Received: by 2002:a05:7208:13ce:b0:7f:395a:35b6 with SMTP id r14csp120491rbe; Wed, 28 Feb 2024 14:23:17 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCVvjS7ak5av3x/IOMg+VTi0SUFBZzHH1zyLtT9weYEvT+cv4VZsOPUMPQb0eItzoeVXMp/MkStN3aoKKyXMTxJlM4GL/q44/28ijks1GQ== X-Google-Smtp-Source: AGHT+IGSGat1fKBNODq15+5fj14ZNWUIynmyP9M2Pg7vcch9Waqoji6DXlEQV7ozV3yXBtpVwjZg X-Received: by 2002:a17:90a:7781:b0:29a:8398:b0d6 with SMTP id v1-20020a17090a778100b0029a8398b0d6mr564340pjk.9.1709158996980; Wed, 28 Feb 2024 14:23:16 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1709158996; cv=pass; d=google.com; s=arc-20160816; b=bjBRK0IUmlToZId3yXrHiDTNmSxFtb5AbrrNBqkQae/ZIZpRHAJ1HaolerCOVgO7/2 n0H7CnE62rhUTk2RyXwDj3n2rVWSih/5hQiVz2Euewiq5iz+KGLyZdYYk46IlYUN7aqg Csjtvmonz9ZrHR2yYbZ5kIZ6wqbW366LSKmBgGWYJxRuWubD4S2A962jmWU+38CEsXNX ieMZP1he61U7OAnUrfG4/gJAT3B4y32amC2/obDf04+zxBR53BFRbkQjuhEGtu+i013q 2seGeuh1svSEqFJgoq6djJbpcXKluxBbvMu3D0ywHBpuijLEbh6p7t+dVuH2+LKtG/XQ ynfw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=qK0MeIr5iNqk8ekjY6e0xViiVTgGY/BMdK1aVscoTrc=; fh=uNRrSD0XciptfTJwyKJ3Qz1AkNjyaoXT9yPd2pM8S/o=; b=y5pLt6qZl373wS1jTBEfZasdvAvj0xDH+DUrsazGbZqFw0EOF6ZtYux+XhZiD8N2fw CDWcBxTuLwROlGBSr4tUmKAH9BOfyfNtf5h7DQtgRjbogn7ctxAhPhZLq8xhIEi2Qe+6 KE78SSI4vbWJuIROnSzf05w8AblUr+tAmXednAKi6HD6U7eOzbz4Caj1cT5MC9OpRu2t dZCDyNbn8Jk/yD6p8D1kMzNCi5G6i0I7Jj7nHD0WVDYTLjFsVVFu+23kSimyVOJ4dqUT LJBTRGuvCNh/OJW0HAgdOc+QZvbgDePZLWHJZOiVDjIYiUGjevUFbDDPQg++46MTCOfU VMxg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=PNqaD2al; arc=pass (i=1 spf=pass spfdomain=redhat.com dkim=pass dkdomain=redhat.com dmarc=pass fromdomain=redhat.com); spf=pass (google.com: domain of linux-nfs+bounces-2119-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-nfs+bounces-2119-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99]) by mx.google.com with ESMTPS id pi6-20020a17090b1e4600b0029a38eabbe5si2199350pjb.94.2024.02.28.14.23.16 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 28 Feb 2024 14:23:16 -0800 (PST) Received-SPF: pass (google.com: domain of linux-nfs+bounces-2119-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=PNqaD2al; arc=pass (i=1 spf=pass spfdomain=redhat.com dkim=pass dkdomain=redhat.com dmarc=pass fromdomain=redhat.com); spf=pass (google.com: domain of linux-nfs+bounces-2119-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-nfs+bounces-2119-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id A1FCC287BC4 for ; Wed, 28 Feb 2024 22:23:16 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 579C73FBBE; Wed, 28 Feb 2024 22:23:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="PNqaD2al" X-Original-To: linux-nfs@vger.kernel.org Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 699D770053 for ; Wed, 28 Feb 2024 22:22:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709158980; cv=none; b=DD2Kskk1BhCbtqO4onYQWcaBOhTxMEtRl5bi2mZI5F99rPP7AU5tC1UE0lh9AweT+svNxas9ss2MEi84/SPSNRlTCfODmO36pIJJkSTDougFj+VMM27RjGU3+ofDZIlk9yGcSZivPak4nAy6rA4iNXYKKJJ3/CYJlTaI6XdbNEw= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709158980; c=relaxed/simple; bh=xcfYMhL3HrPBFBmXOoDs4s4rHyc7bNsNbf34jRFrOZA=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=hN8VggDEg964llXHCQMQYFDIg1gcGpOFm0FNyU+mY+YRRPK8wN1GxQJL/IgkqnZzV5e3lQGyYSbGuBccxF0JyUMhnDZJbs6tbHd+ukF6C/qyw8vppgfNIhjVuE4HXC/NuPMP3KWHD0T88BVfs/lDgbNmw13cg3uwN/hP2G19rN0= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=PNqaD2al; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1709158976; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=qK0MeIr5iNqk8ekjY6e0xViiVTgGY/BMdK1aVscoTrc=; b=PNqaD2alojnSfhBGr1Wi3hpCK5kJDmq404QashCC+YZ+3EHGwmQzoF7Z/dL/1uyRrw54b2 WP2YwPo1wTB1brXkOgOpcMeGpyxW6Iap90XHsFyIFvnLqB6BAGn6StmbdoRNcry0w55lEL 7R+N8LMvrbsVeVgWWGBqJctRkwHCewM= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-454-sFa-M3XJON-ehRjazhvveg-1; Wed, 28 Feb 2024 17:22:54 -0500 X-MC-Unique: sFa-M3XJON-ehRjazhvveg-1 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 7381E83B825 for ; Wed, 28 Feb 2024 22:22:54 +0000 (UTC) Received: from aion.redhat.com (unknown [10.22.16.176]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 5EC381121312; Wed, 28 Feb 2024 22:22:54 +0000 (UTC) Received: from aion.redhat.com (localhost [IPv6:::1]) by aion.redhat.com (Postfix) with ESMTP id 03DC812BBBB; Wed, 28 Feb 2024 17:22:54 -0500 (EST) From: Scott Mayhew To: steved@redhat.com Cc: linux-nfs@vger.kernel.org Subject: [nfs-utils PATCH 1/2] gssd: add support for an "allowed-enctypes" option in nfs.conf Date: Wed, 28 Feb 2024 17:22:52 -0500 Message-ID: <20240228222253.1080880-2-smayhew@redhat.com> In-Reply-To: <20240228222253.1080880-1-smayhew@redhat.com> References: <20240228222253.1080880-1-smayhew@redhat.com> Precedence: bulk X-Mailing-List: linux-nfs@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.3 Newer kernels have support for newer krb5 encryption types, AES with SHA2 and Camellia. An NFS client with an "old" kernel can talk to and NFS server with a "new" kernel and it just works. An NFS client with a "new" kernel can talk to an NFS server with an "old" kernel, but that requires some additional configuration (particularly if the NFS server does have support for the newer encryption types in its userspace krb5 libraries) that may be unclear and/or burdensome to the admin. 1) If the NFS server has support for the newer encryption types in the userspace krb5 libraries, but not in the kernel's RPCSEC_GSS code, then its possible that it also already has "nfs" keys using those newer encryption types in its keytab. In that case, it's necessary to regenerate the "nfs" keys without the newer encryption types. The reason this is necessary is because if the NFS client requests an "nfs" service ticket from the KDC, and the list of enctypes in in that TGS-REQ contains a newer encryption type, and the KDC had previously generated a key for the NFS server using the newer encryption type, then the resulting service ticket in the TGS-REP will be using the newer encryption type and the NFS server will not be able to decrypt it. 2) It is necessary to either modify the permitted_enctypes field of the krb5.conf or create a custom crypto-policy module (if the crypto-policies package is being used) on the NFS *client* so that it does not include the newer encryption types. The reason this is necessary is because it affects the list of encryption types that will be present in the RPCSEC_GSS_INIT request that the NFS client sends to the NFS server. The kernel on the NFS server cannot not process the request on its own; it has to upcall to gssproxy to do that... and again if the userspace krb5 libraries on the NFS server have support for the newer encryption types, then it will select one of those and the kernel will not be able to import the context when it gets the downcall. Also note that modifying the permitted_enctypes field and/or crypto policy has the side effect of impacting everything krb5 related, not just just NFS. So add support for an "allowed-enctypes" field in nfs.conf. This allows the admin to restrict gssd to using a subset of the encryption types that are supported by the kernel and krb5 libraries. This will remove the need for steps 1 & 2 above, and will only affect NFS rather than krb5 as a whole. For example, for a "new" NFS client talking to an "old" NFS server, the admin will probably want this in the client's nfs.conf: allowed-enctypes=aes256-cts-hmac-sha1-96,aes128-cts-hmac-sha1-96 Signed-off-by: Scott Mayhew --- nfs.conf | 1 + utils/gssd/gssd.c | 6 +++ utils/gssd/gssd.man | 9 ++++ utils/gssd/krb5_util.c | 95 +++++++++++++++++++++++++++++++++++++++--- utils/gssd/krb5_util.h | 1 + 5 files changed, 106 insertions(+), 6 deletions(-) diff --git a/nfs.conf b/nfs.conf index 323f072b..23b5f7d4 100644 --- a/nfs.conf +++ b/nfs.conf @@ -23,6 +23,7 @@ # use-gss-proxy=0 # avoid-dns=1 # limit-to-legacy-enctypes=0 +# allowed-enctypes=aes256-cts-hmac-sha384-192,aes128-cts-hmac-sha256-128,camellia256-cts-cmac,camellia128-cts-cmac,aes256-cts-hmac-sha1-96,aes128-cts-hmac-sha1-96 # context-timeout=0 # rpc-timeout=5 # keytab-file=/etc/krb5.keytab diff --git a/utils/gssd/gssd.c b/utils/gssd/gssd.c index ca9b3267..10c731ab 100644 --- a/utils/gssd/gssd.c +++ b/utils/gssd/gssd.c @@ -1232,6 +1232,12 @@ main(int argc, char *argv[]) daemon_init(fg); +#ifdef HAVE_SET_ALLOWABLE_ENCTYPES + rc = get_allowed_enctypes(); + if (rc) + exit(EXIT_FAILURE); +#endif + if (gssd_check_mechs() != 0) errx(1, "Problem with gssapi library"); diff --git a/utils/gssd/gssd.man b/utils/gssd/gssd.man index 2a5384d3..c735eff6 100644 --- a/utils/gssd/gssd.man +++ b/utils/gssd/gssd.man @@ -346,6 +346,15 @@ flag. Equivalent to .BR -l . .TP +.B allowed-enctypes +Allows you to restrict +.B rpc.gssd +to using a subset of the encryption types permitted by the kernel and the krb5 +libraries. This is useful if you need to interoperate with an NFS server that +does not have support for the newer SHA2 and Camellia encryption types, for +example. This configuration file option does not have an equivalent +command-line option. +.TP .B context-timeout Equivalent to .BR -t . diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c index 6f66ef4f..57b3cf8a 100644 --- a/utils/gssd/krb5_util.c +++ b/utils/gssd/krb5_util.c @@ -129,6 +129,7 @@ #include "err_util.h" #include "gss_util.h" #include "krb5_util.h" +#include "conffile.h" /* * List of principals from our keytab that we @@ -155,6 +156,8 @@ static pthread_mutex_t ple_lock = PTHREAD_MUTEX_INITIALIZER; #ifdef HAVE_SET_ALLOWABLE_ENCTYPES int limit_to_legacy_enctypes = 0; +krb5_enctype *allowed_enctypes = NULL; +int num_allowed_enctypes = 0; #endif /*==========================*/ @@ -1596,6 +1599,68 @@ out_cred: } #ifdef HAVE_SET_ALLOWABLE_ENCTYPES +int +get_allowed_enctypes(void) +{ + struct conf_list *allowed_etypes = NULL; + struct conf_list_node *node; + char *buf = NULL, *old = NULL; + int len, ret = 0; + + allowed_etypes = conf_get_list("gssd", "allowed-enctypes"); + if (allowed_etypes) { + TAILQ_FOREACH(node, &(allowed_etypes->fields), link) { + allowed_enctypes = realloc(allowed_enctypes, + (num_allowed_enctypes + 1) * + sizeof(*allowed_enctypes)); + if (allowed_enctypes == NULL) { + ret = ENOMEM; + goto out_err; + } + ret = krb5_string_to_enctype(node->field, + &allowed_enctypes[num_allowed_enctypes]); + if (ret) { + printerr(0, "%s: invalid enctype %s", + __func__, node->field); + goto out_err; + } + if (get_verbosity() > 1) { + if (buf == NULL) { + len = asprintf(&buf, "%s(%d)", node->field, + allowed_enctypes[num_allowed_enctypes]); + if (len < 0) { + ret = ENOMEM; + goto out_err; + } + } else { + old = buf; + len = asprintf(&buf, "%s,%s(%d)", old, node->field, + allowed_enctypes[num_allowed_enctypes]); + if (len < 0) { + ret = ENOMEM; + goto out_err; + } + free(old); + old = NULL; + } + } + num_allowed_enctypes++; + } + printerr(2, "%s: allowed_enctypes = %s", __func__, buf); + } + goto out; +out_err: + num_allowed_enctypes = 0; + free(allowed_enctypes); +out: + free(buf); + if (old != buf) + free(old); + if (allowed_etypes) + conf_free_list(allowed_etypes); + return ret; +} + /* * this routine obtains a credentials handle via gss_acquire_cred() * then calls gss_krb5_set_allowable_enctypes() to limit the encryption @@ -1619,6 +1684,10 @@ limit_krb5_enctypes(struct rpc_gss_sec *sec) int num_enctypes = sizeof(enctypes) / sizeof(enctypes[0]); extern int num_krb5_enctypes; extern krb5_enctype *krb5_enctypes; + extern int num_allowed_enctypes; + extern krb5_enctype *allowed_enctypes; + int num_set_enctypes; + krb5_enctype *set_enctypes; int err = -1; if (sec->cred == GSS_C_NO_CREDENTIAL) { @@ -1631,12 +1700,26 @@ limit_krb5_enctypes(struct rpc_gss_sec *sec) * If we failed for any reason to produce global * list of supported enctypes, use local default here. */ - if (krb5_enctypes == NULL || limit_to_legacy_enctypes) - maj_stat = gss_set_allowable_enctypes(&min_stat, sec->cred, - &krb5oid, num_enctypes, enctypes); - else - maj_stat = gss_set_allowable_enctypes(&min_stat, sec->cred, - &krb5oid, num_krb5_enctypes, krb5_enctypes); + if (krb5_enctypes == NULL || limit_to_legacy_enctypes || + allowed_enctypes) { + if (allowed_enctypes) { + printerr(2, "%s: using allowed enctypes from config\n", + __func__); + num_set_enctypes = num_allowed_enctypes; + set_enctypes = allowed_enctypes; + } else { + printerr(2, "%s: using legacy enctypes\n", __func__); + num_set_enctypes = num_enctypes; + set_enctypes = enctypes; + } + } else { + printerr(2, "%s: using enctypes from the kernel\n", __func__); + num_set_enctypes = num_krb5_enctypes; + set_enctypes = krb5_enctypes; + } + + maj_stat = gss_set_allowable_enctypes(&min_stat, sec->cred, + &krb5oid, num_set_enctypes, set_enctypes); if (maj_stat != GSS_S_COMPLETE) { pgsserr("gss_set_allowable_enctypes", diff --git a/utils/gssd/krb5_util.h b/utils/gssd/krb5_util.h index 7ef87018..40ad3233 100644 --- a/utils/gssd/krb5_util.h +++ b/utils/gssd/krb5_util.h @@ -27,6 +27,7 @@ int gssd_k5_remove_bad_service_cred(char *srvname); #ifdef HAVE_SET_ALLOWABLE_ENCTYPES extern int limit_to_legacy_enctypes; int limit_krb5_enctypes(struct rpc_gss_sec *sec); +int get_allowed_enctypes(void); #endif /* -- 2.43.0