[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: heimdal 1.0.1 w2k interop
>> Some time this summer we have reported interoperability issues between
>> heimdal 0.8.1 and w2k. The problem was two-fold:
>> - w2k can parse only PA_ENCTYPE_INFO structure, while heimdal fails to
>> provide this structure, because it fails to identify w2k as "old" client;
>> - w2k (and even xp) seem to have hard-coded limitation for cryptotypes
>> when it's not talking to AD controller, most notably it refuses/fails
>> to use rc4_hmac for pre-authentication against heimdal/mit kdc;
>> First issue is still present in 1.0.1, because it fails to identify
>> legacy Microsoft cryptotypes as "old" ones. Attached patch does the
>> trick for us [by adding just mentioned cryptotypes to older_enctype()]
>> and [so far] was tested with w2k, wxp, vista, mit krb5 and admitmac.
> Maybe all enctypes with lower numbers the aes should be considered
Yes, that would do the trick too. With reservation that it doesn't cause
problems for private cryptotypes mentioned in k5.asn1. I have no idea
when/if they are used and didn't consider anything more drastic than
just adding Windows specific types.
> Anyway, added your patch.
>> Second issue disappeared in 1.0.1. Apparently because of changed order
>> of appearance of supported cryptotypes in PA_ENCTYPE_INFO reply. I
>> mean 0.8.1 was ordering supported ones in same order as they were
>> appearing in client's KDC_REQ, most notably with rc4_hmac first. 1.0.1
>> on the other hand seem to return cypher types with des-cbc-md5 first
>> and w2k manages to successfully get TGT and proceed further. Cheers. A.
> Does an joined windows machine pick up "better" enctypes then des when
> its sent in ETYPE_INFO ?
No. I've joined W2K machine the Active Domain that has the trust to
Heimdal realm, and it still picks des-cbc-md5 for pre-authentication
against Heimdal KDC. I've even tried to wipe all enctypes but rc4 from
my principal on Heimdal KDC, so that KDC offers only rc4 in
PA_ENCTYPE_INFO for my account. But then W2K acts as if PA_ENCTYPE_INFO
was not present, i.e. after it gets "you should pre-authenticate" reply
[with rc4 alone], it just stops and displays "logon failed" dialog.
It should be explicitly noted that this interop problem is apparently
specific to pre-authentication only. More specifically ticket returned
in reply to pre-authenticated AS-REQ apparently may be encrypted with
rc4, as W2K has no problem using it. In other words Windows effectively
refuses to encrypt PA-ENC-TIMESTAMP in AS_REQ with rc4, but doesn't mind
using rc4 in AS-REP. For reference, enctype on AD-KDC trust key is rc4
(set with ktpass:-). Thanks again. A.