diff --git a/net/sunrpc/Kconfig b/net/sunrpc/Kconfig index bbbb5af0af13..82ecb534795a 100644 --- a/net/sunrpc/Kconfig +++ b/net/sunrpc/Kconfig @@ -19,10 +19,10 @@ config SUNRPC_SWAP config RPCSEC_GSS_KRB5 tristate "Secure RPC: Kerberos V mechanism" depends on SUNRPC && CRYPTO - depends on CRYPTO_MD5 && CRYPTO_DES && CRYPTO_CBC && CRYPTO_CTS - depends on CRYPTO_ECB && CRYPTO_HMAC && CRYPTO_SHA1 && CRYPTO_AES default y select SUNRPC_GSS + select CRYPTO_SKCIPHER + select CRYPTO_HASH help Choose Y here to enable Secure RPC using the Kerberos version 5 GSS-API mechanism (RFC 1964). @@ -34,21 +34,51 @@ config RPCSEC_GSS_KRB5 If unsure, say Y. -config SUNRPC_DISABLE_INSECURE_ENCTYPES - bool "Secure RPC: Disable insecure Kerberos encryption types" +config RPCSEC_GSS_KRB5_SIMPLIFIED + bool depends on RPCSEC_GSS_KRB5 - default n - help - Choose Y here to disable the use of deprecated encryption types - with the Kerberos version 5 GSS-API mechanism (RFC 1964). The - deprecated encryption types include DES-CBC-MD5, DES-CBC-CRC, - and DES-CBC-MD4. These types were deprecated by RFC 6649 because - they were found to be insecure. - N is the default because many sites have deployed KDCs and - keytabs that contain only these deprecated encryption types. - Choosing Y prevents the use of known-insecure encryption types - but might result in compatibility problems. +config RPCSEC_GSS_KRB5_CRYPTOSYSTEM + bool + depends on RPCSEC_GSS_KRB5 + +config RPCSEC_GSS_KRB5_ENCTYPES_DES + bool "Enable Kerberos enctypes based on DES (deprecated)" + depends on RPCSEC_GSS_KRB5 + depends on CRYPTO_CBC && CRYPTO_CTS && CRYPTO_ECB + depends on CRYPTO_HMAC && CRYPTO_MD5 && CRYPTO_SHA1 + depends on CRYPTO_DES + default n + select RPCSEC_GSS_KRB5_SIMPLIFIED + help + Choose Y to enable the use of deprecated Kerberos 5 + encryption types that utilize Data Encryption Standard + (DES) based ciphers. These include des-cbc-md5, + des-cbc-crc, and des-cbc-md4, which were deprecated by + RFC 6649, and des3-cbc-sha1, which was deprecated by RFC + 8429. + + These encryption types are known to be insecure, therefore + the default setting of this option is N. Support for these + encryption types is available only for compatibility with + legacy NFS client and server implementations. + + Removal of support is planned for a subsequent kernel + release. + +config RPCSEC_GSS_KRB5_ENCTYPES_AES_SHA1 + bool "Enable Kerberos enctypes based on AES and SHA-1" + depends on RPCSEC_GSS_KRB5 + depends on CRYPTO_CBC && CRYPTO_CTS + depends on CRYPTO_HMAC && CRYPTO_SHA1 + depends on CRYPTO_AES + default y + select RPCSEC_GSS_KRB5_CRYPTOSYSTEM + help + Choose Y to enable the use of Kerberos 5 encryption types + that utilize Advanced Encryption Standard (AES) ciphers and + SHA-1 digests. These include aes128-cts-hmac-sha1-96 and + aes256-cts-hmac-sha1-96. config SUNRPC_DEBUG bool "RPC: Enable dprintk debugging" diff --git a/net/sunrpc/auth_gss/gss_krb5_mech.c b/net/sunrpc/auth_gss/gss_krb5_mech.c index 2553d18fd288..9ddc6fc7077f 100644 --- a/net/sunrpc/auth_gss/gss_krb5_mech.c +++ b/net/sunrpc/auth_gss/gss_krb5_mech.c @@ -29,12 +29,16 @@ static struct gss_api_mech gss_kerberos_mech; +#if defined(CONFIG_RPCSEC_GSS_KRB5_SIMPLIFIED) static int gss_krb5_import_ctx_des(struct krb5_ctx *ctx, gfp_t gfp_mask); static int gss_krb5_import_ctx_v1(struct krb5_ctx *ctx, gfp_t gfp_mask); +#endif +#if defined(CONFIG_RPCSEC_GSS_KRB5_CRYPTOSYSTEM) static int gss_krb5_import_ctx_v2(struct krb5_ctx *ctx, gfp_t gfp_mask); +#endif static const struct gss_krb5_enctype supported_gss_krb5_enctypes[] = { -#ifndef CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES +#if defined(CONFIG_RPCSEC_GSS_KRB5_ENCTYPES_DES) /* * DES (All DES enctypes are mapped to the same gss functionality) */ @@ -59,7 +63,6 @@ static const struct gss_krb5_enctype supported_gss_krb5_enctypes[] = { .cksumlength = 8, .keyed_cksum = 0, }, -#endif /* CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES */ /* * 3DES */ @@ -84,8 +87,11 @@ static const struct gss_krb5_enctype supported_gss_krb5_enctypes[] = { .cksumlength = 20, .keyed_cksum = 1, }, +#endif + +#if defined(CONFIG_RPCSEC_GSS_KRB5_ENCTYPES_AES_SHA1) /* - * AES128 + * AES-128 with SHA-1 (RFC 3962) */ { .etype = ENCTYPE_AES128_CTS_HMAC_SHA1_96, @@ -114,7 +120,7 @@ static const struct gss_krb5_enctype supported_gss_krb5_enctypes[] = { .keyed_cksum = 1, }, /* - * AES256 + * AES-256 with SHA-1 (RFC 3962) */ { .etype = ENCTYPE_AES256_CTS_HMAC_SHA1_96, @@ -142,6 +148,7 @@ static const struct gss_krb5_enctype supported_gss_krb5_enctypes[] = { .cksumlength = 12, .keyed_cksum = 1, }, +#endif }; /* @@ -153,10 +160,12 @@ static char gss_krb5_enctype_priority_list[64]; static void gss_krb5_prepare_enctype_priority_list(void) { static const u32 gss_krb5_enctypes[] = { +#if defined(CONFIG_RPCSEC_GSS_KRB5_ENCTYPES_AES_SHA1) ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96, +#endif +#if defined(CONFIG_RPCSEC_GSS_KRB5_ENCTYPES_DES) ENCTYPE_DES3_CBC_SHA1, -#ifndef CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES ENCTYPE_DES_CBC_MD5, ENCTYPE_DES_CBC_CRC, ENCTYPE_DES_CBC_MD4, @@ -337,7 +346,7 @@ out_err: return PTR_ERR(p); } -static struct crypto_sync_skcipher * +static inline struct crypto_sync_skcipher * context_v2_alloc_cipher(struct krb5_ctx *ctx, const char *cname, u8 *key) { struct crypto_sync_skcipher *cp; @@ -367,6 +376,7 @@ set_cdata(u8 cdata[GSS_KRB5_K5CLENGTH], u32 usage, u8 seed) cdata[4] = seed; } +#if defined(CONFIG_RPCSEC_GSS_KRB5_SIMPLIFIED) static int gss_krb5_import_ctx_des(struct krb5_ctx *ctx, gfp_t gfp_mask) { @@ -417,6 +427,9 @@ out_free_seq: out_err: return -EINVAL; } +#endif + +#if defined(CONFIG_RPCSEC_GSS_KRB5_CRYPTOSYSTEM) static struct crypto_ahash * gss_krb5_alloc_hash_v2(struct krb5_ctx *kctx, const struct xdr_netobj *key) @@ -551,6 +564,8 @@ out_free: goto out; } +#endif + static int gss_import_v2_context(const void *p, const void *end, struct krb5_ctx *ctx, gfp_t gfp_mask) diff --git a/net/sunrpc/auth_gss/gss_krb5_seal.c b/net/sunrpc/auth_gss/gss_krb5_seal.c index f74125407588..146aa755f07d 100644 --- a/net/sunrpc/auth_gss/gss_krb5_seal.c +++ b/net/sunrpc/auth_gss/gss_krb5_seal.c @@ -71,6 +71,8 @@ # define RPCDBG_FACILITY RPCDBG_AUTH #endif +#if defined(CONFIG_RPCSEC_GSS_KRB5_SIMPLIFIED) + static void * setup_token(struct krb5_ctx *ctx, struct xdr_netobj *token) { @@ -97,34 +99,6 @@ setup_token(struct krb5_ctx *ctx, struct xdr_netobj *token) return krb5_hdr; } -static void * -setup_token_v2(struct krb5_ctx *ctx, struct xdr_netobj *token) -{ - u16 *ptr; - void *krb5_hdr; - u8 *p, flags = 0x00; - - if ((ctx->flags & KRB5_CTX_FLAG_INITIATOR) == 0) - flags |= 0x01; - if (ctx->flags & KRB5_CTX_FLAG_ACCEPTOR_SUBKEY) - flags |= 0x04; - - /* Per rfc 4121, sec 4.2.6.1, there is no header, - * just start the token */ - krb5_hdr = ptr = (u16 *)token->data; - - *ptr++ = KG2_TOK_MIC; - p = (u8 *)ptr; - *p++ = flags; - *p++ = 0xff; - ptr = (u16 *)p; - *ptr++ = 0xffff; - *ptr = 0xffff; - - token->len = GSS_KRB5_TOK_HDR_LEN + ctx->gk5e->cksumlength; - return krb5_hdr; -} - u32 gss_krb5_get_mic_v1(struct krb5_ctx *ctx, struct xdr_buf *text, struct xdr_netobj *token) @@ -164,6 +138,38 @@ gss_krb5_get_mic_v1(struct krb5_ctx *ctx, struct xdr_buf *text, return (ctx->endtime < now) ? GSS_S_CONTEXT_EXPIRED : GSS_S_COMPLETE; } +#endif + +static void * +setup_token_v2(struct krb5_ctx *ctx, struct xdr_netobj *token) +{ + u16 *ptr; + void *krb5_hdr; + u8 *p, flags = 0x00; + + if ((ctx->flags & KRB5_CTX_FLAG_INITIATOR) == 0) + flags |= 0x01; + if (ctx->flags & KRB5_CTX_FLAG_ACCEPTOR_SUBKEY) + flags |= 0x04; + + /* Per rfc 4121, sec 4.2.6.1, there is no header, + * just start the token. + */ + krb5_hdr = (u16 *)token->data; + ptr = krb5_hdr; + + *ptr++ = KG2_TOK_MIC; + p = (u8 *)ptr; + *p++ = flags; + *p++ = 0xff; + ptr = (u16 *)p; + *ptr++ = 0xffff; + *ptr = 0xffff; + + token->len = GSS_KRB5_TOK_HDR_LEN + ctx->gk5e->cksumlength; + return krb5_hdr; +} + u32 gss_krb5_get_mic_v2(struct krb5_ctx *ctx, struct xdr_buf *text, struct xdr_netobj *token) diff --git a/net/sunrpc/auth_gss/gss_krb5_unseal.c b/net/sunrpc/auth_gss/gss_krb5_unseal.c index 939d199eb7b7..7d6d4ae4a3c9 100644 --- a/net/sunrpc/auth_gss/gss_krb5_unseal.c +++ b/net/sunrpc/auth_gss/gss_krb5_unseal.c @@ -70,9 +70,9 @@ #endif +#if defined(CONFIG_RPCSEC_GSS_KRB5_SIMPLIFIED) /* read_token is a mic token, and message_buffer is the data that the mic was * supposedly taken over. */ - u32 gss_krb5_verify_mic_v1(struct krb5_ctx *ctx, struct xdr_buf *message_buffer, struct xdr_netobj *read_token) @@ -144,6 +144,7 @@ gss_krb5_verify_mic_v1(struct krb5_ctx *ctx, struct xdr_buf *message_buffer, return GSS_S_COMPLETE; } +#endif u32 gss_krb5_verify_mic_v2(struct krb5_ctx *ctx, struct xdr_buf *message_buffer, diff --git a/net/sunrpc/auth_gss/gss_krb5_wrap.c b/net/sunrpc/auth_gss/gss_krb5_wrap.c index d983da6f9530..7dabf379406b 100644 --- a/net/sunrpc/auth_gss/gss_krb5_wrap.c +++ b/net/sunrpc/auth_gss/gss_krb5_wrap.c @@ -40,6 +40,8 @@ # define RPCDBG_FACILITY RPCDBG_AUTH #endif +#if defined(CONFIG_RPCSEC_GSS_KRB5_SIMPLIFIED) + static inline int gss_krb5_padding(int blocksize, int length) { @@ -323,6 +325,8 @@ gss_krb5_unwrap_v1(struct krb5_ctx *kctx, int offset, int len, return GSS_S_COMPLETE; } +#endif + /* * We can shift data by up to LOCAL_BUF_LEN bytes in a pass. If we need * to do more than that, we shift repeatedly. Kevin Coffman reports