From d861d4eb28bd4c091955c11669edcf867b093a6f Mon Sep 17 00:00:00 2001
From: Joseph Sutton <josephsutton@catalyst.net.nz>
Date: Tue, 15 Nov 2022 18:14:36 +1300
Subject: [PATCH] CVE-2022-37966 param: Add support for new option "kdc default
 domain supportedenctypes"

This matches the Windows registry key

HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\KDC\DefaultDomainSupportedEncTypes

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15237

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
---
 .../security/kdcdefaultdomainsupportedenctypes.xml | 42 ++++++++++++
 lib/param/loadparm.c                               | 79 ++++++++++++++++++++++
 librpc/idl/security.idl                            |  1 +
 source3/param/loadparm.c                           |  3 +
 4 files changed, 125 insertions(+)
 create mode 100644 docs-xml/smbdotconf/security/kdcdefaultdomainsupportedenctypes.xml

diff --git a/docs-xml/smbdotconf/security/kdcdefaultdomainsupportedenctypes.xml b/docs-xml/smbdotconf/security/kdcdefaultdomainsupportedenctypes.xml
new file mode 100644
index 00000000000..e93650ac3e0
--- /dev/null
+++ b/docs-xml/smbdotconf/security/kdcdefaultdomainsupportedenctypes.xml
@@ -0,0 +1,42 @@
+<samba:parameter name="kdc default domain supported enctypes"
+                 type="integer"
+                 context="G"
+                 handler="handle_kdc_default_domain_supported_enctypes"
+                 xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
+<description>
+  <para>
+    Set the default value of <constant>msDS-SupportedEncryptionTypes</constant> for service accounts in Active Directory that are missing this value or where <constant>msDS-SupportedEncryptionTypes</constant> is set to 0.
+  </para>
+
+  <para>
+    This allows Samba administrators to match the configuration flexibility provided by the
+    <constant>HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\KDC\DefaultDomainSupportedEncTypes</constant> Registry Value on Windows.
+  </para>
+  <para>
+    Unlike the Windows registry key (which only takes an base-10 number), in Samba this may also be expressed in hexadecimal or as a list of Kerberos encryption type names.
+  </para>
+  <para>
+    Specified values are ORed together bitwise, and those currently supported consist of:
+    </para><itemizedlist>
+   <listitem>
+       <para><constant>arcfour-hmac-md5</constant>, <constant>rc4-hmac</constant>, <constant>0x4</constant>, or <constant>4</constant></para>
+       <para>Known on Windows as Kerberos RC4 encryption</para>
+   </listitem>
+   <listitem>
+       <para><constant>aes128-cts-hmac-sha1-96</constant>, <constant>aes128-cts</constant>, <constant>0x8</constant>, or <constant>8</constant></para>
+       <para>Known on Windows as Kerberos AES 128 bit encryption</para>
+   </listitem>
+   <listitem>
+       <para><constant>aes256-cts-hmac-sha1-96</constant>, <constant>aes256-cts</constant>, <constant>0x10</constant>, or <constant>16</constant></para>
+       <para>Known on Windows as Kerberos AES 256 bit encryption</para>
+   </listitem>
+   <listitem>
+       <para><constant>aes256-cts-hmac-sha1-96-sk</constant>, <constant>aes256-cts-sk</constant>, <constant>0x20</constant>, or <constant>32</constant></para>
+       <para>Allow AES session keys. When this is set, it indicates to the KDC that AES session keys can be used, even when <constant>aes256-cts</constant> and <constant>aes128-cts</constant> are not set.  This allows use of AES keys against hosts otherwise only configured with RC4 for ticket keys (which is the default).</para>
+   </listitem>
+</itemizedlist>
+
+</description>
+
+<value type="default">36<comment>equivalent to: rc4-hmac aes256-cts-hmac-sha1-96-sk</comment></value>
+</samba:parameter>
diff --git a/lib/param/loadparm.c b/lib/param/loadparm.c
index 1dcc8061fa2..1cb25f843b3 100644
--- a/lib/param/loadparm.c
+++ b/lib/param/loadparm.c
@@ -70,6 +70,7 @@
 #include "tdb.h"
 #include "librpc/gen_ndr/nbt.h"
 #include "librpc/gen_ndr/dns.h"
+#include "librpc/gen_ndr/security.h"
 #include "libds/common/roles.h"
 #include "lib/util/samba_util.h"
 #include "libcli/auth/ntlm_check.h"
@@ -1704,6 +1705,80 @@ out:
 	return value_is_valid;
 }
 
+bool handle_kdc_default_domain_supported_enctypes(struct loadparm_context *lp_ctx,
+						  struct loadparm_service *service,
+						  const char *pszParmValue, char **ptr)
+{
+	char **enctype_list = NULL;
+	char **enctype = NULL;
+	uint32_t result = 0;
+	bool ok = true;
+
+	enctype_list = str_list_make(NULL, pszParmValue, NULL);
+	if (enctype_list == NULL) {
+		DBG_ERR("OOM: failed to make string list from %s\n",
+			pszParmValue);
+		ok = false;
+		goto out;
+	}
+
+	for (enctype = enctype_list; *enctype != NULL; ++enctype) {
+		if (strwicmp(*enctype, "arcfour-hmac-md5") == 0 ||
+		    strwicmp(*enctype, "rc4-hmac") == 0)
+		{
+			result |= KERB_ENCTYPE_RC4_HMAC_MD5;
+		}
+		else if (strwicmp(*enctype, "aes128-cts-hmac-sha1-96") == 0 ||
+			 strwicmp(*enctype, "aes128-cts") == 0)
+		{
+			result |= KERB_ENCTYPE_AES128_CTS_HMAC_SHA1_96;
+		}
+		else if (strwicmp(*enctype, "aes256-cts-hmac-sha1-96") == 0 ||
+			 strwicmp(*enctype, "aes256-cts") == 0)
+		{
+			result |= KERB_ENCTYPE_AES256_CTS_HMAC_SHA1_96;
+		}
+		else if (strwicmp(*enctype, "aes256-cts-hmac-sha1-96-sk") == 0 ||
+			 strwicmp(*enctype, "aes256-cts-sk") == 0)
+		{
+			result |= KERB_ENCTYPE_AES256_CTS_HMAC_SHA1_96_SK;
+		}
+		else {
+			const char *bitstr = *enctype;
+			int base;
+			int error;
+			unsigned long bit;
+
+			/* See if the bit's specified in hexadecimal. */
+			if (bitstr[0] == '0' &&
+			    (bitstr[1] == 'x' || bitstr[2] == 'X'))
+			{
+				base = 16;
+				bitstr += 2;
+			}
+			else {
+				base = 10;
+			}
+
+			bit = smb_strtoul(bitstr, NULL, base, &error, SMB_STR_FULL_STR_CONV);
+			if (error) {
+				DBG_ERR("WARNING: Ignoring invalid value '%s' "
+					"for parameter 'kdc default domain supported enctypes'\n",
+					*enctype);
+				ok = false;
+			} else {
+				result |= bit;
+			}
+		}
+	}
+
+	*(int *)ptr = result;
+out:
+	TALLOC_FREE(enctype_list);
+
+	return ok;
+}
+
 static bool set_variable(TALLOC_CTX *mem_ctx, struct loadparm_service *service,
 			 int parmnum, void *parm_ptr,
 			 const char *pszParmName, const char *pszParmValue,
@@ -3012,6 +3087,10 @@ struct loadparm_context *loadparm_init(TALLOC_CTX *mem_ctx)
 				  "rpc start on demand helpers",
 				  "yes");
 
+	lpcfg_do_global_parameter(lp_ctx,
+				  "kdc default domain supported enctypes",
+				  "rc4-hmac aes256-cts-hmac-sha1-96-sk");
+
 	for (i = 0; parm_table[i].label; i++) {
 		if (!(lp_ctx->flags[i] & FLAG_CMDLINE)) {
 			lp_ctx->flags[i] |= FLAG_DEFAULT;
diff --git a/librpc/idl/security.idl b/librpc/idl/security.idl
index 2ef34170479..3d2c8a33903 100644
--- a/librpc/idl/security.idl
+++ b/librpc/idl/security.idl
@@ -734,6 +734,7 @@ interface security
 		KERB_ENCTYPE_RC4_HMAC_MD5            = 0x00000004,
 		KERB_ENCTYPE_AES128_CTS_HMAC_SHA1_96 = 0x00000008,
 		KERB_ENCTYPE_AES256_CTS_HMAC_SHA1_96 = 0x00000010,
+		KERB_ENCTYPE_AES256_CTS_HMAC_SHA1_96_SK = 0x00000020,
 		KERB_ENCTYPE_FAST_SUPPORTED          = 0x00010000,
 		KERB_ENCTYPE_COMPOUND_IDENTITY_SUPPORTED = 0x00020000,
 		KERB_ENCTYPE_CLAIMS_SUPPORTED        = 0x00040000,
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index a0c9249b777..27a77c71f5e 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -993,6 +993,9 @@ static void init_globals(struct loadparm_context *lp_ctx, bool reinit_globals)
 	 */
 	Globals.rpc_start_on_demand_helpers = true;
 
+	Globals.kdc_default_domain_supported_enctypes =
+		KERB_ENCTYPE_RC4_HMAC_MD5 | KERB_ENCTYPE_AES256_CTS_HMAC_SHA1_96_SK;
+
 	/* Now put back the settings that were set with lp_set_cmdline() */
 	apply_lp_set_cmdline();
 }
-- 
2.11.4.GIT