off-list: Current semantics for channel-bindings in GSSAPI

Isaac Boukris iboukris at
Tue Mar 10 11:38:13 EDT 2020


Please see below, I think this is a bug, is it a security one?

<iboukris> ghudson, simo: finally tested omitting the checksum
altogether, it doesn't work as expected
<iboukris> without the checksum, it works in level=1 even if
<iboukris> more surprisingly, it works even if level=2
<iboukris> i wonder if that's a bug
<iboukris> that's the diff: git diff
<iboukris> diff --git a/src/lib/krb5/krb/mk_req_ext.c
<iboukris> index 21a36bea5..ff7149274 100644
<iboukris> --- a/src/lib/krb5/krb/mk_req_ext.c
<iboukris> +++ b/src/lib/krb5/krb/mk_req_ext.c
<iboukris> @@ -295,7 +295,7 @@ generate_authenticator(krb5_context
context, krb5_authenticator *authent,
<iboukris>      int client_aware_cb;
<iboukris>      authent->client = client;
<iboukris> -    authent->checksum = cksum;
<iboukris> +    authent->checksum = NULL;//cksum;
<iboukris>      if (key) {
<ghudson> I don't think it's necessarily an important bug, because
only authenticators generated that way can be leveraged by an
attacker, and we think only certain SMB clients do that.
<ghudson> But, it seems like we should diverge from that behavior from
level=2, if only because it's hard not to (under the current design).
<ghudson> That is, it would be a complete lie to report the
channel-bound ret_flag if no checksum is provided, and if we don't do
that, the application has no idea that there was no checksum.
<iboukris> ghudson: yeah, per MS doc i think this might be a bug
<iboukris> DWORD value: 2 indicates enabled, always. All clients must
provide channel binding information. The server rejects authentication
requests from clients that do not do so.

More information about the krbdev mailing list