OSDN Git Service

(root) / uclinux-h8 / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c596077) | patch
SUNRPC: remove RC4-HMAC-MD5 support from KerberosV
authorArd Biesheuvel <ardb@kernel.org>
Mon, 31 Aug 2020 15:16:45 +0000 (18:16 +0300)
committerHerbert Xu <herbert@gondor.apana.org.au>
Fri, 11 Sep 2020 04:39:15 +0000 (14:39 +1000)
commite33d2a7b3041d7f8cd1f0a2a4ca42a5bc112b14e
tree795c839b40c021711f4af6716e8b5f41f4f678e3tree | snapshot
parentc59607784894c14110f1b69d601285d9d18bb6decommit | diff
SUNRPC: remove RC4-HMAC-MD5 support from KerberosV

The RC4-HMAC-MD5 KerberosV algorithm is based on RFC 4757 [0], which
was specifically issued for interoperability with Windows 2000, but was
never intended to receive the same level of support. The RFC says

  The IETF Kerberos community supports publishing this specification as
  an informational document in order to describe this widely
  implemented technology.  However, while these encryption types
  provide the operations necessary to implement the base Kerberos
  specification [RFC4120], they do not provide all the required
  operations in the Kerberos cryptography framework [RFC3961].  As a
  result, it is not generally possible to implement potential
  extensions to Kerberos using these encryption types.  The Kerberos
  encryption type negotiation mechanism [RFC4537] provides one approach
  for using such extensions even when a Kerberos infrastructure uses
  long-term RC4 keys.  Because this specification does not implement
  operations required by RFC 3961 and because of security concerns with
  the use of RC4 and MD4 discussed in Section 8, this specification is
  not appropriate for publication on the standards track.

  The RC4-HMAC encryption types are used to ease upgrade of existing
  Windows NT environments, provide strong cryptography (128-bit key
  lengths), and provide exportable (meet United States government
  export restriction requirements) encryption.  This document describes
  the implementation of those encryption types.

Furthermore, this RFC was re-classified as 'historic' by RFC 8429 [1] in
2018, stating that 'none of the encryption types it specifies should be
used'

Note that other outdated algorithms are left in place (some of which are
guarded by CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES), so this should only
adversely affect interoperability with Windows NT/2000 systems that have
not received any updates since 2008 (but are connected to a network
nonetheless)

[0] https://tools.ietf.org/html/rfc4757
[1] https://tools.ietf.org/html/rfc8429

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Acked-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
include/linux/sunrpc/gss_krb5.h diff | blob | history
include/linux/sunrpc/gss_krb5_enctypes.h diff | blob | history
net/sunrpc/Kconfig diff | blob | history
net/sunrpc/auth_gss/gss_krb5_crypto.c diff | blob | history
net/sunrpc/auth_gss/gss_krb5_mech.c diff | blob | history
net/sunrpc/auth_gss/gss_krb5_seal.c diff | blob | history
net/sunrpc/auth_gss/gss_krb5_seqnum.c diff | blob | history
net/sunrpc/auth_gss/gss_krb5_unseal.c diff | blob | history
net/sunrpc/auth_gss/gss_krb5_wrap.c diff | blob | history
About OSDN
Find Software
Develop Software
Help