Annotation of src/usr.bin/ssh/dns.c, Revision 1.43
1.43 ! djm 1: /* $OpenBSD: dns.c,v 1.42 2022/02/01 23:32:51 djm Exp $ */
1.1 jakob 2:
3: /*
4: * Copyright (c) 2003 Wesley Griffin. All rights reserved.
5: * Copyright (c) 2003 Jakob Schlyter. All rights reserved.
6: *
7: * Redistribution and use in source and binary forms, with or without
8: * modification, are permitted provided that the following conditions
9: * are met:
10: * 1. Redistributions of source code must retain the above copyright
11: * notice, this list of conditions and the following disclaimer.
12: * 2. Redistributions in binary form must reproduce the above copyright
13: * notice, this list of conditions and the following disclaimer in the
14: * documentation and/or other materials provided with the distribution.
15: *
16: * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
17: * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
18: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
19: * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
20: * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
21: * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
22: * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23: * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24: * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
25: * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26: */
1.20 stevesk 27:
28: #include <sys/types.h>
29: #include <sys/socket.h>
1.1 jakob 30:
31: #include <netdb.h>
1.40 dtucker 32: #include <stdarg.h>
1.22 stevesk 33: #include <stdio.h>
1.21 stevesk 34: #include <string.h>
1.31 djm 35: #include <stdlib.h>
1.1 jakob 36:
37: #include "xmalloc.h"
1.33 djm 38: #include "sshkey.h"
39: #include "ssherr.h"
1.1 jakob 40: #include "dns.h"
41: #include "log.h"
1.32 djm 42: #include "digest.h"
1.1 jakob 43:
1.42 djm 44: static const char * const errset_text[] = {
1.1 jakob 45: "success", /* 0 ERRSET_SUCCESS */
46: "out of memory", /* 1 ERRSET_NOMEMORY */
47: "general failure", /* 2 ERRSET_FAIL */
48: "invalid parameter", /* 3 ERRSET_INVAL */
49: "name does not exist", /* 4 ERRSET_NONAME */
50: "data does not exist", /* 5 ERRSET_NODATA */
51: };
52:
53: static const char *
1.10 avsm 54: dns_result_totext(unsigned int res)
1.1 jakob 55: {
1.10 avsm 56: switch (res) {
1.1 jakob 57: case ERRSET_SUCCESS:
58: return errset_text[ERRSET_SUCCESS];
59: case ERRSET_NOMEMORY:
60: return errset_text[ERRSET_NOMEMORY];
61: case ERRSET_FAIL:
62: return errset_text[ERRSET_FAIL];
63: case ERRSET_INVAL:
64: return errset_text[ERRSET_INVAL];
65: case ERRSET_NONAME:
66: return errset_text[ERRSET_NONAME];
67: case ERRSET_NODATA:
68: return errset_text[ERRSET_NODATA];
69: default:
70: return "unknown error";
71: }
72: }
73:
74: /*
75: * Read SSHFP parameters from key buffer.
1.41 dtucker 76: * Caller must free digest which is allocated by sshkey_fingerprint_raw().
1.1 jakob 77: */
78: static int
79: dns_read_key(u_int8_t *algorithm, u_int8_t *digest_type,
1.33 djm 80: u_char **digest, size_t *digest_len, struct sshkey *key)
1.1 jakob 81: {
1.33 djm 82: int r, success = 0;
1.32 djm 83: int fp_alg = -1;
1.1 jakob 84:
85: switch (key->type) {
86: case KEY_RSA:
1.3 jakob 87: *algorithm = SSHFP_KEY_RSA;
1.1 jakob 88: break;
89: case KEY_DSA:
1.3 jakob 90: *algorithm = SSHFP_KEY_DSA;
1.28 djm 91: break;
92: case KEY_ECDSA:
93: *algorithm = SSHFP_KEY_ECDSA;
1.30 logan 94: break;
95: case KEY_ED25519:
96: *algorithm = SSHFP_KEY_ED25519;
1.38 markus 97: break;
98: case KEY_XMSS:
99: *algorithm = SSHFP_KEY_XMSS;
1.1 jakob 100: break;
101: default:
1.14 stevesk 102: *algorithm = SSHFP_KEY_RESERVED; /* 0 */
1.28 djm 103: }
104:
105: switch (*digest_type) {
106: case SSHFP_HASH_SHA1:
1.32 djm 107: fp_alg = SSH_DIGEST_SHA1;
1.28 djm 108: break;
109: case SSHFP_HASH_SHA256:
1.32 djm 110: fp_alg = SSH_DIGEST_SHA256;
1.28 djm 111: break;
112: default:
113: *digest_type = SSHFP_HASH_RESERVED; /* 0 */
1.1 jakob 114: }
115:
1.28 djm 116: if (*algorithm && *digest_type) {
1.33 djm 117: if ((r = sshkey_fingerprint_raw(key, fp_alg, digest,
118: digest_len)) != 0)
1.39 djm 119: fatal_fr(r, "sshkey_fingerprint_raw");
1.1 jakob 120: success = 1;
121: } else {
122: *digest = NULL;
123: *digest_len = 0;
124: }
125:
126: return success;
127: }
128:
129: /*
130: * Read SSHFP parameters from rdata buffer.
131: */
132: static int
133: dns_read_rdata(u_int8_t *algorithm, u_int8_t *digest_type,
1.33 djm 134: u_char **digest, size_t *digest_len, u_char *rdata, int rdata_len)
1.1 jakob 135: {
136: int success = 0;
137:
1.3 jakob 138: *algorithm = SSHFP_KEY_RESERVED;
139: *digest_type = SSHFP_HASH_RESERVED;
1.1 jakob 140:
141: if (rdata_len >= 2) {
142: *algorithm = rdata[0];
143: *digest_type = rdata[1];
144: *digest_len = rdata_len - 2;
145:
146: if (*digest_len > 0) {
1.35 deraadt 147: *digest = xmalloc(*digest_len);
1.1 jakob 148: memcpy(*digest, rdata + 2, *digest_len);
149: } else {
1.18 deraadt 150: *digest = (u_char *)xstrdup("");
1.1 jakob 151: }
152:
153: success = 1;
154: }
155:
156: return success;
157: }
158:
1.11 jakob 159: /*
160: * Check if hostname is numerical.
161: * Returns -1 if hostname is numeric, 0 otherwise
162: */
163: static int
164: is_numeric_hostname(const char *hostname)
165: {
166: struct addrinfo hints, *ai;
167:
1.25 dtucker 168: /*
169: * We shouldn't ever get a null host but if we do then log an error
170: * and return -1 which stops DNS key fingerprint processing.
171: */
172: if (hostname == NULL) {
173: error("is_numeric_hostname called with NULL hostname");
174: return -1;
175: }
176:
1.11 jakob 177: memset(&hints, 0, sizeof(hints));
178: hints.ai_socktype = SOCK_DGRAM;
179: hints.ai_flags = AI_NUMERICHOST;
180:
1.25 dtucker 181: if (getaddrinfo(hostname, NULL, &hints, &ai) == 0) {
1.11 jakob 182: freeaddrinfo(ai);
183: return -1;
184: }
185:
186: return 0;
187: }
1.1 jakob 188:
189: /*
190: * Verify the given hostname, address and host key using DNS.
1.9 djm 191: * Returns 0 if lookup succeeds, -1 otherwise
1.1 jakob 192: */
193: int
194: verify_host_key_dns(const char *hostname, struct sockaddr *address,
1.33 djm 195: struct sshkey *hostkey, int *flags)
1.1 jakob 196: {
1.12 djm 197: u_int counter;
1.1 jakob 198: int result;
1.4 jakob 199: struct rrsetinfo *fingerprints = NULL;
1.1 jakob 200:
201: u_int8_t hostkey_algorithm;
202: u_char *hostkey_digest;
1.33 djm 203: size_t hostkey_digest_len;
1.1 jakob 204:
205: u_int8_t dnskey_algorithm;
206: u_int8_t dnskey_digest_type;
207: u_char *dnskey_digest;
1.33 djm 208: size_t dnskey_digest_len;
1.1 jakob 209:
1.8 jakob 210: *flags = 0;
1.1 jakob 211:
1.16 stevesk 212: debug3("verify_host_key_dns");
1.1 jakob 213: if (hostkey == NULL)
214: fatal("No key to look up!");
1.11 jakob 215:
216: if (is_numeric_hostname(hostname)) {
217: debug("skipped DNS lookup for numerical hostname");
218: return -1;
219: }
1.1 jakob 220:
221: result = getrrsetbyname(hostname, DNS_RDATACLASS_IN,
1.4 jakob 222: DNS_RDATATYPE_SSHFP, 0, &fingerprints);
1.1 jakob 223: if (result) {
224: verbose("DNS lookup error: %s", dns_result_totext(result));
1.8 jakob 225: return -1;
1.1 jakob 226: }
227:
1.8 jakob 228: if (fingerprints->rri_flags & RRSET_VALIDATED) {
229: *flags |= DNS_VERIFY_SECURE;
230: debug("found %d secure fingerprints in DNS",
231: fingerprints->rri_nrdatas);
232: } else {
233: debug("found %d insecure fingerprints in DNS",
234: fingerprints->rri_nrdatas);
1.1 jakob 235: }
236:
1.8 jakob 237: if (fingerprints->rri_nrdatas)
238: *flags |= DNS_VERIFY_FOUND;
239:
1.24 stevesk 240: for (counter = 0; counter < fingerprints->rri_nrdatas; counter++) {
1.1 jakob 241: /*
242: * Extract the key from the answer. Ignore any badly
1.4 jakob 243: * formatted fingerprints.
1.1 jakob 244: */
245: if (!dns_read_rdata(&dnskey_algorithm, &dnskey_digest_type,
246: &dnskey_digest, &dnskey_digest_len,
1.4 jakob 247: fingerprints->rri_rdatas[counter].rdi_data,
248: fingerprints->rri_rdatas[counter].rdi_length)) {
1.1 jakob 249: verbose("Error parsing fingerprint from DNS.");
250: continue;
251: }
1.41 dtucker 252: debug3_f("checking SSHFP type %d fptype %d", dnskey_algorithm,
253: dnskey_digest_type);
1.1 jakob 254:
1.41 dtucker 255: /* Calculate host key fingerprint. */
256: if (!dns_read_key(&hostkey_algorithm, &dnskey_digest_type,
257: &hostkey_digest, &hostkey_digest_len, hostkey)) {
258: error("Error calculating key fingerprint.");
259: freerrset(fingerprints);
260: return -1;
1.28 djm 261: }
262:
1.1 jakob 263: /* Check if the current key is the same as the given key */
264: if (hostkey_algorithm == dnskey_algorithm &&
1.41 dtucker 265: hostkey_digest_len == dnskey_digest_len) {
266: if (timingsafe_bcmp(hostkey_digest, dnskey_digest,
267: hostkey_digest_len) == 0) {
268: debug_f("matched SSHFP type %d fptype %d",
269: dnskey_algorithm, dnskey_digest_type);
1.8 jakob 270: *flags |= DNS_VERIFY_MATCH;
1.41 dtucker 271: } else {
272: debug_f("failed SSHFP type %d fptype %d",
273: dnskey_algorithm, dnskey_digest_type);
274: *flags |= DNS_VERIFY_FAILED;
275: }
1.1 jakob 276: }
1.29 djm 277: free(dnskey_digest);
1.41 dtucker 278: free(hostkey_digest); /* from sshkey_fingerprint_raw() */
1.1 jakob 279: }
280:
1.37 djm 281: freerrset(fingerprints);
1.41 dtucker 282:
283: /* If any fingerprint failed to validate, return failure. */
284: if (*flags & DNS_VERIFY_FAILED)
285: *flags &= ~DNS_VERIFY_MATCH;
1.37 djm 286:
287: if (*flags & DNS_VERIFY_FOUND)
1.8 jakob 288: if (*flags & DNS_VERIFY_MATCH)
289: debug("matching host key fingerprint found in DNS");
290: else
291: debug("mismatching host key fingerprint found in DNS");
1.37 djm 292: else
1.8 jakob 293: debug("no host key fingerprint found in DNS");
1.1 jakob 294:
1.8 jakob 295: return 0;
1.1 jakob 296: }
297:
298: /*
299: * Export the fingerprint of a key as a DNS resource record
300: */
301: int
1.43 ! djm 302: export_dns_rr(const char *hostname, struct sshkey *key, FILE *f, int generic,
! 303: int alg)
1.1 jakob 304: {
305: u_int8_t rdata_pubkey_algorithm = 0;
1.28 djm 306: u_int8_t rdata_digest_type = SSHFP_HASH_RESERVED;
307: u_int8_t dtype;
1.1 jakob 308: u_char *rdata_digest;
1.33 djm 309: size_t i, rdata_digest_len;
1.1 jakob 310: int success = 0;
311:
1.28 djm 312: for (dtype = SSHFP_HASH_SHA1; dtype < SSHFP_HASH_MAX; dtype++) {
1.43 ! djm 313: if (alg != -1 && dtype != alg)
! 314: continue;
1.28 djm 315: rdata_digest_type = dtype;
316: if (dns_read_key(&rdata_pubkey_algorithm, &rdata_digest_type,
317: &rdata_digest, &rdata_digest_len, key)) {
318: if (generic) {
1.33 djm 319: fprintf(f, "%s IN TYPE%d \\# %zu %02x %02x ",
1.28 djm 320: hostname, DNS_RDATATYPE_SSHFP,
321: 2 + rdata_digest_len,
322: rdata_pubkey_algorithm, rdata_digest_type);
323: } else {
324: fprintf(f, "%s IN SSHFP %d %d ", hostname,
325: rdata_pubkey_algorithm, rdata_digest_type);
326: }
327: for (i = 0; i < rdata_digest_len; i++)
328: fprintf(f, "%02x", rdata_digest[i]);
329: fprintf(f, "\n");
1.34 djm 330: free(rdata_digest); /* from sshkey_fingerprint_raw() */
1.28 djm 331: success = 1;
332: }
333: }
1.1 jakob 334:
1.28 djm 335: /* No SSHFP record was generated at all */
336: if (success == 0) {
1.39 djm 337: error_f("unsupported algorithm and/or digest_type");
1.1 jakob 338: }
339:
340: return success;
341: }