help-gsasl
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Channel binding being attempted even when SCRAM PLUS not advertized


From: Manvendra Bhangui
Subject: Channel binding being attempted even when SCRAM PLUS not advertized
Date: Mon, 15 Aug 2022 14:32:18 +0530

I have recently added SCRAM-SHA-1, SCRAM-SHA-1-PLUS, SCRAM-SHA-256 and
SCRAM-SHA-256-PLUS, to my smtp daemon, using gsasl. Everything works fine
except for one issue. I'm using the gsasl utility to test all SCRAM
authentication mechanisms. I have the ability to turn off SCRAM-SHA-1-PLUS
and SCRAM-SHA-256-PLUS in my smtp daemon. When I turn off the PLUS
variants, gsasl still attempts channel binding (tls-exporter) and fails
with the following error.

gsasl: mechanism error: Error authenticating user

Debugging I have found the following

1. the function _gsasl_scram_client_step in lib/scram/client.c gets called
   it fetches b64 encoded tls-exporter value using gsasl_property_get
   (sctx, GSASL_CB_TLS_EXPORTER);
   Since PLUS wasn't advertised, the value of state->plus is NULL and
   because of this it sets state->cf.cbflag = 'y'. It should have been
   'n'

2. the function scram_print_client_first() in lib/scram/printer.c gets
   called which calls the function scram_valid_client_first() in
   lib/scram/validate.c
   scram_valid_client_first() returns -1 because of the following line

   else if (cf->cbflag != 'p' && cf->cbname != NULL)
     return false;

I haven't understood the RFC 5802 but I think the client shouldn't try CB
when the server has not advertised it at all.

"Clients that do not support mechanism negotiation never use a "y"
gs2-cbind-flag, they use either "p" or "n" according to whether they
require and support the use of channel binding or whether they do not,
respectively."

So I have modified lib/scram/client.c (patch gsas.patch attached in this
email) and if the client doesn't see SCRAM-SHA-1-PLUS, SCRAM-SHA-256-PLUS,
it sets state->cf.cbflag = 'n'. Without the patch, with PLUS variants
disabled, the only way I can make authentication succeed, is to use
--no-starttls argument to gsasl utility.

-- 
Regards Manvendra - http://www.indimail.org
GPG Pub Key
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC7CBC760014D250C

Attachment: gsasl.patch
Description: Binary data


reply via email to

[Prev in Thread] Current Thread [Next in Thread]