validator.c revision 60783293cc27f74a84ec93c95c5d46edd30bd8e0
a7038d1a0513c8e804937ebc95fc9cb3a46c04f5Mark Andrews * Copyright (C) 2000 Internet Software Consortium.
5619558151f1aa4249b3ead979e76876e29278b6Bob Halley * Permission to use, copy, modify, and distribute this software for any
5619558151f1aa4249b3ead979e76876e29278b6Bob Halley * purpose with or without fee is hereby granted, provided that the above
5619558151f1aa4249b3ead979e76876e29278b6Bob Halley * copyright notice and this permission notice appear in all copies.
15a44745412679c30a6d022733925af70a38b715David Lawrence * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
15a44745412679c30a6d022733925af70a38b715David Lawrence * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
15a44745412679c30a6d022733925af70a38b715David Lawrence * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
15a44745412679c30a6d022733925af70a38b715David Lawrence * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
15a44745412679c30a6d022733925af70a38b715David Lawrence * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
15a44745412679c30a6d022733925af70a38b715David Lawrence * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
15a44745412679c30a6d022733925af70a38b715David Lawrence * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
80b782f356f0692c11b4e52e8dd46ec41704e5a2Mark Andrews/* $Id: validator.c,v 1.66 2000/07/25 01:24:18 bwelling Exp $ */
5619558151f1aa4249b3ead979e76876e29278b6Bob Halley /* Unlocked. */
5619558151f1aa4249b3ead979e76876e29278b6Bob Halley unsigned int magic;
5619558151f1aa4249b3ead979e76876e29278b6Bob Halley /* Locked by lock. */
ca67883a666bdf314d3da958d5195e7215b1f797Bob Halley unsigned int options;
732e0731dec1922747bb3b3147cf2c3d16b22eaaBob Halley unsigned int attributes;
5619558151f1aa4249b3ead979e76876e29278b6Bob Halley unsigned int labels;
904a5734375869ffb504ed8cde6b68cafadb6d64Bob Halley#define VALID_VALIDATOR(v) ISC_MAGIC_VALID(v, VALIDATOR_MAGIC)
b12f0228b32775ee688ed21ddbf3a116c1adfb43Michael Graff#define SHUTDOWN(v) (((v)->attributes & VALATTR_SHUTDOWN) != 0)
5619558151f1aa4249b3ead979e76876e29278b6Bob Halleynullkeyvalidated(isc_task_t *task, isc_event_t *event);
5619558151f1aa4249b3ead979e76876e29278b6Bob Halleycontainsnullkey(dns_validator_t *val, dns_rdataset_t *rdataset);
5619558151f1aa4249b3ead979e76876e29278b6Bob Halleyget_dst_key(dns_validator_t *val, dns_rdata_sig_t *siginfo,
5619558151f1aa4249b3ead979e76876e29278b6Bob Halleyvalidate(dns_validator_t *val, isc_boolean_t resume);
0180ccf72c79b98eb8ee5abbb7331aec6951dd9fBob Halleynxtvalidate(dns_validator_t *val, isc_boolean_t resume);
5619558151f1aa4249b3ead979e76876e29278b6Bob Halleyproveunsecure(dns_validator_t *val, isc_boolean_t resume);
5619558151f1aa4249b3ead979e76876e29278b6Bob Halleyvalidator_log(dns_validator_t *val, int level, const char *fmt, ...);
732e0731dec1922747bb3b3147cf2c3d16b22eaaBob Halleyvalidator_done(dns_validator_t *val, isc_result_t result) {
e496615043400500492fa7b891c515c8e7cb7d08Bob Halley * Caller must be holding the lock.
28640d1da26d561f4137122fe64e9e8cc08bf11eBob Halley isc_task_sendanddetach(&task, (isc_event_t **)&val->event);
28640d1da26d561f4137122fe64e9e8cc08bf11eBob Halleyfetch_callback_validator(isc_task_t *task, isc_event_t *event) {
3ddd814a97de1d152ba0913c592d6e6dc83d38a6Michael Graff INSIST(event->ev_type == DNS_EVENT_FETCHDONE);
bf345589ce0b0b64533d4566e4992a0e63aac6f5Bob Halley validator_log(val, ISC_LOG_DEBUG(3), "in fetch_callback_validator");
e02884167b7c969b56413f76c48c3802c4dca14dAndreas Gustafsson "keyset with trust %d", rdataset->trust);
bf345589ce0b0b64533d4566e4992a0e63aac6f5Bob Halley * Only extract the dst key if the keyset is secure.
1c724c986de1449e3b2f1eeae4c724dc0d97603cBob Halley result = get_dst_key(val, val->siginfo, rdataset);
7837d146219db7a85a4b444a9cdf6602254a4f75Bob Halley "fetch_callback_validator: got %s",
bf345589ce0b0b64533d4566e4992a0e63aac6f5Bob Halley * Free stuff from the event.
732e0731dec1922747bb3b3147cf2c3d16b22eaaBob Halley if (dns_rdataset_isassociated(&val->frdataset) &&
bf345589ce0b0b64533d4566e4992a0e63aac6f5Bob Halley if (dns_rdataset_isassociated(&val->fsigrdataset))
bf345589ce0b0b64533d4566e4992a0e63aac6f5Bob Halleyfetch_callback_nullkey(isc_task_t *task, isc_event_t *event) {
7837d146219db7a85a4b444a9cdf6602254a4f75Bob Halley validator_log(val, ISC_LOG_DEBUG(3), "in fetch_callback_nullkey");
7837d146219db7a85a4b444a9cdf6602254a4f75Bob Halley * No null key.
7837d146219db7a85a4b444a9cdf6602254a4f75Bob Halley "found a keyset, no null key");
1c724c986de1449e3b2f1eeae4c724dc0d97603cBob Halley "found a keyset with a null key");
1c724c986de1449e3b2f1eeae4c724dc0d97603cBob Halley "insecurity proof succeeded");
1c724c986de1449e3b2f1eeae4c724dc0d97603cBob Halley } else if (!dns_rdataset_isassociated(sigrdataset)) {
1c724c986de1449e3b2f1eeae4c724dc0d97603cBob Halley "insecurity proof failed");
3ddd814a97de1d152ba0913c592d6e6dc83d38a6Michael Graff * Don't free these, since they'll be
5619558151f1aa4249b3ead979e76876e29278b6Bob Halley * freed in nullkeyvalidated.
5619558151f1aa4249b3ead979e76876e29278b6Bob Halley "no keys found");
5619558151f1aa4249b3ead979e76876e29278b6Bob Halley "fetch_callback_nullkey: got %s",
febaa091847ab004f40500cc475a819f2c73fcddAndreas Gustafsson * Free stuff from the event.
febaa091847ab004f40500cc475a819f2c73fcddAndreas Gustafsson if (dns_rdataset_isassociated(&val->frdataset))
febaa091847ab004f40500cc475a819f2c73fcddAndreas Gustafsson dns_rdataset_disassociate(&val->frdataset);
febaa091847ab004f40500cc475a819f2c73fcddAndreas Gustafsson if (dns_rdataset_isassociated(&val->fsigrdataset))
febaa091847ab004f40500cc475a819f2c73fcddAndreas Gustafsson dns_rdataset_disassociate(&val->fsigrdataset);
03f91269f5453bcbd924910ef85a8f8496cf2661Mark Andrewskeyvalidated(isc_task_t *task, isc_event_t *event) {
76883e8cee593f45c65b0936e5d6e8f778d6e3efMichael Graff INSIST(event->ev_type == DNS_EVENT_VALIDATORDONE);
c3b708aaf1bb0a118e0e11befa1b732acfb1d079Bob Halley validator_log(val, ISC_LOG_DEBUG(3), "in keyvalidated");
03f91269f5453bcbd924910ef85a8f8496cf2661Mark Andrews "keyset with trust %d", &val->frdataset.trust);
5619558151f1aa4249b3ead979e76876e29278b6Bob Halley * Only extract the dst key if the keyset is secure.
5619558151f1aa4249b3ead979e76876e29278b6Bob Halley (void) get_dst_key(val, val->siginfo, &val->frdataset);
c3b708aaf1bb0a118e0e11befa1b732acfb1d079Bob Halley "keyvalidated: got %s",
b2ca6fd3a8293440b4d263723525396059cf2400Brian Wellington * Free stuff from the event.
84185d19c7a9ef1ac23cc6236c8773697d4efeb1Brian Wellington if (dns_rdataset_isassociated(&val->frdataset))
c3b708aaf1bb0a118e0e11befa1b732acfb1d079Bob Halley if (dns_rdataset_isassociated(&val->fsigrdataset))
bf345589ce0b0b64533d4566e4992a0e63aac6f5Bob Halleynxtprovesnonexistence(dns_validator_t *val, dns_name_t *nxtname,
bf345589ce0b0b64533d4566e4992a0e63aac6f5Bob Halley dns_rdataset_t *nxtset, dns_rdataset_t *signxtset)
febaa091847ab004f40500cc475a819f2c73fcddAndreas Gustafsson "looking for relevant nxt");
febaa091847ab004f40500cc475a819f2c73fcddAndreas Gustafsson order = dns_name_compare(val->event->name, nxtname);
febaa091847ab004f40500cc475a819f2c73fcddAndreas Gustafsson * The names are the same, so look for the type present bit.
febaa091847ab004f40500cc475a819f2c73fcddAndreas Gustafsson validator_log(val, ISC_LOG_DEBUG(3), "invalid type %d",
febaa091847ab004f40500cc475a819f2c73fcddAndreas Gustafsson if (dns_nxt_typepresent(&rdata, val->event->type)) {
febaa091847ab004f40500cc475a819f2c73fcddAndreas Gustafsson "type should not be present");
c3b708aaf1bb0a118e0e11befa1b732acfb1d079Bob Halley validator_log(val, ISC_LOG_DEBUG(3), "nxt bitmask ok");
febaa091847ab004f40500cc475a819f2c73fcddAndreas Gustafsson } else if (order > 0) {
2dd99c098ca162f985b7ef3c8142a964ad8281aeMark Andrews * The NXT owner name is less than the nonexistent name.
febaa091847ab004f40500cc475a819f2c73fcddAndreas Gustafsson order = dns_name_compare(val->event->name, &nextname);
febaa091847ab004f40500cc475a819f2c73fcddAndreas Gustafsson * The NXT next name is less than the nonexistent
febaa091847ab004f40500cc475a819f2c73fcddAndreas Gustafsson * name. This is only ok if the next name is the zone
def8e47c688e2480a4539d69c3d1a0a28a7c0550Mark Andrews result = dns_rdata_tostruct(&rdata, &siginfo, NULL);
def8e47c688e2480a4539d69c3d1a0a28a7c0550Mark Andrews if (!dns_name_equal(&siginfo.signer, &nextname)) {
2dd99c098ca162f985b7ef3c8142a964ad8281aeMark Andrews "next name is not greater");
2dd99c098ca162f985b7ef3c8142a964ad8281aeMark Andrews "nxt points to zone apex, ok");
2dd99c098ca162f985b7ef3c8142a964ad8281aeMark Andrews "nxt range ok");
febaa091847ab004f40500cc475a819f2c73fcddAndreas Gustafsson "nxt owner name is not less");
febaa091847ab004f40500cc475a819f2c73fcddAndreas Gustafsson * The NXT owner name is greater than the supposedly
c3b708aaf1bb0a118e0e11befa1b732acfb1d079Bob Halley * nonexistent name. This NXT is irrelevant.
abc93ada82b37282122f8162f48761eb99736571Mark Andrewsauthvalidated(isc_task_t *task, isc_event_t *event) {
c3b708aaf1bb0a118e0e11befa1b732acfb1d079Bob Halley INSIST(event->ev_type == DNS_EVENT_VALIDATORDONE);
c3b708aaf1bb0a118e0e11befa1b732acfb1d079Bob Halley validator_log(val, ISC_LOG_DEBUG(3), "in authvalidated");
03f91269f5453bcbd924910ef85a8f8496cf2661Mark Andrews "authvalidated: got %s",
76883e8cee593f45c65b0936e5d6e8f778d6e3efMichael Graff nxtprovesnonexistence(val, devent->name, rdataset,
6e49e91bd08778d7eae45a2229dcf41ed97cc636David Lawrence * Free stuff from the event.
904a5734375869ffb504ed8cde6b68cafadb6d64Bob Halleynegauthvalidated(isc_task_t *task, isc_event_t *event) {
69be7837c920fac5c71a73e8fad586f9a2711e96Michael Graff INSIST(event->ev_type == DNS_EVENT_VALIDATORDONE);
febaa091847ab004f40500cc475a819f2c73fcddAndreas Gustafsson validator_log(val, ISC_LOG_DEBUG(3), "in negauthvalidated");
69be7837c920fac5c71a73e8fad586f9a2711e96Michael Graff "nonexistence proof found");
13eaef2df27683658868c3828c18880d7419a16aDavid Lawrence "negauthvalidated: got %s",
c3b708aaf1bb0a118e0e11befa1b732acfb1d079Bob Halley * Free stuff from the event.
c3b708aaf1bb0a118e0e11befa1b732acfb1d079Bob Halleynullkeyvalidated(isc_task_t *task, isc_event_t *event) {
ccbfddc70ef38263daca312d29bb8c5077e24785Bob Halley INSIST(event->ev_type == DNS_EVENT_VALIDATORDONE);
8af4b7042d84e0699f7c1de306526098030b74a9Mark Andrews isc_mem_put(val->view->mctx, devent->name, sizeof(dns_name_t));
92296c744ef9ef36de499eb10b3e27800d8b24a5Mark Andrews validator_log(val, ISC_LOG_DEBUG(3), "in nullkeyvalidated");
13eaef2df27683658868c3828c18880d7419a16aDavid Lawrence "proved that name is in an unsecure domain");
84185d19c7a9ef1ac23cc6236c8773697d4efeb1Brian Wellington * Free stuff from the event.
03f91269f5453bcbd924910ef85a8f8496cf2661Mark Andrews if (dns_rdataset_isassociated(&val->frdataset))
84185d19c7a9ef1ac23cc6236c8773697d4efeb1Brian Wellington if (dns_rdataset_isassociated(&val->fsigrdataset))
84185d19c7a9ef1ac23cc6236c8773697d4efeb1Brian Wellington dns_rdataset_disassociate(&val->fsigrdataset);
03f91269f5453bcbd924910ef85a8f8496cf2661Mark Andrews * Try to find a null zone key among those in 'rdataset'. If found, build
03f91269f5453bcbd924910ef85a8f8496cf2661Mark Andrews * a dst_key_t for it and point val->key at it.
03f91269f5453bcbd924910ef85a8f8496cf2661Mark Andrewscontainsnullkey(dns_validator_t *val, dns_rdataset_t *rdataset) {
febaa091847ab004f40500cc475a819f2c73fcddAndreas Gustafsson isc_buffer_init(&b, rdata.data, rdata.length);
febaa091847ab004f40500cc475a819f2c73fcddAndreas Gustafsson * The key name is unimportant, so we can avoid any name/text
84185d19c7a9ef1ac23cc6236c8773697d4efeb1Brian Wellington * conversion.
febaa091847ab004f40500cc475a819f2c73fcddAndreas Gustafsson result = dst_key_fromdns(dns_rootname, &b, val->view->mctx,
d981ca645597116d227a48bf37cc5edc061c854dBob Halley * Try to find a key that could have signed 'siginfo' among those
d981ca645597116d227a48bf37cc5edc061c854dBob Halley * in 'rdataset'. If found, build a dst_key_t for it and point
d981ca645597116d227a48bf37cc5edc061c854dBob Halley * val->key at it.
d981ca645597116d227a48bf37cc5edc061c854dBob Halley * If val->key is non-NULL, this returns the next matching key.
d981ca645597116d227a48bf37cc5edc061c854dBob Halleyget_dst_key(dns_validator_t *val, dns_rdata_sig_t *siginfo,
goto failure;
goto failure;
if (foundold)
return (ISC_R_SUCCESS);
return (result);
static inline isc_result_t
int order;
return (DNS_R_CONTINUE);
return (DNS_R_CONTINUE);
return (ISC_R_SUCCESS);
NULL,
val,
return (result);
return (DNS_R_WAIT);
val,
return (result);
return (DNS_R_WAIT);
return (result);
static isc_boolean_t
&keynode);
&nextnode);
if (!match)
return (ISC_FALSE);
return (match);
static inline isc_result_t
if (!resume) {
secroot);
return (ISC_R_SUCCESS);
if (resume) {
return (ISC_R_NOMEMORY);
if (!resume) {
return (result);
return (ISC_R_SUCCESS);
&nextnode);
!= ISC_R_SUCCESS)
return (result);
return (DNS_R_NOVALIDSIG);
static inline isc_result_t
if (!resume) {
if (resume) {
link))
NULL, 0,
val,
return (result);
return (DNS_R_WAIT);
val,
return (result);
return (DNS_R_WAIT);
return (DNS_R_NOVALIDNXT);
return (ISC_R_SUCCESS);
static inline isc_result_t
return (ISC_R_SUCCESS);
return (result);
return (ISC_R_SUCCESS);
if (!resume)
return (result);
namebuf);
goto out;
goto out;
return (ISC_R_NOMEMORY);
sizeof *fname);
goto out;
NULL,
val,
goto out;
return (DNS_R_WAIT);
val,
goto out;
return (DNS_R_WAIT);
goto out;
out:
return (result);
INSIST(0);
return (ISC_R_NOMEMORY);
sizeof (dns_validatorevent_t));
goto cleanup_val;
goto cleanup_event;
return (ISC_R_SUCCESS);
return (result);
if (want_destroy)
isc_buffer_t b;
isc_region_t r;
!= ISC_R_SUCCESS)
isc_buffer_clear(&b);
isc_buffer_usedregion(&b, &r);