MIT Kerberos for Windows 2.6 Beta 3 is available
tlyu at MIT.EDU
Tue Feb 3 14:28:24 EST 2004
The MIT Kerberos for Windows 2.6 Beta 3 release is now available. You
may download its installer from the MIT Kerberos distribution page,
Separate zip files of the binaries, SDK, and extras are also
available. The main MIT Kerberos web page is
Changes between Beta 2 and Beta 3:
* The MSLSA: krb5_ccache type was generating potentially incorrect
client principal names in cross-realm environments. An
explanation of the situation has been added to the release notes
along with fixes applied to the code.
* The MSLSA: krb5_ccache type was incorrectly specifying KDC Options
which would have resulted in invalid TGS requests being sent to
the KDC if the Kerberos LSA cache contained a TGT with the
TRANSIT_POLICY_CHECKED ticket flag set.
* The MSLSA: would crash the application if an attempt to read a
ticket from the Kerberos LSA cache failed with an INVALID_LOGON error.
* The MSLSA: krb5_ccache type will no longer allow TGTs to be read
if the Windows Kerberos LSA is configured to refuse to export TGT
Session Keys. Documentation of the registry keys necessary to
enable TGT Session Key exports on Windows 2000 Server SP4, Windows
XP SP2, and Windows 2003 Server have been added to the release notes.
* A new version of the GSS Sample Application client compatible with
the Unix GSS Sample Application server has been added to the
distribution. The new gss.exe supports a new UI. See release
notes for compatibility issues with the Microsoft Platform SDK
version of the gss sample.
* ms2mit has been changed to refuse to import tickets if the Initial
TGT cannot be read from the MSLSA: krb5_ccache.
* The IP Address change detection in Leash will now trigger a Krb4
ticket refresh in order to obtain new tickets with current IP
* The Leash_importable() api will return FALSE if the Initial TGT
cannot be read from the MSLSA: krb5_ccache.
* Automatic popup of the Obtain Tickets Dialog (kinit) can be
disabled by defining the environment variable:
More information about the krbdev