Partial news for a future Heimdal 8.0 release -- but NOTE WELL that this is NOT a release at this time! Bug fixes - Errors found by the Coverity static analysis. - Errors found by the LLVM scan-build static analyzer. - Errors found by the valgrind memory debugger. - Fix out-of-tree SQLite3 ccache permissions / umask issues. - iprop bugs, race conditions, and performance - Many misc. bugs Features: - KDC: Add FAST support for TGS. - KDC: Greatly improved plugin facility for Samba. - KDC: Add httpkadmind service providing a subset of kadmin functionality over HTTP. - KDC: Add support for virtual service principal namespaces. - KDC: Add support for synthetic client principals that exist if the pre-authentication mechanism (e.g., PKINIT) can authenticate them, thus not requiring an HDB entry. - KDC: Add experimental GSS-API pre-authentication support. - KDC: Revamp and enhance kx509 support (though bx509d mostly replaces kx509). - KDC: Better support for aliases and referrals. - KDC: Always return the salt in the PA-ETYPE-INFO[2]. - KDC: Add warn_ticket_addresses configuration parameter. - KDC: allow anonymous AS requests with long-term keys. - KDC: Do not include PAC for anonymous AS requests. - KDC: Enable keepalive mode on incoming sockets. - KDC: Greatly improved logging. - KDC: Remove KRB5SignedPath, to be replaced with PAC. - PKIX: Add bx509d -- an online certification authority (CA) with an HTTP API. - kadmin: Add HTTP-based kadmin protocol. - kadmin: Add add_alias, del_alias. - kadmin: Add command aliases to man page. - kadmin: Add disallow-client attribute. - kadmin: add --hdb / -H argument. - kadmin: Allow enforcing password quality on admin password change. - kadmin: Improve ext_keytab usage. - kadmin: Selective pruning of historic key for principal. - krb5: Add client_aware_channel_bindings option. - krb5: Add constrained credential delegation option "destination TGT" - krb5: Add "EFILE:" target for logging. - krb5: Add include/includedir directives for krb5.conf. - krb5: Complete DIR ccache collection support. - krb5: Add FILE ccache collection support. - krb5: Improved FILE ccache performance. - krb5: Add KEYRING ccache support. - krb5: Add kx509 client. - krb5: Improve FILE keytab performance. - krb5: Implement KRB5_TRACE environment variable. - krb5: Add experimental name canonicalization rules configuration. - krb5: Support start_realm ccconfig entry type. - kinit: Add --default-for option for ccache collection support. - kinit: Add --pk-anon-fast-armor option. - kinit: Don't leave dangling temporary ccaches. - klist: Better --json - iprop: Many performance and scaling enhancements. - iprop: Support hierarchical propagation. - ASN.1: Document fuzzing process. - ASN.1: Complete template backend. - ASN.1: Add partial Information Object System support (template backend only). This means that open type holes can be decoded recursively with one codec function call. - ASN.1: Add JSON encoder functionality (template backend only). - ASN.1: Greatly enhanced asn1_print(1) command, which can now print a JSON representation of any DER-encoded value of any type exported by ASN.1 modules in Heimdal. - ASN.1: Support circular types. - ASN.1: Topographically sort declarations. - ASN.1: Proper support for IMPLICIT tags. - GSS: Import gss-token(1) command. - GSS: Add advanced credential store / load functionality. - GSS: Add name attributes support, with support for many basic attributes and PAC buffer accessors too. - GSS: Add SANON mechanism for anonymous-only key exchange using elliptic curve Diffie-Hellman (ECDH) with Curve25519. - GSS: Add gss_acquire_cred_from() and credential store extensions. - GSS: Support fragmented tokens reassembly (for SMB). - GSS: Support client keytab. - GSS: Add NegoEx support. - libhx509: Lots of improvements. - hxtool: Add "acert" (assert cert contents) command - hxtool: add cert type: https-negotiate-server - hxtool: add generate-key command - hxtool: Add OID symbol resolution and printing of OIDs known to hxtool. - hxtool: Add print --raw-json option that shows certificates in JSON, with all extensions and attributes known to Heimdal fully decoded. - hxtool: Improved SAN support. - hxtool: Improved CSR support. - Improved plugin interfaces. - hcrypto: Add X25519. - hcrypto: Better RSA key generation. - hcrypto: import libtommath v1.2.0. - roken: Add secure_getenv() and issuid(), use them extensively. Release Notes - Heimdal - Version Heimdal 7.8 Bug fixes - CVE-2022-42898 PAC parse integer overflows - CVE-2022-3437 Overflows and non-constant time leaks in DES{,3} and arcfour - Pass correct length to _gssapi_verify_pad() - Check for overflow in _gsskrb5_get_mech() - Check buffer length against overflow for DES{,3} unwrap - Check the result of _gsskrb5_get_mech() - Avoid undefined behaviour in _gssapi_verify_pad() - Don't pass NULL pointers to memcpy() in DES unwrap - Use constant-time memcmp() in unwrap_des3() - Use constant-time memcmp() for arcfour unwrap - CVE-2021-44758 NULL dereference DoS in SPNEGO acceptors - CVE-2022-44640 Heimdal KDC: invalid free in ASN.1 codec This is a 10.0 on the Common Vulnerability Scoring System (CVSS) v3. Heimdal's ASN.1 compiler generates code that allows specially crafted DER encodings of CHOICEs to invoke the wrong free function on the decoded structure upon decode error. This is known to impact the Heimdal KDC, leading to an invalid free() of an address partly or wholly under the control of the attacker, in turn leading to a potential remote code execution (RCE) vulnerability. This error affects the DER codec for all CHOICE types used in Heimdal, though not all cases will be exploitable. We have not completed a thorough analysis of all the Heimdal components affected, thus the Kerberos client, the X.509 library, and other parts, may be affected as well. This bug has been in Heimdal since 2005. It was first reported by Douglas Bagnall, though it had been found independently by the Heimdal maintainers via fuzzing. While no zero-day exploit is known, such an exploit will likely be available soon after public disclosure. - Errors found by the LLVM scan-build static analyzer. - Errors found by the valgrind memory debugger. - Work around GCC Bug 95189 (memcmp wrongly stripped like strcmp). - Fix Unicode normalization read of 1 bytes past end of array. - Correct ASN.1 OID typo for SHA-384 - Fix a deadlock in in the MEMORY ccache type. - TGS: strip forwardable and proxiable flags if the server is disallowed. - CVE-2019-14870: Validate client attributes in protocol-transition - CVE-2019-14870: Apply forwardable policy in protocol-transition - CVE-2019-14870: Always lookup impersonate client in DB - Incremental HDB propagation improvements - Refactor send_diffs making it progressive - Handle partial writes on non-blocking sockets - Disable Nagle in iprop master and slave - Use async I/O - Don't send I_HAVE in response to AYT - Do not recover log in kadm5_get_principal() - Don't send diffs to slaves with not yet known version - Don't stutter in send_diffs - Optional backwards-compatible anon-pkinit behaviour Release Notes - Heimdal - Version Heimdal 7.7 Bug fixes - PKCS#11 hcrypto back-end . initialize the p11_module_load function list . verify that not only is a mechanism present but that its mechanism info states that it offers the required encryption, decryption or digest services - krb5: . Starting with 7.6, Heimdal permitted requesting authenticated anonymous tickets. However, it did not verify that a KDC in fact returned an anonymous ticket when one was requested. - Cease setting the KDCOption reaquest_anonymous flag when issuing S4UProxy (constrained delegation) TGS requests. . when the Win2K PKINIT compatibility option is set, do not require krbtgt otherName to match when validating KDC certificate. . set PKINIT_BTMM flag per Apple implementation . use memset_s() instead of memset() - kdc: . When generating KRB5SignedPath in the AS, use the reply client name rather than the one from the request, so validation will work correctly in the TGS. . allow checksum of PA-FOR-USER to be HMAC_MD5. Even if tgt used an enctype with a different checksum. Per [MS-SFU] 2.2.1 PA-FOR-USER the checksum is always HMAC_MD5, and that's what Windows and MIT clients send. In heimdal both the client and kdc use instead the checksum of the tgt, and therefore work with each other but Windows and MIT clients fail against heimdal KDC. Both Windows and MIT KDCs would allow any keyed checksum to be used so Heimdal client interoperates with them. Change Heimdal KDC to allow HMAC_MD5 even for non RC4 based tgt in order to support per-spec clients. . use memset_s() instead of memset(). - Detect Heimdal 1.0 through 7.6 clients that issue S4UProxy (constrained delegation) TGS Requests with the request anonymous flag set. These requests will be treated as S4UProxy requests and not anonymous requests. - HDB: . Set SQLite3 backend default page size to 8KB. . Add hdb_set_sync() method - kadmind: . disable HDB sync during database load avoiding unnecessary disk i/o. - ipropd: . disable HDB sync during receive_everything. Doing an fsync per-record when receiving the complete HDB is a performance disaster. Among other things, if the HDB is very large, then one slave receving a full HDB can cause other slaves to timeout and, if HDB write activity is high enough to cause iprop log truncation, then also need full syncs, which leads to a cycle of full syncs for all slaves until HDB write activity drops. Allowing the iprop log to be larger helps, but improving receive_everything() performance helps even more. - kinit: . Anonymous PKINIT tickets discard the realm information used to locate the issuing AS. Store the issuing realm in the credentials cache in order to locate a KDC which can renew them. . Do not leak the result of krb5_cc_get_config() when determining anonymous PKINIT start realm. - klist: . Show transited-policy-checked, ok-as-delegate and anonymous flags when listing credentials. - tests: . Regenerate certs so that they expire before the 2038 armageddon so the test suite will pass on 32-bit operating systems until the underlying issues can be resolved. - Solaris: . Define _STDC_C11_BCI for memset_s prototype - build tooling: . Convert from python 2 to python 3 - documentation . rename verify-password to verify-password-quality . hprop default mode is encrypt . kadmind "all" permission does not include "get-keys" . verify-password-quality might not be stateless Release Notes - Heimdal - Version Heimdal 7.6 Security - CVE-2018-16860 Heimdal KDC: Reject PA-S4U2Self with unkeyed checksum When the Heimdal KDC checks the checksum that is placed on the S4U2Self packet by the server to protect the requested principal against modification, it does not confirm that the checksum algorithm that protects the user name (principal) in the request is keyed. This allows a man-in-the-middle attacker who can intercept the request to the KDC to modify the packet by replacing the user name (principal) in the request with any desired user name (principal) that exists in the KDC and replace the checksum protecting that name with a CRC32 checksum (which requires no prior knowledge to compute). This would allow a S4U2Self ticket requested on behalf of user name (principal) user@EXAMPLE.COM to any service to be changed to a S4U2Self ticket with a user name (principal) of Administrator@EXAMPLE.COM. This ticket would then contain the PAC of the modified user name (principal). - CVE-2019-12098, client-only: RFC8062 Section 7 requires verification of the PA-PKINIT-KX key excahnge when anonymous PKINIT is used. Failure to do so can permit an active attacker to become a man-in-the-middle. Bug fixes - Happy eyeballs: Don't wait for responses from known-unreachable KDCs. - kdc: check return copy_Realm, copy_PrincipalName, copy_EncryptionKey - kinit: . cleanup temporary ccaches . see man page for "kinit --anonymous" command line syntax change - kdc: Make anonymous AS-requests more RFC8062-compliant. - Updated expired test certificates - Solaris: . PKCS#11 hcrypto backend broken since 7.0.1 . Building with Sun Pro C Features - kuser: support authenticated anonymous AS-REQs in kinit - kdc: support for anonymous TGS-REQs - kgetcred support for anonymous service tickets - Support builds with OpenSSL 1.1.1 Release Notes - Heimdal - Version Heimdal 7.5 Security - Fix CVE-2017-17439, which is a remote denial of service vulnerability: In Heimdal 7.1 through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. Bug fixes - Handle long input lines when reloading database dumps. - In pre-forked mode (default on Unix), correctly clear the process ids of exited children, allowing new child processes to replace the old. - Fixed incorrect KDC response when no-cross realm TGT exists, allowing client requests to fail quickly rather than time out after trying to get a correct answer from each KDC. Release Notes - Heimdal - Version Heimdal 7.4 Security - Fix CVE-2017-11103: Orpheus' Lyre KDC-REP service name validation This is a critical vulnerability. In _krb5_extract_ticket() the KDC-REP service name must be obtained from encrypted version stored in 'enc_part' instead of the unencrypted version stored in 'ticket'. Use of the unecrypted version provides an opportunity for successful server impersonation and other attacks. Identified by Jeffrey Altman, Viktor Duchovni and Nico Williams. See https://www.orpheus-lyre.info/ for more details. Release Notes - Heimdal - Version Heimdal 7.3 Security - Fix transit path validation. Commit f469fc6 (2010-10-02) inadvertently caused the previous hop realm to not be added to the transit path of issued tickets. This may, in some cases, enable bypass of capath policy in Heimdal versions 1.5 through 7.2. Note, this may break sites that rely on the bug. With the bug some incomplete [capaths] worked, that should not have. These may now break authentication in some cross-realm configurations. (CVE-2017-6594) Release Notes - Heimdal - Version Heimdal 7.2 Bug fixes - Portability improvements - More strict parsing of encoded URI components in HTTP KDC - Fixed memory leak in malloc error recovery in NTLM GSSAPI mechanism - Avoid overly specific CPU info in krb5-config in aid of reproducible builds - Don't do AFS string-to-key tests when feature is disabled - Skip mdb_stat test when the command is not available - Windows: update SHA2 timestamp server - hdb: add missing export hdb_generate_key_set_password_with_ks_tuple - Fix signature of hdb_generate_key_set_password() - Windows: enable KX509 support in the KDC - kdc: fix kx509 service principal match - iprop: handle case where master sends nothing new - ipropd-slave: fix incorrect error codes - Allow choice of sqlite for HDB pref - check-iprop: don't fail to kill daemons - roken: pidfile -> rk_pidfile - kdc: _kdc_do_kx509 fix use after free error - Do not detect x32 as 64-bit platform. - No sys/ttydefaults.h on CYGWIN - Fix check-iprop races - roken_detach_prep() close pipe Release Notes - Heimdal - Version Heimdal 7.1 Security - kx509 realm-chopping security bug - non-authorization of alias additions/removals in kadmind (CVE-2016-2400) Feature - iprop has been revamped to fix a number of race conditions that could lead to inconsistent replication - Hierarchical capath support - AES Encryption with HMAC-SHA2 for Kerberos 5 draft-ietf-kitten-aes-cts-hmac-sha2-11 - hcrypto is now thread safe on all platforms - libhcrypto has new backends: CNG (Windows), PKCS#11 (mainly for Solaris), and OpenSSL. OpenSSL is now a first-class libhcrypto backend. OpenSSL 1.0.x and 1.1 are both supported. AES-NI used when supported by backend - HDB now supports LMDB - Thread support on Windows - RFC 6113 Generalized Framework for Kerberos Pre-Authentication (FAST) - New GSS APIs: . gss_localname - Allow setting what encryption types a principal should have with [kadmin] default_key_rules, see krb5.conf manpage for more info - Unify libhcrypto with LTC (libtomcrypto) - asn1_compile 64-bit INTEGER functionality - HDB key history support including --keepold kadmin password option - Improved cross-realm key rollover safety - New krb5_kuserok() and krb5_aname_to_localname() plug-in interfaces - Improved MIT compatibility . kadm5 API . Migration from MIT KDB via "mitdb" HDB backend . Capable of writing the HDB in MIT dump format - Improved Active Directory interoperability . Enctype selection issues for PAC and other authz-data signatures . Cross realm key rollover (kvno 0) - New [kdc] enctype negotiation configuration: . tgt-use-strongest-session-key . svc-use-strongest-session-key . preauth-use-strongest-session-key . use-strongest-server-key - The KDC process now uses a multi-process model improving resiliency and performance - Allow batch-mode kinit with password file - SIGINFO support added to kinit cmd - New kx509 configuration options: . kx509_ca . kca_service . kx509_include_pkinit_san . kx509_template - Improved Heimdal library/plugin version safety - Name canonicalization . DNS resolver searchlist . Improved referral support . Support host:port host-based services - Pluggable libheimbase interface for DBs - Improve IPv6 Support - LDAP . Bind DN and password . Start TLS - klist --json - DIR credential cache type - Updated upstream SQLite and libedit - Removed legacy applications: ftp, kx, login, popper, push, rcp, rsh, telnet, xnlock - Completely remove RAND_egd support - Moved kadmin and ktutil to /usr/bin - Stricter fcache checks (see fcache_strict_checking krb5.conf setting) . use O_NOFOLLOW . don't follow symlinks . require cache files to be owned by the user . require sensible permissions (not group/other readable) - Implemented gss_store_cred() - Many more Bug fixes - iprop has been revamped to fix a number of race conditions that could lead to data loss - Include non-loopback addresses assigned to loopback interfaces when requesting tickets with addresses - KDC 1DES session key selection (for AFS rxkad-k5 compatibility) - Keytab file descriptor and lock leak - Credential cache corruption bugs (NOTE: The FILE ccache is still not entirely safe due to the fundamentally unsafe design of POSIX file locking) - gss_pseudo_random() interop bug - Plugins are now preferentially loaded from the run-time install tree - Reauthentication after password change in init_creds_password - Memory leak in the client kadmin library - TGS client requests renewable/forwardable/proxiable when possible - Locking issues in DB1 and DB3 HDB backends - Master HDB can remain locked while waiting for network I/O - Renewal/refresh logic when kinit is provided with a command - KDC handling of enterprise principals - Use correct bit for anon-pkinit - Many more Acknowledgements This release of Heimdal includes contributions from: Abhinav Upadhyay Heath Kehoe Nico Williams Andreas Schneider Henry Jacques Patrik Lundin Andrew Bartlett Howard Chu Philip Boulain Andrew Tridgell Igor Sobrado Ragnar Sundblad Antoine Jacoutot Ingo Schwarze Remi Ferrand Arran Cudbard-Bell Jakub Čajka Rod Widdowson Arvid Requate James Le Cuirot Rok Papež Asanka Herath James Lee Roland C. Dowdeswell Ben Kaduk Jeffrey Altman Ross L Richardson Benjamin Kaduk Jeffrey Clark Russ Allbery Bernard Spil Jeffrey Hutzelman Samuel Cabrero Brian May Jelmer Vernooij Samuel Thibault Chas Williams Ken Dreyer Santosh Kumar Pradhan Chaskiel Grundman Kiran S J Sean Davis Dana Koch Kumar Thangavelu Sergio Gelato Daniel Schepler Landon Fuller Simon Wilkinson David Mulder Linus Nordberg Stef Walter Douglas Bagnall Love Hörnquist Åstrand Stefan Metzmacher Ed Maste Luke Howard Steffen Jaeckel Eray Aslan Magnus Ahltorp Timothy Pearson Florian Best Marc Balmer Tollef Fog Heen Fredrik Pettai Marcin Cieślak Tony Acero Greg Hudson Marco Molteni Uri Simchoni Gustavo Zacarias Matthieu Hautreux Viktor Dukhovni Günther Deschner Michael Meffie Volker Lendecke Harald Barth Moritz Lenz Release Notes - Heimdal - Version Heimdal 1.5.3 Bug fixes - Fix leaking file descriptors in KDC - Better socket/timeout handling in libkrb5 - General bug fixes - Build fixes Release Notes - Heimdal - Version Heimdal 1.5.2 Security fixes - CVE-2011-4862 Buffer overflow in libtelnet/encrypt.c in telnetd - escalation of privilege - Check that key types strictly match - denial of service Release Notes - Heimdal - Version Heimdal 1.5.1 Bug fixes - Fix building on Solaris, requires c99 - Fix building on Windows - Build system updates Release Notes - Heimdal - Version Heimdal 1.5 New features - Support GSS name extensions/attributes - SHA512 support - No Kerberos 4 support - Basic support for MIT Admin protocol (SECGSS flavor) in kadmind (extract keytab) - Replace editline with libedit Release Notes - Heimdal - Version Heimdal 1.4 New features - Support for reading MIT database file directly - KCM is polished up and now used in production - NTLM first class citizen, credentials stored in KCM - Table driven ASN.1 compiler, smaller!, not enabled by default - Native Windows client support Notes - Disabled write support NDBM hdb backend (read still in there) since it can't handle large records, please migrate to a diffrent backend (like BDB4) Release Notes - Heimdal - Version Heimdal 1.3.3 Bug fixes - Check the GSS-API checksum exists before trying to use it [CVE-2010-1321] - Check NULL pointers before dereference them [kdc] Release Notes - Heimdal - Version Heimdal 1.3.2 Bug fixes - Don't mix length when clearing hmac (could memset too much) - More paranoid underrun checking when decrypting packets - Check the password change requests and refuse to answer empty packets - Build on OpenSolaris - Renumber AD-SIGNED-TICKET since it was stolen from US - Don't cache /dev/*random file descriptor, it doesn't get unloaded - Make C++ safe - Misc warnings Release Notes - Heimdal - Version Heimdal 1.3.1 Bug fixes - Store KDC offset in credentials - Many many more bug fixes Release Notes - Heimdal - Version Heimdal 1.3.1 New features - Make work with OpenLDAPs krb5 overlay Release Notes - Heimdal - Version Heimdal 1.3 New features - Partial support for MIT kadmind rpc protocol in kadmind - Better support for finding keytab entries when using SPN aliases in the KDC - Support BER in ASN.1 library (needed for CMS) - Support decryption in Keychain private keys - Support for new sqlite based credential cache - Try both KDC referals and the common DNS reverse lookup in GSS-API - Fix the KCM to not leak resources on failure - Add IPv6 support to iprop - Support localization of error strings in kinit/klist/kdestroy and Kerberos library - Remove Kerberos 4 support in application (still in KDC) - Deprecate DES - Support i18n password in windows domains (using UTF-8) - More complete API emulation of OpenSSL in hcrypto - Support for ECDSA and ECDH when linking with OpenSSL API changes - Support for settin friendly name on credential caches - Move to using doxygen to generate documentation. - Sprinkling __attribute__((__deprecated__)) for old function to be removed - Support to export LAST-REQUST information in AS-REQ - Support for client deferrals in in AS-REQ - Add seek support for krb5_storage. - Support for split AS-REQ, first step for IA-KERB - Fix many memory leaks and bugs - Improved regression test - Support krb5_cccol - Switch to krb5_set_error_message - Support krb5_crypto_*_iov - Switch to use EVP for most function - Use SOCK_CLOEXEC and O_CLOEXEC (close on exec) - Add support for GSS_C_DELEG_POLICY_FLAG - Add krb5_cc_[gs]et_config to store data in the credential caches - PTY testing application Bugfixes - Make building on AIX6 possible. - Bugfixes in LDAP KDC code to make it more stable - Make ipropd-slave reconnect when master down gown Release Notes - Heimdal - Version Heimdal 1.2.1 * Bug [HEIMDAL-147] - Heimdal 1.2 not compiling on Solaris [HEIMDAL-151] - Make canned tests work again after cert expired [HEIMDAL-152] - iprop test: use full hostname to avoid realm resolving errors [HEIMDAL-153] - ftp: Use the correct length for unmap, msync Release Notes - Heimdal - Version Heimdal 1.2 * Bug [HEIMDAL-10] - Follow-up on bug report for SEGFAULT in gss_display_name/gss_export_name when using SPNEGO [HEIMDAL-15] - Re: [Heimdal-bugs] potential bug in Heimdal 1.1 [HEIMDAL-17] - Remove support for depricated [libdefaults]capath [HEIMDAL-52] - hdb overwrite aliases for db databases [HEIMDAL-54] - Two issues which affect credentials delegation [HEIMDAL-58] - sockbuf.c calls setsockopt with bad args [HEIMDAL-62] - Fix printing of sig_atomic_t [HEIMDAL-87] - heimdal 1.1 not building under cygwin in hcrypto [HEIMDAL-105] - rcp: sync rcp with upstream bsd rcp codebase [HEIMDAL-117] - Use libtool to detect symbol versioning (Debian Bug#453241) * Improvement [HEIMDAL-67] - Fix locking and store credential in atomic writes in the FILE credential cache [HEIMDAL-106] - make compile on cygwin again [HEIMDAL-107] - Replace old random key generation in des module and use it with RAND_ function instead [HEIMDAL-115] - Better documentation and compatibility in hcrypto in regards to OpenSSL * New Feature [HEIMDAL-3] - pkinit alg agility PRF test vectors [HEIMDAL-14] - Add libwind to Heimdal [HEIMDAL-16] - Use libwind in hx509 [HEIMDAL-55] - Add flag to krb5 to not add GSS-API INT|CONF to the negotiation [HEIMDAL-74] - Add support to report extended error message back in AS-REQ to support windows clients [HEIMDAL-116] - test pty based application (using rkpty) [HEIMDAL-120] - Use new OpenLDAP API (older deprecated) * Task [HEIMDAL-63] - Dont try key usage KRB5_KU_AP_REQ_AUTH for TGS-REQ. This drop compatibility with pre 0.3d KDCs. [HEIMDAL-64] - kcm: first implementation of kcm-move-cache [HEIMDAL-65] - Failed to compile with --disable-pk-init [HEIMDAL-80] - verify that [VU#162289]: gcc silently discards some wraparound checks doesn't apply to Heimdal Changes in release 1.1 * Read-only PKCS11 provider built-in to hx509. * Documentation for hx509, hcrypto and ntlm libraries improved. * Better compatibilty with Windows 2008 Server pre-releases and Vista. * Mac OS X 10.5 support for native credential cache. * Provide pkg-config file for Heimdal (heimdal-gssapi.pc). * Bug fixes. Changes in release 1.0.2 * Ubuntu packages. * Bug fixes. Changes in release 1.0.1 * Serveral bug fixes to iprop. * Make work on platforms without dlopen. * Add RFC3526 modp group14 as default. * Handle [kdc] database = { } entries without realm = stanzas. * Make krb5_get_renewed_creds work. * Make kaserver preauth work again. * Bug fixes. Changes in release 1.0 * Add gss_pseudo_random() for mechglue and krb5. * Make session key for the krbtgt be selected by the best encryption type of the client. * Better interoperability with other PK-INIT implementations. * Inital support for Mac OS X Keychain for hx509. * Alias support for inital ticket requests. * Add symbol versioning to selected libraries on platforms that uses GNU link editor: gssapi, hcrypto, heimntlm, hx509, krb5, and libkdc. * New version of imath included in hcrypto. * Fix memory leaks. * Bugs fixes. Changes in release 0.8.1 * Make ASN.1 library less paranoid to with regard to NUL in string to make it inter-operate with MIT Kerberos again. * Make GSS-API library work again when using gss_acquire_cred * Add symbol versioning to libgssapi when using GNU ld. * Fix memory leaks * Bugs fixes Changes in release 0.8 * PK-INIT support. * HDB extensions support, used by PK-INIT. * New ASN.1 compiler. * GSS-API mechglue from FreeBSD. * Updated SPNEGO to support RFC4178. * Support for Cryptosystem Negotiation Extension (RFC 4537). * A new X.509 library (hx509) and related crypto functions. * A new ntlm library (heimntlm) and related crypto functions. * Updated the built-in crypto library with bignum support using imath, support for RSA and DH and renamed it to libhcrypto. * Subsystem in the KDC, digest, that will perform the digest operation in the KDC, currently supports: CHAP, MS-CHAP-V2, SASL DIGEST-MD5 NTLMv1 and NTLMv2. * KDC will return the "response too big" error to force TCP retries for large (default 1400 bytes) UDP replies. This is common for PK-INIT requests. * Libkafs defaults to use 2b tokens. * Default to use the API cache on Mac OS X. * krb5_kuserok() also checks ~/.k5login.d directory for acl files, see manpage for krb5_kuserok for description. * Many, many, other updates to code and info manual and manual pages. * Bug fixes Changes in release 0.7.2 * Fix security problem in rshd that enable an attacker to overwrite and change ownership of any file that root could write. * Fix a DOS in telnetd. The attacker could force the server to crash in a NULL de-reference before the user logged in, resulting in inetd turning telnetd off because it forked too fast. * Make gss_acquire_cred(GSS_C_ACCEPT) check that the requested name exists in the keytab before returning success. This allows servers to check if its even possible to use GSSAPI. * Fix receiving end of token delegation for GSS-API. It still wrongly uses subkey for sending for compatibility reasons, this will change in 0.8. * telnetd, login and rshd are now more verbose in logging failed and successful logins. * Bug fixes Changes in release 0.7.1 * Bug fixes Changes in release 0.7 * Support for KCM, a process based credential cache * Support CCAPI credential cache * SPNEGO support * AES (and the gssapi conterpart, CFX) support * Adding new and improve old documentation * Bug fixes Changes in release 0.6.6 * Fix security problem in rshd that enable an attacker to overwrite and change ownership of any file that root could write. * Fix a DOS in telnetd. The attacker could force the server to crash in a NULL de-reference before the user logged in, resulting in inetd turning telnetd off because it forked too fast. Changes in release 0.6.5 * fix vulnerabilities in telnetd * unbreak Kerberos 4 and kaserver Changes in release 0.6.4 * fix vulnerabilities in telnet * rshd: encryption without a separate error socket should now work * telnet now uses appdefaults for the encrypt and forward/forwardable settings * bug fixes Changes in release 0.6.3 * fix vulnerabilities in ftpd * support for linux AFS /proc "syscalls" * support for RFC3244 (Windows 2000 Kerberos Change/Set Password) in kpasswdd * fix possible KDC denial of service * bug fixes Changes in release 0.6.2 * Fix possible buffer overrun in v4 kadmin (which now defaults to off) Changes in release 0.6.1 * Fixed ARCFOUR suppport * Cross realm vulnerability * kdc: fix denial of service attack * kdc: stop clients from renewing tickets into the future * bug fixes Changes in release 0.6 * The DES3 GSS-API mechanism has been changed to inter-operate with other GSSAPI implementations. See man page for gssapi(3) how to turn on generation of correct MIC messages. Next major release of heimdal will generate correct MIC by default. * More complete GSS-API support * Better AFS support: kdc (524) supports 2b; 524 in kdc and AFS support in applications no longer requires Kerberos 4 libs * Kerberos 4 support in kdc defaults to turned off (includes ka and 524) * other bug fixes Changes in release 0.5.2 * kdc: add option for disabling v4 cross-realm (defaults to off) * bug fixes Changes in release 0.5.1 * kadmind: fix remote exploit * kadmind: add option to disable kerberos 4 * kdc: make sure kaserver token life is positive * telnet: use the session key if there is no subkey * fix EPSV parsing in ftp * other bug fixes Changes in release 0.5 * add --detach option to kdc * allow setting forward and forwardable option in telnet from .telnetrc, with override from command line * accept addresses with or without ports in krb5_rd_cred * make it work with modern openssl * use our own string2key function even with openssl (that handles weak keys incorrectly) * more system-specific requirements in login * do not use getlogin() to determine root in su * telnet: abort if telnetd does not support encryption * update autoconf to 2.53 * update config.guess, config.sub * other bug fixes Changes in release 0.4e * improve libcrypto and database autoconf tests * do not care about salting of server principals when serving v4 requests * some improvements to gssapi library * test for existing compile_et/libcom_err * portability fixes * bug fixes Changes in release 0.4d * fix some problems when using libcrypto from openssl * handle /dev/ptmx `unix98' ptys on Linux * add some forgotten man pages * rsh: clean-up and add man page * fix -A and -a in builtin-ls in tpd * fix building problem on Irix * make `ktutil get' more efficient * bug fixes Changes in release 0.4c * fix buffer overrun in telnetd * repair some of the v4 fallback code in kinit * add more shared library dependencies * simplify and fix hprop handling of v4 databases * fix some building problems (osf's sia and osfc2 login) * bug fixes Changes in release 0.4b * update the shared library version numbers correctly Changes in release 0.4a * corrected key used for checksum in mk_safe, unfortunately this makes it backwards incompatible * update to autoconf 2.50, libtool 1.4 * re-write dns/config lookups (krb5_krbhst API) * make order of using subkeys consistent * add man page links * add more man pages * remove rfc2052 support, now only rfc2782 is supported * always build with kaserver protocol support in the KDC (assuming KRB4 is enabled) and support for reading kaserver databases in hprop Changes in release 0.3f * change default keytab to ANY:FILE:/etc/krb5.keytab,krb4:/etc/srvtab, the new keytab type that tries both of these in order (SRVTAB is also an alias for krb4:) * improve error reporting and error handling (error messages should be more detailed and more useful) * improve building with openssl * add kadmin -K, rcp -F * fix two incorrect weak DES keys * fix building of kaserver compat in KDC * the API is closer to what MIT krb5 is using * more compatible with windows 2000 * removed some memory leaks * bug fixes Changes in release 0.3e * rcp program included * fix buffer overrun in ftpd * handle omitted sequence numbers as zeroes to handle MIT krb5 that cannot generate zero sequence numbers * handle v4 /.k files better * configure/portability fixes * fixes in parsing of options to kadmin (sub-)commands * handle errors in kadmin load better * bug fixes Changes in release 0.3d * add krb5-config * fix a bug in 3des gss-api mechanism, making it compatible with the specification and the MIT implementation * make telnetd only allow a specific list of environment variables to stop it from setting `sensitive' variables * try to use an existing libdes * lib/krb5, kdc: use correct usage type for ap-req messages. This should improve compatability with MIT krb5 when using 3DES encryption types * kdc: fix memory allocation problem * update config.guess and config.sub * lib/roken: more stuff implemented * bug fixes and portability enhancements Changes in release 0.3c * lib/krb5: memory caches now support the resolve operation * appl/login: set PATH to some sane default * kadmind: handle several realms * bug fixes (including memory leaks) Changes in release 0.3b * kdc: prefer default-salted keys on v5 requests * kdc: lowercase hostnames in v4 mode * hprop: handle more types of MIT salts * lib/krb5: fix memory leak * bug fixes Changes in release 0.3a: * implement arcfour-hmac-md5 to interoperate with W2K * modularise the handling of the master key, and allow for other encryption types. This makes it easier to import a database from some other source without having to re-encrypt all keys. * allow for better control over which encryption types are created * make kinit fallback to v4 if given a v4 KDC * make klist work better with v4 and v5, and add some more MIT compatibility options * make the kdc listen on the krb524 (4444) port for compatibility with MIT krb5 clients * implement more DCE/DFS support, enabled with --enable-dce, see lib/kdfs and appl/dceutils * make the sequence numbers work correctly * bug fixes Changes in release 0.2t: * bug fixes Changes in release 0.2s: * add OpenLDAP support in hdb * login will get v4 tickets when it receives forwarded tickets * xnlock supports both v5 and v4 * repair source routing for telnet * fix building problems with krb4 (krb_mk_req) * bug fixes Changes in release 0.2r: * fix realloc memory corruption bug in kdc * `add --key' and `cpw --key' in kadmin * klist supports listing v4 tickets * update config.guess and config.sub * make v4 -> v5 principal name conversion more robust * support for anonymous tickets * new man-pages * telnetd: do not negotiate KERBEROS5 authentication if there's no keytab. * use and set expiration and not password expiration when dumping to/from ka server databases / krb4 databases * make the code happier with 64-bit time_t * follow RFC2782 and by default do not look for non-underscore SRV names Changes in release 0.2q: * bug fix in tcp-handling in kdc * bug fix in expand_hostname Changes in release 0.2p: * bug fix in `kadmin load/merge' * bug fix in krb5_parse_address Changes in release 0.2o: * gss_{import,export}_sec_context added to libgssapi * new option --addresses to kdc (for listening on an explicit set of addresses) * bug fixes in the krb4 and kaserver emulation part of the kdc * other bug fixes Changes in release 0.2n: * more robust parsing of dump files in kadmin * changed default timestamp format for log messages to extended ISO 8601 format (Y-M-DTH:M:S) * changed md4/md5/sha1 APIes to be de-facto `standard' * always make hostname into lower-case before creating principal * small bits of more MIT-compatability * bug fixes Changes in release 0.2m: * handle glibc's getaddrinfo() that returns several ai_canonname * new endian test * man pages fixes Changes in release 0.2l: * bug fixes Changes in release 0.2k: * better IPv6 test * make struct sockaddr_storage in roken work better on alphas * some missing [hn]to[hn]s fixed. * allow users to change their own passwords with kadmin (with initial tickets) * fix stupid bug in parsing KDC specification * add `ktutil change' and `ktutil purge' Changes in release 0.2j: * builds on Irix * ftpd works in passive mode * should build on cygwin * work around broken IPv6-code on OpenBSD 2.6, also add configure option --disable-ipv6 Changes in release 0.2i: * use getaddrinfo in the missing places. * fix SRV lookup for admin server * use get{addr,name}info everywhere. and implement it in terms of getipnodeby{name,addr} (which uses gethostbyname{,2} and gethostbyaddr) Changes in release 0.2h: * fix typo in kx (now compiles) Changes in release 0.2g: * lots of bug fixes: * push works * repair appl/test programs * sockaddr_storage works on solaris (alignment issues) * works better with non-roken getaddrinfo * rsh works * some non standard C constructs removed Changes in release 0.2f: * support SRV records for kpasswd * look for both _kerberos and krb5-realm when doing host -> realm mapping Changes in release 0.2e: * changed copyright notices to remove `advertising'-clause. * get{addr,name}info added to roken and used in the other code (this makes things work much better with hosts with both v4 and v6 addresses, among other things) * do pre-auth for both password and key-based get_in_tkt * support for having several databases * new command `del_enctype' in kadmin * strptime (and new strftime) add to roken * more paranoia about finding libdb * bug fixes Changes in release 0.2d: * new configuration option [libdefaults]default_etypes_des * internal ls in ftpd builds without KRB4 * kx/rsh/push/pop_debug tries v5 and v4 consistenly * build bug fixes * other bug fixes Changes in release 0.2c: * bug fixes (see ChangeLog's for details) Changes in release 0.2b: * bug fixes * actually bump shared library versions Changes in release 0.2a: * a new program verify_krb5_conf for checking your /etc/krb5.conf * add 3DES keys when changing password * support null keys in database * support multiple local realms * implement a keytab backend for AFS KeyFile's * implement a keytab backend for v4 srvtabs * implement `ktutil copy' * support password quality control in v4 kadmind * improvements in v4 compat kadmind * handle the case of having the correct cred in the ccache but with the wrong encryption type better * v6-ify the remaining programs. * internal ls in ftpd * rename strcpy_truncate/strcat_truncate to strlcpy/strlcat * add `ank --random-password' and `cpw --random-password' in kadmin * some programs and documentation for trying to talk to a W2K KDC * bug fixes Changes in release 0.1m: * support for getting default from krb5.conf for kinit/kf/rsh/telnet. From Miroslav Ruda * v6-ify hprop and hpropd * support numeric addresses in krb5_mk_req * shadow support in login and su. From Miroslav Ruda * make rsh/rshd IPv6-aware * make the gssapi sample applications better at reporting errors * lots of bug fixes * handle systems with v6-aware libc and non-v6 kernels (like Linux with glibc 2.1) better * hide failure of ERPT in ftp * lots of bug fixes Changes in release 0.1l: * make ftp and ftpd IPv6-aware * add inet_pton to roken * more IPv6-awareness * make mini_inetd v6 aware Changes in release 0.1k: * bump shared libraries versions * add roken version of inet_ntop * merge more changes to rshd Changes in release 0.1j: * restore back to the `old' 3DES code. This was supposed to be done in 0.1h and 0.1i but I did a CVS screw-up. * make telnetd handle v6 connections Changes in release 0.1i: * start using `struct sockaddr_storage' which simplifies the code (with a fallback definition if it's not defined) * bug fixes (including in hprop and kf) * don't use mawk which seems to mishandle roken.awk * get_addrs should be able to handle v6 addresses on Linux (with the required patch to the Linux kernel -- ask within) * rshd builds with shadow passwords Changes in release 0.1h: * kf: new program for forwarding credentials * portability fixes * make forwarding credentials work with MIT code * better conversion of ka database * add etc/services.append * correct `modified by' from kpasswdd * lots of bug fixes Changes in release 0.1g: * kgetcred: new program for explicitly obtaining tickets * configure fixes * krb5-aware kx * bug fixes Changes in release 0.1f; * experimental support for v4 kadmin protokoll in kadmind * bug fixes Changes in release 0.1e: * try to handle old DCE and MIT kdcs * support for older versions of credential cache files and keytabs * postdated tickets work * support for password quality checks in kpasswdd * new flag --enable-kaserver for kdc * renew fixes * prototype su program * updated (some) manpages * support for KDC resource records * should build with --without-krb4 * bug fixes Changes in release 0.1d: * Support building with DB2 (uses 1.85-compat API) * Support krb5-realm.DOMAIN in DNS * new `ktutil srvcreate' * v4/kafs support in klist/kdestroy * bug fixes Changes in release 0.1c: * fix ASN.1 encoding of signed integers * somewhat working `ktutil get' * some documentation updates * update to Autoconf 2.13 and Automake 1.4 * the usual bug fixes Changes in release 0.1b: * some old -> new crypto conversion utils * bug fixes Changes in release 0.1a: * new crypto code * more bug fixes * make sure we ask for DES keys in gssapi * support signed ints in ASN1 * IPv6-bug fixes Changes in release 0.0u: * lots of bug fixes Changes in release 0.0t: * more robust parsing of krb5.conf * include net{read,write} in lib/roken * bug fixes Changes in release 0.0s: * kludges for parsing options to rsh * more robust parsing of krb5.conf * removed some arbitrary limits * bug fixes Changes in release 0.0r: * default options for some programs * bug fixes Changes in release 0.0q: * support for building shared libraries with libtool * bug fixes Changes in release 0.0p: * keytab moved to /etc/krb5.keytab * avoid false detection of IPv6 on Linux * Lots of more functionality in the gssapi-library * hprop can now read ka-server databases * bug fixes Changes in release 0.0o: * FTP with GSSAPI support. * Bug fixes. Changes in release 0.0n: * Incremental database propagation. * Somewhat improved kadmin ui; the stuff in admin is now removed. * Some support for using enctypes instead of keytypes. * Lots of other improvement and bug fixes, see ChangeLog for details.