summaryrefslogtreecommitdiffstats
path: root/crypto/kerberosIV/NEWS
blob: cddbb229169952c6fcfa04aab013b90b4954112e (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
Minor changes in release 0.9.6:

* utmp(x) works correctly on systems with utmpx.

* A security-related bug in ftpd fixed.

* Compiles on solaris 2.4, 2.6 and on WinNT/95 with cygwin32 beta18.

* New option `-w' to rxtelnet, rxterm.

Major changes in release 0.9.5:

* We made some changes to be compatible with the other kerberised ftp
  implementations and this means that an old kerberised ftp client will
  not be able to talk to a new ftp server.  So try to upgrade your ftp
  clients and servers at the same time.  The reason for this change is
  described in more detail below.

* The interpretation of /etc/ftpusers has changed slightly, see
  ftpusers(5). These changes come from NetBSD.

* The function `des_quad_cksum', which is used by `krb_rd_safe', and
  `krb_mk_safe', has never been compatible with MIT's DES
  library. This has now been fixed.

  This fix will however break some programs that used those functions,
  for instance `ftp'. In this version `krb_rd_safe' is modified to
  accept checksums of both the new and the old format; `krb_mk_safe'
  will always emit checksums of the new type *unless* `krb_rd_safe'
  has detected that the client is using the old checksum (this feature
  may be removed in some future release).

  If you have programs that use `krb_mk_safe' and `krb_rd_safe' you
  should upgrade all clients before upgrading your servers. Client is
  here defined as the program that first calls `krb_rd_safe'.

  If you are using some protocol that talks to more than one client or
  server in one session, the heuristics to detect which kind of
  checksum to use might fail.

  The problem with `des_quad_cksum' was just a byte-order problem, so
  there are no security problems with using the old versions. Thanks
  to Derrick J Brashear <shadow@DEMENTIA.ORG> for pointing in the
  right general direction.

* Rewrote kx to work always open TCP connections in the same
  direction.  This was needed to make it work through NATs and is
  generally a cleaner way of doing it.  Also added `tenletxr'.
  Unfortunately the new protocol is not compatible with the old one.
  The new kx and kxd programs try to figure out if they are talking to
  old versions.

* Quite a bit of new functionality in otp.  Changed default hash
  function to `md5'.  Fixed implementation of SHA and added downcasing
  of seed to conform with `draft-ietf-otp-01.txt'.  All verification
  examples in the draft now work.

* Fixed buffer overflows.

* Add history/line editing in kadmin and ftp.

* utmp/utmpx and wtmp/wtmpx might work better on strange machines.

* Bug fixes for `rsh -n' and `rcp -x'.

* reget now works in ftp and ftpd.  Passive mode works.  Other minor
  bug fixes as well.

* New option `-g umask' to ftpd for specifying the umask for anonymous users.

* Fix for `-l' option in rxtelnet and rxterm.

* XOVER support in popper.

* Better support for building shared libraries.

* Better support for talking to the KDC over TCP.  This could make it
  easier to use brain-damaged firewalls.

* Support FreeBSD-style MD5 /etc/passwd.

* New option `-createuser' to afslog.

* Upgraded to work with socks5-v1.0r1.

* Almost compiles and works on OS/2 with EMX, and Win95/NT with gnu-win32.

* Merged in win32-telnet, see README-WIN32 for more details.

* Possibly fixed telnet bug on HP-UX 10.

* Updated man-pages.

* Support for NetBSD/OpenBSD manual page circus.

* Bug fixes.

Major changes in release 0.9.3:

* kx has been rewritten and is now a lot easier to use.  Two new
  scripts: rxtelnet and rxterm.  It also works on machines such as
  Cray where the X-libraries cannot talk unix sockets.
	
* experimental OTP (RFC1938).  Included in login, ftpd, and popper.

* authentication modules: PAM for linux, SIA for OSF/1, and
  afskauthlib for Irix.

* popper now has the UIDL command.

* ftpd can now tar and compress files and directories on the fly, also
  added a find site command.

* updated documentation and man pages.

* Change kuserok so that it acts as if luser@LOCALREALM is always an
  entry of .klogin, even when it's not possible to verify that there
  is no such file or the file is unreadable.

* Support for SRV-records.

* Socks v5 support.

* rcp is AFS-aware.

* allow for other transport mechanisms than udp (useful for firewall
  tormented souls); as a side effect the format of krb.conf had to
  become more flexible

* sample programs included.

* work arounds for Linux networking bugs in rlogind and rlogin.

* more portable

* quite a number of improvments/bugfixes

* New platforms: HP-UX 10, Irix 6.2

Major changes in release 0.9.2a:

* fix annoying bug with kauth (et al) returning incorrect error

Major changes in release 0.9.2:

* service `kerberos-iv' and port 750 has been registered with IANA.

* Bugfixes.

  - Compiles with gcc on AIX.

  - Compiles with really old resolvers.

  - ftp works with afs string-to-key.

  - shared libraries should work on Linux/ELF.

  - some potential buffer overruns.

  - general code clean-up.

* Better Cray/UNICOS support.

* New platforms: AIX 4.2, IRIX 6.1, and Linux 2.0

Major changes in release 0.9.1:

* Mostly bugfixes.

  - No hardcoded references to /usr/athena

  - Better Linux support with rlogin

  - Fix for broken handling of NULL password in kadmind (such as with
    `ksrvutil change')

  - AFS-aware programs should work on AIX systems without AFS

* New platforms: Digital UNIX 4.0 and Fujitsu UXP/V

* New mechanism to determine realm from hostname based on DNS. To find
  the realm of a.b.c.d it tries to find krb4-realm.a.b.c.d and then
  krb4-realm.b.c.d and so on. The entry in DNS should be a TXT record
  with the realm name.

  krb4-realm.pdc.kth.se.  7200    TXT     "NADA.KTH.SE"

Major changes in release 0.9:

* Tested platforms:

Dec Alpha	OSF/1 3.2	with cc -std1
HP 9000/735	HP/UX 9.05	with gcc
DEC Pmax	Ultrix 4.4	with gcc (cc does not work)
IBM RS/6000	AIX 4.1		with xlc (gcc works, cc does not)
SGI		IRIX 5.3	with cc
Sun		SunOS 4.1.4	with gcc (cc is not ANSI and does not work)
Sun		SunOS 5.5	with gcc
Intel i386	NetBSD 1.2	with gcc
Intel i386	Linux 1.3.95	with gcc
Cray J90	Unicos 9	with cc

* Mostly ported to Crays running Unicos 9.

* S/Key-support in ftpd.

* Delete operation supported in kerberos database.

* Cleaner and more portable code.

* Even less bugs than before.

* kpopper now supports the old pop3 protocol and has been renamed to popper.

* rsh can be renamed remsh.

* Experimental program for forwarding IP over a kerberos tunnel.

* Updated to libdes 3.23.

Major changes in release 0.8:

* New programs: ftp & ftpd.

* New programs: kx & kxd.  These programs forward X connections over
  kerberos-encrypted connections.

* Incorporated version 3.21 of libdes.

* login: No double utmp-entries on Solaris.

* kafs

  * Better guessing of what realm a cell belongs to.

  * Support for authenticating to several cells.  Reads
    /usr/vice/etc/TheseCells, if present.

* ksrvutil: Support for generating AFS keys.

* login, su, rshd, rlogind: tries to counter possible NIS-attack.

* xnlock: several bug fixes and support for more than one screen.

* Default port number for ekshell changed from 2106 to 545.  kauth
  port changed from 4711 to 2120.

* Rumored to work on Fujitsu UXP/V and Cray UNICOS.

Major changes in release 0.7:

* New experimental masterkey generation.   Enable with
  --enable-random-mkey. Also the default place for the master key has
  moved from /.k to /var/kerberos/master-key. This is customizable
  with --with-mkey=file. If you don't want you master key to be on the
  same backup medium as your database, remember to use this flag. All
  relevant programs still checks for /.k.

* `-t' option to kadmin.

* Kpopper uses kuserok to verify if user is allowed to pop mail.

* Kpopper tries to locate the mail spool directory: /var/mail or
  /var/spool/mail.

* kauth has ability to get ticket on a remove host with the `-h' option.

* afslog (aklog clone) and pagsh included.

* New format for /etc/krb.equiv.

* Better multi-homed hosts support in kauth, rcp, rlogin, rlogind,
  rshd, telnet, telnetd.

* rlogind works on ultrix and aix 3.2.

* lots of bug fixes.

Major changes in release 0.6:

* Tested platforms:

DEC/Alpha	OSF3.2
HP700		HPux 9.x
Dec/Pmax	Ultrix 4.4	(rlogind not working)
IBM RS/6000	AIX 3.2		(rlogind not working)
IBM RS/6000	AIX 4.1
SGI		Irix 5.3
Sun		Sunos 4.1.x
Sun		Sunos 5.4
386		BSD/OS 2.0.1
386		NetBSD 1.1
386		Linux 1.2.13

It is rumored to work to some extent on NextStep 3.3.

* ksrvutil get to create new keys and put them in the database at the
same time.

* Support for S/Key in login.

* kstring2key: new program to show string to key conversion.

* Kerberos server should now listen on all available network
interfaces and on both port 88 and 750.

* Timeout in kpopper.

* Support password quality checks in kadmind.  Use --with-crack-lib to
link kadmind with cracklib.  The patches in cracklib.patch are needed.

* Movemail from emacs 19.30.

* Logging format uses four digits for years.

* Fallback if port numbers are not listed in /etc/services.


	* Relesed version 0.5

	* lib/des/read_pwd.c: Redifine TIOCGETP and TIOCSETP so that the
        same code is used both for posix termios and others.

	* rsh, rlogin: Add environment variable RSTAR_NO_WARN which when
	set to "yes" make warnings about "rlogin: warning, using standard
	rlogin: remote host doesn't support Kerberos." go away.

	* admin/kdb_util.c (load_db) lib/kdb/krb_dbm.c (kerb_db_update):
        Optimized so that it can handle large databases, previously a
        10000 entry DB would take *many* minutes, this can now be done in
        under a minute.

	* Changes in server/kerberos.c, kadmin/*.c slave/*.c to support 64
        bit machines. Source should now be free of 64 bit assumptions.

	* admin/copykey.c (copy_from_key): New functions for copying to
        and from keys. Neccessary to solve som problems with longs on 64
        bit machines in kdb_init, kdb_edit, kdb_util and ext_srvtab.

	* lib/kdb/krb_kdb_utils.c (kdb_verify_master_key): More problems
        with longs on 64 bit machines.

	* appl/bsd/login.c (main): Lots of stuff to support Psoriasis
        login. Courtesy of gertz@lysator.liu.se.

	* configure.in, all Makefile.in's: Support for Linux shared
        libraries. Courtesy of svedja@lysator.liu.se.

	* lib/krb/cr_err_reply.c server/kerberos.c: Moved int req_act_vno
	= KRB_PROT_VERSION; from server kode to libkrb where it really
	belongs.

        * appl/bsd/forkpty.c (forkpty): New function that allocates master
        and slave ptys in a portable way. Used by rlogind.

	* appl/telnet/telnetd/sys_term.c (start_login): Under SunOS5 the
	same utmpx slot got used by sevral sessions. Courtesy of
	gertz@lysator.liu.se.

	* util/{ss, et}/Makefile.in (LEX): Use flex or lex. Courtesy of
        svedja@lysator.liu.se.

	* Fix the above Makefiles to work around bugs in Solaris and OSF/1
        make rules that was triggered by VPATH functionality in the yacc
        and lex rules.

	* appl/kpopper/pop_log.c (pop_log) appl/kpopper/pop_msg.c (pop_msg):
	Use stdarg instead of varargs. The code is still broken though,
	you'll realize	that on a machine with 64 bit pointers and 32 bit 
	int:s and no vsprintf, let's hope there will be no such beasts ;-).

	* appl/telnet/telnetd/sys_term.c (getptyslave): Not all systems
	 have (or need) modules ttcompat and pckt so don't flag it as a
	 fatal error if they don't exist.

	* kadmin/admin_server.c (kadm_listen) kadmind/kadm_ser_wrap.c
	(kadm_listen): Add kludge for kadmind running on a multihomed
	server. #ifdef:ed under MULTIHOMED_KADMIN. Change in acconfig.h
	if you need this feature.

	* appl/Makefile.in (SUBDIRS): Add applications movemail kpopper
        and xnlock.

	* appl/bsd/rlogin.c (main): New rlogind.c, forkpty() is not
        implemented yet though.

	* appl/xnlock/Makefile.in: Some stubs for X11 programs in
        configure.in as well as a kerberized version of xnlock.

	* appl/bsd/{rlogin.c, rsh.c, rcp.c}: Add code to support fallback
        port numbers if they can not be found using getservbyname.

	* appl/bsd/klogin.c (klogin): Use differnet ticket files for each
        login so that a malicous user won't be able to destroy our tickets
        with a failed login attempt.

	* lib/kafs/afssys.c (k_afsklog): First we try afs.cell@REALM, if
	there is no such thing try afs@CELL instead. There is now two
	arguments to k_afslog(char *cell, char *realm).

	* kadmin/admin_server.c (kadm_listen): If we are multihomed we
        need to figure out which local address that is used this time
        since it is used in "direction" comparison.

	* kadmin/kadm_ser_wrap.c (kadm_ser_init): Fallback to use default
        port number.

	* lib/krb/send_to_kdc.c (send_to_kdc): Default port number
        (KRB_PORT) was not in network byte order.

	* lib/krb/send_to_kdc.c (send_recv): Linux clears timeout struct
        when selecting.

	* appl/bsd/rcp.c, appl/bsd/rlogin.c, appl/bsd/rsh.c:
	Now does fallback if there isn't any entries in /etc/services for
	klogin/kshell. This also made the code a bit more pretty.

	* appl/bsd/login.c: Added support for lots of more struct utmp fields.
	If there is no ttyslot() use setutent and friends.

	* appl/bsd/Makefile.in, appl/bsd/rlogind.c, appl/bsd/rshd.c:
	Added extern iruserok().

	* appl/bsd/iruserok.c: Initial revision

	* appl/bsd/bsd_locl.h: Must include sys/filio.h on Psoriasis.

	* appl/bsd/Makefile.in: New install

	* appl/bsd/pathnames.h: Fix default path, rsh and rlogin.

	* appl/bsd/rshd.c: Extend default PATH with bindir to find rcp.

	* appl/bsd/login.c (login): If there is no ttyslot use setutent
	and friends. Added support for lots of more struct utmp fields.

	* server/kerberos.c (main) lib/kafs/afssys.c appl/bsd/bsd_locl.h:
        Must include sys/filio.h on Psoriasis to find _IOW and FIO* macros.

	* appl/bsd/rlogind.c (doit): Use _PATH_DEFPATH rather than
        _PATH_DEF.

	* appl/bsd/login.c, su.c (main): Use fallback to bourne shell if
        running as root.

	* appl/bsd/su.c (main): Update usage message to reflect that '-'
	option must come after the ordinary options and before login-id.

	* appl/telnet/telnetd/telnetd.c (doit): If remote host name is to
	long to fit into utmp try to remove domain part if it does match
	our local domain.

	(main): Add new option -L /bin/login so that it is possible to 
	specify an alternate login program.

	* appl/telnet/telnet/commands.c (env_init): When exporting
	variable DISPLAY and if hostname is not the full name, try to get
	the full name from DNS.

	* appl/telnet/telnet/main.c (main): Option -k realm was broken due
        to a bogous external declaration.

	* kadmin/kadmin.c (add_new_key): Kadmin now properly sets
	lifetime, expiration date and attributes in add_new_key command.

	* appl/bsd/su.c (main): Don't handle '-' option with getopt.

	* appl/telnet/telnet/externs.h: Removed protection for multiple
	inclusions of termio(s).h since it broke definition of termio
	macro on POSIX systems.

	* lib/krb/lifetime.c (krb_life_to_time): If you want to disable
	AFS compatible long lifetimes set krb_no_long_lifetimes = 1.
	
	Please note that the long lifetimes are 100% compatible up to
	10h so this should rarely be necessary.

	* lib/krb/krb_equiv.c (krb_equiv): If you don't want to use
	ipaddress protection of tickets set krb_ignore_ip_address. This
	makes it possible for an intruder to steal a ticket and then use
	it from som other machine anywhere on the net.

	* kadmin/kadm_ser_wrap.c (kadm_ser_init): Don't bind to only one
        local address. Accept request on all interfaces.

	* admin/kdb_edit.c (change_principal): Don't accept illegal
        dates. Courtesy of gertz@lysator.liu.se.

	* configure.in: AIX specific libraries needed when using standard
        libc routine getttyent, IBM should be ashamed!

	* lib/krb/recvauth.c (krb_recvauth): Long that should be int32_t
        problem.

	* Added strdup for su and rlogin.

	* Fix for old syslog macros in appl/bsd/bsd_locl.

	* lib/kdb/krb_dbm.c (kerb_db_rename) admin/kdb_destroy.c: New
        ifdef HAVE_NEW_DB for new databases residing in one file only.

	* appl/bsd/rlogin.c (oob): Add workaround for Linux.

	* appl/bsd/getpass.c: New routine that reads up to 127 char
        passwords. Used in su.c and login.c.

	* appl/telnet/telnetd/sys_term.c (login_tty): Ioctl TIOCSCTTY
        should not be used on HP-UX.

==========================*** Released 0.2? ***=============================

ksrvutil
  If there is a dot in the about to be added principals name there is
  no need to ask for instance name.

kerberos & kadmind
  Logfiles are created with small permissions (600).

krb.conf and krb.realms
 Use domain part as realm name if there is no match in krb.realms.
 Use kerberos.REALMNAME if there is no match in krb.realms.

rlogin
  The rlogin client is supported both with and without encryption,
  there is no rlogind yet though.

login
  There is login program that supports the -f option. Both kerberos
  and /etc/passwd authentication is enabled.

  Vendors login programs typically have no -f option (needed by
  telnetd) and also does not know how to verify passwords againts
  kerberos.

appl/bsd/*
  Now uses POSIX signals.

kdb_edit, kadmin
  Generate random passwords if administrator enters empty password.

lib/kafs
  New library to support AFS. Routines:
  int k_hasafs(void);
  int k_afsklog(...); or some other name
  int k_setpag(void);
  int k_unlog(void);
  int k_pioctl(char *, int, struct ViceIoctl *, int);

  Library supports more than one single entry point AFS syscalls
  (needed be HP/UX and OSF/1 when running DFS). Doesn't rely on
  transarc headers or library code. Same binaries can be used both on
  machines running AFS and others.

  This library is used in telnetd, login and the r* programs.

telnet & telnetd
  Based on telnet.95.05.31.NE but with the encryption hacks from
  ftp.funet.fi:/pub/unix/security/esrasrc-1.0 added.  This encryption
  stuff needed some more modifications (done by joda@nada.kth.se)
  before it was usable. Telnet has also been modified to use GNU
  autoconf.

Numerous other changes that are long since forgotten.
OpenPOWER on IntegriCloud