This authentication method is obsolete and it is time it dies for good.
Sorry for spamming again, the first time I forgot to singoff the commits.
Simo Sorce (7):
Kill SPKM3: Remove spkm3 references from svcgssd
Kill SPKM3: Remove spkm3 support from gssd
Kill SPKM3: remove spkm3 from common gssd code
Kill SPKM3: Remove spkm3 support from nfs.mount
Kill SPKM3: Remove spkm3 support from exports
Kill SPKM3: Stop checking for spkm3.h in configure
Kill SPKM3: Remove mentions of SPKM3 from README
README | 4 +-
configure.ac | 3 -
support/include/pseudoflavors.h | 3 -
support/nfs/exports.c | 3 -
utils/gssd/Makefile.am | 1 -
utils/gssd/context.c | 4 -
utils/gssd/context.h | 2 -
utils/gssd/context_spkm3.c | 184 ---------------------------------------
utils/gssd/gss_oids.c | 3 -
utils/gssd/gss_oids.h | 1 -
utils/gssd/gssd.h | 5 +-
utils/gssd/gssd_main_loop.c | 11 ---
utils/gssd/gssd_proc.c | 106 +----------------------
utils/gssd/svcgssd_mech2file.c | 1 -
utils/gssd/svcgssd_proc.c | 8 +--
utils/mount/nfs.man | 7 +-
utils/mount/nfs_mount.h | 3 -
utils/mount/nfsmount.c | 6 --
18 files changed, 10 insertions(+), 345 deletions(-)
delete mode 100644 utils/gssd/context_spkm3.c
--
1.7.7.6
Signed-off-by: Simo Sorce <[email protected]>
---
utils/gssd/Makefile.am | 1 -
utils/gssd/context.c | 4 -
utils/gssd/context.h | 2 -
utils/gssd/context_spkm3.c | 184 --------------------------------------------
4 files changed, 0 insertions(+), 191 deletions(-)
delete mode 100644 utils/gssd/context_spkm3.c
diff --git a/utils/gssd/Makefile.am b/utils/gssd/Makefile.am
index d29e132ab7191ed88ce625903c3afc651e4aca07..2365704c5db9b15d17f42b75adcb17f07f7e216f 100644
--- a/utils/gssd/Makefile.am
+++ b/utils/gssd/Makefile.am
@@ -17,7 +17,6 @@ COMMON_SRCS = \
context_mit.c \
context_heimdal.c \
context_lucid.c \
- context_spkm3.c \
gss_util.c \
gss_oids.c \
err_util.c \
diff --git a/utils/gssd/context.c b/utils/gssd/context.c
index 1e50bbfd85d6073c8bea39e2ae84d36c0ee5fec9..fee7da27906e94b990fb7c49d73bf4f27a7003ac 100644
--- a/utils/gssd/context.c
+++ b/utils/gssd/context.c
@@ -51,10 +51,6 @@ serialize_context_for_kernel(gss_ctx_id_t ctx,
{
if (g_OID_equal(&krb5oid, mech))
return serialize_krb5_ctx(ctx, buf, endtime);
-#ifdef HAVE_SPKM3_H
- else if (g_OID_equal(&spkm3oid, mech))
- return serialize_spkm3_ctx(ctx, buf, endtime);
-#endif
else {
printerr(0, "ERROR: attempting to serialize context with "
"unknown/unsupported mechanism oid\n");
diff --git a/utils/gssd/context.h b/utils/gssd/context.h
index c9cb0bd7496398e8304a1040bae8b7f30ea7d05a..0e437f4a34f0862b8f89bd0d6fe62c41a3a1c906 100644
--- a/utils/gssd/context.h
+++ b/utils/gssd/context.h
@@ -43,8 +43,6 @@
int serialize_context_for_kernel(gss_ctx_id_t ctx, gss_buffer_desc *buf,
gss_OID mech, int32_t *endtime);
-int serialize_spkm3_ctx(gss_ctx_id_t ctx, gss_buffer_desc *buf,
- int32_t *endtime);
int serialize_krb5_ctx(gss_ctx_id_t ctx, gss_buffer_desc *buf,
int32_t *endtime);
diff --git a/utils/gssd/context_spkm3.c b/utils/gssd/context_spkm3.c
deleted file mode 100644
index b927475c63692a7a5a6a1565151013595d83b643..0000000000000000000000000000000000000000
--- a/utils/gssd/context_spkm3.c
+++ /dev/null
@@ -1,184 +0,0 @@
-/*
- Copyright (c) 2004 The Regents of the University of Michigan.
- All rights reserved.
-
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions
- are met:
-
- 1. Redistributions of source code must retain the above copyright
- notice, this list of conditions and the following disclaimer.
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
- 3. Neither the name of the University nor the names of its
- contributors may be used to endorse or promote products derived
- from this software without specific prior written permission.
-
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
- WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
- MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
- BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
- LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
- NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
- SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-*/
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif /* HAVE_CONFIG_H */
-
-#include <stdio.h>
-#include <syslog.h>
-#include <string.h>
-#include <gssapi/gssapi.h>
-#include <rpc/rpc.h>
-#include <rpc/auth_gss.h>
-#include "gss_util.h"
-#include "gss_oids.h"
-#include "err_util.h"
-#include "context.h"
-
-#ifdef HAVE_SPKM3_H
-
-#include <spkm3.h>
-
-/*
- * Function: prepare_spkm3_ctx_buffer()
- *
- * Prepare spkm3 lucid context for the kernel
- *
- * buf->length should be:
- *
- * version 4
- * ctx_id 4 + 12
- * qop 4
- * mech_used 4 + 7
- * ret_fl 4
- * req_fl 4
- * share 4 + key_len
- * conf_alg 4 + oid_len
- * d_conf_key 4 + key_len
- * intg_alg 4 + oid_len
- * d_intg_key 4 + key_len
- * kyestb 4 + oid_len
- * owl alg 4 + oid_len
-*/
-static int
-prepare_spkm3_ctx_buffer(gss_spkm3_lucid_ctx_t *lctx, gss_buffer_desc *buf)
-{
- char *p, *end;
- unsigned int buf_size = 0;
-
- buf_size = sizeof(lctx->version) +
- lctx->ctx_id.length + sizeof(lctx->ctx_id.length) +
- sizeof(lctx->endtime) +
- sizeof(lctx->mech_used.length) + lctx->mech_used.length +
- sizeof(lctx->ret_flags) +
- sizeof(lctx->conf_alg.length) + lctx->conf_alg.length +
- sizeof(lctx->derived_conf_key.length) +
- lctx->derived_conf_key.length +
- sizeof(lctx->intg_alg.length) + lctx->intg_alg.length +
- sizeof(lctx->derived_integ_key.length) +
- lctx->derived_integ_key.length;
-
- if (!(buf->value = calloc(1, buf_size)))
- goto out_err;
- p = buf->value;
- end = buf->value + buf_size;
-
- if (WRITE_BYTES(&p, end, lctx->version))
- goto out_err;
- printerr(2, "DEBUG: exporting version = %d\n", lctx->version);
-
- if (write_buffer(&p, end, &lctx->ctx_id))
- goto out_err;
- printerr(2, "DEBUG: exporting ctx_id(%d)\n", lctx->ctx_id.length);
-
- if (WRITE_BYTES(&p, end, lctx->endtime))
- goto out_err;
- printerr(2, "DEBUG: exporting endtime = %d\n", lctx->endtime);
-
- if (write_buffer(&p, end, &lctx->mech_used))
- goto out_err;
- printerr(2, "DEBUG: exporting mech oid (%d)\n", lctx->mech_used.length);
-
- if (WRITE_BYTES(&p, end, lctx->ret_flags))
- goto out_err;
- printerr(2, "DEBUG: exporting ret_flags = %d\n", lctx->ret_flags);
-
- if (write_buffer(&p, end, &lctx->conf_alg))
- goto out_err;
- printerr(2, "DEBUG: exporting conf_alg oid (%d)\n", lctx->conf_alg.length);
-
- if (write_buffer(&p, end, &lctx->derived_conf_key))
- goto out_err;
- printerr(2, "DEBUG: exporting conf key (%d)\n", lctx->derived_conf_key.length);
-
- if (write_buffer(&p, end, &lctx->intg_alg))
- goto out_err;
- printerr(2, "DEBUG: exporting intg_alg oid (%d)\n", lctx->intg_alg.length);
-
- if (write_buffer(&p, end, &lctx->derived_integ_key))
- goto out_err;
- printerr(2, "DEBUG: exporting intg key (%d)\n", lctx->derived_integ_key.length);
-
- buf->length = p - (char *)buf->value;
- return 0;
-out_err:
- printerr(0, "ERROR: failed serializing spkm3 context for kernel\n");
- if (buf->value) free(buf->value);
- buf->length = 0;
-
- return -1;
-}
-
-/* ANDROS: need to determine which fields of the spkm3_gss_ctx_id_desc_t
- * are needed in the kernel for get_mic, validate, wrap, unwrap, and destroy
- * and only export those fields to the kernel.
- */
-int
-serialize_spkm3_ctx(gss_ctx_id_t ctx, gss_buffer_desc *buf, int32_t *endtime)
-{
- OM_uint32 vers, ret, maj_stat, min_stat;
- void *ret_ctx = 0;
- gss_spkm3_lucid_ctx_t *lctx;
-
- printerr(1, "serialize_spkm3_ctx called\n");
-
- printerr(2, "DEBUG: serialize_spkm3_ctx: lucid version!\n");
- maj_stat = gss_export_lucid_sec_context(&min_stat, &ctx, 1, &ret_ctx);
- if (maj_stat != GSS_S_COMPLETE)
- goto out_err;
-
- lctx = (gss_spkm3_lucid_ctx_t *)ret_ctx;
-
- vers = lctx->version;
- if (vers != 1) {
- printerr(0, "ERROR: unsupported spkm3 context version %d\n",
- vers);
- goto out_err;
- }
- ret = prepare_spkm3_ctx_buffer(lctx, buf);
-
- if (endtime)
- *endtime = lctx->endtime;
-
- maj_stat = gss_free_lucid_sec_context(&min_stat, ctx, ret_ctx);
-
- if (maj_stat != GSS_S_COMPLETE)
- printerr(0, "WARN: failed to free lucid sec context\n");
- if (ret)
- goto out_err;
- printerr(2, "DEBUG: serialize_spkm3_ctx: success\n");
- return 0;
-
-out_err:
- printerr(2, "DEBUG: serialize_spkm3_ctx: failed\n");
- return -1;
-}
-#endif /* HAVE_SPKM3_H */
--
1.7.7.6
Signed-off-by: Simo Sorce <[email protected]>
---
utils/gssd/svcgssd_mech2file.c | 1 -
utils/gssd/svcgssd_proc.c | 8 ++------
2 files changed, 2 insertions(+), 7 deletions(-)
diff --git a/utils/gssd/svcgssd_mech2file.c b/utils/gssd/svcgssd_mech2file.c
index 65de8d01fedba026f35b11c4bd689f634579ef8d..a3177f6ff8ab7e0ee5eef7c830ce2c2042553c3c 100644
--- a/utils/gssd/svcgssd_mech2file.c
+++ b/utils/gssd/svcgssd_mech2file.c
@@ -53,7 +53,6 @@ struct mech2file {
struct mech2file m2f[] = {
{{9, "\052\206\110\206\367\022\001\002\002"}, "krb5"},
- {{7, "\053\006\001\005\005\001\003"}, "spkm3"},
{{7, "\053\006\001\005\005\001\009"}, "lipkey"},
{{0,0},""},
};
diff --git a/utils/gssd/svcgssd_proc.c b/utils/gssd/svcgssd_proc.c
index c714d99dd654aaff3b3369bebcbc0df0946284dd..0d4f78d9668396aaebb05ab97804cfb1e8d5ed5a 100644
--- a/utils/gssd/svcgssd_proc.c
+++ b/utils/gssd/svcgssd_proc.c
@@ -369,12 +369,8 @@ get_hostbased_client_name(gss_name_t client_name, gss_OID mech,
if (g_OID_equal(&krb5oid, mech)) {
if (get_krb5_hostbased_name(&name, &cname) == 0)
*hostbased_name = cname;
- }
-
- /* No support for SPKM3, just print a warning (for now) */
- if (g_OID_equal(&spkm3oid, mech)) {
- printerr(1, "WARNING: get_hostbased_client_name: "
- "no hostbased_name support for SPKM3\n");
+ } else {
+ printerr(1, "WARNING: unknown/unsupport mech OID\n");
}
res = 0;
--
1.7.7.6
On Fri, Mar 09, 2012 at 04:31:57PM -0500, Daniel Kahn Gillmor wrote:
> On 03/09/2012 02:49 PM, Simo Sorce wrote:
> >This authentication method is obsolete and it is time it dies for good.
>
> Can i ask what it has been obsoleted by?
I think pku2u? Someone who's following that effort will have to comment
on how far along it is.
> Neither https://tools.ietf.org/html/rfc2025 [SPKM] nor
> https://tools.ietf.org/html/rfc2847 [LIPKEY] seem to suggest an
> inheritor, and kerberos5 does not provide direct public-key-based
> authentication (it's still reliant on an active and trusted
> third-party).
>
> So it seems like SPKM and LIPKEY offer a cryptographic model that is
> otherwise unavailable for authentication between NFS endpoints.
Understood that people would like such a thing, but alas spkm3 and
lipkey never quite managed to provide it.
--b.
Signed-off-by: Simo Sorce <[email protected]>
---
utils/mount/nfs.man | 7 ++-----
utils/mount/nfs_mount.h | 3 ---
utils/mount/nfsmount.c | 6 ------
3 files changed, 2 insertions(+), 14 deletions(-)
diff --git a/utils/mount/nfs.man b/utils/mount/nfs.man
index 2ad92d1e55c7aab52c24fee64da11f6a25985999..810bfc075cb2629beedb8738f60e3f5fdf771f1e 100644
--- a/utils/mount/nfs.man
+++ b/utils/mount/nfs.man
@@ -375,11 +375,8 @@ Valid security flavors are
.BR krb5p ,
.BR lkey ,
.BR lkeyi ,
+and
.BR lkeyp ,
-.BR spkm ,
-.BR spkmi ,
-and
-.BR spkmp .
Refer to the SECURITY CONSIDERATIONS section for details.
.TP 1.5i
.BR sharecache " / " nosharecache
@@ -1416,7 +1413,7 @@ security flavor encrypts every RPC request
to prevent data exposure during network transit; however,
expect some performance impact
when using integrity checking or encryption.
-Similar support for other forms of cryptographic security (such as lipkey and SPKM3)
+Similar support for other forms of cryptographic security (such as lipkey)
is also available.
.P
The NFS version 4 protocol allows
diff --git a/utils/mount/nfs_mount.h b/utils/mount/nfs_mount.h
index 2becfb1a0d655093385f47571b026124218fcf46..ec30c9b62a6da09c8671e3b8b7c995e1ef7f7e3c 100644
--- a/utils/mount/nfs_mount.h
+++ b/utils/mount/nfs_mount.h
@@ -75,9 +75,6 @@ struct nfs_mount_data {
#define AUTH_GSS_LKEY 390006
#define AUTH_GSS_LKEYI 390007
#define AUTH_GSS_LKEYP 390008
-#define AUTH_GSS_SPKM 390009
-#define AUTH_GSS_SPKMI 390010
-#define AUTH_GSS_SPKMP 390011
#endif
int nfsmount(const char *, const char *, int , char **, int, int);
diff --git a/utils/mount/nfsmount.c b/utils/mount/nfsmount.c
index 1298fe44485789bae59cc10cf7430c2599b4f5a5..7bd1c97b291eb585221452ba865036d25e7fa8ff 100644
--- a/utils/mount/nfsmount.c
+++ b/utils/mount/nfsmount.c
@@ -300,12 +300,6 @@ parse_options(char *old_opts, struct nfs_mount_data *data,
data->pseudoflavor = AUTH_GSS_LKEYI;
else if (!strcmp(secflavor, "lipkey-p"))
data->pseudoflavor = AUTH_GSS_LKEYP;
- else if (!strcmp(secflavor, "spkm3"))
- data->pseudoflavor = AUTH_GSS_SPKM;
- else if (!strcmp(secflavor, "spkm3i"))
- data->pseudoflavor = AUTH_GSS_SPKMI;
- else if (!strcmp(secflavor, "spkm3p"))
- data->pseudoflavor = AUTH_GSS_SPKMP;
else if (sloppy)
continue;
else {
--
1.7.7.6
Signed-off-by: Simo Sorce <[email protected]>
---
support/include/pseudoflavors.h | 3 ---
support/nfs/exports.c | 3 ---
2 files changed, 0 insertions(+), 6 deletions(-)
diff --git a/support/include/pseudoflavors.h b/support/include/pseudoflavors.h
index c21087b9b52f9d76d12fe798c320c1d193b8a0e9..deb052b130e6ad8d1ac49693d6c71843159fc6c5 100644
--- a/support/include/pseudoflavors.h
+++ b/support/include/pseudoflavors.h
@@ -4,9 +4,6 @@
#define RPC_AUTH_GSS_LKEY 390006
#define RPC_AUTH_GSS_LKEYI 390007
#define RPC_AUTH_GSS_LKEYP 390008
-#define RPC_AUTH_GSS_SPKM 390009
-#define RPC_AUTH_GSS_SPKMI 390010
-#define RPC_AUTH_GSS_SPKMP 390011
struct flav_info {
char *flavour;
diff --git a/support/nfs/exports.c b/support/nfs/exports.c
index c96500fdc73a0e09914edf6f4211703d1d84a539..6e7ed699dfda6863e1bb1c0ef7894d473232f834 100644
--- a/support/nfs/exports.c
+++ b/support/nfs/exports.c
@@ -42,9 +42,6 @@ struct flav_info flav_map[] = {
{ "lipkey", RPC_AUTH_GSS_LKEY },
{ "lipkey-i", RPC_AUTH_GSS_LKEYI },
{ "lipkey-p", RPC_AUTH_GSS_LKEYP },
- { "spkm3", RPC_AUTH_GSS_SPKM },
- { "spkm3i", RPC_AUTH_GSS_SPKMI },
- { "spkm3p", RPC_AUTH_GSS_SPKMP },
{ "unix", AUTH_UNIX },
{ "sys", AUTH_SYS },
{ "null", AUTH_NULL },
--
1.7.7.6
On Sat, Mar 10, 2012 at 10:32:28PM -0500, Daniel Kahn Gillmor wrote:
> On 03/09/2012 04:54 PM, J. Bruce Fields wrote:
> >Understood that people would like such a thing, but alas spkm3 and
> >lipkey never quite managed to provide it.
>
> Can you point me to an explanation of what is missing from spkm3 and
> lipkey for this goal? I'd like to understand this problem space
> better.
Sorry, no. Maybe somebody else can.
Googling for spkm3 and looking for ietf mailing discussions might be a
starting point.
--b.
Also kill the lipkey auth method which depends on the,
now completely defunct, spkm3 auth method.
Simo Sorce (1):
Kill SPKM3: Remove also the dependent lipkey mechanism
support/nfs/exports.c | 3 ---
utils/gssd/svcgssd_mech2file.c | 1 -
utils/mount/nfs.man | 7 ++-----
utils/mount/nfsmount.c | 6 ------
4 files changed, 2 insertions(+), 15 deletions(-)
--
1.7.7.6
Signed-off-by: Simo Sorce <[email protected]>
---
support/nfs/exports.c | 3 ---
utils/gssd/svcgssd_mech2file.c | 1 -
utils/mount/nfs.man | 7 ++-----
utils/mount/nfsmount.c | 6 ------
4 files changed, 2 insertions(+), 15 deletions(-)
diff --git a/support/nfs/exports.c b/support/nfs/exports.c
index 6e7ed699dfda6863e1bb1c0ef7894d473232f834..84a2b08b1f3c69e1b9765e1e42a7aa90c9b3d082 100644
--- a/support/nfs/exports.c
+++ b/support/nfs/exports.c
@@ -39,9 +39,6 @@ struct flav_info flav_map[] = {
{ "krb5", RPC_AUTH_GSS_KRB5 },
{ "krb5i", RPC_AUTH_GSS_KRB5I },
{ "krb5p", RPC_AUTH_GSS_KRB5P },
- { "lipkey", RPC_AUTH_GSS_LKEY },
- { "lipkey-i", RPC_AUTH_GSS_LKEYI },
- { "lipkey-p", RPC_AUTH_GSS_LKEYP },
{ "unix", AUTH_UNIX },
{ "sys", AUTH_SYS },
{ "null", AUTH_NULL },
diff --git a/utils/gssd/svcgssd_mech2file.c b/utils/gssd/svcgssd_mech2file.c
index a3177f6ff8ab7e0ee5eef7c830ce2c2042553c3c..ecd908bc24b827b9553f6394b5bab6213359a711 100644
--- a/utils/gssd/svcgssd_mech2file.c
+++ b/utils/gssd/svcgssd_mech2file.c
@@ -53,7 +53,6 @@ struct mech2file {
struct mech2file m2f[] = {
{{9, "\052\206\110\206\367\022\001\002\002"}, "krb5"},
- {{7, "\053\006\001\005\005\001\009"}, "lipkey"},
{{0,0},""},
};
diff --git a/utils/mount/nfs.man b/utils/mount/nfs.man
index 810bfc075cb2629beedb8738f60e3f5fdf771f1e..0d20cf0d190665178c28b9efa45f22680397f73b 100644
--- a/utils/mount/nfs.man
+++ b/utils/mount/nfs.man
@@ -372,11 +372,8 @@ Valid security flavors are
.BR sys ,
.BR krb5 ,
.BR krb5i ,
+and
.BR krb5p ,
-.BR lkey ,
-.BR lkeyi ,
-and
-.BR lkeyp ,
Refer to the SECURITY CONSIDERATIONS section for details.
.TP 1.5i
.BR sharecache " / " nosharecache
@@ -1413,7 +1410,7 @@ security flavor encrypts every RPC request
to prevent data exposure during network transit; however,
expect some performance impact
when using integrity checking or encryption.
-Similar support for other forms of cryptographic security (such as lipkey)
+Similar support for other forms of cryptographic security
is also available.
.P
The NFS version 4 protocol allows
diff --git a/utils/mount/nfsmount.c b/utils/mount/nfsmount.c
index 7bd1c97b291eb585221452ba865036d25e7fa8ff..930622d94b57f6e4dd12497fb99277dc76580ecf 100644
--- a/utils/mount/nfsmount.c
+++ b/utils/mount/nfsmount.c
@@ -294,12 +294,6 @@ parse_options(char *old_opts, struct nfs_mount_data *data,
data->pseudoflavor = AUTH_GSS_KRB5I;
else if (!strcmp(secflavor, "krb5p"))
data->pseudoflavor = AUTH_GSS_KRB5P;
- else if (!strcmp(secflavor, "lipkey"))
- data->pseudoflavor = AUTH_GSS_LKEY;
- else if (!strcmp(secflavor, "lipkey-i"))
- data->pseudoflavor = AUTH_GSS_LKEYI;
- else if (!strcmp(secflavor, "lipkey-p"))
- data->pseudoflavor = AUTH_GSS_LKEYP;
else if (sloppy)
continue;
else {
--
1.7.7.6
Signed-off-by: Simo Sorce <[email protected]>
---
utils/gssd/gss_oids.c | 3 -
utils/gssd/gss_oids.h | 1 -
utils/gssd/gssd.h | 5 +--
utils/gssd/gssd_main_loop.c | 11 -----
utils/gssd/gssd_proc.c | 106 +-----------------------------------------
5 files changed, 4 insertions(+), 122 deletions(-)
diff --git a/utils/gssd/gss_oids.c b/utils/gssd/gss_oids.c
index a59c4a6428859ea0229252b063e0bc14164df63d..4362de26fbdcf7d23288da1b712fbd1ab0b4607b 100644
--- a/utils/gssd/gss_oids.c
+++ b/utils/gssd/gss_oids.c
@@ -38,6 +38,3 @@
/* from kerberos source, gssapi_krb5.c */
gss_OID_desc krb5oid =
{9, "\052\206\110\206\367\022\001\002\002"};
-
-gss_OID_desc spkm3oid =
- {7, "\053\006\001\005\005\001\003"};
diff --git a/utils/gssd/gss_oids.h b/utils/gssd/gss_oids.h
index 8b0a35219430ffa7711bbbdbc7ff3c37ff4ff9a0..fde8532ab3b480e5c43cf5a91abc9265b96d80aa 100644
--- a/utils/gssd/gss_oids.h
+++ b/utils/gssd/gss_oids.h
@@ -34,7 +34,6 @@
#include <sys/types.h>
extern gss_OID_desc krb5oid;
-extern gss_OID_desc spkm3oid;
#ifndef g_OID_equal
#define g_OID_equal(o1,o2) \
diff --git a/utils/gssd/gssd.h b/utils/gssd/gssd.h
index b1b57938c3490802ea659a5e54ca72218a806222..40f824cd19c2056f160c44764acb039a40df8f92 100644
--- a/utils/gssd/gssd.h
+++ b/utils/gssd/gssd.h
@@ -55,7 +55,7 @@
/*
* The gss mechanisms that we can handle
*/
-enum {AUTHTYPE_KRB5, AUTHTYPE_SPKM3, AUTHTYPE_LIPKEY};
+enum {AUTHTYPE_KRB5, AUTHTYPE_LIPKEY};
@@ -80,8 +80,6 @@ struct clnt_info {
char *protocol;
int krb5_fd;
int krb5_poll_index;
- int spkm3_fd;
- int spkm3_poll_index;
int gssd_fd;
int gssd_poll_index;
struct sockaddr_storage addr;
@@ -98,7 +96,6 @@ struct topdirs_info {
void init_client_list(void);
int update_client_list(void);
void handle_krb5_upcall(struct clnt_info *clp);
-void handle_spkm3_upcall(struct clnt_info *clp);
void handle_gssd_upcall(struct clnt_info *clp);
void gssd_run(void);
diff --git a/utils/gssd/gssd_main_loop.c b/utils/gssd/gssd_main_loop.c
index b06c223294f2f0aadc928ba8d73d6b711e164ba0..cec09ea5b218fa6d586f5d5798e0280d4dde4125 100644
--- a/utils/gssd/gssd_main_loop.c
+++ b/utils/gssd/gssd_main_loop.c
@@ -98,17 +98,6 @@ scan_poll_results(int ret)
if (!ret)
break;
}
- i = clp->spkm3_poll_index;
- if (i >= 0 && pollarray[i].revents) {
- if (pollarray[i].revents & POLLHUP)
- dir_changed = 1;
- if (pollarray[i].revents & POLLIN)
- handle_spkm3_upcall(clp);
- pollarray[clp->spkm3_poll_index].revents = 0;
- ret--;
- if (!ret)
- break;
- }
}
};
diff --git a/utils/gssd/gssd_proc.c b/utils/gssd/gssd_proc.c
index 41328c9b18483e8f7f5d9a2edc8eb9bce9465e30..a51dbaeba3d06e8414356573418bf02b36a15d6c 100644
--- a/utils/gssd/gssd_proc.c
+++ b/utils/gssd/gssd_proc.c
@@ -299,15 +299,11 @@ destroy_client(struct clnt_info *clp)
if (clp->krb5_poll_index != -1)
memset(&pollarray[clp->krb5_poll_index], 0,
sizeof(struct pollfd));
- if (clp->spkm3_poll_index != -1)
- memset(&pollarray[clp->spkm3_poll_index], 0,
- sizeof(struct pollfd));
if (clp->gssd_poll_index != -1)
memset(&pollarray[clp->gssd_poll_index], 0,
sizeof(struct pollfd));
if (clp->dir_fd != -1) close(clp->dir_fd);
if (clp->krb5_fd != -1) close(clp->krb5_fd);
- if (clp->spkm3_fd != -1) close(clp->spkm3_fd);
if (clp->gssd_fd != -1) close(clp->gssd_fd);
free(clp->dirname);
free(clp->servicename);
@@ -327,10 +323,8 @@ insert_new_clnt(void)
goto out;
}
clp->krb5_poll_index = -1;
- clp->spkm3_poll_index = -1;
clp->gssd_poll_index = -1;
clp->krb5_fd = -1;
- clp->spkm3_fd = -1;
clp->gssd_fd = -1;
clp->dir_fd = -1;
@@ -355,30 +349,22 @@ process_clnt_dir_files(struct clnt_info * clp)
snprintf(name, sizeof(name), "%s/krb5", clp->dirname);
clp->krb5_fd = open(name, O_RDWR);
}
- if (clp->spkm3_fd == -1) {
- snprintf(name, sizeof(name), "%s/spkm3", clp->dirname);
- clp->spkm3_fd = open(name, O_RDWR);
- }
/* If we opened a gss-specific pipe, let's try opening
* the new upcall pipe again. If we succeed, close
* gss-specific pipe(s).
*/
- if (clp->krb5_fd != -1 || clp->spkm3_fd != -1) {
+ if (clp->krb5_fd != -1) {
clp->gssd_fd = open(gname, O_RDWR);
if (clp->gssd_fd != -1) {
if (clp->krb5_fd != -1)
close(clp->krb5_fd);
clp->krb5_fd = -1;
- if (clp->spkm3_fd != -1)
- close(clp->spkm3_fd);
- clp->spkm3_fd = -1;
}
}
}
- if ((clp->krb5_fd == -1) && (clp->spkm3_fd == -1) &&
- (clp->gssd_fd == -1))
+ if ((clp->krb5_fd == -1) && (clp->gssd_fd == -1))
return -1;
snprintf(info_file_name, sizeof(info_file_name), "%s/info",
clp->dirname);
@@ -431,15 +417,6 @@ insert_clnt_poll(struct clnt_info *clp)
pollarray[clp->krb5_poll_index].events |= POLLIN;
}
- if ((clp->spkm3_fd != -1) && (clp->spkm3_poll_index == -1)) {
- if (get_poll_index(&clp->spkm3_poll_index)) {
- printerr(0, "ERROR: Too many spkm3 clients\n");
- return -1;
- }
- pollarray[clp->spkm3_poll_index].fd = clp->spkm3_fd;
- pollarray[clp->spkm3_poll_index].events |= POLLIN;
- }
-
return 0;
}
@@ -839,13 +816,6 @@ int create_auth_rpc_client(struct clnt_info *clp,
sec.mech = (gss_OID)&krb5oid;
sec.req_flags = GSS_C_MUTUAL_FLAG;
}
- else if (authtype == AUTHTYPE_SPKM3) {
- sec.mech = (gss_OID)&spkm3oid;
- /* XXX sec.req_flags = GSS_C_ANON_FLAG;
- * Need a way to switch....
- */
- sec.req_flags = GSS_C_MUTUAL_FLAG;
- }
else {
printerr(0, "ERROR: Invalid authentication type (%d) "
"in create_auth_rpc_client\n", authtype);
@@ -919,9 +889,8 @@ int create_auth_rpc_client(struct clnt_info *clp,
auth = authgss_create_default(rpc_clnt, clp->servicename, &sec);
if (!auth) {
/* Our caller should print appropriate message */
- printerr(2, "WARNING: Failed to create %s context for "
+ printerr(2, "WARNING: Failed to create krb5 context for "
"user with uid %d for server %s\n",
- (authtype == AUTHTYPE_KRB5 ? "krb5":"spkm3"),
uid, clp->servername);
goto out_fail;
}
@@ -1103,59 +1072,6 @@ out_return_error:
goto out;
}
-/*
- * this code uses the userland rpcsec gss library to create an spkm3
- * context on behalf of the kernel
- */
-static void
-process_spkm3_upcall(struct clnt_info *clp, uid_t uid, int fd)
-{
- CLIENT *rpc_clnt = NULL;
- AUTH *auth = NULL;
- struct authgss_private_data pd;
- gss_buffer_desc token;
-
- printerr(2, "handling spkm3 upcall (%s)\n", clp->dirname);
-
- token.length = 0;
- token.value = NULL;
-
- if (create_auth_rpc_client(clp, &rpc_clnt, &auth, uid, AUTHTYPE_SPKM3)) {
- printerr(0, "WARNING: Failed to create spkm3 context for "
- "user with uid %d\n", uid);
- goto out_return_error;
- }
-
- if (!authgss_get_private_data(auth, &pd)) {
- printerr(0, "WARNING: Failed to obtain authentication "
- "data for user with uid %d for server %s\n",
- uid, clp->servername);
- goto out_return_error;
- }
-
- if (serialize_context_for_kernel(pd.pd_ctx, &token, &spkm3oid, NULL)) {
- printerr(0, "WARNING: Failed to serialize spkm3 context for "
- "user with uid %d for server\n",
- uid, clp->servername);
- goto out_return_error;
- }
-
- do_downcall(fd, uid, &pd, &token);
-
-out:
- if (token.value)
- free(token.value);
- if (auth)
- AUTH_DESTROY(auth);
- if (rpc_clnt)
- clnt_destroy(rpc_clnt);
- return;
-
-out_return_error:
- do_error_downcall(fd, uid, -1);
- goto out;
-}
-
void
handle_krb5_upcall(struct clnt_info *clp)
{
@@ -1171,20 +1087,6 @@ handle_krb5_upcall(struct clnt_info *clp)
}
void
-handle_spkm3_upcall(struct clnt_info *clp)
-{
- uid_t uid;
-
- if (read(clp->spkm3_fd, &uid, sizeof(uid)) < (ssize_t)sizeof(uid)) {
- printerr(0, "WARNING: failed reading uid from spkm3 "
- "upcall pipe: %s\n", strerror(errno));
- return;
- }
-
- return process_spkm3_upcall(clp, uid, clp->spkm3_fd);
-}
-
-void
handle_gssd_upcall(struct clnt_info *clp)
{
uid_t uid;
@@ -1292,8 +1194,6 @@ handle_gssd_upcall(struct clnt_info *clp)
if (strcmp(mech, "krb5") == 0)
process_krb5_upcall(clp, uid, clp->gssd_fd, target, service);
- else if (strcmp(mech, "spkm3") == 0)
- process_spkm3_upcall(clp, uid, clp->gssd_fd);
else
printerr(0, "WARNING: handle_gssd_upcall: "
"received unknown gss mech '%s'\n", mech);
--
1.7.7.6
On 03/09/2012 02:49 PM, Simo Sorce wrote:
> This authentication method is obsolete and it is time it dies for good.
Can i ask what it has been obsoleted by?
Neither https://tools.ietf.org/html/rfc2025 [SPKM] nor
https://tools.ietf.org/html/rfc2847 [LIPKEY] seem to suggest an
inheritor, and kerberos5 does not provide direct public-key-based
authentication (it's still reliant on an active and trusted third-party).
So it seems like SPKM and LIPKEY offer a cryptographic model that is
otherwise unavailable for authentication between NFS endpoints. What's
the urgency for removal?
--dkg
On 03/09/2012 04:54 PM, J. Bruce Fields wrote:
> I think pku2u? Someone who's following that effort will have to comment
> on how far along it is.
Shouldn't we remove SPKM when PKU2U is implemented then? It doesn't
look like we have a replacement for this feature yet, which makes me
think it isn't really obsolete.
> Understood that people would like such a thing, but alas spkm3 and
> lipkey never quite managed to provide it.
Can you point me to an explanation of what is missing from spkm3 and
lipkey for this goal? I'd like to understand this problem space better.
Regards,
--dkg
Signed-off-by: Simo Sorce <[email protected]>
---
README | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/README b/README
index e7588cfd9337257aef27a90471c0c6935e3bc990..5c86808d3628e30c665f87501a1cd465fda5c76d 100644
--- a/README
+++ b/README
@@ -80,7 +80,7 @@ scripts can be written to work correctly.
and starting the nfsd server is not important.
idmapd is only needed for NFSv4 support.
svcgssd is only needed if exportfs NFS filesystem with crypto-
- security (Kerberos or SPKM3).
+ security (Kerberos).
C/ exportfs -av ; rpc.mountd
It is important that exportfs be run before mountd so that
@@ -130,7 +130,7 @@ scripts can be written to work correctly.
B/ gssd ; idmapd
idmapd should be started before mounting any NFSv4 filesystems.
gssd should be started before mounting any NFS filesystems
- securely (with Kerberos of SPKM3).
+ securely (with Kerberos).
C/ statd should be run before any NFSv2 or NFSv3 filesystem is
mounted with remote locking (i.e. without -o nolock).
--
1.7.7.6
Signed-off-by: Simo Sorce <[email protected]>
---
configure.ac | 3 ---
1 files changed, 0 insertions(+), 3 deletions(-)
diff --git a/configure.ac b/configure.ac
index 920e8da0216c447c1c93a017f8dea6c17043d148..67e8d2d9a2c6ec4296c96bb243202bbfea0ab4e9 100644
--- a/configure.ac
+++ b/configure.ac
@@ -316,9 +316,6 @@ if test "$enable_gss" = yes; then
dnl 'gss' also depends on nfsidmap.h - at least for svcgssd_proc.c
AC_LIBNFSIDMAP
- AC_CHECK_HEADERS([spkm3.h], ,
- [AC_MSG_WARN([Could not locate SPKM3 header; will not have SPKM3 support])])
-
dnl Check for Kerberos V5
AC_KERBEROS_V5
--
1.7.7.6
On 03/09/2012 02:49 PM, Simo Sorce wrote:
> This authentication method is obsolete and it is time it dies for good.
>
> Sorry for spamming again, the first time I forgot to singoff the commits.
>
> Simo Sorce (7):
> Kill SPKM3: Remove spkm3 references from svcgssd
> Kill SPKM3: Remove spkm3 support from gssd
> Kill SPKM3: remove spkm3 from common gssd code
> Kill SPKM3: Remove spkm3 support from nfs.mount
> Kill SPKM3: Remove spkm3 support from exports
> Kill SPKM3: Stop checking for spkm3.h in configure
> Kill SPKM3: Remove mentions of SPKM3 from README
>
> README | 4 +-
> configure.ac | 3 -
> support/include/pseudoflavors.h | 3 -
> support/nfs/exports.c | 3 -
> utils/gssd/Makefile.am | 1 -
> utils/gssd/context.c | 4 -
> utils/gssd/context.h | 2 -
> utils/gssd/context_spkm3.c | 184 ---------------------------------------
> utils/gssd/gss_oids.c | 3 -
> utils/gssd/gss_oids.h | 1 -
> utils/gssd/gssd.h | 5 +-
> utils/gssd/gssd_main_loop.c | 11 ---
> utils/gssd/gssd_proc.c | 106 +----------------------
> utils/gssd/svcgssd_mech2file.c | 1 -
> utils/gssd/svcgssd_proc.c | 8 +--
> utils/mount/nfs.man | 7 +-
> utils/mount/nfs_mount.h | 3 -
> utils/mount/nfsmount.c | 6 --
> 18 files changed, 10 insertions(+), 345 deletions(-)
> delete mode 100644 utils/gssd/context_spkm3.c
>
Committed...
steved.