conf manpage
has been fixed.
* [1540] verify_as_reply() will only check the "renew-till" time
against the "till" time if the RENEWABLE is not set in the request.
* [1547] gssftpd no longer uses vfork(), as this was causing problems
under RedHat 9.
* [1549] SRV records with a value of "." are now interpreted as a lack
of support for the protocol.
* [1553] The undocumented (and confusing!) kdc_supported_enctypes
kdc.conf variable is no longer used.
* [1560] Some spurious double-colons in password prompts have been
fixed.
* [1571] The test suite tries a little harder to get a root shell.
* [1573] The KfM build process now sets localstatedir=/var/db.
* [1576, 1575] The client library no longer requests RENEWABLE_OK if
the renew lifetime is greater than the ticket lifetime.
* [1587] A more standard autoconf test to locate the C compiler allows
for gcc to be found by default without additional configuration
arguments.
* [1593] Replay cache filenames are now escaped with hyphens, not
backslashes.
* [1598] MacOS 9 support removed from in-tree com_err.
* [1602] Fixed a memory leak in make_ap_req_v1(). Thanks to Kent Wu.
* [1604] Fixed a memory leak in krb5_gss_init_sec_context(), and an
uninitialized memory reference in kg_unseal_v1(). Thanks to Kent
Wu.
* [1607] kerberos-iv SRV records are now documented.
* [1610] Fixed AES credential delegation under GSSAPI.
* [1618] ms2mit no longer inserts local addresses into tickets
converted from the MS ccache if they began as addressless tickets.
* [1619] etype_info parser (once again) accepts extra field emitted by
Heimdal.
* [1643] Some typos in kdc.conf.M have been fixed.
* [1648] For consistency, leading spaces before preprocessor
directives in profile.h have been removed.
--[ DELETE BEFORE RELEASE ---changes to unreleased code, etc.--- ]--
* [1054] KRB-CRED messages for RC4 are encrypted now.
* [1177] krb5-1-2-2-branch merged onto trunk.
* [1193] Punted comment about reworking key storage architecture.
* [1208] install-headers target implemented.
* [1223] asn1_decode_oid, asn1_encode_oid implemented
* [1248] RC4 is explicitly excluded from combine_keys.
* [1276] Generated dependencies handle --without-krb4 properly now.
* [1339] An inadvertent change to the krb4 get_adm_hst API (strcpy vs
strncpy etc.) has been fixed.
* [1384, 1413] Use of autoconf-2.52 in util/reconf will now cause a
warning.
* [1388] DNS support is turned on in KfM.
* [1391] Fix kadmind startup failure with krb4 vuln patch.
* [1409] get_ad_tkt() now prompts for password if there are no tickets
(in KfM).
* [1447] vts_long() and vts_short() work now.
* [1462] KfM adds exports of set_pw calls.
* [1477] compile_et output not used in err_txt.c.
* [1495] KfM now exports string_to_key_with_params.
* [1512, 1522] afs_string_to_key now works with etype_info2.
* [1514] krb5int_populate_gic_opt returns void now.
* [1521] Using an afs3 salt for an AES key no longer causes
segfaults.
* [1533] krb524.h no longer contains invalid Mac pragmas.
* [1546] krb_mk_req_creds() no longer zeros the session key.
* [1554] The krb4 string-to-key iteration now accounts correctly for
the decrypt-in-place semantics of libdes425.
* [1557] KerberosLoginPrivate.h is now correctly included for the use
of __KLAllowHomeDirectoryAccess() in init_os_ctx.c (for KfM).
* [1558] KfM exports the new krb524 interface.
* [1563] krb__get_srvtaname() no longer returns a pointer that is
free()d upon a subsequent call.
* [1569] A debug statement has been removed from krb524init.
* [1592] Document possible file rename lossage when building against
system libdb.
* [1594] Darwin gets an explicit dependency of err_txt.o on
krb_err.c.
* [1596] Calling conventions, etc. tweaked for KfW build of
krb524.dll.
* [1600] Minor tweaks to README to improve notes on IPv6, etc.
* [1605] Fixed a leak of subkeys in krb5_rd_rep().
* [1630] krb5_get_in_tkt_with_keytab() works now; previously borken by
reimplementation in terms of krb5_get_init_creds().
* [1642] KfM build now inherits CFLAGS and LDFLAGS from parent project.
Copyright Notice and Legal Administrivia
----------------------------------------
Copyright (C) 1985-2004 by the Massachusetts Institute of Technology.
All rights reserved.
Export of this software from the United States of America may require
a specific license from the United States Government. It is the
responsibility of any person or organization contemplating export to
obtain such a license before exporting.
WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
distribute this software and its documentation for any purpose and
without fee is hereby granted, provided that the above copyright
notice appear in all copies and that both that copyright notice and
this permission notice appear in supporting documentation, and that
the name of M.I.T. not be used in advertising or publicity pertaining
to distribution of the software without specific, written prior
permission. Furthermore if you modify this software you must label
your software as modified software and not distribute it in such a
fashion that it might be confused with the original MIT software.
M.I.T. makes no representations about the suitability of this software
for any purpose. It is provided "as is" without express or implied
warranty.
THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
Individual source code files are copyright MIT, Cygnus Support,
OpenVision, Oracle, Sun Soft, FundsXpress, and others.
Project Athena, Athena, Athena MUSE, Discuss, Hesiod, Kerberos, Moira,
and Zephyr are trademarks of the Massachusetts Institute of Technology
(MIT). No commercial use of these trademarks may be made without
prior written permission of MIT.
"Commercial use" means use of a name in a product or other for-profit
manner. It does NOT prevent a commercial firm from referring to the
MIT trademarks in order to convey information (although in doing so,
recognition of their trademark status should be given).
----
The following copyright and permission notice applies to the
OpenVision Kerberos Administration system located in kadmin/create,
kadmin/dbutil, kadmin/passwd, kadmin/server, lib/kadm5, and portions
of lib/rpc:
Copyright, OpenVision Technologies, Inc., 1996, All Rights Reserved
WARNING: Retrieving the OpenVision Kerberos Administration system
source code, as described below, indicates your acceptance of the
following terms. If you do not agree to the following terms, do not
retrieve the OpenVision Kerberos administration system.
You may freely use and distribute the Source Code and Object Code
compiled from it, with or without modification, but this Source
Code is provided to you "AS IS" EXCLUSIVE OF ANY WARRANTY,
INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY OR
FITNESS FOR A PARTICULAR PURPOSE, OR ANY OTHER WARRANTY, WHETHER
EXPRESS OR IMPLIED. IN NO EVENT WILL OPENVISION HAVE ANY LIABILITY
FOR ANY LOST PROFITS, LOSS OF DATA OR COSTS OF PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES, OR FOR ANY SPECIAL, INDIRECT, OR
CONSEQUENTIAL DAMAGES ARISING OUT OF THIS AGREEMENT, INCLUDING,
WITHOUT LIMITATION, THOSE RESULTING FROM THE USE OF THE SOURCE
CODE, OR THE FAILURE OF THE SOURCE CODE TO PERFORM, OR FOR ANY
OTHER REASON.
OpenVision retains all copyrights in the donated Source Code. OpenVision
also retains copyright to derivative works of the Source Code, whether
created by OpenVision or by a third party. The OpenVision copyright
notice must be preserved if derivative works are made based on the
donated Source Code.
OpenVision Technologies, Inc. has donated this Kerberos
Administration system to MIT for inclusion in the standard
Kerberos 5 distribution. This donation underscores our
commitment to continuing Kerberos technology development
and our gratitude for the valuable work which has been
performed by MIT and the Kerberos community.
----
Portions contributed by Matt Crawford <crawdad@fnal.gov> were
work performed at Fermi National Accelerator Laboratory, which is
operated by Universities Research Association, Inc., under
contract DE-AC02-76CHO3000 with the U.S. Department of Energy.
---- The implementation of the Yarrow pseudo-random number generator
in src/lib/crypto/yarrow has the following copyright:
Copyright 2000 by Zero-Knowledge Systems, Inc.
Permission to use, copy, modify, distribute, and sell this software
and its documentation for any purpose is hereby granted without fee,
provided that the above copyright notice appear in all copies and that
both that copyright notice and this permission notice appear in
supporting documentation, and that the name of Zero-Knowledge Systems,
Inc. not be used in advertising or publicity pertaining to
distribution of the software without specific, written prior
permission. Zero-Knowledge Systems, Inc. makes no representations
about the suitability of this software for any purpose. It is
provided "as is" without express or implied warranty.
ZERO-KNOWLEDGE SYSTEMS, INC. DISCLAIMS ALL WARRANTIES WITH REGARD TO
THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND
FITNESS, IN NO EVENT SHALL ZERO-KNOWLEDGE SYSTEMS, INC. BE LIABLE FOR
ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTUOUS ACTION, ARISING OUT
OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
---- The implementation of the AES encryption algorithm in
src/lib/crypto/aes has the following copyright:
Copyright (c) 2001, Dr Brian Gladman <brg@gladman.uk.net>, Worcester, UK.
All rights reserved.
LICENSE TERMS
The free distribution and use of this software in both source and binary
form is allowed (with or without changes) provided that:
1. distributions of this source code include the above copyright
notice, this list of conditions and the following disclaimer;
2. distributions in binary form include the above copyright
notice, this list of conditions and the following disclaimer
in the documentation and/or other associated materials;
3. the copyright holder's name is not used to endorse products
built using this software without specific written permission.
DISCLAIMER
This software is provided 'as is' with no explcit or implied warranties
in respect of any properties, including, but not limited to, correctness
and fitness for purpose.
Acknowledgements
----------------
Appreciation Time!!!! There are far too many people to try to thank
them all; many people have contributed to the development of Kerberos
V5. This is only a partial listing....
Thanks to Paul Vixie and the Internet Software Consortium for funding
the work of Barry Jaspan. This funding was invaluable for the OV
administration server integration, as well as the 1.0 release
preparation process.
Thanks to John Linn, Scott Foote, and all of the folks at OpenVision
Technologies, Inc., who donated their administration server for use in
the MIT release of Kerberos.
Thanks to Jeff Bigler, Mark Eichin, Marc Horowitz, Nancy Gilman, Ken
Raeburn, and all of the folks at Cygnus Support, who provided
innumerable bug fixes and portability enhancements to the Kerberos V5
tree. Thanks especially to Jeff Bigler, for the new user and system
administrator's documentation.
Thanks to Doug Engert from ANL for providing many bug fixes, as well
as testing to ensure DCE interoperability.
Thanks to Ken Hornstein at NRL for providing many bug fixes and
suggestions, and for working on SAM preauthentication.
Thanks to Matt Crawford at FNAL for bugfixes and enhancements.
Thanks to Sean Mullan and Bill Sommerfeld from Hewlett Packard for
their many suggestions and bug fixes.
Thanks to Nalin Dahyabhai of RedHat and Chris Evans for locating and
providing patches for numerous buffer overruns.
Thanks to Christopher Thompson and Marcus Watts for discovering the
ftpd security bug.
Thanks to Paul Nelson of Thursby Software Systems for implementing the
Microsoft set password protocol.
Thanks to the members of the Kerberos V5 development team at MIT, both
past and present: Danilo Almeida, Jeffrey Altman, Jay Berkenbilt,
Richard Basch, Mitch Berger, John Carr, Don Davis, Alexandra Ellwood,
Nancy Gilman, Matt Hancher, Sam Hartman, Paul Hill, Marc Horowitz, Eva
Jacobus, Miroslav Jurisic, Barry Jaspan, Geoffrey King, John Kohl,
Peter Litwack, Scott McGuire, Kevin Mitchell, Cliff Neuman, Paul Park,
Ezra Peisach, Chris Provenzano, Ken Raeburn, Jon Rochlis, Jeff
Schiller, Jen Selby, Brad Thompson, Harry Tsai, Ted Ts'o, Marshall
Vale, Tom Yu.
|