GSSAPI security context integrity check
Greg Hudson
ghudson at mit.edu
Fri Jun 26 11:38:10 EDT 2020
On 6/26/20 4:10 AM, Alexandr Nedvedicky wrote:
> Once issue was understood the fix is straightforward. The export/import
> process must serialize security context such it will be compatible with kernel
> mechanism (turn seqstate to order). And vice-versa import process must turn
> order to seqstate. End of story.
Thanks for the update; it provides a lot of useful context.
We have periodically talked about radically changing how gss-krb5
security contexts are exported and imported, most likely accompanied by
a written specification. That would let us rip out the libkrb5
serialization code (which isn't up to current standards), perhaps share
a token format with Heimdal, and most likely reduce the token size
significantly.
It sounds like if we did this work, it would create a significant amount
of work for Oracle, which would have to either translate the new format
to the kernel format, or adapt the import code to the kernel. On the
other hand, if the new format is stable and/or versioned, it might help
to prevent subtle bugs like this one--which was caused by a change to
the export token format without any accompanying versioning.
More information about the krbdev
mailing list