Kerberos Version 5, Release 1.14 Release Notes The MIT Kerberos Team Copyright and Other Notices --------------------------- Copyright (C) 1985-2016 by the Massachusetts Institute of Technology and its contributors. All rights reserved. Please see the file named NOTICE for additional notices. Documentation ------------- Unified documentation for Kerberos V5 is available in both HTML and PDF formats. The table of contents of the HTML format documentation is at doc/html/index.html, and the PDF format documentation is in the doc/pdf directory. Additionally, you may find copies of the HTML format documentation online at http://web.mit.edu/kerberos/krb5-latest/doc/ for the most recent supported release, or at http://web.mit.edu/kerberos/krb5-devel/doc/ for the release under development. More information about Kerberos may be found at http://web.mit.edu/kerberos/ and at the MIT Kerberos Consortium web site http://kerberos.org/ Building and Installing Kerberos 5 ---------------------------------- Build documentation is in doc/html/build/index.html or doc/pdf/build.pdf. The installation guide is in doc/html/admin/install.html or doc/pdf/install.pdf. If you are attempting to build under Windows, please see the src/windows/README file. Reporting Bugs -------------- Please report any problems/bugs/comments by sending email to krb5-bugs@mit.edu. You may view bug reports by visiting http://krbdev.mit.edu/rt/ and using the "Guest Login" button. Please note that the web interface to our bug database is read-only for guests, and the primary way to interact with our bug database is via email. DES transition -------------- The Data Encryption Standard (DES) is widely recognized as weak. The krb5-1.7 release contains measures to encourage sites to migrate away from using single-DES cryptosystems. Among these is a configuration variable that enables "weak" enctypes, which defaults to "false" beginning with krb5-1.8. Major changes in 1.14.3 (2016-07-20) ------------------------------------ This is a bug fix release. * Improve some error messages * Improve documentation * Allow a principal with nonexistent policy to bypass the minimum password lifetime check, consistent with other aspects of nonexistent policies * Fix a rare KDC denial of service vulnerability when anonymous client principals are restricted to obtaining TGTs only [CVE-2016-3120] krb5-1.14.3 changes by ticket ID -------------------------------- 8378 Improve error message "kadmind: No such file or directory while initializing, aborting" 8392 Add missing newline in kinit usage message 8395 Fetching master key list crashes if K/M has no key data 8413 Fix unlikely pointer error in get_in_tkt.c 8415 Uninitialized read in krb5_sname_match 8417 Fix typo in doc/user/tkt_mgmt.rst 8421 Avoid setting AS key when OTP preauth fails 8422 Relax t_sn2princ.py reverse resolution test 8427 kadmind minimum life check fails for nonexistent policies 8430 Fix incorrect recv() size calculation in libkrad 8431 profile_flush_to_file() can corrupt shared tree state 8448 Confusing error text for unset default_realm 8452 Update LDAP docs for password lockout 8455 k5_expand_path_tokens_extra() always returns 0 even if expand_token() fails 8457 Fix error code on clpreauth module failure 8458 Fix S4U2Self KDC crash when anon is restricted [CVE-2016-3120] Major changes in 1.14.2 (2016-04-18) ------------------------------------ This is a bug fix release. * Fix a moderate-severity vulnerability in the LDAP KDC back end that could be exploited by a privileged kadmin user [CVE-2016-3119] * Improve documentation * Fix some interactions with GSSAPI interposer mechanisms krb5-1.14.2 changes by ticket ID -------------------------------- 8330 Enable interposing gss_inquire_attrs_for_mech() 8358 Report inquire_attrs_for_mech mech failures 8359 Enable interposing gss_inquire_saslname_for_mech 8360 Use public OID for interposing several functions 8362 memleak in decrypt_2ndtkt() 8363 s4u protocol transition tests revealing memleaks in krb5kdc 8373 SPNEGO gss_init_sec_context() can fail or prematurely resolve creds 8383 Fix LDAP null deref on empty arg [CVE-2016-3119] 8385 Fix keytab file format description 8387 Add documentation for krb5_error_code 8390 Default to LSA when TGT in LSA is inaccessible Major changes in 1.14.1 (2016-02-29) ------------------------------------ * Fix some moderate-severity vulnerabilities [CVE-2015-8629, CVE-2015-8630, CVE-2015-8631] in kadmind. * Improve behavior on hosts with long hostnames. * Avoid spurious failures when doing normal kprop to heavily loaded slave KDCs. krb5-1.14.1 changes by ticket ID -------------------------------- 8276 Fix mechglue gss_acquire_cred_impersonate_name 8281 Fix memory leak in SPNEGO gss_init_sec_context() 8300 Fix k5crypto NSS iov processing bug 8301 Correctly use k5_wrapmsg() in ldap_principal2.c 8326 hostrealm code won't compile in debug mode using Solaris Studio C 8327 Set TL_DATA mask flag for master key operations 8334 Check context handle in gss_export_sec_context() 8335 Work around uninitialized warning in cc_kcm.c 8336 MAXHOSTNAMELEN is too short for some FQDNs 8337 Check internal context on init context errors 8338 Fix interposed gss_accept_sec_context() 8339 Add .travis.yml 8340 ksu broken with 2FA principals again 8341 Verify decoded kadmin C strings [CVE-2015-8629] 8342 Check for null kadm5 policy name [CVE-2015-8630] 8343 Fix leaks in kadmin server stubs [CVE-2015-8631] 8346 Fix EOF check in kadm5.acl line processing 8347 Fix iprop server stub error management 8367 Use blocking lock when creating db2 KDB Major changes in 1.14 (2015-11-20) ---------------------------------- Administrator experience: * Add a new kdb5_util tabdump command to provide reporting-friendly tabular dump formats (tab-separated or CSV) for the KDC database. Unlike the normal dump format, each output table has a fixed number of fields. Some tables include human-readable forms of data that are opaque in ordinary dump files. This format is also suitable for importing into relational databases for complex queries. * Add support to kadmin and kadmin.local for specifying a single command line following any global options, where the command arguments are split by the shell--for example, "kadmin getprinc principalname". Commands issued this way do not prompt for confirmation or display warning messages, and exit with non-zero status if the operation fails. * Accept the same principal flag names in kadmin as we do for the default_principal_flags kdc.conf variable, and vice versa. Also accept flag specifiers in the form that kadmin prints, as well as hexadecimal numbers. * Remove the triple-DES and RC4 encryption types from the default value of supported_enctypes, which determines the default key and salt types for new password-derived keys. By default, keys will only created only for AES128 and AES256. This mitigates some types of password guessing attacks. * Add support for directory names in the KRB5_CONFIG and KRB5_KDC_PROFILE environment variables. * Add support for authentication indicators, which are ticket annotations to indicate the strength of the initial authentication. Add support for the "require_auth" string attribute, which can be set on server principal entries to require an indicator when authenticating to the server. * Add support for key version numbers larger than 255 in keytab files, and for version numbers up to 65535 in KDC databases. * Transmit only one ETYPE-INFO and/or ETYPE-INFO2 entry from the KDC during pre-authentication, corresponding to the client's most preferred encryption type. * Add support for server name identification (SNI) when proxying KDC requests over HTTPS. * Add support for the err_fmt profile parameter, which can be used to generate custom-formatted error messages. Code quality: * Fix memory aliasing issues in SPNEGO and IAKERB mechanisms that could cause server crashes. [CVE-2015-2695] [CVE-2015-2696] [CVE-2015-2698] * Fix build_principal memory bug that could cause a KDC crash. [CVE-2015-2697] Developer experience: * Change gss_acquire_cred_with_password() to acquire credentials into a private memory credential cache. Applications can use gss_store_cred() to make the resulting credentials visible to other processes. * Change gss_acquire_cred() and SPNEGO not to acquire credentials for IAKERB or for non-standard variants of the krb5 mechanism OID unless explicitly requested. (SPNEGO will still accept the Microsoft variant of the krb5 mechanism OID during negotiation.) * Change gss_accept_sec_context() not to accept tokens for IAKERB or for non-standard variants of the krb5 mechanism OID unless an acceptor credential is acquired for those mechanisms. * Change gss_acquire_cred() to immediately resolve credentials if the time_rec parameter is not NULL, so that a correct expiration time can be returned. Normally credential resolution is delayed until the target name is known. * Add krb5_prepend_error_message() and krb5_wrap_error_message() APIs, which can be used by plugin modules or applications to add prefixes to existing detailed error messages. * Add krb5_c_prfplus() and krb5_c_derive_prfplus() APIs, which implement the RFC 6113 PRF+ operation and key derivation using PRF+. * Add support for pre-authentication mechanisms which use multiple round trips, using the the KDC_ERR_MORE_PREAUTH_DATA_REQUIRED error code. Add get_cookie() and set_cookie() callbacks to the kdcpreauth interface; these callbacks can be used to save marshalled state information in an encrypted cookie for the next request. * Add a client_key() callback to the kdcpreauth interface to retrieve the chosen client key, corresponding to the ETYPE-INFO2 entry sent by the KDC. * Add an add_auth_indicator() callback to the kdcpreauth interface, allowing pre-authentication modules to assert authentication indicators. * Add support for the GSS_KRB5_CRED_NO_CI_FLAGS_X cred option to suppress sending the confidentiality and integrity flags in GSS initiator tokens unless they are requested by the caller. These flags control the negotiated SASL security layer for the Microsoft GSS-SPNEGO SASL mechanism. * Make the FILE credential cache implementation less prone to corruption issues in multi-threaded programs, especially on platforms with support for open file description locks. Performance: * On slave KDCs, poll the master KDC immediately after processing a full resync, and do not require two full resyncs after the master KDC's log file is reset. User experience: * Make gss_accept_sec_context() accept tickets near their expiration but within clock skew tolerances, rather than rejecting them immediately after the server's view of the ticket expiration time. krb5-1.14 changes by ticket ID ------------------------------ 6938 krb5 and ldap signed traffic 7532 Improve support for large kvnos 7790 Make cross-realm S4U2Self work 7804 Can't write to file ccache with OPENCLOSE unset 7903 Remove des3 and arcfour from supported_enctypes 7991 kadmin should have a script-friendly mode 8002 Fix KCM ccache per-type cursor 8021 SPNEGO clients should not try IAKERB by default 8022 klist -s only looks for TGTs 8023 Use OFD locks where available 8025 krb5 gss_inquire_context doesn't work with partially established context 8026 Use stdio reads, O_APPEND writes in FILE ccache 8027 Client RPC timeout during kadmin listprincs command 8030 Add support for directories in profile paths 8046 Add new error message wrapping APIs 8047 Add err_fmt profile parameter 8048 Remove ksu -D flag documentation 8052 Include file ccache name in error messages 8062 Fix const correctness on krb5_c_fx_cf2_simple() 8063 Support KDC_ERR_MORE_PREAUTH_DATA_REQUIRED 8123 Check timestamp in PKINIT kdcpreauth module 8124 Use preauth timestamp in PKINIT clpreauth module 8139 SIGNTICKET creation and verification doesn't always use the right key 8152 gss_acquire_cred_with_password() ignores expired creds 8157 Authentication indicator support 8161 kpropd -t (runonce) doesn't work for full dumps 8163 python test issues 8164 Avoid unnecessary iprop full resyncs after resets 8171 kadm5_hook does not have rename method 8198 Support SNI in MS-KKDCP client 8199 Only include one key in etype-info 8200 Add client_keyblock kdcpreauth callback 8213 Policy extensions in 1.11 break iprop dump compatibility 8215 Unify KDB principal flag specifiers 8217 Limit use of deprecated krb5 mech OIDs 8219 Conditionalize iprop stderr output in kadmind 8221 Fail during configure if stdint.h missing 8224 Add KDC_ERR_PREAUTH_EXPIRED support 8225 Improve krb5_cccol_have_content() error messages 8227 Allow missing authenticator checksum with GSSAPI 8228 Add krb5_c_prfplus() and krb5_c_derive_prfplus() 8233 Add secure cookie support 8234 Add etype-info2 to MORE_PREAUTH_DATA_REQUIRED 8235 Resolve krb5 GSS creds if time_rec is requested 8236 Update SPNEGO hintName value to current spec 8242 Improve PKINIT OpenSSL error reporting 8243 Add tabular dump capability to kdb5_util 8244 SPNEGO and IAKERB context aliasing bugs [CVE-2015-2695][CVE-2015-2696] 8245 kerberos.ldif file has malformed entries 8246 Fix error mappings for IOV MIC mechglue funcs 8251 Fix kadmin with e2fsprogs libss 8252 Fix build_principal memory bug [CVE-2015-2697] 8253 Fix minor utf8-to-ucs2s read overrun bug 8254 use appropriate default for krb5_cv_sys_rcdir when cross-compiling 8255 Define error status GSS_S_BAD_MIC 8256 Fix typo in GSS_S_UNAUTHORIZED error message 8257 Fix gss_inquire_names_for_mech() on MS krb5 mech 8258 Correct GSS major code for non-default QOP values 8259 Check output params on GSS OID set functions 8260 Fix gss_store_cred() minor code on acceptor cred 8262 Set plugin_base_dir for kadmin tests 8264 kdb_check test target uses installed message catalog 8266 Installed krb5.conf files can affect test suite 8267 unsetenv() returns void 8268 krb5 gss_accept_sec_context() does not allow clock skew 8269 Accept new passwords as const char pointers 8271 Zap secure cookie contents when freeing 8273 Fix IAKERB context export/import [CVE-2015-2698] Acknowledgements ---------------- Past Sponsors of the MIT Kerberos Consortium: Apple Carnegie Mellon University Centrify Corporation Columbia University Cornell University The Department of Defense of the United States of America (DoD) Fidelity Investments Google Iowa State University MIT Michigan State University Microsoft MITRE Corporation Morgan-Stanley The National Aeronautics and Space Administration of the United States of America (NASA) Network Appliance (NetApp) Nippon Telephone and Telegraph (NTT) US Government Office of the National Coordinator for Health Information Technology (ONC) Oracle Pennsylvania State University Red Hat Stanford University TeamF1, Inc. The University of Alaska The University of Michigan The University of Pennsylvania Past and present members of the Kerberos Team at MIT: Danilo Almeida Jeffrey Altman Justin Anderson Richard Basch Mitch Berger Jay Berkenbilt Andrew Boardman Bill Bryant Steve Buckley Joe Calzaretta John Carr Mark Colan Don Davis Sarah Day Alexandra Ellwood Carlos Garay Dan Geer Nancy Gilman Matt Hancher Thomas Hardjono Sam Hartman Paul Hill Marc Horowitz Eva Jacobus Miroslav Jurisic Barry Jaspan Benjamin Kaduk Geoffrey King Kevin Koch John Kohl HaoQi Li Jonathan Lin Peter Litwack Scott McGuire Steve Miller Kevin Mitchell Cliff Neuman Paul Park Ezra Peisach Chris Provenzano Ken Raeburn Jon Rochlis Jeff Schiller Jen Selby Robert Silk Bill Sommerfeld Jennifer Steiner Ralph Swick Brad Thompson Harry Tsai Zhanna Tsitkova Ted Ts'o Marshall Vale Tom Yu The following external contributors have provided code, patches, bug reports, suggestions, and valuable resources: Ian Abbott Brandon Allbery Russell Allbery Brian Almeida Michael B Allen Heinz-Ado Arnolds Derek Atkins Mark Bannister David Bantz Alex Baule David Benjamin Thomas Bernard Adam Bernstein Arlene Berry Jeff Blaine Radoslav Bodo Sumit Bose Emmanuel Bouillon Philip Brown Michael Calmer Andrea Campi Julien Chaffraix Ravi Channavajhala Srinivas Cheruku Leonardo Chiquitto Howard Chu Andrea Cirulli Christopher D. Clausen Kevin Coffman Simon Cooper Sylvain Cortes Ian Crowther Arran Cudbard-Bell Jeff D'Angelo Nalin Dahyabhai Mark Davies Dennis Davis Alex Dehnert Mark Deneen Günther Deschner John Devitofranceschi Roland Dowdeswell Viktor Dukhovni Jason Edgecombe Mark Eichin Shawn M. Emery Douglas E. Engert Peter Eriksson Juha Erkkilä Gilles Espinasse Ronni Feldt Bill Fellows JC Ferguson Remi Ferrand Paul Fertser William Fiveash Ákos Frohner Sebastian Galiano Marcus Granado Scott Grizzard Helmut Grohne Steve Grubb Philip Guenther Dominic Hargreaves Robbie Harwood Jakob Haufe Matthieu Hautreux Paul B. Henson Jeff Hodges Christopher Hogan Love Hörnquist Åstrand Ken Hornstein Henry B. Hotz Luke Howard Jakub Hrozek Shumon Huque Jeffrey Hutzelman Wyllys Ingersoll Holger Isenberg Spencer Jackson Diogenes S. Jesus Pavel Jindra Joel Johnson Anders Kaseorg W. Trevor King Patrik Kis Mikkel Kruse Reinhard Kugler Tomas Kuthan Pierre Labastie Volker Lendecke Jan iankko Lieskovsky Oliver Loch Kevin Longfellow Jon Looney Nuno Lopes Ryan Lynch Roland Mainz Andrei Maslennikov Michael Mattioli Nathaniel McCallum Greg McClement Cameron Meadors Alexey Melnikov Franklyn Mendez Markus Moeller Kyle Moffett Paul Moore Keiichi Mori Michael Morony Zbysek Mraz Edward Murrell Nikos Nikoleris Felipe Ortega Michael Osipov Andrej Ota Dmitri Pal Javier Palacios Tom Parker Ezra Peisach Zoran Pericic W. Michael Petullo Mark Phalan Brett Randall Jonathan Reams Jonathan Reed Robert Relyea Martin Rex Jason Rogers Matt Rogers Nate Rosenblum Solly Ross Mike Roszkowski Guillaume Rousse Andreas Schneider Tom Shaw Jim Shi Peter Shoults Simo Sorce Michael Spang Michael Ströder Bjørn Tore Sund Joe Travaglini Tim Uglow Rathor Vipin Denis Vlasenko Jorgen Wahlsten Stef Walter Max (Weijun) Wang John Washington Stef Walter Xi Wang Kevin Wasserman Margaret Wasserman Marcus Watts Andreas Wiese Simon Wilkinson Nicolas Williams Ross Wilper Augustin Wolf David Woodhouse Tsu-Phong Wu Xu Qiang Neng Xue Nickolai Zeldovich Hanz van Zijst Gertjan Zwartjes The above is not an exhaustive list; many others have contributed in various ways to the MIT Kerberos development effort over the years. Other acknowledgments (for bug reports and patches) are in the doc/CHANGES file.