Annotation of embedaddon/dnsmasq/src/dnssec.c, revision 1.1
1.1 ! misho 1: /* dnssec.c is Copyright (c) 2012 Giovanni Bajo <rasky@develer.com>
! 2: and Copyright (c) 2012-2014 Simon Kelley
! 3:
! 4: This program is free software; you can redistribute it and/or modify
! 5: it under the terms of the GNU General Public License as published by
! 6: the Free Software Foundation; version 2 dated June, 1991, or
! 7: (at your option) version 3 dated 29 June, 2007.
! 8:
! 9: This program is distributed in the hope that it will be useful,
! 10: but WITHOUT ANY WARRANTY; without even the implied warranty of
! 11: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
! 12: GNU General Public License for more details.
! 13:
! 14: You should have received a copy of the GNU General Public License
! 15: along with this program. If not, see <http://www.gnu.org/licenses/>.
! 16: */
! 17:
! 18: #include "dnsmasq.h"
! 19:
! 20: #ifdef HAVE_DNSSEC
! 21:
! 22: #include <nettle/rsa.h>
! 23: #include <nettle/dsa.h>
! 24: #ifndef NO_NETTLE_ECC
! 25: # include <nettle/ecdsa.h>
! 26: # include <nettle/ecc-curve.h>
! 27: #endif
! 28: #include <nettle/nettle-meta.h>
! 29: #include <gmp.h>
! 30:
! 31: #define SERIAL_UNDEF -100
! 32: #define SERIAL_EQ 0
! 33: #define SERIAL_LT -1
! 34: #define SERIAL_GT 1
! 35:
! 36: /* http://www.iana.org/assignments/ds-rr-types/ds-rr-types.xhtml */
! 37: static char *ds_digest_name(int digest)
! 38: {
! 39: switch (digest)
! 40: {
! 41: case 1: return "sha1";
! 42: case 2: return "sha256";
! 43: case 3: return "gosthash94";
! 44: case 4: return "sha384";
! 45: default: return NULL;
! 46: }
! 47: }
! 48:
! 49: /* http://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml */
! 50: static char *algo_digest_name(int algo)
! 51: {
! 52: switch (algo)
! 53: {
! 54: case 1: return "md5";
! 55: case 3: return "sha1";
! 56: case 5: return "sha1";
! 57: case 6: return "sha1";
! 58: case 7: return "sha1";
! 59: case 8: return "sha256";
! 60: case 10: return "sha512";
! 61: case 12: return "gosthash94";
! 62: case 13: return "sha256";
! 63: case 14: return "sha384";
! 64: default: return NULL;
! 65: }
! 66: }
! 67:
! 68: /* Find pointer to correct hash function in nettle library */
! 69: static const struct nettle_hash *hash_find(char *name)
! 70: {
! 71: int i;
! 72:
! 73: if (!name)
! 74: return NULL;
! 75:
! 76: for (i = 0; nettle_hashes[i]; i++)
! 77: {
! 78: if (strcmp(nettle_hashes[i]->name, name) == 0)
! 79: return nettle_hashes[i];
! 80: }
! 81:
! 82: return NULL;
! 83: }
! 84:
! 85: /* expand ctx and digest memory allocations if necessary and init hash function */
! 86: static int hash_init(const struct nettle_hash *hash, void **ctxp, unsigned char **digestp)
! 87: {
! 88: static void *ctx = NULL;
! 89: static unsigned char *digest = NULL;
! 90: static unsigned int ctx_sz = 0;
! 91: static unsigned int digest_sz = 0;
! 92:
! 93: void *new;
! 94:
! 95: if (ctx_sz < hash->context_size)
! 96: {
! 97: if (!(new = whine_malloc(hash->context_size)))
! 98: return 0;
! 99: if (ctx)
! 100: free(ctx);
! 101: ctx = new;
! 102: ctx_sz = hash->context_size;
! 103: }
! 104:
! 105: if (digest_sz < hash->digest_size)
! 106: {
! 107: if (!(new = whine_malloc(hash->digest_size)))
! 108: return 0;
! 109: if (digest)
! 110: free(digest);
! 111: digest = new;
! 112: digest_sz = hash->digest_size;
! 113: }
! 114:
! 115: *ctxp = ctx;
! 116: *digestp = digest;
! 117:
! 118: hash->init(ctx);
! 119:
! 120: return 1;
! 121: }
! 122:
! 123: static int rsa_verify(struct blockdata *key_data, unsigned int key_len, unsigned char *sig, size_t sig_len,
! 124: unsigned char *digest, int algo)
! 125: {
! 126: unsigned char *p;
! 127: size_t exp_len;
! 128:
! 129: static struct rsa_public_key *key = NULL;
! 130: static mpz_t sig_mpz;
! 131:
! 132: if (key == NULL)
! 133: {
! 134: if (!(key = whine_malloc(sizeof(struct rsa_public_key))))
! 135: return 0;
! 136:
! 137: nettle_rsa_public_key_init(key);
! 138: mpz_init(sig_mpz);
! 139: }
! 140:
! 141: if ((key_len < 3) || !(p = blockdata_retrieve(key_data, key_len, NULL)))
! 142: return 0;
! 143:
! 144: key_len--;
! 145: if ((exp_len = *p++) == 0)
! 146: {
! 147: GETSHORT(exp_len, p);
! 148: key_len -= 2;
! 149: }
! 150:
! 151: if (exp_len >= key_len)
! 152: return 0;
! 153:
! 154: key->size = key_len - exp_len;
! 155: mpz_import(key->e, exp_len, 1, 1, 0, 0, p);
! 156: mpz_import(key->n, key->size, 1, 1, 0, 0, p + exp_len);
! 157:
! 158: mpz_import(sig_mpz, sig_len, 1, 1, 0, 0, sig);
! 159:
! 160: switch (algo)
! 161: {
! 162: case 1:
! 163: return nettle_rsa_md5_verify_digest(key, digest, sig_mpz);
! 164: case 5: case 7:
! 165: return nettle_rsa_sha1_verify_digest(key, digest, sig_mpz);
! 166: case 8:
! 167: return nettle_rsa_sha256_verify_digest(key, digest, sig_mpz);
! 168: case 10:
! 169: return nettle_rsa_sha512_verify_digest(key, digest, sig_mpz);
! 170: }
! 171:
! 172: return 0;
! 173: }
! 174:
! 175: static int dsa_verify(struct blockdata *key_data, unsigned int key_len, unsigned char *sig, size_t sig_len,
! 176: unsigned char *digest, int algo)
! 177: {
! 178: unsigned char *p;
! 179: unsigned int t;
! 180:
! 181: static struct dsa_public_key *key = NULL;
! 182: static struct dsa_signature *sig_struct;
! 183:
! 184: if (key == NULL)
! 185: {
! 186: if (!(sig_struct = whine_malloc(sizeof(struct dsa_signature))) ||
! 187: !(key = whine_malloc(sizeof(struct dsa_public_key))))
! 188: return 0;
! 189:
! 190: nettle_dsa_public_key_init(key);
! 191: nettle_dsa_signature_init(sig_struct);
! 192: }
! 193:
! 194: if ((sig_len < 41) || !(p = blockdata_retrieve(key_data, key_len, NULL)))
! 195: return 0;
! 196:
! 197: t = *p++;
! 198:
! 199: if (key_len < (213 + (t * 24)))
! 200: return 0;
! 201:
! 202: mpz_import(key->q, 20, 1, 1, 0, 0, p); p += 20;
! 203: mpz_import(key->p, 64 + (t*8), 1, 1, 0, 0, p); p += 64 + (t*8);
! 204: mpz_import(key->g, 64 + (t*8), 1, 1, 0, 0, p); p += 64 + (t*8);
! 205: mpz_import(key->y, 64 + (t*8), 1, 1, 0, 0, p); p += 64 + (t*8);
! 206:
! 207: mpz_import(sig_struct->r, 20, 1, 1, 0, 0, sig+1);
! 208: mpz_import(sig_struct->s, 20, 1, 1, 0, 0, sig+21);
! 209:
! 210: (void)algo;
! 211:
! 212: return nettle_dsa_sha1_verify_digest(key, digest, sig_struct);
! 213: }
! 214:
! 215: #ifndef NO_NETTLE_ECC
! 216: static int dnsmasq_ecdsa_verify(struct blockdata *key_data, unsigned int key_len,
! 217: unsigned char *sig, size_t sig_len,
! 218: unsigned char *digest, size_t digest_len, int algo)
! 219: {
! 220: unsigned char *p;
! 221: unsigned int t;
! 222: struct ecc_point *key;
! 223:
! 224: static struct ecc_point *key_256 = NULL, *key_384 = NULL;
! 225: static mpz_t x, y;
! 226: static struct dsa_signature *sig_struct;
! 227:
! 228: if (!sig_struct)
! 229: {
! 230: if (!(sig_struct = whine_malloc(sizeof(struct dsa_signature))))
! 231: return 0;
! 232:
! 233: nettle_dsa_signature_init(sig_struct);
! 234: mpz_init(x);
! 235: mpz_init(y);
! 236: }
! 237:
! 238: switch (algo)
! 239: {
! 240: case 13:
! 241: if (!key_256)
! 242: {
! 243: if (!(key_256 = whine_malloc(sizeof(struct ecc_point))))
! 244: return 0;
! 245:
! 246: nettle_ecc_point_init(key_256, &nettle_secp_256r1);
! 247: }
! 248:
! 249: key = key_256;
! 250: t = 32;
! 251: break;
! 252:
! 253: case 14:
! 254: if (!key_384)
! 255: {
! 256: if (!(key_384 = whine_malloc(sizeof(struct ecc_point))))
! 257: return 0;
! 258:
! 259: nettle_ecc_point_init(key_384, &nettle_secp_384r1);
! 260: }
! 261:
! 262: key = key_384;
! 263: t = 48;
! 264: break;
! 265:
! 266: default:
! 267: return 0;
! 268: }
! 269:
! 270: if (sig_len != 2*t || key_len != 2*t ||
! 271: (p = blockdata_retrieve(key_data, key_len, NULL)))
! 272: return 0;
! 273:
! 274: mpz_import(x, t , 1, 1, 0, 0, p);
! 275: mpz_import(y, t , 1, 1, 0, 0, p + t);
! 276:
! 277: if (!ecc_point_set(key, x, y))
! 278: return 0;
! 279:
! 280: mpz_import(sig_struct->r, t, 1, 1, 0, 0, sig);
! 281: mpz_import(sig_struct->s, t, 1, 1, 0, 0, sig + t);
! 282:
! 283: return nettle_ecdsa_verify(key, digest_len, digest, sig_struct);
! 284: }
! 285: #endif
! 286:
! 287: static int verify(struct blockdata *key_data, unsigned int key_len, unsigned char *sig, size_t sig_len,
! 288: unsigned char *digest, size_t digest_len, int algo)
! 289: {
! 290: (void)digest_len;
! 291:
! 292: switch (algo)
! 293: {
! 294: case 1: case 5: case 7: case 8: case 10:
! 295: return rsa_verify(key_data, key_len, sig, sig_len, digest, algo);
! 296:
! 297: case 3: case 6:
! 298: return dsa_verify(key_data, key_len, sig, sig_len, digest, algo);
! 299:
! 300: #ifndef NO_NETTLE_ECC
! 301: case 13: case 14:
! 302: return dnsmasq_ecdsa_verify(key_data, key_len, sig, sig_len, digest, digest_len, algo);
! 303: #endif
! 304: }
! 305:
! 306: return 0;
! 307: }
! 308:
! 309: /* Convert from presentation format to wire format, in place.
! 310: Also map UC -> LC.
! 311: Note that using extract_name to get presentation format
! 312: then calling to_wire() removes compression and maps case,
! 313: thus generating names in canonical form.
! 314: Calling to_wire followed by from_wire is almost an identity,
! 315: except that the UC remains mapped to LC.
! 316: */
! 317: static int to_wire(char *name)
! 318: {
! 319: unsigned char *l, *p, term;
! 320: int len;
! 321:
! 322: for (l = (unsigned char*)name; *l != 0; l = p)
! 323: {
! 324: for (p = l; *p != '.' && *p != 0; p++)
! 325: if (*p >= 'A' && *p <= 'Z')
! 326: *p = *p - 'A' + 'a';
! 327:
! 328: term = *p;
! 329:
! 330: if ((len = p - l) != 0)
! 331: memmove(l+1, l, len);
! 332: *l = len;
! 333:
! 334: p++;
! 335:
! 336: if (term == 0)
! 337: *p = 0;
! 338: }
! 339:
! 340: return l + 1 - (unsigned char *)name;
! 341: }
! 342:
! 343: /* Note: no compression allowed in input. */
! 344: static void from_wire(char *name)
! 345: {
! 346: unsigned char *l;
! 347: int len;
! 348:
! 349: for (l = (unsigned char *)name; *l != 0; l += len+1)
! 350: {
! 351: len = *l;
! 352: memmove(l, l+1, len);
! 353: l[len] = '.';
! 354: }
! 355:
! 356: if ((char *)l != name)
! 357: *(l-1) = 0;
! 358: }
! 359:
! 360: /* Input in presentation format */
! 361: static int count_labels(char *name)
! 362: {
! 363: int i;
! 364:
! 365: if (*name == 0)
! 366: return 0;
! 367:
! 368: for (i = 0; *name; name++)
! 369: if (*name == '.')
! 370: i++;
! 371:
! 372: return i+1;
! 373: }
! 374:
! 375: /* Implement RFC1982 wrapped compare for 32-bit numbers */
! 376: static int serial_compare_32(unsigned long s1, unsigned long s2)
! 377: {
! 378: if (s1 == s2)
! 379: return SERIAL_EQ;
! 380:
! 381: if ((s1 < s2 && (s2 - s1) < (1UL<<31)) ||
! 382: (s1 > s2 && (s1 - s2) > (1UL<<31)))
! 383: return SERIAL_LT;
! 384: if ((s1 < s2 && (s2 - s1) > (1UL<<31)) ||
! 385: (s1 > s2 && (s1 - s2) < (1UL<<31)))
! 386: return SERIAL_GT;
! 387: return SERIAL_UNDEF;
! 388: }
! 389:
! 390: /* Check whether today/now is between date_start and date_end */
! 391: static int check_date_range(unsigned long date_start, unsigned long date_end)
! 392: {
! 393: unsigned long curtime;
! 394:
! 395: /* Checking timestamps may be temporarily disabled */
! 396: if (option_bool(OPT_DNSSEC_TIME))
! 397: return 1;
! 398:
! 399: curtime = time(0);
! 400:
! 401: /* We must explicitly check against wanted values, because of SERIAL_UNDEF */
! 402: return serial_compare_32(curtime, date_start) == SERIAL_GT
! 403: && serial_compare_32(curtime, date_end) == SERIAL_LT;
! 404: }
! 405:
! 406: static u16 *get_desc(int type)
! 407: {
! 408: /* List of RRtypes which include domains in the data.
! 409: 0 -> domain
! 410: integer -> no of plain bytes
! 411: -1 -> end
! 412:
! 413: zero is not a valid RRtype, so the final entry is returned for
! 414: anything which needs no mangling.
! 415: */
! 416:
! 417: static u16 rr_desc[] =
! 418: {
! 419: T_NS, 0, -1,
! 420: T_MD, 0, -1,
! 421: T_MF, 0, -1,
! 422: T_CNAME, 0, -1,
! 423: T_SOA, 0, 0, -1,
! 424: T_MB, 0, -1,
! 425: T_MG, 0, -1,
! 426: T_MR, 0, -1,
! 427: T_PTR, 0, -1,
! 428: T_MINFO, 0, 0, -1,
! 429: T_MX, 2, 0, -1,
! 430: T_RP, 0, 0, -1,
! 431: T_AFSDB, 2, 0, -1,
! 432: T_RT, 2, 0, -1,
! 433: T_SIG, 18, 0, -1,
! 434: T_PX, 2, 0, 0, -1,
! 435: T_NXT, 0, -1,
! 436: T_KX, 2, 0, -1,
! 437: T_SRV, 6, 0, -1,
! 438: T_DNAME, 0, -1,
! 439: 0, -1 /* wildcard/catchall */
! 440: };
! 441:
! 442: u16 *p = rr_desc;
! 443:
! 444: while (*p != type && *p != 0)
! 445: while (*p++ != (u16)-1);
! 446:
! 447: return p+1;
! 448: }
! 449:
! 450: /* Return bytes of canonicalised rdata, when the return value is zero, the remaining
! 451: data, pointed to by *p, should be used raw. */
! 452: static int get_rdata(struct dns_header *header, size_t plen, unsigned char *end, char *buff,
! 453: unsigned char **p, u16 **desc)
! 454: {
! 455: int d = **desc;
! 456:
! 457: (*desc)++;
! 458:
! 459: /* No more data needs mangling */
! 460: if (d == (u16)-1)
! 461: return 0;
! 462:
! 463: if (d == 0 && extract_name(header, plen, p, buff, 1, 0))
! 464: /* domain-name, canonicalise */
! 465: return to_wire(buff);
! 466: else
! 467: {
! 468: /* plain data preceding a domain-name, don't run off the end of the data */
! 469: if ((end - *p) < d)
! 470: d = end - *p;
! 471:
! 472: if (d != 0)
! 473: {
! 474: memcpy(buff, *p, d);
! 475: *p += d;
! 476: }
! 477:
! 478: return d;
! 479: }
! 480: }
! 481:
! 482: static int expand_workspace(unsigned char ***wkspc, int *sz, int new)
! 483: {
! 484: unsigned char **p;
! 485: int new_sz = *sz;
! 486:
! 487: if (new_sz > new)
! 488: return 1;
! 489:
! 490: if (new >= 100)
! 491: return 0;
! 492:
! 493: new_sz += 5;
! 494:
! 495: if (!(p = whine_malloc((new_sz) * sizeof(unsigned char **))))
! 496: return 0;
! 497:
! 498: if (*wkspc)
! 499: {
! 500: memcpy(p, *wkspc, *sz * sizeof(unsigned char **));
! 501: free(*wkspc);
! 502: }
! 503:
! 504: *wkspc = p;
! 505: *sz = new_sz;
! 506:
! 507: return 1;
! 508: }
! 509:
! 510: /* Bubble sort the RRset into the canonical order.
! 511: Note that the byte-streams from two RRs may get unsynced: consider
! 512: RRs which have two domain-names at the start and then other data.
! 513: The domain-names may have different lengths in each RR, but sort equal
! 514:
! 515: ------------
! 516: |abcde|fghi|
! 517: ------------
! 518: |abcd|efghi|
! 519: ------------
! 520:
! 521: leaving the following bytes as deciding the order. Hence the nasty left1 and left2 variables.
! 522: */
! 523:
! 524: static void sort_rrset(struct dns_header *header, size_t plen, u16 *rr_desc, int rrsetidx,
! 525: unsigned char **rrset, char *buff1, char *buff2)
! 526: {
! 527: int swap, quit, i;
! 528:
! 529: do
! 530: {
! 531: for (swap = 0, i = 0; i < rrsetidx-1; i++)
! 532: {
! 533: int rdlen1, rdlen2, left1, left2, len1, len2, len, rc;
! 534: u16 *dp1, *dp2;
! 535: unsigned char *end1, *end2;
! 536: /* Note that these have been determined to be OK previously,
! 537: so we don't need to check for NULL return here. */
! 538: unsigned char *p1 = skip_name(rrset[i], header, plen, 10);
! 539: unsigned char *p2 = skip_name(rrset[i+1], header, plen, 10);
! 540:
! 541: p1 += 8; /* skip class, type, ttl */
! 542: GETSHORT(rdlen1, p1);
! 543: end1 = p1 + rdlen1;
! 544:
! 545: p2 += 8; /* skip class, type, ttl */
! 546: GETSHORT(rdlen2, p2);
! 547: end2 = p2 + rdlen2;
! 548:
! 549: dp1 = dp2 = rr_desc;
! 550:
! 551: for (quit = 0, left1 = 0, left2 = 0, len1 = 0, len2 = 0; !quit;)
! 552: {
! 553: if (left1 != 0)
! 554: memmove(buff1, buff1 + len1 - left1, left1);
! 555:
! 556: if ((len1 = get_rdata(header, plen, end1, buff1 + left1, &p1, &dp1)) == 0)
! 557: {
! 558: quit = 1;
! 559: len1 = end1 - p1;
! 560: memcpy(buff1 + left1, p1, len1);
! 561: }
! 562: len1 += left1;
! 563:
! 564: if (left2 != 0)
! 565: memmove(buff2, buff2 + len2 - left2, left2);
! 566:
! 567: if ((len2 = get_rdata(header, plen, end2, buff2 + left2, &p2, &dp2)) == 0)
! 568: {
! 569: quit = 1;
! 570: len2 = end2 - p2;
! 571: memcpy(buff2 + left2, p2, len2);
! 572: }
! 573: len2 += left2;
! 574:
! 575: if (len1 > len2)
! 576: left1 = len1 - len2, left2 = 0, len = len2;
! 577: else
! 578: left2 = len2 - len1, left1 = 0, len = len1;
! 579:
! 580: rc = (len == 0) ? 0 : memcmp(buff1, buff2, len);
! 581:
! 582: if (rc > 0 || (rc == 0 && quit && len1 > len2))
! 583: {
! 584: unsigned char *tmp = rrset[i+1];
! 585: rrset[i+1] = rrset[i];
! 586: rrset[i] = tmp;
! 587: swap = quit = 1;
! 588: }
! 589: else if (rc < 0)
! 590: quit = 1;
! 591: }
! 592: }
! 593: } while (swap);
! 594: }
! 595:
! 596: /* Validate a single RRset (class, type, name) in the supplied DNS reply
! 597: Return code:
! 598: STAT_SECURE if it validates.
! 599: STAT_SECURE_WILDCARD if it validates and is the result of wildcard expansion.
! 600: STAT_NO_SIG no RRsigs found.
! 601: STAT_INSECURE RRset empty.
! 602: STAT_BOGUS signature is wrong, bad packet.
! 603: STAT_NEED_KEY need DNSKEY to complete validation (name is returned in keyname)
! 604:
! 605: if key is non-NULL, use that key, which has the algo and tag given in the params of those names,
! 606: otherwise find the key in the cache.
! 607:
! 608: name is unchanged on exit. keyname is used as workspace and trashed.
! 609: */
! 610: static int validate_rrset(time_t now, struct dns_header *header, size_t plen, int class,
! 611: int type, char *name, char *keyname, struct blockdata *key, int keylen, int algo_in, int keytag_in)
! 612: {
! 613: static unsigned char **rrset = NULL, **sigs = NULL;
! 614: static int rrset_sz = 0, sig_sz = 0;
! 615:
! 616: unsigned char *p;
! 617: int rrsetidx, sigidx, res, rdlen, j, name_labels;
! 618: struct crec *crecp = NULL;
! 619: int type_covered, algo, labels, orig_ttl, sig_expiration, sig_inception, key_tag;
! 620: u16 *rr_desc = get_desc(type);
! 621:
! 622: if (!(p = skip_questions(header, plen)))
! 623: return STAT_BOGUS;
! 624:
! 625: name_labels = count_labels(name); /* For 4035 5.3.2 check */
! 626:
! 627: /* look for RRSIGs for this RRset and get pointers to each RR in the set. */
! 628: for (rrsetidx = 0, sigidx = 0, j = ntohs(header->ancount) + ntohs(header->nscount);
! 629: j != 0; j--)
! 630: {
! 631: unsigned char *pstart, *pdata;
! 632: int stype, sclass;
! 633:
! 634: pstart = p;
! 635:
! 636: if (!(res = extract_name(header, plen, &p, name, 0, 10)))
! 637: return STAT_BOGUS; /* bad packet */
! 638:
! 639: GETSHORT(stype, p);
! 640: GETSHORT(sclass, p);
! 641: p += 4; /* TTL */
! 642:
! 643: pdata = p;
! 644:
! 645: GETSHORT(rdlen, p);
! 646:
! 647: if (!CHECK_LEN(header, p, plen, rdlen))
! 648: return STAT_BOGUS;
! 649:
! 650: if (res == 1 && sclass == class)
! 651: {
! 652: if (stype == type)
! 653: {
! 654: if (!expand_workspace(&rrset, &rrset_sz, rrsetidx))
! 655: return STAT_BOGUS;
! 656:
! 657: rrset[rrsetidx++] = pstart;
! 658: }
! 659:
! 660: if (stype == T_RRSIG)
! 661: {
! 662: if (rdlen < 18)
! 663: return STAT_BOGUS; /* bad packet */
! 664:
! 665: GETSHORT(type_covered, p);
! 666:
! 667: if (type_covered == type)
! 668: {
! 669: if (!expand_workspace(&sigs, &sig_sz, sigidx))
! 670: return STAT_BOGUS;
! 671:
! 672: sigs[sigidx++] = pdata;
! 673: }
! 674:
! 675: p = pdata + 2; /* restore for ADD_RDLEN */
! 676: }
! 677: }
! 678:
! 679: if (!ADD_RDLEN(header, p, plen, rdlen))
! 680: return STAT_BOGUS;
! 681: }
! 682:
! 683: /* RRset empty */
! 684: if (rrsetidx == 0)
! 685: return STAT_INSECURE;
! 686:
! 687: /* no RRSIGs */
! 688: if (sigidx == 0)
! 689: return STAT_NO_SIG;
! 690:
! 691: /* Sort RRset records into canonical order.
! 692: Note that at this point keyname and daemon->workspacename buffs are
! 693: unused, and used as workspace by the sort. */
! 694: sort_rrset(header, plen, rr_desc, rrsetidx, rrset, daemon->workspacename, keyname);
! 695:
! 696: /* Now try all the sigs to try and find one which validates */
! 697: for (j = 0; j <sigidx; j++)
! 698: {
! 699: unsigned char *psav, *sig, *digest;
! 700: int i, wire_len, sig_len;
! 701: const struct nettle_hash *hash;
! 702: void *ctx;
! 703: char *name_start;
! 704: u32 nsigttl;
! 705:
! 706: p = sigs[j];
! 707: GETSHORT(rdlen, p); /* rdlen >= 18 checked previously */
! 708: psav = p;
! 709:
! 710: p += 2; /* type_covered - already checked */
! 711: algo = *p++;
! 712: labels = *p++;
! 713: GETLONG(orig_ttl, p);
! 714: GETLONG(sig_expiration, p);
! 715: GETLONG(sig_inception, p);
! 716: GETSHORT(key_tag, p);
! 717:
! 718: if (!extract_name(header, plen, &p, keyname, 1, 0))
! 719: return STAT_BOGUS;
! 720:
! 721: /* RFC 4035 5.3.1 says that the Signer's Name field MUST equal
! 722: the name of the zone containing the RRset. We can't tell that
! 723: for certain, but we can check that the RRset name is equal to
! 724: or encloses the signers name, which should be enough to stop
! 725: an attacker using signatures made with the key of an unrelated
! 726: zone he controls. Note that the root key is always allowed. */
! 727: if (*keyname != 0)
! 728: {
! 729: int failed = 0;
! 730:
! 731: for (name_start = name; !hostname_isequal(name_start, keyname); )
! 732: if ((name_start = strchr(name_start, '.')))
! 733: name_start++; /* chop a label off and try again */
! 734: else
! 735: {
! 736: failed = 1;
! 737: break;
! 738: }
! 739:
! 740: /* Bad sig, try another */
! 741: if (failed)
! 742: continue;
! 743: }
! 744:
! 745: /* Other 5.3.1 checks */
! 746: if (!check_date_range(sig_inception, sig_expiration) ||
! 747: labels > name_labels ||
! 748: !(hash = hash_find(algo_digest_name(algo))) ||
! 749: !hash_init(hash, &ctx, &digest))
! 750: continue;
! 751:
! 752: /* OK, we have the signature record, see if the relevant DNSKEY is in the cache. */
! 753: if (!key && !(crecp = cache_find_by_name(NULL, keyname, now, F_DNSKEY)))
! 754: return STAT_NEED_KEY;
! 755:
! 756: sig = p;
! 757: sig_len = rdlen - (p - psav);
! 758:
! 759: nsigttl = htonl(orig_ttl);
! 760:
! 761: hash->update(ctx, 18, psav);
! 762: wire_len = to_wire(keyname);
! 763: hash->update(ctx, (unsigned int)wire_len, (unsigned char*)keyname);
! 764: from_wire(keyname);
! 765:
! 766: for (i = 0; i < rrsetidx; ++i)
! 767: {
! 768: int seg;
! 769: unsigned char *end, *cp;
! 770: u16 len, *dp;
! 771:
! 772: p = rrset[i];
! 773: if (!extract_name(header, plen, &p, name, 1, 10))
! 774: return STAT_BOGUS;
! 775:
! 776: name_start = name;
! 777:
! 778: /* if more labels than in RRsig name, hash *.<no labels in rrsig labels field> 4035 5.3.2 */
! 779: if (labels < name_labels)
! 780: {
! 781: int k;
! 782: for (k = name_labels - labels; k != 0; k--)
! 783: while (*name_start != '.' && *name_start != 0)
! 784: name_start++;
! 785: name_start--;
! 786: *name_start = '*';
! 787: }
! 788:
! 789: wire_len = to_wire(name_start);
! 790: hash->update(ctx, (unsigned int)wire_len, (unsigned char *)name_start);
! 791: hash->update(ctx, 4, p); /* class and type */
! 792: hash->update(ctx, 4, (unsigned char *)&nsigttl);
! 793:
! 794: p += 8; /* skip class, type, ttl */
! 795: GETSHORT(rdlen, p);
! 796: if (!CHECK_LEN(header, p, plen, rdlen))
! 797: return STAT_BOGUS;
! 798:
! 799: end = p + rdlen;
! 800:
! 801: /* canonicalise rdata and calculate length of same, use name buffer as workspace */
! 802: cp = p;
! 803: dp = rr_desc;
! 804: for (len = 0; (seg = get_rdata(header, plen, end, name, &cp, &dp)) != 0; len += seg);
! 805: len += end - cp;
! 806: len = htons(len);
! 807: hash->update(ctx, 2, (unsigned char *)&len);
! 808:
! 809: /* Now canonicalise again and digest. */
! 810: cp = p;
! 811: dp = rr_desc;
! 812: while ((seg = get_rdata(header, plen, end, name, &cp, &dp)))
! 813: hash->update(ctx, seg, (unsigned char *)name);
! 814: if (cp != end)
! 815: hash->update(ctx, end - cp, cp);
! 816: }
! 817:
! 818: hash->digest(ctx, hash->digest_size, digest);
! 819:
! 820: /* namebuff used for workspace above, restore to leave unchanged on exit */
! 821: p = (unsigned char*)(rrset[0]);
! 822: extract_name(header, plen, &p, name, 1, 0);
! 823:
! 824: if (key)
! 825: {
! 826: if (algo_in == algo && keytag_in == key_tag &&
! 827: verify(key, keylen, sig, sig_len, digest, hash->digest_size, algo))
! 828: return STAT_SECURE;
! 829: }
! 830: else
! 831: {
! 832: /* iterate through all possible keys 4035 5.3.1 */
! 833: for (; crecp; crecp = cache_find_by_name(crecp, keyname, now, F_DNSKEY))
! 834: if (crecp->addr.key.algo == algo &&
! 835: crecp->addr.key.keytag == key_tag &&
! 836: crecp->uid == (unsigned int)class &&
! 837: verify(crecp->addr.key.keydata, crecp->addr.key.keylen, sig, sig_len, digest, hash->digest_size, algo))
! 838: return (labels < name_labels) ? STAT_SECURE_WILDCARD : STAT_SECURE;
! 839: }
! 840: }
! 841:
! 842: return STAT_BOGUS;
! 843: }
! 844:
! 845: /* The DNS packet is expected to contain the answer to a DNSKEY query.
! 846: Put all DNSKEYs in the answer which are valid into the cache.
! 847: return codes:
! 848: STAT_INSECURE No DNSKEYs in reply.
! 849: STAT_SECURE At least one valid DNSKEY found and in cache.
! 850: STAT_BOGUS No DNSKEYs found, which can be validated with DS,
! 851: or self-sign for DNSKEY RRset is not valid, bad packet.
! 852: STAT_NEED_DS DS records to validate a key not found, name in keyname
! 853: */
! 854: int dnssec_validate_by_ds(time_t now, struct dns_header *header, size_t plen, char *name, char *keyname, int class)
! 855: {
! 856: unsigned char *psave, *p = (unsigned char *)(header+1);
! 857: struct crec *crecp, *recp1;
! 858: int rc, j, qtype, qclass, ttl, rdlen, flags, algo, valid, keytag, type_covered;
! 859: struct blockdata *key;
! 860: struct all_addr a;
! 861:
! 862: if (ntohs(header->qdcount) != 1 ||
! 863: !extract_name(header, plen, &p, name, 1, 4))
! 864: return STAT_BOGUS;
! 865:
! 866: GETSHORT(qtype, p);
! 867: GETSHORT(qclass, p);
! 868:
! 869: if (qtype != T_DNSKEY || qclass != class)
! 870: return STAT_BOGUS;
! 871:
! 872: if (ntohs(header->ancount) == 0)
! 873: return STAT_INSECURE;
! 874:
! 875: /* See if we have cached a DS record which validates this key */
! 876: if (!(crecp = cache_find_by_name(NULL, name, now, F_DS)))
! 877: {
! 878: strcpy(keyname, name);
! 879: return STAT_NEED_DS;
! 880: }
! 881:
! 882: /* If we've cached that DS provably doesn't exist, result must be INSECURE */
! 883: if (crecp->flags & F_NEG)
! 884: return STAT_INSECURE;
! 885:
! 886: /* NOTE, we need to find ONE DNSKEY which matches the DS */
! 887: for (valid = 0, j = ntohs(header->ancount); j != 0 && !valid; j--)
! 888: {
! 889: /* Ensure we have type, class TTL and length */
! 890: if (!(rc = extract_name(header, plen, &p, name, 0, 10)))
! 891: return STAT_BOGUS; /* bad packet */
! 892:
! 893: GETSHORT(qtype, p);
! 894: GETSHORT(qclass, p);
! 895: GETLONG(ttl, p);
! 896: GETSHORT(rdlen, p);
! 897:
! 898: if (!CHECK_LEN(header, p, plen, rdlen) || rdlen < 4)
! 899: return STAT_BOGUS; /* bad packet */
! 900:
! 901: if (qclass != class || qtype != T_DNSKEY || rc == 2)
! 902: {
! 903: p += rdlen;
! 904: continue;
! 905: }
! 906:
! 907: psave = p;
! 908:
! 909: GETSHORT(flags, p);
! 910: if (*p++ != 3)
! 911: return STAT_BOGUS;
! 912: algo = *p++;
! 913: keytag = dnskey_keytag(algo, flags, p, rdlen - 4);
! 914: key = NULL;
! 915:
! 916: /* key must have zone key flag set */
! 917: if (flags & 0x100)
! 918: key = blockdata_alloc((char*)p, rdlen - 4);
! 919:
! 920: p = psave;
! 921:
! 922: if (!ADD_RDLEN(header, p, plen, rdlen))
! 923: {
! 924: if (key)
! 925: blockdata_free(key);
! 926: return STAT_BOGUS; /* bad packet */
! 927: }
! 928:
! 929: /* No zone key flag or malloc failure */
! 930: if (!key)
! 931: continue;
! 932:
! 933: for (recp1 = crecp; recp1; recp1 = cache_find_by_name(recp1, name, now, F_DS))
! 934: {
! 935: void *ctx;
! 936: unsigned char *digest, *ds_digest;
! 937: const struct nettle_hash *hash;
! 938:
! 939: if (recp1->addr.ds.algo == algo &&
! 940: recp1->addr.ds.keytag == keytag &&
! 941: recp1->uid == (unsigned int)class &&
! 942: (hash = hash_find(ds_digest_name(recp1->addr.ds.digest))) &&
! 943: hash_init(hash, &ctx, &digest))
! 944:
! 945: {
! 946: int wire_len = to_wire(name);
! 947:
! 948: /* Note that digest may be different between DSs, so
! 949: we can't move this outside the loop. */
! 950: hash->update(ctx, (unsigned int)wire_len, (unsigned char *)name);
! 951: hash->update(ctx, (unsigned int)rdlen, psave);
! 952: hash->digest(ctx, hash->digest_size, digest);
! 953:
! 954: from_wire(name);
! 955:
! 956: if (recp1->addr.ds.keylen == (int)hash->digest_size &&
! 957: (ds_digest = blockdata_retrieve(recp1->addr.key.keydata, recp1->addr.ds.keylen, NULL)) &&
! 958: memcmp(ds_digest, digest, recp1->addr.ds.keylen) == 0 &&
! 959: validate_rrset(now, header, plen, class, T_DNSKEY, name, keyname, key, rdlen - 4, algo, keytag) == STAT_SECURE)
! 960: {
! 961: valid = 1;
! 962: break;
! 963: }
! 964: }
! 965: }
! 966: blockdata_free(key);
! 967: }
! 968:
! 969: if (valid)
! 970: {
! 971: /* DNSKEY RRset determined to be OK, now cache it and the RRsigs that sign it. */
! 972: cache_start_insert();
! 973:
! 974: p = skip_questions(header, plen);
! 975:
! 976: for (j = ntohs(header->ancount); j != 0; j--)
! 977: {
! 978: /* Ensure we have type, class TTL and length */
! 979: if (!(rc = extract_name(header, plen, &p, name, 0, 10)))
! 980: return STAT_INSECURE; /* bad packet */
! 981:
! 982: GETSHORT(qtype, p);
! 983: GETSHORT(qclass, p);
! 984: GETLONG(ttl, p);
! 985: GETSHORT(rdlen, p);
! 986:
! 987: if (!CHECK_LEN(header, p, plen, rdlen))
! 988: return STAT_BOGUS; /* bad packet */
! 989:
! 990: if (qclass == class && rc == 1)
! 991: {
! 992: psave = p;
! 993:
! 994: if (qtype == T_DNSKEY)
! 995: {
! 996: if (rdlen < 4)
! 997: return STAT_BOGUS; /* bad packet */
! 998:
! 999: GETSHORT(flags, p);
! 1000: if (*p++ != 3)
! 1001: return STAT_BOGUS;
! 1002: algo = *p++;
! 1003: keytag = dnskey_keytag(algo, flags, p, rdlen - 4);
! 1004:
! 1005: /* Cache needs to known class for DNSSEC stuff */
! 1006: a.addr.dnssec.class = class;
! 1007:
! 1008: if ((key = blockdata_alloc((char*)p, rdlen - 4)))
! 1009: {
! 1010: if (!(recp1 = cache_insert(name, &a, now, ttl, F_FORWARD | F_DNSKEY | F_DNSSECOK)))
! 1011: blockdata_free(key);
! 1012: else
! 1013: {
! 1014: a.addr.keytag = keytag;
! 1015: log_query(F_KEYTAG | F_UPSTREAM, name, &a, "DNSKEY keytag %u");
! 1016:
! 1017: recp1->addr.key.keylen = rdlen - 4;
! 1018: recp1->addr.key.keydata = key;
! 1019: recp1->addr.key.algo = algo;
! 1020: recp1->addr.key.keytag = keytag;
! 1021: recp1->addr.key.flags = flags;
! 1022: }
! 1023: }
! 1024: }
! 1025: else if (qtype == T_RRSIG)
! 1026: {
! 1027: /* RRSIG, cache if covers DNSKEY RRset */
! 1028: if (rdlen < 18)
! 1029: return STAT_BOGUS; /* bad packet */
! 1030:
! 1031: GETSHORT(type_covered, p);
! 1032:
! 1033: if (type_covered == T_DNSKEY)
! 1034: {
! 1035: a.addr.dnssec.class = class;
! 1036: a.addr.dnssec.type = type_covered;
! 1037:
! 1038: algo = *p++;
! 1039: p += 13; /* labels, orig_ttl, expiration, inception */
! 1040: GETSHORT(keytag, p);
! 1041: if ((key = blockdata_alloc((char*)psave, rdlen)))
! 1042: {
! 1043: if (!(crecp = cache_insert(name, &a, now, ttl, F_FORWARD | F_DNSKEY | F_DS)))
! 1044: blockdata_free(key);
! 1045: else
! 1046: {
! 1047: crecp->addr.sig.keydata = key;
! 1048: crecp->addr.sig.keylen = rdlen;
! 1049: crecp->addr.sig.keytag = keytag;
! 1050: crecp->addr.sig.type_covered = type_covered;
! 1051: crecp->addr.sig.algo = algo;
! 1052: }
! 1053: }
! 1054: }
! 1055: }
! 1056:
! 1057: p = psave;
! 1058: }
! 1059:
! 1060: if (!ADD_RDLEN(header, p, plen, rdlen))
! 1061: return STAT_BOGUS; /* bad packet */
! 1062: }
! 1063:
! 1064: /* commit cache insert. */
! 1065: cache_end_insert();
! 1066: return STAT_SECURE;
! 1067: }
! 1068:
! 1069: log_query(F_UPSTREAM, name, NULL, "BOGUS DNSKEY");
! 1070: return STAT_BOGUS;
! 1071: }
! 1072:
! 1073: /* The DNS packet is expected to contain the answer to a DS query
! 1074: Put all DSs in the answer which are valid into the cache.
! 1075: return codes:
! 1076: STAT_INSECURE no DS in reply or not signed.
! 1077: STAT_SECURE At least one valid DS found and in cache.
! 1078: STAT_NO_DS It's proved there's no DS here.
! 1079: STAT_BOGUS At least one DS found, which fails validation, bad packet.
! 1080: STAT_NEED_DNSKEY DNSKEY records to validate a DS not found, name in keyname
! 1081: */
! 1082:
! 1083: int dnssec_validate_ds(time_t now, struct dns_header *header, size_t plen, char *name, char *keyname, int class)
! 1084: {
! 1085: unsigned char *p = (unsigned char *)(header+1);
! 1086: int qtype, qclass, val, i, neganswer;
! 1087:
! 1088: if (ntohs(header->qdcount) != 1 ||
! 1089: !(p = skip_name(p, header, plen, 4)))
! 1090: return STAT_BOGUS;
! 1091:
! 1092: GETSHORT(qtype, p);
! 1093: GETSHORT(qclass, p);
! 1094:
! 1095: if (qtype != T_DS || qclass != class)
! 1096: val = STAT_BOGUS;
! 1097: else
! 1098: val = dnssec_validate_reply(now, header, plen, name, keyname, NULL, &neganswer);
! 1099:
! 1100: if (val == STAT_NO_SIG)
! 1101: val = STAT_INSECURE;
! 1102:
! 1103: p = (unsigned char *)(header+1);
! 1104: extract_name(header, plen, &p, name, 1, 4);
! 1105: p += 4; /* qtype, qclass */
! 1106:
! 1107: if (!(p = skip_section(p, ntohs(header->ancount), header, plen)))
! 1108: return STAT_BOGUS;
! 1109:
! 1110: if (val == STAT_BOGUS)
! 1111: log_query(F_UPSTREAM, name, NULL, "BOGUS DS");
! 1112:
! 1113: if ((val == STAT_SECURE || val == STAT_INSECURE) && neganswer)
! 1114: {
! 1115: int rdlen, flags = F_FORWARD | F_DS | F_NEG;
! 1116: unsigned long ttl, minttl = ULONG_MAX;
! 1117: struct all_addr a;
! 1118:
! 1119: if (RCODE(header) == NXDOMAIN)
! 1120: flags |= F_NXDOMAIN;
! 1121:
! 1122: if (val == STAT_SECURE)
! 1123: flags |= F_DNSSECOK;
! 1124:
! 1125: for (i = ntohs(header->nscount); i != 0; i--)
! 1126: {
! 1127: if (!(p = skip_name(p, header, plen, 0)))
! 1128: return STAT_BOGUS;
! 1129:
! 1130: GETSHORT(qtype, p);
! 1131: GETSHORT(qclass, p);
! 1132: GETLONG(ttl, p);
! 1133: GETSHORT(rdlen, p);
! 1134:
! 1135: if (!CHECK_LEN(header, p, plen, rdlen))
! 1136: return STAT_BOGUS; /* bad packet */
! 1137:
! 1138: if (qclass != class || qtype != T_SOA)
! 1139: {
! 1140: p += rdlen;
! 1141: continue;
! 1142: }
! 1143:
! 1144: if (ttl < minttl)
! 1145: minttl = ttl;
! 1146:
! 1147: /* MNAME */
! 1148: if (!(p = skip_name(p, header, plen, 0)))
! 1149: return STAT_BOGUS;
! 1150: /* RNAME */
! 1151: if (!(p = skip_name(p, header, plen, 20)))
! 1152: return STAT_BOGUS;
! 1153: p += 16; /* SERIAL REFRESH RETRY EXPIRE */
! 1154:
! 1155: GETLONG(ttl, p); /* minTTL */
! 1156: if (ttl < minttl)
! 1157: minttl = ttl;
! 1158:
! 1159: break;
! 1160: }
! 1161:
! 1162: if (i != 0)
! 1163: {
! 1164: cache_start_insert();
! 1165:
! 1166: a.addr.dnssec.class = class;
! 1167: cache_insert(name, &a, now, ttl, flags);
! 1168:
! 1169: cache_end_insert();
! 1170: }
! 1171:
! 1172: return (val == STAT_SECURE) ? STAT_NO_DS : STAT_INSECURE;
! 1173: }
! 1174:
! 1175: return val;
! 1176: }
! 1177:
! 1178: /* 4034 6.1 */
! 1179: static int hostname_cmp(const char *a, const char *b)
! 1180: {
! 1181: char *sa, *ea, *ca, *sb, *eb, *cb;
! 1182: unsigned char ac, bc;
! 1183:
! 1184: sa = ea = (char *)a + strlen(a);
! 1185: sb = eb = (char *)b + strlen(b);
! 1186:
! 1187: while (1)
! 1188: {
! 1189: while (sa != a && *(sa-1) != '.')
! 1190: sa--;
! 1191:
! 1192: while (sb != b && *(sb-1) != '.')
! 1193: sb--;
! 1194:
! 1195: ca = sa;
! 1196: cb = sb;
! 1197:
! 1198: while (1)
! 1199: {
! 1200: if (ca == ea)
! 1201: {
! 1202: if (cb == eb)
! 1203: break;
! 1204:
! 1205: return -1;
! 1206: }
! 1207:
! 1208: if (cb == eb)
! 1209: return 1;
! 1210:
! 1211: ac = (unsigned char) *ca++;
! 1212: bc = (unsigned char) *cb++;
! 1213:
! 1214: if (ac >= 'A' && ac <= 'Z')
! 1215: ac += 'a' - 'A';
! 1216: if (bc >= 'A' && bc <= 'Z')
! 1217: bc += 'a' - 'A';
! 1218:
! 1219: if (ac < bc)
! 1220: return -1;
! 1221: else if (ac != bc)
! 1222: return 1;
! 1223: }
! 1224:
! 1225:
! 1226: if (sa == a)
! 1227: {
! 1228: if (sb == b)
! 1229: return 0;
! 1230:
! 1231: return -1;
! 1232: }
! 1233:
! 1234: if (sb == b)
! 1235: return 1;
! 1236:
! 1237: ea = sa--;
! 1238: eb = sb--;
! 1239: }
! 1240: }
! 1241:
! 1242: /* Find all the NSEC or NSEC3 records in a reply.
! 1243: return an array of pointers to them. */
! 1244: static int find_nsec_records(struct dns_header *header, size_t plen, unsigned char ***nsecsetp, int *nsecsetl, int class_reqd)
! 1245: {
! 1246: static unsigned char **nsecset = NULL;
! 1247: static int nsecset_sz = 0;
! 1248:
! 1249: int type_found = 0;
! 1250: unsigned char *p = skip_questions(header, plen);
! 1251: int type, class, rdlen, i, nsecs_found;
! 1252:
! 1253: /* Move to NS section */
! 1254: if (!p || !(p = skip_section(p, ntohs(header->ancount), header, plen)))
! 1255: return 0;
! 1256:
! 1257: for (nsecs_found = 0, i = ntohs(header->nscount); i != 0; i--)
! 1258: {
! 1259: unsigned char *pstart = p;
! 1260:
! 1261: if (!(p = skip_name(p, header, plen, 10)))
! 1262: return 0;
! 1263:
! 1264: GETSHORT(type, p);
! 1265: GETSHORT(class, p);
! 1266: p += 4; /* TTL */
! 1267: GETSHORT(rdlen, p);
! 1268:
! 1269: if (class == class_reqd && (type == T_NSEC || type == T_NSEC3))
! 1270: {
! 1271: /* No mixed NSECing 'round here, thankyouverymuch */
! 1272: if (type_found == T_NSEC && type == T_NSEC3)
! 1273: return 0;
! 1274: if (type_found == T_NSEC3 && type == T_NSEC)
! 1275: return 0;
! 1276:
! 1277: type_found = type;
! 1278:
! 1279: if (!expand_workspace(&nsecset, &nsecset_sz, nsecs_found))
! 1280: return 0;
! 1281:
! 1282: nsecset[nsecs_found++] = pstart;
! 1283: }
! 1284:
! 1285: if (!ADD_RDLEN(header, p, plen, rdlen))
! 1286: return 0;
! 1287: }
! 1288:
! 1289: *nsecsetp = nsecset;
! 1290: *nsecsetl = nsecs_found;
! 1291:
! 1292: return type_found;
! 1293: }
! 1294:
! 1295: static int prove_non_existence_nsec(struct dns_header *header, size_t plen, unsigned char **nsecs, int nsec_count,
! 1296: char *workspace1, char *workspace2, char *name, int type)
! 1297: {
! 1298: int i, rc, rdlen;
! 1299: unsigned char *p, *psave;
! 1300: int offset = (type & 0xff) >> 3;
! 1301: int mask = 0x80 >> (type & 0x07);
! 1302:
! 1303: /* Find NSEC record that proves name doesn't exist */
! 1304: for (i = 0; i < nsec_count; i++)
! 1305: {
! 1306: p = nsecs[i];
! 1307: if (!extract_name(header, plen, &p, workspace1, 1, 10))
! 1308: return STAT_BOGUS;
! 1309: p += 8; /* class, type, TTL */
! 1310: GETSHORT(rdlen, p);
! 1311: psave = p;
! 1312: if (!extract_name(header, plen, &p, workspace2, 1, 10))
! 1313: return STAT_BOGUS;
! 1314:
! 1315: rc = hostname_cmp(workspace1, name);
! 1316:
! 1317: if (rc == 0)
! 1318: {
! 1319: /* 4035 para 5.4. Last sentence */
! 1320: if (type == T_NSEC || type == T_RRSIG)
! 1321: return STAT_SECURE;
! 1322:
! 1323: /* NSEC with the same name as the RR we're testing, check
! 1324: that the type in question doesn't appear in the type map */
! 1325: rdlen -= p - psave;
! 1326: /* rdlen is now length of type map, and p points to it */
! 1327:
! 1328: while (rdlen >= 2)
! 1329: {
! 1330: if (!CHECK_LEN(header, p, plen, rdlen))
! 1331: return STAT_BOGUS;
! 1332:
! 1333: if (p[0] == type >> 8)
! 1334: {
! 1335: /* Does the NSEC say our type exists? */
! 1336: if (offset < p[1] && (p[offset+2] & mask) != 0)
! 1337: return STAT_BOGUS;
! 1338:
! 1339: break; /* finshed checking */
! 1340: }
! 1341:
! 1342: rdlen -= p[1];
! 1343: p += p[1];
! 1344: }
! 1345:
! 1346: return STAT_SECURE;
! 1347: }
! 1348: else if (rc == -1)
! 1349: {
! 1350: /* Normal case, name falls between NSEC name and next domain name,
! 1351: wrap around case, name falls between NSEC name (rc == -1) and end */
! 1352: if (hostname_cmp(workspace2, name) == 1 || hostname_cmp(workspace1, workspace2) == 1)
! 1353: return STAT_SECURE;
! 1354: }
! 1355: else
! 1356: {
! 1357: /* wrap around case, name falls between start and next domain name */
! 1358: if (hostname_cmp(workspace1, workspace2) == 1 && hostname_cmp(workspace2, name) == 1)
! 1359: return STAT_SECURE;
! 1360: }
! 1361: }
! 1362:
! 1363: return STAT_BOGUS;
! 1364: }
! 1365:
! 1366: /* return digest length, or zero on error */
! 1367: static int hash_name(char *in, unsigned char **out, struct nettle_hash const *hash,
! 1368: unsigned char *salt, int salt_len, int iterations)
! 1369: {
! 1370: void *ctx;
! 1371: unsigned char *digest;
! 1372: int i;
! 1373:
! 1374: if (!hash_init(hash, &ctx, &digest))
! 1375: return 0;
! 1376:
! 1377: hash->update(ctx, to_wire(in), (unsigned char *)in);
! 1378: hash->update(ctx, salt_len, salt);
! 1379: hash->digest(ctx, hash->digest_size, digest);
! 1380:
! 1381: for(i = 0; i < iterations; i++)
! 1382: {
! 1383: hash->update(ctx, hash->digest_size, digest);
! 1384: hash->update(ctx, salt_len, salt);
! 1385: hash->digest(ctx, hash->digest_size, digest);
! 1386: }
! 1387:
! 1388: from_wire(in);
! 1389:
! 1390: *out = digest;
! 1391: return hash->digest_size;
! 1392: }
! 1393:
! 1394: /* Decode base32 to first "." or end of string */
! 1395: static int base32_decode(char *in, unsigned char *out)
! 1396: {
! 1397: int oc, on, c, mask, i;
! 1398: unsigned char *p = out;
! 1399:
! 1400: for (c = *in, oc = 0, on = 0; c != 0 && c != '.'; c = *++in)
! 1401: {
! 1402: if (c >= '0' && c <= '9')
! 1403: c -= '0';
! 1404: else if (c >= 'a' && c <= 'v')
! 1405: c -= 'a', c += 10;
! 1406: else if (c >= 'A' && c <= 'V')
! 1407: c -= 'A', c += 10;
! 1408: else
! 1409: return 0;
! 1410:
! 1411: for (mask = 0x10, i = 0; i < 5; i++)
! 1412: {
! 1413: if (c & mask)
! 1414: oc |= 1;
! 1415: mask = mask >> 1;
! 1416: if (((++on) & 7) == 0)
! 1417: *p++ = oc;
! 1418: oc = oc << 1;
! 1419: }
! 1420: }
! 1421:
! 1422: if ((on & 7) != 0)
! 1423: return 0;
! 1424:
! 1425: return p - out;
! 1426: }
! 1427:
! 1428: static int prove_non_existence_nsec3(struct dns_header *header, size_t plen, unsigned char **nsecs, int nsec_count,
! 1429: char *workspace1, char *workspace2, char *name, int type)
! 1430: {
! 1431: unsigned char *salt, *p, *digest;
! 1432: int digest_len, i, iterations, salt_len, hash_len, base32_len, algo = 0;
! 1433: struct nettle_hash const *hash;
! 1434: char *closest_encloser, *next_closest, *wildcard;
! 1435:
! 1436: /* Look though the NSEC3 records to find the first one with
! 1437: an algorithm we support (currently only algo == 1).
! 1438:
! 1439: Take the algo, iterations, and salt of that record
! 1440: as the ones we're going to use, and prune any
! 1441: that don't match. */
! 1442:
! 1443: for (i = 0; i < nsec_count; i++)
! 1444: {
! 1445: if (!(p = skip_name(nsecs[i], header, plen, 15)))
! 1446: return STAT_BOGUS; /* bad packet */
! 1447:
! 1448: p += 10; /* type, class, TTL, rdlen */
! 1449: algo = *p++;
! 1450:
! 1451: if (algo == 1)
! 1452: break; /* known algo */
! 1453: }
! 1454:
! 1455: /* No usable NSEC3s */
! 1456: if (i == nsec_count)
! 1457: return STAT_BOGUS;
! 1458:
! 1459: p++; /* flags */
! 1460: GETSHORT (iterations, p);
! 1461: salt_len = *p++;
! 1462: salt = p;
! 1463: if (!CHECK_LEN(header, salt, plen, salt_len))
! 1464: return STAT_BOGUS; /* bad packet */
! 1465:
! 1466: /* Now prune so we only have NSEC3 records with same iterations, salt and algo */
! 1467: for (i = 0; i < nsec_count; i++)
! 1468: {
! 1469: unsigned char *nsec3p = nsecs[i];
! 1470: int this_iter;
! 1471:
! 1472: nsecs[i] = NULL; /* Speculative, will be restored if OK. */
! 1473:
! 1474: if (!(p = skip_name(nsec3p, header, plen, 15)))
! 1475: return STAT_BOGUS; /* bad packet */
! 1476:
! 1477: p += 10; /* type, class, TTL, rdlen */
! 1478:
! 1479: if (*p++ != algo)
! 1480: continue;
! 1481:
! 1482: p++; /* flags */
! 1483:
! 1484: GETSHORT(this_iter, p);
! 1485: if (this_iter != iterations)
! 1486: continue;
! 1487:
! 1488: if (salt_len != *p++)
! 1489: continue;
! 1490:
! 1491: if (!CHECK_LEN(header, p, plen, salt_len))
! 1492: return STAT_BOGUS; /* bad packet */
! 1493:
! 1494: if (memcmp(p, salt, salt_len) != 0)
! 1495: continue;
! 1496:
! 1497: /* All match, put the pointer back */
! 1498: nsecs[i] = nsec3p;
! 1499: }
! 1500:
! 1501: /* Algo is checked as 1 above */
! 1502: if (!(hash = hash_find("sha1")))
! 1503: return STAT_BOGUS;
! 1504:
! 1505: /* Now, we need the "closest encloser NSEC3" */
! 1506: closest_encloser = name;
! 1507: next_closest = NULL;
! 1508:
! 1509: do
! 1510: {
! 1511: if (*closest_encloser == '.')
! 1512: closest_encloser++;
! 1513:
! 1514: if ((digest_len = hash_name(closest_encloser, &digest, hash, salt, salt_len, iterations)) == 0)
! 1515: return STAT_BOGUS;
! 1516:
! 1517: for (i = 0; i < nsec_count; i++)
! 1518: if ((p = nsecs[i]))
! 1519: {
! 1520: if (!extract_name(header, plen, &p, workspace1, 1, 0) ||
! 1521: !(base32_len = base32_decode(workspace1, (unsigned char *)workspace2)))
! 1522: return STAT_BOGUS;
! 1523:
! 1524: if (digest_len == base32_len &&
! 1525: memcmp(digest, workspace2, digest_len) == 0)
! 1526: break; /* Gotit */
! 1527: }
! 1528:
! 1529: if (i != nsec_count)
! 1530: break;
! 1531:
! 1532: next_closest = closest_encloser;
! 1533: }
! 1534: while ((closest_encloser = strchr(closest_encloser, '.')));
! 1535:
! 1536: /* No usable NSEC3s */
! 1537: if (i == nsec_count)
! 1538: return STAT_BOGUS;
! 1539:
! 1540: if (!next_closest)
! 1541: {
! 1542: /* We found an NSEC3 whose hashed name exactly matches the query, so
! 1543: Now we just need to check the type map. p points to the RR data for the record. */
! 1544: int rdlen;
! 1545: unsigned char *psave;
! 1546: int offset = (type & 0xff) >> 3;
! 1547: int mask = 0x80 >> (type & 0x07);
! 1548:
! 1549: p += 8; /* class, type, TTL */
! 1550: GETSHORT(rdlen, p);
! 1551: psave = p;
! 1552: p += 5 + salt_len; /* algo, flags, iterations, salt_len, salt */
! 1553: hash_len = *p++;
! 1554: if (!CHECK_LEN(header, p, plen, hash_len))
! 1555: return STAT_BOGUS; /* bad packet */
! 1556: p += hash_len;
! 1557: rdlen -= p - psave;
! 1558:
! 1559: while (rdlen >= 2)
! 1560: {
! 1561: if (!CHECK_LEN(header, p, plen, rdlen))
! 1562: return STAT_BOGUS;
! 1563:
! 1564: if (p[0] == type >> 8)
! 1565: {
! 1566: /* Does the NSEC3 say our type exists? */
! 1567: if (offset < p[1] && (p[offset+2] & mask) != 0)
! 1568: return STAT_BOGUS;
! 1569:
! 1570: break; /* finshed checking */
! 1571: }
! 1572:
! 1573: rdlen -= p[1];
! 1574: p += p[1];
! 1575: }
! 1576:
! 1577: return STAT_SECURE;
! 1578: }
! 1579:
! 1580: /* Look for NSEC3 that proves the non-existence of the next-closest encloser */
! 1581: if ((digest_len = hash_name(next_closest, &digest, hash, salt, salt_len, iterations)) == 0)
! 1582: return STAT_BOGUS;
! 1583:
! 1584: for (i = 0; i < nsec_count; i++)
! 1585: if ((p = nsecs[i]))
! 1586: {
! 1587: if (!extract_name(header, plen, &p, workspace1, 1, 0) ||
! 1588: !(base32_len = base32_decode(workspace1, (unsigned char *)workspace2)))
! 1589: return STAT_BOGUS;
! 1590:
! 1591: p += 15 + salt_len; /* class, type, TTL, rdlen, algo, flags, iterations, salt_len, salt */
! 1592: hash_len = *p++; /* p now points to next hashed name */
! 1593:
! 1594: if (!CHECK_LEN(header, p, plen, hash_len))
! 1595: return STAT_BOGUS;
! 1596:
! 1597: if (digest_len == base32_len && hash_len == base32_len)
! 1598: {
! 1599: if (memcmp(workspace2, digest, digest_len) <= 0)
! 1600: {
! 1601: /* Normal case, hash falls between NSEC3 name-hash and next domain name-hash,
! 1602: wrap around case, name-hash falls between NSEC3 name-hash and end */
! 1603: if (memcmp(p, digest, digest_len) > 0 || memcmp(workspace2, p, digest_len) > 0)
! 1604: return STAT_SECURE;
! 1605: }
! 1606: else
! 1607: {
! 1608: /* wrap around case, name falls between start and next domain name */
! 1609: if (memcmp(workspace2, p, digest_len) > 0 && memcmp(p, digest, digest_len) > 0)
! 1610: return STAT_SECURE;
! 1611: }
! 1612: }
! 1613: }
! 1614:
! 1615: /* Finally, check that there's no seat of wildcard synthesis */
! 1616: if (!(wildcard = strchr(next_closest, '.')) || wildcard == next_closest)
! 1617: return STAT_BOGUS;
! 1618:
! 1619: wildcard--;
! 1620: *wildcard = '*';
! 1621:
! 1622: if ((digest_len = hash_name(wildcard, &digest, hash, salt, salt_len, iterations)) == 0)
! 1623: return STAT_BOGUS;
! 1624:
! 1625: for (i = 0; i < nsec_count; i++)
! 1626: if ((p = nsecs[i]))
! 1627: {
! 1628: if (!extract_name(header, plen, &p, workspace1, 1, 0) ||
! 1629: !(base32_len = base32_decode(workspace1, (unsigned char *)workspace2)))
! 1630: return STAT_BOGUS;
! 1631:
! 1632: p += 15 + salt_len; /* class, type, TTL, rdlen, algo, flags, iterations, salt_len, salt */
! 1633: hash_len = *p++; /* p now points to next hashed name */
! 1634:
! 1635: if (!CHECK_LEN(header, p, plen, hash_len))
! 1636: return STAT_BOGUS;
! 1637:
! 1638: if (digest_len == base32_len && hash_len == base32_len)
! 1639: {
! 1640: if (memcmp(workspace2, digest, digest_len) <= 0)
! 1641: {
! 1642: /* Normal case, hash falls between NSEC3 name-hash and next domain name-hash,
! 1643: wrap around case, name-hash falls between NSEC3 name-hash and end */
! 1644: if (memcmp(p, digest, digest_len) > 0 || memcmp(workspace2, p, digest_len) > 0)
! 1645: return STAT_SECURE;
! 1646: }
! 1647: else
! 1648: {
! 1649: /* wrap around case, name falls between start and next domain name */
! 1650: if (memcmp(workspace2, p, digest_len) > 0 && memcmp(p, digest, digest_len) > 0)
! 1651: return STAT_SECURE;
! 1652: }
! 1653: }
! 1654: }
! 1655:
! 1656: return STAT_BOGUS;
! 1657: }
! 1658:
! 1659: /* Validate all the RRsets in the answer and authority sections of the reply (4035:3.2.3) */
! 1660: /* Returns are the same as validate_rrset, plus the class if the missing key is in *class */
! 1661: int dnssec_validate_reply(time_t now, struct dns_header *header, size_t plen, char *name, char *keyname, int *class, int *neganswer)
! 1662: {
! 1663: unsigned char *ans_start, *qname, *p1, *p2, **nsecs;
! 1664: int type1, class1, rdlen1, type2, class2, rdlen2, qclass, qtype;
! 1665: int i, j, rc, nsec_count, cname_count = CNAME_CHAIN;
! 1666: int nsec_type = 0, have_answer = 0;
! 1667:
! 1668: if (neganswer)
! 1669: *neganswer = 0;
! 1670:
! 1671: if (RCODE(header) == SERVFAIL || ntohs(header->qdcount) != 1)
! 1672: return STAT_BOGUS;
! 1673:
! 1674: if (RCODE(header) != NXDOMAIN && RCODE(header) != NOERROR)
! 1675: return STAT_INSECURE;
! 1676:
! 1677: qname = p1 = (unsigned char *)(header+1);
! 1678:
! 1679: if (!extract_name(header, plen, &p1, name, 1, 4))
! 1680: return STAT_BOGUS;
! 1681:
! 1682: GETSHORT(qtype, p1);
! 1683: GETSHORT(qclass, p1);
! 1684: ans_start = p1;
! 1685:
! 1686: if (qtype == T_ANY)
! 1687: have_answer = 1;
! 1688:
! 1689: /* Can't validate an RRISG query */
! 1690: if (qtype == T_RRSIG)
! 1691: return STAT_INSECURE;
! 1692:
! 1693: cname_loop:
! 1694: for (j = ntohs(header->ancount); j != 0; j--)
! 1695: {
! 1696: /* leave pointer to missing name in qname */
! 1697:
! 1698: if (!(rc = extract_name(header, plen, &p1, name, 0, 10)))
! 1699: return STAT_BOGUS; /* bad packet */
! 1700:
! 1701: GETSHORT(type2, p1);
! 1702: GETSHORT(class2, p1);
! 1703: p1 += 4; /* TTL */
! 1704: GETSHORT(rdlen2, p1);
! 1705:
! 1706: if (rc == 1 && qclass == class2)
! 1707: {
! 1708: /* Do we have an answer for the question? */
! 1709: if (type2 == qtype)
! 1710: {
! 1711: have_answer = 1;
! 1712: break;
! 1713: }
! 1714: else if (type2 == T_CNAME)
! 1715: {
! 1716: qname = p1;
! 1717:
! 1718: /* looped CNAMES */
! 1719: if (!cname_count-- || !extract_name(header, plen, &p1, name, 1, 0))
! 1720: return STAT_BOGUS;
! 1721:
! 1722: p1 = ans_start;
! 1723: goto cname_loop;
! 1724: }
! 1725: }
! 1726:
! 1727: if (!ADD_RDLEN(header, p1, plen, rdlen2))
! 1728: return STAT_BOGUS;
! 1729: }
! 1730:
! 1731: if (neganswer && !have_answer)
! 1732: *neganswer = 1;
! 1733:
! 1734: /* No data, therefore no sigs */
! 1735: if (ntohs(header->ancount) + ntohs(header->nscount) == 0)
! 1736: return STAT_NO_SIG;
! 1737:
! 1738: for (p1 = ans_start, i = 0; i < ntohs(header->ancount) + ntohs(header->nscount); i++)
! 1739: {
! 1740: if (!extract_name(header, plen, &p1, name, 1, 10))
! 1741: return STAT_BOGUS; /* bad packet */
! 1742:
! 1743: GETSHORT(type1, p1);
! 1744: GETSHORT(class1, p1);
! 1745: p1 += 4; /* TTL */
! 1746: GETSHORT(rdlen1, p1);
! 1747:
! 1748: /* Don't try and validate RRSIGs! */
! 1749: if (type1 != T_RRSIG)
! 1750: {
! 1751: /* Check if we've done this RRset already */
! 1752: for (p2 = ans_start, j = 0; j < i; j++)
! 1753: {
! 1754: if (!(rc = extract_name(header, plen, &p2, name, 0, 10)))
! 1755: return STAT_BOGUS; /* bad packet */
! 1756:
! 1757: GETSHORT(type2, p2);
! 1758: GETSHORT(class2, p2);
! 1759: p2 += 4; /* TTL */
! 1760: GETSHORT(rdlen2, p2);
! 1761:
! 1762: if (type2 == type1 && class2 == class1 && rc == 1)
! 1763: break; /* Done it before: name, type, class all match. */
! 1764:
! 1765: if (!ADD_RDLEN(header, p2, plen, rdlen2))
! 1766: return STAT_BOGUS;
! 1767: }
! 1768:
! 1769: /* Not done, validate now */
! 1770: if (j == i)
! 1771: {
! 1772: int ttl, keytag, algo, digest, type_covered;
! 1773: unsigned char *psave;
! 1774: struct all_addr a;
! 1775: struct blockdata *key;
! 1776: struct crec *crecp;
! 1777:
! 1778: rc = validate_rrset(now, header, plen, class1, type1, name, keyname, NULL, 0, 0, 0);
! 1779:
! 1780: if (rc == STAT_SECURE_WILDCARD)
! 1781: {
! 1782: /* An attacker replay a wildcard answer with a different
! 1783: answer and overlay a genuine RR. To prove this
! 1784: hasn't happened, the answer must prove that
! 1785: the gennuine record doesn't exist. Check that here. */
! 1786: if (!nsec_type && !(nsec_type = find_nsec_records(header, plen, &nsecs, &nsec_count, class1)))
! 1787: return STAT_BOGUS; /* No NSECs or bad packet */
! 1788:
! 1789: if (nsec_type == T_NSEC)
! 1790: rc = prove_non_existence_nsec(header, plen, nsecs, nsec_count, daemon->workspacename, keyname, name, type1);
! 1791: else
! 1792: rc = prove_non_existence_nsec3(header, plen, nsecs, nsec_count, daemon->workspacename, keyname, name, type1);
! 1793:
! 1794: if (rc != STAT_SECURE)
! 1795: return rc;
! 1796: }
! 1797: else if (rc != STAT_SECURE)
! 1798: {
! 1799: if (class)
! 1800: *class = class1; /* Class for DS or DNSKEY */
! 1801: return rc;
! 1802: }
! 1803:
! 1804: /* Cache RRsigs in answer section, and if we just validated a DS RRset, cache it */
! 1805: cache_start_insert();
! 1806:
! 1807: for (p2 = ans_start, j = 0; j < ntohs(header->ancount); j++)
! 1808: {
! 1809: if (!(rc = extract_name(header, plen, &p2, name, 0, 10)))
! 1810: return STAT_BOGUS; /* bad packet */
! 1811:
! 1812: GETSHORT(type2, p2);
! 1813: GETSHORT(class2, p2);
! 1814: GETLONG(ttl, p2);
! 1815: GETSHORT(rdlen2, p2);
! 1816:
! 1817: if (!CHECK_LEN(header, p2, plen, rdlen2))
! 1818: return STAT_BOGUS; /* bad packet */
! 1819:
! 1820: if (class2 == class1 && rc == 1)
! 1821: {
! 1822: psave = p2;
! 1823:
! 1824: if (type1 == T_DS && type2 == T_DS)
! 1825: {
! 1826: if (rdlen2 < 4)
! 1827: return STAT_BOGUS; /* bad packet */
! 1828:
! 1829: GETSHORT(keytag, p2);
! 1830: algo = *p2++;
! 1831: digest = *p2++;
! 1832:
! 1833: /* Cache needs to known class for DNSSEC stuff */
! 1834: a.addr.dnssec.class = class2;
! 1835:
! 1836: if ((key = blockdata_alloc((char*)p2, rdlen2 - 4)))
! 1837: {
! 1838: if (!(crecp = cache_insert(name, &a, now, ttl, F_FORWARD | F_DS | F_DNSSECOK)))
! 1839: blockdata_free(key);
! 1840: else
! 1841: {
! 1842: a.addr.keytag = keytag;
! 1843: log_query(F_KEYTAG | F_UPSTREAM, name, &a, "DS keytag %u");
! 1844: crecp->addr.ds.digest = digest;
! 1845: crecp->addr.ds.keydata = key;
! 1846: crecp->addr.ds.algo = algo;
! 1847: crecp->addr.ds.keytag = keytag;
! 1848: crecp->addr.ds.keylen = rdlen2 - 4;
! 1849: }
! 1850: }
! 1851: }
! 1852: else if (type2 == T_RRSIG)
! 1853: {
! 1854: if (rdlen2 < 18)
! 1855: return STAT_BOGUS; /* bad packet */
! 1856:
! 1857: GETSHORT(type_covered, p2);
! 1858:
! 1859: if (type_covered == type1 &&
! 1860: (type_covered == T_A || type_covered == T_AAAA ||
! 1861: type_covered == T_CNAME || type_covered == T_DS ||
! 1862: type_covered == T_DNSKEY || type_covered == T_PTR))
! 1863: {
! 1864: a.addr.dnssec.type = type_covered;
! 1865: a.addr.dnssec.class = class1;
! 1866:
! 1867: algo = *p2++;
! 1868: p2 += 13; /* labels, orig_ttl, expiration, inception */
! 1869: GETSHORT(keytag, p2);
! 1870:
! 1871: if ((key = blockdata_alloc((char*)psave, rdlen2)))
! 1872: {
! 1873: if (!(crecp = cache_insert(name, &a, now, ttl, F_FORWARD | F_DNSKEY | F_DS)))
! 1874: blockdata_free(key);
! 1875: else
! 1876: {
! 1877: crecp->addr.sig.keydata = key;
! 1878: crecp->addr.sig.keylen = rdlen2;
! 1879: crecp->addr.sig.keytag = keytag;
! 1880: crecp->addr.sig.type_covered = type_covered;
! 1881: crecp->addr.sig.algo = algo;
! 1882: }
! 1883: }
! 1884: }
! 1885: }
! 1886:
! 1887: p2 = psave;
! 1888: }
! 1889:
! 1890: if (!ADD_RDLEN(header, p2, plen, rdlen2))
! 1891: return STAT_BOGUS; /* bad packet */
! 1892: }
! 1893:
! 1894: cache_end_insert();
! 1895: }
! 1896: }
! 1897:
! 1898: if (!ADD_RDLEN(header, p1, plen, rdlen1))
! 1899: return STAT_BOGUS;
! 1900: }
! 1901:
! 1902: /* OK, all the RRsets validate, now see if we have a NODATA or NXDOMAIN reply */
! 1903: if (have_answer)
! 1904: return STAT_SECURE;
! 1905:
! 1906: /* NXDOMAIN or NODATA reply, prove that (name, class1, type1) can't exist */
! 1907: /* First marshall the NSEC records, if we've not done it previously */
! 1908: if (!nsec_type && !(nsec_type = find_nsec_records(header, plen, &nsecs, &nsec_count, qclass)))
! 1909: return STAT_BOGUS; /* No NSECs */
! 1910:
! 1911: /* Get name of missing answer */
! 1912: if (!extract_name(header, plen, &qname, name, 1, 0))
! 1913: return STAT_BOGUS;
! 1914:
! 1915: if (nsec_type == T_NSEC)
! 1916: return prove_non_existence_nsec(header, plen, nsecs, nsec_count, daemon->workspacename, keyname, name, qtype);
! 1917: else
! 1918: return prove_non_existence_nsec3(header, plen, nsecs, nsec_count, daemon->workspacename, keyname, name, qtype);
! 1919: }
! 1920:
! 1921: /* Chase the CNAME chain in the packet until the first record which _doesn't validate.
! 1922: Needed for proving answer in unsigned space.
! 1923: Return STAT_NEED_*
! 1924: STAT_BOGUS - error
! 1925: STAT_INSECURE - name of first non-secure record in name
! 1926: */
! 1927: int dnssec_chase_cname(time_t now, struct dns_header *header, size_t plen, char *name, char *keyname)
! 1928: {
! 1929: unsigned char *p = (unsigned char *)(header+1);
! 1930: int type, class, qclass, rdlen, j, rc;
! 1931: int cname_count = CNAME_CHAIN;
! 1932:
! 1933: /* Get question */
! 1934: if (!extract_name(header, plen, &p, name, 1, 4))
! 1935: return STAT_BOGUS;
! 1936:
! 1937: p +=2; /* type */
! 1938: GETSHORT(qclass, p);
! 1939:
! 1940: while (1)
! 1941: {
! 1942: for (j = ntohs(header->ancount); j != 0; j--)
! 1943: {
! 1944: if (!(rc = extract_name(header, plen, &p, name, 0, 10)))
! 1945: return STAT_BOGUS; /* bad packet */
! 1946:
! 1947: GETSHORT(type, p);
! 1948: GETSHORT(class, p);
! 1949: p += 4; /* TTL */
! 1950: GETSHORT(rdlen, p);
! 1951:
! 1952: /* Not target, loop */
! 1953: if (rc == 2 || qclass != class)
! 1954: {
! 1955: if (!ADD_RDLEN(header, p, plen, rdlen))
! 1956: return STAT_BOGUS;
! 1957: continue;
! 1958: }
! 1959:
! 1960: /* Got to end of CNAME chain. */
! 1961: if (type != T_CNAME)
! 1962: return STAT_INSECURE;
! 1963:
! 1964: /* validate CNAME chain, return if insecure or need more data */
! 1965: rc = validate_rrset(now, header, plen, class, type, name, keyname, NULL, 0, 0, 0);
! 1966: if (rc != STAT_SECURE)
! 1967: {
! 1968: if (rc == STAT_NO_SIG)
! 1969: rc = STAT_INSECURE;
! 1970: return rc;
! 1971: }
! 1972:
! 1973: /* Loop down CNAME chain/ */
! 1974: if (!cname_count-- ||
! 1975: !extract_name(header, plen, &p, name, 1, 0) ||
! 1976: !(p = skip_questions(header, plen)))
! 1977: return STAT_BOGUS;
! 1978:
! 1979: break;
! 1980: }
! 1981:
! 1982: /* End of CNAME chain */
! 1983: return STAT_INSECURE;
! 1984: }
! 1985: }
! 1986:
! 1987:
! 1988: /* Compute keytag (checksum to quickly index a key). See RFC4034 */
! 1989: int dnskey_keytag(int alg, int flags, unsigned char *key, int keylen)
! 1990: {
! 1991: if (alg == 1)
! 1992: {
! 1993: /* Algorithm 1 (RSAMD5) has a different (older) keytag calculation algorithm.
! 1994: See RFC4034, Appendix B.1 */
! 1995: return key[keylen-4] * 256 + key[keylen-3];
! 1996: }
! 1997: else
! 1998: {
! 1999: unsigned long ac = flags + 0x300 + alg;
! 2000: int i;
! 2001:
! 2002: for (i = 0; i < keylen; ++i)
! 2003: ac += (i & 1) ? key[i] : key[i] << 8;
! 2004:
! 2005: ac += (ac >> 16) & 0xffff;
! 2006: return ac & 0xffff;
! 2007: }
! 2008: }
! 2009:
! 2010: size_t dnssec_generate_query(struct dns_header *header, char *end, char *name, int class, int type, union mysockaddr *addr)
! 2011: {
! 2012: unsigned char *p;
! 2013: char *types = querystr("dnssec-query", type);
! 2014:
! 2015: if (addr->sa.sa_family == AF_INET)
! 2016: log_query(F_DNSSEC | F_IPV4, name, (struct all_addr *)&addr->in.sin_addr, types);
! 2017: #ifdef HAVE_IPV6
! 2018: else
! 2019: log_query(F_DNSSEC | F_IPV6, name, (struct all_addr *)&addr->in6.sin6_addr, types);
! 2020: #endif
! 2021:
! 2022: header->qdcount = htons(1);
! 2023: header->ancount = htons(0);
! 2024: header->nscount = htons(0);
! 2025: header->arcount = htons(0);
! 2026:
! 2027: header->hb3 = HB3_RD;
! 2028: SET_OPCODE(header, QUERY);
! 2029: /* For debugging, set Checking Disabled, otherwise, have the upstream check too,
! 2030: this allows it to select auth servers when one is returning bad data. */
! 2031: header->hb4 = option_bool(OPT_DNSSEC_DEBUG) ? HB4_CD : 0;
! 2032:
! 2033: /* ID filled in later */
! 2034:
! 2035: p = (unsigned char *)(header+1);
! 2036:
! 2037: p = do_rfc1035_name(p, name);
! 2038: *p++ = 0;
! 2039: PUTSHORT(type, p);
! 2040: PUTSHORT(class, p);
! 2041:
! 2042: return add_do_bit(header, p - (unsigned char *)header, end);
! 2043: }
! 2044:
! 2045: /* Go through a domain name, find "pointers" and fix them up based on how many bytes
! 2046: we've chopped out of the packet, or check they don't point into an elided part. */
! 2047: static int check_name(unsigned char **namep, struct dns_header *header, size_t plen, int fixup, unsigned char **rrs, int rr_count)
! 2048: {
! 2049: unsigned char *ansp = *namep;
! 2050:
! 2051: while(1)
! 2052: {
! 2053: unsigned int label_type;
! 2054:
! 2055: if (!CHECK_LEN(header, ansp, plen, 1))
! 2056: return 0;
! 2057:
! 2058: label_type = (*ansp) & 0xc0;
! 2059:
! 2060: if (label_type == 0xc0)
! 2061: {
! 2062: /* pointer for compression. */
! 2063: unsigned int offset;
! 2064: int i;
! 2065: unsigned char *p;
! 2066:
! 2067: if (!CHECK_LEN(header, ansp, plen, 2))
! 2068: return 0;
! 2069:
! 2070: offset = ((*ansp++) & 0x3f) << 8;
! 2071: offset |= *ansp++;
! 2072:
! 2073: p = offset + (unsigned char *)header;
! 2074:
! 2075: for (i = 0; i < rr_count; i++)
! 2076: if (p < rrs[i])
! 2077: break;
! 2078: else
! 2079: if (i & 1)
! 2080: offset -= rrs[i] - rrs[i-1];
! 2081:
! 2082: /* does the pointer end up in an elided RR? */
! 2083: if (i & 1)
! 2084: return 0;
! 2085:
! 2086: /* No, scale the pointer */
! 2087: if (fixup)
! 2088: {
! 2089: ansp -= 2;
! 2090: *ansp++ = (offset >> 8) | 0xc0;
! 2091: *ansp++ = offset & 0xff;
! 2092: }
! 2093: break;
! 2094: }
! 2095: else if (label_type == 0x80)
! 2096: return 0; /* reserved */
! 2097: else if (label_type == 0x40)
! 2098: {
! 2099: /* Extended label type */
! 2100: unsigned int count;
! 2101:
! 2102: if (!CHECK_LEN(header, ansp, plen, 2))
! 2103: return 0;
! 2104:
! 2105: if (((*ansp++) & 0x3f) != 1)
! 2106: return 0; /* we only understand bitstrings */
! 2107:
! 2108: count = *(ansp++); /* Bits in bitstring */
! 2109:
! 2110: if (count == 0) /* count == 0 means 256 bits */
! 2111: ansp += 32;
! 2112: else
! 2113: ansp += ((count-1)>>3)+1;
! 2114: }
! 2115: else
! 2116: { /* label type == 0 Bottom six bits is length */
! 2117: unsigned int len = (*ansp++) & 0x3f;
! 2118:
! 2119: if (!ADD_RDLEN(header, ansp, plen, len))
! 2120: return 0;
! 2121:
! 2122: if (len == 0)
! 2123: break; /* zero length label marks the end. */
! 2124: }
! 2125: }
! 2126:
! 2127: *namep = ansp;
! 2128:
! 2129: return 1;
! 2130: }
! 2131:
! 2132: /* Go through RRs and check or fixup the domain names contained within */
! 2133: static int check_rrs(unsigned char *p, struct dns_header *header, size_t plen, int fixup, unsigned char **rrs, int rr_count)
! 2134: {
! 2135: int i, type, class, rdlen;
! 2136: unsigned char *pp;
! 2137:
! 2138: for (i = 0; i < ntohs(header->ancount) + ntohs(header->nscount) + ntohs(header->arcount); i++)
! 2139: {
! 2140: pp = p;
! 2141:
! 2142: if (!(p = skip_name(p, header, plen, 10)))
! 2143: return 0;
! 2144:
! 2145: GETSHORT(type, p);
! 2146: GETSHORT(class, p);
! 2147: p += 4; /* TTL */
! 2148: GETSHORT(rdlen, p);
! 2149:
! 2150: if (type != T_NSEC && type != T_NSEC3 && type != T_RRSIG)
! 2151: {
! 2152: /* fixup name of RR */
! 2153: if (!check_name(&pp, header, plen, fixup, rrs, rr_count))
! 2154: return 0;
! 2155:
! 2156: if (class == C_IN)
! 2157: {
! 2158: u16 *d;
! 2159:
! 2160: for (pp = p, d = get_desc(type); *d != (u16)-1; d++)
! 2161: {
! 2162: if (*d != 0)
! 2163: pp += *d;
! 2164: else if (!check_name(&pp, header, plen, fixup, rrs, rr_count))
! 2165: return 0;
! 2166: }
! 2167: }
! 2168: }
! 2169:
! 2170: if (!ADD_RDLEN(header, p, plen, rdlen))
! 2171: return 0;
! 2172: }
! 2173:
! 2174: return 1;
! 2175: }
! 2176:
! 2177:
! 2178: size_t filter_rrsigs(struct dns_header *header, size_t plen)
! 2179: {
! 2180: static unsigned char **rrs;
! 2181: static int rr_sz = 0;
! 2182:
! 2183: unsigned char *p = (unsigned char *)(header+1);
! 2184: int i, rdlen, qtype, qclass, rr_found, chop_an, chop_ns, chop_ar;
! 2185:
! 2186: if (ntohs(header->qdcount) != 1 ||
! 2187: !(p = skip_name(p, header, plen, 4)))
! 2188: return plen;
! 2189:
! 2190: GETSHORT(qtype, p);
! 2191: GETSHORT(qclass, p);
! 2192:
! 2193: /* First pass, find pointers to start and end of all the records we wish to elide:
! 2194: records added for DNSSEC, unless explicity queried for */
! 2195: for (rr_found = 0, chop_ns = 0, chop_an = 0, chop_ar = 0, i = 0;
! 2196: i < ntohs(header->ancount) + ntohs(header->nscount) + ntohs(header->arcount);
! 2197: i++)
! 2198: {
! 2199: unsigned char *pstart = p;
! 2200: int type, class;
! 2201:
! 2202: if (!(p = skip_name(p, header, plen, 10)))
! 2203: return plen;
! 2204:
! 2205: GETSHORT(type, p);
! 2206: GETSHORT(class, p);
! 2207: p += 4; /* TTL */
! 2208: GETSHORT(rdlen, p);
! 2209:
! 2210: if ((type == T_NSEC || type == T_NSEC3 || type == T_RRSIG) &&
! 2211: (type != qtype || class != qclass))
! 2212: {
! 2213: if (!expand_workspace(&rrs, &rr_sz, rr_found + 1))
! 2214: return plen;
! 2215:
! 2216: rrs[rr_found++] = pstart;
! 2217:
! 2218: if (!ADD_RDLEN(header, p, plen, rdlen))
! 2219: return plen;
! 2220:
! 2221: rrs[rr_found++] = p;
! 2222:
! 2223: if (i < ntohs(header->ancount))
! 2224: chop_an++;
! 2225: else if (i < (ntohs(header->nscount) + ntohs(header->ancount)))
! 2226: chop_ns++;
! 2227: else
! 2228: chop_ar++;
! 2229: }
! 2230: else if (!ADD_RDLEN(header, p, plen, rdlen))
! 2231: return plen;
! 2232: }
! 2233:
! 2234: /* Nothing to do. */
! 2235: if (rr_found == 0)
! 2236: return plen;
! 2237:
! 2238: /* Second pass, look for pointers in names in the records we're keeping and make sure they don't
! 2239: point to records we're going to elide. This is theoretically possible, but unlikely. If
! 2240: it happens, we give up and leave the answer unchanged. */
! 2241: p = (unsigned char *)(header+1);
! 2242:
! 2243: /* question first */
! 2244: if (!check_name(&p, header, plen, 0, rrs, rr_found))
! 2245: return plen;
! 2246: p += 4; /* qclass, qtype */
! 2247:
! 2248: /* Now answers and NS */
! 2249: if (!check_rrs(p, header, plen, 0, rrs, rr_found))
! 2250: return plen;
! 2251:
! 2252: /* Third pass, elide records */
! 2253: for (p = rrs[0], i = 1; i < rr_found; i += 2)
! 2254: {
! 2255: unsigned char *start = rrs[i];
! 2256: unsigned char *end = (i != rr_found - 1) ? rrs[i+1] : ((unsigned char *)(header+1)) + plen;
! 2257:
! 2258: memmove(p, start, end-start);
! 2259: p += end-start;
! 2260: }
! 2261:
! 2262: plen = p - (unsigned char *)header;
! 2263: header->ancount = htons(ntohs(header->ancount) - chop_an);
! 2264: header->nscount = htons(ntohs(header->nscount) - chop_ns);
! 2265: header->arcount = htons(ntohs(header->arcount) - chop_ar);
! 2266:
! 2267: /* Fourth pass, fix up pointers in the remaining records */
! 2268: p = (unsigned char *)(header+1);
! 2269:
! 2270: check_name(&p, header, plen, 1, rrs, rr_found);
! 2271: p += 4; /* qclass, qtype */
! 2272:
! 2273: check_rrs(p, header, plen, 1, rrs, rr_found);
! 2274:
! 2275: return plen;
! 2276: }
! 2277:
! 2278: unsigned char* hash_questions(struct dns_header *header, size_t plen, char *name)
! 2279: {
! 2280: int q;
! 2281: unsigned int len;
! 2282: unsigned char *p = (unsigned char *)(header+1);
! 2283: const struct nettle_hash *hash;
! 2284: void *ctx;
! 2285: unsigned char *digest;
! 2286:
! 2287: if (!(hash = hash_find("sha1")) || !hash_init(hash, &ctx, &digest))
! 2288: return NULL;
! 2289:
! 2290: for (q = ntohs(header->qdcount); q != 0; q--)
! 2291: {
! 2292: if (!extract_name(header, plen, &p, name, 1, 4))
! 2293: break; /* bad packet */
! 2294:
! 2295: len = to_wire(name);
! 2296: hash->update(ctx, len, (unsigned char *)name);
! 2297: /* CRC the class and type as well */
! 2298: hash->update(ctx, 4, p);
! 2299:
! 2300: p += 4;
! 2301: if (!CHECK_LEN(header, p, plen, 0))
! 2302: break; /* bad packet */
! 2303: }
! 2304:
! 2305: hash->digest(ctx, hash->digest_size, digest);
! 2306: return digest;
! 2307: }
! 2308:
! 2309: #endif /* HAVE_DNSSEC */
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to dnssec.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / dnsmasq / src