Blame SOURCES/Mark-deprecated-enctypes-when-used.patch

5385de
From 6306a2a8697c94f968a02d66204f7d357aa0e7f6 Mon Sep 17 00:00:00 2001
1d2312
From: Robbie Harwood <rharwood@redhat.com>
1d2312
Date: Thu, 10 Jan 2019 16:34:54 -0500
1d2312
Subject: [PATCH] Mark deprecated enctypes when used
1d2312
1d2312
Preface ETYPE_DEPRECATED enctypes with "DEPRECATED:" in klist output,
1d2312
KDC logs, and kadmin interactions.  Also complain in krb5kdc when the
1d2312
stash file has a deprecated enctype or a deprecated enctype is
1d2312
requested with -k.
1d2312
1d2312
ticket: 8773 (new)
1d2312
(cherry picked from commit 8d8e68283b599e680f9fe45eff8af397e827bd6c)
1d2312
---
1d2312
 src/clients/klist/klist.c      | 14 ++++++++++----
1d2312
 src/kadmin/cli/kadmin.c        |  6 +++++-
1d2312
 src/kdc/kdc_util.c             |  9 +++++++++
1d2312
 src/kdc/main.c                 | 19 +++++++++++++++++++
1d2312
 src/tests/gssapi/t_enctypes.py | 15 +++++++++------
1d2312
 src/tests/t_keyrollover.py     |  8 +++++---
1d2312
 src/tests/t_sesskeynego.py     |  4 ++--
1d2312
 7 files changed, 59 insertions(+), 16 deletions(-)
1d2312
1d2312
diff --git a/src/clients/klist/klist.c b/src/clients/klist/klist.c
1d2312
index 70adb54e8..8c307151a 100644
1d2312
--- a/src/clients/klist/klist.c
1d2312
+++ b/src/clients/klist/klist.c
1d2312
@@ -571,11 +571,17 @@ static char *
1d2312
 etype_string(krb5_enctype enctype)
1d2312
 {
1d2312
     static char buf[100];
1d2312
-    krb5_error_code ret;
1d2312
+    char *bp = buf;
1d2312
+    size_t deplen, buflen = sizeof(buf);
1d2312
 
1d2312
-    ret = krb5_enctype_to_name(enctype, FALSE, buf, sizeof(buf));
1d2312
-    if (ret)
1d2312
-        snprintf(buf, sizeof(buf), "etype %d", enctype);
1d2312
+    if (krb5int_c_deprecated_enctype(enctype)) {
1d2312
+        deplen = strlcpy(bp, "DEPRECATED:", buflen);
1d2312
+        buflen -= deplen;
1d2312
+        bp += deplen;
1d2312
+    }
1d2312
+
1d2312
+    if (krb5_enctype_to_name(enctype, FALSE, bp, buflen))
1d2312
+        snprintf(bp, buflen, "etype %d", enctype);
1d2312
     return buf;
1d2312
 }
1d2312
 
1d2312
diff --git a/src/kadmin/cli/kadmin.c b/src/kadmin/cli/kadmin.c
1d2312
index ed581ee79..cc74921bf 100644
1d2312
--- a/src/kadmin/cli/kadmin.c
1d2312
+++ b/src/kadmin/cli/kadmin.c
1d2312
@@ -1451,12 +1451,16 @@ kadmin_getprinc(int argc, char *argv[])
1d2312
         for (i = 0; i < dprinc.n_key_data; i++) {
1d2312
             krb5_key_data *key_data = &dprinc.key_data[i];
1d2312
             char enctype[BUFSIZ], salttype[BUFSIZ];
1d2312
+            char *deprecated = "";
1d2312
 
1d2312
             if (krb5_enctype_to_name(key_data->key_data_type[0], FALSE,
1d2312
                                      enctype, sizeof(enctype)))
1d2312
                 snprintf(enctype, sizeof(enctype), _("<Encryption type 0x%x>"),
1d2312
                          key_data->key_data_type[0]);
1d2312
-            printf("Key: vno %d, %s", key_data->key_data_kvno, enctype);
1d2312
+            if (krb5int_c_deprecated_enctype(key_data->key_data_type[0]))
1d2312
+                deprecated = "DEPRECATED:";
1d2312
+            printf("Key: vno %d, %s%s", key_data->key_data_kvno, deprecated,
1d2312
+                   enctype);
1d2312
             if (key_data->key_data_ver > 1 &&
1d2312
                 key_data->key_data_type[1] != KRB5_KDB_SALTTYPE_NORMAL) {
1d2312
                 if (krb5_salttype_to_string(key_data->key_data_type[1],
1d2312
diff --git a/src/kdc/kdc_util.c b/src/kdc/kdc_util.c
1d2312
index f5c581c82..96c88edc1 100644
1d2312
--- a/src/kdc/kdc_util.c
1d2312
+++ b/src/kdc/kdc_util.c
1d2312
@@ -1048,11 +1048,20 @@ static krb5_error_code
1d2312
 enctype_name(krb5_enctype ktype, char *buf, size_t buflen)
1d2312
 {
1d2312
     char *name;
1d2312
+    size_t len;
1d2312
 
1d2312
     if (buflen == 0)
1d2312
         return EINVAL;
1d2312
     *buf = '\0'; /* ensure these are always valid C-strings */
1d2312
 
1d2312
+    if (krb5int_c_deprecated_enctype(ktype)) {
1d2312
+        len = strlcpy(buf, "DEPRECATED:", buflen);
1d2312
+        if (len >= buflen)
1d2312
+            return ENOMEM;
1d2312
+        buflen -= len;
1d2312
+        buf += len;
1d2312
+    }
1d2312
+
1d2312
     /* rfc4556 recommends that clients wishing to indicate support for these
1d2312
      * pkinit algorithms include them in the etype field of the AS-REQ. */
1d2312
     if (ktype == ENCTYPE_DSA_SHA1_CMS)
1d2312
diff --git a/src/kdc/main.c b/src/kdc/main.c
1d2312
index 663fd6303..60092a0df 100644
1d2312
--- a/src/kdc/main.c
1d2312
+++ b/src/kdc/main.c
1d2312
@@ -210,12 +210,23 @@ init_realm(kdc_realm_t * rdp, krb5_pointer aprof, char *realm,
1d2312
     char                *svalue = NULL;
1d2312
     const char          *hierarchy[4];
1d2312
     krb5_kvno       mkvno = IGNORE_VNO;
1d2312
+    char ename[32];
1d2312
 
1d2312
     memset(rdp, 0, sizeof(kdc_realm_t));
1d2312
     if (!realm) {
1d2312
         kret = EINVAL;
1d2312
         goto whoops;
1d2312
     }
1d2312
+
1d2312
+    if (def_enctype != ENCTYPE_UNKNOWN &&
1d2312
+        krb5int_c_deprecated_enctype(def_enctype)) {
1d2312
+        if (krb5_enctype_to_name(def_enctype, FALSE, ename, sizeof(ename)))
1d2312
+            ename[0] = '\0';
1d2312
+        fprintf(stderr,
1d2312
+                _("Requested master password enctype %s in %s is DEPRECATED!"),
1d2312
+                ename, realm);
1d2312
+    }
1d2312
+
1d2312
     hierarchy[0] = KRB5_CONF_REALMS;
1d2312
     hierarchy[1] = realm;
1d2312
     hierarchy[3] = NULL;
1d2312
@@ -370,6 +381,14 @@ init_realm(kdc_realm_t * rdp, krb5_pointer aprof, char *realm,
1d2312
         goto whoops;
1d2312
     }
1d2312
 
1d2312
+    if (krb5int_c_deprecated_enctype(rdp->realm_mkey.enctype)) {
1d2312
+        if (krb5_enctype_to_name(rdp->realm_mkey.enctype, FALSE, ename,
1d2312
+                                 sizeof(ename)))
1d2312
+            ename[0] = '\0';
1d2312
+        fprintf(stderr, _("Stash file %s uses DEPRECATED enctype %s!"),
1d2312
+                rdp->realm_stash, ename);
1d2312
+    }
1d2312
+
1d2312
     if ((kret = krb5_db_fetch_mkey_list(rdp->realm_context, rdp->realm_mprinc,
1d2312
                                         &rdp->realm_mkey))) {
1d2312
         kdc_err(rdp->realm_context, kret,
1d2312
diff --git a/src/tests/gssapi/t_enctypes.py b/src/tests/gssapi/t_enctypes.py
1d2312
index 5d9f80e04..ca3d32d21 100755
1d2312
--- a/src/tests/gssapi/t_enctypes.py
1d2312
+++ b/src/tests/gssapi/t_enctypes.py
1d2312
@@ -9,8 +9,11 @@ from k5test import *
1d2312
 aes256 = 'aes256-cts-hmac-sha1-96'
1d2312
 aes128 = 'aes128-cts-hmac-sha1-96'
1d2312
 des3 = 'des3-cbc-sha1'
1d2312
+d_des3 = 'DEPRECATED:des3-cbc-sha1'
1d2312
 des3raw = 'des3-cbc-raw'
1d2312
+d_des3raw = 'DEPRECATED:des3-cbc-raw'
1d2312
 rc4 = 'arcfour-hmac'
1d2312
+d_rc4 = 'DEPRECATED:arcfour-hmac'
1d2312
 
1d2312
 # These tests make assumptions about the default enctype lists, so set
1d2312
 # them explicitly rather than relying on the library defaults.
1d2312
@@ -92,7 +95,7 @@ test_err('acc aes128', None, 'aes128-cts',
1d2312
 # no acceptor subkey will be generated because we can't upgrade to a
1d2312
 # CFX enctype.
1d2312
 test('init des3', 'des3', None,
1d2312
-     tktenc=aes256, tktsession=des3,
1d2312
+     tktenc=aes256, tktsession=d_des3,
1d2312
      proto='rfc1964', isubkey=des3raw, asubkey=None)
1d2312
 
1d2312
 # Force the ticket session key to be rc4, so we can test some subkey
1d2312
@@ -103,7 +106,7 @@ realm.run([kadminl, 'setstr', realm.host_princ, 'session_enctypes', 'rc4'])
1d2312
 # [aes256 aes128 des3] and the acceptor should upgrade to an aes256
1d2312
 # subkey.
1d2312
 test('upgrade noargs', None, None,
1d2312
-     tktenc=aes256, tktsession=rc4,
1d2312
+     tktenc=aes256, tktsession=d_rc4,
1d2312
      proto='cfx', isubkey=rc4, asubkey=aes256)
1d2312
 
1d2312
 # If the initiator won't permit rc4 as a session key, it won't be able
1d2312
@@ -113,14 +116,14 @@ test_err('upgrade init aes', 'aes', None, 'no support for encryption type')
1d2312
 # If the initiator permits rc4 but prefers aes128, it will send an
1d2312
 # upgrade list of [aes128] and the acceptor will upgrade to aes128.
1d2312
 test('upgrade init aes128+rc4', 'aes128-cts rc4', None,
1d2312
-     tktenc=aes256, tktsession=rc4,
1d2312
+     tktenc=aes256, tktsession=d_rc4,
1d2312
      proto='cfx', isubkey=rc4, asubkey=aes128)
1d2312
 
1d2312
 # If the initiator permits rc4 but prefers des3, it will send an
1d2312
 # upgrade list of [des3], but the acceptor won't generate a subkey
1d2312
 # because des3 isn't a CFX enctype.
1d2312
 test('upgrade init des3+rc4', 'des3 rc4', None,
1d2312
-     tktenc=aes256, tktsession=rc4,
1d2312
+     tktenc=aes256, tktsession=d_rc4,
1d2312
      proto='rfc1964', isubkey=rc4, asubkey=None)
1d2312
 
1d2312
 # If the acceptor permits only aes128, subkey negotiation will fail
1d2312
@@ -134,14 +137,14 @@ test_err('upgrade acc aes128', None, 'aes128-cts',
1d2312
 # If the acceptor permits rc4 but prefers aes128, it will negotiate an
1d2312
 # upgrade to aes128.
1d2312
 test('upgrade acc aes128 rc4', None, 'aes128-cts rc4',
1d2312
-     tktenc=aes256, tktsession=rc4,
1d2312
+     tktenc=aes256, tktsession=d_rc4,
1d2312
      proto='cfx', isubkey=rc4, asubkey=aes128)
1d2312
 
1d2312
 # In this test, the initiator and acceptor each prefer an AES enctype
1d2312
 # to rc4, but they can't agree on which one, so no subkey is
1d2312
 # generated.
1d2312
 test('upgrade mismatch', 'aes128-cts rc4', 'aes256-cts rc4',
1d2312
-     tktenc=aes256, tktsession=rc4,
1d2312
+     tktenc=aes256, tktsession=d_rc4,
1d2312
      proto='rfc1964', isubkey=rc4, asubkey=None)
1d2312
 
1d2312
 success('gss_krb5_set_allowable_enctypes tests')
1d2312
diff --git a/src/tests/t_keyrollover.py b/src/tests/t_keyrollover.py
1d2312
index 7c8d828f0..4af6804f2 100755
1d2312
--- a/src/tests/t_keyrollover.py
1d2312
+++ b/src/tests/t_keyrollover.py
1d2312
@@ -22,8 +22,9 @@ realm.run([kvno, princ1])
1d2312
 realm.run([kadminl, 'purgekeys', realm.krbtgt_princ])
1d2312
 # Make sure an old TGT fails after purging old TGS key.
1d2312
 realm.run([kvno, princ2], expected_code=1)
1d2312
-msg = 'krbtgt/%s@%s\n\tEtype (skey, tkt): des-cbc-crc, des-cbc-crc' % \
1d2312
-    (realm.realm, realm.realm)
1d2312
+ddes = "DEPRECATED:des-cbc-crc"
1d2312
+msg = 'krbtgt/%s@%s\n\tEtype (skey, tkt): %s, %s' % \
1d2312
+    (realm.realm, realm.realm, ddes, ddes)
1d2312
 realm.run([klist, '-e'], expected_msg=msg)
1d2312
 
1d2312
 # Check that new key actually works.
1d2312
@@ -48,7 +49,8 @@ realm.run([kadminl, 'cpw', '-randkey', '-keepold', '-e', 'aes256-cts',
1d2312
            realm.krbtgt_princ])
1d2312
 realm.run([kadminl, 'modprinc', '-kvno', '1', realm.krbtgt_princ])
1d2312
 out = realm.run([kadminl, 'getprinc', realm.krbtgt_princ])
1d2312
-if 'vno 1, aes256' not in out or 'vno 1, des3' not in out:
1d2312
+if 'vno 1, aes256-cts' not in out or \
1d2312
+   'vno 1, DEPRECATED:des3-cbc-sha1' not in out:
1d2312
     fail('keyrollover: setup for TGS enctype test failed')
1d2312
 # Now present the DES3 ticket to the KDC and make sure it's rejected.
1d2312
 realm.run([kvno, realm.host_princ], expected_code=1)
1d2312
diff --git a/src/tests/t_sesskeynego.py b/src/tests/t_sesskeynego.py
1d2312
index 448092387..da02f224a 100755
1d2312
--- a/src/tests/t_sesskeynego.py
1d2312
+++ b/src/tests/t_sesskeynego.py
1d2312
@@ -62,11 +62,11 @@ test_kvno(realm, 'aes128-cts-hmac-sha1-96', 'aes256-cts-hmac-sha1-96')
1d2312
 # 3b: Negotiate rc4-hmac session key when principal only has aes256 long-term.
1d2312
 realm.run([kadminl, 'setstr', 'server', 'session_enctypes',
1d2312
            'rc4-hmac,aes128-cts,aes256-cts'])
1d2312
-test_kvno(realm, 'arcfour-hmac', 'aes256-cts-hmac-sha1-96')
1d2312
+test_kvno(realm, 'DEPRECATED:arcfour-hmac', 'aes256-cts-hmac-sha1-96')
1d2312
 
1d2312
 # 3c: Test des-cbc-crc default assumption.
1d2312
 realm.run([kadminl, 'delstr', 'server', 'session_enctypes'])
1d2312
-test_kvno(realm, 'des-cbc-crc', 'aes256-cts-hmac-sha1-96')
1d2312
+test_kvno(realm, 'DEPRECATED:des-cbc-crc', 'aes256-cts-hmac-sha1-96')
1d2312
 realm.stop()
1d2312
 
1d2312
 # Last go: test that we can disable the des-cbc-crc assumption