Ignore bad enctypes in krb5_string_to_keysalts()

Allow gss_unwrap_iov() of unpadded RC4 tokens
2020-07-22 17:28:11 -04:00 · 2020-07-22 17:28:11 -04:00 · 86ecb1b3d2
commit 86ecb1b3d2
parent b1b925635d
3 changed files with 66 additions and 6 deletions
--- a/Allow-gss_unwrap_iov-of-unpadded-RC4-tokens.patch
+++ b/Allow-gss_unwrap_iov-of-unpadded-RC4-tokens.patch
@ -0,0 +1,49 @@
+From bedbb5ee1ad821b91f00d30361985e6863c0e6ba Mon Sep 17 00:00:00 2001
+From: Greg Hudson <ghudson@mit.edu>
+Date: Sat, 11 Jul 2020 21:57:30 -0400
+Subject: [PATCH] Allow gss_unwrap_iov() of unpadded RC4 tokens
+
+Windows Remote Management, when used with an RC4 session key, appears
+to generate GSS wrap tokens with no padding instead of the expected
+one byte (RFC 4757 section 7.3).  These tokens cannot be decoded with
+gss_unwrap() or a STREAM buffer (even with Microsoft SSPI), but SSPI
+allows them to be decoded using explicit IOVs with either a
+zero-length padding buffer or no padding buffer.  Allow these cases to
+work in kg_fixup_padding_iov().  (It is already possible to make this
+work with HEADER | DATA | DATA, but only by
+accident--kg_fixup_padding_iov() doesn't find a data buffer because
+kg_locate_iov() only looks for singleton buffers, so it exits early.)
+
+ticket: 8926 (new)
+tags: pullup
+target_version: 1.18-next
+
+(cherry picked from commit 3f204ddd567715ef360b4bb0b32961b6a9877f9d)
+---
+ src/lib/gssapi/krb5/util_crypt.c | 9 +++------
+ 1 file changed, 3 insertions(+), 6 deletions(-)
+
+diff --git a/src/lib/gssapi/krb5/util_crypt.c b/src/lib/gssapi/krb5/util_crypt.c
+index f7d3e92c4..d6c71aeb8 100644
+--- a/src/lib/gssapi/krb5/util_crypt.c
+++ b/src/lib/gssapi/krb5/util_crypt.c
+@@ -638,16 +638,13 @@ kg_fixup_padding_iov(OM_uint32 *minor_status, gss_iov_buffer_desc *iov,
+     data = kg_locate_iov(iov, iov_count, GSS_IOV_BUFFER_TYPE_DATA);
+     padding = kg_locate_iov(iov, iov_count, GSS_IOV_BUFFER_TYPE_PADDING);
+ 
+-    if (data == NULL) {
+    /* Do nothing if padding is absent or empty, to allow unwrapping of WinRM
+     * unpadded RC4 tokens using an explicit IOV array. */
+    if (data == NULL || padding == NULL || padding->buffer.length == 0) {
+         *minor_status = 0;
+         return GSS_S_COMPLETE;
+     }
+ 
+-    if (padding == NULL || padding->buffer.length == 0) {
+-        *minor_status = EINVAL;
+-        return GSS_S_FAILURE;
+-    }
+-
+     p = (unsigned char *)padding->buffer.value;
+     padlength = p[padding->buffer.length - 1];
+ 
--- a/Ignore-bad-enctypes-in-krb5_string_to_keysalts.patch
+++ b/Ignore-bad-enctypes-in-krb5_string_to_keysalts.patch
@ -1,4 +1,4 @@
-From f9c314847c999727679a9e8ad4fb565001e47fd2 Mon Sep 17 00:00:00 2001
+From 3f873868fb08b77da2d30e164a0ef6c71c17c607 Mon Sep 17 00:00:00 2001
 From: Robbie Harwood <rharwood@redhat.com>
 Date: Wed, 15 Jul 2020 15:42:20 -0400
 Subject: [PATCH] Ignore bad enctypes in krb5_string_to_keysalts()
@ -6,13 +6,19 @@ Subject: [PATCH] Ignore bad enctypes in krb5_string_to_keysalts()
 Fixes a problem where the presence of legacy/unrecognized keysalts in
 supported_enctypes would prevent the kadmin programs from starting.

-(cherry picked from commit 860b411d441e4a486f6714762605c42997b8946a)
+[ghudson@mit.edu: ideally we would put a warning in the kadmind log,
+but that is difficult to do when the parsing is done inside a library.
+Even adding a trace log is difficult because the kadm5 str_conv
+functions do not accept contexts.]
+
+ticket: 8929 (new)
+(cherry picked from commit be5396ada0e8dabd68bd0aceb733cfca39a609bc)
 ---
 src/lib/kadm5/str_conv.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

 diff --git a/src/lib/kadm5/str_conv.c b/src/lib/kadm5/str_conv.c
-index 7cf51d316..0abfa845c 100644
+index 7cf51d316..798295606 100644
 --- a/src/lib/kadm5/str_conv.c
 +++ b/src/lib/kadm5/str_conv.c
@@ -340,9 +340,10 @@ krb5_string_to_keysalts(const char *string, const char *tupleseps,
@ -24,7 +30,7 @@ index 7cf51d316..0abfa845c 100644
 -            goto cleanup;
 +
 +        /* Discard unrecognized keysalts. */
-+        if (string_to_keysalt(ksp, ksaltseps, &etype, &stype))
+        if (string_to_keysalt(ksp, ksaltseps, &etype, &stype) != 0)
 +            continue;
 
         /* Ignore duplicate keysalts if caller asks. */
--- a/krb5.spec
+++ b/krb5.spec
@ -18,7 +18,7 @@ Summary: The Kerberos network authentication system
 Name: krb5
 Version: 1.18.2
 # for prerelease, should be e.g., 0.% {prerelease}.1% { ?dist } (without spaces)
-Release: 11%{?dist}
+Release: 12%{?dist}

 # rharwood has trust path to signing key and verifies on check-in
 Source0: https://web.mit.edu/kerberos/dist/krb5/1.18/krb5-%{version}%{prerelease}.tar.gz
@ -68,7 +68,8 @@ Patch29: Add-client_aware_channel_bindings-option.patch
 Patch30: Pass-channel-bindings-through-SPNEGO.patch
 Patch31: Add-channel-bindings-tests.patch
 Patch32: Use-two-queues-for-concurrent-t_otp.py-daemons.patch
-Patch33: Ignore-bad-enctypes-in-krb5_string_to_keysalts.patch
+Patch33: Allow-gss_unwrap_iov-of-unpadded-RC4-tokens.patch
+Patch34: Ignore-bad-enctypes-in-krb5_string_to_keysalts.patch

 License: MIT
 URL: https://web.mit.edu/kerberos/www/
@ -623,6 +624,10 @@ exit 0
 %{_libdir}/libkadm5srv_mit.so.*

 %changelog
+* Wed Jul 22 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-12
+- Ignore bad enctypes in krb5_string_to_keysalts()
+- Allow gss_unwrap_iov() of unpadded RC4 tokens
+
 * Wed Jul 15 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-11
 - Ignore bad enctypes in krb5_string_to_keysalts()