IETF Logo Mail Archive

Re: [kitten] New Version Notification for draft-kaduk-kitten-gss-loop-01.txt (fwd)

Benjamin Kaduk <kaduk@MIT.EDU> Wed, 20 November 2013 22:45 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AEACA1AE4BF for <kitten@ietfa.amsl.com>; Wed, 20 Nov 2013 14:45:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.126
X-Spam-Level:
X-Spam-Status: No, score=-3.126 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.525, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uSCTvel_8ZxH for <kitten@ietfa.amsl.com>; Wed, 20 Nov 2013 14:45:36 -0800 (PST)
Received: from dmz-mailsec-scanner-6.mit.edu (dmz-mailsec-scanner-6.mit.edu [18.7.68.35]) by ietfa.amsl.com (Postfix) with ESMTP id C893D1AE078 for <kitten@ietf.org>; Wed, 20 Nov 2013 14:45:35 -0800 (PST)
X-AuditID: 12074423-b7f2b6d000000ce1-12-528d3b896bc2
Received: from mailhub-auth-4.mit.edu ( [18.7.62.39]) (using TLS with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-6.mit.edu (Symantec Messaging Gateway) with SMTP id 52.6A.03297.98B3D825; Wed, 20 Nov 2013 17:45:29 -0500 (EST)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-4.mit.edu (8.13.8/8.9.2) with ESMTP id rAKMjSnn030454 for <kitten@ietf.org>; Wed, 20 Nov 2013 17:45:28 -0500
Received: from multics.mit.edu (system-low-sipb.mit.edu [18.187.2.37]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id rAKMjQcN029533 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for <kitten@ietf.org>; Wed, 20 Nov 2013 17:45:28 -0500
Received: (from kaduk@localhost) by multics.mit.edu (8.12.9.20060308) id rAKMjQKF010148; Wed, 20 Nov 2013 17:45:26 -0500 (EST)
Date: Wed, 20 Nov 2013 17:45:26 -0500
From: Benjamin Kaduk <kaduk@MIT.EDU>
To: kitten@ietf.org
In-Reply-To: <alpine.GSO.1.10.1311201407400.23560@multics.mit.edu>
Message-ID: <alpine.GSO.1.10.1311201733070.23560@multics.mit.edu>
References: <alpine.GSO.1.10.1311201407400.23560@multics.mit.edu>
User-Agent: Alpine 1.10 (GSO 962 2008-03-14)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"; format="flowed"
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrGIsWRmVeSWpSXmKPExsUixG6nrttp3Rtk0PSP0+Lo5lUsDoweS5b8 ZApgjOKySUnNySxLLdK3S+DK2PpqBXvBY/6KD2cesDcw3uLpYuTkkBAwkVg8+SAjhC0mceHe ejYQW0hgNpPEn9fREPZxRom29QVdjFxA9g0miUNnV7NAOA2MEl8nT2IBqWIR0Jb4ee4eO4jN JqAiMfPNRrBJIgLCEru3vmMGsYUFYiV+9awCq+EUcJJ4fXc2E4jNK+Aose7pRnaIbY4SXw6f AesVFdCRWL1/CgtEjaDEyZlPwGxmAUuJc3+us01gFJiFJDULSWoBI9MqRtmU3Crd3MTMnOLU ZN3i5MS8vNQiXTO93MwSvdSU0k2M4OBzUd7B+Oeg0iFGAQ5GJR7eB097goRYE8uKK3MPMUpy MCmJ8q6x7A0S4kvKT6nMSCzOiC8qzUktPsQowcGsJMJ7ngMox5uSWFmVWpQPk5LmYFES573F YR8kJJCeWJKanZpakFoEk5Xh4FCS4F1hBdQoWJSanlqRlplTgpBm4uAEGc4DNDwPpIa3uCAx tzgzHSJ/ilFRSpxXHCQhAJLIKM2D64Ulh1eM4kCvCPO2gFTxABMLXPcroMFMQIPZJbtBBpck IqSkGhiz2XfNO7LN8oic5kkvIQuWzuj2Pa+k8iJ/tWZsVBfjT7A8VvVkic1DD9fHJjx5T59z qWZH93v/WXDnmrx48M7j1/jKyhI4m/caX1p1v2Cq/bFPzBOCKz7/2Sdp/SRFpz6d25Q18OSr eYGHj1retgxjKm2MbQqYYHr0gQu/jttbuzAlp3lt2UosxRmJhlrMRcWJAJ8T+LvpAgAA
Subject: Re: [kitten] New Version Notification for draft-kaduk-kitten-gss-loop-01.txt (fwd)
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Nov 2013 22:45:37 -0000

On Wed, 20 Nov 2013, Benjamin Kaduk wrote:

> I submitted an -01 of the gss-loop document, with sample code.
> There's a duplicate line of source XML in section 2.5 which causes some 
> duplicate text, it's fixed in my git already.  Sorry about that.
>
> Comments welcome :)

We had some discussion on IRC, with Nico, Simo, Tom, Greg, and me.

It's unclear whether the src_name output of gss_accept_sec_context() is 
only intended to be populated on a GSS_S_COMPLETE return; if not, it is 
very easy to leak storage from earlier iterations when multiple calls are 
needed.

We discussed whether (either at the abstract level or the C bindings) it 
is guaranteed to be safe to call gss_release_buffer() twice on the same 
buffer.  It is required to set the length of the buffer to zero (but not 
to zero the value field), but also "Any buffer object returned by a 
GSS-API routine may be passed to gss_release_buffer (even if there is no 
storage associated with the buffer)."  What exactly constitutes a "buffer
object returned by a GSS-API routine" seems subject to interpretation.
(There are many things that could have been done to make this situation 
better, but we don't hvae a time machine.)  Buffers with length zero can 
be generated in lots of ways other than gss_release_buffer() 
(gss_init_sec_context(), gss_accept_sec_context(), gss_unwrap()).

We're pretty sure that GSS_S_CONTINUE_NEEDED will not be set with any 
other major status bits (in the C API).

Nico wanted sample Java code, too (anything we have bindings for, really). 
I don't think I can contribute such code, but would probably take it if 
someone else did.

The send_token()/receive_token() routines are not very good examples.  It 
is probably better to rewrite them to use sendmsg/recvmsg with socketpair, 
which also eliminates the need to add framing with the token length.
(Other stuff about the current implenetation is bad, too, but that's not 
really relevant if it gets rewritten.)

-Ben

v2.30.2 | Report a Bug | By Email | System Status