1 Changes in release 1.0.5:
3 * Remember to update version string.
7 * multiple local realm fix in krb_verify_user
9 Changes in release 1.0.4:
11 * Only allow a small list of environment variables in telnetd
13 * Fix one buffer overflow in libkrb
15 * Make su handle multiple local realms
17 * Build pic-ed archives (to be used with the pam module)
19 * do not handle environment variables, use krb.extra instead
21 * Disable KRBCONFDIR environment variable for root
23 * fix shared libraries building on solaris
25 Changes in release 1.0.3:
27 * Handle DoS attacks in the KDC and the admin server better.
29 * updated config.guess and config.sub
31 * better db/gdbm discovery
35 Changes in release 1.0.2:
37 * Fix syslog(LOG_FOO, bug) calls in kauthd, kipd
39 * Fix bug with systems have a 64bit `time_t'
41 * Port to Solaris 8 (aka SunOS 5.8), HP-UX 11
43 * Add AIX fix for shared libraries
45 * Make afslog work with Arla
47 * Be more paranoid about setuid for the sake of Linux 2.2.15
49 * Make rshd afslog to the cell of the home directory
53 * syslog with correct level in popper
55 * install libraries correctly in lib/sl
57 * more paranoia when overwriting and removing ticket files
59 Changes in release 1.0.1:
61 * Fix bug in ftpd when accepting connections
63 * Make `-d' in kauth not imply `-a'
65 * Adapt sia to new TKT_ROOT
67 * Define `sockaddr_storage' in a fashion that works on
68 alignment-restricted architectures
70 * Rewrite PAM module to work better.
72 * Make all files in libdes build with CFLAGS
74 Changes in release 1.0:
76 * A new configuration option `nat_in_use' in krb.extra to ease use
77 through Network Address Translators.
79 * Support configuration value of KEYFILE and TKT_ROOT in krb.extra
81 * Easier building on some platforms
83 * built-in ls in ftpd.
87 Changes in release 0.10:
89 * Some support for Irix 6.5 capabilities
91 * Improved kadmin interface; you can get more info via kadmin.
93 * Some improved support for OSF C2.
95 * General bug-fixes and improvements, including a large number of
96 potential buffer overrun fixes. A large number of portability
99 * Support for multiple local realms.
101 * Support batch kadmin operation.
103 * Heimdal support in push.
105 * Removed `--with-shared' configure option (use `--enable-shared'.)
107 * Now uses Autoconf 2.13.
109 Changes in release 0.9.9:
111 * New configuration file /etc/krb.extra
113 * New program `push' for popping mail.
115 * Add (still little tested) support for maildir spool files in popper.
117 * Added `delete' to ksrvutil.
119 * Support the strange X11 sockets used on HP-UX and some versions of
122 * Arla compatibility in libkafs.
124 * More compatibility with the Solaris version of libkrb.
126 * New configure option `--with-mips-abi'
128 * Support `/etc/securetty' in login.
130 * Bug fixes and improvements to the Win32 telnet.
132 * Add support for installing with DESTDIR
134 * SIA module with added support for password changing, and
137 * Add better support for MIT `compile_et' and `mk_cmds', this should
138 make it easier to build things like `zephyr'.
141 - Krb: fixed dangling references to flock in libkrb
142 - FTP: fixed `logwtmp' name conflict
143 - Telnet: fix a few literal IP-number bugs
144 - Telnet: hopefully fixed stair-stepping bug
145 - Kafs: don't store expired tokens in the kernel
146 - Kafs: fix broken installation of afslib.so in AIX
148 Changes in release 0.9.8:
150 * several bug fixes; some which deserve mentioning:
151 - fix non-working `kauth -h'
152 - the sia-module should work again
153 - don't leave tickets in popper
155 Changes in release 0.9.7:
157 * new configure option --disable-otp
159 * new configure option --with-afsws
161 * includes rxkad implementation
163 * ftp client is more careful with suspicious filenames (|, .., /)
165 * fixed setuid-vulnerability of rcp, rlogin, and rsh.
167 * removed use of tgetent from telnetd (thereby eliminating buffer-overflow)
169 * new commands in ftp and ftpd: kdestroy, krbtkfile, and afslog.
171 * implement HTTP transport in libkrb and KDC.
173 * win32 terminal program much improved. also implemented ticket
176 * introduce `-i' option to kerberos server for listening only on one
179 * updated otp applications and man pages.
181 * merged in libdes 4.01
183 * popper is more resilient to badly formatted mails.
185 * minor fixes for Cray support.
187 * fix popen bug i ftpd.
189 * lots of bug fixes and portability fixes.
191 * better compatibility with Heimdal.
193 Minor changes in release 0.9.6:
195 * utmp(x) works correctly on systems with utmpx.
197 * A security-related bug in ftpd fixed.
199 * Compiles on solaris 2.4, 2.6 and on WinNT/95 with cygwin32 beta18.
201 * New option `-w' to rxtelnet, rxterm.
203 Major changes in release 0.9.5:
205 * We made some changes to be compatible with the other kerberised ftp
206 implementations and this means that an old kerberised ftp client will
207 not be able to talk to a new ftp server. So try to upgrade your ftp
208 clients and servers at the same time. The reason for this change is
209 described in more detail below.
211 * The interpretation of /etc/ftpusers has changed slightly, see
212 ftpusers(5). These changes come from NetBSD.
214 * The function `des_quad_cksum', which is used by `krb_rd_safe', and
215 `krb_mk_safe', has never been compatible with MIT's DES
216 library. This has now been fixed.
218 This fix will however break some programs that used those functions,
219 for instance `ftp'. In this version `krb_rd_safe' is modified to
220 accept checksums of both the new and the old format; `krb_mk_safe'
221 will always emit checksums of the new type *unless* `krb_rd_safe'
222 has detected that the client is using the old checksum (this feature
223 may be removed in some future release).
225 If you have programs that use `krb_mk_safe' and `krb_rd_safe' you
226 should upgrade all clients before upgrading your servers. Client is
227 here defined as the program that first calls `krb_rd_safe'.
229 If you are using some protocol that talks to more than one client or
230 server in one session, the heuristics to detect which kind of
231 checksum to use might fail.
233 The problem with `des_quad_cksum' was just a byte-order problem, so
234 there are no security problems with using the old versions. Thanks
235 to Derrick J Brashear <shadow@DEMENTIA.ORG> for pointing in the
236 right general direction.
238 * Rewrote kx to work always open TCP connections in the same
239 direction. This was needed to make it work through NATs and is
240 generally a cleaner way of doing it. Also added `tenletxr'.
241 Unfortunately the new protocol is not compatible with the old one.
242 The new kx and kxd programs try to figure out if they are talking to
245 * Quite a bit of new functionality in otp. Changed default hash
246 function to `md5'. Fixed implementation of SHA and added downcasing
247 of seed to conform with `draft-ietf-otp-01.txt'. All verification
248 examples in the draft now work.
250 * Fixed buffer overflows.
252 * Add history/line editing in kadmin and ftp.
254 * utmp/utmpx and wtmp/wtmpx might work better on strange machines.
256 * Bug fixes for `rsh -n' and `rcp -x'.
258 * reget now works in ftp and ftpd. Passive mode works. Other minor
261 * New option `-g umask' to ftpd for specifying the umask for anonymous users.
263 * Fix for `-l' option in rxtelnet and rxterm.
265 * XOVER support in popper.
267 * Better support for building shared libraries.
269 * Better support for talking to the KDC over TCP. This could make it
270 easier to use brain-damaged firewalls.
272 * Support FreeBSD-style MD5 /etc/passwd.
274 * New option `-createuser' to afslog.
276 * Upgraded to work with socks5-v1.0r1.
278 * Almost compiles and works on OS/2 with EMX, and Win95/NT with gnu-win32.
280 * Merged in win32-telnet, see README-WIN32 for more details.
282 * Possibly fixed telnet bug on HP-UX 10.
286 * Support for NetBSD/OpenBSD manual page circus.
290 Major changes in release 0.9.3:
292 * kx has been rewritten and is now a lot easier to use. Two new
293 scripts: rxtelnet and rxterm. It also works on machines such as
294 Cray where the X-libraries cannot talk unix sockets.
296 * experimental OTP (RFC1938). Included in login, ftpd, and popper.
298 * authentication modules: PAM for linux, SIA for OSF/1, and
299 afskauthlib for Irix.
301 * popper now has the UIDL command.
303 * ftpd can now tar and compress files and directories on the fly, also
304 added a find site command.
306 * updated documentation and man pages.
308 * Change kuserok so that it acts as if luser@LOCALREALM is always an
309 entry of .klogin, even when it's not possible to verify that there
310 is no such file or the file is unreadable.
312 * Support for SRV-records.
318 * allow for other transport mechanisms than udp (useful for firewall
319 tormented souls); as a side effect the format of krb.conf had to
322 * sample programs included.
324 * work arounds for Linux networking bugs in rlogind and rlogin.
328 * quite a number of improvments/bugfixes
330 * New platforms: HP-UX 10, Irix 6.2
332 Major changes in release 0.9.2a:
334 * fix annoying bug with kauth (et al) returning incorrect error
336 Major changes in release 0.9.2:
338 * service `kerberos-iv' and port 750 has been registered with IANA.
342 - Compiles with gcc on AIX.
344 - Compiles with really old resolvers.
346 - ftp works with afs string-to-key.
348 - shared libraries should work on Linux/ELF.
350 - some potential buffer overruns.
352 - general code clean-up.
354 * Better Cray/UNICOS support.
356 * New platforms: AIX 4.2, IRIX 6.1, and Linux 2.0
358 Major changes in release 0.9.1:
362 - No hardcoded references to /usr/athena
364 - Better Linux support with rlogin
366 - Fix for broken handling of NULL password in kadmind (such as with
369 - AFS-aware programs should work on AIX systems without AFS
371 * New platforms: Digital UNIX 4.0 and Fujitsu UXP/V
373 * New mechanism to determine realm from hostname based on DNS. To find
374 the realm of a.b.c.d it tries to find krb4-realm.a.b.c.d and then
375 krb4-realm.b.c.d and so on. The entry in DNS should be a TXT record
378 krb4-realm.pdc.kth.se. 7200 TXT "NADA.KTH.SE"
380 Major changes in release 0.9:
384 Dec Alpha OSF/1 3.2 with cc -std1
385 HP 9000/735 HP/UX 9.05 with gcc
386 DEC Pmax Ultrix 4.4 with gcc (cc does not work)
387 IBM RS/6000 AIX 4.1 with xlc (gcc works, cc does not)
389 Sun SunOS 4.1.4 with gcc (cc is not ANSI and does not work)
390 Sun SunOS 5.5 with gcc
391 Intel i386 NetBSD 1.2 with gcc
392 Intel i386 Linux 1.3.95 with gcc
393 Cray J90 Unicos 9 with cc
395 * Mostly ported to Crays running Unicos 9.
397 * S/Key-support in ftpd.
399 * Delete operation supported in kerberos database.
401 * Cleaner and more portable code.
403 * Even less bugs than before.
405 * kpopper now supports the old pop3 protocol and has been renamed to popper.
407 * rsh can be renamed remsh.
409 * Experimental program for forwarding IP over a kerberos tunnel.
411 * Updated to libdes 3.23.
413 Major changes in release 0.8:
415 * New programs: ftp & ftpd.
417 * New programs: kx & kxd. These programs forward X connections over
418 kerberos-encrypted connections.
420 * Incorporated version 3.21 of libdes.
422 * login: No double utmp-entries on Solaris.
426 * Better guessing of what realm a cell belongs to.
428 * Support for authenticating to several cells. Reads
429 /usr/vice/etc/TheseCells, if present.
431 * ksrvutil: Support for generating AFS keys.
433 * login, su, rshd, rlogind: tries to counter possible NIS-attack.
435 * xnlock: several bug fixes and support for more than one screen.
437 * Default port number for ekshell changed from 2106 to 545. kauth
438 port changed from 4711 to 2120.
440 * Rumored to work on Fujitsu UXP/V and Cray UNICOS.
442 Major changes in release 0.7:
444 * New experimental masterkey generation. Enable with
445 --enable-random-mkey. Also the default place for the master key has
446 moved from /.k to /var/kerberos/master-key. This is customizable
447 with --with-mkey=file. If you don't want you master key to be on the
448 same backup medium as your database, remember to use this flag. All
449 relevant programs still checks for /.k.
451 * `-t' option to kadmin.
453 * Kpopper uses kuserok to verify if user is allowed to pop mail.
455 * Kpopper tries to locate the mail spool directory: /var/mail or
458 * kauth has ability to get ticket on a remove host with the `-h' option.
460 * afslog (aklog clone) and pagsh included.
462 * New format for /etc/krb.equiv.
464 * Better multi-homed hosts support in kauth, rcp, rlogin, rlogind,
465 rshd, telnet, telnetd.
467 * rlogind works on ultrix and aix 3.2.
471 Major changes in release 0.6:
477 Dec/Pmax Ultrix 4.4 (rlogind not working)
478 IBM RS/6000 AIX 3.2 (rlogind not working)
487 It is rumored to work to some extent on NextStep 3.3.
489 * ksrvutil get to create new keys and put them in the database at the
492 * Support for S/Key in login.
494 * kstring2key: new program to show string to key conversion.
496 * Kerberos server should now listen on all available network
497 interfaces and on both port 88 and 750.
499 * Timeout in kpopper.
501 * Support password quality checks in kadmind. Use --with-crack-lib to
502 link kadmind with cracklib. The patches in cracklib.patch are needed.
504 * Movemail from emacs 19.30.
506 * Logging format uses four digits for years.
508 * Fallback if port numbers are not listed in /etc/services.
511 * Relesed version 0.5
513 * lib/des/read_pwd.c: Redifine TIOCGETP and TIOCSETP so that the
514 same code is used both for posix termios and others.
516 * rsh, rlogin: Add environment variable RSTAR_NO_WARN which when
517 set to "yes" make warnings about "rlogin: warning, using standard
518 rlogin: remote host doesn't support Kerberos." go away.
520 * admin/kdb_util.c (load_db) lib/kdb/krb_dbm.c (kerb_db_update):
521 Optimized so that it can handle large databases, previously a
522 10000 entry DB would take *many* minutes, this can now be done in
525 * Changes in server/kerberos.c, kadmin/*.c slave/*.c to support 64
526 bit machines. Source should now be free of 64 bit assumptions.
528 * admin/copykey.c (copy_from_key): New functions for copying to
529 and from keys. Neccessary to solve som problems with longs on 64
530 bit machines in kdb_init, kdb_edit, kdb_util and ext_srvtab.
532 * lib/kdb/krb_kdb_utils.c (kdb_verify_master_key): More problems
533 with longs on 64 bit machines.
535 * appl/bsd/login.c (main): Lots of stuff to support Psoriasis
536 login. Courtesy of gertz@lysator.liu.se.
538 * configure.in, all Makefile.in's: Support for Linux shared
539 libraries. Courtesy of svedja@lysator.liu.se.
541 * lib/krb/cr_err_reply.c server/kerberos.c: Moved int req_act_vno
542 = KRB_PROT_VERSION; from server kode to libkrb where it really
545 * appl/bsd/forkpty.c (forkpty): New function that allocates master
546 and slave ptys in a portable way. Used by rlogind.
548 * appl/telnet/telnetd/sys_term.c (start_login): Under SunOS5 the
549 same utmpx slot got used by sevral sessions. Courtesy of
550 gertz@lysator.liu.se.
552 * util/{ss, et}/Makefile.in (LEX): Use flex or lex. Courtesy of
553 svedja@lysator.liu.se.
555 * Fix the above Makefiles to work around bugs in Solaris and OSF/1
556 make rules that was triggered by VPATH functionality in the yacc
559 * appl/kpopper/pop_log.c (pop_log) appl/kpopper/pop_msg.c (pop_msg):
560 Use stdarg instead of varargs. The code is still broken though,
561 you'll realize that on a machine with 64 bit pointers and 32 bit
562 int:s and no vsprintf, let's hope there will be no such beasts ;-).
564 * appl/telnet/telnetd/sys_term.c (getptyslave): Not all systems
565 have (or need) modules ttcompat and pckt so don't flag it as a
566 fatal error if they don't exist.
568 * kadmin/admin_server.c (kadm_listen) kadmind/kadm_ser_wrap.c
569 (kadm_listen): Add kludge for kadmind running on a multihomed
570 server. #ifdef:ed under MULTIHOMED_KADMIN. Change in acconfig.h
571 if you need this feature.
573 * appl/Makefile.in (SUBDIRS): Add applications movemail kpopper
576 * appl/bsd/rlogin.c (main): New rlogind.c, forkpty() is not
577 implemented yet though.
579 * appl/xnlock/Makefile.in: Some stubs for X11 programs in
580 configure.in as well as a kerberized version of xnlock.
582 * appl/bsd/{rlogin.c, rsh.c, rcp.c}: Add code to support fallback
583 port numbers if they can not be found using getservbyname.
585 * appl/bsd/klogin.c (klogin): Use differnet ticket files for each
586 login so that a malicous user won't be able to destroy our tickets
587 with a failed login attempt.
589 * lib/kafs/afssys.c (k_afsklog): First we try afs.cell@REALM, if
590 there is no such thing try afs@CELL instead. There is now two
591 arguments to k_afslog(char *cell, char *realm).
593 * kadmin/admin_server.c (kadm_listen): If we are multihomed we
594 need to figure out which local address that is used this time
595 since it is used in "direction" comparison.
597 * kadmin/kadm_ser_wrap.c (kadm_ser_init): Fallback to use default
600 * lib/krb/send_to_kdc.c (send_to_kdc): Default port number
601 (KRB_PORT) was not in network byte order.
603 * lib/krb/send_to_kdc.c (send_recv): Linux clears timeout struct
606 * appl/bsd/rcp.c, appl/bsd/rlogin.c, appl/bsd/rsh.c:
607 Now does fallback if there isn't any entries in /etc/services for
608 klogin/kshell. This also made the code a bit more pretty.
610 * appl/bsd/login.c: Added support for lots of more struct utmp fields.
611 If there is no ttyslot() use setutent and friends.
613 * appl/bsd/Makefile.in, appl/bsd/rlogind.c, appl/bsd/rshd.c:
614 Added extern iruserok().
616 * appl/bsd/iruserok.c: Initial revision
618 * appl/bsd/bsd_locl.h: Must include sys/filio.h on Psoriasis.
620 * appl/bsd/Makefile.in: New install
622 * appl/bsd/pathnames.h: Fix default path, rsh and rlogin.
624 * appl/bsd/rshd.c: Extend default PATH with bindir to find rcp.
626 * appl/bsd/login.c (login): If there is no ttyslot use setutent
627 and friends. Added support for lots of more struct utmp fields.
629 * server/kerberos.c (main) lib/kafs/afssys.c appl/bsd/bsd_locl.h:
630 Must include sys/filio.h on Psoriasis to find _IOW and FIO* macros.
632 * appl/bsd/rlogind.c (doit): Use _PATH_DEFPATH rather than
635 * appl/bsd/login.c, su.c (main): Use fallback to bourne shell if
638 * appl/bsd/su.c (main): Update usage message to reflect that '-'
639 option must come after the ordinary options and before login-id.
641 * appl/telnet/telnetd/telnetd.c (doit): If remote host name is to
642 long to fit into utmp try to remove domain part if it does match
645 (main): Add new option -L /bin/login so that it is possible to
646 specify an alternate login program.
648 * appl/telnet/telnet/commands.c (env_init): When exporting
649 variable DISPLAY and if hostname is not the full name, try to get
650 the full name from DNS.
652 * appl/telnet/telnet/main.c (main): Option -k realm was broken due
653 to a bogous external declaration.
655 * kadmin/kadmin.c (add_new_key): Kadmin now properly sets
656 lifetime, expiration date and attributes in add_new_key command.
658 * appl/bsd/su.c (main): Don't handle '-' option with getopt.
660 * appl/telnet/telnet/externs.h: Removed protection for multiple
661 inclusions of termio(s).h since it broke definition of termio
662 macro on POSIX systems.
664 * lib/krb/lifetime.c (krb_life_to_time): If you want to disable
665 AFS compatible long lifetimes set krb_no_long_lifetimes = 1.
667 Please note that the long lifetimes are 100% compatible up to
668 10h so this should rarely be necessary.
670 * lib/krb/krb_equiv.c (krb_equiv): If you don't want to use
671 ipaddress protection of tickets set krb_ignore_ip_address. This
672 makes it possible for an intruder to steal a ticket and then use
673 it from som other machine anywhere on the net.
675 * kadmin/kadm_ser_wrap.c (kadm_ser_init): Don't bind to only one
676 local address. Accept request on all interfaces.
678 * admin/kdb_edit.c (change_principal): Don't accept illegal
679 dates. Courtesy of gertz@lysator.liu.se.
681 * configure.in: AIX specific libraries needed when using standard
682 libc routine getttyent, IBM should be ashamed!
684 * lib/krb/recvauth.c (krb_recvauth): Long that should be int32_t
687 * Added strdup for su and rlogin.
689 * Fix for old syslog macros in appl/bsd/bsd_locl.
691 * lib/kdb/krb_dbm.c (kerb_db_rename) admin/kdb_destroy.c: New
692 ifdef HAVE_NEW_DB for new databases residing in one file only.
694 * appl/bsd/rlogin.c (oob): Add workaround for Linux.
696 * appl/bsd/getpass.c: New routine that reads up to 127 char
697 passwords. Used in su.c and login.c.
699 * appl/telnet/telnetd/sys_term.c (login_tty): Ioctl TIOCSCTTY
700 should not be used on HP-UX.
702 ==========================*** Released 0.2? ***=============================
705 If there is a dot in the about to be added principals name there is
706 no need to ask for instance name.
709 Logfiles are created with small permissions (600).
711 krb.conf and krb.realms
712 Use domain part as realm name if there is no match in krb.realms.
713 Use kerberos.REALMNAME if there is no match in krb.realms.
716 The rlogin client is supported both with and without encryption,
717 there is no rlogind yet though.
720 There is login program that supports the -f option. Both kerberos
721 and /etc/passwd authentication is enabled.
723 Vendors login programs typically have no -f option (needed by
724 telnetd) and also does not know how to verify passwords againts
728 Now uses POSIX signals.
731 Generate random passwords if administrator enters empty password.
734 New library to support AFS. Routines:
736 int k_afsklog(...); or some other name
739 int k_pioctl(char *, int, struct ViceIoctl *, int);
741 Library supports more than one single entry point AFS syscalls
742 (needed be HP/UX and OSF/1 when running DFS). Doesn't rely on
743 transarc headers or library code. Same binaries can be used both on
744 machines running AFS and others.
746 This library is used in telnetd, login and the r* programs.
749 Based on telnet.95.05.31.NE but with the encryption hacks from
750 ftp.funet.fi:/pub/unix/security/esrasrc-1.0 added. This encryption
751 stuff needed some more modifications (done by joda@nada.kth.se)
752 before it was usable. Telnet has also been modified to use GNU
755 Numerous other changes that are long since forgotten.