In FIPS mode, add plaintext fallback for RC4 usages and taint

2018-08-01 15:11:35 -04:00 · 2018-08-01 15:11:35 -04:00 · ef8eae7c7b
commit ef8eae7c7b
parent d21edd514c
55 changed files with 332 additions and 65 deletions
--- a/Add-ASN.1-encoders-and-decoders-for-SPAKE-types.patch
+++ b/Add-ASN.1-encoders-and-decoders-for-SPAKE-types.patch
@ -13,7 +13,6 @@ compiled as part of "make test-vectors" and not as part of the regular
 build.
 (cherry picked from commit 78a09d95dff6915da4079bc611f4bb95f6a95f70)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/include/k5-spake.h               | 107 +++++++++++++++++++++++++++
 src/lib/krb5/asn.1/asn1_k_encode.c   |  52 ++++++++++++-
--- a/Add-PKINIT-KDC-support-for-freshness-token.patch
+++ b/Add-PKINIT-KDC-support-for-freshness-token.patch
@ -24,7 +24,6 @@ the RSA test.
 ticket: 8648
 (cherry picked from commit 4a9050df0bc34bfb08ba24462d6e2514640f4b8e)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 doc/admin/conf_files/kdc_conf.rst       |   4 +
 doc/admin/pkinit.rst                    |  25 +++++
--- a/Add-PKINIT-client-support-for-freshness-token.patch
+++ b/Add-PKINIT-client-support-for-freshness-token.patch
@ -10,7 +10,6 @@ freshnessToken field of pkAuthenticator
 ticket: 8648
 (cherry picked from commit 085785362e01467cb25c79a90dcebfba9ea019d8)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 doc/user/user_commands/kinit.rst          |  3 +++
 src/include/k5-int-pkinit.h               |  1 +
--- a/Add-SPAKE-preauth-support.patch
+++ b/Add-SPAKE-preauth-support.patch
@ -47,7 +47,6 @@ registry contents; implemented P-384 and P-521]
 ticket: 8647 (new)
 (cherry picked from commit 7447259401569c92b1fb2e31cb02edbbffd67d35)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 NOTICE                                        |   51 +
 doc/admin/conf_files/kdc_conf.rst             |   22 +-
--- a/Add-doc-index-entries-for-SPAKE-constants.patch
+++ b/Add-doc-index-entries-for-SPAKE-constants.patch
@ -5,7 +5,6 @@ Subject: [PATCH] Add doc index entries for SPAKE constants
 ticket: 8647
 (cherry picked from commit c010c9031753f356bb380e8a1324cc34721f8221)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 doc/appdev/refs/macros/index.rst | 2 ++
 1 file changed, 2 insertions(+)
--- a/Add-flag-to-disable-encrypted-timestamp-on-client.patch
+++ b/Add-flag-to-disable-encrypted-timestamp-on-client.patch
@ -5,7 +5,6 @@ Subject: [PATCH] Add flag to disable encrypted timestamp on client
 ticket: 8655
 (cherry picked from commit 4ad376134b8d456392edbac7a7d351e6c7a7f0e7)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 doc/admin/conf_files/krb5_conf.rst | 10 ++++++++++
 doc/admin/spake.rst                |  8 ++++++++
--- a/Add-k5_buf_add_vfmt-to-k5buf-interface.patch
+++ b/Add-k5_buf_add_vfmt-to-k5buf-interface.patch
@ -4,7 +4,6 @@ Date: Thu, 4 Jan 2018 14:35:12 -0500
 Subject: [PATCH] Add k5_buf_add_vfmt to k5buf interface
 (cherry picked from commit f05766469efc2a055085c0bcf9d40c4cdf47fe36)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/include/k5-buf.h                          |  8 ++++++
 src/util/support/k5buf.c                      | 26 +++++++++++--------
--- a/Add-k5_dir_filenames-to-libkrb5support.patch
+++ b/Add-k5_dir_filenames-to-libkrb5support.patch
@ -7,7 +7,6 @@ Add a support function to get a list of filenames from a directory in
 sorted order.
 (cherry picked from commit 27534121eb39089ff4335d8b465027e9ba783682)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/include/k5-platform.h                     |   7 +
 src/util/support/Makefile.in                  |   3 +
--- a/Add-k5test-mark-function.patch
+++ b/Add-k5test-mark-function.patch
@ -8,7 +8,6 @@ by allowing the script to output marks, and displaying the most recent
 mark with command failures.
 (cherry picked from commit 4e813204ac3dace93297f47d64dfc0aaecc370f8)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/util/k5test.py | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
--- a/Add-libkrb5support-hex-functions-and-tests.patch
+++ b/Add-libkrb5support-hex-functions-and-tests.patch
@ -5,7 +5,6 @@ Subject: [PATCH] Add libkrb5support hex functions and tests
 (cherry picked from commit 720dea558da0062d3cea4385327161e62cf09a5e)
 [rharwood@redhat.com Remove .gitignore]
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/include/k5-hex.h                          |  53 ++++++
 src/util/support/Makefile.in                  |  15 +-
--- a/Add-vector-support-to-k5_sha256.patch
+++ b/Add-vector-support-to-k5_sha256.patch
@ -8,7 +8,6 @@ to k5_sha256(), for efficient computation of SHA-256 hashes over
 concatenations of data values.
 (cherry picked from commit 4f3373e8c55b3e9bdfb5b065e07214c5816c85fa)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/include/k5-int.h                 | 4 ++--
 src/lib/crypto/builtin/sha2/sha256.c | 6 ++++--
--- a/Be-more-careful-asking-for-AS-key-in-SPAKE-client.patch
+++ b/Be-more-careful-asking-for-AS-key-in-SPAKE-client.patch
@ -19,7 +19,6 @@ spake_prep_questions() without a prototype.
 ticket: 8659
 (cherry picked from commit f240f1b0d324312be8aa59ead7cfbe0c329ed064)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/plugins/preauth/spake/spake_client.c | 111 ++++++++++++++---------
 1 file changed, 66 insertions(+), 45 deletions(-)
--- a/Convert-Python-tests-to-Python-3.patch
+++ b/Convert-Python-tests-to-Python-3.patch
@ -9,7 +9,6 @@ test code to conform to Python 3.
 ticket: 8710 (new)
 (cherry picked from commit e23d24beacb73581bbf4351250f3955e6fd44361)
 [rharwood@redhat.com: Context skew due to not having LMDB in tests]
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/Makefile.in                  |  1 +
 src/configure.in                 |  6 ++--
--- a/Eliminate-preprocessor-disabled-dead-code.patch
+++ b/Eliminate-preprocessor-disabled-dead-code.patch
@ -10,7 +10,6 @@ these dead hunks along with the complexity to support them.
 (cherry picked from commit 2bc951d3c88b460a16249115cbd51d69c3c57e22)
 [rharwood@redhat.com: context skew]
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/ccapi/common/win/OldCC/ccutils.c          |  6 --
 src/ccapi/common/win/OldCC/ccutils.h          |  3 -
--- a/Exit-with-status-0-from-kadmind.patch
+++ b/Exit-with-status-0-from-kadmind.patch
@ -14,7 +14,6 @@ weird return code has been present since the addition of the kadmin
 code, which used a similar event model for signals.
 (cherry picked from commit f970ad412aca36f8a7d3addb1cd4026ed22e5592)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/kadmin/server/ovsec_kadmd.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
--- a/Explicitly-look-for-python2-in-configure.in.patch
+++ b/Explicitly-look-for-python2-in-configure.in.patch
@ -15,7 +15,6 @@ doesn't need a #!/usr/bin/python header.
 ticket: 8709 (new)
 (cherry picked from commit 2bd410ecdb366083fe9b4e5f6ac4b741b624230b)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/appl/gss-sample/t_gss_sample.py     | 2 --
 src/appl/user_user/t_user2user.py       | 1 -
--- a/Fix-SPAKE-memory-leak.patch
+++ b/Fix-SPAKE-memory-leak.patch
@ -10,7 +10,6 @@ data object to avoid a harmless uninitialized memory copy.
 ticket: 8647
 (cherry picked from commit 70b88b8018658e052d6eabf06f8fdad17fbe993c)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/plugins/preauth/spake/openssl.c   | 1 +
 src/plugins/preauth/spake/spake_kdc.c | 1 +
--- a/Fix-hex-conversion-of-PKINIT-certid-strings.patch
+++ b/Fix-hex-conversion-of-PKINIT-certid-strings.patch
@ -12,7 +12,6 @@ commit message]
 ticket: 8636
 (cherry picked from commit 63e8b8142fd7b3931a7bf2d6448978ca536bafc0)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 .../preauth/pkinit/pkinit_crypto_openssl.c    | 55 +++++++++++++++----
 1 file changed, 44 insertions(+), 11 deletions(-)
--- a/Fix-k5test-prompts-for-Python-3.patch
+++ b/Fix-k5test-prompts-for-Python-3.patch
@ -9,7 +9,6 @@ flushes to make prompts visible in k5test.py.
 ticket: 8710
 (cherry picked from commit 297535b72177dcced036b78107e9d0e37781c7a3)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/util/k5test.py | 2 ++
 1 file changed, 2 insertions(+)
--- a/Fix-read-overflow-in-KDC-sort_pa_data.patch
+++ b/Fix-read-overflow-in-KDC-sort_pa_data.patch
@ -15,7 +15,6 @@ instead get the count from the prior loop by stopping once we move all
 of the key-replacing modules to the front.
 (cherry picked from commit b38e318cea18fd65647189eed64aef83bf1cb772)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/kdc/kdc_preauth.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)
--- a/Fix-securid_sam2-preauth-for-non-default-salt.patch
+++ b/Fix-securid_sam2-preauth-for-non-default-salt.patch
@ -8,7 +8,6 @@ just the default salt type.
 ticket: 8629
 (cherry picked from commit a2339099ad13c84de0843fd04d0ba612fc194a1e)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/plugins/preauth/securid_sam2/grail.c    | 3 +--
 src/plugins/preauth/securid_sam2/securid2.c | 3 +--
--- a/Fix-segfault-in-finish_dispatch.patch
+++ b/Fix-segfault-in-finish_dispatch.patch
@ -12,8 +12,6 @@ dereference state->active_realm.
 tags: pullup
 target_version: 1.16-next
 target_version: 1.15-next
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/kdc/dispatch.c | 79 ++++++++++++++++++++++++----------------------
 1 file changed, 42 insertions(+), 37 deletions(-)
--- a/Fix-some-broken-tests-for-Python-3.patch
+++ b/Fix-some-broken-tests-for-Python-3.patch
@ -15,7 +15,6 @@ currently not exercised by Travis.
 ticket: 8710
 (cherry picked from commit d1fb3551c0dff5c3e6555b31fcbf04ff04d577fe)
 [rharwood@redhat.com: .travis.yml]
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/lib/krad/t_daemon.py |  2 +-
 src/tests/jsonwalker.py  | 16 +++++-----------
--- a/Implement-k5_buf_init_dynamic_zap.patch
+++ b/Implement-k5_buf_init_dynamic_zap.patch
@ -7,7 +7,6 @@ Add a variant of dynamic k5buf objects which zeroes memory when
 reallocating or freeing the buffer.
 (cherry picked from commit 8ee8246c14702dc03b02e31b9fb5b7c2bb674bfb)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/include/k5-buf.h                          |  6 ++-
 src/util/support/k5buf.c                      | 41 +++++++++++++++----
--- a/In-FIPS-mode-add-plaintext-fallback-for-RC4-usages-a.patch
+++ b/In-FIPS-mode-add-plaintext-fallback-for-RC4-usages-a.patch
@ -0,0 +1,327 @@
 From a9f547544ae43c2a71f21cab4fa61388c2f67553 Mon Sep 17 00:00:00 2001
 From: Robbie Harwood <rharwood@redhat.com>
 Date: Tue, 31 Jul 2018 13:47:26 -0400
 Subject: [PATCH] In FIPS mode, add plaintext fallback for RC4 usages and taint
 ---
 src/lib/krad/attr.c      | 38 ++++++++++++++++++++++++++++----------
 src/lib/krad/attrset.c   |  5 +++--
 src/lib/krad/internal.h  | 13 +++++++++++--
 src/lib/krad/packet.c    | 18 +++++++++---------
 src/lib/krad/remote.c    | 10 ++++++++--
 src/lib/krad/t_attr.c    |  3 ++-
 src/lib/krad/t_attrset.c |  4 +++-
 7 files changed, 64 insertions(+), 27 deletions(-)
 diff --git a/src/lib/krad/attr.c b/src/lib/krad/attr.c
 index 9c13d9d75..3a2d0243b 100644
 --- a/src/lib/krad/attr.c
 +++ b/src/lib/krad/attr.c
@@ -38,7 +38,8 @@
 typedef krb5_error_code
 (*attribute_transform_fn)(krb5_context ctx, const char *secret,
                           const unsigned char *auth, const krb5_data *in,
 -                          unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen);
 +                          unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen,
 +                          krb5_boolean *is_fips);
 typedef struct {
     const char *name;
@@ -51,12 +52,14 @@ typedef struct {
 static krb5_error_code
 user_password_encode(krb5_context ctx, const char *secret,
                      const unsigned char *auth, const krb5_data *in,
 -                     unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen);
 +                     unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen,
 +                     krb5_boolean *is_fips);
 static krb5_error_code
 user_password_decode(krb5_context ctx, const char *secret,
                      const unsigned char *auth, const krb5_data *in,
 -                     unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen);
 +                     unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen,
 +                     krb5_boolean *ignored);
 static const attribute_record attributes[UCHAR_MAX] = {
     {"User-Name", 1, MAX_ATTRSIZE, NULL, NULL},
@@ -128,7 +131,8 @@ static const attribute_record attributes[UCHAR_MAX] = {
 static krb5_error_code
 user_password_encode(krb5_context ctx, const char *secret,
                      const unsigned char *auth, const krb5_data *in,
 -                     unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen)
 +                     unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen,
 +                     krb5_boolean *is_fips)
 {
     const unsigned char *indx;
     krb5_error_code retval;
@@ -156,7 +160,12 @@ user_password_encode(krb5_context ctx, const char *secret,
         retval = krb5_c_make_checksum(ctx, CKSUMTYPE_RSA_MD5, NULL, 0, &tmp,
                                       &sum);
 -        if (retval != 0) {
 +        if (retval == ENOMEM) {
 +            /* I'm Linux, so we know this is a FIPS failure.  Taint so we
 +             * don't send it later. */
 +            *is_fips = TRUE;
 +            sum.contents = calloc(1, BLOCKSIZE);
 +        } else if (retval != 0) {
             zap(tmp.data, tmp.length);
             zap(outbuf, len);
             krb5_free_data_contents(ctx, &tmp);
@@ -180,7 +189,8 @@ user_password_encode(krb5_context ctx, const char *secret,
 static krb5_error_code
 user_password_decode(krb5_context ctx, const char *secret,
                      const unsigned char *auth, const krb5_data *in,
 -                     unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen)
 +                     unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen,
 +                     krb5_boolean *is_fips)
 {
     const unsigned char *indx;
     krb5_error_code retval;
@@ -206,7 +216,12 @@ user_password_decode(krb5_context ctx, const char *secret,
         retval = krb5_c_make_checksum(ctx, CKSUMTYPE_RSA_MD5, NULL, 0,
                                       &tmp, &sum);
 -        if (retval != 0) {
 +        if (retval == ENOMEM) {
 +            /* I'm Linux, so we know this is a FIPS failure.  Assume the
 +             * other side is running locally and move on. */
 +            *is_fips = TRUE;
 +            sum.contents = calloc(1, BLOCKSIZE);
 +        } else if (retval != 0) {
             zap(tmp.data, tmp.length);
             zap(outbuf, in->length);
             krb5_free_data_contents(ctx, &tmp);
@@ -248,7 +263,7 @@ krb5_error_code
 kr_attr_encode(krb5_context ctx, const char *secret,
                const unsigned char *auth, krad_attr type,
                const krb5_data *in, unsigned char outbuf[MAX_ATTRSIZE],
 -               size_t *outlen)
 +               size_t *outlen, krb5_boolean *is_fips)
 {
     krb5_error_code retval;
@@ -265,7 +280,8 @@ kr_attr_encode(krb5_context ctx, const char *secret,
         return 0;
     }
 -    return attributes[type - 1].encode(ctx, secret, auth, in, outbuf, outlen);
 +    return attributes[type - 1].encode(ctx, secret, auth, in, outbuf, outlen,
 +                                       is_fips);
 }
 krb5_error_code
@@ -274,6 +290,7 @@ kr_attr_decode(krb5_context ctx, const char *secret, const unsigned char *auth,
                unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen)
 {
     krb5_error_code retval;
 +    krb5_boolean ignored;
     retval = kr_attr_valid(type, in);
     if (retval != 0)
@@ -288,7 +305,8 @@ kr_attr_decode(krb5_context ctx, const char *secret, const unsigned char *auth,
         return 0;
     }
 -    return attributes[type - 1].decode(ctx, secret, auth, in, outbuf, outlen);
 +    return attributes[type - 1].decode(ctx, secret, auth, in, outbuf, outlen,
 +                                       &ignored);
 }
 krad_attr
 diff --git a/src/lib/krad/attrset.c b/src/lib/krad/attrset.c
 index 03c613716..d89982a13 100644
 --- a/src/lib/krad/attrset.c
 +++ b/src/lib/krad/attrset.c
@@ -167,7 +167,8 @@ krad_attrset_copy(const krad_attrset *set, krad_attrset **copy)
 krb5_error_code
 kr_attrset_encode(const krad_attrset *set, const char *secret,
                   const unsigned char *auth,
 -                  unsigned char outbuf[MAX_ATTRSETSIZE], size_t *outlen)
 +                  unsigned char outbuf[MAX_ATTRSETSIZE], size_t *outlen,
 +                  krb5_boolean *is_fips)
 {
     unsigned char buffer[MAX_ATTRSIZE];
     krb5_error_code retval;
@@ -181,7 +182,7 @@ kr_attrset_encode(const krad_attrset *set, const char *secret,
     K5_TAILQ_FOREACH(a, &set->list, list) {
         retval = kr_attr_encode(set->ctx, secret, auth, a->type, &a->attr,
 -                                buffer, &attrlen);
 +                                buffer, &attrlen, is_fips);
         if (retval != 0)
             return retval;
 diff --git a/src/lib/krad/internal.h b/src/lib/krad/internal.h
 index 996a89372..a53ce31ce 100644
 --- a/src/lib/krad/internal.h
 +++ b/src/lib/krad/internal.h
@@ -49,6 +49,13 @@
 typedef struct krad_remote_st krad_remote;
 +struct krad_packet_st {
 +    char buffer[KRAD_PACKET_SIZE_MAX];
 +    krad_attrset *attrset;
 +    krb5_data pkt;
 +    krb5_boolean is_fips;
 +};
 +
 /* Validate constraints of an attribute. */
 krb5_error_code
 kr_attr_valid(krad_attr type, const krb5_data *data);
@@ -57,7 +64,8 @@ kr_attr_valid(krad_attr type, const krb5_data *data);
 krb5_error_code
 kr_attr_encode(krb5_context ctx, const char *secret, const unsigned char *auth,
                krad_attr type, const krb5_data *in,
 -               unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen);
 +               unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen,
 +               krb5_boolean *is_fips);
 /* Decode an attribute. */
 krb5_error_code
@@ -69,7 +77,8 @@ kr_attr_decode(krb5_context ctx, const char *secret, const unsigned char *auth,
 krb5_error_code
 kr_attrset_encode(const krad_attrset *set, const char *secret,
                   const unsigned char *auth,
 -                  unsigned char outbuf[MAX_ATTRSETSIZE], size_t *outlen);
 +                  unsigned char outbuf[MAX_ATTRSETSIZE], size_t *outlen,
 +                  krb5_boolean *is_fips);
 /* Decode attributes from a buffer. */
 krb5_error_code
 diff --git a/src/lib/krad/packet.c b/src/lib/krad/packet.c
 index c597174b6..2fbf0ee1e 100644
 --- a/src/lib/krad/packet.c
 +++ b/src/lib/krad/packet.c
@@ -53,12 +53,6 @@ typedef unsigned char uchar;
 #define pkt_auth(p) ((uchar *)offset(&(p)->pkt, OFFSET_AUTH))
 #define pkt_attr(p) ((unsigned char *)offset(&(p)->pkt, OFFSET_ATTR))
 -struct krad_packet_st {
 -    char buffer[KRAD_PACKET_SIZE_MAX];
 -    krad_attrset *attrset;
 -    krb5_data pkt;
 -};
 -
 typedef struct {
     uchar x[(UCHAR_MAX + 1) / 8];
 } idmap;
@@ -190,7 +184,11 @@ auth_generate_response(krb5_context ctx, const char *secret,
     retval = krb5_c_make_checksum(ctx, CKSUMTYPE_RSA_MD5, NULL, 0, &data,
                                   &hash);
     free(data.data);
 -    if (retval != 0)
 +    if (retval == ENOMEM) {
 +        /* We're on Linux, so this is a FIPS failure, and this checksum
 +         * does very little security-wise anyway, so don't taint. */
 +        hash.contents = calloc(1, AUTH_FIELD_SIZE);
 +    } else if (retval != 0)
         return retval;
     memcpy(rauth, hash.contents, AUTH_FIELD_SIZE);
@@ -276,7 +274,7 @@ krad_packet_new_request(krb5_context ctx, const char *secret, krad_code code,
     /* Encode the attributes. */
     retval = kr_attrset_encode(set, secret, pkt_auth(pkt), pkt_attr(pkt),
 -                               &attrset_len);
 +                               &attrset_len, &pkt->is_fips);
     if (retval != 0)
         goto error;
@@ -314,7 +312,7 @@ krad_packet_new_response(krb5_context ctx, const char *secret, krad_code code,
     /* Encode the attributes. */
     retval = kr_attrset_encode(set, secret, pkt_auth(request), pkt_attr(pkt),
 -                               &attrset_len);
 +                               &attrset_len, &pkt->is_fips);
     if (retval != 0)
         goto error;
@@ -451,6 +449,8 @@ krad_packet_decode_response(krb5_context ctx, const char *secret,
 const krb5_data *
 krad_packet_encode(const krad_packet *pkt)
 {
 +    if (pkt->is_fips)
 +        return NULL;
     return &pkt->pkt;
 }
 diff --git a/src/lib/krad/remote.c b/src/lib/krad/remote.c
 index 437f7e91a..0f90443ce 100644
 --- a/src/lib/krad/remote.c
 +++ b/src/lib/krad/remote.c
@@ -263,7 +263,7 @@ on_io_write(krad_remote *rr)
     request *r;
     K5_TAILQ_FOREACH(r, &rr->list, list) {
 -        tmp = krad_packet_encode(r->request);
 +        tmp = &r->request->pkt;
         /* If the packet has already been sent, do nothing. */
         if (r->sent == tmp->length)
@@ -359,7 +359,7 @@ on_io_read(krad_remote *rr)
     if (req != NULL) {
         K5_TAILQ_FOREACH(r, &rr->list, list) {
             if (r->request == req &&
 -                r->sent == krad_packet_encode(req)->length) {
 +                r->sent == req->pkt.length) {
                 request_finish(r, 0, rsp);
                 break;
             }
@@ -455,6 +455,12 @@ kr_remote_send(krad_remote *rr, krad_code code, krad_attrset *attrs,
                                      (krad_packet_iter_cb)iterator, &r, &tmp);
     if (retval != 0)
         goto error;
 +    else if (tmp->is_fips && rr->info->ai_family != AF_LOCAL &&
 +        rr->info->ai_family != AF_UNIX) {
 +        /* This would expose cleartext passwords, so abort. */
 +        retval = ESOCKTNOSUPPORT;
 +        goto error;
 +    }
     K5_TAILQ_FOREACH(r, &rr->list, list) {
         if (r->request == tmp) {
 diff --git a/src/lib/krad/t_attr.c b/src/lib/krad/t_attr.c
 index eb2a780c8..4d285ad9d 100644
 --- a/src/lib/krad/t_attr.c
 +++ b/src/lib/krad/t_attr.c
@@ -50,6 +50,7 @@ main()
     const char *tmp;
     krb5_data in;
     size_t len;
 +    krb5_boolean is_fips = FALSE;
     noerror(krb5_init_context(&ctx));
@@ -73,7 +74,7 @@ main()
     in = string2data((char *)decoded);
     retval = kr_attr_encode(ctx, secret, auth,
                             krad_attr_name2num("User-Password"),
 -                            &in, outbuf, &len);
 +                            &in, outbuf, &len, &is_fips);
     insist(retval == 0);
     insist(len == sizeof(encoded));
     insist(memcmp(outbuf, encoded, len) == 0);
 diff --git a/src/lib/krad/t_attrset.c b/src/lib/krad/t_attrset.c
 index 7928335ca..0f9576253 100644
 --- a/src/lib/krad/t_attrset.c
 +++ b/src/lib/krad/t_attrset.c
@@ -49,6 +49,7 @@ main()
     krb5_context ctx;
     size_t len = 0, encode_len;
     krb5_data tmp;
 +    krb5_boolean is_fips = FALSE;
     noerror(krb5_init_context(&ctx));
     noerror(krad_attrset_new(ctx, &set));
@@ -62,7 +63,8 @@ main()
     noerror(krad_attrset_add(set, krad_attr_name2num("User-Password"), &tmp));
     /* Encode attrset. */
 -    noerror(kr_attrset_encode(set, "foo", auth, buffer, &encode_len));
 +    noerror(kr_attrset_encode(set, "foo", auth, buffer, &encode_len,
 +                              &is_fips));
     krad_attrset_free(set);
     /* Manually encode User-Name. */
--- a/Include-etype-info-in-for-hardware-preauth-hints.patch
+++ b/Include-etype-info-in-for-hardware-preauth-hints.patch
@ -10,7 +10,6 @@ password.
 ticket: 8629
 (cherry picked from commit ba92da05accc524b8037453b63ced1a6c65fd2a1)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/kdc/kdc_preauth.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
--- a/Include-preauth-name-in-trace-output-if-possible.patch
+++ b/Include-preauth-name-in-trace-output-if-possible.patch
@ -11,7 +11,6 @@ and use it when formatting {patype} or {patypes}.
 ticket: 8653 (new)
 (cherry picked from commit 9c68fe39b018666eabe033b639c1f35d03ba51c7)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/include/k5-trace.h      |  17 +--
 src/lib/krb5/os/t_trace.ref |   2 +-
--- a/Log-when-non-root-ksu-authorization-fails.patch
+++ b/Log-when-non-root-ksu-authorization-fails.patch
@ -8,7 +8,6 @@ syslog at LOG_WARNING in keeping with other failure messages.
 ticket: 8270
 (cherry picked from commit 6cfa5c113e981f14f70ccafa20abfa5c46b665ba)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/clients/ksu/main.c | 10 ++++++++++
 1 file changed, 10 insertions(+)
--- a/Make-docs-build-python3-compatible.patch
+++ b/Make-docs-build-python3-compatible.patch
@ -8,7 +8,6 @@ paths information in docs.  Call exec() directly instead.
 ticket: 8692 (new)
 (cherry picked from commit a7c6d98480f1e33454173f88381921472d72f80a)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 doc/conf.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
--- a/Make-krb5kdc-p-affect-TCP-ports.patch
+++ b/Make-krb5kdc-p-affect-TCP-ports.patch
@ -9,7 +9,6 @@ ports.
 ticket: 8715 (new)
 (cherry picked from commit eb514587acc5c357bf0f554199bf0489b5515f8b)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 doc/admin/admin_commands/krb5kdc.rst | 12 ++++++------
 src/kdc/main.c                       | 12 ++++--------
--- a/Move-zap-definition-to-k5-platform.h.patch
+++ b/Move-zap-definition-to-k5-platform.h.patch
@ -7,7 +7,6 @@ Make it possible to use zap() in parts of the code which should not
 include k5-int.h by moving its definition to k5-platform.h.
 (cherry picked from commit df6bef6f9ea6a5f6f3956a2988cd658c78aae817)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/include/k5-int.h      | 45 -------------------------------------
 src/include/k5-platform.h | 47 ++++++++++++++++++++++++++++++++++++++-
--- a/Process-profile-includedir-in-sorted-order.patch
+++ b/Process-profile-includedir-in-sorted-order.patch
@ -9,7 +9,6 @@ within the C locale).
 ticket: 8686
 (cherry picked from commit f574eda48740ad192f51e9a382a205e2ea0e60ad)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 doc/admin/conf_files/krb5_conf.rst |  4 ++-
 src/util/profile/prof_parse.c      | 56 +++++-------------------------
--- a/Refactor-KDC-krb5_pa_data-utility-functions.patch
+++ b/Refactor-KDC-krb5_pa_data-utility-functions.patch
@ -16,7 +16,6 @@ callers accordingly, making small simplifications to memory handling
 where applicable.
 (cherry picked from commit 4af478c18b02e1d2444a328bb79e6976ef3d312b)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/kdc/fast_util.c   |  28 +------
 src/kdc/kdc_preauth.c |  14 ++--
--- a/Remove-nodes-option-from-make-certs-scripts.patch
+++ b/Remove-nodes-option-from-make-certs-scripts.patch
@ -12,7 +12,6 @@ pkcs12 subcommands, but genrsa creates unencrypted keys by default.
 [ghudson@mit.edu: edited commit message]
 (cherry picked from commit 928a36aae326d496c9a73f2cd41b4da45eef577c)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/tests/dejagnu/pkinit-certs/make-certs.sh | 2 +-
 src/tests/dejagnu/proxy-certs/make-certs.sh  | 2 +-
--- a/Remove-outdated-note-in-krb5kdc-man-page.patch
+++ b/Remove-outdated-note-in-krb5kdc-man-page.patch
@ -13,7 +13,6 @@ tags: pullup
 target_version: 1.16-next
 (cherry picked from commit 728b66ab867e31c4c338c6a6309d629d39a4ec3f)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 doc/admin/admin_commands/krb5kdc.rst | 7 -------
 1 file changed, 7 deletions(-)
--- a/Report-extended-errors-in-kinit-k-t-KDB.patch
+++ b/Report-extended-errors-in-kinit-k-t-KDB.patch
@ -9,7 +9,6 @@ extended error messages.
 ticket: 8652 (new)
 (cherry picked from commit d4d902d317a2acc46ee71094a33a9203b6135275)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/clients/kinit/kinit.c | 1 +
 1 file changed, 1 insertion(+)
--- a/Restrict-pre-authentication-fallback-cases.patch
+++ b/Restrict-pre-authentication-fallback-cases.patch
@ -16,7 +16,6 @@ retried after a failure.
 ticket: 8654
 (cherry picked from commit 7a24a088c16d326127dd2b29084d4ca085c70d10)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/include/krb5/clpreauth_plugin.h      | 14 ++++
 src/lib/krb5/krb/get_in_tkt.c            | 21 +++---
--- a/Simplify-kdc_preauth.c-systems-table.patch
+++ b/Simplify-kdc_preauth.c-systems-table.patch
@ -15,7 +15,6 @@ padata types.  The KRB5_PADATA_SERVER_REFERRAL entry has been disabled
 since it was first added.
 (cherry picked from commit fea1a488924faa3938ef723feaa1ff12d22a91ff)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/kdc/kdc_preauth.c | 526 +++++++++++++++---------------------------
 1 file changed, 184 insertions(+), 342 deletions(-)
--- a/Use-SHA-256-instead-of-MD5-for-audit-ticket-IDs.patch
+++ b/Use-SHA-256-instead-of-MD5-for-audit-ticket-IDs.patch
@ -5,7 +5,6 @@ Subject: [PATCH] Use SHA-256 instead of MD5 for audit ticket IDs
 ticket: 8711 (new)
 (cherry picked from commit c1e1bfa26bd2f045e88e6013c500fca9428c98f3)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/kdc/kdc_audit.c | 21 ++++++++++-----------
 1 file changed, 10 insertions(+), 11 deletions(-)
--- a/Use-k5_buf_init_dynamic_zap-where-appropriate.patch
+++ b/Use-k5_buf_init_dynamic_zap-where-appropriate.patch
@ -4,7 +4,6 @@ Date: Mon, 26 Mar 2018 11:24:49 -0400
 Subject: [PATCH] Use k5_buf_init_dynamic_zap where appropriate
 (cherry picked from commit 9172599008f3a6790d4a9a67acff58049742dcb6)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/lib/krb5/ccache/cc_file.c    | 4 ++--
 src/lib/krb5/ccache/cc_keyring.c | 2 +-
--- a/Use-libkrb5support-hex-functions-where-appropriate.patch
+++ b/Use-libkrb5support-hex-functions-where-appropriate.patch
@ -4,7 +4,6 @@ Date: Mon, 19 Feb 2018 00:52:35 -0500
 Subject: [PATCH] Use libkrb5support hex functions where appropriate
 (cherry picked from commit b0c700608be7455041a8afc0e4502e8783ee7f30)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/kadmin/dbutil/deps                        | 16 ++---
 src/kadmin/dbutil/tabdump.c                   | 19 +++---
--- a/Zap-copy-of-secret-in-RC4-string-to-key.patch
+++ b/Zap-copy-of-secret-in-RC4-string-to-key.patch
@ -11,7 +11,6 @@ freed as the input string typically contains a password.
 [ghudson@mit.edu: rewrote commit message]
 ticket: 8713 (new)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/lib/crypto/krb/s2k_rc4.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
--- a/Zap-data-when-freeing-krb5_spake_factor.patch
+++ b/Zap-data-when-freeing-krb5_spake_factor.patch
@ -8,7 +8,6 @@ second-factor SPAKE is implemented, so should be zapped when freed.
 ticket: 8647
 (cherry picked from commit 9cc94a3f1ce06a4430f684300a747ec079102403)
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/lib/krb5/krb/kfree.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)
--- a/krb5-1.11-kpasswdtest.patch
+++ b/krb5-1.11-kpasswdtest.patch
@ -3,7 +3,6 @@ From: Robbie Harwood <rharwood@redhat.com>
 Date: Tue, 23 Aug 2016 16:52:01 -0400
 Subject: [PATCH] krb5-1.11-kpasswdtest.patch
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/kadmin/testing/proto/krb5.conf.proto | 1 +
 1 file changed, 1 insertion(+)
--- a/krb5-1.11-run_user_0.patch
+++ b/krb5-1.11-run_user_0.patch
@ -6,8 +6,6 @@ Subject: [PATCH] krb5-1.11-run_user_0.patch
 A hack: if we're looking at creating a ccache directory directly below
 the /run/user/0 directory, and /run/user/0 doesn't exist, try to create
 it, too.
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/lib/krb5/ccache/cc_dir.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
--- a/krb5-1.12-api.patch
+++ b/krb5-1.12-api.patch
@ -6,8 +6,6 @@ Subject: [PATCH] krb5-1.12-api.patch
 Reference docs don't define what happens if you call krb5_realm_compare() with
 malformed krb5_principal structures.  Define a behavior which keeps it from
 crashing if applications don't check ahead of time.
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/lib/krb5/krb/princ_comp.c | 7 +++++++
 1 file changed, 7 insertions(+)
--- a/krb5-1.12-ksu-path.patch
+++ b/krb5-1.12-ksu-path.patch
@ -4,8 +4,6 @@ Date: Tue, 23 Aug 2016 16:32:09 -0400
 Subject: [PATCH] krb5-1.12-ksu-path.patch
 Set the default PATH to the one set by login.
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/clients/ksu/Makefile.in | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
--- a/krb5-1.12-ktany.patch
+++ b/krb5-1.12-ktany.patch
@ -6,8 +6,6 @@ Subject: [PATCH] krb5-1.12-ktany.patch
 Adds an "ANY" keytab type which is a list of other keytab locations to search
 when searching for a specific entry.  When iterated through, it only presents
 the contents of the first keytab.
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/lib/krb5/keytab/Makefile.in |   3 +
 src/lib/krb5/keytab/kt_any.c    | 292 ++++++++++++++++++++++++++++++++
--- a/krb5-1.12.1-pam.patch
+++ b/krb5-1.12.1-pam.patch
@ -16,8 +16,6 @@ When enabled, ksu gains a dependency on libpam.
 Originally RT#5939, though it's changed since then to perform the account
 and session management before dropping privileges, and to apply on top of
 changes we're proposing for how it handles cache collections.
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/aclocal.m4              |  67 +++++++
 src/clients/ksu/Makefile.in |   8 +-
--- a/krb5-1.13-dirsrv-accountlock.patch
+++ b/krb5-1.13-dirsrv-accountlock.patch
@ -5,8 +5,6 @@ Subject: [PATCH] krb5-1.13-dirsrv-accountlock.patch
 Treat 'nsAccountLock: true' the same as 'loginDisabled: true'.  Updated from
 original version filed as RT#5891.
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/aclocal.m4                                  |  9 +++++++++
 src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c    | 17 +++++++++++++++++
--- a/krb5-1.15-beta1-buildconf.patch
+++ b/krb5-1.15-beta1-buildconf.patch
@ -8,8 +8,6 @@ and install shared libraries with the execute bit set on them.  Prune out
 the -L/usr/lib* and PIE flags where they might leak out and affect
 apps which just want to link with the libraries. FIXME: needs to check and
 not just assume that the compiler supports using these flags.
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/build-tools/krb5-config.in | 7 +++++++
 src/config/pre.in              | 2 +-
--- a/krb5-1.15.1-selinux-label.patch
+++ b/krb5-1.15.1-selinux-label.patch
@ -35,8 +35,6 @@ stomp all over us.
 The selabel APIs for looking up the context should be thread-safe (per
 Red Hat #273081), so switching to using them instead of matchpathcon(),
 which we used earlier, is some improvement.
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/aclocal.m4                                |  49 +++
 src/build-tools/krb5-config.in                |   3 +-
--- a/krb5-1.3.1-dns.patch
+++ b/krb5-1.3.1-dns.patch
@ -4,8 +4,6 @@ Date: Tue, 23 Aug 2016 16:46:21 -0400
 Subject: [PATCH] krb5-1.3.1-dns.patch
 We want to be able to use --with-netlib and --enable-dns at the same time.
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/aclocal.m4 | 1 +
 1 file changed, 1 insertion(+)
--- a/krb5-1.9-debuginfo.patch
+++ b/krb5-1.9-debuginfo.patch
@ -6,8 +6,6 @@ Subject: [PATCH] krb5-1.9-debuginfo.patch
 We want to keep these y.tab.c files around because the debuginfo points to
 them.  It would be more elegant at the end to use symbolic links, but that
 could mess up people working in the tree on other things.
 Signed-off-by: Robbie Harwood <rharwood@redhat.com>
 ---
 src/kadmin/cli/Makefile.in                 | 5 +++++
 src/plugins/kdb/ldap/ldap_util/Makefile.in | 2 +-
--- a/krb5.spec
+++ b/krb5.spec
@ -18,7 +18,7 @@ Summary: The Kerberos network authentication system
 Name: krb5
 Version: 1.16.1
 # for prerelease, should be e.g., 0.% {prerelease}.1% { ?dist } (without spaces)
-Release: 18%{?dist}
+Release: 19%{?dist}
 # lookaside-cached sources; two downloads and a build artifact
 Source0: https://web.mit.edu/kerberos/dist/krb5/1.16/krb5-%{version}%{prerelease}.tar.gz
@ -102,6 +102,7 @@ Patch82: Eliminate-preprocessor-disabled-dead-code.patch
 Patch83: Make-krb5kdc-p-affect-TCP-ports.patch
 Patch84: Remove-outdated-note-in-krb5kdc-man-page.patch
 Patch85: Fix-k5test-prompts-for-Python-3.patch
 Patch86: In-FIPS-mode-add-plaintext-fallback-for-RC4-usages-a.patch
 License: MIT
 URL: http://web.mit.edu/kerberos/www/
@ -748,6 +749,9 @@ exit 0
 %{_libdir}/libkadm5srv_mit.so.*
 %changelog
 * Wed Aug 01 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-19
 - In FIPS mode, add plaintext fallback for RC4 usages and taint
 * Thu Jul 26 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-18
 - Fix k5test prompts for Python 3