1 /* $OpenBSD: dns.c,v 1.38 2018/02/23 15:58:37 markus Exp $ */ 2 3 /* 4 * Copyright (c) 2003 Wesley Griffin. All rights reserved. 5 * Copyright (c) 2003 Jakob Schlyter. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 18 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 19 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 21 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 25 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 26 */ 27 28 #include "includes.h" 29 30 #include <sys/types.h> 31 #include <sys/socket.h> 32 33 #include <netdb.h> 34 #include <stdarg.h> 35 #include <stdio.h> 36 #include <string.h> 37 #include <stdlib.h> 38 39 #include "xmalloc.h" 40 #include "sshkey.h" 41 #include "ssherr.h" 42 #include "dns.h" 43 #include "log.h" 44 #include "digest.h" 45 46 static const char *errset_text[] = { 47 "success", /* 0 ERRSET_SUCCESS */ 48 "out of memory", /* 1 ERRSET_NOMEMORY */ 49 "general failure", /* 2 ERRSET_FAIL */ 50 "invalid parameter", /* 3 ERRSET_INVAL */ 51 "name does not exist", /* 4 ERRSET_NONAME */ 52 "data does not exist", /* 5 ERRSET_NODATA */ 53 }; 54 55 static const char * 56 dns_result_totext(unsigned int res) 57 { 58 switch (res) { 59 case ERRSET_SUCCESS: 60 return errset_text[ERRSET_SUCCESS]; 61 case ERRSET_NOMEMORY: 62 return errset_text[ERRSET_NOMEMORY]; 63 case ERRSET_FAIL: 64 return errset_text[ERRSET_FAIL]; 65 case ERRSET_INVAL: 66 return errset_text[ERRSET_INVAL]; 67 case ERRSET_NONAME: 68 return errset_text[ERRSET_NONAME]; 69 case ERRSET_NODATA: 70 return errset_text[ERRSET_NODATA]; 71 default: 72 return "unknown error"; 73 } 74 } 75 76 /* 77 * Read SSHFP parameters from key buffer. 78 */ 79 static int 80 dns_read_key(u_int8_t *algorithm, u_int8_t *digest_type, 81 u_char **digest, size_t *digest_len, struct sshkey *key) 82 { 83 int r, success = 0; 84 int fp_alg = -1; 85 86 switch (key->type) { 87 case KEY_RSA: 88 *algorithm = SSHFP_KEY_RSA; 89 if (!*digest_type) 90 *digest_type = SSHFP_HASH_SHA1; 91 break; 92 case KEY_DSA: 93 *algorithm = SSHFP_KEY_DSA; 94 if (!*digest_type) 95 *digest_type = SSHFP_HASH_SHA1; 96 break; 97 case KEY_ECDSA: 98 *algorithm = SSHFP_KEY_ECDSA; 99 if (!*digest_type) 100 *digest_type = SSHFP_HASH_SHA256; 101 break; 102 case KEY_ED25519: 103 *algorithm = SSHFP_KEY_ED25519; 104 if (!*digest_type) 105 *digest_type = SSHFP_HASH_SHA256; 106 break; 107 case KEY_XMSS: 108 *algorithm = SSHFP_KEY_XMSS; 109 if (!*digest_type) 110 *digest_type = SSHFP_HASH_SHA256; 111 break; 112 default: 113 *algorithm = SSHFP_KEY_RESERVED; /* 0 */ 114 *digest_type = SSHFP_HASH_RESERVED; /* 0 */ 115 } 116 117 switch (*digest_type) { 118 case SSHFP_HASH_SHA1: 119 fp_alg = SSH_DIGEST_SHA1; 120 break; 121 case SSHFP_HASH_SHA256: 122 fp_alg = SSH_DIGEST_SHA256; 123 break; 124 default: 125 *digest_type = SSHFP_HASH_RESERVED; /* 0 */ 126 } 127 128 if (*algorithm && *digest_type) { 129 if ((r = sshkey_fingerprint_raw(key, fp_alg, digest, 130 digest_len)) != 0) 131 fatal("%s: sshkey_fingerprint_raw: %s", __func__, 132 ssh_err(r)); 133 success = 1; 134 } else { 135 *digest = NULL; 136 *digest_len = 0; 137 success = 0; 138 } 139 140 return success; 141 } 142 143 /* 144 * Read SSHFP parameters from rdata buffer. 145 */ 146 static int 147 dns_read_rdata(u_int8_t *algorithm, u_int8_t *digest_type, 148 u_char **digest, size_t *digest_len, u_char *rdata, int rdata_len) 149 { 150 int success = 0; 151 152 *algorithm = SSHFP_KEY_RESERVED; 153 *digest_type = SSHFP_HASH_RESERVED; 154 155 if (rdata_len >= 2) { 156 *algorithm = rdata[0]; 157 *digest_type = rdata[1]; 158 *digest_len = rdata_len - 2; 159 160 if (*digest_len > 0) { 161 *digest = xmalloc(*digest_len); 162 memcpy(*digest, rdata + 2, *digest_len); 163 } else { 164 *digest = (u_char *)xstrdup(""); 165 } 166 167 success = 1; 168 } 169 170 return success; 171 } 172 173 /* 174 * Check if hostname is numerical. 175 * Returns -1 if hostname is numeric, 0 otherwise 176 */ 177 static int 178 is_numeric_hostname(const char *hostname) 179 { 180 struct addrinfo hints, *ai; 181 182 /* 183 * We shouldn't ever get a null host but if we do then log an error 184 * and return -1 which stops DNS key fingerprint processing. 185 */ 186 if (hostname == NULL) { 187 error("is_numeric_hostname called with NULL hostname"); 188 return -1; 189 } 190 191 memset(&hints, 0, sizeof(hints)); 192 hints.ai_socktype = SOCK_DGRAM; 193 hints.ai_flags = AI_NUMERICHOST; 194 195 if (getaddrinfo(hostname, NULL, &hints, &ai) == 0) { 196 freeaddrinfo(ai); 197 return -1; 198 } 199 200 return 0; 201 } 202 203 /* 204 * Verify the given hostname, address and host key using DNS. 205 * Returns 0 if lookup succeeds, -1 otherwise 206 */ 207 int 208 verify_host_key_dns(const char *hostname, struct sockaddr *address, 209 struct sshkey *hostkey, int *flags) 210 { 211 u_int counter; 212 int result; 213 struct rrsetinfo *fingerprints = NULL; 214 215 u_int8_t hostkey_algorithm; 216 u_int8_t hostkey_digest_type = SSHFP_HASH_RESERVED; 217 u_char *hostkey_digest; 218 size_t hostkey_digest_len; 219 220 u_int8_t dnskey_algorithm; 221 u_int8_t dnskey_digest_type; 222 u_char *dnskey_digest; 223 size_t dnskey_digest_len; 224 225 *flags = 0; 226 227 debug3("verify_host_key_dns"); 228 if (hostkey == NULL) 229 fatal("No key to look up!"); 230 231 if (is_numeric_hostname(hostname)) { 232 debug("skipped DNS lookup for numerical hostname"); 233 return -1; 234 } 235 236 result = getrrsetbyname(hostname, DNS_RDATACLASS_IN, 237 DNS_RDATATYPE_SSHFP, 0, &fingerprints); 238 if (result) { 239 verbose("DNS lookup error: %s", dns_result_totext(result)); 240 return -1; 241 } 242 243 if (fingerprints->rri_flags & RRSET_VALIDATED) { 244 *flags |= DNS_VERIFY_SECURE; 245 debug("found %d secure fingerprints in DNS", 246 fingerprints->rri_nrdatas); 247 } else { 248 debug("found %d insecure fingerprints in DNS", 249 fingerprints->rri_nrdatas); 250 } 251 252 /* Initialize default host key parameters */ 253 if (!dns_read_key(&hostkey_algorithm, &hostkey_digest_type, 254 &hostkey_digest, &hostkey_digest_len, hostkey)) { 255 error("Error calculating host key fingerprint."); 256 freerrset(fingerprints); 257 return -1; 258 } 259 260 if (fingerprints->rri_nrdatas) 261 *flags |= DNS_VERIFY_FOUND; 262 263 for (counter = 0; counter < fingerprints->rri_nrdatas; counter++) { 264 /* 265 * Extract the key from the answer. Ignore any badly 266 * formatted fingerprints. 267 */ 268 if (!dns_read_rdata(&dnskey_algorithm, &dnskey_digest_type, 269 &dnskey_digest, &dnskey_digest_len, 270 fingerprints->rri_rdatas[counter].rdi_data, 271 fingerprints->rri_rdatas[counter].rdi_length)) { 272 verbose("Error parsing fingerprint from DNS."); 273 continue; 274 } 275 276 if (hostkey_digest_type != dnskey_digest_type) { 277 hostkey_digest_type = dnskey_digest_type; 278 free(hostkey_digest); 279 280 /* Initialize host key parameters */ 281 if (!dns_read_key(&hostkey_algorithm, 282 &hostkey_digest_type, &hostkey_digest, 283 &hostkey_digest_len, hostkey)) { 284 error("Error calculating key fingerprint."); 285 freerrset(fingerprints); 286 return -1; 287 } 288 } 289 290 /* Check if the current key is the same as the given key */ 291 if (hostkey_algorithm == dnskey_algorithm && 292 hostkey_digest_type == dnskey_digest_type) { 293 if (hostkey_digest_len == dnskey_digest_len && 294 timingsafe_bcmp(hostkey_digest, dnskey_digest, 295 hostkey_digest_len) == 0) 296 *flags |= DNS_VERIFY_MATCH; 297 } 298 free(dnskey_digest); 299 } 300 301 free(hostkey_digest); /* from sshkey_fingerprint_raw() */ 302 freerrset(fingerprints); 303 304 if (*flags & DNS_VERIFY_FOUND) 305 if (*flags & DNS_VERIFY_MATCH) 306 debug("matching host key fingerprint found in DNS"); 307 else 308 debug("mismatching host key fingerprint found in DNS"); 309 else 310 debug("no host key fingerprint found in DNS"); 311 312 return 0; 313 } 314 315 /* 316 * Export the fingerprint of a key as a DNS resource record 317 */ 318 int 319 export_dns_rr(const char *hostname, struct sshkey *key, FILE *f, int generic) 320 { 321 u_int8_t rdata_pubkey_algorithm = 0; 322 u_int8_t rdata_digest_type = SSHFP_HASH_RESERVED; 323 u_int8_t dtype; 324 u_char *rdata_digest; 325 size_t i, rdata_digest_len; 326 int success = 0; 327 328 for (dtype = SSHFP_HASH_SHA1; dtype < SSHFP_HASH_MAX; dtype++) { 329 rdata_digest_type = dtype; 330 if (dns_read_key(&rdata_pubkey_algorithm, &rdata_digest_type, 331 &rdata_digest, &rdata_digest_len, key)) { 332 if (generic) { 333 fprintf(f, "%s IN TYPE%d \\# %zu %02x %02x ", 334 hostname, DNS_RDATATYPE_SSHFP, 335 2 + rdata_digest_len, 336 rdata_pubkey_algorithm, rdata_digest_type); 337 } else { 338 fprintf(f, "%s IN SSHFP %d %d ", hostname, 339 rdata_pubkey_algorithm, rdata_digest_type); 340 } 341 for (i = 0; i < rdata_digest_len; i++) 342 fprintf(f, "%02x", rdata_digest[i]); 343 fprintf(f, "\n"); 344 free(rdata_digest); /* from sshkey_fingerprint_raw() */ 345 success = 1; 346 } 347 } 348 349 /* No SSHFP record was generated at all */ 350 if (success == 0) { 351 error("%s: unsupported algorithm and/or digest_type", __func__); 352 } 353 354 return success; 355 } 356