SUNRPC: Add build option to disable support for insecure enctypes

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Enable distributions to enforce the rejection of ancient and
insecure Kerberos enctypes in the kernel's RPCSEC_GSS
implementation. These are the single-DES encryption types that
were deprecated in 2012 by RFC 6649.

Enctypes that were deprecated more recently (by RFC 8429) remain
fully supported for now because they are still likely to be widely
used.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Acked-by: Simo Sorce <simo@redhat.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>

authored by

Chuck Lever and committed by

Anna Schumaker 7 years ago fe9a2705 067fb11b

+59 -1

3 changed files

expand all

include

linux

sunrpc

gss_krb5_enctypes.h

net

sunrpc

Kconfig

auth_gss

gss_krb5_mech.c

+41 -1

include/linux/sunrpc/gss_krb5_enctypes.h

··· 1 + /* SPDX-License-Identifier: GPL-2.0 */ 1 2 /* 2 - * Dumb way to share this static piece of information with nfsd 3 + * Define the string that exports the set of kernel-supported 4 + * Kerberos enctypes. This list is sent via upcall to gssd, and 5 + * is also exposed via the nfsd /proc API. The consumers generally 6 + * treat this as an ordered list, where the first item in the list 7 + * is the most preferred. 8 + */ 9 + 10 + #ifndef _LINUX_SUNRPC_GSS_KRB5_ENCTYPES_H 11 + #define _LINUX_SUNRPC_GSS_KRB5_ENCTYPES_H 12 + 13 + #ifdef CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES 14 + 15 + /* 16 + * NB: This list includes encryption types that were deprecated 17 + * by RFC 8429 (DES3_CBC_SHA1 and ARCFOUR_HMAC). 18 + * 19 + * ENCTYPE_AES256_CTS_HMAC_SHA1_96 20 + * ENCTYPE_AES128_CTS_HMAC_SHA1_96 21 + * ENCTYPE_DES3_CBC_SHA1 22 + * ENCTYPE_ARCFOUR_HMAC 23 + */ 24 + #define KRB5_SUPPORTED_ENCTYPES "18,17,16,23" 25 + 26 + #else /* CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES */ 27 + 28 + /* 29 + * NB: This list includes encryption types that were deprecated 30 + * by RFC 8429 and RFC 6649. 31 + * 32 + * ENCTYPE_AES256_CTS_HMAC_SHA1_96 33 + * ENCTYPE_AES128_CTS_HMAC_SHA1_96 34 + * ENCTYPE_DES3_CBC_SHA1 35 + * ENCTYPE_ARCFOUR_HMAC 36 + * ENCTYPE_DES_CBC_MD5 37 + * ENCTYPE_DES_CBC_CRC 38 + * ENCTYPE_DES_CBC_MD4 3 39 */ 4 40 #define KRB5_SUPPORTED_ENCTYPES "18,17,16,23,3,1,2" 41 + 42 + #endif /* CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES */ 43 + 44 + #endif /* _LINUX_SUNRPC_GSS_KRB5_ENCTYPES_H */

+16

net/sunrpc/Kconfig

··· 34 34 35 35 If unsure, say Y. 36 36 37 + config CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES 38 + bool "Secure RPC: Disable insecure Kerberos encryption types" 39 + depends on RPCSEC_GSS_KRB5 40 + default n 41 + help 42 + Choose Y here to disable the use of deprecated encryption types 43 + with the Kerberos version 5 GSS-API mechanism (RFC 1964). The 44 + deprecated encryption types include DES-CBC-MD5, DES-CBC-CRC, 45 + and DES-CBC-MD4. These types were deprecated by RFC 6649 because 46 + they were found to be insecure. 47 + 48 + N is the default because many sites have deployed KDCs and 49 + keytabs that contain only these deprecated encryption types. 50 + Choosing Y prevents the use of known-insecure encryption types 51 + but might result in compatibility problems. 52 + 37 53 config SUNRPC_DEBUG 38 54 bool "RPC: Enable dprintk debugging" 39 55 depends on SUNRPC && SYSCTL

net/sunrpc/auth_gss/gss_krb5_mech.c

··· 53 53 static struct gss_api_mech gss_kerberos_mech; /* forward declaration */ 54 54 55 55 static const struct gss_krb5_enctype supported_gss_krb5_enctypes[] = { 56 + #ifndef CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES 56 57 /* 57 58 * DES (All DES enctypes are mapped to the same gss functionality) 58 59 */ ··· 75 74 .cksumlength = 8, 76 75 .keyed_cksum = 0, 77 76 }, 77 + #endif /* CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES */ 78 78 /* 79 79 * RC4-HMAC 80 80 */