1 /* $NetBSD: dns.c,v 1.18 2021/03/05 17:47:16 christos Exp $ */ 2 /* $OpenBSD: dns.c,v 1.39 2020/10/18 11:32:01 djm Exp $ */ 3 4 /* 5 * Copyright (c) 2003 Wesley Griffin. All rights reserved. 6 * Copyright (c) 2003 Jakob Schlyter. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 18 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 19 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 20 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 21 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 22 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 23 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 24 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 25 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 26 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 27 */ 28 29 #include "includes.h" 30 __RCSID("$NetBSD: dns.c,v 1.18 2021/03/05 17:47:16 christos Exp $"); 31 #include <sys/types.h> 32 #include <sys/socket.h> 33 34 #include <netdb.h> 35 #include <stdio.h> 36 #include <string.h> 37 #include <stdarg.h> 38 #include <stdlib.h> 39 40 #include "xmalloc.h" 41 #include "sshkey.h" 42 #include "ssherr.h" 43 #include "dns.h" 44 #include "log.h" 45 #include "getrrsetbyname.h" 46 #include "digest.h" 47 48 static const char *errset_text[] = { 49 "success", /* 0 ERRSET_SUCCESS */ 50 "out of memory", /* 1 ERRSET_NOMEMORY */ 51 "general failure", /* 2 ERRSET_FAIL */ 52 "invalid parameter", /* 3 ERRSET_INVAL */ 53 "name does not exist", /* 4 ERRSET_NONAME */ 54 "data does not exist", /* 5 ERRSET_NODATA */ 55 }; 56 57 static const char * 58 dns_result_totext(unsigned int res) 59 { 60 switch (res) { 61 case ERRSET_SUCCESS: 62 return errset_text[ERRSET_SUCCESS]; 63 case ERRSET_NOMEMORY: 64 return errset_text[ERRSET_NOMEMORY]; 65 case ERRSET_FAIL: 66 return errset_text[ERRSET_FAIL]; 67 case ERRSET_INVAL: 68 return errset_text[ERRSET_INVAL]; 69 case ERRSET_NONAME: 70 return errset_text[ERRSET_NONAME]; 71 case ERRSET_NODATA: 72 return errset_text[ERRSET_NODATA]; 73 default: 74 return "unknown error"; 75 } 76 } 77 78 /* 79 * Read SSHFP parameters from key buffer. 80 */ 81 static int 82 dns_read_key(u_int8_t *algorithm, u_int8_t *digest_type, 83 u_char **digest, size_t *digest_len, struct sshkey *key) 84 { 85 int r, success = 0; 86 int fp_alg = -1; 87 88 switch (key->type) { 89 case KEY_RSA: 90 *algorithm = SSHFP_KEY_RSA; 91 if (!*digest_type) 92 *digest_type = SSHFP_HASH_SHA1; 93 break; 94 case KEY_DSA: 95 *algorithm = SSHFP_KEY_DSA; 96 if (!*digest_type) 97 *digest_type = SSHFP_HASH_SHA1; 98 break; 99 case KEY_ECDSA: 100 *algorithm = SSHFP_KEY_ECDSA; 101 if (!*digest_type) 102 *digest_type = SSHFP_HASH_SHA256; 103 break; 104 case KEY_ED25519: 105 *algorithm = SSHFP_KEY_ED25519; 106 if (!*digest_type) 107 *digest_type = SSHFP_HASH_SHA256; 108 break; 109 case KEY_XMSS: 110 *algorithm = SSHFP_KEY_XMSS; 111 if (!*digest_type) 112 *digest_type = SSHFP_HASH_SHA256; 113 break; 114 default: 115 *algorithm = SSHFP_KEY_RESERVED; /* 0 */ 116 *digest_type = SSHFP_HASH_RESERVED; /* 0 */ 117 } 118 119 switch (*digest_type) { 120 case SSHFP_HASH_SHA1: 121 fp_alg = SSH_DIGEST_SHA1; 122 break; 123 case SSHFP_HASH_SHA256: 124 fp_alg = SSH_DIGEST_SHA256; 125 break; 126 default: 127 *digest_type = SSHFP_HASH_RESERVED; /* 0 */ 128 } 129 130 if (*algorithm && *digest_type) { 131 if ((r = sshkey_fingerprint_raw(key, fp_alg, digest, 132 digest_len)) != 0) 133 fatal_fr(r, "sshkey_fingerprint_raw"); 134 success = 1; 135 } else { 136 *digest = NULL; 137 *digest_len = 0; 138 success = 0; 139 } 140 141 return success; 142 } 143 144 /* 145 * Read SSHFP parameters from rdata buffer. 146 */ 147 static int 148 dns_read_rdata(u_int8_t *algorithm, u_int8_t *digest_type, 149 u_char **digest, size_t *digest_len, u_char *rdata, int rdata_len) 150 { 151 int success = 0; 152 153 *algorithm = SSHFP_KEY_RESERVED; 154 *digest_type = SSHFP_HASH_RESERVED; 155 156 if (rdata_len >= 2) { 157 *algorithm = rdata[0]; 158 *digest_type = rdata[1]; 159 *digest_len = rdata_len - 2; 160 161 if (*digest_len > 0) { 162 *digest = xmalloc(*digest_len); 163 memcpy(*digest, rdata + 2, *digest_len); 164 } else { 165 *digest = (u_char *)xstrdup(""); 166 } 167 168 success = 1; 169 } 170 171 return success; 172 } 173 174 /* 175 * Check if hostname is numerical. 176 * Returns -1 if hostname is numeric, 0 otherwise 177 */ 178 static int 179 is_numeric_hostname(const char *hostname) 180 { 181 struct addrinfo hints, *ai; 182 183 /* 184 * We shouldn't ever get a null host but if we do then log an error 185 * and return -1 which stops DNS key fingerprint processing. 186 */ 187 if (hostname == NULL) { 188 error("is_numeric_hostname called with NULL hostname"); 189 return -1; 190 } 191 192 memset(&hints, 0, sizeof(hints)); 193 hints.ai_socktype = SOCK_DGRAM; 194 hints.ai_flags = AI_NUMERICHOST; 195 196 if (getaddrinfo(hostname, NULL, &hints, &ai) == 0) { 197 freeaddrinfo(ai); 198 return -1; 199 } 200 201 return 0; 202 } 203 204 /* 205 * Verify the given hostname, address and host key using DNS. 206 * Returns 0 if lookup succeeds, -1 otherwise 207 */ 208 int 209 verify_host_key_dns(const char *hostname, struct sockaddr *address, 210 struct sshkey *hostkey, int *flags) 211 { 212 u_int counter; 213 int result; 214 struct rrsetinfo *fingerprints = NULL; 215 216 u_int8_t hostkey_algorithm; 217 u_int8_t hostkey_digest_type = SSHFP_HASH_RESERVED; 218 u_char *hostkey_digest; 219 size_t hostkey_digest_len; 220 221 u_int8_t dnskey_algorithm; 222 u_int8_t dnskey_digest_type; 223 u_char *dnskey_digest; 224 size_t dnskey_digest_len; 225 226 *flags = 0; 227 228 debug3("verify_host_key_dns"); 229 if (hostkey == NULL) 230 fatal("No key to look up!"); 231 232 if (is_numeric_hostname(hostname)) { 233 debug("skipped DNS lookup for numerical hostname"); 234 return -1; 235 } 236 237 result = getrrsetbyname(hostname, DNS_RDATACLASS_IN, 238 DNS_RDATATYPE_SSHFP, 0, &fingerprints); 239 if (result) { 240 verbose("DNS lookup error: %s", dns_result_totext(result)); 241 return -1; 242 } 243 244 if (fingerprints->rri_flags & RRSET_VALIDATED) { 245 *flags |= DNS_VERIFY_SECURE; 246 debug("found %d secure fingerprints in DNS", 247 fingerprints->rri_nrdatas); 248 } else { 249 debug("found %d insecure fingerprints in DNS", 250 fingerprints->rri_nrdatas); 251 } 252 253 /* Initialize default host key parameters */ 254 if (!dns_read_key(&hostkey_algorithm, &hostkey_digest_type, 255 &hostkey_digest, &hostkey_digest_len, hostkey)) { 256 error("Error calculating host key fingerprint."); 257 freerrset(fingerprints); 258 return -1; 259 } 260 261 if (fingerprints->rri_nrdatas) 262 *flags |= DNS_VERIFY_FOUND; 263 264 for (counter = 0; counter < fingerprints->rri_nrdatas; counter++) { 265 /* 266 * Extract the key from the answer. Ignore any badly 267 * formatted fingerprints. 268 */ 269 if (!dns_read_rdata(&dnskey_algorithm, &dnskey_digest_type, 270 &dnskey_digest, &dnskey_digest_len, 271 fingerprints->rri_rdatas[counter].rdi_data, 272 fingerprints->rri_rdatas[counter].rdi_length)) { 273 verbose("Error parsing fingerprint from DNS."); 274 continue; 275 } 276 277 if (hostkey_digest_type != dnskey_digest_type) { 278 hostkey_digest_type = dnskey_digest_type; 279 free(hostkey_digest); 280 281 /* Initialize host key parameters */ 282 if (!dns_read_key(&hostkey_algorithm, 283 &hostkey_digest_type, &hostkey_digest, 284 &hostkey_digest_len, hostkey)) { 285 error("Error calculating key fingerprint."); 286 freerrset(fingerprints); 287 return -1; 288 } 289 } 290 291 /* Check if the current key is the same as the given key */ 292 if (hostkey_algorithm == dnskey_algorithm && 293 hostkey_digest_type == dnskey_digest_type) { 294 if (hostkey_digest_len == dnskey_digest_len && 295 consttime_memequal(hostkey_digest, dnskey_digest, 296 hostkey_digest_len)) 297 *flags |= DNS_VERIFY_MATCH; 298 } 299 free(dnskey_digest); 300 } 301 302 free(hostkey_digest); /* from sshkey_fingerprint_raw() */ 303 freerrset(fingerprints); 304 305 if (*flags & DNS_VERIFY_FOUND) 306 if (*flags & DNS_VERIFY_MATCH) 307 debug("matching host key fingerprint found in DNS"); 308 else 309 debug("mismatching host key fingerprint found in DNS"); 310 else 311 debug("no host key fingerprint found in DNS"); 312 313 return 0; 314 } 315 316 /* 317 * Export the fingerprint of a key as a DNS resource record 318 */ 319 int 320 export_dns_rr(const char *hostname, struct sshkey *key, FILE *f, int generic) 321 { 322 u_int8_t rdata_pubkey_algorithm = 0; 323 u_int8_t rdata_digest_type = SSHFP_HASH_RESERVED; 324 u_int8_t dtype; 325 u_char *rdata_digest; 326 size_t i, rdata_digest_len; 327 int success = 0; 328 329 for (dtype = SSHFP_HASH_SHA1; dtype < SSHFP_HASH_MAX; dtype++) { 330 rdata_digest_type = dtype; 331 if (dns_read_key(&rdata_pubkey_algorithm, &rdata_digest_type, 332 &rdata_digest, &rdata_digest_len, key)) { 333 if (generic) { 334 fprintf(f, "%s IN TYPE%d \\# %zu %02x %02x ", 335 hostname, DNS_RDATATYPE_SSHFP, 336 2 + rdata_digest_len, 337 rdata_pubkey_algorithm, rdata_digest_type); 338 } else { 339 fprintf(f, "%s IN SSHFP %d %d ", hostname, 340 rdata_pubkey_algorithm, rdata_digest_type); 341 } 342 for (i = 0; i < rdata_digest_len; i++) 343 fprintf(f, "%02x", rdata_digest[i]); 344 fprintf(f, "\n"); 345 free(rdata_digest); /* from sshkey_fingerprint_raw() */ 346 success = 1; 347 } 348 } 349 350 /* No SSHFP record was generated at all */ 351 if (success == 0) { 352 error_f("unsupported algorithm and/or digest_type"); 353 } 354 355 return success; 356 } 357