netbsd-bugs: lib/2911: Problems in src/domestic with andrew string2key systems

Subject: lib/2911: Problems in src/domestic with andrew string2key systems
To: None <gnats-bugs@gnats.netbsd.org>
From: None <wrstuden@loki.stanford.edu>
List: netbsd-bugs
Date: 10/31/1996 18:02:45
>Number:         2911
>Category:       lib
>Synopsis:       kerberos doesn't work well with andrew/transarc string2key
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    lib-bug-people (Library Bug People)
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Oct 31 18:20:02 1996
>Last-Modified:
>Originator:     Bill Studenmund
>Organization:
	
>Release:        1.2
>Environment:
	
System: NetBSD landau.Stanford.EDU 1.2 NetBSD 1.2 (LANDAU) #1: Wed Oct 30 18:44:42 PST 1996 croot@landau.Stanford.EDU:/y1/source/usr/src/sys/arch/i386/compile/LANDAU i386


>Description:

There are two problems in the libkrb library when running at a site which
uses the andrew string2key routine (AKA the transarc string2key routine).
We include such a routine in libkrb, but give no way to use it.

Also, the standard andrew_string2key routine will not work on NetBSD.
It calls the crypt routine at one point, giving it "#~" as a salt.
This salt is invalid, and our crypt routine gives a different response
to this input than did the crypt routine originally distributed with
AFS. However I was told by Karl Ramm (karl@oit.duke.edu) that "p1"
works just as well. It does, and it is valid.

>How-To-Repeat:
Try to run kinit when your authentication server is using AFS Kerberos.
You won't be able to kinit, even with your correct password.
>Fix:
The following patches fix both problems. The first patch adds a new
compile flag (called ANDREWS2K) which controls the AFS vs regular
kerberos behavior. This name certianly can be changed. Then we patch
get_in_tkt.c's passwd_to_key routine to use the afs_string_to_key
routine if ANDREWS2K is defined.

A simple name substitution won't work as we need more parameters
passed in to the routine, and also that there is no direct
equivelant of the des_read_password routine. This code was inspired by
the code in the Stanford kerberos distribution.

The last patch changes the salt used in the call to crypt.

*** get_in_tkt.c.orig	Sat Oct 26 06:27:01 1996
--- get_in_tkt.c	Mon Oct 28 15:05:58 1996
***************
*** 42,47 ****
--- 42,52 ----
   * In either case, the resulting key is put in the "key" argument,
   * and 0 is returned.
   */
+ /*
+  * If we want to be compatable with a site using the Transarc or
+  * andrew string_to_key, we call those routines here.
+  */
+ #define ANDREWS2K
  
  /*ARGSUSED */
  static int passwd_to_key(user,instance,realm,passwd,key)
***************
*** 52,61 ****
--- 57,77 ----
      if (!passwd)
  	placebo_read_password(key, "Password: ", 0);
  #else
+ #ifdef ANDREWS2K
+     if (passwd)
+ 	afs_string_to_key(passwd,realm,key);
+     else {
+ 	char	buff[80];
+ 	des_read_pw_string(buff, sizeof(buff)-1, "Password: ",0);
+ 	afs_string_to_key(buff,realm,key);
+ 	bzero(buff,sizeof(buff));
+     }
+ #else
      if (passwd)
  	string_to_key(passwd,key);
      else
  	des_read_password(key,"Password: ",0);
+ #endif /* ANDREWS2K */
  #endif
      return (0);
  }
*** str2key.c.orig	Sat Oct 26 06:23:51 1996
--- str2key.c	Sat Oct 26 06:26:15 1996
***************
*** 56,62 ****
  
      /* crypt only considers the first 8 characters of password but for some
         reason returns eleven characters of result (plus the two salt chars). */
!     strncpy((void *)key, (char *)crypt(password, "#~") + 2, sizeof(des_cblock));
  
      /* parity is inserted into the LSB so leftshift each byte up one bit.  This
         allows ascii characters with a zero MSB to retain as much significance
--- 56,65 ----
  
      /* crypt only considers the first 8 characters of password but for some
         reason returns eleven characters of result (plus the two salt chars). */
!     /* For some reason, the andrew folks used "#~" for the salt. It is not
! 	valid. Our libcrypt won't work with it. But "p1" will yield the
! 	smae encryption, and is valid woth our libcrypt. */
!     strncpy((void *)key, (char *)crypt(password, "p1") + 2, sizeof(des_cblock));
  
      /* parity is inserted into the LSB so leftshift each byte up one bit.  This
         allows ascii characters with a zero MSB to retain as much significance
>Audit-Trail:
>Unformatted: