|
|
|
This product includes MIT Kerberos v5 r1.5, excluding the OpenVision Kerberos Administration System donated by Kerberos to MIT for inclusion in the standard Kerberos 5 distribution.
Kerberos Version 5, Release 1.5.3
リリース ノート
The MIT Kerberos Team
Unpacking the Source Distribution
---------------------------------
The source distribution of Kerberos 5 comes in a gzipped tarfile,
krb5-1.5.3.tar.gz. Instructions on how to extract the entire
distribution follow.
If you have the GNU tar program and gzip installed, you can simply do:
gtar zxpf krb5-1.5.3.tar.gz
If you don't have GNU tar, you will need to get the FSF gzip
distribution and use gzcat:
gzcat krb5-1.5.3.tar.gz | tar xpf -
Both of these methods will extract the sources into krb5-1.5.3/src and
the documentation into krb5-1.5.3/doc.
Building and Installing Kerberos 5
----------------------------------
The first file you should look at is doc/install-guide.ps; it contains
the notes for building and installing Kerberos 5. The info file
krb5-install.info has the same information in info file format. You
can view this using the GNU emacs info-mode, or by using the
standalone info file viewer from the Free Software Foundation. This
is also available as an HTML file, install.html.
Other good files to look at are admin-guide.ps and user-guide.ps,
which contain the system administrator's guide, and the user's guide,
respectively. They are also available as info files
kerberos-admin.info and krb5-user.info, respectively. These files are
also available as HTML files.
If you are attempting to build under Windows, please see the
src/windows/README file. Note that this release might not build
under Windows currently.
Reporting Bugs
--------------
Please report any problems/bugs/comments using the krb5-send-pr
program. The krb5-send-pr program will be installed in the sbin
directory once you have successfully compiled and installed Kerberos
V5 (or if you have installed one of our binary distributions).
If you are not able to use krb5-send-pr because you haven't been able
compile and install Kerberos V5 on any platform, you may send mail to
krb5-bugs@mit.edu.
You may view bug reports by visiting
http://krbdev.mit.edu/rt/
and logging in as "guest" with password "guest".
Major changes in krb5-1.5.3
---------------------------
[5512] Fix MITKRB5-SA-2007-001: telnetd allows login as arbitrary user
[CVE-2007-0956, VU#220816]
[5513] Fix MITKRB5-SA-2007-002: buffer overflow in krb5_klog_syslog
[CVE-2007-0957, VU#704024]
[5520] Fix MITKRB5-SA-2007-003: double-free in kadmind - the RPC
library could perform a double-free due to a GSS-API library
bug [CVE-2007-1216, VU#419344]
krb5-1.5.3 changes by ticket ID
-------------------------------
5512 (krb5-1.5.x) MITKRB5-SA-2007-001: telnetd allows login as
arbitrary user
5513 (krb5-1.5.x) MITKRB5-SA-2007-002: buffer overflow in
krb5_klog_syslog
5520 (krb5-1.5.x) MITKRB5-SA-2007-003: double-free in kadmind
Major changes in krb5-1.5.2
---------------------------
* Fix for MITKRB5-SA-2006-002: the RPC library could call an
uninitialized function pointer, which created a security
vulnerability for kadmind.
* Fix for MITKRB5-SA-2006-003: the GSS-API mechglue layer could fail
to initialize some output pointers, causing callers to attempt to
free uninitialized pointers. This caused a security vulnerability
in kadmind.
Major known bugs in krb5-1.5.2
------------------------------
5293 crash creating db2 database in non-existent directory
Attempting to create a KDB in a non-existent directory using the
Berkeley DB back end may cause a crash resulting from a null pointer
dereference. If a core dump occurs, this may cause a local exposure
of sensitive information such a master key password. This will be
fixed in an upcoming patch release.
krb5-1.5.2 changes by ticket ID
-------------------------------
Listed below are the RT tickets of bugs fixed in krb5-1.5.2. Please see
http://krbdev.mit.edu/rt/NoAuth/krb5-1.5/fixed-1.5.2.html
for a current listing with links to the complete tickets.
3965 Autoconf 2.60 datarootdir issue
4237 windows ccache and keytab file paths without a prefix
4305 windows thread support frees thread local storage after TlsSetValue
4309 wix installer - win2k compatibility for netidmgr
4310 NSIS installer - update for Win2K NetIDMgr
4312 KFW 3.1 Beta 2 NetIDMgr Changes
4354 db2 policy database loading broken
4355 test policy dump/load in make check
4368 kdc: make_toolong_error does not initialize all fields for
krb5_mk_error
4407 final commits for KFW 3.1 Beta 2
4499 Document prerequisites for make check
4500 Initialize buffer before calling res_ninit
5307 fix MITKRB5-SA-2006-002 for 1.5-branch
5308 fix MITKRB5-SA-2006-003 for 1.5-branch
Major changes in 1.5.1
----------------------
The only significant change in krb5-1.5.1 is to fix the security
vulnerabilities described in MITKRB5-SA-2006-001, which are local
privilege escalation vulnerabilities in applications running on Linux
and AIX.
krb5-1.5.1 changes by ticket ID
-------------------------------
Listed below are the RT tickets of bugs fixed in krb5-1.5.1. Please see
http://krbdev.mit.edu/rt/NoAuth/krb5-1.5/fixed-1.5.1.html
for a current listing with links to the complete tickets.
3904 fix uninitialized vars
3956 gssapi compilation errors on Windows
3971 broken configure test for dlopen
3998 Document add_entry in ktutil man page
4012 reverse test for copy_oid_set in lib/gssapi/krb5/indicate_mechs.c
4036 reject configure option for static libraries
4037 respect LDFLAGS in NetBSD build
4063 gss mech glue implementation should validate opaque pointer types
4088 gss_import_name can fail to call gssint_initialize_library()
4125 fix MITKRB5-SA-2006-001: multiple local privilege escalation
vulnerabilities
4137 ksu spuriously fails when exiting shell when ksu-ing to non-root
4168 clean up mkrel patchlevel.h editing etc.
Major changes in 1.5
--------------------
Kerberos 5 Release 1.5 includes many significant changes to the
Kerberos build system, to GSS-API, and to the Kerberos KDC and
administration system. These changes build up infrastructure as part
of our efforts to make Kerberos more extensible and flexible. While
we are confident that these changes will improve Kerberos in the long
run, significant code restructuring may introduce portability problems
or change behavior in ways that break applications. It is always
important to test a new version of critical security software like
Kerberos before deploying it in your environment to confirm that the
new version meets your environment's requirements. Because of the
significant restructuring, it is more important than usual to perform
this testing and to report problems you find.
Highlights of major changes include:
* KDB abstraction layer, donated by Novell.
* plug-in architecture, allowing for extension modules to be loaded at
run-time.
* multi-mechanism GSS-API implementation ("mechglue"), donated by
Sun Microsystems
* Simple and Protected GSS-API negotiation mechanism ("SPNEGO")
implementation, donated by Sun Microsystems
* Per-directory ChangeLog files have been deleted. Releases now
include auto-generated revision history logs in the combined file
doc/CHANGES.
Changes by ticket ID
--------------------
Listed below are the RT tickets of bugs fixed in krb5-1.5. Please see
http://krbdev.mit.edu/rt/NoAuth/krb5-1.5/fixed-1.5.html
for a current listing with links to the complete tickets.
581 verify_krb_v4_tgt is not 64-bit clean
856 patch to add shared library support for BSD/OS 4
1245 source tree not 64-bit clean
1288 v4 ticket file format incompatibilities
1431 fix errno.h references for cygwin
1434 use win32 rename solution in rcache for cygwin
1988 profile library fails to handle space in front of comments
2577 [Russ Allbery] Bug#250966: /usr/sbin/klogind: Authorization
behavior not fully documented
2615 Fwd: Patch for telnet / telnetd to avoid crashes when used
with MS kdc and PAC field
2628 Cygwin build patches
2648 [Russ Allbery] Bug#262192: libkrb53: krb_get_pw_in_tkt
problems with AFS keys
2712 whitespace patch for src/kdc/kerberos_v4.c
2759 fake-getaddrinfo.h incorrectly checks for gethostbyname_r errors
2761 move getaddrinfo hacks into support lib for easier maintenance
2763 file ccache should be held open while scanning for credentials
2786 dead code in init_common() causes malloc(0)
2791 hooks for recording statistics on locking behavior
2807 Add VERSIONRC branding to krb5 support dll
2855 Possible thread safety issue in lib/krb5/os/def_realm.c
2856 Need a function to clone krb5_context structs for thread safe apps
2863 windows klist won't link
2880 fix calling convention for thread support fns
2882 Windows 2003 SP1 ktpass.exe generate keytab files fail to load with 1.4
2886 krb5_do_preauth could attempt to free NULL pointer
2931 implement SPNEGO
2932 implement multi-mech GSSAPI
2933 plug-in architecture
2936 supplementary error strings
2959 profile library should check high-resolution timestamps if available
2979 threaded test program built even with thread support disabled
3008 Incorrect cross-references in man pages
3010 Minor path and service man page fixes
3011 krb5-config should never return -I/usr/include
3013 Man pages for fakeka and krb524init
3014 texinfo variable fixes, info dir entries
3030 Bug report: Kinit has no suport for addresses in
credentials. Kinit -a is not enabled.
3065 Implement RFC 3961 PRF
3086 [Sergio Gelato] Bug#311977: libkrb53: gss_init_sec_context
sometimes fails to initialise output_token
3088 don't always require support library when building with sun cc
3122 fixes for AIX 5.2 select() and IPv4/IPv6 issues
3129 shlib build problems on HP-UX 10.20 with gcc-3.4.3
3233 kuserok needs to check for uid 99 on Mac OS X
3252 Tru64 compilation fails after k5-int.h/krb5.h changes
3266 Include errno.h in kdc/kerberos_v4.c
3268 kprop should fall back on port 754 rather than failing
3269 telnet help should connect to a host named help
3308 kadmin.local is killed due to segmentation fault when
principal name argument is missing.
3332 don't destroy uninitialized rcache mutex in error cases
3358 krb5 doesn't build when pthread_mutexattr_setrobust_np is
defined but not declared
3364 plugins should be thread-safe
3415 Windows 64-bit support
3416 tweak kdb interface for thread safety
3417 move/add thread support to support lib
3423 Add support for utmps interface on HPUX 11.23
3426 trunk builds without thread support are not working
3434 sizeof type should be checked at compile time, not configure time
3438 enhancement: report errno when generic I/O errors happen in kinit
3445 args to ctype.h macros should be cast to unsigned char, not int
3466 ioctl header portability fixes for telnet on GNU/kFreeBSD
3467 Allow GSS_C_NO_OID in krb5_gss_canon_name
3468 udp_preference_limit typo in krb5.conf man page
3490 getpwnam_r status checked incorrectly
3502 Cannot acquire initiator cred using gss_acquire_cred with
explicit name on Windows
3512 updates to NSIS installer for KFW
3521 Add configurable Build value to File and Product versions for Windows
3549 library double-free with an empty keytab
3607 clients/ksu/setenv.c doesn't build on Solaris
3620 use strerror_r
3668 Prototype for krb5_c_prf missing const
3671 shsUpdate should take an unsigned int for length
3675 unsigned/signed int warnings in krb5_context variables.
3687 initialize cc_version to 0 not NULL
3688 Added CoreFoundation bundle plugin support
3689 build kadm5 headers in generate-files-mac target
3690 build rpc includes in generate-files-mac target.
3697 kadmin hangs indefinitely when admin princ has escaped chars
3706 ipv4+ipv6 messages can trip up KDC replay detection
3714 fix incorrect padata memory allocation in send_tgs.c
3716 Plugin search algorithm should take lists of name and directories
3719 fix bug in flag checking in libdb2 mpool code
3724 need to export kadm5_set_use_password_server
3736 Cleanup a number of cast away from const warnings in gssapi
3739 vsnprintf not present on windows
3746 krb5_cc_gen_new memory implementation doesn't create a new ccache
3761 combine kdc.conf, krb5.conf data in KDC programs
3783 install headers into include/krb5
3790 memory leak in GSSAPI credential releasing code
3791 memory leak in gss_krb5_set_allowable_enctypes error path
3825 krb5int_get_plugin_dir_data() uses + instead of * in realloc
3826 memory leaks in krb5kdc due to not freeing error messages
3854 CCAPI krb4int_save_credentials_addr should match prototype
3866 gld --as-needed not portable enough
3879 Update texinfo.tex
3888 ftpd's getline conflicts with current glibc headers
3898 Export gss_inquire_mechs_for_name for KFW
3899 Export krb5_gss_register_acceptor_identity in KFW
3900 update config.guess and config.sub
3902 g_userok.c has implicit declaration of strlen
3903 various kadm5 files need string.h
3905 warning fixes for spnego
3909 Plugins need to use RTLD_GROUP when available, but definitely
not RTLD_GLOBAL
3910 fix parallel builds for libgss
3911 getaddrinfo code uses vars outside of storage duration
3918 fix warnings for lib/gssapi/mechglue/g_initialize.c
3920 cease export of krb5_gss_*
3921 remove unimplemented/unused mechglue functions
3922 mkrel should update patchlevel.h prior to reconf
3923 implement RFC4120 behavior on TCP requests with high bit set in length
3924 the krb5_get_server_rcache routine frees already freed memory
in error path
3925 krb5_get_profile should reflect profile in the supplied context
3927 fix signedness warnings in spnego_mech.c
3928 fix typo in MS_BUG_TEST case in krb5_gss_glue.c
3940 Disable MSLSA: ccache in WOW64 on pre-Vista Beta 2 systems
3942 make gssint_get_mechanism match prototype
3944 write svn log output when building release
3945 mkrel should only generate doc/CHANGES for checkouts
3948 Windows: fix krb5.h generation
3949 fix plugin.c to compile on Windows
3950 autoconf 2.60 compatibility
3951 remove unused dlopen code in lib/gssapi/mechglue/g_initialize.c
3952 fix calling convention for krb5 error-message routines,
document usage of krb5_get_error_message
3953 t_std_conf references private function due to explicit linking
of init_os_ctx.o
3954 remove mechglue gss_config's gssint_userok and pname_to_uid
3957 remove unused lib/gssapi/mechglue/g_utils.c
3959 re-order inclusions in spnego_mech.c to avoid breaking system headers
3962 krb5_get_server_rcache double free
3964 "kdb5_util load" to existing db doesn't work, needed for kpropd
3968 fix memory leak in mechglue/g_init_sec_ctx.c
3970 test kdb5_util dump/load functionality in dejagnu
3972 make gss_unwrap match prototype
3974 work around failure to load into nonexistent db
Known bugs by ticket ID:
------------------------
Listed below are the RT tickets for known bugs in krb5-1.5. Please
see
http://krbdev.mit.edu/rt/NoAuth/krb5-1.5/bugs-1.5.html
for an up-to-date list, including links to the complete tickets.
3947 allow multiple calls to krb5_get_error_message to retrieve message
3956 gssapi compilation errors on Windows
3973 kdb5_util load now fails if db doesn't exist [workaround]
Copyright Notice and Legal Administrivia
----------------------------------------
Copyright (C) 1985-2007 by the Massachusetts Institute of Technology.
All rights reserved.
Export of this software from the United States of America may require
a specific license from the United States Government. It is the
responsibility of any person or organization contemplating export to
obtain such a license before exporting.
WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
distribute this software and its documentation for any purpose and
without fee is hereby granted, provided that the above copyright
notice appear in all copies and that both that copyright notice and
this permission notice appear in supporting documentation, and that
the name of M.I.T. not be used in advertising or publicity pertaining
to distribution of the software without specific, written prior
permission. Furthermore if you modify this software you must label
your software as modified software and not distribute it in such a
fashion that it might be confused with the original MIT software.
M.I.T. makes no representations about the suitability of this software
for any purpose. It is provided "as is" without express or implied
warranty.
THIS SOFTWARE IS PROVIDED ``AS IS|&"&| AND WITHOUT ANY EXPRESS OR
IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
Individual source code files are copyright MIT, Cygnus Support,
OpenVision, Oracle, Sun Soft, FundsXpress, and others.
Project Athena, Athena, Athena MUSE, Discuss, Hesiod, Kerberos, Moira,
and Zephyr are trademarks of the Massachusetts Institute of Technology
(MIT). No commercial use of these trademarks may be made without
prior written permission of MIT.
"Commercial use" means use of a name in a product or other for-profit
manner. It does NOT prevent a commercial firm from referring to the
MIT trademarks in order to convey information (although in doing so,
recognition of their trademark status should be given).
----
Portions contributed by Matt Crawford were
work performed at Fermi National Accelerator Laboratory, which is
operated by Universities Research Association, Inc., under
contract DE-AC02-76CHO3000 with the U.S. Department of Energy.
---- The implementation of the Yarrow pseudo-random number generator
in src/lib/crypto/yarrow has the following copyright:
Copyright 2000 by Zero-Knowledge Systems, Inc.
Permission to use, copy, modify, distribute, and sell this software
and its documentation for any purpose is hereby granted without fee,
provided that the above copyright notice appear in all copies and that
both that copyright notice and this permission notice appear in
supporting documentation, and that the name of Zero-Knowledge Systems,
Inc. not be used in advertising or publicity pertaining to
distribution of the software without specific, written prior
permission. Zero-Knowledge Systems, Inc. makes no representations
about the suitability of this software for any purpose. It is
provided "as is" without express or implied warranty.
ZERO-KNOWLEDGE SYSTEMS, INC. DISCLAIMS ALL WARRANTIES WITH REGARD TO
THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND
FITNESS, IN NO EVENT SHALL ZERO-KNOWLEDGE SYSTEMS, INC. BE LIABLE FOR
ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTUOUS ACTION, ARISING OUT
OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
---- The implementation of the AES encryption algorithm in
src/lib/crypto/aes has the following copyright:
Copyright (c) 2001, Dr Brian Gladman , Worcester, UK.
All rights reserved.
LICENSE TERMS
The free distribution and use of this software in both source and binary
form is allowed (with or without changes) provided that:
1. distributions of this source code include the above copyright
distributions of this source code include the above copyright
2. distributions in binary form include the above copyright
notice, this list of conditions and the following disclaimer
notice, this list of conditions and the following disclaimer
3. the copyright holder's name is not used to endorse products
notice, this list of conditions and the following disclaimer
DISCLAIMER
This software is provided 'as is' with no explcit or implied warranties
in respect of any properties, including, but not limited to, correctness
and fitness for purpose.
--- The implementations of GSSAPI mechglue in GSSAPI-SPNEGO in
src/lib/gssapi, including the following files:
lib/gssapi/generic/gssapi_err_generic.et
lib/gssapi/mechglue/g_accept_sec_context.c
lib/gssapi/mechglue/g_acquire_cred.c
lib/gssapi/mechglue/g_canon_name.c
lib/gssapi/mechglue/g_compare_name.c
lib/gssapi/mechglue/g_context_time.c
lib/gssapi/mechglue/g_delete_sec_context.c
lib/gssapi/mechglue/g_dsp_name.c
lib/gssapi/mechglue/g_dsp_status.c
lib/gssapi/mechglue/g_dup_name.c
lib/gssapi/mechglue/g_exp_sec_context.c
lib/gssapi/mechglue/g_export_name.c
lib/gssapi/mechglue/g_glue.c
lib/gssapi/mechglue/g_imp_name.c
lib/gssapi/mechglue/g_imp_sec_context.c
lib/gssapi/mechglue/g_init_sec_context.c
lib/gssapi/mechglue/g_initialize.c
lib/gssapi/mechglue/g_inq_context.c
lib/gssapi/mechglue/g_inq_cred.c
lib/gssapi/mechglue/g_inq_names.c
lib/gssapi/mechglue/g_process_context.c
lib/gssapi/mechglue/g_rel_buffer.c
lib/gssapi/mechglue/g_rel_cred.c
lib/gssapi/mechglue/g_rel_name.c
lib/gssapi/mechglue/g_rel_oid_set.c
lib/gssapi/mechglue/g_seal.c
lib/gssapi/mechglue/g_sign.c
lib/gssapi/mechglue/g_store_cred.c
lib/gssapi/mechglue/g_unseal.c
lib/gssapi/mechglue/g_verify.c
lib/gssapi/mechglue/mglueP.h
lib/gssapi/mechglue/oid_ops.c
lib/gssapi/spnego/gssapiP_spnego.h
lib/gssapi/spnego/spnego_mech.c
are subject to the following license:
Copyright (c) 2004 Sun Microsystems, Inc.
Permission is hereby granted, free of charge, to any person obtaining a
copy of this software and associated documentation files (the
"Software"), to deal in the Software without restriction, including
without limitation the rights to use, copy, modify, merge, publish,
distribute, sublicense, and/or sell copies of the Software, and to
permit persons to whom the Software is furnished to do so, subject to
the following conditions:
The above copyright notice and this permission notice shall be included
in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Acknowledgments
---------------
Thanks to Russ Allbery for contributing and integrating patches from
Debian and other places.
Thanks to Michael Calmer for contributing patches for code clean-up.
Thanks to Novell for donating the KDB abstraction layer.
Thanks to Sun Microsystems for donating their implementations of
mechglue and SPNEGO.
Thanks to the numerous others who reported bugs and/or contributed
patches.
Thanks to iDefense for notifying us about the vulnerability in
MITKRB5-SA-2007-002.
Thanks to the members of the Kerberos V5 development team at MIT, both
past and present: Danilo Almeida, Jeffrey Altman, Justin Anderson,
Richard Basch, Jay Berkenbilt, Mitch Berger, Andrew Boardman, Joe
Calzaretta, John Carr, Don Davis, Alexandra Ellwood, Nancy Gilman,
Matt Hancher, Sam Hartman, Paul Hill, Marc Horowitz, Eva Jacobus,
Miroslav Jurisic, Barry Jaspan, Geoffrey King, Kevin Koch, John Kohl,
Peter Litwack, Scott McGuire, Kevin Mitchell, Cliff Neuman, Paul Park,
Ezra Peisach, Chris Provenzano, Ken Raeburn, Jon Rochlis, Jeff
Schiller, Jen Selby, Brad Thompson, Harry Tsai, Ted Ts'o, Marshall
Vale, Tom Yu.
| Copyright © 2011 CA. All rights reserved. | このトピックについて CA Technologies に電子メールを送信する |