GSSAPI support in 3.8 ?

sxw at inf.ed.ac.uk sxw at inf.ed.ac.uk
Wed Mar 3 08:15:26 EST 2004 

On Tue, 2 Mar 2004, Darren Tucker wrote:

> I don't know much GSSAPI, but from what I recall it was because the 
> draft protocol standard has changed:

The protocol was changed because of concerns that it didn't tie the 
SSH session ID with the context established through GSSAPI. It was felt 
that this didn't provide sufficient protection against certain active 
man-in-the-middle attacks.

> > Because, I am afraid that in a large network that uses GSSAPI for
> > authentication, the new OpenSSH has to be reinstalled on all the systems as
> > the latest version is not compatible with older ones.
> 
> I had heard that Simon was going to provide a patch for backward 
> compatibility for one OpenSSH version.  I'm not sure what the status of 
> that is.

I've now completed testing some minimal patches for backwards 
compatibility. They're attached to this email. Please note that these 
patches are made available purely for the purpose of simplifying the 
migration path - new users should have no need for them. Instructions for 
their use are at the beginning of the patch.

Cheers,

Simon.
-------------- next part --------------
The patch below adds support for the deprecated 'gssapi' authentication
mechanism to OpenSSH 3.8p1. The newer 'gssapi-with-mic' mechanism is included
in this release. The use of 'gssapi' is deprecated due to the presence of 
potential man-in-the-middle attacks, which 'gssapi-with-mic' is not
susceptible to.

To use the patch apply it to a OpenSSH 3.8p1 source tree. After compiling,
backwards compatibility may be obtained by supplying the 
'GssapiEnableMitmAttack yes' option to either the client or server. 

It should be noted that this patch is being made available purely as a means
of easing the process of moving to OpenSSH 3.8p1. Any new installations are
recommended to use the 'gssapi-with-mic' mechanism. Existing installations 
are encouraged to upgrade as soon as possible.

Index: auth2-gss.c
===================================================================
RCS file: /cvs/openssh/auth2-gss.c,v
retrieving revision 1.8
diff -u -r1.8 auth2-gss.c
--- auth2-gss.c	21 Nov 2003 12:56:47 -0000	1.8
+++ auth2-gss.c	2 Mar 2004 20:47:28 -0000
@@ -171,6 +171,15 @@
 				dispatch_set(
 				    SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE,
 				    &input_gssapi_exchange_complete);
+
+			/* 
+			 * Old style 'gssapi' didn't have the GSSAPI_MIC 
+			 * and went straight to sending exchange_complete 
+			 */
+			if (options.gss_enable_mitm)
+				dispatch_set(
+				    SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE,
+				    &input_gssapi_exchange_complete);
 		}
 	}
 
@@ -290,6 +299,12 @@
 	"gssapi-with-mic",
 	userauth_gssapi,
 	&options.gss_authentication
+};
+
+Authmethod method_gssapi_old = {
+	"gssapi",
+	userauth_gssapi,
+	&options.gss_enable_mitm
 };
 
 #endif /* GSSAPI */
Index: auth2.c
===================================================================
RCS file: /cvs/openssh/auth2.c,v
retrieving revision 1.126
diff -u -r1.126 auth2.c
--- auth2.c	17 Nov 2003 10:13:41 -0000	1.126
+++ auth2.c	2 Mar 2004 20:47:28 -0000
@@ -54,6 +54,7 @@
 extern Authmethod method_hostbased;
 #ifdef GSSAPI
 extern Authmethod method_gssapi;
+extern Authmethod method_gssapi_old;
 #endif
 
 Authmethod *authmethods[] = {
@@ -61,6 +62,7 @@
 	&method_pubkey,
 #ifdef GSSAPI
 	&method_gssapi,
+	&method_gssapi_old,
 #endif
 	&method_passwd,
 	&method_kbdint,
Index: readconf.c
===================================================================
RCS file: /cvs/openssh/readconf.c,v
retrieving revision 1.102
diff -u -r1.102 readconf.c
--- readconf.c	17 Dec 2003 05:33:11 -0000	1.102
+++ readconf.c	2 Mar 2004 20:47:28 -0000
@@ -104,7 +104,7 @@
 	oHostKeyAlgorithms, oBindAddress, oSmartcardDevice,
 	oClearAllForwardings, oNoHostAuthenticationForLocalhost,
 	oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
-	oAddressFamily, oGssAuthentication, oGssDelegateCreds,
+	oAddressFamily, oGssAuthentication, oGssDelegateCreds, oGssEnableMITM,
 	oServerAliveInterval, oServerAliveCountMax,
 	oDeprecated, oUnsupported
 } OpCodes;
@@ -139,9 +139,11 @@
 #if defined(GSSAPI)
 	{ "gssapiauthentication", oGssAuthentication },
 	{ "gssapidelegatecredentials", oGssDelegateCreds },
+	{ "gssapienablemitmattack", oGssEnableMITM },
 #else
 	{ "gssapiauthentication", oUnsupported },
 	{ "gssapidelegatecredentials", oUnsupported },
+	{ "gssapienablemitmattack", oUnsupported },
 #endif
 	{ "fallbacktorsh", oDeprecated },
 	{ "usersh", oDeprecated },
@@ -394,6 +396,10 @@
 	case oGssDelegateCreds:
 		intptr = &options->gss_deleg_creds;
 		goto parse_flag;
+		
+	case oGssEnableMITM:
+		intptr = &options->gss_enable_mitm;
+		goto parse_flag;
 
 	case oBatchMode:
 		intptr = &options->batch_mode;
@@ -829,6 +835,7 @@
 	options->challenge_response_authentication = -1;
 	options->gss_authentication = -1;
 	options->gss_deleg_creds = -1;
+	options->gss_enable_mitm = -1;
 	options->password_authentication = -1;
 	options->kbd_interactive_authentication = -1;
 	options->kbd_interactive_devices = NULL;
@@ -907,6 +914,8 @@
 		options->gss_authentication = 0;
 	if (options->gss_deleg_creds == -1)
 		options->gss_deleg_creds = 0;
+	if (options->gss_enable_mitm == -1)
+		options->gss_enable_mitm = 0;
 	if (options->password_authentication == -1)
 		options->password_authentication = 1;
 	if (options->kbd_interactive_authentication == -1)
Index: readconf.h
===================================================================
RCS file: /cvs/openssh/readconf.h,v
retrieving revision 1.51
diff -u -r1.51 readconf.h
--- readconf.h	17 Dec 2003 05:33:11 -0000	1.51
+++ readconf.h	2 Mar 2004 20:47:28 -0000
@@ -43,6 +43,7 @@
 					/* Try S/Key or TIS, authentication. */
 	int     gss_authentication;	/* Try GSS authentication */
 	int     gss_deleg_creds;	/* Delegate GSS credentials */
+	int 	gss_enable_mitm;	/* Enable old style gssapi auth */
 	int     password_authentication;	/* Try password
 						 * authentication. */
 	int     kbd_interactive_authentication; /* Try keyboard-interactive auth. */
Index: servconf.c
===================================================================
RCS file: /cvs/openssh/servconf.c,v
retrieving revision 1.120
diff -u -r1.120 servconf.c
--- servconf.c	23 Jan 2004 11:03:10 -0000	1.120
+++ servconf.c	2 Mar 2004 20:47:28 -0000
@@ -75,6 +75,7 @@
 	options->kerberos_get_afs_token = -1;
 	options->gss_authentication=-1;
 	options->gss_cleanup_creds = -1;
+	options->gss_enable_mitm = -1;
 	options->password_authentication = -1;
 	options->kbd_interactive_authentication = -1;
 	options->challenge_response_authentication = -1;
@@ -188,6 +189,8 @@
 		options->gss_authentication = 0;
 	if (options->gss_cleanup_creds == -1)
 		options->gss_cleanup_creds = 1;
+	if (options->gss_enable_mitm == -1)
+		options->gss_enable_mitm = 0;
 	if (options->password_authentication == -1)
 		options->password_authentication = 1;
 	if (options->kbd_interactive_authentication == -1)
@@ -266,7 +269,7 @@
 	sBanner, sUseDNS, sHostbasedAuthentication,
 	sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
 	sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
-	sGssAuthentication, sGssCleanupCreds,
+	sGssAuthentication, sGssCleanupCreds, sGssEnableMITM,
 	sUsePrivilegeSeparation,
 	sDeprecated, sUnsupported
 } ServerOpCodes;
@@ -321,9 +324,11 @@
 #ifdef GSSAPI
 	{ "gssapiauthentication", sGssAuthentication },
 	{ "gssapicleanupcredentials", sGssCleanupCreds },
+	{ "gssapienablemitmattack", sGssEnableMITM },
 #else
 	{ "gssapiauthentication", sUnsupported },
 	{ "gssapicleanupcredentials", sUnsupported },
+	{ "gssapienablemitmattack", sUnsupported },
 #endif
 	{ "passwordauthentication", sPasswordAuthentication },
 	{ "kbdinteractiveauthentication", sKbdInteractiveAuthentication },
@@ -650,6 +655,10 @@
 
 	case sGssCleanupCreds:
 		intptr = &options->gss_cleanup_creds;
+		goto parse_flag;
+		
+	case sGssEnableMITM:
+		intptr = &options->gss_enable_mitm;
 		goto parse_flag;
 
 	case sPasswordAuthentication:
Index: servconf.h
===================================================================
RCS file: /cvs/openssh/servconf.h,v
retrieving revision 1.59
diff -u -r1.59 servconf.h
--- servconf.h	31 Dec 2003 00:37:34 -0000	1.59
+++ servconf.h	2 Mar 2004 20:47:28 -0000
@@ -84,6 +84,7 @@
 						 * authenticated with Kerberos. */
 	int     gss_authentication;	/* If true, permit GSSAPI authentication */
 	int     gss_cleanup_creds;	/* If true, destroy cred cache on logout */
+	int	gss_enable_mitm;	/* If true, enable old style GSSAPI */
 	int     password_authentication;	/* If true, permit password
 						 * authentication. */
 	int     kbd_interactive_authentication;	/* If true, permit */
Index: sshconnect2.c
===================================================================
RCS file: /cvs/openssh/sshconnect2.c,v
retrieving revision 1.123
diff -u -r1.123 sshconnect2.c
--- sshconnect2.c	21 Jan 2004 00:02:50 -0000	1.123
+++ sshconnect2.c	2 Mar 2004 20:47:28 -0000
@@ -226,6 +226,10 @@
 		userauth_gssapi,
 		&options.gss_authentication,
 		NULL},
+	{"gssapi",
+		userauth_gssapi,
+		&options.gss_enable_mitm,
+		NULL},
 #endif
 	{"hostbased",
 		userauth_hostbased,
@@ -563,7 +567,9 @@
 
 	if (status == GSS_S_COMPLETE) {
 		/* send either complete or MIC, depending on mechanism */
-		if (!(flags & GSS_C_INTEG_FLAG)) {
+		
+		if (strcmp(authctxt->method->name,"gssapi")==0 ||
+		    (!(flags & GSS_C_INTEG_FLAG))) {
 			packet_start(SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE);
 			packet_send();
 		} else {

More information about the openssh-unix-dev mailing list