Try decrypting using session key if subkey fails in tgs rep handling
authorSam Hartman <hartmans@mit.edu>
Thu, 7 May 2009 20:35:28 +0000 (20:35 +0000)
committerSam Hartman <hartmans@mit.edu>
Thu, 7 May 2009 20:35:28 +0000 (20:35 +0000)
Heimdal at least up through 1.2 incorrectly encrypts the TGS response
in the session key not the subkey when a subkey is supplied.  See RFC
4120 page 35.  Work around this by trying decryption using the session
key after the subkey fails.

* decode_kdc_rep.c: rename to krb5int_decode_tgs_rep; only used for
  TGS and now needs to take keyusage
* gc_via_tkt: pass in session key and appropriate usage if subkey
  fails.

Note that the dead code to process AS responses in decode_kdc_rep is
not removed by this commit.  That will be removed as FAST TGS client
support is integrated post 1.7.

ticket: 6484
Tags: pullup
Target_Version: 1.7

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22325 dc483132-0cff-0310-8789-dd5450dbe970

src/include/k5-int.h
src/lib/krb5/krb/decode_kdc.c
src/lib/krb5/krb/gc_via_tkt.c
src/lib/krb5/libkrb5.exports

index de391a7d95cd7f27c535e18c4e5e071db55634fc..be3d1a9bf2145997488654b2c2abb13126d9551c 100644 (file)
@@ -2613,10 +2613,10 @@ krb5_error_code krb5int_send_tgs
                 * in with the subkey needed to decrypt the TGS
                 * response. Otherwise it will be set to null.
                 */
-krb5_error_code krb5_decode_kdc_rep
+krb5_error_code krb5int_decode_tgs_rep
        (krb5_context,
                krb5_data *,
-         const krb5_keyblock *,
+        const krb5_keyblock *, krb5_keyusage,
                krb5_kdc_rep ** );
 krb5_error_code krb5int_find_authdata
 (krb5_context context, krb5_authdata *const * ticket_authdata,
index a75bbf26652f6a8636c2ee2e61cd0e6968e1b922..689e2a2419d11348fb7135e00af4ca3902e2a370 100644 (file)
  */
 
 krb5_error_code
-krb5_decode_kdc_rep(krb5_context context, krb5_data *enc_rep, const krb5_keyblock *key, krb5_kdc_rep **dec_rep)
+krb5int_decode_tgs_rep(krb5_context context, krb5_data *enc_rep, const krb5_keyblock *key,
+                      krb5_keyusage usage, krb5_kdc_rep **dec_rep)
 {
     krb5_error_code retval;
     krb5_kdc_rep *local_dec_rep;
-    krb5_keyusage usage;
 
     if (krb5_is_as_rep(enc_rep)) {
-       usage = KRB5_KEYUSAGE_AS_REP_ENCPART;
        retval = decode_krb5_as_rep(enc_rep, &local_dec_rep);
     } else if (krb5_is_tgs_rep(enc_rep)) {
-       usage = KRB5_KEYUSAGE_TGS_REP_ENCPART_SUBKEY;
        retval = decode_krb5_tgs_rep(enc_rep, &local_dec_rep);
     } else {
        return KRB5KRB_AP_ERR_MSG_TYPE;
index e8dbd97fecacb69edcdb89dd93a4e1c22e298163..83c8026fcdafb181a207cdf17f86ce1aaa5043f8 100644 (file)
@@ -290,9 +290,17 @@ krb5_get_cred_via_tkt (krb5_context context, krb5_creds *tkt,
        goto error_4;
     }
 
-    if ((retval = krb5_decode_kdc_rep(context, &tgsrep.response,
-                                     subkey, &dec_rep)))
-       goto error_4;
+    /* Unfortunately, Heimdal at least up through 1.2  encrypts using
+       the session key not the subsession key.  So we try both. */
+    if ((retval = krb5int_decode_tgs_rep(context, &tgsrep.response,
+                                     subkey,
+                                        KRB5_KEYUSAGE_TGS_REP_ENCPART_SUBKEY, &dec_rep))) {
+           if ((krb5int_decode_tgs_rep(context, &tgsrep.response,
+                                     &tkt->keyblock,
+                                       KRB5_KEYUSAGE_TGS_REP_ENCPART_SESSKEY, &dec_rep)) == 0)
+               retval = 0;
+           else goto error_4;
+    }
 
     if (dec_rep->msg_type != KRB5_TGS_REP) {
        retval = KRB5KRB_AP_ERR_MSG_TYPE;
index 45e5002f099c3c82f6ca512d23fe971b4d6b7c3f..bd50fddb56b22990a0149f7a0c4e3e16ec56efca 100644 (file)
@@ -185,7 +185,6 @@ krb5_copy_ticket
 krb5_create_secure_file
 krb5_crypto_us_timeofday
 krb5_decode_authdata_container
-krb5_decode_kdc_rep
 krb5_decode_ticket
 krb5_decrypt_tkt_part
 krb5_default_pwd_prompt1