Invalid key generation parameters from KDC while trying to change password.
Benjamin Kaduk
kaduk at MIT.EDU
Thu Oct 24 15:34:59 EDT 2013
On Wed, 23 Oct 2013, Edgecombe, Jason wrote:
> Hi Everyone,
>
> Thanks to Ben Kaduk and others on IRC, I solved the problem. The
> problem was with my supported_enctypes line in kdc.conf. The newer
> version of Kerberos didn't like some of my enc_types. I got "kdb5_util
> create" to work on 1.11 with only DES types or removing the
> support_enctypes line entirely.
>
> Along the way, I found that I have to change my AD cross-realm to use
> AES instead of rc4-hmac:normal before I can upgrade. :(
Hi Jason,
I was able to reproduce your issue locally, and I believe I now understand
the nature of the problem. (Incidentally, 'kdb5_util create' will not
reproduce the issue on master or 1.12, since commit
1c84a94d25d62e4f78c09464f5ef9bd30bbb1e3e caused the kadm5 principals to be
created with a random key directly instead of going through a password.
I think there would still be problems when creating other principals with
passwords, though.)
As a workaround, you should be able to move the des-cbc-crc:afs3 enctype
to be the last entry in your supported_enctypes list, and put AES/RC4
enctypes before that enctype.
The issue stems from the loop over key/salt-type pairs in add_key_pwd()
(lib/kdb/kdb_cpw.c); we have a local variable to hold the string-to-key
parameters which is normally set to NULL to indicate the default
parameters. Only in the afs3-salt case do we set it to something else,
which happens to be a krb5_data structure of length 1 with value 1. This
magic value is interpreted by the DES family of string-to-key routines as
meaning the afs3 salt. The problem is that we don't reset it back to NULL
before processing the next enctype. The triple-DES family completely
ignores the passed parameters, but both RC4 and AES (and camellia) do some
checking on it, returning the error which translates to the text you see.
The fix should appear in the 1.12 release, and is simple enough that we
should be able to backport it easily.
Thanks for pointing out the error.
-Ben
More information about the Kerberos
mailing list