GSSAPI key exchange support

This patch has been rejected upstream: "None of the OpenSSH developers are in favour of adding this, and this situation has not changed for several years. This is not a slight on Simon's patch, which is of fine quality, but just that a) we don't trust GSSAPI implementations that much and b) we don't like adding new KEX since they are pre-auth attack surface. This one is particularly scary, since it requires hooks out to typically root-owned system resources." However, quite a lot of people rely on this in Debian, and it's better to have it merged into the main openssh package rather than having separate -krb5 packages (as we used to have). It seems to have a generally good security history. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1242 Last-Updated: 2013-11-09 Patch-Name: gssapi.patch
author: Simon Wilkinson <simon@sxw.org.uk> 2014-02-09 16:09:48 +0000
committer: Colin Watson <cjwatson@debian.org> 2014-02-09 16:16:58 +0000
commit: 950be7e1b1a01ee9b25e2a72726a6370b8acacb6 (patch)
tree: 64829a84f903d7e2d3270c43e3f80df7db2a6a10 /monitor.c
parent: ee196dab7c5f97f0b80c8099343a375bead92010 (diff)
1 files changed, 107 insertions, 1 deletions
diff --git a/monitor.c b/monitor.c
index 44dff98c9..9079c9762 100644
--- a/monitor.c
+++ b/monitor.c
@@ -181,6 +181,8 @@ int mm_answer_gss_setup_ctx(int, Buffer *);
 int mm_answer_gss_accept_ctx(int, Buffer *);
 int mm_answer_gss_userok(int, Buffer *);
 int mm_answer_gss_checkmic(int, Buffer *);
+int mm_answer_gss_sign(int, Buffer *);
+int mm_answer_gss_updatecreds(int, Buffer *);
 #endif
 #ifdef SSH_AUDIT_EVENTS
@@ -253,6 +255,7 @@ struct mon_table mon_dispatch_proto20[] = {
    {MONITOR_REQ_GSSSTEP, MON_ISAUTH, mm_answer_gss_accept_ctx},
    {MONITOR_REQ_GSSUSEROK, MON_AUTH, mm_answer_gss_userok},
    {MONITOR_REQ_GSSCHECKMIC, MON_ISAUTH, mm_answer_gss_checkmic},
+    {MONITOR_REQ_GSSSIGN, MON_ONCE, mm_answer_gss_sign},
 #endif
 #ifdef JPAKE
    {MONITOR_REQ_JPAKE_GET_PWDATA, MON_ONCE, mm_answer_jpake_get_pwdata},
@@ -265,6 +268,12 @@ struct mon_table mon_dispatch_proto20[] = {
 };
 struct mon_table mon_dispatch_postauth20[] = {
+#ifdef GSSAPI
+    {MONITOR_REQ_GSSSETUP, 0, mm_answer_gss_setup_ctx},
+    {MONITOR_REQ_GSSSTEP, 0, mm_answer_gss_accept_ctx},
+    {MONITOR_REQ_GSSSIGN, 0, mm_answer_gss_sign},
+    {MONITOR_REQ_GSSUPCREDS, 0, mm_answer_gss_updatecreds},
+#endif
    {MONITOR_REQ_MODULI, 0, mm_answer_moduli},
    {MONITOR_REQ_SIGN, 0, mm_answer_sign},
    {MONITOR_REQ_PTY, 0, mm_answer_pty},
@@ -373,6 +382,10 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
                /* Permit requests for moduli and signatures */
                monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1);
                monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1);
+#ifdef GSSAPI
+                /* and for the GSSAPI key exchange */
+                monitor_permit(mon_dispatch, MONITOR_REQ_GSSSETUP, 1);
+#endif
        } else {
                mon_dispatch = mon_dispatch_proto15;
@@ -487,6 +500,10 @@ monitor_child_postauth(struct monitor *pmonitor)
                monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1);
                monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1);
                monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1);
+#ifdef GSSAPI
+                /* and for the GSSAPI key exchange */
+                monitor_permit(mon_dispatch, MONITOR_REQ_GSSSETUP, 1);
+#endif          
        } else {
                mon_dispatch = mon_dispatch_postauth15;
                monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1);
@@ -1855,6 +1872,13 @@ mm_get_kex(Buffer *m)
        kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
        kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
        kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
+#ifdef GSSAPI
+        if (options.gss_keyex) {
+                kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server;
+                kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server;
+                kex->kex[KEX_GSS_GEX_SHA1] = kexgss_server;
+        }
+#endif
        kex->server = 1;
        kex->hostkey_type = buffer_get_int(m);
        kex->kex_type = buffer_get_int(m);
@@ -2062,6 +2086,9 @@ mm_answer_gss_setup_ctx(int sock, Buffer *m)
        OM_uint32 major;
        u_int len;
+        if (!options.gss_authentication && !options.gss_keyex)
+                fatal("In GSSAPI monitor when GSSAPI is disabled");
        goid.elements = buffer_get_string(m, &len);
        goid.length = len;
@@ -2089,6 +2116,9 @@ mm_answer_gss_accept_ctx(int sock, Buffer *m)
        OM_uint32 flags = 0; /* GSI needs this */
        u_int len;
+        if (!options.gss_authentication && !options.gss_keyex)
+                fatal("In GSSAPI monitor when GSSAPI is disabled");
        in.value = buffer_get_string(m, &len);
        in.length = len;
        major = ssh_gssapi_accept_ctx(gsscontext, &in, &out, &flags);
@@ -2106,6 +2136,7 @@ mm_answer_gss_accept_ctx(int sock, Buffer *m)
                monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0);
                monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1);
                monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1);
+                monitor_permit(mon_dispatch, MONITOR_REQ_GSSSIGN, 1);
        }
        return (0);
 }
@@ -2117,6 +2148,9 @@ mm_answer_gss_checkmic(int sock, Buffer *m)
        OM_uint32 ret;
        u_int len;
+        if (!options.gss_authentication && !options.gss_keyex)
+                fatal("In GSSAPI monitor when GSSAPI is disabled");
        gssbuf.value = buffer_get_string(m, &len);
        gssbuf.length = len;
        mic.value = buffer_get_string(m, &len);
@@ -2143,7 +2177,11 @@ mm_answer_gss_userok(int sock, Buffer *m)
 {
        int authenticated;
-        authenticated = authctxt->valid && ssh_gssapi_userok(authctxt->user);
+        if (!options.gss_authentication && !options.gss_keyex)
+                fatal("In GSSAPI monitor when GSSAPI is disabled");
+        authenticated = authctxt->valid && 
+            ssh_gssapi_userok(authctxt->user, authctxt->pw);
        buffer_clear(m);
        buffer_put_int(m, authenticated);
@@ -2156,6 +2194,74 @@ mm_answer_gss_userok(int sock, Buffer *m)
        /* Monitor loop will terminate if authenticated */
        return (authenticated);
 }
+int 
+mm_answer_gss_sign(int socket, Buffer *m)
+{
+        gss_buffer_desc data;
+        gss_buffer_desc hash = GSS_C_EMPTY_BUFFER;
+        OM_uint32 major, minor;
+        u_int len;
+        if (!options.gss_authentication && !options.gss_keyex)
+                fatal("In GSSAPI monitor when GSSAPI is disabled");
+        data.value = buffer_get_string(m, &len);
+        data.length = len;
+        if (data.length != 20) 
+                fatal("%s: data length incorrect: %d", __func__, 
+                    (int) data.length);
+        /* Save the session ID on the first time around */
+        if (session_id2_len == 0) {
+                session_id2_len = data.length;
+                session_id2 = xmalloc(session_id2_len);
+                memcpy(session_id2, data.value, session_id2_len);
+        }
+        major = ssh_gssapi_sign(gsscontext, &data, &hash);
+        free(data.value);
+        buffer_clear(m);
+        buffer_put_int(m, major);
+        buffer_put_string(m, hash.value, hash.length);
+        mm_request_send(socket, MONITOR_ANS_GSSSIGN, m);
+        gss_release_buffer(&minor, &hash);
+        /* Turn on getpwnam permissions */
+        monitor_permit(mon_dispatch, MONITOR_REQ_PWNAM, 1);
+        
+        /* And credential updating, for when rekeying */
+        monitor_permit(mon_dispatch, MONITOR_REQ_GSSUPCREDS, 1);
+        return (0);
+}
+int
+mm_answer_gss_updatecreds(int socket, Buffer *m) {
+        ssh_gssapi_ccache store;
+        int ok;
+        store.filename = buffer_get_string(m, NULL);
+        store.envvar   = buffer_get_string(m, NULL);
+        store.envval   = buffer_get_string(m, NULL);
+        ok = ssh_gssapi_update_creds(&store);
+        free(store.filename);
+        free(store.envvar);
+        free(store.envval);
+        buffer_clear(m);
+        buffer_put_int(m, ok);
+        mm_request_send(socket, MONITOR_ANS_GSSUPCREDS, m);
+        return(0);
+}
 #endif /* GSSAPI */
 #ifdef JPAKE
author	Simon Wilkinson <simon@sxw.org.uk>	2014-02-09 16:09:48 +0000
committer	Colin Watson <cjwatson@debian.org>	2014-02-09 16:16:58 +0000
commit	950be7e1b1a01ee9b25e2a72726a6370b8acacb6 (patch)
tree	64829a84f903d7e2d3270c43e3f80df7db2a6a10 /monitor.c
parent	ee196dab7c5f97f0b80c8099343a375bead92010 (diff)

diff --git a/monitor.c b/monitor.c index 44dff98c9..9079c9762 100644 --- a/monitor.c +++ b/monitor.c
@@ -181,6 +181,8 @@ int mm_answer_gss_setup_ctx(int, Buffer *);
181	int mm_answer_gss_accept_ctx(int, Buffer *);	181	int mm_answer_gss_accept_ctx(int, Buffer *);
182	int mm_answer_gss_userok(int, Buffer *);	182	int mm_answer_gss_userok(int, Buffer *);
183	int mm_answer_gss_checkmic(int, Buffer *);	183	int mm_answer_gss_checkmic(int, Buffer *);
		184	int mm_answer_gss_sign(int, Buffer *);
		185	int mm_answer_gss_updatecreds(int, Buffer *);
184	#endif	186	#endif
185		187
186	#ifdef SSH_AUDIT_EVENTS	188	#ifdef SSH_AUDIT_EVENTS
@@ -253,6 +255,7 @@ struct mon_table mon_dispatch_proto20[] = {
253	{MONITOR_REQ_GSSSTEP, MON_ISAUTH, mm_answer_gss_accept_ctx},	255	{MONITOR_REQ_GSSSTEP, MON_ISAUTH, mm_answer_gss_accept_ctx},
254	{MONITOR_REQ_GSSUSEROK, MON_AUTH, mm_answer_gss_userok},	256	{MONITOR_REQ_GSSUSEROK, MON_AUTH, mm_answer_gss_userok},
255	{MONITOR_REQ_GSSCHECKMIC, MON_ISAUTH, mm_answer_gss_checkmic},	257	{MONITOR_REQ_GSSCHECKMIC, MON_ISAUTH, mm_answer_gss_checkmic},
		258	{MONITOR_REQ_GSSSIGN, MON_ONCE, mm_answer_gss_sign},
256	#endif	259	#endif
257	#ifdef JPAKE	260	#ifdef JPAKE
258	{MONITOR_REQ_JPAKE_GET_PWDATA, MON_ONCE, mm_answer_jpake_get_pwdata},	261	{MONITOR_REQ_JPAKE_GET_PWDATA, MON_ONCE, mm_answer_jpake_get_pwdata},
@@ -265,6 +268,12 @@ struct mon_table mon_dispatch_proto20[] = {
265	};	268	};
266		269
267	struct mon_table mon_dispatch_postauth20[] = {	270	struct mon_table mon_dispatch_postauth20[] = {
		271	#ifdef GSSAPI
		272	{MONITOR_REQ_GSSSETUP, 0, mm_answer_gss_setup_ctx},
		273	{MONITOR_REQ_GSSSTEP, 0, mm_answer_gss_accept_ctx},
		274	{MONITOR_REQ_GSSSIGN, 0, mm_answer_gss_sign},
		275	{MONITOR_REQ_GSSUPCREDS, 0, mm_answer_gss_updatecreds},
		276	#endif
268	{MONITOR_REQ_MODULI, 0, mm_answer_moduli},	277	{MONITOR_REQ_MODULI, 0, mm_answer_moduli},
269	{MONITOR_REQ_SIGN, 0, mm_answer_sign},	278	{MONITOR_REQ_SIGN, 0, mm_answer_sign},
270	{MONITOR_REQ_PTY, 0, mm_answer_pty},	279	{MONITOR_REQ_PTY, 0, mm_answer_pty},
@@ -373,6 +382,10 @@ monitor_child_preauth(Authctxt _authctxt, struct monitor pmonitor)
373	/* Permit requests for moduli and signatures */	382	/* Permit requests for moduli and signatures */
374	monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1);	383	monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1);
375	monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1);	384	monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1);
		385	#ifdef GSSAPI
		386	/* and for the GSSAPI key exchange */
		387	monitor_permit(mon_dispatch, MONITOR_REQ_GSSSETUP, 1);
		388	#endif
376	} else {	389	} else {
377	mon_dispatch = mon_dispatch_proto15;	390	mon_dispatch = mon_dispatch_proto15;
378		391
@@ -487,6 +500,10 @@ monitor_child_postauth(struct monitor *pmonitor)
487	monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1);	500	monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1);
488	monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1);	501	monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1);
489	monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1);	502	monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1);
		503	#ifdef GSSAPI
		504	/* and for the GSSAPI key exchange */
		505	monitor_permit(mon_dispatch, MONITOR_REQ_GSSSETUP, 1);
		506	#endif
490	} else {	507	} else {
491	mon_dispatch = mon_dispatch_postauth15;	508	mon_dispatch = mon_dispatch_postauth15;
492	monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1);	509	monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1);
@@ -1855,6 +1872,13 @@ mm_get_kex(Buffer *m)
1855	kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;	1872	kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
1856	kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;	1873	kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
1857	kex->kex[KEX_ECDH_SHA2] = kexecdh_server;	1874	kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
		1875	#ifdef GSSAPI
		1876	if (options.gss_keyex) {
		1877	kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server;
		1878	kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server;
		1879	kex->kex[KEX_GSS_GEX_SHA1] = kexgss_server;
		1880	}
		1881	#endif
1858	kex->server = 1;	1882	kex->server = 1;
1859	kex->hostkey_type = buffer_get_int(m);	1883	kex->hostkey_type = buffer_get_int(m);
1860	kex->kex_type = buffer_get_int(m);	1884	kex->kex_type = buffer_get_int(m);
@@ -2062,6 +2086,9 @@ mm_answer_gss_setup_ctx(int sock, Buffer *m)
2062	OM_uint32 major;	2086	OM_uint32 major;
2063	u_int len;	2087	u_int len;
2064		2088
		2089	if (!options.gss_authentication && !options.gss_keyex)
		2090	fatal("In GSSAPI monitor when GSSAPI is disabled");
		2091
2065	goid.elements = buffer_get_string(m, &len);	2092	goid.elements = buffer_get_string(m, &len);
2066	goid.length = len;	2093	goid.length = len;
2067		2094
@@ -2089,6 +2116,9 @@ mm_answer_gss_accept_ctx(int sock, Buffer *m)
2089	OM_uint32 flags = 0; /* GSI needs this */	2116	OM_uint32 flags = 0; /* GSI needs this */
2090	u_int len;	2117	u_int len;
2091		2118
		2119	if (!options.gss_authentication && !options.gss_keyex)
		2120	fatal("In GSSAPI monitor when GSSAPI is disabled");
		2121
2092	in.value = buffer_get_string(m, &len);	2122	in.value = buffer_get_string(m, &len);
2093	in.length = len;	2123	in.length = len;
2094	major = ssh_gssapi_accept_ctx(gsscontext, &in, &out, &flags);	2124	major = ssh_gssapi_accept_ctx(gsscontext, &in, &out, &flags);
@@ -2106,6 +2136,7 @@ mm_answer_gss_accept_ctx(int sock, Buffer *m)
2106	monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0);	2136	monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0);
2107	monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1);	2137	monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1);
2108	monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1);	2138	monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1);
		2139	monitor_permit(mon_dispatch, MONITOR_REQ_GSSSIGN, 1);
2109	}	2140	}
2110	return (0);	2141	return (0);
2111	}	2142	}
@@ -2117,6 +2148,9 @@ mm_answer_gss_checkmic(int sock, Buffer *m)
2117	OM_uint32 ret;	2148	OM_uint32 ret;
2118	u_int len;	2149	u_int len;
2119		2150
		2151	if (!options.gss_authentication && !options.gss_keyex)
		2152	fatal("In GSSAPI monitor when GSSAPI is disabled");
		2153
2120	gssbuf.value = buffer_get_string(m, &len);	2154	gssbuf.value = buffer_get_string(m, &len);
2121	gssbuf.length = len;	2155	gssbuf.length = len;
2122	mic.value = buffer_get_string(m, &len);	2156	mic.value = buffer_get_string(m, &len);
@@ -2143,7 +2177,11 @@ mm_answer_gss_userok(int sock, Buffer *m)
2143	{	2177	{
2144	int authenticated;	2178	int authenticated;
2145		2179
2146	authenticated = authctxt->valid && ssh_gssapi_userok(authctxt->user);	2180	if (!options.gss_authentication && !options.gss_keyex)
		2181	fatal("In GSSAPI monitor when GSSAPI is disabled");
		2182
		2183	authenticated = authctxt->valid &&
		2184	ssh_gssapi_userok(authctxt->user, authctxt->pw);
2147		2185
2148	buffer_clear(m);	2186	buffer_clear(m);
2149	buffer_put_int(m, authenticated);	2187	buffer_put_int(m, authenticated);
@@ -2156,6 +2194,74 @@ mm_answer_gss_userok(int sock, Buffer *m)
2156	/* Monitor loop will terminate if authenticated */	2194	/* Monitor loop will terminate if authenticated */
2157	return (authenticated);	2195	return (authenticated);
2158	}	2196	}
		2197
		2198	int
		2199	mm_answer_gss_sign(int socket, Buffer *m)
		2200	{
		2201	gss_buffer_desc data;
		2202	gss_buffer_desc hash = GSS_C_EMPTY_BUFFER;
		2203	OM_uint32 major, minor;
		2204	u_int len;
		2205
		2206	if (!options.gss_authentication && !options.gss_keyex)
		2207	fatal("In GSSAPI monitor when GSSAPI is disabled");
		2208
		2209	data.value = buffer_get_string(m, &len);
		2210	data.length = len;
		2211	if (data.length != 20)
		2212	fatal("%s: data length incorrect: %d", __func__,
		2213	(int) data.length);
		2214
		2215	/* Save the session ID on the first time around */
		2216	if (session_id2_len == 0) {
		2217	session_id2_len = data.length;
		2218	session_id2 = xmalloc(session_id2_len);
		2219	memcpy(session_id2, data.value, session_id2_len);
		2220	}
		2221	major = ssh_gssapi_sign(gsscontext, &data, &hash);
		2222
		2223	free(data.value);
		2224
		2225	buffer_clear(m);
		2226	buffer_put_int(m, major);
		2227	buffer_put_string(m, hash.value, hash.length);
		2228
		2229	mm_request_send(socket, MONITOR_ANS_GSSSIGN, m);
		2230
		2231	gss_release_buffer(&minor, &hash);
		2232
		2233	/* Turn on getpwnam permissions */
		2234	monitor_permit(mon_dispatch, MONITOR_REQ_PWNAM, 1);
		2235
		2236	/* And credential updating, for when rekeying */
		2237	monitor_permit(mon_dispatch, MONITOR_REQ_GSSUPCREDS, 1);
		2238
		2239	return (0);
		2240	}
		2241
		2242	int
		2243	mm_answer_gss_updatecreds(int socket, Buffer *m) {
		2244	ssh_gssapi_ccache store;
		2245	int ok;
		2246
		2247	store.filename = buffer_get_string(m, NULL);
		2248	store.envvar = buffer_get_string(m, NULL);
		2249	store.envval = buffer_get_string(m, NULL);
		2250
		2251	ok = ssh_gssapi_update_creds(&store);
		2252
		2253	free(store.filename);
		2254	free(store.envvar);
		2255	free(store.envval);
		2256
		2257	buffer_clear(m);
		2258	buffer_put_int(m, ok);
		2259
		2260	mm_request_send(socket, MONITOR_ANS_GSSUPCREDS, m);
		2261
		2262	return(0);
		2263	}
		2264
2159	#endif /* GSSAPI */	2265	#endif /* GSSAPI */
2160		2266
2161	#ifdef JPAKE	2267	#ifdef JPAKE