linux-stable/include/linux/sunrpc/gss_krb5_enctypes.h

/* SPDX-License-Identifier: GPL-2.0 */
/*
 * Define the string that exports the set of kernel-supported
 * Kerberos enctypes. This list is sent via upcall to gssd, and
 * is also exposed via the nfsd /proc API. The consumers generally
 * treat this as an ordered list, where the first item in the list
 * is the most preferred.
 */

#ifndef _LINUX_SUNRPC_GSS_KRB5_ENCTYPES_H
#define _LINUX_SUNRPC_GSS_KRB5_ENCTYPES_H

#ifdef CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES

/*
 * NB: This list includes DES3_CBC_SHA1, which was deprecated by RFC 8429.
 *
 * ENCTYPE_AES256_CTS_HMAC_SHA1_96
 * ENCTYPE_AES128_CTS_HMAC_SHA1_96
 * ENCTYPE_DES3_CBC_SHA1
 */
#define KRB5_SUPPORTED_ENCTYPES "18,17,16"

#else	/* CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES */

/*
 * NB: This list includes encryption types that were deprecated
 * by RFC 8429 and RFC 6649.
 *
 * ENCTYPE_AES256_CTS_HMAC_SHA1_96
 * ENCTYPE_AES128_CTS_HMAC_SHA1_96
 * ENCTYPE_DES3_CBC_SHA1
 * ENCTYPE_DES_CBC_MD5
 * ENCTYPE_DES_CBC_CRC
 * ENCTYPE_DES_CBC_MD4
 */
#define KRB5_SUPPORTED_ENCTYPES "18,17,16,3,1,2"

#endif	/* CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES */

#endif	/* _LINUX_SUNRPC_GSS_KRB5_ENCTYPES_H */
SUNRPC: Add build option to disable support for insecure enctypes Enable distributions to enforce the rejection of ancient and insecure Kerberos enctypes in the kernel's RPCSEC_GSS implementation. These are the single-DES encryption types that were deprecated in 2012 by RFC 6649. Enctypes that were deprecated more recently (by RFC 8429) remain fully supported for now because they are still likely to be widely used. Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Acked-by: Simo Sorce <simo@redhat.com> Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com> 2019-02-11 16:24:43 +00:00			`/* SPDX-License-Identifier: GPL-2.0 */`
nfsd: fix dependency of nfsd on auth_rpcgss Commit b0b0c0a26e84 "nfsd: add proc file listing kernel's gss_krb5 enctypes" added an nunnecessary dependency of nfsd on the auth_rpcgss module. It's a little ad hoc, but since the only piece of information nfsd needs from rpcsec_gss_krb5 is a single static string, one solution is just to share it with an include file. Cc: stable@kernel.org Reported-by: Michael Guntsche <mike@it-loops.com> Cc: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: J. Bruce Fields <bfields@redhat.com> 2011-05-31 16:24:58 +00:00			`/*`
SUNRPC: Add build option to disable support for insecure enctypes Enable distributions to enforce the rejection of ancient and insecure Kerberos enctypes in the kernel's RPCSEC_GSS implementation. These are the single-DES encryption types that were deprecated in 2012 by RFC 6649. Enctypes that were deprecated more recently (by RFC 8429) remain fully supported for now because they are still likely to be widely used. Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Acked-by: Simo Sorce <simo@redhat.com> Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com> 2019-02-11 16:24:43 +00:00			`* Define the string that exports the set of kernel-supported`
			`* Kerberos enctypes. This list is sent via upcall to gssd, and`
			`* is also exposed via the nfsd /proc API. The consumers generally`
			`* treat this as an ordered list, where the first item in the list`
			`* is the most preferred.`
			`*/`

			`#ifndef _LINUX_SUNRPC_GSS_KRB5_ENCTYPES_H`
			`#define _LINUX_SUNRPC_GSS_KRB5_ENCTYPES_H`

			`#ifdef CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES`

			`/*`
SUNRPC: remove RC4-HMAC-MD5 support from KerberosV The RC4-HMAC-MD5 KerberosV algorithm is based on RFC 4757 [0], which was specifically issued for interoperability with Windows 2000, but was never intended to receive the same level of support. The RFC says The IETF Kerberos community supports publishing this specification as an informational document in order to describe this widely implemented technology. However, while these encryption types provide the operations necessary to implement the base Kerberos specification [RFC4120], they do not provide all the required operations in the Kerberos cryptography framework [RFC3961]. As a result, it is not generally possible to implement potential extensions to Kerberos using these encryption types. The Kerberos encryption type negotiation mechanism [RFC4537] provides one approach for using such extensions even when a Kerberos infrastructure uses long-term RC4 keys. Because this specification does not implement operations required by RFC 3961 and because of security concerns with the use of RC4 and MD4 discussed in Section 8, this specification is not appropriate for publication on the standards track. The RC4-HMAC encryption types are used to ease upgrade of existing Windows NT environments, provide strong cryptography (128-bit key lengths), and provide exportable (meet United States government export restriction requirements) encryption. This document describes the implementation of those encryption types. Furthermore, this RFC was re-classified as 'historic' by RFC 8429 [1] in 2018, stating that 'none of the encryption types it specifies should be used' Note that other outdated algorithms are left in place (some of which are guarded by CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES), so this should only adversely affect interoperability with Windows NT/2000 systems that have not received any updates since 2008 (but are connected to a network nonetheless) [0] https://tools.ietf.org/html/rfc4757 [1] https://tools.ietf.org/html/rfc8429 Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Acked-by: J. Bruce Fields <bfields@redhat.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2020-08-31 15:16:45 +00:00			`* NB: This list includes DES3_CBC_SHA1, which was deprecated by RFC 8429.`
SUNRPC: Add build option to disable support for insecure enctypes Enable distributions to enforce the rejection of ancient and insecure Kerberos enctypes in the kernel's RPCSEC_GSS implementation. These are the single-DES encryption types that were deprecated in 2012 by RFC 6649. Enctypes that were deprecated more recently (by RFC 8429) remain fully supported for now because they are still likely to be widely used. Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Acked-by: Simo Sorce <simo@redhat.com> Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com> 2019-02-11 16:24:43 +00:00			`*`
			`* ENCTYPE_AES256_CTS_HMAC_SHA1_96`
			`* ENCTYPE_AES128_CTS_HMAC_SHA1_96`
			`* ENCTYPE_DES3_CBC_SHA1`
			`*/`
SUNRPC: remove RC4-HMAC-MD5 support from KerberosV The RC4-HMAC-MD5 KerberosV algorithm is based on RFC 4757 [0], which was specifically issued for interoperability with Windows 2000, but was never intended to receive the same level of support. The RFC says The IETF Kerberos community supports publishing this specification as an informational document in order to describe this widely implemented technology. However, while these encryption types provide the operations necessary to implement the base Kerberos specification [RFC4120], they do not provide all the required operations in the Kerberos cryptography framework [RFC3961]. As a result, it is not generally possible to implement potential extensions to Kerberos using these encryption types. The Kerberos encryption type negotiation mechanism [RFC4537] provides one approach for using such extensions even when a Kerberos infrastructure uses long-term RC4 keys. Because this specification does not implement operations required by RFC 3961 and because of security concerns with the use of RC4 and MD4 discussed in Section 8, this specification is not appropriate for publication on the standards track. The RC4-HMAC encryption types are used to ease upgrade of existing Windows NT environments, provide strong cryptography (128-bit key lengths), and provide exportable (meet United States government export restriction requirements) encryption. This document describes the implementation of those encryption types. Furthermore, this RFC was re-classified as 'historic' by RFC 8429 [1] in 2018, stating that 'none of the encryption types it specifies should be used' Note that other outdated algorithms are left in place (some of which are guarded by CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES), so this should only adversely affect interoperability with Windows NT/2000 systems that have not received any updates since 2008 (but are connected to a network nonetheless) [0] https://tools.ietf.org/html/rfc4757 [1] https://tools.ietf.org/html/rfc8429 Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Acked-by: J. Bruce Fields <bfields@redhat.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2020-08-31 15:16:45 +00:00			`#define KRB5_SUPPORTED_ENCTYPES "18,17,16"`
SUNRPC: Add build option to disable support for insecure enctypes Enable distributions to enforce the rejection of ancient and insecure Kerberos enctypes in the kernel's RPCSEC_GSS implementation. These are the single-DES encryption types that were deprecated in 2012 by RFC 6649. Enctypes that were deprecated more recently (by RFC 8429) remain fully supported for now because they are still likely to be widely used. Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Acked-by: Simo Sorce <simo@redhat.com> Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com> 2019-02-11 16:24:43 +00:00
			`#else /* CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES */`

			`/*`
			`* NB: This list includes encryption types that were deprecated`
			`* by RFC 8429 and RFC 6649.`
			`*`
			`* ENCTYPE_AES256_CTS_HMAC_SHA1_96`
			`* ENCTYPE_AES128_CTS_HMAC_SHA1_96`
			`* ENCTYPE_DES3_CBC_SHA1`
			`* ENCTYPE_DES_CBC_MD5`
			`* ENCTYPE_DES_CBC_CRC`
			`* ENCTYPE_DES_CBC_MD4`
nfsd: fix dependency of nfsd on auth_rpcgss Commit b0b0c0a26e84 "nfsd: add proc file listing kernel's gss_krb5 enctypes" added an nunnecessary dependency of nfsd on the auth_rpcgss module. It's a little ad hoc, but since the only piece of information nfsd needs from rpcsec_gss_krb5 is a single static string, one solution is just to share it with an include file. Cc: stable@kernel.org Reported-by: Michael Guntsche <mike@it-loops.com> Cc: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: J. Bruce Fields <bfields@redhat.com> 2011-05-31 16:24:58 +00:00			`*/`
SUNRPC: remove RC4-HMAC-MD5 support from KerberosV The RC4-HMAC-MD5 KerberosV algorithm is based on RFC 4757 [0], which was specifically issued for interoperability with Windows 2000, but was never intended to receive the same level of support. The RFC says The IETF Kerberos community supports publishing this specification as an informational document in order to describe this widely implemented technology. However, while these encryption types provide the operations necessary to implement the base Kerberos specification [RFC4120], they do not provide all the required operations in the Kerberos cryptography framework [RFC3961]. As a result, it is not generally possible to implement potential extensions to Kerberos using these encryption types. The Kerberos encryption type negotiation mechanism [RFC4537] provides one approach for using such extensions even when a Kerberos infrastructure uses long-term RC4 keys. Because this specification does not implement operations required by RFC 3961 and because of security concerns with the use of RC4 and MD4 discussed in Section 8, this specification is not appropriate for publication on the standards track. The RC4-HMAC encryption types are used to ease upgrade of existing Windows NT environments, provide strong cryptography (128-bit key lengths), and provide exportable (meet United States government export restriction requirements) encryption. This document describes the implementation of those encryption types. Furthermore, this RFC was re-classified as 'historic' by RFC 8429 [1] in 2018, stating that 'none of the encryption types it specifies should be used' Note that other outdated algorithms are left in place (some of which are guarded by CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES), so this should only adversely affect interoperability with Windows NT/2000 systems that have not received any updates since 2008 (but are connected to a network nonetheless) [0] https://tools.ietf.org/html/rfc4757 [1] https://tools.ietf.org/html/rfc8429 Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Acked-by: J. Bruce Fields <bfields@redhat.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2020-08-31 15:16:45 +00:00			`#define KRB5_SUPPORTED_ENCTYPES "18,17,16,3,1,2"`
SUNRPC: Add build option to disable support for insecure enctypes Enable distributions to enforce the rejection of ancient and insecure Kerberos enctypes in the kernel's RPCSEC_GSS implementation. These are the single-DES encryption types that were deprecated in 2012 by RFC 6649. Enctypes that were deprecated more recently (by RFC 8429) remain fully supported for now because they are still likely to be widely used. Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Acked-by: Simo Sorce <simo@redhat.com> Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com> 2019-02-11 16:24:43 +00:00
			`#endif /* CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES */`

			`#endif /* _LINUX_SUNRPC_GSS_KRB5_ENCTYPES_H */`