From 508e90e51619c79d2680eaeca754d516c7f88fdf Mon Sep 17 00:00:00 2001 From: Tom Yu Date: Sat, 10 May 2003 00:01:04 +0000 Subject: [PATCH] Rename the local_subkey and remote_subkey fields in the auth_context to send_subkey and recv_subkey, respectively. Add new APIs to query and set these fields. Change the behavior of mk_req_ext, rd_req_dec, and rd_rep to set both subkeys. Applications wanting to set unidirectional subkeys may still do so by saving the values of subkeys and doing overrides. Cause mk_cred, mk_priv, and mk_safe to never use the recv_subkey. Cause rd_cred, rd_priv, and rd_safe to never use the send_subkey. ticket: 1415 status: open tags: pullup target_version: 1.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15407 dc483132-0cff-0310-8789-dd5450dbe970 --- src/appl/bsd/ChangeLog | 12 +++++ src/appl/bsd/krcp.c | 12 ++--- src/appl/bsd/krlogin.c | 4 +- src/appl/bsd/krlogind.c | 2 +- src/appl/bsd/krsh.c | 4 +- src/appl/bsd/krshd.c | 4 +- src/appl/telnet/libtelnet/ChangeLog | 6 +++ src/appl/telnet/libtelnet/kerberos5.c | 4 +- src/include/ChangeLog | 7 +++ src/include/krb5.hin | 24 ++++++++-- src/kdc/ChangeLog | 5 ++ src/kdc/kdc_util.c | 4 +- src/lib/ChangeLog | 6 +++ src/lib/gssapi/krb5/ChangeLog | 8 ++++ src/lib/gssapi/krb5/accept_sec_context.c | 8 ++-- src/lib/gssapi/krb5/init_sec_context.c | 4 +- src/lib/krb5/krb/ChangeLog | 35 ++++++++++++++ src/lib/krb5/krb/auth_con.c | 54 +++++++++++++++++---- src/lib/krb5/krb/auth_con.h | 4 +- src/lib/krb5/krb/chpw.c | 61 +++++++++++++++--------- src/lib/krb5/krb/mk_cred.c | 5 +- src/lib/krb5/krb/mk_priv.c | 5 +- src/lib/krb5/krb/mk_req_ext.c | 13 +++-- src/lib/krb5/krb/mk_safe.c | 5 +- src/lib/krb5/krb/rd_cred.c | 5 +- src/lib/krb5/krb/rd_priv.c | 5 +- src/lib/krb5/krb/rd_rep.c | 10 +++- src/lib/krb5/krb/rd_req_dec.c | 12 ++++- src/lib/krb5/krb/rd_safe.c | 5 +- src/lib/krb5/krb/ser_actx.c | 28 +++++------ src/lib/krb5_32.def | 4 ++ src/mac/MacOSX/Projects/Kerberos5.pbexp | 4 ++ 32 files changed, 270 insertions(+), 99 deletions(-) diff --git a/src/appl/bsd/ChangeLog b/src/appl/bsd/ChangeLog index a6419495a..274d2bdfb 100644 --- a/src/appl/bsd/ChangeLog +++ b/src/appl/bsd/ChangeLog @@ -1,3 +1,15 @@ +2003-05-09 Tom Yu + + * krcp.c (main): Rename getlocalsubkey -> getsendsubkey. + + * krlogin.c (main): Rename getlocalsubkey -> getsendsubkey. + + * krlogind.c (recvauth): Rename getremotesubkey -> getrecvsubkey. + + * krsh.c (main): Rename getlocalsubkey -> getsendsubkey. + + * krshd.c (recvauth): Rename getremotesubkey -> getrecvsubkey. + 2003-04-08 Ken Raeburn * krshd.c (main): Use LOG_AUTH syslog facility, not LOG_DAEMON, diff --git a/src/appl/bsd/krcp.c b/src/appl/bsd/krcp.c index 5ad6a25a1..707985a5a 100644 --- a/src/appl/bsd/krcp.c +++ b/src/appl/bsd/krcp.c @@ -480,9 +480,9 @@ int main(argc, argv) try_normal(orig_argv); /* doesn't return */ if (!similar) { - status = krb5_auth_con_getlocalsubkey (bsd_context, - auth_context, - &key); + status = krb5_auth_con_getsendsubkey (bsd_context, + auth_context, + &key); if ((status || !key) && encryptflag) try_normal(orig_argv); } @@ -599,9 +599,9 @@ int main(argc, argv) krb5_keyblock *key = &cred->keyblock; if (kcmd_proto == KCMD_NEW_PROTOCOL) { - status = krb5_auth_con_getlocalsubkey (bsd_context, - auth_context, - &key); + status = krb5_auth_con_getsendsubkey (bsd_context, + auth_context, + &key); if (status) { com_err (argv[0], status, "determining subkey for session"); diff --git a/src/appl/bsd/krlogin.c b/src/appl/bsd/krlogin.c index c497dc2fb..a1e63a645 100644 --- a/src/appl/bsd/krlogin.c +++ b/src/appl/bsd/krlogin.c @@ -702,8 +702,8 @@ main(argc, argv) if (kcmd_proto == KCMD_NEW_PROTOCOL) { do_inband = 1; - status = krb5_auth_con_getlocalsubkey (bsd_context, auth_context, - &key); + status = krb5_auth_con_getsendsubkey (bsd_context, auth_context, + &key); if ((status || !key) && encrypt_flag) try_normal(orig_argv); } diff --git a/src/appl/bsd/krlogind.c b/src/appl/bsd/krlogind.c index 82e560143..d2979e141 100644 --- a/src/appl/bsd/krlogind.c +++ b/src/appl/bsd/krlogind.c @@ -1537,7 +1537,7 @@ recvauth(valid_checksum) return status; key = 0; - status = krb5_auth_con_getremotesubkey (bsd_context, auth_context, &key); + status = krb5_auth_con_getrecvsubkey (bsd_context, auth_context, &key); if (status) fatal (netf, "Server can't get session subkey"); if (!key && do_encrypt && kcmd_proto == KCMD_NEW_PROTOCOL) diff --git a/src/appl/bsd/krsh.c b/src/appl/bsd/krsh.c index 3f8273ec0..bd9c20572 100644 --- a/src/appl/bsd/krsh.c +++ b/src/appl/bsd/krsh.c @@ -411,8 +411,8 @@ main(argc, argv0) krb5_keyblock *key = &cred->keyblock; if (kcmd_proto == KCMD_NEW_PROTOCOL) { - status = krb5_auth_con_getlocalsubkey (bsd_context, auth_context, - &key); + status = krb5_auth_con_getsendsubkey (bsd_context, auth_context, + &key); if (status) { com_err (argv[0], status, "determining subkey for session"); exit (1); diff --git a/src/appl/bsd/krshd.c b/src/appl/bsd/krshd.c index adad7ea2f..d625d8bd9 100644 --- a/src/appl/bsd/krshd.c +++ b/src/appl/bsd/krshd.c @@ -1962,8 +1962,8 @@ recvauth(netfd, peersin, valid_checksum) { krb5_keyblock *key; - status = krb5_auth_con_getremotesubkey (bsd_context, auth_context, - &key); + status = krb5_auth_con_getrecvsubkey (bsd_context, auth_context, + &key); if (status) fatal (netfd, "Server can't get session subkey"); if (!key && do_encrypt && kcmd_proto == KCMD_NEW_PROTOCOL) diff --git a/src/appl/telnet/libtelnet/ChangeLog b/src/appl/telnet/libtelnet/ChangeLog index ea46e4fb8..4f9de7ade 100644 --- a/src/appl/telnet/libtelnet/ChangeLog +++ b/src/appl/telnet/libtelnet/ChangeLog @@ -1,3 +1,9 @@ +2003-05-09 Tom Yu + + * kerberos5.c (kerberos5_send): Rename getlocalsubkey -> + getsendsubkey. + (kerberos5_is): Rename getremotesubkey -> getrecvsubkey. + 2003-04-10 Tom Yu * Makefile.in: Use library build framework. diff --git a/src/appl/telnet/libtelnet/kerberos5.c b/src/appl/telnet/libtelnet/kerberos5.c index 59982d3bf..ad36aedda 100644 --- a/src/appl/telnet/libtelnet/kerberos5.c +++ b/src/appl/telnet/libtelnet/kerberos5.c @@ -327,7 +327,7 @@ kerberos5_send(ap) &check_data, new_creds, &auth); #ifdef ENCRYPTION - krb5_auth_con_getlocalsubkey(telnet_context, auth_context, &newkey); + krb5_auth_con_getsendsubkey(telnet_context, auth_context, &newkey); if (session_key) { krb5_free_keyblock(telnet_context, session_key); session_key = 0; @@ -552,7 +552,7 @@ kerberos5_is(ap, data, cnt) if (name) free(name); - krb5_auth_con_getremotesubkey(telnet_context, auth_context, + krb5_auth_con_getrecvsubkey(telnet_context, auth_context, &newkey); if (session_key) { krb5_free_keyblock(telnet_context, session_key); diff --git a/src/include/ChangeLog b/src/include/ChangeLog index 8ae6cd178..327e3e397 100644 --- a/src/include/ChangeLog +++ b/src/include/ChangeLog @@ -1,3 +1,10 @@ +2003-05-09 Tom Yu + + * krb5.hin: Add krb5_auth_con_getsendsubkey, + krb5_auth_con_getrecvsubkey, krb5_auth_con_setsendsubkey, + krb5_auth_con_setrecvsubkey. Mark krb5_auth_con_getlocalsubkey + and krb5_auth_con_getremotesubkey as deprecated. + 2003-05-06 Sam Hartman * k5-int.h: Add s2kparams to diff --git a/src/include/krb5.hin b/src/include/krb5.hin index d43647dd4..c1f66cb3e 100644 --- a/src/include/krb5.hin +++ b/src/include/krb5.hin @@ -2148,11 +2148,30 @@ krb5_error_code KRB5_CALLCONV krb5_auth_con_getkey krb5_auth_context, krb5_keyblock **); +krb5_error_code KRB5_CALLCONV krb5_auth_con_getsendsubkey( + krb5_context, krb5_auth_context, krb5_keyblock **); + +krb5_error_code KRB5_CALLCONV krb5_auth_con_getrecvsubkey( + krb5_context, krb5_auth_context, krb5_keyblock **); + +krb5_error_code KRB5_CALLCONV krb5_auth_con_setsendsubkey( + krb5_context, krb5_auth_context, krb5_keyblock *); + +krb5_error_code KRB5_CALLCONV krb5_auth_con_setrecvsubkey( + krb5_context, krb5_auth_context, krb5_keyblock *); + +#if KRB5_DEPRECATED krb5_error_code KRB5_CALLCONV krb5_auth_con_getlocalsubkey (krb5_context, krb5_auth_context, krb5_keyblock **); +krb5_error_code KRB5_CALLCONV krb5_auth_con_getremotesubkey + (krb5_context, + krb5_auth_context, + krb5_keyblock **); +#endif + #if KRB5_PRIVATE krb5_error_code KRB5_CALLCONV krb5_auth_con_set_req_cksumtype (krb5_context, @@ -2220,11 +2239,6 @@ krb5_error_code KRB5_CALLCONV krb5_auth_con_getauthenticator krb5_auth_context, krb5_authenticator **); -krb5_error_code KRB5_CALLCONV krb5_auth_con_getremotesubkey - (krb5_context, - krb5_auth_context, - krb5_keyblock **); - #define KRB5_REALM_BRANCH_CHAR '.' /* diff --git a/src/kdc/ChangeLog b/src/kdc/ChangeLog index 132da96af..bf28f9c93 100644 --- a/src/kdc/ChangeLog +++ b/src/kdc/ChangeLog @@ -1,3 +1,8 @@ +2003-05-09 Tom Yu + + * kdc_util.c (kdc_process_tgs_req): Rename getremotesubkey -> + getrecvsubkey. + 2003-05-07 Sam Hartman * kdc_preauth.c (get_etype_info): Patch from Sun to reorganize diff --git a/src/kdc/kdc_util.c b/src/kdc/kdc_util.c index 9e9aa3f98..753f84a0a 100644 --- a/src/kdc/kdc_util.c +++ b/src/kdc/kdc_util.c @@ -313,8 +313,8 @@ kdc_process_tgs_req(krb5_kdc_req *request, const krb5_fulladdr *from, goto cleanup_auth_context; } - if ((retval = krb5_auth_con_getremotesubkey(kdc_context, - auth_context, subkey))) + if ((retval = krb5_auth_con_getrecvsubkey(kdc_context, + auth_context, subkey))) goto cleanup_auth_context; if ((retval = krb5_auth_con_getauthenticator(kdc_context, auth_context, diff --git a/src/lib/ChangeLog b/src/lib/ChangeLog index fb8704392..2a1601859 100644 --- a/src/lib/ChangeLog +++ b/src/lib/ChangeLog @@ -1,3 +1,9 @@ +2003-05-09 Tom Yu + + * krb5_32.def: Add krb5_auth_con_getrecvsubkey, + krb5_auth_con_getsendsubkey, krb5_auth_con_setrecvsubkey, + krb5_auth_con_setsendsubkey. + 2003-04-15 Sam Hartman * krb5_32.def: Add krb5_set_password and krb5_set_password_using_ccache diff --git a/src/lib/gssapi/krb5/ChangeLog b/src/lib/gssapi/krb5/ChangeLog index 47f718d16..008821022 100644 --- a/src/lib/gssapi/krb5/ChangeLog +++ b/src/lib/gssapi/krb5/ChangeLog @@ -1,3 +1,11 @@ +2003-05-09 Tom Yu + + * accept_sec_context.c (krb5_gss_accept_sec_context): Rename + remote_subkey -> recv_subkey. + + * init_sec_context.c (krb5_gss_init_sec_context): Rename + local_subkey -> send_subkey. + 2003-03-14 Sam Hartman * accept_sec_context.c (krb5_gss_accept_sec_context): Set diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c index a004acb22..4cc0651af 100644 --- a/src/lib/gssapi/krb5/accept_sec_context.c +++ b/src/lib/gssapi/krb5/accept_sec_context.c @@ -101,8 +101,8 @@ rd_and_store_for_creds(context, auth_context, inbuf, out_cred) * By the time krb5_rd_cred is called here (after krb5_rd_req has been * called in krb5_gss_accept_sec_context), the "keyblock" field of * auth_context contains a pointer to the session key, and the - * "remote_subkey" field might contain a session subkey. Either of - * these (the "remote_subkey" if it isn't NULL, otherwise the + * "recv_subkey" field might contain a session subkey. Either of + * these (the "recv_subkey" if it isn't NULL, otherwise the * "keyblock") might have been used to encrypt the encrypted part of * the KRB_CRED message that contains the forwarded credentials. (The * Java Crypto and Security Implementation from the DSTC in Australia @@ -592,8 +592,8 @@ krb5_gss_accept_sec_context(minor_status, context_handle, goto fail; } - if ((code = krb5_auth_con_getremotesubkey(context, auth_context, - &ctx->subkey))) { + if ((code = krb5_auth_con_getrecvsubkey(context, auth_context, + &ctx->subkey))) { major_status = GSS_S_FAILURE; goto fail; } diff --git a/src/lib/gssapi/krb5/init_sec_context.c b/src/lib/gssapi/krb5/init_sec_context.c index ba630f1eb..ed3631152 100644 --- a/src/lib/gssapi/krb5/init_sec_context.c +++ b/src/lib/gssapi/krb5/init_sec_context.c @@ -572,8 +572,8 @@ krb5_gss_init_sec_context(minor_status, claimant_cred_handle, krb5_auth_con_getlocalseqnumber(context, ctx->auth_context, &ctx->seq_send); - krb5_auth_con_getlocalsubkey(context, ctx->auth_context, - &ctx->subkey); + krb5_auth_con_getsendsubkey(context, ctx->auth_context, + &ctx->subkey); /* fill in the encryption descriptors */ diff --git a/src/lib/krb5/krb/ChangeLog b/src/lib/krb5/krb/ChangeLog index 0d46e8eca..62e652d66 100644 --- a/src/lib/krb5/krb/ChangeLog +++ b/src/lib/krb5/krb/ChangeLog @@ -1,3 +1,38 @@ +2003-05-09 Tom Yu + + * auth_con.c (krb5_auth_con_setsendsubkey) + (krb5_auth_con_setrecvsubkey, krb5_auth_con_getsendsubkey) + (krb5_auth_con_getrecvsubkey): New functions. Set or retrieve + subkeys from an auth_context. + (krb5_auth_con_getlocalsubkey, krb5_auth_con_getremotesubkey): + Reimplement in terms of the above. + + * auth_con.h, ser_actx.c: Rename {local,remote}_subkey -> + {send,recv}_subkey. + + * chpw.c (krb5int_rd_chpw_rep): Save send_subkey prior to rd_rep; + use saved send_subkey to smash recv_subkey obtained from rd_rep. + + * mk_req_ext.c (krb5_mk_req_extended): Rename + {local,remote}_subkey -> {send,recv}_subkey. Set both subkeys if + subkey generation is requested. + + * mk_cred.c, mk_priv.c, mk_safe.c: Rename {local,remote}_subkey -> + {send,recv}_subkey. Use either send_subkey or keyblock, in that + order. + + * rd_cred.c, rd_priv.c, rd_safe.c: Rename {local,remote}_subkey -> + {send,recv}_subkey. Use either recv_subkey or keyblock, in that + order. + + * rd_rep.c (krb5_rd_rep): Rename {local,remote}_subkey -> + {send,recv}_subkey. Set both subkeys if a subkey is present in + the AP-REP message. + + * rd_req_dec.c (krb5_rd_req_decoded_opt): Rename + {local,remote}_subkey -> {send,recv}_subkey. Set both subkeys if + a subkey is present in the AP-REQ message. + 2003-05-06 Sam Hartman * kfree.c (krb5_free_etype_info): Free s2kparams diff --git a/src/lib/krb5/krb/auth_con.c b/src/lib/krb5/krb/auth_con.c index 09ccf9808..bc26774a6 100644 --- a/src/lib/krb5/krb/auth_con.c +++ b/src/lib/krb5/krb/auth_con.c @@ -59,10 +59,10 @@ krb5_auth_con_free(krb5_context context, krb5_auth_context auth_context) krb5_free_authenticator(context, auth_context->authentp); if (auth_context->keyblock) krb5_free_keyblock(context, auth_context->keyblock); - if (auth_context->local_subkey) - krb5_free_keyblock(context, auth_context->local_subkey); - if (auth_context->remote_subkey) - krb5_free_keyblock(context, auth_context->remote_subkey); + if (auth_context->send_subkey) + krb5_free_keyblock(context, auth_context->send_subkey); + if (auth_context->recv_subkey) + krb5_free_keyblock(context, auth_context->recv_subkey); if (auth_context->rcache) krb5_rc_close(context, auth_context->rcache); if (auth_context->permitted_etypes) @@ -176,17 +176,53 @@ krb5_auth_con_getkey(krb5_context context, krb5_auth_context auth_context, krb5_ krb5_error_code KRB5_CALLCONV krb5_auth_con_getlocalsubkey(krb5_context context, krb5_auth_context auth_context, krb5_keyblock **keyblock) { - if (auth_context->local_subkey) - return krb5_copy_keyblock(context,auth_context->local_subkey,keyblock); + return krb5_auth_con_getsendsubkey(context, auth_context, keyblock); +} + +krb5_error_code KRB5_CALLCONV +krb5_auth_con_getremotesubkey(krb5_context context, krb5_auth_context auth_context, krb5_keyblock **keyblock) +{ + return krb5_auth_con_getrecvsubkey(context, auth_context, keyblock); +} + +krb5_error_code KRB5_CALLCONV +krb5_auth_con_setsendsubkey(krb5_context ctx, krb5_auth_context ac, krb5_keyblock *keyblock) +{ + if (ac->send_subkey != NULL) + krb5_free_keyblock(ctx, ac->send_subkey); + ac->send_subkey = NULL; + if (keyblock !=NULL) + return krb5_copy_keyblock(ctx, keyblock, &ac->send_subkey); + else + return 0; +} + +krb5_error_code KRB5_CALLCONV +krb5_auth_con_setrecvsubkey(krb5_context ctx, krb5_auth_context ac, krb5_keyblock *keyblock) +{ + if (ac->recv_subkey != NULL) + krb5_free_keyblock(ctx, ac->recv_subkey); + ac->recv_subkey = NULL; + if (keyblock != NULL) + return krb5_copy_keyblock(ctx, keyblock, &ac->recv_subkey); + else + return 0; +} + +krb5_error_code KRB5_CALLCONV +krb5_auth_con_getsendsubkey(krb5_context ctx, krb5_auth_context ac, krb5_keyblock **keyblock) +{ + if (ac->send_subkey != NULL) + return krb5_copy_keyblock(ctx, ac->send_subkey, keyblock); *keyblock = NULL; return 0; } krb5_error_code KRB5_CALLCONV -krb5_auth_con_getremotesubkey(krb5_context context, krb5_auth_context auth_context, krb5_keyblock **keyblock) +krb5_auth_con_getrecvsubkey(krb5_context ctx, krb5_auth_context ac, krb5_keyblock **keyblock) { - if (auth_context->remote_subkey) - return krb5_copy_keyblock(context,auth_context->remote_subkey,keyblock); + if (ac->recv_subkey != NULL) + return krb5_copy_keyblock(ctx, ac->recv_subkey, keyblock); *keyblock = NULL; return 0; } diff --git a/src/lib/krb5/krb/auth_con.h b/src/lib/krb5/krb/auth_con.h index d83d6b86e..1dcfc89e7 100644 --- a/src/lib/krb5/krb/auth_con.h +++ b/src/lib/krb5/krb/auth_con.h @@ -9,8 +9,8 @@ struct _krb5_auth_context { krb5_address * local_addr; krb5_address * local_port; krb5_keyblock * keyblock; - krb5_keyblock * local_subkey; - krb5_keyblock * remote_subkey; + krb5_keyblock * send_subkey; + krb5_keyblock * recv_subkey; krb5_int32 auth_context_flags; krb5_int32 remote_seq_number; diff --git a/src/lib/krb5/krb/chpw.c b/src/lib/krb5/krb/chpw.c index 248c4c88c..f640ce66c 100644 --- a/src/lib/krb5/krb/chpw.c +++ b/src/lib/krb5/krb/chpw.c @@ -120,8 +120,18 @@ krb5int_rd_chpw_rep(krb5_context context, krb5_auth_context auth_context, krb5_d ap_rep.data = ptr; ptr += ap_rep.length; - if ((ret = krb5_rd_rep(context, auth_context, &ap_rep, &ap_rep_enc))) + /* + * Save send_subkey to later smash recv_subkey. + */ + ret = krb5_auth_con_getsendsubkey(context, auth_context, &tmp); + if (ret) + return ret; + + ret = krb5_rd_rep(context, auth_context, &ap_rep, &ap_rep_enc); + if (ret) { + krb5_free_keyblock(context, tmp); return(ret); + } krb5_free_ap_rep_enc_part(context, ap_rep_enc); @@ -130,18 +140,17 @@ krb5int_rd_chpw_rep(krb5_context context, krb5_auth_context auth_context, krb5_d cipherresult.data = ptr; cipherresult.length = (packet->data + packet->length) - ptr; - /* XXX there's no api to do this right. The problem is that - if there's a remote subkey, it will be used. This is - not what the spec requires */ - - tmp = auth_context->remote_subkey; - auth_context->remote_subkey = NULL; + /* + * Smash recv_subkey to be send_subkey, per spec. + */ + ret = krb5_auth_con_setrecvsubkey(context, auth_context, tmp); + krb5_free_keyblock(context, tmp); + if (ret) + return ret; ret = krb5_rd_priv(context, auth_context, &cipherresult, &clearresult, &replay); - auth_context->remote_subkey = tmp; - if (ret) return(ret); } else { @@ -310,6 +319,7 @@ krb5int_rd_setpw_rep( krb5_context context, krb5_auth_context auth_context, krb5 krb5_data cipherresult; krb5_data clearresult; krb5_replay_data replay; + krb5_keyblock *tmpkey; /* ** validate the packet length - */ @@ -381,8 +391,18 @@ krb5int_rd_setpw_rep( krb5_context context, krb5_auth_context auth_context, krb5 ap_rep.data = ptr; ptr += ap_rep.length; - if (ret = krb5_rd_rep(context, auth_context, &ap_rep, &ap_rep_enc)) + /* + * Save send_subkey to later smash recv_subkey. + */ + ret = krb5_auth_con_getsendsubkey(context, auth_context, &tmpkey); + if (ret) + return ret; + + ret = krb5_rd_rep(context, auth_context, &ap_rep, &ap_rep_enc); + if (ret) { + krb5_free_keyblock(context, tmpkey); return(ret); + } krb5_free_ap_rep_enc_part(context, ap_rep_enc); /* @@ -391,19 +411,16 @@ krb5int_rd_setpw_rep( krb5_context context, krb5_auth_context auth_context, krb5 cipherresult.data = ptr; cipherresult.length = (packet->data + packet->length) - ptr; - { - krb5_keyblock *saved_remote_subkey; -/* -** save the remote_subkey, so it doesn't get used when decoding -*/ - saved_remote_subkey = auth_context->remote_subkey; - auth_context->remote_subkey = NULL; - - ret = krb5_rd_priv(context, auth_context, &cipherresult, &clearresult, - NULL); - auth_context->remote_subkey = saved_remote_subkey; - } + /* + * Smash recv_subkey to be send_subkey, per spec. + */ + ret = krb5_auth_con_setrecvsubkey(context, auth_context, tmpkey); + krb5_free_keyblock(context, tmpkey); + if (ret) + return ret; + ret = krb5_rd_priv(context, auth_context, &cipherresult, &clearresult, + NULL); if (ret) return(ret); } /*We got an ap_rep*/ diff --git a/src/lib/krb5/krb/mk_cred.c b/src/lib/krb5/krb/mk_cred.c index 638929861..04248c08d 100644 --- a/src/lib/krb5/krb/mk_cred.c +++ b/src/lib/krb5/krb/mk_cred.c @@ -182,9 +182,8 @@ krb5_mk_ncred(krb5_context context, krb5_auth_context auth_context, krb5_creds * memset(pcred->tickets, 0, sizeof(krb5_ticket *) * (ncred +1)); /* Get keyblock */ - if ((keyblock = auth_context->local_subkey) == NULL) - if ((keyblock = auth_context->remote_subkey) == NULL) - keyblock = auth_context->keyblock; + if ((keyblock = auth_context->send_subkey) == NULL) + keyblock = auth_context->keyblock; /* Get replay info */ if ((auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_DO_TIME) && diff --git a/src/lib/krb5/krb/mk_priv.c b/src/lib/krb5/krb/mk_priv.c index 196b6eea0..efe254ac0 100644 --- a/src/lib/krb5/krb/mk_priv.c +++ b/src/lib/krb5/krb/mk_priv.c @@ -119,9 +119,8 @@ krb5_mk_priv(krb5_context context, krb5_auth_context auth_context, memset((char *) &replaydata, 0, sizeof(krb5_replay_data)); /* Get keyblock */ - if ((keyblock = auth_context->local_subkey) == NULL) - if ((keyblock = auth_context->remote_subkey) == NULL) - keyblock = auth_context->keyblock; + if ((keyblock = auth_context->send_subkey) == NULL) + keyblock = auth_context->keyblock; /* Get replay info */ if ((auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_DO_TIME) && diff --git a/src/lib/krb5/krb/mk_req_ext.c b/src/lib/krb5/krb/mk_req_ext.c index 1ed14a922..91a4f3d1c 100644 --- a/src/lib/krb5/krb/mk_req_ext.c +++ b/src/lib/krb5/krb/mk_req_ext.c @@ -130,7 +130,7 @@ krb5_mk_req_extended(krb5_context context, krb5_auth_context *auth_context, goto cleanup; } - if ((ap_req_options & AP_OPTS_USE_SUBKEY)&&(!(*auth_context)->local_subkey)) { + if ((ap_req_options & AP_OPTS_USE_SUBKEY)&&(!(*auth_context)->send_subkey)) { /* Provide some more fodder for random number code. This isn't strong cryptographically; the point here is not to guarantee randomness, but to make it less likely that multiple @@ -145,8 +145,15 @@ krb5_mk_req_extended(krb5_context context, krb5_auth_context *auth_context, (void) krb5_c_random_add_entropy (context, KRB5_C_RANDSOURCE_TIMING, &d); if ((retval = krb5_generate_subkey(context, &(in_creds)->keyblock, - &(*auth_context)->local_subkey))) + &(*auth_context)->send_subkey))) goto cleanup; + retval = krb5_copy_keyblock(context, (*auth_context)->send_subkey, + &((*auth_context)->recv_subkey)); + if (retval) { + krb5_free_keyblock(context, (*auth_context)->send_subkey); + (*auth_context)->send_subkey = NULL; + goto cleanup; + } } @@ -178,7 +185,7 @@ krb5_mk_req_extended(krb5_context context, krb5_auth_context *auth_context, if ((retval = krb5_generate_authenticator(context, (*auth_context)->authentp, (in_creds)->client, checksump, - (*auth_context)->local_subkey, + (*auth_context)->send_subkey, (*auth_context)->local_seq_number, (in_creds)->authdata))) goto cleanup_cksum; diff --git a/src/lib/krb5/krb/mk_safe.c b/src/lib/krb5/krb/mk_safe.c index 992a456a9..eefcab7cd 100644 --- a/src/lib/krb5/krb/mk_safe.c +++ b/src/lib/krb5/krb/mk_safe.c @@ -120,9 +120,8 @@ krb5_mk_safe(krb5_context context, krb5_auth_context auth_context, const krb5_da memset((char *) &replaydata, 0, sizeof(krb5_replay_data)); /* Get keyblock */ - if ((keyblock = auth_context->local_subkey) == NULL) - if ((keyblock = auth_context->remote_subkey) == NULL) - keyblock = auth_context->keyblock; + if ((keyblock = auth_context->send_subkey) == NULL) + keyblock = auth_context->keyblock; /* Get replay info */ if ((auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_DO_TIME) && diff --git a/src/lib/krb5/krb/rd_cred.c b/src/lib/krb5/krb/rd_cred.c index 228219f76..0359d40c3 100644 --- a/src/lib/krb5/krb/rd_cred.c +++ b/src/lib/krb5/krb/rd_cred.c @@ -169,9 +169,8 @@ krb5_rd_cred(krb5_context context, krb5_auth_context auth_context, krb5_data *pc krb5_replay_data replaydata; /* Get keyblock */ - if ((keyblock = auth_context->remote_subkey) == NULL) - if ((keyblock = auth_context->local_subkey) == NULL) - keyblock = auth_context->keyblock; + if ((keyblock = auth_context->recv_subkey) == NULL) + keyblock = auth_context->keyblock; if (((auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_RET_TIME) || (auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_RET_SEQUENCE)) && diff --git a/src/lib/krb5/krb/rd_priv.c b/src/lib/krb5/krb/rd_priv.c index 813205662..180559cc2 100644 --- a/src/lib/krb5/krb/rd_priv.c +++ b/src/lib/krb5/krb/rd_priv.c @@ -156,9 +156,8 @@ krb5_rd_priv(krb5_context context, krb5_auth_context auth_context, const krb5_da krb5_replay_data replaydata; /* Get keyblock */ - if ((keyblock = auth_context->remote_subkey) == NULL) - if ((keyblock = auth_context->local_subkey) == NULL) - keyblock = auth_context->keyblock; + if ((keyblock = auth_context->recv_subkey) == NULL) + keyblock = auth_context->keyblock; if (((auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_RET_TIME) || (auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_RET_SEQUENCE)) && diff --git a/src/lib/krb5/krb/rd_rep.c b/src/lib/krb5/krb/rd_rep.c index e35e43f5d..50ce51331 100644 --- a/src/lib/krb5/krb/rd_rep.c +++ b/src/lib/krb5/krb/rd_rep.c @@ -82,7 +82,15 @@ krb5_rd_rep(krb5_context context, krb5_auth_context auth_context, const krb5_dat /* Set auth subkey */ if ((*repl)->subkey) { retval = krb5_copy_keyblock(context, (*repl)->subkey, - &auth_context->remote_subkey); + &auth_context->recv_subkey); + if (retval) + goto clean_scratch; + retval = krb5_copy_keyblock(context, (*repl)->subkey, + &auth_context->send_subkey); + if (retval) { + krb5_free_keyblock(context, auth_context->send_subkey); + auth_context->send_subkey = NULL; + } } /* Get remote sequence number */ diff --git a/src/lib/krb5/krb/rd_req_dec.c b/src/lib/krb5/krb/rd_req_dec.c index fa126b4ab..3c398aed1 100644 --- a/src/lib/krb5/krb/rd_req_dec.c +++ b/src/lib/krb5/krb/rd_req_dec.c @@ -290,10 +290,18 @@ krb5_rd_req_decoded_opt(krb5_context context, krb5_auth_context *auth_context, c if ((*auth_context)->authentp->subkey) { if ((retval = krb5_copy_keyblock(context, (*auth_context)->authentp->subkey, - &((*auth_context)->remote_subkey)))) + &((*auth_context)->recv_subkey)))) goto cleanup; + retval = krb5_copy_keyblock(context, (*auth_context)->authentp->subkey, + &((*auth_context)->send_subkey)); + if (retval) { + krb5_free_keyblock(context, (*auth_context)->recv_subkey); + (*auth_context)->recv_subkey = NULL; + goto cleanup; + } } else { - (*auth_context)->remote_subkey = 0; + (*auth_context)->recv_subkey = 0; + (*auth_context)->send_subkey = 0; } if ((retval = krb5_copy_keyblock(context, req->ticket->enc_part2->session, diff --git a/src/lib/krb5/krb/rd_safe.c b/src/lib/krb5/krb/rd_safe.c index 0f6cec27f..3194229a3 100644 --- a/src/lib/krb5/krb/rd_safe.c +++ b/src/lib/krb5/krb/rd_safe.c @@ -161,9 +161,8 @@ krb5_rd_safe(krb5_context context, krb5_auth_context auth_context, const krb5_da return KRB5_RC_REQUIRED; /* Get keyblock */ - if ((keyblock = auth_context->remote_subkey) == NULL) - if ((keyblock = auth_context->local_subkey) == NULL) - keyblock = auth_context->keyblock; + if ((keyblock = auth_context->recv_subkey) == NULL) + keyblock = auth_context->keyblock; { krb5_address * premote_fulladdr = NULL; diff --git a/src/lib/krb5/krb/ser_actx.c b/src/lib/krb5/krb/ser_actx.c index a8ec90ee6..32519e19f 100644 --- a/src/lib/krb5/krb/ser_actx.c +++ b/src/lib/krb5/krb/ser_actx.c @@ -151,21 +151,21 @@ krb5_auth_context_size(krb5_context kcontext, krb5_pointer arg, size_t *sizep) required += sizeof(krb5_int32); } - /* Calculate size required by local_subkey, if appropriate */ - if (!kret && auth_context->local_subkey) { + /* Calculate size required by send_subkey, if appropriate */ + if (!kret && auth_context->send_subkey) { kret = krb5_size_opaque(kcontext, KV5M_KEYBLOCK, - (krb5_pointer) auth_context->local_subkey, + (krb5_pointer) auth_context->send_subkey, &required); if (!kret) required += sizeof(krb5_int32); } - /* Calculate size required by remote_subkey, if appropriate */ - if (!kret && auth_context->remote_subkey) { + /* Calculate size required by recv_subkey, if appropriate */ + if (!kret && auth_context->recv_subkey) { kret = krb5_size_opaque(kcontext, KV5M_KEYBLOCK, - (krb5_pointer) auth_context->remote_subkey, + (krb5_pointer) auth_context->recv_subkey, &required); if (!kret) required += sizeof(krb5_int32); @@ -300,23 +300,23 @@ krb5_auth_context_externalize(krb5_context kcontext, krb5_pointer arg, krb5_octe } /* Now handle subkey, if appropriate */ - if (!kret && auth_context->local_subkey) { + if (!kret && auth_context->send_subkey) { (void) krb5_ser_pack_int32(TOKEN_LSKBLOCK, &bp, &remain); kret = krb5_externalize_opaque(kcontext, KV5M_KEYBLOCK, (krb5_pointer) - auth_context->local_subkey, + auth_context->send_subkey, &bp, &remain); } /* Now handle subkey, if appropriate */ - if (!kret && auth_context->remote_subkey) { + if (!kret && auth_context->recv_subkey) { (void) krb5_ser_pack_int32(TOKEN_RSKBLOCK, &bp, &remain); kret = krb5_externalize_opaque(kcontext, KV5M_KEYBLOCK, (krb5_pointer) - auth_context->remote_subkey, + auth_context->recv_subkey, &bp, &remain); } @@ -474,26 +474,26 @@ krb5_auth_context_internalize(krb5_context kcontext, krb5_pointer *argp, krb5_oc kret = krb5_ser_unpack_int32(&tag, &bp, &remain); } - /* This is the local_subkey */ + /* This is the send_subkey */ if (!kret && (tag == TOKEN_LSKBLOCK)) { if (!(kret = krb5_internalize_opaque(kcontext, KV5M_KEYBLOCK, (krb5_pointer *) &auth_context-> - local_subkey, + send_subkey, &bp, &remain))) kret = krb5_ser_unpack_int32(&tag, &bp, &remain); } - /* This is the remote_subkey */ + /* This is the recv_subkey */ if (!kret) { if (tag == TOKEN_RSKBLOCK) { kret = krb5_internalize_opaque(kcontext, KV5M_KEYBLOCK, (krb5_pointer *) &auth_context-> - remote_subkey, + recv_subkey, &bp, &remain); } diff --git a/src/lib/krb5_32.def b/src/lib/krb5_32.def index 0d4d5f24d..257dd287e 100644 --- a/src/lib/krb5_32.def +++ b/src/lib/krb5_32.def @@ -36,8 +36,10 @@ EXPORTS krb5_auth_con_getlocalseqnumber krb5_auth_con_getlocalsubkey krb5_auth_con_getrcache ; KRB5_CALLCONV_WRONG + krb5_auth_con_getrecvsubkey krb5_auth_con_getremoteseqnumber krb5_auth_con_getremotesubkey + krb5_auth_con_getsendsubkey krb5_auth_con_init krb5_auth_con_initivector ; DEPRECATED krb5_auth_con_setaddrs ; KRB5_CALLCONV_WRONG @@ -45,6 +47,8 @@ EXPORTS krb5_auth_con_setflags krb5_auth_con_setports krb5_auth_con_setrcache + krb5_auth_con_setrecvsubkey + krb5_auth_con_setsendsubkey krb5_auth_con_setuseruserkey krb5_build_principal krb5_build_principal_ext diff --git a/src/mac/MacOSX/Projects/Kerberos5.pbexp b/src/mac/MacOSX/Projects/Kerberos5.pbexp index 915cd1f7f..70dd599d2 100644 --- a/src/mac/MacOSX/Projects/Kerberos5.pbexp +++ b/src/mac/MacOSX/Projects/Kerberos5.pbexp @@ -57,6 +57,10 @@ _krb5_auth_con_getremotesubkey _krb5_auth_con_getlocalseqnumber _krb5_auth_con_getremoteseqnumber + _krb5_auth_con_getrecvsubkey + _krb5_auth_con_getsendsubkey + _krb5_auth_con_setrecvsubkey + _krb5_auth_con_setsendsubkey _krb5_auth_con_setrcache _krb5_auth_con_getrcache _krb5_auth_con_getauthenticator -- 2.26.2