X-Git-Url: http://git.tremily.us/?a=blobdiff_plain;f=README;h=c28332ba6a85150761deb017c82c8fde3cd01078;hb=13d6cc6b2daf518a6a141e60cac29d67fe05e2b7;hp=8bb95a6054cf635aec9ba1bc0dad24273467a81e;hpb=e4e058f63c1e116bbf92d677bda2a86c6397508f;p=krb5.git diff --git a/README b/README index 8bb95a605..c28332ba6 100644 --- a/README +++ b/README @@ -1,43 +1,15 @@ -these were the - Kerberos Version 5, Release 1.2 + Kerberos Version 5, Release 1.10 - Release Notes -which are be updated for the next release by - The MIT Kerberos Team + Release Notes + The MIT Kerberos Team -Unpacking the Source Distribution ---------------------------------- +Copyright and Other Notices +--------------------------- -The source distribution of Kerberos 5 comes in three gzipped tarfiles, -krb5-1.2.src.tar.gz, krb5-1.2.doc.tar.gz, and krb5-1.2.crypto.tar.gz. -The krb5-1.2.doc.tar.gz contains the doc/ directory and this README -file. The krb5-1.2.src.tar.gz contains the src/ directory and this -README file, except for the crypto library sources, which are in -krb5-1.2.crypto.tar.gz. +Copyright (C) 1985-2010 by the Massachusetts Institute of Technology +and its contributors. All rights reserved. -Instruction on how to extract the entire distribution follow. These -directions assume that you want to extract into a directory called -DIST. - -If you have the GNU tar program and gzip installed, you can simply do: - - mkdir DIST - cd DIST - gtar zxpf krb5-1.2.src.tar.gz - gtar zxpf krb5-1.2.crypto.tar.gz - gtar zxpf krb5-1.2.doc.tar.gz - -If you don't have GNU tar, you will need to get the FSF gzip -distribution and use gzcat: - - mkdir DIST - cd DIST - gzcat krb5-1.2.src.tar.gz | tar xpf - - gzcat krb5-1.2.crypto.tar.gz | tar xpf - - gzcat krb5-1.2.doc.tar.gz | tar xpf - - -Both of these methods will extract the sources into DIST/krb5-1.2/src -and the documentation into DIST/krb5-1.2/doc. +Please see the file named NOTICE for additional notices. Building and Installing Kerberos 5 ---------------------------------- @@ -70,364 +42,201 @@ If you are not able to use krb5-send-pr because you haven't been able compile and install Kerberos V5 on any platform, you may send mail to krb5-bugs@mit.edu. -Notes, Major Changes, and Known Bugs for 1.3 ------------------------------------- - -* We now install the compile_et program, so other packages can use the - installed com_err library with their own error tables. - -* The header files we install now assume ANSI/ISO C ('89, not '99). - If you're using a pre-ANSI system, like SunOS 4, try using gcc. In - fact, SunOS 4 with gcc is what we use at MIT as the oldest pre-POSIX - system we test against, and even that testing is fairly minimal. - -* Some new code, bug fixes, and cleanup for IPv6 support. [[TODO: - Insert list of (non-)supporting programs and libraries here.]] - -Notes, Major Changes, and Known Bugs for 1.2, delete before shipping 1.3 ------------------------------------- - -* Triple DES support, for session keys as well as user or service - keys, should be nearly complete in this release. Much of the work - that has been needed is generic multiple-cryptosystem support, so - the addition of another cryptosystem should be much easier. - - * GSSAPI support for 3DES has been added. An Internet Draft is - being worked on that will describe how this works; it is not - currently standardized. Some backwards-compatibility issues in - this area mean that enabling 3DES support must be done with - caution; service keys that are used for GSSAPI must not be updated - to 3DES until the services themselves are upgraded to support 3DES - under GSSAPI. - -* DNS support for locating KDCs is enabled by default. DNS support - for looking up the realm of a host is compiled in but disabled by - default (due to some concerns with DNS spoofing). - - We recommend that you publish your KDC information through DNS even - if you intend to rely on config files at your own site; otherwise, - sites that wish to communicate with you will have to keep their - config files updated with your information. One of the goals of - this code is to reduce the client-side configuration maintenance - requirements as much as is possible, without compromising security. - - See the administrator's guide for information on setting up DNS - information for your realm. - - One important effect of this for developers is that on many systems, - "-lresolv" must be added to the compiler command line when linking - Kerberos programs. - - Configure-time options are available to control the inclusion of the - DNS code and the setting of the defaults. Entries in krb5.conf will - also modify the behavior if the code has been compiled in. - -* Numerous buffer-overrun problems have been found and fixed. Many of - these were in locations we don't expect can be exploited in any - useful way (for example, overrunning a buffer of MAXPATHLEN bytes if - a compiled-in pathname is too long, in a program that has no special - privileges). It may be possible to exploit a few of these to - compromise system security. - -* Partial support for IPv6 addresses has been added. It can be - enabled or disabled at configure time with --enable-ipv6 or - --disable-ipv6; by default, the configure script will search for - certain types and macros, and enable the IPv6 code if they're found. - The IPv6 support at this time mostly consists of including the - addresses in credentials. - -* A protocol change has been made to the "rcmd" suite (rlogin, rsh, - rcp) to address several security problems described in Kris - Hildrum's paper presented at NDSS 2000. New command-line options - have been added to control the selection of protocol, since the - revised protocol is not compatible with the old one. - -* A security problem in login.krb5 has been fixed. This problem was - only present if the krb4 compatibility code was not compiled in. - -* A security problem with ftpd has been fixed. An error in the in the - yacc grammar permitted potential root access. - -* The client programs kinit, klist and kdestroy have been changed to - incorporate krb4 support. New command-line options control whether - krb4 behavior, krb5 behavior, or both are used. - -* Patches from Frank Cusack for much better hardware preauth support - have been incorporated. - -* Patches from Matt Crawford extend the kadmin ACL syntax so that - restrictions can be imposed on what certain administrators may do to - certain accounts. - -* A KDC on a host with multiple network addresses will now respond to - a client from the address that the client used to contact it. The - means used to implement this will however cause the KDC not to - listen on network addresses configured after the KDC has started. - -Minor changes -------------- - -* New software using com_err should use the {add,remove}_error_table - interface rather than init_XXX_error_table; in fact, the latter - function in the generate C files will now call add_error_table - instead of messing with unprotected global variables. - - Karl Ramm has offered to look into reconciling the various - extensions and changes that have been made in different versions of - the MIT library, and the API used in the Heimdal equivalent. No - timeline is set for this work. - -* Some source files (including some header files we install) now have - annotations for use with the LCLint package from the University of - Virginia. LCLint, as of version 2.5q, is not capable of handling - much of the Kerberos code in its current form, at least not without - significantly restructuring the Kerberos code, but it has been used - in limited cases and has uncovered some bugs. We may try adding - more annotations in the future. - -Minor changes for 1.2, delete this section before shipping 1.3 -------------- - -* The shell code for searching for the Tcl package at configure time - has been modified. If a tclConfig.sh can be found, the information - it contains is used, otherwise the old searching method is tried. - Let us know if this new scheme causes any problems. - -* Shared library builds may work on HPUX, Rhapsody/MacOS X, and newer - Alpha systems now. - -* The Windows build will now include kvno and gss-sample. - -* The routine krb5_secure_config_files has been disabled. A new - routine, krb5_init_secure_context, has been added in its place. - -* The routine decode_krb5_ticket is now being exported as - krb5_decode_ticket. Any programs that used the old name (which - should be few) should be changed to use the new name; we will - probably eliminate the old name in the future. - -* The CCAPI-based credentials cache code has been changed to store the - local-clock time of issue and expiration rather than the KDC-clock - times. - -* On systems with large numbers of IP addresses, "kinit" should do a - better job of acquiring those addresses to put in the user's - credentials. - -* Several memory leaks in error cases in the gssrpc code have been - fixed. - -* A bug with login clobbering some internal static storage on AIX has - been fixed. - -* Per-library initialization and cleanup functions have been added, - for use in configurations that dynamically load and unload these - libraries. - -* Many compile-time warnings have been fixed. - -* The GSS sample programs have been updated to exercise more of the - API. +You may view bug reports by visiting -* The telnet server should produce a more meaningful error message if - authentication is required but not provided. +http://krbdev.mit.edu/rt/ -* Changes have been made to ksu to make it more difficult to use it to - leak information the user does not have access to. +and logging in as "guest" with password "guest". -* The sample config file information for the CYGNUS.COM realm has been - updated, and the GNU.ORG realm has been added. - -* A configure-time option has been added to enable a replay cache in - the KDC. We recommend its use when hardware preauthentication is - being used. It is enabled by default, and can be disabled if - desired with the configure-time option --disable-kdc-replay-cache. - -* Some new routines have been added to the library and krb5.h. - -* A new routine has been added to the prompter interface to allow the - application to determine which of the strings prompted for is the - user's password, in case it is needed for other purposes. - -* The remote kadmin interface has been enhanced to support the - specification of key/salt types for a principal. - -* New keytab entries' key values can now be specified manually with a - new command in the ktutil program. - -* A longstanding bug where certain krb4 exchanges using the - compatibility library between systems with different byte orders - would fail half the time has been fixed. - -* A source file under the GPL has been replaced with an equivalent - under the BSD license. The file, strftime.c, was part of one of the - OpenVision admin system applications, and was only used on systems - that don't have strftime() in their C libraries. - -* Many bug reports are still outstanding in our database. We are - continuing to work on this backlog. - - -Copyright Notice and Legal Administrivia ----------------------------------------- - -Copyright (C) 1985-2000 by the Massachusetts Institute of Technology. - -All rights reserved. - -Export of this software from the United States of America may require -a specific license from the United States Government. It is the -responsibility of any person or organization contemplating export to -obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. Furthermore if you modify this software you must label -your software as modified software and not distribute it in such a -fashion that it might be confused with the original MIT software. -M.I.T. makes no representations about the suitability of this software -for any purpose. It is provided "as is" without express or implied -warranty. - -THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR -IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED -WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - -Individual source code files are copyright MIT, Cygnus Support, -OpenVision, Oracle, Sun Soft, FundsXpress, and others. - -Project Athena, Athena, Athena MUSE, Discuss, Hesiod, Kerberos, Moira, -and Zephyr are trademarks of the Massachusetts Institute of Technology -(MIT). No commercial use of these trademarks may be made without -prior written permission of MIT. - -"Commercial use" means use of a name in a product or other for-profit -manner. It does NOT prevent a commercial firm from referring to the -MIT trademarks in order to convey information (although in doing so, -recognition of their trademark status should be given). - ----- - -The following copyright and permission notice applies to the -OpenVision Kerberos Administration system located in kadmin/create, -kadmin/dbutil, kadmin/passwd, kadmin/server, lib/kadm5, and portions -of lib/rpc: - - Copyright, OpenVision Technologies, Inc., 1996, All Rights Reserved - - WARNING: Retrieving the OpenVision Kerberos Administration system - source code, as described below, indicates your acceptance of the - following terms. If you do not agree to the following terms, do not - retrieve the OpenVision Kerberos administration system. - - You may freely use and distribute the Source Code and Object Code - compiled from it, with or without modification, but this Source - Code is provided to you "AS IS" EXCLUSIVE OF ANY WARRANTY, - INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY OR - FITNESS FOR A PARTICULAR PURPOSE, OR ANY OTHER WARRANTY, WHETHER - EXPRESS OR IMPLIED. IN NO EVENT WILL OPENVISION HAVE ANY LIABILITY - FOR ANY LOST PROFITS, LOSS OF DATA OR COSTS OF PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES, OR FOR ANY SPECIAL, INDIRECT, OR - CONSEQUENTIAL DAMAGES ARISING OUT OF THIS AGREEMENT, INCLUDING, - WITHOUT LIMITATION, THOSE RESULTING FROM THE USE OF THE SOURCE - CODE, OR THE FAILURE OF THE SOURCE CODE TO PERFORM, OR FOR ANY - OTHER REASON. - - OpenVision retains all copyrights in the donated Source Code. OpenVision - also retains copyright to derivative works of the Source Code, whether - created by OpenVision or by a third party. The OpenVision copyright - notice must be preserved if derivative works are made based on the - donated Source Code. - - OpenVision Technologies, Inc. has donated this Kerberos - Administration system to MIT for inclusion in the standard - Kerberos 5 distribution. This donation underscores our - commitment to continuing Kerberos technology development - and our gratitude for the valuable work which has been - performed by MIT and the Kerberos community. - ----- - - Portions contributed by Matt Crawford were - work performed at Fermi National Accelerator Laboratory, which is - operated by Universities Research Association, Inc., under - contract DE-AC02-76CHO3000 with the U.S. Department of Energy. - ----- The implementation of the Yarrow pseudo-random number generator -in src/lib/crypto/yarrow has the following copyright: - -Copyright 2000 by Zero-Knowledge Systems, Inc. - -Permission to use, copy, modify, distribute, and sell this software -and its documentation for any purpose is hereby granted without fee, -provided that the above copyright notice appear in all copies and that -both that copyright notice and this permission notice appear in -supporting documentation, and that the name of Zero-Knowledge Systems, -Inc. not be used in advertising or publicity pertaining to -distribution of the software without specific, written prior -permission. Zero-Knowledge Systems, Inc. makes no representations -about the suitability of this software for any purpose. It is -provided "as is" without express or implied warranty. +DES transition +-------------- -ZERO-KNOWLEDGE SYSTEMS, INC. DISCLAIMS ALL WARRANTIES WITH REGARD TO -THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND -FITNESS, IN NO EVENT SHALL ZERO-KNOWLEDGE SYSTEMS, INC. BE LIABLE FOR -ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTUOUS ACTION, ARISING OUT -OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. +The Data Encryption Standard (DES) is widely recognized as weak. The +krb5-1.7 release contains measures to encourage sites to migrate away +from using single-DES cryptosystems. Among these is a configuration +variable that enables "weak" enctypes, which defaults to "false" +beginning with krb5-1.8. +Major changes in 1.10 +--------------------- +krb5-1.10 changes by ticket ID +------------------------------ Acknowledgements ---------------- -Appreciation Time!!!! There are far too many people to try to thank -them all; many people have contributed to the development of Kerberos -V5. This is only a partial listing.... - -Thanks to Paul Vixie and the Internet Software Consortium for funding -the work of Barry Jaspan. This funding was invaluable for the OV -administration server integration, as well as the 1.0 release -preparation process. - -Thanks to John Linn, Scott Foote, and all of the folks at OpenVision -Technologies, Inc., who donated their administration server for use in -the MIT release of Kerberos. - -Thanks to Jeff Bigler, Mark Eichin, Marc Horowitz, Nancy Gilman, Ken -Raeburn, and all of the folks at Cygnus Support, who provided -innumerable bug fixes and portability enhancements to the Kerberos V5 -tree. Thanks especially to Jeff Bigler, for the new user and system -administrator's documentation. - -Thanks to Doug Engert from ANL for providing many bug fixes, as well -as testing to ensure DCE interoperability. - -Thanks to Ken Hornstein at NRL for providing many bug fixes and -suggestions. - -Thanks to Matt Crawford at FNAL for bugfixes and enhancements. - -Thanks to Sean Mullan and Bill Sommerfeld from Hewlett Packard for -their many suggestions and bug fixes. - -Thanks to Nalin Dahyabhai of RedHat and Chris Evans for locating and -providing patches for numerous buffer overruns. - -Thanks to Christopher Thompson and Marcus Watts for discovering the -ftpd security bug. - -Thanks to the members of the Kerberos V5 development team at MIT, both -past and present: Danilo Almeida, Jay Berkenbilt, Richard Basch, John -Carr, Don Davis, Alexandra Ellwood, Nancy Gilman, Matt Hancher, Sam -Hartman, Paul Hill, Marc Horowitz, Eva Jacobus, Miroslav Jurisic, -Barry Jaspan, Geoffrey King, John Kohl, Peter Litwack, Scott McGuire, -Kevin Mitchell, Cliff Neuman, Paul Park, Ezra Peisach, Chris -Provenzano, Ken Raeburn, Jon Rochlis, Jeff Schiller, Brad Thompson, -Harry Tsai, Ted Ts'o, Marshall Vale, Tom Yu. +Past and present Sponsors of the MIT Kerberos Consortium: + + Apple + Carnegie Mellon University + Centrify Corporation + Columbia University + Cornell University + The Department of Defense of the United States of America (DoD) + Google + Iowa State University + MIT + Michigan State University + Microsoft + The National Aeronautics and Space Administration + of the United States of America (NASA) + Network Appliance (NetApp) + Nippon Telephone and Telegraph (NTT) + Oracle + Pennsylvania State University + Red Hat + Stanford University + TeamF1, Inc. + The University of Alaska + The University of Michigan + The University of Pennsylvania + +Past and present members of the Kerberos Team at MIT: + + Danilo Almeida + Jeffrey Altman + Justin Anderson + Richard Basch + Mitch Berger + Jay Berkenbilt + Andrew Boardman + Bill Bryant + Steve Buckley + Joe Calzaretta + John Carr + Mark Colan + Don Davis + Alexandra Ellwood + Dan Geer + Nancy Gilman + Matt Hancher + Thomas Hardjono + Sam Hartman + Paul Hill + Marc Horowitz + Eva Jacobus + Miroslav Jurisic + Barry Jaspan + Geoffrey King + Kevin Koch + John Kohl + HaoQi Li + Peter Litwack + Scott McGuire + Steve Miller + Kevin Mitchell + Cliff Neuman + Paul Park + Ezra Peisach + Chris Provenzano + Ken Raeburn + Jon Rochlis + Jeff Schiller + Jen Selby + Robert Silk + Bill Sommerfeld + Jennifer Steiner + Ralph Swick + Brad Thompson + Harry Tsai + Zhanna Tsitkova + Ted Ts'o + Marshall Vale + Tom Yu + +The following external contributors have provided code, patches, bug +reports, suggestions, and valuable resources: + + Brandon Allbery + Russell Allbery + Brian Almeida + Michael B Allen + Derek Atkins + David Bantz + Alex Baule + Arlene Berry + Jeff Blaine + Radoslav Bodo + Emmanuel Bouillon + Michael Calmer + Ravi Channavajhala + Srinivas Cheruku + Leonardo Chiquitto + Howard Chu + Andrea Cirulli + Christopher D. Clausen + Kevin Coffman + Simon Cooper + Sylvain Cortes + Nalin Dahyabhai + Roland Dowdeswell + Jason Edgecombe + Mark Eichin + Shawn M. Emery + Douglas E. Engert + Peter Eriksson + Ronni Feldt + Bill Fellows + JC Ferguson + William Fiveash + Ákos Frohner + Marcus Granado + Scott Grizzard + Helmut Grohne + Steve Grubb + Philip Guenther + Dominic Hargreaves + Jakob Haufe + Jeff Hodges + Love Hörnquist Åstrand + Ken Hornstein + Henry B. Hotz + Luke Howard + Jakub Hrozek + Shumon Huque + Jeffrey Hutzelman + Wyllys Ingersoll + Holger Isenberg + Pavel Jindra + Joel Johnson + Mikkel Kruse + Volker Lendecke + Jan iankko Lieskovsky + Ryan Lynch + Franklyn Mendez + Markus Moeller + Paul Moore + Zbysek Mraz + Edward Murrell + Nikos Nikoleris + Dmitri Pal + Javier Palacios + Ezra Peisach + W. Michael Petullo + Mark Phalan + Robert Relyea + Martin Rex + Jason Rogers + Mike Roszkowski + Guillaume Rousse + Tom Shaw + Peter Shoults + Simo Sorce + Michael Ströder + Bjørn Tore Sund + Rathor Vipin + Jorgen Wahlsten + Max (Weijun) Wang + John Washington + Marcus Watts + Simon Wilkinson + Nicolas Williams + Ross Wilper + Xu Qiang + Hanz van Zijst + +The above is not an exhaustive list; many others have contributed in +various ways to the MIT Kerberos development effort over the years. +Other acknowledgments (for bug reports and patches) are in the +doc/CHANGES file.