Is GSS_C_INTEG_FLAG required for calling gss_wrap/unwrap
Isaac Boukris
iboukris at gmail.com
Sun Jun 28 12:42:41 EDT 2020
On Fri, Jun 26, 2020 at 1:57 PM Isaac Boukris <iboukris at gmail.com> wrote:
>
> According to RFC 2274, GSS_C_INTEG_FLAG:
> True - Integrity service may be invoked by calling either gss_get_mic
> or gss_wrap routines.
>
> But per my testing even with GSS_KRB5_CRED_NO_CI_FLAGS_X and not
> asking for GSS_C_INTEG_FLAG (integ/conf are false in ap-req), both
> parties are able to call gss_wrap/unwrap (windows server), is that
> expected?
For more context, and to correct some of what I said in the
channel-bindings discussion; I was trying to test if an intercepted
token from a clear-text ldap connection could be used over TLS, and it
looks like it could not, if the client requested the integ flag.
As I see it, with GSS-SPNEGO sasl mech the security layers are derived
from the GSS flags so when the integ flag is set in the ap-request the
bind is not accepted when over TLS (so that is why we need
GSS_KRB5_CRED_NO_CI_FLAGS_X).
On the other hand with the GSSAPI sasl mech (rfc4752), the integ flag
is always requested in the GSS level (so Windows allows ap-req with
integ flag over TLS), and the sasl security layers (even 0) are
negotiated after the GSS context is established, by exchanging more
sasl tokens protected by gss_wrap/unwrap.
More information about the krbdev
mailing list