S4U2Self and OpenJDK 8

Marc Boorshtein marc.boorshtein at tremolosecurity.com
Mon Nov 30 15:44:23 UTC 2015


All,

I'm trying to get Java's OpenJDK 8 support for s4u2self and s4u2proxy
working.  The client is openjdk 1.8.0_65 on both OSX El Capitan and
CentOS 7.  The server is RedHat's FreeIPA 4.1 using MIT kerberos
krb5-server-1.12.2-14.el7.x86_64.  I'm using the example from
https://github.com/ymartin59/java-kerberos-sfudemo.  When I attempt to
get a TGT and a generic SGT it works great.  But when I try to get a
s4u2self ticket I get the following Exception:

> KrbKdcRep.check: at #1. request for true, received false
GSSException: Failure unspecified at GSS-API level (Mechanism level:
Attempt to obtain S4U2self credentials failed!)
at sun.security.jgss.krb5.Krb5InitCredential.impersonate(Krb5InitCredential.java:357)
at sun.security.jgss.spnego.SpNegoCredElement.impersonate(SpNegoCredElement.java:94)
at sun.security.jgss.GSSCredentialImpl.impersonate(GSSCredentialImpl.java:141)
at test24u2.KerberosDemo$1.run(KerberosDemo.java:128)
at test24u2.KerberosDemo$1.run(KerberosDemo.java:1)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAs(Subject.java:422)
at test24u2.KerberosDemo.impersonate(KerberosDemo.java:121)
at test24u2.KerberosDemo.generateToken(KerberosDemo.java:179)
at test24u2.KerberosDemo.main(KerberosDemo.java:215)
Caused by: KrbException: Message stream modified (41)
at sun.security.krb5.KrbKdcRep.check(KrbKdcRep.java:73)
at sun.security.krb5.KrbTgsRep.<init>(KrbTgsRep.java:87)
at sun.security.krb5.KrbTgsReq.getReply(KrbTgsReq.java:259)
at sun.security.krb5.KrbTgsReq.sendAndGetCreds(KrbTgsReq.java:270)
at sun.security.krb5.internal.CredentialsUtil.acquireS4U2selfCreds(CredentialsUtil.java:67)
at sun.security.krb5.Credentials.acquireS4U2selfCreds(Credentials.java:463)
at sun.security.jgss.krb5.Krb5InitCredential.impersonate(Krb5InitCredential.java:353)
... 9 more

(I will have a full output of the kerberos debug statements and a
packet trace at the end of the email).  Looking at the kerberos logs I
see:

Nov 30 10:30:31 freeipa.rhelent.lan krb5kdc[7507](info): AS_REQ (3
etypes {17 23 16}) 192.168.2.102: NEEDED_PREAUTH:
HTTP/s4u.rhelent.lan at RHELENT.LAN for krbtgt/RHELENT.LAN at RHELENT.LAN,
Additional pre-authentication required
Nov 30 10:30:31 freeipa.rhelent.lan krb5kdc[7507](info): AS_REQ (3
etypes {17 23 16}) 192.168.2.102: ISSUE: authtime 1448897431, etypes
{rep=17 tkt=18 ses=17}, HTTP/s4u.rhelent.lan at RHELENT.LAN for
krbtgt/RHELENT.LAN at RHELENT.LAN
Nov 30 10:30:31 freeipa.rhelent.lan krb5kdc[7507](info): TGS_REQ (3
etypes {17 23 16}) 192.168.2.102: ISSUE: authtime 1448897431, etypes
{rep=17 tkt=18 ses=17}, HTTP/s4u.rhelent.lan at RHELENT.LAN for
HTTP/s4u.rhelent.lan at RHELENT.LAN
Nov 30 10:30:31 freeipa.rhelent.lan krb5kdc[7507](info): ...
PROTOCOL-TRANSITION s4u-client=mmosley at RHELENT.LAN

Indicating that MIT generated a successful response.  Looking at the
exception code it appears that Java is rejecting the response because
it doesn't have the same flags in it as the request.  I asked the
FreeIPA list and they indicated that the issue is on Java's side, not
on MIT Kerberos'.  Here's a link to the PCAP of the test run:
https://s3.amazonaws.com/ts-public-downloads/captures/java8-s4u2self.pcapng

Here's the debug output from Java:
>>> KeyTabInputStream, readName(): RHELENT.LAN
>>> KeyTabInputStream, readName(): HTTP
>>> KeyTabInputStream, readName(): s4u.rhelent.lan
>>> KeyTab: load() entry length: 83; type: 18
>>> KeyTabInputStream, readName(): RHELENT.LAN
>>> KeyTabInputStream, readName(): HTTP
>>> KeyTabInputStream, readName(): s4u.rhelent.lan
>>> KeyTab: load() entry length: 67; type: 17
>>> KeyTabInputStream, readName(): RHELENT.LAN
>>> KeyTabInputStream, readName(): HTTP
>>> KeyTabInputStream, readName(): s4u.rhelent.lan
>>> KeyTab: load() entry length: 75; type: 16
>>> KeyTabInputStream, readName(): RHELENT.LAN
>>> KeyTabInputStream, readName(): HTTP
>>> KeyTabInputStream, readName(): s4u.rhelent.lan
>>> KeyTab: load() entry length: 67; type: 23
Looking for keys for: HTTP/s4u.rhelent.lan at RHELENT.LAN
Java config name: null
Native config name: /etc/krb5.conf
Loaded from native config
Added key: 23version: 1
Added key: 16version: 1
Added key: 17version: 1
Found unsupported keytype (18) for HTTP/s4u.rhelent.lan at RHELENT.LAN
>>> KdcAccessibility: reset
Looking for keys for: HTTP/s4u.rhelent.lan at RHELENT.LAN
Added key: 23version: 1
Added key: 16version: 1
Added key: 17version: 1
Found unsupported keytype (18) for HTTP/s4u.rhelent.lan at RHELENT.LAN
default etypes for default_tkt_enctypes: 17 23 16.
>>> KrbAsReq creating message
>>> KrbKdcReq send: kdc=freeipa.rhelent.lan UDP:88, timeout=30000, number of retries =3, #bytes=156
>>> KDCCommunication: kdc=freeipa.rhelent.lan UDP:88, timeout=30000,Attempt =1, #bytes=156
>>> KrbKdcReq send: #bytes read=327
>>>Pre-Authentication Data:
PA-DATA type = 136

>>>Pre-Authentication Data:
PA-DATA type = 19
PA-ETYPE-INFO2 etype = 17, salt = 4k at PqWo9iUZZ$[r", s2kparams = null
PA-ETYPE-INFO2 etype = 16, salt = KaQ|KB<CQ#Vq,Ls&, s2kparams = null
PA-ETYPE-INFO2 etype = 23, salt = Wl=W>9)&A{.`Y;1k, s2kparams = null

>>>Pre-Authentication Data:
PA-DATA type = 2
PA-ENC-TIMESTAMP
>>>Pre-Authentication Data:
PA-DATA type = 133

>>> KdcAccessibility: remove freeipa.rhelent.lan
>>> KDCRep: init() encoding tag is 126 req type is 11
>>>KRBError:
cTime is Sun Apr 01 00:21:10 EDT 2029 1869711670000
sTime is Mon Nov 30 10:36:58 EST 2015 1448897818000
suSec is 993036
error code is 25
error Message is Additional pre-authentication required
cname is HTTP/s4u.rhelent.lan at RHELENT.LAN
sname is krbtgt/RHELENT.LAN at RHELENT.LAN
eData provided.
msgType is 30
>>>Pre-Authentication Data:
PA-DATA type = 136

>>>Pre-Authentication Data:
PA-DATA type = 19
PA-ETYPE-INFO2 etype = 17, salt = 4k at PqWo9iUZZ$[r", s2kparams = null
PA-ETYPE-INFO2 etype = 16, salt = KaQ|KB<CQ#Vq,Ls&, s2kparams = null
PA-ETYPE-INFO2 etype = 23, salt = Wl=W>9)&A{.`Y;1k, s2kparams = null

>>>Pre-Authentication Data:
PA-DATA type = 2
PA-ENC-TIMESTAMP
>>>Pre-Authentication Data:
PA-DATA type = 133

KRBError received: NEEDED_PREAUTH
KrbAsReqBuilder: PREAUTH FAILED/REQ, re-send AS-REQ
default etypes for default_tkt_enctypes: 17 23 16.
Looking for keys for: HTTP/s4u.rhelent.lan at RHELENT.LAN
Added key: 23version: 1
Added key: 16version: 1
Added key: 17version: 1
Found unsupported keytype (18) for HTTP/s4u.rhelent.lan at RHELENT.LAN
Looking for keys for: HTTP/s4u.rhelent.lan at RHELENT.LAN
Added key: 23version: 1
Added key: 16version: 1
Added key: 17version: 1
Found unsupported keytype (18) for HTTP/s4u.rhelent.lan at RHELENT.LAN
default etypes for default_tkt_enctypes: 17 23 16.
>>> EType: sun.security.krb5.internal.crypto.Aes128CtsHmacSha1EType
>>> KrbAsReq creating message
>>> KrbKdcReq send: kdc=freeipa.rhelent.lan UDP:88, timeout=30000, number of retries =3, #bytes=243
>>> KDCCommunication: kdc=freeipa.rhelent.lan UDP:88, timeout=30000,Attempt =1, #bytes=243
>>> KrbKdcReq send: #bytes read=650
>>> KdcAccessibility: remove freeipa.rhelent.lan
Looking for keys for: HTTP/s4u.rhelent.lan at RHELENT.LAN
Added key: 23version: 1
Added key: 16version: 1
Added key: 17version: 1
Found unsupported keytype (18) for HTTP/s4u.rhelent.lan at RHELENT.LAN
>>> EType: sun.security.krb5.internal.crypto.Aes128CtsHmacSha1EType
>>> KrbAsRep cons in KrbAsReq.getReply HTTP/s4u.rhelent.lan
Service subject: Subject:
Principal: HTTP/s4u.rhelent.lan at RHELENT.LAN
Private Credential: Ticket (hex) =
0000: 61 82 01 3B 30 82 01 37   A0 03 02 01 05 A1 0D 1B  a..;0..7........
0010: 0B 52 48 45 4C 45 4E 54   2E 4C 41 4E A2 20 30 1E  .RHELENT.LAN. 0.
0020: A0 03 02 01 02 A1 17 30   15 1B 06 6B 72 62 74 67  .......0...krbtg
0030: 74 1B 0B 52 48 45 4C 45   4E 54 2E 4C 41 4E A3 81  t..RHELENT.LAN..
0040: FE 30 81 FB A0 03 02 01   12 A1 03 02 01 01 A2 81  .0..............
0050: EE 04 81 EB 90 76 AA 05   9D 70 B7 39 CD 33 3F 58  .....v...p.9.3?X
0060: F3 66 79 36 AC 30 52 90   76 61 51 A2 1D 36 01 6F  .fy6.0R.vaQ..6.o
0070: 2E FA 41 40 5C C4 EE 30   FB E5 BD AC C1 B9 8A 9E  ..A@\..0........
0080: EC E3 00 9B 75 BC A8 09   D3 92 CD 6E 5F 79 42 A2  ....u......n_yB.
0090: 3C BD 11 0D 4C 57 EC 37   C2 81 DA F3 7C C4 0F F4  <...LW.7........
00A0: D6 A9 D7 3B A4 7F 26 18   B7 5B AC CC 2B C5 92 97  ...;..&..[..+...
00B0: BB 26 19 12 65 AF 65 7B   8E 25 09 F4 C4 33 86 14  .&..e.e..%...3..
00C0: 83 26 71 00 B6 7B 12 4B   DF AB 76 94 7E 70 34 99  .&q....K..v..p4.
00D0: 75 FF 9A 4F 8D 8C 32 0E   E5 87 1B 7F 3A C2 A1 40  u..O..2.....:..@
00E0: 78 1D BC D1 80 F4 B0 A7   B5 F0 62 2E 84 D8 45 18  x.........b...E.
00F0: FA 3C F5 0F BB C6 D5 10   BD 48 DC CB 63 28 B1 17  .<.......H..c(..
0100: 23 63 AD 0D 47 91 7B F3   FA 40 D0 3A BF 0A C9 27  #c..G.... at .:...'
0110: E9 31 C7 AE 47 0E EA E7   CF 3F 8E E1 08 09 52 30  .1..G....?....R0
0120: 32 42 90 4A 7B 9A A0 32   70 BB 10 C9 94 0B E9 B0  2B.J...2p.......
0130: 16 C6 F4 50 44 8B 61 30   53 6C 65 86 47 AD C8     ...PD.a0Sle.G..

Client Principal = HTTP/s4u.rhelent.lan at RHELENT.LAN
Server Principal = krbtgt/RHELENT.LAN at RHELENT.LAN
Session Key = EncryptionKey: keyType=17 keyBytes (hex dump)=
0000: C5 D0 1F 70 ED 7E A5 DE   D6 67 CC DE EC 1B C1 AF  ...p.....g......


Forwardable Ticket true
Forwarded Ticket false
Proxiable Ticket false
Proxy Ticket false
Postdated Ticket false
Renewable Ticket false
Initial Ticket false
Auth Time = Mon Nov 30 10:36:59 EST 2015
Start Time = Mon Nov 30 10:36:59 EST 2015
End Time = Tue Dec 01 10:36:59 EST 2015
Renew Till = null
Client Addresses  Null
Private Credential: /Users/mlb/Documents/localdev.keytab for
HTTP/s4u.rhelent.lan at RHELENT.LAN

Search Subject for Kerberos V5 INIT cred (<<DEF>>,
sun.security.jgss.krb5.Krb5InitCredential)
Found ticket for HTTP/s4u.rhelent.lan at RHELENT.LAN to go to
krbtgt/RHELENT.LAN at RHELENT.LAN expiring on Tue Dec 01 10:36:59 EST
2015
Search Subject for SPNEGO INIT cred (<<DEF>>,
sun.security.jgss.spnego.SpNegoCredElement)
Search Subject for Kerberos V5 INIT cred (<<DEF>>,
sun.security.jgss.krb5.Krb5InitCredential)
Found ticket for HTTP/s4u.rhelent.lan at RHELENT.LAN to go to
krbtgt/RHELENT.LAN at RHELENT.LAN expiring on Tue Dec 01 10:36:59 EST
2015
>>> CksumType: sun.security.krb5.internal.crypto.HmacMd5ArcFourCksumType
default etypes for default_tgs_enctypes: 17 23 16.
>>> CksumType: sun.security.krb5.internal.crypto.RsaMd5CksumType
>>> EType: sun.security.krb5.internal.crypto.Aes128CtsHmacSha1EType
>>> KrbKdcReq send: kdc=freeipa.rhelent.lan UDP:88, timeout=30000, number of retries =3, #bytes=750
>>> KDCCommunication: kdc=freeipa.rhelent.lan UDP:88, timeout=30000,Attempt =1, #bytes=750
>>> KrbKdcReq send: #bytes read=582
>>> KdcAccessibility: remove freeipa.rhelent.lan
>>> EType: sun.security.krb5.internal.crypto.Aes128CtsHmacSha1EType
> KrbKdcRep.check: at #1. request for true, received false
GSSException: Failure unspecified at GSS-API level (Mechanism level:
Attempt to obtain S4U2self credentials failed!)
at sun.security.jgss.krb5.Krb5InitCredential.impersonate(Krb5InitCredential.java:357)
at sun.security.jgss.spnego.SpNegoCredElement.impersonate(SpNegoCredElement.java:94)
at sun.security.jgss.GSSCredentialImpl.impersonate(GSSCredentialImpl.java:141)
at test24u2.KerberosDemo$1.run(KerberosDemo.java:128)
at test24u2.KerberosDemo$1.run(KerberosDemo.java:1)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAs(Subject.java:422)
at test24u2.KerberosDemo.impersonate(KerberosDemo.java:121)
at test24u2.KerberosDemo.generateToken(KerberosDemo.java:179)
at test24u2.KerberosDemo.main(KerberosDemo.java:215)
Caused by: KrbException: Message stream modified (41)
at sun.security.krb5.KrbKdcRep.check(KrbKdcRep.java:73)
at sun.security.krb5.KrbTgsRep.<init>(KrbTgsRep.java:87)
at sun.security.krb5.KrbTgsReq.getReply(KrbTgsReq.java:259)
at sun.security.krb5.KrbTgsReq.sendAndGetCreds(KrbTgsReq.java:270)
at sun.security.krb5.internal.CredentialsUtil.acquireS4U2selfCreds(CredentialsUtil.java:67)
at sun.security.krb5.Credentials.acquireS4U2selfCreds(Credentials.java:463)
at sun.security.jgss.krb5.Krb5InitCredential.impersonate(Krb5InitCredential.java:353)
... 9 more

Thanks



Marc Boorshtein
CTO Tremolo Security
marc.boorshtein at tremolosecurity.com



More information about the security-dev mailing list