Is there a fix available for CAN-2003-0190

Senthil Kumar senthilkumar_sen at
Fri Dec 24 21:16:07 EST 2004


I moved the authctxt->valid check to the `out: ` block replacing the 
kerberosorlocalpasswd checking and the diff is given below. Now there is no 
difference in time delay for the appearance of prompts, in case of valid and 
invalid user in my setup.

diff auth-krb5-openssh.c auth-krb5-fix.c
<       if (!authctxt->valid)
<               return (0);
<               if (options.kerberos_or_local_passwd)
<                       return (-1);
<               else
<                       return (0);
>                 if((authctxt->valid && options.kerberos_or_local_passwd) + 
> options.kerberos_or_local_passwd)
>                         return (-1);
>                 else
>                         return (0);

Any comments??

Senthil Kumar.

----- Original Message ----- 
From: "Sergio Gelato" <Sergio.Gelato at>
To: "Senthil Kumar" <senthilkumar_sen at>
Cc: "OpenSSH Devel List" <openssh-unix-dev at>
Sent: Thursday, December 23, 2004 5:58 PM
Subject: Re: Is there a fix available for CAN-2003-0190

>* Senthil Kumar [2004-12-23 17:18:58 +0530]:
>> Sergio Gelato wrote;
>> >I see that the rest of that function has an "if (problem) goto out;" 
>> >after
>> >every krb5 library call. Doesn't that also introduce measurable time
>> >differences? Interesting.
>> I wrote a test case with expect to measure the time difference for valid
>> and invalid user with the same workaround as said before. It seems to 
>> have
>> same amount of delay.
> I've been thinking a little more about this, and suspect (but haven't
> actually verified) that this may depend on how your realm is set up.
>> Also the `if (problem) goto out;`  loop doesn't introduce a time
>> difference, bcoz the  krb5 library call krb5_get_init_creds_password()
>> fails for both validuser+badpasswd and invaliduser+badpasswd.
> Yes, but in some setups the validuser+badpassword may involve an extra
> round-trip to the KDC. I'm thinking of situations in which the principal
> is marked "requires-preauth" and the client krb5 library doesn't take the
> initiative of sending the PA-DATA in the first request. Arguably this
> should be fixed by telling the client libkrb5 to always send PA-DATA,
> so it isn't necessarily something OpenSSH should concern itself with.
> [Note also that if the attacker knows that Kerberos is involved and can
> talk directly to the KDC, (s)he can find out which principals exist a lot
> more easily than through ssh.]
>> So I like to know whether the removal of authctxt->valid checking in
>> auth-krb5.c have any other impact.
> Well, Darren seems willing to vouch for the fact that authctxt->pw will
> contain safe data, now and in future versions. If that's the case,
> moving the authctxt->valid check to the out: block at the end of the
> function should be OK. I was going to suggest that the fake authctxt->pw
> be chosen to imply a valid Kerberos principal, but on second thought it's
> probably better to resolve any timing differences at the krb5.conf
> (library configuration) level so that other applications may also benefit.
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at

Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (
Version: 6.0.791 / Virus Database: 535 - Release Date: 11/15/2004 

More information about the openssh-unix-dev mailing list