From nobody Tue Aug 19 14:42:16 2025 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4c5sk12BXGz657WF; Tue, 19 Aug 2025 14:42:17 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4c5sk113jRz3dj3; Tue, 19 Aug 2025 14:42:17 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1755614537; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=sY7FMUvlMmD3oQTa2DgmU/9qB4a9Ggo+iEFqfObjBJY=; b=yUi+g7abEAjNvYP2pX23ULglUCzCzZxQInpHL+Bj/7lcZJbwxTi7FF2FuylahFudQUWgqb c2HfUk9GjjVAdsXW0SmTjGhnPQFzkpNn7RuGcvjQO1E5M881anBh2AUb8a3rm06B/hog/V qAcBWg6lv170DoLKbq115g5T7WMqqDEOtf8vEb2IKMfdUNZe4wahFd7zv0H/lY35BliUWZ nu+02bwT/sNFMsNV4L3/AYavVFk+ofBCm63N83vnNh8pDwS/AjZQcyFWZ/yNg8s48x2lZc MFt5ZwHw3vVugwmKdgCNmDHNwsV1h4+XFSbpJe4nzegBOGvWOIybzV5muJpYDQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1755614537; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=sY7FMUvlMmD3oQTa2DgmU/9qB4a9Ggo+iEFqfObjBJY=; b=NsFr55zW4SC0M9zzUodEDdyPYMZkLcS3HoLq8tft9z4cnuRKE6XHdMrHSQQbvaZ9H0l4D+ fng1h7S/4JFAkcF+kvj7uy7y7acj32OvylbCIUFVXXdGKkBX739Dw2FXJKvq1bs7sOQCJs qwmsCVOHvvhE7cfDxnFCUelzBQ15xff/hlsHk/o2PVA2cEfWVwKm8lr74Qi/WdBWnDJsJe zD+HqWvLaP5AZ8RMN9tSpigurLIxrpZ3BEGKsQI5y1JGuStaVvQdpTtARKMWq9lzi9EeeQ Tr1Kl+wLshcmCgOCR/2J7br8/zilyEnxGXN7geHadAMppHUwBdWBoZfkLUoCOQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1755614537; a=rsa-sha256; cv=none; b=HVQF8zsxnYGKpAnkxSzLsrgeFx9k51c2B3K1SSo5i+iqczk++8F/SHCPAEtyIRqTyAZSt2 fqd0+07xdpUc5aZzSl5HzuSdivVxKVqf06Ae6q+f0f2GoBmwPHwBRHgmASCPMkF336H8uY dbkTboMhBJgyyGCj8w2PNvZysi7lakLIOJ2kRERX3Z3w7BA72k87onXM9MKa60teTVqO9j 7svgn1h6tAP/wno5CLBY9En+f30ZUby0Tozgm/ppvGgFjQ+xPTh1dansqLm71aUN2EPWss paIavx8sQ5NOdl1TsZysiwK0Qj2+feeA1PIg7gMWnnDaAYsFsU60ddjMycWNKA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4c5sk10ZYwzWnt; Tue, 19 Aug 2025 14:42:17 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 57JEgGRm094572; Tue, 19 Aug 2025 14:42:16 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 57JEgGZT094569; Tue, 19 Aug 2025 14:42:16 GMT (envelope-from git) Date: Tue, 19 Aug 2025 14:42:16 GMT Message-Id: <202508191442.57JEgGZT094569@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Cy Schubert Subject: git: f96110babbe1 - main - krb5: Fix MIT KRB5 Bug #9181 List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-main@freebsd.org Sender: owner-dev-commits-src-main@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cy X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: f96110babbe16a2a475b0bb954a50aa374f8aae5 Auto-Submitted: auto-generated The branch main has been updated by cy: URL: https://cgit.FreeBSD.org/src/commit/?id=f96110babbe16a2a475b0bb954a50aa374f8aae5 commit f96110babbe16a2a475b0bb954a50aa374f8aae5 Author: Cy Schubert AuthorDate: 2025-08-17 08:05:42 +0000 Commit: Cy Schubert CommitDate: 2025-08-19 14:41:12 +0000 krb5: Fix MIT KRB5 Bug #9181 According to https://krbdev.mit.edu/rt/Ticket/Display.html?id=9181, The function verify_mic_v3() in src/lib/gssapi/krb5/verify_mic.c calls kg_verify_checksum_v3() as it returns an OM_uint32 status but kg_verify_checksum_v3() returns a krb5_boolean which has the opposite interpretation: - OM_uint32 0 is GSS_S_COMPLETE so no error - krb5_boolean 0 is false so failure This patch will be in MIT KRB5 1.22.1. Obtained from: Greg Hudson on krbdev.mit.edu ML. Reviewed by: ivy, ngie Differential review: https://reviews.freebsd.org/D51990 --- crypto/krb5/src/lib/gssapi/krb5/util_crypt.c | 10 +++++++--- crypto/krb5/src/lib/gssapi/krb5/verify_mic.c | 11 ++++------- 2 files changed, 11 insertions(+), 10 deletions(-) diff --git a/crypto/krb5/src/lib/gssapi/krb5/util_crypt.c b/crypto/krb5/src/lib/gssapi/krb5/util_crypt.c index 28411429bf6e..386842e8a6e3 100644 --- a/crypto/krb5/src/lib/gssapi/krb5/util_crypt.c +++ b/crypto/krb5/src/lib/gssapi/krb5/util_crypt.c @@ -322,12 +322,16 @@ kg_verify_checksum_v3(krb5_context context, krb5_key key, krb5_keyusage usage, uint8_t ckhdr[16]; krb5_boolean valid; - /* Compose an RFC 4121 token header with EC and RRC set to 0. */ + /* + * Compose an RFC 4121 token header for the checksum. For a wrap token, + * the EC and RRC fields have the value 0 for the checksum operation, + * regardless of their values in the actual token (RFC 4121 section 4.2.4). + * For a MIC token, the corresponding four bytes have the value 0xFF. + */ store_16_be(toktype, ckhdr); ckhdr[2] = flags; ckhdr[3] = 0xFF; - store_16_be(0, ckhdr + 4); - store_16_be(0, ckhdr + 6); + store_32_be((toktype == KG2_TOK_MIC_MSG) ? 0xFFFFFFFF : 0, ckhdr + 4); store_64_be(seqnum, ckhdr + 8); /* Verify the checksum over the data and composed header. */ diff --git a/crypto/krb5/src/lib/gssapi/krb5/verify_mic.c b/crypto/krb5/src/lib/gssapi/krb5/verify_mic.c index 9852f49912a9..1c11d2016fca 100644 --- a/crypto/krb5/src/lib/gssapi/krb5/verify_mic.c +++ b/crypto/krb5/src/lib/gssapi/krb5/verify_mic.c @@ -90,7 +90,6 @@ verify_mic_v3(krb5_context context, OM_uint32 *minor_status, krb5_gss_ctx_id_rec *ctx, struct k5input *in, gss_buffer_t message) { - OM_uint32 status; krb5_keyusage usage; krb5_key key; krb5_cksumtype cksumtype; @@ -124,12 +123,10 @@ verify_mic_v3(krb5_context context, OM_uint32 *minor_status, } assert(key != NULL); - status = kg_verify_checksum_v3(context, key, usage, cksumtype, - KG2_TOK_MIC_MSG, flags, seqnum, - message->value, message->length, - in->ptr, in->len); - if (status != GSS_S_COMPLETE) - return status; + if (!kg_verify_checksum_v3(context, key, usage, cksumtype, KG2_TOK_MIC_MSG, + flags, seqnum, message->value, message->length, + in->ptr, in->len)) + return GSS_S_BAD_SIG; return g_seqstate_check(ctx->seqstate, seqnum); }