Details
-
Bug
-
Resolution: Fixed
-
P3
-
7u40
-
b113
-
linux_redhat_6.0
-
Not verified
Description
FULL PRODUCT VERSION :
ADDITIONAL OS VERSION INFORMATION :
Linux <redacted> 2.6.32-358.14.1.el6.x86_64 #1 SMP Mon Jun 17 15:54:20 EDT 2013 x86_64 x86_64 x86_64 GNU/Linux
EXTRA RELEVANT SYSTEM CONFIGURATION :
krb5-libs-1.10.3-10.el6_4.6.x86_64
A DESCRIPTION OF THE PROBLEM :
InitialToken.useNullKey via InitialToken,OverloadedChecksum(Krb5Context, Checksum, EncryptionKey) decides whether or not a NULL_KEY should be used to decrypt a delegated credential during context acceptance based on the type of the session key. It assumes that all "older" session key etypes will not encrypt the delegated credential (RFC1964) and only newer etypes will encrypt the delegated credential with the session key per RFC4121.
MIT Kerberos 1.10.3 in RHEL 6 applies RFC4121 to all delegated credentials, regardless of session key etype used. They also, in their GSS acceptor, first attempt to decrypt the delegated credential with the session key in all cases and failing that fall back to using it unencrypted.
JGSS should attempt to do the same in order to maximize interoperability. The etype of the EncryptedData can be checked to verify whether it is encrypted or not.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
1) Run a JGSS acceptor utilizing "older" etypes for long term service keys (my case was des3-cbc-sha1 and des-cbc-crc). Request delegation.
2) Initiate a GSS context from a RHEL 6 client utilizing native GSS Krb5 to this service
3) Attempt to accept the RHEL 6 context utilizing JGSS
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
The context is accepted and delegated credentials are correctly applied.
ACTUAL -
JGSS throws a KrbException during checksum validation of the accepted context.
ERROR MESSAGES/STACK TRACES THAT OCCUR :
java.security.PrivilegedActionException: javax.servlet.ServletException: GSSException: Failure unspecified at GSS-API level (Mechanism level: EncryptedData is encrypted using keytype DES3 CBC mode with SHA1-KD but decryption key is of type NULL)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAs(Subject.java:396)
at org.cert.cc.valve.GSSAPIValve.loginAndAction(GSSAPIValve.java:452)
at org.cert.cc.valve.GSSAPIValve.invoke(GSSAPIValve.java:341)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:953)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)
at org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:200)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918)
at java.lang.Thread.run(Thread.java:662)
Caused by: javax.servlet.ServletException: GSSException: Failure unspecified at GSS-API level (Mechanism level: EncryptedData is encrypted using keytype DES3 CBC mode with SHA1-KD but decryption key is of type NULL)
at org.cert.cc.valve.GSSAPIValve$GssServerAction.run(GSSAPIValve.java:699)
... 13 more
Caused by: GSSException: Failure unspecified at GSS-API level (Mechanism level: EncryptedData is encrypted using keytype DES3 CBC mode with SHA1-KD but decryption key is of type NULL)
at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Context.java:741)
at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:323)
at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:267)
at sun.security.jgss.spnego.SpNegoContext.GSS_acceptSecContext(SpNegoContext.java:858)
at sun.security.jgss.spnego.SpNegoContext.acceptSecContext(SpNegoContext.java:532)
at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:323)
at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:267)
at org.cert.cc.valve.GSSAPIValve$GssServerAction.getToken(GSSAPIValve.java:840)
at org.cert.cc.valve.GSSAPIValve$GssServerAction.run(GSSAPIValve.java:696)
... 13 more
Caused by: KrbException: EncryptedData is encrypted using keytype DES3 CBC mode with SHA1-KD but decryption key is of type NULL
at sun.security.krb5.EncryptedData.decrypt(EncryptedData.java:160)
at sun.security.krb5.KrbCred.<init>(KrbCred.java:137)
at sun.security.jgss.krb5.InitialToken$OverloadedChecksum.<init>(InitialToken.java:258)
at sun.security.jgss.krb5.InitSecContextToken.<init>(InitSecContextToken.java:102)
at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Context.java:724)
... 21 more
REPRODUCIBILITY :
This bug can be reproduced always.
ADDITIONAL OS VERSION INFORMATION :
Linux <redacted> 2.6.32-358.14.1.el6.x86_64 #1 SMP Mon Jun 17 15:54:20 EDT 2013 x86_64 x86_64 x86_64 GNU/Linux
EXTRA RELEVANT SYSTEM CONFIGURATION :
krb5-libs-1.10.3-10.el6_4.6.x86_64
A DESCRIPTION OF THE PROBLEM :
InitialToken.useNullKey via InitialToken,OverloadedChecksum(Krb5Context, Checksum, EncryptionKey) decides whether or not a NULL_KEY should be used to decrypt a delegated credential during context acceptance based on the type of the session key. It assumes that all "older" session key etypes will not encrypt the delegated credential (RFC1964) and only newer etypes will encrypt the delegated credential with the session key per RFC4121.
MIT Kerberos 1.10.3 in RHEL 6 applies RFC4121 to all delegated credentials, regardless of session key etype used. They also, in their GSS acceptor, first attempt to decrypt the delegated credential with the session key in all cases and failing that fall back to using it unencrypted.
JGSS should attempt to do the same in order to maximize interoperability. The etype of the EncryptedData can be checked to verify whether it is encrypted or not.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
1) Run a JGSS acceptor utilizing "older" etypes for long term service keys (my case was des3-cbc-sha1 and des-cbc-crc). Request delegation.
2) Initiate a GSS context from a RHEL 6 client utilizing native GSS Krb5 to this service
3) Attempt to accept the RHEL 6 context utilizing JGSS
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
The context is accepted and delegated credentials are correctly applied.
ACTUAL -
JGSS throws a KrbException during checksum validation of the accepted context.
ERROR MESSAGES/STACK TRACES THAT OCCUR :
java.security.PrivilegedActionException: javax.servlet.ServletException: GSSException: Failure unspecified at GSS-API level (Mechanism level: EncryptedData is encrypted using keytype DES3 CBC mode with SHA1-KD but decryption key is of type NULL)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAs(Subject.java:396)
at org.cert.cc.valve.GSSAPIValve.loginAndAction(GSSAPIValve.java:452)
at org.cert.cc.valve.GSSAPIValve.invoke(GSSAPIValve.java:341)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:953)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)
at org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:200)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918)
at java.lang.Thread.run(Thread.java:662)
Caused by: javax.servlet.ServletException: GSSException: Failure unspecified at GSS-API level (Mechanism level: EncryptedData is encrypted using keytype DES3 CBC mode with SHA1-KD but decryption key is of type NULL)
at org.cert.cc.valve.GSSAPIValve$GssServerAction.run(GSSAPIValve.java:699)
... 13 more
Caused by: GSSException: Failure unspecified at GSS-API level (Mechanism level: EncryptedData is encrypted using keytype DES3 CBC mode with SHA1-KD but decryption key is of type NULL)
at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Context.java:741)
at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:323)
at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:267)
at sun.security.jgss.spnego.SpNegoContext.GSS_acceptSecContext(SpNegoContext.java:858)
at sun.security.jgss.spnego.SpNegoContext.acceptSecContext(SpNegoContext.java:532)
at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:323)
at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:267)
at org.cert.cc.valve.GSSAPIValve$GssServerAction.getToken(GSSAPIValve.java:840)
at org.cert.cc.valve.GSSAPIValve$GssServerAction.run(GSSAPIValve.java:696)
... 13 more
Caused by: KrbException: EncryptedData is encrypted using keytype DES3 CBC mode with SHA1-KD but decryption key is of type NULL
at sun.security.krb5.EncryptedData.decrypt(EncryptedData.java:160)
at sun.security.krb5.KrbCred.<init>(KrbCred.java:137)
at sun.security.jgss.krb5.InitialToken$OverloadedChecksum.<init>(InitialToken.java:258)
at sun.security.jgss.krb5.InitSecContextToken.<init>(InitSecContextToken.java:102)
at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Context.java:724)
... 21 more
REPRODUCIBILITY :
This bug can be reproduced always.