krb5 commit: Use a random nonce in TGS requests
Greg Hudson
ghudson at mit.edu
Wed Apr 26 13:47:50 EDT 2017
https://github.com/krb5/krb5/commit/0b6a5608e862f0fcf08efa4bd2bc4cf2cdd27e63
commit 0b6a5608e862f0fcf08efa4bd2bc4cf2cdd27e63
Author: Greg Hudson <ghudson at mit.edu>
Date: Tue Apr 25 13:31:36 2017 -0400
Use a random nonce in TGS requests
Commit ae0fee058ad883b2e82fa2b34f4e5f059e827a1b (ticket #5425) changed
the AS client code to use a random nonce, but left the TGS client code
using the current timestamp. Use a random nonce for TGS requests as
well.
ticket: 8582 (new)
src/lib/krb5/krb/get_in_tkt.c | 19 +------------------
src/lib/krb5/krb/int-proto.h | 3 +++
src/lib/krb5/krb/send_tgs.c | 24 +++++++++++++++++++++++-
3 files changed, 27 insertions(+), 19 deletions(-)
diff --git a/src/lib/krb5/krb/get_in_tkt.c b/src/lib/krb5/krb/get_in_tkt.c
index 2ad0bd6..310c325 100644
--- a/src/lib/krb5/krb/get_in_tkt.c
+++ b/src/lib/krb5/krb/get_in_tkt.c
@@ -762,23 +762,6 @@ k5_init_creds_current_time(krb5_context context, krb5_init_creds_context ctx,
}
}
-/* Choose a random nonce for ctx->request. */
-static krb5_error_code
-pick_nonce(krb5_context context, krb5_init_creds_context ctx)
-{
- krb5_error_code code = 0;
- unsigned char random_buf[4];
- krb5_data random_data = make_data(random_buf, 4);
-
- /* We incorrectly encode this as signed, so make sure we use an unsigned
- * value to avoid interoperability issues. */
- code = krb5_c_random_make_octets(context, &random_data);
- if (code != 0)
- return code;
- ctx->request->nonce = 0x7fffffff & load_32_n(random_buf);
- return 0;
-}
-
/* Set the timestamps for ctx->request based on the desired lifetimes. */
static krb5_error_code
set_request_times(krb5_context context, krb5_init_creds_context ctx)
@@ -1334,7 +1317,7 @@ init_creds_step_request(krb5_context context,
}
/* RFC 6113 requires a new nonce for the inner request on each try. */
- code = pick_nonce(context, ctx);
+ code = k5_generate_nonce(context, &ctx->request->nonce);
if (code != 0)
goto cleanup;
diff --git a/src/lib/krb5/krb/int-proto.h b/src/lib/krb5/krb/int-proto.h
index 82fa03d..7271257 100644
--- a/src/lib/krb5/krb/int-proto.h
+++ b/src/lib/krb5/krb/int-proto.h
@@ -103,6 +103,9 @@ krb5_get_cred_via_tkt_ext(krb5_context context, krb5_creds *tkt,
krb5_keyblock **out_subkey);
krb5_error_code
+k5_generate_nonce(krb5_context context, int32_t *out);
+
+krb5_error_code
k5_make_tgs_req(krb5_context context, struct krb5int_fast_request_state *,
krb5_creds *tkt, krb5_flags kdcoptions,
krb5_address *const *address, krb5_pa_data **in_padata,
diff --git a/src/lib/krb5/krb/send_tgs.c b/src/lib/krb5/krb/send_tgs.c
index f6fdf68..e43a5cc 100644
--- a/src/lib/krb5/krb/send_tgs.c
+++ b/src/lib/krb5/krb/send_tgs.c
@@ -28,6 +28,25 @@
#include "int-proto.h"
#include "fast.h"
+/* Choose a random nonce for an AS or TGS request. */
+krb5_error_code
+k5_generate_nonce(krb5_context context, int32_t *out)
+{
+ krb5_error_code ret;
+ unsigned char random_buf[4];
+ krb5_data random_data = make_data(random_buf, 4);
+
+ *out = 0;
+
+ /* We and Heimdal incorrectly encode nonces as signed, so make sure we use
+ * a non-negative value to avoid interoperability issues. */
+ ret = krb5_c_random_make_octets(context, &random_data);
+ if (ret)
+ return ret;
+ *out = 0x7FFFFFFF & load_32_n(random_buf);
+ return 0;
+}
+
/* Construct an AP-REQ message for a TGS request. */
static krb5_error_code
tgs_construct_ap_req(krb5_context context, krb5_data *checksum_data,
@@ -156,10 +175,13 @@ k5_make_tgs_req(krb5_context context,
req.till = desired->times.endtime ? desired->times.endtime :
tgt->times.endtime;
req.rtime = desired->times.renew_till;
+ ret = k5_generate_nonce(context, &req.nonce);
+ if (ret)
+ return ret;
+ *nonce_out = req.nonce;
ret = krb5_timeofday(context, &time_now);
if (ret)
return ret;
- *nonce_out = req.nonce = (krb5_int32)time_now;
*timestamp_out = time_now;
req.addresses = (krb5_address **)addrs;
More information about the cvs-krb5
mailing list