From 087d150e4afe47a8d269d5e80dcef2204b007ceb Mon Sep 17 00:00:00 2001 From: Julien Rische Date: Wed, 16 Aug 2023 10:00:30 +0200 Subject: [PATCH] Revert "Don't issue session keys with deprecated enctypes" This reverts commit 1b57a4d134bbd0e7c52d5885a92eccc815726463. --- doc/admin/conf_files/krb5_conf.rst | 12 ------------ doc/admin/enctypes.rst | 23 +++------------------- src/include/k5-int.h | 4 ---- src/kdc/kdc_util.c | 10 ---------- src/lib/krb5/krb/get_in_tkt.c | 31 +++++++++++------------------- src/lib/krb5/krb/init_ctx.c | 10 ---------- src/tests/gssapi/t_enctypes.py | 3 +-- src/tests/t_etype_info.py | 2 +- src/tests/t_sesskeynego.py | 28 ++------------------------- src/util/k5test.py | 4 ++-- 10 files changed, 20 insertions(+), 107 deletions(-) diff --git a/doc/admin/conf_files/krb5_conf.rst b/doc/admin/conf_files/krb5_conf.rst index ecdf917501..f22d5db11b 100644 --- a/doc/admin/conf_files/krb5_conf.rst +++ b/doc/admin/conf_files/krb5_conf.rst @@ -95,18 +95,6 @@ Additionally, krb5.conf may include any of the relations described in The libdefaults section may contain any of the following relations: -**allow_des3** - Permit the KDC to issue tickets with des3-cbc-sha1 session keys. - In future releases, this flag will allow des3-cbc-sha1 to be used - at all. The default value for this tag is false. (Added in - release 1.21.) - -**allow_rc4** - Permit the KDC to issue tickets with arcfour-hmac session keys. - In future releases, this flag will allow arcfour-hmac to be used - at all. The default value for this tag is false. (Added in - release 1.21.) - **allow_weak_crypto** If this flag is set to false, then weak encryption types (as noted in :ref:`Encryption_types` in :ref:`kdc.conf(5)`) will be filtered diff --git a/doc/admin/enctypes.rst b/doc/admin/enctypes.rst index dce19ad43e..694922c0d9 100644 --- a/doc/admin/enctypes.rst +++ b/doc/admin/enctypes.rst @@ -48,15 +48,12 @@ Session key selection The KDC chooses the session key enctype by taking the intersection of its **permitted_enctypes** list, the list of long-term keys for the most recent kvno of the service, and the client's requested list of -enctypes. Starting in krb5-1.21, all services are assumed to support -aes256-cts-hmac-sha1-96; also, des3-cbc-sha1 and arcfour-hmac session -keys will not be issued by default. +enctypes. Starting in krb5-1.11, it is possible to set a string attribute on a service principal to control what session key enctypes the KDC may -issue for service tickets for that principal, overriding the service's -long-term keys and the assumption of aes256-cts-hmac-sha1-96 support. -See :ref:`set_string` in :ref:`kadmin(1)` for details. +issue for service tickets for that principal. See :ref:`set_string` +in :ref:`kadmin(1)` for details. Choosing enctypes for a service @@ -90,20 +87,6 @@ affect how enctypes are chosen. acceptable risk for your environment and the weak enctypes are required for backward compatibility. -**allow_des3** - was added in release 1.21 and defaults to *false*. Unless this - flag is set to *true*, the KDC will not issue tickets with - des3-cbc-sha1 session keys. In a future release, this flag will - control whether des3-cbc-sha1 is permitted in similar fashion to - weak enctypes. - -**allow_rc4** - was added in release 1.21 and defaults to *false*. Unless this - flag is set to *true*, the KDC will not issue tickets with - arcfour-hmac session keys. In a future release, this flag will - control whether arcfour-hmac is permitted in similar fashion to - weak enctypes. - **permitted_enctypes** controls the set of enctypes that a service will permit for session keys and for ticket and authenticator encryption. The KDC diff --git a/src/include/k5-int.h b/src/include/k5-int.h index 2f7791b775..1d1c8293f4 100644 --- a/src/include/k5-int.h +++ b/src/include/k5-int.h @@ -180,8 +180,6 @@ typedef unsigned char u_char; * matches the variable name. Keep these alphabetized. */ #define KRB5_CONF_ACL_FILE "acl_file" #define KRB5_CONF_ADMIN_SERVER "admin_server" -#define KRB5_CONF_ALLOW_DES3 "allow_des3" -#define KRB5_CONF_ALLOW_RC4 "allow_rc4" #define KRB5_CONF_ALLOW_WEAK_CRYPTO "allow_weak_crypto" #define KRB5_CONF_AUTH_TO_LOCAL "auth_to_local" #define KRB5_CONF_AUTH_TO_LOCAL_NAMES "auth_to_local_names" @@ -1240,8 +1238,6 @@ struct _krb5_context { struct _kdb_log_context *kdblog_context; krb5_boolean allow_weak_crypto; - krb5_boolean allow_des3; - krb5_boolean allow_rc4; krb5_boolean ignore_acceptor_hostname; krb5_boolean enforce_ok_as_delegate; enum dns_canonhost dns_canonicalize_hostname; diff --git a/src/kdc/kdc_util.c b/src/kdc/kdc_util.c index e54cc751f9..75e04b73db 100644 --- a/src/kdc/kdc_util.c +++ b/src/kdc/kdc_util.c @@ -1088,16 +1088,6 @@ select_session_keytype(krb5_context context, krb5_db_entry *server, if (!krb5_is_permitted_enctype(context, ktype[i])) continue; - /* - * Prevent these deprecated enctypes from being used as session keys - * unless they are explicitly allowed. In the future they will be more - * comprehensively disabled and eventually removed. - */ - if (ktype[i] == ENCTYPE_DES3_CBC_SHA1 && !context->allow_des3) - continue; - if (ktype[i] == ENCTYPE_ARCFOUR_HMAC && !context->allow_rc4) - continue; - if (dbentry_supports_enctype(context, server, ktype[i])) return ktype[i]; } diff --git a/src/lib/krb5/krb/get_in_tkt.c b/src/lib/krb5/krb/get_in_tkt.c index ea089f0fcc..1b420a3ac2 100644 --- a/src/lib/krb5/krb/get_in_tkt.c +++ b/src/lib/krb5/krb/get_in_tkt.c @@ -1582,31 +1582,22 @@ warn_pw_expiry(krb5_context context, krb5_get_init_creds_opt *options, (*prompter)(context, data, 0, banner, 0, 0); } -/* Display a warning via the prompter if a deprecated enctype was used for - * either the reply key or the session key. */ +/* Display a warning via the prompter if des3-cbc-sha1 was used for either the + * reply key or the session key. */ static void -warn_deprecated(krb5_context context, krb5_init_creds_context ctx, - krb5_enctype as_key_enctype) +warn_des3(krb5_context context, krb5_init_creds_context ctx, + krb5_enctype as_key_enctype) { - krb5_enctype etype; - char encbuf[128], banner[256]; + const char *banner; - if (ctx->prompter == NULL) - return; - - if (krb5int_c_deprecated_enctype(as_key_enctype)) - etype = as_key_enctype; - else if (krb5int_c_deprecated_enctype(ctx->cred.keyblock.enctype)) - etype = ctx->cred.keyblock.enctype; - else + if (as_key_enctype != ENCTYPE_DES3_CBC_SHA1 && + ctx->cred.keyblock.enctype != ENCTYPE_DES3_CBC_SHA1) return; - - if (krb5_enctype_to_name(etype, FALSE, encbuf, sizeof(encbuf)) != 0) + if (ctx->prompter == NULL) return; - snprintf(banner, sizeof(banner), - _("Warning: encryption type %s used for authentication is " - "deprecated and will be disabled"), encbuf); + banner = _("Warning: encryption type des3-cbc-sha1 used for " + "authentication is weak and will be disabled"); /* PROMPTER_INVOCATION */ (*ctx->prompter)(context, ctx->prompter_data, NULL, banner, 0, NULL); } @@ -1857,7 +1848,7 @@ init_creds_step_reply(krb5_context context, ctx->complete = TRUE; warn_pw_expiry(context, ctx->opt, ctx->prompter, ctx->prompter_data, ctx->in_tkt_service, ctx->reply); - warn_deprecated(context, ctx, encrypting_key.enctype); + warn_des3(context, ctx, encrypting_key.enctype); cleanup: krb5_free_pa_data(context, kdc_padata); diff --git a/src/lib/krb5/krb/init_ctx.c b/src/lib/krb5/krb/init_ctx.c index a6c2bbeb54..87b486c53f 100644 --- a/src/lib/krb5/krb/init_ctx.c +++ b/src/lib/krb5/krb/init_ctx.c @@ -221,16 +221,6 @@ krb5_init_context_profile(profile_t profile, krb5_flags flags, goto cleanup; ctx->allow_weak_crypto = tmp; - retval = get_boolean(ctx, KRB5_CONF_ALLOW_DES3, 0, &tmp); - if (retval) - goto cleanup; - ctx->allow_des3 = tmp; - - retval = get_boolean(ctx, KRB5_CONF_ALLOW_RC4, 0, &tmp); - if (retval) - goto cleanup; - ctx->allow_rc4 = tmp; - retval = get_boolean(ctx, KRB5_CONF_IGNORE_ACCEPTOR_HOSTNAME, 0, &tmp); if (retval) goto cleanup; diff --git a/src/tests/gssapi/t_enctypes.py b/src/tests/gssapi/t_enctypes.py index f5f11842e2..7494d7fcdb 100755 --- a/src/tests/gssapi/t_enctypes.py +++ b/src/tests/gssapi/t_enctypes.py @@ -18,8 +18,7 @@ d_rc4 = 'DEPRECATED:arcfour-hmac' # These tests make assumptions about the default enctype lists, so set # them explicitly rather than relying on the library defaults. supp='aes256-cts:normal aes128-cts:normal des3-cbc-sha1:normal rc4-hmac:normal' -conf = {'libdefaults': {'permitted_enctypes': 'aes des3 rc4', - 'allow_des3': 'true', 'allow_rc4': 'true'}, +conf = {'libdefaults': {'permitted_enctypes': 'aes des3 rc4'}, 'realms': {'$realm': {'supported_enctypes': supp}}} realm = K5Realm(krb5_conf=conf) shutil.copyfile(realm.ccache, os.path.join(realm.testdir, 'save')) diff --git a/src/tests/t_etype_info.py b/src/tests/t_etype_info.py index 38cf96ca8f..c982508d8b 100644 --- a/src/tests/t_etype_info.py +++ b/src/tests/t_etype_info.py @@ -1,7 +1,7 @@ from k5test import * supported_enctypes = 'aes128-cts des3-cbc-sha1 rc4-hmac' -conf = {'libdefaults': {'allow_des3': 'true', 'allow_rc4': 'true'}, +conf = {'libdefaults': {'allow_weak_crypto': 'true'}, 'realms': {'$realm': {'supported_enctypes': supported_enctypes}}} realm = K5Realm(create_host=False, get_creds=False, krb5_conf=conf) diff --git a/src/tests/t_sesskeynego.py b/src/tests/t_sesskeynego.py index 5a213617b5..9024aee838 100755 --- a/src/tests/t_sesskeynego.py +++ b/src/tests/t_sesskeynego.py @@ -25,8 +25,6 @@ conf3 = {'libdefaults': { 'default_tkt_enctypes': 'aes128-cts', 'default_tgs_enctypes': 'rc4-hmac,aes128-cts'}} conf4 = {'libdefaults': {'permitted_enctypes': 'aes256-cts'}} -conf5 = {'libdefaults': {'allow_rc4': 'true'}} -conf6 = {'libdefaults': {'allow_des3': 'true'}} # Test with client request and session_enctypes preferring aes128, but # aes256 long-term key. realm = K5Realm(krb5_conf=conf1, create_host=False, get_creds=False) @@ -56,12 +54,10 @@ realm.run([kadminl, 'setstr', 'server', 'session_enctypes', 'aes128-cts,aes256-cts']) test_kvno(realm, 'aes128-cts-hmac-sha1-96', 'aes256-cts-hmac-sha1-96') -# 3b: Skip RC4 (as the KDC does not allow it for session keys by -# default) and negotiate aes128-cts session key, with only an aes256 -# long-term service key. +# 3b: Negotiate rc4-hmac session key when principal only has aes256 long-term. realm.run([kadminl, 'setstr', 'server', 'session_enctypes', 'rc4-hmac,aes128-cts,aes256-cts']) -test_kvno(realm, 'aes128-cts-hmac-sha1-96', 'aes256-cts-hmac-sha1-96') +test_kvno(realm, 'DEPRECATED:arcfour-hmac', 'aes256-cts-hmac-sha1-96') realm.stop() # 4: Check that permitted_enctypes is a default for session key enctypes. @@ -71,24 +67,4 @@ realm.run([kvno, 'user'], expected_trace=('etypes requested in TGS request: aes256-cts',)) realm.stop() -# 5: allow_rc4 permits negotiation of rc4-hmac session key. -realm = K5Realm(krb5_conf=conf5, create_host=False, get_creds=False) -realm.run([kadminl, 'addprinc', '-randkey', '-e', 'aes256-cts', 'server']) -realm.run([kadminl, 'setstr', 'server', 'session_enctypes', 'rc4-hmac']) -test_kvno(realm, 'DEPRECATED:arcfour-hmac', 'aes256-cts-hmac-sha1-96') -realm.stop() - -# 6: allow_des3 permits negotiation of des3-cbc-sha1 session key. -realm = K5Realm(krb5_conf=conf6, create_host=False, get_creds=False) -realm.run([kadminl, 'addprinc', '-randkey', '-e', 'aes256-cts', 'server']) -realm.run([kadminl, 'setstr', 'server', 'session_enctypes', 'des3-cbc-sha1']) -test_kvno(realm, 'DEPRECATED:des3-cbc-sha1', 'aes256-cts-hmac-sha1-96') -realm.stop() - -# 7: default config negotiates aes256-sha1 session key for RC4-only service. -realm = K5Realm(create_host=False, get_creds=False) -realm.run([kadminl, 'addprinc', '-randkey', '-e', 'rc4-hmac', 'server']) -test_kvno(realm, 'aes256-cts-hmac-sha1-96', 'DEPRECATED:arcfour-hmac') -realm.stop() - success('sesskeynego') diff --git a/src/util/k5test.py b/src/util/k5test.py index 8e5f5ba8e9..2a86c5cdfc 100644 --- a/src/util/k5test.py +++ b/src/util/k5test.py @@ -1340,14 +1340,14 @@ _passes = [ # Exercise the DES3 enctype. ('des3', None, - {'libdefaults': {'permitted_enctypes': 'des3 aes256-sha1'}}, + {'libdefaults': {'permitted_enctypes': 'des3'}}, {'realms': {'$realm': { 'supported_enctypes': 'des3-cbc-sha1:normal', 'master_key_type': 'des3-cbc-sha1'}}}), # Exercise the arcfour enctype. ('arcfour', None, - {'libdefaults': {'permitted_enctypes': 'rc4 aes256-sha1'}}, + {'libdefaults': {'permitted_enctypes': 'rc4'}}, {'realms': {'$realm': { 'supported_enctypes': 'arcfour-hmac:normal', 'master_key_type': 'arcfour-hmac'}}}), -- 2.41.0