Kerberos 5 Release 1.2

• Announcement
• README file
• Known Bugs
• Documentation
• Retrieving

Kerberos 5 Release 1.2.8 is now available

The MIT Kerberos Team announces the availability of the krb5-1.2.8 release. The README file may be found here. The detached PGP signature is available without going through the download page. Major changes include:

• [1402, 1385, 1395, 1410, 1411] The krb4 protocol vulnerabilities [MITKRB5-SA-2003-004] have been worked around.
• [1403, 1393] The xdrmem integer overflows [MITKRB5-SA-2003-003] have been fixed.
• [1405, 1397] The krb5_principal buffer bounds problems [MITKRB5-SA-2003-005] have been fixed. Thanks to Nalin Dahyabhai.

Kerberos 5 Release 1.2.7 is now available

The MIT Kerberos Team announces the availability of the krb5-1.2.7 release. The README file may be found here. The detached PGP signature is available without going through the download page. Major changes include:

• [1238] The exploitable buffer overflow in kadmind4 [MITKRB5-SA-2002-002] has been patched. Thanks to Johan Danielsson, Love Hornquist-Astrand, and Assar Westerlund.
• [1230, 1236] Hierarchical cross-realm has been repaired somewhat. Terminating NUL characters are no longer generated, and are ignored on receipt.

Kerberos 5 Release 1.2.6 is now available

The MIT Kerberos Team announces the availability of the krb5-1.2.6 release. The README file may be found here. The detached PGP signature is available without going through the download page. Major changes include:

• The security vulnerability in xdr_array() [MITKRB5-SA-2002-001] has been patched. Thanks to Jeffrey Hutzelman and Nikolai Zeldovich.
• A NULL pointer dereference in kadmind has been fixed [krb5-admin/1140]. Thanks to Mark Levinson.
• There was a botched buffer overflow patch in kadmind4 that caused problems with kadmind4 acl handling. It has been fixed. Thanks to Mark Silis.
• Correct ETYPE_INFO padata are now generated. Thanks to Lubos Kejzlar.
• A bug in AFS salt handling has been worked around. [krb5-clients/1146] Thanks to Wolfgang Friebel.
• The KDC, in handling both krb5 and krb4 TGS_REQs, now honors the DISALLOW_ALL_TIX and DISALLOW_SVR attributes on the server principal. This also now happens with krb524d.
• krb524d will now, by default, convert krb5 tickets for afs service princpals to special tokens that are actually just the EncryptedData part of a krb5 Ticket structure. This may be overridden; please consult src/krb524/README for details.
• Patches from Sleepycat have been applied to the btree backend of the Brekeley DB library; these fix potential problems with the page free and page split operations.
• The kdb5_util dump command has additional options to allow for reversed or recursive (for btree only) dumps of the principal database. This permits the recovery of prinicpals that might otherwise be omitted in a database dump in the presence of certain types of corruption.
• The dump command in kdb5_util now handles master key conversion without crashing.

Kerberos 5 Release 1.2.5 is now available

The MIT Kerberos Team announces the availability of the krb5-1.2.5 release. The README file may be found here. The detached PGP signature is available without going through the download page. Major changes include:

• On MacOS X and on Windows, we have reduced the set of exported symbol names in order to move towards a stable API in the future.
• For Heimdal (and possibly Microsoft) compatibility, we now accept encrypted delegated credentials in gssapi. Historically, the MIT implementation has sent delegated gssapi credentials "in the clear", but still encrypted in the AP-REQ.
• IP address checks have been removed from rd_cred; this improves compatibility with Heimdal.

Kerberos 5 Release 1.2.4 is now available

The MIT Kerberos Team announces the availability of the krb5-1.2.4 release. This is primarily a bugfix release. The README file may be found here. Major changes include:

• The one-character bug introduced into the login.krb5 program that caused 8-character usernames to be rejected in some circumstances has been fixed.
• The handling of key version numbers has been modified in places. The current formats of the keytab and srvtab files, as well as parts of the remote kadmin protocol, handle key version numbers as 8-bit quantities, when in fact they are 32-bit quantities; the modifications attempt to work around these deficiencies to some degree.
• Some issues with multiple enctype support in GSSAPI credential forwarding have been fixed.

Minor changes include:

• A few compilation problems have been fixed.
• New test cases have been added to the test suite to exercise some of the new changes.

Kerberos 5 Release 1.2.3 is now available

The MIT Kerberos Team announces the availability of the krb5-1.2.3 release. This is primarily a bugfix release. The README file may be found here. Major changes include:

• Certain problems with shared library builds have been eliminated or reduced on Linux and HP-UX.
• Various bugs in single-DES enctype similarity have been fixed; the 1.0.x behavior of treating all single-DES enctype as equivalent has been restored for now. This may go away in a future release. Note that SUPPORT_DESMD5 will be treated as always false for now.
• The KDC will now log a number of enctype parameters associated with KDC requests, in order to allow easier debugging of enctype-related problems.
• A client will no longer attempt obtain a forwarded TGT with a session key enctype that the target server won't understand.
• Triple-DES should work on Windows now. The SHA-1 implementation had a Windows-specific bug preventing it from working in most cases.
• Various bugs in pty handling have been fixed.
• Bogus utmp files with garbage characters in their names should not get created on Solaris. Also, utmp/wtmp handling code has been mostly rewritten, eliminating numerous bugs.
• Potential buffer-overrun problems and null-pointer dereferences have been fixed in ftpd, telnetd, login.krb5, and SHA-1. The first three may be exploitable under certain conditions; the SHA-1 bug probably isn't, as far as we know.
• For multiple-hop interrealm authentication, the realm transit path checking has been rewritten. The old code had a serious bug where some of the transited realms may not have been checked against the computed path. It was therefore possible to forge a remote client name in certain cases. We strongly recommend updating application server code where non-local principals may be found on ACLs.
• In conjunction with the above fix, we've implemented KDC checking of the realm transit path, as described in the IETF's current kerberos-revisions draft, and set up the KDC to refuse to issue tickets with unacceptable transit paths. (Strictly speaking, according to the Kerberos specification, enforcement of these checks is supposed to be left to the application servers.) Thus, if your application servers can't be updated promptly but your KDC can, you can still prevent such tickets from being issued. This checking is controlled by a per-realm flag, and is enabled by default.
• On AIX systems, the rlogin server should no longer hang when control-C is pressed.
• New databases will be created in btree format by default. We believe the btree code to be less buggy than the hash format code we have been using. This should not affect the use of any existing databases, only newly created ones, and even that should be a transparent change.

Kerberos 5 Release 1.2.2 is now available

The MIT Kerberos Team announces the availability of the krb5-1.2.2 release. This is primarily a bugfix release. The README file may be found here. Major changes include:

• The KDC dump format has been updated to include per-principal policy information. This will require updating your slave KDCs before your master if you want things to still work.
• A library bug that prevented kprop from working properly with DES3 keys has been fixed.
• kpasswd should no longer coredump when there is no kadmin_server line in krb5.conf.
• ASN.1 parsing has been improved to deal with indefinite encodings, such as those emitted by DCE-1.0 derived systems.
• Preauthentication handling code in the initial ticket APIs has been fixed to handle zero-length ETYPE_INFO sequences without causing a NULL pointer dereference.
• The replay cache should no longer leak temporary files. Related hard-to-analyze filename bugs in the rcache code should also be fixed.
• Library builds should now work on AIX.
• KDC local address search code should now work on AIX.
• The yacc grammar for the ftp daemon has been modified to be compilable on HP/UX with Bison; namespace pollution from system headers was causing trouble before.

Kerberos 5 Release 1.2.1 is Now Available

The MIT Kerberos Team announces the availibility of MIT Kerberos 5 Release 1.2.1. This is primarily a bugfix release. Changes include:

• A bug in the gssapi library that prevented kadmin clients from working has been fixed. For some reason this was not caught during beta testing.

• login.c now correctly sets the default ccache name.

• A memory leak in conv_princ.c has been fixed.

Kerberos 5 Release 1.2 is Now Available

• Triple DES support, for session keys as well as user or service keys, should be nearly complete in this release. Much of the work that has been needed is generic multiple-cryptosystem support, so the addition of another cryptosystem should be much easier.

  • GSSAPI support for 3DES has been added. An Internet Draft is being worked on that will describe how this works; it is not currently standardized. Some backwards-compatibility issues in this area mean that enabling 3DES support must be done with caution; service keys that are used for GSSAPI must not be updated to 3DES until the services themselves are upgraded to support 3DES under GSSAPI.

• DNS support for locating KDCs is enabled by default. DNS support for looking up the realm of a host is compiled in but disabled by default (due to some concerns with DNS spoofing).

  We recommend that you publish your KDC information through DNS even if you intend to rely on config files at your own site; otherwise, sites that wish to communicate with you will have to keep their config files updated with your information. One of the goals of this code is to reduce the client-side configuration maintenance requirements as much as is possible, without compromising security.

  See the administrator's guide for information on setting up DNS information for your realm.

  One important effect of this for developers is that on many systems, "-lresolv" must be added to the compiler command line when linking Kerberos programs.

  Configure-time options are available to control the inclusion of the DNS code and the setting of the defaults. Entries in krb5.conf will also modify the behavior if the code has been compiled in.

• Numerous buffer-overrun problems have been found and fixed. Many of these were in locations we don't expect can be exploited in any useful way (for example, overrunning a buffer of MAXPATHLEN bytes if a compiled-in pathname is too long, in a program that has no special privileges). It may be possible to exploit a few of these to compromise system security.

• Partial support for IPv6 addresses has been added. It can be enabled or disabled at configure time with --enable-ipv6 or --disable-ipv6; by default, the configure script will search for certain types and macros, and enable the IPv6 code if they're found. The IPv6 support at this time mostly consists of including the addresses in credentials.

• A protocol change has been made to the "rcmd" suite (rlogin, rsh, rcp) to address several security problems described in Kris Hildrum's paper presented at NDSS 2000. New command-line options have been added to control the selection of protocol, since the revised protocol is not compatible with the old one.

• A security problem in login.krb5 has been fixed. This problem was only present if the krb4 compatibility code was not compiled in.

• A security problem with ftpd has been fixed. An error in the in the yacc grammar permitted potential root access.

• The client programs kinit, klist and kdestroy have been changed to incorporate krb4 support. New command-line options control whether krb4 behavior, krb5 behavior, or both are used.

• Patches from Frank Cusack for much better hardware preauth support have been incorporated.

• Patches from Matt Crawford extend the kadmin ACL syntax so that restrictions can be imposed on what certain administrators may do to certain accounts.

• A KDC on a host with multiple network addresses will now respond to a client from the address that the client used to contact it. The means used to implement this will however cause the KDC not to listen on network addresses configured after the KDC has started.

Many more changes have been made; please see the README file in the sources for more details.

Documentation for krb5-1.2.8

Please note that the HTML versions of these documents are converted from texinfo, and that the conversion is imperfect. If you want PostScript or GNU info versions, please download the documentation tarball.

• install guide
• user guide
• admin guide
• krb425 guide
• documentation tarball

Retrieving Kerberos 5 Release 1.2

You may retrieve the Kerberos 5 Release 1.2 source from here. If you need to acquire the sources from some other distribution site, perhaps due to problems with our export control web pages, you may verify them against the detached PGP signature for krb5-1.2.8.