Kerberos Version 5, Release 1.14
Release Notes
The MIT Kerberos Team
Copyright and Other Notices
---------------------------
Copyright (C) 1985-2016 by the Massachusetts Institute of Technology
and its contributors. All rights reserved.
Please see the file named NOTICE for additional notices.
Documentation
-------------
Unified documentation for Kerberos V5 is available in both HTML and
PDF formats. The table of contents of the HTML format documentation
is at doc/html/index.html, and the PDF format documentation is in the
doc/pdf directory.
Additionally, you may find copies of the HTML format documentation
online at
http://web.mit.edu/kerberos/krb5-latest/doc/
for the most recent supported release, or at
http://web.mit.edu/kerberos/krb5-devel/doc/
for the release under development.
More information about Kerberos may be found at
http://web.mit.edu/kerberos/
and at the MIT Kerberos Consortium web site
http://kerberos.org/
Building and Installing Kerberos 5
----------------------------------
Build documentation is in doc/html/build/index.html or
doc/pdf/build.pdf.
The installation guide is in doc/html/admin/install.html or
doc/pdf/install.pdf.
If you are attempting to build under Windows, please see the
src/windows/README file.
Reporting Bugs
--------------
Please report any problems/bugs/comments by sending email to
krb5-bugs@mit.edu.
You may view bug reports by visiting
http://krbdev.mit.edu/rt/
and using the "Guest Login" button. Please note that the web
interface to our bug database is read-only for guests, and the primary
way to interact with our bug database is via email.
DES transition
--------------
The Data Encryption Standard (DES) is widely recognized as weak. The
krb5-1.7 release contains measures to encourage sites to migrate away
from using single-DES cryptosystems. Among these is a configuration
variable that enables "weak" enctypes, which defaults to "false"
beginning with krb5-1.8.
Major changes in 1.14.3 (2016-07-20)
------------------------------------
This is a bug fix release.
* Improve some error messages
* Improve documentation
* Allow a principal with nonexistent policy to bypass the minimum
password lifetime check, consistent with other aspects of
nonexistent policies
* Fix a rare KDC denial of service vulnerability when anonymous client
principals are restricted to obtaining TGTs only [CVE-2016-3120]
krb5-1.14.3 changes by ticket ID
--------------------------------
8378 Improve error message "kadmind: No such file or directory
while initializing, aborting"
8392 Add missing newline in kinit usage message
8395 Fetching master key list crashes if K/M has no key data
8413 Fix unlikely pointer error in get_in_tkt.c
8415 Uninitialized read in krb5_sname_match
8417 Fix typo in doc/user/tkt_mgmt.rst
8421 Avoid setting AS key when OTP preauth fails
8422 Relax t_sn2princ.py reverse resolution test
8427 kadmind minimum life check fails for nonexistent policies
8430 Fix incorrect recv() size calculation in libkrad
8431 profile_flush_to_file() can corrupt shared tree state
8448 Confusing error text for unset default_realm
8452 Update LDAP docs for password lockout
8455 k5_expand_path_tokens_extra() always returns 0 even if
expand_token() fails
8457 Fix error code on clpreauth module failure
8458 Fix S4U2Self KDC crash when anon is restricted [CVE-2016-3120]
Major changes in 1.14.2 (2016-04-18)
------------------------------------
This is a bug fix release.
* Fix a moderate-severity vulnerability in the LDAP KDC back end that
could be exploited by a privileged kadmin user [CVE-2016-3119]
* Improve documentation
* Fix some interactions with GSSAPI interposer mechanisms
krb5-1.14.2 changes by ticket ID
--------------------------------
8330 Enable interposing gss_inquire_attrs_for_mech()
8358 Report inquire_attrs_for_mech mech failures
8359 Enable interposing gss_inquire_saslname_for_mech
8360 Use public OID for interposing several functions
8362 memleak in decrypt_2ndtkt()
8363 s4u protocol transition tests revealing memleaks in krb5kdc
8373 SPNEGO gss_init_sec_context() can fail or prematurely resolve creds
8383 Fix LDAP null deref on empty arg [CVE-2016-3119]
8385 Fix keytab file format description
8387 Add documentation for krb5_error_code
8390 Default to LSA when TGT in LSA is inaccessible
Major changes in 1.14.1 (2016-02-29)
------------------------------------
* Fix some moderate-severity vulnerabilities [CVE-2015-8629,
CVE-2015-8630, CVE-2015-8631] in kadmind.
* Improve behavior on hosts with long hostnames.
* Avoid spurious failures when doing normal kprop to heavily loaded
slave KDCs.
krb5-1.14.1 changes by ticket ID
--------------------------------
8276 Fix mechglue gss_acquire_cred_impersonate_name
8281 Fix memory leak in SPNEGO gss_init_sec_context()
8300 Fix k5crypto NSS iov processing bug
8301 Correctly use k5_wrapmsg() in ldap_principal2.c
8326 hostrealm code won't compile in debug mode using Solaris
Studio C
8327 Set TL_DATA mask flag for master key operations
8334 Check context handle in gss_export_sec_context()
8335 Work around uninitialized warning in cc_kcm.c
8336 MAXHOSTNAMELEN is too short for some FQDNs
8337 Check internal context on init context errors
8338 Fix interposed gss_accept_sec_context()
8339 Add .travis.yml
8340 ksu broken with 2FA principals again
8341 Verify decoded kadmin C strings [CVE-2015-8629]
8342 Check for null kadm5 policy name [CVE-2015-8630]
8343 Fix leaks in kadmin server stubs [CVE-2015-8631]
8346 Fix EOF check in kadm5.acl line processing
8347 Fix iprop server stub error management
8367 Use blocking lock when creating db2 KDB
Major changes in 1.14 (2015-11-20)
----------------------------------
Administrator experience:
* Add a new kdb5_util tabdump command to provide reporting-friendly
tabular dump formats (tab-separated or CSV) for the KDC database.
Unlike the normal dump format, each output table has a fixed number
of fields. Some tables include human-readable forms of data that
are opaque in ordinary dump files. This format is also suitable for
importing into relational databases for complex queries.
* Add support to kadmin and kadmin.local for specifying a single
command line following any global options, where the command
arguments are split by the shell--for example, "kadmin getprinc
principalname". Commands issued this way do not prompt for
confirmation or display warning messages, and exit with non-zero
status if the operation fails.
* Accept the same principal flag names in kadmin as we do for the
default_principal_flags kdc.conf variable, and vice versa. Also
accept flag specifiers in the form that kadmin prints, as well as
hexadecimal numbers.
* Remove the triple-DES and RC4 encryption types from the default
value of supported_enctypes, which determines the default key and
salt types for new password-derived keys. By default, keys will
only created only for AES128 and AES256. This mitigates some types
of password guessing attacks.
* Add support for directory names in the KRB5_CONFIG and
KRB5_KDC_PROFILE environment variables.
* Add support for authentication indicators, which are ticket
annotations to indicate the strength of the initial authentication.
Add support for the "require_auth" string attribute, which can be
set on server principal entries to require an indicator when
authenticating to the server.
* Add support for key version numbers larger than 255 in keytab files,
and for version numbers up to 65535 in KDC databases.
* Transmit only one ETYPE-INFO and/or ETYPE-INFO2 entry from the KDC
during pre-authentication, corresponding to the client's most
preferred encryption type.
* Add support for server name identification (SNI) when proxying KDC
requests over HTTPS.
* Add support for the err_fmt profile parameter, which can be used to
generate custom-formatted error messages.
Code quality:
* Fix memory aliasing issues in SPNEGO and IAKERB mechanisms that
could cause server crashes. [CVE-2015-2695] [CVE-2015-2696]
[CVE-2015-2698]
* Fix build_principal memory bug that could cause a KDC
crash. [CVE-2015-2697]
Developer experience:
* Change gss_acquire_cred_with_password() to acquire credentials into
a private memory credential cache. Applications can use
gss_store_cred() to make the resulting credentials visible to other
processes.
* Change gss_acquire_cred() and SPNEGO not to acquire credentials for
IAKERB or for non-standard variants of the krb5 mechanism OID unless
explicitly requested. (SPNEGO will still accept the Microsoft
variant of the krb5 mechanism OID during negotiation.)
* Change gss_accept_sec_context() not to accept tokens for IAKERB or
for non-standard variants of the krb5 mechanism OID unless an
acceptor credential is acquired for those mechanisms.
* Change gss_acquire_cred() to immediately resolve credentials if the
time_rec parameter is not NULL, so that a correct expiration time
can be returned. Normally credential resolution is delayed until
the target name is known.
* Add krb5_prepend_error_message() and krb5_wrap_error_message() APIs,
which can be used by plugin modules or applications to add prefixes
to existing detailed error messages.
* Add krb5_c_prfplus() and krb5_c_derive_prfplus() APIs, which
implement the RFC 6113 PRF+ operation and key derivation using PRF+.
* Add support for pre-authentication mechanisms which use multiple
round trips, using the the KDC_ERR_MORE_PREAUTH_DATA_REQUIRED error
code. Add get_cookie() and set_cookie() callbacks to the kdcpreauth
interface; these callbacks can be used to save marshalled state
information in an encrypted cookie for the next request.
* Add a client_key() callback to the kdcpreauth interface to retrieve
the chosen client key, corresponding to the ETYPE-INFO2 entry sent
by the KDC.
* Add an add_auth_indicator() callback to the kdcpreauth interface,
allowing pre-authentication modules to assert authentication
indicators.
* Add support for the GSS_KRB5_CRED_NO_CI_FLAGS_X cred option to
suppress sending the confidentiality and integrity flags in GSS
initiator tokens unless they are requested by the caller. These
flags control the negotiated SASL security layer for the Microsoft
GSS-SPNEGO SASL mechanism.
* Make the FILE credential cache implementation less prone to
corruption issues in multi-threaded programs, especially on
platforms with support for open file description locks.
Performance:
* On slave KDCs, poll the master KDC immediately after processing a
full resync, and do not require two full resyncs after the master
KDC's log file is reset.
User experience:
* Make gss_accept_sec_context() accept tickets near their expiration
but within clock skew tolerances, rather than rejecting them
immediately after the server's view of the ticket expiration time.
krb5-1.14 changes by ticket ID
------------------------------
6938 krb5 and ldap signed traffic
7532 Improve support for large kvnos
7790 Make cross-realm S4U2Self work
7804 Can't write to file ccache with OPENCLOSE unset
7903 Remove des3 and arcfour from supported_enctypes
7991 kadmin should have a script-friendly mode
8002 Fix KCM ccache per-type cursor
8021 SPNEGO clients should not try IAKERB by default
8022 klist -s only looks for TGTs
8023 Use OFD locks where available
8025 krb5 gss_inquire_context doesn't work with partially established context
8026 Use stdio reads, O_APPEND writes in FILE ccache
8027 Client RPC timeout during kadmin listprincs command
8030 Add support for directories in profile paths
8046 Add new error message wrapping APIs
8047 Add err_fmt profile parameter
8048 Remove ksu -D flag documentation
8052 Include file ccache name in error messages
8062 Fix const correctness on krb5_c_fx_cf2_simple()
8063 Support KDC_ERR_MORE_PREAUTH_DATA_REQUIRED
8123 Check timestamp in PKINIT kdcpreauth module
8124 Use preauth timestamp in PKINIT clpreauth module
8139 SIGNTICKET creation and verification doesn't always use the right key
8152 gss_acquire_cred_with_password() ignores expired creds
8157 Authentication indicator support
8161 kpropd -t (runonce) doesn't work for full dumps
8163 python test issues
8164 Avoid unnecessary iprop full resyncs after resets
8171 kadm5_hook does not have rename method
8198 Support SNI in MS-KKDCP client
8199 Only include one key in etype-info
8200 Add client_keyblock kdcpreauth callback
8213 Policy extensions in 1.11 break iprop dump compatibility
8215 Unify KDB principal flag specifiers
8217 Limit use of deprecated krb5 mech OIDs
8219 Conditionalize iprop stderr output in kadmind
8221 Fail during configure if stdint.h missing
8224 Add KDC_ERR_PREAUTH_EXPIRED support
8225 Improve krb5_cccol_have_content() error messages
8227 Allow missing authenticator checksum with GSSAPI
8228 Add krb5_c_prfplus() and krb5_c_derive_prfplus()
8233 Add secure cookie support
8234 Add etype-info2 to MORE_PREAUTH_DATA_REQUIRED
8235 Resolve krb5 GSS creds if time_rec is requested
8236 Update SPNEGO hintName value to current spec
8242 Improve PKINIT OpenSSL error reporting
8243 Add tabular dump capability to kdb5_util
8244 SPNEGO and IAKERB context aliasing bugs [CVE-2015-2695][CVE-2015-2696]
8245 kerberos.ldif file has malformed entries
8246 Fix error mappings for IOV MIC mechglue funcs
8251 Fix kadmin with e2fsprogs libss
8252 Fix build_principal memory bug [CVE-2015-2697]
8253 Fix minor utf8-to-ucs2s read overrun bug
8254 use appropriate default for krb5_cv_sys_rcdir when cross-compiling
8255 Define error status GSS_S_BAD_MIC
8256 Fix typo in GSS_S_UNAUTHORIZED error message
8257 Fix gss_inquire_names_for_mech() on MS krb5 mech
8258 Correct GSS major code for non-default QOP values
8259 Check output params on GSS OID set functions
8260 Fix gss_store_cred() minor code on acceptor cred
8262 Set plugin_base_dir for kadmin tests
8264 kdb_check test target uses installed message catalog
8266 Installed krb5.conf files can affect test suite
8267 unsetenv() returns void
8268 krb5 gss_accept_sec_context() does not allow clock skew
8269 Accept new passwords as const char pointers
8271 Zap secure cookie contents when freeing
8273 Fix IAKERB context export/import [CVE-2015-2698]
Acknowledgements
----------------
Past Sponsors of the MIT Kerberos Consortium:
Apple
Carnegie Mellon University
Centrify Corporation
Columbia University
Cornell University
The Department of Defense of the United States of America (DoD)
Fidelity Investments
Google
Iowa State University
MIT
Michigan State University
Microsoft
MITRE Corporation
Morgan-Stanley
The National Aeronautics and Space Administration
of the United States of America (NASA)
Network Appliance (NetApp)
Nippon Telephone and Telegraph (NTT)
US Government Office of the National Coordinator for Health
Information Technology (ONC)
Oracle
Pennsylvania State University
Red Hat
Stanford University
TeamF1, Inc.
The University of Alaska
The University of Michigan
The University of Pennsylvania
Past and present members of the Kerberos Team at MIT:
Danilo Almeida
Jeffrey Altman
Justin Anderson
Richard Basch
Mitch Berger
Jay Berkenbilt
Andrew Boardman
Bill Bryant
Steve Buckley
Joe Calzaretta
John Carr
Mark Colan
Don Davis
Sarah Day
Alexandra Ellwood
Carlos Garay
Dan Geer
Nancy Gilman
Matt Hancher
Thomas Hardjono
Sam Hartman
Paul Hill
Marc Horowitz
Eva Jacobus
Miroslav Jurisic
Barry Jaspan
Benjamin Kaduk
Geoffrey King
Kevin Koch
John Kohl
HaoQi Li
Jonathan Lin
Peter Litwack
Scott McGuire
Steve Miller
Kevin Mitchell
Cliff Neuman
Paul Park
Ezra Peisach
Chris Provenzano
Ken Raeburn
Jon Rochlis
Jeff Schiller
Jen Selby
Robert Silk
Bill Sommerfeld
Jennifer Steiner
Ralph Swick
Brad Thompson
Harry Tsai
Zhanna Tsitkova
Ted Ts'o
Marshall Vale
Tom Yu
The following external contributors have provided code, patches, bug
reports, suggestions, and valuable resources:
Ian Abbott
Brandon Allbery
Russell Allbery
Brian Almeida
Michael B Allen
Heinz-Ado Arnolds
Derek Atkins
Mark Bannister
David Bantz
Alex Baule
David Benjamin
Thomas Bernard
Adam Bernstein
Arlene Berry
Jeff Blaine
Radoslav Bodo
Sumit Bose
Emmanuel Bouillon
Philip Brown
Michael Calmer
Andrea Campi
Julien Chaffraix
Ravi Channavajhala
Srinivas Cheruku
Leonardo Chiquitto
Howard Chu
Andrea Cirulli
Christopher D. Clausen
Kevin Coffman
Simon Cooper
Sylvain Cortes
Ian Crowther
Arran Cudbard-Bell
Jeff D'Angelo
Nalin Dahyabhai
Mark Davies
Dennis Davis
Alex Dehnert
Mark Deneen
Günther Deschner
John Devitofranceschi
Roland Dowdeswell
Viktor Dukhovni
Jason Edgecombe
Mark Eichin
Shawn M. Emery
Douglas E. Engert
Peter Eriksson
Juha Erkkilä
Gilles Espinasse
Ronni Feldt
Bill Fellows
JC Ferguson
Remi Ferrand
Paul Fertser
William Fiveash
Ákos Frohner
Sebastian Galiano
Marcus Granado
Scott Grizzard
Helmut Grohne
Steve Grubb
Philip Guenther
Dominic Hargreaves
Robbie Harwood
Jakob Haufe
Matthieu Hautreux
Paul B. Henson
Jeff Hodges
Christopher Hogan
Love Hörnquist Åstrand
Ken Hornstein
Henry B. Hotz
Luke Howard
Jakub Hrozek
Shumon Huque
Jeffrey Hutzelman
Wyllys Ingersoll
Holger Isenberg
Spencer Jackson
Diogenes S. Jesus
Pavel Jindra
Joel Johnson
Anders Kaseorg
W. Trevor King
Patrik Kis
Mikkel Kruse
Reinhard Kugler
Tomas Kuthan
Pierre Labastie
Volker Lendecke
Jan iankko Lieskovsky
Oliver Loch
Kevin Longfellow
Jon Looney
Nuno Lopes
Ryan Lynch
Roland Mainz
Andrei Maslennikov
Michael Mattioli
Nathaniel McCallum
Greg McClement
Cameron Meadors
Alexey Melnikov
Franklyn Mendez
Markus Moeller
Kyle Moffett
Paul Moore
Keiichi Mori
Michael Morony
Zbysek Mraz
Edward Murrell
Nikos Nikoleris
Felipe Ortega
Michael Osipov
Andrej Ota
Dmitri Pal
Javier Palacios
Tom Parker
Ezra Peisach
Zoran Pericic
W. Michael Petullo
Mark Phalan
Brett Randall
Jonathan Reams
Jonathan Reed
Robert Relyea
Martin Rex
Jason Rogers
Matt Rogers
Nate Rosenblum
Solly Ross
Mike Roszkowski
Guillaume Rousse
Andreas Schneider
Tom Shaw
Jim Shi
Peter Shoults
Simo Sorce
Michael Spang
Michael Ströder
Bjørn Tore Sund
Joe Travaglini
Tim Uglow
Rathor Vipin
Denis Vlasenko
Jorgen Wahlsten
Stef Walter
Max (Weijun) Wang
John Washington
Stef Walter
Xi Wang
Kevin Wasserman
Margaret Wasserman
Marcus Watts
Andreas Wiese
Simon Wilkinson
Nicolas Williams
Ross Wilper
Augustin Wolf
David Woodhouse
Tsu-Phong Wu
Xu Qiang
Neng Xue
Nickolai Zeldovich
Hanz van Zijst
Gertjan Zwartjes
The above is not an exhaustive list; many others have contributed in
various ways to the MIT Kerberos development effort over the years.
Other acknowledgments (for bug reports and patches) are in the
doc/CHANGES file.