[OpenAFS-devel] Re: rxgk updates

[Benjamin Kaduk]

On Wed, 11 Dec 2013, Simon Wilkinson wrote:

>
> On 11 Dec 2013, at 21:44, Benjamin Kaduk <kaduk@MIT.EDU> wrote:
>
>> On Tue, 10 Dec 2013, Benjamin Kaduk wrote:
>>
>>> have not yet done so).  I have only tested with MIT krb5's gssapi library; reports from people building against heimdal will be useful.  (The system heimdal on my mac is too old to have gss_pseudo_random(), alas.)
>>
>> Well, maybe "too old" is not quite right, but "too weird to have a usable gss_pseudo_random()", perhaps.
>
> On Mac OS X, you don't get to play with Heimdal directly, instead you 
> have to go through a shim that emulates the MIT API on top of Heimdal. 
> Heimdal itself is hidden away in a private framework that applications 
> can't link against directly.

Well, I think that the GSS situation is slightly less bad than for krb5 
itself, but the headers in /usr/include/gssapi and in 
/System/Library/Frameworks/GSS.framework/Headers/ are rather different. 
The framework setup is also incompatible with rra-c-util and including 
headers as <gssapi/gssapi.h>, so it still counts as "you don't get to use 
it".

>> It also encodes the counter with the wrong endianness for its PRF+, so aes256-cts-hmac-sha1-96 keys don't work, but aes128-cts-hmac-sha1-96 keys do.
>
> Nico caught this, and it's fixed as 
> 7d459095377eff93b0e0bc1a96e1a4e9ecd817a1 on Heimdal master. I think the 
> fix will be in their next release. It's a little bit awkward, because 
> the fix will affect Heimdal -> Heimdal compatibility - you won't be able 
> to use a pre-fix Heimdal client against a post-fix Heimdal server. 
> OpenAFS should perhaps just refuse to build against Heimdal versions 
> that have this issue.

We were chatting with Nico on IRC about it, yup.  Greg also started a 
thread on kitten about the wrong index being used for the PRF+ (in both 
MIT and Heimdal) from RFC 4402.

-Ben