Actions
Bug #63210
openCephX invalid calculation of client/server proof
Status:
New
Priority:
Normal
Assignee:
-
Category:
cephx
Target version:
-
% Done:
0%
Source:
Community (user)
Tags:
authentication
Backport:
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
Crash signature (v1):
Crash signature (v2):
Description
When calculating the client/server proof for CephX authentication, the actual bytes used for the XOR operations are not what is expected.
An encrypted byte string is generated here:
https://github.com/ceph/ceph/blob/main/src/auth/cephx/CephxProtocol.cc#L42
This produces a 36 byte string.
4 bytes - message length, which is 32 bytes. This is the bytes (32, 0, 0, 0)
32 bytes - encrypted data
The XOR operation at
https://github.com/ceph/ceph/blob/main/src/auth/cephx/CephxProtocol.cc#L47
operates on 8 byte chunks starting at the beginning of the byte string. As a result, it will include the first 4 bytes (which are constant (32, 0, 0, 0)) and ignore the last 4 bytes which are encrypted data.
No data to display
Actions