[PATCH 0/2] Change from GSS to MIT-KRB5.

  • Done
  • quality assurance status badge
Details
6 participants
  • Simon Josefsson via Discussion list for GNU Generic Security Service
  • Leo Famulari
  • Ludovic Courtès
  • Maxim Cournoyer
  • Marius Bakke
  • Simon Josefsson
Owner
unassigned
Submitted by
Marius Bakke
Severity
normal
M
M
Marius Bakke wrote on 23 Feb 2019 17:20
(address . guix-patches@gnu.org)
20190223162042.18168-1-mbakke@fastmail.com
The GNU Generic Security Service and friends have been unmaintained for

Since these libraries are security-critical, it would be good to switch
to maintained implementations. WDYT?

Marius Bakke (2):
gnu: gsasl: Use the MIT Kerberos implementation instead of GSS.
gnu: curl: Build against MIT Kerberos instead of GSS.

gnu/packages/curl.scm | 10 ++++++----
gnu/packages/gsasl.scm | 4 +++-
2 files changed, 9 insertions(+), 5 deletions(-)

--
2.20.1
M
M
Marius Bakke wrote on 23 Feb 2019 17:23
[PATCH 1/2] gnu: gsasl: Use the MIT Kerberos implementation instead of GSS.
(address . 34632@debbugs.gnu.org)
20190223162338.18429-1-mbakke@fastmail.com
* gnu/packages/gsasl.scm (gsasl)[inputs]: Change from GSS to MIT-KRB5.
[arguments]: New field.
---
gnu/packages/gsasl.scm | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)

Toggle diff (19 lines)
diff --git a/gnu/packages/gsasl.scm b/gnu/packages/gsasl.scm
index 127b476ef3..9296f3d80f 100644
--- a/gnu/packages/gsasl.scm
+++ b/gnu/packages/gsasl.scm
@@ -95,9 +95,11 @@ the underlying security implementation.")
(("test-lock\\$\\(EXEEXT\\) ") ""))
#t))))
(build-system gnu-build-system)
+ (arguments
+ `(#:configure-flags '("--with-gssapi-impl=mit")))
(inputs `(("libidn" ,libidn)
("libntlm" ,libntlm)
- ("gss" ,gss)
+ ("mit-krb5" ,mit-krb5)
("zlib" ,zlib)))
(propagated-inputs
;; Propagate GnuTLS because libgnutls.la reads `-lnettle', and Nettle is a
--
2.20.1
M
M
Marius Bakke wrote on 23 Feb 2019 17:23
[PATCH core-updates 2/2] gnu: curl: Build against MIT Kerberos instead of GSS.
(address . 34632@debbugs.gnu.org)
20190223162338.18429-2-mbakke@fastmail.com
* gnu/packages/curl.scm (curl)[inputs]: Change from GSS to MIT-KRB5.
[arguments]: Adjust accordingly.
---
gnu/packages/curl.scm | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)

Toggle diff (41 lines)
diff --git a/gnu/packages/curl.scm b/gnu/packages/curl.scm
index b1b2b999a2..88abc6aabd 100644
--- a/gnu/packages/curl.scm
+++ b/gnu/packages/curl.scm
@@ -37,8 +37,8 @@
#:use-module (gnu packages compression)
#:use-module (gnu packages golang)
#:use-module (gnu packages groff)
- #:use-module (gnu packages gsasl)
#:use-module (gnu packages guile)
+ #:use-module (gnu packages kerberos)
#:use-module (gnu packages libidn)
#:use-module (gnu packages openldap)
#:use-module (gnu packages perl)
@@ -63,10 +63,10 @@
(outputs '("out"
"doc")) ;1.2 MiB of man3 pages
(inputs `(("gnutls" ,gnutls)
- ("gss" ,gss)
("libidn" ,libidn)
("libssh2" ,libssh2)
("openldap" ,openldap)
+ ("mit-krb5" ,mit-krb5)
("nghttp2" ,nghttp2 "lib")
("zlib" ,zlib)))
(native-inputs
@@ -85,8 +85,10 @@
(separator #f) ;single entry
(files '("etc/ssl/certs/ca-certificates.crt")))))
(arguments
- `(#:configure-flags '("--with-gnutls" "--with-gssapi"
- "--disable-static")
+ `(#:configure-flags (list "--with-gnutls"
+ (string-append "--with-gssapi="
+ (assoc-ref %build-inputs "mit-krb5"))
+ "--disable-static")
;; Add a phase to patch '/bin/sh' occurances in tests/runtests.pl
#:phases
(modify-phases %standard-phases
--
2.20.1
L
L
Leo Famulari wrote on 26 Feb 2019 05:58
Re: [bug#34632] [PATCH 0/2] Change from GSS to MIT-KRB5.
(name . Marius Bakke)(address . mbakke@fastmail.com)(address . 34632@debbugs.gnu.org)
20190226045813.GA29580@jasmine.lan
On Sat, Feb 23, 2019 at 05:20:42PM +0100, Marius Bakke wrote:
Toggle quote (6 lines)
> The GNU Generic Security Service and friends have been unmaintained for
> many years now: <https://www.gnu.org/software/gss/>.
>
> Since these libraries are security-critical, it would be good to switch
> to maintained implementations. WDYT?

I think it's the right choice.
-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAlx0x2UACgkQJkb6MLrK
fwhOZw//Z1Mr5oeLPV3bFbkQ0KPKptAi6JnfLoaw+O666oJ88sWhClsmXP/2Oj/u
tshYq9i5tizm++liNmHmb8R93GyU+Ri529klE1Gnr+dDJLQskA4dLdjV/zFLxjJ7
6cmfo3KhdjL+eQNnD7YowLbn/xTZOYvDeRo+9GH4+/3u7cU+7n9I7joeut4qB1n9
bX18dB3C2CzUFIqcTytLROjG2SRTAn2P0UB4IfEgagHKVm/uZ5Nbmh7gVVtXwz7U
s39LOevBpVJ/7p0V3qm3rd81r99pJRW7di+lIKKCjWgl+Eh/zeTYmiHMKjqresaK
PkAEY7Ouo/vjHmFIddfubaEz2k4smJFwZAzqXVHM523jtrSR/sXINVObOG/YhEql
be3tWGUzkKUvvxocYcJDICgYomk87s+UPGxS7FpeQlOJTTY4ckIzwgMsAIUONFnA
pv3vWYO/jLhKK3sszJk8/YG8sPUrPmHYhL8QLFeH0vS3QSToqGK/87eMGe5Dw4Yj
ZaFuzQO7ff13AG9zrGG+GQOckJlECCLUvEvbhpra5v0XXiTCGQpNpsSOuVJGR9Uw
U9rjpBEjXwoOfWl1Wtb2iJqC+ZtKrpPijAR5ZBz0aJYavw4kz2MS4iB7+zTLto5+
L6UPnJrjlgoTxXmwJKNAaPfMUkGeb6knKWosBnhZsJcYoZiQ6og=
=beXR
-----END PGP SIGNATURE-----


L
L
Ludovic Courtès wrote on 15 Mar 2019 23:14
(name . Leo Famulari)(address . leo@famulari.name)
87tvg323ak.fsf@gnu.org
Hello,

Leo Famulari <leo@famulari.name> skribis:

Toggle quote (9 lines)
> On Sat, Feb 23, 2019 at 05:20:42PM +0100, Marius Bakke wrote:
>> The GNU Generic Security Service and friends have been unmaintained for
>> many years now: <https://www.gnu.org/software/gss/>.
>>
>> Since these libraries are security-critical, it would be good to switch
>> to maintained implementations. WDYT?
>
> I think it's the right choice.

Yeah, it’s a bit sad IMO, but so be it.

Note that “guix refresh -l gss” says 4K packages depend on it,
not sure why.

Thanks,
Ludo’.
M
M
Maxim Cournoyer wrote on 16 Mar 2019 04:43
(address . mbakke@fastmail.com)
87o96bqyap.fsf@gmail.com
Hello!

On Sat, Feb 23, 2019 at 05:20:42PM +0100, Marius Bakke wrote:
Toggle quote (6 lines)
> The GNU Generic Security Service and friends have been unmaintained for
> many years now: <https://www.gnu.org/software/gss/>.
>
> Since these libraries are security-critical, it would be good to switch
> to maintained implementations. WDYT?

Unmaintained on what ground? The website doesn't list fresh news,
but the latest release was made in 2014 [1], and the maintainer has made
changes to the Debian package last time in 2017 [2]. I wouldn't say it's
unmaintained until the maintainer says so or CVEs pile up unfixed (which
there aren't).

So, my position would be to not do anything, as there doesn't seem to be
an issue.

Maxim

[1] ftp://ftp.gnu.org/gnu/gss/
L
L
Leo Famulari wrote on 17 Mar 2019 19:27
(name . Maxim Cournoyer)(address . maxim.cournoyer@gmail.com)
20190317182705.GD1410@jasmine.lan
On Fri, Mar 15, 2019 at 11:43:26PM -0400, Maxim Cournoyer wrote:
Toggle quote (6 lines)
> Unmaintained on what ground? The website doesn't list fresh news,
> but the latest release was made in 2014 [1], and the maintainer has made
> changes to the Debian package last time in 2017 [2]. I wouldn't say it's
> unmaintained until the maintainer says so or CVEs pile up unfixed (which
> there aren't).

Considering the rate of vulnerability discovery in MIT Kerberos [0] I
think that, if GSS was being examined to the same degree, we would learn
of many serious bugs. Any significant C codebase of this age will have
such bugs. But unfortunately GSS hasn't received as much scrutiny.

[0]
-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAlyOkXkACgkQJkb6MLrK
fwgJQBAAjXTRfMC9wD71dSlYDE1r8SfMYqMGxIX0tyie7Cg6Q4bnCzzvsXMItM/i
jXD24Vb3c7gaIqjGWbf2PMQfsDesq/l5ZQkzM8CGFfknirxa/DbC3/PhnOKaoRok
zkKMRd3RIMzyf83gjQahETXB9TISPKVObeCm5m4WQGvqWnRVkh8HSyr+v9UyI/Ty
BB+Vc6aapCZlu1cQoOt6gvUw34L3pqgDeklgZLEJ2ecnr2gAH0qEOaOXFyQFHMyP
/xGQvRsUHCnhXx8SwSbcevcxIM01zjFhZXg1LXOkvsHZCvssp2tiQxe2r525fX0o
B0jZaY3AwkOMh+hhIKeNSh0ICkFOnOM1Yc9bopHKorIfEGbnvuaHRd/pFUjWzHtW
wq47b/m3ISu6Mmdy/qBgksE3ucsVyqatOYGSNbaqwTPcUNo1DDg6AwPJW1KdMHAI
dCb+AJWZprrwTcH2zo3/gFFYJB4VKD26sKIYYifhw02TQUaCorU5lMsRGMt2sk8q
lAaNr0Ky41HtoM09nLAVnc6MCZn6fUkgPRJx2HM5uDoRkJSFQ9uQqimC4FIjzVmH
//K7ErLsjZyyZv+33/YwjrYP3vsDANhrt0ZcoEDlYyNo1uzVGCQXPEp1FU33MOTu
UH20nlpNLv0+mxarh+xWe4ym/nc9QhGT75682ugBRxL9QsFp9xY=
=ToYO
-----END PGP SIGNATURE-----


M
M
Maxim Cournoyer wrote on 14 May 2019 05:17
(name . Leo Famulari)(address . leo@famulari.name)
87o9457miq.fsf@gmail.com
Hello,

Leo Famulari <leo@famulari.name> writes:

Toggle quote (15 lines)
> On Fri, Mar 15, 2019 at 11:43:26PM -0400, Maxim Cournoyer wrote:
>> Unmaintained on what ground? The website doesn't list fresh news,
>> but the latest release was made in 2014 [1], and the maintainer has made
>> changes to the Debian package last time in 2017 [2]. I wouldn't say it's
>> unmaintained until the maintainer says so or CVEs pile up unfixed (which
>> there aren't).
>
> Considering the rate of vulnerability discovery in MIT Kerberos [0] I
> think that, if GSS was being examined to the same degree, we would learn
> of many serious bugs. Any significant C codebase of this age will have
> such bugs. But unfortunately GSS hasn't received as much scrutiny.
>
> [0]
> https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=krb5

Just FYI,

I had ping'd the GSS mailing list with this message:
there haven't been a reply (yet).

So it looks like it was a wise decision to make the switch! Sorry for
doubting, eh!

Maxim
M
M
Marius Bakke wrote on 14 May 2019 20:15
87v9ycaomv.fsf@fastmail.com
Hi Maxim,

Maxim Cournoyer <maxim.cournoyer@gmail.com> writes:

Toggle quote (28 lines)
> Hello,
>
> Leo Famulari <leo@famulari.name> writes:
>
>> On Fri, Mar 15, 2019 at 11:43:26PM -0400, Maxim Cournoyer wrote:
>>> Unmaintained on what ground? The website doesn't list fresh news,
>>> but the latest release was made in 2014 [1], and the maintainer has made
>>> changes to the Debian package last time in 2017 [2]. I wouldn't say it's
>>> unmaintained until the maintainer says so or CVEs pile up unfixed (which
>>> there aren't).
>>
>> Considering the rate of vulnerability discovery in MIT Kerberos [0] I
>> think that, if GSS was being examined to the same degree, we would learn
>> of many serious bugs. Any significant C codebase of this age will have
>> such bugs. But unfortunately GSS hasn't received as much scrutiny.
>>
>> [0]
>> https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=krb5
>
> Just FYI,
>
> I had ping'd the GSS mailing list with this message:
> http://lists.gnu.org/archive/html/help-gss/2019-03/msg00001.html, but
> there haven't been a reply (yet).
>
> So it looks like it was a wise decision to make the switch! Sorry for
> doubting, eh!

Thank you very much for checking with upstream :-)

I was on the fence about this switch myself, and submitted this patch
hoping for feedback along these lines.

It would be great to get Shishi and GSS into Googles OSS-Fuzz and
similar so that we can be more confident in the implementation.

For now I've pushed these patches in 996186b..828d376.
-----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEEu7At3yzq9qgNHeZDoqBt8qM6VPoFAlzbBcgACgkQoqBt8qM6
VPrZswgAmQ/D5OL5NBfttuDRer5swlVL0IGEwnpPqS5sDlabe6m7mPd9VU9JeLLD
h4OnkAU1tLKc3iPI5H02Uqi1noOKO71KItMI5nQqGsotaaBqVzxEQ9LqIBElLUA9
DdHwgkKTmmHJHJgzUBeHVj1lGQKKsXmGhaCeZi+H7I+5WfyaMfvDOL9kgRmda/x/
4RhbrQcTTr7cdgDfWaORN+loTBfHRF/u0SZtTfCTD40g0JeqhT0fA6FmRbg6ydLy
zWfb1caaco76lW5oaOKQ7s9j0wAEl6kItXE91+4QGndlADgtWEjg858DNJHOQ6xH
Qe8WbFKwV3v8XS1rCH2j8dq/2PMx1w==
=rP86
-----END PGP SIGNATURE-----

Closed
M
M
Maxim Cournoyer wrote on 16 May 2019 01:06
(name . Marius Bakke)(address . mbakke@fastmail.com)
8736lftj08.fsf@gmail.com
Hello Marius,

Marius Bakke <mbakke@fastmail.com> writes:

[...]

Toggle quote (25 lines)
>>> Considering the rate of vulnerability discovery in MIT Kerberos [0] I
>>> think that, if GSS was being examined to the same degree, we would learn
>>> of many serious bugs. Any significant C codebase of this age will have
>>> such bugs. But unfortunately GSS hasn't received as much scrutiny.
>>>
>>> [0]
>>> https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=krb5
>>
>> Just FYI,
>>
>> I had ping'd the GSS mailing list with this message:
>> http://lists.gnu.org/archive/html/help-gss/2019-03/msg00001.html, but
>> there haven't been a reply (yet).
>>
>> So it looks like it was a wise decision to make the switch! Sorry for
>> doubting, eh!
>
> Thank you very much for checking with upstream :-)
>
> I was on the fence about this switch myself, and submitted this patch
> hoping for feedback along these lines.
>
> It would be great to get Shishi and GSS into Googles OSS-Fuzz and
> similar so that we can be more confident in the implementation.

Would it be possible to add a fuzz phase to our GNU build system? If
it's not too expensive to run, it could be a security enhancer for the
Guix System! AFL (which is one of the two fuzzers used by Google's
OSS-fuzz service, and which we already have in Guix).

Food for thoughts!

Toggle quote (2 lines)
> For now I've pushed these patches in 996186b..828d376.

Thank you,

Maxim
Closed
S
S
Simon Josefsson wrote on 6 Aug 2022 16:04
Re: Archived problem report bug#34632 (GSS development status)
(address . control@debbugs.gnu.org)
87mtchtqn8.fsf@latte.josefsson.org
unarchive 34632
-----BEGIN PGP SIGNATURE-----

iIoEARYIADIWIQSjzJyHC50xCrrUzy9RcisI/kdFogUCYu502xQcc2ltb25Aam9z
ZWZzc29uLm9yZwAKCRBRcisI/kdFohjbAQCXgwUtf+c67vr480ptD1M/kJ1qKLM7
J4I0Jp2FLRgGHwEAmtvi0XDbgfk3DtjlBV5h4H6JTxU3jNK61YHIqnb3MgE=
=p9jG
-----END PGP SIGNATURE-----

S
S
Simon Josefsson via Discussion list for GNU Generic Security Service wrote on 6 Aug 2022 16:02
Re: GSS development status
(name . Maxim Cournoyer)(address . maxim.cournoyer@gmail.com)
87r11ttqq0.fsf@latte.josefsson.org
Maxim Cournoyer <maxim.cournoyer@gmail.com> writes:

Toggle quote (17 lines)
> Hello,
>
> I'd like to inquire about the development status of GSS? Has it left the
> beta status? Are bugs still being fixed? Is there any known or presumed
> security issues when using GSS rather than its more mainstream
> implementation in MIT Kerberos?
>
> I'm asking because the GNU Guix project is considering a switch from GNU
> GSS to MIT krb5 for security reasons [0], given that no new releases have
> been made since 2014.
>
> Thank you,
>
> Maxim Cournoyer
>
> [0] http://issues.guix.info/issue/34632

Hi Maxim,

Sorry for the slow response, which may in part be an answer to your
question. However I have just released GNU GSS version 1.0.4 to refresh
the project, and have setup CI/CD checking of it to pave the road for
future improvements. To my knowledge there are only two major missing
features:

1) Missing gss_wrap() AES functionality. This prevents SASL GSS-API
to complete on modern machines. Shishi supports AES and GSSLib
supports it for GSS_Init_sec_context etc but not GSS_wrap.

2) Shishi doesn't use the same ccache/keytab files as MIT Kerberos and
Heimdal.

I hope to complete 1) in the future. For 2), fixing it would be a GNU
Shishi feature that should be simple to resolve -- it ships with tools
ccache2shishi and keytab2shishi to convert the files, but that should be
done automatically internally by the library instead.

Indeed getting these enrolled in the OSS Fuzz project would be a great
contribution. My primary goal is to do a new release of GNU Shishi and
improve the CI/CD integration checks to have good confidence in future
changes.

Regarding what 'gsasl' and 'curl' should be linked against in GNU Guix,
I believe it would be much nicer if you would use the 'Libgssglue'
package instead! Then the user can change GSS-API library at run-time.
Read about this work here:


/Simon
-----BEGIN PGP SIGNATURE-----

iIoEARYIADIWIQSjzJyHC50xCrrUzy9RcisI/kdFogUCYu50dxQcc2ltb25Aam9z
ZWZzc29uLm9yZwAKCRBRcisI/kdForNnAP9MOtpwjj4+yezNeoabfkd/kXE++9WI
+aPryFiQpET3OwEAzO+EtEVv+T2X62Sr2ltW7gIWjLwMYwr7fN0SIwFa1wo=
=oLO3
-----END PGP SIGNATURE-----

M
M
Maxim Cournoyer wrote on 10 Aug 2022 02:48
(name . Simon Josefsson)(address . simon@josefsson.org)
877d3gorek.fsf@gmail.com
Hi Simon,

Simon Josefsson <simon@josefsson.org> writes:

Toggle quote (51 lines)
> Maxim Cournoyer <maxim.cournoyer@gmail.com> writes:
>
>> Hello,
>>
>> I'd like to inquire about the development status of GSS? Has it left the
>> beta status? Are bugs still being fixed? Is there any known or presumed
>> security issues when using GSS rather than its more mainstream
>> implementation in MIT Kerberos?
>>
>> I'm asking because the GNU Guix project is considering a switch from GNU
>> GSS to MIT krb5 for security reasons [0], given that no new releases have
>> been made since 2014.
>>
>> Thank you,
>>
>> Maxim Cournoyer
>>
>> [0] http://issues.guix.info/issue/34632
>
> Hi Maxim,
>
> Sorry for the slow response, which may in part be an answer to your
> question. However I have just released GNU GSS version 1.0.4 to refresh
> the project, and have setup CI/CD checking of it to pave the road for
> future improvements. To my knowledge there are only two major missing
> features:
>
> 1) Missing gss_wrap() AES functionality. This prevents SASL GSS-API
> to complete on modern machines. Shishi supports AES and GSSLib
> supports it for GSS_Init_sec_context etc but not GSS_wrap.
>
> 2) Shishi doesn't use the same ccache/keytab files as MIT Kerberos and
> Heimdal.
>
> I hope to complete 1) in the future. For 2), fixing it would be a GNU
> Shishi feature that should be simple to resolve -- it ships with tools
> ccache2shishi and keytab2shishi to convert the files, but that should be
> done automatically internally by the library instead.
>
> Indeed getting these enrolled in the OSS Fuzz project would be a great
> contribution. My primary goal is to do a new release of GNU Shishi and
> improve the CI/CD integration checks to have good confidence in future
> changes.
>
> Regarding what 'gsasl' and 'curl' should be linked against in GNU Guix,
> I believe it would be much nicer if you would use the 'Libgssglue'
> package instead! Then the user can change GSS-API library at run-time.
> Read about this work here:
>
> https://blog.josefsson.org/2022/07/14/towards-pluggable-gss-api-modules/

Thank you for this update! I'm happy to read you are picking up
maintenance of GSS. The libgssglue is interesting... I'll have to read
about it to know how it's intended to be used.

Thanks, and long live GNU GSS!

Maxim
?