From: Ondřej Surý <ondrej@sury.org>
Date: Wed, 18 Mar 2026 00:02:24 +0000 (+0100)
Subject: Verify integrity flag on server-side GSS-API context
X-Git-Tag: v9.21.22~6^2~1
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=45c93af5c0f9bcc2ff864f7f122fdfe5a2e9382c;p=thirdparty%2Fbind9.git

Verify integrity flag on server-side GSS-API context

After gss_accept_sec_context() completes, verify that the INTEG flag
is set in ret_flags.  Without integrity protection, GSS-TSIG message
authentication cannot function correctly.

The server side was previously passing NULL for ret_flags, meaning it
never verified the negotiated security properties.  The client side
was fixed in the previous commit; this fixes the server side.
---

diff --git a/lib/dns/gssapictx.c b/lib/dns/gssapictx.c
index ea86c4b43bb..8f4c1c56c92 100644
--- a/lib/dns/gssapictx.c
+++ b/lib/dns/gssapictx.c
@@ -442,15 +442,30 @@ dst_gssapi_acceptctx(const char *gssapi_keytab, isc_region_t *intoken,
 #endif
 	}
 
+	OM_uint32 ret_flags = 0;
+
 	gret = gss_accept_sec_context(&minor, &context, GSS_C_NO_CREDENTIAL,
 				      &gintoken, GSS_C_NO_CHANNEL_BINDINGS,
-				      &gname, NULL, &gouttoken, NULL, NULL,
-				      NULL);
+				      &gname, NULL, &gouttoken, &ret_flags,
+				      NULL, NULL);
 
 	result = ISC_R_FAILURE;
 
 	switch (gret) {
 	case GSS_S_COMPLETE:
+		/*
+		 * RFC 2743 Section 1.2.2: verify that the negotiated
+		 * context provides integrity protection.
+		 */
+		if ((ret_flags & GSS_C_INTEG_FLAG) == 0) {
+			gss_log(3,
+				"GSS-API context lacks required INTEG "
+				"flag (ret_flags=0x%x)",
+				(unsigned int)ret_flags);
+			(void)gss_delete_sec_context(&minor, &context, NULL);
+			result = DNS_R_INVALIDTKEY;
+			goto cleanup;
+		}
 		break;
 	/*
 	 * RFC 3645 4.1.3: we don't handle GSS_S_CONTINUE_NEEDED