From nobody Sat Aug 30 23:22:58 2025 X-Original-To: freebsd-current@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4cDrm76gQYz66PfD for ; Sat, 30 Aug 2025 23:23:19 +0000 (UTC) (envelope-from rick.macklem@gmail.com) Received: from mail-ed1-x532.google.com (mail-ed1-x532.google.com [IPv6:2a00:1450:4864:20::532]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "WR4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4cDrm65sXwz3SBV; Sat, 30 Aug 2025 23:23:18 +0000 (UTC) (envelope-from rick.macklem@gmail.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20230601 header.b=b76kkLf4; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of rick.macklem@gmail.com designates 2a00:1450:4864:20::532 as permitted sender) smtp.mailfrom=rick.macklem@gmail.com Received: by mail-ed1-x532.google.com with SMTP id 4fb4d7f45d1cf-61a8c134533so6043919a12.3; Sat, 30 Aug 2025 16:23:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1756596192; x=1757200992; darn=freebsd.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=ZTncibX4S4ycd2RnuFD+DonsW9Byr1m/HiU1C+avqHU=; b=b76kkLf4+7d5op5afBoufGMiiuNYjJoLqhDWu1TWfzhCUTtkLvCiF8nsav2PCe25qa /t5TniA5BXKv4OPppGPfNvWkPe8E7jrm1i78QDPDPsDwC/ggtg+K2XwYBI6J/T+3zwxw h6qeZSJvHdOk6nHRA/xwC1TWhrbLQcpRAu7QGwUD5h47ygSqfmAYBcIRcmtoNmurGaGh 0DtpcsZZL6bjA5RYMrXSms/J0f3kBXIIVmcJpjyJDQl92Hp4rGKSTW6up3l7dIPB/7dF xW15fLGmQtmaOXFUV6zU1PPY82qDJGIG3qpq79AHPuU4pVb9EG8s1MyidB1rpxfQhmOf wK5w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1756596192; x=1757200992; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ZTncibX4S4ycd2RnuFD+DonsW9Byr1m/HiU1C+avqHU=; b=r5UPyGQV8ngyqkJPrHRbM/TOmxjBEkduWhzJHpM2KYkcBHaGGsehuqSn++1gJhHPkp u/DtiFy4W1nlEkFhLmxFsgsg0ReSy+z3EgUyPqfRJ5UUTdVlvH503W9J4U5wQjLvxbRo cJWmAFntFaIEenwWhIi/xV8WeiqeyqBxn9CGtz89CqThjY+6UGyt/JP1z0Pdi4Orom1X uO8nMOIvWiw7s4r4FwwFnm0u06apmKK6+u8P96hXsTXaEpcsCEtIP28ccA4ZmV1qQmCm OncYmhbWPmVD9sxMoEGVv0GyeJg3qQSqu0X7HFNPo/2Dtp51N4qumyPf4ZBBTR6cdxpq SU4Q== X-Forwarded-Encrypted: i=1; AJvYcCXGvJWeZqAy5lXqqUCW+LUK0r3/NH/93L8zTFda3WuZigzl9zsJtRMbpZMn0fxzYv5HT8KiY/WWSHAo3pIE2Xw=@freebsd.org X-Gm-Message-State: AOJu0YzfJ84pLLly6L0UiLu4tskc2ES/sTemuAjKBVHuuRKjIZCrnAsU L7QdOEApxBaohEoxhCE8VWol+5ZIJWWSwYT1CLSlqPueTYWZ8QyWV31H1Qsdnuf035CwfjrxRk/ KgeXziI/rVlCn8LHUwa3/036I4UyPECQlD3g= X-Gm-Gg: ASbGncvsIA4JqkND9VtIb6ybxNA//Uz0knP6/eS2QrpFKw4C4RF5JxC747hH9Z2assW o0bQaFFS1slQAyxugEUrLhUvRDNCIZgKShjYO8OpvjT0wKUW3mkvkNY7ED0fFT4NFBVZKsrv3XU qrxDMy37EBqUujXSuv917tv4mCZMzFOanP7PQNKsdkTS/7fYly2jDHcc3NC6WPH+Xh8/5ilTGVc z5QvVSIHCUk0DgwSkK8Wg2oZUOJ1aAWYrmMYzZCOJ+DkJt1Ww9G8bZTBFE= X-Google-Smtp-Source: AGHT+IHjFfmuCi6/LYzpb4aC5mGzN5mXjdHAtkoJLe7p62jPZM0WD7Cc8AY9+gh0sNHAfFXeC6i5dZlb0gPcVYEQRV8= X-Received: by 2002:a05:6402:3881:b0:61a:967f:55f9 with SMTP id 4fb4d7f45d1cf-61d26bfd42dmr2877968a12.10.1756596191297; Sat, 30 Aug 2025 16:23:11 -0700 (PDT) List-Id: Discussions about the use of FreeBSD-current List-Archive: https://lists.freebsd.org/archives/freebsd-current List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-current@FreeBSD.org MIME-Version: 1.0 References: <56dd78c6-a53a-4c4c-989a-335cc5fed405@FreeBSD.org> <1578a4eac5402d0496d8989e5258bc78@Leidinger.net> In-Reply-To: From: Rick Macklem Date: Sat, 30 Aug 2025 16:22:58 -0700 X-Gm-Features: Ac12FXwdG0K3vDdYKRm41YzYDVY6aFFiCovRSGzCAJ2giNfEPuDpGLb_Oi0ul6w Message-ID: Subject: Re: heimdal -> MIT kdc migration To: Gleb Smirnoff Cc: Cy Schubert , freebsd-current@freebsd.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spamd-Bar: --- X-Spamd-Result: default: False [-4.00 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20230601]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36:c]; MIME_GOOD(-0.10)[text/plain]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; RCVD_TLS_LAST(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; ARC_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; TAGGED_FROM(0.00)[]; TO_DN_SOME(0.00)[]; FROM_HAS_DN(0.00)[]; MISSING_XM_UA(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; MID_RHS_MATCH_FROMTLD(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; MLMMJ_DEST(0.00)[freebsd-current@freebsd.org]; RCVD_COUNT_ONE(0.00)[1]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::532:from]; FREEMAIL_ENVFROM(0.00)[gmail.com] X-Rspamd-Queue-Id: 4cDrm65sXwz3SBV On Sat, Aug 30, 2025 at 8:56=E2=80=AFAM Rick Macklem wrote: > > On Fri, Aug 29, 2025 at 1:05=E2=80=AFPM Rick Macklem wrote: > > > > On Fri, Aug 29, 2025 at 7:43=E2=80=AFAM Rick Macklem wrote: > > > > > > On Wed, Aug 27, 2025 at 8:39=E2=80=AFPM Rick Macklem wrote: > > > > > > > > On Wed, Aug 27, 2025 at 7:43=E2=80=AFPM Rick Macklem wrote: > > > > > > > > > > On Tue, Aug 26, 2025 at 9:35=E2=80=AFAM Gleb Smirnoff wrote: > > > > > > > > > > > > On Tue, Aug 26, 2025 at 08:31:13AM -0700, Gleb Smirnoff wrote: > > > > > > T> On Tue, Aug 26, 2025 at 08:13:26AM -0700, Rick Macklem wrote= : > > > > > > T> R> Ok. If you install FreeBSD-13.5 and then "pkg install hei= mdal", you get a > > > > > > T> R> working Heimdal-7.8 in ports. > > > > > > T> R> > > > > > > T> R> Now, I have another challenge. Fixing the master password= s. > > > > > > T> R> I'll work on it later to-day. > > > > > > T> > > > > > > T> I have applied two commits from Heimdal from 2012 that add '= kadmin dump -f MIT' > > > > > > T> feature to our base heimdal and polished them to compile. S= o far it doesn't > > > > > > T> work yet, either create an empty dump or create a core dump,= instead of > > > > > > T> database dump :) I'll see how difficult it is going to furth= er resolve that to > > > > > > T> a working condition. If I succeed, then having 'dump -f MIT'= in base without > > > > > > T> any ports would be the best solution. Can also be merged to= FreeBSD 14.4. > > > > > > > > > > > > Good news. In the above paragraph I was testing my change inco= rrectly - threw > > > > > > the new binary on a system running unpatched libraries. When r= un correctly, > > > > > > it successfully produced something that looks like a correct du= mp in MIT format. > > > > > > I haven't yet tried to load it into MIT kdc yet, though. Well, would you like the not so bad news or the bad news??;-) Your patch works, in that it produces a dump that "kdb5_util load -update" can load. After loading, if the principal only has keys for the newer encryption type= s of aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 then you can look at the principal via kadmin.local, but the password must be changed before it works. --> This is the same behaviour as you get if you use Heimdal-7.8 to do the dump conversion. So far, so good... Now, the not so good news. Once you update the Heimdal libraries (libhdb.so and libkadm5srv.so) "kadmin -l" is broken on the system running the old KDC. "kadmin -l dump" works, but something like: # kadmin -l kadmin> get rmacklem kadmin: get rmacklem: Service key not available - I have not yet looked in your patched sources to see where this failure comes from? Now, more not so good news... My patch doesn't help. It does re-encrypt the key in the master key from the MIT KDC system, but that doesn't make the password work. When I compared the dump generated via kadmin with both your patch and mine, the key for aes256-cts-hmac-sha1-96 is 34bytes long. After doing the change_password so that it works, a dump generated by "kdb5_util dump -r13" (the same dump format) has a key that is 62bytes long. --> So, there is more to converting the key than just re-ecrypting it. (I'll try and find where the MIT code encrypts a key in a master key to see why it ends up at 62bytes and whether that can be done in the old code.) So, if we are going to continue with this... - We need to figure out why your patch breaks "kadmin" for other things and fix that. - I/we need to figure out how to convert the 34byte key to the MIT 62byte key (and then maybe the password won't need to be changed?). Or do we just say "When you convert the KDC database, all the passwords must be changed to get them to work?". rick > > > > Oh, and one more thing... > > > > - If there are keys for old encryption types like des.. or arcfour.= . > > > > in the MIT dump, > > > > those will screw up the load. (You can check and delete them in t= he > > > > Heimdal-1.5.2 > > > > kdc system via.. > > > > # kadmin -l > > > > get > > > > - if old keys are listed in Keytypes: > > > > del_enctype > > > > exit > > > > > > > > Ideally the conversion code would skip over these and not put them= in the dump. > > > > > > > > rick > > > > ps: If you don't do this, when you "get_principal" in kadmin.local = on > > > > the MIT KDC > > > > system, it will give you a "Database record is incomplete or = corrupted..". > > > > > > > > > > > > > > > > I will finalize the branch promptly and share it. The above ex= perience also > > > > > > indicated that I need to do a library version bump. > > > > > I don't know if you are enthusiastic about pursuing this, but hop= efully this > > > > > works and gets the principals in (although I doubt the passwords = will > > > > > work without changing them). > > > > > > > > > > To get the passwords to work, I think the following *might* do it= : > > > > > - If you look in the Heimdal sources, when "--decrypt" is specifi= ed, > > > > > I think it finds its way down into a function called hdb_unseal= _key_mkey() > > > > > which decrypts the key using the master key by calling _hdb_mke= y_decrypt(). > > > > > To get the passwords to work, I think the call to _hdb_mkey_dec= rypt() would > > > > > need to be followed by a call to _hdb_mkey_encrypt() with the "= key" > > > > > argument being the master key for the MIT database. (It it a ke= ytab > > > > > entry called /var/db/krb5kdc/.k5.YOUR.REALM created when you do= a > > > > > "kdb5_util create -s" on the system that will be the MIT KDC.) > > > > > - Just to make it even more fun, there is a flag called HDB_KU_= MKEY > > > > > which is set to the Heimdal way and not for the MIT way (what= ever > > > > > that really means?). > > > > > - There is also some stuff about padding in hdb_unseal_key_mkey= (), > > > > > but hopefully that won't be a problem? > > > > > > > > > > I think hdb_read_master_key() can be used to read in the MIT mast= er > > > > > key from the file you provide as an argument to it. > > > > > > > > > > This all is just a hunch, based on what I've seen so far. > > > > > > > > > > I'll admit since the hardware I have takes forever to "make build= world" > > > > > and I don't know a quick way to build/test these changes, I'm not > > > > > inspired to try it. > > > Although not inspired, I have taken a stab at it. > > > I am still trying to figure out how to build/test it, but I have fork= ed > > > glebius@'s github and added some code to... > > > - Not dump the weak encryption keys (they just cause MIT's kadmin.loc= al > > > to complain that the principal's database entry is corrupted. > > > - If the argument to "kadmin -l dump" is "-f " i= nstead > > > of "-f MIT" it re-encrypts the keys in MIT's master key. (I hope th= at will > > > make the passwords work. > > > (Basically, someone will "kdb5_util create -s" on the MIT KDC syste= m > > > and then copy the /var/db/krbkdc/.k5.YOUR.REALM file over to the > > > Heimdal KDC system and do "kadmin -l dump -f <.k5-filename> mit.du= mp" > > > then copy "mit.dump" over to the MIT KDC system and > > > "kdb5_util load -update mit.dump". Then, hopefully, the principals= will > > > work??) > > > > > > Anyhow, it is currently sitting here: > > > github.com/rmacklem/FreeBSD in the kadmin-dump-MIT branch. > > > (I'm as unconversant with git and github as anyone, so if you have > > > trouble finding it, just let me know.) > > Actually, it hasn't made it there yet. For some reason (I think it is > > glebius@s large # of branches) it takes a very long time to "git push" > > a patch involving 4 files. It failed after over an hour with an unexpec= ted > > TCP disconnect. I am running it again. > > > > I will stick the patch here, in case the push fails again. > > (It needs to be applied on top of glebius@'s kadmin-dump-MIT branch. > The patch is here. (For some reason, I couldn't push so I deleted the > github fork.) > https://people.freebsd.org/~rmacklem/kadmin.patch > > I haven't yet been able to test it, but will be able to do so later to-da= y, rick > > > > > Meanwhile I've given up trying to build it on a universe system and > > an now trying the "make buildworld" locally. This will take days, > > so I guess I'll go do something else.;-) > > > > rick > > > > > > > > I'll keep updating this github fork as I get to test it, but if other= s > > > know how to build it, feel free to test, rick > > > > > > > > > > > > > rick > > > > > > > > > > > > > > > > > -- > > > > > > Gleb Smirnoff