GSSAPI key exchange support

This patch has been rejected upstream: "None of the OpenSSH developers are in favour of adding this, and this situation has not changed for several years. This is not a slight on Simon's patch, which is of fine quality, but just that a) we don't trust GSSAPI implementations that much and b) we don't like adding new KEX since they are pre-auth attack surface. This one is particularly scary, since it requires hooks out to typically root-owned system resources." However, quite a lot of people rely on this in Debian, and it's better to have it merged into the main openssh package rather than having separate -krb5 packages (as we used to have). It seems to have a generally good security history. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1242 Last-Updated: 2015-08-19 Patch-Name: gssapi.patch
author: Simon Wilkinson <simon@sxw.org.uk> 2014-02-09 16:09:48 +0000
committer: Colin Watson <cjwatson@debian.org> 2015-08-19 16:33:29 +0100
commit: 06879e71614170580ffa7568ec5c009f60a9d084 (patch)
tree: 2264e498417b1968891c6f8a3c3b560b2b3a4761 /auth2-gss.c
parent: baccdb349b31c47cd76fb63211f754ed33a9707e (diff)
1 files changed, 45 insertions, 3 deletions
diff --git a/auth2-gss.c b/auth2-gss.c
index 1ca835773..3b5036dfd 100644
--- a/auth2-gss.c
+++ b/auth2-gss.c
@@ -1,7 +1,7 @@
 /* $OpenBSD: auth2-gss.c,v 1.22 2015/01/19 20:07:45 markus Exp $ */
 /*
- * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
+ * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
@@ -53,6 +53,40 @@ static int input_gssapi_mic(int type, u_int32_t plen, void *ctxt);
 static int input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt);
 static int input_gssapi_errtok(int, u_int32_t, void *);
+/* 
+ * The 'gssapi_keyex' userauth mechanism.
+ */
+static int
+userauth_gsskeyex(Authctxt *authctxt)
+{
+        int authenticated = 0;
+        Buffer b;
+        gss_buffer_desc mic, gssbuf;
+        u_int len;
+        mic.value = packet_get_string(&len);
+        mic.length = len;
+        packet_check_eom();
+        ssh_gssapi_buildmic(&b, authctxt->user, authctxt->service,
+            "gssapi-keyex");
+        gssbuf.value = buffer_ptr(&b);
+        gssbuf.length = buffer_len(&b);
+        /* gss_kex_context is NULL with privsep, so we can't check it here */
+        if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gss_kex_context, 
+            &gssbuf, &mic))))
+                authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user,
+                    authctxt->pw));
+        
+        buffer_free(&b);
+        free(mic.value);
+        return (authenticated);
+}
 /*
 * We only support those mechanisms that we know about (ie ones that we know
 * how to check local user kuserok and the like)
@@ -238,7 +272,8 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt)
        packet_check_eom();
-        authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user));
+        authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user,
+            authctxt->pw));
        authctxt->postponed = 0;
        dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);
@@ -274,7 +309,8 @@ input_gssapi_mic(int type, u_int32_t plen, void *ctxt)
        gssbuf.length = buffer_len(&b);
        if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic))))
-                authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user));
+                authenticated = 
+                    PRIVSEP(ssh_gssapi_userok(authctxt->user, authctxt->pw));
        else
                logit("GSSAPI MIC check failed");
@@ -290,6 +326,12 @@ input_gssapi_mic(int type, u_int32_t plen, void *ctxt)
        return 0;
 }
+Authmethod method_gsskeyex = {
+        "gssapi-keyex",
+        userauth_gsskeyex,
+        &options.gss_authentication
+};
 Authmethod method_gssapi = {
        "gssapi-with-mic",
        userauth_gssapi,
author	Simon Wilkinson <simon@sxw.org.uk>	2014-02-09 16:09:48 +0000
committer	Colin Watson <cjwatson@debian.org>	2015-08-19 16:33:29 +0100
commit	06879e71614170580ffa7568ec5c009f60a9d084 (patch)
tree	2264e498417b1968891c6f8a3c3b560b2b3a4761 /auth2-gss.c
parent	baccdb349b31c47cd76fb63211f754ed33a9707e (diff)

diff --git a/auth2-gss.c b/auth2-gss.c index 1ca835773..3b5036dfd 100644 --- a/auth2-gss.c +++ b/auth2-gss.c
@@ -1,7 +1,7 @@
1	/* $OpenBSD: auth2-gss.c,v 1.22 2015/01/19 20:07:45 markus Exp $ */	1	/* $OpenBSD: auth2-gss.c,v 1.22 2015/01/19 20:07:45 markus Exp $ */
2		2
3	/*	3	/*
4	* Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.	4	* Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved.
5	*	5	*
6	* Redistribution and use in source and binary forms, with or without	6	* Redistribution and use in source and binary forms, with or without
7	* modification, are permitted provided that the following conditions	7	* modification, are permitted provided that the following conditions
@@ -53,6 +53,40 @@ static int input_gssapi_mic(int type, u_int32_t plen, void *ctxt);
53	static int input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt);	53	static int input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt);
54	static int input_gssapi_errtok(int, u_int32_t, void *);	54	static int input_gssapi_errtok(int, u_int32_t, void *);
55		55
		56	/*
		57	* The 'gssapi_keyex' userauth mechanism.
		58	*/
		59	static int
		60	userauth_gsskeyex(Authctxt *authctxt)
		61	{
		62	int authenticated = 0;
		63	Buffer b;
		64	gss_buffer_desc mic, gssbuf;
		65	u_int len;
		66
		67	mic.value = packet_get_string(&len);
		68	mic.length = len;
		69
		70	packet_check_eom();
		71
		72	ssh_gssapi_buildmic(&b, authctxt->user, authctxt->service,
		73	"gssapi-keyex");
		74
		75	gssbuf.value = buffer_ptr(&b);
		76	gssbuf.length = buffer_len(&b);
		77
		78	/* gss_kex_context is NULL with privsep, so we can't check it here */
		79	if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gss_kex_context,
		80	&gssbuf, &mic))))
		81	authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user,
		82	authctxt->pw));
		83
		84	buffer_free(&b);
		85	free(mic.value);
		86
		87	return (authenticated);
		88	}
		89
56	/*	90	/*
57	* We only support those mechanisms that we know about (ie ones that we know	91	* We only support those mechanisms that we know about (ie ones that we know
58	* how to check local user kuserok and the like)	92	* how to check local user kuserok and the like)
@@ -238,7 +272,8 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt)
238		272
239	packet_check_eom();	273	packet_check_eom();
240		274
241	authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user));	275	authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user,
		276	authctxt->pw));
242		277
243	authctxt->postponed = 0;	278	authctxt->postponed = 0;
244	dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);	279	dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);
@@ -274,7 +309,8 @@ input_gssapi_mic(int type, u_int32_t plen, void *ctxt)
274	gssbuf.length = buffer_len(&b);	309	gssbuf.length = buffer_len(&b);
275		310
276	if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic))))	311	if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic))))
277	authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user));	312	authenticated =
		313	PRIVSEP(ssh_gssapi_userok(authctxt->user, authctxt->pw));
278	else	314	else
279	logit("GSSAPI MIC check failed");	315	logit("GSSAPI MIC check failed");
280		316
@@ -290,6 +326,12 @@ input_gssapi_mic(int type, u_int32_t plen, void *ctxt)
290	return 0;	326	return 0;
291	}	327	}
292		328
		329	Authmethod method_gsskeyex = {
		330	"gssapi-keyex",
		331	userauth_gsskeyex,
		332	&options.gss_authentication
		333	};
		334
293	Authmethod method_gssapi = {	335	Authmethod method_gssapi = {
294	"gssapi-with-mic",	336	"gssapi-with-mic",
295	userauth_gssapi,	337	userauth_gssapi,