1 /* $NetBSD: dns.c,v 1.16 2018/04/06 18:59:00 christos Exp $ */ 2 /* $OpenBSD: dns.c,v 1.38 2018/02/23 15:58:37 markus Exp $ */ 3 4 /* 5 * Copyright (c) 2003 Wesley Griffin. All rights reserved. 6 * Copyright (c) 2003 Jakob Schlyter. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 18 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 19 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 20 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 21 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 22 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 23 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 24 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 25 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 26 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 27 */ 28 29 #include "includes.h" 30 __RCSID("$NetBSD: dns.c,v 1.16 2018/04/06 18:59:00 christos Exp $"); 31 #include <sys/types.h> 32 #include <sys/socket.h> 33 34 #include <netdb.h> 35 #include <stdio.h> 36 #include <string.h> 37 #include <stdarg.h> 38 #include <stdlib.h> 39 40 #include "xmalloc.h" 41 #include "sshkey.h" 42 #include "ssherr.h" 43 #include "dns.h" 44 #include "log.h" 45 #include "getrrsetbyname.h" 46 #include "digest.h" 47 48 static const char *errset_text[] = { 49 "success", /* 0 ERRSET_SUCCESS */ 50 "out of memory", /* 1 ERRSET_NOMEMORY */ 51 "general failure", /* 2 ERRSET_FAIL */ 52 "invalid parameter", /* 3 ERRSET_INVAL */ 53 "name does not exist", /* 4 ERRSET_NONAME */ 54 "data does not exist", /* 5 ERRSET_NODATA */ 55 }; 56 57 static const char * 58 dns_result_totext(unsigned int res) 59 { 60 switch (res) { 61 case ERRSET_SUCCESS: 62 return errset_text[ERRSET_SUCCESS]; 63 case ERRSET_NOMEMORY: 64 return errset_text[ERRSET_NOMEMORY]; 65 case ERRSET_FAIL: 66 return errset_text[ERRSET_FAIL]; 67 case ERRSET_INVAL: 68 return errset_text[ERRSET_INVAL]; 69 case ERRSET_NONAME: 70 return errset_text[ERRSET_NONAME]; 71 case ERRSET_NODATA: 72 return errset_text[ERRSET_NODATA]; 73 default: 74 return "unknown error"; 75 } 76 } 77 78 /* 79 * Read SSHFP parameters from key buffer. 80 */ 81 static int 82 dns_read_key(u_int8_t *algorithm, u_int8_t *digest_type, 83 u_char **digest, size_t *digest_len, struct sshkey *key) 84 { 85 int r, success = 0; 86 int fp_alg = -1; 87 88 switch (key->type) { 89 case KEY_RSA: 90 *algorithm = SSHFP_KEY_RSA; 91 if (!*digest_type) 92 *digest_type = SSHFP_HASH_SHA1; 93 break; 94 case KEY_DSA: 95 *algorithm = SSHFP_KEY_DSA; 96 if (!*digest_type) 97 *digest_type = SSHFP_HASH_SHA1; 98 break; 99 case KEY_ECDSA: 100 *algorithm = SSHFP_KEY_ECDSA; 101 if (!*digest_type) 102 *digest_type = SSHFP_HASH_SHA256; 103 break; 104 case KEY_ED25519: 105 *algorithm = SSHFP_KEY_ED25519; 106 if (!*digest_type) 107 *digest_type = SSHFP_HASH_SHA256; 108 break; 109 case KEY_XMSS: 110 *algorithm = SSHFP_KEY_XMSS; 111 if (!*digest_type) 112 *digest_type = SSHFP_HASH_SHA256; 113 break; 114 default: 115 *algorithm = SSHFP_KEY_RESERVED; /* 0 */ 116 *digest_type = SSHFP_HASH_RESERVED; /* 0 */ 117 } 118 119 switch (*digest_type) { 120 case SSHFP_HASH_SHA1: 121 fp_alg = SSH_DIGEST_SHA1; 122 break; 123 case SSHFP_HASH_SHA256: 124 fp_alg = SSH_DIGEST_SHA256; 125 break; 126 default: 127 *digest_type = SSHFP_HASH_RESERVED; /* 0 */ 128 } 129 130 if (*algorithm && *digest_type) { 131 if ((r = sshkey_fingerprint_raw(key, fp_alg, digest, 132 digest_len)) != 0) 133 fatal("%s: sshkey_fingerprint_raw: %s", __func__, 134 ssh_err(r)); 135 success = 1; 136 } else { 137 *digest = NULL; 138 *digest_len = 0; 139 success = 0; 140 } 141 142 return success; 143 } 144 145 /* 146 * Read SSHFP parameters from rdata buffer. 147 */ 148 static int 149 dns_read_rdata(u_int8_t *algorithm, u_int8_t *digest_type, 150 u_char **digest, size_t *digest_len, u_char *rdata, int rdata_len) 151 { 152 int success = 0; 153 154 *algorithm = SSHFP_KEY_RESERVED; 155 *digest_type = SSHFP_HASH_RESERVED; 156 157 if (rdata_len >= 2) { 158 *algorithm = rdata[0]; 159 *digest_type = rdata[1]; 160 *digest_len = rdata_len - 2; 161 162 if (*digest_len > 0) { 163 *digest = xmalloc(*digest_len); 164 memcpy(*digest, rdata + 2, *digest_len); 165 } else { 166 *digest = (u_char *)xstrdup(""); 167 } 168 169 success = 1; 170 } 171 172 return success; 173 } 174 175 /* 176 * Check if hostname is numerical. 177 * Returns -1 if hostname is numeric, 0 otherwise 178 */ 179 static int 180 is_numeric_hostname(const char *hostname) 181 { 182 struct addrinfo hints, *ai; 183 184 /* 185 * We shouldn't ever get a null host but if we do then log an error 186 * and return -1 which stops DNS key fingerprint processing. 187 */ 188 if (hostname == NULL) { 189 error("is_numeric_hostname called with NULL hostname"); 190 return -1; 191 } 192 193 memset(&hints, 0, sizeof(hints)); 194 hints.ai_socktype = SOCK_DGRAM; 195 hints.ai_flags = AI_NUMERICHOST; 196 197 if (getaddrinfo(hostname, NULL, &hints, &ai) == 0) { 198 freeaddrinfo(ai); 199 return -1; 200 } 201 202 return 0; 203 } 204 205 /* 206 * Verify the given hostname, address and host key using DNS. 207 * Returns 0 if lookup succeeds, -1 otherwise 208 */ 209 int 210 verify_host_key_dns(const char *hostname, struct sockaddr *address, 211 struct sshkey *hostkey, int *flags) 212 { 213 u_int counter; 214 int result; 215 struct rrsetinfo *fingerprints = NULL; 216 217 u_int8_t hostkey_algorithm; 218 u_int8_t hostkey_digest_type = SSHFP_HASH_RESERVED; 219 u_char *hostkey_digest; 220 size_t hostkey_digest_len; 221 222 u_int8_t dnskey_algorithm; 223 u_int8_t dnskey_digest_type; 224 u_char *dnskey_digest; 225 size_t dnskey_digest_len; 226 227 *flags = 0; 228 229 debug3("verify_host_key_dns"); 230 if (hostkey == NULL) 231 fatal("No key to look up!"); 232 233 if (is_numeric_hostname(hostname)) { 234 debug("skipped DNS lookup for numerical hostname"); 235 return -1; 236 } 237 238 result = getrrsetbyname(hostname, DNS_RDATACLASS_IN, 239 DNS_RDATATYPE_SSHFP, 0, &fingerprints); 240 if (result) { 241 verbose("DNS lookup error: %s", dns_result_totext(result)); 242 return -1; 243 } 244 245 if (fingerprints->rri_flags & RRSET_VALIDATED) { 246 *flags |= DNS_VERIFY_SECURE; 247 debug("found %d secure fingerprints in DNS", 248 fingerprints->rri_nrdatas); 249 } else { 250 debug("found %d insecure fingerprints in DNS", 251 fingerprints->rri_nrdatas); 252 } 253 254 /* Initialize default host key parameters */ 255 if (!dns_read_key(&hostkey_algorithm, &hostkey_digest_type, 256 &hostkey_digest, &hostkey_digest_len, hostkey)) { 257 error("Error calculating host key fingerprint."); 258 freerrset(fingerprints); 259 return -1; 260 } 261 262 if (fingerprints->rri_nrdatas) 263 *flags |= DNS_VERIFY_FOUND; 264 265 for (counter = 0; counter < fingerprints->rri_nrdatas; counter++) { 266 /* 267 * Extract the key from the answer. Ignore any badly 268 * formatted fingerprints. 269 */ 270 if (!dns_read_rdata(&dnskey_algorithm, &dnskey_digest_type, 271 &dnskey_digest, &dnskey_digest_len, 272 fingerprints->rri_rdatas[counter].rdi_data, 273 fingerprints->rri_rdatas[counter].rdi_length)) { 274 verbose("Error parsing fingerprint from DNS."); 275 continue; 276 } 277 278 if (hostkey_digest_type != dnskey_digest_type) { 279 hostkey_digest_type = dnskey_digest_type; 280 free(hostkey_digest); 281 282 /* Initialize host key parameters */ 283 if (!dns_read_key(&hostkey_algorithm, 284 &hostkey_digest_type, &hostkey_digest, 285 &hostkey_digest_len, hostkey)) { 286 error("Error calculating key fingerprint."); 287 freerrset(fingerprints); 288 return -1; 289 } 290 } 291 292 /* Check if the current key is the same as the given key */ 293 if (hostkey_algorithm == dnskey_algorithm && 294 hostkey_digest_type == dnskey_digest_type) { 295 if (hostkey_digest_len == dnskey_digest_len && 296 consttime_memequal(hostkey_digest, dnskey_digest, 297 hostkey_digest_len)) 298 *flags |= DNS_VERIFY_MATCH; 299 } 300 free(dnskey_digest); 301 } 302 303 free(hostkey_digest); /* from sshkey_fingerprint_raw() */ 304 freerrset(fingerprints); 305 306 if (*flags & DNS_VERIFY_FOUND) 307 if (*flags & DNS_VERIFY_MATCH) 308 debug("matching host key fingerprint found in DNS"); 309 else 310 debug("mismatching host key fingerprint found in DNS"); 311 else 312 debug("no host key fingerprint found in DNS"); 313 314 return 0; 315 } 316 317 /* 318 * Export the fingerprint of a key as a DNS resource record 319 */ 320 int 321 export_dns_rr(const char *hostname, struct sshkey *key, FILE *f, int generic) 322 { 323 u_int8_t rdata_pubkey_algorithm = 0; 324 u_int8_t rdata_digest_type = SSHFP_HASH_RESERVED; 325 u_int8_t dtype; 326 u_char *rdata_digest; 327 size_t i, rdata_digest_len; 328 int success = 0; 329 330 for (dtype = SSHFP_HASH_SHA1; dtype < SSHFP_HASH_MAX; dtype++) { 331 rdata_digest_type = dtype; 332 if (dns_read_key(&rdata_pubkey_algorithm, &rdata_digest_type, 333 &rdata_digest, &rdata_digest_len, key)) { 334 if (generic) { 335 fprintf(f, "%s IN TYPE%d \\# %zu %02x %02x ", 336 hostname, DNS_RDATATYPE_SSHFP, 337 2 + rdata_digest_len, 338 rdata_pubkey_algorithm, rdata_digest_type); 339 } else { 340 fprintf(f, "%s IN SSHFP %d %d ", hostname, 341 rdata_pubkey_algorithm, rdata_digest_type); 342 } 343 for (i = 0; i < rdata_digest_len; i++) 344 fprintf(f, "%02x", rdata_digest[i]); 345 fprintf(f, "\n"); 346 free(rdata_digest); /* from sshkey_fingerprint_raw() */ 347 success = 1; 348 } 349 } 350 351 /* No SSHFP record was generated at all */ 352 if (success == 0) { 353 error("%s: unsupported algorithm and/or digest_type", __func__); 354 } 355 356 return success; 357 } 358