diff options
| author | Greg Hudson <ghudson@mit.edu> | 2010-10-23 00:38:17 +0000 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2010-10-23 00:38:17 +0000 |
| commit | 03a197a41f4f8d2cd2ec5da3892a006bd1b0d265 (patch) | |
| tree | 95ab31fa0759cfaf7cae4788c0f7477e771311e1 | |
| parent | f6fe2be37c17c7cabb61af0f3e676dcecea8f5a8 (diff) | |
| download | krb5-03a197a41f4f8d2cd2ec5da3892a006bd1b0d265.zip krb5-03a197a41f4f8d2cd2ec5da3892a006bd1b0d265.tar.gz krb5-03a197a41f4f8d2cd2ec5da3892a006bd1b0d265.tar.bz2 | |
Better libk5crypto NSS fork safety
Use SECMOD_RestartModules() from the forthcoming NSS 3.12.9 release to
make the libk5crypto back end work after a fork. Add a test program
to exercise fork detection in the NSS back end. Add a configure-time
version check to ensure that we're using NSS 3.12.9 or later.
ticket: 6810
target_version: 1.9
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24470 dc483132-0cff-0310-8789-dd5450dbe970
| -rw-r--r-- | src/configure.in | 21 | ||||
| -rw-r--r-- | src/lib/crypto/crypto_tests/Makefile.in | 9 | ||||
| -rw-r--r-- | src/lib/crypto/crypto_tests/t_fork.c | 111 | ||||
| -rw-r--r-- | src/lib/crypto/nss/enc_provider/enc_gen.c | 10 |
4 files changed, 141 insertions, 10 deletions
diff --git a/src/configure.in b/src/configure.in index 592bdd8..8727d5c 100644 --- a/src/configure.in +++ b/src/configure.in @@ -116,8 +116,6 @@ AC_HELP_STRING([--with-crypto-impl=IMPL], [use specified crypto implementation @ [CRYPTO_IMPL=$withval AC_MSG_RESULT("k5crypto will use \'$withval\'") ], withval=builtin) -CRYPTO_IMPL_LIBS= -CRYPTO_IMPL_CFLAGS= case "$withval" in builtin) ;; @@ -125,9 +123,24 @@ openssl) AC_CHECK_LIB(crypto, PKCS7_get_signer_info) ;; nss) - CRYPTO_IMPL_CFLAGS=`pkg-config --cflags nss` - CRYPTO_IMPL_LIBS="-lnss3 $(pkg-config --libs nss-util)" + if test "${CRYPTO_IMPL_CFLAGS+set}" != set; then + CRYPTO_IMPL_CFLAGS=`pkg-config --cflags nss` + fi + if test "${CRYPTO_IMPL_LIBS+set}" != set; then + CRYPTO_IMPL_LIBS="-lnss3 $(pkg-config --libs nss-util)" + fi AC_DEFINE(CRYPTO_IMPL_NSS,1,[Define if crypto implementation is NSS]) + save_CFLAGS=$CFLAGS + CFLAGS="$CFLAGS $CRYPTO_IMPL_CFLAGS" + AC_COMPILE_IFELSE([ +#include <nss.h> +#if NSS_VMAJOR < 3 || (NSS_VMAJOR == 3 && NSS_VMINOR < 12) +#error +#elif NSS_VMAJOR == 3 && NSS_VMINOR == 12 && NSS_VPATCH < 9 +#error +#endif + ], [], [AC_MSG_ERROR([NSS version 3.12.9 or later required.])]) + CFLAGS=$save_CFLAGS ;; *) AC_MSG_ERROR([Unknown crypto implementation $withval]) diff --git a/src/lib/crypto/crypto_tests/Makefile.in b/src/lib/crypto/crypto_tests/Makefile.in index 40065f1..158972b 100644 --- a/src/lib/crypto/crypto_tests/Makefile.in +++ b/src/lib/crypto/crypto_tests/Makefile.in @@ -33,6 +33,7 @@ EXTRADEPSRCS=\ $(srcdir)/t_kperf.c \ $(srcdir)/t_short.c \ $(srcdir)/t_str2key.c \ + $(srcdir)/t_fork.c \ $(srcdir)/ytest.c ##DOSBUILDTOP = ..\..\.. @@ -54,7 +55,7 @@ check-unix:: t_nfold t_encrypt t_prf t_prng t_cmac t_hmac \ aes-test \ camellia-test \ t_mddriver4 t_mddriver \ - t_crc t_cts t_short t_str2key t_camellia_ccm + t_crc t_cts t_short t_str2key t_fork t_camellia_ccm $(RUN_SETUP) $(VALGRIND) ./t_nfold $(RUN_SETUP) $(VALGRIND) ./t_encrypt $(RUN_SETUP) $(VALGRIND) ./t_prng <$(srcdir)/t_prng.seed >t_prng.output @@ -80,6 +81,7 @@ check-unix:: t_nfold t_encrypt t_prf t_prng t_cmac t_hmac \ $(RUN_SETUP) $(VALGRIND) $(C)t_mddriver -x $(RUN_SETUP) $(VALGRIND) ./t_short $(RUN_SETUP) $(VALGRIND) ./t_str2key + $(RUN_SETUP) $(VALGRIND) ./t_fork $(RUN_SETUP) $(VALGRIND) ./t_camellia_ccm @@ -158,6 +160,9 @@ t_kperf: t_kperf.o $(SUPPORT_DEPLIB) $(CRYPTO_DEPLIB) t_str2key$(EXEEXT): t_str2key.$(OBJEXT) $(SUPPORT_DEPLIB) $(CC_LINK) -o $@ t_str2key.$(OBJEXT) -lkrb5 -lk5crypto -lcom_err $(SUPPORT_LIB) +t_fork$(EXEEXT): t_fork.$(OBJEXT) $(SUPPORT_DEPLIB) + $(CC_LINK) -o $@ t_fork.$(OBJEXT) -lkrb5 -lk5crypto -lcom_err $(SUPPORT_LIB) + t_camellia_ccm$(EXEEXT): t_camellia_ccm.$(OBJEXT) $(SUPPORT_DEPLIB) $(CC_LINK) -o $@ t_camellia_ccm.$(OBJEXT) -lkrb5 -lk5crypto -lcom_err $(SUPPORT_LIB) @@ -176,7 +181,7 @@ clean:: t_mddriver4.o t_mddriver4 t_mddriver.o t_mddriver \ t_cksum4 t_cksum4.o t_cksum5 t_cksum5.o \ t_kperf.o t_kperf t_short t_short.o t_str2key t_str2key.o \ - t_camellia_ccm t_camellia_ccm.o \ + t_fork t_fork.o t_camellia_ccm t_camellia_ccm.o \ t_mddriver$(EXEEXT) $(OUTPRE)t_mddriver.$(OBJEXT) -$(RM) t_prng.output diff --git a/src/lib/crypto/crypto_tests/t_fork.c b/src/lib/crypto/crypto_tests/t_fork.c new file mode 100644 index 0000000..3a57cb4 --- /dev/null +++ b/src/lib/crypto/crypto_tests/t_fork.c @@ -0,0 +1,111 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* lib/crypto/crypto_tests/t_fork.c */ +/* + * Copyright (C) 2010 by the Massachusetts Institute of Technology. + * All rights reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + */ + +/* + * Test basic libk5crypto behavior across forks. This is primarily interesting + * for back ends with PKCS11-based constraints, such as the NSS back end. + */ + +#include "k5-int.h" +#include <unistd.h> +#include <sys/types.h> +#include <sys/wait.h> + +static krb5_context ctx; + +static void +t(krb5_error_code code) +{ + if (code != 0) { + fprintf(stderr, "Failure: %s\n", krb5_get_error_message(ctx, code)); + exit(1); + } +} + +static void +prepare_enc_data(krb5_key key, size_t in_len, krb5_enc_data *enc_data) +{ + size_t out_len; + + t(krb5_c_encrypt_length(ctx, key->keyblock.enctype, in_len, &out_len)); + t(alloc_data(&enc_data->ciphertext, out_len)); +} + +int +main() +{ + krb5_error_code ret; + krb5_keyblock kb_aes, kb_rc4; + krb5_key key_aes, key_rc4; + krb5_data state_rc4, plain = string2data("plain"), decrypted; + krb5_enc_data out_aes, out_rc4; + pid_t pid; + int status; + + /* Create AES and RC4 ciphertexts with random keys. Use cipher state for + * RC4. */ + t(krb5_init_context(&ctx)); + t(krb5_c_make_random_key(ctx, ENCTYPE_AES256_CTS_HMAC_SHA1_96, &kb_aes)); + t(krb5_c_make_random_key(ctx, ENCTYPE_ARCFOUR_HMAC, &kb_rc4)); + t(krb5_k_create_key(ctx, &kb_aes, &key_aes)); + t(krb5_k_create_key(ctx, &kb_rc4, &key_rc4)); + prepare_enc_data(key_aes, plain.length, &out_aes); + prepare_enc_data(key_aes, plain.length, &out_rc4); + t(krb5_c_init_state(ctx, &kb_rc4, 0, &state_rc4)); + t(krb5_k_encrypt(ctx, key_aes, 0, NULL, &plain, &out_aes)); + t(krb5_k_encrypt(ctx, key_rc4, 0, &state_rc4, &plain, &out_rc4)); + + /* Fork; continue in both parent and child. */ + pid = fork(); + assert(pid >= 0); + + /* Decrypt the AES message with both key and keyblock. */ + t(alloc_data(&decrypted, plain.length)); + t(krb5_k_decrypt(ctx, key_aes, 0, NULL, &out_aes, &decrypted)); + assert(data_eq(plain, decrypted)); + t(krb5_c_decrypt(ctx, &kb_aes, 0, NULL, &out_aes, &decrypted)); + assert(data_eq(plain, decrypted)); + + /* + * Encrypt another RC4 message. This may fail because RC4 cipher state in + * the NSS back end includes a PKCS11 handle which won't work across forks, + * but make sure it fails in the expected manner. + */ + ret = krb5_k_encrypt(ctx, key_rc4, 0, &state_rc4, &plain, &out_rc4); + assert(ret == 0 || ret == EINVAL); + t(krb5_c_free_state(ctx, &kb_rc4, &state_rc4)); + + /* If we're the parent, make sure the child succeeded. */ + if (pid != 0) { + assert(wait(&status) == pid); + if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) { + fprintf(stderr, "Child failed with status %d\n", status); + return 1; + } + } + + return 0; +} diff --git a/src/lib/crypto/nss/enc_provider/enc_gen.c b/src/lib/crypto/nss/enc_provider/enc_gen.c index 3edf3fc..6bdf1d0 100644 --- a/src/lib/crypto/nss/enc_provider/enc_gen.c +++ b/src/lib/crypto/nss/enc_provider/enc_gen.c @@ -39,6 +39,7 @@ #include "rand2key.h" #include "aead.h" #include "seccomon.h" +#include "secmod.h" #include "pk11pub.h" #include "nss.h" @@ -111,14 +112,15 @@ k5_nss_init(void) /* Do nothing if the existing context is still good. */ if (k5_nss_pid == pid) goto cleanup; - - /* We've forked since the last init, and need to reinitialize. */ - rv = NSS_ShutdownContext(k5_nss_ctx); - k5_nss_ctx = NULL; + /* The caller has forked. Restart the NSS modules. This will + * invalidate all of our PKCS11 handles, which we're prepared for. */ + rv = SECMOD_RestartModules(TRUE); if (rv != SECSuccess) { ret = k5_nss_map_last_error(); goto cleanup; } + k5_nss_pid = pid; + goto cleanup; } k5_nss_ctx = NSS_InitContext(NSS_KRB5_CONFIGDIR, "", "", "", NULL, flags); if (k5_nss_ctx == NULL) { |