IETF Logo Mail Archive

Re: [kitten] New Version Notification for draft-kaduk-kitten-gss-loop-02.txt (fwd)

Nico Williams <nico@cryptonector.com> Sun, 19 January 2014 06:07 UTC

Return-Path: <nico@cryptonector.com>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BD5891ADA5D for <kitten@ietfa.amsl.com>; Sat, 18 Jan 2014 22:07:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.378
X-Spam-Level:
X-Spam-Status: No, score=-1.378 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id K_gg4upgAIrY for <kitten@ietfa.amsl.com>; Sat, 18 Jan 2014 22:07:13 -0800 (PST)
Received: from homiemail-a29.g.dreamhost.com (caiajhbdccah.dreamhost.com [208.97.132.207]) by ietfa.amsl.com (Postfix) with ESMTP id 3C0CD1AD9B6 for <kitten@ietf.org>; Sat, 18 Jan 2014 22:07:13 -0800 (PST)
Received: from homiemail-a29.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a29.g.dreamhost.com (Postfix) with ESMTP id 3762C674058 for <kitten@ietf.org>; Sat, 18 Jan 2014 22:07:00 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h= mime-version:in-reply-to:references:date:message-id:subject:from :to:cc:content-type; s=cryptonector.com; bh=D48j5Fo+YQMtx3Z2bIB9 uYilj28=; b=eI+tGqfNO1HNBxm6MHQpdafzyt0Vk5RlKlTyo+1n/5wct75WXxnc cb+HVEN2Qafw+ddns2Ie/lrOkRa9P4uG/faOxBGXBH8VlemnkjnOQIEBmUygcZi2 ZBMVs/8Nz8xz8j9dXRyTwuIRlgZ0kZ1DwcjzLVhsGr7LDPNhSPD30FY=
Received: from mail-wg0-f50.google.com (mail-wg0-f50.google.com [74.125.82.50]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a29.g.dreamhost.com (Postfix) with ESMTPSA id DFEEF674057 for <kitten@ietf.org>; Sat, 18 Jan 2014 22:06:59 -0800 (PST)
Received: by mail-wg0-f50.google.com with SMTP id l18so5793127wgh.17 for <kitten@ietf.org>; Sat, 18 Jan 2014 22:06:58 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=HHJ5v1m/0df0qjvYlPUJB+HJKMBHAd7Ks42OIpYFnXE=; b=VVV298K4q9i3GNY17qwcimnE6OdBUoDlOVDv1TWpVuaGjOuHY26xvyLR4wfrU010d5 maz/EvVs8elP0mtXuIyUVEiD++OOrr/FaZpDK1q5eRLS1KdpTJzNPwSG4467kAM3/ReF 0M3UOLzBisWx+n12tnk8XndZNRtKHiq3l1IU6B04hTrR/+yuMjgp65B825cEPM01319I SWlp3KUwErhyfvMln8vmFfzO6YEP5D+u2o0Jxb0BwM9RAG6dIUDwKjGyjPjMsZsvNqc2 r4euBlL1Bs40bU+qT0oF2Jnb3FfeiJQwWOqr6f3eeGgv8mGHF0dvvMTrf/V6h4GKpkJk LCoQ==
MIME-Version: 1.0
X-Received: by 10.180.12.238 with SMTP id b14mr4975820wic.42.1390111618256; Sat, 18 Jan 2014 22:06:58 -0800 (PST)
Received: by 10.217.108.132 with HTTP; Sat, 18 Jan 2014 22:06:58 -0800 (PST)
In-Reply-To: <1390030843.9269.17.camel@destiny.pc.cs.cmu.edu>
References: <20140118010111.326F31ABB3@ld9781.wdf.sap.corp> <52D9F4E7.6050205@mit.edu> <9509_1390026173_s0I6Mqd1009628_CAK3OfOj-gHJ5gwA6RnKMomYEuuMUkge4MVKEquqfCXT86buNMQ@mail.gmail.com> <1390030843.9269.17.camel@destiny.pc.cs.cmu.edu>
Date: Sun, 19 Jan 2014 00:06:58 -0600
Message-ID: <CAK3OfOiE=ytjN0UqCTv2gQCnDHv-u2vO63AwGuSUoDh2PnTtnA@mail.gmail.com>
From: Nico Williams <nico@cryptonector.com>
To: Jeffrey Hutzelman <jhutz@cmu.edu>
Content-Type: text/plain; charset="UTF-8"
Cc: "kitten@ietf.org" <kitten@ietf.org>
Subject: Re: [kitten] New Version Notification for draft-kaduk-kitten-gss-loop-02.txt (fwd)
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 19 Jan 2014 06:07:15 -0000

I'm an idiot.  I missed the "encouraged" part somehow.

Nonetheless, it seems clear that the intention is that calling a
gss_release/delete_*() function will modify the input/output parameter
so that calling it again is safe, so that releasing a zero-length,
non-zero valued buffer ought to be safe.  The API can output
zero-length buffers from gss_unwrap(), so the question comes up of
whether such buffers can have non-zero values -- the RFC doesn't say.
The other places where the API can output a zero-length token in
non-error conditions are gss_init/accept_sec_context() and
gss_delete_sec_context, and there the text is not entirely
dispositive...  but it is highly suggestive that zero-length tokens
are empty, and this, together with the general design of
gss_release/delete_*() strongly implies that it should be safe to call
any of those twice with the same input/output parameter.

The only reason to assume that releasing a zero-length/non-zero value
buffer is that an implementation might have called malloc(0) in the
process of outputting a zero-length buffer from gss_unwrap(), and the
malloc() implementation happens to return non-NULL when called with
zero as its argument.  That's clearly a bug.  There should be no
reason to release empty buffers.

At any rate this is all rather incidental to Ben's I-D and doesn't
need to be addressed at this time.  If we ever update RFC2744, I would
insist on changing that "encouraged" to "MUST" with some text about
how earlier versions of the API did not have that requirement,
therefore applications SHOULD zero the value in the buffer after
releasing it.

Nico
--

v2.29.0 | Report a Bug | By Email | System Status