MIT Kerberos 5 Release 1.3 Announced
by Berislav Kucan - Wednesday, 9 July 2003.
The MIT Kerberos Team announced the availability of MIT Kerberos 5 Release 1.3. Kerberos 5 Release 1.3 source can be retrieved from http://web.mit.edu/network/kerberos-form.html. For furher information on Kereberos, visit MIT's Kerberos site. Major changes since release 1.2.8 (from the changelog):
  • We now install the compile_et program, so other packages can use the installed com_err library with their own error tables. (If you use our com_err code, that is; see below.)
  • The header files we install now assume ANSI/ISO C ('89, not '99). We have stopped testing on SunOS 4, even with gcc. Some of our code now has C89-based assumptions, like free(NULL) being well defined, that will probably frustrate any attempts to run this code under SunOS 4 or other pre-C89 systems.
  • Some new code, bug fixes, and cleanup for IPv6 support. Most of the code should support IPv6 transparently now. The RPC code (and therefore the admin system, which is based on it) does not yet support IPv6. The support for Kerberos 4 may work with IPv6 in very limited ways, if the address checking is turned off. The FTP client and server do not have support for the new protocol messages needed for IPv6 support (RFC 2429).
  • We have upgraded to autoconf 2.52 (or later), and the syntax for specifying certain configuration options have changed. For example, autoconf 2.52 configure scripts let you specify command-line options like "configure CC=/some/path/foo-cc", so we have removed some of our old options like --with-cc in favor of this approach.
  • The client libraries can now use TCP to connect to the KDC. This may be necessary when talking to Microsoft KDCs (domain controllers), if they issue you tickets with lots of PAC data.
  • If you have versions of the com_err or ss installed locally, you can use the --with-system-et and --with-system-ss configure options to use them rather than using the versions supplied here. Note that the interfaces are assumed to be similar to those we supply; in particular, some older, divergent versions of the com_err library may not work with the krb5 sources. Many configure-time variables can be used to help the compiler and linker find the installed packages; see the build documentation for details.
  • The AES cryptosystem has been implemented. However, support in the Kerberos GSSAPI mechanism has not been written (or even fully specified), so it's not fully enabled. See the documentation for details.

Spotlight

eBook: Cybersecurity for Dummies

Posted on 16 December 2014.  |  APTs have changed the world of enterprise security and how networks and organizations are attacked. These threats, and the cybercriminals behind them, are experts at remaining hidden from traditional security while exhibiting an intelligence, resiliency, and patience that has never been seen before.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Thu, Dec 18th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //