Commit | Line | Data |
---|---|---|
b7cfede0 BK |
1 | From: Benjamin Kaduk <kaduk@mit.edu> |
2 | Date: Thu, 11 Jul 2019 21:07:35 -0700 | |
3 | Subject: aklog: require opt-in to enable single-DES in libkrb5 | |
4 | ||
5 | Since the introduction of rxkad-k5 in response to OPENAFS-SA-2013-003, | |
6 | it is not strictly necessary to configure libkrb5 to allow weak crypto | |
7 | in order to obtain an AFS token. A sufficient amount of time has passed | |
8 | since then that it is safe to assume that the default behavior is the | |
9 | more-secure one, and require opt-in for the insecure behavior. | |
10 | ||
11 | To indicate that the use of single-DES is quite risky, add the | |
12 | "-insecure_des" argument to both klog and aklog, to gate the | |
13 | preexisting calls that enable weak crypto/single-DES. | |
14 | These calls, and the -insecure_des option, may be removed entirely | |
15 | in a future commit. | |
16 | ||
17 | Change-Id: If175d0f95f0ede0f252844086a2a023da5580732 | |
18 | Reviewed-on: https://gerrit.openafs.org/13689 | |
19 | Reviewed-by: Michael Meffie <mmeffie@sinenomine.net> | |
20 | Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> | |
21 | Tested-by: Benjamin Kaduk <kaduk@mit.edu> | |
22 | (cherry picked from commit eaae6eba8ca10ba7a5a20ee0d1b5f91bc2bac6c6) | |
23 | --- | |
24 | doc/man-pages/pod1/aklog.pod | 9 +++++++-- | |
25 | doc/man-pages/pod1/klog.krb5.pod | 10 ++++++++-- | |
26 | src/aklog/aklog.c | 39 +++++++++++++++++++++++++-------------- | |
27 | src/aklog/klog.c | 13 +++++++++---- | |
28 | 4 files changed, 49 insertions(+), 22 deletions(-) | |
29 | ||
30 | diff --git a/doc/man-pages/pod1/aklog.pod b/doc/man-pages/pod1/aklog.pod | |
31 | index eb1727b..0d67ea1 100644 | |
32 | --- a/doc/man-pages/pod1/aklog.pod | |
33 | +++ b/doc/man-pages/pod1/aklog.pod | |
34 | @@ -8,11 +8,11 @@ aklog - Obtain tokens for authentication to AFS | |
35 | <div class="synopsis"> | |
36 | ||
37 | B<aklog> [B<-d>] [B<-hosts>] [B<-zsubs>] [B<-noprdb>] [B<-noauth>] [B<-linked>] | |
38 | - [B<-force>] [B<-524>] [B<-setpag>] | |
39 | + [B<-force>] [B<-524>] [B<-setpag>] [B<-insecure_des>] | |
40 | S<<< [[B<-cell> | B<-c>] <I<cell>> [B<-k> <I<Kerberos realm>>]]+ >>> | |
41 | ||
42 | B<aklog> [B<-d>] [B<-hosts>] [B<-zsubs>] [B<-noprdb>] [B<-noauth>] [B<-linked>] | |
43 | - [B<-force>] [B<-524>] [B<-setpag>] [B<-path> | B<-p>] <I<path>>+ | |
44 | + [B<-force>] [B<-524>] [B<-setpag>] [B<-insecure_des>] [B<-path> | B<-p>] <I<path>>+ | |
45 | ||
46 | =for html | |
47 | </div> | |
48 | @@ -119,6 +119,11 @@ normally won't be necessary. | |
49 | ||
50 | If the AFS cell is linked to another AFS cell, get tokens for both. | |
51 | ||
52 | +-item B<-insecure_des> | |
53 | + | |
54 | +Configure libkrb5 to allow the use of the (insecure) single-DES encryption | |
55 | +types. When rxkad-k5 is in use, this is not needed. | |
56 | + | |
57 | =item B<-noauth> | |
58 | ||
59 | Don't actually authenticate, just do everything else B<aklog> does up to | |
60 | diff --git a/doc/man-pages/pod1/klog.krb5.pod b/doc/man-pages/pod1/klog.krb5.pod | |
61 | index 023deee..05d671c 100644 | |
62 | --- a/doc/man-pages/pod1/klog.krb5.pod | |
63 | +++ b/doc/man-pages/pod1/klog.krb5.pod | |
64 | @@ -11,14 +11,15 @@ B<klog.krb5> [B<-x>] S<<< [B<-principal> <I<user name>>] >>> | |
65 | [-password <I<user's password>>] S<<< [B<-cell> <I<cell name>>] >>> | |
66 | S<<< [B<-k> <I<realm>>] >>> [B<-pipe>] [B<-silent>] | |
67 | S<<< [B<-lifetime> <I<ticket lifetime in hh[:mm[:ss]]>>] >>> | |
68 | - [B<-setpag>] [B<-tmp>] [B<-noprdb>] [B<-unwrap>] [B<-help>] | |
69 | + [B<-setpag>] [B<-tmp>] [B<-noprdb>] [B<-unwrap>] [B<-insecure_des>] | |
70 | + [B<-help>] | |
71 | ||
72 | B<klog.krb5> [B<-x>] S<<< [B<-pr> <I<user name>>] >>> | |
73 | S<<< [B<-pa> <I<user's password>>] >>> | |
74 | S<<< [B<-c> <I<cell name>>] >>> | |
75 | B<<< [B<-k> <I<realm>>] >>> [B<-pi>] [B<-si>] | |
76 | S<<< [B<-l> <I<ticket lifetime in hh[:mm[:ss]]>>] >>> | |
77 | - [B<-se>] [B<-t>] [B<-n>] [B<-u>] [B<-h>] | |
78 | + [B<-se>] [B<-t>] [B<-n>] [B<-u>] [B<-i>] [B<-h>] | |
79 | ||
80 | =for html | |
81 | </div> | |
82 | @@ -227,6 +228,11 @@ sizes in conjunction with Active Directory as the Kerberos server, using | |
83 | B<-unwrap> can shrink the AFS token size so that older software can handle | |
84 | it more easily. | |
85 | ||
86 | +=item B<-insecure_des> | |
87 | + | |
88 | +Configures libkrb5 to allow the use of the (insecure) single-DES encryption | |
89 | +types. When rxkad-k5 is in use, this is not needed. | |
90 | + | |
91 | =item B<-help> | |
92 | ||
93 | Prints the online help for this command. All other valid options are | |
94 | diff --git a/src/aklog/aklog.c b/src/aklog/aklog.c | |
95 | index 49cb782..8d2ac35 100644 | |
96 | --- a/src/aklog/aklog.c | |
97 | +++ b/src/aklog/aklog.c | |
98 | @@ -1427,7 +1427,7 @@ usage(void) | |
99 | "[-d] [[-cell | -c] cell [-k krb_realm]] ", | |
100 | "[[-p | -path] pathname]\n", | |
101 | " [-zsubs] [-hosts] [-noauth] [-noprdb] [-force] [-setpag] \n" | |
102 | - " [-linked]" | |
103 | + " [-linked] [-insecure_des]" | |
104 | #ifndef HAVE_NO_KRB5_524 | |
105 | " [-524]" | |
106 | #endif | |
107 | @@ -1446,6 +1446,7 @@ usage(void) | |
108 | #ifndef HAVE_NO_KRB5_524 | |
109 | fprintf(stderr, " -524 means use the 524 converter instead of V5 directly\n"); | |
110 | #endif | |
111 | + fprintf(stderr, " -insecure_des enables insecure single-DES for krb5.\n"); | |
112 | fprintf(stderr, " No commandline arguments means "); | |
113 | fprintf(stderr, "authenticate to the local cell.\n"); | |
114 | fprintf(stderr, "\n"); | |
115 | @@ -1459,6 +1460,7 @@ main(int argc, char *argv[]) | |
116 | int status = AKLOG_SUCCESS; | |
117 | int i; | |
118 | int somethingswrong = FALSE; | |
119 | + int insecure_des = 0; | |
120 | ||
121 | cellinfo_t cellinfo; | |
122 | ||
123 | @@ -1538,19 +1540,6 @@ main(int argc, char *argv[]) | |
124 | initialize_PT_error_table(); | |
125 | afs_set_com_err_hook(redirect_errors); | |
126 | ||
127 | - /* | |
128 | - * Enable DES enctypes, which are currently still required for AFS. | |
129 | - * krb5_allow_weak_crypto is MIT Kerberos 1.8. krb5_enctype_enable is | |
130 | - * Heimdal. | |
131 | - */ | |
132 | -#if defined(HAVE_KRB5_ENCTYPE_ENABLE) | |
133 | - i = krb5_enctype_valid(context, ETYPE_DES_CBC_CRC); | |
134 | - if (i) | |
135 | - krb5_enctype_enable(context, ETYPE_DES_CBC_CRC); | |
136 | -#elif defined(HAVE_KRB5_ALLOW_WEAK_CRYPTO) | |
137 | - krb5_allow_weak_crypto(context, 1); | |
138 | -#endif | |
139 | - | |
140 | /* Initialize list of cells to which we have authenticated */ | |
141 | ll_init(&authedcells); | |
142 | ||
143 | @@ -1610,6 +1599,8 @@ main(int argc, char *argv[]) | |
144 | } | |
145 | else | |
146 | usage(); | |
147 | + else if (strcmp(argv[i], "-insecure_des") == 0) | |
148 | + insecure_des = 1; | |
149 | else if (argv[i][0] == '-') | |
150 | usage(); | |
151 | else if (!pmode && !cmode) { | |
152 | @@ -1626,6 +1617,26 @@ main(int argc, char *argv[]) | |
153 | else | |
154 | usage(); | |
155 | ||
156 | + /* | |
157 | + * Enable DES enctypes if requested. This is not required when rxkad-k5 | |
158 | + * is used, but some sites may not have updated. | |
159 | + * krb5_allow_weak_crypto is MIT Kerberos 1.8. krb5_enctype_enable is | |
160 | + * Heimdal. | |
161 | + */ | |
162 | + if (insecure_des) { | |
163 | +#if defined(HAVE_KRB5_ENCTYPE_ENABLE) | |
164 | + i = krb5_enctype_valid(context, ETYPE_DES_CBC_CRC); | |
165 | + if (i) | |
166 | + krb5_enctype_enable(context, ETYPE_DES_CBC_CRC); | |
167 | +#elif defined(HAVE_KRB5_ALLOW_WEAK_CRYPTO) | |
168 | + krb5_allow_weak_crypto(context, 1); | |
169 | +#else | |
170 | + fprintf(stderr, | |
171 | + "%s: -insecure_des is not supported by this libkrb5\n", progname); | |
172 | + exit(AKLOG_MISC); | |
173 | +#endif | |
174 | + } | |
175 | + | |
176 | if (cmode) { | |
177 | if (((i + 1) < argc) && (strcmp(argv[i + 1], "-k") == 0)) { | |
178 | i+=2; | |
179 | diff --git a/src/aklog/klog.c b/src/aklog/klog.c | |
180 | index 9677ffa..edf16e0 100644 | |
181 | --- a/src/aklog/klog.c | |
182 | +++ b/src/aklog/klog.c | |
183 | @@ -116,6 +116,7 @@ main(int argc, char *argv[]) | |
184 | #define aUNWRAP 11 | |
185 | #define aK5 12 | |
186 | #define aK4 13 | |
187 | +#define aDES 14 | |
188 | ||
189 | cmd_AddParm(ts, "-x", CMD_FLAG, CMD_OPTIONAL, "obsolete, noop"); | |
190 | cmd_Seek(ts, aPRINCIPAL); | |
191 | @@ -141,6 +142,8 @@ main(int argc, char *argv[]) | |
192 | ++ts->nParms; /* skip -k5 */ | |
193 | cmd_AddParm(ts, "-k4", CMD_FLAG, CMD_OPTIONAL|CMD_HIDDEN, 0); | |
194 | #endif | |
195 | + cmd_AddParm(ts, "-insecure_des", CMD_FLAG, CMD_OPTIONAL, | |
196 | + "enable insecure single-DES for krb5"); | |
197 | ||
198 | code = cmd_Dispatch(argc, argv); | |
199 | KLOGEXIT(code); | |
200 | @@ -413,13 +416,15 @@ CommandProc(struct cmd_syndesc *as, void *arock) | |
201 | * krb5_allow_weak_crypto is MIT Kerberos 1.8. krb5_enctype_enable is | |
202 | * Heimdal. | |
203 | */ | |
204 | + if (as->parms[aDES].items) { | |
205 | #if defined(HAVE_KRB5_ENCTYPE_ENABLE) | |
206 | - i = krb5_enctype_valid(k5context, ETYPE_DES_CBC_CRC); | |
207 | - if (i) | |
208 | - krb5_enctype_enable(k5context, ETYPE_DES_CBC_CRC); | |
209 | + i = krb5_enctype_valid(k5context, ETYPE_DES_CBC_CRC); | |
210 | + if (i) | |
211 | + krb5_enctype_enable(k5context, ETYPE_DES_CBC_CRC); | |
212 | #elif defined(HAVE_KRB5_ALLOW_WEAK_CRYPTO) | |
213 | - krb5_allow_weak_crypto(k5context, 1); | |
214 | + krb5_allow_weak_crypto(k5context, 1); | |
215 | #endif | |
216 | + } | |
217 | ||
218 | /* Parse remaining arguments. */ | |
219 |