e33d2a7b30
The RC4-HMAC-MD5 KerberosV algorithm is based on RFC 4757 [0], which was specifically issued for interoperability with Windows 2000, but was never intended to receive the same level of support. The RFC says The IETF Kerberos community supports publishing this specification as an informational document in order to describe this widely implemented technology. However, while these encryption types provide the operations necessary to implement the base Kerberos specification [RFC4120], they do not provide all the required operations in the Kerberos cryptography framework [RFC3961]. As a result, it is not generally possible to implement potential extensions to Kerberos using these encryption types. The Kerberos encryption type negotiation mechanism [RFC4537] provides one approach for using such extensions even when a Kerberos infrastructure uses long-term RC4 keys. Because this specification does not implement operations required by RFC 3961 and because of security concerns with the use of RC4 and MD4 discussed in Section 8, this specification is not appropriate for publication on the standards track. The RC4-HMAC encryption types are used to ease upgrade of existing Windows NT environments, provide strong cryptography (128-bit key lengths), and provide exportable (meet United States government export restriction requirements) encryption. This document describes the implementation of those encryption types. Furthermore, this RFC was re-classified as 'historic' by RFC 8429 [1] in 2018, stating that 'none of the encryption types it specifies should be used' Note that other outdated algorithms are left in place (some of which are guarded by CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES), so this should only adversely affect interoperability with Windows NT/2000 systems that have not received any updates since 2008 (but are connected to a network nonetheless) [0] https://tools.ietf.org/html/rfc4757 [1] https://tools.ietf.org/html/rfc8429 Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Acked-by: J. Bruce Fields <bfields@redhat.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
42 lines
1.1 KiB
C
42 lines
1.1 KiB
C
/* SPDX-License-Identifier: GPL-2.0 */
|
|
/*
|
|
* Define the string that exports the set of kernel-supported
|
|
* Kerberos enctypes. This list is sent via upcall to gssd, and
|
|
* is also exposed via the nfsd /proc API. The consumers generally
|
|
* treat this as an ordered list, where the first item in the list
|
|
* is the most preferred.
|
|
*/
|
|
|
|
#ifndef _LINUX_SUNRPC_GSS_KRB5_ENCTYPES_H
|
|
#define _LINUX_SUNRPC_GSS_KRB5_ENCTYPES_H
|
|
|
|
#ifdef CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES
|
|
|
|
/*
|
|
* NB: This list includes DES3_CBC_SHA1, which was deprecated by RFC 8429.
|
|
*
|
|
* ENCTYPE_AES256_CTS_HMAC_SHA1_96
|
|
* ENCTYPE_AES128_CTS_HMAC_SHA1_96
|
|
* ENCTYPE_DES3_CBC_SHA1
|
|
*/
|
|
#define KRB5_SUPPORTED_ENCTYPES "18,17,16"
|
|
|
|
#else /* CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES */
|
|
|
|
/*
|
|
* NB: This list includes encryption types that were deprecated
|
|
* by RFC 8429 and RFC 6649.
|
|
*
|
|
* ENCTYPE_AES256_CTS_HMAC_SHA1_96
|
|
* ENCTYPE_AES128_CTS_HMAC_SHA1_96
|
|
* ENCTYPE_DES3_CBC_SHA1
|
|
* ENCTYPE_DES_CBC_MD5
|
|
* ENCTYPE_DES_CBC_CRC
|
|
* ENCTYPE_DES_CBC_MD4
|
|
*/
|
|
#define KRB5_SUPPORTED_ENCTYPES "18,17,16,3,1,2"
|
|
|
|
#endif /* CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES */
|
|
|
|
#endif /* _LINUX_SUNRPC_GSS_KRB5_ENCTYPES_H */
|