- Kerberos Version 5, Release 1.3.2
+ Kerberos Version 5, Release 1.10
- Release Notes
- The MIT Kerberos Team
+ Release Notes
+ The MIT Kerberos Team
-Unpacking the Source Distribution
----------------------------------
+Copyright and Other Notices
+---------------------------
-The source distribution of Kerberos 5 comes in a gzipped tarfile,
-krb5-1.3.2.tar.gz. Instructions on how to extract the entire
-distribution follow.
+Copyright (C) 1985-2010 by the Massachusetts Institute of Technology
+and its contributors. All rights reserved.
-If you have the GNU tar program and gzip installed, you can simply do:
-
- gtar zxpf krb5-1.3.2.tar.gz
-
-If you don't have GNU tar, you will need to get the FSF gzip
-distribution and use gzcat:
-
- gzcat krb5-1.3.2.tar.gz | tar xpf -
-
-Both of these methods will extract the sources into krb5-1.3.2/src and
-the documentation into krb5-1.3.2/doc.
+Please see the file named NOTICE for additional notices.
Building and Installing Kerberos 5
----------------------------------
and logging in as "guest" with password "guest".
-Major changes in 1.3.2
-----------------------
-
-* [2040, 1471, 2067, 2077, 2079, 2166, 2167, 2220] Support for AES in
- GSSAPI has been implemented. This corresponds to the in-progress
- work in the IETF (CFX).
-
-* [2049, 2139, 2148, 2153, 2182, 2183, 2184, 2190, 2202] Added a new
- ccache type "MSLSA:" for read-only access to the MS Windows LSA
- cache.
-
-* [982] On windows, krb5.exe now has a checkbox to request addressless
- tickets.
-
-* [2189] To avoid compatibility problems, unrecognized TGS options
- will now be ignored.
-
-* [2218] 128-bit AES has been added to the default enctypes.
-
-* [2223] AES cryptosystem now chains IVs. This WILL break backwards
- compatibility for the kcmd applications, if they are using AES
- session keys.
-
-Minor changes in 1.3.2
-----------------------
-
-* [1437] Applied patch from Stephen Grau so kinit returns non-zero
- status under certain failure conditions where it had previously
- returned zero.
-
-* [1586] On Windows, the krb4 CREDENTIALS structure has been changed
- to align with KfW's version of the structure.
-
-* [1613] Applied patch from Dave Shrimpton to avoid truncation of
- dates output from the kadmin CLI when long time zone names are
- used.
-
-* [1622] krshd no longer calls syslog from inside a signal handler, in
- an effort to avoid deadlocks on exit.
-
-* [1649] A com_err test program compiles properly on Darwin now.
-
-* [1692] A new configuration file tag "master_kdc" has been added to
- allow master KDCs to be designated separately from admin servers.
-
-* [1702] krb5_get_host_realm() and krb5_free_host_realm() are no
- longer marked as KRB5_PRIVATE.
-
-* [1711] Applied patch from Harry McGavran Jr to allow fake-addrinfo.h
- to compile on libc5 Linux platforms.
-
-* [1712] Applied patch from Cesar Garcia to fix lifetime computation
- in krb524 ticket conversion.
-
-* [1714] Fixed a 64-bit endianness bug in ticket starttime encoding in
- krb524d. Found by Cesar Garcia.
-
-* [1715] kadmind4 and v5passwdd are no longer installed on Mac OS X.
-
-* [1718] The krb4 library configure script now recognizes
- OpenDarwin/x86. Bug found by Rob Braun.
-
-* [1721] krb5_get_init_creds_password() no longer returns a spurious
- KRB5_REALM_UNKNOWN if DNS SRV record support is turned off.
-
-* [1730] krb_mk_auth() no longer overzealously clears the key
- schedule.
-
-* [1731] A double-free related to reading forwarded credentials has
- been fixed. Found by Joseph Galbraith.
-
-* [1770] Applied patch from Maurice Massar to fix a foreachaddr()
- problem that was causing the KDC to segfault on startup.
-
-* [1790] The Linux build uses $(CC) to create shared libraries,
- avoiding a libgcc problem when building libdb.
-
-* [1792] The lib/kadm5 unit tests now work around a Solaris 9
- pty-close bug.
-
-* [1799] kadmind supports callouts to the Apple password server.
-
-* [1893] KRB-SAFE messages from older releases can now be read
- successfully. Prior 1.3.x releases did not save the encoded
- KRB-SAFE message, and experienced problems when re-encoding. Found
- by Scooter Morris.
-
-* [1962] MS LSA tickets with short remaining lifetimes will be
- rejected in favor of retrieving tickets bypassing the LSA cache.
-
-* [1973] sendto_kdc.c now closes sockets with closesocket() instead of
- close(), avoiding a descriptor leak on Windows.
-
-* [1979] An erroneously short initial sequence number mask has been
- fixed.
-
-* [2028] KfW now displays a kinit dialog when GSS fails to find
- tickets.
-
-* [2051] Missing exports have been added to krb4_32.def on Windows.
-
-* [2058] Some problems with krb4 ticket lifetime backdating have
- fixed.
-
-* [2060] GSSAPI's idea of the default ccache is less sticky now.
-
-* [2068] The profile library includes prof-int.h before conditionals
- that rely on it.
-
-* [2084] The resolver library is no longer referenced by library code
- if not building with DNS SRV record support.
-
-* [2085] Updated Windows README file to reflect current compliation
- requirements, etc.
-
-* [2104] On Windows, only define strcasecmp and strncasecmp
- replacement macros if said functions are missing.
-
-* [2106] Return an error for unimplemented ccache functions, rather
- than calling through a null pointer.
-
-* [2118] Applied patch from Will Fiveash to use correct parameter for
- KDC TCP listening sockets.
-
-* [2144] Memory management errors in the Windows gss.exe test client
- have been fixed.
-
-* [2171] krb5_locate_kpasswd() now correctly calls htons() on the
- kpasswd port number. Found by Arlene Berry.
-
-* [2180] The profile library now includes pthread.h when compiled with
- USE_PTHREADS.
-
-* [2181, 2224] A timeout has been added to gss-server, and a missing
- parameter to sign_server() has been added.
-
-* [2196] config.{guess,sub} have been updated from autoconf-2.59.
-
-* [2204] Windows gss.exe now has support for specifying credentials
- cache, as well as some minor bugfixes.
-
-* [2210] GSSAPI accept_sec_context() no longer unconditionally sets
- INTEG and CONF flags in contradiction to what the initiator sent.
-
-* [2212] The GSS sample application has some additional options to
- support testing of SSPI vs GSSAPI.
-
-* [2217] Windows gss.exe has new UI elements to support more flag
- settings.
-
-* [2225] In the gss sample client, some extraneous parameters have
- been removed from client_establish_context().
-
-Notes, Major Changes, and Known Bugs for 1.3.1
-----------------------------------------------
-
-* [1681] The incorrect encoding of the ETYPE-INFO2 preauthentication
- hint is no longer emitted, and the both the incorrect and the
- correct encodings of ETYPE-INFO2 are now accepted. We STRONGLY
- encourage deploying krb5-1.3.1 in preference to 1.3, especially on
- client installations, as the 1.3 release did not conform to the
- internet-draft for the revised Kerberos protocol in its encoding of
- ETYPE-INFO2.
-
-* [1683] The non-caching getaddrinfo() API on Mac OS X, which was
- causing significant slowdowns under some circumstances, has been
- worked around.
-
-Minor changes in 1.3.1
-----------------------
-
-* [1015] gss_accept_sec_context() now passes correct arguments to
- TREAD_STR() when reading options beyond the forwarded credential
- option. Thanks to Emily Ratliff.
-
-* [1365] The GSSAPI initiator credentials are no longer cached inside
- the GSSAPI library.
-
-* [1651] A buffer overflow in krb_get_admhst() has been fixed.
-
-* [1655] krb5_get_permitted_enctypes() and krb5_set_real_time() are
- now exported for use by Samba.
-
-* [1656] gss_init_sec_context() no longer leaks credentials under some
- error conditions.
-
-* [1657] krb_get_lrealm() no longer returns "ATHENA.MIT.EDU"
- inappropriately.
-
-* [1664] The crypto library no longer has bogus dependencies on
- com_err.
-
-* [1665] krb5_init_context() no longer multiply registers error tables
- when called more than once, preventing a memory leak.
-
-* [1666] The GSS_C_NT_* symbols are now exported from gssapi32.dll on
- Windows.
-
-* [1667] ms2mit now imports any tickets with supported enctypes, and
- does not import invalid tickets.
-
-* [1677] krb5_gss_register_acceptor_identity() no longer has an
- off-by-one in its memory allocation.
-
-* [1679] krb5_principal2salt is now exported on all platforms.
-
-* [1684] The file credentials cache is now supported if USE_CCAPI is
- defined, i.e., for KfM and KfW.
-
-* [1691] Documentation for the obsolete kdc_supported_enctypes config
- variable has been removed.
-
-Notes, Major Changes, and Known Bugs for 1.3
---------------------------------------------
-
-* We now install the compile_et program, so other packages can use the
- installed com_err library with their own error tables. (If you use
- our com_err code, that is; see below.)
-
-* The header files we install now assume ANSI/ISO C ('89, not '99).
- We have stopped testing on SunOS 4, even with gcc. Some of our code
- now has C89-based assumptions, like free(NULL) being well defined,
- that will probably frustrate any attempts to run this code under SunOS
- 4 or other pre-C89 systems.
-
-* Some new code, bug fixes, and cleanup for IPv6 support. Most of the
- code should support IPv6 transparently now. The RPC code (and
- therefore the admin system, which is based on it) does not yet
- support IPv6. The support for Kerberos 4 may work with IPv6 in very
- limited ways, if the address checking is turned off. The FTP client
- and server do not have support for the new protocol messages needed
- for IPv6 support (RFC 2428).
-
-* We have upgraded to autoconf 2.52 (or later), and the syntax for
- specifying certain configuration options have changed. For example,
- autoconf 2.52 configure scripts let you specify command-line options
- like "configure CC=/some/path/foo-cc", so we have removed some of
- our old options like --with-cc in favor of this approach.
-
-* The client libraries can now use TCP to connect to the KDC. This
- may be necessary when talking to Microsoft KDCs (domain controllers),
- if they issue you tickets with lots of PAC data.
-
-* If you have versions of the com_err or ss installed locally, you can
- use the --with-system-et and --with-system-ss configure options to
- use them rather than using the versions supplied here. Note that
- the interfaces are assumed to be similar to those we supply; in
- particular, some older, divergent versions of the com_err library
- may not work with the krb5 sources. Many configure-time variables
- can be used to help the compiler and linker find the installed
- packages; see the build documentation for details.
-
-* The AES cryptosystem has been implemented. However, support in the
- Kerberos GSSAPI mechanism has not been written (or even fully
- specified), so it's not fully enabled. See the documentation for
- details.
-
-Major changes listed by ticket ID
----------------------------------
-
-* [492] PRNG breakage on 64-bit platforms no longer an issue due to
- new PRNG implementation.
-
-* [523] Client library is now compatible with the RC4-based
- cryptosystem used by Windows 2000.
-
-* [709] krb4 long lifetime support has been implemented.
-
-* [880] krb5_gss_register_acceptor_identity() implemented (is called
- gsskrb5_register_acceptor_identity() by Heimdal).
-
-* [1087] ftpd no longer requires channel bindings, allowing easier use
- of ftp from behind a NAT.
-
-* [1156, 1209] It is now possible to use the system com_err to build
- this release.
-
-* [1174] TCP support added to client library.
-
-* [1175] TCP support added to the KDC, but is disabled by default.
-
-* [1176] autoconf-2.5x is now required by the build system.
-
-* [1184] It is now possible to use the system Berkeley/Sleepycat DB
- library to build this release.
-
-* [1189, 1251] The KfM krb4 library source base has been merged.
-
-* [1190] The default KDC master key type is now triple-DES. KDCs
- being updated may need their config files updated if they are not
- already specifying the master key type.
-
-* [1190] The default ticket lifetime and default maximum renewable
- ticket lifetime have been extended to one day and one week,
- respectively.
-
-* [1191] A new script, k5srvutil, may be used to manipulate keytabs in
- ways similar to the krb4 ksrvutil utility.
-
-* [1281] The "fakeka" program, which emulates the AFS kaserver, has
- been integrated. Thanks to Ken Hornstein.
-
-* [1343] The KDC now defaults to not answering krb4 requests.
-
-* [1344] Addressless tickets are requested by default now.
-
-* [1372] There is no longer a need to create a special keytab for
- kadmind. The legacy administration daemons "kadmind4" and
- "v5passwdd" will still require a keytab, though.
-
-* [1377, 1442, 1443] The Microsoft set-password protocol has been
- implemented. Thanks to Paul Nelson.
-
-* [1385, 1395, 1410] The krb4 protocol vulnerabilities
- [MITKRB5-SA-2003-004] have been worked around. Note that this will
- disable krb4 cross-realm functionality, as well as krb4 triple-DES
- functionality. Please see doc/krb4-xrealm.txt for details of the
- patch.
-
-* [1393] The xdrmem integer overflows [MITKRB5-SA-2003-003] have
- been fixed.
-
-* [1397] The krb5_principal buffer bounds problems
- [MITKRB5-SA-2003-005] have been fixed. Thanks to Nalin Dahyabhai.
-
-* [1415] Subsession key negotiation has been fixed to allow for
- server-selected subsession keys in the future.
-
-* [1418, 1429, 1446, 1484, 1486, 1487, 1535, 1621] The AES
- cryptosystem has been implemented. It is not usable for GSSAPI,
- though.
-
-* [1491] The client-side functionality of the krb524 library has been
- moved into the krb5 library.
-
-* [1550] SRV record support exists for Kerberos v4.
-
-* [1551] The heuristic for locating the Kerberos v4 KDC by prepending
- "kerberos." to the realm name if no config file or DNS information
- is available has been removed.
-
-* [1568, 1067] A krb524 stub library is built on Windows.
-
-Minor changes listed by ticket ID
----------------------------------
-
-* [90] default_principal_flags documented.
-
-* [175] Docs refer to appropriate example domains/IPs now.
-
-* [299] kadmin no longer complains about missing kdc.conf parameters
- when it really means krb5.conf parameters.
-
-* [318] Run-time load path for tcl is set now when linking test
- programs.
-
-* [443] --includedir honored now.
-
-* [479] unused argument in try_krb4() in login.c deleted.
-
-* [590] The des_read_pw_string() function in libdes425 has been
- aligned with the original krb4 and CNS APIs.
-
-* [608] login.krb5 handles SIGHUP more sanely now and thus avoids
- getting the session into a weird state w.r.t. job control.
-
-* [620] krb4 encrypted rcp should work a little better now. Thanks to
- Greg Hudson.
-
-* [647] libtelnet/kerberos5.c no longer uses internal include files.
-
-* [673] Weird echoing of admin password in kadmin client worked around
- by not using buffered stdio calls to read passwords.
-
-* [677] The build system has been reworked to allow the user to set
- CFLAGS, LDFLAGS, CPPFLAGS, etc. reasonably.
-
-* [680] Related to [673], rewrite krb5_prompter_posix() to no longer
- use longjmp(), thus avoiding some bugs relating to non-restoration
- of terminal settings.
-
-* [697] login.krb5 no longer zeroes out the terminal window size.
-
-* [710] decomp_ticket() in libkrb4 now looks up the local realm name
- more correctly. Thanks to Booker Bense.
-
-* [771] .rconf files are excluded from the release now.
-
-* [772] LOG_AUTHPRIV syslog facility is now usable for logging on
- systems that support it.
-
-* [844] krshd now syslogs using the LOG_AUTH facility.
-
-* [850] Berekely DB build is better integrated into the krb5 library
- build process.
-
-* [866] lib/krb5/os/localaddr.c and kdc/network.c use a common source
- for local address enumeration now.
-
-* [882] gss-client now correctly deletes the context on error.
-
-* [919] kdc/network.c problems relating to SIOCGIFCONF have been
- fixed.
-
-* [922] An overflow in the string-to-time conversion routines has been
- fixed.
-
-* [933] krb524d now handles single-DES session keys other than of type
- des-cbc-crc.
-
-* [935] des-cbc-md4 now included in default enctypes.
-
-* [939] A minor grammatical error has been fixed in a telnet client
- error message.
-
-* [953] des3 no longer failing on Windows due to SHA1 implementation
- problems.
-
-* [964] kdb_init_hist() no longer fails if master_key_enctype is not
- in supported_enctypes.
-
-* [970] A minor inconsistency in ccache.tex has been fixed.
-
-* [971] option parsing bugs rendered irrelevant by removal of unused
- gss mechanism.
-
-* [976] make install mentioned in build documentation.
-
-* [986] Related to [677], problems with the ordering of LDFLAGS
- initialization rendered irrelevant by use of native autoconf
- idioms.
-
-* [992] Related to [677], quirks with --with-cc no longer relevant as
- AC_PROG_CC is used instead now.
-
-* [999] The kdc_default_options configuration variable is now honored.
- Thanks to Emily Ratliff.
-
-* [1006] Client library, as well as KDC, now perform reasonable
- sorting of ETYPE-INFO preauthentication data.
-
-* [1055] NULL pointer dereferences in code calling
- krb5_change_password() have been fixed.
-
-* [1063] Initial credentials acquisition failures related to client
- host having a large number of local network interfaces should be
- fixed now.
-
-* [1064] Incorrect option parsing in the gssapi library is no longer
- relevant due to removal of the "v2" mechanism.
-
-* [1065, 1225] krb5_get_init_creds_password() should properly warn about
- password expiration.
-
-* [1066] printf() argument mismatches in rpc unit tests fixed.
-
-* [1085] The krb5.conf manpage has been re-synchronized with other
- documentation.
-
-* [1102] gssapi_generic.h should now work with C++.
-
-* [1135] The kadm5 ACL system is better documented.
-
-* [1136] Some documentation for the setup of cross-realm
- authentication has been added.
-
-* [1164] krb5_auth_con_gen_addrs() now properly returns errno instead
- of -1 if getpeername() fails.
-
-* [1173] Address-less forwardable tickets will remain address-less
- when forwarded.
-
-* [1178, 1228, 1244, 1246, 1249] Test suite has been stabilized
- somewhat.
-
-* [1188] As part of the modernization of our usage of autoconf,
- AC_CONFIG_FILES is now used instead of passing a list of files to
- AC_OUTPUT.
-
-* [1194] configure will no longer recurse out of the top of the source
- tree when attempting to locate the top of the source tree.
-
-* [1192] Documentation for the krb5 afs functionality of krb524d has
- been written.
-
-* [1195] Example krb5.conf file modified to include all enctypes
- supported by the release.
-
-* [1202] The KDC no longer rejects unrecognized flags.
-
-* [1203] krb5_get_init_creds_keytab() no longer does a double-free.
-
-* [1211] The ASN.1 code no longer passes (harmless) uninitialized
- values around.
-
-* [1212] libkadm5 now allows for persistent exclusive database locks.
-
-* [1217] krb5_read_password() and des_read_password() are now
- implemented via krb5_prompter_posix().
-
-* [1224] For SAM challenges, omitted optional strings are no longer
- encoded as zero-length strings.
-
-* [1226] Client-side support for SAM hardware-based preauth
- implemented.
-
-* [1229] The keytab search logic no longer fails prematurely if an
- incorrect encryption type is found. Thanks to Wyllys Ingersoll.
-
-* [1232] If the master KDC cannot be resolved, but a slave is
- reachable, the client library now returns the real error from the
- slave rather than the resolution failure from the master. Thanks to
- Ben Cox.
-
-* [1234] Assigned numbers for SAM preauth have been corrected.
- sam-pk-for-sad implementation has been aligned.
-
-* [1237] Profile-sharing optimizations from KfM have been merged.
-
-* [1240] Windows calling conventions for krb5int_c_combine_keys() have
- been aligned.
-
-* [1242] Build system incompatibilities with Debian's chimeric
- autoconf installation have been worked around.
-
-* [1256] Incorrect sizes passed to memset() in combine_keys()
- operations have been corrected.
-
-* [1260] Client credential lookup now gets new service tickets in
- preference to attempting to use expired ticketes. Thanks to Ben
- Cox.
-
-* [1262, 1572] Sequence numbers are now unsigned; negative sequence
- numbers will be accepted for the purposes of backwards
- compatibility.
-
-* [1263] A heuristic for matching the incorrectly encoded sequence
- numbers emitted by Heimdal implementations has been written.
-
-* [1284] kshd accepts connections by IPv6 now.
-
-* [1292] kvno manpage title fixed.
-
-* [1293] Source files no longer explicitly attempt to declare errno.
-
-* [1304] kadmind4 no longer leaves sa_flags uninitialized.
-
-* [1305] Expired tickets now cause KfM to pop up a password dialog.
-
-* [1309] krb5_send_tgs() no longer leaks the storage associated with
- the TGS-REQ.
-
-* [1310] kadm5_get_either() no longer leaks regexp library memory.
-
-* [1311] Output from krb5-config no longer contains spurious uses of
- $(PURE).
-
-* [1324] The KDC no longer logs an inappropriate "no matching key"
- error when an encrypted timestamp preauth password is incorrect.
-
-* [1334] The KDC now returns a clockskew error when the timestamp in
- the encrypted timestamp preauth is out of bounds, rather than just
- returning a preauthentcation failure.
-
-* [1342] gawk is no longer required for building kerbsrc.zip for the
- Windows build.
-
-* [1346] gss_krb5_ccache_name() no longer attempts to return a pointer
- to freed memory.
-
-* [1351] The filename globbing vulnerability [CERT VU#258721] in the
- ftp client's handling of filenames beginning with "|" or "-"
- returned from the "mget" command has been fixed.
-
-* [1352] GSS_C_PROT_READY_FLAG is no longer asserted inappropriately
- during GSSAPI context establishment.
-
-* [1356] krb5_gss_accept_sec_context() no longer attempts to validate
- a null credential if one is passed in.
-
-* [1362] The "-a user" option to telnetd now does the right thing.
- Thanks to Nathan Neulinger.
-
-* [1363] ksu no longer inappropriately syslogs to stderr.
-
-* [1357] krb__get_srvtab_name() no longer leaks memory.
-
-* [1370] GSS_C_NO_CREDENTIAL now accepts any principal in the keytab.
-
-* [1373] Handling of SAM preauth no longer attempts to stuff a size_t
- into an unsigned int.
-
-* [1387] BIND versions later than 8 now supported.
-
-* [1392] The getaddrinfo() wrapper should work better on AIX.
-
-* [1400] If DO_TIME is not set in the auth_context, and no replay
- cache is available, no replay cache will be used.
-
-* [1406, 1108] libdb is no longer installed. If you installed
- krb5-1.3-alpha1, you should ensure that no spurious libdb is left in
- your install tree.
-
-* [1412] ETYPE_INFO handling no longer goes into an infinite loop.
-
-* [1414] libtelnet is now built using the same library build framework
- as the rest of the tree.
-
-* [1417] A minor memory leak in krb5_read_password() has been fixed.
-
-* [1419] A memory leak in asn1_decode_kdc_req_body() has been fixed.
-
-* [1435] inet_ntop() is now emulated when needed.
-
-* [1439] krb5_free_pwd_sequences() now correctly frees the entire
- sequence of elements.
-
-* [1440] errno is no longer explicitly declared.
-
-* [1441] kadmind should now return useful errors if an unrecognized
- version is received in a changepw request.
-
-* [1454, 1480, 1517, 1525] The etype-info2 preauth type is now
- supported.
-
-* [1459] (KfM/KLL internal) config file resolution can now be
- prevented from accessing the user's homedir.
-
-* [1463] Preauth handling in the KDC has been reorganized.
-
-* [1470] Double-free in client-side preauth code fixed.
-
-* [1473] Ticket forwarding when the TGS and the end service have
- different enctypes should work somewhat better now.
-
-* [1474] ASN.1 testsuite memory management has been cleaned up a
- little to allow for memory leak checking.
-
-* [1476] Documentation updated to reflect default krb4 mode.
-
-* [1482] RFC-1964 OIDs now provided using the suggested symbolic
- names.
-
-* [1483, 1528] KRB5_DEPRECATED is now false by default on all
- platforms.
-
-* [1488] The KDC will now return integrity errors if a decryption
- error is responsible for preauthentication failure.
-
-* [1492] The autom4te.cache directories are now deleted from the
- release tarfiles.
-
-* [1501] Writable keytabs are registered by default.
-
-* [1515] The check for cross-realm TGTs no longer reads past the end
- of an array.
-
-* [1518] The kdc_default_options option is now actually honored.
-
-* [1519] The changepw protocol implementation in kadmind now logs
- password changes.
-
-* [1520] Documentation of OS-specific build options has been updated.
-
-* [1536] A missing prototype for krb5_db_iterate_ext() has been
- added.
-
-* [1537] An incorrect path to kdc.conf show in the kdc.conf manpage
- has been fixed.
-
-* [1540] verify_as_reply() will only check the "renew-till" time
- against the "till" time if the RENEWABLE is not set in the request.
-
-* [1547] gssftpd no longer uses vfork(), as this was causing problems
- under RedHat 9.
-
-* [1549] SRV records with a value of "." are now interpreted as a lack
- of support for the protocol.
-
-* [1553] The undocumented (and confusing!) kdc_supported_enctypes
- kdc.conf variable is no longer used.
-
-* [1560] Some spurious double-colons in password prompts have been
- fixed.
-
-* [1571] The test suite tries a little harder to get a root shell.
-
-* [1573] The KfM build process now sets localstatedir=/var/db.
-
-* [1576, 1575] The client library no longer requests RENEWABLE_OK if
- the renew lifetime is greater than the ticket lifetime.
-
-* [1587] A more standard autoconf test to locate the C compiler allows
- for gcc to be found by default without additional configuration
- arguments.
-
-* [1593] Replay cache filenames are now escaped with hyphens, not
- backslashes.
-
-* [1598] MacOS 9 support removed from in-tree com_err.
-
-* [1602] Fixed a memory leak in make_ap_req_v1(). Thanks to Kent Wu.
-
-* [1604] Fixed a memory leak in krb5_gss_init_sec_context(), and an
- uninitialized memory reference in kg_unseal_v1(). Thanks to Kent
- Wu.
-
-* [1607] kerberos-iv SRV records are now documented.
-
-* [1610] Fixed AES credential delegation under GSSAPI.
-
-* [1618] ms2mit no longer inserts local addresses into tickets
- converted from the MS ccache if they began as addressless tickets.
-
-* [1619] etype_info parser (once again) accepts extra field emitted by
- Heimdal.
-
-* [1643] Some typos in kdc.conf.M have been fixed.
-
-* [1648] For consistency, leading spaces before preprocessor
- directives in profile.h have been removed.
-
---[ DELETE BEFORE RELEASE ---changes to unreleased code, etc.--- ]--
-
-* [1054] KRB-CRED messages for RC4 are encrypted now.
-
-* [1177] krb5-1-2-2-branch merged onto trunk.
-
-* [1193] Punted comment about reworking key storage architecture.
-
-* [1208] install-headers target implemented.
-
-* [1223] asn1_decode_oid, asn1_encode_oid implemented
-
-* [1248] RC4 is explicitly excluded from combine_keys.
-
-* [1276] Generated dependencies handle --without-krb4 properly now.
-
-* [1339] An inadvertent change to the krb4 get_adm_hst API (strcpy vs
- strncpy etc.) has been fixed.
-
-* [1384, 1413] Use of autoconf-2.52 in util/reconf will now cause a
- warning.
-
-* [1388] DNS support is turned on in KfM.
-
-* [1391] Fix kadmind startup failure with krb4 vuln patch.
-
-* [1409] get_ad_tkt() now prompts for password if there are no tickets
- (in KfM).
-
-* [1447] vts_long() and vts_short() work now.
-
-* [1462] KfM adds exports of set_pw calls.
-
-* [1477] compile_et output not used in err_txt.c.
-
-* [1495] KfM now exports string_to_key_with_params.
-
-* [1512, 1522] afs_string_to_key now works with etype_info2.
-
-* [1514] krb5int_populate_gic_opt returns void now.
-
-* [1521] Using an afs3 salt for an AES key no longer causes
- segfaults.
-
-* [1533] krb524.h no longer contains invalid Mac pragmas.
-
-* [1546] krb_mk_req_creds() no longer zeros the session key.
-
-* [1554] The krb4 string-to-key iteration now accounts correctly for
- the decrypt-in-place semantics of libdes425.
-
-* [1557] KerberosLoginPrivate.h is now correctly included for the use
- of __KLAllowHomeDirectoryAccess() in init_os_ctx.c (for KfM).
-
-* [1558] KfM exports the new krb524 interface.
-
-* [1563] krb__get_srvtaname() no longer returns a pointer that is
- free()d upon a subsequent call.
-
-* [1569] A debug statement has been removed from krb524init.
-
-* [1592] Document possible file rename lossage when building against
- system libdb.
-
-* [1594] Darwin gets an explicit dependency of err_txt.o on
- krb_err.c.
-
-* [1596] Calling conventions, etc. tweaked for KfW build of
- krb524.dll.
-
-* [1600] Minor tweaks to README to improve notes on IPv6, etc.
-
-* [1605] Fixed a leak of subkeys in krb5_rd_rep().
-
-* [1630] krb5_get_in_tkt_with_keytab() works now; previously borken by
- reimplementation in terms of krb5_get_init_creds().
-
-* [1642] KfM build now inherits CFLAGS and LDFLAGS from parent project.
-
-Copyright Notice and Legal Administrivia
-----------------------------------------
-
-Copyright (C) 1985-2004 by the Massachusetts Institute of Technology.
-
-All rights reserved.
-
-Export of this software from the United States of America may require
-a specific license from the United States Government. It is the
-responsibility of any person or organization contemplating export to
-obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission. Furthermore if you modify this software you must label
-your software as modified software and not distribute it in such a
-fashion that it might be confused with the original MIT software.
-M.I.T. makes no representations about the suitability of this software
-for any purpose. It is provided "as is" without express or implied
-warranty.
-
-THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
-IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
-WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
-
-Individual source code files are copyright MIT, Cygnus Support,
-OpenVision, Oracle, Sun Soft, FundsXpress, and others.
-
-Project Athena, Athena, Athena MUSE, Discuss, Hesiod, Kerberos, Moira,
-and Zephyr are trademarks of the Massachusetts Institute of Technology
-(MIT). No commercial use of these trademarks may be made without
-prior written permission of MIT.
-
-"Commercial use" means use of a name in a product or other for-profit
-manner. It does NOT prevent a commercial firm from referring to the
-MIT trademarks in order to convey information (although in doing so,
-recognition of their trademark status should be given).
-
-----
-
-The following copyright and permission notice applies to the
-OpenVision Kerberos Administration system located in kadmin/create,
-kadmin/dbutil, kadmin/passwd, kadmin/server, lib/kadm5, and portions
-of lib/rpc:
-
- Copyright, OpenVision Technologies, Inc., 1996, All Rights Reserved
-
- WARNING: Retrieving the OpenVision Kerberos Administration system
- source code, as described below, indicates your acceptance of the
- following terms. If you do not agree to the following terms, do not
- retrieve the OpenVision Kerberos administration system.
-
- You may freely use and distribute the Source Code and Object Code
- compiled from it, with or without modification, but this Source
- Code is provided to you "AS IS" EXCLUSIVE OF ANY WARRANTY,
- INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY OR
- FITNESS FOR A PARTICULAR PURPOSE, OR ANY OTHER WARRANTY, WHETHER
- EXPRESS OR IMPLIED. IN NO EVENT WILL OPENVISION HAVE ANY LIABILITY
- FOR ANY LOST PROFITS, LOSS OF DATA OR COSTS OF PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES, OR FOR ANY SPECIAL, INDIRECT, OR
- CONSEQUENTIAL DAMAGES ARISING OUT OF THIS AGREEMENT, INCLUDING,
- WITHOUT LIMITATION, THOSE RESULTING FROM THE USE OF THE SOURCE
- CODE, OR THE FAILURE OF THE SOURCE CODE TO PERFORM, OR FOR ANY
- OTHER REASON.
-
- OpenVision retains all copyrights in the donated Source Code. OpenVision
- also retains copyright to derivative works of the Source Code, whether
- created by OpenVision or by a third party. The OpenVision copyright
- notice must be preserved if derivative works are made based on the
- donated Source Code.
-
- OpenVision Technologies, Inc. has donated this Kerberos
- Administration system to MIT for inclusion in the standard
- Kerberos 5 distribution. This donation underscores our
- commitment to continuing Kerberos technology development
- and our gratitude for the valuable work which has been
- performed by MIT and the Kerberos community.
-
-----
-
- Portions contributed by Matt Crawford <crawdad@fnal.gov> were
- work performed at Fermi National Accelerator Laboratory, which is
- operated by Universities Research Association, Inc., under
- contract DE-AC02-76CHO3000 with the U.S. Department of Energy.
-
----- The implementation of the Yarrow pseudo-random number generator
-in src/lib/crypto/yarrow has the following copyright:
-
-Copyright 2000 by Zero-Knowledge Systems, Inc.
-
-Permission to use, copy, modify, distribute, and sell this software
-and its documentation for any purpose is hereby granted without fee,
-provided that the above copyright notice appear in all copies and that
-both that copyright notice and this permission notice appear in
-supporting documentation, and that the name of Zero-Knowledge Systems,
-Inc. not be used in advertising or publicity pertaining to
-distribution of the software without specific, written prior
-permission. Zero-Knowledge Systems, Inc. makes no representations
-about the suitability of this software for any purpose. It is
-provided "as is" without express or implied warranty.
-
-ZERO-KNOWLEDGE SYSTEMS, INC. DISCLAIMS ALL WARRANTIES WITH REGARD TO
-THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND
-FITNESS, IN NO EVENT SHALL ZERO-KNOWLEDGE SYSTEMS, INC. BE LIABLE FOR
-ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTUOUS ACTION, ARISING OUT
-OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-
----- The implementation of the AES encryption algorithm in
-src/lib/crypto/aes has the following copyright:
-
- Copyright (c) 2001, Dr Brian Gladman <brg@gladman.uk.net>, Worcester, UK.
- All rights reserved.
-
- LICENSE TERMS
-
- The free distribution and use of this software in both source and binary
- form is allowed (with or without changes) provided that:
-
- 1. distributions of this source code include the above copyright
- notice, this list of conditions and the following disclaimer;
-
- 2. distributions in binary form include the above copyright
- notice, this list of conditions and the following disclaimer
- in the documentation and/or other associated materials;
-
- 3. the copyright holder's name is not used to endorse products
- built using this software without specific written permission.
-
- DISCLAIMER
+DES transition
+--------------
- This software is provided 'as is' with no explcit or implied warranties
- in respect of any properties, including, but not limited to, correctness
- and fitness for purpose.
+The Data Encryption Standard (DES) is widely recognized as weak. The
+krb5-1.7 release contains measures to encourage sites to migrate away
+from using single-DES cryptosystems. Among these is a configuration
+variable that enables "weak" enctypes, which defaults to "false"
+beginning with krb5-1.8.
+Major changes in 1.10
+---------------------
+krb5-1.10 changes by ticket ID
+------------------------------
Acknowledgements
----------------
-Appreciation Time!!!! There are far too many people to try to thank
-them all; many people have contributed to the development of Kerberos
-V5. This is only a partial listing....
-
-Thanks to Paul Vixie and the Internet Software Consortium for funding
-the work of Barry Jaspan. This funding was invaluable for the OV
-administration server integration, as well as the 1.0 release
-preparation process.
-
-Thanks to John Linn, Scott Foote, and all of the folks at OpenVision
-Technologies, Inc., who donated their administration server for use in
-the MIT release of Kerberos.
-
-Thanks to Jeff Bigler, Mark Eichin, Marc Horowitz, Nancy Gilman, Ken
-Raeburn, and all of the folks at Cygnus Support, who provided
-innumerable bug fixes and portability enhancements to the Kerberos V5
-tree. Thanks especially to Jeff Bigler, for the new user and system
-administrator's documentation.
-
-Thanks to Doug Engert from ANL for providing many bug fixes, as well
-as testing to ensure DCE interoperability.
-
-Thanks to Ken Hornstein at NRL for providing many bug fixes and
-suggestions, and for working on SAM preauthentication.
-
-Thanks to Matt Crawford at FNAL for bugfixes and enhancements.
-
-Thanks to Sean Mullan and Bill Sommerfeld from Hewlett Packard for
-their many suggestions and bug fixes.
-
-Thanks to Nalin Dahyabhai of RedHat and Chris Evans for locating and
-providing patches for numerous buffer overruns.
-
-Thanks to Christopher Thompson and Marcus Watts for discovering the
-ftpd security bug.
-
-Thanks to Paul Nelson of Thursby Software Systems for implementing the
-Microsoft set password protocol.
-
-Thanks to the members of the Kerberos V5 development team at MIT, both
-past and present: Danilo Almeida, Jeffrey Altman, Jay Berkenbilt,
-Richard Basch, Mitch Berger, John Carr, Don Davis, Alexandra Ellwood,
-Nancy Gilman, Matt Hancher, Sam Hartman, Paul Hill, Marc Horowitz, Eva
-Jacobus, Miroslav Jurisic, Barry Jaspan, Geoffrey King, John Kohl,
-Peter Litwack, Scott McGuire, Kevin Mitchell, Cliff Neuman, Paul Park,
-Ezra Peisach, Chris Provenzano, Ken Raeburn, Jon Rochlis, Jeff
-Schiller, Jen Selby, Brad Thompson, Harry Tsai, Ted Ts'o, Marshall
-Vale, Tom Yu.
+Past and present Sponsors of the MIT Kerberos Consortium:
+
+ Apple
+ Carnegie Mellon University
+ Centrify Corporation
+ Columbia University
+ Cornell University
+ The Department of Defense of the United States of America (DoD)
+ Google
+ Iowa State University
+ MIT
+ Michigan State University
+ Microsoft
+ The National Aeronautics and Space Administration
+ of the United States of America (NASA)
+ Network Appliance (NetApp)
+ Nippon Telephone and Telegraph (NTT)
+ Oracle
+ Pennsylvania State University
+ Red Hat
+ Stanford University
+ TeamF1, Inc.
+ The University of Alaska
+ The University of Michigan
+ The University of Pennsylvania
+
+Past and present members of the Kerberos Team at MIT:
+
+ Danilo Almeida
+ Jeffrey Altman
+ Justin Anderson
+ Richard Basch
+ Mitch Berger
+ Jay Berkenbilt
+ Andrew Boardman
+ Bill Bryant
+ Steve Buckley
+ Joe Calzaretta
+ John Carr
+ Mark Colan
+ Don Davis
+ Alexandra Ellwood
+ Dan Geer
+ Nancy Gilman
+ Matt Hancher
+ Thomas Hardjono
+ Sam Hartman
+ Paul Hill
+ Marc Horowitz
+ Eva Jacobus
+ Miroslav Jurisic
+ Barry Jaspan
+ Geoffrey King
+ Kevin Koch
+ John Kohl
+ HaoQi Li
+ Peter Litwack
+ Scott McGuire
+ Steve Miller
+ Kevin Mitchell
+ Cliff Neuman
+ Paul Park
+ Ezra Peisach
+ Chris Provenzano
+ Ken Raeburn
+ Jon Rochlis
+ Jeff Schiller
+ Jen Selby
+ Robert Silk
+ Bill Sommerfeld
+ Jennifer Steiner
+ Ralph Swick
+ Brad Thompson
+ Harry Tsai
+ Zhanna Tsitkova
+ Ted Ts'o
+ Marshall Vale
+ Tom Yu
+
+The following external contributors have provided code, patches, bug
+reports, suggestions, and valuable resources:
+
+ Brandon Allbery
+ Russell Allbery
+ Brian Almeida
+ Michael B Allen
+ Derek Atkins
+ David Bantz
+ Alex Baule
+ Arlene Berry
+ Jeff Blaine
+ Radoslav Bodo
+ Emmanuel Bouillon
+ Michael Calmer
+ Ravi Channavajhala
+ Srinivas Cheruku
+ Leonardo Chiquitto
+ Howard Chu
+ Andrea Cirulli
+ Christopher D. Clausen
+ Kevin Coffman
+ Simon Cooper
+ Sylvain Cortes
+ Nalin Dahyabhai
+ Roland Dowdeswell
+ Jason Edgecombe
+ Mark Eichin
+ Shawn M. Emery
+ Douglas E. Engert
+ Peter Eriksson
+ Ronni Feldt
+ Bill Fellows
+ JC Ferguson
+ William Fiveash
+ Ákos Frohner
+ Marcus Granado
+ Scott Grizzard
+ Helmut Grohne
+ Steve Grubb
+ Philip Guenther
+ Dominic Hargreaves
+ Jakob Haufe
+ Jeff Hodges
+ Love Hörnquist Åstrand
+ Ken Hornstein
+ Henry B. Hotz
+ Luke Howard
+ Jakub Hrozek
+ Shumon Huque
+ Jeffrey Hutzelman
+ Wyllys Ingersoll
+ Holger Isenberg
+ Pavel Jindra
+ Joel Johnson
+ Mikkel Kruse
+ Volker Lendecke
+ Jan iankko Lieskovsky
+ Ryan Lynch
+ Franklyn Mendez
+ Markus Moeller
+ Paul Moore
+ Zbysek Mraz
+ Edward Murrell
+ Nikos Nikoleris
+ Dmitri Pal
+ Javier Palacios
+ Ezra Peisach
+ W. Michael Petullo
+ Mark Phalan
+ Robert Relyea
+ Martin Rex
+ Jason Rogers
+ Mike Roszkowski
+ Guillaume Rousse
+ Tom Shaw
+ Peter Shoults
+ Simo Sorce
+ Michael Ströder
+ Bjørn Tore Sund
+ Rathor Vipin
+ Jorgen Wahlsten
+ Max (Weijun) Wang
+ John Washington
+ Marcus Watts
+ Simon Wilkinson
+ Nicolas Williams
+ Ross Wilper
+ Xu Qiang
+ Hanz van Zijst
+
+The above is not an exhaustive list; many others have contributed in
+various ways to the MIT Kerberos development effort over the years.
+Other acknowledgments (for bug reports and patches) are in the
+doc/CHANGES file.