# The patch below adds support for the deprecated 'gssapi' authentication # mechanism to OpenSSH 3.8p1. The newer 'gssapi-with-mic' mechanism is included # in this release. The use of 'gssapi' is deprecated due to the presence of # potential man-in-the-middle attacks, which 'gssapi-with-mic' is not # susceptible to. # # To use the patch apply it to a OpenSSH 3.8p1 source tree. After compiling, # backwards compatibility may be obtained by supplying the # 'GssapiEnableMitmAttack yes' option to either the client or server. # # It should be noted that this patch is being made available purely as a means # of easing the process of moving to OpenSSH 3.8p1. Any new installations are # recommended to use the 'gssapi-with-mic' mechanism. Existing installations # are encouraged to upgrade as soon as possible. Index: b/auth2-gss.c =================================================================== --- a/auth2-gss.c +++ b/auth2-gss.c @@ -296,4 +296,10 @@ Authmethod method_gssapi = { &options.gss_authentication }; +Authmethod method_gssapi_old = { + "gssapi", + userauth_gssapi, + &options.gss_enable_mitm +}; + #endif /* GSSAPI */ Index: b/auth2.c =================================================================== --- a/auth2.c +++ b/auth2.c @@ -71,6 +71,7 @@ extern Authmethod method_kbdint; extern Authmethod method_hostbased; #ifdef GSSAPI extern Authmethod method_gssapi; +extern Authmethod method_gssapi_old; #endif Authmethod *authmethods[] = { @@ -78,6 +79,7 @@ Authmethod *authmethods[] = { &method_pubkey, #ifdef GSSAPI &method_gssapi, + &method_gssapi_old, #endif &method_passwd, &method_kbdint, Index: b/readconf.c =================================================================== --- a/readconf.c +++ b/readconf.c @@ -146,7 +146,7 @@ typedef enum { oHostKeyAlgorithms, oBindAddress, oPKCS11Provider, oClearAllForwardings, oNoHostAuthenticationForLocalhost, oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, - oAddressFamily, oGssAuthentication, oGssDelegateCreds, + oAddressFamily, oGssAuthentication, oGssDelegateCreds, oGssEnableMITM, oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, oSendEnv, oControlPath, oControlMaster, oControlPersist, oHashKnownHosts, @@ -193,9 +193,11 @@ static struct { #if defined(GSSAPI) { "gssapiauthentication", oGssAuthentication }, { "gssapidelegatecredentials", oGssDelegateCreds }, + { "gssapienablemitmattack", oGssEnableMITM }, #else { "gssapiauthentication", oUnsupported }, { "gssapidelegatecredentials", oUnsupported }, + { "gssapienablemitmattack", oUnsupported }, #endif { "fallbacktorsh", oDeprecated }, { "usersh", oDeprecated }, @@ -897,6 +899,10 @@ parse_time: case oGssDelegateCreds: intptr = &options->gss_deleg_creds; goto parse_flag; + + case oGssEnableMITM: + intptr = &options->gss_enable_mitm; + goto parse_flag; case oBatchMode: intptr = &options->batch_mode; @@ -1602,6 +1608,7 @@ initialize_options(Options * options) options->challenge_response_authentication = -1; options->gss_authentication = -1; options->gss_deleg_creds = -1; + options->gss_enable_mitm = -1; options->password_authentication = -1; options->kbd_interactive_authentication = -1; options->kbd_interactive_devices = NULL; @@ -1731,6 +1738,8 @@ fill_default_options(Options * options) options->gss_authentication = 0; if (options->gss_deleg_creds == -1) options->gss_deleg_creds = 0; + if (options->gss_enable_mitm == -1) + options->gss_enable_mitm = 0; if (options->password_authentication == -1) options->password_authentication = 1; if (options->kbd_interactive_authentication == -1) Index: b/readconf.h =================================================================== --- a/readconf.h +++ b/readconf.h @@ -46,6 +46,7 @@ typedef struct { /* Try S/Key or TIS, authentication. */ int gss_authentication; /* Try GSS authentication */ int gss_deleg_creds; /* Delegate GSS credentials */ + int gss_enable_mitm; /* Enable old style gssapi auth */ int password_authentication; /* Try password * authentication. */ int kbd_interactive_authentication; /* Try keyboard-interactive auth. */ Index: b/servconf.c =================================================================== --- a/servconf.c +++ b/servconf.c @@ -119,6 +119,7 @@ initialize_server_options(ServerOptions options->gss_authentication=-1; options->gss_cleanup_creds = -1; options->gss_strict_acceptor = -1; + options->gss_enable_mitm = -1; options->password_authentication = -1; options->kbd_interactive_authentication = -1; options->challenge_response_authentication = -1; @@ -279,6 +280,8 @@ fill_default_server_options(ServerOption options->gss_cleanup_creds = 1; if (options->gss_strict_acceptor == -1) options->gss_strict_acceptor = 0; + if (options->gss_enable_mitm == -1) + options->gss_enable_mitm = 0; if (options->password_authentication == -1) options->password_authentication = 1; if (options->kbd_interactive_authentication == -1) @@ -411,7 +414,7 @@ typedef enum { sHostbasedUsesNameFromPacketOnly, sHostbasedAcceptedKeyTypes, sHostKeyAlgorithms, sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, - sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, + sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, sGssEnableMITM, sAcceptEnv, sPermitTunnel, sMatch, sPermitOpen, sForceCommand, sChrootDirectory, sUsePrivilegeSeparation, sAllowAgentForwarding, @@ -486,10 +489,12 @@ static struct { { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL }, { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL }, + { "gssapienablemitmattack", sGssEnableMITM }, #else { "gssapiauthentication", sUnsupported, SSHCFG_ALL }, { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL }, { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL }, + { "gssapienablemitmattack", sUnsupported }, #endif { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, @@ -1239,6 +1244,10 @@ process_server_config_line(ServerOptions intptr = &options->gss_strict_acceptor; goto parse_flag; + case sGssEnableMITM: + intptr = &options->gss_enable_mitm; + goto parse_flag; + case sPasswordAuthentication: intptr = &options->password_authentication; goto parse_flag; Index: b/servconf.h =================================================================== --- a/servconf.h +++ b/servconf.h @@ -119,6 +119,7 @@ typedef struct { * authenticated with Kerberos. */ int gss_authentication; /* If true, permit GSSAPI authentication */ int gss_cleanup_creds; /* If true, destroy cred cache on logout */ + int gss_enable_mitm; /* If true, enable old style GSSAPI */ int gss_strict_acceptor; /* If true, restrict the GSSAPI acceptor name */ int password_authentication; /* If true, permit password * authentication. */ Index: b/ssh_config =================================================================== --- a/ssh_config +++ b/ssh_config @@ -56,4 +56,11 @@ ForwardX11Trusted yes # PermitLocalCommand no # VisualHostKey no # ProxyCommand ssh -q -W %h:%p gateway.example.com + +# Set this to 'yes' to enable support for the deprecated 'gssapi' authentication +# mechanism to OpenSSH 3.8p1. The newer 'gssapi-with-mic' mechanism is included +# in this release. The use of 'gssapi' is deprecated due to the presence of +# potential man-in-the-middle attacks, which 'gssapi-with-mic' is not susceptible to. +# GSSAPIEnableMITMAttack no + # RekeyLimit 1G 1h Index: b/sshconnect2.c =================================================================== --- a/sshconnect2.c +++ b/sshconnect2.c @@ -326,6 +326,11 @@ Authmethod authmethods[] = { NULL, &options.gss_authentication, NULL}, + {"gssapi", + userauth_gssapi, + NULL, + &options.gss_enable_mitm, + NULL}, #endif {"hostbased", userauth_hostbased, @@ -703,7 +708,9 @@ process_gssapi_token(void *ctxt, gss_buf if (status == GSS_S_COMPLETE) { /* send either complete or MIC, depending on mechanism */ - if (!(flags & GSS_C_INTEG_FLAG)) { + + if (strcmp(authctxt->method->name,"gssapi") == 0 || + (!(flags & GSS_C_INTEG_FLAG))) { packet_start(SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE); packet_send(); } else { Index: b/sshd_config =================================================================== --- a/sshd_config +++ b/sshd_config @@ -85,6 +85,13 @@ PasswordAuthentication no #GSSAPIAuthentication no #GSSAPICleanupCredentials yes +# Set this to 'yes' to enable support for the deprecated 'gssapi' authentication +# mechanism to OpenSSH 3.8p1. The newer 'gssapi-with-mic' mechanism is included +# in this release. The use of 'gssapi' is deprecated due to the presence of +# potential man-in-the-middle attacks, which 'gssapi-with-mic' is not susceptible to. +#GSSAPIEnableMITMAttack no + + # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication and