Backport fix for RT#7858krb5-1.12.1-5.fc21

- spnego: pull in patch from master to restore preserving the OID of the
  mechanism the initiator requested when we have multiple OIDs for the
  same mechanism, so that we reply using the same mechanism OID and the
  initiator doesn't get confused (#1066000, RT#7858)

2 files changed, 176 insertions, 2 deletions

diff --git a/krb5-master-spnego-preserve-oid.patch b/krb5-master-spnego-preserve-oid.patch
new file mode 100644
index 0000000..749de5e
--- /dev/null
+++ b/krb5-master-spnego-preserve-oid.patch
@@ -0,0 +1,166 @@
+commit 8255613476d4c1583a5e810b50444f188fde871f
+Author: Greg Hudson <ghudson@mit.edu>
+Date:   Mon Feb 3 21:11:34 2014 -0500
+
+    Properly reflect MS krb5 mech in SPNEGO acceptor
+    
+    r25590 changed negotiate_mech() to return an alias into the acceptor's
+    mech set, with the unfortunate side effect of transforming the
+    erroneous Microsoft krb5 mech OID into the correct krb5 mech OID,
+    meaning that we answer with a different OID than the requested one.
+    Return an alias into the initiator's mech set instead, and store that
+    in mech_set field the SPNEGO context.  The acceptor code only uses
+    mech_set to hold the allocated storage pointed into by internal_mech,
+    so this change is safe.
+    
+    ticket: 7858
+    target_version: 1.12.2
+    tags: pullup
+
+diff --git a/src/lib/gssapi/spnego/spnego_mech.c b/src/lib/gssapi/spnego/spnego_mech.c
+index 7e4bf90..7529c74 100644
+--- a/src/lib/gssapi/spnego/spnego_mech.c
++++ b/src/lib/gssapi/spnego/spnego_mech.c
+@@ -1388,8 +1388,8 @@ acc_ctx_new(OM_uint32 *minor_status,
+ 		*return_token = NO_TOKEN_SEND;
+ 		goto cleanup;
+ 	}
+-	sc->mech_set = supported_mechSet;
+-	supported_mechSet = GSS_C_NO_OID_SET;
++	sc->mech_set = mechTypes;
++	mechTypes = GSS_C_NO_OID_SET;
+ 	sc->internal_mech = mech_wanted;
+ 	sc->DER_mechTypes = der_mechTypes;
+ 	der_mechTypes.length = 0;
+@@ -3538,7 +3538,7 @@ put_negResult(unsigned char **buf_out, OM_uint32 negResult,
+  * is set to ACCEPT_INCOMPLETE if it's the first mech, REQUEST_MIC if
+  * it's not the first mech, otherwise we return NULL and negResult
+  * is set to REJECT. The returned pointer is an alias into
+- * supported->elements and should not be freed.
++ * received->elements and should not be freed.
+  *
+  * NOTE: There is currently no way to specify a preference order of
+  * mechanisms supported by the acceptor.
+@@ -3560,7 +3560,7 @@ negotiate_mech(gss_OID_set supported, gss_OID_set received,
+ 			if (g_OID_equal(mech_oid, &supported->elements[j])) {
+ 				*negResult = (i == 0) ? ACCEPT_INCOMPLETE :
+ 					REQUEST_MIC;
+-				return &supported->elements[j];
++				return &received->elements[i];
+ 			}
+ 		}
+ 	}
+
+commit 53cfb8327c452bd72a8e915338fb5ec838079cd3
+Author: Greg Hudson <ghudson@mit.edu>
+Date:   Mon Feb 3 20:59:54 2014 -0500
+
+    Test SPNEGO acceptor response to MS krb5 mech OID
+    
+    In t_spnego.c, add code to make a SPNEGO request with the erroneous
+    Microsoft OID value and examine the response to make sure that it uses
+    the same OID value as the request did.  The token and tmp variables
+    were unused, so rename them to itok and atok for the purpose of the
+    new test code.
+    
+    ticket: 7858
+    target_version: 1.12.2
+    tags: pullup
+
+diff --git a/src/tests/gssapi/t_spnego.c b/src/tests/gssapi/t_spnego.c
+index cbf720b..ca05848 100644
+--- a/src/tests/gssapi/t_spnego.c
++++ b/src/tests/gssapi/t_spnego.c
+@@ -27,9 +27,15 @@
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
++#include <assert.h>
+ 
+ #include "common.h"
+ 
++static gss_OID_desc mech_krb5_wrong = {
++    9, "\052\206\110\202\367\022\001\002\002"
++};
++gss_OID_set_desc mechset_krb5_wrong = { 1, &mech_krb5_wrong };
++
+ /*
+  * Test program for SPNEGO and gss_set_neg_mechs
+  *
+@@ -44,11 +50,13 @@ main(int argc, char *argv[])
+ {
+     OM_uint32 minor, major, flags;
+     gss_cred_id_t verifier_cred_handle = GSS_C_NO_CREDENTIAL;
++    gss_cred_id_t initiator_cred_handle = GSS_C_NO_CREDENTIAL;
+     gss_OID_set actual_mechs = GSS_C_NO_OID_SET;
+-    gss_buffer_desc token = GSS_C_EMPTY_BUFFER, tmp = GSS_C_EMPTY_BUFFER;
++    gss_buffer_desc itok = GSS_C_EMPTY_BUFFER, atok = GSS_C_EMPTY_BUFFER;
+     gss_ctx_id_t initiator_context, acceptor_context;
+     gss_name_t target_name, source_name = GSS_C_NO_NAME;
+     gss_OID mech = GSS_C_NO_OID;
++    const unsigned char *atok_oid;
+ 
+     if (argc < 2 || argc > 3) {
+         fprintf(stderr, "Usage: %s target_name [keytab]\n", argv[0]);
+@@ -83,10 +91,58 @@ main(int argc, char *argv[])
+     (void)gss_delete_sec_context(&minor, &initiator_context, NULL);
+     (void)gss_delete_sec_context(&minor, &acceptor_context, NULL);
+     (void)gss_release_name(&minor, &source_name);
+-    (void)gss_release_name(&minor, &target_name);
+-    (void)gss_release_buffer(&minor, &token);
+-    (void)gss_release_buffer(&minor, &tmp);
+     (void)gss_release_cred(&minor, &verifier_cred_handle);
+     (void)gss_release_oid_set(&minor, &actual_mechs);
++
++    /*
++     * Test that the SPNEGO acceptor code properly reflects back the erroneous
++     * Microsoft mech OID in the supportedMech field of the NegTokenResp
++     * message.  Our initiator code doesn't care (it treats all variants of the
++     * krb5 mech as equivalent when comparing the supportedMech response to its
++     * first-choice mech), so we have to look directly at the DER encoding of
++     * the response token.  If we don't request mutual authentication, the
++     * SPNEGO reply will contain no underlying mech token, so the encoding of
++     * the correct NegotiationToken response is completely predictable:
++     *
++     *   A1 14 (choice 1, length 20, meaning negTokenResp)
++     *     30 12 (sequence, length 18)
++     *       A0 03 (context tag 0, length 3)
++     *         0A 01 00 (enumerated value 0, meaning accept-completed)
++     *       A1 0B (context tag 1, length 11)
++     *         06 09 (object identifier, length 9)
++     *            2A 86 48 82 F7 12 01 02 02 (the erroneous krb5 OID)
++     *
++     * So we can just compare the length to 22 and the nine bytes at offset 13
++     * to the expected OID.
++     */
++    major = gss_acquire_cred(&minor, GSS_C_NO_NAME, GSS_C_INDEFINITE,
++                             &mechset_spnego, GSS_C_INITIATE,
++                             &initiator_cred_handle, NULL, NULL);
++    check_gsserr("gss_acquire_cred(2)", major, minor);
++    major = gss_set_neg_mechs(&minor, initiator_cred_handle,
++                              &mechset_krb5_wrong);
++    check_gsserr("gss_set_neg_mechs(2)", major, minor);
++    major = gss_init_sec_context(&minor, initiator_cred_handle,
++                                 &initiator_context, target_name, &mech_spnego,
++                                 flags, GSS_C_INDEFINITE,
++                                 GSS_C_NO_CHANNEL_BINDINGS, &atok, NULL, &itok,
++                                 NULL, NULL);
++    check_gsserr("gss_init_sec_context", major, minor);
++    assert(major == GSS_S_CONTINUE_NEEDED);
++    major = gss_accept_sec_context(&minor, &acceptor_context,
++                                   GSS_C_NO_CREDENTIAL, &itok,
++                                   GSS_C_NO_CHANNEL_BINDINGS, NULL,
++                                   NULL, &atok, NULL, NULL, NULL);
++    assert(atok.length == 22);
++    atok_oid = (unsigned char *)atok.value + 13;
++    assert(memcmp(atok_oid, mech_krb5_wrong.elements, 9) == 0);
++    check_gsserr("gss_accept_sec_context", major, minor);
++
++    (void)gss_delete_sec_context(&minor, &initiator_context, NULL);
++    (void)gss_delete_sec_context(&minor, &acceptor_context, NULL);
++    (void)gss_release_cred(&minor, &initiator_cred_handle);
++    (void)gss_release_name(&minor, &target_name);
++    (void)gss_release_buffer(&minor, &itok);
++    (void)gss_release_buffer(&minor, &atok);
+     return 0;
+ }
diff --git a/krb5.spec b/krb5.spec
index b8a5487..6296879 100644
--- a/krb5.spec
+++ b/krb5.spec
@@ -41,7 +41,7 @@
 Summary: The Kerberos network authentication system
 Name: krb5
 Version: 1.12.1
-Release: 4%{?dist}
+Release: 5%{?dist}
 # Maybe we should explode from the now-available-to-everybody tarball instead?
 # http://web.mit.edu/kerberos/dist/krb5/1.12/krb5-1.12.1-signed.tar
 Source0: krb5-%{version}.tar.gz
@@ -100,6 +100,7 @@ Patch139: krb5-master-rcache-acquirecred-source.patch
 Patch140: krb5-master-empty-credstore.patch
 Patch141: krb5-master-rcache-acquirecred-test.patch
 Patch142: krb5-master-move-otp-sockets.patch
+Patch143: krb5-master-spnego-preserve-oid.patch
 Patch201: 0001-Don-t-try-to-stat-not-on-disk-ccache-residuals.patch
 Patch202: 0002-Use-an-in-memory-cache-until-we-need-the-target-s.patch
 Patch203: 0003-Learn-to-destroy-the-ccache-we-re-copying-from.patch
@@ -347,6 +348,7 @@ ln -s NOTICE LICENSE
 %patch140 -p1 -b .empty-credstore
 %patch141 -p1 -b .rcache-acquirecred-test
 %patch142 -p1 -b .move-otp-sockets
+%patch143 -p1 -b .spnego-preserve-oid
 
 # Take the execute bit off of documentation.
 chmod -x doc/krb5-protocol/*.txt doc/ccapi/*.html
@@ -1016,12 +1018,18 @@ exit 0
 %{_sbindir}/uuserver
 
 %changelog
+* Mon Feb 17 2014 Nalin Dahyabhai <nalin@redhat.com> - 1.12.1-5
+- spnego: pull in patch from master to restore preserving the OID of the
+  mechanism the initiator requested when we have multiple OIDs for the same
+  mechanism, so that we reply using the same mechanism OID and the initiator
+  doesn't get confused (#1066000, RT#7858)
+
 * Fri Feb  7 2014 Nalin Dahyabhai <nalin@redhat.com> - 1.12.1-4
 - pull in patch from master to move the default directory which the KDC uses
   when computing the socket path for a local OTP daemon from the database
   directory (/var/kerberos/krb5kdc) to the newly-added run directory
   (/run/krb5kdc), in line with what we're expecting in 1.13 (RT#7859, more
-  of #1040056)
+  of #1040056 as #1063905)
 - add a tmpfiles.d configuration file to have /run/krb5kdc created at
   boot-time
 - own /var/run/krb5kdc