1: /* dnssec.c is Copyright (c) 2012 Giovanni Bajo <rasky@develer.com>
2: and Copyright (c) 2012-2020 Simon Kelley
3:
4: This program is free software; you can redistribute it and/or modify
5: it under the terms of the GNU General Public License as published by
6: the Free Software Foundation; version 2 dated June, 1991, or
7: (at your option) version 3 dated 29 June, 2007.
8:
9: This program is distributed in the hope that it will be useful,
10: but WITHOUT ANY WARRANTY; without even the implied warranty of
11: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12: GNU General Public License for more details.
13:
14: You should have received a copy of the GNU General Public License
15: along with this program. If not, see <http://www.gnu.org/licenses/>.
16: */
17:
18: #include "dnsmasq.h"
19:
20: #ifdef HAVE_DNSSEC
21:
22: #define SERIAL_UNDEF -100
23: #define SERIAL_EQ 0
24: #define SERIAL_LT -1
25: #define SERIAL_GT 1
26:
27: /* Convert from presentation format to wire format, in place.
28: Also map UC -> LC.
29: Note that using extract_name to get presentation format
30: then calling to_wire() removes compression and maps case,
31: thus generating names in canonical form.
32: Calling to_wire followed by from_wire is almost an identity,
33: except that the UC remains mapped to LC.
34:
35: Note that both /000 and '.' are allowed within labels. These get
36: represented in presentation format using NAME_ESCAPE as an escape
37: character. In theory, if all the characters in a name were /000 or
38: '.' or NAME_ESCAPE then all would have to be escaped, so the
39: presentation format would be twice as long as the spec (1024).
40: The buffers are all declared as 2049 (allowing for the trailing zero)
41: for this reason.
42: */
43: static int to_wire(char *name)
44: {
45: unsigned char *l, *p, *q, term;
46: int len;
47:
48: for (l = (unsigned char*)name; *l != 0; l = p)
49: {
50: for (p = l; *p != '.' && *p != 0; p++)
51: if (*p >= 'A' && *p <= 'Z')
52: *p = *p - 'A' + 'a';
53: else if (*p == NAME_ESCAPE)
54: {
55: for (q = p; *q; q++)
56: *q = *(q+1);
57: (*p)--;
58: }
59: term = *p;
60:
61: if ((len = p - l) != 0)
62: memmove(l+1, l, len);
63: *l = len;
64:
65: p++;
66:
67: if (term == 0)
68: *p = 0;
69: }
70:
71: return l + 1 - (unsigned char *)name;
72: }
73:
74: /* Note: no compression allowed in input. */
75: static void from_wire(char *name)
76: {
77: unsigned char *l, *p, *last;
78: int len;
79:
80: for (last = (unsigned char *)name; *last != 0; last += *last+1);
81:
82: for (l = (unsigned char *)name; *l != 0; l += len+1)
83: {
84: len = *l;
85: memmove(l, l+1, len);
86: for (p = l; p < l + len; p++)
87: if (*p == '.' || *p == 0 || *p == NAME_ESCAPE)
88: {
89: memmove(p+1, p, 1 + last - p);
90: len++;
91: *p++ = NAME_ESCAPE;
92: (*p)++;
93: }
94:
95: l[len] = '.';
96: }
97:
98: if ((char *)l != name)
99: *(l-1) = 0;
100: }
101:
102: /* Input in presentation format */
103: static int count_labels(char *name)
104: {
105: int i;
106: char *p;
107:
108: if (*name == 0)
109: return 0;
110:
111: for (p = name, i = 0; *p; p++)
112: if (*p == '.')
113: i++;
114:
115: /* Don't count empty first label. */
116: return *name == '.' ? i : i+1;
117: }
118:
119: /* Implement RFC1982 wrapped compare for 32-bit numbers */
120: static int serial_compare_32(u32 s1, u32 s2)
121: {
122: if (s1 == s2)
123: return SERIAL_EQ;
124:
125: if ((s1 < s2 && (s2 - s1) < (1UL<<31)) ||
126: (s1 > s2 && (s1 - s2) > (1UL<<31)))
127: return SERIAL_LT;
128: if ((s1 < s2 && (s2 - s1) > (1UL<<31)) ||
129: (s1 > s2 && (s1 - s2) < (1UL<<31)))
130: return SERIAL_GT;
131: return SERIAL_UNDEF;
132: }
133:
134: /* Called at startup. If the timestamp file is configured and exists, put its mtime on
135: timestamp_time. If it doesn't exist, create it, and set the mtime to 1-1-2015.
136: return -1 -> Cannot create file.
137: 0 -> not using timestamp, or timestamp exists and is in past.
138: 1 -> timestamp exists and is in future.
139: */
140:
141: static time_t timestamp_time;
142:
143: int setup_timestamp(void)
144: {
145: struct stat statbuf;
146:
147: daemon->back_to_the_future = 0;
148:
149: if (!daemon->timestamp_file)
150: return 0;
151:
152: if (stat(daemon->timestamp_file, &statbuf) != -1)
153: {
154: timestamp_time = statbuf.st_mtime;
155: check_and_exit:
156: if (difftime(timestamp_time, time(0)) <= 0)
157: {
158: /* time already OK, update timestamp, and do key checking from the start. */
159: if (utimes(daemon->timestamp_file, NULL) == -1)
160: my_syslog(LOG_ERR, _("failed to update mtime on %s: %s"), daemon->timestamp_file, strerror(errno));
161: daemon->back_to_the_future = 1;
162: return 0;
163: }
164: return 1;
165: }
166:
167: if (errno == ENOENT)
168: {
169: /* NB. for explanation of O_EXCL flag, see comment on pidfile in dnsmasq.c */
170: int fd = open(daemon->timestamp_file, O_WRONLY | O_CREAT | O_NONBLOCK | O_EXCL, 0666);
171: if (fd != -1)
172: {
173: struct timeval tv[2];
174:
175: close(fd);
176:
177: timestamp_time = 1420070400; /* 1-1-2015 */
178: tv[0].tv_sec = tv[1].tv_sec = timestamp_time;
179: tv[0].tv_usec = tv[1].tv_usec = 0;
180: if (utimes(daemon->timestamp_file, tv) == 0)
181: goto check_and_exit;
182: }
183: }
184:
185: return -1;
186: }
187:
188: /* Check whether today/now is between date_start and date_end */
189: static int is_check_date(unsigned long curtime)
190: {
191: /* Checking timestamps may be temporarily disabled */
192:
193: /* If the current time if _before_ the timestamp
194: on our persistent timestamp file, then assume the
195: time if not yet correct, and don't check the
196: key timestamps. As soon as the current time is
197: later then the timestamp, update the timestamp
198: and start checking keys */
199: if (daemon->timestamp_file)
200: {
201: if (daemon->back_to_the_future == 0 && difftime(timestamp_time, curtime) <= 0)
202: {
203: if (utimes(daemon->timestamp_file, NULL) != 0)
204: my_syslog(LOG_ERR, _("failed to update mtime on %s: %s"), daemon->timestamp_file, strerror(errno));
205:
206: my_syslog(LOG_INFO, _("system time considered valid, now checking DNSSEC signature timestamps."));
207: daemon->back_to_the_future = 1;
208: daemon->dnssec_no_time_check = 0;
209: queue_event(EVENT_RELOAD); /* purge cache */
210: }
211:
212: return daemon->back_to_the_future;
213: }
214: else
215: return !daemon->dnssec_no_time_check;
216: }
217:
218: /* Check whether today/now is between date_start and date_end */
219: static int check_date_range(unsigned long curtime, u32 date_start, u32 date_end)
220: {
221: /* We must explicitly check against wanted values, because of SERIAL_UNDEF */
222: return serial_compare_32(curtime, date_start) == SERIAL_GT
223: && serial_compare_32(curtime, date_end) == SERIAL_LT;
224: }
225:
226: /* Return bytes of canonicalised rrdata one by one.
227: Init state->ip with the RR, and state->end with the end of same.
228: Init state->op to NULL.
229: Init state->desc to RR descriptor.
230: Init state->buff with a MAXDNAME * 2 buffer.
231:
232: After each call which returns 1, state->op points to the next byte of data.
233: On returning 0, the end has been reached.
234: */
235: struct rdata_state {
236: u16 *desc;
237: size_t c;
238: unsigned char *end, *ip, *op;
239: char *buff;
240: };
241:
242: static int get_rdata(struct dns_header *header, size_t plen, struct rdata_state *state)
243: {
244: int d;
245:
246: if (state->op && state->c != 1)
247: {
248: state->op++;
249: state->c--;
250: return 1;
251: }
252:
253: while (1)
254: {
255: d = *(state->desc);
256:
257: if (d == (u16)-1)
258: {
259: /* all the bytes to the end. */
260: if ((state->c = state->end - state->ip) != 0)
261: {
262: state->op = state->ip;
263: state->ip = state->end;;
264: }
265: else
266: return 0;
267: }
268: else
269: {
270: state->desc++;
271:
272: if (d == (u16)0)
273: {
274: /* domain-name, canonicalise */
275: int len;
276:
277: if (!extract_name(header, plen, &state->ip, state->buff, 1, 0) ||
278: (len = to_wire(state->buff)) == 0)
279: continue;
280:
281: state->c = len;
282: state->op = (unsigned char *)state->buff;
283: }
284: else
285: {
286: /* plain data preceding a domain-name, don't run off the end of the data */
287: if ((state->end - state->ip) < d)
288: d = state->end - state->ip;
289:
290: if (d == 0)
291: continue;
292:
293: state->op = state->ip;
294: state->c = d;
295: state->ip += d;
296: }
297: }
298:
299: return 1;
300: }
301: }
302:
303: /* Bubble sort the RRset into the canonical order. */
304:
305: static int sort_rrset(struct dns_header *header, size_t plen, u16 *rr_desc, int rrsetidx,
306: unsigned char **rrset, char *buff1, char *buff2)
307: {
308: int swap, i, j;
309:
310: do
311: {
312: for (swap = 0, i = 0; i < rrsetidx-1; i++)
313: {
314: int rdlen1, rdlen2;
315: struct rdata_state state1, state2;
316:
317: /* Note that these have been determined to be OK previously,
318: so we don't need to check for NULL return here. */
319: state1.ip = skip_name(rrset[i], header, plen, 10);
320: state2.ip = skip_name(rrset[i+1], header, plen, 10);
321: state1.op = state2.op = NULL;
322: state1.buff = buff1;
323: state2.buff = buff2;
324: state1.desc = state2.desc = rr_desc;
325:
326: state1.ip += 8; /* skip class, type, ttl */
327: GETSHORT(rdlen1, state1.ip);
328: if (!CHECK_LEN(header, state1.ip, plen, rdlen1))
329: return rrsetidx; /* short packet */
330: state1.end = state1.ip + rdlen1;
331:
332: state2.ip += 8; /* skip class, type, ttl */
333: GETSHORT(rdlen2, state2.ip);
334: if (!CHECK_LEN(header, state2.ip, plen, rdlen2))
335: return rrsetidx; /* short packet */
336: state2.end = state2.ip + rdlen2;
337:
338: /* If the RR has no names in it then canonicalisation
339: is the identity function and we can compare
340: the RRs directly. If not we compare the
341: canonicalised RRs one byte at a time. */
342: if (*rr_desc == (u16)-1)
343: {
344: int rdmin = rdlen1 > rdlen2 ? rdlen2 : rdlen1;
345: int cmp = memcmp(state1.ip, state2.ip, rdmin);
346:
347: if (cmp > 0 || (cmp == 0 && rdlen1 > rdmin))
348: {
349: unsigned char *tmp = rrset[i+1];
350: rrset[i+1] = rrset[i];
351: rrset[i] = tmp;
352: swap = 1;
353: }
354: else if (cmp == 0 && (rdlen1 == rdlen2))
355: {
356: /* Two RRs are equal, remove one copy. RFC 4034, para 6.3 */
357: for (j = i+1; j < rrsetidx-1; j++)
358: rrset[j] = rrset[j+1];
359: rrsetidx--;
360: i--;
361: }
362: }
363: else
364: /* Comparing canonicalised RRs, byte-at-a-time. */
365: while (1)
366: {
367: int ok1, ok2;
368:
369: ok1 = get_rdata(header, plen, &state1);
370: ok2 = get_rdata(header, plen, &state2);
371:
372: if (!ok1 && !ok2)
373: {
374: /* Two RRs are equal, remove one copy. RFC 4034, para 6.3 */
375: for (j = i+1; j < rrsetidx-1; j++)
376: rrset[j] = rrset[j+1];
377: rrsetidx--;
378: i--;
379: break;
380: }
381: else if (ok1 && (!ok2 || *state1.op > *state2.op))
382: {
383: unsigned char *tmp = rrset[i+1];
384: rrset[i+1] = rrset[i];
385: rrset[i] = tmp;
386: swap = 1;
387: break;
388: }
389: else if (ok2 && (!ok1 || *state2.op > *state1.op))
390: break;
391:
392: /* arrive here when bytes are equal, go round the loop again
393: and compare the next ones. */
394: }
395: }
396: } while (swap);
397:
398: return rrsetidx;
399: }
400:
401: static unsigned char **rrset = NULL, **sigs = NULL;
402:
403: /* Get pointers to RRset members and signature(s) for same.
404: Check signatures, and return keyname associated in keyname. */
405: static int explore_rrset(struct dns_header *header, size_t plen, int class, int type,
406: char *name, char *keyname, int *sigcnt, int *rrcnt)
407: {
408: static int rrset_sz = 0, sig_sz = 0;
409: unsigned char *p;
410: int rrsetidx, sigidx, j, rdlen, res;
411: int gotkey = 0;
412:
413: if (!(p = skip_questions(header, plen)))
414: return 0;
415:
416: /* look for RRSIGs for this RRset and get pointers to each RR in the set. */
417: for (rrsetidx = 0, sigidx = 0, j = ntohs(header->ancount) + ntohs(header->nscount);
418: j != 0; j--)
419: {
420: unsigned char *pstart, *pdata;
421: int stype, sclass, type_covered;
422:
423: pstart = p;
424:
425: if (!(res = extract_name(header, plen, &p, name, 0, 10)))
426: return 0; /* bad packet */
427:
428: GETSHORT(stype, p);
429: GETSHORT(sclass, p);
430:
431: pdata = p;
432:
433: p += 4; /* TTL */
434: GETSHORT(rdlen, p);
435:
436: if (!CHECK_LEN(header, p, plen, rdlen))
437: return 0;
438:
439: if (res == 1 && sclass == class)
440: {
441: if (stype == type)
442: {
443: if (!expand_workspace(&rrset, &rrset_sz, rrsetidx))
444: return 0;
445:
446: rrset[rrsetidx++] = pstart;
447: }
448:
449: if (stype == T_RRSIG)
450: {
451: if (rdlen < 18)
452: return 0; /* bad packet */
453:
454: GETSHORT(type_covered, p);
455: p += 16; /* algo, labels, orig_ttl, sig_expiration, sig_inception, key_tag */
456:
457: if (gotkey)
458: {
459: /* If there's more than one SIG, ensure they all have same keyname */
460: if (extract_name(header, plen, &p, keyname, 0, 0) != 1)
461: return 0;
462: }
463: else
464: {
465: gotkey = 1;
466:
467: if (!extract_name(header, plen, &p, keyname, 1, 0))
468: return 0;
469:
470: /* RFC 4035 5.3.1 says that the Signer's Name field MUST equal
471: the name of the zone containing the RRset. We can't tell that
472: for certain, but we can check that the RRset name is equal to
473: or encloses the signers name, which should be enough to stop
474: an attacker using signatures made with the key of an unrelated
475: zone he controls. Note that the root key is always allowed. */
476: if (*keyname != 0)
477: {
478: char *name_start;
479: for (name_start = name; !hostname_isequal(name_start, keyname); )
480: if ((name_start = strchr(name_start, '.')))
481: name_start++; /* chop a label off and try again */
482: else
483: return 0;
484: }
485: }
486:
487:
488: if (type_covered == type)
489: {
490: if (!expand_workspace(&sigs, &sig_sz, sigidx))
491: return 0;
492:
493: sigs[sigidx++] = pdata;
494: }
495:
496: p = pdata + 6; /* restore for ADD_RDLEN */
497: }
498: }
499:
500: if (!ADD_RDLEN(header, p, plen, rdlen))
501: return 0;
502: }
503:
504: *sigcnt = sigidx;
505: *rrcnt = rrsetidx;
506:
507: return 1;
508: }
509:
510: /* Validate a single RRset (class, type, name) in the supplied DNS reply
511: Return code:
512: STAT_SECURE if it validates.
513: STAT_SECURE_WILDCARD if it validates and is the result of wildcard expansion.
514: (In this case *wildcard_out points to the "body" of the wildcard within name.)
515: STAT_BOGUS signature is wrong, bad packet.
516: STAT_NEED_KEY need DNSKEY to complete validation (name is returned in keyname)
517: STAT_NEED_DS need DS to complete validation (name is returned in keyname)
518:
519: If key is non-NULL, use that key, which has the algo and tag given in the params of those names,
520: otherwise find the key in the cache.
521:
522: Name is unchanged on exit. keyname is used as workspace and trashed.
523:
524: Call explore_rrset first to find and count RRs and sigs.
525:
526: ttl_out is the floor on TTL, based on TTL and orig_ttl and expiration of sig used to validate.
527: */
528: static int validate_rrset(time_t now, struct dns_header *header, size_t plen, int class, int type, int sigidx, int rrsetidx,
529: char *name, char *keyname, char **wildcard_out, struct blockdata *key, int keylen,
530: int algo_in, int keytag_in, unsigned long *ttl_out)
531: {
532: unsigned char *p;
533: int rdlen, j, name_labels, algo, labels, key_tag;
534: struct crec *crecp = NULL;
535: u16 *rr_desc = rrfilter_desc(type);
536: u32 sig_expiration, sig_inception;
537:
538: unsigned long curtime = time(0);
539: int time_check = is_check_date(curtime);
540:
541: if (wildcard_out)
542: *wildcard_out = NULL;
543:
544: name_labels = count_labels(name); /* For 4035 5.3.2 check */
545:
546: /* Sort RRset records into canonical order.
547: Note that at this point keyname and daemon->workspacename buffs are
548: unused, and used as workspace by the sort. */
549: rrsetidx = sort_rrset(header, plen, rr_desc, rrsetidx, rrset, daemon->workspacename, keyname);
550:
551: /* Now try all the sigs to try and find one which validates */
552: for (j = 0; j <sigidx; j++)
553: {
554: unsigned char *psav, *sig, *digest;
555: int i, wire_len, sig_len;
556: const struct nettle_hash *hash;
557: void *ctx;
558: char *name_start;
559: u32 nsigttl, ttl, orig_ttl;
560:
561: p = sigs[j];
562: GETLONG(ttl, p);
563: GETSHORT(rdlen, p); /* rdlen >= 18 checked previously */
564: psav = p;
565:
566: p += 2; /* type_covered - already checked */
567: algo = *p++;
568: labels = *p++;
569: GETLONG(orig_ttl, p);
570: GETLONG(sig_expiration, p);
571: GETLONG(sig_inception, p);
572: GETSHORT(key_tag, p);
573:
574: if (!extract_name(header, plen, &p, keyname, 1, 0))
575: return STAT_BOGUS;
576:
577: if ((time_check && !check_date_range(curtime, sig_inception, sig_expiration)) ||
578: labels > name_labels ||
579: !(hash = hash_find(algo_digest_name(algo))) ||
580: !hash_init(hash, &ctx, &digest))
581: continue;
582:
583: /* OK, we have the signature record, see if the relevant DNSKEY is in the cache. */
584: if (!key && !(crecp = cache_find_by_name(NULL, keyname, now, F_DNSKEY)))
585: return STAT_NEED_KEY;
586:
587: if (ttl_out)
588: {
589: /* 4035 5.3.3 rules on TTLs */
590: if (orig_ttl < ttl)
591: ttl = orig_ttl;
592:
593: if (time_check && difftime(sig_expiration, curtime) < ttl)
594: ttl = difftime(sig_expiration, curtime);
595:
596: *ttl_out = ttl;
597: }
598:
599: sig = p;
600: sig_len = rdlen - (p - psav);
601:
602: nsigttl = htonl(orig_ttl);
603:
604: hash->update(ctx, 18, psav);
605: wire_len = to_wire(keyname);
606: hash->update(ctx, (unsigned int)wire_len, (unsigned char*)keyname);
607: from_wire(keyname);
608:
609: #define RRBUFLEN 128 /* Most RRs are smaller than this. */
610:
611: for (i = 0; i < rrsetidx; ++i)
612: {
613: int j;
614: struct rdata_state state;
615: u16 len;
616: unsigned char rrbuf[RRBUFLEN];
617:
618: p = rrset[i];
619:
620: if (!extract_name(header, plen, &p, name, 1, 10))
621: return STAT_BOGUS;
622:
623: name_start = name;
624:
625: /* if more labels than in RRsig name, hash *.<no labels in rrsig labels field> 4035 5.3.2 */
626: if (labels < name_labels)
627: {
628: for (j = name_labels - labels; j != 0; j--)
629: {
630: while (*name_start != '.' && *name_start != 0)
631: name_start++;
632: if (j != 1 && *name_start == '.')
633: name_start++;
634: }
635:
636: if (wildcard_out)
637: *wildcard_out = name_start+1;
638:
639: name_start--;
640: *name_start = '*';
641: }
642:
643: wire_len = to_wire(name_start);
644: hash->update(ctx, (unsigned int)wire_len, (unsigned char *)name_start);
645: hash->update(ctx, 4, p); /* class and type */
646: hash->update(ctx, 4, (unsigned char *)&nsigttl);
647:
648: p += 8; /* skip type, class, ttl */
649: GETSHORT(rdlen, p);
650: if (!CHECK_LEN(header, p, plen, rdlen))
651: return STAT_BOGUS;
652:
653: /* Optimisation for RR types which need no cannonicalisation.
654: This includes DNSKEY DS NSEC and NSEC3, which are also long, so
655: it saves lots of calls to get_rdata, and avoids the pessimal
656: segmented insertion, even with a small rrbuf[].
657:
658: If canonicalisation is not needed, a simple insertion into the hash works.
659: */
660: if (*rr_desc == (u16)-1)
661: {
662: len = htons(rdlen);
663: hash->update(ctx, 2, (unsigned char *)&len);
664: hash->update(ctx, rdlen, p);
665: }
666: else
667: {
668: /* canonicalise rdata and calculate length of same, use
669: name buffer as workspace for get_rdata. */
670: state.ip = p;
671: state.op = NULL;
672: state.desc = rr_desc;
673: state.buff = name;
674: state.end = p + rdlen;
675:
676: for (j = 0; get_rdata(header, plen, &state); j++)
677: if (j < RRBUFLEN)
678: rrbuf[j] = *state.op;
679:
680: len = htons((u16)j);
681: hash->update(ctx, 2, (unsigned char *)&len);
682:
683: /* If the RR is shorter than RRBUFLEN (most of them, in practice)
684: then we can just digest it now. If it exceeds RRBUFLEN we have to
685: go back to the start and do it in chunks. */
686: if (j >= RRBUFLEN)
687: {
688: state.ip = p;
689: state.op = NULL;
690: state.desc = rr_desc;
691:
692: for (j = 0; get_rdata(header, plen, &state); j++)
693: {
694: rrbuf[j] = *state.op;
695:
696: if (j == RRBUFLEN - 1)
697: {
698: hash->update(ctx, RRBUFLEN, rrbuf);
699: j = -1;
700: }
701: }
702: }
703:
704: if (j != 0)
705: hash->update(ctx, j, rrbuf);
706: }
707: }
708:
709: hash->digest(ctx, hash->digest_size, digest);
710:
711: /* namebuff used for workspace above, restore to leave unchanged on exit */
712: p = (unsigned char*)(rrset[0]);
713: extract_name(header, plen, &p, name, 1, 0);
714:
715: if (key)
716: {
717: if (algo_in == algo && keytag_in == key_tag &&
718: verify(key, keylen, sig, sig_len, digest, hash->digest_size, algo))
719: return STAT_SECURE;
720: }
721: else
722: {
723: /* iterate through all possible keys 4035 5.3.1 */
724: for (; crecp; crecp = cache_find_by_name(crecp, keyname, now, F_DNSKEY))
725: if (crecp->addr.key.algo == algo &&
726: crecp->addr.key.keytag == key_tag &&
727: crecp->uid == (unsigned int)class &&
728: verify(crecp->addr.key.keydata, crecp->addr.key.keylen, sig, sig_len, digest, hash->digest_size, algo))
729: return (labels < name_labels) ? STAT_SECURE_WILDCARD : STAT_SECURE;
730: }
731: }
732:
733: return STAT_BOGUS;
734: }
735:
736:
737: /* The DNS packet is expected to contain the answer to a DNSKEY query.
738: Put all DNSKEYs in the answer which are valid into the cache.
739: return codes:
740: STAT_OK Done, key(s) in cache.
741: STAT_BOGUS No DNSKEYs found, which can be validated with DS,
742: or self-sign for DNSKEY RRset is not valid, bad packet.
743: STAT_NEED_DS DS records to validate a key not found, name in keyname
744: STAT_NEED_KEY DNSKEY records to validate a key not found, name in keyname
745: */
746: int dnssec_validate_by_ds(time_t now, struct dns_header *header, size_t plen, char *name, char *keyname, int class)
747: {
748: unsigned char *psave, *p = (unsigned char *)(header+1);
749: struct crec *crecp, *recp1;
750: int rc, j, qtype, qclass, rdlen, flags, algo, valid, keytag;
751: unsigned long ttl, sig_ttl;
752: struct blockdata *key;
753: union all_addr a;
754:
755: if (ntohs(header->qdcount) != 1 ||
756: RCODE(header) == SERVFAIL || RCODE(header) == REFUSED ||
757: !extract_name(header, plen, &p, name, 1, 4))
758: return STAT_BOGUS;
759:
760: GETSHORT(qtype, p);
761: GETSHORT(qclass, p);
762:
763: if (qtype != T_DNSKEY || qclass != class || ntohs(header->ancount) == 0)
764: return STAT_BOGUS;
765:
766: /* See if we have cached a DS record which validates this key */
767: if (!(crecp = cache_find_by_name(NULL, name, now, F_DS)))
768: {
769: strcpy(keyname, name);
770: return STAT_NEED_DS;
771: }
772:
773: /* NOTE, we need to find ONE DNSKEY which matches the DS */
774: for (valid = 0, j = ntohs(header->ancount); j != 0 && !valid; j--)
775: {
776: /* Ensure we have type, class TTL and length */
777: if (!(rc = extract_name(header, plen, &p, name, 0, 10)))
778: return STAT_BOGUS; /* bad packet */
779:
780: GETSHORT(qtype, p);
781: GETSHORT(qclass, p);
782: GETLONG(ttl, p);
783: GETSHORT(rdlen, p);
784:
785: if (!CHECK_LEN(header, p, plen, rdlen) || rdlen < 4)
786: return STAT_BOGUS; /* bad packet */
787:
788: if (qclass != class || qtype != T_DNSKEY || rc == 2)
789: {
790: p += rdlen;
791: continue;
792: }
793:
794: psave = p;
795:
796: GETSHORT(flags, p);
797: if (*p++ != 3)
798: return STAT_BOGUS;
799: algo = *p++;
800: keytag = dnskey_keytag(algo, flags, p, rdlen - 4);
801: key = NULL;
802:
803: /* key must have zone key flag set */
804: if (flags & 0x100)
805: key = blockdata_alloc((char*)p, rdlen - 4);
806:
807: p = psave;
808:
809: if (!ADD_RDLEN(header, p, plen, rdlen))
810: {
811: if (key)
812: blockdata_free(key);
813: return STAT_BOGUS; /* bad packet */
814: }
815:
816: /* No zone key flag or malloc failure */
817: if (!key)
818: continue;
819:
820: for (recp1 = crecp; recp1; recp1 = cache_find_by_name(recp1, name, now, F_DS))
821: {
822: void *ctx;
823: unsigned char *digest, *ds_digest;
824: const struct nettle_hash *hash;
825: int sigcnt, rrcnt;
826:
827: if (recp1->addr.ds.algo == algo &&
828: recp1->addr.ds.keytag == keytag &&
829: recp1->uid == (unsigned int)class &&
830: (hash = hash_find(ds_digest_name(recp1->addr.ds.digest))) &&
831: hash_init(hash, &ctx, &digest))
832:
833: {
834: int wire_len = to_wire(name);
835:
836: /* Note that digest may be different between DSs, so
837: we can't move this outside the loop. */
838: hash->update(ctx, (unsigned int)wire_len, (unsigned char *)name);
839: hash->update(ctx, (unsigned int)rdlen, psave);
840: hash->digest(ctx, hash->digest_size, digest);
841:
842: from_wire(name);
843:
844: if (!(recp1->flags & F_NEG) &&
845: recp1->addr.ds.keylen == (int)hash->digest_size &&
846: (ds_digest = blockdata_retrieve(recp1->addr.ds.keydata, recp1->addr.ds.keylen, NULL)) &&
847: memcmp(ds_digest, digest, recp1->addr.ds.keylen) == 0 &&
848: explore_rrset(header, plen, class, T_DNSKEY, name, keyname, &sigcnt, &rrcnt) &&
849: sigcnt != 0 && rrcnt != 0 &&
850: validate_rrset(now, header, plen, class, T_DNSKEY, sigcnt, rrcnt, name, keyname,
851: NULL, key, rdlen - 4, algo, keytag, &sig_ttl) == STAT_SECURE)
852: {
853: valid = 1;
854: break;
855: }
856: }
857: }
858: blockdata_free(key);
859: }
860:
861: if (valid)
862: {
863: /* DNSKEY RRset determined to be OK, now cache it. */
864: cache_start_insert();
865:
866: p = skip_questions(header, plen);
867:
868: for (j = ntohs(header->ancount); j != 0; j--)
869: {
870: /* Ensure we have type, class TTL and length */
871: if (!(rc = extract_name(header, plen, &p, name, 0, 10)))
872: return STAT_BOGUS; /* bad packet */
873:
874: GETSHORT(qtype, p);
875: GETSHORT(qclass, p);
876: GETLONG(ttl, p);
877: GETSHORT(rdlen, p);
878:
879: /* TTL may be limited by sig. */
880: if (sig_ttl < ttl)
881: ttl = sig_ttl;
882:
883: if (!CHECK_LEN(header, p, plen, rdlen))
884: return STAT_BOGUS; /* bad packet */
885:
886: if (qclass == class && rc == 1)
887: {
888: psave = p;
889:
890: if (qtype == T_DNSKEY)
891: {
892: if (rdlen < 4)
893: return STAT_BOGUS; /* bad packet */
894:
895: GETSHORT(flags, p);
896: if (*p++ != 3)
897: return STAT_BOGUS;
898: algo = *p++;
899: keytag = dnskey_keytag(algo, flags, p, rdlen - 4);
900:
901: if ((key = blockdata_alloc((char*)p, rdlen - 4)))
902: {
903: a.key.keylen = rdlen - 4;
904: a.key.keydata = key;
905: a.key.algo = algo;
906: a.key.keytag = keytag;
907: a.key.flags = flags;
908:
909: if (!cache_insert(name, &a, class, now, ttl, F_FORWARD | F_DNSKEY | F_DNSSECOK))
910: {
911: blockdata_free(key);
912: return STAT_BOGUS;
913: }
914: else
915: {
916: a.log.keytag = keytag;
917: a.log.algo = algo;
918: if (algo_digest_name(algo))
919: log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DNSKEY keytag %hu, algo %hu");
920: else
921: log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DNSKEY keytag %hu, algo %hu (not supported)");
922: }
923: }
924: }
925:
926: p = psave;
927: }
928:
929: if (!ADD_RDLEN(header, p, plen, rdlen))
930: return STAT_BOGUS; /* bad packet */
931: }
932:
933: /* commit cache insert. */
934: cache_end_insert();
935: return STAT_OK;
936: }
937:
938: log_query(F_NOEXTRA | F_UPSTREAM, name, NULL, "BOGUS DNSKEY");
939: return STAT_BOGUS;
940: }
941:
942: /* The DNS packet is expected to contain the answer to a DS query
943: Put all DSs in the answer which are valid into the cache.
944: Also handles replies which prove that there's no DS at this location,
945: either because the zone is unsigned or this isn't a zone cut. These are
946: cached too.
947: return codes:
948: STAT_OK At least one valid DS found and in cache.
949: STAT_BOGUS no DS in reply or not signed, fails validation, bad packet.
950: STAT_NEED_KEY DNSKEY records to validate a DS not found, name in keyname
951: STAT_NEED_DS DS record needed.
952: */
953:
954: int dnssec_validate_ds(time_t now, struct dns_header *header, size_t plen, char *name, char *keyname, int class)
955: {
956: unsigned char *p = (unsigned char *)(header+1);
957: int qtype, qclass, rc, i, neganswer, nons, neg_ttl = 0;
958: int aclass, atype, rdlen;
959: unsigned long ttl;
960: union all_addr a;
961:
962: if (ntohs(header->qdcount) != 1 ||
963: !(p = skip_name(p, header, plen, 4)))
964: return STAT_BOGUS;
965:
966: GETSHORT(qtype, p);
967: GETSHORT(qclass, p);
968:
969: if (qtype != T_DS || qclass != class)
970: rc = STAT_BOGUS;
971: else
972: rc = dnssec_validate_reply(now, header, plen, name, keyname, NULL, 0, &neganswer, &nons, &neg_ttl);
973:
974: if (rc == STAT_INSECURE)
975: {
976: my_syslog(LOG_WARNING, _("Insecure DS reply received for %s, check domain configuration and upstream DNS server DNSSEC support"), name);
977: rc = STAT_BOGUS;
978: }
979:
980: p = (unsigned char *)(header+1);
981: extract_name(header, plen, &p, name, 1, 4);
982: p += 4; /* qtype, qclass */
983:
984: /* If the key needed to validate the DS is on the same domain as the DS, we'll
985: loop getting nowhere. Stop that now. This can happen of the DS answer comes
986: from the DS's zone, and not the parent zone. */
987: if (rc == STAT_BOGUS || (rc == STAT_NEED_KEY && hostname_isequal(name, keyname)))
988: {
989: log_query(F_NOEXTRA | F_UPSTREAM, name, NULL, "BOGUS DS");
990: return STAT_BOGUS;
991: }
992:
993: if (rc != STAT_SECURE)
994: return rc;
995:
996: if (!neganswer)
997: {
998: cache_start_insert();
999:
1000: for (i = 0; i < ntohs(header->ancount); i++)
1001: {
1002: if (!(rc = extract_name(header, plen, &p, name, 0, 10)))
1003: return STAT_BOGUS; /* bad packet */
1004:
1005: GETSHORT(atype, p);
1006: GETSHORT(aclass, p);
1007: GETLONG(ttl, p);
1008: GETSHORT(rdlen, p);
1009:
1010: if (!CHECK_LEN(header, p, plen, rdlen))
1011: return STAT_BOGUS; /* bad packet */
1012:
1013: if (aclass == class && atype == T_DS && rc == 1)
1014: {
1015: int algo, digest, keytag;
1016: unsigned char *psave = p;
1017: struct blockdata *key;
1018:
1019: if (rdlen < 4)
1020: return STAT_BOGUS; /* bad packet */
1021:
1022: GETSHORT(keytag, p);
1023: algo = *p++;
1024: digest = *p++;
1025:
1026: if ((key = blockdata_alloc((char*)p, rdlen - 4)))
1027: {
1028: a.ds.digest = digest;
1029: a.ds.keydata = key;
1030: a.ds.algo = algo;
1031: a.ds.keytag = keytag;
1032: a.ds.keylen = rdlen - 4;
1033:
1034: if (!cache_insert(name, &a, class, now, ttl, F_FORWARD | F_DS | F_DNSSECOK))
1035: {
1036: blockdata_free(key);
1037: return STAT_BOGUS;
1038: }
1039: else
1040: {
1041: a.log.keytag = keytag;
1042: a.log.algo = algo;
1043: a.log.digest = digest;
1044: if (ds_digest_name(digest) && algo_digest_name(algo))
1045: log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DS keytag %hu, algo %hu, digest %hu");
1046: else
1047: log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DS keytag %hu, algo %hu, digest %hu (not supported)");
1048: }
1049: }
1050:
1051: p = psave;
1052: }
1053: if (!ADD_RDLEN(header, p, plen, rdlen))
1054: return STAT_BOGUS; /* bad packet */
1055: }
1056:
1057: cache_end_insert();
1058:
1059: }
1060: else
1061: {
1062: int flags = F_FORWARD | F_DS | F_NEG | F_DNSSECOK;
1063:
1064: if (RCODE(header) == NXDOMAIN)
1065: flags |= F_NXDOMAIN;
1066:
1067: /* We only cache validated DS records, DNSSECOK flag hijacked
1068: to store presence/absence of NS. */
1069: if (nons)
1070: flags &= ~F_DNSSECOK;
1071:
1072: cache_start_insert();
1073:
1074: /* Use TTL from NSEC for negative cache entries */
1075: if (!cache_insert(name, NULL, class, now, neg_ttl, flags))
1076: return STAT_BOGUS;
1077:
1078: cache_end_insert();
1079:
1080: log_query(F_NOEXTRA | F_UPSTREAM, name, NULL, nons ? "no DS/cut" : "no DS");
1081: }
1082:
1083: return STAT_OK;
1084: }
1085:
1086:
1087: /* 4034 6.1 */
1088: static int hostname_cmp(const char *a, const char *b)
1089: {
1090: char *sa, *ea, *ca, *sb, *eb, *cb;
1091: unsigned char ac, bc;
1092:
1093: sa = ea = (char *)a + strlen(a);
1094: sb = eb = (char *)b + strlen(b);
1095:
1096: while (1)
1097: {
1098: while (sa != a && *(sa-1) != '.')
1099: sa--;
1100:
1101: while (sb != b && *(sb-1) != '.')
1102: sb--;
1103:
1104: ca = sa;
1105: cb = sb;
1106:
1107: while (1)
1108: {
1109: if (ca == ea)
1110: {
1111: if (cb == eb)
1112: break;
1113:
1114: return -1;
1115: }
1116:
1117: if (cb == eb)
1118: return 1;
1119:
1120: ac = (unsigned char) *ca++;
1121: bc = (unsigned char) *cb++;
1122:
1123: if (ac >= 'A' && ac <= 'Z')
1124: ac += 'a' - 'A';
1125: if (bc >= 'A' && bc <= 'Z')
1126: bc += 'a' - 'A';
1127:
1128: if (ac < bc)
1129: return -1;
1130: else if (ac != bc)
1131: return 1;
1132: }
1133:
1134:
1135: if (sa == a)
1136: {
1137: if (sb == b)
1138: return 0;
1139:
1140: return -1;
1141: }
1142:
1143: if (sb == b)
1144: return 1;
1145:
1146: ea = --sa;
1147: eb = --sb;
1148: }
1149: }
1150:
1151: static int prove_non_existence_nsec(struct dns_header *header, size_t plen, unsigned char **nsecs, unsigned char **labels, int nsec_count,
1152: char *workspace1_in, char *workspace2, char *name, int type, int *nons)
1153: {
1154: int i, rc, rdlen;
1155: unsigned char *p, *psave;
1156: int offset = (type & 0xff) >> 3;
1157: int mask = 0x80 >> (type & 0x07);
1158:
1159: if (nons)
1160: *nons = 1;
1161:
1162: /* Find NSEC record that proves name doesn't exist */
1163: for (i = 0; i < nsec_count; i++)
1164: {
1165: char *workspace1 = workspace1_in;
1166: int sig_labels, name_labels;
1167:
1168: p = nsecs[i];
1169: if (!extract_name(header, plen, &p, workspace1, 1, 10))
1170: return 0;
1171: p += 8; /* class, type, TTL */
1172: GETSHORT(rdlen, p);
1173: psave = p;
1174: if (!extract_name(header, plen, &p, workspace2, 1, 10))
1175: return 0;
1176:
1177: /* If NSEC comes from wildcard expansion, use original wildcard
1178: as name for computation. */
1179: sig_labels = *labels[i];
1180: name_labels = count_labels(workspace1);
1181:
1182: if (sig_labels < name_labels)
1183: {
1184: int k;
1185: for (k = name_labels - sig_labels; k != 0; k--)
1186: {
1187: while (*workspace1 != '.' && *workspace1 != 0)
1188: workspace1++;
1189: if (k != 1 && *workspace1 == '.')
1190: workspace1++;
1191: }
1192:
1193: workspace1--;
1194: *workspace1 = '*';
1195: }
1196:
1197: rc = hostname_cmp(workspace1, name);
1198:
1199: if (rc == 0)
1200: {
1201: /* 4035 para 5.4. Last sentence */
1202: if (type == T_NSEC || type == T_RRSIG)
1203: return 1;
1204:
1205: /* NSEC with the same name as the RR we're testing, check
1206: that the type in question doesn't appear in the type map */
1207: rdlen -= p - psave;
1208: /* rdlen is now length of type map, and p points to it */
1209:
1210: /* If we can prove that there's no NS record, return that information. */
1211: if (nons && rdlen >= 2 && p[0] == 0 && (p[2] & (0x80 >> T_NS)) != 0)
1212: *nons = 0;
1213:
1214: if (rdlen >= 2 && p[0] == 0)
1215: {
1216: /* A CNAME answer would also be valid, so if there's a CNAME is should
1217: have been returned. */
1218: if ((p[2] & (0x80 >> T_CNAME)) != 0)
1219: return 0;
1220:
1221: /* If the SOA bit is set for a DS record, then we have the
1222: DS from the wrong side of the delegation. For the root DS,
1223: this is expected. */
1224: if (name_labels != 0 && type == T_DS && (p[2] & (0x80 >> T_SOA)) != 0)
1225: return 0;
1226: }
1227:
1228: while (rdlen >= 2)
1229: {
1230: if (!CHECK_LEN(header, p, plen, rdlen))
1231: return 0;
1232:
1233: if (p[0] == type >> 8)
1234: {
1235: /* Does the NSEC say our type exists? */
1236: if (offset < p[1] && (p[offset+2] & mask) != 0)
1237: return 0;
1238:
1239: break; /* finished checking */
1240: }
1241:
1242: rdlen -= p[1];
1243: p += p[1];
1244: }
1245:
1246: return 1;
1247: }
1248: else if (rc == -1)
1249: {
1250: /* Normal case, name falls between NSEC name and next domain name,
1251: wrap around case, name falls between NSEC name (rc == -1) and end */
1252: if (hostname_cmp(workspace2, name) >= 0 || hostname_cmp(workspace1, workspace2) >= 0)
1253: return 1;
1254: }
1255: else
1256: {
1257: /* wrap around case, name falls between start and next domain name */
1258: if (hostname_cmp(workspace1, workspace2) >= 0 && hostname_cmp(workspace2, name) >=0 )
1259: return 1;
1260: }
1261: }
1262:
1263: return 0;
1264: }
1265:
1266: /* return digest length, or zero on error */
1267: static int hash_name(char *in, unsigned char **out, struct nettle_hash const *hash,
1268: unsigned char *salt, int salt_len, int iterations)
1269: {
1270: void *ctx;
1271: unsigned char *digest;
1272: int i;
1273:
1274: if (!hash_init(hash, &ctx, &digest))
1275: return 0;
1276:
1277: hash->update(ctx, to_wire(in), (unsigned char *)in);
1278: hash->update(ctx, salt_len, salt);
1279: hash->digest(ctx, hash->digest_size, digest);
1280:
1281: for(i = 0; i < iterations; i++)
1282: {
1283: hash->update(ctx, hash->digest_size, digest);
1284: hash->update(ctx, salt_len, salt);
1285: hash->digest(ctx, hash->digest_size, digest);
1286: }
1287:
1288: from_wire(in);
1289:
1290: *out = digest;
1291: return hash->digest_size;
1292: }
1293:
1294: /* Decode base32 to first "." or end of string */
1295: static int base32_decode(char *in, unsigned char *out)
1296: {
1297: int oc, on, c, mask, i;
1298: unsigned char *p = out;
1299:
1300: for (c = *in, oc = 0, on = 0; c != 0 && c != '.'; c = *++in)
1301: {
1302: if (c >= '0' && c <= '9')
1303: c -= '0';
1304: else if (c >= 'a' && c <= 'v')
1305: c -= 'a', c += 10;
1306: else if (c >= 'A' && c <= 'V')
1307: c -= 'A', c += 10;
1308: else
1309: return 0;
1310:
1311: for (mask = 0x10, i = 0; i < 5; i++)
1312: {
1313: if (c & mask)
1314: oc |= 1;
1315: mask = mask >> 1;
1316: if (((++on) & 7) == 0)
1317: *p++ = oc;
1318: oc = oc << 1;
1319: }
1320: }
1321:
1322: if ((on & 7) != 0)
1323: return 0;
1324:
1325: return p - out;
1326: }
1327:
1328: static int check_nsec3_coverage(struct dns_header *header, size_t plen, int digest_len, unsigned char *digest, int type,
1329: char *workspace1, char *workspace2, unsigned char **nsecs, int nsec_count, int *nons, int name_labels)
1330: {
1331: int i, hash_len, salt_len, base32_len, rdlen, flags;
1332: unsigned char *p, *psave;
1333:
1334: for (i = 0; i < nsec_count; i++)
1335: if ((p = nsecs[i]))
1336: {
1337: if (!extract_name(header, plen, &p, workspace1, 1, 0) ||
1338: !(base32_len = base32_decode(workspace1, (unsigned char *)workspace2)))
1339: return 0;
1340:
1341: p += 8; /* class, type, TTL */
1342: GETSHORT(rdlen, p);
1343: psave = p;
1344: p++; /* algo */
1345: flags = *p++; /* flags */
1346: p += 2; /* iterations */
1347: salt_len = *p++; /* salt_len */
1348: p += salt_len; /* salt */
1349: hash_len = *p++; /* p now points to next hashed name */
1350:
1351: if (!CHECK_LEN(header, p, plen, hash_len))
1352: return 0;
1353:
1354: if (digest_len == base32_len && hash_len == base32_len)
1355: {
1356: int rc = memcmp(workspace2, digest, digest_len);
1357:
1358: if (rc == 0)
1359: {
1360: /* We found an NSEC3 whose hashed name exactly matches the query, so
1361: we just need to check the type map. p points to the RR data for the record. */
1362:
1363: int offset = (type & 0xff) >> 3;
1364: int mask = 0x80 >> (type & 0x07);
1365:
1366: p += hash_len; /* skip next-domain hash */
1367: rdlen -= p - psave;
1368:
1369: if (!CHECK_LEN(header, p, plen, rdlen))
1370: return 0;
1371:
1372: if (rdlen >= 2 && p[0] == 0)
1373: {
1374: /* If we can prove that there's no NS record, return that information. */
1375: if (nons && (p[2] & (0x80 >> T_NS)) != 0)
1376: *nons = 0;
1377:
1378: /* A CNAME answer would also be valid, so if there's a CNAME is should
1379: have been returned. */
1380: if ((p[2] & (0x80 >> T_CNAME)) != 0)
1381: return 0;
1382:
1383: /* If the SOA bit is set for a DS record, then we have the
1384: DS from the wrong side of the delegation. For the root DS,
1385: this is expected. */
1386: if (name_labels != 0 && type == T_DS && (p[2] & (0x80 >> T_SOA)) != 0)
1387: return 0;
1388: }
1389:
1390: while (rdlen >= 2)
1391: {
1392: if (p[0] == type >> 8)
1393: {
1394: /* Does the NSEC3 say our type exists? */
1395: if (offset < p[1] && (p[offset+2] & mask) != 0)
1396: return 0;
1397:
1398: break; /* finished checking */
1399: }
1400:
1401: rdlen -= p[1];
1402: p += p[1];
1403: }
1404:
1405: return 1;
1406: }
1407: else if (rc < 0)
1408: {
1409: /* Normal case, hash falls between NSEC3 name-hash and next domain name-hash,
1410: wrap around case, name-hash falls between NSEC3 name-hash and end */
1411: if (memcmp(p, digest, digest_len) >= 0 || memcmp(workspace2, p, digest_len) >= 0)
1412: {
1413: if ((flags & 0x01) && nons) /* opt out */
1414: *nons = 0;
1415:
1416: return 1;
1417: }
1418: }
1419: else
1420: {
1421: /* wrap around case, name falls between start and next domain name */
1422: if (memcmp(workspace2, p, digest_len) >= 0 && memcmp(p, digest, digest_len) >= 0)
1423: {
1424: if ((flags & 0x01) && nons) /* opt out */
1425: *nons = 0;
1426:
1427: return 1;
1428: }
1429: }
1430: }
1431: }
1432:
1433: return 0;
1434: }
1435:
1436: static int prove_non_existence_nsec3(struct dns_header *header, size_t plen, unsigned char **nsecs, int nsec_count,
1437: char *workspace1, char *workspace2, char *name, int type, char *wildname, int *nons)
1438: {
1439: unsigned char *salt, *p, *digest;
1440: int digest_len, i, iterations, salt_len, base32_len, algo = 0;
1441: struct nettle_hash const *hash;
1442: char *closest_encloser, *next_closest, *wildcard;
1443:
1444: if (nons)
1445: *nons = 1;
1446:
1447: /* Look though the NSEC3 records to find the first one with
1448: an algorithm we support.
1449:
1450: Take the algo, iterations, and salt of that record
1451: as the ones we're going to use, and prune any
1452: that don't match. */
1453:
1454: for (i = 0; i < nsec_count; i++)
1455: {
1456: if (!(p = skip_name(nsecs[i], header, plen, 15)))
1457: return 0; /* bad packet */
1458:
1459: p += 10; /* type, class, TTL, rdlen */
1460: algo = *p++;
1461:
1462: if ((hash = hash_find(nsec3_digest_name(algo))))
1463: break; /* known algo */
1464: }
1465:
1466: /* No usable NSEC3s */
1467: if (i == nsec_count)
1468: return 0;
1469:
1470: p++; /* flags */
1471:
1472: GETSHORT (iterations, p);
1473: /* Upper-bound iterations, to avoid DoS.
1474: Strictly, there are lower bounds for small keys, but
1475: since we don't have key size info here, at least limit
1476: to the largest bound, for 4096-bit keys. RFC 5155 10.3 */
1477: if (iterations > 2500)
1478: return 0;
1479:
1480: salt_len = *p++;
1481: salt = p;
1482: if (!CHECK_LEN(header, salt, plen, salt_len))
1483: return 0; /* bad packet */
1484:
1485: /* Now prune so we only have NSEC3 records with same iterations, salt and algo */
1486: for (i = 0; i < nsec_count; i++)
1487: {
1488: unsigned char *nsec3p = nsecs[i];
1489: int this_iter, flags;
1490:
1491: nsecs[i] = NULL; /* Speculative, will be restored if OK. */
1492:
1493: if (!(p = skip_name(nsec3p, header, plen, 15)))
1494: return 0; /* bad packet */
1495:
1496: p += 10; /* type, class, TTL, rdlen */
1497:
1498: if (*p++ != algo)
1499: continue;
1500:
1501: flags = *p++; /* flags */
1502:
1503: /* 5155 8.2 */
1504: if (flags != 0 && flags != 1)
1505: continue;
1506:
1507: GETSHORT(this_iter, p);
1508: if (this_iter != iterations)
1509: continue;
1510:
1511: if (salt_len != *p++)
1512: continue;
1513:
1514: if (!CHECK_LEN(header, p, plen, salt_len))
1515: return 0; /* bad packet */
1516:
1517: if (memcmp(p, salt, salt_len) != 0)
1518: continue;
1519:
1520: /* All match, put the pointer back */
1521: nsecs[i] = nsec3p;
1522: }
1523:
1524: if ((digest_len = hash_name(name, &digest, hash, salt, salt_len, iterations)) == 0)
1525: return 0;
1526:
1527: if (check_nsec3_coverage(header, plen, digest_len, digest, type, workspace1, workspace2, nsecs, nsec_count, nons, count_labels(name)))
1528: return 1;
1529:
1530: /* Can't find an NSEC3 which covers the name directly, we need the "closest encloser NSEC3"
1531: or an answer inferred from a wildcard record. */
1532: closest_encloser = name;
1533: next_closest = NULL;
1534:
1535: do
1536: {
1537: if (*closest_encloser == '.')
1538: closest_encloser++;
1539:
1540: if (wildname && hostname_isequal(closest_encloser, wildname))
1541: break;
1542:
1543: if ((digest_len = hash_name(closest_encloser, &digest, hash, salt, salt_len, iterations)) == 0)
1544: return 0;
1545:
1546: for (i = 0; i < nsec_count; i++)
1547: if ((p = nsecs[i]))
1548: {
1549: if (!extract_name(header, plen, &p, workspace1, 1, 0) ||
1550: !(base32_len = base32_decode(workspace1, (unsigned char *)workspace2)))
1551: return 0;
1552:
1553: if (digest_len == base32_len &&
1554: memcmp(digest, workspace2, digest_len) == 0)
1555: break; /* Gotit */
1556: }
1557:
1558: if (i != nsec_count)
1559: break;
1560:
1561: next_closest = closest_encloser;
1562: }
1563: while ((closest_encloser = strchr(closest_encloser, '.')));
1564:
1565: if (!closest_encloser || !next_closest)
1566: return 0;
1567:
1568: /* Look for NSEC3 that proves the non-existence of the next-closest encloser */
1569: if ((digest_len = hash_name(next_closest, &digest, hash, salt, salt_len, iterations)) == 0)
1570: return 0;
1571:
1572: if (!check_nsec3_coverage(header, plen, digest_len, digest, type, workspace1, workspace2, nsecs, nsec_count, NULL, 1))
1573: return 0;
1574:
1575: /* Finally, check that there's no seat of wildcard synthesis */
1576: if (!wildname)
1577: {
1578: if (!(wildcard = strchr(next_closest, '.')) || wildcard == next_closest)
1579: return 0;
1580:
1581: wildcard--;
1582: *wildcard = '*';
1583:
1584: if ((digest_len = hash_name(wildcard, &digest, hash, salt, salt_len, iterations)) == 0)
1585: return 0;
1586:
1587: if (!check_nsec3_coverage(header, plen, digest_len, digest, type, workspace1, workspace2, nsecs, nsec_count, NULL, 1))
1588: return 0;
1589: }
1590:
1591: return 1;
1592: }
1593:
1594: static int prove_non_existence(struct dns_header *header, size_t plen, char *keyname, char *name, int qtype, int qclass, char *wildname, int *nons, int *nsec_ttl)
1595: {
1596: static unsigned char **nsecset = NULL, **rrsig_labels = NULL;
1597: static int nsecset_sz = 0, rrsig_labels_sz = 0;
1598:
1599: int type_found = 0;
1600: unsigned char *auth_start, *p = skip_questions(header, plen);
1601: int type, class, rdlen, i, nsecs_found;
1602: unsigned long ttl;
1603:
1604: /* Move to NS section */
1605: if (!p || !(p = skip_section(p, ntohs(header->ancount), header, plen)))
1606: return 0;
1607:
1608: auth_start = p;
1609:
1610: for (nsecs_found = 0, i = 0; i < ntohs(header->nscount); i++)
1611: {
1612: unsigned char *pstart = p;
1613:
1614: if (!extract_name(header, plen, &p, daemon->workspacename, 1, 10))
1615: return 0;
1616:
1617: GETSHORT(type, p);
1618: GETSHORT(class, p);
1619: GETLONG(ttl, p);
1620: GETSHORT(rdlen, p);
1621:
1622: if (class == qclass && (type == T_NSEC || type == T_NSEC3))
1623: {
1624: if (nsec_ttl)
1625: {
1626: /* Limit TTL with sig TTL */
1627: if (daemon->rr_status[ntohs(header->ancount) + i] < ttl)
1628: ttl = daemon->rr_status[ntohs(header->ancount) + i];
1629: *nsec_ttl = ttl;
1630: }
1631:
1632: /* No mixed NSECing 'round here, thankyouverymuch */
1633: if (type_found != 0 && type_found != type)
1634: return 0;
1635:
1636: type_found = type;
1637:
1638: if (!expand_workspace(&nsecset, &nsecset_sz, nsecs_found))
1639: return 0;
1640:
1641: if (type == T_NSEC)
1642: {
1643: /* If we're looking for NSECs, find the corresponding SIGs, to
1644: extract the labels value, which we need in case the NSECs
1645: are the result of wildcard expansion.
1646: Note that the NSEC may not have been validated yet
1647: so if there are multiple SIGs, make sure the label value
1648: is the same in all, to avoid be duped by a rogue one.
1649: If there are no SIGs, that's an error */
1650: unsigned char *p1 = auth_start;
1651: int res, j, rdlen1, type1, class1;
1652:
1653: if (!expand_workspace(&rrsig_labels, &rrsig_labels_sz, nsecs_found))
1654: return 0;
1655:
1656: rrsig_labels[nsecs_found] = NULL;
1657:
1658: for (j = ntohs(header->nscount); j != 0; j--)
1659: {
1660: if (!(res = extract_name(header, plen, &p1, daemon->workspacename, 0, 10)))
1661: return 0;
1662:
1663: GETSHORT(type1, p1);
1664: GETSHORT(class1, p1);
1665: p1 += 4; /* TTL */
1666: GETSHORT(rdlen1, p1);
1667:
1668: if (!CHECK_LEN(header, p1, plen, rdlen1))
1669: return 0;
1670:
1671: if (res == 1 && class1 == qclass && type1 == T_RRSIG)
1672: {
1673: int type_covered;
1674: unsigned char *psav = p1;
1675:
1676: if (rdlen1 < 18)
1677: return 0; /* bad packet */
1678:
1679: GETSHORT(type_covered, p1);
1680:
1681: if (type_covered == T_NSEC)
1682: {
1683: p1++; /* algo */
1684:
1685: /* labels field must be the same in every SIG we find. */
1686: if (!rrsig_labels[nsecs_found])
1687: rrsig_labels[nsecs_found] = p1;
1688: else if (*rrsig_labels[nsecs_found] != *p1) /* algo */
1689: return 0;
1690: }
1691: p1 = psav;
1692: }
1693:
1694: if (!ADD_RDLEN(header, p1, plen, rdlen1))
1695: return 0;
1696: }
1697:
1698: /* Must have found at least one sig. */
1699: if (!rrsig_labels[nsecs_found])
1700: return 0;
1701: }
1702:
1703: nsecset[nsecs_found++] = pstart;
1704: }
1705:
1706: if (!ADD_RDLEN(header, p, plen, rdlen))
1707: return 0;
1708: }
1709:
1710: if (type_found == T_NSEC)
1711: return prove_non_existence_nsec(header, plen, nsecset, rrsig_labels, nsecs_found, daemon->workspacename, keyname, name, qtype, nons);
1712: else if (type_found == T_NSEC3)
1713: return prove_non_existence_nsec3(header, plen, nsecset, nsecs_found, daemon->workspacename, keyname, name, qtype, wildname, nons);
1714: else
1715: return 0;
1716: }
1717:
1718: /* Check signing status of name.
1719: returns:
1720: STAT_SECURE zone is signed.
1721: STAT_INSECURE zone proved unsigned.
1722: STAT_NEED_DS require DS record of name returned in keyname.
1723: STAT_NEED_KEY require DNSKEY record of name returned in keyname.
1724: name returned unaltered.
1725: */
1726: static int zone_status(char *name, int class, char *keyname, time_t now)
1727: {
1728: int name_start = strlen(name); /* for when TA is root */
1729: struct crec *crecp;
1730: char *p;
1731:
1732: /* First, work towards the root, looking for a trust anchor.
1733: This can either be one configured, or one previously cached.
1734: We can assume, if we don't find one first, that there is
1735: a trust anchor at the root. */
1736: for (p = name; p; p = strchr(p, '.'))
1737: {
1738: if (*p == '.')
1739: p++;
1740:
1741: if (cache_find_by_name(NULL, p, now, F_DS))
1742: {
1743: name_start = p - name;
1744: break;
1745: }
1746: }
1747:
1748: /* Now work away from the trust anchor */
1749: while (1)
1750: {
1751: strcpy(keyname, &name[name_start]);
1752:
1753: if (!(crecp = cache_find_by_name(NULL, keyname, now, F_DS)))
1754: return STAT_NEED_DS;
1755:
1756: /* F_DNSSECOK misused in DS cache records to non-existence of NS record.
1757: F_NEG && !F_DNSSECOK implies that we've proved there's no DS record here,
1758: but that's because there's no NS record either, ie this isn't the start
1759: of a zone. We only prove that the DNS tree below a node is unsigned when
1760: we prove that we're at a zone cut AND there's no DS record. */
1761: if (crecp->flags & F_NEG)
1762: {
1763: if (crecp->flags & F_DNSSECOK)
1764: return STAT_INSECURE; /* proved no DS here */
1765: }
1766: else
1767: {
1768: /* If all the DS records have digest and/or sig algos we don't support,
1769: then the zone is insecure. Note that if an algo
1770: appears in the DS, then RRSIGs for that algo MUST
1771: exist for each RRset: 4035 para 2.2 So if we find
1772: a DS here with digest and sig we can do, we're entitled
1773: to assume we can validate the zone and if we can't later,
1774: because an RRSIG is missing we return BOGUS.
1775: */
1776: do
1777: {
1778: if (crecp->uid == (unsigned int)class &&
1779: ds_digest_name(crecp->addr.ds.digest) &&
1780: algo_digest_name(crecp->addr.ds.algo))
1781: break;
1782: }
1783: while ((crecp = cache_find_by_name(crecp, keyname, now, F_DS)));
1784:
1785: if (!crecp)
1786: return STAT_INSECURE;
1787: }
1788:
1789: if (name_start == 0)
1790: break;
1791:
1792: for (p = &name[name_start-2]; (*p != '.') && (p != name); p--);
1793:
1794: if (p != name)
1795: p++;
1796:
1797: name_start = p - name;
1798: }
1799:
1800: return STAT_SECURE;
1801: }
1802:
1803: /* Validate all the RRsets in the answer and authority sections of the reply (4035:3.2.3)
1804: Return code:
1805: STAT_SECURE if it validates.
1806: STAT_INSECURE at least one RRset not validated, because in unsigned zone.
1807: STAT_BOGUS signature is wrong, bad packet, no validation where there should be.
1808: STAT_NEED_KEY need DNSKEY to complete validation (name is returned in keyname, class in *class)
1809: STAT_NEED_DS need DS to complete validation (name is returned in keyname)
1810:
1811: daemon->rr_status points to a char array which corressponds to the RRs in the
1812: answer and auth sections. This is set to 1 for each RR which is validated, and 0 for any which aren't.
1813:
1814: When validating replies to DS records, we're only interested in the NSEC{3} RRs in the auth section.
1815: Other RRs in that section missing sigs will not cause am INSECURE reply. We determine this mode
1816: is the nons argument is non-NULL.
1817: */
1818: int dnssec_validate_reply(time_t now, struct dns_header *header, size_t plen, char *name, char *keyname,
1819: int *class, int check_unsigned, int *neganswer, int *nons, int *nsec_ttl)
1820: {
1821: static unsigned char **targets = NULL;
1822: static int target_sz = 0;
1823:
1824: unsigned char *ans_start, *p1, *p2;
1825: int type1, class1, rdlen1 = 0, type2, class2, rdlen2, qclass, qtype, targetidx;
1826: int i, j, rc = STAT_INSECURE;
1827: int secure = STAT_SECURE;
1828:
1829: /* extend rr_status if necessary */
1830: if (daemon->rr_status_sz < ntohs(header->ancount) + ntohs(header->nscount))
1831: {
1832: unsigned long *new = whine_malloc(sizeof(*daemon->rr_status) * (ntohs(header->ancount) + ntohs(header->nscount) + 64));
1833:
1834: if (!new)
1835: return STAT_BOGUS;
1836:
1837: free(daemon->rr_status);
1838: daemon->rr_status = new;
1839: daemon->rr_status_sz = ntohs(header->ancount) + ntohs(header->nscount) + 64;
1840: }
1841:
1842: memset(daemon->rr_status, 0, sizeof(*daemon->rr_status) * daemon->rr_status_sz);
1843:
1844: if (neganswer)
1845: *neganswer = 0;
1846:
1847: if (RCODE(header) == SERVFAIL || ntohs(header->qdcount) != 1)
1848: return STAT_BOGUS;
1849:
1850: if (RCODE(header) != NXDOMAIN && RCODE(header) != NOERROR)
1851: return STAT_INSECURE;
1852:
1853: p1 = (unsigned char *)(header+1);
1854:
1855: /* Find all the targets we're looking for answers to.
1856: The zeroth array element is for the query, subsequent ones
1857: for CNAME targets, unless the query is for a CNAME. */
1858:
1859: if (!expand_workspace(&targets, &target_sz, 0))
1860: return STAT_BOGUS;
1861:
1862: targets[0] = p1;
1863: targetidx = 1;
1864:
1865: if (!extract_name(header, plen, &p1, name, 1, 4))
1866: return STAT_BOGUS;
1867:
1868: GETSHORT(qtype, p1);
1869: GETSHORT(qclass, p1);
1870: ans_start = p1;
1871:
1872: /* Can't validate an RRSIG query */
1873: if (qtype == T_RRSIG)
1874: return STAT_INSECURE;
1875:
1876: if (qtype != T_CNAME)
1877: for (j = ntohs(header->ancount); j != 0; j--)
1878: {
1879: if (!(p1 = skip_name(p1, header, plen, 10)))
1880: return STAT_BOGUS; /* bad packet */
1881:
1882: GETSHORT(type2, p1);
1883: p1 += 6; /* class, TTL */
1884: GETSHORT(rdlen2, p1);
1885:
1886: if (type2 == T_CNAME)
1887: {
1888: if (!expand_workspace(&targets, &target_sz, targetidx))
1889: return STAT_BOGUS;
1890:
1891: targets[targetidx++] = p1; /* pointer to target name */
1892: }
1893:
1894: if (!ADD_RDLEN(header, p1, plen, rdlen2))
1895: return STAT_BOGUS;
1896: }
1897:
1898: for (p1 = ans_start, i = 0; i < ntohs(header->ancount) + ntohs(header->nscount); i++)
1899: {
1900: if (i != 0 && !ADD_RDLEN(header, p1, plen, rdlen1))
1901: return STAT_BOGUS;
1902:
1903: if (!extract_name(header, plen, &p1, name, 1, 10))
1904: return STAT_BOGUS; /* bad packet */
1905:
1906: GETSHORT(type1, p1);
1907: GETSHORT(class1, p1);
1908: p1 += 4; /* TTL */
1909: GETSHORT(rdlen1, p1);
1910:
1911: /* Don't try and validate RRSIGs! */
1912: if (type1 == T_RRSIG)
1913: continue;
1914:
1915: /* Check if we've done this RRset already */
1916: for (p2 = ans_start, j = 0; j < i; j++)
1917: {
1918: if (!(rc = extract_name(header, plen, &p2, name, 0, 10)))
1919: return STAT_BOGUS; /* bad packet */
1920:
1921: GETSHORT(type2, p2);
1922: GETSHORT(class2, p2);
1923: p2 += 4; /* TTL */
1924: GETSHORT(rdlen2, p2);
1925:
1926: if (type2 == type1 && class2 == class1 && rc == 1)
1927: break; /* Done it before: name, type, class all match. */
1928:
1929: if (!ADD_RDLEN(header, p2, plen, rdlen2))
1930: return STAT_BOGUS;
1931: }
1932:
1933: /* Done already: copy the validation status */
1934: if (j != i)
1935: daemon->rr_status[i] = daemon->rr_status[j];
1936: else
1937: {
1938: /* Not done, validate now */
1939: int sigcnt, rrcnt;
1940: char *wildname;
1941:
1942: if (!explore_rrset(header, plen, class1, type1, name, keyname, &sigcnt, &rrcnt))
1943: return STAT_BOGUS;
1944:
1945: /* No signatures for RRset. We can be configured to assume this is OK and return an INSECURE result. */
1946: if (sigcnt == 0)
1947: {
1948: /* NSEC and NSEC3 records must be signed. We make this assumption elsewhere. */
1949: if (type1 == T_NSEC || type1 == T_NSEC3)
1950: rc = STAT_INSECURE;
1951: else if (nons && i >= ntohs(header->ancount))
1952: /* If we're validating a DS reply, rather than looking for the value of AD bit,
1953: we only care that NSEC and NSEC3 RRs in the auth section are signed.
1954: Return SECURE even if others (SOA....) are not. */
1955: rc = STAT_SECURE;
1956: else
1957: {
1958: /* unsigned RRsets in auth section are not BOGUS, but do make reply insecure. */
1959: if (check_unsigned && i < ntohs(header->ancount))
1960: {
1961: rc = zone_status(name, class1, keyname, now);
1962: if (rc == STAT_SECURE)
1963: rc = STAT_BOGUS;
1964: if (class)
1965: *class = class1; /* Class for NEED_DS or NEED_KEY */
1966: }
1967: else
1968: rc = STAT_INSECURE;
1969:
1970: if (rc != STAT_INSECURE)
1971: return rc;
1972: }
1973: }
1974: else
1975: {
1976: /* explore_rrset() gives us key name from sigs in keyname.
1977: Can't overwrite name here. */
1978: strcpy(daemon->workspacename, keyname);
1979: rc = zone_status(daemon->workspacename, class1, keyname, now);
1980:
1981: if (rc == STAT_BOGUS || rc == STAT_NEED_KEY || rc == STAT_NEED_DS)
1982: {
1983: if (class)
1984: *class = class1; /* Class for NEED_DS or NEED_KEY */
1985: return rc;
1986: }
1987:
1988: /* Zone is insecure, don't need to validate RRset */
1989: if (rc == STAT_SECURE)
1990: {
1991: unsigned long sig_ttl;
1992: rc = validate_rrset(now, header, plen, class1, type1, sigcnt,
1993: rrcnt, name, keyname, &wildname, NULL, 0, 0, 0, &sig_ttl);
1994:
1995: if (rc == STAT_BOGUS || rc == STAT_NEED_KEY || rc == STAT_NEED_DS)
1996: {
1997: if (class)
1998: *class = class1; /* Class for DS or DNSKEY */
1999: return rc;
2000: }
2001:
2002: /* rc is now STAT_SECURE or STAT_SECURE_WILDCARD */
2003:
2004: /* Note that RR is validated */
2005: daemon->rr_status[i] = sig_ttl;
2006:
2007: /* Note if we've validated either the answer to the question
2008: or the target of a CNAME. Any not noted will need NSEC or
2009: to be in unsigned space. */
2010: for (j = 0; j <targetidx; j++)
2011: if ((p2 = targets[j]))
2012: {
2013: int rc1;
2014: if (!(rc1 = extract_name(header, plen, &p2, name, 0, 10)))
2015: return STAT_BOGUS; /* bad packet */
2016:
2017: if (class1 == qclass && rc1 == 1 && (type1 == T_CNAME || type1 == qtype || qtype == T_ANY ))
2018: targets[j] = NULL;
2019: }
2020:
2021: /* An attacker replay a wildcard answer with a different
2022: answer and overlay a genuine RR. To prove this
2023: hasn't happened, the answer must prove that
2024: the genuine record doesn't exist. Check that here.
2025: Note that we may not yet have validated the NSEC/NSEC3 RRsets.
2026: That's not a problem since if the RRsets later fail
2027: we'll return BOGUS then. */
2028: if (rc == STAT_SECURE_WILDCARD &&
2029: !prove_non_existence(header, plen, keyname, name, type1, class1, wildname, NULL, NULL))
2030: return STAT_BOGUS;
2031:
2032: rc = STAT_SECURE;
2033: }
2034: }
2035: }
2036:
2037: if (rc == STAT_INSECURE)
2038: secure = STAT_INSECURE;
2039: }
2040:
2041: /* OK, all the RRsets validate, now see if we have a missing answer or CNAME target. */
2042: if (secure == STAT_SECURE)
2043: for (j = 0; j <targetidx; j++)
2044: if ((p2 = targets[j]))
2045: {
2046: if (neganswer)
2047: *neganswer = 1;
2048:
2049: if (!extract_name(header, plen, &p2, name, 1, 10))
2050: return STAT_BOGUS; /* bad packet */
2051:
2052: /* NXDOMAIN or NODATA reply, unanswered question is (name, qclass, qtype) */
2053:
2054: /* For anything other than a DS record, this situation is OK if either
2055: the answer is in an unsigned zone, or there's a NSEC records. */
2056: if (!prove_non_existence(header, plen, keyname, name, qtype, qclass, NULL, nons, nsec_ttl))
2057: {
2058: /* Empty DS without NSECS */
2059: if (qtype == T_DS)
2060: return STAT_BOGUS;
2061:
2062: if ((rc = zone_status(name, qclass, keyname, now)) != STAT_SECURE)
2063: {
2064: if (class)
2065: *class = qclass; /* Class for NEED_DS or NEED_KEY */
2066: return rc;
2067: }
2068:
2069: return STAT_BOGUS; /* signed zone, no NSECs */
2070: }
2071: }
2072:
2073: return secure;
2074: }
2075:
2076:
2077: /* Compute keytag (checksum to quickly index a key). See RFC4034 */
2078: int dnskey_keytag(int alg, int flags, unsigned char *key, int keylen)
2079: {
2080: if (alg == 1)
2081: {
2082: /* Algorithm 1 (RSAMD5) has a different (older) keytag calculation algorithm.
2083: See RFC4034, Appendix B.1 */
2084: return key[keylen-4] * 256 + key[keylen-3];
2085: }
2086: else
2087: {
2088: unsigned long ac = flags + 0x300 + alg;
2089: int i;
2090:
2091: for (i = 0; i < keylen; ++i)
2092: ac += (i & 1) ? key[i] : key[i] << 8;
2093:
2094: ac += (ac >> 16) & 0xffff;
2095: return ac & 0xffff;
2096: }
2097: }
2098:
2099: size_t dnssec_generate_query(struct dns_header *header, unsigned char *end, char *name, int class,
2100: int type, int edns_pktsz)
2101: {
2102: unsigned char *p;
2103: size_t ret;
2104:
2105: header->qdcount = htons(1);
2106: header->ancount = htons(0);
2107: header->nscount = htons(0);
2108: header->arcount = htons(0);
2109:
2110: header->hb3 = HB3_RD;
2111: SET_OPCODE(header, QUERY);
2112: /* For debugging, set Checking Disabled, otherwise, have the upstream check too,
2113: this allows it to select auth servers when one is returning bad data. */
2114: header->hb4 = option_bool(OPT_DNSSEC_DEBUG) ? HB4_CD : 0;
2115:
2116: /* ID filled in later */
2117:
2118: p = (unsigned char *)(header+1);
2119:
2120: p = do_rfc1035_name(p, name, NULL);
2121: *p++ = 0;
2122: PUTSHORT(type, p);
2123: PUTSHORT(class, p);
2124:
2125: ret = add_do_bit(header, p - (unsigned char *)header, end);
2126:
2127: if (find_pseudoheader(header, ret, NULL, &p, NULL, NULL))
2128: PUTSHORT(edns_pktsz, p);
2129:
2130: return ret;
2131: }
2132:
2133: #endif /* HAVE_DNSSEC */
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>