LGTM
Acked-by: Simo Sorce <simo@xxxxxxxxxx>
On Tue, 2019-01-15 at 15:18 -0500, Chuck Lever wrote:
> Enable distributions to enforce the rejection of ancient and
> insecure Kerberos enctypes in the kernel's RPCSEC_GSS
> implementation. These are the single-DES encryption types that
> were deprecated in 2012 by RFC 6649.
>
> Enctypes that were deprecated more recently (by RFC 8429) remain
> fully supported for now because they are still likely to be widely
> used.
>
> Signed-off-by: Chuck Lever <chuck.lever@xxxxxxxxxx>
> ---
> include/linux/sunrpc/gss_krb5_enctypes.h | 42 +++++++++++++++++++++++++++++-
> net/sunrpc/Kconfig | 16 +++++++++++
> net/sunrpc/auth_gss/gss_krb5_mech.c | 2 +
> 3 files changed, 59 insertions(+), 1 deletion(-)
>
> diff --git a/include/linux/sunrpc/gss_krb5_enctypes.h b/include/linux/sunrpc/gss_krb5_enctypes.h
> index ec6234e..788742d 100644
> --- a/include/linux/sunrpc/gss_krb5_enctypes.h
> +++ b/include/linux/sunrpc/gss_krb5_enctypes.h
> @@ -1,4 +1,44 @@
> +/* SPDX-License-Identifier: GPL-2.0 */
> /*
> - * Dumb way to share this static piece of information with nfsd
> + * Define the string that exports the set of kernel-supported
> + * Kerberos enctypes. This list is sent via upcall to gssd, and
> + * is also exposed via the nfsd /proc API. The consumers generally
> + * treat this as an ordered list, where the first item in the list
> + * is the most preferred.
> + */
> +
> +#ifndef _LINUX_SUNRPC_GSS_KRB5_ENCTYPES_H
> +#define _LINUX_SUNRPC_GSS_KRB5_ENCTYPES_H
> +
> +#ifdef CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES
> +
> +/*
> + * NB: This list includes encryption types that were deprecated
> + * by RFC 8429 (DES3_CBC_SHA1 and ARCFOUR_HMAC).
> + *
> + * ENCTYPE_AES256_CTS_HMAC_SHA1_96
> + * ENCTYPE_AES128_CTS_HMAC_SHA1_96
> + * ENCTYPE_DES3_CBC_SHA1
> + * ENCTYPE_ARCFOUR_HMAC
> + */
> +#define KRB5_SUPPORTED_ENCTYPES "18,17,16,23"
> +
> +#else /* CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES */
> +
> +/*
> + * NB: This list includes encryption types that were deprecated
> + * by RFC 6649 and RFC 8429 (DES3_CBC_SHA1 and ARCFOUR_HMAC).
> + *
> + * ENCTYPE_AES256_CTS_HMAC_SHA1_96
> + * ENCTYPE_AES128_CTS_HMAC_SHA1_96
> + * ENCTYPE_DES3_CBC_SHA1
> + * ENCTYPE_ARCFOUR_HMAC
> + * ENCTYPE_DES_CBC_MD5
> + * ENCTYPE_DES_CBC_CRC
> + * ENCTYPE_DES_CBC_MD4
> */
> #define KRB5_SUPPORTED_ENCTYPES "18,17,16,23,3,1,2"
> +
> +#endif /* CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES */
> +
> +#endif /* _LINUX_SUNRPC_GSS_KRB5_ENCTYPES_H */
> diff --git a/net/sunrpc/Kconfig b/net/sunrpc/Kconfig
> index ac09ca8..83f5617 100644
> --- a/net/sunrpc/Kconfig
> +++ b/net/sunrpc/Kconfig
> @@ -34,6 +34,22 @@ config RPCSEC_GSS_KRB5
>
> If unsure, say Y.
>
> +config CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES
> + bool "Secure RPC: Disable insecure Kerberos encryption types"
> + depends on RPCSEC_GSS_KRB5
> + default n
> + help
> + Choose Y here to disable the use of deprecated encryption types
> + with the Kerberos version 5 GSS-API mechanism (RFC 1964). The
> + deprecated encryption types include DES-CBC-MD5, DES-CBC-CRC,
> + and DES-CBC-MD4. These types were deprecated by RFC 6649 because
> + they were found to be insecure.
> +
> + N is the default because many sites have deployed KDCs and
> + keytabs that contain only these deprecated encryption types.
> + Choosing Y prevents the use of known-insecure encryption types
> + but might result in compatibility problems.
> +
> config SUNRPC_DEBUG
> bool "RPC: Enable dprintk debugging"
> depends on SUNRPC && SYSCTL
> diff --git a/net/sunrpc/auth_gss/gss_krb5_mech.c b/net/sunrpc/auth_gss/gss_krb5_mech.c
> index eab71fc..be31a58 100644
> --- a/net/sunrpc/auth_gss/gss_krb5_mech.c
> +++ b/net/sunrpc/auth_gss/gss_krb5_mech.c
> @@ -53,6 +53,7 @@
> static struct gss_api_mech gss_kerberos_mech; /* forward declaration */
>
> static const struct gss_krb5_enctype supported_gss_krb5_enctypes[] = {
> +#ifndef CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES
> /*
> * DES (All DES enctypes are mapped to the same gss functionality)
> */
> @@ -74,6 +75,7 @@
> .cksumlength = 8,
> .keyed_cksum = 0,
> },
> +#endif /* CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES */
> /*
> * RC4-HMAC
> */
>
--
Simo Sorce
Sr. Principal Software Engineer
Red Hat, Inc
