Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

x/crypto: AcceptSecContext always given first outputToken from InitSecContext #43875

Open
9072997 opened this issue Jan 24, 2021 · 2 comments · May be fixed by golang/crypto#176
Open

x/crypto: AcceptSecContext always given first outputToken from InitSecContext #43875

9072997 opened this issue Jan 24, 2021 · 2 comments · May be fixed by golang/crypto#176
Labels
Milestone

Comments

@9072997
Copy link

@9072997 9072997 commented Jan 24, 2021

What version of Go are you using (go version)?

go version go1.15.7 windows/amd64

Does this issue reproduce with the latest release?

I believe 1.15.7 to be the latest release, so yes?

What operating system and processor architecture are you using (go env)?

go env Output
set GO111MODULE=
set GOARCH=amd64
set GOBIN=
set GOCACHE=C:\Users\jpenn\AppData\Local\go-build
set GOENV=C:\Users\jpenn\AppData\Roaming\go\env
set GOEXE=.exe
set GOFLAGS=
set GOHOSTARCH=amd64
set GOHOSTOS=windows
set GOINSECURE=
set GOMODCACHE=C:\Users\jpenn\go\pkg\mod
set GONOPROXY=
set GONOSUMDB=
set GOOS=windows
set GOPATH=C:\Users\jpenn\go
set GOPRIVATE=
set GOPROXY=https://proxy.golang.org,direct
set GOROOT=c:\go
set GOSUMDB=sum.golang.org
set GOTMPDIR=
set GOTOOLDIR=c:\go\pkg\tool\windows_amd64
set GCCGO=gccgo
set AR=ar
set CC=gcc
set CXX=g++
set CGO_ENABLED=1
set GOMOD=
set CGO_CFLAGS=-g -O2
set CGO_CPPFLAGS=
set CGO_CXXFLAGS=-g -O2
set CGO_FFLAGS=-g -O2
set CGO_LDFLAGS=-g -O2
set PKG_CONFIG=pkg-config
set GOGCCFLAGS=-m64 -mthreads -fmessage-length=0 -fdebug-prefix-map=C:\Users\jpenn\AppData\Local\Temp\go-build470606270=/tmp/go-build -gno-record-gcc-switches

What did you do?

See this program.

This is a dumb and broken implementation of GSSAPIServer and GSSAPIClient for use with crypto/ssh, but it exposes what I think is a bug. As I understand it, InitSecContext and AcceptSecContext should be called back-and-forth, each being given the outputToken of the other. This does not appear to be what is happening. Instead it looks like AcceptSecContext is always given the first outputToken returned by InitSecContext.

What did you expect to see?

CLIENT: InitSecContext(host@HostnameSuppliedByClient, [], false): [100] true 
SERVER: AcceptSecContext([100]): [50 1], UsernameDeterminedByServer, true, 
CLIENT: InitSecContext(host@HostnameSuppliedByClient, [50 1], false): [101] true 
SERVER: AcceptSecContext([101]): [51 2], UsernameDeterminedByServer, true, 
CLIENT: InitSecContext(host@HostnameSuppliedByClient, [51 2], false): [102] true 
SERVER: AcceptSecContext([102]): [52 3], UsernameDeterminedByServer, true, 
CLIENT: InitSecContext(host@HostnameSuppliedByClient, [52 3], false): [103] true 
SERVER: AcceptSecContext([103]): [53 4], UsernameDeterminedByServer, true, 
CLIENT: InitSecContext(host@HostnameSuppliedByClient, [53 4], false): [104] true 
SERVER: AcceptSecContext([104]): [54 5], UsernameDeterminedByServer, true, 
CLIENT: InitSecContext(host@HostnameSuppliedByClient, [54 5], false): [105] true 
SERVER: AcceptSecContext([105]): [55 6], UsernameDeterminedByServer, true, 
CLIENT: InitSecContext(host@HostnameSuppliedByClient, [55 6], false): [106] true 
SERVER: AcceptSecContext([106]): [56 7], UsernameDeterminedByServer, true, 
CLIENT: InitSecContext(host@HostnameSuppliedByClient, [56 7], false): [107] true 
SERVER: AcceptSecContext([107]): [57 8], UsernameDeterminedByServer, true, 
CLIENT: InitSecContext(host@HostnameSuppliedByClient, [57 8], false): [108] true 
SERVER: AcceptSecContext([108]): [58 9], UsernameDeterminedByServer, true, 
CLIENT: InitSecContext(host@HostnameSuppliedByClient, [58 9], false): [109] true 
SERVER: AcceptSecContext([109]): [59 10], UsernameDeterminedByServer, true, 
CLIENT: InitSecContext(host@HostnameSuppliedByClient, [59 10], false): [] false 
...

What did you see instead?

CLIENT: InitSecContext(host@HostnameSuppliedByClient, [], false): [100] true 
SERVER: AcceptSecContext([100]): [50 1], UsernameDeterminedByServer, true, 
CLIENT: InitSecContext(host@HostnameSuppliedByClient, [50 1], false): [101] true 
SERVER: AcceptSecContext([100]): [50 2], UsernameDeterminedByServer, true, 
CLIENT: InitSecContext(host@HostnameSuppliedByClient, [50 2], false): [102] true 
SERVER: AcceptSecContext([100]): [50 3], UsernameDeterminedByServer, true, 
CLIENT: InitSecContext(host@HostnameSuppliedByClient, [50 3], false): [103] true 
SERVER: AcceptSecContext([100]): [50 4], UsernameDeterminedByServer, true, 
CLIENT: InitSecContext(host@HostnameSuppliedByClient, [50 4], false): [104] true 
SERVER: AcceptSecContext([100]): [50 5], UsernameDeterminedByServer, true, 
CLIENT: InitSecContext(host@HostnameSuppliedByClient, [50 5], false): [105] true 
SERVER: AcceptSecContext([100]): [50 6], UsernameDeterminedByServer, true, 
CLIENT: InitSecContext(host@HostnameSuppliedByClient, [50 6], false): [106] true 
SERVER: AcceptSecContext([100]): [50 7], UsernameDeterminedByServer, true, 
CLIENT: InitSecContext(host@HostnameSuppliedByClient, [50 7], false): [107] true 
SERVER: AcceptSecContext([100]): [50 8], UsernameDeterminedByServer, true, 
CLIENT: InitSecContext(host@HostnameSuppliedByClient, [50 8], false): [108] true 
SERVER: AcceptSecContext([100]): [50 9], UsernameDeterminedByServer, true, 
CLIENT: InitSecContext(host@HostnameSuppliedByClient, [50 9], false): [109] true 
SERVER: AcceptSecContext([100]): [50 10], UsernameDeterminedByServer, true, 
CLIENT: InitSecContext(host@HostnameSuppliedByClient, [50 10], false): [] false 
...
@gopherbot gopherbot added this to the Unreleased milestone Jan 24, 2021
@9072997 9072997 changed the title x/crypto: x/crypto: AcceptSecContext always given first outputToken from InitSecContext Jan 24, 2021
@seankhliao
Copy link
Contributor

@seankhliao seankhliao commented Jan 24, 2021

apparently nothing is done with the packet received from the client

https://github.com/golang/crypto/blob/eec23a3978adcfd26c29f4153eaa3e3d9b2cc53a/ssh/server.go#L329-L356

bodgit added a commit to bodgit/crypto that referenced this issue Jan 25, 2021
This fixes the case where AcceptSecContext is always called with the
first token sent by the client instead of the most recently sent one.

Fixes golang/go#43875
@gopherbot
Copy link

@gopherbot gopherbot commented Jan 25, 2021

Change https://golang.org/cl/286252 mentions this issue: ssh: Use the correct token from the client

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

3 participants