]> git.ipfire.org Git - people/ms/dnsmasq.git/blame - src/dnssec.c
projects / people / ms / dnsmasq.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Small tweak to DNSSEC fix.
[people/ms/dnsmasq.git] / src / dnssec.c
CommitLineData
8d41ebd8 1/* dnssec.c is Copyright (c) 2012 Giovanni Bajo <rasky@develer.com>
aff33962 2 and Copyright (c) 2012-2015 Simon Kelley
8d41ebd8
GB		 3
4 This program is free software; you can redistribute it and/or modify
5 it under the terms of the GNU General Public License as published by
6 the Free Software Foundation; version 2 dated June, 1991, or
7 (at your option) version 3 dated 29 June, 2007.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program. If not, see <http://www.gnu.org/licenses/>.
16*/
e292e93d
GB		 17
18#include "dnsmasq.h"
0fc2f313
SK		 19
20#ifdef HAVE_DNSSEC
21
86bec2d3
SK		 22#include <nettle/rsa.h>
23#include <nettle/dsa.h>
c152dc84
SK		 24#ifndef NO_NETTLE_ECC
25# include <nettle/ecdsa.h>
26# include <nettle/ecc-curve.h>
27#endif
86bec2d3 28#include <nettle/nettle-meta.h>
063efb33
SK		 29#include <nettle/bignum.h>
30
cdb755c5
SK		 31/* Nettle-3.0 moved to a new API for DSA. We use a name that's defined in the new API
32 to detect Nettle-3, and invoke the backwards compatibility mode. */
33#ifdef dsa_params_init
34#include <nettle/dsa-compat.h>
35#endif
36
f6e62e2a 37#include <utime.h>
c3e0b9b6 38
e292e93d
GB		 39#define SERIAL_UNDEF -100
40#define SERIAL_EQ 0
41#define SERIAL_LT -1
42#define SERIAL_GT 1
43
86bec2d3
SK		 44/* http://www.iana.org/assignments/ds-rr-types/ds-rr-types.xhtml */
45static char *ds_digest_name(int digest)
46{
47 switch (digest)
48 {
49 case 1: return "sha1";
50 case 2: return "sha256";
51 case 3: return "gosthash94";
52 case 4: return "sha384";
53 default: return NULL;
54 }
55}
56
57/* http://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml */
58static char *algo_digest_name(int algo)
59{
60 switch (algo)
61 {
62 case 1: return "md5";
63 case 3: return "sha1";
64 case 5: return "sha1";
65 case 6: return "sha1";
66 case 7: return "sha1";
67 case 8: return "sha256";
68 case 10: return "sha512";
69 case 12: return "gosthash94";
70 case 13: return "sha256";
71 case 14: return "sha384";
72 default: return NULL;
73 }
74}
75
76/* Find pointer to correct hash function in nettle library */
77static const struct nettle_hash *hash_find(char *name)
78{
79 int i;
80
81 if (!name)
82 return NULL;
83
84 for (i = 0; nettle_hashes[i]; i++)
85 {
86 if (strcmp(nettle_hashes[i]->name, name) == 0)
87 return nettle_hashes[i];
88 }
89
90 return NULL;
91}
92
93/* expand ctx and digest memory allocations if necessary and init hash function */
94static int hash_init(const struct nettle_hash *hash, void **ctxp, unsigned char **digestp)
95{
96 static void *ctx = NULL;
97 static unsigned char *digest = NULL;
98 static unsigned int ctx_sz = 0;
99 static unsigned int digest_sz = 0;
100
101 void *new;
102
103 if (ctx_sz < hash->context_size)
104 {
105 if (!(new = whine_malloc(hash->context_size)))
106 return 0;
107 if (ctx)
108 free(ctx);
109 ctx = new;
110 ctx_sz = hash->context_size;
111 }
112
113 if (digest_sz < hash->digest_size)
114 {
115 if (!(new = whine_malloc(hash->digest_size)))
116 return 0;
117 if (digest)
118 free(digest);
119 digest = new;
120 digest_sz = hash->digest_size;
121 }
122
123 *ctxp = ctx;
124 *digestp = digest;
125
126 hash->init(ctx);
127
128 return 1;
129}
130
cdb755c5
SK		 131static int dnsmasq_rsa_verify(struct blockdata *key_data, unsigned int key_len, unsigned char *sig, size_t sig_len,
132 unsigned char *digest, int algo)
86bec2d3
SK		 133{
134 unsigned char *p;
135 size_t exp_len;
136
137 static struct rsa_public_key *key = NULL;
138 static mpz_t sig_mpz;
139
140 if (key == NULL)
141 {
142 if (!(key = whine_malloc(sizeof(struct rsa_public_key))))
143 return 0;
144
145 nettle_rsa_public_key_init(key);
146 mpz_init(sig_mpz);
147 }
148
149 if ((key_len < 3) || !(p = blockdata_retrieve(key_data, key_len, NULL)))
150 return 0;
151
152 key_len--;
153 if ((exp_len = *p++) == 0)
154 {
155 GETSHORT(exp_len, p);
156 key_len -= 2;
157 }
158
159 if (exp_len >= key_len)
160 return 0;
161
162 key->size = key_len - exp_len;
163 mpz_import(key->e, exp_len, 1, 1, 0, 0, p);
164 mpz_import(key->n, key->size, 1, 1, 0, 0, p + exp_len);
165
166 mpz_import(sig_mpz, sig_len, 1, 1, 0, 0, sig);
167
168 switch (algo)
169 {
170 case 1:
171 return nettle_rsa_md5_verify_digest(key, digest, sig_mpz);
172 case 5: case 7:
173 return nettle_rsa_sha1_verify_digest(key, digest, sig_mpz);
174 case 8:
175 return nettle_rsa_sha256_verify_digest(key, digest, sig_mpz);
176 case 10:
177 return nettle_rsa_sha512_verify_digest(key, digest, sig_mpz);
178 }
179
180 return 0;
181}
182
cdb755c5
SK		 183static int dnsmasq_dsa_verify(struct blockdata *key_data, unsigned int key_len, unsigned char *sig, size_t sig_len,
184 unsigned char *digest, int algo)
86bec2d3
SK		 185{
186 unsigned char *p;
187 unsigned int t;
188
189 static struct dsa_public_key *key = NULL;
190 static struct dsa_signature *sig_struct;
191
192 if (key == NULL)
193 {
194 if (!(sig_struct = whine_malloc(sizeof(struct dsa_signature))) ||
195 !(key = whine_malloc(sizeof(struct dsa_public_key))))
196 return 0;
197
198 nettle_dsa_public_key_init(key);
199 nettle_dsa_signature_init(sig_struct);
200 }
201
202 if ((sig_len < 41) || !(p = blockdata_retrieve(key_data, key_len, NULL)))
203 return 0;
204
205 t = *p++;
206
207 if (key_len < (213 + (t * 24)))
208 return 0;
ebe95a83 209
86bec2d3
SK		 210 mpz_import(key->q, 20, 1, 1, 0, 0, p); p += 20;
211 mpz_import(key->p, 64 + (t*8), 1, 1, 0, 0, p); p += 64 + (t*8);
212 mpz_import(key->g, 64 + (t*8), 1, 1, 0, 0, p); p += 64 + (t*8);
213 mpz_import(key->y, 64 + (t*8), 1, 1, 0, 0, p); p += 64 + (t*8);
214
215 mpz_import(sig_struct->r, 20, 1, 1, 0, 0, sig+1);
216 mpz_import(sig_struct->s, 20, 1, 1, 0, 0, sig+21);
217
218 (void)algo;
ebe95a83 219
86bec2d3
SK		 220 return nettle_dsa_sha1_verify_digest(key, digest, sig_struct);
221}
222
c152dc84
SK		 223#ifndef NO_NETTLE_ECC
224static int dnsmasq_ecdsa_verify(struct blockdata *key_data, unsigned int key_len,
225 unsigned char *sig, size_t sig_len,
ebe95a83
SK		 226 unsigned char *digest, size_t digest_len, int algo)
227{
228 unsigned char *p;
229 unsigned int t;
230 struct ecc_point *key;
231
232 static struct ecc_point *key_256 = NULL, *key_384 = NULL;
233 static mpz_t x, y;
234 static struct dsa_signature *sig_struct;
235
236 if (!sig_struct)
237 {
238 if (!(sig_struct = whine_malloc(sizeof(struct dsa_signature))))
239 return 0;
240
241 nettle_dsa_signature_init(sig_struct);
242 mpz_init(x);
243 mpz_init(y);
244 }
245
246 switch (algo)
247 {
248 case 13:
249 if (!key_256)
250 {
251 if (!(key_256 = whine_malloc(sizeof(struct ecc_point))))
252 return 0;
253
254 nettle_ecc_point_init(key_256, &nettle_secp_256r1);
255 }
256
257 key = key_256;
258 t = 32;
259 break;
260
261 case 14:
262 if (!key_384)
263 {
264 if (!(key_384 = whine_malloc(sizeof(struct ecc_point))))
265 return 0;
266
267 nettle_ecc_point_init(key_384, &nettle_secp_384r1);
268 }
269
270 key = key_384;
271 t = 48;
272 break;
273
274 default:
275 return 0;
276 }
277
278 if (sig_len != 2*t || key_len != 2*t ||
6ef15b34 279 !(p = blockdata_retrieve(key_data, key_len, NULL)))
ebe95a83
SK		 280 return 0;
281
282 mpz_import(x, t , 1, 1, 0, 0, p);
283 mpz_import(y, t , 1, 1, 0, 0, p + t);
284
285 if (!ecc_point_set(key, x, y))
286 return 0;
287
288 mpz_import(sig_struct->r, t, 1, 1, 0, 0, sig);
289 mpz_import(sig_struct->s, t, 1, 1, 0, 0, sig + t);
290
291 return nettle_ecdsa_verify(key, digest_len, digest, sig_struct);
292}
c152dc84
SK		 293#endif
294
86bec2d3 295static int verify(struct blockdata *key_data, unsigned int key_len, unsigned char *sig, size_t sig_len,
ebe95a83 296 unsigned char *digest, size_t digest_len, int algo)
86bec2d3 297{
7b1eae4f
SK		 298 (void)digest_len;
299
86bec2d3
SK		 300 switch (algo)
301 {
302 case 1: case 5: case 7: case 8: case 10:
cdb755c5 303 return dnsmasq_rsa_verify(key_data, key_len, sig, sig_len, digest, algo);
86bec2d3
SK		 304
305 case 3: case 6:
cdb755c5 306 return dnsmasq_dsa_verify(key_data, key_len, sig, sig_len, digest, algo);
c152dc84
SK		 307
308#ifndef NO_NETTLE_ECC
ebe95a83
SK		 309 case 13: case 14:
310 return dnsmasq_ecdsa_verify(key_data, key_len, sig, sig_len, digest, digest_len, algo);
c152dc84
SK		 311#endif
312 }
86bec2d3
SK		 313
314 return 0;
315}
316
0fc2f313
SK		 317/* Convert from presentation format to wire format, in place.
318 Also map UC -> LC.
319 Note that using extract_name to get presentation format
320 then calling to_wire() removes compression and maps case,
321 thus generating names in canonical form.
322 Calling to_wire followed by from_wire is almost an identity,
323 except that the UC remains mapped to LC.
cbe379ad
SK		 324
325 Note that both /000 and '.' are allowed within labels. These get
326 represented in presentation format using NAME_ESCAPE as an escape
327 character. In theory, if all the characters in a name were /000 or
328 '.' or NAME_ESCAPE then all would have to be escaped, so the
329 presentation format would be twice as long as the spec (1024).
330 The buffers are all delcared as 2049 (allowing for the trailing zero)
331 for this reason.
0fc2f313
SK		 332*/
333static int to_wire(char *name)
7f0485cf 334{
cbe379ad 335 unsigned char *l, *p, *q, term;
0fc2f313
SK		 336 int len;
337
338 for (l = (unsigned char*)name; *l != 0; l = p)
339 {
340 for (p = l; *p != '.' && *p != 0; p++)
341 if (*p >= 'A' && *p <= 'Z')
342 *p = *p - 'A' + 'a';
cbe379ad 343 else if (*p == NAME_ESCAPE)
b8f16556
SK		 344 {
345 for (q = p; *q; q++)
cbe379ad 346 *q = *(q+1);
b8f16556
SK		 347 (*p)--;
348 }
0fc2f313
SK		 349 term = *p;
350
351 if ((len = p - l) != 0)
352 memmove(l+1, l, len);
353 *l = len;
354
355 p++;
356
357 if (term == 0)
358 *p = 0;
359 }
360
361 return l + 1 - (unsigned char *)name;
7f0485cf
GB		 362}
363
0fc2f313
SK		 364/* Note: no compression allowed in input. */
365static void from_wire(char *name)
13e435eb 366{
cbe379ad 367 unsigned char *l, *p, *last;
0fc2f313 368 int len;
cbe379ad
SK		 369
370 for (last = (unsigned char *)name; *last != 0; last += *last+1);
371
0fc2f313 372 for (l = (unsigned char *)name; *l != 0; l += len+1)
13e435eb 373 {
0fc2f313
SK		 374 len = *l;
375 memmove(l, l+1, len);
cbe379ad
SK		 376 for (p = l; p < l + len; p++)
377 if (*p == '.' || *p == 0 || *p == NAME_ESCAPE)
378 {
379 memmove(p+1, p, 1 + last - p);
380 len++;
b8f16556
SK		 381 *p++ = NAME_ESCAPE;
382 (*p)++;
cbe379ad
SK		 383 }
384
0fc2f313 385 l[len] = '.';
13e435eb 386 }
7f0485cf 387
e3f14558 388 if ((char *)l != name)
bd9b3cf5 389 *(l-1) = 0;
13e435eb
GB		 390}
391
5ada8885
SK		 392/* Input in presentation format */
393static int count_labels(char *name)
394{
395 int i;
396
397 if (*name == 0)
398 return 0;
399
400 for (i = 0; *name; name++)
401 if (*name == '.')
402 i++;
403
404 return i+1;
405}
406
5f8e58f4
SK		 407/* Implement RFC1982 wrapped compare for 32-bit numbers */
408static int serial_compare_32(unsigned long s1, unsigned long s2)
409{
410 if (s1 == s2)
411 return SERIAL_EQ;
0ca895f5 412
5f8e58f4
SK		 413 if ((s1 < s2 && (s2 - s1) < (1UL<<31)) ||
414 (s1 > s2 && (s1 - s2) > (1UL<<31)))
415 return SERIAL_LT;
416 if ((s1 < s2 && (s2 - s1) > (1UL<<31)) ||
417 (s1 > s2 && (s1 - s2) < (1UL<<31)))
418 return SERIAL_GT;
419 return SERIAL_UNDEF;
420}
0852d76b 421
f6e62e2a
SK		 422/* Called at startup. If the timestamp file is configured and exists, put its mtime on
423 timestamp_time. If it doesn't exist, create it, and set the mtime to 1-1-2015.
360f2513
SK		 424 return -1 -> Cannot create file.
425 0 -> not using timestamp, or timestamp exists and is in past.
426 1 -> timestamp exists and is in future.
f6e62e2a 427*/
360f2513 428
f6e62e2a
SK		 429static time_t timestamp_time;
430static int back_to_the_future;
431
360f2513 432int setup_timestamp(void)
f6e62e2a
SK		 433{
434 struct stat statbuf;
435
436 back_to_the_future = 0;
437
360f2513 438 if (!daemon->timestamp_file)
f6e62e2a
SK		 439 return 0;
440
441 if (stat(daemon->timestamp_file, &statbuf) != -1)
442 {
443 timestamp_time = statbuf.st_mtime;
444 check_and_exit:
445 if (difftime(timestamp_time, time(0)) <= 0)
446 {
447 /* time already OK, update timestamp, and do key checking from the start. */
448 if (utime(daemon->timestamp_file, NULL) == -1)
449 my_syslog(LOG_ERR, _("failed to update mtime on %s: %s"), daemon->timestamp_file, strerror(errno));
450 back_to_the_future = 1;
451 return 0;
452 }
453 return 1;
454 }
455
456 if (errno == ENOENT)
457 {
360f2513
SK		 458 /* NB. for explanation of O_EXCL flag, see comment on pidfile in dnsmasq.c */
459 int fd = open(daemon->timestamp_file, O_WRONLY | O_CREAT | O_NONBLOCK | O_EXCL, 0666);
f6e62e2a
SK		 460 if (fd != -1)
461 {
462 struct utimbuf timbuf;
463
464 close(fd);
465
466 timestamp_time = timbuf.actime = timbuf.modtime = 1420070400; /* 1-1-2015 */
360f2513 467 if (utime(daemon->timestamp_file, &timbuf) == 0)
f6e62e2a
SK		 468 goto check_and_exit;
469 }
470 }
471
360f2513 472 return -1;
f6e62e2a
SK		 473}
474
5f8e58f4
SK		 475/* Check whether today/now is between date_start and date_end */
476static int check_date_range(unsigned long date_start, unsigned long date_end)
0852d76b 477{
f6e62e2a
SK		 478 unsigned long curtime = time(0);
479
e98bd52e 480 /* Checking timestamps may be temporarily disabled */
f6e62e2a
SK		 481
482 /* If the current time if _before_ the timestamp
483 on our persistent timestamp file, then assume the
484 time if not yet correct, and don't check the
485 key timestamps. As soon as the current time is
486 later then the timestamp, update the timestamp
487 and start checking keys */
488 if (daemon->timestamp_file)
489 {
490 if (back_to_the_future == 0 && difftime(timestamp_time, curtime) <= 0)
491 {
492 if (utime(daemon->timestamp_file, NULL) != 0)
493 my_syslog(LOG_ERR, _("failed to update mtime on %s: %s"), daemon->timestamp_file, strerror(errno));
494
495 back_to_the_future = 1;
496 set_option_bool(OPT_DNSSEC_TIME);
497 queue_event(EVENT_RELOAD); /* purge cache */
498 }
499
500 if (back_to_the_future == 0)
501 return 1;
502 }
503 else if (option_bool(OPT_DNSSEC_TIME))
e98bd52e
SK		 504 return 1;
505
5f8e58f4
SK		 506 /* We must explicitly check against wanted values, because of SERIAL_UNDEF */
507 return serial_compare_32(curtime, date_start) == SERIAL_GT
508 && serial_compare_32(curtime, date_end) == SERIAL_LT;
509}
f119ed38 510
5f8e58f4
SK		 511static u16 *get_desc(int type)
512{
513 /* List of RRtypes which include domains in the data.
514 0 -> domain
515 integer -> no of plain bytes
516 -1 -> end
517
518 zero is not a valid RRtype, so the final entry is returned for
519 anything which needs no mangling.
520 */
521
522 static u16 rr_desc[] =
523 {
524 T_NS, 0, -1,
525 T_MD, 0, -1,
526 T_MF, 0, -1,
527 T_CNAME, 0, -1,
528 T_SOA, 0, 0, -1,
529 T_MB, 0, -1,
530 T_MG, 0, -1,
531 T_MR, 0, -1,
532 T_PTR, 0, -1,
533 T_MINFO, 0, 0, -1,
534 T_MX, 2, 0, -1,
535 T_RP, 0, 0, -1,
536 T_AFSDB, 2, 0, -1,
537 T_RT, 2, 0, -1,
538 T_SIG, 18, 0, -1,
539 T_PX, 2, 0, 0, -1,
540 T_NXT, 0, -1,
541 T_KX, 2, 0, -1,
542 T_SRV, 6, 0, -1,
543 T_DNAME, 0, -1,
5f8e58f4
SK		 544 0, -1 /* wildcard/catchall */
545 };
546
547 u16 *p = rr_desc;
548
549 while (*p != type && *p != 0)
550 while (*p++ != (u16)-1);
f119ed38 551
5f8e58f4
SK		 552 return p+1;
553}
0852d76b 554
5f8e58f4
SK		 555/* Return bytes of canonicalised rdata, when the return value is zero, the remaining
556 data, pointed to by *p, should be used raw. */
094b5c3d 557static int get_rdata(struct dns_header *header, size_t plen, unsigned char *end, char *buff, int bufflen,
5f8e58f4
SK		 558 unsigned char **p, u16 **desc)
559{
560 int d = **desc;
561
5f8e58f4
SK		 562 /* No more data needs mangling */
563 if (d == (u16)-1)
094b5c3d
SK		 564 {
565 /* If there's more data than we have space for, just return what fits,
566 we'll get called again for more chunks */
567 if (end - *p > bufflen)
568 {
569 memcpy(buff, *p, bufflen);
570 *p += bufflen;
571 return bufflen;
572 }
573
574 return 0;
575 }
576
577 (*desc)++;
5f8e58f4 578
394ff492 579 if (d == 0 && extract_name(header, plen, p, buff, 1, 0))
5f8e58f4
SK		 580 /* domain-name, canonicalise */
581 return to_wire(buff);
582 else
583 {
584 /* plain data preceding a domain-name, don't run off the end of the data */
585 if ((end - *p) < d)
586 d = end - *p;
587
588 if (d != 0)
589 {
590 memcpy(buff, *p, d);
591 *p += d;
592 }
593
594 return d;
595 }
0852d76b
GB		 596}
597
613ad15d
SK		 598static int expand_workspace(unsigned char ***wkspc, int *sz, int new)
599{
600 unsigned char **p;
601 int new_sz = *sz;
602
603 if (new_sz > new)
604 return 1;
605
606 if (new >= 100)
607 return 0;
608
609 new_sz += 5;
610
611 if (!(p = whine_malloc((new_sz) * sizeof(unsigned char **))))
612 return 0;
613
614 if (*wkspc)
615 {
616 memcpy(p, *wkspc, *sz * sizeof(unsigned char **));
617 free(*wkspc);
618 }
619
620 *wkspc = p;
621 *sz = new_sz;
00a5b5d4
SK		 622
623 return 1;
613ad15d
SK		 624}
625
5f8e58f4
SK		 626/* Bubble sort the RRset into the canonical order.
627 Note that the byte-streams from two RRs may get unsynced: consider
628 RRs which have two domain-names at the start and then other data.
629 The domain-names may have different lengths in each RR, but sort equal
630
631 ------------
632 |abcde|fghi|
633 ------------
634 |abcd|efghi|
635 ------------
636
637 leaving the following bytes as deciding the order. Hence the nasty left1 and left2 variables.
638*/
639
640static void sort_rrset(struct dns_header *header, size_t plen, u16 *rr_desc, int rrsetidx,
641 unsigned char **rrset, char *buff1, char *buff2)
c3e0b9b6 642{
5f8e58f4 643 int swap, quit, i;
0fc2f313 644
5f8e58f4
SK		 645 do
646 {
647 for (swap = 0, i = 0; i < rrsetidx-1; i++)
648 {
649 int rdlen1, rdlen2, left1, left2, len1, len2, len, rc;
650 u16 *dp1, *dp2;
651 unsigned char *end1, *end2;
5107ace1
SK		 652 /* Note that these have been determined to be OK previously,
653 so we don't need to check for NULL return here. */
5f8e58f4
SK		 654 unsigned char *p1 = skip_name(rrset[i], header, plen, 10);
655 unsigned char *p2 = skip_name(rrset[i+1], header, plen, 10);
656
657 p1 += 8; /* skip class, type, ttl */
658 GETSHORT(rdlen1, p1);
659 end1 = p1 + rdlen1;
660
661 p2 += 8; /* skip class, type, ttl */
662 GETSHORT(rdlen2, p2);
663 end2 = p2 + rdlen2;
664
665 dp1 = dp2 = rr_desc;
666
1486a9c7 667 for (quit = 0, left1 = 0, left2 = 0, len1 = 0, len2 = 0; !quit;)
5f8e58f4 668 {
1486a9c7
SK		 669 if (left1 != 0)
670 memmove(buff1, buff1 + len1 - left1, left1);
671
cbe379ad 672 if ((len1 = get_rdata(header, plen, end1, buff1 + left1, (MAXDNAME * 2) - left1, &p1, &dp1)) == 0)
5f8e58f4
SK		 673 {
674 quit = 1;
675 len1 = end1 - p1;
676 memcpy(buff1 + left1, p1, len1);
677 }
678 len1 += left1;
679
1486a9c7
SK		 680 if (left2 != 0)
681 memmove(buff2, buff2 + len2 - left2, left2);
682
cbe379ad 683 if ((len2 = get_rdata(header, plen, end2, buff2 + left2, (MAXDNAME *2) - left2, &p2, &dp2)) == 0)
5f8e58f4
SK		 684 {
685 quit = 1;
686 len2 = end2 - p2;
687 memcpy(buff2 + left2, p2, len2);
688 }
689 len2 += left2;
690
691 if (len1 > len2)
1486a9c7 692 left1 = len1 - len2, left2 = 0, len = len2;
5f8e58f4 693 else
1486a9c7 694 left2 = len2 - len1, left1 = 0, len = len1;
5f8e58f4 695
6fd6dacb 696 rc = (len == 0) ? 0 : memcmp(buff1, buff2, len);
5f8e58f4 697
4619d946 698 if (rc > 0 || (rc == 0 && quit && len1 > len2))
5f8e58f4
SK		 699 {
700 unsigned char *tmp = rrset[i+1];
701 rrset[i+1] = rrset[i];
702 rrset[i] = tmp;
703 swap = quit = 1;
704 }
6fd6dacb
SK		 705 else if (rc < 0)
706 quit = 1;
5f8e58f4
SK		 707 }
708 }
709 } while (swap);
710}
c3e0b9b6 711
5f8e58f4
SK		 712/* Validate a single RRset (class, type, name) in the supplied DNS reply
713 Return code:
714 STAT_SECURE if it validates.
5107ace1 715 STAT_SECURE_WILDCARD if it validates and is the result of wildcard expansion.
fbc52057 716 (In this case *wildcard_out points to the "body" of the wildcard within name.)
00a5b5d4 717 STAT_NO_SIG no RRsigs found.
87070192
SK		 718 STAT_INSECURE RRset empty.
719 STAT_BOGUS signature is wrong, bad packet.
5f8e58f4
SK		 720 STAT_NEED_KEY need DNSKEY to complete validation (name is returned in keyname)
721
722 if key is non-NULL, use that key, which has the algo and tag given in the params of those names,
723 otherwise find the key in the cache.
5107ace1
SK		 724
725 name is unchanged on exit. keyname is used as workspace and trashed.
5f8e58f4 726*/
fbc52057
SK		 727static int validate_rrset(time_t now, struct dns_header *header, size_t plen, int class, int type,
728 char *name, char *keyname, char **wildcard_out, struct blockdata *key, int keylen, int algo_in, int keytag_in)
5f8e58f4
SK		 729{
730 static unsigned char **rrset = NULL, **sigs = NULL;
731 static int rrset_sz = 0, sig_sz = 0;
0fc2f313 732
5f8e58f4 733 unsigned char *p;
5ada8885 734 int rrsetidx, sigidx, res, rdlen, j, name_labels;
5f8e58f4
SK		 735 struct crec *crecp = NULL;
736 int type_covered, algo, labels, orig_ttl, sig_expiration, sig_inception, key_tag;
737 u16 *rr_desc = get_desc(type);
83d2ed09
SK		 738
739 if (wildcard_out)
740 *wildcard_out = NULL;
741
5f8e58f4 742 if (!(p = skip_questions(header, plen)))
87070192 743 return STAT_BOGUS;
83d2ed09 744
5ada8885
SK		 745 name_labels = count_labels(name); /* For 4035 5.3.2 check */
746
747 /* look for RRSIGs for this RRset and get pointers to each RR in the set. */
5f8e58f4
SK		 748 for (rrsetidx = 0, sigidx = 0, j = ntohs(header->ancount) + ntohs(header->nscount);
749 j != 0; j--)
750 {
751 unsigned char *pstart, *pdata;
b98d22c1 752 int stype, sclass;
c3e0b9b6 753
5f8e58f4
SK		 754 pstart = p;
755
756 if (!(res = extract_name(header, plen, &p, name, 0, 10)))
87070192 757 return STAT_BOGUS; /* bad packet */
5f8e58f4
SK		 758
759 GETSHORT(stype, p);
760 GETSHORT(sclass, p);
b98d22c1 761 p += 4; /* TTL */
5f8e58f4
SK		 762
763 pdata = p;
c3e0b9b6 764
5f8e58f4
SK		 765 GETSHORT(rdlen, p);
766
e7829aef 767 if (!CHECK_LEN(header, p, plen, rdlen))
87070192 768 return STAT_BOGUS;
e7829aef 769
5f8e58f4
SK		 770 if (res == 1 && sclass == class)
771 {
772 if (stype == type)
773 {
613ad15d 774 if (!expand_workspace(&rrset, &rrset_sz, rrsetidx))
87070192 775 return STAT_BOGUS;
613ad15d 776
5f8e58f4
SK		 777 rrset[rrsetidx++] = pstart;
778 }
779
780 if (stype == T_RRSIG)
781 {
613ad15d 782 if (rdlen < 18)
87070192 783 return STAT_BOGUS; /* bad packet */
613ad15d
SK		 784
785 GETSHORT(type_covered, p);
786
787 if (type_covered == type)
788 {
789 if (!expand_workspace(&sigs, &sig_sz, sigidx))
87070192 790 return STAT_BOGUS;
613ad15d
SK		 791
792 sigs[sigidx++] = pdata;
793 }
794
795 p = pdata + 2; /* restore for ADD_RDLEN */
5f8e58f4
SK		 796 }
797 }
613ad15d 798
5f8e58f4 799 if (!ADD_RDLEN(header, p, plen, rdlen))
87070192 800 return STAT_BOGUS;
5f8e58f4 801 }
c3e0b9b6 802
00a5b5d4
SK		 803 /* RRset empty */
804 if (rrsetidx == 0)
5f8e58f4 805 return STAT_INSECURE;
00a5b5d4
SK		 806
807 /* no RRSIGs */
808 if (sigidx == 0)
809 return STAT_NO_SIG;
5f8e58f4
SK		 810
811 /* Sort RRset records into canonical order.
d387380a 812 Note that at this point keyname and daemon->workspacename buffs are
5f8e58f4 813 unused, and used as workspace by the sort. */
d387380a 814 sort_rrset(header, plen, rr_desc, rrsetidx, rrset, daemon->workspacename, keyname);
5f8e58f4
SK		 815
816 /* Now try all the sigs to try and find one which validates */
817 for (j = 0; j <sigidx; j++)
818 {
d387380a 819 unsigned char *psav, *sig, *digest;
86bec2d3
SK		 820 int i, wire_len, sig_len;
821 const struct nettle_hash *hash;
822 void *ctx;
d387380a 823 char *name_start;
5f8e58f4
SK		 824 u32 nsigttl;
825
826 p = sigs[j];
5ada8885 827 GETSHORT(rdlen, p); /* rdlen >= 18 checked previously */
5f8e58f4
SK		 828 psav = p;
829
5ada8885 830 p += 2; /* type_covered - already checked */
5f8e58f4
SK		 831 algo = *p++;
832 labels = *p++;
833 GETLONG(orig_ttl, p);
e7829aef
SK		 834 GETLONG(sig_expiration, p);
835 GETLONG(sig_inception, p);
5f8e58f4
SK		 836 GETSHORT(key_tag, p);
837
394ff492 838 if (!extract_name(header, plen, &p, keyname, 1, 0))
87070192 839 return STAT_BOGUS;
d387380a
SK		 840
841 /* RFC 4035 5.3.1 says that the Signer's Name field MUST equal
842 the name of the zone containing the RRset. We can't tell that
843 for certain, but we can check that the RRset name is equal to
844 or encloses the signers name, which should be enough to stop
845 an attacker using signatures made with the key of an unrelated
846 zone he controls. Note that the root key is always allowed. */
847 if (*keyname != 0)
848 {
849 int failed = 0;
850
851 for (name_start = name; !hostname_isequal(name_start, keyname); )
852 if ((name_start = strchr(name_start, '.')))
853 name_start++; /* chop a label off and try again */
854 else
855 {
856 failed = 1;
857 break;
858 }
859
860 /* Bad sig, try another */
861 if (failed)
862 continue;
863 }
5f8e58f4 864
d387380a 865 /* Other 5.3.1 checks */
e7829aef
SK		 866 if (!check_date_range(sig_inception, sig_expiration) ||
867 labels > name_labels ||
868 !(hash = hash_find(algo_digest_name(algo))) ||
869 !hash_init(hash, &ctx, &digest))
870 continue;
871
5f8e58f4
SK		 872 /* OK, we have the signature record, see if the relevant DNSKEY is in the cache. */
873 if (!key && !(crecp = cache_find_by_name(NULL, keyname, now, F_DNSKEY)))
874 return STAT_NEED_KEY;
875
86bec2d3
SK		 876 sig = p;
877 sig_len = rdlen - (p - psav);
e7829aef 878
5f8e58f4
SK		 879 nsigttl = htonl(orig_ttl);
880
86bec2d3 881 hash->update(ctx, 18, psav);
5f8e58f4 882 wire_len = to_wire(keyname);
86bec2d3 883 hash->update(ctx, (unsigned int)wire_len, (unsigned char*)keyname);
5f8e58f4
SK		 884 from_wire(keyname);
885
5f8e58f4
SK		 886 for (i = 0; i < rrsetidx; ++i)
887 {
888 int seg;
889 unsigned char *end, *cp;
890 u16 len, *dp;
d387380a 891
5f8e58f4 892 p = rrset[i];
394ff492 893 if (!extract_name(header, plen, &p, name, 1, 10))
87070192 894 return STAT_BOGUS;
5ada8885 895
d387380a
SK		 896 name_start = name;
897
5ada8885
SK		 898 /* if more labels than in RRsig name, hash *.<no labels in rrsig labels field> 4035 5.3.2 */
899 if (labels < name_labels)
900 {
901 int k;
902 for (k = name_labels - labels; k != 0; k--)
fbc52057
SK		 903 {
904 while (*name_start != '.' && *name_start != 0)
905 name_start++;
0b1008d3 906 if (k != 1 && *name_start == '.')
fbc52057
SK		 907 name_start++;
908 }
909
910 if (wildcard_out)
911 *wildcard_out = name_start+1;
912
5ada8885
SK		 913 name_start--;
914 *name_start = '*';
915 }
916
917 wire_len = to_wire(name_start);
86bec2d3
SK		 918 hash->update(ctx, (unsigned int)wire_len, (unsigned char *)name_start);
919 hash->update(ctx, 4, p); /* class and type */
920 hash->update(ctx, 4, (unsigned char *)&nsigttl);
5f8e58f4
SK		 921
922 p += 8; /* skip class, type, ttl */
923 GETSHORT(rdlen, p);
5ada8885 924 if (!CHECK_LEN(header, p, plen, rdlen))
87070192 925 return STAT_BOGUS;
5ada8885 926
5f8e58f4
SK		 927 end = p + rdlen;
928
cbe379ad
SK		 929 /* canonicalise rdata and calculate length of same, use name buffer as workspace.
930 Note that name buffer is twice MAXDNAME long in DNSSEC mode. */
5f8e58f4
SK		 931 cp = p;
932 dp = rr_desc;
cbe379ad 933 for (len = 0; (seg = get_rdata(header, plen, end, name, MAXDNAME * 2, &cp, &dp)) != 0; len += seg);
5f8e58f4
SK		 934 len += end - cp;
935 len = htons(len);
86bec2d3 936 hash->update(ctx, 2, (unsigned char *)&len);
5f8e58f4
SK		 937
938 /* Now canonicalise again and digest. */
939 cp = p;
940 dp = rr_desc;
cbe379ad 941 while ((seg = get_rdata(header, plen, end, name, MAXDNAME * 2, &cp, &dp)))
86bec2d3 942 hash->update(ctx, seg, (unsigned char *)name);
5f8e58f4 943 if (cp != end)
86bec2d3 944 hash->update(ctx, end - cp, cp);
5f8e58f4 945 }
86bec2d3
SK		 946
947 hash->digest(ctx, hash->digest_size, digest);
948
5ada8885
SK		 949 /* namebuff used for workspace above, restore to leave unchanged on exit */
950 p = (unsigned char*)(rrset[0]);
394ff492 951 extract_name(header, plen, &p, name, 1, 0);
5ada8885 952
5f8e58f4
SK		 953 if (key)
954 {
955 if (algo_in == algo && keytag_in == key_tag &&
ebe95a83 956 verify(key, keylen, sig, sig_len, digest, hash->digest_size, algo))
5f8e58f4
SK		 957 return STAT_SECURE;
958 }
959 else
960 {
961 /* iterate through all possible keys 4035 5.3.1 */
962 for (; crecp; crecp = cache_find_by_name(crecp, keyname, now, F_DNSKEY))
51ea3ca2
SK		 963 if (crecp->addr.key.algo == algo &&
964 crecp->addr.key.keytag == key_tag &&
3f7483e8 965 crecp->uid == (unsigned int)class &&
ebe95a83 966 verify(crecp->addr.key.keydata, crecp->addr.key.keylen, sig, sig_len, digest, hash->digest_size, algo))
5107ace1 967 return (labels < name_labels) ? STAT_SECURE_WILDCARD : STAT_SECURE;
5f8e58f4
SK		 968 }
969 }
970
971 return STAT_BOGUS;
972}
973
0fc2f313 974/* The DNS packet is expected to contain the answer to a DNSKEY query.
c3e0b9b6
SK		 975 Put all DNSKEYs in the answer which are valid into the cache.
976 return codes:
97e618a0 977 STAT_SECURE At least one valid DNSKEY found and in cache.
0fc2f313 978 STAT_BOGUS No DNSKEYs found, which can be validated with DS,
87070192 979 or self-sign for DNSKEY RRset is not valid, bad packet.
0fc2f313 980 STAT_NEED_DS DS records to validate a key not found, name in keyname
c3e0b9b6
SK		 981*/
982int dnssec_validate_by_ds(time_t now, struct dns_header *header, size_t plen, char *name, char *keyname, int class)
983{
0fc2f313 984 unsigned char *psave, *p = (unsigned char *)(header+1);
c3e0b9b6 985 struct crec *crecp, *recp1;
8d718cbb 986 int rc, j, qtype, qclass, ttl, rdlen, flags, algo, valid, keytag, type_covered;
c3e0b9b6 987 struct blockdata *key;
51ea3ca2 988 struct all_addr a;
c3e0b9b6 989
5f8e58f4 990 if (ntohs(header->qdcount) != 1 ||
394ff492 991 !extract_name(header, plen, &p, name, 1, 4))
87070192 992 return STAT_BOGUS;
5f8e58f4 993
c3e0b9b6
SK		 994 GETSHORT(qtype, p);
995 GETSHORT(qclass, p);
996
97e618a0 997 if (qtype != T_DNSKEY || qclass != class || ntohs(header->ancount) == 0)
f01d7be6 998 return STAT_BOGUS;
c3e0b9b6 999
b8eac191 1000 /* See if we have cached a DS record which validates this key */
0fc2f313
SK		 1001 if (!(crecp = cache_find_by_name(NULL, name, now, F_DS)))
1002 {
1003 strcpy(keyname, name);
1004 return STAT_NEED_DS;
1005 }
b8eac191
SK		 1006
1007 /* If we've cached that DS provably doesn't exist, result must be INSECURE */
1008 if (crecp->flags & F_NEG)
fe3992f9 1009 return STAT_INSECURE_DS;
b8eac191 1010
0fc2f313 1011 /* NOTE, we need to find ONE DNSKEY which matches the DS */
e7829aef 1012 for (valid = 0, j = ntohs(header->ancount); j != 0 && !valid; j--)
c3e0b9b6
SK		 1013 {
1014 /* Ensure we have type, class TTL and length */
0fc2f313 1015 if (!(rc = extract_name(header, plen, &p, name, 0, 10)))
87070192 1016 return STAT_BOGUS; /* bad packet */
c3e0b9b6
SK		 1017
1018 GETSHORT(qtype, p);
1019 GETSHORT(qclass, p);
1020 GETLONG(ttl, p);
1021 GETSHORT(rdlen, p);
6f468103 1022
0fc2f313 1023 if (!CHECK_LEN(header, p, plen, rdlen) || rdlen < 4)
87070192 1024 return STAT_BOGUS; /* bad packet */
0fc2f313 1025
6f468103
SK		 1026 if (qclass != class || qtype != T_DNSKEY || rc == 2)
1027 {
1028 p += rdlen;
1029 continue;
1030 }
1031
0fc2f313 1032 psave = p;
c3e0b9b6 1033
c3e0b9b6 1034 GETSHORT(flags, p);
0fc2f313 1035 if (*p++ != 3)
f01d7be6 1036 return STAT_BOGUS;
c3e0b9b6 1037 algo = *p++;
0fc2f313 1038 keytag = dnskey_keytag(algo, flags, p, rdlen - 4);
e7829aef 1039 key = NULL;
c3e0b9b6 1040
e7829aef
SK		 1041 /* key must have zone key flag set */
1042 if (flags & 0x100)
1043 key = blockdata_alloc((char*)p, rdlen - 4);
c3e0b9b6 1044
0fc2f313 1045 p = psave;
e7829aef 1046
0fc2f313 1047 if (!ADD_RDLEN(header, p, plen, rdlen))
8d718cbb
SK		 1048 {
1049 if (key)
1050 blockdata_free(key);
87070192 1051 return STAT_BOGUS; /* bad packet */
8d718cbb
SK		 1052 }
1053
e7829aef
SK		 1054 /* No zone key flag or malloc failure */
1055 if (!key)
0fc2f313
SK		 1056 continue;
1057
1058 for (recp1 = crecp; recp1; recp1 = cache_find_by_name(recp1, name, now, F_DS))
86bec2d3
SK		 1059 {
1060 void *ctx;
1061 unsigned char *digest, *ds_digest;
1062 const struct nettle_hash *hash;
1063
51ea3ca2
SK		 1064 if (recp1->addr.ds.algo == algo &&
1065 recp1->addr.ds.keytag == keytag &&
3f7483e8 1066 recp1->uid == (unsigned int)class &&
51ea3ca2 1067 (hash = hash_find(ds_digest_name(recp1->addr.ds.digest))) &&
86bec2d3 1068 hash_init(hash, &ctx, &digest))
0fc2f313 1069
86bec2d3
SK		 1070 {
1071 int wire_len = to_wire(name);
1072
1073 /* Note that digest may be different between DSs, so
1074 we can't move this outside the loop. */
1075 hash->update(ctx, (unsigned int)wire_len, (unsigned char *)name);
1076 hash->update(ctx, (unsigned int)rdlen, psave);
1077 hash->digest(ctx, hash->digest_size, digest);
1078
1079 from_wire(name);
1080
824202ef
SK		 1081 if (recp1->addr.ds.keylen == (int)hash->digest_size &&
1082 (ds_digest = blockdata_retrieve(recp1->addr.key.keydata, recp1->addr.ds.keylen, NULL)) &&
1083 memcmp(ds_digest, digest, recp1->addr.ds.keylen) == 0 &&
fbc52057 1084 validate_rrset(now, header, plen, class, T_DNSKEY, name, keyname, NULL, key, rdlen - 4, algo, keytag) == STAT_SECURE)
86bec2d3 1085 {
86bec2d3 1086 valid = 1;
86bec2d3
SK		 1087 break;
1088 }
1089 }
1090 }
e7829aef 1091 blockdata_free(key);
c3e0b9b6 1092 }
c3e0b9b6 1093
0fc2f313
SK		 1094 if (valid)
1095 {
8d718cbb 1096 /* DNSKEY RRset determined to be OK, now cache it and the RRsigs that sign it. */
e7829aef
SK		 1097 cache_start_insert();
1098
1099 p = skip_questions(header, plen);
1100
1101 for (j = ntohs(header->ancount); j != 0; j--)
1102 {
1103 /* Ensure we have type, class TTL and length */
1104 if (!(rc = extract_name(header, plen, &p, name, 0, 10)))
1105 return STAT_INSECURE; /* bad packet */
1106
1107 GETSHORT(qtype, p);
1108 GETSHORT(qclass, p);
1109 GETLONG(ttl, p);
1110 GETSHORT(rdlen, p);
8d718cbb
SK		 1111
1112 if (!CHECK_LEN(header, p, plen, rdlen))
87070192 1113 return STAT_BOGUS; /* bad packet */
e7829aef 1114
8d718cbb 1115 if (qclass == class && rc == 1)
e7829aef 1116 {
8d718cbb 1117 psave = p;
e7829aef 1118
8d718cbb
SK		 1119 if (qtype == T_DNSKEY)
1120 {
1121 if (rdlen < 4)
87070192 1122 return STAT_BOGUS; /* bad packet */
8d718cbb
SK		 1123
1124 GETSHORT(flags, p);
1125 if (*p++ != 3)
f01d7be6 1126 return STAT_BOGUS;
8d718cbb
SK		 1127 algo = *p++;
1128 keytag = dnskey_keytag(algo, flags, p, rdlen - 4);
1129
1130 /* Cache needs to known class for DNSSEC stuff */
1131 a.addr.dnssec.class = class;
1132
1133 if ((key = blockdata_alloc((char*)p, rdlen - 4)))
1134 {
1135 if (!(recp1 = cache_insert(name, &a, now, ttl, F_FORWARD | F_DNSKEY | F_DNSSECOK)))
1136 blockdata_free(key);
1137 else
1138 {
1139 a.addr.keytag = keytag;
25cf5e37 1140 log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DNSKEY keytag %u");
8d718cbb
SK		 1141
1142 recp1->addr.key.keylen = rdlen - 4;
1143 recp1->addr.key.keydata = key;
1144 recp1->addr.key.algo = algo;
1145 recp1->addr.key.keytag = keytag;
1146 recp1->addr.key.flags = flags;
8d718cbb
SK		 1147 }
1148 }
1149 }
1150 else if (qtype == T_RRSIG)
1151 {
1152 /* RRSIG, cache if covers DNSKEY RRset */
1153 if (rdlen < 18)
87070192 1154 return STAT_BOGUS; /* bad packet */
8d718cbb
SK		 1155
1156 GETSHORT(type_covered, p);
1157
1158 if (type_covered == T_DNSKEY)
1159 {
1160 a.addr.dnssec.class = class;
1161 a.addr.dnssec.type = type_covered;
1162
1163 algo = *p++;
1164 p += 13; /* labels, orig_ttl, expiration, inception */
1165 GETSHORT(keytag, p);
1166 if ((key = blockdata_alloc((char*)psave, rdlen)))
1167 {
1168 if (!(crecp = cache_insert(name, &a, now, ttl, F_FORWARD | F_DNSKEY | F_DS)))
1169 blockdata_free(key);
1170 else
1171 {
8d718cbb
SK		 1172 crecp->addr.sig.keydata = key;
1173 crecp->addr.sig.keylen = rdlen;
1174 crecp->addr.sig.keytag = keytag;
1175 crecp->addr.sig.type_covered = type_covered;
1176 crecp->addr.sig.algo = algo;
1177 }
1178 }
1179 }
1180 }
e7829aef 1181
8d718cbb 1182 p = psave;
e7829aef 1183 }
8d718cbb 1184
e7829aef 1185 if (!ADD_RDLEN(header, p, plen, rdlen))
87070192 1186 return STAT_BOGUS; /* bad packet */
e7829aef
SK		 1187 }
1188
0fc2f313
SK		 1189 /* commit cache insert. */
1190 cache_end_insert();
1191 return STAT_SECURE;
1192 }
1193
25cf5e37 1194 log_query(F_NOEXTRA | F_UPSTREAM, name, NULL, "BOGUS DNSKEY");
0fc2f313 1195 return STAT_BOGUS;
c3e0b9b6 1196}
0fc2f313 1197
c3e0b9b6
SK		 1198/* The DNS packet is expected to contain the answer to a DS query
1199 Put all DSs in the answer which are valid into the cache.
1200 return codes:
c3e0b9b6 1201 STAT_SECURE At least one valid DS found and in cache.
00a5b5d4 1202 STAT_NO_DS It's proved there's no DS here.
97e618a0
SK		 1203 STAT_NO_NS It's proved there's no DS _or_ NS here.
1204 STAT_BOGUS no DS in reply or not signed, fails validation, bad packet.
0b8a5a30 1205 STAT_NEED_KEY DNSKEY records to validate a DS not found, name in keyname
c3e0b9b6
SK		 1206*/
1207
1208int dnssec_validate_ds(time_t now, struct dns_header *header, size_t plen, char *name, char *keyname, int class)
1209{
51ea3ca2 1210 unsigned char *p = (unsigned char *)(header+1);
97e618a0 1211 int qtype, qclass, val, i, neganswer, nons;
c3e0b9b6 1212
5f8e58f4 1213 if (ntohs(header->qdcount) != 1 ||
b8eac191 1214 !(p = skip_name(p, header, plen, 4)))
87070192 1215 return STAT_BOGUS;
8d718cbb 1216
c3e0b9b6
SK		 1217 GETSHORT(qtype, p);
1218 GETSHORT(qclass, p);
1219
b47b04c8
SK		 1220 if (qtype != T_DS || qclass != class)
1221 val = STAT_BOGUS;
1222 else
97e618a0
SK		 1223 val = dnssec_validate_reply(now, header, plen, name, keyname, NULL, &neganswer, &nons);
1224 /* Note dnssec_validate_reply() will have cached positive answers */
1225
e3ec6f0b 1226 if (val == STAT_INSECURE)
97e618a0 1227 val = STAT_BOGUS;
e3ec6f0b
SK		 1228
1229 if (val == STAT_NO_SIG)
1230 return val;
51ea3ca2 1231
b8eac191 1232 p = (unsigned char *)(header+1);
394ff492 1233 extract_name(header, plen, &p, name, 1, 4);
b8eac191
SK		 1234 p += 4; /* qtype, qclass */
1235
00a5b5d4 1236 if (!(p = skip_section(p, ntohs(header->ancount), header, plen)))
97e618a0 1237 val = STAT_BOGUS;
00a5b5d4 1238
0b8a5a30
SK		 1239 /* If the key needed to validate the DS is on the same domain as the DS, we'll
1240 loop getting nowhere. Stop that now. This can happen of the DS answer comes
1241 from the DS's zone, and not the parent zone. */
1242 if (val == STAT_BOGUS || (val == STAT_NEED_KEY && hostname_isequal(name, keyname)))
b8eac191 1243 {
25cf5e37 1244 log_query(F_NOEXTRA | F_UPSTREAM, name, NULL, "BOGUS DS");
97e618a0
SK		 1245 return STAT_BOGUS;
1246 }
1247
1248 /* By here, the answer is proved secure, and a positive answer has been cached. */
1249 if (val == STAT_SECURE && neganswer)
1250 {
1251 int rdlen, flags = F_FORWARD | F_DS | F_NEG | F_DNSSECOK;
b8eac191
SK		 1252 unsigned long ttl, minttl = ULONG_MAX;
1253 struct all_addr a;
00a5b5d4
SK		 1254
1255 if (RCODE(header) == NXDOMAIN)
1256 flags |= F_NXDOMAIN;
1257
97e618a0
SK		 1258 /* We only cache validated DS records, DNSSECOK flag hijacked
1259 to store presence/absence of NS. */
1260 if (nons)
1261 flags &= ~F_DNSSECOK;
b8eac191
SK		 1262
1263 for (i = ntohs(header->nscount); i != 0; i--)
1264 {
00a5b5d4 1265 if (!(p = skip_name(p, header, plen, 0)))
87070192 1266 return STAT_BOGUS;
b8eac191
SK		 1267
1268 GETSHORT(qtype, p);
1269 GETSHORT(qclass, p);
1270 GETLONG(ttl, p);
1271 GETSHORT(rdlen, p);
1272
00a5b5d4 1273 if (!CHECK_LEN(header, p, plen, rdlen))
87070192 1274 return STAT_BOGUS; /* bad packet */
00a5b5d4
SK		 1275
1276 if (qclass != class || qtype != T_SOA)
b8eac191
SK		 1277 {
1278 p += rdlen;
1279 continue;
1280 }
1281
1282 if (ttl < minttl)
1283 minttl = ttl;
1284
1285 /* MNAME */
1286 if (!(p = skip_name(p, header, plen, 0)))
87070192 1287 return STAT_BOGUS;
b8eac191
SK		 1288 /* RNAME */
1289 if (!(p = skip_name(p, header, plen, 20)))
87070192 1290 return STAT_BOGUS;
b8eac191
SK		 1291 p += 16; /* SERIAL REFRESH RETRY EXPIRE */
1292
1293 GETLONG(ttl, p); /* minTTL */
1294 if (ttl < minttl)
1295 minttl = ttl;
00a5b5d4
SK		 1296
1297 break;
b8eac191
SK		 1298 }
1299
00a5b5d4
SK		 1300 if (i != 0)
1301 {
1302 cache_start_insert();
1303
1304 a.addr.dnssec.class = class;
1305 cache_insert(name, &a, now, ttl, flags);
1306
97e618a0
SK		 1307 cache_end_insert();
1308
25cf5e37 1309 log_query(F_NOEXTRA | F_UPSTREAM, name, NULL, nons ? "no delegation" : "no DS");
00a5b5d4 1310 }
b8eac191 1311
97e618a0 1312 return nons ? STAT_NO_NS : STAT_NO_DS;
b8eac191
SK		 1313 }
1314
51ea3ca2 1315 return val;
c3e0b9b6
SK		 1316}
1317
c5f4ec7d
SK		 1318/* 4034 6.1 */
1319static int hostname_cmp(const char *a, const char *b)
1320{
dbf72123
SK		 1321 char *sa, *ea, *ca, *sb, *eb, *cb;
1322 unsigned char ac, bc;
1323
1324 sa = ea = (char *)a + strlen(a);
1325 sb = eb = (char *)b + strlen(b);
1326
c5f4ec7d
SK		 1327 while (1)
1328 {
dbf72123
SK		 1329 while (sa != a && *(sa-1) != '.')
1330 sa--;
c5f4ec7d 1331
dbf72123
SK		 1332 while (sb != b && *(sb-1) != '.')
1333 sb--;
1334
1335 ca = sa;
1336 cb = sb;
1337
1338 while (1)
1339 {
1340 if (ca == ea)
1341 {
1342 if (cb == eb)
1343 break;
1344
1345 return -1;
1346 }
c5f4ec7d 1347
dbf72123
SK		 1348 if (cb == eb)
1349 return 1;
1350
1351 ac = (unsigned char) *ca++;
1352 bc = (unsigned char) *cb++;
1353
1354 if (ac >= 'A' && ac <= 'Z')
1355 ac += 'a' - 'A';
1356 if (bc >= 'A' && bc <= 'Z')
1357 bc += 'a' - 'A';
1358
979cdf9b 1359 if (ac < bc)
dbf72123
SK		 1360 return -1;
1361 else if (ac != bc)
1362 return 1;
1363 }
c5f4ec7d 1364
dbf72123
SK		 1365
1366 if (sa == a)
c5f4ec7d 1367 {
dbf72123
SK		 1368 if (sb == b)
1369 return 0;
c5f4ec7d 1370
dbf72123 1371 return -1;
c5f4ec7d
SK		 1372 }
1373
dbf72123
SK		 1374 if (sb == b)
1375 return 1;
c5f4ec7d 1376
dbf72123
SK		 1377 ea = sa--;
1378 eb = sb--;
c5f4ec7d
SK		 1379 }
1380}
1381
5107ace1
SK		 1382/* Find all the NSEC or NSEC3 records in a reply.
1383 return an array of pointers to them. */
1384static int find_nsec_records(struct dns_header *header, size_t plen, unsigned char ***nsecsetp, int *nsecsetl, int class_reqd)
1385{
1386 static unsigned char **nsecset = NULL;
1387 static int nsecset_sz = 0;
1388
87070192 1389 int type_found = 0;
5107ace1
SK		 1390 unsigned char *p = skip_questions(header, plen);
1391 int type, class, rdlen, i, nsecs_found;
1392
1393 /* Move to NS section */
1394 if (!p || !(p = skip_section(p, ntohs(header->ancount), header, plen)))
1395 return 0;
1396
1397 for (nsecs_found = 0, i = ntohs(header->nscount); i != 0; i--)
1398 {
1399 unsigned char *pstart = p;
1400
1401 if (!(p = skip_name(p, header, plen, 10)))
1402 return 0;
1403
1404 GETSHORT(type, p);
1405 GETSHORT(class, p);
1406 p += 4; /* TTL */
1407 GETSHORT(rdlen, p);
1408
1409 if (class == class_reqd && (type == T_NSEC || type == T_NSEC3))
1410 {
1411 /* No mixed NSECing 'round here, thankyouverymuch */
1412 if (type_found == T_NSEC && type == T_NSEC3)
1413 return 0;
1414 if (type_found == T_NSEC3 && type == T_NSEC)
1415 return 0;
1416
1417 type_found = type;
1418
613ad15d
SK		 1419 if (!expand_workspace(&nsecset, &nsecset_sz, nsecs_found))
1420 return 0;
1421
5107ace1
SK		 1422 nsecset[nsecs_found++] = pstart;
1423 }
613ad15d 1424
5107ace1
SK		 1425 if (!ADD_RDLEN(header, p, plen, rdlen))
1426 return 0;
1427 }
1428
1429 *nsecsetp = nsecset;
1430 *nsecsetl = nsecs_found;
1431
1432 return type_found;
1433}
1434
24187530 1435static int prove_non_existence_nsec(struct dns_header *header, size_t plen, unsigned char **nsecs, int nsec_count,
97e618a0 1436 char *workspace1, char *workspace2, char *name, int type, int *nons)
5107ace1
SK		 1437{
1438 int i, rc, rdlen;
1439 unsigned char *p, *psave;
1440 int offset = (type & 0xff) >> 3;
1441 int mask = 0x80 >> (type & 0x07);
97e618a0
SK		 1442
1443 if (nons)
1444 *nons = 0;
5107ace1
SK		 1445
1446 /* Find NSEC record that proves name doesn't exist */
1447 for (i = 0; i < nsec_count; i++)
1448 {
1449 p = nsecs[i];
394ff492 1450 if (!extract_name(header, plen, &p, workspace1, 1, 10))
87070192 1451 return STAT_BOGUS;
5107ace1
SK		 1452 p += 8; /* class, type, TTL */
1453 GETSHORT(rdlen, p);
1454 psave = p;
394ff492 1455 if (!extract_name(header, plen, &p, workspace2, 1, 10))
87070192 1456 return STAT_BOGUS;
5107ace1
SK		 1457
1458 rc = hostname_cmp(workspace1, name);
1459
1460 if (rc == 0)
1461 {
f01d7be6
SK		 1462 /* 4035 para 5.4. Last sentence */
1463 if (type == T_NSEC || type == T_RRSIG)
1464 return STAT_SECURE;
1465
5107ace1
SK		 1466 /* NSEC with the same name as the RR we're testing, check
1467 that the type in question doesn't appear in the type map */
1468 rdlen -= p - psave;
1469 /* rdlen is now length of type map, and p points to it */
1470
97e618a0
SK		 1471 /* If we can prove that there's no NS record, return that information. */
1472 if (nons && rdlen >= 2 && p[0] == 0 && (p[2] & (0x80 >> T_NS)) == 0)
1473 *nons = 1;
1474
5107ace1
SK		 1475 while (rdlen >= 2)
1476 {
1477 if (!CHECK_LEN(header, p, plen, rdlen))
87070192 1478 return STAT_BOGUS;
5107ace1
SK		 1479
1480 if (p[0] == type >> 8)
1481 {
1482 /* Does the NSEC say our type exists? */
a857daa3 1483 if (offset < p[1] && (p[offset+2] & mask) != 0)
5107ace1
SK		 1484 return STAT_BOGUS;
1485
1486 break; /* finshed checking */
1487 }
1488
1489 rdlen -= p[1];
1490 p += p[1];
1491 }
1492
1493 return STAT_SECURE;
1494 }
1495 else if (rc == -1)
1496 {
1497 /* Normal case, name falls between NSEC name and next domain name,
1498 wrap around case, name falls between NSEC name (rc == -1) and end */
4d25cf89 1499 if (hostname_cmp(workspace2, name) >= 0 || hostname_cmp(workspace1, workspace2) >= 0)
5107ace1
SK		 1500 return STAT_SECURE;
1501 }
1502 else
1503 {
1504 /* wrap around case, name falls between start and next domain name */
4d25cf89 1505 if (hostname_cmp(workspace1, workspace2) >= 0 && hostname_cmp(workspace2, name) >=0 )
5107ace1
SK		 1506 return STAT_SECURE;
1507 }
1508 }
1509
1510 return STAT_BOGUS;
1511}
1512
1513/* return digest length, or zero on error */
1514static int hash_name(char *in, unsigned char **out, struct nettle_hash const *hash,
1515 unsigned char *salt, int salt_len, int iterations)
1516{
1517 void *ctx;
1518 unsigned char *digest;
1519 int i;
1520
1521 if (!hash_init(hash, &ctx, &digest))
1522 return 0;
1523
1524 hash->update(ctx, to_wire(in), (unsigned char *)in);
1525 hash->update(ctx, salt_len, salt);
1526 hash->digest(ctx, hash->digest_size, digest);
1527
1528 for(i = 0; i < iterations; i++)
1529 {
1530 hash->update(ctx, hash->digest_size, digest);
1531 hash->update(ctx, salt_len, salt);
1532 hash->digest(ctx, hash->digest_size, digest);
1533 }
1534
1535 from_wire(in);
1536
1537 *out = digest;
1538 return hash->digest_size;
1539}
1540
1541/* Decode base32 to first "." or end of string */
1542static int base32_decode(char *in, unsigned char *out)
1543{
a857daa3 1544 int oc, on, c, mask, i;
5107ace1
SK		 1545 unsigned char *p = out;
1546
a857daa3 1547 for (c = *in, oc = 0, on = 0; c != 0 && c != '.'; c = *++in)
5107ace1 1548 {
5107ace1
SK		 1549 if (c >= '0' && c <= '9')
1550 c -= '0';
1551 else if (c >= 'a' && c <= 'v')
1552 c -= 'a', c += 10;
1553 else if (c >= 'A' && c <= 'V')
1554 c -= 'A', c += 10;
1555 else
1556 return 0;
1557
1558 for (mask = 0x10, i = 0; i < 5; i++)
1559 {
a857daa3
SK		 1560 if (c & mask)
1561 oc |= 1;
1562 mask = mask >> 1;
1563 if (((++on) & 7) == 0)
1564 *p++ = oc;
1565 oc = oc << 1;
5107ace1
SK		 1566 }
1567 }
1568
1569 if ((on & 7) != 0)
1570 return 0;
1571
1572 return p - out;
1573}
1574
fbc52057 1575static int check_nsec3_coverage(struct dns_header *header, size_t plen, int digest_len, unsigned char *digest, int type,
97e618a0 1576 char *workspace1, char *workspace2, unsigned char **nsecs, int nsec_count, int *nons)
fbc52057
SK		 1577{
1578 int i, hash_len, salt_len, base32_len, rdlen;
1579 unsigned char *p, *psave;
1580
1581 for (i = 0; i < nsec_count; i++)
1582 if ((p = nsecs[i]))
1583 {
394ff492 1584 if (!extract_name(header, plen, &p, workspace1, 1, 0) ||
fbc52057
SK		 1585 !(base32_len = base32_decode(workspace1, (unsigned char *)workspace2)))
1586 return 0;
1587
1588 p += 8; /* class, type, TTL */
1589 GETSHORT(rdlen, p);
1590 psave = p;
1591 p += 4; /* algo, flags, iterations */
1592 salt_len = *p++; /* salt_len */
1593 p += salt_len; /* salt */
1594 hash_len = *p++; /* p now points to next hashed name */
1595
1596 if (!CHECK_LEN(header, p, plen, hash_len))
1597 return 0;
1598
1599 if (digest_len == base32_len && hash_len == base32_len)
1600 {
1601 int rc = memcmp(workspace2, digest, digest_len);
1602
1603 if (rc == 0)
1604 {
1605 /* We found an NSEC3 whose hashed name exactly matches the query, so
1606 we just need to check the type map. p points to the RR data for the record. */
1607
1608 int offset = (type & 0xff) >> 3;
1609 int mask = 0x80 >> (type & 0x07);
1610
1611 p += hash_len; /* skip next-domain hash */
1612 rdlen -= p - psave;
1613
1614 if (!CHECK_LEN(header, p, plen, rdlen))
1615 return 0;
1616
97e618a0
SK		 1617 /* If we can prove that there's no NS record, return that information. */
1618 if (nons && rdlen >= 2 && p[0] == 0 && (p[2] & (0x80 >> T_NS)) == 0)
1619 *nons = 1;
1620
fbc52057
SK		 1621 while (rdlen >= 2)
1622 {
1623 if (p[0] == type >> 8)
1624 {
1625 /* Does the NSEC3 say our type exists? */
1626 if (offset < p[1] && (p[offset+2] & mask) != 0)
1627 return STAT_BOGUS;
1628
1629 break; /* finshed checking */
1630 }
1631
1632 rdlen -= p[1];
1633 p += p[1];
1634 }
1635
1636 return 1;
1637 }
4d25cf89 1638 else if (rc < 0)
fbc52057
SK		 1639 {
1640 /* Normal case, hash falls between NSEC3 name-hash and next domain name-hash,
1641 wrap around case, name-hash falls between NSEC3 name-hash and end */
4d25cf89 1642 if (memcmp(p, digest, digest_len) >= 0 || memcmp(workspace2, p, digest_len) >= 0)
fbc52057
SK		 1643 return 1;
1644 }
1645 else
1646 {
1647 /* wrap around case, name falls between start and next domain name */
4d25cf89 1648 if (memcmp(workspace2, p, digest_len) >= 0 && memcmp(p, digest, digest_len) >= 0)
fbc52057
SK		 1649 return 1;
1650 }
1651 }
1652 }
1653 return 0;
1654}
1655
24187530 1656static int prove_non_existence_nsec3(struct dns_header *header, size_t plen, unsigned char **nsecs, int nsec_count,
97e618a0 1657 char *workspace1, char *workspace2, char *name, int type, char *wildname, int *nons)
5107ace1 1658{
a857daa3 1659 unsigned char *salt, *p, *digest;
fbc52057 1660 int digest_len, i, iterations, salt_len, base32_len, algo = 0;
5107ace1
SK		 1661 struct nettle_hash const *hash;
1662 char *closest_encloser, *next_closest, *wildcard;
97e618a0
SK		 1663
1664 if (nons)
1665 *nons = 0;
1666
5107ace1
SK		 1667 /* Look though the NSEC3 records to find the first one with
1668 an algorithm we support (currently only algo == 1).
1669
1670 Take the algo, iterations, and salt of that record
1671 as the ones we're going to use, and prune any
1672 that don't match. */
1673
1674 for (i = 0; i < nsec_count; i++)
1675 {
1676 if (!(p = skip_name(nsecs[i], header, plen, 15)))
87070192 1677 return STAT_BOGUS; /* bad packet */
5107ace1
SK		 1678
1679 p += 10; /* type, class, TTL, rdlen */
1680 algo = *p++;
1681
1682 if (algo == 1)
1683 break; /* known algo */
1684 }
1685
1686 /* No usable NSEC3s */
1687 if (i == nsec_count)
1688 return STAT_BOGUS;
1689
1690 p++; /* flags */
1691 GETSHORT (iterations, p);
1692 salt_len = *p++;
1693 salt = p;
1694 if (!CHECK_LEN(header, salt, plen, salt_len))
87070192 1695 return STAT_BOGUS; /* bad packet */
5107ace1
SK		 1696
1697 /* Now prune so we only have NSEC3 records with same iterations, salt and algo */
1698 for (i = 0; i < nsec_count; i++)
1699 {
1700 unsigned char *nsec3p = nsecs[i];
1701 int this_iter;
1702
1703 nsecs[i] = NULL; /* Speculative, will be restored if OK. */
1704
1705 if (!(p = skip_name(nsec3p, header, plen, 15)))
87070192 1706 return STAT_BOGUS; /* bad packet */
5107ace1
SK		 1707
1708 p += 10; /* type, class, TTL, rdlen */
1709
1710 if (*p++ != algo)
1711 continue;
1712
1713 p++; /* flags */
1714
a857daa3 1715 GETSHORT(this_iter, p);
5107ace1
SK		 1716 if (this_iter != iterations)
1717 continue;
1718
1719 if (salt_len != *p++)
1720 continue;
1721
1722 if (!CHECK_LEN(header, p, plen, salt_len))
87070192 1723 return STAT_BOGUS; /* bad packet */
5107ace1
SK		 1724
1725 if (memcmp(p, salt, salt_len) != 0)
1726 continue;
1727
1728 /* All match, put the pointer back */
1729 nsecs[i] = nsec3p;
1730 }
1731
1732 /* Algo is checked as 1 above */
1733 if (!(hash = hash_find("sha1")))
87070192 1734 return STAT_BOGUS;
5107ace1 1735
fbc52057
SK		 1736 if ((digest_len = hash_name(name, &digest, hash, salt, salt_len, iterations)) == 0)
1737 return STAT_BOGUS;
1738
97e618a0 1739 if (check_nsec3_coverage(header, plen, digest_len, digest, type, workspace1, workspace2, nsecs, nsec_count, nons))
fbc52057
SK		 1740 return STAT_SECURE;
1741
1742 /* Can't find an NSEC3 which covers the name directly, we need the "closest encloser NSEC3"
1743 or an answer inferred from a wildcard record. */
5107ace1
SK		 1744 closest_encloser = name;
1745 next_closest = NULL;
1746
1747 do
1748 {
1749 if (*closest_encloser == '.')
1750 closest_encloser++;
c5f4ec7d 1751
fbc52057
SK		 1752 if (wildname && hostname_isequal(closest_encloser, wildname))
1753 break;
1754
a857daa3 1755 if ((digest_len = hash_name(closest_encloser, &digest, hash, salt, salt_len, iterations)) == 0)
87070192 1756 return STAT_BOGUS;
5107ace1
SK		 1757
1758 for (i = 0; i < nsec_count; i++)
1759 if ((p = nsecs[i]))
1760 {
394ff492 1761 if (!extract_name(header, plen, &p, workspace1, 1, 0) ||
a857daa3 1762 !(base32_len = base32_decode(workspace1, (unsigned char *)workspace2)))
87070192 1763 return STAT_BOGUS;
5107ace1 1764
a857daa3
SK		 1765 if (digest_len == base32_len &&
1766 memcmp(digest, workspace2, digest_len) == 0)
5107ace1
SK		 1767 break; /* Gotit */
1768 }
1769
1770 if (i != nsec_count)
1771 break;
1772
1773 next_closest = closest_encloser;
1774 }
1775 while ((closest_encloser = strchr(closest_encloser, '.')));
1776
fbc52057 1777 if (!closest_encloser)
5107ace1
SK		 1778 return STAT_BOGUS;
1779
24187530 1780 /* Look for NSEC3 that proves the non-existence of the next-closest encloser */
a857daa3 1781 if ((digest_len = hash_name(next_closest, &digest, hash, salt, salt_len, iterations)) == 0)
87070192 1782 return STAT_BOGUS;
5107ace1 1783
97e618a0 1784 if (!check_nsec3_coverage(header, plen, digest_len, digest, type, workspace1, workspace2, nsecs, nsec_count, NULL))
87070192 1785 return STAT_BOGUS;
5107ace1 1786
fbc52057
SK		 1787 /* Finally, check that there's no seat of wildcard synthesis */
1788 if (!wildname)
1789 {
1790 if (!(wildcard = strchr(next_closest, '.')) || wildcard == next_closest)
1791 return STAT_BOGUS;
1792
1793 wildcard--;
1794 *wildcard = '*';
1795
1796 if ((digest_len = hash_name(wildcard, &digest, hash, salt, salt_len, iterations)) == 0)
1797 return STAT_BOGUS;
1798
97e618a0 1799 if (!check_nsec3_coverage(header, plen, digest_len, digest, type, workspace1, workspace2, nsecs, nsec_count, NULL))
fbc52057
SK		 1800 return STAT_BOGUS;
1801 }
5107ace1 1802
fbc52057 1803 return STAT_SECURE;
5107ace1
SK		 1804}
1805
0fc2f313 1806/* Validate all the RRsets in the answer and authority sections of the reply (4035:3.2.3) */
51ea3ca2 1807/* Returns are the same as validate_rrset, plus the class if the missing key is in *class */
97e618a0
SK		 1808int dnssec_validate_reply(time_t now, struct dns_header *header, size_t plen, char *name, char *keyname,
1809 int *class, int *neganswer, int *nons)
adca3e9c 1810{
00a5b5d4
SK		 1811 unsigned char *ans_start, *qname, *p1, *p2, **nsecs;
1812 int type1, class1, rdlen1, type2, class2, rdlen2, qclass, qtype;
1fbe4d2f 1813 int i, j, rc, nsec_count, cname_count = CNAME_CHAIN;
00a5b5d4 1814 int nsec_type = 0, have_answer = 0;
adca3e9c 1815
00a5b5d4
SK		 1816 if (neganswer)
1817 *neganswer = 0;
1818
87070192 1819 if (RCODE(header) == SERVFAIL || ntohs(header->qdcount) != 1)
e3ec15af
SK		 1820 return STAT_BOGUS;
1821
87070192 1822 if (RCODE(header) != NXDOMAIN && RCODE(header) != NOERROR)
72ae2f3d 1823 return STAT_INSECURE;
00a5b5d4
SK		 1824
1825 qname = p1 = (unsigned char *)(header+1);
c5f4ec7d 1826
394ff492 1827 if (!extract_name(header, plen, &p1, name, 1, 4))
87070192 1828 return STAT_BOGUS;
00a5b5d4
SK		 1829
1830 GETSHORT(qtype, p1);
1831 GETSHORT(qclass, p1);
1832 ans_start = p1;
9d1b22aa
SK		 1833
1834 if (qtype == T_ANY)
1835 have_answer = 1;
00a5b5d4
SK		 1836
1837 /* Can't validate an RRISG query */
1838 if (qtype == T_RRSIG)
0fc2f313 1839 return STAT_INSECURE;
00a5b5d4
SK		 1840
1841 cname_loop:
1842 for (j = ntohs(header->ancount); j != 0; j--)
1843 {
1844 /* leave pointer to missing name in qname */
1845
1846 if (!(rc = extract_name(header, plen, &p1, name, 0, 10)))
87070192 1847 return STAT_BOGUS; /* bad packet */
00a5b5d4
SK		 1848
1849 GETSHORT(type2, p1);
1850 GETSHORT(class2, p1);
1851 p1 += 4; /* TTL */
1852 GETSHORT(rdlen2, p1);
1853
1854 if (rc == 1 && qclass == class2)
1855 {
1856 /* Do we have an answer for the question? */
1857 if (type2 == qtype)
1858 {
1859 have_answer = 1;
1860 break;
1861 }
1862 else if (type2 == T_CNAME)
1863 {
1864 qname = p1;
1865
1866 /* looped CNAMES */
394ff492 1867 if (!cname_count-- || !extract_name(header, plen, &p1, name, 1, 0))
87070192 1868 return STAT_BOGUS;
00a5b5d4
SK		 1869
1870 p1 = ans_start;
1871 goto cname_loop;
1872 }
1873 }
1874
1875 if (!ADD_RDLEN(header, p1, plen, rdlen2))
87070192 1876 return STAT_BOGUS;
00a5b5d4 1877 }
0fc2f313 1878
00a5b5d4
SK		 1879 if (neganswer && !have_answer)
1880 *neganswer = 1;
e3ec6f0b 1881
0575610f
SK		 1882 /* No data, therefore no sigs */
1883 if (ntohs(header->ancount) + ntohs(header->nscount) == 0)
e3ec6f0b
SK		 1884 {
1885 *keyname = 0;
1886 return STAT_NO_SIG;
1887 }
1888
0fc2f313 1889 for (p1 = ans_start, i = 0; i < ntohs(header->ancount) + ntohs(header->nscount); i++)
adca3e9c 1890 {
394ff492 1891 if (!extract_name(header, plen, &p1, name, 1, 10))
87070192 1892 return STAT_BOGUS; /* bad packet */
0fc2f313
SK		 1893
1894 GETSHORT(type1, p1);
1895 GETSHORT(class1, p1);
1896 p1 += 4; /* TTL */
1897 GETSHORT(rdlen1, p1);
1898
1899 /* Don't try and validate RRSIGs! */
1900 if (type1 != T_RRSIG)
1901 {
1902 /* Check if we've done this RRset already */
1903 for (p2 = ans_start, j = 0; j < i; j++)
1904 {
1905 if (!(rc = extract_name(header, plen, &p2, name, 0, 10)))
87070192 1906 return STAT_BOGUS; /* bad packet */
0fc2f313
SK		 1907
1908 GETSHORT(type2, p2);
1909 GETSHORT(class2, p2);
1910 p2 += 4; /* TTL */
1911 GETSHORT(rdlen2, p2);
1912
1913 if (type2 == type1 && class2 == class1 && rc == 1)
1914 break; /* Done it before: name, type, class all match. */
1915
1916 if (!ADD_RDLEN(header, p2, plen, rdlen2))
87070192 1917 return STAT_BOGUS;
0fc2f313
SK		 1918 }
1919
1920 /* Not done, validate now */
51ea3ca2 1921 if (j == i)
0fc2f313 1922 {
8d718cbb
SK		 1923 int ttl, keytag, algo, digest, type_covered;
1924 unsigned char *psave;
1925 struct all_addr a;
1926 struct blockdata *key;
1927 struct crec *crecp;
fbc52057 1928 char *wildname;
5e321739 1929 int have_wildcard = 0;
fbc52057
SK		 1930
1931 rc = validate_rrset(now, header, plen, class1, type1, name, keyname, &wildname, NULL, 0, 0, 0);
5107ace1
SK		 1932
1933 if (rc == STAT_SECURE_WILDCARD)
1934 {
5e321739
SK		 1935 have_wildcard = 1;
1936
5107ace1 1937 /* An attacker replay a wildcard answer with a different
a857daa3 1938 answer and overlay a genuine RR. To prove this
5107ace1 1939 hasn't happened, the answer must prove that
a857daa3 1940 the gennuine record doesn't exist. Check that here. */
87070192
SK		 1941 if (!nsec_type && !(nsec_type = find_nsec_records(header, plen, &nsecs, &nsec_count, class1)))
1942 return STAT_BOGUS; /* No NSECs or bad packet */
5107ace1
SK		 1943
1944 if (nsec_type == T_NSEC)
97e618a0 1945 rc = prove_non_existence_nsec(header, plen, nsecs, nsec_count, daemon->workspacename, keyname, name, type1, NULL);
5107ace1 1946 else
97e618a0
SK		 1947 rc = prove_non_existence_nsec3(header, plen, nsecs, nsec_count, daemon->workspacename,
1948 keyname, name, type1, wildname, NULL);
1949
5107ace1
SK		 1950 if (rc != STAT_SECURE)
1951 return rc;
1952 }
1953 else if (rc != STAT_SECURE)
51ea3ca2
SK		 1954 {
1955 if (class)
1956 *class = class1; /* Class for DS or DNSKEY */
e3ec6f0b
SK		 1957
1958 if (rc == STAT_NO_SIG)
1959 {
1960 /* If we dropped off the end of a CNAME chain, return
1961 STAT_NO_SIG and the last name is keyname. This is used for proving non-existence
1962 if DS records in CNAME chains. */
1963 if (cname_count == CNAME_CHAIN || i < ntohs(header->ancount))
1964 /* No CNAME chain, or no sig in answer section, return empty name. */
1965 *keyname = 0;
1966 else if (!extract_name(header, plen, &qname, keyname, 1, 0))
1967 return STAT_BOGUS;
1968 }
1969
51ea3ca2
SK		 1970 return rc;
1971 }
5107ace1 1972
8d718cbb
SK		 1973 /* Cache RRsigs in answer section, and if we just validated a DS RRset, cache it */
1974 cache_start_insert();
1975
1976 for (p2 = ans_start, j = 0; j < ntohs(header->ancount); j++)
51ea3ca2 1977 {
8d718cbb 1978 if (!(rc = extract_name(header, plen, &p2, name, 0, 10)))
87070192 1979 return STAT_BOGUS; /* bad packet */
51ea3ca2 1980
8d718cbb
SK		 1981 GETSHORT(type2, p2);
1982 GETSHORT(class2, p2);
1983 GETLONG(ttl, p2);
1984 GETSHORT(rdlen2, p2);
1985
1986 if (!CHECK_LEN(header, p2, plen, rdlen2))
87070192 1987 return STAT_BOGUS; /* bad packet */
8d718cbb
SK		 1988
1989 if (class2 == class1 && rc == 1)
1990 {
1991 psave = p2;
1992
1993 if (type1 == T_DS && type2 == T_DS)
51ea3ca2 1994 {
8d718cbb 1995 if (rdlen2 < 4)
87070192 1996 return STAT_BOGUS; /* bad packet */
8d718cbb 1997
51ea3ca2
SK		 1998 GETSHORT(keytag, p2);
1999 algo = *p2++;
2000 digest = *p2++;
2001
2002 /* Cache needs to known class for DNSSEC stuff */
2003 a.addr.dnssec.class = class2;
2004
8d718cbb 2005 if ((key = blockdata_alloc((char*)p2, rdlen2 - 4)))
51ea3ca2 2006 {
8d718cbb
SK		 2007 if (!(crecp = cache_insert(name, &a, now, ttl, F_FORWARD | F_DS | F_DNSSECOK)))
2008 blockdata_free(key);
2009 else
2010 {
2011 a.addr.keytag = keytag;
25cf5e37 2012 log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DS keytag %u");
8d718cbb
SK		 2013 crecp->addr.ds.digest = digest;
2014 crecp->addr.ds.keydata = key;
2015 crecp->addr.ds.algo = algo;
2016 crecp->addr.ds.keytag = keytag;
8d718cbb
SK		 2017 crecp->addr.ds.keylen = rdlen2 - 4;
2018 }
2019 }
2020 }
2021 else if (type2 == T_RRSIG)
2022 {
2023 if (rdlen2 < 18)
87070192 2024 return STAT_BOGUS; /* bad packet */
51ea3ca2 2025
8d718cbb
SK		 2026 GETSHORT(type_covered, p2);
2027
2028 if (type_covered == type1 &&
2029 (type_covered == T_A || type_covered == T_AAAA ||
2030 type_covered == T_CNAME || type_covered == T_DS ||
2031 type_covered == T_DNSKEY || type_covered == T_PTR))
2032 {
2033 a.addr.dnssec.type = type_covered;
c8ca33f8 2034 a.addr.dnssec.class = class1;
8d718cbb
SK		 2035
2036 algo = *p2++;
2037 p2 += 13; /* labels, orig_ttl, expiration, inception */
2038 GETSHORT(keytag, p2);
2039
5e321739
SK		 2040 /* We don't cache sigs for wildcard answers, because to reproduce the
2041 answer from the cache will require one or more NSEC/NSEC3 records
2042 which we don't cache. The lack of the RRSIG ensures that a query for
2043 this RRset asking for a secure answer will always be forwarded. */
2044 if (!have_wildcard && (key = blockdata_alloc((char*)psave, rdlen2)))
8d718cbb
SK		 2045 {
2046 if (!(crecp = cache_insert(name, &a, now, ttl, F_FORWARD | F_DNSKEY | F_DS)))
2047 blockdata_free(key);
2048 else
2049 {
8d718cbb
SK		 2050 crecp->addr.sig.keydata = key;
2051 crecp->addr.sig.keylen = rdlen2;
2052 crecp->addr.sig.keytag = keytag;
2053 crecp->addr.sig.type_covered = type_covered;
2054 crecp->addr.sig.algo = algo;
2055 }
2056 }
2057 }
51ea3ca2
SK		 2058 }
2059
8d718cbb 2060 p2 = psave;
51ea3ca2
SK		 2061 }
2062
8d718cbb 2063 if (!ADD_RDLEN(header, p2, plen, rdlen2))
87070192 2064 return STAT_BOGUS; /* bad packet */
51ea3ca2 2065 }
8d718cbb
SK		 2066
2067 cache_end_insert();
0fc2f313
SK		 2068 }
2069 }
adca3e9c 2070
0fc2f313 2071 if (!ADD_RDLEN(header, p1, plen, rdlen1))
87070192 2072 return STAT_BOGUS;
adca3e9c
GB		 2073 }
2074
c5f4ec7d 2075 /* OK, all the RRsets validate, now see if we have a NODATA or NXDOMAIN reply */
00a5b5d4
SK		 2076 if (have_answer)
2077 return STAT_SECURE;
2078
5107ace1 2079 /* NXDOMAIN or NODATA reply, prove that (name, class1, type1) can't exist */
5107ace1 2080 /* First marshall the NSEC records, if we've not done it previously */
87070192 2081 if (!nsec_type && !(nsec_type = find_nsec_records(header, plen, &nsecs, &nsec_count, qclass)))
e3ec6f0b
SK		 2082 {
2083 /* No NSEC records. If we dropped off the end of a CNAME chain, return
2084 STAT_NO_SIG and the last name is keyname. This is used for proving non-existence
2085 if DS records in CNAME chains. */
2086 if (cname_count == CNAME_CHAIN) /* No CNAME chain, return empty name. */
2087 *keyname = 0;
2088 else if (!extract_name(header, plen, &qname, keyname, 1, 0))
2089 return STAT_BOGUS;
2090 return STAT_NO_SIG; /* No NSECs, this is probably a dangling CNAME pointing into
2091 an unsigned zone. Return STAT_NO_SIG to cause this to be proved. */
2092 }
00a5b5d4
SK		 2093
2094 /* Get name of missing answer */
394ff492 2095 if (!extract_name(header, plen, &qname, name, 1, 0))
87070192 2096 return STAT_BOGUS;
5107ace1
SK		 2097
2098 if (nsec_type == T_NSEC)
97e618a0 2099 return prove_non_existence_nsec(header, plen, nsecs, nsec_count, daemon->workspacename, keyname, name, qtype, nons);
5107ace1 2100 else
97e618a0 2101 return prove_non_existence_nsec3(header, plen, nsecs, nsec_count, daemon->workspacename, keyname, name, qtype, NULL, nons);
e292e93d
GB		 2102}
2103
00a5b5d4
SK		 2104/* Chase the CNAME chain in the packet until the first record which _doesn't validate.
2105 Needed for proving answer in unsigned space.
2106 Return STAT_NEED_*
2107 STAT_BOGUS - error
2108 STAT_INSECURE - name of first non-secure record in name
2109*/
2110int dnssec_chase_cname(time_t now, struct dns_header *header, size_t plen, char *name, char *keyname)
2111{
2112 unsigned char *p = (unsigned char *)(header+1);
c07d30dc 2113 int type, class, qclass, rdlen, j, rc;
1fbe4d2f 2114 int cname_count = CNAME_CHAIN;
13480e8c 2115 char *wildname;
00a5b5d4
SK		 2116
2117 /* Get question */
394ff492 2118 if (!extract_name(header, plen, &p, name, 1, 4))
00a5b5d4
SK		 2119 return STAT_BOGUS;
2120
c07d30dc 2121 p +=2; /* type */
00a5b5d4
SK		 2122 GETSHORT(qclass, p);
2123
2124 while (1)
2125 {
2126 for (j = ntohs(header->ancount); j != 0; j--)
2127 {
2128 if (!(rc = extract_name(header, plen, &p, name, 0, 10)))
2129 return STAT_BOGUS; /* bad packet */
2130
2131 GETSHORT(type, p);
2132 GETSHORT(class, p);
2133 p += 4; /* TTL */
2134 GETSHORT(rdlen, p);
2135
2136 /* Not target, loop */
2137 if (rc == 2 || qclass != class)
2138 {
2139 if (!ADD_RDLEN(header, p, plen, rdlen))
2140 return STAT_BOGUS;
2141 continue;
2142 }
2143
2144 /* Got to end of CNAME chain. */
2145 if (type != T_CNAME)
2146 return STAT_INSECURE;
2147
2148 /* validate CNAME chain, return if insecure or need more data */
13480e8c
SK		 2149 rc = validate_rrset(now, header, plen, class, type, name, keyname, &wildname, NULL, 0, 0, 0);
2150
2151 if (rc == STAT_SECURE_WILDCARD)
2152 {
2153 int nsec_type, nsec_count, i;
2154 unsigned char **nsecs;
2155
2156 /* An attacker can replay a wildcard answer with a different
2157 answer and overlay a genuine RR. To prove this
2158 hasn't happened, the answer must prove that
2159 the genuine record doesn't exist. Check that here. */
2160 if (!(nsec_type = find_nsec_records(header, plen, &nsecs, &nsec_count, class)))
2161 return STAT_BOGUS; /* No NSECs or bad packet */
2162
2163 /* Note that we're called here because something didn't validate in validate_reply,
2164 so we can't assume that any NSEC records have been validated. We do them by steam here */
2165
2166 for (i = 0; i < nsec_count; i++)
2167 {
2168 unsigned char *p1 = nsecs[i];
2169
2170 if (!extract_name(header, plen, &p1, daemon->workspacename, 1, 0))
2171 return STAT_BOGUS;
2172
2173 rc = validate_rrset(now, header, plen, class, nsec_type, daemon->workspacename, keyname, NULL, NULL, 0, 0, 0);
2174
d3699bb6
SK		 2175 /* NSECs can't be wildcards. */
2176 if (rc == STAT_SECURE_WILDCARD)
2177 rc = STAT_BOGUS;
2178
13480e8c
SK		 2179 if (rc != STAT_SECURE)
2180 return rc;
2181 }
2182
2183 if (nsec_type == T_NSEC)
2184 rc = prove_non_existence_nsec(header, plen, nsecs, nsec_count, daemon->workspacename, keyname, name, type, NULL);
2185 else
2186 rc = prove_non_existence_nsec3(header, plen, nsecs, nsec_count, daemon->workspacename,
2187 keyname, name, type, wildname, NULL);
2188
2189 if (rc != STAT_SECURE)
2190 return rc;
2191 }
2192
00a5b5d4
SK		 2193 if (rc != STAT_SECURE)
2194 {
2195 if (rc == STAT_NO_SIG)
2196 rc = STAT_INSECURE;
2197 return rc;
2198 }
2199
2200 /* Loop down CNAME chain/ */
2201 if (!cname_count-- ||
394ff492 2202 !extract_name(header, plen, &p, name, 1, 0) ||
00a5b5d4
SK		 2203 !(p = skip_questions(header, plen)))
2204 return STAT_BOGUS;
2205
2206 break;
2207 }
2208
2209 /* End of CNAME chain */
2210 return STAT_INSECURE;
2211 }
2212}
2213
2214
3471f181 2215/* Compute keytag (checksum to quickly index a key). See RFC4034 */
0fc2f313 2216int dnskey_keytag(int alg, int flags, unsigned char *key, int keylen)
3471f181 2217{
75ffc9bf
GB		 2218 if (alg == 1)
2219 {
2220 /* Algorithm 1 (RSAMD5) has a different (older) keytag calculation algorithm.
2221 See RFC4034, Appendix B.1 */
0fc2f313 2222 return key[keylen-4] * 256 + key[keylen-3];
75ffc9bf
GB		 2223 }
2224 else
2225 {
1633e308 2226 unsigned long ac = flags + 0x300 + alg;
75ffc9bf
GB		 2227 int i;
2228
0fc2f313
SK		 2229 for (i = 0; i < keylen; ++i)
2230 ac += (i & 1) ? key[i] : key[i] << 8;
1633e308 2231
0fc2f313
SK		 2232 ac += (ac >> 16) & 0xffff;
2233 return ac & 0xffff;
0304d28f 2234 }
3471f181 2235}
e292e93d 2236
a77cec8d
SK		 2237size_t dnssec_generate_query(struct dns_header *header, char *end, char *name, int class,
2238 int type, union mysockaddr *addr, int edns_pktsz)
5f8e58f4
SK		 2239{
2240 unsigned char *p;
610e782a 2241 char *types = querystr("dnssec-query", type);
a77cec8d 2242 size_t ret;
5f8e58f4
SK		 2243
2244 if (addr->sa.sa_family == AF_INET)
25cf5e37 2245 log_query(F_NOEXTRA | F_DNSSEC | F_IPV4, name, (struct all_addr *)&addr->in.sin_addr, types);
5f8e58f4
SK		 2246#ifdef HAVE_IPV6
2247 else
25cf5e37 2248 log_query(F_NOEXTRA | F_DNSSEC | F_IPV6, name, (struct all_addr *)&addr->in6.sin6_addr, types);
5f8e58f4
SK		 2249#endif
2250
2251 header->qdcount = htons(1);
2252 header->ancount = htons(0);
2253 header->nscount = htons(0);
2254 header->arcount = htons(0);
e292e93d 2255
5f8e58f4
SK		 2256 header->hb3 = HB3_RD;
2257 SET_OPCODE(header, QUERY);
5b3bf921
SK		 2258 /* For debugging, set Checking Disabled, otherwise, have the upstream check too,
2259 this allows it to select auth servers when one is returning bad data. */
2260 header->hb4 = option_bool(OPT_DNSSEC_DEBUG) ? HB4_CD : 0;
5f8e58f4
SK		 2261
2262 /* ID filled in later */
2263
2264 p = (unsigned char *)(header+1);
2265
2266 p = do_rfc1035_name(p, name);
2267 *p++ = 0;
2268 PUTSHORT(type, p);
2269 PUTSHORT(class, p);
2270
a77cec8d
SK		 2271 ret = add_do_bit(header, p - (unsigned char *)header, end);
2272
2273 if (find_pseudoheader(header, ret, NULL, &p, NULL))
2274 PUTSHORT(edns_pktsz, p);
2275
2276 return ret;
5f8e58f4 2277}
8a9be9e4 2278
613ad15d
SK		 2279/* Go through a domain name, find "pointers" and fix them up based on how many bytes
2280 we've chopped out of the packet, or check they don't point into an elided part. */
2281static int check_name(unsigned char **namep, struct dns_header *header, size_t plen, int fixup, unsigned char **rrs, int rr_count)
2282{
2283 unsigned char *ansp = *namep;
2284
2285 while(1)
2286 {
2287 unsigned int label_type;
2288
2289 if (!CHECK_LEN(header, ansp, plen, 1))
2290 return 0;
2291
2292 label_type = (*ansp) & 0xc0;
2293
2294 if (label_type == 0xc0)
2295 {
2296 /* pointer for compression. */
00a5b5d4
SK		 2297 unsigned int offset;
2298 int i;
613ad15d
SK		 2299 unsigned char *p;
2300
2301 if (!CHECK_LEN(header, ansp, plen, 2))
2302 return 0;
2303
2304 offset = ((*ansp++) & 0x3f) << 8;
2305 offset |= *ansp++;
2306
2307 p = offset + (unsigned char *)header;
2308
2309 for (i = 0; i < rr_count; i++)
2310 if (p < rrs[i])
2311 break;
2312 else
2313 if (i & 1)
2314 offset -= rrs[i] - rrs[i-1];
2315
2316 /* does the pointer end up in an elided RR? */
2317 if (i & 1)
00a5b5d4 2318 return 0;
613ad15d
SK		 2319
2320 /* No, scale the pointer */
2321 if (fixup)
2322 {
2323 ansp -= 2;
2324 *ansp++ = (offset >> 8) | 0xc0;
2325 *ansp++ = offset & 0xff;
2326 }
2327 break;
2328 }
2329 else if (label_type == 0x80)
2330 return 0; /* reserved */
2331 else if (label_type == 0x40)
2332 {
2333 /* Extended label type */
2334 unsigned int count;
2335
2336 if (!CHECK_LEN(header, ansp, plen, 2))
2337 return 0;
2338
2339 if (((*ansp++) & 0x3f) != 1)
2340 return 0; /* we only understand bitstrings */
2341
2342 count = *(ansp++); /* Bits in bitstring */
2343
2344 if (count == 0) /* count == 0 means 256 bits */
2345 ansp += 32;
2346 else
2347 ansp += ((count-1)>>3)+1;
2348 }
2349 else
2350 { /* label type == 0 Bottom six bits is length */
2351 unsigned int len = (*ansp++) & 0x3f;
2352
2353 if (!ADD_RDLEN(header, ansp, plen, len))
2354 return 0;
2355
2356 if (len == 0)
2357 break; /* zero length label marks the end. */
2358 }
2359 }
2360
2361 *namep = ansp;
2362
2363 return 1;
2364}
2365
2366/* Go through RRs and check or fixup the domain names contained within */
2367static int check_rrs(unsigned char *p, struct dns_header *header, size_t plen, int fixup, unsigned char **rrs, int rr_count)
2368{
2369 int i, type, class, rdlen;
00a5b5d4 2370 unsigned char *pp;
613ad15d 2371
50f86ce8 2372 for (i = 0; i < ntohs(header->ancount) + ntohs(header->nscount) + ntohs(header->arcount); i++)
613ad15d 2373 {
00a5b5d4
SK		 2374 pp = p;
2375
2376 if (!(p = skip_name(p, header, plen, 10)))
2377 return 0;
613ad15d
SK		 2378
2379 GETSHORT(type, p);
2380 GETSHORT(class, p);
2381 p += 4; /* TTL */
2382 GETSHORT(rdlen, p);
00a5b5d4 2383
613ad15d
SK		 2384 if (type != T_NSEC && type != T_NSEC3 && type != T_RRSIG)
2385 {
00a5b5d4
SK		 2386 /* fixup name of RR */
2387 if (!check_name(&pp, header, plen, fixup, rrs, rr_count))
2388 return 0;
2389
613ad15d
SK		 2390 if (class == C_IN)
2391 {
2392 u16 *d;
14db4212
SK		 2393
2394 for (pp = p, d = get_desc(type); *d != (u16)-1; d++)
613ad15d
SK		 2395 {
2396 if (*d != 0)
2397 pp += *d;
2398 else if (!check_name(&pp, header, plen, fixup, rrs, rr_count))
2399 return 0;
2400 }
2401 }
2402 }
2403
2404 if (!ADD_RDLEN(header, p, plen, rdlen))
2405 return 0;
2406 }
2407
2408 return 1;
2409}
2410
2411
2412size_t filter_rrsigs(struct dns_header *header, size_t plen)
2413{
2414 static unsigned char **rrs;
2415 static int rr_sz = 0;
2416
2417 unsigned char *p = (unsigned char *)(header+1);
50f86ce8 2418 int i, rdlen, qtype, qclass, rr_found, chop_an, chop_ns, chop_ar;
613ad15d
SK		 2419
2420 if (ntohs(header->qdcount) != 1 ||
2421 !(p = skip_name(p, header, plen, 4)))
2422 return plen;
2423
2424 GETSHORT(qtype, p);
2425 GETSHORT(qclass, p);
2426
2427 /* First pass, find pointers to start and end of all the records we wish to elide:
2428 records added for DNSSEC, unless explicity queried for */
50f86ce8
SK		 2429 for (rr_found = 0, chop_ns = 0, chop_an = 0, chop_ar = 0, i = 0;
2430 i < ntohs(header->ancount) + ntohs(header->nscount) + ntohs(header->arcount);
2431 i++)
613ad15d
SK		 2432 {
2433 unsigned char *pstart = p;
2434 int type, class;
2435
2436 if (!(p = skip_name(p, header, plen, 10)))
2437 return plen;
2438
2439 GETSHORT(type, p);
2440 GETSHORT(class, p);
2441 p += 4; /* TTL */
2442 GETSHORT(rdlen, p);
2443
2444 if ((type == T_NSEC || type == T_NSEC3 || type == T_RRSIG) &&
2445 (type != qtype || class != qclass))
2446 {
2447 if (!expand_workspace(&rrs, &rr_sz, rr_found + 1))
2448 return plen;
2449
2450 rrs[rr_found++] = pstart;
2451
2452 if (!ADD_RDLEN(header, p, plen, rdlen))
2453 return plen;
2454
2455 rrs[rr_found++] = p;
2456
2457 if (i < ntohs(header->ancount))
2458 chop_an++;
e6096e64 2459 else if (i < (ntohs(header->nscount) + ntohs(header->ancount)))
613ad15d 2460 chop_ns++;
50f86ce8
SK		 2461 else
2462 chop_ar++;
613ad15d
SK		 2463 }
2464 else if (!ADD_RDLEN(header, p, plen, rdlen))
2465 return plen;
2466 }
2467
2468 /* Nothing to do. */
2469 if (rr_found == 0)
2470 return plen;
2471
2472 /* Second pass, look for pointers in names in the records we're keeping and make sure they don't
2473 point to records we're going to elide. This is theoretically possible, but unlikely. If
2474 it happens, we give up and leave the answer unchanged. */
2475 p = (unsigned char *)(header+1);
2476
2477 /* question first */
2478 if (!check_name(&p, header, plen, 0, rrs, rr_found))
2479 return plen;
2480 p += 4; /* qclass, qtype */
2481
2482 /* Now answers and NS */
2483 if (!check_rrs(p, header, plen, 0, rrs, rr_found))
2484 return plen;
2485
2486 /* Third pass, elide records */
2487 for (p = rrs[0], i = 1; i < rr_found; i += 2)
2488 {
2489 unsigned char *start = rrs[i];
2490 unsigned char *end = (i != rr_found - 1) ? rrs[i+1] : ((unsigned char *)(header+1)) + plen;
2491
2492 memmove(p, start, end-start);
2493 p += end-start;
2494 }
2495
2496 plen = p - (unsigned char *)header;
2497 header->ancount = htons(ntohs(header->ancount) - chop_an);
2498 header->nscount = htons(ntohs(header->nscount) - chop_ns);
50f86ce8
SK		 2499 header->arcount = htons(ntohs(header->arcount) - chop_ar);
2500
613ad15d
SK		 2501 /* Fourth pass, fix up pointers in the remaining records */
2502 p = (unsigned char *)(header+1);
2503
2504 check_name(&p, header, plen, 1, rrs, rr_found);
2505 p += 4; /* qclass, qtype */
2506
2507 check_rrs(p, header, plen, 1, rrs, rr_found);
2508
2509 return plen;
2510}
2511
8a9be9e4
SK		 2512unsigned char* hash_questions(struct dns_header *header, size_t plen, char *name)
2513{
2514 int q;
2515 unsigned int len;
2516 unsigned char *p = (unsigned char *)(header+1);
2517 const struct nettle_hash *hash;
2518 void *ctx;
2519 unsigned char *digest;
5f8e58f4 2520
8a9be9e4
SK		 2521 if (!(hash = hash_find("sha1")) || !hash_init(hash, &ctx, &digest))
2522 return NULL;
2523
2524 for (q = ntohs(header->qdcount); q != 0; q--)
2525 {
394ff492 2526 if (!extract_name(header, plen, &p, name, 1, 4))
7d23a66f 2527 break; /* bad packet */
8a9be9e4
SK		 2528
2529 len = to_wire(name);
2530 hash->update(ctx, len, (unsigned char *)name);
2531 /* CRC the class and type as well */
2532 hash->update(ctx, 4, p);
2533
2534 p += 4;
2535 if (!CHECK_LEN(header, p, plen, 0))
7d23a66f 2536 break; /* bad packet */
8a9be9e4 2537 }
703c7ff4
SK		 2538
2539 hash->digest(ctx, hash->digest_size, digest);
8a9be9e4
SK		 2540 return digest;
2541}
2542
0fc2f313 2543#endif /* HAVE_DNSSEC */
Michael's tree of dnsmasq.