gssapi: enable gssapi-keyex in FIPS mode

All gssapi-keyex tests have to be disabled in Centos Stream 8 because the KEX is not allowed in FIPS. In Centos Stream 9, only tests against OpenSSH have to be disabled because OpenSSH only enables gssapi-keyex since Centos Stream 10. Signed-off-by: Pavol Žáčik <pzacik@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2026-02-04 12:20:42 +09:00 · 2025-12-02 10:31:01 +01:00
parent d3e80d9a19
commit 9b4ee9c6d4
10 changed files with 32 additions and 107 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -201,9 +201,11 @@ centos9s/openssl_3.5.x/x86_64/fips:
  variables:
    OPENSSL_ENABLE_SHA1_SIGNATURES: 1
  script:
+    # torture_gssapi_key_exchange_* tests are excluded because gssapi-keyex is disabled
+    # by OpenSSH in FIPS mode in RHEL 9
    - cmake $CMAKE_OPTIONS $CMAKE_ADDITIONAL_OPTIONS .. &&
      make -j$(nproc) &&
-      OPENSSL_FORCE_FIPS_MODE=1 ctest --output-on-failure
+      OPENSSL_FORCE_FIPS_MODE=1 ctest --output-on-failure -E "^torture_gssapi_key_exchange.*"

 centos8s/openssl_1.1.1/x86_64:
  image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$CENTOS8_BUILD
@@ -219,9 +221,11 @@ centos8s/openssl_1.1.1/x86_64/fips:
  extends: .fips
  image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$CENTOS8_BUILD
  script:
+    # torture_gssapi_key_exchange_* and torture_gssapi_server_key_exchange_* tests are excluded
+    # because gssapi-keyex is not allowed in FIPS mode in RHEL 8
    - cmake $CMAKE_OPTIONS $CMAKE_ADDITIONAL_OPTIONS .. &&
      make -j$(nproc) &&
-      OPENSSL_FORCE_FIPS_MODE=1 ctest --output-on-failure
+      OPENSSL_FORCE_FIPS_MODE=1 ctest --output-on-failure -E "^torture_gssapi.*key_exchange.*"

 ###############################################################################
 #                               Fedora builds                                 #
--- a/src/gssapi.c
+++ b/src/gssapi.c
@@ -672,7 +672,6 @@ fail:
 */
 char *ssh_gssapi_oid_hash(ssh_string oid)
 {
-    MD5CTX ctx = NULL;
    unsigned char *h = NULL;
    int rc;
    char *base64 = NULL;
@@ -682,19 +681,7 @@ char *ssh_gssapi_oid_hash(ssh_string oid)
        return NULL;
    }

-    ctx = md5_init();
-    if (ctx == NULL) {
-        SAFE_FREE(h);
-        return NULL;
-    }
-
-    rc = md5_update(ctx, ssh_string_data(oid), ssh_string_len(oid));
-    if (rc != SSH_OK) {
-        SAFE_FREE(h);
-        md5_ctx_free(ctx);
-        return NULL;
-    }
-    rc = md5_final(h, ctx);
+    rc = md5(ssh_string_data(oid), ssh_string_len(oid), h);
    if (rc != SSH_OK) {
        SAFE_FREE(h);
        return NULL;
--- a/src/kex.c
+++ b/src/kex.c
@@ -811,7 +811,7 @@ int ssh_set_client_kex(ssh_session session)
        return SSH_ERROR;
    }
 #ifdef WITH_GSSAPI
-    if (session->opts.gssapi_key_exchange && !ssh_fips_mode()) {
+    if (session->opts.gssapi_key_exchange) {
        char *gssapi_algs = NULL;

        ok = ssh_gssapi_init(session);
@@ -831,9 +831,15 @@ int ssh_set_client_kex(ssh_session session)
        }

        /* Prefix the default algorithms with gsskex algs */
+        if (ssh_fips_mode()) {
+            session->opts.wanted_methods[SSH_KEX] =
+                ssh_prefix_without_duplicates(fips_methods[SSH_KEX],
+                                              gssapi_algs);
+        } else {
            session->opts.wanted_methods[SSH_KEX] =
                ssh_prefix_without_duplicates(default_methods[SSH_KEX],
                                              gssapi_algs);
+        }

        gssapi_null_alg = true;

--- a/src/server.c
+++ b/src/server.c
@@ -172,7 +172,7 @@ int server_set_kex(ssh_session session)
        }
    }
 #ifdef WITH_GSSAPI
-    if (session->opts.gssapi_key_exchange && !ssh_fips_mode()) {
+    if (session->opts.gssapi_key_exchange) {
        ok = ssh_gssapi_init(session);
        if (ok != SSH_OK) {
            ssh_set_error_oom(session);
--- a/tests/client/torture_gssapi_key_exchange.c
+++ b/tests/client/torture_gssapi_key_exchange.c
@@ -78,11 +78,6 @@ static void torture_gssapi_key_exchange(void **state)
    int rc;
    bool t = true;

-    /* Skip test if in FIPS mode */
-    if (ssh_fips_mode()) {
-        skip();
-    }
-
    /* Valid */
    torture_setup_kdc_server(
        state,
@@ -108,11 +103,6 @@ static void torture_gssapi_key_exchange_no_tgt(void **state)
    int rc;
    bool t = true;

-    /* Skip test if in FIPS mode */
-    if (ssh_fips_mode()) {
-        skip();
-    }
-
    /* Don't run kinit */
    torture_setup_kdc_server(
        state,
@@ -144,11 +134,6 @@ static void torture_gssapi_key_exchange_alg(void **state,
    int rc;
    bool t = true;

-    /* Skip test if in FIPS mode */
-    if (ssh_fips_mode()) {
-        skip();
-    }
-
    /* Valid */
    torture_setup_kdc_server(
        state,
@@ -213,11 +198,6 @@ static void torture_gssapi_key_exchange_auth(void **state)
    int rc;
    bool t = true;

-    /* Skip test if in FIPS mode */
-    if (ssh_fips_mode()) {
-        skip();
-    }
-
    /* Valid */
    torture_setup_kdc_server(
        state,
@@ -247,11 +227,6 @@ static void torture_gssapi_key_exchange_no_auth(void **state)
    int rc;
    bool f = false;

-    /* Skip test if in FIPS mode */
-    if (ssh_fips_mode()) {
-        skip();
-    }
-
    /* Valid */
    torture_setup_kdc_server(
        state,
--- a/tests/client/torture_gssapi_key_exchange_null.c
+++ b/tests/client/torture_gssapi_key_exchange_null.c
@@ -18,8 +18,6 @@ static int sshd_setup(void **state)
    s = *state;
    s->disable_hostkeys = true;

-    if (!ssh_fips_mode()) {
-        /* Temporary kerberos server */
    torture_setup_kdc_server(
        state,
        "kadmin.local addprinc -randkey host/server.libssh.site \n"
@@ -34,7 +32,7 @@ static int sshd_setup(void **state)
                               "GSSAPIKeyExchange yes\n");

    torture_teardown_kdc_server(state);
-    }
+
    return 0;
 }

@@ -95,11 +93,6 @@ static void torture_gssapi_key_exchange_null(void **state)
    int rc;
    bool t = true;

-    /* Skip test if in FIPS mode */
-    if (ssh_fips_mode()) {
-        skip();
-    }
-
    /* Valid */
    torture_setup_kdc_server(
        state,
--- a/tests/server/torture_gssapi_server_key_exchange.c
+++ b/tests/server/torture_gssapi_server_key_exchange.c
@@ -281,11 +281,6 @@ static void torture_gssapi_server_key_exchange(void **state)
    int rc;
    bool t = true;

-    /* Skip test if in FIPS mode */
-    if (ssh_fips_mode()) {
-        skip();
-    }
-
    assert_non_null(tss);

    s = tss->state;
@@ -321,10 +316,6 @@ static void torture_gssapi_server_key_exchange_no_tgt(void **state)
    int rc;
    bool t = true;

-    /* Skip test if in FIPS mode */
-    if (ssh_fips_mode()) {
-        skip();
-    }

    assert_non_null(tss);

@@ -366,11 +357,6 @@ static void torture_gssapi_server_key_exchange_alg(void **state,
    int rc;
    bool t = true;

-    /* Skip test if in FIPS mode */
-    if (ssh_fips_mode()) {
-        skip();
-    }
-
    assert_non_null(tss);

    s = tss->state;
@@ -444,11 +430,6 @@ static void torture_gssapi_server_key_exchange_auth(void **state)
    int rc;
    bool t = true;

-    /* Skip test if in FIPS mode */
-    if (ssh_fips_mode()) {
-        skip();
-    }
-
    assert_non_null(tss);

    s = tss->state;
@@ -487,11 +468,6 @@ static void torture_gssapi_server_key_exchange_no_auth(void **state)
    int rc;
    bool f = false;

-    /* Skip test if in FIPS mode */
-    if (ssh_fips_mode()) {
-        skip();
-    }
-
    assert_non_null(tss);

    s = tss->state;
--- a/tests/server/torture_gssapi_server_key_exchange_fallback.c
+++ b/tests/server/torture_gssapi_server_key_exchange_fallback.c
@@ -278,11 +278,6 @@ static void torture_gssapi_server_key_exchange_fallback(void **state)
    int rc;
    bool t = true;

-    /* Skip test if in FIPS mode */
-    if (ssh_fips_mode()) {
-        skip();
-    }
-
    assert_non_null(tss);

    s = tss->state;
--- a/tests/server/torture_gssapi_server_key_exchange_null.c
+++ b/tests/server/torture_gssapi_server_key_exchange_null.c
@@ -250,11 +250,6 @@ static void torture_gssapi_server_key_exchange_null(void **state)
    int rc;
    bool t = true;

-    /* Skip test if in FIPS mode */
-    if (ssh_fips_mode()) {
-        skip();
-    }
-
    assert_non_null(tss);

    s = tss->state;
@@ -293,10 +288,6 @@ static void torture_gssapi_server_key_exchange_no_tgt(void **state)
    int rc;
    bool t = true;

-    /* Skip test if in FIPS mode */
-    if (ssh_fips_mode()) {
-        skip();
-    }

    assert_non_null(tss);

--- a/tests/torture.c
+++ b/tests/torture.c
@@ -999,10 +999,8 @@ torture_setup_create_sshd_config(void **state, bool pam, bool second_sshd)
                 fips_config_string,
                 second_sshd ? TORTURE_SSHD_SRV1_IPV4 : TORTURE_SSHD_SRV_IPV4,
                 second_sshd ? TORTURE_SSHD_SRV1_IPV6 : TORTURE_SSHD_SRV_IPV6,
-                 "HostKey",
-                 rsa_hostkey,
-                 "HostKey",
-                 ecdsa_hostkey,
+                 s->disable_hostkeys ? "" : "HostKey", s->disable_hostkeys ? "" : rsa_hostkey,
+                 s->disable_hostkeys ? "" : "HostKey", s->disable_hostkeys ? "" : ecdsa_hostkey,
                 trusted_ca_pubkey,
                 sftp_server,
                 usepam,