X-Git-Url: http://git.tremily.us/?a=blobdiff_plain;f=README;h=c28332ba6a85150761deb017c82c8fde3cd01078;hb=34535574e95c1003ea63540fbf8c2c62fe155e02;hp=13802a8f9e9b6e60b5772c619d8ac935ea334545;hpb=63a8ab15aa5ee116b26a50c073fe8ee33e147cbd;p=krb5.git diff --git a/README b/README index 13802a8f9..c28332ba6 100644 --- a/README +++ b/README @@ -1,26 +1,15 @@ - Kerberos Version 5, Release 1.5 + Kerberos Version 5, Release 1.10 - Release Notes - The MIT Kerberos Team + Release Notes + The MIT Kerberos Team -Unpacking the Source Distribution ---------------------------------- +Copyright and Other Notices +--------------------------- -The source distribution of Kerberos 5 comes in a gzipped tarfile, -krb5-1.5.tar.gz. Instructions on how to extract the entire -distribution follow. +Copyright (C) 1985-2010 by the Massachusetts Institute of Technology +and its contributors. All rights reserved. -If you have the GNU tar program and gzip installed, you can simply do: - - gtar zxpf krb5-1.5.tar.gz - -If you don't have GNU tar, you will need to get the FSF gzip -distribution and use gzcat: - - gzcat krb5-1.5.tar.gz | tar xpf - - -Both of these methods will extract the sources into krb5-1.5/src and -the documentation into krb5-1.5/doc. +Please see the file named NOTICE for additional notices. Building and Installing Kerberos 5 ---------------------------------- @@ -59,276 +48,195 @@ http://krbdev.mit.edu/rt/ and logging in as "guest" with password "guest". -Major changes in 1.5 ----------------------- - -Merged to the trunk and included in this alpha release: - -* plug-in architecture (in-progress) - -Not yet merged to the trunk, thus not included in this alpha release: - -* LDAP plug-in for KDB - -* multi-mechanism GSS-API implementation - -* SPNEGO implementation - -Minor changes in 1.5 ----------------------- - -For a list of bugs fixed in krb5-1.5, please consult - -http://krbdev.mit.edu/rt/NoAuth/krb5-1.5/fixed-1.5.html - -Copyright Notice and Legal Administrivia ----------------------------------------- - -Copyright (C) 1985-2006 by the Massachusetts Institute of Technology. - -All rights reserved. - -Export of this software from the United States of America may require -a specific license from the United States Government. It is the -responsibility of any person or organization contemplating export to -obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. Furthermore if you modify this software you must label -your software as modified software and not distribute it in such a -fashion that it might be confused with the original MIT software. -M.I.T. makes no representations about the suitability of this software -for any purpose. It is provided "as is" without express or implied -warranty. - -THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR -IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED -WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - -Individual source code files are copyright MIT, Cygnus Support, -Novell, OpenVision, Oracle, Redhat, Sun Soft, FundsXpress, and others. - -Project Athena, Athena, Athena MUSE, Discuss, Hesiod, Kerberos, Moira, -and Zephyr are trademarks of the Massachusetts Institute of Technology -(MIT). No commercial use of these trademarks may be made without -prior written permission of MIT. - -"Commercial use" means use of a name in a product or other for-profit -manner. It does NOT prevent a commercial firm from referring to the -MIT trademarks in order to convey information (although in doing so, -recognition of their trademark status should be given). - ----- - -The following copyright and permission notice applies to the -OpenVision Kerberos Administration system located in kadmin/create, -kadmin/dbutil, kadmin/passwd, kadmin/server, lib/kadm5, and portions -of lib/rpc: - - Copyright, OpenVision Technologies, Inc., 1996, All Rights Reserved - - WARNING: Retrieving the OpenVision Kerberos Administration system - source code, as described below, indicates your acceptance of the - following terms. If you do not agree to the following terms, do not - retrieve the OpenVision Kerberos administration system. - - You may freely use and distribute the Source Code and Object Code - compiled from it, with or without modification, but this Source - Code is provided to you "AS IS" EXCLUSIVE OF ANY WARRANTY, - INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY OR - FITNESS FOR A PARTICULAR PURPOSE, OR ANY OTHER WARRANTY, WHETHER - EXPRESS OR IMPLIED. IN NO EVENT WILL OPENVISION HAVE ANY LIABILITY - FOR ANY LOST PROFITS, LOSS OF DATA OR COSTS OF PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES, OR FOR ANY SPECIAL, INDIRECT, OR - CONSEQUENTIAL DAMAGES ARISING OUT OF THIS AGREEMENT, INCLUDING, - WITHOUT LIMITATION, THOSE RESULTING FROM THE USE OF THE SOURCE - CODE, OR THE FAILURE OF THE SOURCE CODE TO PERFORM, OR FOR ANY - OTHER REASON. - - OpenVision retains all copyrights in the donated Source Code. OpenVision - also retains copyright to derivative works of the Source Code, whether - created by OpenVision or by a third party. The OpenVision copyright - notice must be preserved if derivative works are made based on the - donated Source Code. - - OpenVision Technologies, Inc. has donated this Kerberos - Administration system to MIT for inclusion in the standard - Kerberos 5 distribution. This donation underscores our - commitment to continuing Kerberos technology development - and our gratitude for the valuable work which has been - performed by MIT and the Kerberos community. - ----- - - Portions contributed by Matt Crawford were - work performed at Fermi National Accelerator Laboratory, which is - operated by Universities Research Association, Inc., under - contract DE-AC02-76CHO3000 with the U.S. Department of Energy. - ----- The implementation of the Yarrow pseudo-random number generator -in src/lib/crypto/yarrow has the following copyright: - -Copyright 2000 by Zero-Knowledge Systems, Inc. - -Permission to use, copy, modify, distribute, and sell this software -and its documentation for any purpose is hereby granted without fee, -provided that the above copyright notice appear in all copies and that -both that copyright notice and this permission notice appear in -supporting documentation, and that the name of Zero-Knowledge Systems, -Inc. not be used in advertising or publicity pertaining to -distribution of the software without specific, written prior -permission. Zero-Knowledge Systems, Inc. makes no representations -about the suitability of this software for any purpose. It is -provided "as is" without express or implied warranty. - -ZERO-KNOWLEDGE SYSTEMS, INC. DISCLAIMS ALL WARRANTIES WITH REGARD TO -THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND -FITNESS, IN NO EVENT SHALL ZERO-KNOWLEDGE SYSTEMS, INC. BE LIABLE FOR -ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTUOUS ACTION, ARISING OUT -OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - ----- The implementation of the AES encryption algorithm in -src/lib/crypto/aes has the following copyright: - - Copyright (c) 2001, Dr Brian Gladman , Worcester, UK. - All rights reserved. - - LICENSE TERMS - - The free distribution and use of this software in both source and binary - form is allowed (with or without changes) provided that: - - 1. distributions of this source code include the above copyright - notice, this list of conditions and the following disclaimer; - - 2. distributions in binary form include the above copyright - notice, this list of conditions and the following disclaimer - in the documentation and/or other associated materials; - - 3. the copyright holder's name is not used to endorse products - built using this software without specific written permission. - - DISCLAIMER - - This software is provided 'as is' with no explcit or implied warranties - in respect of any properties, including, but not limited to, correctness - and fitness for purpose. - ----Code, including the preauthentication plugins contains the following copyright: - Copyright (c) 2006 Red Hat, Inc. - Portions copyright (c) 2006 Massachusetts Institute of Technology - All Rights Reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. - Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in - the documentation and/or other materials provided with the - distribution. - Neither the name of Red Hat, Inc., nor the names of its - contributors may be used to endorse or promote products derived - from this software without specific prior written permission. - - - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS - IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED - TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A - PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER - OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, - PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR - PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF - LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING - NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS - SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - ---- The implementations of GSSAPI mechglue in GSSAPI-SPNEGO in - src/lib/gssapi, including the following files: - -lib/gssapi/generic/gssapi_err_generic.et -lib/gssapi/mechglue/g_accept_sec_context.c -lib/gssapi/mechglue/g_acquire_cred.c -lib/gssapi/mechglue/g_canon_name.c -lib/gssapi/mechglue/g_compare_name.c -lib/gssapi/mechglue/g_context_time.c -lib/gssapi/mechglue/g_delete_sec_context.c -lib/gssapi/mechglue/g_dsp_name.c -lib/gssapi/mechglue/g_dsp_status.c -lib/gssapi/mechglue/g_dup_name.c -lib/gssapi/mechglue/g_exp_sec_context.c -lib/gssapi/mechglue/g_export_name.c -lib/gssapi/mechglue/g_glue.c -lib/gssapi/mechglue/g_imp_name.c -lib/gssapi/mechglue/g_imp_sec_context.c -lib/gssapi/mechglue/g_init_sec_context.c -lib/gssapi/mechglue/g_initialize.c -lib/gssapi/mechglue/g_inquire_context.c -lib/gssapi/mechglue/g_inquire_cred.c -lib/gssapi/mechglue/g_inquire_names.c -lib/gssapi/mechglue/g_process_context.c -lib/gssapi/mechglue/g_rel_buffer.c -lib/gssapi/mechglue/g_rel_cred.c -lib/gssapi/mechglue/g_rel_name.c -lib/gssapi/mechglue/g_rel_oid_set.c -lib/gssapi/mechglue/g_seal.c -lib/gssapi/mechglue/g_sign.c -lib/gssapi/mechglue/g_store_cred.c -lib/gssapi/mechglue/g_unseal.c -lib/gssapi/mechglue/g_userok.c -lib/gssapi/mechglue/g_utils.c -lib/gssapi/mechglue/g_verify.c -lib/gssapi/mechglue/gssd_pname_to_uid.c -lib/gssapi/mechglue/mglueP.h -lib/gssapi/mechglue/oid_ops.c -lib/gssapi/spnego/gssapiP_spnego.h -lib/gssapi/spnego/spnego_mech.c - -are subject to the following license: - -Copyright (c) 2004 Sun Microsystems, Inc. +DES transition +-------------- -Permission is hereby granted, free of charge, to any person obtaining a -copy of this software and associated documentation files (the -"Software"), to deal in the Software without restriction, including -without limitation the rights to use, copy, modify, merge, publish, -distribute, sublicense, and/or sell copies of the Software, and to -permit persons to whom the Software is furnished to do so, subject to -the following conditions: +The Data Encryption Standard (DES) is widely recognized as weak. The +krb5-1.7 release contains measures to encourage sites to migrate away +from using single-DES cryptosystems. Among these is a configuration +variable that enables "weak" enctypes, which defaults to "false" +beginning with krb5-1.8. -The above copyright notice and this permission notice shall be included -in all copies or substantial portions of the Software. +Major changes in 1.10 +--------------------- -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS -OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. -IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY -CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, -TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE -SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +krb5-1.10 changes by ticket ID +------------------------------ Acknowledgements ---------------- -Thanks to Sun Microsystems for donating their implementations of -mechglue and SPNEGO. - -Thanks to the members of the Kerberos V5 development team at MIT, both -past and present: Danilo Almeida, Jeffrey Altman, Richard Basch, Jay -Berkenbilt, Mitch Berger, Andrew Boardman, Joe Calzaretta, John Carr, -Don Davis, Alexandra Ellwood, Nancy Gilman, Matt Hancher, Sam Hartman, -Paul Hill, Marc Horowitz, Eva Jacobus, Miroslav Jurisic, Barry Jaspan, -Geoffrey King, John Kohl, Peter Litwack, Scott McGuire, Kevin -Mitchell, Cliff Neuman, Paul Park, Ezra Peisach, Chris Provenzano, Ken -Raeburn, Jon Rochlis, Jeff Schiller, Jen Selby, Brad Thompson, Harry -Tsai, Ted Ts'o, Marshall Vale, Tom Yu. +Past and present Sponsors of the MIT Kerberos Consortium: + + Apple + Carnegie Mellon University + Centrify Corporation + Columbia University + Cornell University + The Department of Defense of the United States of America (DoD) + Google + Iowa State University + MIT + Michigan State University + Microsoft + The National Aeronautics and Space Administration + of the United States of America (NASA) + Network Appliance (NetApp) + Nippon Telephone and Telegraph (NTT) + Oracle + Pennsylvania State University + Red Hat + Stanford University + TeamF1, Inc. + The University of Alaska + The University of Michigan + The University of Pennsylvania + +Past and present members of the Kerberos Team at MIT: + + Danilo Almeida + Jeffrey Altman + Justin Anderson + Richard Basch + Mitch Berger + Jay Berkenbilt + Andrew Boardman + Bill Bryant + Steve Buckley + Joe Calzaretta + John Carr + Mark Colan + Don Davis + Alexandra Ellwood + Dan Geer + Nancy Gilman + Matt Hancher + Thomas Hardjono + Sam Hartman + Paul Hill + Marc Horowitz + Eva Jacobus + Miroslav Jurisic + Barry Jaspan + Geoffrey King + Kevin Koch + John Kohl + HaoQi Li + Peter Litwack + Scott McGuire + Steve Miller + Kevin Mitchell + Cliff Neuman + Paul Park + Ezra Peisach + Chris Provenzano + Ken Raeburn + Jon Rochlis + Jeff Schiller + Jen Selby + Robert Silk + Bill Sommerfeld + Jennifer Steiner + Ralph Swick + Brad Thompson + Harry Tsai + Zhanna Tsitkova + Ted Ts'o + Marshall Vale + Tom Yu + +The following external contributors have provided code, patches, bug +reports, suggestions, and valuable resources: + + Brandon Allbery + Russell Allbery + Brian Almeida + Michael B Allen + Derek Atkins + David Bantz + Alex Baule + Arlene Berry + Jeff Blaine + Radoslav Bodo + Emmanuel Bouillon + Michael Calmer + Ravi Channavajhala + Srinivas Cheruku + Leonardo Chiquitto + Howard Chu + Andrea Cirulli + Christopher D. Clausen + Kevin Coffman + Simon Cooper + Sylvain Cortes + Nalin Dahyabhai + Roland Dowdeswell + Jason Edgecombe + Mark Eichin + Shawn M. Emery + Douglas E. Engert + Peter Eriksson + Ronni Feldt + Bill Fellows + JC Ferguson + William Fiveash + Ákos Frohner + Marcus Granado + Scott Grizzard + Helmut Grohne + Steve Grubb + Philip Guenther + Dominic Hargreaves + Jakob Haufe + Jeff Hodges + Love Hörnquist Åstrand + Ken Hornstein + Henry B. Hotz + Luke Howard + Jakub Hrozek + Shumon Huque + Jeffrey Hutzelman + Wyllys Ingersoll + Holger Isenberg + Pavel Jindra + Joel Johnson + Mikkel Kruse + Volker Lendecke + Jan iankko Lieskovsky + Ryan Lynch + Franklyn Mendez + Markus Moeller + Paul Moore + Zbysek Mraz + Edward Murrell + Nikos Nikoleris + Dmitri Pal + Javier Palacios + Ezra Peisach + W. Michael Petullo + Mark Phalan + Robert Relyea + Martin Rex + Jason Rogers + Mike Roszkowski + Guillaume Rousse + Tom Shaw + Peter Shoults + Simo Sorce + Michael Ströder + Bjørn Tore Sund + Rathor Vipin + Jorgen Wahlsten + Max (Weijun) Wang + John Washington + Marcus Watts + Simon Wilkinson + Nicolas Williams + Ross Wilper + Xu Qiang + Hanz van Zijst + +The above is not an exhaustive list; many others have contributed in +various ways to the MIT Kerberos development effort over the years. +Other acknowledgments (for bug reports and patches) are in the +doc/CHANGES file.