mirror of
https://github.com/samba-team/samba.git
synced 2025-01-05 09:18:06 +03:00
Do not fail checksums for RFC8009 types
While Active Directory does not support yet RFC 8009 encryption and
checksum types, it is possible to verify these checksums when running
with both MIT Kerberos and Heimdal Kerberos. This matters for FreeIPA
domain controller which uses them by default.
[2023/06/16 21:51:04.923873, 10, pid=51149, effective(0, 0), real(0, 0)]
../../lib/krb5_wrap/krb5_samba.c:1496(smb_krb5_kt_open_relative)
smb_krb5_open_keytab: resolving: FILE:/etc/samba/samba.keytab
[2023/06/16 21:51:04.924196, 2, pid=51149, effective(0, 0), real(0, 0),
class=auth] ../../auth/kerberos/kerberos_pac.c:66(check_pac_checksum)
check_pac_checksum: Checksum Type 20 is not supported
[2023/06/16 21:51:04.924228, 5, pid=51149, effective(0, 0), real(0, 0),
class=auth] ../../auth/kerberos/kerberos_pac.c:353(kerberos_decode_pac)
PAC Decode: Failed to verify the service signature: Invalid argument
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15635
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 8e931fce12
)
Autobuild-User(v4-20-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-20-test): Tue Apr 16 12:24:55 UTC 2024 on atb-devel-224
This commit is contained in:
parent
db60a1947b
commit
215bb9bd48
@ -33,6 +33,7 @@
|
|||||||
#include "librpc/gen_ndr/auth.h"
|
#include "librpc/gen_ndr/auth.h"
|
||||||
#include "auth/common_auth.h"
|
#include "auth/common_auth.h"
|
||||||
#include "auth/kerberos/pac_utils.h"
|
#include "auth/kerberos/pac_utils.h"
|
||||||
|
#include "lib/krb5_wrap/krb5_samba.h"
|
||||||
|
|
||||||
krb5_error_code check_pac_checksum(DATA_BLOB pac_data,
|
krb5_error_code check_pac_checksum(DATA_BLOB pac_data,
|
||||||
struct PAC_SIGNATURE_DATA *sig,
|
struct PAC_SIGNATURE_DATA *sig,
|
||||||
@ -44,26 +45,34 @@ krb5_error_code check_pac_checksum(DATA_BLOB pac_data,
|
|||||||
krb5_keyusage usage = 0;
|
krb5_keyusage usage = 0;
|
||||||
krb5_boolean checksum_valid = false;
|
krb5_boolean checksum_valid = false;
|
||||||
krb5_data input;
|
krb5_data input;
|
||||||
|
size_t idx = 0;
|
||||||
|
struct {
|
||||||
|
krb5_cksumtype cksum_type;
|
||||||
|
krb5_enctype enc_type;
|
||||||
|
} supported_types[] = {
|
||||||
|
{CKSUMTYPE_HMAC_SHA1_96_AES_256, ENCTYPE_AES256_CTS_HMAC_SHA1_96},
|
||||||
|
{CKSUMTYPE_HMAC_SHA1_96_AES_128, ENCTYPE_AES128_CTS_HMAC_SHA1_96},
|
||||||
|
/* RFC8009 types. Not supported by AD yet but used by FreeIPA and MIT Kerberos */
|
||||||
|
{CKSUMTYPE_HMAC_SHA256_128_AES128, ENCTYPE_AES128_CTS_HMAC_SHA256_128},
|
||||||
|
{CKSUMTYPE_HMAC_SHA384_192_AES256, ENCTYPE_AES256_CTS_HMAC_SHA384_192},
|
||||||
|
{0, 0},
|
||||||
|
};
|
||||||
|
|
||||||
switch (sig->type) {
|
for(idx = 0; supported_types[idx].cksum_type != 0; idx++) {
|
||||||
case CKSUMTYPE_HMAC_MD5:
|
if (sig->type == supported_types[idx].cksum_type) {
|
||||||
/* ignores the key type */
|
if (KRB5_KEY_TYPE(keyblock) != supported_types[idx].enc_type) {
|
||||||
break;
|
|
||||||
case CKSUMTYPE_HMAC_SHA1_96_AES_256:
|
|
||||||
if (KRB5_KEY_TYPE(keyblock) != ENCTYPE_AES256_CTS_HMAC_SHA1_96) {
|
|
||||||
return EINVAL;
|
return EINVAL;
|
||||||
}
|
}
|
||||||
/* ok */
|
/* ok */
|
||||||
break;
|
break;
|
||||||
case CKSUMTYPE_HMAC_SHA1_96_AES_128:
|
|
||||||
if (KRB5_KEY_TYPE(keyblock) != ENCTYPE_AES128_CTS_HMAC_SHA1_96) {
|
|
||||||
return EINVAL;
|
|
||||||
}
|
}
|
||||||
/* ok */
|
}
|
||||||
break;
|
|
||||||
default:
|
/* do not do key type check for HMAC-MD5 */
|
||||||
DEBUG(2,("check_pac_checksum: Checksum Type %"PRIu32" is not supported\n",
|
if ((sig->type != CKSUMTYPE_HMAC_MD5) &&
|
||||||
sig->type));
|
(supported_types[idx].cksum_type == 0)) {
|
||||||
|
DEBUG(2,("check_pac_checksum: Checksum Type %d is not supported\n",
|
||||||
|
(int)sig->type));
|
||||||
return EINVAL;
|
return EINVAL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -88,6 +88,34 @@
|
|||||||
#define CKSUMTYPE_HMAC_SHA1_96_AES_256 CKSUMTYPE_HMAC_SHA1_96_AES256
|
#define CKSUMTYPE_HMAC_SHA1_96_AES_256 CKSUMTYPE_HMAC_SHA1_96_AES256
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* RFC8009 encryption types' defines have different names:
|
||||||
|
*
|
||||||
|
* KRB5_ENCTYPE_AES128_CTS_HMAC_SHA256_128 in Heimdal
|
||||||
|
* ENCTYPE_AES128_CTS_HMAC_SHA256_128 in MIT
|
||||||
|
*
|
||||||
|
* and
|
||||||
|
*
|
||||||
|
* KRB5_ENCTYPE_AES256_CTS_HMAC_SHA384_192 in Heimdal
|
||||||
|
* ENCTYPE_AES256_CTS_HMAC_SHA384_192 in MIT
|
||||||
|
*/
|
||||||
|
#if !defined(ENCTYPE_AES128_CTS_HMAC_SHA256_128)
|
||||||
|
#define ENCTYPE_AES128_CTS_HMAC_SHA256_128 KRB5_ENCTYPE_AES128_CTS_HMAC_SHA256_128
|
||||||
|
#endif
|
||||||
|
#if !defined(ENCTYPE_AES256_CTS_HMAC_SHA384_192)
|
||||||
|
#define ENCTYPE_AES256_CTS_HMAC_SHA384_192 KRB5_ENCTYPE_AES256_CTS_HMAC_SHA384_192
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Same for older encryption types, rename to have the same defines
|
||||||
|
*/
|
||||||
|
#if !defined(ENCTYPE_AES128_CTS_HMAC_SHA1_96)
|
||||||
|
#define ENCTYPE_AES128_CTS_HMAC_SHA1_96 KRB5_ENCTYPE_AES128_CTS_HMAC_SHA1_96
|
||||||
|
#endif
|
||||||
|
#if !defined(ENCTYPE_AES256_CTS_HMAC_SHA1_96)
|
||||||
|
#define ENCTYPE_AES256_CTS_HMAC_SHA1_96 KRB5_ENCTYPE_AES256_CTS_HMAC_SHA1_96
|
||||||
|
#endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* KRB5_KU_OTHER_ENCRYPTED in Heimdal
|
* KRB5_KU_OTHER_ENCRYPTED in Heimdal
|
||||||
* KRB5_KEYUSAGE_APP_DATA_ENCRYPT in MIT
|
* KRB5_KEYUSAGE_APP_DATA_ENCRYPT in MIT
|
||||||
|
Loading…
Reference in New Issue
Block a user