Kerberos Version 5, Release 1.9 Release Notes The MIT Kerberos Team Copyright and Other Notices --------------------------- Copyright (C) 1985-2013 by the Massachusetts Institute of Technology and its contributors. All rights reserved. Please see the file named NOTICE for additional notices. MIT Kerberos is a project of the MIT Kerberos Consortium. For more information about the Kerberos Consortium, see http://kerberos.org/ For more information about the MIT Kerberos software, see http://web.mit.edu/kerberos/ People interested in participating in the MIT Kerberos development effort should visit http://k5wiki.kerberos.org/ Building and Installing Kerberos 5 ---------------------------------- The first file you should look at is doc/install-guide.ps; it contains the notes for building and installing Kerberos 5. The info file krb5-install.info has the same information in info file format. You can view this using the GNU emacs info-mode, or by using the standalone info file viewer from the Free Software Foundation. This is also available as an HTML file, install.html. Other good files to look at are admin-guide.ps and user-guide.ps, which contain the system administrator's guide, and the user's guide, respectively. They are also available as info files kerberos-admin.info and krb5-user.info, respectively. These files are also available as HTML files. If you are attempting to build under Windows, please see the src/windows/README file. Reporting Bugs -------------- Please report any problems/bugs/comments using the krb5-send-pr program. The krb5-send-pr program will be installed in the sbin directory once you have successfully compiled and installed Kerberos V5 (or if you have installed one of our binary distributions). If you are not able to use krb5-send-pr because you haven't been able compile and install Kerberos V5 on any platform, you may send mail to krb5-bugs@mit.edu. Please keep in mind that unencrypted e-mail is not secure. If you need to report a security vulnerability, or send sensitive information, please PGP-encrypt it to krbcore-security@mit.edu. You may view bug reports by visiting http://krbdev.mit.edu/rt/ and logging in as "guest" with password "guest". DES transition -------------- The Data Encryption Standard (DES) is widely recognized as weak. The krb5-1.7 release contains measures to encourage sites to migrate away from using single-DES cryptosystems. Among these is a configuration variable that enables "weak" enctypes, which defaults to "false" beginning with krb5-1.8. Major changes in krb5-1.9.5 (2013-04-25) ---------------------------------------- This is a bugfix release. The krb5-1.9 release series has reached the end of its maintenance period, and krb5-1.9.5 is the last planned release in the series. For new deployments, installers should prefer the krb5-1.11 release series or later. * Fix KDC null pointer dereference in TGS-REQ handling [CVE-2013-1416] * Fix PKINIT null pointer dereference vulnerability [CVE-2013-1415] * Fix KDC heap corruption vulnerability [CVE-2012-1015] * Prevent the KDC from returning a host-based service principal referral to the local realm. * Incremental propagation could erroneously act as if a slave's database were current after the slave received a full dump that failed to load. krb5-1.9.5 changes by ticket ID ------------------------------- 7225 Fix KDC heap corruption vuln [CVE-2012-1015] 7609 Don't return a host referral to the service realm 7610 Fix spurious clock skew caused by gak_fct delay 7611 Ensure null termination of AFS salts 7612 Make verify_init_creds work with existing ccache 7613 Fail during configure if unable to find ar 7614 Avoid side effects in assert expressions 7615 Fix gss_str_to_oid for OIDs with zero-valued arcs 7616 Fix no_host_referral concatention in KDC 7617 Fix kdb5_util dump.c uninitialized warnings 7618 Minor pointer management patches 7619 PKINIT null pointer deref [CVE-2013-1415] 7622 KDC TGS-REQ null deref [CVE-2013-1416] 7623 Fix condition with empty body 7624 Reset ulog if database load failed Major changes in krb5-1.9.4 (2012-06-20) ---------------------------------------- This is a bugfix release. * Fix interop issues with Windows Server 2008 R2 Read-Only Domain Controllers. * Work around a glibc bug that causes spurious DNS PTR queries to occur even when rdns = false. * Fix a kadmind denial of service issue (null pointer dereference), which could only be triggered by an administrator with the "create" privilege. [CVE-2012-1013] krb5-1.9.4 changes by ticket ID ------------------------------- 7101 workaround for Solaris 8 lacking isblank 7102 kvno ASN.1 encoding interop with Windows RODCs 7103 Fix KDB iteration when callback does write calls 7104 Fix spurious password expiry warning 7142 Use correct name-type in TGS-REQs for 2008R2 RODCs 7156 Try all history keys to decrypt password history 7164 Work around glibc getaddrinfo PTR lookups 7165 Make password change work without default realm 7168 Null pointer deref in kadmind [CVE-2012-1013] 7169 Export krb5_set_trace_callback/filename 7170 Export gss_mech_krb5_wrong from libgssapi_krb5 Major changes in krb5-1.9.3 (2012-02-06) ---------------------------------------- This is primarily a bugfix release. * Fix MITKRB5-SA-2011-007 KDC null pointer dereference in TGS handling [CVE-2011-1530]. * Fix an interaction in iprop that could cause spurious excess kadmind processes when a kprop child fails. krb5-1.9.3 changes by ticket ID ------------------------------- 6993 Fix format string for TRACE_INIT_CREDS_SERVICE 7007 Fix intermediate key length in hmac-md5 checksum 7008 Exit on error in kadmind kprop child 7009 Fix month/year units in getdate 7016 Handle TGS referrals to the same realm 7040 Fix failure interval of 0 in LDAP lockout code 7043 SA-2011-007 KDC null pointer deref in TGS handling [CVE-2011-1530] 7052 Fix subkey memory leak in krb5_get_credentials 7068 Fix implicit declaration in ksu for some builds 7069 krb5_server_decrypt_ticket_keytab wrongly succeeds Major changes in krb5-1.9.2 (2011-11-02) ---------------------------------------- This is primarily a bugfix release. * Improve KDC performance by fully its disabling replay cache. * Fix MITKRB5-SA-2011-006 KDC denial of service vulnerabilities [CVE-2011-1527 CVE-2011-1528 CVE-2011-1529]. krb5-1.9.2 changes by ticket ID ------------------------------- 6844 Memory leak in save_error_string_nocopy() 6884 KDC memory leak in FAST error path 6885 KDC memory leak of reply padata for FAST replies 6886 rc4-hmac weak key checks break interoperability 6888 No explanation of failed passwd entry if REQUIRES_PWCHANGE is set 6906 modernize doc/Makefile somewhat 6907 setpw response parsing fails for lengths above 255 6908 Delete sec context properly in gss_krb5_export_lucid_sec_context 6912 Use hmac-md5 checksum for PA-FOR-USER padata 6913 Fix multiple tl-data updates over iprop 6916 Restore krb5_get_credentials caching for referral requests 6917 Restore fallback non-referral TGS request to same realm 6920 Fix old-style GSSRPC authentication 6932 Fix gss_set_cred_option cred creation with no name 6939 Legacy checksum APIs usually fail 6941 Fix accidental KDC use of replay cache 6943 incorrect reference in spnego_gss_set_cred_option 6949 TCP connection leak with 1.9.1, with connect_to_server() 6952 Fix cross-realm traversal TGT requests 6960 always include krb5_libinit.h in init_ctx.c 6970 gss_unwrap_iov crashes with stream buffers for 3des, des, rc4 6972 memory leak in version 1.9.1 6982 SA-2011-006 KDC denial of service [CVE-2011-1527 CVE-2011-1528 CVE-2011-1529] 6990 fix tar invocation in mkrel Major changes in krb5-1.9.1 (2011-05-05) ---------------------------------------- This is primarily a bugfix release. * Fix vulnerabilities: ** kpropd denial of service [MITKRB5-SA-2011-001 CVE-2010-4022] ** KDC denial of service attacks [MITKRB5-SA-2011-002 CVE-2011-0281 CVE-2011-0282 CVE-2011-0283] ** KDC double-free when PKINIT enabled [MITKRB5-SA-2011-003 CVE-2011-0284] ** kadmind frees invalid pointer [MITKRB5-SA-2011-004 CVE-2011-0285] * Interoperability: ** Don't reject AP-REQ messages if their PAC doesn't validate; suppress the PAC instead. ** Correctly validate HMAC-MD5 checksums that use DES keys krb5-1.9.1 changes by ticket ID ------------------------------- 6596 [Michael Spang] Bug#561176: krb5-kdc-ldap: krb5kdc leaks file descriptors 6675 segfault in gss_export_sec_context 6800 memory leak in kg_new_connection 6847 Suppress camellia-gen in 1.9 make check 6849 Fix edge case in LDAP last_admin_unlock processing 6852 Make gss_krb5_set_allowable_enctypes work for the acceptor 6856 Fix seg faulting trace log message for use of fallback realm 6859 kpropd denial of service [MITKRB5-SA-2011-001 CVE-2010-4022] 6860 KDC denial of service attacks [MITKRB5-SA-2011-002 CVE-2011-0281 CVE-2011-0282 CVE-2011-0283] 6867 Trace logging file descriptor leak 6869 hmac-md5 checksum doesn't work with DES keys 6870 Don't reject AP-REQs based on PACs 6871 "make distclean" leaves an object file behind. 6875 kdb5_util mkey operations hit assertion when iprop is enabled 6881 KDC double-free when PKINIT enabled [MITKRB5-SA-2011-003 CVE-2011-0284] 6899 kadmind frees invalid pointer [MITKRB5-SA-2011-004 CVE-2011-0285] Major changes in krb5-1.9 (2010-12-22) -------------------------------------- Additional background information on these changes may be found at http://k5wiki.kerberos.org/wiki/Release_1.9 and http://k5wiki.kerberos.org/wiki/Category:Release_1.9_projects Code quality: * Fix MITKRB5-SA-2010-007 checksum vulnerabilities (CVE-2010-1324 and others). * Add a Python-based testing framework. * Perform DAL cleanup. Developer experience: * Add NSS crypto back end. * Improve PRNG modularity. * Add a Fortuna-like PRNG back end. Performance: * Account lockout performance improvements -- allow disabling of some account lockout functionality to reduce the number of write operations to the database during authentication * Add support for multiple KDC worker processes. Administrator experience: * Add Trace logging support to ease the diagnosis of configuration problems. * Add support for purging old keys (e.g. from "cpw -randkey -keepold"). * Add plugin interface for password sync -- based on proposed patches by Russ Allbery that support his krb5-sync package * Add plugin interface for password quality checks -- enables pluggable password quality checks similar to Russ Allbery's krb5-strength package. * Add a configuration file validator script. * Add KDC support for SecurID preauthentication -- this is the old SAM-2 protocol, implemented to support existing deployments, not the in-progress FAST-OTP work. * Add "cheat" capability for kinit when running on a KDC host. Protocol evolution: * Add support for IAKERB -- a mechanism for tunneling Kerberos KDC transactions over GSS-API, enabling clients to authenticate to services even when the clients cannot directly reach the KDC that serves the services. * Add support for Camellia encryption (disabled by default). * Add GSS-API support for implementors of the SASL GS2 bridge mechanism. krb5-1.9 changes by ticket ID ----------------------------- 1219 mechanism to delete old keys should exist 2032 No advanced warning of password expiry 5014 kadmin (and other utilities) should report enctypes as it takes them 6647 Memory leak in kdc 6672 Python test framework 6679 Lazy history key creation 6684 Simple kinit verbosity patch 6686 IPv6 support for kprop and kpropd 6688 mit-krb5-1.7 fails to compile against openssl-1.0.0 6699 Validate and renew should work on non-TGT creds 6700 Introduce new krb5_tkt_creds API 6712 Add IAKERB mechanism and gss_acquire_cred_with_password 6714 [patch] fix format errors in krb5-1.8.1 6715 cksum_body exports 6719 Add lockout-related performance tuning variables 6720 Negative enctypes improperly read from keytabs 6723 Negative enctypes improperly read from ccaches 6733 Make signedpath authdata visible via GSS naming exts 6736 Add krb5_enctype_to_name() API 6737 Trace logging 6746 Make kadmin work over IPv6 6749 DAL improvements 6753 Fix XDR decoding of large values in xdr_u_int 6755 Add GIC option for password/account expiration callback 6758 Allow krb5_gss_register_acceptor_identity to unset keytab name 6760 Fail properly when profile can't be accessed 6761 add profile include support 6762 key expiration computed incorrectly in libkdb_ldap 6763 New plugin infrastructure 6765 Password quality pluggable interface 6769 clean up memory leak and potential unused variable in crypto tests 6771 Fix memory leaks in kdb5_verify 6772 Ensure valid key in krb5int_yarrow_cipher_encrypt_block 6774 pkinit client cert matching can be disrupted by one of the candidate certs 6775 pkinit evaluation during certificate matching may fail 6776 Typos in src/plugins/preauth/pkinit/pkinit_crypto_openssl.c 6777 Segmentation fault in krb library (sn2princ.c) if realm not resolved 6778 kdb: store mkey list in context and permit NULL mkey for kdb_dbe_decrypt_key_data 6779 kinit: add KDB keytab support 6783 KDC worker processes feature 6784 relicense Sun RPC to 3-clause BSD-style 6785 Add gss_krb5_import_cred 6786 kpasswd: if a credential cache is present, use FAST 6787 S4U memory leak 6791 kadm5_hook: new plugin interface 6792 Implement k5login_directory and k5login_authoritative options 6793 acquire_init_cred leaks interned name 6794 krb5.conf manpage missing reference to rdns setting 6795 Propagate modprinc -unlock from master to slave KDCs 6796 segfault due to uninitialized variable in S4U 6799 Performance issue in LDAP policy fetch 6801 Fix leaks in get_init_creds interface 6802 copyright notice updates 6804 Remove KDC replay cache 6805 securID code fixes 6806 securID error handling fix 6807 SecurID build support 6809 gss_krb5int_make_seal_token_v3_iov fails to set conf_state 6810 Better libk5crypto NSS fork safety 6811 Mark Camellia-CCM code as experimental 6812 krb5_get_credentials should not fail due to inability to store a credential in a cache 6815 Failed kdb5_util load removes real database 6819 Handle referral realm in kprop client principal 6820 Read KDC profile settings in kpropd 6822 Implement Camellia-CTS-CMAC instead of Camellia-CCM 6823 getdate.y: declare yyparse 6824 Export krb5_tkt_creds_get 6825 Add missing KRB5_CALLCONV in callback declaration 6826 Fix Windows build 6827 SA-2010-007 Checksum vulnerabilities (CVE-2010-1324 and others) 6828 Install kadm5_hook_plugin.h 6829 Implement restrict_anonymous_to_tgt realm flag 6838 Regression in renewable handling 6839 handle MS PACs that lack server checksum 6840 typo in plugin-related error message 6841 memory leak in changepw.c 6842 Ensure time() is prototyped in g_accept_sec_context.c Acknowledgements ---------------- Past and present Sponsors of the MIT Kerberos Consortium: Apple Carnegie Mellon University Centrify Corporation Columbia University Cornell University The Department of Defense of the United States of America (DoD) Fidelity Investments Google Iowa State University MIT Michigan State University Microsoft The National Aeronautics and Space Administration of the United States of America (NASA) Network Appliance (NetApp) Nippon Telephone and Telegraph (NTT) Oracle Pennsylvania State University Red Hat Stanford University TeamF1, Inc. The University of Alaska The University of Michigan The University of Pennsylvania Past and present members of the Kerberos Team at MIT: Danilo Almeida Jeffrey Altman Justin Anderson Richard Basch Mitch Berger Jay Berkenbilt Andrew Boardman Bill Bryant Steve Buckley Joe Calzaretta John Carr Mark Colan Don Davis Alexandra Ellwood Carlos Garay Dan Geer Nancy Gilman Matt Hancher Thomas Hardjono Sam Hartman Paul Hill Marc Horowitz Eva Jacobus Miroslav Jurisic Barry Jaspan Benjamin Kaduk Geoffrey King Kevin Koch John Kohl HaoQi Li Jonathan Lin Peter Litwack Scott McGuire Steve Miller Kevin Mitchell Cliff Neuman Paul Park Ezra Peisach Chris Provenzano Ken Raeburn Jon Rochlis Jeff Schiller Jen Selby Robert Silk Bill Sommerfeld Jennifer Steiner Ralph Swick Brad Thompson Harry Tsai Zhanna Tsitkova Ted Ts'o Marshall Vale Tom Yu The following external contributors have provided code, patches, bug reports, suggestions, and valuable resources: Ian Abbott Brandon Allbery Russell Allbery Brian Almeida Michael B Allen Heinz-Ado Arnolds Derek Atkins Mark Bannister David Bantz Alex Baule Adam Bernstein Arlene Berry Jeff Blaine Radoslav Bodo Sumit Bose Emmanuel Bouillon Michael Calmer Julien Chaffraix Ravi Channavajhala Srinivas Cheruku Leonardo Chiquitto Howard Chu Andrea Cirulli Christopher D. Clausen Kevin Coffman Simon Cooper Sylvain Cortes Nalin Dahyabhai Mark Davies Dennis Davis Mark Deneen Roland Dowdeswell Jason Edgecombe Mark Eichin Shawn M. Emery Douglas E. Engert Peter Eriksson Juha Erkkilä Ronni Feldt Bill Fellows JC Ferguson William Fiveash Ákos Frohner Sebastian Galiano Marcus Granado Scott Grizzard Helmut Grohne Steve Grubb Philip Guenther Dominic Hargreaves Jakob Haufe Matthieu Hautreux Paul B. Henson Jeff Hodges Christopher Hogan Love Hörnquist Åstrand Ken Hornstein Henry B. Hotz Luke Howard Jakub Hrozek Shumon Huque Jeffrey Hutzelman Wyllys Ingersoll Holger Isenberg Pavel Jindra Joel Johnson W. Trevor King Mikkel Kruse Volker Lendecke Jan iankko Lieskovsky Oliver Loch Kevin Longfellow Ryan Lynch Nathaniel McCallum Greg McClement Cameron Meadors Alexey Melnikov Franklyn Mendez Markus Moeller Kyle Moffett Paul Moore Keiichi Mori Michael Morony Zbysek Mraz Edward Murrell Nikos Nikoleris Felipe Ortega Andrej Ota Dmitri Pal Javier Palacios Tom Parker Ezra Peisach W. Michael Petullo Mark Phalan Jonathan Reams Robert Relyea Martin Rex Jason Rogers Mike Roszkowski Guillaume Rousse Tom Shaw Peter Shoults Simo Sorce Michael Spang Michael Ströder Bjørn Tore Sund Joe Travaglini Rathor Vipin Jorgen Wahlsten Stef Walter Max (Weijun) Wang John Washington Stef Walter Xi Wang Kevin Wasserman Margaret Wasserman Marcus Watts Andreas Wiese Simon Wilkinson Nicolas Williams Ross Wilper Xu Qiang Nickolai Zeldovich Hanz van Zijst Gertjan Zwartjes The above is not an exhaustive list; many others have contributed in various ways to the MIT Kerberos development effort over the years. Other acknowledgments (for bug reports and patches) are in the doc/CHANGES file.