8 files changed, 155 insertions, 27 deletions

diff --git a/doc/ChangeLog b/doc/ChangeLog
index 38af2b8..a7b435a 100644
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -1,3 +1,27 @@
+2000-06-09  Tom Yu  <tlyu@mit.edu>
+
+	* admin.texinfo: Add descriptions of the kadmin {ank,cpw,ktadd} -e
+	flag.
+
+2000-06-06  Ken Raeburn  <raeburn@mit.edu>
+
+	* install.texinfo: Describe new DNS support, and 3DES upgrade
+	path.  Update "enctypes" config file sample lines.
+
+	* build.texinfo: No kpasswd directory.  Describe new configure
+	options.
+
+	* send-pr.texinfo: Suggest caution regarding tab expansion for
+	patches.
+
+2000-06-02  Ken Raeburn  <raeburn@mit.edu>
+
+	* definitions.texinfo: Update for 1.2 release.
+
+2000-05-31  Ken Raeburn  <raeburn@mit.edu>
+
+	* krb425.texinfo (libdefaults): Add description of v4_realm.
+
 1999-09-22  Tom Yu  <tlyu@mit.edu>
 
 	* copyright.texinfo: Update copyright again.
diff --git a/doc/admin.texinfo b/doc/admin.texinfo
index 2ea716b..b739435 100644
--- a/doc/admin.texinfo
+++ b/doc/admin.texinfo
@@ -1418,6 +1418,12 @@ security-critical.
 Sets the key of the principal to the specified string and does not
 prompt for a password (@code{add_principal} only).  @value{COMPANY} does
 not recommend using this option.
+
+@item -e @i{enc:salt...}
+Uses the specified list of enctype-salttype pairs for setting the key of
+the principal.  The quotes are necessary if there are multiple
+enctype-salttype pairs.  This will not function against kadmin daemons
+earlier than krb5-1.2.
 @end table
 
 If you want to just use the default values, all you need to do is:
@@ -1529,6 +1535,12 @@ Sets the key of the principal to a random value.
 @item @b{-pw} @i{password}
 Sets the password to the string @i{password}.  @value{COMPANY} does not
 recommend using this option.
+
+@item @b{-e} @i{"enc:salt..."}
+Uses the specified list of enctype-salttype pairs for setting the key of
+the principal.  The quotes are necessary if there are multiple
+enctype-salttype pairs.  This will not function against kadmin daemons
+earlier than krb5-1.2.
 @end table
 
 For example:
@@ -2001,6 +2013,12 @@ The @code{ktadd} command takes the following switches:
 use @i{keytab} as the keytab file.  Otherwise, @code{ktadd} will use the
 default keytab file (@code{/etc/krb5.keytab}).
 
+@item @b{-e} @i{"enc:salt..."}
+Uses the specified list of enctype-salttype pairs for setting the key of
+the principal.  The quotes are necessary if there are multiple
+enctype-salttype pairs.  This will not function against kadmin daemons
+earlier than krb5-1.2.
+
 @item -q
 run in quiet mode.  This causes @code{ktadd} to display less verbose
 information.
diff --git a/doc/build.texinfo b/doc/build.texinfo
index 78aa8b4..d41b36a 100644
--- a/doc/build.texinfo
+++ b/doc/build.texinfo
@@ -59,8 +59,8 @@ only need to build Kerberos for one platform, using a single directory
 tree which contains both the source files and the object files is the
 simplest.  However, if you need to maintain Kerberos for a large number
 of platforms, you will probably want to use separate build trees for
-each platform. We recommend that you look at see @ref{OS
-Incompatibilities} for notes that we have on particular operating
+each platform. We recommend that you look at @ref{OS
+Incompatibilities}, for notes that we have on particular operating
 systems. 
 
 @menu
@@ -208,7 +208,7 @@ Kerberos and then want to run the KADM5 tests, you will need to
 re-configure the tree and run @code{make} at the top level again to make
 sure all the proper programs are built.  To save time, you actually only
 need to reconfigure and build in the directories src/kadmin/testing,
-src/lib/rpc, src/lib/kadm5, and src/kpasswd.
+src/lib/rpc, src/lib/kadm5.
 
 @node Options to Configure, osconf.h, Testing the Build, Building Kerberos V5
 @section Options to Configure 
@@ -301,12 +301,6 @@ default, Kerberos V5 configuration will look for @code{-lnsl} and
 (see @ref{Solaris versions 2.0 through 2.3}) or fails to pass the tests in
 @file{src/tests/resolv} you will need to use this option.
 
-@item --enable-shared
-
-This option will turn on the building and use of shared library objects
-in the Kerberos build. This option is only supported on certain
-platforms. 
-
 @item --with-vague-errors
 
 If enabled, gives vague and unhelpful error messages to the client... er,
@@ -329,10 +323,30 @@ Tcl. The directory specified by @code{TCLPATH} specifies where the Tcl
 header file (@file{TCLPATH/include/tcl.h} as well as where the Tcl
 library should be found (@file{TCLPATH/lib}).
 
+@item --enable-shared
+
+This option will turn on the building and use of shared library objects
+in the Kerberos build. This option is only supported on certain
+platforms. 
+
+@item --enable-dns
+@itemx --enable-dns-for-kdc
+@itemx --enable-dns-for-realm
+
+Enable the use of DNS to look up a host's Kerberos realm, or a realm's
+KDCs.  See @x @x @xxxxx.
+
+@item --enable-kdc-replay-cache
+
+Enable a cache in the KDC to detect retransmitted messages, and resend
+the previous responses to them.  This protects against certain types of
+attempts to extract information from the KDC through some of the
+hardware preauthentication systems.
+
 @end table
 
 For example, in order to configure Kerberos on a Solaris machine using
-the @samp{suncc} with the optimizer turned on, run the configure
+the @samp{suncc} compiler with the optimizer turned on, run the configure
 script with the following options:
 
 @example
@@ -465,6 +479,10 @@ was never a problem in using GCC version 2.6.3.
 In version 3.2 and beyond of the operating system, we have not seen any
 problems with the native compiler. 
 
+@c @node Alpha Tru64 UNIX 5.0
+@c @subsection Alpha Tru64 UNIX 5.0
+@c ... login.krb5 problems
+
 @node BSDI, HPUX, Alpha OSF/1 (Digital Unix) V2.0++, OS Incompatibilities
 @subsection BSDI
 
diff --git a/doc/copyright.texinfo b/doc/copyright.texinfo
index 7ea4758..83fe7ef 100644
--- a/doc/copyright.texinfo
+++ b/doc/copyright.texinfo
@@ -1,4 +1,4 @@
-Copyright @copyright{} 1985-1999 by the Massachusetts Institute of Technology. 
+Copyright @copyright{} 1985-2000 by the Massachusetts Institute of Technology. 
 
 @quotation  
 Export of software employing encryption from the United States of
diff --git a/doc/definitions.texinfo b/doc/definitions.texinfo
index 079809d..5a5b37c 100644
--- a/doc/definitions.texinfo
+++ b/doc/definitions.texinfo
@@ -19,8 +19,8 @@
 @set RANDOMUSER johndoe
 @set RANDOMUSER1 jennifer
 @set RANDOMUSER2 david
-@set RELEASE 1.1
-@set PREVRELEASE 1.0
+@set RELEASE 1.2
+@set PREVRELEASE 1.1
 @set INSTALLDIR /usr/@value{LCPRODUCT}
 @set PREVINSTALLDIR @value{INSTALLDIR}
 @set ROOTDIR /usr/local
diff --git a/doc/install.texinfo b/doc/install.texinfo
index 8744b0f..05c7d9a 100644
--- a/doc/install.texinfo
+++ b/doc/install.texinfo
@@ -229,7 +229,10 @@ BOSTON.@value{SECONDREALM} and HOUSTON.@value{SECONDREALM}.
 @node Mapping Hostnames onto Kerberos Realms, Ports for the KDC and Admin Services, Kerberos Realms, Realm Configuration Decisions
 @section Mapping Hostnames onto Kerberos Realms
 
-Mapping hostnames onto Kerberos realms is done through a set of rules in
+Mapping hostnames onto Kerberos realms is done in one of two ways.
+
+The first mechanism, which has been in use for years in MIT-based
+Kerberos distributions, works through a set of rules in
 the @code{krb5.conf} configuration file.  (@xref{krb5.conf}.)  You can
 specify mappings for an entire domain or subdomain, and/or on a
 hostname-by-hostname basis.  Since greater specificity takes precedence,
@@ -240,7 +243,14 @@ The @value{PRODUCT} System Administrator's Guide contains a thorough
 description of the parts of the @code{krb5.conf} file and what may be
 specified in each.  A sample @code{krb5.conf} file appears in
 @ref{krb5.conf}.  You should be able to use this file, substituting the
-relevant information for your Kerberos instllation for the samples.
+relevant information for your Kerberos installation for the samples.
+
+The second mechanism, recently introduced into the MIT code base but not
+currently used by default, works by looking up the information in
+special records in the Domain Name Service.  This too is described in
+the @value{PRODUCT} System Administrator's Guide.  Even if you do not
+choose to use this mechanism within your site, you may wish to set up
+anyways, for use when interacting with other sites.
 
 @node Ports for the KDC and Admin Services, Slave KDCs, Mapping Hostnames onto Kerberos Realms, Realm Configuration Decisions
 @section Ports for the KDC and Admin Services
@@ -293,11 +303,19 @@ disasters.
 @section Hostnames for the Master and Slave KDCs
 
 @value{COMPANY} recommends that your KDCs have a predefined set of
-CNAMEs, such as @code{@value{KDCSERVER}} for the master KDC and
+CNAME records (DNS hostname aliases), such as @code{@value{KDCSERVER}}
+for the master KDC and
 @code{@value{KDCSLAVE1}}, @code{@value{KDCSLAVE2}}, @dots{} for the
 slave KDCs.  This way, if you need to swap a machine, you only need to
 change a DNS entry, rather than having to change hostnames.
 
+A new mechanism for locating KDCs of a realm through DNS has been added
+to the @value{COMPANY} @value{PRODUCT} distribution.  As with the
+DNS-based mechanism for determining the Kerberos realm of a host, we recommend
+distributing the information this way for use by other sites that may
+want to interact with yours using Kerberos, even if you don't
+immediately make use of it within your own site.
+
 @node Database Propagation,  , Hostnames for the Master and Slave KDCs, Realm Configuration Decisions
 @section Database Propagation
 
@@ -1007,6 +1025,7 @@ Database to Each Slave KDC}.)
 Switch the CNAMEs of the old and new master KDCs.  (If you don't do
 this, you'll need to change the @code{krb5.conf} file on every client
 machine in your Kerberos realm.)
+
 @end enumerate
 
 @node Installing and Configuring UNIX Client Machines, UNIX Application Servers, Installing KDCs, Installing Kerberos V5
@@ -1050,7 +1069,7 @@ counterparts
 @c @code{from}
 @code{su}, @code{passwd}, and @code{rdist}.
 
-@node Client Machine Configuration Files, Mac OS X Configuration, Client Programs, Installing and Configuring UNIX Client Machines
+@node Client Machine Configuration Files,  , Client Programs, Installing and Configuring UNIX Client Machines
 @subsection Client Machine Configuration Files
 
 Each machine running Kerberos must have a @code{/etc/krb5.conf} file.
@@ -1399,6 +1418,41 @@ To update a Slave KDC, you must stop the old server processes on the
 Slave KDC, install the new server binaries, reload the most recent slave
 dump file, and re-start the server processes.
 
+@node Upgrading to Triple-DES Encryption Keys,  , Upgrading Existing Kerberos V5 Installations, Upgrading Existing Kerberos V5 Installations
+@section Upgrading to Triple-DES Encryption Keys
+
+Beginning with the 1.2 release from MIT, Kerberos includes a stronger
+encryption algorithm called ``triple DES'' -- essentially, three
+applications of the basic DES encryption algorithm, greatly increasing
+the resistance to a brute-force search for the key by an attacker.  This
+algorithm is more secure, but encryption is much slower.  We expect to
+add other, faster encryption algorithms at some point in the future.
+
+Release 1.1 had some support for triple-DES service keys, but with
+release 1.2 we have added support for user keys and session keys as
+well.  Release 1.0 had very little support for multiple cryptosystems,
+and some of that software may not function properly in an environment
+using triple-DES as well as plain DES.
+
+Because of the way the MIT Kerberos database is structured, the KDC will
+assume that a service supports only those encryption types for which
+keys are found in the database.  Thus, if a service has only a
+single-DES key in the database, the KDC will not issue tickets for that
+service that use triple-DES session keys; it will instead issue only
+single-DES session keys, even if other services are already capable of
+using triple-DES.  So if you make sure your application server software
+is updated before adding a triple-DES key for the service, clients
+should be able to talk to services at all times during the updating
+process.
+
+Normally, the listed @code{supported_enctypes} in @code{kdc.conf} are
+all used when a new key is generated.  You can control this with
+command-line flags to @code{kadmin} and @code{kadmin.local}.  You may
+want to exclude triple-DES by default until you have updated a lot of
+your application servers, and then change the default to include
+triple-DES.  We recommend that you always include @code{des-cbc-crc} in
+the default list.
+
 @node Bug Reports for Kerberos V5, Files, Upgrading Existing Kerberos V5 Installations, Top
 @chapter Bug Reports for @value{PRODUCT}
 
@@ -1422,8 +1476,8 @@ Here is an example @code{krb5.conf} file:
 [libdefaults]
     ticket_lifetime = 600
     default_realm = @value{PRIMARYREALM}
-    default_tkt_enctypes = des-cbc-crc
-    default_tgs_enctypes = des-cbc-crc
+    default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc
+    default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc
 
 [realms]
     @value{PRIMARYREALM} = @{
@@ -1478,17 +1532,14 @@ Here's an example of a kdc.conf file:
         kadmind_port = 749
         max_life = 10h 0m 0s
         max_renewable_life = 7d 0h 0m 0s
-        master_key_type = des-cbc-crc
-        supported_enctypes = des-cbc-crc:normal
+        master_key_type = des3-hmac-sha1
+        supported_enctypes = des3-hmac-sha1:normal des-cbc-crc:normal
     @}
 @end group
 @end smallexample
 
-To add Kerberos V4 support, change the @code{supported_enctypes} line to:
-
-@smallexample
-        supported_enctypes = des-cbc-crc:normal des-cbc-crc:v4
-@end smallexample
+To add Kerberos V4 support, add @code{des-cbc-crc:v4} to the
+@code{supported_enctypes} line.
 
 @menu
 * Encryption Types and Salt Types::  
@@ -1514,6 +1565,11 @@ your @value{PRODUCT} keys
 encounter only if you dump an AFS database into a Kerberos database
 @end itemize
 
+For best compatibility with Microsoft Kerberos clients, the
+@code{normal} salt type should be listed ahead of other salt types for
+the same encryption type in the KDC config file and (when specified) on
+the @code{kadmin} command line.
+
 Support for additional encryption types is planned in the future.
 
 @contents
diff --git a/doc/krb425.texinfo b/doc/krb425.texinfo
index e78d4e6..12572e5 100644
--- a/doc/krb425.texinfo
+++ b/doc/krb425.texinfo
@@ -140,6 +140,14 @@ This subsection allows the administrator to configure exceptions to the
 default_domain mapping rule.  It contains V4 instances (tag name) which
 should be translated to some specific hostname (tag value) as the second
 component in a Kerberos V5 principal name.
+
+@itemx v4_realm
+This relation allows the administrator to configure a different
+realm name to be used when converting V5 principals to V4
+ones.  This should only be used when running separate V4 and V5
+realms, with some external means of password sychronization
+between the realms.
+
 @end table
 
 @node kdc.conf,  , krb5.conf, Configuration Files
diff --git a/doc/send-pr.texinfo b/doc/send-pr.texinfo
index 9209ffd..7cf9b70 100644
--- a/doc/send-pr.texinfo
+++ b/doc/send-pr.texinfo
@@ -4,7 +4,11 @@ built and installed @value{PRODUCT}, please use the
 
 Bug reports that include proposed fixes are especially welcome.  If you
 do include fixes, please send them using either context diffs or unified
-diffs (using @samp{diff -c} or @samp{diff -u}, respectively).
+diffs (using @samp{diff -c} or @samp{diff -u}, respectively).  Please be
+careful when using ``cut and paste'' or other such means to copy a patch
+into a bug report; depending on the system being used, that can result
+in converting TAB characters into spaces, which makes applying the
+patches more difficult.
 
 The @code{krb5-send-pr} program is installed in the directory
 @code{@value{ROOTDIR}/sbin}.