[hcoop/debian/openafs.git] / debian / patches / 0002-aklog-require-opt-in-to-enable-single-DES-in-libkrb5.patch

From: Benjamin Kaduk <kaduk@mit.edu>
Date: Thu, 11 Jul 2019 21:07:35 -0700
Subject: aklog: require opt-in to enable single-DES in libkrb5

Since the introduction of rxkad-k5 in response to OPENAFS-SA-2013-003,
it is not strictly necessary to configure libkrb5 to allow weak crypto
in order to obtain an AFS token.  A sufficient amount of time has passed
since then that it is safe to assume that the default behavior is the
more-secure one, and require opt-in for the insecure behavior.

To indicate that the use of single-DES is quite risky, add the
"-insecure_des" argument to both klog and aklog, to gate the
preexisting calls that enable weak crypto/single-DES.
These calls, and the -insecure_des option, may be removed entirely
in a future commit.

Change-Id: If175d0f95f0ede0f252844086a2a023da5580732
Reviewed-on: https://gerrit.openafs.org/13689
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit eaae6eba8ca10ba7a5a20ee0d1b5f91bc2bac6c6)
---
 doc/man-pages/pod1/aklog.pod     |  9 +++++++--
 doc/man-pages/pod1/klog.krb5.pod | 10 ++++++++--
 src/aklog/aklog.c                | 39 +++++++++++++++++++++++++--------------
 src/aklog/klog.c                 | 13 +++++++++----
 4 files changed, 49 insertions(+), 22 deletions(-)

diff --git a/doc/man-pages/pod1/aklog.pod b/doc/man-pages/pod1/aklog.pod
index eb1727b..0d67ea1 100644
--- a/doc/man-pages/pod1/aklog.pod
+++ b/doc/man-pages/pod1/aklog.pod
@@ -8,11 +8,11 @@ aklog - Obtain tokens for authentication to AFS
 <div class="synopsis">
 
 B<aklog> [B<-d>] [B<-hosts>] [B<-zsubs>] [B<-noprdb>] [B<-noauth>] [B<-linked>]
-    [B<-force>] [B<-524>] [B<-setpag>]
+    [B<-force>] [B<-524>] [B<-setpag>] [B<-insecure_des>]
     S<<< [[B<-cell> | B<-c>] <I<cell>> [B<-k> <I<Kerberos realm>>]]+ >>>
 
 B<aklog> [B<-d>] [B<-hosts>] [B<-zsubs>] [B<-noprdb>] [B<-noauth>] [B<-linked>]
-    [B<-force>] [B<-524>] [B<-setpag>] [B<-path> | B<-p>] <I<path>>+
+    [B<-force>] [B<-524>] [B<-setpag>] [B<-insecure_des>] [B<-path> | B<-p>] <I<path>>+
 
 =for html
 </div>
@@ -119,6 +119,11 @@ normally won't be necessary.
 
 If the AFS cell is linked to another AFS cell, get tokens for both.
 
+-item B<-insecure_des>
+
+Configure libkrb5 to allow the use of the (insecure) single-DES encryption
+types.  When rxkad-k5 is in use, this is not needed.
+
 =item B<-noauth>
 
 Don't actually authenticate, just do everything else B<aklog> does up to
diff --git a/doc/man-pages/pod1/klog.krb5.pod b/doc/man-pages/pod1/klog.krb5.pod
index 023deee..05d671c 100644
--- a/doc/man-pages/pod1/klog.krb5.pod
+++ b/doc/man-pages/pod1/klog.krb5.pod
@@ -11,14 +11,15 @@ B<klog.krb5> [B<-x>] S<<< [B<-principal> <I<user name>>] >>>
     [-password <I<user's password>>] S<<< [B<-cell> <I<cell name>>] >>>
     S<<< [B<-k> <I<realm>>] >>> [B<-pipe>] [B<-silent>]
     S<<< [B<-lifetime> <I<ticket lifetime in hh[:mm[:ss]]>>] >>>
-    [B<-setpag>] [B<-tmp>] [B<-noprdb>] [B<-unwrap>] [B<-help>]
+    [B<-setpag>] [B<-tmp>] [B<-noprdb>] [B<-unwrap>] [B<-insecure_des>]
+    [B<-help>]
 
 B<klog.krb5> [B<-x>] S<<< [B<-pr> <I<user name>>] >>>
     S<<< [B<-pa> <I<user's password>>] >>>
     S<<< [B<-c> <I<cell name>>] >>>
     B<<< [B<-k> <I<realm>>] >>> [B<-pi>] [B<-si>]
     S<<< [B<-l> <I<ticket lifetime in hh[:mm[:ss]]>>] >>>
-    [B<-se>] [B<-t>] [B<-n>] [B<-u>] [B<-h>]
+    [B<-se>] [B<-t>] [B<-n>] [B<-u>] [B<-i>] [B<-h>]
 
 =for html
 </div>
@@ -227,6 +228,11 @@ sizes in conjunction with Active Directory as the Kerberos server, using
 B<-unwrap> can shrink the AFS token size so that older software can handle
 it more easily.
 
+=item B<-insecure_des>
+
+Configures libkrb5 to allow the use of the (insecure) single-DES encryption
+types.  When rxkad-k5 is in use, this is not needed.
+
 =item B<-help>
 
 Prints the online help for this command. All other valid options are
diff --git a/src/aklog/aklog.c b/src/aklog/aklog.c
index 49cb782..8d2ac35 100644
--- a/src/aklog/aklog.c
+++ b/src/aklog/aklog.c
@@ -1427,7 +1427,7 @@ usage(void)
 	    "[-d] [[-cell | -c] cell [-k krb_realm]] ",
 	    "[[-p | -path] pathname]\n",
 	    "    [-zsubs] [-hosts] [-noauth] [-noprdb] [-force] [-setpag] \n"
-		"    [-linked]"
+		"    [-linked] [-insecure_des]"
 #ifndef HAVE_NO_KRB5_524
 		" [-524]"
 #endif
@@ -1446,6 +1446,7 @@ usage(void)
 #ifndef HAVE_NO_KRB5_524
     fprintf(stderr, "    -524 means use the 524 converter instead of V5 directly\n");
 #endif
+    fprintf(stderr, "    -insecure_des enables insecure single-DES for krb5.\n");
     fprintf(stderr, "    No commandline arguments means ");
     fprintf(stderr, "authenticate to the local cell.\n");
     fprintf(stderr, "\n");
@@ -1459,6 +1460,7 @@ main(int argc, char *argv[])
     int status = AKLOG_SUCCESS;
     int i;
     int somethingswrong = FALSE;
+    int insecure_des = 0;
 
     cellinfo_t cellinfo;
 
@@ -1538,19 +1540,6 @@ main(int argc, char *argv[])
     initialize_PT_error_table();
     afs_set_com_err_hook(redirect_errors);
 
-    /*
-     * Enable DES enctypes, which are currently still required for AFS.
-     * krb5_allow_weak_crypto is MIT Kerberos 1.8.  krb5_enctype_enable is
-     * Heimdal.
-     */
-#if defined(HAVE_KRB5_ENCTYPE_ENABLE)
-    i = krb5_enctype_valid(context, ETYPE_DES_CBC_CRC);
-    if (i)
-        krb5_enctype_enable(context, ETYPE_DES_CBC_CRC);
-#elif defined(HAVE_KRB5_ALLOW_WEAK_CRYPTO)
-    krb5_allow_weak_crypto(context, 1);
-#endif
-
     /* Initialize list of cells to which we have authenticated */
     ll_init(&authedcells);
 
@@ -1610,6 +1599,8 @@ main(int argc, char *argv[])
 	    }
 	    else
 		usage();
+	else if (strcmp(argv[i], "-insecure_des") == 0)
+	    insecure_des = 1;
 	else if (argv[i][0] == '-')
 	    usage();
 	else if (!pmode && !cmode) {
@@ -1626,6 +1617,26 @@ main(int argc, char *argv[])
 	else
 	    usage();
 
+    /*
+     * Enable DES enctypes if requested.  This is not required when rxkad-k5
+     * is used, but some sites may not have updated.
+     * krb5_allow_weak_crypto is MIT Kerberos 1.8.  krb5_enctype_enable is
+     * Heimdal.
+     */
+    if (insecure_des) {
+#if defined(HAVE_KRB5_ENCTYPE_ENABLE)
+	i = krb5_enctype_valid(context, ETYPE_DES_CBC_CRC);
+	if (i)
+	    krb5_enctype_enable(context, ETYPE_DES_CBC_CRC);
+#elif defined(HAVE_KRB5_ALLOW_WEAK_CRYPTO)
+	krb5_allow_weak_crypto(context, 1);
+#else
+	fprintf(stderr,
+	    "%s: -insecure_des is not supported by this libkrb5\n", progname);
+	exit(AKLOG_MISC);
+#endif
+    }
+
 	if (cmode) {
 	    if (((i + 1) < argc) && (strcmp(argv[i + 1], "-k") == 0)) {
 		i+=2;
diff --git a/src/aklog/klog.c b/src/aklog/klog.c
index 9677ffa..edf16e0 100644
--- a/src/aklog/klog.c
+++ b/src/aklog/klog.c
@@ -116,6 +116,7 @@ main(int argc, char *argv[])
 #define aUNWRAP 11
 #define aK5 12
 #define aK4 13
+#define aDES 14
 
     cmd_AddParm(ts, "-x", CMD_FLAG, CMD_OPTIONAL, "obsolete, noop");
     cmd_Seek(ts, aPRINCIPAL);
@@ -141,6 +142,8 @@ main(int argc, char *argv[])
     ++ts->nParms;	/* skip -k5 */
     cmd_AddParm(ts, "-k4", CMD_FLAG, CMD_OPTIONAL|CMD_HIDDEN, 0);
 #endif
+    cmd_AddParm(ts, "-insecure_des", CMD_FLAG, CMD_OPTIONAL,
+		"enable insecure single-DES for krb5");
 
     code = cmd_Dispatch(argc, argv);
     KLOGEXIT(code);
@@ -413,13 +416,15 @@ CommandProc(struct cmd_syndesc *as, void *arock)
      * krb5_allow_weak_crypto is MIT Kerberos 1.8.  krb5_enctype_enable is
      * Heimdal.
      */
+    if (as->parms[aDES].items) {
 #if defined(HAVE_KRB5_ENCTYPE_ENABLE)
-    i = krb5_enctype_valid(k5context, ETYPE_DES_CBC_CRC);
-    if (i)
-        krb5_enctype_enable(k5context, ETYPE_DES_CBC_CRC);
+	i = krb5_enctype_valid(k5context, ETYPE_DES_CBC_CRC);
+	if (i)
+	    krb5_enctype_enable(k5context, ETYPE_DES_CBC_CRC);
 #elif defined(HAVE_KRB5_ALLOW_WEAK_CRYPTO)
-    krb5_allow_weak_crypto(k5context, 1);
+	krb5_allow_weak_crypto(k5context, 1);
 #endif
+    }
 
     /* Parse remaining arguments. */
Commit	Line	Data
b7cfede0 BK	1	From: Benjamin Kaduk <kaduk@mit.edu>
	2	Date: Thu, 11 Jul 2019 21:07:35 -0700
	3	Subject: aklog: require opt-in to enable single-DES in libkrb5
	4
	5	Since the introduction of rxkad-k5 in response to OPENAFS-SA-2013-003,
	6	it is not strictly necessary to configure libkrb5 to allow weak crypto
	7	in order to obtain an AFS token. A sufficient amount of time has passed
	8	since then that it is safe to assume that the default behavior is the
	9	more-secure one, and require opt-in for the insecure behavior.
	10
	11	To indicate that the use of single-DES is quite risky, add the
	12	"-insecure_des" argument to both klog and aklog, to gate the
	13	preexisting calls that enable weak crypto/single-DES.
	14	These calls, and the -insecure_des option, may be removed entirely
	15	in a future commit.
	16
	17	Change-Id: If175d0f95f0ede0f252844086a2a023da5580732
	18	Reviewed-on: https://gerrit.openafs.org/13689
	19	Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
	20	Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
	21	Tested-by: Benjamin Kaduk <kaduk@mit.edu>
	22	(cherry picked from commit eaae6eba8ca10ba7a5a20ee0d1b5f91bc2bac6c6)
	23	---
	24	doc/man-pages/pod1/aklog.pod \| 9 +++++++--
	25	doc/man-pages/pod1/klog.krb5.pod \| 10 ++++++++--
	26	src/aklog/aklog.c \| 39 +++++++++++++++++++++++++--------------
	27	src/aklog/klog.c \| 13 +++++++++----
	28	4 files changed, 49 insertions(+), 22 deletions(-)
	29
	30	diff --git a/doc/man-pages/pod1/aklog.pod b/doc/man-pages/pod1/aklog.pod
	31	index eb1727b..0d67ea1 100644
	32	--- a/doc/man-pages/pod1/aklog.pod
	33	+++ b/doc/man-pages/pod1/aklog.pod
	34	@@ -8,11 +8,11 @@ aklog - Obtain tokens for authentication to AFS
	35	<div class="synopsis">
	36
	37	B<aklog> [B<-d>] [B<-hosts>] [B<-zsubs>] [B<-noprdb>] [B<-noauth>] [B<-linked>]
	38	- [B<-force>] [B<-524>] [B<-setpag>]
	39	+ [B<-force>] [B<-524>] [B<-setpag>] [B<-insecure_des>]
	40	S<<< [[B<-cell> \| B<-c>] <I<cell>> [B<-k> <I<Kerberos realm>>]]+ >>>
	41
	42	B<aklog> [B<-d>] [B<-hosts>] [B<-zsubs>] [B<-noprdb>] [B<-noauth>] [B<-linked>]
	43	- [B<-force>] [B<-524>] [B<-setpag>] [B<-path> \| B<-p>] <I<path>>+
	44	+ [B<-force>] [B<-524>] [B<-setpag>] [B<-insecure_des>] [B<-path> \| B<-p>] <I<path>>+
	45
	46	=for html
	47	</div>
	48	@@ -119,6 +119,11 @@ normally won't be necessary.
	49
	50	If the AFS cell is linked to another AFS cell, get tokens for both.
	51
	52	+-item B<-insecure_des>
	53	+
	54	+Configure libkrb5 to allow the use of the (insecure) single-DES encryption
	55	+types. When rxkad-k5 is in use, this is not needed.
	56	+
	57	=item B<-noauth>
	58
	59	Don't actually authenticate, just do everything else B<aklog> does up to
	60	diff --git a/doc/man-pages/pod1/klog.krb5.pod b/doc/man-pages/pod1/klog.krb5.pod
	61	index 023deee..05d671c 100644
	62	--- a/doc/man-pages/pod1/klog.krb5.pod
	63	+++ b/doc/man-pages/pod1/klog.krb5.pod
	64	@@ -11,14 +11,15 @@ B<klog.krb5> [B<-x>] S<<< [B<-principal> <I<user name>>] >>>
65	[-password <I<user's password>>] S<<< [B<-cell> <I<cell name>>] >>>
66	S<<< [B<-k> <I<realm>>] >>> [B<-pipe>] [B<-silent>]
67	S<<< [B<-lifetime> <I<ticket lifetime in hh[:mm[:ss]]>>] >>>
68	- [B<-setpag>] [B<-tmp>] [B<-noprdb>] [B<-unwrap>] [B<-help>]
69	+ [B<-setpag>] [B<-tmp>] [B<-noprdb>] [B<-unwrap>] [B<-insecure_des>]
70	+ [B<-help>]
71
72	B<klog.krb5> [B<-x>] S<<< [B<-pr> <I<user name>>] >>>
73	S<<< [B<-pa> <I<user's password>>] >>>
74	S<<< [B<-c> <I<cell name>>] >>>
75	B<<< [B<-k> <I<realm>>] >>> [B<-pi>] [B<-si>]
76	S<<< [B<-l> <I<ticket lifetime in hh[:mm[:ss]]>>] >>>
77	- [B<-se>] [B<-t>] [B<-n>] [B<-u>] [B<-h>]
78	+ [B<-se>] [B<-t>] [B<-n>] [B<-u>] [B<-i>] [B<-h>]
79
80	=for html
81	</div>
82	@@ -227,6 +228,11 @@ sizes in conjunction with Active Directory as the Kerberos server, using
83	B<-unwrap> can shrink the AFS token size so that older software can handle
84	it more easily.
85
86	+=item B<-insecure_des>
87	+
88	+Configures libkrb5 to allow the use of the (insecure) single-DES encryption
89	+types. When rxkad-k5 is in use, this is not needed.
90	+
91	=item B<-help>
92
93	Prints the online help for this command. All other valid options are
94	diff --git a/src/aklog/aklog.c b/src/aklog/aklog.c
95	index 49cb782..8d2ac35 100644
96	--- a/src/aklog/aklog.c
97	+++ b/src/aklog/aklog.c
98	@@ -1427,7 +1427,7 @@ usage(void)
99	"[-d] [[-cell \| -c] cell [-k krb_realm]] ",
100	"[[-p \| -path] pathname]\n",
101	" [-zsubs] [-hosts] [-noauth] [-noprdb] [-force] [-setpag] \n"
102	- " [-linked]"
103	+ " [-linked] [-insecure_des]"
104	#ifndef HAVE_NO_KRB5_524
105	" [-524]"
106	#endif
107	@@ -1446,6 +1446,7 @@ usage(void)
108	#ifndef HAVE_NO_KRB5_524
109	fprintf(stderr, " -524 means use the 524 converter instead of V5 directly\n");
110	#endif
111	+ fprintf(stderr, " -insecure_des enables insecure single-DES for krb5.\n");
112	fprintf(stderr, " No commandline arguments means ");
113	fprintf(stderr, "authenticate to the local cell.\n");
114	fprintf(stderr, "\n");
115	@@ -1459,6 +1460,7 @@ main(int argc, char *argv[])
116	int status = AKLOG_SUCCESS;
117	int i;
118	int somethingswrong = FALSE;
119	+ int insecure_des = 0;
120
121	cellinfo_t cellinfo;
122
123	@@ -1538,19 +1540,6 @@ main(int argc, char *argv[])
124	initialize_PT_error_table();
125	afs_set_com_err_hook(redirect_errors);
126
127	- /*
128	- * Enable DES enctypes, which are currently still required for AFS.
129	- * krb5_allow_weak_crypto is MIT Kerberos 1.8. krb5_enctype_enable is
130	- * Heimdal.
131	- */
132	-#if defined(HAVE_KRB5_ENCTYPE_ENABLE)
133	- i = krb5_enctype_valid(context, ETYPE_DES_CBC_CRC);
134	- if (i)
135	- krb5_enctype_enable(context, ETYPE_DES_CBC_CRC);
136	-#elif defined(HAVE_KRB5_ALLOW_WEAK_CRYPTO)
137	- krb5_allow_weak_crypto(context, 1);
138	-#endif
139	-
140	/* Initialize list of cells to which we have authenticated */
141	ll_init(&authedcells);
142
143	@@ -1610,6 +1599,8 @@ main(int argc, char *argv[])
144	}
145	else
146	usage();
147	+ else if (strcmp(argv[i], "-insecure_des") == 0)
148	+ insecure_des = 1;
149	else if (argv[i][0] == '-')
150	usage();
151	else if (!pmode && !cmode) {
152	@@ -1626,6 +1617,26 @@ main(int argc, char *argv[])
153	else
154	usage();
155
156	+ /*
157	+ * Enable DES enctypes if requested. This is not required when rxkad-k5
158	+ * is used, but some sites may not have updated.
159	+ * krb5_allow_weak_crypto is MIT Kerberos 1.8. krb5_enctype_enable is
160	+ * Heimdal.
161	+ */
162	+ if (insecure_des) {
163	+#if defined(HAVE_KRB5_ENCTYPE_ENABLE)
164	+ i = krb5_enctype_valid(context, ETYPE_DES_CBC_CRC);
165	+ if (i)
166	+ krb5_enctype_enable(context, ETYPE_DES_CBC_CRC);
167	+#elif defined(HAVE_KRB5_ALLOW_WEAK_CRYPTO)
168	+ krb5_allow_weak_crypto(context, 1);
169	+#else
170	+ fprintf(stderr,
171	+ "%s: -insecure_des is not supported by this libkrb5\n", progname);
172	+ exit(AKLOG_MISC);
173	+#endif
174	+ }
175	+
176	if (cmode) {
177	if (((i + 1) < argc) && (strcmp(argv[i + 1], "-k") == 0)) {
178	i+=2;
179	diff --git a/src/aklog/klog.c b/src/aklog/klog.c
180	index 9677ffa..edf16e0 100644
181	--- a/src/aklog/klog.c
182	+++ b/src/aklog/klog.c
183	@@ -116,6 +116,7 @@ main(int argc, char *argv[])
184	#define aUNWRAP 11
185	#define aK5 12
186	#define aK4 13
187	+#define aDES 14
188
189	cmd_AddParm(ts, "-x", CMD_FLAG, CMD_OPTIONAL, "obsolete, noop");
190	cmd_Seek(ts, aPRINCIPAL);
191	@@ -141,6 +142,8 @@ main(int argc, char *argv[])
192	++ts->nParms; /* skip -k5 */
193	cmd_AddParm(ts, "-k4", CMD_FLAG, CMD_OPTIONAL\|CMD_HIDDEN, 0);
194	#endif
195	+ cmd_AddParm(ts, "-insecure_des", CMD_FLAG, CMD_OPTIONAL,
196	+ "enable insecure single-DES for krb5");
197
198	code = cmd_Dispatch(argc, argv);
199	KLOGEXIT(code);
200	@@ -413,13 +416,15 @@ CommandProc(struct cmd_syndesc as, void arock)
201	* krb5_allow_weak_crypto is MIT Kerberos 1.8. krb5_enctype_enable is
202	* Heimdal.
203	*/
204	+ if (as->parms[aDES].items) {
205	#if defined(HAVE_KRB5_ENCTYPE_ENABLE)
206	- i = krb5_enctype_valid(k5context, ETYPE_DES_CBC_CRC);
207	- if (i)
208	- krb5_enctype_enable(k5context, ETYPE_DES_CBC_CRC);
209	+ i = krb5_enctype_valid(k5context, ETYPE_DES_CBC_CRC);
210	+ if (i)
211	+ krb5_enctype_enable(k5context, ETYPE_DES_CBC_CRC);
212	#elif defined(HAVE_KRB5_ALLOW_WEAK_CRYPTO)
213	- krb5_allow_weak_crypto(k5context, 1);
214	+ krb5_allow_weak_crypto(k5context, 1);
215	#endif
216	+ }
217
218	/* Parse remaining arguments. */
219