[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: heimdal 1.0.1 w2k interop

To: heimdal-discuss@sics.se, Love Hörnquist Åstrand <lha@kth.se>
Subject: Re: heimdal 1.0.1 w2k interop
From: Andy Polyakov <appro@fy.chalmers.se>
Date: Fri, 19 Oct 2007 18:28:12 +0200
In-Reply-To: <8901CE00-6D4B-4F79-8B9B-7CD439098B35@kth.se>
List-Archive: <http://list.sics.se/sympa/arc/heimdal-discuss>
List-Help: <mailto:sympa@sics.se?subject=help>
List-Id: <heimdal-discuss.sics.se>
List-Owner: <mailto:heimdal-discuss-request@sics.se>
List-Post: <mailto:heimdal-discuss@sics.se>
List-Subscribe: <mailto:sympa@sics.se?subject=subscribe%20heimdal-discuss>
List-Unsubscribe: <mailto:sympa@sics.se?subject=unsubscribe%20heimdal-discuss>
References: <4714E5AF.2060805@fy.chalmers.se> <8901CE00-6D4B-4F79-8B9B-7CD439098B35@kth.se>
Reply-To: heimdal-discuss@sics.se, Andy Polyakov <appro@fy.chalmers.se>
User-Agent: Thunderbird 2.0.0.6 (X11/20070728)

>> Some time this summer we have reported interoperability issues between 
>> heimdal 0.8.1 and w2k. The problem was two-fold:
>>
>> - w2k can parse only PA_ENCTYPE_INFO structure, while heimdal fails to 
>> provide this structure, because it fails to identify w2k as "old" client;
>> - w2k (and even xp) seem to have hard-coded limitation for cryptotypes 
>> when it's not talking to AD controller, most notably it refuses/fails 
>> to use rc4_hmac for pre-authentication against heimdal/mit kdc;
>>
>> First issue is still present in 1.0.1, because it fails to identify 
>> legacy Microsoft cryptotypes as "old" ones. Attached patch does the 
>> trick for us [by adding just mentioned cryptotypes to older_enctype()] 
>> and [so far] was tested with w2k, wxp, vista, mit krb5 and admitmac.
> 
> Maybe all enctypes with lower numbers the aes should be considered 
> "old".

Yes, that would do the trick too. With reservation that it doesn't cause 
problems for private cryptotypes mentioned in k5.asn1. I have no idea 
when/if they are used and didn't consider anything more drastic than 
just adding Windows specific types.

> Anyway, added your patch.

Thanks.

>> Second issue disappeared in 1.0.1. Apparently because of changed order 
>> of appearance of supported cryptotypes in PA_ENCTYPE_INFO[2] reply. I 
>> mean 0.8.1 was ordering supported ones in same order as they were 
>> appearing in client's KDC_REQ, most notably with rc4_hmac first. 1.0.1 
>> on the other hand seem to return cypher types with des-cbc-md5 first 
>> and w2k manages to successfully get TGT and proceed further. Cheers. A.
> 
> Does an joined windows machine pick up "better" enctypes then des when 
> its sent in ETYPE_INFO ?

No. I've joined W2K machine the Active Domain that has the trust to 
Heimdal realm, and it still picks des-cbc-md5 for pre-authentication 
against Heimdal KDC. I've even tried to wipe all enctypes but rc4 from 
my principal on Heimdal KDC, so that KDC offers only rc4 in 
PA_ENCTYPE_INFO for my account. But then W2K acts as if PA_ENCTYPE_INFO 
was not present, i.e. after it gets "you should pre-authenticate" reply 
[with rc4 alone], it just stops and displays "logon failed" dialog.

It should be explicitly noted that this interop problem is apparently 
specific to pre-authentication only. More specifically ticket returned 
in reply to pre-authenticated AS-REQ apparently may be encrypted with 
rc4, as W2K has no problem using it. In other words Windows effectively 
refuses to encrypt PA-ENC-TIMESTAMP in AS_REQ with rc4, but doesn't mind 
using rc4 in AS-REP. For reference, enctype on AD-KDC trust key is rc4 
(set with ktpass:-). Thanks again. A.

References:
- heimdal 1.0.1 w2k interop
  - From: Andy Polyakov <appro@fy.chalmers.se>
- Re: heimdal 1.0.1 w2k interop
  - From: Love Hörnquist Åstrand <lha@kth.se>

Prev by Date: KDC config heimdal/samba4
Next by Date: S4U2self ticket does not have forwardable flag set
Prev by thread: Re: heimdal 1.0.1 w2k interop
Next by thread: lists of healthcare providers
Index(es):
- Date
- Thread