[OpenAFS] Re: klog.krb5 incompatible with Heimdal 1.5.1?

Andrew Deason adeason@sinenomine.net
Thu, 13 Oct 2011 14:15:49 -0500

On Thu, 13 Oct 2011 16:33:58 +0200
Andreas Haupt <ahaupt@ifh.de> wrote:

> The encryption types sent out to the client are the same
> (aes256-cts-hmac-sha1-96/des-cbc-md5), aren't they?

It appears not. I don't know what happens differently on the wire, but
Heimdal 1.5.1 appears to be giving us back a ticket with
aes256-cts-hmac-sha1-96 (even though there is no key with that enctype
for the princ), and 1.2.1 gives us back des-cbc-md5. Reproducing this

# ./sbin/kadmin -l
kadmin> get afs/localcell
            Keytypes: des-cbc-md5(pw-salt)[2], des-cbc-md4(pw-salt)[2], des-cbc-crc(pw-salt)[2]

$ gdb --args ./klog
(gdb) break klog.c:738
(gdb) run
adeason@LOCALCELL's Password:
Breakpoint 1, CommandProc (as=0x808d008, arock=0x0) at klog.c:738
738             atoken->startTime = afscred->times.starttime;
(gdb) print afscred[0]
$1 = {client = 0x80964a0, server = 0x80966a8, session = {keytype = 18, keyvalue = {
      length = 32, data = 0x8096e68}}, times = {authtime = 1318531499,

keytype 18 is aes256-cts-hmac-sha1-96. klog is buggy in that it assumes
it gets a key of 8 bytes, and if we get something larger, it overwrites
other stuff in the ticket, including the kvno, which is why the "bad
kvno" error is what you see.

If I just change the KDC to 1.2.1 (and that is the only thing I change),
I get this at the same breakpoint:

(gdb) print afscred[0]
$1 = {client = 0x80964a0, server = 0x80971e0, session = {keytype = 3,
keyvalue = {
      length = 8, data = 0x80965c0}}, times = {authtime = 1318531583,

keytype 3 is des-cbc-md5.

>> This could be either a bug in klog.krb5 or in Heimdal.  I haven't
>> looked at any code yet.  In the non -tmp case either klog.krb5 is not
>> requesting des-cbc-crc or Heimdal is forgetting that request when
>> responding to the pre-auth request.

klog doesn't specify the enc type (for any code path, as far as I can
tell). It appears to work if I set des-cbc-crc with
krb5_get_init_creds_opt_set_etype_list, but shouldn't the kdc be
restricted to the enctypes that actually exist for the princ, though, or
am I misunderstanding something here?

Andrew Deason