[19572] in Kerberos_V5_Development

home help back first fref pref prev next nref lref last post

Re: bug with SGN_ALG_MD2_5 case handling in kg_unseal_v1()?

daemon@ATHENA.MIT.EDU (Greg Hudson)
Fri Apr 14 02:13:06 2017

To: MIT Kerberos Dev List <krbdev@mit.edu>
From: Greg Hudson <ghudson@mit.edu>
Message-ID: <1365fc34-8db4-0626-76b5-efe01ac64695@mit.edu>
Date: Fri, 14 Apr 2017 02:12:47 -0400
MIME-Version: 1.0
In-Reply-To: <20170413195556.GA28286@oracle.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu

On 04/13/2017 03:55 PM, Will Fiveash wrote:
> In src/lib/gssapi/krb5/k5unseal.c:kg_unseal_v1() at line 381 which is
> part of the case SGN_ALG_MD2_5 block I see:
> 
>         code = k5_bcmp(md5cksum.contents, ptr + 14, 8);
>         /* Falls through to defective-token??  */
> 
>     default:
>         *minor_status = 0;
>         return(GSS_S_DEFECTIVE_TOKEN);
> 
> This seems like a bug given the processing that precedes this, thoughts?

It does look like a bug.  The code's been like that since 1.0; the
comment was added in 1.2.  It would seem that unwrapping tokens using
SGN_ALG_MD2_5 never worked, and we could probably get rid of the code.
Neither our code nor Heimdal's appears to choose SGN_ALG_MD2_5 when
creating tokens, by my reading.

(According to RFC 1964, "MD2.5" refers to using half of the 128-bit MD5
checksum; it doesn't actually reference the MD2 hash algorithm.)
_______________________________________________
krbdev mailing list             krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev

home help back first fref pref prev next nref lref last post