aboutsummaryrefslogtreecommitdiff
path: root/external/unbound/validator
diff options
context:
space:
mode:
Diffstat (limited to 'external/unbound/validator')
-rw-r--r--external/unbound/validator/autotrust.c2393
-rw-r--r--external/unbound/validator/autotrust.h208
-rw-r--r--external/unbound/validator/val_anchor.c1256
-rw-r--r--external/unbound/validator/val_anchor.h219
-rw-r--r--external/unbound/validator/val_kcache.c172
-rw-r--r--external/unbound/validator/val_kcache.h118
-rw-r--r--external/unbound/validator/val_kentry.c413
-rw-r--r--external/unbound/validator/val_kentry.h220
-rw-r--r--external/unbound/validator/val_neg.c1460
-rw-r--r--external/unbound/validator/val_neg.h315
-rw-r--r--external/unbound/validator/val_nsec.c602
-rw-r--r--external/unbound/validator/val_nsec.h182
-rw-r--r--external/unbound/validator/val_nsec3.c1488
-rw-r--r--external/unbound/validator/val_nsec3.h380
-rw-r--r--external/unbound/validator/val_secalgo.c1072
-rw-r--r--external/unbound/validator/val_secalgo.h84
-rw-r--r--external/unbound/validator/val_sigcrypt.c1437
-rw-r--r--external/unbound/validator/val_sigcrypt.h323
-rw-r--r--external/unbound/validator/val_utils.c1083
-rw-r--r--external/unbound/validator/val_utils.h403
-rw-r--r--external/unbound/validator/validator.c2985
-rw-r--r--external/unbound/validator/validator.h294
22 files changed, 17107 insertions, 0 deletions
diff --git a/external/unbound/validator/autotrust.c b/external/unbound/validator/autotrust.c
new file mode 100644
index 000000000..a59763382
--- /dev/null
+++ b/external/unbound/validator/autotrust.c
@@ -0,0 +1,2393 @@
+/*
+ * validator/autotrust.c - RFC5011 trust anchor management for unbound.
+ *
+ * Copyright (c) 2009, NLnet Labs. All rights reserved.
+ *
+ * This software is open source.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of the NLNET LABS nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/**
+ * \file
+ *
+ * Contains autotrust implementation. The implementation was taken from
+ * the autotrust daemon (BSD licensed), written by Matthijs Mekking.
+ * It was modified to fit into unbound. The state table process is the same.
+ */
+#include "config.h"
+#include "validator/autotrust.h"
+#include "validator/val_anchor.h"
+#include "validator/val_utils.h"
+#include "validator/val_sigcrypt.h"
+#include "util/data/dname.h"
+#include "util/data/packed_rrset.h"
+#include "util/log.h"
+#include "util/module.h"
+#include "util/net_help.h"
+#include "util/config_file.h"
+#include "util/regional.h"
+#include "util/random.h"
+#include "util/data/msgparse.h"
+#include "services/mesh.h"
+#include "services/cache/rrset.h"
+#include "validator/val_kcache.h"
+#include "ldns/sbuffer.h"
+#include "ldns/wire2str.h"
+#include "ldns/str2wire.h"
+#include "ldns/keyraw.h"
+#include "ldns/rrdef.h"
+#include <stdarg.h>
+#include <ctype.h>
+
+/** number of times a key must be seen before it can become valid */
+#define MIN_PENDINGCOUNT 2
+
+/** Event: Revoked */
+static void do_revoked(struct module_env* env, struct autr_ta* anchor, int* c);
+
+struct autr_global_data* autr_global_create(void)
+{
+ struct autr_global_data* global;
+ global = (struct autr_global_data*)malloc(sizeof(*global));
+ if(!global)
+ return NULL;
+ rbtree_init(&global->probe, &probetree_cmp);
+ return global;
+}
+
+void autr_global_delete(struct autr_global_data* global)
+{
+ if(!global)
+ return;
+ /* elements deleted by parent */
+ memset(global, 0, sizeof(*global));
+ free(global);
+}
+
+int probetree_cmp(const void* x, const void* y)
+{
+ struct trust_anchor* a = (struct trust_anchor*)x;
+ struct trust_anchor* b = (struct trust_anchor*)y;
+ log_assert(a->autr && b->autr);
+ if(a->autr->next_probe_time < b->autr->next_probe_time)
+ return -1;
+ if(a->autr->next_probe_time > b->autr->next_probe_time)
+ return 1;
+ /* time is equal, sort on trust point identity */
+ return anchor_cmp(x, y);
+}
+
+size_t
+autr_get_num_anchors(struct val_anchors* anchors)
+{
+ size_t res = 0;
+ if(!anchors)
+ return 0;
+ lock_basic_lock(&anchors->lock);
+ if(anchors->autr)
+ res = anchors->autr->probe.count;
+ lock_basic_unlock(&anchors->lock);
+ return res;
+}
+
+/** Position in string */
+static int
+position_in_string(char *str, const char* sub)
+{
+ char* pos = strstr(str, sub);
+ if(pos)
+ return (int)(pos-str)+(int)strlen(sub);
+ return -1;
+}
+
+/** Debug routine to print pretty key information */
+static void
+verbose_key(struct autr_ta* ta, enum verbosity_value level,
+ const char* format, ...) ATTR_FORMAT(printf, 3, 4);
+
+/**
+ * Implementation of debug pretty key print
+ * @param ta: trust anchor key with DNSKEY data.
+ * @param level: verbosity level to print at.
+ * @param format: printf style format string.
+ */
+static void
+verbose_key(struct autr_ta* ta, enum verbosity_value level,
+ const char* format, ...)
+{
+ va_list args;
+ va_start(args, format);
+ if(verbosity >= level) {
+ char* str = sldns_wire2str_dname(ta->rr, ta->dname_len);
+ int keytag = (int)sldns_calc_keytag_raw(sldns_wirerr_get_rdata(
+ ta->rr, ta->rr_len, ta->dname_len),
+ sldns_wirerr_get_rdatalen(ta->rr, ta->rr_len,
+ ta->dname_len));
+ char msg[MAXSYSLOGMSGLEN];
+ vsnprintf(msg, sizeof(msg), format, args);
+ verbose(level, "%s key %d %s", str?str:"??", keytag, msg);
+ free(str);
+ }
+ va_end(args);
+}
+
+/**
+ * Parse comments
+ * @param str: to parse
+ * @param ta: trust key autotrust metadata
+ * @return false on failure.
+ */
+static int
+parse_comments(char* str, struct autr_ta* ta)
+{
+ int len = (int)strlen(str), pos = 0, timestamp = 0;
+ char* comment = (char*) malloc(sizeof(char)*len+1);
+ char* comments = comment;
+ if(!comment) {
+ log_err("malloc failure in parse");
+ return 0;
+ }
+ /* skip over whitespace and data at start of line */
+ while (*str != '\0' && *str != ';')
+ str++;
+ if (*str == ';')
+ str++;
+ /* copy comments */
+ while (*str != '\0')
+ {
+ *comments = *str;
+ comments++;
+ str++;
+ }
+ *comments = '\0';
+
+ comments = comment;
+
+ /* read state */
+ pos = position_in_string(comments, "state=");
+ if (pos >= (int) strlen(comments))
+ {
+ log_err("parse error");
+ free(comment);
+ return 0;
+ }
+ if (pos <= 0)
+ ta->s = AUTR_STATE_VALID;
+ else
+ {
+ int s = (int) comments[pos] - '0';
+ switch(s)
+ {
+ case AUTR_STATE_START:
+ case AUTR_STATE_ADDPEND:
+ case AUTR_STATE_VALID:
+ case AUTR_STATE_MISSING:
+ case AUTR_STATE_REVOKED:
+ case AUTR_STATE_REMOVED:
+ ta->s = s;
+ break;
+ default:
+ verbose_key(ta, VERB_OPS, "has undefined "
+ "state, considered NewKey");
+ ta->s = AUTR_STATE_START;
+ break;
+ }
+ }
+ /* read pending count */
+ pos = position_in_string(comments, "count=");
+ if (pos >= (int) strlen(comments))
+ {
+ log_err("parse error");
+ free(comment);
+ return 0;
+ }
+ if (pos <= 0)
+ ta->pending_count = 0;
+ else
+ {
+ comments += pos;
+ ta->pending_count = (uint8_t)atoi(comments);
+ }
+
+ /* read last change */
+ pos = position_in_string(comments, "lastchange=");
+ if (pos >= (int) strlen(comments))
+ {
+ log_err("parse error");
+ free(comment);
+ return 0;
+ }
+ if (pos >= 0)
+ {
+ comments += pos;
+ timestamp = atoi(comments);
+ }
+ if (pos < 0 || !timestamp)
+ ta->last_change = 0;
+ else
+ ta->last_change = (time_t)timestamp;
+
+ free(comment);
+ return 1;
+}
+
+/** Check if a line contains data (besides comments) */
+static int
+str_contains_data(char* str, char comment)
+{
+ while (*str != '\0') {
+ if (*str == comment || *str == '\n')
+ return 0;
+ if (*str != ' ' && *str != '\t')
+ return 1;
+ str++;
+ }
+ return 0;
+}
+
+/** Get DNSKEY flags
+ * rdata without rdatalen in front of it. */
+static int
+dnskey_flags(uint16_t t, uint8_t* rdata, size_t len)
+{
+ uint16_t f;
+ if(t != LDNS_RR_TYPE_DNSKEY)
+ return 0;
+ if(len < 2)
+ return 0;
+ memmove(&f, rdata, 2);
+ f = ntohs(f);
+ return (int)f;
+}
+
+/** Check if KSK DNSKEY.
+ * pass rdata without rdatalen in front of it */
+static int
+rr_is_dnskey_sep(uint16_t t, uint8_t* rdata, size_t len)
+{
+ return (dnskey_flags(t, rdata, len)&DNSKEY_BIT_SEP);
+}
+
+/** Check if TA is KSK DNSKEY */
+static int
+ta_is_dnskey_sep(struct autr_ta* ta)
+{
+ return (dnskey_flags(
+ sldns_wirerr_get_type(ta->rr, ta->rr_len, ta->dname_len),
+ sldns_wirerr_get_rdata(ta->rr, ta->rr_len, ta->dname_len),
+ sldns_wirerr_get_rdatalen(ta->rr, ta->rr_len, ta->dname_len)
+ ) & DNSKEY_BIT_SEP);
+}
+
+/** Check if REVOKED DNSKEY
+ * pass rdata without rdatalen in front of it */
+static int
+rr_is_dnskey_revoked(uint16_t t, uint8_t* rdata, size_t len)
+{
+ return (dnskey_flags(t, rdata, len)&LDNS_KEY_REVOKE_KEY);
+}
+
+/** create ta */
+static struct autr_ta*
+autr_ta_create(uint8_t* rr, size_t rr_len, size_t dname_len)
+{
+ struct autr_ta* ta = (struct autr_ta*)calloc(1, sizeof(*ta));
+ if(!ta) {
+ free(rr);
+ return NULL;
+ }
+ ta->rr = rr;
+ ta->rr_len = rr_len;
+ ta->dname_len = dname_len;
+ return ta;
+}
+
+/** create tp */
+static struct trust_anchor*
+autr_tp_create(struct val_anchors* anchors, uint8_t* own, size_t own_len,
+ uint16_t dc)
+{
+ struct trust_anchor* tp = (struct trust_anchor*)calloc(1, sizeof(*tp));
+ if(!tp) return NULL;
+ tp->name = memdup(own, own_len);
+ if(!tp->name) {
+ free(tp);
+ return NULL;
+ }
+ tp->namelen = own_len;
+ tp->namelabs = dname_count_labels(tp->name);
+ tp->node.key = tp;
+ tp->dclass = dc;
+ tp->autr = (struct autr_point_data*)calloc(1, sizeof(*tp->autr));
+ if(!tp->autr) {
+ free(tp->name);
+ free(tp);
+ return NULL;
+ }
+ tp->autr->pnode.key = tp;
+
+ lock_basic_lock(&anchors->lock);
+ if(!rbtree_insert(anchors->tree, &tp->node)) {
+ lock_basic_unlock(&anchors->lock);
+ log_err("trust anchor presented twice");
+ free(tp->name);
+ free(tp->autr);
+ free(tp);
+ return NULL;
+ }
+ if(!rbtree_insert(&anchors->autr->probe, &tp->autr->pnode)) {
+ (void)rbtree_delete(anchors->tree, tp);
+ lock_basic_unlock(&anchors->lock);
+ log_err("trust anchor in probetree twice");
+ free(tp->name);
+ free(tp->autr);
+ free(tp);
+ return NULL;
+ }
+ lock_basic_unlock(&anchors->lock);
+ lock_basic_init(&tp->lock);
+ lock_protect(&tp->lock, tp, sizeof(*tp));
+ lock_protect(&tp->lock, tp->autr, sizeof(*tp->autr));
+ return tp;
+}
+
+/** delete assembled rrsets */
+static void
+autr_rrset_delete(struct ub_packed_rrset_key* r)
+{
+ if(r) {
+ free(r->rk.dname);
+ free(r->entry.data);
+ free(r);
+ }
+}
+
+void autr_point_delete(struct trust_anchor* tp)
+{
+ if(!tp)
+ return;
+ lock_unprotect(&tp->lock, tp);
+ lock_unprotect(&tp->lock, tp->autr);
+ lock_basic_destroy(&tp->lock);
+ autr_rrset_delete(tp->ds_rrset);
+ autr_rrset_delete(tp->dnskey_rrset);
+ if(tp->autr) {
+ struct autr_ta* p = tp->autr->keys, *np;
+ while(p) {
+ np = p->next;
+ free(p->rr);
+ free(p);
+ p = np;
+ }
+ free(tp->autr->file);
+ free(tp->autr);
+ }
+ free(tp->name);
+ free(tp);
+}
+
+/** find or add a new trust point for autotrust */
+static struct trust_anchor*
+find_add_tp(struct val_anchors* anchors, uint8_t* rr, size_t rr_len,
+ size_t dname_len)
+{
+ struct trust_anchor* tp;
+ tp = anchor_find(anchors, rr, dname_count_labels(rr), dname_len,
+ sldns_wirerr_get_class(rr, rr_len, dname_len));
+ if(tp) {
+ if(!tp->autr) {
+ log_err("anchor cannot be with and without autotrust");
+ lock_basic_unlock(&tp->lock);
+ return NULL;
+ }
+ return tp;
+ }
+ tp = autr_tp_create(anchors, rr, dname_len, sldns_wirerr_get_class(rr,
+ rr_len, dname_len));
+ lock_basic_lock(&tp->lock);
+ return tp;
+}
+
+/** Add trust anchor from RR */
+static struct autr_ta*
+add_trustanchor_frm_rr(struct val_anchors* anchors, uint8_t* rr, size_t rr_len,
+ size_t dname_len, struct trust_anchor** tp)
+{
+ struct autr_ta* ta = autr_ta_create(rr, rr_len, dname_len);
+ if(!ta)
+ return NULL;
+ *tp = find_add_tp(anchors, rr, rr_len, dname_len);
+ if(!*tp) {
+ free(ta->rr);
+ free(ta);
+ return NULL;
+ }
+ /* add ta to tp */
+ ta->next = (*tp)->autr->keys;
+ (*tp)->autr->keys = ta;
+ lock_basic_unlock(&(*tp)->lock);
+ return ta;
+}
+
+/**
+ * Add new trust anchor from a string in file.
+ * @param anchors: all anchors
+ * @param str: string with anchor and comments, if any comments.
+ * @param tp: trust point returned.
+ * @param origin: what to use for @
+ * @param origin_len: length of origin
+ * @param prev: previous rr name
+ * @param prev_len: length of prev
+ * @param skip: if true, the result is NULL, but not an error, skip it.
+ * @return new key in trust point.
+ */
+static struct autr_ta*
+add_trustanchor_frm_str(struct val_anchors* anchors, char* str,
+ struct trust_anchor** tp, uint8_t* origin, size_t origin_len,
+ uint8_t** prev, size_t* prev_len, int* skip)
+{
+ uint8_t rr[LDNS_RR_BUF_SIZE];
+ size_t rr_len = sizeof(rr), dname_len;
+ uint8_t* drr;
+ int lstatus;
+ if (!str_contains_data(str, ';')) {
+ *skip = 1;
+ return NULL; /* empty line */
+ }
+ if(0 != (lstatus = sldns_str2wire_rr_buf(str, rr, &rr_len, &dname_len,
+ 0, origin, origin_len, *prev, *prev_len)))
+ {
+ log_err("ldns error while converting string to RR at%d: %s: %s",
+ LDNS_WIREPARSE_OFFSET(lstatus),
+ sldns_get_errorstr_parse(lstatus), str);
+ return NULL;
+ }
+ free(*prev);
+ *prev = memdup(rr, dname_len);
+ *prev_len = dname_len;
+ if(!*prev) {
+ log_err("malloc failure in add_trustanchor");
+ return NULL;
+ }
+ if(sldns_wirerr_get_type(rr, rr_len, dname_len)!=LDNS_RR_TYPE_DNSKEY &&
+ sldns_wirerr_get_type(rr, rr_len, dname_len)!=LDNS_RR_TYPE_DS) {
+ *skip = 1;
+ return NULL; /* only DS and DNSKEY allowed */
+ }
+ drr = memdup(rr, rr_len);
+ if(!drr) {
+ log_err("malloc failure in add trustanchor");
+ return NULL;
+ }
+ return add_trustanchor_frm_rr(anchors, drr, rr_len, dname_len, tp);
+}
+
+/**
+ * Load single anchor
+ * @param anchors: all points.
+ * @param str: comments line
+ * @param fname: filename
+ * @param origin: the $ORIGIN.
+ * @param origin_len: length of origin
+ * @param prev: passed to ldns.
+ * @param prev_len: length of prev
+ * @param skip: if true, the result is NULL, but not an error, skip it.
+ * @return false on failure, otherwise the tp read.
+ */
+static struct trust_anchor*
+load_trustanchor(struct val_anchors* anchors, char* str, const char* fname,
+ uint8_t* origin, size_t origin_len, uint8_t** prev, size_t* prev_len,
+ int* skip)
+{
+ struct autr_ta* ta = NULL;
+ struct trust_anchor* tp = NULL;
+
+ ta = add_trustanchor_frm_str(anchors, str, &tp, origin, origin_len,
+ prev, prev_len, skip);
+ if(!ta)
+ return NULL;
+ lock_basic_lock(&tp->lock);
+ if(!parse_comments(str, ta)) {
+ lock_basic_unlock(&tp->lock);
+ return NULL;
+ }
+ if(!tp->autr->file) {
+ tp->autr->file = strdup(fname);
+ if(!tp->autr->file) {
+ lock_basic_unlock(&tp->lock);
+ log_err("malloc failure");
+ return NULL;
+ }
+ }
+ lock_basic_unlock(&tp->lock);
+ return tp;
+}
+
+/** iterator for DSes from keylist. return true if a next element exists */
+static int
+assemble_iterate_ds(struct autr_ta** list, uint8_t** rr, size_t* rr_len,
+ size_t* dname_len)
+{
+ while(*list) {
+ if(sldns_wirerr_get_type((*list)->rr, (*list)->rr_len,
+ (*list)->dname_len) == LDNS_RR_TYPE_DS) {
+ *rr = (*list)->rr;
+ *rr_len = (*list)->rr_len;
+ *dname_len = (*list)->dname_len;
+ *list = (*list)->next;
+ return 1;
+ }
+ *list = (*list)->next;
+ }
+ return 0;
+}
+
+/** iterator for DNSKEYs from keylist. return true if a next element exists */
+static int
+assemble_iterate_dnskey(struct autr_ta** list, uint8_t** rr, size_t* rr_len,
+ size_t* dname_len)
+{
+ while(*list) {
+ if(sldns_wirerr_get_type((*list)->rr, (*list)->rr_len,
+ (*list)->dname_len) != LDNS_RR_TYPE_DS &&
+ ((*list)->s == AUTR_STATE_VALID ||
+ (*list)->s == AUTR_STATE_MISSING)) {
+ *rr = (*list)->rr;
+ *rr_len = (*list)->rr_len;
+ *dname_len = (*list)->dname_len;
+ *list = (*list)->next;
+ return 1;
+ }
+ *list = (*list)->next;
+ }
+ return 0;
+}
+
+/** see if iterator-list has any elements in it, or it is empty */
+static int
+assemble_iterate_hasfirst(int iter(struct autr_ta**, uint8_t**, size_t*,
+ size_t*), struct autr_ta* list)
+{
+ uint8_t* rr = NULL;
+ size_t rr_len = 0, dname_len = 0;
+ return iter(&list, &rr, &rr_len, &dname_len);
+}
+
+/** number of elements in iterator list */
+static size_t
+assemble_iterate_count(int iter(struct autr_ta**, uint8_t**, size_t*,
+ size_t*), struct autr_ta* list)
+{
+ uint8_t* rr = NULL;
+ size_t i = 0, rr_len = 0, dname_len = 0;
+ while(iter(&list, &rr, &rr_len, &dname_len)) {
+ i++;
+ }
+ return i;
+}
+
+/**
+ * Create a ub_packed_rrset_key allocated on the heap.
+ * It therefore does not have the correct ID value, and cannot be used
+ * inside the cache. It can be used in storage outside of the cache.
+ * Keys for the cache have to be obtained from alloc.h .
+ * @param iter: iterator over the elements in the list. It filters elements.
+ * @param list: the list.
+ * @return key allocated or NULL on failure.
+ */
+static struct ub_packed_rrset_key*
+ub_packed_rrset_heap_key(int iter(struct autr_ta**, uint8_t**, size_t*,
+ size_t*), struct autr_ta* list)
+{
+ uint8_t* rr = NULL;
+ size_t rr_len = 0, dname_len = 0;
+ struct ub_packed_rrset_key* k;
+ if(!iter(&list, &rr, &rr_len, &dname_len))
+ return NULL;
+ k = (struct ub_packed_rrset_key*)calloc(1, sizeof(*k));
+ if(!k)
+ return NULL;
+ k->rk.type = htons(sldns_wirerr_get_type(rr, rr_len, dname_len));
+ k->rk.rrset_class = htons(sldns_wirerr_get_class(rr, rr_len, dname_len));
+ k->rk.dname_len = dname_len;
+ k->rk.dname = memdup(rr, dname_len);
+ if(!k->rk.dname) {
+ free(k);
+ return NULL;
+ }
+ return k;
+}
+
+/**
+ * Create packed_rrset data on the heap.
+ * @param iter: iterator over the elements in the list. It filters elements.
+ * @param list: the list.
+ * @return data allocated or NULL on failure.
+ */
+static struct packed_rrset_data*
+packed_rrset_heap_data(int iter(struct autr_ta**, uint8_t**, size_t*,
+ size_t*), struct autr_ta* list)
+{
+ uint8_t* rr = NULL;
+ size_t rr_len = 0, dname_len = 0;
+ struct packed_rrset_data* data;
+ size_t count=0, rrsig_count=0, len=0, i, total;
+ uint8_t* nextrdata;
+ struct autr_ta* list_i;
+ time_t ttl = 0;
+
+ list_i = list;
+ while(iter(&list_i, &rr, &rr_len, &dname_len)) {
+ if(sldns_wirerr_get_type(rr, rr_len, dname_len) ==
+ LDNS_RR_TYPE_RRSIG)
+ rrsig_count++;
+ else count++;
+ /* sizeof the rdlength + rdatalen */
+ len += 2 + sldns_wirerr_get_rdatalen(rr, rr_len, dname_len);
+ ttl = (time_t)sldns_wirerr_get_ttl(rr, rr_len, dname_len);
+ }
+ if(count == 0 && rrsig_count == 0)
+ return NULL;
+
+ /* allocate */
+ total = count + rrsig_count;
+ len += sizeof(*data) + total*(sizeof(size_t) + sizeof(time_t) +
+ sizeof(uint8_t*));
+ data = (struct packed_rrset_data*)calloc(1, len);
+ if(!data)
+ return NULL;
+
+ /* fill it */
+ data->ttl = ttl;
+ data->count = count;
+ data->rrsig_count = rrsig_count;
+ data->rr_len = (size_t*)((uint8_t*)data +
+ sizeof(struct packed_rrset_data));
+ data->rr_data = (uint8_t**)&(data->rr_len[total]);
+ data->rr_ttl = (time_t*)&(data->rr_data[total]);
+ nextrdata = (uint8_t*)&(data->rr_ttl[total]);
+
+ /* fill out len, ttl, fields */
+ list_i = list;
+ i = 0;
+ while(iter(&list_i, &rr, &rr_len, &dname_len)) {
+ data->rr_ttl[i] = (time_t)sldns_wirerr_get_ttl(rr, rr_len,
+ dname_len);
+ if(data->rr_ttl[i] < data->ttl)
+ data->ttl = data->rr_ttl[i];
+ data->rr_len[i] = 2 /* the rdlength */ +
+ sldns_wirerr_get_rdatalen(rr, rr_len, dname_len);
+ i++;
+ }
+
+ /* fixup rest of ptrs */
+ for(i=0; i<total; i++) {
+ data->rr_data[i] = nextrdata;
+ nextrdata += data->rr_len[i];
+ }
+
+ /* copy data in there */
+ list_i = list;
+ i = 0;
+ while(iter(&list_i, &rr, &rr_len, &dname_len)) {
+ memmove(data->rr_data[i],
+ sldns_wirerr_get_rdatawl(rr, rr_len, dname_len),
+ data->rr_len[i]);
+ i++;
+ }
+
+ if(data->rrsig_count && data->count == 0) {
+ data->count = data->rrsig_count; /* rrset type is RRSIG */
+ data->rrsig_count = 0;
+ }
+ return data;
+}
+
+/**
+ * Assemble the trust anchors into DS and DNSKEY packed rrsets.
+ * Uses only VALID and MISSING DNSKEYs.
+ * Read the sldns_rrs and builds packed rrsets
+ * @param tp: the trust point. Must be locked.
+ * @return false on malloc failure.
+ */
+static int
+autr_assemble(struct trust_anchor* tp)
+{
+ struct ub_packed_rrset_key* ubds=NULL, *ubdnskey=NULL;
+
+ /* make packed rrset keys - malloced with no ID number, they
+ * are not in the cache */
+ /* make packed rrset data (if there is a key) */
+ if(assemble_iterate_hasfirst(assemble_iterate_ds, tp->autr->keys)) {
+ ubds = ub_packed_rrset_heap_key(
+ assemble_iterate_ds, tp->autr->keys);
+ if(!ubds)
+ goto error_cleanup;
+ ubds->entry.data = packed_rrset_heap_data(
+ assemble_iterate_ds, tp->autr->keys);
+ if(!ubds->entry.data)
+ goto error_cleanup;
+ }
+
+ /* make packed DNSKEY data */
+ if(assemble_iterate_hasfirst(assemble_iterate_dnskey, tp->autr->keys)) {
+ ubdnskey = ub_packed_rrset_heap_key(
+ assemble_iterate_dnskey, tp->autr->keys);
+ if(!ubdnskey)
+ goto error_cleanup;
+ ubdnskey->entry.data = packed_rrset_heap_data(
+ assemble_iterate_dnskey, tp->autr->keys);
+ if(!ubdnskey->entry.data) {
+ error_cleanup:
+ autr_rrset_delete(ubds);
+ autr_rrset_delete(ubdnskey);
+ return 0;
+ }
+ }
+
+ /* we have prepared the new keys so nothing can go wrong any more.
+ * And we are sure we cannot be left without trustanchor after
+ * any errors. Put in the new keys and remove old ones. */
+
+ /* free the old data */
+ autr_rrset_delete(tp->ds_rrset);
+ autr_rrset_delete(tp->dnskey_rrset);
+
+ /* assign the data to replace the old */
+ tp->ds_rrset = ubds;
+ tp->dnskey_rrset = ubdnskey;
+ tp->numDS = assemble_iterate_count(assemble_iterate_ds,
+ tp->autr->keys);
+ tp->numDNSKEY = assemble_iterate_count(assemble_iterate_dnskey,
+ tp->autr->keys);
+ return 1;
+}
+
+/** parse integer */
+static unsigned int
+parse_int(char* line, int* ret)
+{
+ char *e;
+ unsigned int x = (unsigned int)strtol(line, &e, 10);
+ if(line == e) {
+ *ret = -1; /* parse error */
+ return 0;
+ }
+ *ret = 1; /* matched */
+ return x;
+}
+
+/** parse id sequence for anchor */
+static struct trust_anchor*
+parse_id(struct val_anchors* anchors, char* line)
+{
+ struct trust_anchor *tp;
+ int r;
+ uint16_t dclass;
+ uint8_t* dname;
+ size_t dname_len;
+ /* read the owner name */
+ char* next = strchr(line, ' ');
+ if(!next)
+ return NULL;
+ next[0] = 0;
+ dname = sldns_str2wire_dname(line, &dname_len);
+ if(!dname)
+ return NULL;
+
+ /* read the class */
+ dclass = parse_int(next+1, &r);
+ if(r == -1) {
+ free(dname);
+ return NULL;
+ }
+
+ /* find the trust point */
+ tp = autr_tp_create(anchors, dname, dname_len, dclass);
+ free(dname);
+ return tp;
+}
+
+/**
+ * Parse variable from trustanchor header
+ * @param line: to parse
+ * @param anchors: the anchor is added to this, if "id:" is seen.
+ * @param anchor: the anchor as result value or previously returned anchor
+ * value to read the variable lines into.
+ * @return: 0 no match, -1 failed syntax error, +1 success line read.
+ * +2 revoked trust anchor file.
+ */
+static int
+parse_var_line(char* line, struct val_anchors* anchors,
+ struct trust_anchor** anchor)
+{
+ struct trust_anchor* tp = *anchor;
+ int r = 0;
+ if(strncmp(line, ";;id: ", 6) == 0) {
+ *anchor = parse_id(anchors, line+6);
+ if(!*anchor) return -1;
+ else return 1;
+ } else if(strncmp(line, ";;REVOKED", 9) == 0) {
+ if(tp) {
+ log_err("REVOKED statement must be at start of file");
+ return -1;
+ }
+ return 2;
+ } else if(strncmp(line, ";;last_queried: ", 16) == 0) {
+ if(!tp) return -1;
+ lock_basic_lock(&tp->lock);
+ tp->autr->last_queried = (time_t)parse_int(line+16, &r);
+ lock_basic_unlock(&tp->lock);
+ } else if(strncmp(line, ";;last_success: ", 16) == 0) {
+ if(!tp) return -1;
+ lock_basic_lock(&tp->lock);
+ tp->autr->last_success = (time_t)parse_int(line+16, &r);
+ lock_basic_unlock(&tp->lock);
+ } else if(strncmp(line, ";;next_probe_time: ", 19) == 0) {
+ if(!tp) return -1;
+ lock_basic_lock(&anchors->lock);
+ lock_basic_lock(&tp->lock);
+ (void)rbtree_delete(&anchors->autr->probe, tp);
+ tp->autr->next_probe_time = (time_t)parse_int(line+19, &r);
+ (void)rbtree_insert(&anchors->autr->probe, &tp->autr->pnode);
+ lock_basic_unlock(&tp->lock);
+ lock_basic_unlock(&anchors->lock);
+ } else if(strncmp(line, ";;query_failed: ", 16) == 0) {
+ if(!tp) return -1;
+ lock_basic_lock(&tp->lock);
+ tp->autr->query_failed = (uint8_t)parse_int(line+16, &r);
+ lock_basic_unlock(&tp->lock);
+ } else if(strncmp(line, ";;query_interval: ", 18) == 0) {
+ if(!tp) return -1;
+ lock_basic_lock(&tp->lock);
+ tp->autr->query_interval = (time_t)parse_int(line+18, &r);
+ lock_basic_unlock(&tp->lock);
+ } else if(strncmp(line, ";;retry_time: ", 14) == 0) {
+ if(!tp) return -1;
+ lock_basic_lock(&tp->lock);
+ tp->autr->retry_time = (time_t)parse_int(line+14, &r);
+ lock_basic_unlock(&tp->lock);
+ }
+ return r;
+}
+
+/** handle origin lines */
+static int
+handle_origin(char* line, uint8_t** origin, size_t* origin_len)
+{
+ size_t len = 0;
+ while(isspace((int)*line))
+ line++;
+ if(strncmp(line, "$ORIGIN", 7) != 0)
+ return 0;
+ free(*origin);
+ line += 7;
+ while(isspace((int)*line))
+ line++;
+ *origin = sldns_str2wire_dname(line, &len);
+ *origin_len = len;
+ if(!*origin)
+ log_warn("malloc failure or parse error in $ORIGIN");
+ return 1;
+}
+
+/** Read one line and put multiline RRs onto one line string */
+static int
+read_multiline(char* buf, size_t len, FILE* in, int* linenr)
+{
+ char* pos = buf;
+ size_t left = len;
+ int depth = 0;
+ buf[len-1] = 0;
+ while(left > 0 && fgets(pos, (int)left, in) != NULL) {
+ size_t i, poslen = strlen(pos);
+ (*linenr)++;
+
+ /* check what the new depth is after the line */
+ /* this routine cannot handle braces inside quotes,
+ say for TXT records, but this routine only has to read keys */
+ for(i=0; i<poslen; i++) {
+ if(pos[i] == '(') {
+ depth++;
+ } else if(pos[i] == ')') {
+ if(depth == 0) {
+ log_err("mismatch: too many ')'");
+ return -1;
+ }
+ depth--;
+ } else if(pos[i] == ';') {
+ break;
+ }
+ }
+
+ /* normal oneline or last line: keeps newline and comments */
+ if(depth == 0) {
+ return 1;
+ }
+
+ /* more lines expected, snip off comments and newline */
+ if(poslen>0)
+ pos[poslen-1] = 0; /* strip newline */
+ if(strchr(pos, ';'))
+ strchr(pos, ';')[0] = 0; /* strip comments */
+
+ /* move to paste other lines behind this one */
+ poslen = strlen(pos);
+ pos += poslen;
+ left -= poslen;
+ /* the newline is changed into a space */
+ if(left <= 2 /* space and eos */) {
+ log_err("line too long");
+ return -1;
+ }
+ pos[0] = ' ';
+ pos[1] = 0;
+ pos += 1;
+ left -= 1;
+ }
+ if(depth != 0) {
+ log_err("mismatch: too many '('");
+ return -1;
+ }
+ if(pos != buf)
+ return 1;
+ return 0;
+}
+
+int autr_read_file(struct val_anchors* anchors, const char* nm)
+{
+ /* the file descriptor */
+ FILE* fd;
+ /* keep track of line numbers */
+ int line_nr = 0;
+ /* single line */
+ char line[10240];
+ /* trust point being read */
+ struct trust_anchor *tp = NULL, *tp2;
+ int r;
+ /* for $ORIGIN parsing */
+ uint8_t *origin=NULL, *prev=NULL;
+ size_t origin_len=0, prev_len=0;
+
+ if (!(fd = fopen(nm, "r"))) {
+ log_err("unable to open %s for reading: %s",
+ nm, strerror(errno));
+ return 0;
+ }
+ verbose(VERB_ALGO, "reading autotrust anchor file %s", nm);
+ while ( (r=read_multiline(line, sizeof(line), fd, &line_nr)) != 0) {
+ if(r == -1 || (r = parse_var_line(line, anchors, &tp)) == -1) {
+ log_err("could not parse auto-trust-anchor-file "
+ "%s line %d", nm, line_nr);
+ fclose(fd);
+ free(origin);
+ free(prev);
+ return 0;
+ } else if(r == 1) {
+ continue;
+ } else if(r == 2) {
+ log_warn("trust anchor %s has been revoked", nm);
+ fclose(fd);
+ free(origin);
+ free(prev);
+ return 1;
+ }
+ if (!str_contains_data(line, ';'))
+ continue; /* empty lines allowed */
+ if(handle_origin(line, &origin, &origin_len))
+ continue;
+ r = 0;
+ if(!(tp2=load_trustanchor(anchors, line, nm, origin,
+ origin_len, &prev, &prev_len, &r))) {
+ if(!r) log_err("failed to load trust anchor from %s "
+ "at line %i, skipping", nm, line_nr);
+ /* try to do the rest */
+ continue;
+ }
+ if(tp && tp != tp2) {
+ log_err("file %s has mismatching data inside: "
+ "the file may only contain keys for one name, "
+ "remove keys for other domain names", nm);
+ fclose(fd);
+ free(origin);
+ free(prev);
+ return 0;
+ }
+ tp = tp2;
+ }
+ fclose(fd);
+ free(origin);
+ free(prev);
+ if(!tp) {
+ log_err("failed to read %s", nm);
+ return 0;
+ }
+
+ /* now assemble the data into DNSKEY and DS packed rrsets */
+ lock_basic_lock(&tp->lock);
+ if(!autr_assemble(tp)) {
+ lock_basic_unlock(&tp->lock);
+ log_err("malloc failure assembling %s", nm);
+ return 0;
+ }
+ lock_basic_unlock(&tp->lock);
+ return 1;
+}
+
+/** string for a trustanchor state */
+static const char*
+trustanchor_state2str(autr_state_t s)
+{
+ switch (s) {
+ case AUTR_STATE_START: return " START ";
+ case AUTR_STATE_ADDPEND: return " ADDPEND ";
+ case AUTR_STATE_VALID: return " VALID ";
+ case AUTR_STATE_MISSING: return " MISSING ";
+ case AUTR_STATE_REVOKED: return " REVOKED ";
+ case AUTR_STATE_REMOVED: return " REMOVED ";
+ }
+ return " UNKNOWN ";
+}
+
+/** print ID to file */
+static int
+print_id(FILE* out, char* fname, uint8_t* nm, size_t nmlen, uint16_t dclass)
+{
+ char* s = sldns_wire2str_dname(nm, nmlen);
+ if(!s) {
+ log_err("malloc failure in write to %s", fname);
+ return 0;
+ }
+ if(fprintf(out, ";;id: %s %d\n", s, (int)dclass) < 0) {
+ log_err("could not write to %s: %s", fname, strerror(errno));
+ free(s);
+ return 0;
+ }
+ free(s);
+ return 1;
+}
+
+static int
+autr_write_contents(FILE* out, char* fn, struct trust_anchor* tp)
+{
+ char tmi[32];
+ struct autr_ta* ta;
+ char* str;
+
+ /* write pretty header */
+ if(fprintf(out, "; autotrust trust anchor file\n") < 0) {
+ log_err("could not write to %s: %s", fn, strerror(errno));
+ return 0;
+ }
+ if(tp->autr->revoked) {
+ if(fprintf(out, ";;REVOKED\n") < 0 ||
+ fprintf(out, "; The zone has all keys revoked, and is\n"
+ "; considered as if it has no trust anchors.\n"
+ "; the remainder of the file is the last probe.\n"
+ "; to restart the trust anchor, overwrite this file.\n"
+ "; with one containing valid DNSKEYs or DSes.\n") < 0) {
+ log_err("could not write to %s: %s", fn, strerror(errno));
+ return 0;
+ }
+ }
+ if(!print_id(out, fn, tp->name, tp->namelen, tp->dclass)) {
+ return 0;
+ }
+ if(fprintf(out, ";;last_queried: %u ;;%s",
+ (unsigned int)tp->autr->last_queried,
+ ctime_r(&(tp->autr->last_queried), tmi)) < 0 ||
+ fprintf(out, ";;last_success: %u ;;%s",
+ (unsigned int)tp->autr->last_success,
+ ctime_r(&(tp->autr->last_success), tmi)) < 0 ||
+ fprintf(out, ";;next_probe_time: %u ;;%s",
+ (unsigned int)tp->autr->next_probe_time,
+ ctime_r(&(tp->autr->next_probe_time), tmi)) < 0 ||
+ fprintf(out, ";;query_failed: %d\n", (int)tp->autr->query_failed)<0
+ || fprintf(out, ";;query_interval: %d\n",
+ (int)tp->autr->query_interval) < 0 ||
+ fprintf(out, ";;retry_time: %d\n", (int)tp->autr->retry_time) < 0) {
+ log_err("could not write to %s: %s", fn, strerror(errno));
+ return 0;
+ }
+
+ /* write anchors */
+ for(ta=tp->autr->keys; ta; ta=ta->next) {
+ /* by default do not store START and REMOVED keys */
+ if(ta->s == AUTR_STATE_START)
+ continue;
+ if(ta->s == AUTR_STATE_REMOVED)
+ continue;
+ /* only store keys */
+ if(sldns_wirerr_get_type(ta->rr, ta->rr_len, ta->dname_len)
+ != LDNS_RR_TYPE_DNSKEY)
+ continue;
+ str = sldns_wire2str_rr(ta->rr, ta->rr_len);
+ if(!str || !str[0]) {
+ free(str);
+ log_err("malloc failure writing %s", fn);
+ return 0;
+ }
+ str[strlen(str)-1] = 0; /* remove newline */
+ if(fprintf(out, "%s ;;state=%d [%s] ;;count=%d "
+ ";;lastchange=%u ;;%s", str, (int)ta->s,
+ trustanchor_state2str(ta->s), (int)ta->pending_count,
+ (unsigned int)ta->last_change,
+ ctime_r(&(ta->last_change), tmi)) < 0) {
+ log_err("could not write to %s: %s", fn, strerror(errno));
+ free(str);
+ return 0;
+ }
+ free(str);
+ }
+ return 1;
+}
+
+void autr_write_file(struct module_env* env, struct trust_anchor* tp)
+{
+ FILE* out;
+ char* fname = tp->autr->file;
+ char tempf[2048];
+ log_assert(tp->autr);
+ if(!env) {
+ log_err("autr_write_file: Module environment is NULL.");
+ return;
+ }
+ /* unique name with pid number and thread number */
+ snprintf(tempf, sizeof(tempf), "%s.%d-%d", fname, (int)getpid(),
+ env->worker?*(int*)env->worker:0);
+ verbose(VERB_ALGO, "autotrust: write to disk: %s", tempf);
+ out = fopen(tempf, "w");
+ if(!out) {
+ log_err("could not open autotrust file for writing, %s: %s",
+ tempf, strerror(errno));
+ return;
+ }
+ if(!autr_write_contents(out, tempf, tp)) {
+ /* failed to write contents (completely) */
+ fclose(out);
+ unlink(tempf);
+ log_err("could not completely write: %s", fname);
+ return;
+ }
+ if(fclose(out) != 0) {
+ log_err("could not complete write: %s: %s",
+ fname, strerror(errno));
+ unlink(tempf);
+ return;
+ }
+ /* success; overwrite actual file */
+ verbose(VERB_ALGO, "autotrust: replaced %s", fname);
+#ifdef UB_ON_WINDOWS
+ (void)unlink(fname); /* windows does not replace file with rename() */
+#endif
+ if(rename(tempf, fname) < 0) {
+ log_err("rename(%s to %s): %s", tempf, fname, strerror(errno));
+ }
+}
+
+/**
+ * Verify if dnskey works for trust point
+ * @param env: environment (with time) for verification
+ * @param ve: validator environment (with options) for verification.
+ * @param tp: trust point to verify with
+ * @param rrset: DNSKEY rrset to verify.
+ * @return false on failure, true if verification successful.
+ */
+static int
+verify_dnskey(struct module_env* env, struct val_env* ve,
+ struct trust_anchor* tp, struct ub_packed_rrset_key* rrset)
+{
+ char* reason = NULL;
+ uint8_t sigalg[ALGO_NEEDS_MAX+1];
+ int downprot = 1;
+ enum sec_status sec = val_verify_DNSKEY_with_TA(env, ve, rrset,
+ tp->ds_rrset, tp->dnskey_rrset, downprot?sigalg:NULL, &reason);
+ /* sigalg is ignored, it returns algorithms signalled to exist, but
+ * in 5011 there are no other rrsets to check. if downprot is
+ * enabled, then it checks that the DNSKEY is signed with all
+ * algorithms available in the trust store. */
+ verbose(VERB_ALGO, "autotrust: validate DNSKEY with anchor: %s",
+ sec_status_to_string(sec));
+ return sec == sec_status_secure;
+}
+
+static int32_t
+rrsig_get_expiry(uint8_t* d, size_t len)
+{
+ /* rrsig: 2(rdlen), 2(type) 1(alg) 1(v) 4(origttl), then 4(expi), (4)incep) */
+ if(len < 2+8+4)
+ return 0;
+ return sldns_read_uint32(d+2+8);
+}
+
+/** Find minimum expiration interval from signatures */
+static time_t
+min_expiry(struct module_env* env, struct packed_rrset_data* dd)
+{
+ size_t i;
+ int32_t t, r = 15 * 24 * 3600; /* 15 days max */
+ for(i=dd->count; i<dd->count+dd->rrsig_count; i++) {
+ t = rrsig_get_expiry(dd->rr_data[i], dd->rr_len[i]);
+ if((int32_t)t - (int32_t)*env->now > 0) {
+ t -= (int32_t)*env->now;
+ if(t < r)
+ r = t;
+ }
+ }
+ return (time_t)r;
+}
+
+/** Is rr self-signed revoked key */
+static int
+rr_is_selfsigned_revoked(struct module_env* env, struct val_env* ve,
+ struct ub_packed_rrset_key* dnskey_rrset, size_t i)
+{
+ enum sec_status sec;
+ char* reason = NULL;
+ verbose(VERB_ALGO, "seen REVOKE flag, check self-signed, rr %d",
+ (int)i);
+ /* no algorithm downgrade protection necessary, if it is selfsigned
+ * revoked it can be removed. */
+ sec = dnskey_verify_rrset(env, ve, dnskey_rrset, dnskey_rrset, i,
+ &reason);
+ return (sec == sec_status_secure);
+}
+
+/** Set fetched value */
+static void
+seen_trustanchor(struct autr_ta* ta, uint8_t seen)
+{
+ ta->fetched = seen;
+ if(ta->pending_count < 250) /* no numerical overflow, please */
+ ta->pending_count++;
+}
+
+/** set revoked value */
+static void
+seen_revoked_trustanchor(struct autr_ta* ta, uint8_t revoked)
+{
+ ta->revoked = revoked;
+}
+
+/** revoke a trust anchor */
+static void
+revoke_dnskey(struct autr_ta* ta, int off)
+{
+ uint16_t flags;
+ uint8_t* data;
+ if(sldns_wirerr_get_type(ta->rr, ta->rr_len, ta->dname_len) !=
+ LDNS_RR_TYPE_DNSKEY)
+ return;
+ if(sldns_wirerr_get_rdatalen(ta->rr, ta->rr_len, ta->dname_len) < 2)
+ return;
+ data = sldns_wirerr_get_rdata(ta->rr, ta->rr_len, ta->dname_len);
+ flags = sldns_read_uint16(data);
+ if (off && (flags&LDNS_KEY_REVOKE_KEY))
+ flags ^= LDNS_KEY_REVOKE_KEY; /* flip */
+ else
+ flags |= LDNS_KEY_REVOKE_KEY;
+ sldns_write_uint16(data, flags);
+}
+
+/** Compare two RRs skipping the REVOKED bit. Pass rdata(no len) */
+static int
+dnskey_compare_skip_revbit(uint8_t* a, size_t a_len, uint8_t* b, size_t b_len)
+{
+ size_t i;
+ if(a_len != b_len)
+ return -1;
+ /* compare RRs RDATA byte for byte. */
+ for(i = 0; i < a_len; i++)
+ {
+ uint8_t rdf1, rdf2;
+ rdf1 = a[i];
+ rdf2 = b[i];
+ if(i==1) {
+ /* this is the second part of the flags field */
+ rdf1 |= LDNS_KEY_REVOKE_KEY;
+ rdf2 |= LDNS_KEY_REVOKE_KEY;
+ }
+ if (rdf1 < rdf2) return -1;
+ else if (rdf1 > rdf2) return 1;
+ }
+ return 0;
+}
+
+
+/** compare trust anchor with rdata, 0 if equal. Pass rdata(no len) */
+static int
+ta_compare(struct autr_ta* a, uint16_t t, uint8_t* b, size_t b_len)
+{
+ if(!a) return -1;
+ else if(!b) return -1;
+ else if(sldns_wirerr_get_type(a->rr, a->rr_len, a->dname_len) != t)
+ return (int)sldns_wirerr_get_type(a->rr, a->rr_len,
+ a->dname_len) - (int)t;
+ else if(t == LDNS_RR_TYPE_DNSKEY) {
+ return dnskey_compare_skip_revbit(
+ sldns_wirerr_get_rdata(a->rr, a->rr_len, a->dname_len),
+ sldns_wirerr_get_rdatalen(a->rr, a->rr_len,
+ a->dname_len), b, b_len);
+ }
+ else if(t == LDNS_RR_TYPE_DS) {
+ if(sldns_wirerr_get_rdatalen(a->rr, a->rr_len, a->dname_len) !=
+ b_len)
+ return -1;
+ return memcmp(sldns_wirerr_get_rdata(a->rr,
+ a->rr_len, a->dname_len), b, b_len);
+ }
+ return -1;
+}
+
+/**
+ * Find key
+ * @param tp: to search in
+ * @param t: rr type of the rdata.
+ * @param rdata: to look for (no rdatalen in it)
+ * @param rdata_len: length of rdata
+ * @param result: returns NULL or the ta key looked for.
+ * @return false on malloc failure during search. if true examine result.
+ */
+static int
+find_key(struct trust_anchor* tp, uint16_t t, uint8_t* rdata, size_t rdata_len,
+ struct autr_ta** result)
+{
+ struct autr_ta* ta;
+ if(!tp || !rdata) {
+ *result = NULL;
+ return 0;
+ }
+ for(ta=tp->autr->keys; ta; ta=ta->next) {
+ if(ta_compare(ta, t, rdata, rdata_len) == 0) {
+ *result = ta;
+ return 1;
+ }
+ }
+ *result = NULL;
+ return 1;
+}
+
+/** add key and clone RR and tp already locked. rdata without rdlen. */
+static struct autr_ta*
+add_key(struct trust_anchor* tp, uint32_t ttl, uint8_t* rdata, size_t rdata_len)
+{
+ struct autr_ta* ta;
+ uint8_t* rr;
+ size_t rr_len, dname_len;
+ uint16_t rrtype = htons(LDNS_RR_TYPE_DNSKEY);
+ uint16_t rrclass = htons(LDNS_RR_CLASS_IN);
+ uint16_t rdlen = htons(rdata_len);
+ dname_len = tp->namelen;
+ ttl = htonl(ttl);
+ rr_len = dname_len + 10 /* type,class,ttl,rdatalen */ + rdata_len;
+ rr = (uint8_t*)malloc(rr_len);
+ if(!rr) return NULL;
+ memmove(rr, tp->name, tp->namelen);
+ memmove(rr+dname_len, &rrtype, 2);
+ memmove(rr+dname_len+2, &rrclass, 2);
+ memmove(rr+dname_len+4, &ttl, 4);
+ memmove(rr+dname_len+8, &rdlen, 2);
+ memmove(rr+dname_len+10, rdata, rdata_len);
+ ta = autr_ta_create(rr, rr_len, dname_len);
+ if(!ta) {
+ /* rr freed in autr_ta_create */
+ return NULL;
+ }
+ /* link in, tp already locked */
+ ta->next = tp->autr->keys;
+ tp->autr->keys = ta;
+ return ta;
+}
+
+/** get TTL from DNSKEY rrset */
+static time_t
+key_ttl(struct ub_packed_rrset_key* k)
+{
+ struct packed_rrset_data* d = (struct packed_rrset_data*)k->entry.data;
+ return d->ttl;
+}
+
+/** update the time values for the trustpoint */
+static void
+set_tp_times(struct trust_anchor* tp, time_t rrsig_exp_interval,
+ time_t origttl, int* changed)
+{
+ time_t x, qi = tp->autr->query_interval, rt = tp->autr->retry_time;
+
+ /* x = MIN(15days, ttl/2, expire/2) */
+ x = 15 * 24 * 3600;
+ if(origttl/2 < x)
+ x = origttl/2;
+ if(rrsig_exp_interval/2 < x)
+ x = rrsig_exp_interval/2;
+ /* MAX(1hr, x) */
+ if(x < 3600)
+ tp->autr->query_interval = 3600;
+ else tp->autr->query_interval = x;
+
+ /* x= MIN(1day, ttl/10, expire/10) */
+ x = 24 * 3600;
+ if(origttl/10 < x)
+ x = origttl/10;
+ if(rrsig_exp_interval/10 < x)
+ x = rrsig_exp_interval/10;
+ /* MAX(1hr, x) */
+ if(x < 3600)
+ tp->autr->retry_time = 3600;
+ else tp->autr->retry_time = x;
+
+ if(qi != tp->autr->query_interval || rt != tp->autr->retry_time) {
+ *changed = 1;
+ verbose(VERB_ALGO, "orig_ttl is %d", (int)origttl);
+ verbose(VERB_ALGO, "rrsig_exp_interval is %d",
+ (int)rrsig_exp_interval);
+ verbose(VERB_ALGO, "query_interval: %d, retry_time: %d",
+ (int)tp->autr->query_interval,
+ (int)tp->autr->retry_time);
+ }
+}
+
+/** init events to zero */
+static void
+init_events(struct trust_anchor* tp)
+{
+ struct autr_ta* ta;
+ for(ta=tp->autr->keys; ta; ta=ta->next) {
+ ta->fetched = 0;
+ }
+}
+
+/** check for revoked keys without trusting any other information */
+static void
+check_contains_revoked(struct module_env* env, struct val_env* ve,
+ struct trust_anchor* tp, struct ub_packed_rrset_key* dnskey_rrset,
+ int* changed)
+{
+ struct packed_rrset_data* dd = (struct packed_rrset_data*)
+ dnskey_rrset->entry.data;
+ size_t i;
+ log_assert(ntohs(dnskey_rrset->rk.type) == LDNS_RR_TYPE_DNSKEY);
+ for(i=0; i<dd->count; i++) {
+ struct autr_ta* ta = NULL;
+ if(!rr_is_dnskey_sep(ntohs(dnskey_rrset->rk.type),
+ dd->rr_data[i]+2, dd->rr_len[i]-2) ||
+ !rr_is_dnskey_revoked(ntohs(dnskey_rrset->rk.type),
+ dd->rr_data[i]+2, dd->rr_len[i]-2))
+ continue; /* not a revoked KSK */
+ if(!find_key(tp, ntohs(dnskey_rrset->rk.type),
+ dd->rr_data[i]+2, dd->rr_len[i]-2, &ta)) {
+ log_err("malloc failure");
+ continue; /* malloc fail in compare*/
+ }
+ if(!ta)
+ continue; /* key not found */
+ if(rr_is_selfsigned_revoked(env, ve, dnskey_rrset, i)) {
+ /* checked if there is an rrsig signed by this key. */
+ /* same keytag, but stored can be revoked already, so
+ * compare keytags, with +0 or +128(REVOKE flag) */
+ log_assert(dnskey_calc_keytag(dnskey_rrset, i)-128 ==
+ sldns_calc_keytag_raw(sldns_wirerr_get_rdata(
+ ta->rr, ta->rr_len, ta->dname_len),
+ sldns_wirerr_get_rdatalen(ta->rr, ta->rr_len,
+ ta->dname_len)) ||
+ dnskey_calc_keytag(dnskey_rrset, i) ==
+ sldns_calc_keytag_raw(sldns_wirerr_get_rdata(
+ ta->rr, ta->rr_len, ta->dname_len),
+ sldns_wirerr_get_rdatalen(ta->rr, ta->rr_len,
+ ta->dname_len))); /* checks conversion*/
+ verbose_key(ta, VERB_ALGO, "is self-signed revoked");
+ if(!ta->revoked)
+ *changed = 1;
+ seen_revoked_trustanchor(ta, 1);
+ do_revoked(env, ta, changed);
+ }
+ }
+}
+
+/** See if a DNSKEY is verified by one of the DSes */
+static int
+key_matches_a_ds(struct module_env* env, struct val_env* ve,
+ struct ub_packed_rrset_key* dnskey_rrset, size_t key_idx,
+ struct ub_packed_rrset_key* ds_rrset)
+{
+ struct packed_rrset_data* dd = (struct packed_rrset_data*)
+ ds_rrset->entry.data;
+ size_t ds_idx, num = dd->count;
+ int d = val_favorite_ds_algo(ds_rrset);
+ char* reason = "";
+ for(ds_idx=0; ds_idx<num; ds_idx++) {
+ if(!ds_digest_algo_is_supported(ds_rrset, ds_idx) ||
+ !ds_key_algo_is_supported(ds_rrset, ds_idx) ||
+ ds_get_digest_algo(ds_rrset, ds_idx) != d)
+ continue;
+ if(ds_get_key_algo(ds_rrset, ds_idx)
+ != dnskey_get_algo(dnskey_rrset, key_idx)
+ || dnskey_calc_keytag(dnskey_rrset, key_idx)
+ != ds_get_keytag(ds_rrset, ds_idx)) {
+ continue;
+ }
+ if(!ds_digest_match_dnskey(env, dnskey_rrset, key_idx,
+ ds_rrset, ds_idx)) {
+ verbose(VERB_ALGO, "DS match attempt failed");
+ continue;
+ }
+ if(dnskey_verify_rrset(env, ve, dnskey_rrset,
+ dnskey_rrset, key_idx, &reason) == sec_status_secure) {
+ return 1;
+ } else {
+ verbose(VERB_ALGO, "DS match failed because the key "
+ "does not verify the keyset: %s", reason);
+ }
+ }
+ return 0;
+}
+
+/** Set update events */
+static int
+update_events(struct module_env* env, struct val_env* ve,
+ struct trust_anchor* tp, struct ub_packed_rrset_key* dnskey_rrset,
+ int* changed)
+{
+ struct packed_rrset_data* dd = (struct packed_rrset_data*)
+ dnskey_rrset->entry.data;
+ size_t i;
+ log_assert(ntohs(dnskey_rrset->rk.type) == LDNS_RR_TYPE_DNSKEY);
+ init_events(tp);
+ for(i=0; i<dd->count; i++) {
+ struct autr_ta* ta = NULL;
+ if(!rr_is_dnskey_sep(ntohs(dnskey_rrset->rk.type),
+ dd->rr_data[i]+2, dd->rr_len[i]-2))
+ continue;
+ if(rr_is_dnskey_revoked(ntohs(dnskey_rrset->rk.type),
+ dd->rr_data[i]+2, dd->rr_len[i]-2)) {
+ /* self-signed revoked keys already detected before,
+ * other revoked keys are not 'added' again */
+ continue;
+ }
+ /* is a key of this type supported?. Note rr_list and
+ * packed_rrset are in the same order. */
+ if(!dnskey_algo_is_supported(dnskey_rrset, i)) {
+ /* skip unknown algorithm key, it is useless to us */
+ log_nametypeclass(VERB_DETAIL, "trust point has "
+ "unsupported algorithm at",
+ tp->name, LDNS_RR_TYPE_DNSKEY, tp->dclass);
+ continue;
+ }
+
+ /* is it new? if revocation bit set, find the unrevoked key */
+ if(!find_key(tp, ntohs(dnskey_rrset->rk.type),
+ dd->rr_data[i]+2, dd->rr_len[i]-2, &ta)) {
+ return 0;
+ }
+ if(!ta) {
+ ta = add_key(tp, (uint32_t)dd->rr_ttl[i],
+ dd->rr_data[i]+2, dd->rr_len[i]-2);
+ *changed = 1;
+ /* first time seen, do we have DSes? if match: VALID */
+ if(ta && tp->ds_rrset && key_matches_a_ds(env, ve,
+ dnskey_rrset, i, tp->ds_rrset)) {
+ verbose_key(ta, VERB_ALGO, "verified by DS");
+ ta->s = AUTR_STATE_VALID;
+ }
+ }
+ if(!ta) {
+ return 0;
+ }
+ seen_trustanchor(ta, 1);
+ verbose_key(ta, VERB_ALGO, "in DNS response");
+ }
+ set_tp_times(tp, min_expiry(env, dd), key_ttl(dnskey_rrset), changed);
+ return 1;
+}
+
+/**
+ * Check if the holddown time has already exceeded
+ * setting: add-holddown: add holddown timer
+ * setting: del-holddown: del holddown timer
+ * @param env: environment with current time
+ * @param ta: trust anchor to check for.
+ * @param holddown: the timer value
+ * @return number of seconds the holddown has passed.
+ */
+static time_t
+check_holddown(struct module_env* env, struct autr_ta* ta,
+ unsigned int holddown)
+{
+ time_t elapsed;
+ if(*env->now < ta->last_change) {
+ log_warn("time goes backwards. delaying key holddown");
+ return 0;
+ }
+ elapsed = *env->now - ta->last_change;
+ if (elapsed > (time_t)holddown) {
+ return elapsed-(time_t)holddown;
+ }
+ verbose_key(ta, VERB_ALGO, "holddown time " ARG_LL "d seconds to go",
+ (long long) ((time_t)holddown-elapsed));
+ return 0;
+}
+
+
+/** Set last_change to now */
+static void
+reset_holddown(struct module_env* env, struct autr_ta* ta, int* changed)
+{
+ ta->last_change = *env->now;
+ *changed = 1;
+}
+
+/** Set the state for this trust anchor */
+static void
+set_trustanchor_state(struct module_env* env, struct autr_ta* ta, int* changed,
+ autr_state_t s)
+{
+ verbose_key(ta, VERB_ALGO, "update: %s to %s",
+ trustanchor_state2str(ta->s), trustanchor_state2str(s));
+ ta->s = s;
+ reset_holddown(env, ta, changed);
+}
+
+
+/** Event: NewKey */
+static void
+do_newkey(struct module_env* env, struct autr_ta* anchor, int* c)
+{
+ if (anchor->s == AUTR_STATE_START)
+ set_trustanchor_state(env, anchor, c, AUTR_STATE_ADDPEND);
+}
+
+/** Event: AddTime */
+static void
+do_addtime(struct module_env* env, struct autr_ta* anchor, int* c)
+{
+ /* This not according to RFC, this is 30 days, but the RFC demands
+ * MAX(30days, TTL expire time of first DNSKEY set with this key),
+ * The value may be too small if a very large TTL was used. */
+ time_t exceeded = check_holddown(env, anchor, env->cfg->add_holddown);
+ if (exceeded && anchor->s == AUTR_STATE_ADDPEND) {
+ verbose_key(anchor, VERB_ALGO, "add-holddown time exceeded "
+ ARG_LL "d seconds ago, and pending-count %d",
+ (long long)exceeded, anchor->pending_count);
+ if(anchor->pending_count >= MIN_PENDINGCOUNT) {
+ set_trustanchor_state(env, anchor, c, AUTR_STATE_VALID);
+ anchor->pending_count = 0;
+ return;
+ }
+ verbose_key(anchor, VERB_ALGO, "add-holddown time sanity check "
+ "failed (pending count: %d)", anchor->pending_count);
+ }
+}
+
+/** Event: RemTime */
+static void
+do_remtime(struct module_env* env, struct autr_ta* anchor, int* c)
+{
+ time_t exceeded = check_holddown(env, anchor, env->cfg->del_holddown);
+ if(exceeded && anchor->s == AUTR_STATE_REVOKED) {
+ verbose_key(anchor, VERB_ALGO, "del-holddown time exceeded "
+ ARG_LL "d seconds ago", (long long)exceeded);
+ set_trustanchor_state(env, anchor, c, AUTR_STATE_REMOVED);
+ }
+}
+
+/** Event: KeyRem */
+static void
+do_keyrem(struct module_env* env, struct autr_ta* anchor, int* c)
+{
+ if(anchor->s == AUTR_STATE_ADDPEND) {
+ set_trustanchor_state(env, anchor, c, AUTR_STATE_START);
+ anchor->pending_count = 0;
+ } else if(anchor->s == AUTR_STATE_VALID)
+ set_trustanchor_state(env, anchor, c, AUTR_STATE_MISSING);
+}
+
+/** Event: KeyPres */
+static void
+do_keypres(struct module_env* env, struct autr_ta* anchor, int* c)
+{
+ if(anchor->s == AUTR_STATE_MISSING)
+ set_trustanchor_state(env, anchor, c, AUTR_STATE_VALID);
+}
+
+/* Event: Revoked */
+static void
+do_revoked(struct module_env* env, struct autr_ta* anchor, int* c)
+{
+ if(anchor->s == AUTR_STATE_VALID || anchor->s == AUTR_STATE_MISSING) {
+ set_trustanchor_state(env, anchor, c, AUTR_STATE_REVOKED);
+ verbose_key(anchor, VERB_ALGO, "old id, prior to revocation");
+ revoke_dnskey(anchor, 0);
+ verbose_key(anchor, VERB_ALGO, "new id, after revocation");
+ }
+}
+
+/** Do statestable transition matrix for anchor */
+static void
+anchor_state_update(struct module_env* env, struct autr_ta* anchor, int* c)
+{
+ log_assert(anchor);
+ switch(anchor->s) {
+ /* START */
+ case AUTR_STATE_START:
+ /* NewKey: ADDPEND */
+ if (anchor->fetched)
+ do_newkey(env, anchor, c);
+ break;
+ /* ADDPEND */
+ case AUTR_STATE_ADDPEND:
+ /* KeyRem: START */
+ if (!anchor->fetched)
+ do_keyrem(env, anchor, c);
+ /* AddTime: VALID */
+ else do_addtime(env, anchor, c);
+ break;
+ /* VALID */
+ case AUTR_STATE_VALID:
+ /* RevBit: REVOKED */
+ if (anchor->revoked)
+ do_revoked(env, anchor, c);
+ /* KeyRem: MISSING */
+ else if (!anchor->fetched)
+ do_keyrem(env, anchor, c);
+ else if(!anchor->last_change) {
+ verbose_key(anchor, VERB_ALGO, "first seen");
+ reset_holddown(env, anchor, c);
+ }
+ break;
+ /* MISSING */
+ case AUTR_STATE_MISSING:
+ /* RevBit: REVOKED */
+ if (anchor->revoked)
+ do_revoked(env, anchor, c);
+ /* KeyPres */
+ else if (anchor->fetched)
+ do_keypres(env, anchor, c);
+ break;
+ /* REVOKED */
+ case AUTR_STATE_REVOKED:
+ if (anchor->fetched)
+ reset_holddown(env, anchor, c);
+ /* RemTime: REMOVED */
+ else do_remtime(env, anchor, c);
+ break;
+ /* REMOVED */
+ case AUTR_STATE_REMOVED:
+ default:
+ break;
+ }
+}
+
+/** if ZSK init then trust KSKs */
+static int
+init_zsk_to_ksk(struct module_env* env, struct trust_anchor* tp, int* changed)
+{
+ /* search for VALID ZSKs */
+ struct autr_ta* anchor;
+ int validzsk = 0;
+ int validksk = 0;
+ for(anchor = tp->autr->keys; anchor; anchor = anchor->next) {
+ /* last_change test makes sure it was manually configured */
+ if(sldns_wirerr_get_type(anchor->rr, anchor->rr_len,
+ anchor->dname_len) == LDNS_RR_TYPE_DNSKEY &&
+ anchor->last_change == 0 &&
+ !ta_is_dnskey_sep(anchor) &&
+ anchor->s == AUTR_STATE_VALID)
+ validzsk++;
+ }
+ if(validzsk == 0)
+ return 0;
+ for(anchor = tp->autr->keys; anchor; anchor = anchor->next) {
+ if (ta_is_dnskey_sep(anchor) &&
+ anchor->s == AUTR_STATE_ADDPEND) {
+ verbose_key(anchor, VERB_ALGO, "trust KSK from "
+ "ZSK(config)");
+ set_trustanchor_state(env, anchor, changed,
+ AUTR_STATE_VALID);
+ validksk++;
+ }
+ }
+ return validksk;
+}
+
+/** Remove missing trustanchors so the list does not grow forever */
+static void
+remove_missing_trustanchors(struct module_env* env, struct trust_anchor* tp,
+ int* changed)
+{
+ struct autr_ta* anchor;
+ time_t exceeded;
+ int valid = 0;
+ /* see if we have anchors that are valid */
+ for(anchor = tp->autr->keys; anchor; anchor = anchor->next) {
+ /* Only do KSKs */
+ if (!ta_is_dnskey_sep(anchor))
+ continue;
+ if (anchor->s == AUTR_STATE_VALID)
+ valid++;
+ }
+ /* if there are no SEP Valid anchors, see if we started out with
+ * a ZSK (last-change=0) anchor, which is VALID and there are KSKs
+ * now that can be made valid. Do this immediately because there
+ * is no guarantee that the ZSKs get announced long enough. Usually
+ * this is immediately after init with a ZSK trusted, unless the domain
+ * was not advertising any KSKs at all. In which case we perfectly
+ * track the zero number of KSKs. */
+ if(valid == 0) {
+ valid = init_zsk_to_ksk(env, tp, changed);
+ if(valid == 0)
+ return;
+ }
+
+ for(anchor = tp->autr->keys; anchor; anchor = anchor->next) {
+ /* ignore ZSKs if newly added */
+ if(anchor->s == AUTR_STATE_START)
+ continue;
+ /* remove ZSKs if a KSK is present */
+ if (!ta_is_dnskey_sep(anchor)) {
+ if(valid > 0) {
+ verbose_key(anchor, VERB_ALGO, "remove ZSK "
+ "[%d key(s) VALID]", valid);
+ set_trustanchor_state(env, anchor, changed,
+ AUTR_STATE_REMOVED);
+ }
+ continue;
+ }
+ /* Only do MISSING keys */
+ if (anchor->s != AUTR_STATE_MISSING)
+ continue;
+ if(env->cfg->keep_missing == 0)
+ continue; /* keep forever */
+
+ exceeded = check_holddown(env, anchor, env->cfg->keep_missing);
+ /* If keep_missing has exceeded and we still have more than
+ * one valid KSK: remove missing trust anchor */
+ if (exceeded && valid > 0) {
+ verbose_key(anchor, VERB_ALGO, "keep-missing time "
+ "exceeded " ARG_LL "d seconds ago, [%d key(s) VALID]",
+ (long long)exceeded, valid);
+ set_trustanchor_state(env, anchor, changed,
+ AUTR_STATE_REMOVED);
+ }
+ }
+}
+
+/** Do the statetable from RFC5011 transition matrix */
+static int
+do_statetable(struct module_env* env, struct trust_anchor* tp, int* changed)
+{
+ struct autr_ta* anchor;
+ for(anchor = tp->autr->keys; anchor; anchor = anchor->next) {
+ /* Only do KSKs */
+ if(!ta_is_dnskey_sep(anchor))
+ continue;
+ anchor_state_update(env, anchor, changed);
+ }
+ remove_missing_trustanchors(env, tp, changed);
+ return 1;
+}
+
+/** See if time alone makes ADDPEND to VALID transition */
+static void
+autr_holddown_exceed(struct module_env* env, struct trust_anchor* tp, int* c)
+{
+ struct autr_ta* anchor;
+ for(anchor = tp->autr->keys; anchor; anchor = anchor->next) {
+ if(ta_is_dnskey_sep(anchor) &&
+ anchor->s == AUTR_STATE_ADDPEND)
+ do_addtime(env, anchor, c);
+ }
+}
+
+/** cleanup key list */
+static void
+autr_cleanup_keys(struct trust_anchor* tp)
+{
+ struct autr_ta* p, **prevp;
+ prevp = &tp->autr->keys;
+ p = tp->autr->keys;
+ while(p) {
+ /* do we want to remove this key? */
+ if(p->s == AUTR_STATE_START || p->s == AUTR_STATE_REMOVED ||
+ sldns_wirerr_get_type(p->rr, p->rr_len, p->dname_len)
+ != LDNS_RR_TYPE_DNSKEY) {
+ struct autr_ta* np = p->next;
+ /* remove */
+ free(p->rr);
+ free(p);
+ /* snip and go to next item */
+ *prevp = np;
+ p = np;
+ continue;
+ }
+ /* remove pending counts if no longer pending */
+ if(p->s != AUTR_STATE_ADDPEND)
+ p->pending_count = 0;
+ prevp = &p->next;
+ p = p->next;
+ }
+}
+
+/** calculate next probe time */
+static time_t
+calc_next_probe(struct module_env* env, time_t wait)
+{
+ /* make it random, 90-100% */
+ time_t rnd, rest;
+ if(wait < 3600)
+ wait = 3600;
+ rnd = wait/10;
+ rest = wait-rnd;
+ rnd = (time_t)ub_random_max(env->rnd, (long int)rnd);
+ return (time_t)(*env->now + rest + rnd);
+}
+
+/** what is first probe time (anchors must be locked) */
+static time_t
+wait_probe_time(struct val_anchors* anchors)
+{
+ rbnode_t* t = rbtree_first(&anchors->autr->probe);
+ if(t != RBTREE_NULL)
+ return ((struct trust_anchor*)t->key)->autr->next_probe_time;
+ return 0;
+}
+
+/** reset worker timer */
+static void
+reset_worker_timer(struct module_env* env)
+{
+ struct timeval tv;
+#ifndef S_SPLINT_S
+ time_t next = (time_t)wait_probe_time(env->anchors);
+ /* in case this is libunbound, no timer */
+ if(!env->probe_timer)
+ return;
+ if(next > *env->now)
+ tv.tv_sec = (time_t)(next - *env->now);
+ else tv.tv_sec = 0;
+#endif
+ tv.tv_usec = 0;
+ comm_timer_set(env->probe_timer, &tv);
+ verbose(VERB_ALGO, "scheduled next probe in " ARG_LL "d sec", (long long)tv.tv_sec);
+}
+
+/** set next probe for trust anchor */
+static int
+set_next_probe(struct module_env* env, struct trust_anchor* tp,
+ struct ub_packed_rrset_key* dnskey_rrset)
+{
+ struct trust_anchor key, *tp2;
+ time_t mold, mnew;
+ /* use memory allocated in rrset for temporary name storage */
+ key.node.key = &key;
+ key.name = dnskey_rrset->rk.dname;
+ key.namelen = dnskey_rrset->rk.dname_len;
+ key.namelabs = dname_count_labels(key.name);
+ key.dclass = tp->dclass;
+ lock_basic_unlock(&tp->lock);
+
+ /* fetch tp again and lock anchors, so that we can modify the trees */
+ lock_basic_lock(&env->anchors->lock);
+ tp2 = (struct trust_anchor*)rbtree_search(env->anchors->tree, &key);
+ if(!tp2) {
+ verbose(VERB_ALGO, "trustpoint was deleted in set_next_probe");
+ lock_basic_unlock(&env->anchors->lock);
+ return 0;
+ }
+ log_assert(tp == tp2);
+ lock_basic_lock(&tp->lock);
+
+ /* schedule */
+ mold = wait_probe_time(env->anchors);
+ (void)rbtree_delete(&env->anchors->autr->probe, tp);
+ tp->autr->next_probe_time = calc_next_probe(env,
+ tp->autr->query_interval);
+ (void)rbtree_insert(&env->anchors->autr->probe, &tp->autr->pnode);
+ mnew = wait_probe_time(env->anchors);
+
+ lock_basic_unlock(&env->anchors->lock);
+ verbose(VERB_ALGO, "next probe set in %d seconds",
+ (int)tp->autr->next_probe_time - (int)*env->now);
+ if(mold != mnew) {
+ reset_worker_timer(env);
+ }
+ return 1;
+}
+
+/** Revoke and Delete a trust point */
+static void
+autr_tp_remove(struct module_env* env, struct trust_anchor* tp,
+ struct ub_packed_rrset_key* dnskey_rrset)
+{
+ struct trust_anchor* del_tp;
+ struct trust_anchor key;
+ struct autr_point_data pd;
+ time_t mold, mnew;
+
+ log_nametypeclass(VERB_OPS, "trust point was revoked",
+ tp->name, LDNS_RR_TYPE_DNSKEY, tp->dclass);
+ tp->autr->revoked = 1;
+
+ /* use space allocated for dnskey_rrset to save name of anchor */
+ memset(&key, 0, sizeof(key));
+ memset(&pd, 0, sizeof(pd));
+ key.autr = &pd;
+ key.node.key = &key;
+ pd.pnode.key = &key;
+ pd.next_probe_time = tp->autr->next_probe_time;
+ key.name = dnskey_rrset->rk.dname;
+ key.namelen = tp->namelen;
+ key.namelabs = tp->namelabs;
+ key.dclass = tp->dclass;
+
+ /* unlock */
+ lock_basic_unlock(&tp->lock);
+
+ /* take from tree. It could be deleted by someone else,hence (void). */
+ lock_basic_lock(&env->anchors->lock);
+ del_tp = (struct trust_anchor*)rbtree_delete(env->anchors->tree, &key);
+ mold = wait_probe_time(env->anchors);
+ (void)rbtree_delete(&env->anchors->autr->probe, &key);
+ mnew = wait_probe_time(env->anchors);
+ anchors_init_parents_locked(env->anchors);
+ lock_basic_unlock(&env->anchors->lock);
+
+ /* if !del_tp then the trust point is no longer present in the tree,
+ * it was deleted by someone else, who will write the zonefile and
+ * clean up the structure */
+ if(del_tp) {
+ /* save on disk */
+ del_tp->autr->next_probe_time = 0; /* no more probing for it */
+ autr_write_file(env, del_tp);
+
+ /* delete */
+ autr_point_delete(del_tp);
+ }
+ if(mold != mnew) {
+ reset_worker_timer(env);
+ }
+}
+
+int autr_process_prime(struct module_env* env, struct val_env* ve,
+ struct trust_anchor* tp, struct ub_packed_rrset_key* dnskey_rrset)
+{
+ int changed = 0;
+ log_assert(tp && tp->autr);
+ /* autotrust update trust anchors */
+ /* the tp is locked, and stays locked unless it is deleted */
+
+ /* we could just catch the anchor here while another thread
+ * is busy deleting it. Just unlock and let the other do its job */
+ if(tp->autr->revoked) {
+ log_nametypeclass(VERB_ALGO, "autotrust not processed, "
+ "trust point revoked", tp->name,
+ LDNS_RR_TYPE_DNSKEY, tp->dclass);
+ lock_basic_unlock(&tp->lock);
+ return 0; /* it is revoked */
+ }
+
+ /* query_dnskeys(): */
+ tp->autr->last_queried = *env->now;
+
+ log_nametypeclass(VERB_ALGO, "autotrust process for",
+ tp->name, LDNS_RR_TYPE_DNSKEY, tp->dclass);
+ /* see if time alone makes some keys valid */
+ autr_holddown_exceed(env, tp, &changed);
+ if(changed) {
+ verbose(VERB_ALGO, "autotrust: morekeys, reassemble");
+ if(!autr_assemble(tp)) {
+ log_err("malloc failure assembling autotrust keys");
+ return 1; /* unchanged */
+ }
+ }
+ /* did we get any data? */
+ if(!dnskey_rrset) {
+ verbose(VERB_ALGO, "autotrust: no dnskey rrset");
+ /* no update of query_failed, because then we would have
+ * to write to disk. But we cannot because we maybe are
+ * still 'initialising' with DS records, that we cannot write
+ * in the full format (which only contains KSKs). */
+ return 1; /* trust point exists */
+ }
+ /* check for revoked keys to remove immediately */
+ check_contains_revoked(env, ve, tp, dnskey_rrset, &changed);
+ if(changed) {
+ verbose(VERB_ALGO, "autotrust: revokedkeys, reassemble");
+ if(!autr_assemble(tp)) {
+ log_err("malloc failure assembling autotrust keys");
+ return 1; /* unchanged */
+ }
+ if(!tp->ds_rrset && !tp->dnskey_rrset) {
+ /* no more keys, all are revoked */
+ /* this is a success for this probe attempt */
+ tp->autr->last_success = *env->now;
+ autr_tp_remove(env, tp, dnskey_rrset);
+ return 0; /* trust point removed */
+ }
+ }
+ /* verify the dnskey rrset and see if it is valid. */
+ if(!verify_dnskey(env, ve, tp, dnskey_rrset)) {
+ verbose(VERB_ALGO, "autotrust: dnskey did not verify.");
+ /* only increase failure count if this is not the first prime,
+ * this means there was a previous succesful probe */
+ if(tp->autr->last_success) {
+ tp->autr->query_failed += 1;
+ autr_write_file(env, tp);
+ }
+ return 1; /* trust point exists */
+ }
+
+ tp->autr->last_success = *env->now;
+ tp->autr->query_failed = 0;
+
+ /* Add new trust anchors to the data structure
+ * - note which trust anchors are seen this probe.
+ * Set trustpoint query_interval and retry_time.
+ * - find minimum rrsig expiration interval
+ */
+ if(!update_events(env, ve, tp, dnskey_rrset, &changed)) {
+ log_err("malloc failure in autotrust update_events. "
+ "trust point unchanged.");
+ return 1; /* trust point unchanged, so exists */
+ }
+
+ /* - for every SEP key do the 5011 statetable.
+ * - remove missing trustanchors (if veryold and we have new anchors).
+ */
+ if(!do_statetable(env, tp, &changed)) {
+ log_err("malloc failure in autotrust do_statetable. "
+ "trust point unchanged.");
+ return 1; /* trust point unchanged, so exists */
+ }
+
+ autr_cleanup_keys(tp);
+ if(!set_next_probe(env, tp, dnskey_rrset))
+ return 0; /* trust point does not exist */
+ autr_write_file(env, tp);
+ if(changed) {
+ verbose(VERB_ALGO, "autotrust: changed, reassemble");
+ if(!autr_assemble(tp)) {
+ log_err("malloc failure assembling autotrust keys");
+ return 1; /* unchanged */
+ }
+ if(!tp->ds_rrset && !tp->dnskey_rrset) {
+ /* no more keys, all are revoked */
+ autr_tp_remove(env, tp, dnskey_rrset);
+ return 0; /* trust point removed */
+ }
+ } else verbose(VERB_ALGO, "autotrust: no changes");
+
+ return 1; /* trust point exists */
+}
+
+/** debug print a trust anchor key */
+static void
+autr_debug_print_ta(struct autr_ta* ta)
+{
+ char buf[32];
+ char* str = sldns_wire2str_rr(ta->rr, ta->rr_len);
+ if(!str) {
+ log_info("out of memory in debug_print_ta");
+ return;
+ }
+ if(str && str[0]) str[strlen(str)-1]=0; /* remove newline */
+ ctime_r(&ta->last_change, buf);
+ if(buf[0]) buf[strlen(buf)-1]=0; /* remove newline */
+ log_info("[%s] %s ;;state:%d ;;pending_count:%d%s%s last:%s",
+ trustanchor_state2str(ta->s), str, ta->s, ta->pending_count,
+ ta->fetched?" fetched":"", ta->revoked?" revoked":"", buf);
+ free(str);
+}
+
+/** debug print a trust point */
+static void
+autr_debug_print_tp(struct trust_anchor* tp)
+{
+ struct autr_ta* ta;
+ char buf[257];
+ if(!tp->autr)
+ return;
+ dname_str(tp->name, buf);
+ log_info("trust point %s : %d", buf, (int)tp->dclass);
+ log_info("assembled %d DS and %d DNSKEYs",
+ (int)tp->numDS, (int)tp->numDNSKEY);
+ if(tp->ds_rrset) {
+ log_packed_rrset(0, "DS:", tp->ds_rrset);
+ }
+ if(tp->dnskey_rrset) {
+ log_packed_rrset(0, "DNSKEY:", tp->dnskey_rrset);
+ }
+ log_info("file %s", tp->autr->file);
+ ctime_r(&tp->autr->last_queried, buf);
+ if(buf[0]) buf[strlen(buf)-1]=0; /* remove newline */
+ log_info("last_queried: %u %s", (unsigned)tp->autr->last_queried, buf);
+ ctime_r(&tp->autr->last_success, buf);
+ if(buf[0]) buf[strlen(buf)-1]=0; /* remove newline */
+ log_info("last_success: %u %s", (unsigned)tp->autr->last_success, buf);
+ ctime_r(&tp->autr->next_probe_time, buf);
+ if(buf[0]) buf[strlen(buf)-1]=0; /* remove newline */
+ log_info("next_probe_time: %u %s", (unsigned)tp->autr->next_probe_time,
+ buf);
+ log_info("query_interval: %u", (unsigned)tp->autr->query_interval);
+ log_info("retry_time: %u", (unsigned)tp->autr->retry_time);
+ log_info("query_failed: %u", (unsigned)tp->autr->query_failed);
+
+ for(ta=tp->autr->keys; ta; ta=ta->next) {
+ autr_debug_print_ta(ta);
+ }
+}
+
+void
+autr_debug_print(struct val_anchors* anchors)
+{
+ struct trust_anchor* tp;
+ lock_basic_lock(&anchors->lock);
+ RBTREE_FOR(tp, struct trust_anchor*, anchors->tree) {
+ lock_basic_lock(&tp->lock);
+ autr_debug_print_tp(tp);
+ lock_basic_unlock(&tp->lock);
+ }
+ lock_basic_unlock(&anchors->lock);
+}
+
+void probe_answer_cb(void* arg, int ATTR_UNUSED(rcode),
+ sldns_buffer* ATTR_UNUSED(buf), enum sec_status ATTR_UNUSED(sec),
+ char* ATTR_UNUSED(why_bogus))
+{
+ /* retry was set before the query was done,
+ * re-querytime is set when query succeeded, but that may not
+ * have reset this timer because the query could have been
+ * handled by another thread. In that case, this callback would
+ * get called after the original timeout is done.
+ * By not resetting the timer, it may probe more often, but not
+ * less often.
+ * Unless the new lookup resulted in smaller TTLs and thus smaller
+ * timeout values. In that case one old TTL could be mistakenly done.
+ */
+ struct module_env* env = (struct module_env*)arg;
+ verbose(VERB_ALGO, "autotrust probe answer cb");
+ reset_worker_timer(env);
+}
+
+/** probe a trust anchor DNSKEY and unlocks tp */
+static void
+probe_anchor(struct module_env* env, struct trust_anchor* tp)
+{
+ struct query_info qinfo;
+ uint16_t qflags = BIT_RD;
+ struct edns_data edns;
+ sldns_buffer* buf = env->scratch_buffer;
+ qinfo.qname = regional_alloc_init(env->scratch, tp->name, tp->namelen);
+ if(!qinfo.qname) {
+ log_err("out of memory making 5011 probe");
+ return;
+ }
+ qinfo.qname_len = tp->namelen;
+ qinfo.qtype = LDNS_RR_TYPE_DNSKEY;
+ qinfo.qclass = tp->dclass;
+ log_query_info(VERB_ALGO, "autotrust probe", &qinfo);
+ verbose(VERB_ALGO, "retry probe set in %d seconds",
+ (int)tp->autr->next_probe_time - (int)*env->now);
+ edns.edns_present = 1;
+ edns.ext_rcode = 0;
+ edns.edns_version = 0;
+ edns.bits = EDNS_DO;
+ if(sldns_buffer_capacity(buf) < 65535)
+ edns.udp_size = (uint16_t)sldns_buffer_capacity(buf);
+ else edns.udp_size = 65535;
+
+ /* can't hold the lock while mesh_run is processing */
+ lock_basic_unlock(&tp->lock);
+
+ /* delete the DNSKEY from rrset and key cache so an active probe
+ * is done. First the rrset so another thread does not use it
+ * to recreate the key entry in a race condition. */
+ rrset_cache_remove(env->rrset_cache, qinfo.qname, qinfo.qname_len,
+ qinfo.qtype, qinfo.qclass, 0);
+ key_cache_remove(env->key_cache, qinfo.qname, qinfo.qname_len,
+ qinfo.qclass);
+
+ if(!mesh_new_callback(env->mesh, &qinfo, qflags, &edns, buf, 0,
+ &probe_answer_cb, env)) {
+ log_err("out of memory making 5011 probe");
+ }
+}
+
+/** fetch first to-probe trust-anchor and lock it and set retrytime */
+static struct trust_anchor*
+todo_probe(struct module_env* env, time_t* next)
+{
+ struct trust_anchor* tp;
+ rbnode_t* el;
+ /* get first one */
+ lock_basic_lock(&env->anchors->lock);
+ if( (el=rbtree_first(&env->anchors->autr->probe)) == RBTREE_NULL) {
+ /* in case of revoked anchors */
+ lock_basic_unlock(&env->anchors->lock);
+ return NULL;
+ }
+ tp = (struct trust_anchor*)el->key;
+ lock_basic_lock(&tp->lock);
+
+ /* is it eligible? */
+ if((time_t)tp->autr->next_probe_time > *env->now) {
+ /* no more to probe */
+ *next = (time_t)tp->autr->next_probe_time - *env->now;
+ lock_basic_unlock(&tp->lock);
+ lock_basic_unlock(&env->anchors->lock);
+ return NULL;
+ }
+
+ /* reset its next probe time */
+ (void)rbtree_delete(&env->anchors->autr->probe, tp);
+ tp->autr->next_probe_time = calc_next_probe(env, tp->autr->retry_time);
+ (void)rbtree_insert(&env->anchors->autr->probe, &tp->autr->pnode);
+ lock_basic_unlock(&env->anchors->lock);
+
+ return tp;
+}
+
+time_t
+autr_probe_timer(struct module_env* env)
+{
+ struct trust_anchor* tp;
+ time_t next_probe = 3600;
+ int num = 0;
+ verbose(VERB_ALGO, "autotrust probe timer callback");
+ /* while there are still anchors to probe */
+ while( (tp = todo_probe(env, &next_probe)) ) {
+ /* make a probe for this anchor */
+ probe_anchor(env, tp);
+ num++;
+ }
+ regional_free_all(env->scratch);
+ if(num == 0)
+ return 0; /* no trust points to probe */
+ verbose(VERB_ALGO, "autotrust probe timer %d callbacks done", num);
+ return next_probe;
+}
diff --git a/external/unbound/validator/autotrust.h b/external/unbound/validator/autotrust.h
new file mode 100644
index 000000000..ae61f8a87
--- /dev/null
+++ b/external/unbound/validator/autotrust.h
@@ -0,0 +1,208 @@
+/*
+ * validator/autotrust.h - RFC5011 trust anchor management for unbound.
+ *
+ * Copyright (c) 2009, NLnet Labs. All rights reserved.
+ *
+ * This software is open source.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of the NLNET LABS nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/**
+ * \file
+ *
+ * Contains autotrust definitions.
+ */
+
+#ifndef VALIDATOR_AUTOTRUST_H
+#define VALIDATOR_AUTOTRUST_H
+#include "util/rbtree.h"
+#include "util/data/packed_rrset.h"
+struct val_anchors;
+struct trust_anchor;
+struct ub_packed_rrset_key;
+struct module_env;
+struct val_env;
+struct sldns_buffer;
+
+/** Autotrust anchor states */
+typedef enum {
+ AUTR_STATE_START = 0,
+ AUTR_STATE_ADDPEND = 1,
+ AUTR_STATE_VALID = 2,
+ AUTR_STATE_MISSING = 3,
+ AUTR_STATE_REVOKED = 4,
+ AUTR_STATE_REMOVED = 5
+} autr_state_t;
+
+/**
+ * Autotrust metadata for one trust anchor key.
+ */
+struct autr_ta {
+ /** next key */
+ struct autr_ta* next;
+ /** the RR */
+ uint8_t* rr;
+ /** length of rr */
+ size_t rr_len, dname_len;
+ /** last update of key state (new pending count keeps date the same) */
+ time_t last_change;
+ /** 5011 state */
+ autr_state_t s;
+ /** pending count */
+ uint8_t pending_count;
+ /** fresh TA was seen */
+ uint8_t fetched;
+ /** revoked TA was seen */
+ uint8_t revoked;
+};
+
+/**
+ * Autotrust metadata for a trust point.
+ * This is part of the struct trust_anchor data.
+ */
+struct autr_point_data {
+ /** file to store the trust point in. chrootdir already applied. */
+ char* file;
+ /** rbtree node for probe sort, key is struct trust_anchor */
+ rbnode_t pnode;
+
+ /** the keys */
+ struct autr_ta* keys;
+
+ /** last queried DNSKEY set
+ * Not all failures are captured in this entry.
+ * If the validator did not even start (e.g. timeout or localservfail),
+ * then the last_queried and query_failed values are not updated.
+ */
+ time_t last_queried;
+ /** last successful DNSKEY set */
+ time_t last_success;
+ /** next probe time */
+ time_t next_probe_time;
+
+ /** when to query if !failed */
+ time_t query_interval;
+ /** when to retry if failed */
+ time_t retry_time;
+
+ /**
+ * How many times did it fail. diagnostic only (has no effect).
+ * Only updated if there was a dnskey rrset that failed to verify.
+ */
+ uint8_t query_failed;
+ /** true if the trust point has been revoked */
+ uint8_t revoked;
+};
+
+/**
+ * Autotrust global metadata.
+ */
+struct autr_global_data {
+ /** rbtree of autotrust anchors sorted by next probe time.
+ * When time is equal, sorted by anchor class, name. */
+ rbtree_t probe;
+};
+
+/**
+ * Create new global 5011 data structure.
+ * @return new structure or NULL on malloc failure.
+ */
+struct autr_global_data* autr_global_create(void);
+
+/**
+ * Delete global 5011 data structure.
+ * @param global: global autotrust state to delete.
+ */
+void autr_global_delete(struct autr_global_data* global);
+
+/**
+ * See if autotrust anchors are configured and how many.
+ * @param anchors: the trust anchors structure.
+ * @return number of autotrust trust anchors
+ */
+size_t autr_get_num_anchors(struct val_anchors* anchors);
+
+/**
+ * Process probe timer. Add new probes if needed.
+ * @param env: module environment with time, with anchors and with the mesh.
+ * @return time of next probe (in seconds from now).
+ * If 0, then there is no next probe anymore (trust points deleted).
+ */
+time_t autr_probe_timer(struct module_env* env);
+
+/** probe tree compare function */
+int probetree_cmp(const void* x, const void* y);
+
+/**
+ * Read autotrust file.
+ * @param anchors: the anchors structure.
+ * @param nm: name of the file (copied).
+ * @return false on failure.
+ */
+int autr_read_file(struct val_anchors* anchors, const char* nm);
+
+/**
+ * Write autotrust file.
+ * @param env: environment with scratch space.
+ * @param tp: trust point to write.
+ */
+void autr_write_file(struct module_env* env, struct trust_anchor* tp);
+
+/**
+ * Delete autr anchor, deletes the autr data but does not do
+ * unlinking from trees, caller does that.
+ * @param tp: trust point to delete.
+ */
+void autr_point_delete(struct trust_anchor* tp);
+
+/**
+ * Perform autotrust processing.
+ * @param env: qstate environment with the anchors structure.
+ * @param ve: validator environment for verification of rrsigs.
+ * @param tp: trust anchor to process.
+ * @param dnskey_rrset: DNSKEY rrset probed (can be NULL if bad prime result).
+ * allocated in a region. Has not been validated yet.
+ * @return false if trust anchor was revoked completely.
+ * Otherwise logs errors to log, does not change return value.
+ * On errors, likely the trust point has been unchanged.
+ */
+int autr_process_prime(struct module_env* env, struct val_env* ve,
+ struct trust_anchor* tp, struct ub_packed_rrset_key* dnskey_rrset);
+
+/**
+ * Debug printout of rfc5011 tracked anchors
+ * @param anchors: all the anchors.
+ */
+void autr_debug_print(struct val_anchors* anchors);
+
+/** callback for query answer to 5011 probe */
+void probe_answer_cb(void* arg, int rcode, struct sldns_buffer* buf,
+ enum sec_status sec, char* errinf);
+
+#endif /* VALIDATOR_AUTOTRUST_H */
diff --git a/external/unbound/validator/val_anchor.c b/external/unbound/validator/val_anchor.c
new file mode 100644
index 000000000..a4adfe2d9
--- /dev/null
+++ b/external/unbound/validator/val_anchor.c
@@ -0,0 +1,1256 @@
+/*
+ * validator/val_anchor.c - validator trust anchor storage.
+ *
+ * Copyright (c) 2007, NLnet Labs. All rights reserved.
+ *
+ * This software is open source.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of the NLNET LABS nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/**
+ * \file
+ *
+ * This file contains storage for the trust anchors for the validator.
+ */
+#include "config.h"
+#include <ctype.h>
+#include "validator/val_anchor.h"
+#include "validator/val_sigcrypt.h"
+#include "validator/autotrust.h"
+#include "util/data/packed_rrset.h"
+#include "util/data/dname.h"
+#include "util/log.h"
+#include "util/net_help.h"
+#include "util/config_file.h"
+#include "ldns/sbuffer.h"
+#include "ldns/rrdef.h"
+#include "ldns/str2wire.h"
+#ifdef HAVE_GLOB_H
+#include <glob.h>
+#endif
+
+int
+anchor_cmp(const void* k1, const void* k2)
+{
+ int m;
+ struct trust_anchor* n1 = (struct trust_anchor*)k1;
+ struct trust_anchor* n2 = (struct trust_anchor*)k2;
+ /* no need to ntohs(class) because sort order is irrelevant */
+ if(n1->dclass != n2->dclass) {
+ if(n1->dclass < n2->dclass)
+ return -1;
+ return 1;
+ }
+ return dname_lab_cmp(n1->name, n1->namelabs, n2->name, n2->namelabs,
+ &m);
+}
+
+struct val_anchors*
+anchors_create(void)
+{
+ struct val_anchors* a = (struct val_anchors*)calloc(1, sizeof(*a));
+ if(!a)
+ return NULL;
+ a->tree = rbtree_create(anchor_cmp);
+ if(!a->tree) {
+ anchors_delete(a);
+ return NULL;
+ }
+ a->autr = autr_global_create();
+ if(!a->autr) {
+ anchors_delete(a);
+ return NULL;
+ }
+ lock_basic_init(&a->lock);
+ lock_protect(&a->lock, a, sizeof(*a));
+ lock_protect(&a->lock, a->autr, sizeof(*a->autr));
+ return a;
+}
+
+/** delete assembled rrset */
+static void
+assembled_rrset_delete(struct ub_packed_rrset_key* pkey)
+{
+ if(!pkey) return;
+ if(pkey->entry.data) {
+ struct packed_rrset_data* pd = (struct packed_rrset_data*)
+ pkey->entry.data;
+ free(pd->rr_data);
+ free(pd->rr_ttl);
+ free(pd->rr_len);
+ free(pd);
+ }
+ free(pkey->rk.dname);
+ free(pkey);
+}
+
+/** destroy locks in tree and delete autotrust anchors */
+static void
+anchors_delfunc(rbnode_t* elem, void* ATTR_UNUSED(arg))
+{
+ struct trust_anchor* ta = (struct trust_anchor*)elem;
+ if(!ta) return;
+ if(ta->autr) {
+ autr_point_delete(ta);
+ } else {
+ struct ta_key* p, *np;
+ lock_basic_destroy(&ta->lock);
+ free(ta->name);
+ p = ta->keylist;
+ while(p) {
+ np = p->next;
+ free(p->data);
+ free(p);
+ p = np;
+ }
+ assembled_rrset_delete(ta->ds_rrset);
+ assembled_rrset_delete(ta->dnskey_rrset);
+ free(ta);
+ }
+}
+
+void
+anchors_delete(struct val_anchors* anchors)
+{
+ if(!anchors)
+ return;
+ lock_unprotect(&anchors->lock, anchors->autr);
+ lock_unprotect(&anchors->lock, anchors);
+ lock_basic_destroy(&anchors->lock);
+ if(anchors->tree)
+ traverse_postorder(anchors->tree, anchors_delfunc, NULL);
+ free(anchors->tree);
+ autr_global_delete(anchors->autr);
+ free(anchors);
+}
+
+void
+anchors_init_parents_locked(struct val_anchors* anchors)
+{
+ struct trust_anchor* node, *prev = NULL, *p;
+ int m;
+ /* nobody else can grab locks because we hold the main lock.
+ * Thus the previous items, after unlocked, are not deleted */
+ RBTREE_FOR(node, struct trust_anchor*, anchors->tree) {
+ lock_basic_lock(&node->lock);
+ node->parent = NULL;
+ if(!prev || prev->dclass != node->dclass) {
+ prev = node;
+ lock_basic_unlock(&node->lock);
+ continue;
+ }
+ (void)dname_lab_cmp(prev->name, prev->namelabs, node->name,
+ node->namelabs, &m); /* we know prev is smaller */
+ /* sort order like: . com. bla.com. zwb.com. net. */
+ /* find the previous, or parent-parent-parent */
+ for(p = prev; p; p = p->parent)
+ /* looking for name with few labels, a parent */
+ if(p->namelabs <= m) {
+ /* ==: since prev matched m, this is closest*/
+ /* <: prev matches more, but is not a parent,
+ * this one is a (grand)parent */
+ node->parent = p;
+ break;
+ }
+ lock_basic_unlock(&node->lock);
+ prev = node;
+ }
+}
+
+/** initialise parent pointers in the tree */
+static void
+init_parents(struct val_anchors* anchors)
+{
+ lock_basic_lock(&anchors->lock);
+ anchors_init_parents_locked(anchors);
+ lock_basic_unlock(&anchors->lock);
+}
+
+struct trust_anchor*
+anchor_find(struct val_anchors* anchors, uint8_t* name, int namelabs,
+ size_t namelen, uint16_t dclass)
+{
+ struct trust_anchor key;
+ rbnode_t* n;
+ if(!name) return NULL;
+ key.node.key = &key;
+ key.name = name;
+ key.namelabs = namelabs;
+ key.namelen = namelen;
+ key.dclass = dclass;
+ lock_basic_lock(&anchors->lock);
+ n = rbtree_search(anchors->tree, &key);
+ if(n) {
+ lock_basic_lock(&((struct trust_anchor*)n->key)->lock);
+ }
+ lock_basic_unlock(&anchors->lock);
+ if(!n)
+ return NULL;
+ return (struct trust_anchor*)n->key;
+}
+
+/** create new trust anchor object */
+static struct trust_anchor*
+anchor_new_ta(struct val_anchors* anchors, uint8_t* name, int namelabs,
+ size_t namelen, uint16_t dclass, int lockit)
+{
+#ifdef UNBOUND_DEBUG
+ rbnode_t* r;
+#endif
+ struct trust_anchor* ta = (struct trust_anchor*)malloc(
+ sizeof(struct trust_anchor));
+ if(!ta)
+ return NULL;
+ memset(ta, 0, sizeof(*ta));
+ ta->node.key = ta;
+ ta->name = memdup(name, namelen);
+ if(!ta->name) {
+ free(ta);
+ return NULL;
+ }
+ ta->namelabs = namelabs;
+ ta->namelen = namelen;
+ ta->dclass = dclass;
+ lock_basic_init(&ta->lock);
+ if(lockit) {
+ lock_basic_lock(&anchors->lock);
+ }
+#ifdef UNBOUND_DEBUG
+ r =
+#else
+ (void)
+#endif
+ rbtree_insert(anchors->tree, &ta->node);
+ if(lockit) {
+ lock_basic_unlock(&anchors->lock);
+ }
+ log_assert(r != NULL);
+ return ta;
+}
+
+/** find trustanchor key by exact data match */
+static struct ta_key*
+anchor_find_key(struct trust_anchor* ta, uint8_t* rdata, size_t rdata_len,
+ uint16_t type)
+{
+ struct ta_key* k;
+ for(k = ta->keylist; k; k = k->next) {
+ if(k->type == type && k->len == rdata_len &&
+ memcmp(k->data, rdata, rdata_len) == 0)
+ return k;
+ }
+ return NULL;
+}
+
+/** create new trustanchor key */
+static struct ta_key*
+anchor_new_ta_key(uint8_t* rdata, size_t rdata_len, uint16_t type)
+{
+ struct ta_key* k = (struct ta_key*)malloc(sizeof(*k));
+ if(!k)
+ return NULL;
+ memset(k, 0, sizeof(*k));
+ k->data = memdup(rdata, rdata_len);
+ if(!k->data) {
+ free(k);
+ return NULL;
+ }
+ k->len = rdata_len;
+ k->type = type;
+ return k;
+}
+
+/**
+ * This routine adds a new RR to a trust anchor. The trust anchor may not
+ * exist yet, and is created if not. The RR can be DS or DNSKEY.
+ * This routine will also remove duplicates; storing them only once.
+ * @param anchors: anchor storage.
+ * @param name: name of trust anchor (wireformat)
+ * @param type: type or RR
+ * @param dclass: class of RR
+ * @param rdata: rdata wireformat, starting with rdlength.
+ * If NULL, nothing is stored, but an entry is created.
+ * @param rdata_len: length of rdata including rdlength.
+ * @return: NULL on error, else the trust anchor.
+ */
+static struct trust_anchor*
+anchor_store_new_key(struct val_anchors* anchors, uint8_t* name, uint16_t type,
+ uint16_t dclass, uint8_t* rdata, size_t rdata_len)
+{
+ struct ta_key* k;
+ struct trust_anchor* ta;
+ int namelabs;
+ size_t namelen;
+ namelabs = dname_count_size_labels(name, &namelen);
+ if(type != LDNS_RR_TYPE_DS && type != LDNS_RR_TYPE_DNSKEY) {
+ log_err("Bad type for trust anchor");
+ return 0;
+ }
+ /* lookup or create trustanchor */
+ ta = anchor_find(anchors, name, namelabs, namelen, dclass);
+ if(!ta) {
+ ta = anchor_new_ta(anchors, name, namelabs, namelen, dclass, 1);
+ if(!ta)
+ return NULL;
+ lock_basic_lock(&ta->lock);
+ }
+ if(!rdata) {
+ lock_basic_unlock(&ta->lock);
+ return ta;
+ }
+ /* look for duplicates */
+ if(anchor_find_key(ta, rdata, rdata_len, type)) {
+ lock_basic_unlock(&ta->lock);
+ return ta;
+ }
+ k = anchor_new_ta_key(rdata, rdata_len, type);
+ if(!k) {
+ lock_basic_unlock(&ta->lock);
+ return NULL;
+ }
+ /* add new key */
+ if(type == LDNS_RR_TYPE_DS)
+ ta->numDS++;
+ else ta->numDNSKEY++;
+ k->next = ta->keylist;
+ ta->keylist = k;
+ lock_basic_unlock(&ta->lock);
+ return ta;
+}
+
+/**
+ * Add new RR. It converts ldns RR to wire format.
+ * @param anchors: anchor storage.
+ * @param rr: the wirerr.
+ * @param rl: length of rr.
+ * @param dl: length of dname.
+ * @return NULL on error, else the trust anchor.
+ */
+static struct trust_anchor*
+anchor_store_new_rr(struct val_anchors* anchors, uint8_t* rr, size_t rl,
+ size_t dl)
+{
+ struct trust_anchor* ta;
+ if(!(ta=anchor_store_new_key(anchors, rr,
+ sldns_wirerr_get_type(rr, rl, dl),
+ sldns_wirerr_get_class(rr, rl, dl),
+ sldns_wirerr_get_rdatawl(rr, rl, dl),
+ sldns_wirerr_get_rdatalen(rr, rl, dl)+2))) {
+ return NULL;
+ }
+ log_nametypeclass(VERB_QUERY, "adding trusted key",
+ rr, sldns_wirerr_get_type(rr, rl, dl),
+ sldns_wirerr_get_class(rr, rl, dl));
+ return ta;
+}
+
+/**
+ * Insert insecure anchor
+ * @param anchors: anchor storage.
+ * @param str: the domain name.
+ * @return NULL on error, Else last trust anchor point
+ */
+static struct trust_anchor*
+anchor_insert_insecure(struct val_anchors* anchors, const char* str)
+{
+ struct trust_anchor* ta;
+ size_t dname_len = 0;
+ uint8_t* nm = sldns_str2wire_dname(str, &dname_len);
+ if(!nm) {
+ log_err("parse error in domain name '%s'", str);
+ return NULL;
+ }
+ ta = anchor_store_new_key(anchors, nm, LDNS_RR_TYPE_DS,
+ LDNS_RR_CLASS_IN, NULL, 0);
+ free(nm);
+ return ta;
+}
+
+struct trust_anchor*
+anchor_store_str(struct val_anchors* anchors, sldns_buffer* buffer,
+ const char* str)
+{
+ struct trust_anchor* ta;
+ uint8_t* rr = sldns_buffer_begin(buffer);
+ size_t len = sldns_buffer_capacity(buffer), dname_len = 0;
+ int status = sldns_str2wire_rr_buf(str, rr, &len, &dname_len,
+ 0, NULL, 0, NULL, 0);
+ if(status != 0) {
+ log_err("error parsing trust anchor %s: at %d: %s",
+ str, LDNS_WIREPARSE_OFFSET(status),
+ sldns_get_errorstr_parse(status));
+ return NULL;
+ }
+ if(!(ta=anchor_store_new_rr(anchors, rr, len, dname_len))) {
+ log_err("out of memory");
+ return NULL;
+ }
+ return ta;
+}
+
+/**
+ * Read a file with trust anchors
+ * @param anchors: anchor storage.
+ * @param buffer: parsing buffer.
+ * @param fname: string.
+ * @param onlyone: only one trust anchor allowed in file.
+ * @return NULL on error. Else last trust-anchor point.
+ */
+static struct trust_anchor*
+anchor_read_file(struct val_anchors* anchors, sldns_buffer* buffer,
+ const char* fname, int onlyone)
+{
+ struct trust_anchor* ta = NULL, *tanew;
+ struct sldns_file_parse_state pst;
+ int status;
+ size_t len, dname_len;
+ uint8_t* rr = sldns_buffer_begin(buffer);
+ int ok = 1;
+ FILE* in = fopen(fname, "r");
+ if(!in) {
+ log_err("error opening file %s: %s", fname, strerror(errno));
+ return 0;
+ }
+ memset(&pst, 0, sizeof(pst));
+ pst.default_ttl = 3600;
+ pst.lineno = 1;
+ while(!feof(in)) {
+ len = sldns_buffer_capacity(buffer);
+ dname_len = 0;
+ status = sldns_fp2wire_rr_buf(in, rr, &len, &dname_len, &pst);
+ if(len == 0) /* empty, $TTL, $ORIGIN */
+ continue;
+ if(status != 0) {
+ log_err("parse error in %s:%d:%d : %s", fname,
+ pst.lineno, LDNS_WIREPARSE_OFFSET(status),
+ sldns_get_errorstr_parse(status));
+ ok = 0;
+ break;
+ }
+ if(sldns_wirerr_get_type(rr, len, dname_len) !=
+ LDNS_RR_TYPE_DS && sldns_wirerr_get_type(rr, len,
+ dname_len) != LDNS_RR_TYPE_DNSKEY) {
+ continue;
+ }
+ if(!(tanew=anchor_store_new_rr(anchors, rr, len, dname_len))) {
+ log_err("mem error at %s line %d", fname, pst.lineno);
+ ok = 0;
+ break;
+ }
+ if(onlyone && ta && ta != tanew) {
+ log_err("error at %s line %d: no multiple anchor "
+ "domains allowed (you can have multiple "
+ "keys, but they must have the same name).",
+ fname, pst.lineno);
+ ok = 0;
+ break;
+ }
+ ta = tanew;
+ }
+ fclose(in);
+ if(!ok) return NULL;
+ /* empty file is OK when multiple anchors are allowed */
+ if(!onlyone && !ta) return (struct trust_anchor*)1;
+ return ta;
+}
+
+/** skip file to end of line */
+static void
+skip_to_eol(FILE* in)
+{
+ int c;
+ while((c = getc(in)) != EOF ) {
+ if(c == '\n')
+ return;
+ }
+}
+
+/** true for special characters in bind configs */
+static int
+is_bind_special(int c)
+{
+ switch(c) {
+ case '{':
+ case '}':
+ case '"':
+ case ';':
+ return 1;
+ }
+ return 0;
+}
+
+/**
+ * Read a keyword skipping bind comments; spaces, specials, restkeywords.
+ * The file is split into the following tokens:
+ * * special characters, on their own, rdlen=1, { } doublequote ;
+ * * whitespace becomes a single ' ' or tab. Newlines become spaces.
+ * * other words ('keywords')
+ * * comments are skipped if desired
+ * / / C++ style comment to end of line
+ * # to end of line
+ * / * C style comment * /
+ * @param in: file to read from.
+ * @param buf: buffer, what is read is stored after current buffer position.
+ * Space is left in the buffer to write a terminating 0.
+ * @param line: line number is increased per line, for error reports.
+ * @param comments: if 0, comments are not possible and become text.
+ * if 1, comments are skipped entirely.
+ * In BIND files, this is when reading quoted strings, for example
+ * " base 64 text with / / in there "
+ * @return the number of character written to the buffer.
+ * 0 on end of file.
+ */
+static int
+readkeyword_bindfile(FILE* in, sldns_buffer* buf, int* line, int comments)
+{
+ int c;
+ int numdone = 0;
+ while((c = getc(in)) != EOF ) {
+ if(comments && c == '#') { /* # blabla */
+ skip_to_eol(in);
+ (*line)++;
+ continue;
+ } else if(comments && c=='/' && numdone>0 && /* /_/ bla*/
+ sldns_buffer_read_u8_at(buf,
+ sldns_buffer_position(buf)-1) == '/') {
+ sldns_buffer_skip(buf, -1);
+ numdone--;
+ skip_to_eol(in);
+ (*line)++;
+ continue;
+ } else if(comments && c=='*' && numdone>0 && /* /_* bla *_/ */
+ sldns_buffer_read_u8_at(buf,
+ sldns_buffer_position(buf)-1) == '/') {
+ sldns_buffer_skip(buf, -1);
+ numdone--;
+ /* skip to end of comment */
+ while(c != EOF && (c=getc(in)) != EOF ) {
+ if(c == '*') {
+ if((c=getc(in)) == '/')
+ break;
+ }
+ if(c == '\n')
+ (*line)++;
+ }
+ continue;
+ }
+ /* not a comment, complete the keyword */
+ if(numdone > 0) {
+ /* check same type */
+ if(isspace(c)) {
+ ungetc(c, in);
+ return numdone;
+ }
+ if(is_bind_special(c)) {
+ ungetc(c, in);
+ return numdone;
+ }
+ }
+ if(c == '\n') {
+ c = ' ';
+ (*line)++;
+ }
+ /* space for 1 char + 0 string terminator */
+ if(sldns_buffer_remaining(buf) < 2) {
+ fatal_exit("trusted-keys, %d, string too long", *line);
+ }
+ sldns_buffer_write_u8(buf, (uint8_t)c);
+ numdone++;
+ if(isspace(c)) {
+ /* collate whitespace into ' ' */
+ while((c = getc(in)) != EOF ) {
+ if(c == '\n')
+ (*line)++;
+ if(!isspace(c)) {
+ ungetc(c, in);
+ break;
+ }
+ }
+ return numdone;
+ }
+ if(is_bind_special(c))
+ return numdone;
+ }
+ return numdone;
+}
+
+/** skip through file to { or ; */
+static int
+skip_to_special(FILE* in, sldns_buffer* buf, int* line, int spec)
+{
+ int rdlen;
+ sldns_buffer_clear(buf);
+ while((rdlen=readkeyword_bindfile(in, buf, line, 1))) {
+ if(rdlen == 1 && isspace((int)*sldns_buffer_begin(buf))) {
+ sldns_buffer_clear(buf);
+ continue;
+ }
+ if(rdlen != 1 || *sldns_buffer_begin(buf) != (uint8_t)spec) {
+ sldns_buffer_write_u8(buf, 0);
+ log_err("trusted-keys, line %d, expected %c",
+ *line, spec);
+ return 0;
+ }
+ return 1;
+ }
+ log_err("trusted-keys, line %d, expected %c got EOF", *line, spec);
+ return 0;
+}
+
+/**
+ * read contents of trusted-keys{ ... ; clauses and insert keys into storage.
+ * @param anchors: where to store keys
+ * @param buf: buffer to use
+ * @param line: line number in file
+ * @param in: file to read from.
+ * @return 0 on error.
+ */
+static int
+process_bind_contents(struct val_anchors* anchors, sldns_buffer* buf,
+ int* line, FILE* in)
+{
+ /* loop over contents, collate strings before ; */
+ /* contents is (numbered): 0 1 2 3 4 5 6 7 8 */
+ /* name. 257 3 5 base64 base64 */
+ /* quoted value: 0 "111" 0 0 0 0 0 0 0 */
+ /* comments value: 1 "000" 1 1 1 "0 0 0 0" 1 */
+ int contnum = 0;
+ int quoted = 0;
+ int comments = 1;
+ int rdlen;
+ char* str = 0;
+ sldns_buffer_clear(buf);
+ while((rdlen=readkeyword_bindfile(in, buf, line, comments))) {
+ if(rdlen == 1 && sldns_buffer_position(buf) == 1
+ && isspace((int)*sldns_buffer_begin(buf))) {
+ /* starting whitespace is removed */
+ sldns_buffer_clear(buf);
+ continue;
+ } else if(rdlen == 1 && sldns_buffer_current(buf)[-1] == '"') {
+ /* remove " from the string */
+ if(contnum == 0) {
+ quoted = 1;
+ comments = 0;
+ }
+ sldns_buffer_skip(buf, -1);
+ if(contnum > 0 && quoted) {
+ if(sldns_buffer_remaining(buf) < 8+1) {
+ log_err("line %d, too long", *line);
+ return 0;
+ }
+ sldns_buffer_write(buf, " DNSKEY ", 8);
+ quoted = 0;
+ comments = 1;
+ } else if(contnum > 0)
+ comments = !comments;
+ continue;
+ } else if(rdlen == 1 && sldns_buffer_current(buf)[-1] == ';') {
+
+ if(contnum < 5) {
+ sldns_buffer_write_u8(buf, 0);
+ log_err("line %d, bad key", *line);
+ return 0;
+ }
+ sldns_buffer_skip(buf, -1);
+ sldns_buffer_write_u8(buf, 0);
+ str = strdup((char*)sldns_buffer_begin(buf));
+ if(!str) {
+ log_err("line %d, allocation failure", *line);
+ return 0;
+ }
+ if(!anchor_store_str(anchors, buf, str)) {
+ log_err("line %d, bad key", *line);
+ free(str);
+ return 0;
+ }
+ free(str);
+ sldns_buffer_clear(buf);
+ contnum = 0;
+ quoted = 0;
+ comments = 1;
+ continue;
+ } else if(rdlen == 1 && sldns_buffer_current(buf)[-1] == '}') {
+ if(contnum > 0) {
+ sldns_buffer_write_u8(buf, 0);
+ log_err("line %d, bad key before }", *line);
+ return 0;
+ }
+ return 1;
+ } else if(rdlen == 1 &&
+ isspace((int)sldns_buffer_current(buf)[-1])) {
+ /* leave whitespace here */
+ } else {
+ /* not space or whatnot, so actual content */
+ contnum ++;
+ if(contnum == 1 && !quoted) {
+ if(sldns_buffer_remaining(buf) < 8+1) {
+ log_err("line %d, too long", *line);
+ return 0;
+ }
+ sldns_buffer_write(buf, " DNSKEY ", 8);
+ }
+ }
+ }
+
+ log_err("line %d, EOF before }", *line);
+ return 0;
+}
+
+/**
+ * Read a BIND9 like file with trust anchors in named.conf format.
+ * @param anchors: anchor storage.
+ * @param buffer: parsing buffer.
+ * @param fname: string.
+ * @return false on error.
+ */
+static int
+anchor_read_bind_file(struct val_anchors* anchors, sldns_buffer* buffer,
+ const char* fname)
+{
+ int line_nr = 1;
+ FILE* in = fopen(fname, "r");
+ int rdlen = 0;
+ if(!in) {
+ log_err("error opening file %s: %s", fname, strerror(errno));
+ return 0;
+ }
+ verbose(VERB_QUERY, "reading in bind-compat-mode: '%s'", fname);
+ /* scan for trusted-keys keyword, ignore everything else */
+ sldns_buffer_clear(buffer);
+ while((rdlen=readkeyword_bindfile(in, buffer, &line_nr, 1)) != 0) {
+ if(rdlen != 12 || strncmp((char*)sldns_buffer_begin(buffer),
+ "trusted-keys", 12) != 0) {
+ sldns_buffer_clear(buffer);
+ /* ignore everything but trusted-keys */
+ continue;
+ }
+ if(!skip_to_special(in, buffer, &line_nr, '{')) {
+ log_err("error in trusted key: \"%s\"", fname);
+ fclose(in);
+ return 0;
+ }
+ /* process contents */
+ if(!process_bind_contents(anchors, buffer, &line_nr, in)) {
+ log_err("error in trusted key: \"%s\"", fname);
+ fclose(in);
+ return 0;
+ }
+ if(!skip_to_special(in, buffer, &line_nr, ';')) {
+ log_err("error in trusted key: \"%s\"", fname);
+ fclose(in);
+ return 0;
+ }
+ sldns_buffer_clear(buffer);
+ }
+ fclose(in);
+ return 1;
+}
+
+/**
+ * Read a BIND9 like files with trust anchors in named.conf format.
+ * Performs wildcard processing of name.
+ * @param anchors: anchor storage.
+ * @param buffer: parsing buffer.
+ * @param pat: pattern string. (can be wildcarded)
+ * @return false on error.
+ */
+static int
+anchor_read_bind_file_wild(struct val_anchors* anchors, sldns_buffer* buffer,
+ const char* pat)
+{
+#ifdef HAVE_GLOB
+ glob_t g;
+ size_t i;
+ int r, flags;
+ if(!strchr(pat, '*') && !strchr(pat, '?') && !strchr(pat, '[') &&
+ !strchr(pat, '{') && !strchr(pat, '~')) {
+ return anchor_read_bind_file(anchors, buffer, pat);
+ }
+ verbose(VERB_QUERY, "wildcard found, processing %s", pat);
+ flags = 0
+#ifdef GLOB_ERR
+ | GLOB_ERR
+#endif
+#ifdef GLOB_NOSORT
+ | GLOB_NOSORT
+#endif
+#ifdef GLOB_BRACE
+ | GLOB_BRACE
+#endif
+#ifdef GLOB_TILDE
+ | GLOB_TILDE
+#endif
+ ;
+ memset(&g, 0, sizeof(g));
+ r = glob(pat, flags, NULL, &g);
+ if(r) {
+ /* some error */
+ if(r == GLOB_NOMATCH) {
+ verbose(VERB_QUERY, "trusted-keys-file: "
+ "no matches for %s", pat);
+ return 1;
+ } else if(r == GLOB_NOSPACE) {
+ log_err("wildcard trusted-keys-file %s: "
+ "pattern out of memory", pat);
+ } else if(r == GLOB_ABORTED) {
+ log_err("wildcard trusted-keys-file %s: expansion "
+ "aborted (%s)", pat, strerror(errno));
+ } else {
+ log_err("wildcard trusted-keys-file %s: expansion "
+ "failed (%s)", pat, strerror(errno));
+ }
+ /* ignore globs that yield no files */
+ return 1;
+ }
+ /* process files found, if any */
+ for(i=0; i<(size_t)g.gl_pathc; i++) {
+ if(!anchor_read_bind_file(anchors, buffer, g.gl_pathv[i])) {
+ log_err("error reading wildcard "
+ "trusted-keys-file: %s", g.gl_pathv[i]);
+ globfree(&g);
+ return 0;
+ }
+ }
+ globfree(&g);
+ return 1;
+#else /* not HAVE_GLOB */
+ return anchor_read_bind_file(anchors, buffer, pat);
+#endif /* HAVE_GLOB */
+}
+
+/**
+ * Assemble an rrset structure for the type
+ * @param ta: trust anchor.
+ * @param num: number of items to fetch from list.
+ * @param type: fetch only items of this type.
+ * @return rrset or NULL on error.
+ */
+static struct ub_packed_rrset_key*
+assemble_it(struct trust_anchor* ta, size_t num, uint16_t type)
+{
+ struct ub_packed_rrset_key* pkey = (struct ub_packed_rrset_key*)
+ malloc(sizeof(*pkey));
+ struct packed_rrset_data* pd;
+ struct ta_key* tk;
+ size_t i;
+ if(!pkey)
+ return NULL;
+ memset(pkey, 0, sizeof(*pkey));
+ pkey->rk.dname = memdup(ta->name, ta->namelen);
+ if(!pkey->rk.dname) {
+ free(pkey);
+ return NULL;
+ }
+
+ pkey->rk.dname_len = ta->namelen;
+ pkey->rk.type = htons(type);
+ pkey->rk.rrset_class = htons(ta->dclass);
+ /* The rrset is build in an uncompressed way. This means it
+ * cannot be copied in the normal way. */
+ pd = (struct packed_rrset_data*)malloc(sizeof(*pd));
+ if(!pd) {
+ free(pkey->rk.dname);
+ free(pkey);
+ return NULL;
+ }
+ memset(pd, 0, sizeof(*pd));
+ pd->count = num;
+ pd->trust = rrset_trust_ultimate;
+ pd->rr_len = (size_t*)malloc(num*sizeof(size_t));
+ if(!pd->rr_len) {
+ free(pd);
+ free(pkey->rk.dname);
+ free(pkey);
+ return NULL;
+ }
+ pd->rr_ttl = (time_t*)malloc(num*sizeof(time_t));
+ if(!pd->rr_ttl) {
+ free(pd->rr_len);
+ free(pd);
+ free(pkey->rk.dname);
+ free(pkey);
+ return NULL;
+ }
+ pd->rr_data = (uint8_t**)malloc(num*sizeof(uint8_t*));
+ if(!pd->rr_data) {
+ free(pd->rr_ttl);
+ free(pd->rr_len);
+ free(pd);
+ free(pkey->rk.dname);
+ free(pkey);
+ return NULL;
+ }
+ /* fill in rrs */
+ i=0;
+ for(tk = ta->keylist; tk; tk = tk->next) {
+ if(tk->type != type)
+ continue;
+ pd->rr_len[i] = tk->len;
+ /* reuse data ptr to allocation in talist */
+ pd->rr_data[i] = tk->data;
+ pd->rr_ttl[i] = 0;
+ i++;
+ }
+ pkey->entry.data = (void*)pd;
+ return pkey;
+}
+
+/**
+ * Assemble structures for the trust DS and DNSKEY rrsets.
+ * @param ta: trust anchor
+ * @return: false on error.
+ */
+static int
+anchors_assemble(struct trust_anchor* ta)
+{
+ if(ta->numDS > 0) {
+ ta->ds_rrset = assemble_it(ta, ta->numDS, LDNS_RR_TYPE_DS);
+ if(!ta->ds_rrset)
+ return 0;
+ }
+ if(ta->numDNSKEY > 0) {
+ ta->dnskey_rrset = assemble_it(ta, ta->numDNSKEY,
+ LDNS_RR_TYPE_DNSKEY);
+ if(!ta->dnskey_rrset)
+ return 0;
+ }
+ return 1;
+}
+
+/**
+ * Check DS algos for support, warn if not.
+ * @param ta: trust anchor
+ * @return number of DS anchors with unsupported algorithms.
+ */
+static size_t
+anchors_ds_unsupported(struct trust_anchor* ta)
+{
+ size_t i, num = 0;
+ for(i=0; i<ta->numDS; i++) {
+ if(!ds_digest_algo_is_supported(ta->ds_rrset, i) ||
+ !ds_key_algo_is_supported(ta->ds_rrset, i))
+ num++;
+ }
+ return num;
+}
+
+/**
+ * Check DNSKEY algos for support, warn if not.
+ * @param ta: trust anchor
+ * @return number of DNSKEY anchors with unsupported algorithms.
+ */
+static size_t
+anchors_dnskey_unsupported(struct trust_anchor* ta)
+{
+ size_t i, num = 0;
+ for(i=0; i<ta->numDNSKEY; i++) {
+ if(!dnskey_algo_is_supported(ta->dnskey_rrset, i))
+ num++;
+ }
+ return num;
+}
+
+/**
+ * Assemble the rrsets in the anchors, ready for use by validator.
+ * @param anchors: trust anchor storage.
+ * @return: false on error.
+ */
+static int
+anchors_assemble_rrsets(struct val_anchors* anchors)
+{
+ struct trust_anchor* ta;
+ struct trust_anchor* next;
+ size_t nods, nokey;
+ lock_basic_lock(&anchors->lock);
+ ta=(struct trust_anchor*)rbtree_first(anchors->tree);
+ while((rbnode_t*)ta != RBTREE_NULL) {
+ next = (struct trust_anchor*)rbtree_next(&ta->node);
+ lock_basic_lock(&ta->lock);
+ if(ta->autr || (ta->numDS == 0 && ta->numDNSKEY == 0)) {
+ lock_basic_unlock(&ta->lock);
+ ta = next; /* skip */
+ continue;
+ }
+ if(!anchors_assemble(ta)) {
+ log_err("out of memory");
+ lock_basic_unlock(&ta->lock);
+ lock_basic_unlock(&anchors->lock);
+ return 0;
+ }
+ nods = anchors_ds_unsupported(ta);
+ nokey = anchors_dnskey_unsupported(ta);
+ if(nods) {
+ log_nametypeclass(0, "warning: unsupported "
+ "algorithm for trust anchor",
+ ta->name, LDNS_RR_TYPE_DS, ta->dclass);
+ }
+ if(nokey) {
+ log_nametypeclass(0, "warning: unsupported "
+ "algorithm for trust anchor",
+ ta->name, LDNS_RR_TYPE_DNSKEY, ta->dclass);
+ }
+ if(nods == ta->numDS && nokey == ta->numDNSKEY) {
+ char b[257];
+ dname_str(ta->name, b);
+ log_warn("trust anchor %s has no supported algorithms,"
+ " the anchor is ignored (check if you need to"
+ " upgrade unbound and openssl)", b);
+ (void)rbtree_delete(anchors->tree, &ta->node);
+ lock_basic_unlock(&ta->lock);
+ anchors_delfunc(&ta->node, NULL);
+ ta = next;
+ continue;
+ }
+ lock_basic_unlock(&ta->lock);
+ ta = next;
+ }
+ lock_basic_unlock(&anchors->lock);
+ return 1;
+}
+
+int
+anchors_apply_cfg(struct val_anchors* anchors, struct config_file* cfg)
+{
+ struct config_strlist* f;
+ char* nm;
+ sldns_buffer* parsebuf = sldns_buffer_new(65535);
+ for(f = cfg->domain_insecure; f; f = f->next) {
+ if(!f->str || f->str[0] == 0) /* empty "" */
+ continue;
+ if(!anchor_insert_insecure(anchors, f->str)) {
+ log_err("error in domain-insecure: %s", f->str);
+ sldns_buffer_free(parsebuf);
+ return 0;
+ }
+ }
+ for(f = cfg->trust_anchor_file_list; f; f = f->next) {
+ if(!f->str || f->str[0] == 0) /* empty "" */
+ continue;
+ nm = f->str;
+ if(cfg->chrootdir && cfg->chrootdir[0] && strncmp(nm,
+ cfg->chrootdir, strlen(cfg->chrootdir)) == 0)
+ nm += strlen(cfg->chrootdir);
+ if(!anchor_read_file(anchors, parsebuf, nm, 0)) {
+ log_err("error reading trust-anchor-file: %s", f->str);
+ sldns_buffer_free(parsebuf);
+ return 0;
+ }
+ }
+ for(f = cfg->trusted_keys_file_list; f; f = f->next) {
+ if(!f->str || f->str[0] == 0) /* empty "" */
+ continue;
+ nm = f->str;
+ if(cfg->chrootdir && cfg->chrootdir[0] && strncmp(nm,
+ cfg->chrootdir, strlen(cfg->chrootdir)) == 0)
+ nm += strlen(cfg->chrootdir);
+ if(!anchor_read_bind_file_wild(anchors, parsebuf, nm)) {
+ log_err("error reading trusted-keys-file: %s", f->str);
+ sldns_buffer_free(parsebuf);
+ return 0;
+ }
+ }
+ for(f = cfg->trust_anchor_list; f; f = f->next) {
+ if(!f->str || f->str[0] == 0) /* empty "" */
+ continue;
+ if(!anchor_store_str(anchors, parsebuf, f->str)) {
+ log_err("error in trust-anchor: \"%s\"", f->str);
+ sldns_buffer_free(parsebuf);
+ return 0;
+ }
+ }
+ if(cfg->dlv_anchor_file && cfg->dlv_anchor_file[0] != 0) {
+ struct trust_anchor* dlva;
+ nm = cfg->dlv_anchor_file;
+ if(cfg->chrootdir && cfg->chrootdir[0] && strncmp(nm,
+ cfg->chrootdir, strlen(cfg->chrootdir)) == 0)
+ nm += strlen(cfg->chrootdir);
+ if(!(dlva = anchor_read_file(anchors, parsebuf,
+ nm, 1))) {
+ log_err("error reading dlv-anchor-file: %s",
+ cfg->dlv_anchor_file);
+ sldns_buffer_free(parsebuf);
+ return 0;
+ }
+ lock_basic_lock(&anchors->lock);
+ anchors->dlv_anchor = dlva;
+ lock_basic_unlock(&anchors->lock);
+ }
+ for(f = cfg->dlv_anchor_list; f; f = f->next) {
+ struct trust_anchor* dlva;
+ if(!f->str || f->str[0] == 0) /* empty "" */
+ continue;
+ if(!(dlva = anchor_store_str(
+ anchors, parsebuf, f->str))) {
+ log_err("error in dlv-anchor: \"%s\"", f->str);
+ sldns_buffer_free(parsebuf);
+ return 0;
+ }
+ lock_basic_lock(&anchors->lock);
+ anchors->dlv_anchor = dlva;
+ lock_basic_unlock(&anchors->lock);
+ }
+ /* do autr last, so that it sees what anchors are filled by other
+ * means can can print errors about double config for the name */
+ for(f = cfg->auto_trust_anchor_file_list; f; f = f->next) {
+ if(!f->str || f->str[0] == 0) /* empty "" */
+ continue;
+ nm = f->str;
+ if(cfg->chrootdir && cfg->chrootdir[0] && strncmp(nm,
+ cfg->chrootdir, strlen(cfg->chrootdir)) == 0)
+ nm += strlen(cfg->chrootdir);
+ if(!autr_read_file(anchors, nm)) {
+ log_err("error reading auto-trust-anchor-file: %s",
+ f->str);
+ sldns_buffer_free(parsebuf);
+ return 0;
+ }
+ }
+ /* first assemble, since it may delete useless anchors */
+ anchors_assemble_rrsets(anchors);
+ init_parents(anchors);
+ sldns_buffer_free(parsebuf);
+ if(verbosity >= VERB_ALGO) autr_debug_print(anchors);
+ return 1;
+}
+
+struct trust_anchor*
+anchors_lookup(struct val_anchors* anchors,
+ uint8_t* qname, size_t qname_len, uint16_t qclass)
+{
+ struct trust_anchor key;
+ struct trust_anchor* result;
+ rbnode_t* res = NULL;
+ key.node.key = &key;
+ key.name = qname;
+ key.namelabs = dname_count_labels(qname);
+ key.namelen = qname_len;
+ key.dclass = qclass;
+ lock_basic_lock(&anchors->lock);
+ if(rbtree_find_less_equal(anchors->tree, &key, &res)) {
+ /* exact */
+ result = (struct trust_anchor*)res;
+ } else {
+ /* smaller element (or no element) */
+ int m;
+ result = (struct trust_anchor*)res;
+ if(!result || result->dclass != qclass) {
+ lock_basic_unlock(&anchors->lock);
+ return NULL;
+ }
+ /* count number of labels matched */
+ (void)dname_lab_cmp(result->name, result->namelabs, key.name,
+ key.namelabs, &m);
+ while(result) { /* go up until qname is subdomain of stub */
+ if(result->namelabs <= m)
+ break;
+ result = result->parent;
+ }
+ }
+ if(result) {
+ lock_basic_lock(&result->lock);
+ }
+ lock_basic_unlock(&anchors->lock);
+ return result;
+}
+
+size_t
+anchors_get_mem(struct val_anchors* anchors)
+{
+ struct trust_anchor *ta;
+ size_t s = sizeof(*anchors);
+ if(!anchors)
+ return 0;
+ RBTREE_FOR(ta, struct trust_anchor*, anchors->tree) {
+ s += sizeof(*ta) + ta->namelen;
+ /* keys and so on */
+ }
+ return s;
+}
+
+int
+anchors_add_insecure(struct val_anchors* anchors, uint16_t c, uint8_t* nm)
+{
+ struct trust_anchor key;
+ key.node.key = &key;
+ key.name = nm;
+ key.namelabs = dname_count_size_labels(nm, &key.namelen);
+ key.dclass = c;
+ lock_basic_lock(&anchors->lock);
+ if(rbtree_search(anchors->tree, &key)) {
+ lock_basic_unlock(&anchors->lock);
+ /* nothing to do, already an anchor or insecure point */
+ return 1;
+ }
+ if(!anchor_new_ta(anchors, nm, key.namelabs, key.namelen, c, 0)) {
+ log_err("out of memory");
+ lock_basic_unlock(&anchors->lock);
+ return 0;
+ }
+ /* no other contents in new ta, because it is insecure point */
+ anchors_init_parents_locked(anchors);
+ lock_basic_unlock(&anchors->lock);
+ return 1;
+}
+
+void
+anchors_delete_insecure(struct val_anchors* anchors, uint16_t c,
+ uint8_t* nm)
+{
+ struct trust_anchor key;
+ struct trust_anchor* ta;
+ key.node.key = &key;
+ key.name = nm;
+ key.namelabs = dname_count_size_labels(nm, &key.namelen);
+ key.dclass = c;
+ lock_basic_lock(&anchors->lock);
+ if(!(ta=(struct trust_anchor*)rbtree_search(anchors->tree, &key))) {
+ lock_basic_unlock(&anchors->lock);
+ /* nothing there */
+ return;
+ }
+ /* lock it to drive away other threads that use it */
+ lock_basic_lock(&ta->lock);
+ /* see if its really an insecure point */
+ if(ta->keylist || ta->autr || ta->numDS || ta->numDNSKEY) {
+ lock_basic_unlock(&anchors->lock);
+ lock_basic_unlock(&ta->lock);
+ /* its not an insecure point, do not remove it */
+ return;
+ }
+
+ /* remove from tree */
+ (void)rbtree_delete(anchors->tree, &ta->node);
+ anchors_init_parents_locked(anchors);
+ lock_basic_unlock(&anchors->lock);
+
+ /* actual free of data */
+ lock_basic_unlock(&ta->lock);
+ anchors_delfunc(&ta->node, NULL);
+}
+
diff --git a/external/unbound/validator/val_anchor.h b/external/unbound/validator/val_anchor.h
new file mode 100644
index 000000000..4951b9996
--- /dev/null
+++ b/external/unbound/validator/val_anchor.h
@@ -0,0 +1,219 @@
+/*
+ * validator/val_anchor.h - validator trust anchor storage.
+ *
+ * Copyright (c) 2007, NLnet Labs. All rights reserved.
+ *
+ * This software is open source.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of the NLNET LABS nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/**
+ * \file
+ *
+ * This file contains storage for the trust anchors for the validator.
+ */
+
+#ifndef VALIDATOR_VAL_ANCHOR_H
+#define VALIDATOR_VAL_ANCHOR_H
+#include "util/rbtree.h"
+#include "util/locks.h"
+struct trust_anchor;
+struct config_file;
+struct ub_packed_rrset_key;
+struct autr_point_data;
+struct autr_global_data;
+struct sldns_buffer;
+
+/**
+ * Trust anchor store.
+ * The tree must be locked, while no other locks (from trustanchors) are held.
+ * And then an anchor searched for. Which can be locked or deleted. Then
+ * the tree can be unlocked again. This means you have to release the lock
+ * on a trust anchor and look it up again to delete it.
+ */
+struct val_anchors {
+ /** lock on trees */
+ lock_basic_t lock;
+ /**
+ * Anchors are store in this tree. Sort order is chosen, so that
+ * dnames are in nsec-like order. A lookup on class, name will return
+ * an exact match of the closest match, with the ancestor needed.
+ * contents of type trust_anchor.
+ */
+ rbtree_t* tree;
+ /** The DLV trust anchor (if one is configured, else NULL) */
+ struct trust_anchor* dlv_anchor;
+ /** Autotrust global data, anchors sorted by next probe time */
+ struct autr_global_data* autr;
+};
+
+/**
+ * Trust anchor key
+ */
+struct ta_key {
+ /** next in list */
+ struct ta_key* next;
+ /** rdata, in wireformat of the key RR. starts with rdlength. */
+ uint8_t* data;
+ /** length of the rdata (including rdlength). */
+ size_t len;
+ /** DNS type (host format) of the key, DS or DNSKEY */
+ uint16_t type;
+};
+
+/**
+ * A trust anchor in the trust anchor store.
+ * Unique by name, class.
+ */
+struct trust_anchor {
+ /** rbtree node, key is this structure */
+ rbnode_t node;
+ /** lock on the entire anchor and its keys; for autotrust changes */
+ lock_basic_t lock;
+ /** name of this trust anchor */
+ uint8_t* name;
+ /** length of name */
+ size_t namelen;
+ /** number of labels in name of rrset */
+ int namelabs;
+ /** the ancestor in the trustanchor tree */
+ struct trust_anchor* parent;
+ /**
+ * List of DS or DNSKEY rrs that form the trust anchor.
+ */
+ struct ta_key* keylist;
+ /** Autotrust anchor point data, or NULL */
+ struct autr_point_data* autr;
+ /** number of DSs in the keylist */
+ size_t numDS;
+ /** number of DNSKEYs in the keylist */
+ size_t numDNSKEY;
+ /** the DS RRset */
+ struct ub_packed_rrset_key* ds_rrset;
+ /** The DNSKEY RRset */
+ struct ub_packed_rrset_key* dnskey_rrset;
+ /** class of the trust anchor */
+ uint16_t dclass;
+};
+
+/**
+ * Create trust anchor storage
+ * @return new storage or NULL on error.
+ */
+struct val_anchors* anchors_create(void);
+
+/**
+ * Delete trust anchor storage.
+ * @param anchors: to delete.
+ */
+void anchors_delete(struct val_anchors* anchors);
+
+/**
+ * Process trust anchor config.
+ * @param anchors: struct anchor storage
+ * @param cfg: config options.
+ * @return 0 on error.
+ */
+int anchors_apply_cfg(struct val_anchors* anchors, struct config_file* cfg);
+
+/**
+ * Recalculate parent pointers. The caller must hold the lock on the
+ * anchors structure (say after removing an item from the rbtree).
+ * Caller must not hold any locks on trust anchors.
+ * After the call is complete the parent pointers are updated and an item
+ * just removed is no longer referenced in parent pointers.
+ * @param anchors: the structure to update.
+ */
+void anchors_init_parents_locked(struct val_anchors* anchors);
+
+/**
+ * Given a qname/qclass combination, find the trust anchor closest above it.
+ * Or return NULL if none exists.
+ *
+ * @param anchors: struct anchor storage
+ * @param qname: query name, uncompressed wireformat.
+ * @param qname_len: length of qname.
+ * @param qclass: class to query for.
+ * @return the trust anchor or NULL if none is found. The anchor is locked.
+ */
+struct trust_anchor* anchors_lookup(struct val_anchors* anchors,
+ uint8_t* qname, size_t qname_len, uint16_t qclass);
+
+/**
+ * Find a trust anchor. Exact matching.
+ * @param anchors: anchor storage.
+ * @param name: name of trust anchor (wireformat)
+ * @param namelabs: labels in name
+ * @param namelen: length of name
+ * @param dclass: class of trust anchor
+ * @return NULL if not found. The anchor is locked.
+ */
+struct trust_anchor* anchor_find(struct val_anchors* anchors,
+ uint8_t* name, int namelabs, size_t namelen, uint16_t dclass);
+
+/**
+ * Store one string as trust anchor RR.
+ * @param anchors: anchor storage.
+ * @param buffer: parsing buffer, to generate the RR wireformat in.
+ * @param str: string.
+ * @return NULL on error.
+ */
+struct trust_anchor* anchor_store_str(struct val_anchors* anchors,
+ struct sldns_buffer* buffer, const char* str);
+
+/**
+ * Get memory in use by the trust anchor storage
+ * @param anchors: anchor storage.
+ * @return memory in use in bytes.
+ */
+size_t anchors_get_mem(struct val_anchors* anchors);
+
+/** compare two trust anchors */
+int anchor_cmp(const void* k1, const void* k2);
+
+/**
+ * Add insecure point trust anchor. For external use (locks and init_parents)
+ * @param anchors: anchor storage.
+ * @param c: class.
+ * @param nm: name of insecure trust point.
+ * @return false on alloc failure.
+ */
+int anchors_add_insecure(struct val_anchors* anchors, uint16_t c, uint8_t* nm);
+
+/**
+ * Delete insecure point trust anchor. Does not remove if no such point.
+ * For external use (locks and init_parents)
+ * @param anchors: anchor storage.
+ * @param c: class.
+ * @param nm: name of insecure trust point.
+ */
+void anchors_delete_insecure(struct val_anchors* anchors, uint16_t c,
+ uint8_t* nm);
+
+#endif /* VALIDATOR_VAL_ANCHOR_H */
diff --git a/external/unbound/validator/val_kcache.c b/external/unbound/validator/val_kcache.c
new file mode 100644
index 000000000..22070cc6a
--- /dev/null
+++ b/external/unbound/validator/val_kcache.c
@@ -0,0 +1,172 @@
+/*
+ * validator/val_kcache.c - validator key shared cache with validated keys
+ *
+ * Copyright (c) 2007, NLnet Labs. All rights reserved.
+ *
+ * This software is open source.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of the NLNET LABS nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/**
+ * \file
+ *
+ * This file contains functions for dealing with the validator key cache.
+ */
+#include "config.h"
+#include "validator/val_kcache.h"
+#include "validator/val_kentry.h"
+#include "util/log.h"
+#include "util/config_file.h"
+#include "util/data/dname.h"
+#include "util/module.h"
+
+struct key_cache*
+key_cache_create(struct config_file* cfg)
+{
+ struct key_cache* kcache = (struct key_cache*)calloc(1,
+ sizeof(*kcache));
+ size_t numtables, start_size, maxmem;
+ if(!kcache) {
+ log_err("malloc failure");
+ return NULL;
+ }
+ numtables = cfg->key_cache_slabs;
+ start_size = HASH_DEFAULT_STARTARRAY;
+ maxmem = cfg->key_cache_size;
+ kcache->slab = slabhash_create(numtables, start_size, maxmem,
+ &key_entry_sizefunc, &key_entry_compfunc,
+ &key_entry_delkeyfunc, &key_entry_deldatafunc, NULL);
+ if(!kcache->slab) {
+ log_err("malloc failure");
+ free(kcache);
+ return NULL;
+ }
+ return kcache;
+}
+
+void
+key_cache_delete(struct key_cache* kcache)
+{
+ if(!kcache)
+ return;
+ slabhash_delete(kcache->slab);
+ free(kcache);
+}
+
+void
+key_cache_insert(struct key_cache* kcache, struct key_entry_key* kkey,
+ struct module_qstate* qstate)
+{
+ struct key_entry_key* k = key_entry_copy(kkey);
+ if(!k)
+ return;
+ if(key_entry_isbad(k) && qstate->errinf &&
+ qstate->env->cfg->val_log_level >= 2) {
+ /* on malloc failure there is simply no reason string */
+ key_entry_set_reason(k, errinf_to_str(qstate));
+ }
+ key_entry_hash(k);
+ slabhash_insert(kcache->slab, k->entry.hash, &k->entry,
+ k->entry.data, NULL);
+}
+
+/**
+ * Lookup exactly in the key cache. Returns pointer to locked entry.
+ * Caller must unlock it after use.
+ * @param kcache: the key cache.
+ * @param name: for what name to look; uncompressed wireformat
+ * @param namelen: length of the name.
+ * @param key_class: class of the key.
+ * @param wr: set true to get a writelock.
+ * @return key entry, locked, or NULL if not found. No TTL checking is
+ * performed.
+ */
+static struct key_entry_key*
+key_cache_search(struct key_cache* kcache, uint8_t* name, size_t namelen,
+ uint16_t key_class, int wr)
+{
+ struct lruhash_entry* e;
+ struct key_entry_key lookfor;
+ lookfor.entry.key = &lookfor;
+ lookfor.name = name;
+ lookfor.namelen = namelen;
+ lookfor.key_class = key_class;
+ key_entry_hash(&lookfor);
+ e = slabhash_lookup(kcache->slab, lookfor.entry.hash, &lookfor, wr);
+ if(!e)
+ return NULL;
+ return (struct key_entry_key*)e->key;
+}
+
+struct key_entry_key*
+key_cache_obtain(struct key_cache* kcache, uint8_t* name, size_t namelen,
+ uint16_t key_class, struct regional* region, time_t now)
+{
+ /* keep looking until we find a nonexpired entry */
+ while(1) {
+ struct key_entry_key* k = key_cache_search(kcache, name,
+ namelen, key_class, 0);
+ if(k) {
+ /* see if TTL is OK */
+ struct key_entry_data* d = (struct key_entry_data*)
+ k->entry.data;
+ if(now <= d->ttl) {
+ /* copy and return it */
+ struct key_entry_key* retkey =
+ key_entry_copy_toregion(k, region);
+ lock_rw_unlock(&k->entry.lock);
+ return retkey;
+ }
+ lock_rw_unlock(&k->entry.lock);
+ }
+ /* snip off first label to continue */
+ if(dname_is_root(name))
+ break;
+ dname_remove_label(&name, &namelen);
+ }
+ return NULL;
+}
+
+size_t
+key_cache_get_mem(struct key_cache* kcache)
+{
+ return sizeof(*kcache) + slabhash_get_mem(kcache->slab);
+}
+
+void key_cache_remove(struct key_cache* kcache,
+ uint8_t* name, size_t namelen, uint16_t key_class)
+{
+ struct key_entry_key lookfor;
+ lookfor.entry.key = &lookfor;
+ lookfor.name = name;
+ lookfor.namelen = namelen;
+ lookfor.key_class = key_class;
+ key_entry_hash(&lookfor);
+ slabhash_remove(kcache->slab, lookfor.entry.hash, &lookfor);
+}
diff --git a/external/unbound/validator/val_kcache.h b/external/unbound/validator/val_kcache.h
new file mode 100644
index 000000000..76c9dd094
--- /dev/null
+++ b/external/unbound/validator/val_kcache.h
@@ -0,0 +1,118 @@
+/*
+ * validator/val_kcache.h - validator key shared cache with validated keys
+ *
+ * Copyright (c) 2007, NLnet Labs. All rights reserved.
+ *
+ * This software is open source.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of the NLNET LABS nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/**
+ * \file
+ *
+ * This file contains functions for caching validated key entries.
+ */
+
+#ifndef VALIDATOR_VAL_KCACHE_H
+#define VALIDATOR_VAL_KCACHE_H
+#include "util/storage/slabhash.h"
+struct key_entry_key;
+struct key_entry_data;
+struct config_file;
+struct regional;
+struct module_qstate;
+
+/**
+ * Key cache
+ */
+struct key_cache {
+ /** uses slabhash for storage, type key_entry_key, key_entry_data */
+ struct slabhash* slab;
+};
+
+/**
+ * Create the key cache
+ * @param cfg: config settings for the key cache.
+ * @return new key cache or NULL on malloc failure.
+ */
+struct key_cache* key_cache_create(struct config_file* cfg);
+
+/**
+ * Delete the key cache
+ * @param kcache: to delete
+ */
+void key_cache_delete(struct key_cache* kcache);
+
+/**
+ * Insert or update a key cache entry. Note that the insert may silently
+ * fail if there is not enough memory.
+ *
+ * @param kcache: the key cache.
+ * @param kkey: key entry key, assumed malloced in a region, is copied
+ * to perform update or insertion. Its data pointer is also copied.
+ * @param qstate: store errinf reason in case its bad.
+ */
+void key_cache_insert(struct key_cache* kcache, struct key_entry_key* kkey,
+ struct module_qstate* qstate);
+
+/**
+ * Remove an entry from the key cache.
+ * @param kcache: the key cache.
+ * @param name: for what name to look; uncompressed wireformat
+ * @param namelen: length of the name.
+ * @param key_class: class of the key.
+ */
+void key_cache_remove(struct key_cache* kcache,
+ uint8_t* name, size_t namelen, uint16_t key_class);
+
+/**
+ * Lookup key entry in the cache. Looks up the closest key entry above the
+ * given name.
+ * @param kcache: the key cache.
+ * @param name: for what name to look; uncompressed wireformat
+ * @param namelen: length of the name.
+ * @param key_class: class of the key.
+ * @param region: a copy of the key_entry is allocated in this region.
+ * @param now: current time.
+ * @return pointer to a newly allocated key_entry copy in the region, if
+ * a key entry could be found, and allocation succeeded and TTL was OK.
+ * Otherwise, NULL is returned.
+ */
+struct key_entry_key* key_cache_obtain(struct key_cache* kcache,
+ uint8_t* name, size_t namelen, uint16_t key_class,
+ struct regional* region, time_t now);
+
+/**
+ * Get memory in use by the key cache.
+ * @param kcache: the key cache.
+ * @return memory in use in bytes.
+ */
+size_t key_cache_get_mem(struct key_cache* kcache);
+
+#endif /* VALIDATOR_VAL_KCACHE_H */
diff --git a/external/unbound/validator/val_kentry.c b/external/unbound/validator/val_kentry.c
new file mode 100644
index 000000000..f99f18e89
--- /dev/null
+++ b/external/unbound/validator/val_kentry.c
@@ -0,0 +1,413 @@
+/*
+ * validator/val_kentry.c - validator key entry definition.
+ *
+ * Copyright (c) 2007, NLnet Labs. All rights reserved.
+ *
+ * This software is open source.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of the NLNET LABS nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/**
+ * \file
+ *
+ * This file contains functions for dealing with validator key entries.
+ */
+#include "config.h"
+#include "validator/val_kentry.h"
+#include "util/data/packed_rrset.h"
+#include "util/data/dname.h"
+#include "util/storage/lookup3.h"
+#include "util/regional.h"
+#include "util/net_help.h"
+#include "ldns/rrdef.h"
+#include "ldns/keyraw.h"
+
+size_t
+key_entry_sizefunc(void* key, void* data)
+{
+ struct key_entry_key* kk = (struct key_entry_key*)key;
+ struct key_entry_data* kd = (struct key_entry_data*)data;
+ size_t s = sizeof(*kk) + kk->namelen;
+ s += sizeof(*kd) + lock_get_mem(&kk->entry.lock);
+ if(kd->rrset_data)
+ s += packed_rrset_sizeof(kd->rrset_data);
+ if(kd->reason)
+ s += strlen(kd->reason)+1;
+ if(kd->algo)
+ s += strlen((char*)kd->algo)+1;
+ return s;
+}
+
+int
+key_entry_compfunc(void* k1, void* k2)
+{
+ struct key_entry_key* n1 = (struct key_entry_key*)k1;
+ struct key_entry_key* n2 = (struct key_entry_key*)k2;
+ if(n1->key_class != n2->key_class) {
+ if(n1->key_class < n2->key_class)
+ return -1;
+ return 1;
+ }
+ return query_dname_compare(n1->name, n2->name);
+}
+
+void
+key_entry_delkeyfunc(void* key, void* ATTR_UNUSED(userarg))
+{
+ struct key_entry_key* kk = (struct key_entry_key*)key;
+ if(!key)
+ return;
+ lock_rw_destroy(&kk->entry.lock);
+ free(kk->name);
+ free(kk);
+}
+
+void
+key_entry_deldatafunc(void* data, void* ATTR_UNUSED(userarg))
+{
+ struct key_entry_data* kd = (struct key_entry_data*)data;
+ free(kd->reason);
+ free(kd->rrset_data);
+ free(kd->algo);
+ free(kd);
+}
+
+void
+key_entry_hash(struct key_entry_key* kk)
+{
+ kk->entry.hash = 0x654;
+ kk->entry.hash = hashlittle(&kk->key_class, sizeof(kk->key_class),
+ kk->entry.hash);
+ kk->entry.hash = dname_query_hash(kk->name, kk->entry.hash);
+}
+
+struct key_entry_key*
+key_entry_copy_toregion(struct key_entry_key* kkey, struct regional* region)
+{
+ struct key_entry_key* newk;
+ newk = regional_alloc_init(region, kkey, sizeof(*kkey));
+ if(!newk)
+ return NULL;
+ newk->name = regional_alloc_init(region, kkey->name, kkey->namelen);
+ if(!newk->name)
+ return NULL;
+ newk->entry.key = newk;
+ if(newk->entry.data) {
+ /* copy data element */
+ struct key_entry_data *d = (struct key_entry_data*)
+ kkey->entry.data;
+ struct key_entry_data *newd;
+ newd = regional_alloc_init(region, d, sizeof(*d));
+ if(!newd)
+ return NULL;
+ /* copy rrset */
+ if(d->rrset_data) {
+ newd->rrset_data = regional_alloc_init(region,
+ d->rrset_data,
+ packed_rrset_sizeof(d->rrset_data));
+ if(!newd->rrset_data)
+ return NULL;
+ packed_rrset_ptr_fixup(newd->rrset_data);
+ }
+ if(d->reason) {
+ newd->reason = regional_strdup(region, d->reason);
+ if(!newd->reason)
+ return NULL;
+ }
+ if(d->algo) {
+ newd->algo = (uint8_t*)regional_strdup(region,
+ (char*)d->algo);
+ if(!newd->algo)
+ return NULL;
+ }
+ newk->entry.data = newd;
+ }
+ return newk;
+}
+
+struct key_entry_key*
+key_entry_copy(struct key_entry_key* kkey)
+{
+ struct key_entry_key* newk;
+ if(!kkey)
+ return NULL;
+ newk = memdup(kkey, sizeof(*kkey));
+ if(!newk)
+ return NULL;
+ newk->name = memdup(kkey->name, kkey->namelen);
+ if(!newk->name) {
+ free(newk);
+ return NULL;
+ }
+ lock_rw_init(&newk->entry.lock);
+ newk->entry.key = newk;
+ if(newk->entry.data) {
+ /* copy data element */
+ struct key_entry_data *d = (struct key_entry_data*)
+ kkey->entry.data;
+ struct key_entry_data *newd;
+ newd = memdup(d, sizeof(*d));
+ if(!newd) {
+ free(newk->name);
+ free(newk);
+ return NULL;
+ }
+ /* copy rrset */
+ if(d->rrset_data) {
+ newd->rrset_data = memdup(d->rrset_data,
+ packed_rrset_sizeof(d->rrset_data));
+ if(!newd->rrset_data) {
+ free(newd);
+ free(newk->name);
+ free(newk);
+ return NULL;
+ }
+ packed_rrset_ptr_fixup(newd->rrset_data);
+ }
+ if(d->reason) {
+ newd->reason = strdup(d->reason);
+ if(!newd->reason) {
+ free(newd->rrset_data);
+ free(newd);
+ free(newk->name);
+ free(newk);
+ return NULL;
+ }
+ }
+ if(d->algo) {
+ newd->algo = (uint8_t*)strdup((char*)d->algo);
+ if(!newd->algo) {
+ free(newd->rrset_data);
+ free(newd->reason);
+ free(newd);
+ free(newk->name);
+ free(newk);
+ return NULL;
+ }
+ }
+ newk->entry.data = newd;
+ }
+ return newk;
+}
+
+int
+key_entry_isnull(struct key_entry_key* kkey)
+{
+ struct key_entry_data* d = (struct key_entry_data*)kkey->entry.data;
+ return (!d->isbad && d->rrset_data == NULL);
+}
+
+int
+key_entry_isgood(struct key_entry_key* kkey)
+{
+ struct key_entry_data* d = (struct key_entry_data*)kkey->entry.data;
+ return (!d->isbad && d->rrset_data != NULL);
+}
+
+int
+key_entry_isbad(struct key_entry_key* kkey)
+{
+ struct key_entry_data* d = (struct key_entry_data*)kkey->entry.data;
+ return (int)(d->isbad);
+}
+
+void
+key_entry_set_reason(struct key_entry_key* kkey, char* reason)
+{
+ struct key_entry_data* d = (struct key_entry_data*)kkey->entry.data;
+ d->reason = reason;
+}
+
+char*
+key_entry_get_reason(struct key_entry_key* kkey)
+{
+ struct key_entry_data* d = (struct key_entry_data*)kkey->entry.data;
+ return d->reason;
+}
+
+/** setup key entry in region */
+static int
+key_entry_setup(struct regional* region,
+ uint8_t* name, size_t namelen, uint16_t dclass,
+ struct key_entry_key** k, struct key_entry_data** d)
+{
+ *k = regional_alloc(region, sizeof(**k));
+ if(!*k)
+ return 0;
+ memset(*k, 0, sizeof(**k));
+ (*k)->entry.key = *k;
+ (*k)->name = regional_alloc_init(region, name, namelen);
+ if(!(*k)->name)
+ return 0;
+ (*k)->namelen = namelen;
+ (*k)->key_class = dclass;
+ *d = regional_alloc(region, sizeof(**d));
+ if(!*d)
+ return 0;
+ (*k)->entry.data = *d;
+ return 1;
+}
+
+struct key_entry_key*
+key_entry_create_null(struct regional* region,
+ uint8_t* name, size_t namelen, uint16_t dclass, time_t ttl,
+ time_t now)
+{
+ struct key_entry_key* k;
+ struct key_entry_data* d;
+ if(!key_entry_setup(region, name, namelen, dclass, &k, &d))
+ return NULL;
+ d->ttl = now + ttl;
+ d->isbad = 0;
+ d->reason = NULL;
+ d->rrset_type = LDNS_RR_TYPE_DNSKEY;
+ d->rrset_data = NULL;
+ d->algo = NULL;
+ return k;
+}
+
+struct key_entry_key*
+key_entry_create_rrset(struct regional* region,
+ uint8_t* name, size_t namelen, uint16_t dclass,
+ struct ub_packed_rrset_key* rrset, uint8_t* sigalg, time_t now)
+{
+ struct key_entry_key* k;
+ struct key_entry_data* d;
+ struct packed_rrset_data* rd = (struct packed_rrset_data*)
+ rrset->entry.data;
+ if(!key_entry_setup(region, name, namelen, dclass, &k, &d))
+ return NULL;
+ d->ttl = rd->ttl + now;
+ d->isbad = 0;
+ d->reason = NULL;
+ d->rrset_type = ntohs(rrset->rk.type);
+ d->rrset_data = (struct packed_rrset_data*)regional_alloc_init(region,
+ rd, packed_rrset_sizeof(rd));
+ if(!d->rrset_data)
+ return NULL;
+ if(sigalg) {
+ d->algo = (uint8_t*)regional_strdup(region, (char*)sigalg);
+ if(!d->algo)
+ return NULL;
+ } else d->algo = NULL;
+ packed_rrset_ptr_fixup(d->rrset_data);
+ return k;
+}
+
+struct key_entry_key*
+key_entry_create_bad(struct regional* region,
+ uint8_t* name, size_t namelen, uint16_t dclass, time_t ttl,
+ time_t now)
+{
+ struct key_entry_key* k;
+ struct key_entry_data* d;
+ if(!key_entry_setup(region, name, namelen, dclass, &k, &d))
+ return NULL;
+ d->ttl = now + ttl;
+ d->isbad = 1;
+ d->reason = NULL;
+ d->rrset_type = LDNS_RR_TYPE_DNSKEY;
+ d->rrset_data = NULL;
+ d->algo = NULL;
+ return k;
+}
+
+struct ub_packed_rrset_key*
+key_entry_get_rrset(struct key_entry_key* kkey, struct regional* region)
+{
+ struct key_entry_data* d = (struct key_entry_data*)kkey->entry.data;
+ struct ub_packed_rrset_key* rrk;
+ struct packed_rrset_data* rrd;
+ if(!d || !d->rrset_data)
+ return NULL;
+ rrk = regional_alloc(region, sizeof(*rrk));
+ if(!rrk)
+ return NULL;
+ memset(rrk, 0, sizeof(*rrk));
+ rrk->rk.dname = regional_alloc_init(region, kkey->name, kkey->namelen);
+ if(!rrk->rk.dname)
+ return NULL;
+ rrk->rk.dname_len = kkey->namelen;
+ rrk->rk.type = htons(d->rrset_type);
+ rrk->rk.rrset_class = htons(kkey->key_class);
+ rrk->entry.key = rrk;
+ rrd = regional_alloc_init(region, d->rrset_data,
+ packed_rrset_sizeof(d->rrset_data));
+ if(!rrd)
+ return NULL;
+ rrk->entry.data = rrd;
+ packed_rrset_ptr_fixup(rrd);
+ return rrk;
+}
+
+/** Get size of key in keyset */
+static size_t
+dnskey_get_keysize(struct packed_rrset_data* data, size_t idx)
+{
+ unsigned char* pk;
+ unsigned int pklen = 0;
+ int algo;
+ if(data->rr_len[idx] < 2+5)
+ return 0;
+ algo = (int)data->rr_data[idx][2+3];
+ pk = (unsigned char*)data->rr_data[idx]+2+4;
+ pklen = (unsigned)data->rr_len[idx]-2-4;
+ return sldns_rr_dnskey_key_size_raw(pk, pklen, algo);
+}
+
+/** get dnskey flags from data */
+static uint16_t
+kd_get_flags(struct packed_rrset_data* data, size_t idx)
+{
+ uint16_t f;
+ if(data->rr_len[idx] < 2+2)
+ return 0;
+ memmove(&f, data->rr_data[idx]+2, 2);
+ f = ntohs(f);
+ return f;
+}
+
+size_t
+key_entry_keysize(struct key_entry_key* kkey)
+{
+ struct packed_rrset_data* d;
+ /* compute size of smallest ZSK key in the rrset */
+ size_t i;
+ size_t bits = 0;
+ if(!key_entry_isgood(kkey))
+ return 0;
+ d = ((struct key_entry_data*)kkey->entry.data)->rrset_data;
+ for(i=0; i<d->count; i++) {
+ if(!(kd_get_flags(d, i) & DNSKEY_BIT_ZSK))
+ continue;
+ if(i==0 || dnskey_get_keysize(d, i) < bits)
+ bits = dnskey_get_keysize(d, i);
+ }
+ return bits;
+}
diff --git a/external/unbound/validator/val_kentry.h b/external/unbound/validator/val_kentry.h
new file mode 100644
index 000000000..ade65571a
--- /dev/null
+++ b/external/unbound/validator/val_kentry.h
@@ -0,0 +1,220 @@
+/*
+ * validator/val_kentry.h - validator key entry definition.
+ *
+ * Copyright (c) 2007, NLnet Labs. All rights reserved.
+ *
+ * This software is open source.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of the NLNET LABS nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/**
+ * \file
+ *
+ * This file contains functions for dealing with validator key entries.
+ */
+
+#ifndef VALIDATOR_VAL_KENTRY_H
+#define VALIDATOR_VAL_KENTRY_H
+struct packed_rrset_data;
+struct regional;
+struct ub_packed_rrset_key;
+#include "util/storage/lruhash.h"
+
+/**
+ * A key entry for the validator.
+ * This may or may not be a trusted key.
+ * This is what is stored in the key cache.
+ * This is the key part for the cache; the key entry key.
+ */
+struct key_entry_key {
+ /** lru hash entry */
+ struct lruhash_entry entry;
+ /** name of the key */
+ uint8_t* name;
+ /** length of name */
+ size_t namelen;
+ /** class of the key, host byteorder */
+ uint16_t key_class;
+};
+
+/**
+ * Key entry for the validator.
+ * Contains key status.
+ * This is the data part for the cache, the key entry data.
+ *
+ * Can be in three basic states:
+ * isbad=0: good key
+ * isbad=1: bad key
+ * isbad=0 && rrset=0: insecure space.
+ */
+struct key_entry_data {
+ /** the TTL of this entry (absolute time) */
+ time_t ttl;
+ /** the key rrdata. can be NULL to signal keyless name. */
+ struct packed_rrset_data* rrset_data;
+ /** not NULL sometimes to give reason why bogus */
+ char* reason;
+ /** list of algorithms signalled, ends with 0, or NULL */
+ uint8_t* algo;
+ /** DNS RR type of the rrset data (host order) */
+ uint16_t rrset_type;
+ /** if the key is bad: Bogus or malformed */
+ uint8_t isbad;
+};
+
+/** function for lruhash operation */
+size_t key_entry_sizefunc(void* key, void* data);
+
+/** function for lruhash operation */
+int key_entry_compfunc(void* k1, void* k2);
+
+/** function for lruhash operation */
+void key_entry_delkeyfunc(void* key, void* userarg);
+
+/** function for lruhash operation */
+void key_entry_deldatafunc(void* data, void* userarg);
+
+/** calculate hash for key entry
+ * @param kk: key entry. The lruhash entry.hash value is filled in.
+ */
+void key_entry_hash(struct key_entry_key* kk);
+
+/**
+ * Copy a key entry, to be region-allocated.
+ * @param kkey: the key entry key (and data pointer) to copy.
+ * @param region: where to allocate it
+ * @return newly region-allocated entry or NULL on a failure to allocate.
+ */
+struct key_entry_key* key_entry_copy_toregion(struct key_entry_key* kkey,
+ struct regional* region);
+
+/**
+ * Copy a key entry, malloced.
+ * @param kkey: the key entry key (and data pointer) to copy.
+ * @return newly allocated entry or NULL on a failure to allocate memory.
+ */
+struct key_entry_key* key_entry_copy(struct key_entry_key* kkey);
+
+/**
+ * See if this is a null entry. Does not do locking.
+ * @param kkey: must have data pointer set correctly
+ * @return true if it is a NULL rrset entry.
+ */
+int key_entry_isnull(struct key_entry_key* kkey);
+
+/**
+ * See if this entry is good. Does not do locking.
+ * @param kkey: must have data pointer set correctly
+ * @return true if it is good.
+ */
+int key_entry_isgood(struct key_entry_key* kkey);
+
+/**
+ * See if this entry is bad. Does not do locking.
+ * @param kkey: must have data pointer set correctly
+ * @return true if it is bad.
+ */
+int key_entry_isbad(struct key_entry_key* kkey);
+
+/**
+ * Set reason why a key is bad.
+ * @param kkey: bad key.
+ * @param reason: string to attach, you must allocate it.
+ * Not safe to call twice unless you deallocate it yourself.
+ */
+void key_entry_set_reason(struct key_entry_key* kkey, char* reason);
+
+/**
+ * Get reason why a key is bad.
+ * @param kkey: bad key
+ * @return pointer to string.
+ * String is part of key entry and is deleted with it.
+ */
+char* key_entry_get_reason(struct key_entry_key* kkey);
+
+/**
+ * Create a null entry, in the given region.
+ * @param region: where to allocate
+ * @param name: the key name
+ * @param namelen: length of name
+ * @param dclass: class of key entry. (host order);
+ * @param ttl: what ttl should the key have. relative.
+ * @param now: current time (added to ttl).
+ * @return new key entry or NULL on alloc failure
+ */
+struct key_entry_key* key_entry_create_null(struct regional* region,
+ uint8_t* name, size_t namelen, uint16_t dclass, time_t ttl,
+ time_t now);
+
+/**
+ * Create a key entry from an rrset, in the given region.
+ * @param region: where to allocate.
+ * @param name: the key name
+ * @param namelen: length of name
+ * @param dclass: class of key entry. (host order);
+ * @param rrset: data for key entry. This is copied to the region.
+ * @param sigalg: signalled algorithm list (or NULL).
+ * @param now: current time (added to ttl of rrset)
+ * @return new key entry or NULL on alloc failure
+ */
+struct key_entry_key* key_entry_create_rrset(struct regional* region,
+ uint8_t* name, size_t namelen, uint16_t dclass,
+ struct ub_packed_rrset_key* rrset, uint8_t* sigalg, time_t now);
+
+/**
+ * Create a bad entry, in the given region.
+ * @param region: where to allocate
+ * @param name: the key name
+ * @param namelen: length of name
+ * @param dclass: class of key entry. (host order);
+ * @param ttl: what ttl should the key have. relative.
+ * @param now: current time (added to ttl).
+ * @return new key entry or NULL on alloc failure
+ */
+struct key_entry_key* key_entry_create_bad(struct regional* region,
+ uint8_t* name, size_t namelen, uint16_t dclass, time_t ttl,
+ time_t now);
+
+/**
+ * Obtain rrset from a key entry, allocated in region.
+ * @param kkey: key entry to convert to a rrset.
+ * @param region: where to allocate rrset
+ * @return rrset copy; if no rrset or alloc error returns NULL.
+ */
+struct ub_packed_rrset_key* key_entry_get_rrset(struct key_entry_key* kkey,
+ struct regional* region);
+
+/**
+ * Get keysize of the keyentry.
+ * @param kkey: key, must be a good key, with contents.
+ * @return size in bits of the key.
+ */
+size_t key_entry_keysize(struct key_entry_key* kkey);
+
+#endif /* VALIDATOR_VAL_KENTRY_H */
diff --git a/external/unbound/validator/val_neg.c b/external/unbound/validator/val_neg.c
new file mode 100644
index 000000000..1d7a5c56e
--- /dev/null
+++ b/external/unbound/validator/val_neg.c
@@ -0,0 +1,1460 @@
+/*
+ * validator/val_neg.c - validator aggressive negative caching functions.
+ *
+ * Copyright (c) 2008, NLnet Labs. All rights reserved.
+ *
+ * This software is open source.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of the NLNET LABS nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/**
+ * \file
+ *
+ * This file contains helper functions for the validator module.
+ * The functions help with aggressive negative caching.
+ * This creates new denials of existance, and proofs for absence of types
+ * from cached NSEC records.
+ */
+#include "config.h"
+#ifdef HAVE_OPENSSL_SSL_H
+#include "openssl/ssl.h"
+#define NSEC3_SHA_LEN SHA_DIGEST_LENGTH
+#else
+#define NSEC3_SHA_LEN 20
+#endif
+#include "validator/val_neg.h"
+#include "validator/val_nsec.h"
+#include "validator/val_nsec3.h"
+#include "validator/val_utils.h"
+#include "util/data/dname.h"
+#include "util/data/msgreply.h"
+#include "util/log.h"
+#include "util/net_help.h"
+#include "util/config_file.h"
+#include "services/cache/rrset.h"
+#include "services/cache/dns.h"
+#include "ldns/rrdef.h"
+#include "ldns/sbuffer.h"
+
+int val_neg_data_compare(const void* a, const void* b)
+{
+ struct val_neg_data* x = (struct val_neg_data*)a;
+ struct val_neg_data* y = (struct val_neg_data*)b;
+ int m;
+ return dname_canon_lab_cmp(x->name, x->labs, y->name, y->labs, &m);
+}
+
+int val_neg_zone_compare(const void* a, const void* b)
+{
+ struct val_neg_zone* x = (struct val_neg_zone*)a;
+ struct val_neg_zone* y = (struct val_neg_zone*)b;
+ int m;
+ if(x->dclass != y->dclass) {
+ if(x->dclass < y->dclass)
+ return -1;
+ return 1;
+ }
+ return dname_canon_lab_cmp(x->name, x->labs, y->name, y->labs, &m);
+}
+
+struct val_neg_cache* val_neg_create(struct config_file* cfg, size_t maxiter)
+{
+ struct val_neg_cache* neg = (struct val_neg_cache*)calloc(1,
+ sizeof(*neg));
+ if(!neg) {
+ log_err("Could not create neg cache: out of memory");
+ return NULL;
+ }
+ neg->nsec3_max_iter = maxiter;
+ neg->max = 1024*1024; /* 1 M is thousands of entries */
+ if(cfg) neg->max = cfg->neg_cache_size;
+ rbtree_init(&neg->tree, &val_neg_zone_compare);
+ lock_basic_init(&neg->lock);
+ lock_protect(&neg->lock, neg, sizeof(*neg));
+ return neg;
+}
+
+size_t val_neg_get_mem(struct val_neg_cache* neg)
+{
+ size_t result;
+ lock_basic_lock(&neg->lock);
+ result = sizeof(*neg) + neg->use;
+ lock_basic_unlock(&neg->lock);
+ return result;
+}
+
+/** clear datas on cache deletion */
+static void
+neg_clear_datas(rbnode_t* n, void* ATTR_UNUSED(arg))
+{
+ struct val_neg_data* d = (struct val_neg_data*)n;
+ free(d->name);
+ free(d);
+}
+
+/** clear zones on cache deletion */
+static void
+neg_clear_zones(rbnode_t* n, void* ATTR_UNUSED(arg))
+{
+ struct val_neg_zone* z = (struct val_neg_zone*)n;
+ /* delete all the rrset entries in the tree */
+ traverse_postorder(&z->tree, &neg_clear_datas, NULL);
+ free(z->nsec3_salt);
+ free(z->name);
+ free(z);
+}
+
+void neg_cache_delete(struct val_neg_cache* neg)
+{
+ if(!neg) return;
+ lock_basic_destroy(&neg->lock);
+ /* delete all the zones in the tree */
+ traverse_postorder(&neg->tree, &neg_clear_zones, NULL);
+ free(neg);
+}
+
+/**
+ * Put data element at the front of the LRU list.
+ * @param neg: negative cache with LRU start and end.
+ * @param data: this data is fronted.
+ */
+static void neg_lru_front(struct val_neg_cache* neg,
+ struct val_neg_data* data)
+{
+ data->prev = NULL;
+ data->next = neg->first;
+ if(!neg->first)
+ neg->last = data;
+ else neg->first->prev = data;
+ neg->first = data;
+}
+
+/**
+ * Remove data element from LRU list.
+ * @param neg: negative cache with LRU start and end.
+ * @param data: this data is removed from the list.
+ */
+static void neg_lru_remove(struct val_neg_cache* neg,
+ struct val_neg_data* data)
+{
+ if(data->prev)
+ data->prev->next = data->next;
+ else neg->first = data->next;
+ if(data->next)
+ data->next->prev = data->prev;
+ else neg->last = data->prev;
+}
+
+/**
+ * Touch LRU for data element, put it at the start of the LRU list.
+ * @param neg: negative cache with LRU start and end.
+ * @param data: this data is used.
+ */
+static void neg_lru_touch(struct val_neg_cache* neg,
+ struct val_neg_data* data)
+{
+ if(data == neg->first)
+ return; /* nothing to do */
+ /* remove from current lru position */
+ neg_lru_remove(neg, data);
+ /* add at front */
+ neg_lru_front(neg, data);
+}
+
+/**
+ * Delete a zone element from the negative cache.
+ * May delete other zone elements to keep tree coherent, or
+ * only mark the element as 'not in use'.
+ * @param neg: negative cache.
+ * @param z: zone element to delete.
+ */
+static void neg_delete_zone(struct val_neg_cache* neg, struct val_neg_zone* z)
+{
+ struct val_neg_zone* p, *np;
+ if(!z) return;
+ log_assert(z->in_use);
+ log_assert(z->count > 0);
+ z->in_use = 0;
+
+ /* go up the tree and reduce counts */
+ p = z;
+ while(p) {
+ log_assert(p->count > 0);
+ p->count --;
+ p = p->parent;
+ }
+
+ /* remove zones with zero count */
+ p = z;
+ while(p && p->count == 0) {
+ np = p->parent;
+ (void)rbtree_delete(&neg->tree, &p->node);
+ neg->use -= p->len + sizeof(*p);
+ free(p->nsec3_salt);
+ free(p->name);
+ free(p);
+ p = np;
+ }
+}
+
+void neg_delete_data(struct val_neg_cache* neg, struct val_neg_data* el)
+{
+ struct val_neg_zone* z;
+ struct val_neg_data* p, *np;
+ if(!el) return;
+ z = el->zone;
+ log_assert(el->in_use);
+ log_assert(el->count > 0);
+ el->in_use = 0;
+
+ /* remove it from the lru list */
+ neg_lru_remove(neg, el);
+
+ /* go up the tree and reduce counts */
+ p = el;
+ while(p) {
+ log_assert(p->count > 0);
+ p->count --;
+ p = p->parent;
+ }
+
+ /* delete 0 count items from tree */
+ p = el;
+ while(p && p->count == 0) {
+ np = p->parent;
+ (void)rbtree_delete(&z->tree, &p->node);
+ neg->use -= p->len + sizeof(*p);
+ free(p->name);
+ free(p);
+ p = np;
+ }
+
+ /* check if the zone is now unused */
+ if(z->tree.count == 0) {
+ neg_delete_zone(neg, z);
+ }
+}
+
+/**
+ * Create more space in negative cache
+ * The oldest elements are deleted until enough space is present.
+ * Empty zones are deleted.
+ * @param neg: negative cache.
+ * @param need: how many bytes are needed.
+ */
+static void neg_make_space(struct val_neg_cache* neg, size_t need)
+{
+ /* delete elements until enough space or its empty */
+ while(neg->last && neg->max < neg->use + need) {
+ neg_delete_data(neg, neg->last);
+ }
+}
+
+struct val_neg_zone* neg_find_zone(struct val_neg_cache* neg,
+ uint8_t* nm, size_t len, uint16_t dclass)
+{
+ struct val_neg_zone lookfor;
+ struct val_neg_zone* result;
+ lookfor.node.key = &lookfor;
+ lookfor.name = nm;
+ lookfor.len = len;
+ lookfor.labs = dname_count_labels(lookfor.name);
+ lookfor.dclass = dclass;
+
+ result = (struct val_neg_zone*)
+ rbtree_search(&neg->tree, lookfor.node.key);
+ return result;
+}
+
+/**
+ * Find the given data
+ * @param zone: negative zone
+ * @param nm: what to look for.
+ * @param len: length of nm
+ * @param labs: labels in nm
+ * @return data or NULL if not found.
+ */
+static struct val_neg_data* neg_find_data(struct val_neg_zone* zone,
+ uint8_t* nm, size_t len, int labs)
+{
+ struct val_neg_data lookfor;
+ struct val_neg_data* result;
+ lookfor.node.key = &lookfor;
+ lookfor.name = nm;
+ lookfor.len = len;
+ lookfor.labs = labs;
+
+ result = (struct val_neg_data*)
+ rbtree_search(&zone->tree, lookfor.node.key);
+ return result;
+}
+
+/**
+ * Calculate space needed for the data and all its parents
+ * @param rep: NSEC entries.
+ * @return size.
+ */
+static size_t calc_data_need(struct reply_info* rep)
+{
+ uint8_t* d;
+ size_t i, len, res = 0;
+
+ for(i=rep->an_numrrsets; i<rep->an_numrrsets+rep->ns_numrrsets; i++) {
+ if(ntohs(rep->rrsets[i]->rk.type) == LDNS_RR_TYPE_NSEC) {
+ d = rep->rrsets[i]->rk.dname;
+ len = rep->rrsets[i]->rk.dname_len;
+ res = sizeof(struct val_neg_data) + len;
+ while(!dname_is_root(d)) {
+ log_assert(len > 1); /* not root label */
+ dname_remove_label(&d, &len);
+ res += sizeof(struct val_neg_data) + len;
+ }
+ }
+ }
+ return res;
+}
+
+/**
+ * Calculate space needed for zone and all its parents
+ * @param d: name of zone
+ * @param len: length of name
+ * @return size.
+ */
+static size_t calc_zone_need(uint8_t* d, size_t len)
+{
+ size_t res = sizeof(struct val_neg_zone) + len;
+ while(!dname_is_root(d)) {
+ log_assert(len > 1); /* not root label */
+ dname_remove_label(&d, &len);
+ res += sizeof(struct val_neg_zone) + len;
+ }
+ return res;
+}
+
+/**
+ * Find closest existing parent zone of the given name.
+ * @param neg: negative cache.
+ * @param nm: name to look for
+ * @param nm_len: length of nm
+ * @param labs: labelcount of nm.
+ * @param qclass: class.
+ * @return the zone or NULL if none found.
+ */
+static struct val_neg_zone* neg_closest_zone_parent(struct val_neg_cache* neg,
+ uint8_t* nm, size_t nm_len, int labs, uint16_t qclass)
+{
+ struct val_neg_zone key;
+ struct val_neg_zone* result;
+ rbnode_t* res = NULL;
+ key.node.key = &key;
+ key.name = nm;
+ key.len = nm_len;
+ key.labs = labs;
+ key.dclass = qclass;
+ if(rbtree_find_less_equal(&neg->tree, &key, &res)) {
+ /* exact match */
+ result = (struct val_neg_zone*)res;
+ } else {
+ /* smaller element (or no element) */
+ int m;
+ result = (struct val_neg_zone*)res;
+ if(!result || result->dclass != qclass)
+ return NULL;
+ /* count number of labels matched */
+ (void)dname_lab_cmp(result->name, result->labs, key.name,
+ key.labs, &m);
+ while(result) { /* go up until qname is subdomain of stub */
+ if(result->labs <= m)
+ break;
+ result = result->parent;
+ }
+ }
+ return result;
+}
+
+/**
+ * Find closest existing parent data for the given name.
+ * @param zone: to look in.
+ * @param nm: name to look for
+ * @param nm_len: length of nm
+ * @param labs: labelcount of nm.
+ * @return the data or NULL if none found.
+ */
+static struct val_neg_data* neg_closest_data_parent(
+ struct val_neg_zone* zone, uint8_t* nm, size_t nm_len, int labs)
+{
+ struct val_neg_data key;
+ struct val_neg_data* result;
+ rbnode_t* res = NULL;
+ key.node.key = &key;
+ key.name = nm;
+ key.len = nm_len;
+ key.labs = labs;
+ if(rbtree_find_less_equal(&zone->tree, &key, &res)) {
+ /* exact match */
+ result = (struct val_neg_data*)res;
+ } else {
+ /* smaller element (or no element) */
+ int m;
+ result = (struct val_neg_data*)res;
+ if(!result)
+ return NULL;
+ /* count number of labels matched */
+ (void)dname_lab_cmp(result->name, result->labs, key.name,
+ key.labs, &m);
+ while(result) { /* go up until qname is subdomain of stub */
+ if(result->labs <= m)
+ break;
+ result = result->parent;
+ }
+ }
+ return result;
+}
+
+/**
+ * Create a single zone node
+ * @param nm: name for zone (copied)
+ * @param nm_len: length of name
+ * @param labs: labels in name.
+ * @param dclass: class of zone, host order.
+ * @return new zone or NULL on failure
+ */
+static struct val_neg_zone* neg_setup_zone_node(
+ uint8_t* nm, size_t nm_len, int labs, uint16_t dclass)
+{
+ struct val_neg_zone* zone =
+ (struct val_neg_zone*)calloc(1, sizeof(*zone));
+ if(!zone) {
+ return NULL;
+ }
+ zone->node.key = zone;
+ zone->name = memdup(nm, nm_len);
+ if(!zone->name) {
+ free(zone);
+ return NULL;
+ }
+ zone->len = nm_len;
+ zone->labs = labs;
+ zone->dclass = dclass;
+
+ rbtree_init(&zone->tree, &val_neg_data_compare);
+ return zone;
+}
+
+/**
+ * Create a linked list of parent zones, starting at longname ending on
+ * the parent (can be NULL, creates to the root).
+ * @param nm: name for lowest in chain
+ * @param nm_len: length of name
+ * @param labs: labels in name.
+ * @param dclass: class of zone.
+ * @param parent: NULL for to root, else so it fits under here.
+ * @return zone; a chain of zones and their parents up to the parent.
+ * or NULL on malloc failure
+ */
+static struct val_neg_zone* neg_zone_chain(
+ uint8_t* nm, size_t nm_len, int labs, uint16_t dclass,
+ struct val_neg_zone* parent)
+{
+ int i;
+ int tolabs = parent?parent->labs:0;
+ struct val_neg_zone* zone, *prev = NULL, *first = NULL;
+
+ /* create the new subtree, i is labelcount of current creation */
+ /* this creates a 'first' to z->parent=NULL list of zones */
+ for(i=labs; i!=tolabs; i--) {
+ /* create new item */
+ zone = neg_setup_zone_node(nm, nm_len, i, dclass);
+ if(!zone) {
+ /* need to delete other allocations in this routine!*/
+ struct val_neg_zone* p=first, *np;
+ while(p) {
+ np = p->parent;
+ free(p->name);
+ free(p);
+ p = np;
+ }
+ return NULL;
+ }
+ if(i == labs) {
+ first = zone;
+ } else {
+ prev->parent = zone;
+ }
+ /* prepare for next name */
+ prev = zone;
+ dname_remove_label(&nm, &nm_len);
+ }
+ return first;
+}
+
+void val_neg_zone_take_inuse(struct val_neg_zone* zone)
+{
+ if(!zone->in_use) {
+ struct val_neg_zone* p;
+ zone->in_use = 1;
+ /* increase usage count of all parents */
+ for(p=zone; p; p = p->parent) {
+ p->count++;
+ }
+ }
+}
+
+struct val_neg_zone* neg_create_zone(struct val_neg_cache* neg,
+ uint8_t* nm, size_t nm_len, uint16_t dclass)
+{
+ struct val_neg_zone* zone;
+ struct val_neg_zone* parent;
+ struct val_neg_zone* p, *np;
+ int labs = dname_count_labels(nm);
+
+ /* find closest enclosing parent zone that (still) exists */
+ parent = neg_closest_zone_parent(neg, nm, nm_len, labs, dclass);
+ if(parent && query_dname_compare(parent->name, nm) == 0)
+ return parent; /* already exists, weird */
+ /* if parent exists, it is in use */
+ log_assert(!parent || parent->count > 0);
+ zone = neg_zone_chain(nm, nm_len, labs, dclass, parent);
+ if(!zone) {
+ return NULL;
+ }
+
+ /* insert the list of zones into the tree */
+ p = zone;
+ while(p) {
+ np = p->parent;
+ /* mem use */
+ neg->use += sizeof(struct val_neg_zone) + p->len;
+ /* insert in tree */
+ (void)rbtree_insert(&neg->tree, &p->node);
+ /* last one needs proper parent pointer */
+ if(np == NULL)
+ p->parent = parent;
+ p = np;
+ }
+ return zone;
+}
+
+/** find zone name of message, returns the SOA record */
+static struct ub_packed_rrset_key* reply_find_soa(struct reply_info* rep)
+{
+ size_t i;
+ for(i=rep->an_numrrsets; i< rep->an_numrrsets+rep->ns_numrrsets; i++){
+ if(ntohs(rep->rrsets[i]->rk.type) == LDNS_RR_TYPE_SOA)
+ return rep->rrsets[i];
+ }
+ return NULL;
+}
+
+/** see if the reply has NSEC records worthy of caching */
+static int reply_has_nsec(struct reply_info* rep)
+{
+ size_t i;
+ struct packed_rrset_data* d;
+ if(rep->security != sec_status_secure)
+ return 0;
+ for(i=rep->an_numrrsets; i< rep->an_numrrsets+rep->ns_numrrsets; i++){
+ if(ntohs(rep->rrsets[i]->rk.type) == LDNS_RR_TYPE_NSEC) {
+ d = (struct packed_rrset_data*)rep->rrsets[i]->
+ entry.data;
+ if(d->security == sec_status_secure)
+ return 1;
+ }
+ }
+ return 0;
+}
+
+
+/**
+ * Create single node of data element.
+ * @param nm: name (copied)
+ * @param nm_len: length of name
+ * @param labs: labels in name.
+ * @return element with name nm, or NULL malloc failure.
+ */
+static struct val_neg_data* neg_setup_data_node(
+ uint8_t* nm, size_t nm_len, int labs)
+{
+ struct val_neg_data* el;
+ el = (struct val_neg_data*)calloc(1, sizeof(*el));
+ if(!el) {
+ return NULL;
+ }
+ el->node.key = el;
+ el->name = memdup(nm, nm_len);
+ if(!el->name) {
+ free(el);
+ return NULL;
+ }
+ el->len = nm_len;
+ el->labs = labs;
+ return el;
+}
+
+/**
+ * Create chain of data element and parents
+ * @param nm: name
+ * @param nm_len: length of name
+ * @param labs: labels in name.
+ * @param parent: up to where to make, if NULL up to root label.
+ * @return lowest element with name nm, or NULL malloc failure.
+ */
+static struct val_neg_data* neg_data_chain(
+ uint8_t* nm, size_t nm_len, int labs, struct val_neg_data* parent)
+{
+ int i;
+ int tolabs = parent?parent->labs:0;
+ struct val_neg_data* el, *first = NULL, *prev = NULL;
+
+ /* create the new subtree, i is labelcount of current creation */
+ /* this creates a 'first' to z->parent=NULL list of zones */
+ for(i=labs; i!=tolabs; i--) {
+ /* create new item */
+ el = neg_setup_data_node(nm, nm_len, i);
+ if(!el) {
+ /* need to delete other allocations in this routine!*/
+ struct val_neg_data* p = first, *np;
+ while(p) {
+ np = p->parent;
+ free(p->name);
+ free(p);
+ p = np;
+ }
+ return NULL;
+ }
+ if(i == labs) {
+ first = el;
+ } else {
+ prev->parent = el;
+ }
+
+ /* prepare for next name */
+ prev = el;
+ dname_remove_label(&nm, &nm_len);
+ }
+ return first;
+}
+
+/**
+ * Remove NSEC records between start and end points.
+ * By walking the tree, the tree is sorted canonically.
+ * @param neg: negative cache.
+ * @param zone: the zone
+ * @param el: element to start walking at.
+ * @param nsec: the nsec record with the end point
+ */
+static void wipeout(struct val_neg_cache* neg, struct val_neg_zone* zone,
+ struct val_neg_data* el, struct ub_packed_rrset_key* nsec)
+{
+ struct packed_rrset_data* d = (struct packed_rrset_data*)nsec->
+ entry.data;
+ uint8_t* end;
+ size_t end_len;
+ int end_labs, m;
+ rbnode_t* walk, *next;
+ struct val_neg_data* cur;
+ uint8_t buf[257];
+ /* get endpoint */
+ if(!d || d->count == 0 || d->rr_len[0] < 2+1)
+ return;
+ if(ntohs(nsec->rk.type) == LDNS_RR_TYPE_NSEC) {
+ end = d->rr_data[0]+2;
+ end_len = dname_valid(end, d->rr_len[0]-2);
+ end_labs = dname_count_labels(end);
+ } else {
+ /* NSEC3 */
+ if(!nsec3_get_nextowner_b32(nsec, 0, buf, sizeof(buf)))
+ return;
+ end = buf;
+ end_labs = dname_count_size_labels(end, &end_len);
+ }
+
+ /* sanity check, both owner and end must be below the zone apex */
+ if(!dname_subdomain_c(el->name, zone->name) ||
+ !dname_subdomain_c(end, zone->name))
+ return;
+
+ /* detect end of zone NSEC ; wipe until the end of zone */
+ if(query_dname_compare(end, zone->name) == 0) {
+ end = NULL;
+ }
+
+ walk = rbtree_next(&el->node);
+ while(walk && walk != RBTREE_NULL) {
+ cur = (struct val_neg_data*)walk;
+ /* sanity check: must be larger than start */
+ if(dname_canon_lab_cmp(cur->name, cur->labs,
+ el->name, el->labs, &m) <= 0) {
+ /* r == 0 skip original record. */
+ /* r < 0 too small! */
+ walk = rbtree_next(walk);
+ continue;
+ }
+ /* stop at endpoint, also data at empty nonterminals must be
+ * removed (no NSECs there) so everything between
+ * start and end */
+ if(end && dname_canon_lab_cmp(cur->name, cur->labs,
+ end, end_labs, &m) >= 0) {
+ break;
+ }
+ /* this element has to be deleted, but we cannot do it
+ * now, because we are walking the tree still ... */
+ /* get the next element: */
+ next = rbtree_next(walk);
+ /* now delete the original element, this may trigger
+ * rbtree rebalances, but really, the next element is
+ * the one we need.
+ * But it may trigger delete of other data and the
+ * entire zone. However, if that happens, this is done
+ * by deleting the *parents* of the element for deletion,
+ * and maybe also the entire zone if it is empty.
+ * But parents are smaller in canonical compare, thus,
+ * if a larger element exists, then it is not a parent,
+ * it cannot get deleted, the zone cannot get empty.
+ * If the next==NULL, then zone can be empty. */
+ if(cur->in_use)
+ neg_delete_data(neg, cur);
+ walk = next;
+ }
+}
+
+void neg_insert_data(struct val_neg_cache* neg,
+ struct val_neg_zone* zone, struct ub_packed_rrset_key* nsec)
+{
+ struct packed_rrset_data* d;
+ struct val_neg_data* parent;
+ struct val_neg_data* el;
+ uint8_t* nm = nsec->rk.dname;
+ size_t nm_len = nsec->rk.dname_len;
+ int labs = dname_count_labels(nsec->rk.dname);
+
+ d = (struct packed_rrset_data*)nsec->entry.data;
+ if( !(d->security == sec_status_secure ||
+ (d->security == sec_status_unchecked && d->rrsig_count > 0)))
+ return;
+ log_nametypeclass(VERB_ALGO, "negcache rr",
+ nsec->rk.dname, ntohs(nsec->rk.type),
+ ntohs(nsec->rk.rrset_class));
+
+ /* find closest enclosing parent data that (still) exists */
+ parent = neg_closest_data_parent(zone, nm, nm_len, labs);
+ if(parent && query_dname_compare(parent->name, nm) == 0) {
+ /* perfect match already exists */
+ log_assert(parent->count > 0);
+ el = parent;
+ } else {
+ struct val_neg_data* p, *np;
+
+ /* create subtree for perfect match */
+ /* if parent exists, it is in use */
+ log_assert(!parent || parent->count > 0);
+
+ el = neg_data_chain(nm, nm_len, labs, parent);
+ if(!el) {
+ log_err("out of memory inserting NSEC negative cache");
+ return;
+ }
+ el->in_use = 0; /* set on below */
+
+ /* insert the list of zones into the tree */
+ p = el;
+ while(p) {
+ np = p->parent;
+ /* mem use */
+ neg->use += sizeof(struct val_neg_data) + p->len;
+ /* insert in tree */
+ p->zone = zone;
+ (void)rbtree_insert(&zone->tree, &p->node);
+ /* last one needs proper parent pointer */
+ if(np == NULL)
+ p->parent = parent;
+ p = np;
+ }
+ }
+
+ if(!el->in_use) {
+ struct val_neg_data* p;
+
+ el->in_use = 1;
+ /* increase usage count of all parents */
+ for(p=el; p; p = p->parent) {
+ p->count++;
+ }
+
+ neg_lru_front(neg, el);
+ } else {
+ /* in use, bring to front, lru */
+ neg_lru_touch(neg, el);
+ }
+
+ /* if nsec3 store last used parameters */
+ if(ntohs(nsec->rk.type) == LDNS_RR_TYPE_NSEC3) {
+ int h;
+ uint8_t* s;
+ size_t slen, it;
+ if(nsec3_get_params(nsec, 0, &h, &it, &s, &slen) &&
+ it <= neg->nsec3_max_iter &&
+ (h != zone->nsec3_hash || it != zone->nsec3_iter ||
+ slen != zone->nsec3_saltlen ||
+ memcmp(zone->nsec3_salt, s, slen) != 0)) {
+ uint8_t* sa = memdup(s, slen);
+ if(sa) {
+ free(zone->nsec3_salt);
+ zone->nsec3_salt = sa;
+ zone->nsec3_saltlen = slen;
+ zone->nsec3_hash = h;
+ zone->nsec3_iter = it;
+ }
+ }
+ }
+
+ /* wipe out the cache items between NSEC start and end */
+ wipeout(neg, zone, el, nsec);
+}
+
+void val_neg_addreply(struct val_neg_cache* neg, struct reply_info* rep)
+{
+ size_t i, need;
+ struct ub_packed_rrset_key* soa;
+ struct val_neg_zone* zone;
+ /* see if secure nsecs inside */
+ if(!reply_has_nsec(rep))
+ return;
+ /* find the zone name in message */
+ soa = reply_find_soa(rep);
+ if(!soa)
+ return;
+
+ log_nametypeclass(VERB_ALGO, "negcache insert for zone",
+ soa->rk.dname, LDNS_RR_TYPE_SOA, ntohs(soa->rk.rrset_class));
+
+ /* ask for enough space to store all of it */
+ need = calc_data_need(rep) +
+ calc_zone_need(soa->rk.dname, soa->rk.dname_len);
+ lock_basic_lock(&neg->lock);
+ neg_make_space(neg, need);
+
+ /* find or create the zone entry */
+ zone = neg_find_zone(neg, soa->rk.dname, soa->rk.dname_len,
+ ntohs(soa->rk.rrset_class));
+ if(!zone) {
+ if(!(zone = neg_create_zone(neg, soa->rk.dname,
+ soa->rk.dname_len, ntohs(soa->rk.rrset_class)))) {
+ lock_basic_unlock(&neg->lock);
+ log_err("out of memory adding negative zone");
+ return;
+ }
+ }
+ val_neg_zone_take_inuse(zone);
+
+ /* insert the NSECs */
+ for(i=rep->an_numrrsets; i< rep->an_numrrsets+rep->ns_numrrsets; i++){
+ if(ntohs(rep->rrsets[i]->rk.type) != LDNS_RR_TYPE_NSEC)
+ continue;
+ if(!dname_subdomain_c(rep->rrsets[i]->rk.dname,
+ zone->name)) continue;
+ /* insert NSEC into this zone's tree */
+ neg_insert_data(neg, zone, rep->rrsets[i]);
+ }
+ if(zone->tree.count == 0) {
+ /* remove empty zone if inserts failed */
+ neg_delete_zone(neg, zone);
+ }
+ lock_basic_unlock(&neg->lock);
+}
+
+/**
+ * Lookup closest data record. For NSEC denial.
+ * @param zone: zone to look in
+ * @param qname: name to look for.
+ * @param len: length of name
+ * @param labs: labels in name
+ * @param data: data element, exact or smaller or NULL
+ * @return true if exact match.
+ */
+static int neg_closest_data(struct val_neg_zone* zone,
+ uint8_t* qname, size_t len, int labs, struct val_neg_data** data)
+{
+ struct val_neg_data key;
+ rbnode_t* r;
+ key.node.key = &key;
+ key.name = qname;
+ key.len = len;
+ key.labs = labs;
+ if(rbtree_find_less_equal(&zone->tree, &key, &r)) {
+ /* exact match */
+ *data = (struct val_neg_data*)r;
+ return 1;
+ } else {
+ /* smaller match */
+ *data = (struct val_neg_data*)r;
+ return 0;
+ }
+}
+
+int val_neg_dlvlookup(struct val_neg_cache* neg, uint8_t* qname, size_t len,
+ uint16_t qclass, struct rrset_cache* rrset_cache, time_t now)
+{
+ /* lookup closest zone */
+ struct val_neg_zone* zone;
+ struct val_neg_data* data;
+ int labs;
+ struct ub_packed_rrset_key* nsec;
+ struct packed_rrset_data* d;
+ uint32_t flags;
+ uint8_t* wc;
+ struct query_info qinfo;
+ if(!neg) return 0;
+
+ log_nametypeclass(VERB_ALGO, "negcache dlvlookup", qname,
+ LDNS_RR_TYPE_DLV, qclass);
+
+ labs = dname_count_labels(qname);
+ lock_basic_lock(&neg->lock);
+ zone = neg_closest_zone_parent(neg, qname, len, labs, qclass);
+ while(zone && !zone->in_use)
+ zone = zone->parent;
+ if(!zone) {
+ lock_basic_unlock(&neg->lock);
+ return 0;
+ }
+ log_nametypeclass(VERB_ALGO, "negcache zone", zone->name, 0,
+ zone->dclass);
+
+ /* DLV is defined to use NSEC only */
+ if(zone->nsec3_hash) {
+ lock_basic_unlock(&neg->lock);
+ return 0;
+ }
+
+ /* lookup closest data record */
+ (void)neg_closest_data(zone, qname, len, labs, &data);
+ while(data && !data->in_use)
+ data = data->parent;
+ if(!data) {
+ lock_basic_unlock(&neg->lock);
+ return 0;
+ }
+ log_nametypeclass(VERB_ALGO, "negcache rr", data->name,
+ LDNS_RR_TYPE_NSEC, zone->dclass);
+
+ /* lookup rrset in rrset cache */
+ flags = 0;
+ if(query_dname_compare(data->name, zone->name) == 0)
+ flags = PACKED_RRSET_NSEC_AT_APEX;
+ nsec = rrset_cache_lookup(rrset_cache, data->name, data->len,
+ LDNS_RR_TYPE_NSEC, zone->dclass, flags, now, 0);
+
+ /* check if secure and TTL ok */
+ if(!nsec) {
+ lock_basic_unlock(&neg->lock);
+ return 0;
+ }
+ d = (struct packed_rrset_data*)nsec->entry.data;
+ if(!d || now > d->ttl) {
+ lock_rw_unlock(&nsec->entry.lock);
+ /* delete data record if expired */
+ neg_delete_data(neg, data);
+ lock_basic_unlock(&neg->lock);
+ return 0;
+ }
+ if(d->security != sec_status_secure) {
+ lock_rw_unlock(&nsec->entry.lock);
+ neg_delete_data(neg, data);
+ lock_basic_unlock(&neg->lock);
+ return 0;
+ }
+ verbose(VERB_ALGO, "negcache got secure rrset");
+
+ /* check NSEC security */
+ /* check if NSEC proves no DLV type exists */
+ /* check if NSEC proves NXDOMAIN for qname */
+ qinfo.qname = qname;
+ qinfo.qtype = LDNS_RR_TYPE_DLV;
+ qinfo.qclass = qclass;
+ if(!nsec_proves_nodata(nsec, &qinfo, &wc) &&
+ !val_nsec_proves_name_error(nsec, qname)) {
+ /* the NSEC is not a denial for the DLV */
+ lock_rw_unlock(&nsec->entry.lock);
+ lock_basic_unlock(&neg->lock);
+ verbose(VERB_ALGO, "negcache not proven");
+ return 0;
+ }
+ /* so the NSEC was a NODATA proof, or NXDOMAIN proof. */
+
+ /* no need to check for wildcard NSEC; no wildcards in DLV repos */
+ /* no need to lookup SOA record for client; no response message */
+
+ lock_rw_unlock(&nsec->entry.lock);
+ /* if OK touch the LRU for neg_data element */
+ neg_lru_touch(neg, data);
+ lock_basic_unlock(&neg->lock);
+ verbose(VERB_ALGO, "negcache DLV denial proven");
+ return 1;
+}
+
+/** see if the reply has signed NSEC records and return the signer */
+static uint8_t* reply_nsec_signer(struct reply_info* rep, size_t* signer_len,
+ uint16_t* dclass)
+{
+ size_t i;
+ struct packed_rrset_data* d;
+ uint8_t* s;
+ for(i=rep->an_numrrsets; i< rep->an_numrrsets+rep->ns_numrrsets; i++){
+ if(ntohs(rep->rrsets[i]->rk.type) == LDNS_RR_TYPE_NSEC ||
+ ntohs(rep->rrsets[i]->rk.type) == LDNS_RR_TYPE_NSEC3) {
+ d = (struct packed_rrset_data*)rep->rrsets[i]->
+ entry.data;
+ /* return first signer name of first NSEC */
+ if(d->rrsig_count != 0) {
+ val_find_rrset_signer(rep->rrsets[i],
+ &s, signer_len);
+ if(s && *signer_len) {
+ *dclass = ntohs(rep->rrsets[i]->
+ rk.rrset_class);
+ return s;
+ }
+ }
+ }
+ }
+ return 0;
+}
+
+void val_neg_addreferral(struct val_neg_cache* neg, struct reply_info* rep,
+ uint8_t* zone_name)
+{
+ size_t i, need;
+ uint8_t* signer;
+ size_t signer_len;
+ uint16_t dclass;
+ struct val_neg_zone* zone;
+ /* no SOA in this message, find RRSIG over NSEC's signer name.
+ * note the NSEC records are maybe not validated yet */
+ signer = reply_nsec_signer(rep, &signer_len, &dclass);
+ if(!signer)
+ return;
+ if(!dname_subdomain_c(signer, zone_name)) {
+ /* the signer is not in the bailiwick, throw it out */
+ return;
+ }
+
+ log_nametypeclass(VERB_ALGO, "negcache insert referral ",
+ signer, LDNS_RR_TYPE_NS, dclass);
+
+ /* ask for enough space to store all of it */
+ need = calc_data_need(rep) + calc_zone_need(signer, signer_len);
+ lock_basic_lock(&neg->lock);
+ neg_make_space(neg, need);
+
+ /* find or create the zone entry */
+ zone = neg_find_zone(neg, signer, signer_len, dclass);
+ if(!zone) {
+ if(!(zone = neg_create_zone(neg, signer, signer_len,
+ dclass))) {
+ lock_basic_unlock(&neg->lock);
+ log_err("out of memory adding negative zone");
+ return;
+ }
+ }
+ val_neg_zone_take_inuse(zone);
+
+ /* insert the NSECs */
+ for(i=rep->an_numrrsets; i< rep->an_numrrsets+rep->ns_numrrsets; i++){
+ if(ntohs(rep->rrsets[i]->rk.type) != LDNS_RR_TYPE_NSEC &&
+ ntohs(rep->rrsets[i]->rk.type) != LDNS_RR_TYPE_NSEC3)
+ continue;
+ if(!dname_subdomain_c(rep->rrsets[i]->rk.dname,
+ zone->name)) continue;
+ /* insert NSEC into this zone's tree */
+ neg_insert_data(neg, zone, rep->rrsets[i]);
+ }
+ if(zone->tree.count == 0) {
+ /* remove empty zone if inserts failed */
+ neg_delete_zone(neg, zone);
+ }
+ lock_basic_unlock(&neg->lock);
+}
+
+/**
+ * Check that an NSEC3 rrset does not have a type set.
+ * None of the nsec3s in a hash-collision are allowed to have the type.
+ * (since we do not know which one is the nsec3 looked at, flags, ..., we
+ * ignore the cached item and let it bypass negative caching).
+ * @param k: the nsec3 rrset to check.
+ * @param t: type to check
+ * @return true if no RRs have the type.
+ */
+static int nsec3_no_type(struct ub_packed_rrset_key* k, uint16_t t)
+{
+ int count = (int)((struct packed_rrset_data*)k->entry.data)->count;
+ int i;
+ for(i=0; i<count; i++)
+ if(nsec3_has_type(k, i, t))
+ return 0;
+ return 1;
+}
+
+/**
+ * See if rrset exists in rrset cache.
+ * If it does, the bit is checked, and if not expired, it is returned
+ * allocated in region.
+ * @param rrset_cache: rrset cache
+ * @param qname: to lookup rrset name
+ * @param qname_len: length of qname.
+ * @param qtype: type of rrset to lookup, host order
+ * @param qclass: class of rrset to lookup, host order
+ * @param flags: flags for rrset to lookup
+ * @param region: where to alloc result
+ * @param checkbit: if true, a bit in the nsec typemap is checked for absence.
+ * @param checktype: which bit to check
+ * @param now: to check ttl against
+ * @return rrset or NULL
+ */
+static struct ub_packed_rrset_key*
+grab_nsec(struct rrset_cache* rrset_cache, uint8_t* qname, size_t qname_len,
+ uint16_t qtype, uint16_t qclass, uint32_t flags,
+ struct regional* region, int checkbit, uint16_t checktype,
+ time_t now)
+{
+ struct ub_packed_rrset_key* r, *k = rrset_cache_lookup(rrset_cache,
+ qname, qname_len, qtype, qclass, flags, now, 0);
+ struct packed_rrset_data* d;
+ if(!k) return NULL;
+ d = (struct packed_rrset_data*)k->entry.data;
+ if(d->ttl < now) {
+ lock_rw_unlock(&k->entry.lock);
+ return NULL;
+ }
+ /* only secure or unchecked records that have signatures. */
+ if( ! ( d->security == sec_status_secure ||
+ (d->security == sec_status_unchecked &&
+ d->rrsig_count > 0) ) ) {
+ lock_rw_unlock(&k->entry.lock);
+ return NULL;
+ }
+ /* check if checktype is absent */
+ if(checkbit && (
+ (qtype == LDNS_RR_TYPE_NSEC && nsec_has_type(k, checktype)) ||
+ (qtype == LDNS_RR_TYPE_NSEC3 && !nsec3_no_type(k, checktype))
+ )) {
+ lock_rw_unlock(&k->entry.lock);
+ return NULL;
+ }
+ /* looks OK! copy to region and return it */
+ r = packed_rrset_copy_region(k, region, now);
+ /* if it failed, we return the NULL */
+ lock_rw_unlock(&k->entry.lock);
+ return r;
+}
+
+/** find nsec3 closest encloser in neg cache */
+static struct val_neg_data*
+neg_find_nsec3_ce(struct val_neg_zone* zone, uint8_t* qname, size_t qname_len,
+ int qlabs, sldns_buffer* buf, uint8_t* hashnc, size_t* nclen)
+{
+ struct val_neg_data* data;
+ uint8_t hashce[NSEC3_SHA_LEN];
+ uint8_t b32[257];
+ size_t celen, b32len;
+
+ *nclen = 0;
+ while(qlabs > 0) {
+ /* hash */
+ if(!(celen=nsec3_get_hashed(buf, qname, qname_len,
+ zone->nsec3_hash, zone->nsec3_iter, zone->nsec3_salt,
+ zone->nsec3_saltlen, hashce, sizeof(hashce))))
+ return NULL;
+ if(!(b32len=nsec3_hash_to_b32(hashce, celen, zone->name,
+ zone->len, b32, sizeof(b32))))
+ return NULL;
+
+ /* lookup (exact match only) */
+ data = neg_find_data(zone, b32, b32len, zone->labs+1);
+ if(data && data->in_use) {
+ /* found ce match! */
+ return data;
+ }
+
+ *nclen = celen;
+ memmove(hashnc, hashce, celen);
+ dname_remove_label(&qname, &qname_len);
+ qlabs --;
+ }
+ return NULL;
+}
+
+/** check nsec3 parameters on nsec3 rrset with current zone values */
+static int
+neg_params_ok(struct val_neg_zone* zone, struct ub_packed_rrset_key* rrset)
+{
+ int h;
+ uint8_t* s;
+ size_t slen, it;
+ if(!nsec3_get_params(rrset, 0, &h, &it, &s, &slen))
+ return 0;
+ return (h == zone->nsec3_hash && it == zone->nsec3_iter &&
+ slen == zone->nsec3_saltlen &&
+ memcmp(zone->nsec3_salt, s, slen) == 0);
+}
+
+/** get next closer for nsec3 proof */
+static struct ub_packed_rrset_key*
+neg_nsec3_getnc(struct val_neg_zone* zone, uint8_t* hashnc, size_t nclen,
+ struct rrset_cache* rrset_cache, struct regional* region,
+ time_t now, uint8_t* b32, size_t maxb32)
+{
+ struct ub_packed_rrset_key* nc_rrset;
+ struct val_neg_data* data;
+ size_t b32len;
+
+ if(!(b32len=nsec3_hash_to_b32(hashnc, nclen, zone->name,
+ zone->len, b32, maxb32)))
+ return NULL;
+ (void)neg_closest_data(zone, b32, b32len, zone->labs+1, &data);
+ if(!data && zone->tree.count != 0) {
+ /* could be before the first entry ; return the last
+ * entry (possibly the rollover nsec3 at end) */
+ data = (struct val_neg_data*)rbtree_last(&zone->tree);
+ }
+ while(data && !data->in_use)
+ data = data->parent;
+ if(!data)
+ return NULL;
+ /* got a data element in tree, grab it */
+ nc_rrset = grab_nsec(rrset_cache, data->name, data->len,
+ LDNS_RR_TYPE_NSEC3, zone->dclass, 0, region, 0, 0, now);
+ if(!nc_rrset)
+ return NULL;
+ if(!neg_params_ok(zone, nc_rrset))
+ return NULL;
+ return nc_rrset;
+}
+
+/** neg cache nsec3 proof procedure*/
+static struct dns_msg*
+neg_nsec3_proof_ds(struct val_neg_zone* zone, uint8_t* qname, size_t qname_len,
+ int qlabs, sldns_buffer* buf, struct rrset_cache* rrset_cache,
+ struct regional* region, time_t now, uint8_t* topname)
+{
+ struct dns_msg* msg;
+ struct val_neg_data* data;
+ uint8_t hashnc[NSEC3_SHA_LEN];
+ size_t nclen;
+ struct ub_packed_rrset_key* ce_rrset, *nc_rrset;
+ struct nsec3_cached_hash c;
+ uint8_t nc_b32[257];
+
+ /* for NSEC3 ; determine the closest encloser for which we
+ * can find an exact match. Remember the hashed lower name,
+ * since that is the one we need a closest match for.
+ * If we find a match straight away, then it becomes NODATA.
+ * Otherwise, NXDOMAIN or if OPTOUT, an insecure delegation.
+ * Also check that parameters are the same on closest encloser
+ * and on closest match.
+ */
+ if(!zone->nsec3_hash)
+ return NULL; /* not nsec3 zone */
+
+ if(!(data=neg_find_nsec3_ce(zone, qname, qname_len, qlabs, buf,
+ hashnc, &nclen))) {
+ return NULL;
+ }
+
+ /* grab the ce rrset */
+ ce_rrset = grab_nsec(rrset_cache, data->name, data->len,
+ LDNS_RR_TYPE_NSEC3, zone->dclass, 0, region, 1,
+ LDNS_RR_TYPE_DS, now);
+ if(!ce_rrset)
+ return NULL;
+ if(!neg_params_ok(zone, ce_rrset))
+ return NULL;
+
+ if(nclen == 0) {
+ /* exact match, just check the type bits */
+ /* need: -SOA, -DS, +NS */
+ if(nsec3_has_type(ce_rrset, 0, LDNS_RR_TYPE_SOA) ||
+ nsec3_has_type(ce_rrset, 0, LDNS_RR_TYPE_DS) ||
+ !nsec3_has_type(ce_rrset, 0, LDNS_RR_TYPE_NS))
+ return NULL;
+ if(!(msg = dns_msg_create(qname, qname_len,
+ LDNS_RR_TYPE_DS, zone->dclass, region, 1)))
+ return NULL;
+ /* TTL reduced in grab_nsec */
+ if(!dns_msg_authadd(msg, region, ce_rrset, 0))
+ return NULL;
+ return msg;
+ }
+
+ /* optout is not allowed without knowing the trust-anchor in use,
+ * otherwise the optout could spoof away that anchor */
+ if(!topname)
+ return NULL;
+
+ /* if there is no exact match, it must be in an optout span
+ * (an existing DS implies an NSEC3 must exist) */
+ nc_rrset = neg_nsec3_getnc(zone, hashnc, nclen, rrset_cache,
+ region, now, nc_b32, sizeof(nc_b32));
+ if(!nc_rrset)
+ return NULL;
+ if(!neg_params_ok(zone, nc_rrset))
+ return NULL;
+ if(!nsec3_has_optout(nc_rrset, 0))
+ return NULL;
+ c.hash = hashnc;
+ c.hash_len = nclen;
+ c.b32 = nc_b32+1;
+ c.b32_len = (size_t)nc_b32[0];
+ if(nsec3_covers(zone->name, &c, nc_rrset, 0, buf)) {
+ /* nc_rrset covers the next closer name.
+ * ce_rrset equals a closer encloser.
+ * nc_rrset is optout.
+ * No need to check wildcard for type DS */
+ /* capacity=3: ce + nc + soa(if needed) */
+ if(!(msg = dns_msg_create(qname, qname_len,
+ LDNS_RR_TYPE_DS, zone->dclass, region, 3)))
+ return NULL;
+ /* now=0 because TTL was reduced in grab_nsec */
+ if(!dns_msg_authadd(msg, region, ce_rrset, 0))
+ return NULL;
+ if(!dns_msg_authadd(msg, region, nc_rrset, 0))
+ return NULL;
+ return msg;
+ }
+ return NULL;
+}
+
+/**
+ * Add SOA record for external responses.
+ * @param rrset_cache: to look into.
+ * @param now: current time.
+ * @param region: where to perform the allocation
+ * @param msg: current msg with NSEC.
+ * @param zone: val_neg_zone if we have one.
+ * @return false on lookup or alloc failure.
+ */
+static int add_soa(struct rrset_cache* rrset_cache, time_t now,
+ struct regional* region, struct dns_msg* msg, struct val_neg_zone* zone)
+{
+ struct ub_packed_rrset_key* soa;
+ uint8_t* nm;
+ size_t nmlen;
+ uint16_t dclass;
+ if(zone) {
+ nm = zone->name;
+ nmlen = zone->len;
+ dclass = zone->dclass;
+ } else {
+ /* Assumes the signer is the zone SOA to add */
+ nm = reply_nsec_signer(msg->rep, &nmlen, &dclass);
+ if(!nm)
+ return 0;
+ }
+ soa = rrset_cache_lookup(rrset_cache, nm, nmlen, LDNS_RR_TYPE_SOA,
+ dclass, PACKED_RRSET_SOA_NEG, now, 0);
+ if(!soa)
+ return 0;
+ if(!dns_msg_authadd(msg, region, soa, now)) {
+ lock_rw_unlock(&soa->entry.lock);
+ return 0;
+ }
+ lock_rw_unlock(&soa->entry.lock);
+ return 1;
+}
+
+struct dns_msg*
+val_neg_getmsg(struct val_neg_cache* neg, struct query_info* qinfo,
+ struct regional* region, struct rrset_cache* rrset_cache,
+ sldns_buffer* buf, time_t now, int addsoa, uint8_t* topname)
+{
+ struct dns_msg* msg;
+ struct ub_packed_rrset_key* rrset;
+ uint8_t* zname;
+ size_t zname_len;
+ int zname_labs;
+ struct val_neg_zone* zone;
+
+ /* only for DS queries */
+ if(qinfo->qtype != LDNS_RR_TYPE_DS)
+ return NULL;
+ log_assert(!topname || dname_subdomain_c(qinfo->qname, topname));
+
+ /* see if info from neg cache is available
+ * For NSECs, because there is no optout; a DS next to a delegation
+ * always has exactly an NSEC for it itself; check its DS bit.
+ * flags=0 (not the zone apex).
+ */
+ rrset = grab_nsec(rrset_cache, qinfo->qname, qinfo->qname_len,
+ LDNS_RR_TYPE_NSEC, qinfo->qclass, 0, region, 1,
+ qinfo->qtype, now);
+ if(rrset) {
+ /* return msg with that rrset */
+ if(!(msg = dns_msg_create(qinfo->qname, qinfo->qname_len,
+ qinfo->qtype, qinfo->qclass, region, 2)))
+ return NULL;
+ /* TTL already subtracted in grab_nsec */
+ if(!dns_msg_authadd(msg, region, rrset, 0))
+ return NULL;
+ if(addsoa && !add_soa(rrset_cache, now, region, msg, NULL))
+ return NULL;
+ return msg;
+ }
+
+ /* check NSEC3 neg cache for type DS */
+ /* need to look one zone higher for DS type */
+ zname = qinfo->qname;
+ zname_len = qinfo->qname_len;
+ dname_remove_label(&zname, &zname_len);
+ zname_labs = dname_count_labels(zname);
+
+ /* lookup closest zone */
+ lock_basic_lock(&neg->lock);
+ zone = neg_closest_zone_parent(neg, zname, zname_len, zname_labs,
+ qinfo->qclass);
+ while(zone && !zone->in_use)
+ zone = zone->parent;
+ /* check that the zone is not too high up so that we do not pick data
+ * out of a zone that is above the last-seen key (or trust-anchor). */
+ if(zone && topname) {
+ if(!dname_subdomain_c(zone->name, topname))
+ zone = NULL;
+ }
+ if(!zone) {
+ lock_basic_unlock(&neg->lock);
+ return NULL;
+ }
+
+ msg = neg_nsec3_proof_ds(zone, qinfo->qname, qinfo->qname_len,
+ zname_labs+1, buf, rrset_cache, region, now, topname);
+ if(msg && addsoa && !add_soa(rrset_cache, now, region, msg, zone)) {
+ lock_basic_unlock(&neg->lock);
+ return NULL;
+ }
+ lock_basic_unlock(&neg->lock);
+ return msg;
+}
diff --git a/external/unbound/validator/val_neg.h b/external/unbound/validator/val_neg.h
new file mode 100644
index 000000000..967d1a70f
--- /dev/null
+++ b/external/unbound/validator/val_neg.h
@@ -0,0 +1,315 @@
+/*
+ * validator/val_neg.h - validator aggressive negative caching functions.
+ *
+ * Copyright (c) 2008, NLnet Labs. All rights reserved.
+ *
+ * This software is open source.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of the NLNET LABS nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/**
+ * \file
+ *
+ * This file contains helper functions for the validator module.
+ * The functions help with aggressive negative caching.
+ * This creates new denials of existance, and proofs for absence of types
+ * from cached NSEC records.
+ */
+
+#ifndef VALIDATOR_VAL_NEG_H
+#define VALIDATOR_VAL_NEG_H
+#include "util/locks.h"
+#include "util/rbtree.h"
+struct sldns_buffer;
+struct val_neg_data;
+struct config_file;
+struct reply_info;
+struct rrset_cache;
+struct regional;
+struct query_info;
+struct dns_msg;
+struct ub_packed_rrset_key;
+
+/**
+ * The negative cache. It is shared between the threads, so locked.
+ * Kept as validator-environ-state. It refers back to the rrset cache for
+ * data elements. It can be out of date and contain conflicting data
+ * from zone content changes.
+ * It contains a tree of zones, every zone has a tree of data elements.
+ * The data elements are part of one big LRU list, with one memory counter.
+ */
+struct val_neg_cache {
+ /** the big lock on the negative cache. Because we use a rbtree
+ * for the data (quick lookup), we need a big lock */
+ lock_basic_t lock;
+ /** The zone rbtree. contents sorted canonical, type val_neg_zone */
+ rbtree_t tree;
+ /** the first in linked list of LRU of val_neg_data */
+ struct val_neg_data* first;
+ /** last in lru (least recently used element) */
+ struct val_neg_data* last;
+ /** current memory in use (bytes) */
+ size_t use;
+ /** max memory to use (bytes) */
+ size_t max;
+ /** max nsec3 iterations allowed */
+ size_t nsec3_max_iter;
+};
+
+/**
+ * Per Zone aggressive negative caching data.
+ */
+struct val_neg_zone {
+ /** rbtree node element, key is this struct: the name, class */
+ rbnode_t node;
+ /** name; the key */
+ uint8_t* name;
+ /** length of name */
+ size_t len;
+ /** labels in name */
+ int labs;
+
+ /** pointer to parent zone in the negative cache */
+ struct val_neg_zone* parent;
+
+ /** the number of elements, including this one and the ones whose
+ * parents (-parents) include this one, that are in_use
+ * No elements have a count of zero, those are removed. */
+ int count;
+
+ /** if 0: NSEC zone, else NSEC3 hash algorithm in use */
+ int nsec3_hash;
+ /** nsec3 iteration count in use */
+ size_t nsec3_iter;
+ /** nsec3 salt in use */
+ uint8_t* nsec3_salt;
+ /** length of salt in bytes */
+ size_t nsec3_saltlen;
+
+ /** tree of NSEC data for this zone, sorted canonical
+ * by NSEC owner name */
+ rbtree_t tree;
+
+ /** class of node; host order */
+ uint16_t dclass;
+ /** if this element is in use, boolean */
+ uint8_t in_use;
+};
+
+/**
+ * Data element for aggressive negative caching.
+ * The tree of these elements acts as an index onto the rrset cache.
+ * It shows the NSEC records that (may) exist and are (possibly) secure.
+ * The rbtree allows for logN search for a covering NSEC record.
+ * To make tree insertion and deletion logN too, all the parent (one label
+ * less than the name) data elements are also in the rbtree, with a usage
+ * count for every data element.
+ * There is no actual data stored in this data element, if it is in_use,
+ * then the data can (possibly) be found in the rrset cache.
+ */
+struct val_neg_data {
+ /** rbtree node element, key is this struct: the name */
+ rbnode_t node;
+ /** name; the key */
+ uint8_t* name;
+ /** length of name */
+ size_t len;
+ /** labels in name */
+ int labs;
+
+ /** pointer to parent node in the negative cache */
+ struct val_neg_data* parent;
+
+ /** the number of elements, including this one and the ones whose
+ * parents (-parents) include this one, that are in use
+ * No elements have a count of zero, those are removed. */
+ int count;
+
+ /** the zone that this denial is part of */
+ struct val_neg_zone* zone;
+
+ /** previous in LRU */
+ struct val_neg_data* prev;
+ /** next in LRU (next element was less recently used) */
+ struct val_neg_data* next;
+
+ /** if this element is in use, boolean */
+ uint8_t in_use;
+};
+
+/**
+ * Create negative cache
+ * @param cfg: config options.
+ * @param maxiter: max nsec3 iterations allowed.
+ * @return neg cache, empty or NULL on failure.
+ */
+struct val_neg_cache* val_neg_create(struct config_file* cfg, size_t maxiter);
+
+/**
+ * see how much memory is in use by the negative cache.
+ * @param neg: negative cache
+ * @return number of bytes in use.
+ */
+size_t val_neg_get_mem(struct val_neg_cache* neg);
+
+/**
+ * Destroy negative cache. There must no longer be any other threads.
+ * @param neg: negative cache.
+ */
+void neg_cache_delete(struct val_neg_cache* neg);
+
+/**
+ * Comparison function for rbtree val neg data elements
+ */
+int val_neg_data_compare(const void* a, const void* b);
+
+/**
+ * Comparison function for rbtree val neg zone elements
+ */
+int val_neg_zone_compare(const void* a, const void* b);
+
+/**
+ * Insert NSECs from this message into the negative cache for reference.
+ * @param neg: negative cache
+ * @param rep: reply with NSECs.
+ * Errors are ignored, means that storage is omitted.
+ */
+void val_neg_addreply(struct val_neg_cache* neg, struct reply_info* rep);
+
+/**
+ * Insert NSECs from this referral into the negative cache for reference.
+ * @param neg: negative cache
+ * @param rep: referral reply with NS, NSECs.
+ * @param zone: bailiwick for the referral.
+ * Errors are ignored, means that storage is omitted.
+ */
+void val_neg_addreferral(struct val_neg_cache* neg, struct reply_info* rep,
+ uint8_t* zone);
+
+/**
+ * Perform a DLV style lookup
+ * During the lookup, we could find out that data has expired. In that
+ * case the neg_cache entries are removed, and lookup fails.
+ *
+ * @param neg: negative cache.
+ * @param qname: name to look for
+ * @param len: length of qname.
+ * @param qclass: class to look in.
+ * @param rrset_cache: the rrset cache, for NSEC lookups.
+ * @param now: current time for ttl checks.
+ * @return
+ * 0 on error
+ * 0 if no proof of negative
+ * 1 if indeed negative was proven
+ * thus, qname DLV qclass does not exist.
+ */
+int val_neg_dlvlookup(struct val_neg_cache* neg, uint8_t* qname, size_t len,
+ uint16_t qclass, struct rrset_cache* rrset_cache, time_t now);
+
+/**
+ * For the given query, try to get a reply out of the negative cache.
+ * The reply still needs to be validated.
+ * @param neg: negative cache.
+ * @param qinfo: query
+ * @param region: where to allocate reply.
+ * @param rrset_cache: rrset cache.
+ * @param buf: temporary buffer.
+ * @param now: to check TTLs against.
+ * @param addsoa: if true, produce result for external consumption.
+ * if false, do not add SOA - for unbound-internal consumption.
+ * @param topname: do not look higher than this name,
+ * so that the result cannot be taken from a zone above the current
+ * trust anchor. Which could happen with multiple islands of trust.
+ * if NULL, then no trust anchor is used, but also the algorithm becomes
+ * more conservative, especially for opt-out zones, since the receiver
+ * may have a trust-anchor below the optout and thus the optout cannot
+ * be used to create a proof from the negative cache.
+ * @return a reply message if something was found.
+ * This reply may still need validation.
+ * NULL if nothing found (or out of memory).
+ */
+struct dns_msg* val_neg_getmsg(struct val_neg_cache* neg,
+ struct query_info* qinfo, struct regional* region,
+ struct rrset_cache* rrset_cache, struct sldns_buffer* buf, time_t now,
+ int addsoa, uint8_t* topname);
+
+
+/**** functions exposed for unit test ****/
+/**
+ * Insert data into the data tree of a zone
+ * Does not do locking.
+ * @param neg: negative cache
+ * @param zone: zone to insert into
+ * @param nsec: record to insert.
+ */
+void neg_insert_data(struct val_neg_cache* neg,
+ struct val_neg_zone* zone, struct ub_packed_rrset_key* nsec);
+
+/**
+ * Delete a data element from the negative cache.
+ * May delete other data elements to keep tree coherent, or
+ * only mark the element as 'not in use'.
+ * Does not do locking.
+ * @param neg: negative cache.
+ * @param el: data element to delete.
+ */
+void neg_delete_data(struct val_neg_cache* neg, struct val_neg_data* el);
+
+/**
+ * Find the given zone, from the SOA owner name and class
+ * Does not do locking.
+ * @param neg: negative cache
+ * @param nm: what to look for.
+ * @param len: length of nm
+ * @param dclass: class to look for.
+ * @return zone or NULL if not found.
+ */
+struct val_neg_zone* neg_find_zone(struct val_neg_cache* neg,
+ uint8_t* nm, size_t len, uint16_t dclass);
+
+/**
+ * Create a new zone.
+ * Does not do locking.
+ * @param neg: negative cache
+ * @param nm: what to look for.
+ * @param nm_len: length of name.
+ * @param dclass: class of zone, host order.
+ * @return zone or NULL if out of memory.
+ */
+struct val_neg_zone* neg_create_zone(struct val_neg_cache* neg,
+ uint8_t* nm, size_t nm_len, uint16_t dclass);
+
+/**
+ * take a zone into use. increases counts of parents.
+ * Does not do locking.
+ * @param zone: zone to take into use.
+ */
+void val_neg_zone_take_inuse(struct val_neg_zone* zone);
+
+#endif /* VALIDATOR_VAL_NEG_H */
diff --git a/external/unbound/validator/val_nsec.c b/external/unbound/validator/val_nsec.c
new file mode 100644
index 000000000..bdfe3c8fa
--- /dev/null
+++ b/external/unbound/validator/val_nsec.c
@@ -0,0 +1,602 @@
+/*
+ * validator/val_nsec.c - validator NSEC denial of existance functions.
+ *
+ * Copyright (c) 2007, NLnet Labs. All rights reserved.
+ *
+ * This software is open source.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of the NLNET LABS nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/**
+ * \file
+ *
+ * This file contains helper functions for the validator module.
+ * The functions help with NSEC checking, the different NSEC proofs
+ * for denial of existance, and proofs for presence of types.
+ */
+#include "config.h"
+#include "validator/val_nsec.h"
+#include "validator/val_utils.h"
+#include "util/data/msgreply.h"
+#include "util/data/dname.h"
+#include "util/net_help.h"
+#include "util/module.h"
+#include "services/cache/rrset.h"
+
+/** get ttl of rrset */
+static uint32_t
+rrset_get_ttl(struct ub_packed_rrset_key* k)
+{
+ struct packed_rrset_data* d = (struct packed_rrset_data*)k->entry.data;
+ return d->ttl;
+}
+
+int
+nsecbitmap_has_type_rdata(uint8_t* bitmap, size_t len, uint16_t type)
+{
+ /* Check type present in NSEC typemap with bitmap arg */
+ /* bitmasks for determining type-lowerbits presence */
+ uint8_t masks[8] = {0x80, 0x40, 0x20, 0x10, 0x08, 0x04, 0x02, 0x01};
+ uint8_t type_window = type>>8;
+ uint8_t type_low = type&0xff;
+ uint8_t win, winlen;
+ /* read each of the type bitmap windows and see if the searched
+ * type is amongst it */
+ while(len > 0) {
+ if(len < 3) /* bad window, at least window# winlen bitmap */
+ return 0;
+ win = *bitmap++;
+ winlen = *bitmap++;
+ len -= 2;
+ if(len < winlen || winlen < 1 || winlen > 32)
+ return 0; /* bad window length */
+ if(win == type_window) {
+ /* search window bitmap for the correct byte */
+ /* mybyte is 0 if we need the first byte */
+ size_t mybyte = type_low>>3;
+ if(winlen <= mybyte)
+ return 0; /* window too short */
+ return (int)(bitmap[mybyte] & masks[type_low&0x7]);
+ } else {
+ /* not the window we are looking for */
+ bitmap += winlen;
+ len -= winlen;
+ }
+ }
+ /* end of bitmap reached, no type found */
+ return 0;
+}
+
+int
+nsec_has_type(struct ub_packed_rrset_key* nsec, uint16_t type)
+{
+ struct packed_rrset_data* d = (struct packed_rrset_data*)nsec->
+ entry.data;
+ size_t len;
+ if(!d || d->count == 0 || d->rr_len[0] < 2+1)
+ return 0;
+ len = dname_valid(d->rr_data[0]+2, d->rr_len[0]-2);
+ if(!len)
+ return 0;
+ return nsecbitmap_has_type_rdata(d->rr_data[0]+2+len,
+ d->rr_len[0]-2-len, type);
+}
+
+/**
+ * Get next owner name from nsec record
+ * @param nsec: the nsec RRset.
+ * If there are multiple RRs, then this will only return one of them.
+ * @param nm: the next name is returned.
+ * @param ln: length of nm is returned.
+ * @return false on a bad NSEC RR (too short, malformed dname).
+ */
+static int
+nsec_get_next(struct ub_packed_rrset_key* nsec, uint8_t** nm, size_t* ln)
+{
+ struct packed_rrset_data* d = (struct packed_rrset_data*)nsec->
+ entry.data;
+ if(!d || d->count == 0 || d->rr_len[0] < 2+1) {
+ *nm = 0;
+ *ln = 0;
+ return 0;
+ }
+ *nm = d->rr_data[0]+2;
+ *ln = dname_valid(*nm, d->rr_len[0]-2);
+ if(!*ln) {
+ *nm = 0;
+ *ln = 0;
+ return 0;
+ }
+ return 1;
+}
+
+/**
+ * For an NSEC that matches the DS queried for, check absence of DS type.
+ *
+ * @param nsec: NSEC for proof, must be trusted.
+ * @param qinfo: what is queried for.
+ * @return if secure the nsec proves that no DS is present, or
+ * insecure if it proves it is not a delegation point.
+ * or bogus if something was wrong.
+ */
+static enum sec_status
+val_nsec_proves_no_ds(struct ub_packed_rrset_key* nsec,
+ struct query_info* qinfo)
+{
+ log_assert(qinfo->qtype == LDNS_RR_TYPE_DS);
+ log_assert(ntohs(nsec->rk.type) == LDNS_RR_TYPE_NSEC);
+
+ if(nsec_has_type(nsec, LDNS_RR_TYPE_SOA) && qinfo->qname_len != 1) {
+ /* SOA present means that this is the NSEC from the child,
+ * not the parent (so it is the wrong one). */
+ return sec_status_bogus;
+ }
+ if(nsec_has_type(nsec, LDNS_RR_TYPE_DS)) {
+ /* DS present means that there should have been a positive
+ * response to the DS query, so there is something wrong. */
+ return sec_status_bogus;
+ }
+
+ if(!nsec_has_type(nsec, LDNS_RR_TYPE_NS)) {
+ /* If there is no NS at this point at all, then this
+ * doesn't prove anything one way or the other. */
+ return sec_status_insecure;
+ }
+ /* Otherwise, this proves no DS. */
+ return sec_status_secure;
+}
+
+/** check security status from cache or verify rrset, returns true if secure */
+static int
+nsec_verify_rrset(struct module_env* env, struct val_env* ve,
+ struct ub_packed_rrset_key* nsec, struct key_entry_key* kkey,
+ char** reason)
+{
+ struct packed_rrset_data* d = (struct packed_rrset_data*)
+ nsec->entry.data;
+ if(d->security == sec_status_secure)
+ return 1;
+ rrset_check_sec_status(env->rrset_cache, nsec, *env->now);
+ if(d->security == sec_status_secure)
+ return 1;
+ d->security = val_verify_rrset_entry(env, ve, nsec, kkey, reason);
+ if(d->security == sec_status_secure) {
+ rrset_update_sec_status(env->rrset_cache, nsec, *env->now);
+ return 1;
+ }
+ return 0;
+}
+
+enum sec_status
+val_nsec_prove_nodata_dsreply(struct module_env* env, struct val_env* ve,
+ struct query_info* qinfo, struct reply_info* rep,
+ struct key_entry_key* kkey, time_t* proof_ttl, char** reason)
+{
+ struct ub_packed_rrset_key* nsec = reply_find_rrset_section_ns(
+ rep, qinfo->qname, qinfo->qname_len, LDNS_RR_TYPE_NSEC,
+ qinfo->qclass);
+ enum sec_status sec;
+ size_t i;
+ uint8_t* wc = NULL, *ce = NULL;
+ int valid_nsec = 0;
+ struct ub_packed_rrset_key* wc_nsec = NULL;
+
+ /* If we have a NSEC at the same name, it must prove one
+ * of two things
+ * --
+ * 1) this is a delegation point and there is no DS
+ * 2) this is not a delegation point */
+ if(nsec) {
+ if(!nsec_verify_rrset(env, ve, nsec, kkey, reason)) {
+ verbose(VERB_ALGO, "NSEC RRset for the "
+ "referral did not verify.");
+ return sec_status_bogus;
+ }
+ sec = val_nsec_proves_no_ds(nsec, qinfo);
+ if(sec == sec_status_bogus) {
+ /* something was wrong. */
+ *reason = "NSEC does not prove absence of DS";
+ return sec;
+ } else if(sec == sec_status_insecure) {
+ /* this wasn't a delegation point. */
+ return sec;
+ } else if(sec == sec_status_secure) {
+ /* this proved no DS. */
+ *proof_ttl = ub_packed_rrset_ttl(nsec);
+ return sec;
+ }
+ /* if unchecked, fall through to next proof */
+ }
+
+ /* Otherwise, there is no NSEC at qname. This could be an ENT.
+ * (ENT=empty non terminal). If not, this is broken. */
+
+ /* verify NSEC rrsets in auth section */
+ for(i=rep->an_numrrsets; i < rep->an_numrrsets+rep->ns_numrrsets;
+ i++) {
+ if(rep->rrsets[i]->rk.type != htons(LDNS_RR_TYPE_NSEC))
+ continue;
+ if(!nsec_verify_rrset(env, ve, rep->rrsets[i], kkey, reason)) {
+ verbose(VERB_ALGO, "NSEC for empty non-terminal "
+ "did not verify.");
+ return sec_status_bogus;
+ }
+ if(nsec_proves_nodata(rep->rrsets[i], qinfo, &wc)) {
+ verbose(VERB_ALGO, "NSEC for empty non-terminal "
+ "proved no DS.");
+ *proof_ttl = rrset_get_ttl(rep->rrsets[i]);
+ if(wc && dname_is_wild(rep->rrsets[i]->rk.dname))
+ wc_nsec = rep->rrsets[i];
+ valid_nsec = 1;
+ }
+ if(val_nsec_proves_name_error(rep->rrsets[i], qinfo->qname)) {
+ ce = nsec_closest_encloser(qinfo->qname,
+ rep->rrsets[i]);
+ }
+ }
+ if(wc && !ce)
+ valid_nsec = 0;
+ else if(wc && ce) {
+ /* ce and wc must match */
+ if(query_dname_compare(wc, ce) != 0)
+ valid_nsec = 0;
+ else if(!wc_nsec)
+ valid_nsec = 0;
+ }
+ if(valid_nsec) {
+ if(wc) {
+ /* check if this is a delegation */
+ *reason = "NSEC for wildcard does not prove absence of DS";
+ return val_nsec_proves_no_ds(wc_nsec, qinfo);
+ }
+ /* valid nsec proves empty nonterminal */
+ return sec_status_insecure;
+ }
+
+ /* NSEC proof did not conlusively point to DS or no DS */
+ return sec_status_unchecked;
+}
+
+int nsec_proves_nodata(struct ub_packed_rrset_key* nsec,
+ struct query_info* qinfo, uint8_t** wc)
+{
+ log_assert(wc);
+ if(query_dname_compare(nsec->rk.dname, qinfo->qname) != 0) {
+ uint8_t* nm;
+ size_t ln;
+
+ /* empty-non-terminal checking.
+ * Done before wildcard, because this is an exact match,
+ * and would prevent a wildcard from matching. */
+
+ /* If the nsec is proving that qname is an ENT, the nsec owner
+ * will be less than qname, and the next name will be a child
+ * domain of the qname. */
+ if(!nsec_get_next(nsec, &nm, &ln))
+ return 0; /* bad nsec */
+ if(dname_strict_subdomain_c(nm, qinfo->qname) &&
+ dname_canonical_compare(nsec->rk.dname,
+ qinfo->qname) < 0) {
+ return 1; /* proves ENT */
+ }
+
+ /* wildcard checking. */
+
+ /* If this is a wildcard NSEC, make sure that a) it was
+ * possible to have generated qname from the wildcard and
+ * b) the type map does not contain qtype. Note that this
+ * does NOT prove that this wildcard was the applicable
+ * wildcard. */
+ if(dname_is_wild(nsec->rk.dname)) {
+ /* the purported closest encloser. */
+ uint8_t* ce = nsec->rk.dname;
+ size_t ce_len = nsec->rk.dname_len;
+ dname_remove_label(&ce, &ce_len);
+
+ /* The qname must be a strict subdomain of the
+ * closest encloser, for the wildcard to apply
+ */
+ if(dname_strict_subdomain_c(qinfo->qname, ce)) {
+ /* here we have a matching NSEC for the qname,
+ * perform matching NSEC checks */
+ if(nsec_has_type(nsec, LDNS_RR_TYPE_CNAME)) {
+ /* should have gotten the wildcard CNAME */
+ return 0;
+ }
+ if(nsec_has_type(nsec, LDNS_RR_TYPE_NS) &&
+ !nsec_has_type(nsec, LDNS_RR_TYPE_SOA)) {
+ /* wrong parentside (wildcard) NSEC used */
+ return 0;
+ }
+ if(nsec_has_type(nsec, qinfo->qtype)) {
+ return 0;
+ }
+ *wc = ce;
+ return 1;
+ }
+ }
+
+ /* Otherwise, this NSEC does not prove ENT and is not a
+ * wildcard, so it does not prove NODATA. */
+ return 0;
+ }
+
+ /* If the qtype exists, then we should have gotten it. */
+ if(nsec_has_type(nsec, qinfo->qtype)) {
+ return 0;
+ }
+
+ /* if the name is a CNAME node, then we should have gotten the CNAME*/
+ if(nsec_has_type(nsec, LDNS_RR_TYPE_CNAME)) {
+ return 0;
+ }
+
+ /* If an NS set exists at this name, and NOT a SOA (so this is a
+ * zone cut, not a zone apex), then we should have gotten a
+ * referral (or we just got the wrong NSEC).
+ * The reverse of this check is used when qtype is DS, since that
+ * must use the NSEC from above the zone cut. */
+ if(qinfo->qtype != LDNS_RR_TYPE_DS &&
+ nsec_has_type(nsec, LDNS_RR_TYPE_NS) &&
+ !nsec_has_type(nsec, LDNS_RR_TYPE_SOA)) {
+ return 0;
+ } else if(qinfo->qtype == LDNS_RR_TYPE_DS &&
+ nsec_has_type(nsec, LDNS_RR_TYPE_SOA) &&
+ !dname_is_root(qinfo->qname)) {
+ return 0;
+ }
+
+ return 1;
+}
+
+int
+val_nsec_proves_name_error(struct ub_packed_rrset_key* nsec, uint8_t* qname)
+{
+ uint8_t* owner = nsec->rk.dname;
+ uint8_t* next;
+ size_t nlen;
+ if(!nsec_get_next(nsec, &next, &nlen))
+ return 0;
+
+ /* If NSEC owner == qname, then this NSEC proves that qname exists. */
+ if(query_dname_compare(qname, owner) == 0) {
+ return 0;
+ }
+
+ /* If NSEC is a parent of qname, we need to check the type map
+ * If the parent name has a DNAME or is a delegation point, then
+ * this NSEC is being misused. */
+ if(dname_subdomain_c(qname, owner) &&
+ (nsec_has_type(nsec, LDNS_RR_TYPE_DNAME) ||
+ (nsec_has_type(nsec, LDNS_RR_TYPE_NS)
+ && !nsec_has_type(nsec, LDNS_RR_TYPE_SOA))
+ )) {
+ return 0;
+ }
+
+ if(query_dname_compare(owner, next) == 0) {
+ /* this nsec is the only nsec */
+ /* zone.name NSEC zone.name, disproves everything else */
+ /* but only for subdomains of that zone */
+ if(dname_strict_subdomain_c(qname, next))
+ return 1;
+ }
+ else if(dname_canonical_compare(owner, next) > 0) {
+ /* this is the last nsec, ....(bigger) NSEC zonename(smaller) */
+ /* the names after the last (owner) name do not exist
+ * there are no names before the zone name in the zone
+ * but the qname must be a subdomain of the zone name(next). */
+ if(dname_canonical_compare(owner, qname) < 0 &&
+ dname_strict_subdomain_c(qname, next))
+ return 1;
+ } else {
+ /* regular NSEC, (smaller) NSEC (larger) */
+ if(dname_canonical_compare(owner, qname) < 0 &&
+ dname_canonical_compare(qname, next) < 0) {
+ return 1;
+ }
+ }
+ return 0;
+}
+
+int val_nsec_proves_insecuredelegation(struct ub_packed_rrset_key* nsec,
+ struct query_info* qinfo)
+{
+ if(nsec_has_type(nsec, LDNS_RR_TYPE_NS) &&
+ !nsec_has_type(nsec, LDNS_RR_TYPE_DS) &&
+ !nsec_has_type(nsec, LDNS_RR_TYPE_SOA)) {
+ /* see if nsec signals an insecure delegation */
+ if(qinfo->qtype == LDNS_RR_TYPE_DS) {
+ /* if type is DS and qname is equal to nsec, then it
+ * is an exact match nsec, result not insecure */
+ if(dname_strict_subdomain_c(qinfo->qname,
+ nsec->rk.dname))
+ return 1;
+ } else {
+ if(dname_subdomain_c(qinfo->qname, nsec->rk.dname))
+ return 1;
+ }
+ }
+ return 0;
+}
+
+uint8_t*
+nsec_closest_encloser(uint8_t* qname, struct ub_packed_rrset_key* nsec)
+{
+ uint8_t* next;
+ size_t nlen;
+ uint8_t* common1, *common2;
+ if(!nsec_get_next(nsec, &next, &nlen))
+ return NULL;
+ /* longest common with owner or next name */
+ common1 = dname_get_shared_topdomain(nsec->rk.dname, qname);
+ common2 = dname_get_shared_topdomain(next, qname);
+ if(dname_count_labels(common1) > dname_count_labels(common2))
+ return common1;
+ return common2;
+}
+
+int val_nsec_proves_positive_wildcard(struct ub_packed_rrset_key* nsec,
+ struct query_info* qinf, uint8_t* wc)
+{
+ uint8_t* ce;
+ /* 1) prove that qname doesn't exist and
+ * 2) that the correct wildcard was used
+ * nsec has been verified already. */
+ if(!val_nsec_proves_name_error(nsec, qinf->qname))
+ return 0;
+ /* check wildcard name */
+ ce = nsec_closest_encloser(qinf->qname, nsec);
+ if(!ce)
+ return 0;
+ if(query_dname_compare(wc, ce) != 0) {
+ return 0;
+ }
+ return 1;
+}
+
+int
+val_nsec_proves_no_wc(struct ub_packed_rrset_key* nsec, uint8_t* qname,
+ size_t qnamelen)
+{
+ /* Determine if a NSEC record proves the non-existence of a
+ * wildcard that could have produced qname. */
+ int labs;
+ int i;
+ uint8_t* ce = nsec_closest_encloser(qname, nsec);
+ uint8_t* strip;
+ size_t striplen;
+ uint8_t buf[LDNS_MAX_DOMAINLEN+3];
+ if(!ce)
+ return 0;
+ /* we can subtract the closest encloser count - since that is the
+ * largest shared topdomain with owner and next NSEC name,
+ * because the NSEC is no proof for names shorter than the owner
+ * and next names. */
+ labs = dname_count_labels(qname) - dname_count_labels(ce);
+
+ for(i=labs; i>0; i--) {
+ /* i is number of labels to strip off qname, prepend * wild */
+ strip = qname;
+ striplen = qnamelen;
+ dname_remove_labels(&strip, &striplen, i);
+ if(striplen > LDNS_MAX_DOMAINLEN-2)
+ continue; /* too long to prepend wildcard */
+ buf[0] = 1;
+ buf[1] = (uint8_t)'*';
+ memmove(buf+2, strip, striplen);
+ if(val_nsec_proves_name_error(nsec, buf)) {
+ return 1;
+ }
+ }
+ return 0;
+}
+
+/**
+ * Find shared topdomain that exists
+ */
+static void
+dlv_topdomain(struct ub_packed_rrset_key* nsec, uint8_t* qname,
+ uint8_t** nm, size_t* nm_len)
+{
+ /* make sure reply is part of nm */
+ /* take shared topdomain with left of NSEC. */
+
+ /* because, if empty nonterminal, then right is subdomain of qname.
+ * and any shared topdomain would be empty nonterminals.
+ *
+ * If nxdomain, then the right is bigger, and could have an
+ * interesting shared topdomain, but if it does have one, it is
+ * an empty nonterminal. An empty nonterminal shared with the left
+ * one. */
+ int n;
+ uint8_t* common = dname_get_shared_topdomain(qname, nsec->rk.dname);
+ n = dname_count_labels(*nm) - dname_count_labels(common);
+ dname_remove_labels(nm, nm_len, n);
+}
+
+int val_nsec_check_dlv(struct query_info* qinfo,
+ struct reply_info* rep, uint8_t** nm, size_t* nm_len)
+{
+ uint8_t* next;
+ size_t i, nlen;
+ int c;
+ /* we should now have a NOERROR/NODATA or NXDOMAIN message */
+ if(rep->an_numrrsets != 0) {
+ return 0;
+ }
+ /* is this NOERROR ? */
+ if(FLAGS_GET_RCODE(rep->flags) == LDNS_RCODE_NOERROR) {
+ /* it can be a plain NSEC match - go up one more level. */
+ /* or its an empty nonterminal - go up to nonempty level */
+ for(i=0; i<rep->ns_numrrsets; i++) {
+ if(htons(rep->rrsets[i]->rk.type)!=LDNS_RR_TYPE_NSEC ||
+ !nsec_get_next(rep->rrsets[i], &next, &nlen))
+ continue;
+ c = dname_canonical_compare(
+ rep->rrsets[i]->rk.dname, qinfo->qname);
+ if(c == 0) {
+ /* plain match */
+ if(nsec_has_type(rep->rrsets[i],
+ LDNS_RR_TYPE_DLV))
+ return 0;
+ dname_remove_label(nm, nm_len);
+ return 1;
+ } else if(c < 0 &&
+ dname_strict_subdomain_c(next, qinfo->qname)) {
+ /* ENT */
+ dlv_topdomain(rep->rrsets[i], qinfo->qname,
+ nm, nm_len);
+ return 1;
+ }
+ }
+ return 0;
+ }
+
+ /* is this NXDOMAIN ? */
+ if(FLAGS_GET_RCODE(rep->flags) == LDNS_RCODE_NXDOMAIN) {
+ /* find the qname denial NSEC record. It can tell us
+ * a closest encloser name; or that we not need bother */
+ for(i=0; i<rep->ns_numrrsets; i++) {
+ if(htons(rep->rrsets[i]->rk.type) != LDNS_RR_TYPE_NSEC)
+ continue;
+ if(val_nsec_proves_name_error(rep->rrsets[i],
+ qinfo->qname)) {
+ log_nametypeclass(VERB_ALGO, "topdomain on",
+ rep->rrsets[i]->rk.dname,
+ ntohs(rep->rrsets[i]->rk.type), 0);
+ dlv_topdomain(rep->rrsets[i], qinfo->qname,
+ nm, nm_len);
+ return 1;
+ }
+ }
+ return 0;
+ }
+ return 0;
+}
diff --git a/external/unbound/validator/val_nsec.h b/external/unbound/validator/val_nsec.h
new file mode 100644
index 000000000..f680d08c0
--- /dev/null
+++ b/external/unbound/validator/val_nsec.h
@@ -0,0 +1,182 @@
+/*
+ * validator/val_nsec.h - validator NSEC denial of existance functions.
+ *
+ * Copyright (c) 2007, NLnet Labs. All rights reserved.
+ *
+ * This software is open source.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of the NLNET LABS nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/**
+ * \file
+ *
+ * This file contains helper functions for the validator module.
+ * The functions help with NSEC checking, the different NSEC proofs
+ * for denial of existance, and proofs for presence of types.
+ */
+
+#ifndef VALIDATOR_VAL_NSEC_H
+#define VALIDATOR_VAL_NSEC_H
+#include "util/data/packed_rrset.h"
+struct val_env;
+struct module_env;
+struct ub_packed_rrset_key;
+struct reply_info;
+struct query_info;
+struct key_entry_key;
+
+/**
+ * Check DS absence.
+ * There is a NODATA reply to a DS that needs checking.
+ * NSECs can prove this is not a delegation point, or sucessfully prove
+ * that there is no DS. Or this fails.
+ *
+ * @param env: module env for rrsig verification routines.
+ * @param ve: validator env for rrsig verification routines.
+ * @param qinfo: the DS queried for.
+ * @param rep: reply received.
+ * @param kkey: key entry to use for verification of signatures.
+ * @param proof_ttl: if secure, the TTL of how long this proof lasts.
+ * @param reason: string explaining why bogus.
+ * @return security status.
+ * SECURE: proved absence of DS.
+ * INSECURE: proved that this was not a delegation point.
+ * BOGUS: crypto bad, or no absence of DS proven.
+ * UNCHECKED: there was no way to prove anything (no NSECs, unknown algo).
+ */
+enum sec_status val_nsec_prove_nodata_dsreply(struct module_env* env,
+ struct val_env* ve, struct query_info* qinfo,
+ struct reply_info* rep, struct key_entry_key* kkey,
+ time_t* proof_ttl, char** reason);
+
+/**
+ * nsec typemap check, takes an NSEC-type bitmap as argument, checks for type.
+ * @param bitmap: pointer to the bitmap part of wireformat rdata.
+ * @param len: length of the bitmap, in bytes.
+ * @param type: the type (in host order) to check for.
+ * @return true if the type bit was set in the bitmap. false if not, or
+ * if the bitmap was malformed in some way.
+ */
+int nsecbitmap_has_type_rdata(uint8_t* bitmap, size_t len, uint16_t type);
+
+/**
+ * Check if type is present in the NSEC typemap
+ * @param nsec: the nsec RRset.
+ * If there are multiple RRs, then each must have the same typemap,
+ * since the typemap represents the types at this domain node.
+ * @param type: type to check for, host order.
+ * @return true if present
+ */
+int nsec_has_type(struct ub_packed_rrset_key* nsec, uint16_t type);
+
+/**
+ * Determine if a NSEC proves the NOERROR/NODATA conditions. This will also
+ * handle the empty non-terminal (ENT) case and partially handle the
+ * wildcard case. If the ownername of 'nsec' is a wildcard, the validator
+ * must still be provided proof that qname did not directly exist and that
+ * the wildcard is, in fact, *.closest_encloser.
+ *
+ * @param nsec: the nsec record to check against.
+ * @param qinfo: the query info.
+ * @param wc: if the nodata is proven for a wildcard match, the wildcard
+ * closest encloser is returned, else NULL (wc is unchanged).
+ * This closest encloser must then match the nameerror given for the
+ * nextcloser of qname.
+ * @return true if NSEC proves this.
+ */
+int nsec_proves_nodata(struct ub_packed_rrset_key* nsec,
+ struct query_info* qinfo, uint8_t** wc);
+
+/**
+ * Determine if the given NSEC proves a NameError (NXDOMAIN) for a given
+ * qname.
+ *
+ * @param nsec: the nsec to check
+ * @param qname: what was queried.
+ * @return true if proven.
+ */
+int val_nsec_proves_name_error(struct ub_packed_rrset_key* nsec,
+ uint8_t* qname);
+
+/**
+ * Determine if the given NSEC proves a positive wildcard response.
+ * @param nsec: the nsec to check
+ * @param qinf: what was queried.
+ * @param wc: wildcard (without *. label)
+ * @return true if proven.
+ */
+int val_nsec_proves_positive_wildcard(struct ub_packed_rrset_key* nsec,
+ struct query_info* qinf, uint8_t* wc);
+
+/**
+ * Determine closest encloser of a query name and the NSEC that covers it
+ * (and thus disproved it).
+ * A name error must have been proven already, otherwise this will be invalid.
+ * @param qname: the name queried for.
+ * @param nsec: the nsec RRset.
+ * @return closest encloser dname or NULL on error (bad nsec RRset).
+ */
+uint8_t* nsec_closest_encloser(uint8_t* qname,
+ struct ub_packed_rrset_key* nsec);
+
+/**
+ * Determine if the given NSEC proves that a wildcard match does not exist.
+ *
+ * @param nsec: the nsec RRset.
+ * @param qname: the name queried for.
+ * @param qnamelen: length of qname.
+ * @return true if proven.
+ */
+int val_nsec_proves_no_wc(struct ub_packed_rrset_key* nsec, uint8_t* qname,
+ size_t qnamelen);
+
+/**
+ * Determine the DLV result, what to do with NSEC DLV reply.
+ * @param qinfo: what was queried for.
+ * @param rep: the nonpositive reply.
+ * @param nm: dlv lookup name, to adjust for new lookup name (if needed).
+ * @param nm_len: length of lookup name.
+ * @return 0 on error, 1 if a higher point is found.
+ * If the higher point is above the dlv repo anchor, the qname does
+ * not exist.
+ */
+int val_nsec_check_dlv(struct query_info* qinfo,
+ struct reply_info* rep, uint8_t** nm, size_t* nm_len);
+
+/**
+ * Determine if an nsec proves an insecure delegation towards the qname.
+ * @param nsec: nsec rrset.
+ * @param qinfo: what was queries for.
+ * @return 0 if not, 1 if an NSEC that signals an insecure delegation to
+ * the qname.
+ */
+int val_nsec_proves_insecuredelegation(struct ub_packed_rrset_key* nsec,
+ struct query_info* qinfo);
+
+#endif /* VALIDATOR_VAL_NSEC_H */
diff --git a/external/unbound/validator/val_nsec3.c b/external/unbound/validator/val_nsec3.c
new file mode 100644
index 000000000..fe5091c0a
--- /dev/null
+++ b/external/unbound/validator/val_nsec3.c
@@ -0,0 +1,1488 @@
+/*
+ * validator/val_nsec3.c - validator NSEC3 denial of existance functions.
+ *
+ * Copyright (c) 2007, NLnet Labs. All rights reserved.
+ *
+ * This software is open source.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of the NLNET LABS nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/**
+ * \file
+ *
+ * This file contains helper functions for the validator module.
+ * The functions help with NSEC3 checking, the different NSEC3 proofs
+ * for denial of existance, and proofs for presence of types.
+ */
+#include "config.h"
+#include <ctype.h>
+#ifdef HAVE_OPENSSL_SSL_H
+#include "openssl/ssl.h"
+#endif
+#ifdef HAVE_NSS
+/* nss3 */
+#include "sechash.h"
+#endif
+#include "validator/val_nsec3.h"
+#include "validator/validator.h"
+#include "validator/val_kentry.h"
+#include "services/cache/rrset.h"
+#include "util/regional.h"
+#include "util/rbtree.h"
+#include "util/module.h"
+#include "util/net_help.h"
+#include "util/data/packed_rrset.h"
+#include "util/data/dname.h"
+#include "util/data/msgreply.h"
+/* we include nsec.h for the bitmap_has_type function */
+#include "validator/val_nsec.h"
+#include "ldns/sbuffer.h"
+
+/**
+ * This function we get from ldns-compat or from base system
+ * it returns the number of data bytes stored at the target, or <0 on error.
+ */
+int sldns_b32_ntop_extended_hex(uint8_t const *src, size_t srclength,
+ char *target, size_t targsize);
+/**
+ * This function we get from ldns-compat or from base system
+ * it returns the number of data bytes stored at the target, or <0 on error.
+ */
+int sldns_b32_pton_extended_hex(char const *src, size_t hashed_owner_str_len,
+ uint8_t *target, size_t targsize);
+
+/**
+ * Closest encloser (ce) proof results
+ * Contains the ce and the next-closer (nc) proof.
+ */
+struct ce_response {
+ /** the closest encloser name */
+ uint8_t* ce;
+ /** length of ce */
+ size_t ce_len;
+ /** NSEC3 record that proved ce. rrset */
+ struct ub_packed_rrset_key* ce_rrset;
+ /** NSEC3 record that proved ce. rr number */
+ int ce_rr;
+ /** NSEC3 record that proved nc. rrset */
+ struct ub_packed_rrset_key* nc_rrset;
+ /** NSEC3 record that proved nc. rr*/
+ int nc_rr;
+};
+
+/**
+ * Filter conditions for NSEC3 proof
+ * Used to iterate over the applicable NSEC3 RRs.
+ */
+struct nsec3_filter {
+ /** Zone name, only NSEC3 records for this zone are considered */
+ uint8_t* zone;
+ /** length of the zonename */
+ size_t zone_len;
+ /** the list of NSEC3s to filter; array */
+ struct ub_packed_rrset_key** list;
+ /** number of rrsets in list */
+ size_t num;
+ /** class of records for the NSEC3, only this class applies */
+ uint16_t fclass;
+};
+
+/** return number of rrs in an rrset */
+static size_t
+rrset_get_count(struct ub_packed_rrset_key* rrset)
+{
+ struct packed_rrset_data* d = (struct packed_rrset_data*)
+ rrset->entry.data;
+ if(!d) return 0;
+ return d->count;
+}
+
+/** return if nsec3 RR has unknown flags */
+static int
+nsec3_unknown_flags(struct ub_packed_rrset_key* rrset, int r)
+{
+ struct packed_rrset_data* d = (struct packed_rrset_data*)
+ rrset->entry.data;
+ log_assert(d && r < (int)d->count);
+ if(d->rr_len[r] < 2+2)
+ return 0; /* malformed */
+ return (int)(d->rr_data[r][2+1] & NSEC3_UNKNOWN_FLAGS);
+}
+
+int
+nsec3_has_optout(struct ub_packed_rrset_key* rrset, int r)
+{
+ struct packed_rrset_data* d = (struct packed_rrset_data*)
+ rrset->entry.data;
+ log_assert(d && r < (int)d->count);
+ if(d->rr_len[r] < 2+2)
+ return 0; /* malformed */
+ return (int)(d->rr_data[r][2+1] & NSEC3_OPTOUT);
+}
+
+/** return nsec3 RR algorithm */
+static int
+nsec3_get_algo(struct ub_packed_rrset_key* rrset, int r)
+{
+ struct packed_rrset_data* d = (struct packed_rrset_data*)
+ rrset->entry.data;
+ log_assert(d && r < (int)d->count);
+ if(d->rr_len[r] < 2+1)
+ return 0; /* malformed */
+ return (int)(d->rr_data[r][2+0]);
+}
+
+/** return if nsec3 RR has known algorithm */
+static int
+nsec3_known_algo(struct ub_packed_rrset_key* rrset, int r)
+{
+ struct packed_rrset_data* d = (struct packed_rrset_data*)
+ rrset->entry.data;
+ log_assert(d && r < (int)d->count);
+ if(d->rr_len[r] < 2+1)
+ return 0; /* malformed */
+ switch(d->rr_data[r][2+0]) {
+ case NSEC3_HASH_SHA1:
+ return 1;
+ }
+ return 0;
+}
+
+/** return nsec3 RR iteration count */
+static size_t
+nsec3_get_iter(struct ub_packed_rrset_key* rrset, int r)
+{
+ uint16_t i;
+ struct packed_rrset_data* d = (struct packed_rrset_data*)
+ rrset->entry.data;
+ log_assert(d && r < (int)d->count);
+ if(d->rr_len[r] < 2+4)
+ return 0; /* malformed */
+ memmove(&i, d->rr_data[r]+2+2, sizeof(i));
+ i = ntohs(i);
+ return (size_t)i;
+}
+
+/** return nsec3 RR salt */
+static int
+nsec3_get_salt(struct ub_packed_rrset_key* rrset, int r,
+ uint8_t** salt, size_t* saltlen)
+{
+ struct packed_rrset_data* d = (struct packed_rrset_data*)
+ rrset->entry.data;
+ log_assert(d && r < (int)d->count);
+ if(d->rr_len[r] < 2+5) {
+ *salt = 0;
+ *saltlen = 0;
+ return 0; /* malformed */
+ }
+ *saltlen = (size_t)d->rr_data[r][2+4];
+ if(d->rr_len[r] < 2+5+(size_t)*saltlen) {
+ *salt = 0;
+ *saltlen = 0;
+ return 0; /* malformed */
+ }
+ *salt = d->rr_data[r]+2+5;
+ return 1;
+}
+
+int nsec3_get_params(struct ub_packed_rrset_key* rrset, int r,
+ int* algo, size_t* iter, uint8_t** salt, size_t* saltlen)
+{
+ if(!nsec3_known_algo(rrset, r) || nsec3_unknown_flags(rrset, r))
+ return 0;
+ if(!nsec3_get_salt(rrset, r, salt, saltlen))
+ return 0;
+ *algo = nsec3_get_algo(rrset, r);
+ *iter = nsec3_get_iter(rrset, r);
+ return 1;
+}
+
+int
+nsec3_get_nextowner(struct ub_packed_rrset_key* rrset, int r,
+ uint8_t** next, size_t* nextlen)
+{
+ size_t saltlen;
+ struct packed_rrset_data* d = (struct packed_rrset_data*)
+ rrset->entry.data;
+ log_assert(d && r < (int)d->count);
+ if(d->rr_len[r] < 2+5) {
+ *next = 0;
+ *nextlen = 0;
+ return 0; /* malformed */
+ }
+ saltlen = (size_t)d->rr_data[r][2+4];
+ if(d->rr_len[r] < 2+5+saltlen+1) {
+ *next = 0;
+ *nextlen = 0;
+ return 0; /* malformed */
+ }
+ *nextlen = (size_t)d->rr_data[r][2+5+saltlen];
+ if(d->rr_len[r] < 2+5+saltlen+1+*nextlen) {
+ *next = 0;
+ *nextlen = 0;
+ return 0; /* malformed */
+ }
+ *next = d->rr_data[r]+2+5+saltlen+1;
+ return 1;
+}
+
+size_t nsec3_hash_to_b32(uint8_t* hash, size_t hashlen, uint8_t* zone,
+ size_t zonelen, uint8_t* buf, size_t max)
+{
+ /* write b32 of name, leave one for length */
+ int ret;
+ if(max < hashlen*2+1) /* quick approx of b32, as if hexb16 */
+ return 0;
+ ret = sldns_b32_ntop_extended_hex(hash, hashlen, (char*)buf+1, max-1);
+ if(ret < 1)
+ return 0;
+ buf[0] = (uint8_t)ret; /* length of b32 label */
+ ret++;
+ if(max - ret < zonelen)
+ return 0;
+ memmove(buf+ret, zone, zonelen);
+ return zonelen+(size_t)ret;
+}
+
+size_t nsec3_get_nextowner_b32(struct ub_packed_rrset_key* rrset, int r,
+ uint8_t* buf, size_t max)
+{
+ uint8_t* nm, *zone;
+ size_t nmlen, zonelen;
+ if(!nsec3_get_nextowner(rrset, r, &nm, &nmlen))
+ return 0;
+ /* append zone name; the owner name must be <b32>.zone */
+ zone = rrset->rk.dname;
+ zonelen = rrset->rk.dname_len;
+ dname_remove_label(&zone, &zonelen);
+ return nsec3_hash_to_b32(nm, nmlen, zone, zonelen, buf, max);
+}
+
+int
+nsec3_has_type(struct ub_packed_rrset_key* rrset, int r, uint16_t type)
+{
+ uint8_t* bitmap;
+ size_t bitlen, skiplen;
+ struct packed_rrset_data* d = (struct packed_rrset_data*)
+ rrset->entry.data;
+ log_assert(d && r < (int)d->count);
+ skiplen = 2+4;
+ /* skip salt */
+ if(d->rr_len[r] < skiplen+1)
+ return 0; /* malformed, too short */
+ skiplen += 1+(size_t)d->rr_data[r][skiplen];
+ /* skip next hashed owner */
+ if(d->rr_len[r] < skiplen+1)
+ return 0; /* malformed, too short */
+ skiplen += 1+(size_t)d->rr_data[r][skiplen];
+ if(d->rr_len[r] < skiplen)
+ return 0; /* malformed, too short */
+ bitlen = d->rr_len[r] - skiplen;
+ bitmap = d->rr_data[r]+skiplen;
+ return nsecbitmap_has_type_rdata(bitmap, bitlen, type);
+}
+
+/**
+ * Iterate through NSEC3 list, per RR
+ * This routine gives the next RR in the list (or sets rrset null).
+ * Usage:
+ *
+ * size_t rrsetnum;
+ * int rrnum;
+ * struct ub_packed_rrset_key* rrset;
+ * for(rrset=filter_first(filter, &rrsetnum, &rrnum); rrset;
+ * rrset=filter_next(filter, &rrsetnum, &rrnum))
+ * do_stuff;
+ *
+ * Also filters out
+ * o unknown flag NSEC3s
+ * o unknown algorithm NSEC3s.
+ * @param filter: nsec3 filter structure.
+ * @param rrsetnum: in/out rrset number to look at.
+ * @param rrnum: in/out rr number in rrset to look at.
+ * @returns ptr to the next rrset (or NULL at end).
+ */
+static struct ub_packed_rrset_key*
+filter_next(struct nsec3_filter* filter, size_t* rrsetnum, int* rrnum)
+{
+ size_t i;
+ int r;
+ uint8_t* nm;
+ size_t nmlen;
+ if(!filter->zone) /* empty list */
+ return NULL;
+ for(i=*rrsetnum; i<filter->num; i++) {
+ /* see if RRset qualifies */
+ if(ntohs(filter->list[i]->rk.type) != LDNS_RR_TYPE_NSEC3 ||
+ ntohs(filter->list[i]->rk.rrset_class) !=
+ filter->fclass)
+ continue;
+ /* check RRset zone */
+ nm = filter->list[i]->rk.dname;
+ nmlen = filter->list[i]->rk.dname_len;
+ dname_remove_label(&nm, &nmlen);
+ if(query_dname_compare(nm, filter->zone) != 0)
+ continue;
+ if(i == *rrsetnum)
+ r = (*rrnum) + 1; /* continue at next RR */
+ else r = 0; /* new RRset start at first RR */
+ for(; r < (int)rrset_get_count(filter->list[i]); r++) {
+ /* skip unknown flags, algo */
+ if(nsec3_unknown_flags(filter->list[i], r) ||
+ !nsec3_known_algo(filter->list[i], r))
+ continue;
+ /* this one is a good target */
+ *rrsetnum = i;
+ *rrnum = r;
+ return filter->list[i];
+ }
+ }
+ return NULL;
+}
+
+/**
+ * Start iterating over NSEC3 records.
+ * @param filter: the filter structure, must have been filter_init-ed.
+ * @param rrsetnum: can be undefined on call, inited.
+ * @param rrnum: can be undefined on call, inited.
+ * @return first rrset of an NSEC3, together with rrnum this points to
+ * the first RR to examine. Is NULL on empty list.
+ */
+static struct ub_packed_rrset_key*
+filter_first(struct nsec3_filter* filter, size_t* rrsetnum, int* rrnum)
+{
+ *rrsetnum = 0;
+ *rrnum = -1;
+ return filter_next(filter, rrsetnum, rrnum);
+}
+
+/** see if at least one RR is known (flags, algo) */
+static int
+nsec3_rrset_has_known(struct ub_packed_rrset_key* s)
+{
+ int r;
+ for(r=0; r < (int)rrset_get_count(s); r++) {
+ if(!nsec3_unknown_flags(s, r) && nsec3_known_algo(s, r))
+ return 1;
+ }
+ return 0;
+}
+
+/**
+ * Initialize the filter structure.
+ * Finds the zone by looking at available NSEC3 records and best match.
+ * (skips the unknown flag and unknown algo NSEC3s).
+ *
+ * @param filter: nsec3 filter structure.
+ * @param list: list of rrsets, an array of them.
+ * @param num: number of rrsets in list.
+ * @param qinfo:
+ * query name to match a zone for.
+ * query type (if DS a higher zone must be chosen)
+ * qclass, to filter NSEC3s with.
+ */
+static void
+filter_init(struct nsec3_filter* filter, struct ub_packed_rrset_key** list,
+ size_t num, struct query_info* qinfo)
+{
+ size_t i;
+ uint8_t* nm;
+ size_t nmlen;
+ filter->zone = NULL;
+ filter->zone_len = 0;
+ filter->list = list;
+ filter->num = num;
+ filter->fclass = qinfo->qclass;
+ for(i=0; i<num; i++) {
+ /* ignore other stuff in the list */
+ if(ntohs(list[i]->rk.type) != LDNS_RR_TYPE_NSEC3 ||
+ ntohs(list[i]->rk.rrset_class) != qinfo->qclass)
+ continue;
+ /* skip unknown flags, algo */
+ if(!nsec3_rrset_has_known(list[i]))
+ continue;
+
+ /* since NSEC3s are base32.zonename, we can find the zone
+ * name by stripping off the first label of the record */
+ nm = list[i]->rk.dname;
+ nmlen = list[i]->rk.dname_len;
+ dname_remove_label(&nm, &nmlen);
+ /* if we find a domain that can prove about the qname,
+ * and if this domain is closer to the qname */
+ if(dname_subdomain_c(qinfo->qname, nm) && (!filter->zone ||
+ dname_subdomain_c(nm, filter->zone))) {
+ /* for a type DS do not accept a zone equal to qname*/
+ if(qinfo->qtype == LDNS_RR_TYPE_DS &&
+ query_dname_compare(qinfo->qname, nm) == 0 &&
+ !dname_is_root(qinfo->qname))
+ continue;
+ filter->zone = nm;
+ filter->zone_len = nmlen;
+ }
+ }
+}
+
+/**
+ * Find max iteration count using config settings and key size
+ * @param ve: validator environment with iteration count config settings.
+ * @param bits: key size
+ * @return max iteration count
+ */
+static size_t
+get_max_iter(struct val_env* ve, size_t bits)
+{
+ int i;
+ log_assert(ve->nsec3_keyiter_count > 0);
+ /* round up to nearest config keysize, linear search, keep it small */
+ for(i=0; i<ve->nsec3_keyiter_count; i++) {
+ if(bits <= ve->nsec3_keysize[i])
+ return ve->nsec3_maxiter[i];
+ }
+ /* else, use value for biggest key */
+ return ve->nsec3_maxiter[ve->nsec3_keyiter_count-1];
+}
+
+/**
+ * Determine if any of the NSEC3 rrs iteration count is too high, from key.
+ * @param ve: validator environment with iteration count config settings.
+ * @param filter: what NSEC3s to loop over.
+ * @param kkey: key entry used for verification; used for iteration counts.
+ * @return 1 if some nsec3s are above the max iteration count.
+ */
+static int
+nsec3_iteration_count_high(struct val_env* ve, struct nsec3_filter* filter,
+ struct key_entry_key* kkey)
+{
+ size_t rrsetnum;
+ int rrnum;
+ struct ub_packed_rrset_key* rrset;
+ /* first determine the max number of iterations */
+ size_t bits = key_entry_keysize(kkey);
+ size_t max_iter = get_max_iter(ve, bits);
+ verbose(VERB_ALGO, "nsec3: keysize %d bits, max iterations %d",
+ (int)bits, (int)max_iter);
+
+ for(rrset=filter_first(filter, &rrsetnum, &rrnum); rrset;
+ rrset=filter_next(filter, &rrsetnum, &rrnum)) {
+ if(nsec3_get_iter(rrset, rrnum) > max_iter)
+ return 1;
+ }
+ return 0;
+}
+
+/* nsec3_cache_compare for rbtree */
+int
+nsec3_hash_cmp(const void* c1, const void* c2)
+{
+ struct nsec3_cached_hash* h1 = (struct nsec3_cached_hash*)c1;
+ struct nsec3_cached_hash* h2 = (struct nsec3_cached_hash*)c2;
+ uint8_t* s1, *s2;
+ size_t s1len, s2len;
+ int c = query_dname_compare(h1->dname, h2->dname);
+ if(c != 0)
+ return c;
+ /* compare parameters */
+ /* if both malformed, its equal, robustness */
+ if(nsec3_get_algo(h1->nsec3, h1->rr) !=
+ nsec3_get_algo(h2->nsec3, h2->rr)) {
+ if(nsec3_get_algo(h1->nsec3, h1->rr) <
+ nsec3_get_algo(h2->nsec3, h2->rr))
+ return -1;
+ return 1;
+ }
+ if(nsec3_get_iter(h1->nsec3, h1->rr) !=
+ nsec3_get_iter(h2->nsec3, h2->rr)) {
+ if(nsec3_get_iter(h1->nsec3, h1->rr) <
+ nsec3_get_iter(h2->nsec3, h2->rr))
+ return -1;
+ return 1;
+ }
+ (void)nsec3_get_salt(h1->nsec3, h1->rr, &s1, &s1len);
+ (void)nsec3_get_salt(h2->nsec3, h2->rr, &s2, &s2len);
+ if(s1len != s2len) {
+ if(s1len < s2len)
+ return -1;
+ return 1;
+ }
+ return memcmp(s1, s2, s1len);
+}
+
+size_t
+nsec3_get_hashed(sldns_buffer* buf, uint8_t* nm, size_t nmlen, int algo,
+ size_t iter, uint8_t* salt, size_t saltlen, uint8_t* res, size_t max)
+{
+ size_t i, hash_len;
+ /* prepare buffer for first iteration */
+ sldns_buffer_clear(buf);
+ sldns_buffer_write(buf, nm, nmlen);
+ query_dname_tolower(sldns_buffer_begin(buf));
+ sldns_buffer_write(buf, salt, saltlen);
+ sldns_buffer_flip(buf);
+ switch(algo) {
+#if defined(HAVE_EVP_SHA1) || defined(HAVE_NSS)
+ case NSEC3_HASH_SHA1:
+#ifdef HAVE_SSL
+ hash_len = SHA_DIGEST_LENGTH;
+#else
+ hash_len = SHA1_LENGTH;
+#endif
+ if(hash_len > max)
+ return 0;
+# ifdef HAVE_SSL
+ (void)SHA1((unsigned char*)sldns_buffer_begin(buf),
+ (unsigned long)sldns_buffer_limit(buf),
+ (unsigned char*)res);
+# else
+ (void)HASH_HashBuf(HASH_AlgSHA1, (unsigned char*)res,
+ (unsigned char*)sldns_buffer_begin(buf),
+ (unsigned long)sldns_buffer_limit(buf));
+# endif
+ for(i=0; i<iter; i++) {
+ sldns_buffer_clear(buf);
+ sldns_buffer_write(buf, res, hash_len);
+ sldns_buffer_write(buf, salt, saltlen);
+ sldns_buffer_flip(buf);
+# ifdef HAVE_SSL
+ (void)SHA1(
+ (unsigned char*)sldns_buffer_begin(buf),
+ (unsigned long)sldns_buffer_limit(buf),
+ (unsigned char*)res);
+# else
+ (void)HASH_HashBuf(HASH_AlgSHA1,
+ (unsigned char*)res,
+ (unsigned char*)sldns_buffer_begin(buf),
+ (unsigned long)sldns_buffer_limit(buf));
+# endif
+ }
+ break;
+#endif /* HAVE_EVP_SHA1 or NSS */
+ default:
+ log_err("nsec3 hash of unknown algo %d", algo);
+ return 0;
+ }
+ return hash_len;
+}
+
+/** perform hash of name */
+static int
+nsec3_calc_hash(struct regional* region, sldns_buffer* buf,
+ struct nsec3_cached_hash* c)
+{
+ int algo = nsec3_get_algo(c->nsec3, c->rr);
+ size_t iter = nsec3_get_iter(c->nsec3, c->rr);
+ uint8_t* salt;
+ size_t saltlen, i;
+ if(!nsec3_get_salt(c->nsec3, c->rr, &salt, &saltlen))
+ return -1;
+ /* prepare buffer for first iteration */
+ sldns_buffer_clear(buf);
+ sldns_buffer_write(buf, c->dname, c->dname_len);
+ query_dname_tolower(sldns_buffer_begin(buf));
+ sldns_buffer_write(buf, salt, saltlen);
+ sldns_buffer_flip(buf);
+ switch(algo) {
+#if defined(HAVE_EVP_SHA1) || defined(HAVE_NSS)
+ case NSEC3_HASH_SHA1:
+#ifdef HAVE_SSL
+ c->hash_len = SHA_DIGEST_LENGTH;
+#else
+ c->hash_len = SHA1_LENGTH;
+#endif
+ c->hash = (uint8_t*)regional_alloc(region,
+ c->hash_len);
+ if(!c->hash)
+ return 0;
+# ifdef HAVE_SSL
+ (void)SHA1((unsigned char*)sldns_buffer_begin(buf),
+ (unsigned long)sldns_buffer_limit(buf),
+ (unsigned char*)c->hash);
+# else
+ (void)HASH_HashBuf(HASH_AlgSHA1,
+ (unsigned char*)c->hash,
+ (unsigned char*)sldns_buffer_begin(buf),
+ (unsigned long)sldns_buffer_limit(buf));
+# endif
+ for(i=0; i<iter; i++) {
+ sldns_buffer_clear(buf);
+ sldns_buffer_write(buf, c->hash, c->hash_len);
+ sldns_buffer_write(buf, salt, saltlen);
+ sldns_buffer_flip(buf);
+# ifdef HAVE_SSL
+ (void)SHA1(
+ (unsigned char*)sldns_buffer_begin(buf),
+ (unsigned long)sldns_buffer_limit(buf),
+ (unsigned char*)c->hash);
+# else
+ (void)HASH_HashBuf(HASH_AlgSHA1,
+ (unsigned char*)c->hash,
+ (unsigned char*)sldns_buffer_begin(buf),
+ (unsigned long)sldns_buffer_limit(buf));
+# endif
+ }
+ break;
+#endif /* HAVE_EVP_SHA1 or NSS */
+ default:
+ log_err("nsec3 hash of unknown algo %d", algo);
+ return -1;
+ }
+ return 1;
+}
+
+/** perform b32 encoding of hash */
+static int
+nsec3_calc_b32(struct regional* region, sldns_buffer* buf,
+ struct nsec3_cached_hash* c)
+{
+ int r;
+ sldns_buffer_clear(buf);
+ r = sldns_b32_ntop_extended_hex(c->hash, c->hash_len,
+ (char*)sldns_buffer_begin(buf), sldns_buffer_limit(buf));
+ if(r < 1) {
+ log_err("b32_ntop_extended_hex: error in encoding: %d", r);
+ return 0;
+ }
+ c->b32_len = (size_t)r;
+ c->b32 = regional_alloc_init(region, sldns_buffer_begin(buf),
+ c->b32_len);
+ if(!c->b32)
+ return 0;
+ return 1;
+}
+
+int
+nsec3_hash_name(rbtree_t* table, struct regional* region, sldns_buffer* buf,
+ struct ub_packed_rrset_key* nsec3, int rr, uint8_t* dname,
+ size_t dname_len, struct nsec3_cached_hash** hash)
+{
+ struct nsec3_cached_hash* c;
+ struct nsec3_cached_hash looki;
+#ifdef UNBOUND_DEBUG
+ rbnode_t* n;
+#endif
+ int r;
+ looki.node.key = &looki;
+ looki.nsec3 = nsec3;
+ looki.rr = rr;
+ looki.dname = dname;
+ looki.dname_len = dname_len;
+ /* lookup first in cache */
+ c = (struct nsec3_cached_hash*)rbtree_search(table, &looki);
+ if(c) {
+ *hash = c;
+ return 1;
+ }
+ /* create a new entry */
+ c = (struct nsec3_cached_hash*)regional_alloc(region, sizeof(*c));
+ if(!c) return 0;
+ c->node.key = c;
+ c->nsec3 = nsec3;
+ c->rr = rr;
+ c->dname = dname;
+ c->dname_len = dname_len;
+ r = nsec3_calc_hash(region, buf, c);
+ if(r != 1)
+ return r;
+ r = nsec3_calc_b32(region, buf, c);
+ if(r != 1)
+ return r;
+#ifdef UNBOUND_DEBUG
+ n =
+#else
+ (void)
+#endif
+ rbtree_insert(table, &c->node);
+ log_assert(n); /* cannot be duplicate, just did lookup */
+ *hash = c;
+ return 1;
+}
+
+/**
+ * compare a label lowercased
+ */
+static int
+label_compare_lower(uint8_t* lab1, uint8_t* lab2, size_t lablen)
+{
+ size_t i;
+ for(i=0; i<lablen; i++) {
+ if(tolower((int)*lab1) != tolower((int)*lab2)) {
+ if(tolower((int)*lab1) < tolower((int)*lab2))
+ return -1;
+ return 1;
+ }
+ lab1++;
+ lab2++;
+ }
+ return 0;
+}
+
+/**
+ * Compare a hashed name with the owner name of an NSEC3 RRset.
+ * @param flt: filter with zone name.
+ * @param hash: the hashed name.
+ * @param s: rrset with owner name.
+ * @return true if matches exactly, false if not.
+ */
+static int
+nsec3_hash_matches_owner(struct nsec3_filter* flt,
+ struct nsec3_cached_hash* hash, struct ub_packed_rrset_key* s)
+{
+ uint8_t* nm = s->rk.dname;
+ /* compare, does hash of name based on params in this NSEC3
+ * match the owner name of this NSEC3?
+ * name must be: <hashlength>base32 . zone name
+ * so; first label must not be root label (not zero length),
+ * and match the b32 encoded hash length,
+ * and the label content match the b32 encoded hash
+ * and the rest must be the zone name.
+ */
+ if(hash->b32_len != 0 && (size_t)nm[0] == hash->b32_len &&
+ label_compare_lower(nm+1, hash->b32, hash->b32_len) == 0 &&
+ query_dname_compare(nm+(size_t)nm[0]+1, flt->zone) == 0) {
+ return 1;
+ }
+ return 0;
+}
+
+/**
+ * Find matching NSEC3
+ * Find the NSEC3Record that matches a hash of a name.
+ * @param env: module environment with temporary region and buffer.
+ * @param flt: the NSEC3 RR filter, contains zone name and RRs.
+ * @param ct: cached hashes table.
+ * @param nm: name to look for.
+ * @param nmlen: length of name.
+ * @param rrset: nsec3 that matches is returned here.
+ * @param rr: rr number in nsec3 rrset that matches.
+ * @return true if a matching NSEC3 is found, false if not.
+ */
+static int
+find_matching_nsec3(struct module_env* env, struct nsec3_filter* flt,
+ rbtree_t* ct, uint8_t* nm, size_t nmlen,
+ struct ub_packed_rrset_key** rrset, int* rr)
+{
+ size_t i_rs;
+ int i_rr;
+ struct ub_packed_rrset_key* s;
+ struct nsec3_cached_hash* hash;
+ int r;
+
+ /* this loop skips other-zone and unknown NSEC3s, also non-NSEC3 RRs */
+ for(s=filter_first(flt, &i_rs, &i_rr); s;
+ s=filter_next(flt, &i_rs, &i_rr)) {
+ /* get name hashed for this NSEC3 RR */
+ r = nsec3_hash_name(ct, env->scratch, env->scratch_buffer,
+ s, i_rr, nm, nmlen, &hash);
+ if(r == 0) {
+ log_err("nsec3: malloc failure");
+ break; /* alloc failure */
+ } else if(r < 0)
+ continue; /* malformed NSEC3 */
+ else if(nsec3_hash_matches_owner(flt, hash, s)) {
+ *rrset = s; /* rrset with this name */
+ *rr = i_rr; /* matches hash with these parameters */
+ return 1;
+ }
+ }
+ *rrset = NULL;
+ *rr = 0;
+ return 0;
+}
+
+int
+nsec3_covers(uint8_t* zone, struct nsec3_cached_hash* hash,
+ struct ub_packed_rrset_key* rrset, int rr, sldns_buffer* buf)
+{
+ uint8_t* next, *owner;
+ size_t nextlen;
+ int len;
+ if(!nsec3_get_nextowner(rrset, rr, &next, &nextlen))
+ return 0; /* malformed RR proves nothing */
+
+ /* check the owner name is a hashed value . apex
+ * base32 encoded values must have equal length.
+ * hash_value and next hash value must have equal length. */
+ if(nextlen != hash->hash_len || hash->hash_len==0||hash->b32_len==0||
+ (size_t)*rrset->rk.dname != hash->b32_len ||
+ query_dname_compare(rrset->rk.dname+1+
+ (size_t)*rrset->rk.dname, zone) != 0)
+ return 0; /* bad lengths or owner name */
+
+ /* This is the "normal case: owner < next and owner < hash < next */
+ if(label_compare_lower(rrset->rk.dname+1, hash->b32,
+ hash->b32_len) < 0 &&
+ memcmp(hash->hash, next, nextlen) < 0)
+ return 1;
+
+ /* convert owner name from text to binary */
+ sldns_buffer_clear(buf);
+ owner = sldns_buffer_begin(buf);
+ len = sldns_b32_pton_extended_hex((char*)rrset->rk.dname+1,
+ hash->b32_len, owner, sldns_buffer_limit(buf));
+ if(len<1)
+ return 0; /* bad owner name in some way */
+ if((size_t)len != hash->hash_len || (size_t)len != nextlen)
+ return 0; /* wrong length */
+
+ /* this is the end of zone case: next <= owner &&
+ * (hash > owner || hash < next)
+ * this also covers the only-apex case of next==owner.
+ */
+ if(memcmp(next, owner, nextlen) <= 0 &&
+ ( memcmp(hash->hash, owner, nextlen) > 0 ||
+ memcmp(hash->hash, next, nextlen) < 0)) {
+ return 1;
+ }
+ return 0;
+}
+
+/**
+ * findCoveringNSEC3
+ * Given a name, find a covering NSEC3 from among a list of NSEC3s.
+ *
+ * @param env: module environment with temporary region and buffer.
+ * @param flt: the NSEC3 RR filter, contains zone name and RRs.
+ * @param ct: cached hashes table.
+ * @param nm: name to check if covered.
+ * @param nmlen: length of name.
+ * @param rrset: covering NSEC3 rrset is returned here.
+ * @param rr: rr of cover is returned here.
+ * @return true if a covering NSEC3 is found, false if not.
+ */
+static int
+find_covering_nsec3(struct module_env* env, struct nsec3_filter* flt,
+ rbtree_t* ct, uint8_t* nm, size_t nmlen,
+ struct ub_packed_rrset_key** rrset, int* rr)
+{
+ size_t i_rs;
+ int i_rr;
+ struct ub_packed_rrset_key* s;
+ struct nsec3_cached_hash* hash;
+ int r;
+
+ /* this loop skips other-zone and unknown NSEC3s, also non-NSEC3 RRs */
+ for(s=filter_first(flt, &i_rs, &i_rr); s;
+ s=filter_next(flt, &i_rs, &i_rr)) {
+ /* get name hashed for this NSEC3 RR */
+ r = nsec3_hash_name(ct, env->scratch, env->scratch_buffer,
+ s, i_rr, nm, nmlen, &hash);
+ if(r == 0) {
+ log_err("nsec3: malloc failure");
+ break; /* alloc failure */
+ } else if(r < 0)
+ continue; /* malformed NSEC3 */
+ else if(nsec3_covers(flt->zone, hash, s, i_rr,
+ env->scratch_buffer)) {
+ *rrset = s; /* rrset with this name */
+ *rr = i_rr; /* covers hash with these parameters */
+ return 1;
+ }
+ }
+ *rrset = NULL;
+ *rr = 0;
+ return 0;
+}
+
+/**
+ * findClosestEncloser
+ * Given a name and a list of NSEC3s, find the candidate closest encloser.
+ * This will be the first ancestor of 'name' (including itself) to have a
+ * matching NSEC3 RR.
+ * @param env: module environment with temporary region and buffer.
+ * @param flt: the NSEC3 RR filter, contains zone name and RRs.
+ * @param ct: cached hashes table.
+ * @param qinfo: query that is verified for.
+ * @param ce: closest encloser information is returned in here.
+ * @return true if a closest encloser candidate is found, false if not.
+ */
+static int
+nsec3_find_closest_encloser(struct module_env* env, struct nsec3_filter* flt,
+ rbtree_t* ct, struct query_info* qinfo, struct ce_response* ce)
+{
+ uint8_t* nm = qinfo->qname;
+ size_t nmlen = qinfo->qname_len;
+
+ /* This scans from longest name to shortest, so the first match
+ * we find is the only viable candidate. */
+
+ /* (David:) FIXME: modify so that the NSEC3 matching the zone apex need
+ * not be present. (Mark Andrews idea).
+ * (Wouter:) But make sure you check for DNAME bit in zone apex,
+ * if the NSEC3 you find is the only NSEC3 in the zone, then this
+ * may be the case. */
+
+ while(dname_subdomain_c(nm, flt->zone)) {
+ if(find_matching_nsec3(env, flt, ct, nm, nmlen,
+ &ce->ce_rrset, &ce->ce_rr)) {
+ ce->ce = nm;
+ ce->ce_len = nmlen;
+ return 1;
+ }
+ dname_remove_label(&nm, &nmlen);
+ }
+ return 0;
+}
+
+/**
+ * Given a qname and its proven closest encloser, calculate the "next
+ * closest" name. Basically, this is the name that is one label longer than
+ * the closest encloser that is still a subdomain of qname.
+ *
+ * @param qname: query name.
+ * @param qnamelen: length of qname.
+ * @param ce: closest encloser
+ * @param nm: result name.
+ * @param nmlen: length of nm.
+ */
+static void
+next_closer(uint8_t* qname, size_t qnamelen, uint8_t* ce,
+ uint8_t** nm, size_t* nmlen)
+{
+ int strip = dname_count_labels(qname) - dname_count_labels(ce) -1;
+ *nm = qname;
+ *nmlen = qnamelen;
+ if(strip>0)
+ dname_remove_labels(nm, nmlen, strip);
+}
+
+/**
+ * proveClosestEncloser
+ * Given a List of nsec3 RRs, find and prove the closest encloser to qname.
+ * @param env: module environment with temporary region and buffer.
+ * @param flt: the NSEC3 RR filter, contains zone name and RRs.
+ * @param ct: cached hashes table.
+ * @param qinfo: query that is verified for.
+ * @param prove_does_not_exist: If true, then if the closest encloser
+ * turns out to be qname, then null is returned.
+ * If set true, and the return value is true, then you can be
+ * certain that the ce.nc_rrset and ce.nc_rr are set properly.
+ * @param ce: closest encloser information is returned in here.
+ * @return bogus if no closest encloser could be proven.
+ * secure if a closest encloser could be proven, ce is set.
+ * insecure if the closest-encloser candidate turns out to prove
+ * that an insecure delegation exists above the qname.
+ */
+static enum sec_status
+nsec3_prove_closest_encloser(struct module_env* env, struct nsec3_filter* flt,
+ rbtree_t* ct, struct query_info* qinfo, int prove_does_not_exist,
+ struct ce_response* ce)
+{
+ uint8_t* nc;
+ size_t nc_len;
+ /* robust: clean out ce, in case it gets abused later */
+ memset(ce, 0, sizeof(*ce));
+
+ if(!nsec3_find_closest_encloser(env, flt, ct, qinfo, ce)) {
+ verbose(VERB_ALGO, "nsec3 proveClosestEncloser: could "
+ "not find a candidate for the closest encloser.");
+ return sec_status_bogus;
+ }
+ log_nametypeclass(VERB_ALGO, "ce candidate", ce->ce, 0, 0);
+
+ if(query_dname_compare(ce->ce, qinfo->qname) == 0) {
+ if(prove_does_not_exist) {
+ verbose(VERB_ALGO, "nsec3 proveClosestEncloser: "
+ "proved that qname existed, bad");
+ return sec_status_bogus;
+ }
+ /* otherwise, we need to nothing else to prove that qname
+ * is its own closest encloser. */
+ return sec_status_secure;
+ }
+
+ /* If the closest encloser is actually a delegation, then the
+ * response should have been a referral. If it is a DNAME, then
+ * it should have been a DNAME response. */
+ if(nsec3_has_type(ce->ce_rrset, ce->ce_rr, LDNS_RR_TYPE_NS) &&
+ !nsec3_has_type(ce->ce_rrset, ce->ce_rr, LDNS_RR_TYPE_SOA)) {
+ if(!nsec3_has_type(ce->ce_rrset, ce->ce_rr, LDNS_RR_TYPE_DS)) {
+ verbose(VERB_ALGO, "nsec3 proveClosestEncloser: "
+ "closest encloser is insecure delegation");
+ return sec_status_insecure;
+ }
+ verbose(VERB_ALGO, "nsec3 proveClosestEncloser: closest "
+ "encloser was a delegation, bad");
+ return sec_status_bogus;
+ }
+ if(nsec3_has_type(ce->ce_rrset, ce->ce_rr, LDNS_RR_TYPE_DNAME)) {
+ verbose(VERB_ALGO, "nsec3 proveClosestEncloser: closest "
+ "encloser was a DNAME, bad");
+ return sec_status_bogus;
+ }
+
+ /* Otherwise, we need to show that the next closer name is covered. */
+ next_closer(qinfo->qname, qinfo->qname_len, ce->ce, &nc, &nc_len);
+ if(!find_covering_nsec3(env, flt, ct, nc, nc_len,
+ &ce->nc_rrset, &ce->nc_rr)) {
+ verbose(VERB_ALGO, "nsec3: Could not find proof that the "
+ "candidate encloser was the closest encloser");
+ return sec_status_bogus;
+ }
+ return sec_status_secure;
+}
+
+/** allocate a wildcard for the closest encloser */
+static uint8_t*
+nsec3_ce_wildcard(struct regional* region, uint8_t* ce, size_t celen,
+ size_t* len)
+{
+ uint8_t* nm;
+ if(celen > LDNS_MAX_DOMAINLEN - 2)
+ return 0; /* too long */
+ nm = (uint8_t*)regional_alloc(region, celen+2);
+ if(!nm) {
+ log_err("nsec3 wildcard: out of memory");
+ return 0; /* alloc failure */
+ }
+ nm[0] = 1;
+ nm[1] = (uint8_t)'*'; /* wildcard label */
+ memmove(nm+2, ce, celen);
+ *len = celen+2;
+ return nm;
+}
+
+/** Do the name error proof */
+static enum sec_status
+nsec3_do_prove_nameerror(struct module_env* env, struct nsec3_filter* flt,
+ rbtree_t* ct, struct query_info* qinfo)
+{
+ struct ce_response ce;
+ uint8_t* wc;
+ size_t wclen;
+ struct ub_packed_rrset_key* wc_rrset;
+ int wc_rr;
+ enum sec_status sec;
+
+ /* First locate and prove the closest encloser to qname. We will
+ * use the variant that fails if the closest encloser turns out
+ * to be qname. */
+ sec = nsec3_prove_closest_encloser(env, flt, ct, qinfo, 1, &ce);
+ if(sec != sec_status_secure) {
+ if(sec == sec_status_bogus)
+ verbose(VERB_ALGO, "nsec3 nameerror proof: failed "
+ "to prove a closest encloser");
+ else verbose(VERB_ALGO, "nsec3 nameerror proof: closest "
+ "nsec3 is an insecure delegation");
+ return sec;
+ }
+ log_nametypeclass(VERB_ALGO, "nsec3 namerror: proven ce=", ce.ce,0,0);
+
+ /* At this point, we know that qname does not exist. Now we need
+ * to prove that the wildcard does not exist. */
+ log_assert(ce.ce);
+ wc = nsec3_ce_wildcard(env->scratch, ce.ce, ce.ce_len, &wclen);
+ if(!wc || !find_covering_nsec3(env, flt, ct, wc, wclen,
+ &wc_rrset, &wc_rr)) {
+ verbose(VERB_ALGO, "nsec3 nameerror proof: could not prove "
+ "that the applicable wildcard did not exist.");
+ return sec_status_bogus;
+ }
+
+ if(ce.nc_rrset && nsec3_has_optout(ce.nc_rrset, ce.nc_rr)) {
+ verbose(VERB_ALGO, "nsec3 nameerror proof: nc has optout");
+ return sec_status_insecure;
+ }
+ return sec_status_secure;
+}
+
+enum sec_status
+nsec3_prove_nameerror(struct module_env* env, struct val_env* ve,
+ struct ub_packed_rrset_key** list, size_t num,
+ struct query_info* qinfo, struct key_entry_key* kkey)
+{
+ rbtree_t ct;
+ struct nsec3_filter flt;
+
+ if(!list || num == 0 || !kkey || !key_entry_isgood(kkey))
+ return sec_status_bogus; /* no valid NSEC3s, bogus */
+ rbtree_init(&ct, &nsec3_hash_cmp); /* init names-to-hash cache */
+ filter_init(&flt, list, num, qinfo); /* init RR iterator */
+ if(!flt.zone)
+ return sec_status_bogus; /* no RRs */
+ if(nsec3_iteration_count_high(ve, &flt, kkey))
+ return sec_status_insecure; /* iteration count too high */
+ log_nametypeclass(VERB_ALGO, "start nsec3 nameerror proof, zone",
+ flt.zone, 0, 0);
+ return nsec3_do_prove_nameerror(env, &flt, &ct, qinfo);
+}
+
+/*
+ * No code to handle qtype=NSEC3 specially.
+ * This existed in early drafts, but was later (-05) removed.
+ */
+
+/** Do the nodata proof */
+static enum sec_status
+nsec3_do_prove_nodata(struct module_env* env, struct nsec3_filter* flt,
+ rbtree_t* ct, struct query_info* qinfo)
+{
+ struct ce_response ce;
+ uint8_t* wc;
+ size_t wclen;
+ struct ub_packed_rrset_key* rrset;
+ int rr;
+ enum sec_status sec;
+
+ if(find_matching_nsec3(env, flt, ct, qinfo->qname, qinfo->qname_len,
+ &rrset, &rr)) {
+ /* cases 1 and 2 */
+ if(nsec3_has_type(rrset, rr, qinfo->qtype)) {
+ verbose(VERB_ALGO, "proveNodata: Matching NSEC3 "
+ "proved that type existed, bogus");
+ return sec_status_bogus;
+ } else if(nsec3_has_type(rrset, rr, LDNS_RR_TYPE_CNAME)) {
+ verbose(VERB_ALGO, "proveNodata: Matching NSEC3 "
+ "proved that a CNAME existed, bogus");
+ return sec_status_bogus;
+ }
+
+ /*
+ * If type DS: filter_init zone find already found a parent
+ * zone, so this nsec3 is from a parent zone.
+ * o can be not a delegation (unusual query for normal name,
+ * no DS anyway, but we can verify that).
+ * o can be a delegation (which is the usual DS check).
+ * o may not have the SOA bit set (only the top of the
+ * zone, which must have been above the name, has that).
+ * Except for the root; which is checked by itself.
+ *
+ * If not type DS: matching nsec3 must not be a delegation.
+ */
+ if(qinfo->qtype == LDNS_RR_TYPE_DS && qinfo->qname_len != 1
+ && nsec3_has_type(rrset, rr, LDNS_RR_TYPE_SOA) &&
+ !dname_is_root(qinfo->qname)) {
+ verbose(VERB_ALGO, "proveNodata: apex NSEC3 "
+ "abused for no DS proof, bogus");
+ return sec_status_bogus;
+ } else if(qinfo->qtype != LDNS_RR_TYPE_DS &&
+ nsec3_has_type(rrset, rr, LDNS_RR_TYPE_NS) &&
+ !nsec3_has_type(rrset, rr, LDNS_RR_TYPE_SOA)) {
+ if(!nsec3_has_type(rrset, rr, LDNS_RR_TYPE_DS)) {
+ verbose(VERB_ALGO, "proveNodata: matching "
+ "NSEC3 is insecure delegation");
+ return sec_status_insecure;
+ }
+ verbose(VERB_ALGO, "proveNodata: matching "
+ "NSEC3 is a delegation, bogus");
+ return sec_status_bogus;
+ }
+ return sec_status_secure;
+ }
+
+ /* For cases 3 - 5, we need the proven closest encloser, and it
+ * can't match qname. Although, at this point, we know that it
+ * won't since we just checked that. */
+ sec = nsec3_prove_closest_encloser(env, flt, ct, qinfo, 1, &ce);
+ if(sec == sec_status_bogus) {
+ verbose(VERB_ALGO, "proveNodata: did not match qname, "
+ "nor found a proven closest encloser.");
+ return sec_status_bogus;
+ } else if(sec==sec_status_insecure && qinfo->qtype!=LDNS_RR_TYPE_DS){
+ verbose(VERB_ALGO, "proveNodata: closest nsec3 is insecure "
+ "delegation.");
+ return sec_status_insecure;
+ }
+
+ /* Case 3: removed */
+
+ /* Case 4: */
+ log_assert(ce.ce);
+ wc = nsec3_ce_wildcard(env->scratch, ce.ce, ce.ce_len, &wclen);
+ if(wc && find_matching_nsec3(env, flt, ct, wc, wclen, &rrset, &rr)) {
+ /* found wildcard */
+ if(nsec3_has_type(rrset, rr, qinfo->qtype)) {
+ verbose(VERB_ALGO, "nsec3 nodata proof: matching "
+ "wildcard had qtype, bogus");
+ return sec_status_bogus;
+ } else if(nsec3_has_type(rrset, rr, LDNS_RR_TYPE_CNAME)) {
+ verbose(VERB_ALGO, "nsec3 nodata proof: matching "
+ "wildcard had a CNAME, bogus");
+ return sec_status_bogus;
+ }
+ if(qinfo->qtype == LDNS_RR_TYPE_DS && qinfo->qname_len != 1
+ && nsec3_has_type(rrset, rr, LDNS_RR_TYPE_SOA)) {
+ verbose(VERB_ALGO, "nsec3 nodata proof: matching "
+ "wildcard for no DS proof has a SOA, bogus");
+ return sec_status_bogus;
+ } else if(qinfo->qtype != LDNS_RR_TYPE_DS &&
+ nsec3_has_type(rrset, rr, LDNS_RR_TYPE_NS) &&
+ !nsec3_has_type(rrset, rr, LDNS_RR_TYPE_SOA)) {
+ verbose(VERB_ALGO, "nsec3 nodata proof: matching "
+ "wilcard is a delegation, bogus");
+ return sec_status_bogus;
+ }
+ /* everything is peachy keen, except for optout spans */
+ if(ce.nc_rrset && nsec3_has_optout(ce.nc_rrset, ce.nc_rr)) {
+ verbose(VERB_ALGO, "nsec3 nodata proof: matching "
+ "wildcard is in optout range, insecure");
+ return sec_status_insecure;
+ }
+ return sec_status_secure;
+ }
+
+ /* Case 5: */
+ /* Due to forwarders, cnames, and other collating effects, we
+ * can see the ordinary unsigned data from a zone beneath an
+ * insecure delegation under an optout here */
+ if(!ce.nc_rrset) {
+ verbose(VERB_ALGO, "nsec3 nodata proof: no next closer nsec3");
+ return sec_status_bogus;
+ }
+
+ /* We need to make sure that the covering NSEC3 is opt-out. */
+ log_assert(ce.nc_rrset);
+ if(!nsec3_has_optout(ce.nc_rrset, ce.nc_rr)) {
+ if(qinfo->qtype == LDNS_RR_TYPE_DS)
+ verbose(VERB_ALGO, "proveNodata: covering NSEC3 was not "
+ "opt-out in an opt-out DS NOERROR/NODATA case.");
+ else verbose(VERB_ALGO, "proveNodata: could not find matching "
+ "NSEC3, nor matching wildcard, nor optout NSEC3 "
+ "-- no more options, bogus.");
+ return sec_status_bogus;
+ }
+ /* RFC5155 section 9.2: if nc has optout then no AD flag set */
+ return sec_status_insecure;
+}
+
+enum sec_status
+nsec3_prove_nodata(struct module_env* env, struct val_env* ve,
+ struct ub_packed_rrset_key** list, size_t num,
+ struct query_info* qinfo, struct key_entry_key* kkey)
+{
+ rbtree_t ct;
+ struct nsec3_filter flt;
+
+ if(!list || num == 0 || !kkey || !key_entry_isgood(kkey))
+ return sec_status_bogus; /* no valid NSEC3s, bogus */
+ rbtree_init(&ct, &nsec3_hash_cmp); /* init names-to-hash cache */
+ filter_init(&flt, list, num, qinfo); /* init RR iterator */
+ if(!flt.zone)
+ return sec_status_bogus; /* no RRs */
+ if(nsec3_iteration_count_high(ve, &flt, kkey))
+ return sec_status_insecure; /* iteration count too high */
+ return nsec3_do_prove_nodata(env, &flt, &ct, qinfo);
+}
+
+enum sec_status
+nsec3_prove_wildcard(struct module_env* env, struct val_env* ve,
+ struct ub_packed_rrset_key** list, size_t num,
+ struct query_info* qinfo, struct key_entry_key* kkey, uint8_t* wc)
+{
+ rbtree_t ct;
+ struct nsec3_filter flt;
+ struct ce_response ce;
+ uint8_t* nc;
+ size_t nc_len;
+ size_t wclen;
+ (void)dname_count_size_labels(wc, &wclen);
+
+ if(!list || num == 0 || !kkey || !key_entry_isgood(kkey))
+ return sec_status_bogus; /* no valid NSEC3s, bogus */
+ rbtree_init(&ct, &nsec3_hash_cmp); /* init names-to-hash cache */
+ filter_init(&flt, list, num, qinfo); /* init RR iterator */
+ if(!flt.zone)
+ return sec_status_bogus; /* no RRs */
+ if(nsec3_iteration_count_high(ve, &flt, kkey))
+ return sec_status_insecure; /* iteration count too high */
+
+ /* We know what the (purported) closest encloser is by just
+ * looking at the supposed generating wildcard.
+ * The *. has already been removed from the wc name.
+ */
+ memset(&ce, 0, sizeof(ce));
+ ce.ce = wc;
+ ce.ce_len = wclen;
+
+ /* Now we still need to prove that the original data did not exist.
+ * Otherwise, we need to show that the next closer name is covered. */
+ next_closer(qinfo->qname, qinfo->qname_len, ce.ce, &nc, &nc_len);
+ if(!find_covering_nsec3(env, &flt, &ct, nc, nc_len,
+ &ce.nc_rrset, &ce.nc_rr)) {
+ verbose(VERB_ALGO, "proveWildcard: did not find a covering "
+ "NSEC3 that covered the next closer name.");
+ return sec_status_bogus;
+ }
+ if(ce.nc_rrset && nsec3_has_optout(ce.nc_rrset, ce.nc_rr)) {
+ verbose(VERB_ALGO, "proveWildcard: NSEC3 optout");
+ return sec_status_insecure;
+ }
+ return sec_status_secure;
+}
+
+/** test if list is all secure */
+static int
+list_is_secure(struct module_env* env, struct val_env* ve,
+ struct ub_packed_rrset_key** list, size_t num,
+ struct key_entry_key* kkey, char** reason)
+{
+ struct packed_rrset_data* d;
+ size_t i;
+ for(i=0; i<num; i++) {
+ d = (struct packed_rrset_data*)list[i]->entry.data;
+ if(list[i]->rk.type != htons(LDNS_RR_TYPE_NSEC3))
+ continue;
+ if(d->security == sec_status_secure)
+ continue;
+ rrset_check_sec_status(env->rrset_cache, list[i], *env->now);
+ if(d->security == sec_status_secure)
+ continue;
+ d->security = val_verify_rrset_entry(env, ve, list[i], kkey,
+ reason);
+ if(d->security != sec_status_secure) {
+ verbose(VERB_ALGO, "NSEC3 did not verify");
+ return 0;
+ }
+ rrset_update_sec_status(env->rrset_cache, list[i], *env->now);
+ }
+ return 1;
+}
+
+enum sec_status
+nsec3_prove_nods(struct module_env* env, struct val_env* ve,
+ struct ub_packed_rrset_key** list, size_t num,
+ struct query_info* qinfo, struct key_entry_key* kkey, char** reason)
+{
+ rbtree_t ct;
+ struct nsec3_filter flt;
+ struct ce_response ce;
+ struct ub_packed_rrset_key* rrset;
+ int rr;
+ log_assert(qinfo->qtype == LDNS_RR_TYPE_DS);
+
+ if(!list || num == 0 || !kkey || !key_entry_isgood(kkey)) {
+ *reason = "no valid NSEC3s";
+ return sec_status_bogus; /* no valid NSEC3s, bogus */
+ }
+ if(!list_is_secure(env, ve, list, num, kkey, reason))
+ return sec_status_bogus; /* not all NSEC3 records secure */
+ rbtree_init(&ct, &nsec3_hash_cmp); /* init names-to-hash cache */
+ filter_init(&flt, list, num, qinfo); /* init RR iterator */
+ if(!flt.zone) {
+ *reason = "no NSEC3 records";
+ return sec_status_bogus; /* no RRs */
+ }
+ if(nsec3_iteration_count_high(ve, &flt, kkey))
+ return sec_status_insecure; /* iteration count too high */
+
+ /* Look for a matching NSEC3 to qname -- this is the normal
+ * NODATA case. */
+ if(find_matching_nsec3(env, &flt, &ct, qinfo->qname, qinfo->qname_len,
+ &rrset, &rr)) {
+ /* If the matching NSEC3 has the SOA bit set, it is from
+ * the wrong zone (the child instead of the parent). If
+ * it has the DS bit set, then we were lied to. */
+ if(nsec3_has_type(rrset, rr, LDNS_RR_TYPE_SOA) &&
+ qinfo->qname_len != 1) {
+ verbose(VERB_ALGO, "nsec3 provenods: NSEC3 is from"
+ " child zone, bogus");
+ *reason = "NSEC3 from child zone";
+ return sec_status_bogus;
+ } else if(nsec3_has_type(rrset, rr, LDNS_RR_TYPE_DS)) {
+ verbose(VERB_ALGO, "nsec3 provenods: NSEC3 has qtype"
+ " DS, bogus");
+ *reason = "NSEC3 has DS in bitmap";
+ return sec_status_bogus;
+ }
+ /* If the NSEC3 RR doesn't have the NS bit set, then
+ * this wasn't a delegation point. */
+ if(!nsec3_has_type(rrset, rr, LDNS_RR_TYPE_NS))
+ return sec_status_indeterminate;
+ /* Otherwise, this proves no DS. */
+ return sec_status_secure;
+ }
+
+ /* Otherwise, we are probably in the opt-out case. */
+ if(nsec3_prove_closest_encloser(env, &flt, &ct, qinfo, 1, &ce)
+ != sec_status_secure) {
+ /* an insecure delegation *above* the qname does not prove
+ * anything about this qname exactly, and bogus is bogus */
+ verbose(VERB_ALGO, "nsec3 provenods: did not match qname, "
+ "nor found a proven closest encloser.");
+ *reason = "no NSEC3 closest encloser";
+ return sec_status_bogus;
+ }
+
+ /* robust extra check */
+ if(!ce.nc_rrset) {
+ verbose(VERB_ALGO, "nsec3 nods proof: no next closer nsec3");
+ *reason = "no NSEC3 next closer";
+ return sec_status_bogus;
+ }
+
+ /* we had the closest encloser proof, then we need to check that the
+ * covering NSEC3 was opt-out -- the proveClosestEncloser step already
+ * checked to see if the closest encloser was a delegation or DNAME.
+ */
+ log_assert(ce.nc_rrset);
+ if(!nsec3_has_optout(ce.nc_rrset, ce.nc_rr)) {
+ verbose(VERB_ALGO, "nsec3 provenods: covering NSEC3 was not "
+ "opt-out in an opt-out DS NOERROR/NODATA case.");
+ *reason = "covering NSEC3 was not opt-out in an opt-out "
+ "DS NOERROR/NODATA case";
+ return sec_status_bogus;
+ }
+ /* RFC5155 section 9.2: if nc has optout then no AD flag set */
+ return sec_status_insecure;
+}
+
+enum sec_status
+nsec3_prove_nxornodata(struct module_env* env, struct val_env* ve,
+ struct ub_packed_rrset_key** list, size_t num,
+ struct query_info* qinfo, struct key_entry_key* kkey, int* nodata)
+{
+ enum sec_status sec, secnx;
+ rbtree_t ct;
+ struct nsec3_filter flt;
+ *nodata = 0;
+
+ if(!list || num == 0 || !kkey || !key_entry_isgood(kkey))
+ return sec_status_bogus; /* no valid NSEC3s, bogus */
+ rbtree_init(&ct, &nsec3_hash_cmp); /* init names-to-hash cache */
+ filter_init(&flt, list, num, qinfo); /* init RR iterator */
+ if(!flt.zone)
+ return sec_status_bogus; /* no RRs */
+ if(nsec3_iteration_count_high(ve, &flt, kkey))
+ return sec_status_insecure; /* iteration count too high */
+
+ /* try nxdomain and nodata after another, while keeping the
+ * hash cache intact */
+
+ secnx = nsec3_do_prove_nameerror(env, &flt, &ct, qinfo);
+ if(secnx==sec_status_secure)
+ return sec_status_secure;
+ sec = nsec3_do_prove_nodata(env, &flt, &ct, qinfo);
+ if(sec==sec_status_secure) {
+ *nodata = 1;
+ } else if(sec == sec_status_insecure) {
+ *nodata = 1;
+ } else if(secnx == sec_status_insecure) {
+ sec = sec_status_insecure;
+ }
+ return sec;
+}
diff --git a/external/unbound/validator/val_nsec3.h b/external/unbound/validator/val_nsec3.h
new file mode 100644
index 000000000..d619d672d
--- /dev/null
+++ b/external/unbound/validator/val_nsec3.h
@@ -0,0 +1,380 @@
+/*
+ * validator/val_nsec3.h - validator NSEC3 denial of existance functions.
+ *
+ * Copyright (c) 2007, NLnet Labs. All rights reserved.
+ *
+ * This software is open source.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of the NLNET LABS nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/**
+ * \file
+ *
+ * This file contains helper functions for the validator module.
+ * The functions help with NSEC3 checking, the different NSEC3 proofs
+ * for denial of existance, and proofs for presence of types.
+ *
+ * NSEC3
+ * 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
+ * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * | Hash Alg. | Flags | Iterations |
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * | Salt Length | Salt /
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * | Hash Length | Next Hashed Owner Name /
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * / Type Bit Maps /
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *
+ * NSEC3PARAM
+ * 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
+ * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * | Hash Alg. | Flags | Iterations |
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * | Salt Length | Salt /
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *
+ */
+
+#ifndef VALIDATOR_VAL_NSEC3_H
+#define VALIDATOR_VAL_NSEC3_H
+#include "util/rbtree.h"
+#include "util/data/packed_rrset.h"
+struct val_env;
+struct regional;
+struct module_env;
+struct ub_packed_rrset_key;
+struct reply_info;
+struct query_info;
+struct key_entry_key;
+struct sldns_buffer;
+
+/**
+ * 0 1 2 3 4 5 6 7
+ * +-+-+-+-+-+-+-+-+
+ * | |O|
+ * +-+-+-+-+-+-+-+-+
+ * The OPT-OUT bit in the NSEC3 flags field.
+ * If enabled, there can be zero or more unsigned delegations in the span.
+ * If disabled, there are zero unsigned delegations in the span.
+ */
+#define NSEC3_OPTOUT 0x01
+/**
+ * The unknown flags in the NSEC3 flags field.
+ * They must be zero, or the NSEC3 is ignored.
+ */
+#define NSEC3_UNKNOWN_FLAGS 0xFE
+
+/** The SHA1 hash algorithm for NSEC3 */
+#define NSEC3_HASH_SHA1 0x01
+
+/**
+ * Determine if the set of NSEC3 records provided with a response prove NAME
+ * ERROR. This means that the NSEC3s prove a) the closest encloser exists,
+ * b) the direct child of the closest encloser towards qname doesn't exist,
+ * and c) *.closest encloser does not exist.
+ *
+ * @param env: module environment with temporary region and buffer.
+ * @param ve: validator environment, with iteration count settings.
+ * @param list: array of RRsets, some of which are NSEC3s.
+ * @param num: number of RRsets in the array to examine.
+ * @param qinfo: query that is verified for.
+ * @param kkey: key entry that signed the NSEC3s.
+ * @return:
+ * sec_status SECURE of the Name Error is proven by the NSEC3 RRs,
+ * BOGUS if not, INSECURE if all of the NSEC3s could be validly ignored.
+ */
+enum sec_status
+nsec3_prove_nameerror(struct module_env* env, struct val_env* ve,
+ struct ub_packed_rrset_key** list, size_t num,
+ struct query_info* qinfo, struct key_entry_key* kkey);
+
+/**
+ * Determine if the NSEC3s provided in a response prove the NOERROR/NODATA
+ * status. There are a number of different variants to this:
+ *
+ * 1) Normal NODATA -- qname is matched to an NSEC3 record, type is not
+ * present.
+ *
+ * 2) ENT NODATA -- because there must be NSEC3 record for
+ * empty-non-terminals, this is the same as #1.
+ *
+ * 3) NSEC3 ownername NODATA -- qname matched an existing, lone NSEC3
+ * ownername, but qtype was not NSEC3. NOTE: as of nsec-05, this case no
+ * longer exists.
+ *
+ * 4) Wildcard NODATA -- A wildcard matched the name, but not the type.
+ *
+ * 5) Opt-In DS NODATA -- the qname is covered by an opt-in span and qtype ==
+ * DS. (or maybe some future record with the same parent-side-only property)
+ *
+ * @param env: module environment with temporary region and buffer.
+ * @param ve: validator environment, with iteration count settings.
+ * @param list: array of RRsets, some of which are NSEC3s.
+ * @param num: number of RRsets in the array to examine.
+ * @param qinfo: query that is verified for.
+ * @param kkey: key entry that signed the NSEC3s.
+ * @return:
+ * sec_status SECURE of the proposition is proven by the NSEC3 RRs,
+ * BOGUS if not, INSECURE if all of the NSEC3s could be validly ignored.
+ */
+enum sec_status
+nsec3_prove_nodata(struct module_env* env, struct val_env* ve,
+ struct ub_packed_rrset_key** list, size_t num,
+ struct query_info* qinfo, struct key_entry_key* kkey);
+
+
+/**
+ * Prove that a positive wildcard match was appropriate (no direct match
+ * RRset).
+ *
+ * @param env: module environment with temporary region and buffer.
+ * @param ve: validator environment, with iteration count settings.
+ * @param list: array of RRsets, some of which are NSEC3s.
+ * @param num: number of RRsets in the array to examine.
+ * @param qinfo: query that is verified for.
+ * @param kkey: key entry that signed the NSEC3s.
+ * @param wc: The purported wildcard that matched. This is the wildcard name
+ * as *.wildcard.name., with the *. label already removed.
+ * @return:
+ * sec_status SECURE of the proposition is proven by the NSEC3 RRs,
+ * BOGUS if not, INSECURE if all of the NSEC3s could be validly ignored.
+ */
+enum sec_status
+nsec3_prove_wildcard(struct module_env* env, struct val_env* ve,
+ struct ub_packed_rrset_key** list, size_t num,
+ struct query_info* qinfo, struct key_entry_key* kkey, uint8_t* wc);
+
+/**
+ * Prove that a DS response either had no DS, or wasn't a delegation point.
+ *
+ * Fundamentally there are two cases here: normal NODATA and Opt-In NODATA.
+ *
+ * @param env: module environment with temporary region and buffer.
+ * @param ve: validator environment, with iteration count settings.
+ * @param list: array of RRsets, some of which are NSEC3s.
+ * @param num: number of RRsets in the array to examine.
+ * @param qinfo: query that is verified for.
+ * @param kkey: key entry that signed the NSEC3s.
+ * @param reason: string for bogus result.
+ * @return:
+ * sec_status SECURE of the proposition is proven by the NSEC3 RRs,
+ * BOGUS if not, INSECURE if all of the NSEC3s could be validly ignored.
+ * or if there was no DS in an insecure (i.e., opt-in) way,
+ * INDETERMINATE if it was clear that this wasn't a delegation point.
+ */
+enum sec_status
+nsec3_prove_nods(struct module_env* env, struct val_env* ve,
+ struct ub_packed_rrset_key** list, size_t num,
+ struct query_info* qinfo, struct key_entry_key* kkey, char** reason);
+
+/**
+ * Prove NXDOMAIN or NODATA.
+ *
+ * @param env: module environment with temporary region and buffer.
+ * @param ve: validator environment, with iteration count settings.
+ * @param list: array of RRsets, some of which are NSEC3s.
+ * @param num: number of RRsets in the array to examine.
+ * @param qinfo: query that is verified for.
+ * @param kkey: key entry that signed the NSEC3s.
+ * @param nodata: if return value is secure, this indicates if nodata or
+ * nxdomain was proven.
+ * @return:
+ * sec_status SECURE of the proposition is proven by the NSEC3 RRs,
+ * BOGUS if not, INSECURE if all of the NSEC3s could be validly ignored.
+ */
+enum sec_status
+nsec3_prove_nxornodata(struct module_env* env, struct val_env* ve,
+ struct ub_packed_rrset_key** list, size_t num,
+ struct query_info* qinfo, struct key_entry_key* kkey, int* nodata);
+
+/**
+ * The NSEC3 hash result storage.
+ * Consists of an rbtree, with these nodes in it.
+ * The nodes detail how a set of parameters (from nsec3 rr) plus
+ * a dname result in a hash.
+ */
+struct nsec3_cached_hash {
+ /** rbtree node, key is this structure */
+ rbnode_t node;
+ /** where are the parameters for conversion, in this rrset data */
+ struct ub_packed_rrset_key* nsec3;
+ /** where are the parameters for conversion, this RR number in data */
+ int rr;
+ /** the name to convert */
+ uint8_t* dname;
+ /** length of the dname */
+ size_t dname_len;
+ /** the hash result (not base32 encoded) */
+ uint8_t* hash;
+ /** length of hash in bytes */
+ size_t hash_len;
+ /** the hash result in base32 encoding */
+ uint8_t* b32;
+ /** length of base32 encoding (as a label) */
+ size_t b32_len;
+};
+
+/**
+ * Rbtree for hash cache comparison function.
+ * @param c1: key 1.
+ * @param c2: key 2.
+ * @return: comparison code, -1, 0, 1, of the keys.
+ */
+int nsec3_hash_cmp(const void* c1, const void* c2);
+
+/**
+ * Obtain the hash of an owner name.
+ * Used internally by the nsec3 proof functions in this file.
+ * published to enable unit testing of hash algorithms and cache.
+ *
+ * @param table: the cache table. Must be inited at start.
+ * @param region: scratch region to use for allocation.
+ * This region holds the tree, if you wipe the region, reinit the tree.
+ * @param buf: temporary buffer.
+ * @param nsec3: the rrset with parameters
+ * @param rr: rr number from d that has the NSEC3 parameters to hash to.
+ * @param dname: name to hash
+ * This pointer is used inside the tree, assumed region-alloced.
+ * @param dname_len: the length of the name.
+ * @param hash: the hash node is returned on success.
+ * @return:
+ * 1 on success, either from cache or newly hashed hash is returned.
+ * 0 on a malloc failure.
+ * -1 if the NSEC3 rr was badly formatted (i.e. formerr).
+ */
+int nsec3_hash_name(rbtree_t* table, struct regional* region,
+ struct sldns_buffer* buf, struct ub_packed_rrset_key* nsec3, int rr,
+ uint8_t* dname, size_t dname_len, struct nsec3_cached_hash** hash);
+
+/**
+ * Get next owner name, converted to base32 encoding and with the
+ * zone name (taken from the nsec3 owner name) appended.
+ * @param rrset: the NSEC3 rrset.
+ * @param r: the rr num of the nsec3 in the rrset.
+ * @param buf: buffer to store name in
+ * @param max: size of buffer.
+ * @return length of name on success. 0 on failure (buffer too short or
+ * bad format nsec3 record).
+ */
+size_t nsec3_get_nextowner_b32(struct ub_packed_rrset_key* rrset, int r,
+ uint8_t* buf, size_t max);
+
+/**
+ * Convert hash into base32 encoding and with the
+ * zone name appended.
+ * @param hash: hashed buffer
+ * @param hashlen: length of hash
+ * @param zone: name of zone
+ * @param zonelen: length of zonename.
+ * @param buf: buffer to store name in
+ * @param max: size of buffer.
+ * @return length of name on success. 0 on failure (buffer too short or
+ * bad format nsec3 record).
+ */
+size_t nsec3_hash_to_b32(uint8_t* hash, size_t hashlen, uint8_t* zone,
+ size_t zonelen, uint8_t* buf, size_t max);
+
+/**
+ * Get NSEC3 parameters out of rr.
+ * @param rrset: the NSEC3 rrset.
+ * @param r: the rr num of the nsec3 in the rrset.
+ * @param algo: nsec3 hash algo.
+ * @param iter: iteration count.
+ * @param salt: ptr to salt inside rdata.
+ * @param saltlen: length of salt.
+ * @return 0 if bad formatted, unknown nsec3 hash algo, or unknown flags set.
+ */
+int nsec3_get_params(struct ub_packed_rrset_key* rrset, int r,
+ int* algo, size_t* iter, uint8_t** salt, size_t* saltlen);
+
+/**
+ * Get NSEC3 hashed in a buffer
+ * @param buf: buffer for temp use.
+ * @param nm: name to hash
+ * @param nmlen: length of nm.
+ * @param algo: algo to use, must be known.
+ * @param iter: iterations
+ * @param salt: salt for nsec3
+ * @param saltlen: length of salt.
+ * @param res: result of hash stored here.
+ * @param max: maximum space for result.
+ * @return 0 on failure, otherwise bytelength stored.
+ */
+size_t nsec3_get_hashed(struct sldns_buffer* buf, uint8_t* nm, size_t nmlen,
+ int algo, size_t iter, uint8_t* salt, size_t saltlen, uint8_t* res,
+ size_t max);
+
+/**
+ * see if NSEC3 RR contains given type
+ * @param rrset: NSEC3 rrset
+ * @param r: RR in rrset
+ * @param type: in host order to check bit for.
+ * @return true if bit set, false if not or error.
+ */
+int nsec3_has_type(struct ub_packed_rrset_key* rrset, int r, uint16_t type);
+
+/**
+ * return if nsec3 RR has the optout flag
+ * @param rrset: NSEC3 rrset
+ * @param r: RR in rrset
+ * @return true if optout, false on error or not optout
+ */
+int nsec3_has_optout(struct ub_packed_rrset_key* rrset, int r);
+
+/**
+ * Return nsec3 RR next hashed owner name
+ * @param rrset: NSEC3 rrset
+ * @param r: RR in rrset
+ * @param next: ptr into rdata to next owner hash
+ * @param nextlen: length of hash.
+ * @return false on malformed
+ */
+int nsec3_get_nextowner(struct ub_packed_rrset_key* rrset, int r,
+ uint8_t** next, size_t* nextlen);
+
+/**
+ * nsec3Covers
+ * Given a hash and a candidate NSEC3Record, determine if that NSEC3Record
+ * covers the hash. Covers specifically means that the hash is in between
+ * the owner and next hashes and does not equal either.
+ *
+ * @param zone: the zone name.
+ * @param hash: the hash of the name
+ * @param rrset: the rrset of the NSEC3.
+ * @param rr: which rr in the rrset.
+ * @param buf: temporary buffer.
+ * @return true if covers, false if not.
+ */
+int nsec3_covers(uint8_t* zone, struct nsec3_cached_hash* hash,
+ struct ub_packed_rrset_key* rrset, int rr, struct sldns_buffer* buf);
+
+#endif /* VALIDATOR_VAL_NSEC3_H */
diff --git a/external/unbound/validator/val_secalgo.c b/external/unbound/validator/val_secalgo.c
new file mode 100644
index 000000000..d89675f83
--- /dev/null
+++ b/external/unbound/validator/val_secalgo.c
@@ -0,0 +1,1072 @@
+/*
+ * validator/val_secalgo.c - validator security algorithm functions.
+ *
+ * Copyright (c) 2012, NLnet Labs. All rights reserved.
+ *
+ * This software is open source.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of the NLNET LABS nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/**
+ * \file
+ *
+ * This file contains helper functions for the validator module.
+ * These functions take raw data buffers, formatted for crypto verification,
+ * and do the library calls (for the crypto library in use).
+ */
+#include "config.h"
+#include "validator/val_secalgo.h"
+#include "util/data/packed_rrset.h"
+#include "util/log.h"
+#include "ldns/rrdef.h"
+#include "ldns/keyraw.h"
+#include "ldns/sbuffer.h"
+
+#if !defined(HAVE_SSL) && !defined(HAVE_NSS)
+#error "Need crypto library to do digital signature cryptography"
+#endif
+
+/* OpenSSL implementation */
+#ifdef HAVE_SSL
+#ifdef HAVE_OPENSSL_ERR_H
+#include <openssl/err.h>
+#endif
+
+#ifdef HAVE_OPENSSL_RAND_H
+#include <openssl/rand.h>
+#endif
+
+#ifdef HAVE_OPENSSL_CONF_H
+#include <openssl/conf.h>
+#endif
+
+#ifdef HAVE_OPENSSL_ENGINE_H
+#include <openssl/engine.h>
+#endif
+
+/**
+ * Return size of DS digest according to its hash algorithm.
+ * @param algo: DS digest algo.
+ * @return size in bytes of digest, or 0 if not supported.
+ */
+size_t
+ds_digest_size_supported(int algo)
+{
+ switch(algo) {
+#ifdef HAVE_EVP_SHA1
+ case LDNS_SHA1:
+ return SHA_DIGEST_LENGTH;
+#endif
+#ifdef HAVE_EVP_SHA256
+ case LDNS_SHA256:
+ return SHA256_DIGEST_LENGTH;
+#endif
+#ifdef USE_GOST
+ case LDNS_HASH_GOST:
+ if(EVP_get_digestbyname("md_gost94"))
+ return 32;
+ else return 0;
+#endif
+#ifdef USE_ECDSA
+ case LDNS_SHA384:
+ return SHA384_DIGEST_LENGTH;
+#endif
+ default: break;
+ }
+ return 0;
+}
+
+#ifdef USE_GOST
+/** Perform GOST hash */
+static int
+do_gost94(unsigned char* data, size_t len, unsigned char* dest)
+{
+ const EVP_MD* md = EVP_get_digestbyname("md_gost94");
+ if(!md)
+ return 0;
+ return sldns_digest_evp(data, (unsigned int)len, dest, md);
+}
+#endif
+
+int
+secalgo_ds_digest(int algo, unsigned char* buf, size_t len,
+ unsigned char* res)
+{
+ switch(algo) {
+#ifdef HAVE_EVP_SHA1
+ case LDNS_SHA1:
+ (void)SHA1(buf, len, res);
+ return 1;
+#endif
+#ifdef HAVE_EVP_SHA256
+ case LDNS_SHA256:
+ (void)SHA256(buf, len, res);
+ return 1;
+#endif
+#ifdef USE_GOST
+ case LDNS_HASH_GOST:
+ if(do_gost94(buf, len, res))
+ return 1;
+ break;
+#endif
+#ifdef USE_ECDSA
+ case LDNS_SHA384:
+ (void)SHA384(buf, len, res);
+ return 1;
+#endif
+ default:
+ verbose(VERB_QUERY, "unknown DS digest algorithm %d",
+ algo);
+ break;
+ }
+ return 0;
+}
+
+/** return true if DNSKEY algorithm id is supported */
+int
+dnskey_algo_id_is_supported(int id)
+{
+ switch(id) {
+ case LDNS_RSAMD5:
+ /* RFC 6725 deprecates RSAMD5 */
+ return 0;
+ case LDNS_DSA:
+ case LDNS_DSA_NSEC3:
+ case LDNS_RSASHA1:
+ case LDNS_RSASHA1_NSEC3:
+#if defined(HAVE_EVP_SHA256) && defined(USE_SHA2)
+ case LDNS_RSASHA256:
+#endif
+#if defined(HAVE_EVP_SHA512) && defined(USE_SHA2)
+ case LDNS_RSASHA512:
+#endif
+#ifdef USE_ECDSA
+ case LDNS_ECDSAP256SHA256:
+ case LDNS_ECDSAP384SHA384:
+#endif
+ return 1;
+#ifdef USE_GOST
+ case LDNS_ECC_GOST:
+ /* we support GOST if it can be loaded */
+ return sldns_key_EVP_load_gost_id();
+#endif
+ default:
+ return 0;
+ }
+}
+
+/**
+ * Output a libcrypto openssl error to the logfile.
+ * @param str: string to add to it.
+ * @param e: the error to output, error number from ERR_get_error().
+ */
+static void
+log_crypto_error(const char* str, unsigned long e)
+{
+ char buf[128];
+ /* or use ERR_error_string if ERR_error_string_n is not avail TODO */
+ ERR_error_string_n(e, buf, sizeof(buf));
+ /* buf now contains */
+ /* error:[error code]:[library name]:[function name]:[reason string] */
+ log_err("%s crypto %s", str, buf);
+}
+
+/**
+ * Setup DSA key digest in DER encoding ...
+ * @param sig: input is signature output alloced ptr (unless failure).
+ * caller must free alloced ptr if this routine returns true.
+ * @param len: input is initial siglen, output is output len.
+ * @return false on failure.
+ */
+static int
+setup_dsa_sig(unsigned char** sig, unsigned int* len)
+{
+ unsigned char* orig = *sig;
+ unsigned int origlen = *len;
+ int newlen;
+ BIGNUM *R, *S;
+ DSA_SIG *dsasig;
+
+ /* extract the R and S field from the sig buffer */
+ if(origlen < 1 + 2*SHA_DIGEST_LENGTH)
+ return 0;
+ R = BN_new();
+ if(!R) return 0;
+ (void) BN_bin2bn(orig + 1, SHA_DIGEST_LENGTH, R);
+ S = BN_new();
+ if(!S) return 0;
+ (void) BN_bin2bn(orig + 21, SHA_DIGEST_LENGTH, S);
+ dsasig = DSA_SIG_new();
+ if(!dsasig) return 0;
+
+ dsasig->r = R;
+ dsasig->s = S;
+ *sig = NULL;
+ newlen = i2d_DSA_SIG(dsasig, sig);
+ if(newlen < 0) {
+ DSA_SIG_free(dsasig);
+ free(*sig);
+ return 0;
+ }
+ *len = (unsigned int)newlen;
+ DSA_SIG_free(dsasig);
+ return 1;
+}
+
+#ifdef USE_ECDSA
+/**
+ * Setup the ECDSA signature in its encoding that the library wants.
+ * Converts from plain numbers to ASN formatted.
+ * @param sig: input is signature, output alloced ptr (unless failure).
+ * caller must free alloced ptr if this routine returns true.
+ * @param len: input is initial siglen, output is output len.
+ * @return false on failure.
+ */
+static int
+setup_ecdsa_sig(unsigned char** sig, unsigned int* len)
+{
+ ECDSA_SIG* ecdsa_sig;
+ int newlen;
+ int bnsize = (int)((*len)/2);
+ /* if too short or not even length, fails */
+ if(*len < 16 || bnsize*2 != (int)*len)
+ return 0;
+ /* use the raw data to parse two evenly long BIGNUMs, "r | s". */
+ ecdsa_sig = ECDSA_SIG_new();
+ if(!ecdsa_sig) return 0;
+ ecdsa_sig->r = BN_bin2bn(*sig, bnsize, ecdsa_sig->r);
+ ecdsa_sig->s = BN_bin2bn(*sig+bnsize, bnsize, ecdsa_sig->s);
+ if(!ecdsa_sig->r || !ecdsa_sig->s) {
+ ECDSA_SIG_free(ecdsa_sig);
+ return 0;
+ }
+
+ /* spool it into ASN format */
+ *sig = NULL;
+ newlen = i2d_ECDSA_SIG(ecdsa_sig, sig);
+ if(newlen <= 0) {
+ ECDSA_SIG_free(ecdsa_sig);
+ free(*sig);
+ return 0;
+ }
+ *len = (unsigned int)newlen;
+ ECDSA_SIG_free(ecdsa_sig);
+ return 1;
+}
+#endif /* USE_ECDSA */
+
+/**
+ * Setup key and digest for verification. Adjust sig if necessary.
+ *
+ * @param algo: key algorithm
+ * @param evp_key: EVP PKEY public key to create.
+ * @param digest_type: digest type to use
+ * @param key: key to setup for.
+ * @param keylen: length of key.
+ * @return false on failure.
+ */
+static int
+setup_key_digest(int algo, EVP_PKEY** evp_key, const EVP_MD** digest_type,
+ unsigned char* key, size_t keylen)
+{
+ DSA* dsa;
+ RSA* rsa;
+
+ switch(algo) {
+ case LDNS_DSA:
+ case LDNS_DSA_NSEC3:
+ *evp_key = EVP_PKEY_new();
+ if(!*evp_key) {
+ log_err("verify: malloc failure in crypto");
+ return 0;
+ }
+ dsa = sldns_key_buf2dsa_raw(key, keylen);
+ if(!dsa) {
+ verbose(VERB_QUERY, "verify: "
+ "sldns_key_buf2dsa_raw failed");
+ return 0;
+ }
+ if(EVP_PKEY_assign_DSA(*evp_key, dsa) == 0) {
+ verbose(VERB_QUERY, "verify: "
+ "EVP_PKEY_assign_DSA failed");
+ return 0;
+ }
+ *digest_type = EVP_dss1();
+
+ break;
+ case LDNS_RSASHA1:
+ case LDNS_RSASHA1_NSEC3:
+#if defined(HAVE_EVP_SHA256) && defined(USE_SHA2)
+ case LDNS_RSASHA256:
+#endif
+#if defined(HAVE_EVP_SHA512) && defined(USE_SHA2)
+ case LDNS_RSASHA512:
+#endif
+ *evp_key = EVP_PKEY_new();
+ if(!*evp_key) {
+ log_err("verify: malloc failure in crypto");
+ return 0;
+ }
+ rsa = sldns_key_buf2rsa_raw(key, keylen);
+ if(!rsa) {
+ verbose(VERB_QUERY, "verify: "
+ "sldns_key_buf2rsa_raw SHA failed");
+ return 0;
+ }
+ if(EVP_PKEY_assign_RSA(*evp_key, rsa) == 0) {
+ verbose(VERB_QUERY, "verify: "
+ "EVP_PKEY_assign_RSA SHA failed");
+ return 0;
+ }
+
+ /* select SHA version */
+#if defined(HAVE_EVP_SHA256) && defined(USE_SHA2)
+ if(algo == LDNS_RSASHA256)
+ *digest_type = EVP_sha256();
+ else
+#endif
+#if defined(HAVE_EVP_SHA512) && defined(USE_SHA2)
+ if(algo == LDNS_RSASHA512)
+ *digest_type = EVP_sha512();
+ else
+#endif
+ *digest_type = EVP_sha1();
+
+ break;
+ case LDNS_RSAMD5:
+ *evp_key = EVP_PKEY_new();
+ if(!*evp_key) {
+ log_err("verify: malloc failure in crypto");
+ return 0;
+ }
+ rsa = sldns_key_buf2rsa_raw(key, keylen);
+ if(!rsa) {
+ verbose(VERB_QUERY, "verify: "
+ "sldns_key_buf2rsa_raw MD5 failed");
+ return 0;
+ }
+ if(EVP_PKEY_assign_RSA(*evp_key, rsa) == 0) {
+ verbose(VERB_QUERY, "verify: "
+ "EVP_PKEY_assign_RSA MD5 failed");
+ return 0;
+ }
+ *digest_type = EVP_md5();
+
+ break;
+#ifdef USE_GOST
+ case LDNS_ECC_GOST:
+ *evp_key = sldns_gost2pkey_raw(key, keylen);
+ if(!*evp_key) {
+ verbose(VERB_QUERY, "verify: "
+ "sldns_gost2pkey_raw failed");
+ return 0;
+ }
+ *digest_type = EVP_get_digestbyname("md_gost94");
+ if(!*digest_type) {
+ verbose(VERB_QUERY, "verify: "
+ "EVP_getdigest md_gost94 failed");
+ return 0;
+ }
+ break;
+#endif
+#ifdef USE_ECDSA
+ case LDNS_ECDSAP256SHA256:
+ *evp_key = sldns_ecdsa2pkey_raw(key, keylen,
+ LDNS_ECDSAP256SHA256);
+ if(!*evp_key) {
+ verbose(VERB_QUERY, "verify: "
+ "sldns_ecdsa2pkey_raw failed");
+ return 0;
+ }
+#ifdef USE_ECDSA_EVP_WORKAROUND
+ /* openssl before 1.0.0 fixes RSA with the SHA256
+ * hash in EVP. We create one for ecdsa_sha256 */
+ {
+ static int md_ecdsa_256_done = 0;
+ static EVP_MD md;
+ if(!md_ecdsa_256_done) {
+ EVP_MD m = *EVP_sha256();
+ md_ecdsa_256_done = 1;
+ m.required_pkey_type[0] = (*evp_key)->type;
+ m.verify = (void*)ECDSA_verify;
+ md = m;
+ }
+ *digest_type = &md;
+ }
+#else
+ *digest_type = EVP_sha256();
+#endif
+ break;
+ case LDNS_ECDSAP384SHA384:
+ *evp_key = sldns_ecdsa2pkey_raw(key, keylen,
+ LDNS_ECDSAP384SHA384);
+ if(!*evp_key) {
+ verbose(VERB_QUERY, "verify: "
+ "sldns_ecdsa2pkey_raw failed");
+ return 0;
+ }
+#ifdef USE_ECDSA_EVP_WORKAROUND
+ /* openssl before 1.0.0 fixes RSA with the SHA384
+ * hash in EVP. We create one for ecdsa_sha384 */
+ {
+ static int md_ecdsa_384_done = 0;
+ static EVP_MD md;
+ if(!md_ecdsa_384_done) {
+ EVP_MD m = *EVP_sha384();
+ md_ecdsa_384_done = 1;
+ m.required_pkey_type[0] = (*evp_key)->type;
+ m.verify = (void*)ECDSA_verify;
+ md = m;
+ }
+ *digest_type = &md;
+ }
+#else
+ *digest_type = EVP_sha384();
+#endif
+ break;
+#endif /* USE_ECDSA */
+ default:
+ verbose(VERB_QUERY, "verify: unknown algorithm %d",
+ algo);
+ return 0;
+ }
+ return 1;
+}
+
+/**
+ * Check a canonical sig+rrset and signature against a dnskey
+ * @param buf: buffer with data to verify, the first rrsig part and the
+ * canonicalized rrset.
+ * @param algo: DNSKEY algorithm.
+ * @param sigblock: signature rdata field from RRSIG
+ * @param sigblock_len: length of sigblock data.
+ * @param key: public key data from DNSKEY RR.
+ * @param keylen: length of keydata.
+ * @param reason: bogus reason in more detail.
+ * @return secure if verification succeeded, bogus on crypto failure,
+ * unchecked on format errors and alloc failures.
+ */
+enum sec_status
+verify_canonrrset(sldns_buffer* buf, int algo, unsigned char* sigblock,
+ unsigned int sigblock_len, unsigned char* key, unsigned int keylen,
+ char** reason)
+{
+ const EVP_MD *digest_type;
+ EVP_MD_CTX ctx;
+ int res, dofree = 0;
+ EVP_PKEY *evp_key = NULL;
+
+ if(!setup_key_digest(algo, &evp_key, &digest_type, key, keylen)) {
+ verbose(VERB_QUERY, "verify: failed to setup key");
+ *reason = "use of key for crypto failed";
+ EVP_PKEY_free(evp_key);
+ return sec_status_bogus;
+ }
+ /* if it is a DSA signature in bind format, convert to DER format */
+ if((algo == LDNS_DSA || algo == LDNS_DSA_NSEC3) &&
+ sigblock_len == 1+2*SHA_DIGEST_LENGTH) {
+ if(!setup_dsa_sig(&sigblock, &sigblock_len)) {
+ verbose(VERB_QUERY, "verify: failed to setup DSA sig");
+ *reason = "use of key for DSA crypto failed";
+ EVP_PKEY_free(evp_key);
+ return sec_status_bogus;
+ }
+ dofree = 1;
+ }
+#ifdef USE_ECDSA
+ else if(algo == LDNS_ECDSAP256SHA256 || algo == LDNS_ECDSAP384SHA384) {
+ /* EVP uses ASN prefix on sig, which is not in the wire data */
+ if(!setup_ecdsa_sig(&sigblock, &sigblock_len)) {
+ verbose(VERB_QUERY, "verify: failed to setup ECDSA sig");
+ *reason = "use of signature for ECDSA crypto failed";
+ EVP_PKEY_free(evp_key);
+ return sec_status_bogus;
+ }
+ dofree = 1;
+ }
+#endif /* USE_ECDSA */
+
+ /* do the signature cryptography work */
+ EVP_MD_CTX_init(&ctx);
+ if(EVP_VerifyInit(&ctx, digest_type) == 0) {
+ verbose(VERB_QUERY, "verify: EVP_VerifyInit failed");
+ EVP_PKEY_free(evp_key);
+ if(dofree) free(sigblock);
+ return sec_status_unchecked;
+ }
+ if(EVP_VerifyUpdate(&ctx, (unsigned char*)sldns_buffer_begin(buf),
+ (unsigned int)sldns_buffer_limit(buf)) == 0) {
+ verbose(VERB_QUERY, "verify: EVP_VerifyUpdate failed");
+ EVP_PKEY_free(evp_key);
+ if(dofree) free(sigblock);
+ return sec_status_unchecked;
+ }
+
+ res = EVP_VerifyFinal(&ctx, sigblock, sigblock_len, evp_key);
+ if(EVP_MD_CTX_cleanup(&ctx) == 0) {
+ verbose(VERB_QUERY, "verify: EVP_MD_CTX_cleanup failed");
+ EVP_PKEY_free(evp_key);
+ if(dofree) free(sigblock);
+ return sec_status_unchecked;
+ }
+ EVP_PKEY_free(evp_key);
+
+ if(dofree)
+ free(sigblock);
+
+ if(res == 1) {
+ return sec_status_secure;
+ } else if(res == 0) {
+ verbose(VERB_QUERY, "verify: signature mismatch");
+ *reason = "signature crypto failed";
+ return sec_status_bogus;
+ }
+
+ log_crypto_error("verify:", ERR_get_error());
+ return sec_status_unchecked;
+}
+
+/**************************************************/
+#elif defined(HAVE_NSS)
+/* libnss implementation */
+/* nss3 */
+#include "sechash.h"
+#include "pk11pub.h"
+#include "keyhi.h"
+#include "secerr.h"
+#include "cryptohi.h"
+/* nspr4 */
+#include "prerror.h"
+
+size_t
+ds_digest_size_supported(int algo)
+{
+ /* uses libNSS */
+ switch(algo) {
+ case LDNS_SHA1:
+ return SHA1_LENGTH;
+#ifdef USE_SHA2
+ case LDNS_SHA256:
+ return SHA256_LENGTH;
+#endif
+#ifdef USE_ECDSA
+ case LDNS_SHA384:
+ return SHA384_LENGTH;
+#endif
+ /* GOST not supported in NSS */
+ case LDNS_HASH_GOST:
+ default: break;
+ }
+ return 0;
+}
+
+int
+secalgo_ds_digest(int algo, unsigned char* buf, size_t len,
+ unsigned char* res)
+{
+ /* uses libNSS */
+ switch(algo) {
+ case LDNS_SHA1:
+ return HASH_HashBuf(HASH_AlgSHA1, res, buf, len)
+ == SECSuccess;
+#if defined(USE_SHA2)
+ case LDNS_SHA256:
+ return HASH_HashBuf(HASH_AlgSHA256, res, buf, len)
+ == SECSuccess;
+#endif
+#ifdef USE_ECDSA
+ case LDNS_SHA384:
+ return HASH_HashBuf(HASH_AlgSHA384, res, buf, len)
+ == SECSuccess;
+#endif
+ case LDNS_HASH_GOST:
+ default:
+ verbose(VERB_QUERY, "unknown DS digest algorithm %d",
+ algo);
+ break;
+ }
+ return 0;
+}
+
+int
+dnskey_algo_id_is_supported(int id)
+{
+ /* uses libNSS */
+ switch(id) {
+ case LDNS_RSAMD5:
+ /* RFC 6725 deprecates RSAMD5 */
+ return 0;
+ case LDNS_DSA:
+ case LDNS_DSA_NSEC3:
+ case LDNS_RSASHA1:
+ case LDNS_RSASHA1_NSEC3:
+#ifdef USE_SHA2
+ case LDNS_RSASHA256:
+#endif
+#ifdef USE_SHA2
+ case LDNS_RSASHA512:
+#endif
+ return 1;
+#ifdef USE_ECDSA
+ case LDNS_ECDSAP256SHA256:
+ case LDNS_ECDSAP384SHA384:
+ return PK11_TokenExists(CKM_ECDSA);
+#endif
+ case LDNS_ECC_GOST:
+ default:
+ return 0;
+ }
+}
+
+/* return a new public key for NSS */
+static SECKEYPublicKey* nss_key_create(KeyType ktype)
+{
+ SECKEYPublicKey* key;
+ PLArenaPool* arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if(!arena) {
+ log_err("out of memory, PORT_NewArena failed");
+ return NULL;
+ }
+ key = PORT_ArenaZNew(arena, SECKEYPublicKey);
+ if(!key) {
+ log_err("out of memory, PORT_ArenaZNew failed");
+ PORT_FreeArena(arena, PR_FALSE);
+ return NULL;
+ }
+ key->arena = arena;
+ key->keyType = ktype;
+ key->pkcs11Slot = NULL;
+ key->pkcs11ID = CK_INVALID_HANDLE;
+ return key;
+}
+
+static SECKEYPublicKey* nss_buf2ecdsa(unsigned char* key, size_t len, int algo)
+{
+ SECKEYPublicKey* pk;
+ SECItem pub = {siBuffer, NULL, 0};
+ SECItem params = {siBuffer, NULL, 0};
+ static unsigned char param256[] = {
+ /* OBJECTIDENTIFIER 1.2.840.10045.3.1.7 (P-256)
+ * {iso(1) member-body(2) us(840) ansi-x962(10045) curves(3) prime(1) prime256v1(7)} */
+ 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07
+ };
+ static unsigned char param384[] = {
+ /* OBJECTIDENTIFIER 1.3.132.0.34 (P-384)
+ * {iso(1) identified-organization(3) certicom(132) curve(0) ansip384r1(34)} */
+ 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x22
+ };
+ unsigned char buf[256+2]; /* sufficient for 2*384/8+1 */
+
+ /* check length, which uncompressed must be 2 bignums */
+ if(algo == LDNS_ECDSAP256SHA256) {
+ if(len != 2*256/8) return NULL;
+ /* ECCurve_X9_62_PRIME_256V1 */
+ } else if(algo == LDNS_ECDSAP384SHA384) {
+ if(len != 2*384/8) return NULL;
+ /* ECCurve_X9_62_PRIME_384R1 */
+ } else return NULL;
+
+ buf[0] = 0x04; /* POINT_FORM_UNCOMPRESSED */
+ memmove(buf+1, key, len);
+ pub.data = buf;
+ pub.len = len+1;
+ if(algo == LDNS_ECDSAP256SHA256) {
+ params.data = param256;
+ params.len = sizeof(param256);
+ } else {
+ params.data = param384;
+ params.len = sizeof(param384);
+ }
+
+ pk = nss_key_create(ecKey);
+ if(!pk)
+ return NULL;
+ pk->u.ec.size = (len/2)*8;
+ if(SECITEM_CopyItem(pk->arena, &pk->u.ec.publicValue, &pub)) {
+ SECKEY_DestroyPublicKey(pk);
+ return NULL;
+ }
+ if(SECITEM_CopyItem(pk->arena, &pk->u.ec.DEREncodedParams, &params)) {
+ SECKEY_DestroyPublicKey(pk);
+ return NULL;
+ }
+
+ return pk;
+}
+
+static SECKEYPublicKey* nss_buf2dsa(unsigned char* key, size_t len)
+{
+ SECKEYPublicKey* pk;
+ uint8_t T;
+ uint16_t length;
+ uint16_t offset;
+ SECItem Q = {siBuffer, NULL, 0};
+ SECItem P = {siBuffer, NULL, 0};
+ SECItem G = {siBuffer, NULL, 0};
+ SECItem Y = {siBuffer, NULL, 0};
+
+ if(len == 0)
+ return NULL;
+ T = (uint8_t)key[0];
+ length = (64 + T * 8);
+ offset = 1;
+
+ if (T > 8) {
+ return NULL;
+ }
+ if(len < (size_t)1 + SHA1_LENGTH + 3*length)
+ return NULL;
+
+ Q.data = key+offset;
+ Q.len = SHA1_LENGTH;
+ offset += SHA1_LENGTH;
+
+ P.data = key+offset;
+ P.len = length;
+ offset += length;
+
+ G.data = key+offset;
+ G.len = length;
+ offset += length;
+
+ Y.data = key+offset;
+ Y.len = length;
+ offset += length;
+
+ pk = nss_key_create(dsaKey);
+ if(!pk)
+ return NULL;
+ if(SECITEM_CopyItem(pk->arena, &pk->u.dsa.params.prime, &P)) {
+ SECKEY_DestroyPublicKey(pk);
+ return NULL;
+ }
+ if(SECITEM_CopyItem(pk->arena, &pk->u.dsa.params.subPrime, &Q)) {
+ SECKEY_DestroyPublicKey(pk);
+ return NULL;
+ }
+ if(SECITEM_CopyItem(pk->arena, &pk->u.dsa.params.base, &G)) {
+ SECKEY_DestroyPublicKey(pk);
+ return NULL;
+ }
+ if(SECITEM_CopyItem(pk->arena, &pk->u.dsa.publicValue, &Y)) {
+ SECKEY_DestroyPublicKey(pk);
+ return NULL;
+ }
+ return pk;
+}
+
+static SECKEYPublicKey* nss_buf2rsa(unsigned char* key, size_t len)
+{
+ SECKEYPublicKey* pk;
+ uint16_t exp;
+ uint16_t offset;
+ uint16_t int16;
+ SECItem modulus = {siBuffer, NULL, 0};
+ SECItem exponent = {siBuffer, NULL, 0};
+ if(len == 0)
+ return NULL;
+ if(key[0] == 0) {
+ if(len < 3)
+ return NULL;
+ /* the exponent is too large so it's places further */
+ memmove(&int16, key+1, 2);
+ exp = ntohs(int16);
+ offset = 3;
+ } else {
+ exp = key[0];
+ offset = 1;
+ }
+
+ /* key length at least one */
+ if(len < (size_t)offset + exp + 1)
+ return NULL;
+
+ exponent.data = key+offset;
+ exponent.len = exp;
+ offset += exp;
+ modulus.data = key+offset;
+ modulus.len = (len - offset);
+
+ pk = nss_key_create(rsaKey);
+ if(!pk)
+ return NULL;
+ if(SECITEM_CopyItem(pk->arena, &pk->u.rsa.modulus, &modulus)) {
+ SECKEY_DestroyPublicKey(pk);
+ return NULL;
+ }
+ if(SECITEM_CopyItem(pk->arena, &pk->u.rsa.publicExponent, &exponent)) {
+ SECKEY_DestroyPublicKey(pk);
+ return NULL;
+ }
+ return pk;
+}
+
+/**
+ * Setup key and digest for verification. Adjust sig if necessary.
+ *
+ * @param algo: key algorithm
+ * @param evp_key: EVP PKEY public key to create.
+ * @param digest_type: digest type to use
+ * @param key: key to setup for.
+ * @param keylen: length of key.
+ * @param prefix: if returned, the ASN prefix for the hashblob.
+ * @param prefixlen: length of the prefix.
+ * @return false on failure.
+ */
+static int
+nss_setup_key_digest(int algo, SECKEYPublicKey** pubkey, HASH_HashType* htype,
+ unsigned char* key, size_t keylen, unsigned char** prefix,
+ size_t* prefixlen)
+{
+ /* uses libNSS */
+
+ /* hash prefix for md5, RFC2537 */
+ static unsigned char p_md5[] = {0x30, 0x20, 0x30, 0x0c, 0x06, 0x08, 0x2a,
+ 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x05, 0x05, 0x00, 0x04, 0x10};
+ /* hash prefix to prepend to hash output, from RFC3110 */
+ static unsigned char p_sha1[] = {0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2B,
+ 0x0E, 0x03, 0x02, 0x1A, 0x05, 0x00, 0x04, 0x14};
+ /* from RFC5702 */
+ static unsigned char p_sha256[] = {0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60,
+ 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20};
+ static unsigned char p_sha512[] = {0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60,
+ 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x05, 0x00, 0x04, 0x40};
+ /* from RFC6234 */
+ /* for future RSASHA384 ..
+ static unsigned char p_sha384[] = {0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60,
+ 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, 0x05, 0x00, 0x04, 0x30};
+ */
+
+ switch(algo) {
+ case LDNS_DSA:
+ case LDNS_DSA_NSEC3:
+ *pubkey = nss_buf2dsa(key, keylen);
+ if(!*pubkey) {
+ log_err("verify: malloc failure in crypto");
+ return 0;
+ }
+ *htype = HASH_AlgSHA1;
+ /* no prefix for DSA verification */
+ break;
+ case LDNS_RSASHA1:
+ case LDNS_RSASHA1_NSEC3:
+#ifdef USE_SHA2
+ case LDNS_RSASHA256:
+#endif
+#ifdef USE_SHA2
+ case LDNS_RSASHA512:
+#endif
+ *pubkey = nss_buf2rsa(key, keylen);
+ if(!*pubkey) {
+ log_err("verify: malloc failure in crypto");
+ return 0;
+ }
+ /* select SHA version */
+#ifdef USE_SHA2
+ if(algo == LDNS_RSASHA256) {
+ *htype = HASH_AlgSHA256;
+ *prefix = p_sha256;
+ *prefixlen = sizeof(p_sha256);
+ } else
+#endif
+#ifdef USE_SHA2
+ if(algo == LDNS_RSASHA512) {
+ *htype = HASH_AlgSHA512;
+ *prefix = p_sha512;
+ *prefixlen = sizeof(p_sha512);
+ } else
+#endif
+ {
+ *htype = HASH_AlgSHA1;
+ *prefix = p_sha1;
+ *prefixlen = sizeof(p_sha1);
+ }
+
+ break;
+ case LDNS_RSAMD5:
+ *pubkey = nss_buf2rsa(key, keylen);
+ if(!*pubkey) {
+ log_err("verify: malloc failure in crypto");
+ return 0;
+ }
+ *htype = HASH_AlgMD5;
+ *prefix = p_md5;
+ *prefixlen = sizeof(p_md5);
+
+ break;
+#ifdef USE_ECDSA
+ case LDNS_ECDSAP256SHA256:
+ *pubkey = nss_buf2ecdsa(key, keylen,
+ LDNS_ECDSAP256SHA256);
+ if(!*pubkey) {
+ log_err("verify: malloc failure in crypto");
+ return 0;
+ }
+ *htype = HASH_AlgSHA256;
+ /* no prefix for DSA verification */
+ break;
+ case LDNS_ECDSAP384SHA384:
+ *pubkey = nss_buf2ecdsa(key, keylen,
+ LDNS_ECDSAP384SHA384);
+ if(!*pubkey) {
+ log_err("verify: malloc failure in crypto");
+ return 0;
+ }
+ *htype = HASH_AlgSHA384;
+ /* no prefix for DSA verification */
+ break;
+#endif /* USE_ECDSA */
+ case LDNS_ECC_GOST:
+ default:
+ verbose(VERB_QUERY, "verify: unknown algorithm %d",
+ algo);
+ return 0;
+ }
+ return 1;
+}
+
+/**
+ * Check a canonical sig+rrset and signature against a dnskey
+ * @param buf: buffer with data to verify, the first rrsig part and the
+ * canonicalized rrset.
+ * @param algo: DNSKEY algorithm.
+ * @param sigblock: signature rdata field from RRSIG
+ * @param sigblock_len: length of sigblock data.
+ * @param key: public key data from DNSKEY RR.
+ * @param keylen: length of keydata.
+ * @param reason: bogus reason in more detail.
+ * @return secure if verification succeeded, bogus on crypto failure,
+ * unchecked on format errors and alloc failures.
+ */
+enum sec_status
+verify_canonrrset(sldns_buffer* buf, int algo, unsigned char* sigblock,
+ unsigned int sigblock_len, unsigned char* key, unsigned int keylen,
+ char** reason)
+{
+ /* uses libNSS */
+ /* large enough for the different hashes */
+ unsigned char hash[HASH_LENGTH_MAX];
+ unsigned char hash2[HASH_LENGTH_MAX*2];
+ HASH_HashType htype = 0;
+ SECKEYPublicKey* pubkey = NULL;
+ SECItem secsig = {siBuffer, sigblock, sigblock_len};
+ SECItem sechash = {siBuffer, hash, 0};
+ SECStatus res;
+ unsigned char* prefix = NULL; /* prefix for hash, RFC3110, RFC5702 */
+ size_t prefixlen = 0;
+ int err;
+
+ if(!nss_setup_key_digest(algo, &pubkey, &htype, key, keylen,
+ &prefix, &prefixlen)) {
+ verbose(VERB_QUERY, "verify: failed to setup key");
+ *reason = "use of key for crypto failed";
+ SECKEY_DestroyPublicKey(pubkey);
+ return sec_status_bogus;
+ }
+
+ /* need to convert DSA, ECDSA signatures? */
+ if((algo == LDNS_DSA || algo == LDNS_DSA_NSEC3)) {
+ if(sigblock_len == 1+2*SHA1_LENGTH) {
+ secsig.data ++;
+ secsig.len --;
+ } else {
+ SECItem* p = DSAU_DecodeDerSig(&secsig);
+ if(!p) {
+ verbose(VERB_QUERY, "verify: failed DER decode");
+ *reason = "signature DER decode failed";
+ SECKEY_DestroyPublicKey(pubkey);
+ return sec_status_bogus;
+ }
+ if(SECITEM_CopyItem(pubkey->arena, &secsig, p)) {
+ log_err("alloc failure in DER decode");
+ SECKEY_DestroyPublicKey(pubkey);
+ SECITEM_FreeItem(p, PR_TRUE);
+ return sec_status_unchecked;
+ }
+ SECITEM_FreeItem(p, PR_TRUE);
+ }
+ }
+
+ /* do the signature cryptography work */
+ /* hash the data */
+ sechash.len = HASH_ResultLen(htype);
+ if(sechash.len > sizeof(hash)) {
+ verbose(VERB_QUERY, "verify: hash too large for buffer");
+ SECKEY_DestroyPublicKey(pubkey);
+ return sec_status_unchecked;
+ }
+ if(HASH_HashBuf(htype, hash, (unsigned char*)sldns_buffer_begin(buf),
+ (unsigned int)sldns_buffer_limit(buf)) != SECSuccess) {
+ verbose(VERB_QUERY, "verify: HASH_HashBuf failed");
+ SECKEY_DestroyPublicKey(pubkey);
+ return sec_status_unchecked;
+ }
+ if(prefix) {
+ int hashlen = sechash.len;
+ if(prefixlen+hashlen > sizeof(hash2)) {
+ verbose(VERB_QUERY, "verify: hashprefix too large");
+ SECKEY_DestroyPublicKey(pubkey);
+ return sec_status_unchecked;
+ }
+ sechash.data = hash2;
+ sechash.len = prefixlen+hashlen;
+ memcpy(sechash.data, prefix, prefixlen);
+ memmove(sechash.data+prefixlen, hash, hashlen);
+ }
+
+ /* verify the signature */
+ res = PK11_Verify(pubkey, &secsig, &sechash, NULL /*wincx*/);
+ SECKEY_DestroyPublicKey(pubkey);
+
+ if(res == SECSuccess) {
+ return sec_status_secure;
+ }
+ err = PORT_GetError();
+ if(err != SEC_ERROR_BAD_SIGNATURE) {
+ /* failed to verify */
+ verbose(VERB_QUERY, "verify: PK11_Verify failed: %s",
+ PORT_ErrorToString(err));
+ /* if it is not supported, like ECC is removed, we get,
+ * SEC_ERROR_NO_MODULE */
+ if(err == SEC_ERROR_NO_MODULE)
+ return sec_status_unchecked;
+ /* but other errors are commonly returned
+ * for a bad signature from NSS. Thus we return bogus,
+ * not unchecked */
+ *reason = "signature crypto failed";
+ return sec_status_bogus;
+ }
+ verbose(VERB_QUERY, "verify: signature mismatch: %s",
+ PORT_ErrorToString(err));
+ *reason = "signature crypto failed";
+ return sec_status_bogus;
+}
+
+
+#endif /* HAVE_SSL or HAVE_NSS */
diff --git a/external/unbound/validator/val_secalgo.h b/external/unbound/validator/val_secalgo.h
new file mode 100644
index 000000000..085fbc5a4
--- /dev/null
+++ b/external/unbound/validator/val_secalgo.h
@@ -0,0 +1,84 @@
+/*
+ * validator/val_secalgo.h - validator security algorithm functions.
+ *
+ * Copyright (c) 2012, NLnet Labs. All rights reserved.
+ *
+ * This software is open source.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of the NLNET LABS nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/**
+ * \file
+ *
+ * This file contains helper functions for the validator module.
+ * The functions take buffers with raw data and convert to library calls.
+ */
+
+#ifndef VALIDATOR_VAL_SECALGO_H
+#define VALIDATOR_VAL_SECALGO_H
+struct sldns_buffer;
+
+/**
+ * Return size of DS digest according to its hash algorithm.
+ * @param algo: DS digest algo.
+ * @return size in bytes of digest, or 0 if not supported.
+ */
+size_t ds_digest_size_supported(int algo);
+
+/**
+ * @param algo: the DS digest algo
+ * @param buf: the buffer to digest
+ * @param len: length of buffer to digest.
+ * @param res: result stored here (must have sufficient space).
+ * @return false on failure.
+ */
+int secalgo_ds_digest(int algo, unsigned char* buf, size_t len,
+ unsigned char* res);
+
+/** return true if DNSKEY algorithm id is supported */
+int dnskey_algo_id_is_supported(int id);
+
+/**
+ * Check a canonical sig+rrset and signature against a dnskey
+ * @param buf: buffer with data to verify, the first rrsig part and the
+ * canonicalized rrset.
+ * @param algo: DNSKEY algorithm.
+ * @param sigblock: signature rdata field from RRSIG
+ * @param sigblock_len: length of sigblock data.
+ * @param key: public key data from DNSKEY RR.
+ * @param keylen: length of keydata.
+ * @param reason: bogus reason in more detail.
+ * @return secure if verification succeeded, bogus on crypto failure,
+ * unchecked on format errors and alloc failures.
+ */
+enum sec_status verify_canonrrset(struct sldns_buffer* buf, int algo,
+ unsigned char* sigblock, unsigned int sigblock_len,
+ unsigned char* key, unsigned int keylen, char** reason);
+
+#endif /* VALIDATOR_VAL_SECALGO_H */
diff --git a/external/unbound/validator/val_sigcrypt.c b/external/unbound/validator/val_sigcrypt.c
new file mode 100644
index 000000000..5a4d0f471
--- /dev/null
+++ b/external/unbound/validator/val_sigcrypt.c
@@ -0,0 +1,1437 @@
+/*
+ * validator/val_sigcrypt.c - validator signature crypto functions.
+ *
+ * Copyright (c) 2007, NLnet Labs. All rights reserved.
+ *
+ * This software is open source.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of the NLNET LABS nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/**
+ * \file
+ *
+ * This file contains helper functions for the validator module.
+ * The functions help with signature verification and checking, the
+ * bridging between RR wireformat data and crypto calls.
+ */
+#include "config.h"
+#include "validator/val_sigcrypt.h"
+#include "validator/val_secalgo.h"
+#include "validator/validator.h"
+#include "util/data/msgreply.h"
+#include "util/data/msgparse.h"
+#include "util/data/dname.h"
+#include "util/rbtree.h"
+#include "util/module.h"
+#include "util/net_help.h"
+#include "util/regional.h"
+#include "ldns/keyraw.h"
+#include "ldns/sbuffer.h"
+#include "ldns/parseutil.h"
+#include "ldns/wire2str.h"
+
+#include <ctype.h>
+#if !defined(HAVE_SSL) && !defined(HAVE_NSS)
+#error "Need crypto library to do digital signature cryptography"
+#endif
+
+#ifdef HAVE_OPENSSL_ERR_H
+#include <openssl/err.h>
+#endif
+
+#ifdef HAVE_OPENSSL_RAND_H
+#include <openssl/rand.h>
+#endif
+
+#ifdef HAVE_OPENSSL_CONF_H
+#include <openssl/conf.h>
+#endif
+
+#ifdef HAVE_OPENSSL_ENGINE_H
+#include <openssl/engine.h>
+#endif
+
+/** return number of rrs in an rrset */
+static size_t
+rrset_get_count(struct ub_packed_rrset_key* rrset)
+{
+ struct packed_rrset_data* d = (struct packed_rrset_data*)
+ rrset->entry.data;
+ if(!d) return 0;
+ return d->count;
+}
+
+/**
+ * Get RR signature count
+ */
+static size_t
+rrset_get_sigcount(struct ub_packed_rrset_key* k)
+{
+ struct packed_rrset_data* d = (struct packed_rrset_data*)k->entry.data;
+ return d->rrsig_count;
+}
+
+/**
+ * Get signature keytag value
+ * @param k: rrset (with signatures)
+ * @param sig_idx: signature index.
+ * @return keytag or 0 if malformed rrsig.
+ */
+static uint16_t
+rrset_get_sig_keytag(struct ub_packed_rrset_key* k, size_t sig_idx)
+{
+ uint16_t t;
+ struct packed_rrset_data* d = (struct packed_rrset_data*)k->entry.data;
+ log_assert(sig_idx < d->rrsig_count);
+ if(d->rr_len[d->count + sig_idx] < 2+18)
+ return 0;
+ memmove(&t, d->rr_data[d->count + sig_idx]+2+16, 2);
+ return ntohs(t);
+}
+
+/**
+ * Get signature signing algorithm value
+ * @param k: rrset (with signatures)
+ * @param sig_idx: signature index.
+ * @return algo or 0 if malformed rrsig.
+ */
+static int
+rrset_get_sig_algo(struct ub_packed_rrset_key* k, size_t sig_idx)
+{
+ struct packed_rrset_data* d = (struct packed_rrset_data*)k->entry.data;
+ log_assert(sig_idx < d->rrsig_count);
+ if(d->rr_len[d->count + sig_idx] < 2+3)
+ return 0;
+ return (int)d->rr_data[d->count + sig_idx][2+2];
+}
+
+/** get rdata pointer and size */
+static void
+rrset_get_rdata(struct ub_packed_rrset_key* k, size_t idx, uint8_t** rdata,
+ size_t* len)
+{
+ struct packed_rrset_data* d = (struct packed_rrset_data*)k->entry.data;
+ log_assert(d && idx < (d->count + d->rrsig_count));
+ *rdata = d->rr_data[idx];
+ *len = d->rr_len[idx];
+}
+
+uint16_t
+dnskey_get_flags(struct ub_packed_rrset_key* k, size_t idx)
+{
+ uint8_t* rdata;
+ size_t len;
+ uint16_t f;
+ rrset_get_rdata(k, idx, &rdata, &len);
+ if(len < 2+2)
+ return 0;
+ memmove(&f, rdata+2, 2);
+ f = ntohs(f);
+ return f;
+}
+
+/**
+ * Get DNSKEY protocol value from rdata
+ * @param k: DNSKEY rrset.
+ * @param idx: which key.
+ * @return protocol octet value
+ */
+static int
+dnskey_get_protocol(struct ub_packed_rrset_key* k, size_t idx)
+{
+ uint8_t* rdata;
+ size_t len;
+ rrset_get_rdata(k, idx, &rdata, &len);
+ if(len < 2+4)
+ return 0;
+ return (int)rdata[2+2];
+}
+
+int
+dnskey_get_algo(struct ub_packed_rrset_key* k, size_t idx)
+{
+ uint8_t* rdata;
+ size_t len;
+ rrset_get_rdata(k, idx, &rdata, &len);
+ if(len < 2+4)
+ return 0;
+ return (int)rdata[2+3];
+}
+
+/** get public key rdata field from a dnskey RR and do some checks */
+static void
+dnskey_get_pubkey(struct ub_packed_rrset_key* k, size_t idx,
+ unsigned char** pk, unsigned int* pklen)
+{
+ uint8_t* rdata;
+ size_t len;
+ rrset_get_rdata(k, idx, &rdata, &len);
+ if(len < 2+5) {
+ *pk = NULL;
+ *pklen = 0;
+ return;
+ }
+ *pk = (unsigned char*)rdata+2+4;
+ *pklen = (unsigned)len-2-4;
+}
+
+int
+ds_get_key_algo(struct ub_packed_rrset_key* k, size_t idx)
+{
+ uint8_t* rdata;
+ size_t len;
+ rrset_get_rdata(k, idx, &rdata, &len);
+ if(len < 2+3)
+ return 0;
+ return (int)rdata[2+2];
+}
+
+int
+ds_get_digest_algo(struct ub_packed_rrset_key* k, size_t idx)
+{
+ uint8_t* rdata;
+ size_t len;
+ rrset_get_rdata(k, idx, &rdata, &len);
+ if(len < 2+4)
+ return 0;
+ return (int)rdata[2+3];
+}
+
+uint16_t
+ds_get_keytag(struct ub_packed_rrset_key* ds_rrset, size_t ds_idx)
+{
+ uint16_t t;
+ uint8_t* rdata;
+ size_t len;
+ rrset_get_rdata(ds_rrset, ds_idx, &rdata, &len);
+ if(len < 2+2)
+ return 0;
+ memmove(&t, rdata+2, 2);
+ return ntohs(t);
+}
+
+/**
+ * Return pointer to the digest in a DS RR.
+ * @param k: DS rrset.
+ * @param idx: which DS.
+ * @param digest: digest data is returned.
+ * on error, this is NULL.
+ * @param len: length of digest is returned.
+ * on error, the length is 0.
+ */
+static void
+ds_get_sigdata(struct ub_packed_rrset_key* k, size_t idx, uint8_t** digest,
+ size_t* len)
+{
+ uint8_t* rdata;
+ size_t rdlen;
+ rrset_get_rdata(k, idx, &rdata, &rdlen);
+ if(rdlen < 2+5) {
+ *digest = NULL;
+ *len = 0;
+ return;
+ }
+ *digest = rdata + 2 + 4;
+ *len = rdlen - 2 - 4;
+}
+
+/**
+ * Return size of DS digest according to its hash algorithm.
+ * @param k: DS rrset.
+ * @param idx: which DS.
+ * @return size in bytes of digest, or 0 if not supported.
+ */
+static size_t
+ds_digest_size_algo(struct ub_packed_rrset_key* k, size_t idx)
+{
+ return ds_digest_size_supported(ds_get_digest_algo(k, idx));
+}
+
+/**
+ * Create a DS digest for a DNSKEY entry.
+ *
+ * @param env: module environment. Uses scratch space.
+ * @param dnskey_rrset: DNSKEY rrset.
+ * @param dnskey_idx: index of RR in rrset.
+ * @param ds_rrset: DS rrset
+ * @param ds_idx: index of RR in DS rrset.
+ * @param digest: digest is returned in here (must be correctly sized).
+ * @return false on error.
+ */
+static int
+ds_create_dnskey_digest(struct module_env* env,
+ struct ub_packed_rrset_key* dnskey_rrset, size_t dnskey_idx,
+ struct ub_packed_rrset_key* ds_rrset, size_t ds_idx,
+ uint8_t* digest)
+{
+ sldns_buffer* b = env->scratch_buffer;
+ uint8_t* dnskey_rdata;
+ size_t dnskey_len;
+ rrset_get_rdata(dnskey_rrset, dnskey_idx, &dnskey_rdata, &dnskey_len);
+
+ /* create digest source material in buffer
+ * digest = digest_algorithm( DNSKEY owner name | DNSKEY RDATA);
+ * DNSKEY RDATA = Flags | Protocol | Algorithm | Public Key. */
+ sldns_buffer_clear(b);
+ sldns_buffer_write(b, dnskey_rrset->rk.dname,
+ dnskey_rrset->rk.dname_len);
+ query_dname_tolower(sldns_buffer_begin(b));
+ sldns_buffer_write(b, dnskey_rdata+2, dnskey_len-2); /* skip rdatalen*/
+ sldns_buffer_flip(b);
+
+ return secalgo_ds_digest(ds_get_digest_algo(ds_rrset, ds_idx),
+ (unsigned char*)sldns_buffer_begin(b), sldns_buffer_limit(b),
+ (unsigned char*)digest);
+}
+
+int ds_digest_match_dnskey(struct module_env* env,
+ struct ub_packed_rrset_key* dnskey_rrset, size_t dnskey_idx,
+ struct ub_packed_rrset_key* ds_rrset, size_t ds_idx)
+{
+ uint8_t* ds; /* DS digest */
+ size_t dslen;
+ uint8_t* digest; /* generated digest */
+ size_t digestlen = ds_digest_size_algo(ds_rrset, ds_idx);
+
+ if(digestlen == 0) {
+ verbose(VERB_QUERY, "DS fail: not supported, or DS RR "
+ "format error");
+ return 0; /* not supported, or DS RR format error */
+ }
+ /* check digest length in DS with length from hash function */
+ ds_get_sigdata(ds_rrset, ds_idx, &ds, &dslen);
+ if(!ds || dslen != digestlen) {
+ verbose(VERB_QUERY, "DS fail: DS RR algo and digest do not "
+ "match each other");
+ return 0; /* DS algorithm and digest do not match */
+ }
+
+ digest = regional_alloc(env->scratch, digestlen);
+ if(!digest) {
+ verbose(VERB_QUERY, "DS fail: out of memory");
+ return 0; /* mem error */
+ }
+ if(!ds_create_dnskey_digest(env, dnskey_rrset, dnskey_idx, ds_rrset,
+ ds_idx, digest)) {
+ verbose(VERB_QUERY, "DS fail: could not calc key digest");
+ return 0; /* digest algo failed */
+ }
+ if(memcmp(digest, ds, dslen) != 0) {
+ verbose(VERB_QUERY, "DS fail: digest is different");
+ return 0; /* digest different */
+ }
+ return 1;
+}
+
+int
+ds_digest_algo_is_supported(struct ub_packed_rrset_key* ds_rrset,
+ size_t ds_idx)
+{
+ return (ds_digest_size_algo(ds_rrset, ds_idx) != 0);
+}
+
+int
+ds_key_algo_is_supported(struct ub_packed_rrset_key* ds_rrset,
+ size_t ds_idx)
+{
+ return dnskey_algo_id_is_supported(ds_get_key_algo(ds_rrset, ds_idx));
+}
+
+uint16_t
+dnskey_calc_keytag(struct ub_packed_rrset_key* dnskey_rrset, size_t dnskey_idx)
+{
+ uint8_t* data;
+ size_t len;
+ rrset_get_rdata(dnskey_rrset, dnskey_idx, &data, &len);
+ /* do not pass rdatalen to ldns */
+ return sldns_calc_keytag_raw(data+2, len-2);
+}
+
+int dnskey_algo_is_supported(struct ub_packed_rrset_key* dnskey_rrset,
+ size_t dnskey_idx)
+{
+ return dnskey_algo_id_is_supported(dnskey_get_algo(dnskey_rrset,
+ dnskey_idx));
+}
+
+void algo_needs_init_dnskey_add(struct algo_needs* n,
+ struct ub_packed_rrset_key* dnskey, uint8_t* sigalg)
+{
+ uint8_t algo;
+ size_t i, total = n->num;
+ size_t num = rrset_get_count(dnskey);
+
+ for(i=0; i<num; i++) {
+ algo = (uint8_t)dnskey_get_algo(dnskey, i);
+ if(!dnskey_algo_id_is_supported((int)algo))
+ continue;
+ if(n->needs[algo] == 0) {
+ n->needs[algo] = 1;
+ sigalg[total] = algo;
+ total++;
+ }
+ }
+ sigalg[total] = 0;
+ n->num = total;
+}
+
+void algo_needs_init_list(struct algo_needs* n, uint8_t* sigalg)
+{
+ uint8_t algo;
+ size_t total = 0;
+
+ memset(n->needs, 0, sizeof(uint8_t)*ALGO_NEEDS_MAX);
+ while( (algo=*sigalg++) != 0) {
+ log_assert(dnskey_algo_id_is_supported((int)algo));
+ log_assert(n->needs[algo] == 0);
+ n->needs[algo] = 1;
+ total++;
+ }
+ n->num = total;
+}
+
+void algo_needs_init_ds(struct algo_needs* n, struct ub_packed_rrset_key* ds,
+ int fav_ds_algo, uint8_t* sigalg)
+{
+ uint8_t algo;
+ size_t i, total = 0;
+ size_t num = rrset_get_count(ds);
+
+ memset(n->needs, 0, sizeof(uint8_t)*ALGO_NEEDS_MAX);
+ for(i=0; i<num; i++) {
+ if(ds_get_digest_algo(ds, i) != fav_ds_algo)
+ continue;
+ algo = (uint8_t)ds_get_key_algo(ds, i);
+ if(!dnskey_algo_id_is_supported((int)algo))
+ continue;
+ log_assert(algo != 0); /* we do not support 0 and is EOS */
+ if(n->needs[algo] == 0) {
+ n->needs[algo] = 1;
+ sigalg[total] = algo;
+ total++;
+ }
+ }
+ sigalg[total] = 0;
+ n->num = total;
+}
+
+int algo_needs_set_secure(struct algo_needs* n, uint8_t algo)
+{
+ if(n->needs[algo]) {
+ n->needs[algo] = 0;
+ n->num --;
+ if(n->num == 0) /* done! */
+ return 1;
+ }
+ return 0;
+}
+
+void algo_needs_set_bogus(struct algo_needs* n, uint8_t algo)
+{
+ if(n->needs[algo]) n->needs[algo] = 2; /* need it, but bogus */
+}
+
+size_t algo_needs_num_missing(struct algo_needs* n)
+{
+ return n->num;
+}
+
+int algo_needs_missing(struct algo_needs* n)
+{
+ int i;
+ /* first check if a needed algo was bogus - report that */
+ for(i=0; i<ALGO_NEEDS_MAX; i++)
+ if(n->needs[i] == 2)
+ return 0;
+ /* now check which algo is missing */
+ for(i=0; i<ALGO_NEEDS_MAX; i++)
+ if(n->needs[i] == 1)
+ return i;
+ return 0;
+}
+
+enum sec_status
+dnskeyset_verify_rrset(struct module_env* env, struct val_env* ve,
+ struct ub_packed_rrset_key* rrset, struct ub_packed_rrset_key* dnskey,
+ uint8_t* sigalg, char** reason)
+{
+ enum sec_status sec;
+ size_t i, num;
+ rbtree_t* sortree = NULL;
+ /* make sure that for all DNSKEY algorithms there are valid sigs */
+ struct algo_needs needs;
+ int alg;
+
+ num = rrset_get_sigcount(rrset);
+ if(num == 0) {
+ verbose(VERB_QUERY, "rrset failed to verify due to a lack of "
+ "signatures");
+ *reason = "no signatures";
+ return sec_status_bogus;
+ }
+
+ if(sigalg) {
+ algo_needs_init_list(&needs, sigalg);
+ if(algo_needs_num_missing(&needs) == 0) {
+ verbose(VERB_QUERY, "zone has no known algorithms");
+ *reason = "zone has no known algorithms";
+ return sec_status_insecure;
+ }
+ }
+ for(i=0; i<num; i++) {
+ sec = dnskeyset_verify_rrset_sig(env, ve, *env->now, rrset,
+ dnskey, i, &sortree, reason);
+ /* see which algorithm has been fixed up */
+ if(sec == sec_status_secure) {
+ if(!sigalg)
+ return sec; /* done! */
+ else if(algo_needs_set_secure(&needs,
+ (uint8_t)rrset_get_sig_algo(rrset, i)))
+ return sec; /* done! */
+ } else if(sigalg && sec == sec_status_bogus) {
+ algo_needs_set_bogus(&needs,
+ (uint8_t)rrset_get_sig_algo(rrset, i));
+ }
+ }
+ if(sigalg && (alg=algo_needs_missing(&needs)) != 0) {
+ verbose(VERB_ALGO, "rrset failed to verify: "
+ "no valid signatures for %d algorithms",
+ (int)algo_needs_num_missing(&needs));
+ algo_needs_reason(env, alg, reason, "no signatures");
+ } else {
+ verbose(VERB_ALGO, "rrset failed to verify: "
+ "no valid signatures");
+ }
+ return sec_status_bogus;
+}
+
+void algo_needs_reason(struct module_env* env, int alg, char** reason, char* s)
+{
+ char buf[256];
+ sldns_lookup_table *t = sldns_lookup_by_id(sldns_algorithms, alg);
+ if(t&&t->name)
+ snprintf(buf, sizeof(buf), "%s with algorithm %s", s, t->name);
+ else snprintf(buf, sizeof(buf), "%s with algorithm ALG%u", s,
+ (unsigned)alg);
+ *reason = regional_strdup(env->scratch, buf);
+ if(!*reason)
+ *reason = s;
+}
+
+enum sec_status
+dnskey_verify_rrset(struct module_env* env, struct val_env* ve,
+ struct ub_packed_rrset_key* rrset, struct ub_packed_rrset_key* dnskey,
+ size_t dnskey_idx, char** reason)
+{
+ enum sec_status sec;
+ size_t i, num, numchecked = 0;
+ rbtree_t* sortree = NULL;
+ int buf_canon = 0;
+ uint16_t tag = dnskey_calc_keytag(dnskey, dnskey_idx);
+ int algo = dnskey_get_algo(dnskey, dnskey_idx);
+
+ num = rrset_get_sigcount(rrset);
+ if(num == 0) {
+ verbose(VERB_QUERY, "rrset failed to verify due to a lack of "
+ "signatures");
+ *reason = "no signatures";
+ return sec_status_bogus;
+ }
+ for(i=0; i<num; i++) {
+ /* see if sig matches keytag and algo */
+ if(algo != rrset_get_sig_algo(rrset, i) ||
+ tag != rrset_get_sig_keytag(rrset, i))
+ continue;
+ buf_canon = 0;
+ sec = dnskey_verify_rrset_sig(env->scratch,
+ env->scratch_buffer, ve, *env->now, rrset,
+ dnskey, dnskey_idx, i, &sortree, &buf_canon, reason);
+ if(sec == sec_status_secure)
+ return sec;
+ numchecked ++;
+ }
+ verbose(VERB_ALGO, "rrset failed to verify: all signatures are bogus");
+ if(!numchecked) *reason = "signature missing";
+ return sec_status_bogus;
+}
+
+enum sec_status
+dnskeyset_verify_rrset_sig(struct module_env* env, struct val_env* ve,
+ time_t now, struct ub_packed_rrset_key* rrset,
+ struct ub_packed_rrset_key* dnskey, size_t sig_idx,
+ struct rbtree_t** sortree, char** reason)
+{
+ /* find matching keys and check them */
+ enum sec_status sec = sec_status_bogus;
+ uint16_t tag = rrset_get_sig_keytag(rrset, sig_idx);
+ int algo = rrset_get_sig_algo(rrset, sig_idx);
+ size_t i, num = rrset_get_count(dnskey);
+ size_t numchecked = 0;
+ int buf_canon = 0;
+ verbose(VERB_ALGO, "verify sig %d %d", (int)tag, algo);
+ if(!dnskey_algo_id_is_supported(algo)) {
+ verbose(VERB_QUERY, "verify sig: unknown algorithm");
+ return sec_status_insecure;
+ }
+
+ for(i=0; i<num; i++) {
+ /* see if key matches keytag and algo */
+ if(algo != dnskey_get_algo(dnskey, i) ||
+ tag != dnskey_calc_keytag(dnskey, i))
+ continue;
+ numchecked ++;
+
+ /* see if key verifies */
+ sec = dnskey_verify_rrset_sig(env->scratch,
+ env->scratch_buffer, ve, now, rrset, dnskey, i,
+ sig_idx, sortree, &buf_canon, reason);
+ if(sec == sec_status_secure)
+ return sec;
+ }
+ if(numchecked == 0) {
+ *reason = "signatures from unknown keys";
+ verbose(VERB_QUERY, "verify: could not find appropriate key");
+ return sec_status_bogus;
+ }
+ return sec_status_bogus;
+}
+
+/**
+ * RR entries in a canonical sorted tree of RRs
+ */
+struct canon_rr {
+ /** rbtree node, key is this structure */
+ rbnode_t node;
+ /** rrset the RR is in */
+ struct ub_packed_rrset_key* rrset;
+ /** which RR in the rrset */
+ size_t rr_idx;
+};
+
+/**
+ * Compare two RR for canonical order, in a field-style sweep.
+ * @param d: rrset data
+ * @param desc: ldns wireformat descriptor.
+ * @param i: first RR to compare
+ * @param j: first RR to compare
+ * @return comparison code.
+ */
+static int
+canonical_compare_byfield(struct packed_rrset_data* d,
+ const sldns_rr_descriptor* desc, size_t i, size_t j)
+{
+ /* sweep across rdata, keep track of some state:
+ * which rr field, and bytes left in field.
+ * current position in rdata, length left.
+ * are we in a dname, length left in a label.
+ */
+ int wfi = -1; /* current wireformat rdata field (rdf) */
+ int wfj = -1;
+ uint8_t* di = d->rr_data[i]+2; /* ptr to current rdata byte */
+ uint8_t* dj = d->rr_data[j]+2;
+ size_t ilen = d->rr_len[i]-2; /* length left in rdata */
+ size_t jlen = d->rr_len[j]-2;
+ int dname_i = 0; /* true if these bytes are part of a name */
+ int dname_j = 0;
+ size_t lablen_i = 0; /* 0 for label length byte,for first byte of rdf*/
+ size_t lablen_j = 0; /* otherwise remaining length of rdf or label */
+ int dname_num_i = (int)desc->_dname_count; /* decreased at root label */
+ int dname_num_j = (int)desc->_dname_count;
+
+ /* loop while there are rdata bytes available for both rrs,
+ * and still some lowercasing needs to be done; either the dnames
+ * have not been reached yet, or they are currently being processed */
+ while(ilen > 0 && jlen > 0 && (dname_num_i > 0 || dname_num_j > 0)) {
+ /* compare these two bytes */
+ /* lowercase if in a dname and not a label length byte */
+ if( ((dname_i && lablen_i)?(uint8_t)tolower((int)*di):*di)
+ != ((dname_j && lablen_j)?(uint8_t)tolower((int)*dj):*dj)
+ ) {
+ if(((dname_i && lablen_i)?(uint8_t)tolower((int)*di):*di)
+ < ((dname_j && lablen_j)?(uint8_t)tolower((int)*dj):*dj))
+ return -1;
+ return 1;
+ }
+ ilen--;
+ jlen--;
+ /* bytes are equal */
+
+ /* advance field i */
+ /* lablen 0 means that this byte is the first byte of the
+ * next rdata field; inspect this rdata field and setup
+ * to process the rest of this rdata field.
+ * The reason to first read the byte, then setup the rdf,
+ * is that we are then sure the byte is available and short
+ * rdata is handled gracefully (even if it is a formerr). */
+ if(lablen_i == 0) {
+ if(dname_i) {
+ /* scan this dname label */
+ /* capture length to lowercase */
+ lablen_i = (size_t)*di;
+ if(lablen_i == 0) {
+ /* end root label */
+ dname_i = 0;
+ dname_num_i--;
+ /* if dname num is 0, then the
+ * remainder is binary only */
+ if(dname_num_i == 0)
+ lablen_i = ilen;
+ }
+ } else {
+ /* scan this rdata field */
+ wfi++;
+ if(desc->_wireformat[wfi]
+ == LDNS_RDF_TYPE_DNAME) {
+ dname_i = 1;
+ lablen_i = (size_t)*di;
+ if(lablen_i == 0) {
+ dname_i = 0;
+ dname_num_i--;
+ if(dname_num_i == 0)
+ lablen_i = ilen;
+ }
+ } else if(desc->_wireformat[wfi]
+ == LDNS_RDF_TYPE_STR)
+ lablen_i = (size_t)*di;
+ else lablen_i = get_rdf_size(
+ desc->_wireformat[wfi]) - 1;
+ }
+ } else lablen_i--;
+
+ /* advance field j; same as for i */
+ if(lablen_j == 0) {
+ if(dname_j) {
+ lablen_j = (size_t)*dj;
+ if(lablen_j == 0) {
+ dname_j = 0;
+ dname_num_j--;
+ if(dname_num_j == 0)
+ lablen_j = jlen;
+ }
+ } else {
+ wfj++;
+ if(desc->_wireformat[wfj]
+ == LDNS_RDF_TYPE_DNAME) {
+ dname_j = 1;
+ lablen_j = (size_t)*dj;
+ if(lablen_j == 0) {
+ dname_j = 0;
+ dname_num_j--;
+ if(dname_num_j == 0)
+ lablen_j = jlen;
+ }
+ } else if(desc->_wireformat[wfj]
+ == LDNS_RDF_TYPE_STR)
+ lablen_j = (size_t)*dj;
+ else lablen_j = get_rdf_size(
+ desc->_wireformat[wfj]) - 1;
+ }
+ } else lablen_j--;
+ di++;
+ dj++;
+ }
+ /* end of the loop; because we advanced byte by byte; now we have
+ * that the rdata has ended, or that there is a binary remainder */
+ /* shortest first */
+ if(ilen == 0 && jlen == 0)
+ return 0;
+ if(ilen == 0)
+ return -1;
+ if(jlen == 0)
+ return 1;
+ /* binary remainder, capture comparison in wfi variable */
+ if((wfi = memcmp(di, dj, (ilen<jlen)?ilen:jlen)) != 0)
+ return wfi;
+ if(ilen < jlen)
+ return -1;
+ if(jlen < ilen)
+ return 1;
+ return 0;
+}
+
+/**
+ * Compare two RRs in the same RRset and determine their relative
+ * canonical order.
+ * @param rrset: the rrset in which to perform compares.
+ * @param i: first RR to compare
+ * @param j: first RR to compare
+ * @return 0 if RR i== RR j, -1 if <, +1 if >.
+ */
+static int
+canonical_compare(struct ub_packed_rrset_key* rrset, size_t i, size_t j)
+{
+ struct packed_rrset_data* d = (struct packed_rrset_data*)
+ rrset->entry.data;
+ const sldns_rr_descriptor* desc;
+ uint16_t type = ntohs(rrset->rk.type);
+ size_t minlen;
+ int c;
+
+ if(i==j)
+ return 0;
+ /* in case rdata-len is to be compared for canonical order
+ c = memcmp(d->rr_data[i], d->rr_data[j], 2);
+ if(c != 0)
+ return c; */
+
+ switch(type) {
+ /* These RR types have only a name as RDATA.
+ * This name has to be canonicalized.*/
+ case LDNS_RR_TYPE_NS:
+ case LDNS_RR_TYPE_MD:
+ case LDNS_RR_TYPE_MF:
+ case LDNS_RR_TYPE_CNAME:
+ case LDNS_RR_TYPE_MB:
+ case LDNS_RR_TYPE_MG:
+ case LDNS_RR_TYPE_MR:
+ case LDNS_RR_TYPE_PTR:
+ case LDNS_RR_TYPE_DNAME:
+ /* the wireread function has already checked these
+ * dname's for correctness, and this double checks */
+ if(!dname_valid(d->rr_data[i]+2, d->rr_len[i]-2) ||
+ !dname_valid(d->rr_data[j]+2, d->rr_len[j]-2))
+ return 0;
+ return query_dname_compare(d->rr_data[i]+2,
+ d->rr_data[j]+2);
+
+ /* These RR types have STR and fixed size rdata fields
+ * before one or more name fields that need canonicalizing,
+ * and after that a byte-for byte remainder can be compared.
+ */
+ /* type starts with the name; remainder is binary compared */
+ case LDNS_RR_TYPE_NXT:
+ /* use rdata field formats */
+ case LDNS_RR_TYPE_MINFO:
+ case LDNS_RR_TYPE_RP:
+ case LDNS_RR_TYPE_SOA:
+ case LDNS_RR_TYPE_RT:
+ case LDNS_RR_TYPE_AFSDB:
+ case LDNS_RR_TYPE_KX:
+ case LDNS_RR_TYPE_MX:
+ case LDNS_RR_TYPE_SIG:
+ /* RRSIG signer name has to be downcased */
+ case LDNS_RR_TYPE_RRSIG:
+ case LDNS_RR_TYPE_PX:
+ case LDNS_RR_TYPE_NAPTR:
+ case LDNS_RR_TYPE_SRV:
+ desc = sldns_rr_descript(type);
+ log_assert(desc);
+ /* this holds for the types that need canonicalizing */
+ log_assert(desc->_minimum == desc->_maximum);
+ return canonical_compare_byfield(d, desc, i, j);
+
+ case LDNS_RR_TYPE_HINFO: /* no longer downcased */
+ case LDNS_RR_TYPE_NSEC:
+ default:
+ /* For unknown RR types, or types not listed above,
+ * no canonicalization is needed, do binary compare */
+ /* byte for byte compare, equal means shortest first*/
+ minlen = d->rr_len[i]-2;
+ if(minlen > d->rr_len[j]-2)
+ minlen = d->rr_len[j]-2;
+ c = memcmp(d->rr_data[i]+2, d->rr_data[j]+2, minlen);
+ if(c!=0)
+ return c;
+ /* rdata equal, shortest is first */
+ if(d->rr_len[i] < d->rr_len[j])
+ return -1;
+ if(d->rr_len[i] > d->rr_len[j])
+ return 1;
+ /* rdata equal, length equal */
+ break;
+ }
+ return 0;
+}
+
+int
+canonical_tree_compare(const void* k1, const void* k2)
+{
+ struct canon_rr* r1 = (struct canon_rr*)k1;
+ struct canon_rr* r2 = (struct canon_rr*)k2;
+ log_assert(r1->rrset == r2->rrset);
+ return canonical_compare(r1->rrset, r1->rr_idx, r2->rr_idx);
+}
+
+/**
+ * Sort RRs for rrset in canonical order.
+ * Does not actually canonicalize the RR rdatas.
+ * Does not touch rrsigs.
+ * @param rrset: to sort.
+ * @param d: rrset data.
+ * @param sortree: tree to sort into.
+ * @param rrs: rr storage.
+ */
+static void
+canonical_sort(struct ub_packed_rrset_key* rrset, struct packed_rrset_data* d,
+ rbtree_t* sortree, struct canon_rr* rrs)
+{
+ size_t i;
+ /* insert into rbtree to sort and detect duplicates */
+ for(i=0; i<d->count; i++) {
+ rrs[i].node.key = &rrs[i];
+ rrs[i].rrset = rrset;
+ rrs[i].rr_idx = i;
+ if(!rbtree_insert(sortree, &rrs[i].node)) {
+ /* this was a duplicate */
+ }
+ }
+}
+
+/**
+ * Inser canonical owner name into buffer.
+ * @param buf: buffer to insert into at current position.
+ * @param k: rrset with its owner name.
+ * @param sig: signature with signer name and label count.
+ * must be length checked, at least 18 bytes long.
+ * @param can_owner: position in buffer returned for future use.
+ * @param can_owner_len: length of canonical owner name.
+ */
+static void
+insert_can_owner(sldns_buffer* buf, struct ub_packed_rrset_key* k,
+ uint8_t* sig, uint8_t** can_owner, size_t* can_owner_len)
+{
+ int rrsig_labels = (int)sig[3];
+ int fqdn_labels = dname_signame_label_count(k->rk.dname);
+ *can_owner = sldns_buffer_current(buf);
+ if(rrsig_labels == fqdn_labels) {
+ /* no change */
+ sldns_buffer_write(buf, k->rk.dname, k->rk.dname_len);
+ query_dname_tolower(*can_owner);
+ *can_owner_len = k->rk.dname_len;
+ return;
+ }
+ log_assert(rrsig_labels < fqdn_labels);
+ /* *. | fqdn(rightmost rrsig_labels) */
+ if(rrsig_labels < fqdn_labels) {
+ int i;
+ uint8_t* nm = k->rk.dname;
+ size_t len = k->rk.dname_len;
+ /* so skip fqdn_labels-rrsig_labels */
+ for(i=0; i<fqdn_labels-rrsig_labels; i++) {
+ dname_remove_label(&nm, &len);
+ }
+ *can_owner_len = len+2;
+ sldns_buffer_write(buf, (uint8_t*)"\001*", 2);
+ sldns_buffer_write(buf, nm, len);
+ query_dname_tolower(*can_owner);
+ }
+}
+
+/**
+ * Canonicalize Rdata in buffer.
+ * @param buf: buffer at position just after the rdata.
+ * @param rrset: rrset with type.
+ * @param len: length of the rdata (including rdatalen uint16).
+ */
+static void
+canonicalize_rdata(sldns_buffer* buf, struct ub_packed_rrset_key* rrset,
+ size_t len)
+{
+ uint8_t* datstart = sldns_buffer_current(buf)-len+2;
+ switch(ntohs(rrset->rk.type)) {
+ case LDNS_RR_TYPE_NXT:
+ case LDNS_RR_TYPE_NS:
+ case LDNS_RR_TYPE_MD:
+ case LDNS_RR_TYPE_MF:
+ case LDNS_RR_TYPE_CNAME:
+ case LDNS_RR_TYPE_MB:
+ case LDNS_RR_TYPE_MG:
+ case LDNS_RR_TYPE_MR:
+ case LDNS_RR_TYPE_PTR:
+ case LDNS_RR_TYPE_DNAME:
+ /* type only has a single argument, the name */
+ query_dname_tolower(datstart);
+ return;
+ case LDNS_RR_TYPE_MINFO:
+ case LDNS_RR_TYPE_RP:
+ case LDNS_RR_TYPE_SOA:
+ /* two names after another */
+ query_dname_tolower(datstart);
+ query_dname_tolower(datstart +
+ dname_valid(datstart, len-2));
+ return;
+ case LDNS_RR_TYPE_RT:
+ case LDNS_RR_TYPE_AFSDB:
+ case LDNS_RR_TYPE_KX:
+ case LDNS_RR_TYPE_MX:
+ /* skip fixed part */
+ if(len < 2+2+1) /* rdlen, skiplen, 1byteroot */
+ return;
+ datstart += 2;
+ query_dname_tolower(datstart);
+ return;
+ case LDNS_RR_TYPE_SIG:
+ /* downcase the RRSIG, compat with BIND (kept it from SIG) */
+ case LDNS_RR_TYPE_RRSIG:
+ /* skip fixed part */
+ if(len < 2+18+1)
+ return;
+ datstart += 18;
+ query_dname_tolower(datstart);
+ return;
+ case LDNS_RR_TYPE_PX:
+ /* skip, then two names after another */
+ if(len < 2+2+1)
+ return;
+ datstart += 2;
+ query_dname_tolower(datstart);
+ query_dname_tolower(datstart +
+ dname_valid(datstart, len-2-2));
+ return;
+ case LDNS_RR_TYPE_NAPTR:
+ if(len < 2+4)
+ return;
+ len -= 2+4;
+ datstart += 4;
+ if(len < (size_t)datstart[0]+1) /* skip text field */
+ return;
+ len -= (size_t)datstart[0]+1;
+ datstart += (size_t)datstart[0]+1;
+ if(len < (size_t)datstart[0]+1) /* skip text field */
+ return;
+ len -= (size_t)datstart[0]+1;
+ datstart += (size_t)datstart[0]+1;
+ if(len < (size_t)datstart[0]+1) /* skip text field */
+ return;
+ len -= (size_t)datstart[0]+1;
+ datstart += (size_t)datstart[0]+1;
+ if(len < 1) /* check name is at least 1 byte*/
+ return;
+ query_dname_tolower(datstart);
+ return;
+ case LDNS_RR_TYPE_SRV:
+ /* skip fixed part */
+ if(len < 2+6+1)
+ return;
+ datstart += 6;
+ query_dname_tolower(datstart);
+ return;
+
+ /* do not canonicalize NSEC rdata name, compat with
+ * from bind 9.4 signer, where it does not do so */
+ case LDNS_RR_TYPE_NSEC: /* type starts with the name */
+ case LDNS_RR_TYPE_HINFO: /* not downcased */
+ /* A6 not supported */
+ default:
+ /* nothing to do for unknown types */
+ return;
+ }
+}
+
+int rrset_canonical_equal(struct regional* region,
+ struct ub_packed_rrset_key* k1, struct ub_packed_rrset_key* k2)
+{
+ struct rbtree_t sortree1, sortree2;
+ struct canon_rr *rrs1, *rrs2, *p1, *p2;
+ struct packed_rrset_data* d1=(struct packed_rrset_data*)k1->entry.data;
+ struct packed_rrset_data* d2=(struct packed_rrset_data*)k2->entry.data;
+ struct ub_packed_rrset_key fk;
+ struct packed_rrset_data fd;
+ size_t flen[2];
+ uint8_t* fdata[2];
+
+ /* basic compare */
+ if(k1->rk.dname_len != k2->rk.dname_len ||
+ k1->rk.flags != k2->rk.flags ||
+ k1->rk.type != k2->rk.type ||
+ k1->rk.rrset_class != k2->rk.rrset_class ||
+ query_dname_compare(k1->rk.dname, k2->rk.dname) != 0)
+ return 0;
+ if(d1->ttl != d2->ttl ||
+ d1->count != d2->count ||
+ d1->rrsig_count != d2->rrsig_count ||
+ d1->trust != d2->trust ||
+ d1->security != d2->security)
+ return 0;
+
+ /* init */
+ memset(&fk, 0, sizeof(fk));
+ memset(&fd, 0, sizeof(fd));
+ fk.entry.data = &fd;
+ fd.count = 2;
+ fd.rr_len = flen;
+ fd.rr_data = fdata;
+ rbtree_init(&sortree1, &canonical_tree_compare);
+ rbtree_init(&sortree2, &canonical_tree_compare);
+ rrs1 = regional_alloc(region, sizeof(struct canon_rr)*d1->count);
+ rrs2 = regional_alloc(region, sizeof(struct canon_rr)*d2->count);
+ if(!rrs1 || !rrs2) return 1; /* alloc failure */
+
+ /* sort */
+ canonical_sort(k1, d1, &sortree1, rrs1);
+ canonical_sort(k2, d2, &sortree2, rrs2);
+
+ /* compare canonical-sorted RRs for canonical-equality */
+ if(sortree1.count != sortree2.count)
+ return 0;
+ p1 = (struct canon_rr*)rbtree_first(&sortree1);
+ p2 = (struct canon_rr*)rbtree_first(&sortree2);
+ while(p1 != (struct canon_rr*)RBTREE_NULL &&
+ p2 != (struct canon_rr*)RBTREE_NULL) {
+ flen[0] = d1->rr_len[p1->rr_idx];
+ flen[1] = d2->rr_len[p2->rr_idx];
+ fdata[0] = d1->rr_data[p1->rr_idx];
+ fdata[1] = d2->rr_data[p2->rr_idx];
+
+ if(canonical_compare(&fk, 0, 1) != 0)
+ return 0;
+ p1 = (struct canon_rr*)rbtree_next(&p1->node);
+ p2 = (struct canon_rr*)rbtree_next(&p2->node);
+ }
+ return 1;
+}
+
+/**
+ * Create canonical form of rrset in the scratch buffer.
+ * @param region: temporary region.
+ * @param buf: the buffer to use.
+ * @param k: the rrset to insert.
+ * @param sig: RRSIG rdata to include.
+ * @param siglen: RRSIG rdata len excluding signature field, but inclusive
+ * signer name length.
+ * @param sortree: if NULL is passed a new sorted rrset tree is built.
+ * Otherwise it is reused.
+ * @return false on alloc error.
+ */
+static int
+rrset_canonical(struct regional* region, sldns_buffer* buf,
+ struct ub_packed_rrset_key* k, uint8_t* sig, size_t siglen,
+ struct rbtree_t** sortree)
+{
+ struct packed_rrset_data* d = (struct packed_rrset_data*)k->entry.data;
+ uint8_t* can_owner = NULL;
+ size_t can_owner_len = 0;
+ struct canon_rr* walk;
+ struct canon_rr* rrs;
+
+ if(!*sortree) {
+ *sortree = (struct rbtree_t*)regional_alloc(region,
+ sizeof(rbtree_t));
+ if(!*sortree)
+ return 0;
+ rrs = regional_alloc(region, sizeof(struct canon_rr)*d->count);
+ if(!rrs) {
+ *sortree = NULL;
+ return 0;
+ }
+ rbtree_init(*sortree, &canonical_tree_compare);
+ canonical_sort(k, d, *sortree, rrs);
+ }
+
+ sldns_buffer_clear(buf);
+ sldns_buffer_write(buf, sig, siglen);
+ /* canonicalize signer name */
+ query_dname_tolower(sldns_buffer_begin(buf)+18);
+ RBTREE_FOR(walk, struct canon_rr*, (*sortree)) {
+ /* see if there is enough space left in the buffer */
+ if(sldns_buffer_remaining(buf) < can_owner_len + 2 + 2 + 4
+ + d->rr_len[walk->rr_idx]) {
+ log_err("verify: failed to canonicalize, "
+ "rrset too big");
+ return 0;
+ }
+ /* determine canonical owner name */
+ if(can_owner)
+ sldns_buffer_write(buf, can_owner, can_owner_len);
+ else insert_can_owner(buf, k, sig, &can_owner,
+ &can_owner_len);
+ sldns_buffer_write(buf, &k->rk.type, 2);
+ sldns_buffer_write(buf, &k->rk.rrset_class, 2);
+ sldns_buffer_write(buf, sig+4, 4);
+ sldns_buffer_write(buf, d->rr_data[walk->rr_idx],
+ d->rr_len[walk->rr_idx]);
+ canonicalize_rdata(buf, k, d->rr_len[walk->rr_idx]);
+ }
+ sldns_buffer_flip(buf);
+ return 1;
+}
+
+/** pretty print rrsig error with dates */
+static void
+sigdate_error(const char* str, int32_t expi, int32_t incep, int32_t now)
+{
+ struct tm tm;
+ char expi_buf[16];
+ char incep_buf[16];
+ char now_buf[16];
+ time_t te, ti, tn;
+
+ if(verbosity < VERB_QUERY)
+ return;
+ te = (time_t)expi;
+ ti = (time_t)incep;
+ tn = (time_t)now;
+ memset(&tm, 0, sizeof(tm));
+ if(gmtime_r(&te, &tm) && strftime(expi_buf, 15, "%Y%m%d%H%M%S", &tm)
+ &&gmtime_r(&ti, &tm) && strftime(incep_buf, 15, "%Y%m%d%H%M%S", &tm)
+ &&gmtime_r(&tn, &tm) && strftime(now_buf, 15, "%Y%m%d%H%M%S", &tm)) {
+ log_info("%s expi=%s incep=%s now=%s", str, expi_buf,
+ incep_buf, now_buf);
+ } else
+ log_info("%s expi=%u incep=%u now=%u", str, (unsigned)expi,
+ (unsigned)incep, (unsigned)now);
+}
+
+/** check rrsig dates */
+static int
+check_dates(struct val_env* ve, uint32_t unow,
+ uint8_t* expi_p, uint8_t* incep_p, char** reason)
+{
+ /* read out the dates */
+ int32_t expi, incep, now;
+ memmove(&expi, expi_p, sizeof(expi));
+ memmove(&incep, incep_p, sizeof(incep));
+ expi = ntohl(expi);
+ incep = ntohl(incep);
+
+ /* get current date */
+ if(ve->date_override) {
+ if(ve->date_override == -1) {
+ verbose(VERB_ALGO, "date override: ignore date");
+ return 1;
+ }
+ now = ve->date_override;
+ verbose(VERB_ALGO, "date override option %d", (int)now);
+ } else now = (int32_t)unow;
+
+ /* check them */
+ if(incep - expi > 0) {
+ sigdate_error("verify: inception after expiration, "
+ "signature bad", expi, incep, now);
+ *reason = "signature inception after expiration";
+ return 0;
+ }
+ if(incep - now > 0) {
+ /* within skew ? (calc here to avoid calculation normally) */
+ int32_t skew = (expi-incep)/10;
+ if(skew < ve->skew_min) skew = ve->skew_min;
+ if(skew > ve->skew_max) skew = ve->skew_max;
+ if(incep - now > skew) {
+ sigdate_error("verify: signature bad, current time is"
+ " before inception date", expi, incep, now);
+ *reason = "signature before inception date";
+ return 0;
+ }
+ sigdate_error("verify warning suspicious signature inception "
+ " or bad local clock", expi, incep, now);
+ }
+ if(now - expi > 0) {
+ int32_t skew = (expi-incep)/10;
+ if(skew < ve->skew_min) skew = ve->skew_min;
+ if(skew > ve->skew_max) skew = ve->skew_max;
+ if(now - expi > skew) {
+ sigdate_error("verify: signature expired", expi,
+ incep, now);
+ *reason = "signature expired";
+ return 0;
+ }
+ sigdate_error("verify warning suspicious signature expiration "
+ " or bad local clock", expi, incep, now);
+ }
+ return 1;
+}
+
+/** adjust rrset TTL for verified rrset, compare to original TTL and expi */
+static void
+adjust_ttl(struct val_env* ve, uint32_t unow,
+ struct ub_packed_rrset_key* rrset, uint8_t* orig_p,
+ uint8_t* expi_p, uint8_t* incep_p)
+{
+ struct packed_rrset_data* d =
+ (struct packed_rrset_data*)rrset->entry.data;
+ /* read out the dates */
+ int32_t origttl, expittl, expi, incep, now;
+ memmove(&origttl, orig_p, sizeof(origttl));
+ memmove(&expi, expi_p, sizeof(expi));
+ memmove(&incep, incep_p, sizeof(incep));
+ expi = ntohl(expi);
+ incep = ntohl(incep);
+ origttl = ntohl(origttl);
+
+ /* get current date */
+ if(ve->date_override) {
+ now = ve->date_override;
+ } else now = (int32_t)unow;
+ expittl = expi - now;
+
+ /* so now:
+ * d->ttl: rrset ttl read from message or cache. May be reduced
+ * origttl: original TTL from signature, authoritative TTL max.
+ * expittl: TTL until the signature expires.
+ *
+ * Use the smallest of these.
+ */
+ if(d->ttl > (time_t)origttl) {
+ verbose(VERB_QUERY, "rrset TTL larger than original TTL,"
+ " adjusting TTL downwards");
+ d->ttl = origttl;
+ }
+ if(expittl > 0 && d->ttl > (time_t)expittl) {
+ verbose(VERB_ALGO, "rrset TTL larger than sig expiration ttl,"
+ " adjusting TTL downwards");
+ d->ttl = expittl;
+ }
+}
+
+enum sec_status
+dnskey_verify_rrset_sig(struct regional* region, sldns_buffer* buf,
+ struct val_env* ve, time_t now,
+ struct ub_packed_rrset_key* rrset, struct ub_packed_rrset_key* dnskey,
+ size_t dnskey_idx, size_t sig_idx,
+ struct rbtree_t** sortree, int* buf_canon, char** reason)
+{
+ enum sec_status sec;
+ uint8_t* sig; /* RRSIG rdata */
+ size_t siglen;
+ size_t rrnum = rrset_get_count(rrset);
+ uint8_t* signer; /* rrsig signer name */
+ size_t signer_len;
+ unsigned char* sigblock; /* signature rdata field */
+ unsigned int sigblock_len;
+ uint16_t ktag; /* DNSKEY key tag */
+ unsigned char* key; /* public key rdata field */
+ unsigned int keylen;
+ rrset_get_rdata(rrset, rrnum + sig_idx, &sig, &siglen);
+ /* min length of rdatalen, fixed rrsig, root signer, 1 byte sig */
+ if(siglen < 2+20) {
+ verbose(VERB_QUERY, "verify: signature too short");
+ *reason = "signature too short";
+ return sec_status_bogus;
+ }
+
+ if(!(dnskey_get_flags(dnskey, dnskey_idx) & DNSKEY_BIT_ZSK)) {
+ verbose(VERB_QUERY, "verify: dnskey without ZSK flag");
+ *reason = "dnskey without ZSK flag";
+ return sec_status_bogus;
+ }
+
+ if(dnskey_get_protocol(dnskey, dnskey_idx) != LDNS_DNSSEC_KEYPROTO) {
+ /* RFC 4034 says DNSKEY PROTOCOL MUST be 3 */
+ verbose(VERB_QUERY, "verify: dnskey has wrong key protocol");
+ *reason = "dnskey has wrong protocolnumber";
+ return sec_status_bogus;
+ }
+
+ /* verify as many fields in rrsig as possible */
+ signer = sig+2+18;
+ signer_len = dname_valid(signer, siglen-2-18);
+ if(!signer_len) {
+ verbose(VERB_QUERY, "verify: malformed signer name");
+ *reason = "signer name malformed";
+ return sec_status_bogus; /* signer name invalid */
+ }
+ if(!dname_subdomain_c(rrset->rk.dname, signer)) {
+ verbose(VERB_QUERY, "verify: signer name is off-tree");
+ *reason = "signer name off-tree";
+ return sec_status_bogus; /* signer name offtree */
+ }
+ sigblock = (unsigned char*)signer+signer_len;
+ if(siglen < 2+18+signer_len+1) {
+ verbose(VERB_QUERY, "verify: too short, no signature data");
+ *reason = "signature too short, no signature data";
+ return sec_status_bogus; /* sig rdf is < 1 byte */
+ }
+ sigblock_len = (unsigned int)(siglen - 2 - 18 - signer_len);
+
+ /* verify key dname == sig signer name */
+ if(query_dname_compare(signer, dnskey->rk.dname) != 0) {
+ verbose(VERB_QUERY, "verify: wrong key for rrsig");
+ log_nametypeclass(VERB_QUERY, "RRSIG signername is",
+ signer, 0, 0);
+ log_nametypeclass(VERB_QUERY, "the key name is",
+ dnskey->rk.dname, 0, 0);
+ *reason = "signer name mismatches key name";
+ return sec_status_bogus;
+ }
+
+ /* verify covered type */
+ /* memcmp works because type is in network format for rrset */
+ if(memcmp(sig+2, &rrset->rk.type, 2) != 0) {
+ verbose(VERB_QUERY, "verify: wrong type covered");
+ *reason = "signature covers wrong type";
+ return sec_status_bogus;
+ }
+ /* verify keytag and sig algo (possibly again) */
+ if((int)sig[2+2] != dnskey_get_algo(dnskey, dnskey_idx)) {
+ verbose(VERB_QUERY, "verify: wrong algorithm");
+ *reason = "signature has wrong algorithm";
+ return sec_status_bogus;
+ }
+ ktag = htons(dnskey_calc_keytag(dnskey, dnskey_idx));
+ if(memcmp(sig+2+16, &ktag, 2) != 0) {
+ verbose(VERB_QUERY, "verify: wrong keytag");
+ *reason = "signature has wrong keytag";
+ return sec_status_bogus;
+ }
+
+ /* verify labels is in a valid range */
+ if((int)sig[2+3] > dname_signame_label_count(rrset->rk.dname)) {
+ verbose(VERB_QUERY, "verify: labelcount out of range");
+ *reason = "signature labelcount out of range";
+ return sec_status_bogus;
+ }
+
+ /* original ttl, always ok */
+
+ if(!*buf_canon) {
+ /* create rrset canonical format in buffer, ready for
+ * signature */
+ if(!rrset_canonical(region, buf, rrset, sig+2,
+ 18 + signer_len, sortree)) {
+ log_err("verify: failed due to alloc error");
+ return sec_status_unchecked;
+ }
+ *buf_canon = 1;
+ }
+
+ /* check that dnskey is available */
+ dnskey_get_pubkey(dnskey, dnskey_idx, &key, &keylen);
+ if(!key) {
+ verbose(VERB_QUERY, "verify: short DNSKEY RR");
+ return sec_status_unchecked;
+ }
+
+ /* verify */
+ sec = verify_canonrrset(buf, (int)sig[2+2],
+ sigblock, sigblock_len, key, keylen, reason);
+
+ if(sec == sec_status_secure) {
+ /* check if TTL is too high - reduce if so */
+ adjust_ttl(ve, now, rrset, sig+2+4, sig+2+8, sig+2+12);
+
+ /* verify inception, expiration dates
+ * Do this last so that if you ignore expired-sigs the
+ * rest is sure to be OK. */
+ if(!check_dates(ve, now, sig+2+8, sig+2+12, reason)) {
+ return sec_status_bogus;
+ }
+ }
+
+ return sec;
+}
diff --git a/external/unbound/validator/val_sigcrypt.h b/external/unbound/validator/val_sigcrypt.h
new file mode 100644
index 000000000..68aa9a445
--- /dev/null
+++ b/external/unbound/validator/val_sigcrypt.h
@@ -0,0 +1,323 @@
+/*
+ * validator/val_sigcrypt.h - validator signature crypto functions.
+ *
+ * Copyright (c) 2007, NLnet Labs. All rights reserved.
+ *
+ * This software is open source.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of the NLNET LABS nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/**
+ * \file
+ *
+ * This file contains helper functions for the validator module.
+ * The functions help with signature verification and checking, the
+ * bridging between RR wireformat data and crypto calls.
+ */
+
+#ifndef VALIDATOR_VAL_SIGCRYPT_H
+#define VALIDATOR_VAL_SIGCRYPT_H
+#include "util/data/packed_rrset.h"
+struct val_env;
+struct module_env;
+struct ub_packed_rrset_key;
+struct rbtree_t;
+struct regional;
+struct sldns_buffer;
+
+/** number of entries in algorithm needs array */
+#define ALGO_NEEDS_MAX 256
+
+/**
+ * Storage for algorithm needs. DNSKEY algorithms.
+ */
+struct algo_needs {
+ /** the algorithms (8-bit) with each a number.
+ * 0: not marked.
+ * 1: marked 'necessary but not yet fulfilled'
+ * 2: marked bogus.
+ * Indexed by algorithm number.
+ */
+ uint8_t needs[ALGO_NEEDS_MAX];
+ /** the number of entries in the array that are unfulfilled */
+ size_t num;
+};
+
+/**
+ * Initialize algo needs structure, set algos from rrset as needed.
+ * Results are added to an existing need structure.
+ * @param n: struct with storage.
+ * @param dnskey: algos from this struct set as necessary. DNSKEY set.
+ * @param sigalg: adds to signalled algorithm list too.
+ */
+void algo_needs_init_dnskey_add(struct algo_needs* n,
+ struct ub_packed_rrset_key* dnskey, uint8_t* sigalg);
+
+/**
+ * Initialize algo needs structure from a signalled algo list.
+ * @param n: struct with storage.
+ * @param sigalg: signalled algorithm list, numbers ends with 0.
+ */
+void algo_needs_init_list(struct algo_needs* n, uint8_t* sigalg);
+
+/**
+ * Initialize algo needs structure, set algos from rrset as needed.
+ * @param n: struct with storage.
+ * @param ds: algos from this struct set as necessary. DS set.
+ * @param fav_ds_algo: filter to use only this DS algo.
+ * @param sigalg: list of signalled algos, constructed as output,
+ * provide size ALGO_NEEDS_MAX+1. list of algonumbers, ends with a zero.
+ */
+void algo_needs_init_ds(struct algo_needs* n, struct ub_packed_rrset_key* ds,
+ int fav_ds_algo, uint8_t* sigalg);
+
+/**
+ * Mark this algorithm as a success, sec_secure, and see if we are done.
+ * @param n: storage structure processed.
+ * @param algo: the algorithm processed to be secure.
+ * @return if true, processing has finished successfully, we are satisfied.
+ */
+int algo_needs_set_secure(struct algo_needs* n, uint8_t algo);
+
+/**
+ * Mark this algorithm a failure, sec_bogus. It can later be overridden
+ * by a success for this algorithm (with a different signature).
+ * @param n: storage structure processed.
+ * @param algo: the algorithm processed to be bogus.
+ */
+void algo_needs_set_bogus(struct algo_needs* n, uint8_t algo);
+
+/**
+ * See how many algorithms are missing (not bogus or secure, but not processed)
+ * @param n: storage structure processed.
+ * @return number of algorithms missing after processing.
+ */
+size_t algo_needs_num_missing(struct algo_needs* n);
+
+/**
+ * See which algo is missing.
+ * @param n: struct after processing.
+ * @return if 0 an algorithm was bogus, if a number, this algorithm was
+ * missing. So on 0, report why that was bogus, on number report a missing
+ * algorithm. There could be multiple missing, this reports the first one.
+ */
+int algo_needs_missing(struct algo_needs* n);
+
+/**
+ * Format error reason for algorithm missing.
+ * @param env: module env with scratch for temp storage of string.
+ * @param alg: DNSKEY-algorithm missing.
+ * @param reason: destination.
+ * @param s: string, appended with 'with algorithm ..'.
+ */
+void algo_needs_reason(struct module_env* env, int alg, char** reason, char* s);
+
+/**
+ * Check if dnskey matches a DS digest
+ * Does not check dnskey-keyid footprint, just the digest.
+ * @param env: module environment. Uses scratch space.
+ * @param dnskey_rrset: DNSKEY rrset.
+ * @param dnskey_idx: index of RR in rrset.
+ * @param ds_rrset: DS rrset
+ * @param ds_idx: index of RR in DS rrset.
+ * @return true if it matches, false on error, not supported or no match.
+ */
+int ds_digest_match_dnskey(struct module_env* env,
+ struct ub_packed_rrset_key* dnskey_rrset, size_t dnskey_idx,
+ struct ub_packed_rrset_key* ds_rrset, size_t ds_idx);
+
+/**
+ * Get dnskey keytag, footprint value
+ * @param dnskey_rrset: DNSKEY rrset.
+ * @param dnskey_idx: index of RR in rrset.
+ * @return the keytag or 0 for badly formatted DNSKEYs.
+ */
+uint16_t dnskey_calc_keytag(struct ub_packed_rrset_key* dnskey_rrset,
+ size_t dnskey_idx);
+
+/**
+ * Get DS keytag, footprint value that matches the DNSKEY keytag it signs.
+ * @param ds_rrset: DS rrset
+ * @param ds_idx: index of RR in DS rrset.
+ * @return the keytag or 0 for badly formatted DSs.
+ */
+uint16_t ds_get_keytag(struct ub_packed_rrset_key* ds_rrset, size_t ds_idx);
+
+/**
+ * See if DNSKEY algorithm is supported
+ * @param dnskey_rrset: DNSKEY rrset.
+ * @param dnskey_idx: index of RR in rrset.
+ * @return true if supported.
+ */
+int dnskey_algo_is_supported(struct ub_packed_rrset_key* dnskey_rrset,
+ size_t dnskey_idx);
+
+/**
+ * See if DS digest algorithm is supported
+ * @param ds_rrset: DS rrset
+ * @param ds_idx: index of RR in DS rrset.
+ * @return true if supported.
+ */
+int ds_digest_algo_is_supported(struct ub_packed_rrset_key* ds_rrset,
+ size_t ds_idx);
+
+/**
+ * Get DS RR digest algorithm
+ * @param ds_rrset: DS rrset.
+ * @param ds_idx: which DS.
+ * @return algorithm or 0 if DS too short.
+ */
+int ds_get_digest_algo(struct ub_packed_rrset_key* ds_rrset, size_t ds_idx);
+
+/**
+ * See if DS key algorithm is supported
+ * @param ds_rrset: DS rrset
+ * @param ds_idx: index of RR in DS rrset.
+ * @return true if supported.
+ */
+int ds_key_algo_is_supported(struct ub_packed_rrset_key* ds_rrset,
+ size_t ds_idx);
+
+/**
+ * Get DS RR key algorithm. This value should match with the DNSKEY algo.
+ * @param k: DS rrset.
+ * @param idx: which DS.
+ * @return algorithm or 0 if DS too short.
+ */
+int ds_get_key_algo(struct ub_packed_rrset_key* k, size_t idx);
+
+/**
+ * Get DNSKEY RR signature algorithm
+ * @param k: DNSKEY rrset.
+ * @param idx: which DNSKEY RR.
+ * @return algorithm or 0 if DNSKEY too short.
+ */
+int dnskey_get_algo(struct ub_packed_rrset_key* k, size_t idx);
+
+/**
+ * Get DNSKEY RR flags
+ * @param k: DNSKEY rrset.
+ * @param idx: which DNSKEY RR.
+ * @return flags or 0 if DNSKEY too short.
+ */
+uint16_t dnskey_get_flags(struct ub_packed_rrset_key* k, size_t idx);
+
+/**
+ * Verify rrset against dnskey rrset.
+ * @param env: module environment, scratch space is used.
+ * @param ve: validator environment, date settings.
+ * @param rrset: to be validated.
+ * @param dnskey: DNSKEY rrset, keyset to try.
+ * @param sigalg: if nonNULL provide downgrade protection otherwise one
+ * algorithm is enough.
+ * @param reason: if bogus, a string returned, fixed or alloced in scratch.
+ * @return SECURE if one key in the set verifies one rrsig.
+ * UNCHECKED on allocation errors, unsupported algorithms, malformed data,
+ * and BOGUS on verification failures (no keys match any signatures).
+ */
+enum sec_status dnskeyset_verify_rrset(struct module_env* env,
+ struct val_env* ve, struct ub_packed_rrset_key* rrset,
+ struct ub_packed_rrset_key* dnskey, uint8_t* sigalg, char** reason);
+
+/**
+ * verify rrset against one specific dnskey (from rrset)
+ * @param env: module environment, scratch space is used.
+ * @param ve: validator environment, date settings.
+ * @param rrset: to be validated.
+ * @param dnskey: DNSKEY rrset, keyset.
+ * @param dnskey_idx: which key from the rrset to try.
+ * @param reason: if bogus, a string returned, fixed or alloced in scratch.
+ * @return secure if *this* key signs any of the signatures on rrset.
+ * unchecked on error or and bogus on bad signature.
+ */
+enum sec_status dnskey_verify_rrset(struct module_env* env,
+ struct val_env* ve, struct ub_packed_rrset_key* rrset,
+ struct ub_packed_rrset_key* dnskey, size_t dnskey_idx, char** reason);
+
+/**
+ * verify rrset, with dnskey rrset, for a specific rrsig in rrset
+ * @param env: module environment, scratch space is used.
+ * @param ve: validator environment, date settings.
+ * @param now: current time for validation (can be overridden).
+ * @param rrset: to be validated.
+ * @param dnskey: DNSKEY rrset, keyset to try.
+ * @param sig_idx: which signature to try to validate.
+ * @param sortree: reused sorted order. Stored in region. Pass NULL at start,
+ * and for a new rrset.
+ * @param reason: if bogus, a string returned, fixed or alloced in scratch.
+ * @return secure if any key signs *this* signature. bogus if no key signs it,
+ * or unchecked on error.
+ */
+enum sec_status dnskeyset_verify_rrset_sig(struct module_env* env,
+ struct val_env* ve, time_t now, struct ub_packed_rrset_key* rrset,
+ struct ub_packed_rrset_key* dnskey, size_t sig_idx,
+ struct rbtree_t** sortree, char** reason);
+
+/**
+ * verify rrset, with specific dnskey(from set), for a specific rrsig
+ * @param region: scratch region used for temporary allocation.
+ * @param buf: scratch buffer used for canonicalized rrset data.
+ * @param ve: validator environment, date settings.
+ * @param now: current time for validation (can be overridden).
+ * @param rrset: to be validated.
+ * @param dnskey: DNSKEY rrset, keyset.
+ * @param dnskey_idx: which key from the rrset to try.
+ * @param sig_idx: which signature to try to validate.
+ * @param sortree: pass NULL at start, the sorted rrset order is returned.
+ * pass it again for the same rrset.
+ * @param buf_canon: if true, the buffer is already canonical.
+ * pass false at start. pass old value only for same rrset and same
+ * signature (but perhaps different key) for reuse.
+ * @param reason: if bogus, a string returned, fixed or alloced in scratch.
+ * @return secure if this key signs this signature. unchecked on error or
+ * bogus if it did not validate.
+ */
+enum sec_status dnskey_verify_rrset_sig(struct regional* region,
+ struct sldns_buffer* buf, struct val_env* ve, time_t now,
+ struct ub_packed_rrset_key* rrset, struct ub_packed_rrset_key* dnskey,
+ size_t dnskey_idx, size_t sig_idx,
+ struct rbtree_t** sortree, int* buf_canon, char** reason);
+
+/**
+ * canonical compare for two tree entries
+ */
+int canonical_tree_compare(const void* k1, const void* k2);
+
+/**
+ * Compare two rrsets and see if they are the same, canonicalised.
+ * The rrsets are not altered.
+ * @param region: temporary region.
+ * @param k1: rrset1
+ * @param k2: rrset2
+ * @return true if equal.
+ */
+int rrset_canonical_equal(struct regional* region,
+ struct ub_packed_rrset_key* k1, struct ub_packed_rrset_key* k2);
+
+#endif /* VALIDATOR_VAL_SIGCRYPT_H */
diff --git a/external/unbound/validator/val_utils.c b/external/unbound/validator/val_utils.c
new file mode 100644
index 000000000..ecf2dfaf0
--- /dev/null
+++ b/external/unbound/validator/val_utils.c
@@ -0,0 +1,1083 @@
+/*
+ * validator/val_utils.c - validator utility functions.
+ *
+ * Copyright (c) 2007, NLnet Labs. All rights reserved.
+ *
+ * This software is open source.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of the NLNET LABS nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/**
+ * \file
+ *
+ * This file contains helper functions for the validator module.
+ */
+#include "config.h"
+#include "validator/val_utils.h"
+#include "validator/validator.h"
+#include "validator/val_kentry.h"
+#include "validator/val_sigcrypt.h"
+#include "validator/val_anchor.h"
+#include "validator/val_nsec.h"
+#include "validator/val_neg.h"
+#include "services/cache/rrset.h"
+#include "services/cache/dns.h"
+#include "util/data/msgreply.h"
+#include "util/data/packed_rrset.h"
+#include "util/data/dname.h"
+#include "util/net_help.h"
+#include "util/module.h"
+#include "util/regional.h"
+
+enum val_classification
+val_classify_response(uint16_t query_flags, struct query_info* origqinf,
+ struct query_info* qinf, struct reply_info* rep, size_t skip)
+{
+ int rcode = (int)FLAGS_GET_RCODE(rep->flags);
+ size_t i;
+
+ /* Normal Name Error's are easy to detect -- but don't mistake a CNAME
+ * chain ending in NXDOMAIN. */
+ if(rcode == LDNS_RCODE_NXDOMAIN && rep->an_numrrsets == 0)
+ return VAL_CLASS_NAMEERROR;
+
+ /* check for referral: nonRD query and it looks like a nodata */
+ if(!(query_flags&BIT_RD) && rep->an_numrrsets == 0 &&
+ rcode == LDNS_RCODE_NOERROR) {
+ /* SOA record in auth indicates it is NODATA instead.
+ * All validation requiring NODATA messages have SOA in
+ * authority section. */
+ /* uses fact that answer section is empty */
+ int saw_ns = 0;
+ for(i=0; i<rep->ns_numrrsets; i++) {
+ if(ntohs(rep->rrsets[i]->rk.type) == LDNS_RR_TYPE_SOA)
+ return VAL_CLASS_NODATA;
+ if(ntohs(rep->rrsets[i]->rk.type) == LDNS_RR_TYPE_DS)
+ return VAL_CLASS_REFERRAL;
+ if(ntohs(rep->rrsets[i]->rk.type) == LDNS_RR_TYPE_NS)
+ saw_ns = 1;
+ }
+ return saw_ns?VAL_CLASS_REFERRAL:VAL_CLASS_NODATA;
+ }
+ /* root referral where NS set is in the answer section */
+ if(!(query_flags&BIT_RD) && rep->ns_numrrsets == 0 &&
+ rep->an_numrrsets == 1 && rcode == LDNS_RCODE_NOERROR &&
+ ntohs(rep->rrsets[0]->rk.type) == LDNS_RR_TYPE_NS &&
+ query_dname_compare(rep->rrsets[0]->rk.dname,
+ origqinf->qname) != 0)
+ return VAL_CLASS_REFERRAL;
+
+ /* dump bad messages */
+ if(rcode != LDNS_RCODE_NOERROR && rcode != LDNS_RCODE_NXDOMAIN)
+ return VAL_CLASS_UNKNOWN;
+ /* next check if the skip into the answer section shows no answer */
+ if(skip>0 && rep->an_numrrsets <= skip)
+ return VAL_CLASS_CNAMENOANSWER;
+
+ /* Next is NODATA */
+ if(rcode == LDNS_RCODE_NOERROR && rep->an_numrrsets == 0)
+ return VAL_CLASS_NODATA;
+
+ /* We distinguish between CNAME response and other positive/negative
+ * responses because CNAME answers require extra processing. */
+
+ /* We distinguish between ANY and CNAME or POSITIVE because
+ * ANY responses are validated differently. */
+ if(rcode == LDNS_RCODE_NOERROR && qinf->qtype == LDNS_RR_TYPE_ANY)
+ return VAL_CLASS_ANY;
+
+ /* Note that DNAMEs will be ignored here, unless qtype=DNAME. Unless
+ * qtype=CNAME, this will yield a CNAME response. */
+ for(i=skip; i<rep->an_numrrsets; i++) {
+ if(rcode == LDNS_RCODE_NOERROR &&
+ ntohs(rep->rrsets[i]->rk.type) == qinf->qtype)
+ return VAL_CLASS_POSITIVE;
+ if(ntohs(rep->rrsets[i]->rk.type) == LDNS_RR_TYPE_CNAME)
+ return VAL_CLASS_CNAME;
+ }
+ log_dns_msg("validator: error. failed to classify response message: ",
+ qinf, rep);
+ return VAL_CLASS_UNKNOWN;
+}
+
+/** Get signer name from RRSIG */
+static void
+rrsig_get_signer(uint8_t* data, size_t len, uint8_t** sname, size_t* slen)
+{
+ /* RRSIG rdata is not allowed to be compressed, it is stored
+ * uncompressed in memory as well, so return a ptr to the name */
+ if(len < 21) {
+ /* too short RRSig:
+ * short, byte, byte, long, long, long, short, "." is
+ * 2 1 1 4 4 4 2 1 = 19
+ * and a skip of 18 bytes to the name.
+ * +2 for the rdatalen is 21 bytes len for root label */
+ *sname = NULL;
+ *slen = 0;
+ return;
+ }
+ data += 20; /* skip the fixed size bits */
+ len -= 20;
+ *slen = dname_valid(data, len);
+ if(!*slen) {
+ /* bad dname in this rrsig. */
+ *sname = NULL;
+ return;
+ }
+ *sname = data;
+}
+
+void
+val_find_rrset_signer(struct ub_packed_rrset_key* rrset, uint8_t** sname,
+ size_t* slen)
+{
+ struct packed_rrset_data* d = (struct packed_rrset_data*)
+ rrset->entry.data;
+ /* return signer for first signature, or NULL */
+ if(d->rrsig_count == 0) {
+ *sname = NULL;
+ *slen = 0;
+ return;
+ }
+ /* get rrsig signer name out of the signature */
+ rrsig_get_signer(d->rr_data[d->count], d->rr_len[d->count],
+ sname, slen);
+}
+
+/**
+ * Find best signer name in this set of rrsigs.
+ * @param rrset: which rrsigs to look through.
+ * @param qinf: the query name that needs validation.
+ * @param signer_name: the best signer_name. Updated if a better one is found.
+ * @param signer_len: length of signer name.
+ * @param matchcount: count of current best name (starts at 0 for no match).
+ * Updated if match is improved.
+ */
+static void
+val_find_best_signer(struct ub_packed_rrset_key* rrset,
+ struct query_info* qinf, uint8_t** signer_name, size_t* signer_len,
+ int* matchcount)
+{
+ struct packed_rrset_data* d = (struct packed_rrset_data*)
+ rrset->entry.data;
+ uint8_t* sign;
+ size_t i;
+ int m;
+ for(i=d->count; i<d->count+d->rrsig_count; i++) {
+ sign = d->rr_data[i]+2+18;
+ /* look at signatures that are valid (long enough),
+ * and have a signer name that is a superdomain of qname,
+ * and then check the number of labels in the shared topdomain
+ * improve the match if possible */
+ if(d->rr_len[i] > 2+19 && /* rdata, sig + root label*/
+ dname_subdomain_c(qinf->qname, sign)) {
+ (void)dname_lab_cmp(qinf->qname,
+ dname_count_labels(qinf->qname),
+ sign, dname_count_labels(sign), &m);
+ if(m > *matchcount) {
+ *matchcount = m;
+ *signer_name = sign;
+ (void)dname_count_size_labels(*signer_name,
+ signer_len);
+ }
+ }
+ }
+}
+
+void
+val_find_signer(enum val_classification subtype, struct query_info* qinf,
+ struct reply_info* rep, size_t skip, uint8_t** signer_name,
+ size_t* signer_len)
+{
+ size_t i;
+
+ if(subtype == VAL_CLASS_POSITIVE || subtype == VAL_CLASS_ANY) {
+ /* check for the answer rrset */
+ for(i=skip; i<rep->an_numrrsets; i++) {
+ if(query_dname_compare(qinf->qname,
+ rep->rrsets[i]->rk.dname) == 0) {
+ val_find_rrset_signer(rep->rrsets[i],
+ signer_name, signer_len);
+ return;
+ }
+ }
+ *signer_name = NULL;
+ *signer_len = 0;
+ } else if(subtype == VAL_CLASS_CNAME) {
+ /* check for the first signed cname/dname rrset */
+ for(i=skip; i<rep->an_numrrsets; i++) {
+ val_find_rrset_signer(rep->rrsets[i],
+ signer_name, signer_len);
+ if(*signer_name)
+ return;
+ if(ntohs(rep->rrsets[i]->rk.type) != LDNS_RR_TYPE_DNAME)
+ break; /* only check CNAME after a DNAME */
+ }
+ *signer_name = NULL;
+ *signer_len = 0;
+ } else if(subtype == VAL_CLASS_NAMEERROR
+ || subtype == VAL_CLASS_NODATA) {
+ /*Check to see if the AUTH section NSEC record(s) have rrsigs*/
+ for(i=rep->an_numrrsets; i<
+ rep->an_numrrsets+rep->ns_numrrsets; i++) {
+ if(ntohs(rep->rrsets[i]->rk.type) == LDNS_RR_TYPE_NSEC
+ || ntohs(rep->rrsets[i]->rk.type) ==
+ LDNS_RR_TYPE_NSEC3) {
+ val_find_rrset_signer(rep->rrsets[i],
+ signer_name, signer_len);
+ return;
+ }
+ }
+ } else if(subtype == VAL_CLASS_CNAMENOANSWER) {
+ /* find closest superdomain signer name in authority section
+ * NSEC and NSEC3s */
+ int matchcount = 0;
+ *signer_name = NULL;
+ *signer_len = 0;
+ for(i=rep->an_numrrsets; i<rep->an_numrrsets+rep->
+ ns_numrrsets; i++) {
+ if(ntohs(rep->rrsets[i]->rk.type) == LDNS_RR_TYPE_NSEC
+ || ntohs(rep->rrsets[i]->rk.type) ==
+ LDNS_RR_TYPE_NSEC3) {
+ val_find_best_signer(rep->rrsets[i], qinf,
+ signer_name, signer_len, &matchcount);
+ }
+ }
+ } else if(subtype == VAL_CLASS_REFERRAL) {
+ /* find keys for the item at skip */
+ if(skip < rep->rrset_count) {
+ val_find_rrset_signer(rep->rrsets[skip],
+ signer_name, signer_len);
+ return;
+ }
+ *signer_name = NULL;
+ *signer_len = 0;
+ } else {
+ verbose(VERB_QUERY, "find_signer: could not find signer name"
+ " for unknown type response");
+ *signer_name = NULL;
+ *signer_len = 0;
+ }
+}
+
+/** return number of rrs in an rrset */
+static size_t
+rrset_get_count(struct ub_packed_rrset_key* rrset)
+{
+ struct packed_rrset_data* d = (struct packed_rrset_data*)
+ rrset->entry.data;
+ if(!d) return 0;
+ return d->count;
+}
+
+/** return TTL of rrset */
+static uint32_t
+rrset_get_ttl(struct ub_packed_rrset_key* rrset)
+{
+ struct packed_rrset_data* d = (struct packed_rrset_data*)
+ rrset->entry.data;
+ if(!d) return 0;
+ return d->ttl;
+}
+
+enum sec_status
+val_verify_rrset(struct module_env* env, struct val_env* ve,
+ struct ub_packed_rrset_key* rrset, struct ub_packed_rrset_key* keys,
+ uint8_t* sigalg, char** reason)
+{
+ enum sec_status sec;
+ struct packed_rrset_data* d = (struct packed_rrset_data*)rrset->
+ entry.data;
+ if(d->security == sec_status_secure) {
+ /* re-verify all other statuses, because keyset may change*/
+ log_nametypeclass(VERB_ALGO, "verify rrset cached",
+ rrset->rk.dname, ntohs(rrset->rk.type),
+ ntohs(rrset->rk.rrset_class));
+ return d->security;
+ }
+ /* check in the cache if verification has already been done */
+ rrset_check_sec_status(env->rrset_cache, rrset, *env->now);
+ if(d->security == sec_status_secure) {
+ log_nametypeclass(VERB_ALGO, "verify rrset from cache",
+ rrset->rk.dname, ntohs(rrset->rk.type),
+ ntohs(rrset->rk.rrset_class));
+ return d->security;
+ }
+ log_nametypeclass(VERB_ALGO, "verify rrset", rrset->rk.dname,
+ ntohs(rrset->rk.type), ntohs(rrset->rk.rrset_class));
+ sec = dnskeyset_verify_rrset(env, ve, rrset, keys, sigalg, reason);
+ verbose(VERB_ALGO, "verify result: %s", sec_status_to_string(sec));
+ regional_free_all(env->scratch);
+
+ /* update rrset security status
+ * only improves security status
+ * and bogus is set only once, even if we rechecked the status */
+ if(sec > d->security) {
+ d->security = sec;
+ if(sec == sec_status_secure)
+ d->trust = rrset_trust_validated;
+ else if(sec == sec_status_bogus) {
+ size_t i;
+ /* update ttl for rrset to fixed value. */
+ d->ttl = ve->bogus_ttl;
+ for(i=0; i<d->count+d->rrsig_count; i++)
+ d->rr_ttl[i] = ve->bogus_ttl;
+ /* leave RR specific TTL: not used for determine
+ * if RRset timed out and clients see proper value. */
+ lock_basic_lock(&ve->bogus_lock);
+ ve->num_rrset_bogus++;
+ lock_basic_unlock(&ve->bogus_lock);
+ }
+ /* if status updated - store in cache for reuse */
+ rrset_update_sec_status(env->rrset_cache, rrset, *env->now);
+ }
+
+ return sec;
+}
+
+enum sec_status
+val_verify_rrset_entry(struct module_env* env, struct val_env* ve,
+ struct ub_packed_rrset_key* rrset, struct key_entry_key* kkey,
+ char** reason)
+{
+ /* temporary dnskey rrset-key */
+ struct ub_packed_rrset_key dnskey;
+ struct key_entry_data* kd = (struct key_entry_data*)kkey->entry.data;
+ enum sec_status sec;
+ dnskey.rk.type = htons(kd->rrset_type);
+ dnskey.rk.rrset_class = htons(kkey->key_class);
+ dnskey.rk.flags = 0;
+ dnskey.rk.dname = kkey->name;
+ dnskey.rk.dname_len = kkey->namelen;
+ dnskey.entry.key = &dnskey;
+ dnskey.entry.data = kd->rrset_data;
+ sec = val_verify_rrset(env, ve, rrset, &dnskey, kd->algo, reason);
+ return sec;
+}
+
+/** verify that a DS RR hashes to a key and that key signs the set */
+static enum sec_status
+verify_dnskeys_with_ds_rr(struct module_env* env, struct val_env* ve,
+ struct ub_packed_rrset_key* dnskey_rrset,
+ struct ub_packed_rrset_key* ds_rrset, size_t ds_idx, char** reason)
+{
+ enum sec_status sec = sec_status_bogus;
+ size_t i, num, numchecked = 0, numhashok = 0;
+ num = rrset_get_count(dnskey_rrset);
+ for(i=0; i<num; i++) {
+ /* Skip DNSKEYs that don't match the basic criteria. */
+ if(ds_get_key_algo(ds_rrset, ds_idx)
+ != dnskey_get_algo(dnskey_rrset, i)
+ || dnskey_calc_keytag(dnskey_rrset, i)
+ != ds_get_keytag(ds_rrset, ds_idx)) {
+ continue;
+ }
+ numchecked++;
+ verbose(VERB_ALGO, "attempt DS match algo %d keytag %d",
+ ds_get_key_algo(ds_rrset, ds_idx),
+ ds_get_keytag(ds_rrset, ds_idx));
+
+ /* Convert the candidate DNSKEY into a hash using the
+ * same DS hash algorithm. */
+ if(!ds_digest_match_dnskey(env, dnskey_rrset, i, ds_rrset,
+ ds_idx)) {
+ verbose(VERB_ALGO, "DS match attempt failed");
+ continue;
+ }
+ numhashok++;
+ verbose(VERB_ALGO, "DS match digest ok, trying signature");
+
+ /* Otherwise, we have a match! Make sure that the DNSKEY
+ * verifies *with this key* */
+ sec = dnskey_verify_rrset(env, ve, dnskey_rrset,
+ dnskey_rrset, i, reason);
+ if(sec == sec_status_secure) {
+ return sec;
+ }
+ /* If it didn't validate with the DNSKEY, try the next one! */
+ }
+ if(numchecked == 0)
+ algo_needs_reason(env, ds_get_key_algo(ds_rrset, ds_idx),
+ reason, "no keys have a DS");
+ else if(numhashok == 0)
+ *reason = "DS hash mismatches key";
+ else if(!*reason)
+ *reason = "keyset not secured by DNSKEY that matches DS";
+ return sec_status_bogus;
+}
+
+int val_favorite_ds_algo(struct ub_packed_rrset_key* ds_rrset)
+{
+ size_t i, num = rrset_get_count(ds_rrset);
+ int d, digest_algo = 0; /* DS digest algo 0 is not used. */
+ /* find favorite algo, for now, highest number supported */
+ for(i=0; i<num; i++) {
+ if(!ds_digest_algo_is_supported(ds_rrset, i) ||
+ !ds_key_algo_is_supported(ds_rrset, i)) {
+ continue;
+ }
+ d = ds_get_digest_algo(ds_rrset, i);
+ if(d > digest_algo)
+ digest_algo = d;
+ }
+ return digest_algo;
+}
+
+enum sec_status
+val_verify_DNSKEY_with_DS(struct module_env* env, struct val_env* ve,
+ struct ub_packed_rrset_key* dnskey_rrset,
+ struct ub_packed_rrset_key* ds_rrset, uint8_t* sigalg, char** reason)
+{
+ /* as long as this is false, we can consider this DS rrset to be
+ * equivalent to no DS rrset. */
+ int has_useful_ds = 0, digest_algo, alg;
+ struct algo_needs needs;
+ size_t i, num;
+ enum sec_status sec;
+
+ if(dnskey_rrset->rk.dname_len != ds_rrset->rk.dname_len ||
+ query_dname_compare(dnskey_rrset->rk.dname, ds_rrset->rk.dname)
+ != 0) {
+ verbose(VERB_QUERY, "DNSKEY RRset did not match DS RRset "
+ "by name");
+ *reason = "DNSKEY RRset did not match DS RRset by name";
+ return sec_status_bogus;
+ }
+
+ digest_algo = val_favorite_ds_algo(ds_rrset);
+ if(sigalg)
+ algo_needs_init_ds(&needs, ds_rrset, digest_algo, sigalg);
+ num = rrset_get_count(ds_rrset);
+ for(i=0; i<num; i++) {
+ /* Check to see if we can understand this DS.
+ * And check it is the strongest digest */
+ if(!ds_digest_algo_is_supported(ds_rrset, i) ||
+ !ds_key_algo_is_supported(ds_rrset, i) ||
+ ds_get_digest_algo(ds_rrset, i) != digest_algo) {
+ continue;
+ }
+
+ /* Once we see a single DS with a known digestID and
+ * algorithm, we cannot return INSECURE (with a
+ * "null" KeyEntry). */
+ has_useful_ds = 1;
+
+ sec = verify_dnskeys_with_ds_rr(env, ve, dnskey_rrset,
+ ds_rrset, i, reason);
+ if(sec == sec_status_secure) {
+ if(!sigalg || algo_needs_set_secure(&needs,
+ (uint8_t)ds_get_key_algo(ds_rrset, i))) {
+ verbose(VERB_ALGO, "DS matched DNSKEY.");
+ return sec_status_secure;
+ }
+ } else if(sigalg && sec == sec_status_bogus) {
+ algo_needs_set_bogus(&needs,
+ (uint8_t)ds_get_key_algo(ds_rrset, i));
+ }
+ }
+
+ /* None of the DS's worked out. */
+
+ /* If no DSs were understandable, then this is OK. */
+ if(!has_useful_ds) {
+ verbose(VERB_ALGO, "No usable DS records were found -- "
+ "treating as insecure.");
+ return sec_status_insecure;
+ }
+ /* If any were understandable, then it is bad. */
+ verbose(VERB_QUERY, "Failed to match any usable DS to a DNSKEY.");
+ if(sigalg && (alg=algo_needs_missing(&needs)) != 0) {
+ algo_needs_reason(env, alg, reason, "missing verification of "
+ "DNSKEY signature");
+ }
+ return sec_status_bogus;
+}
+
+struct key_entry_key*
+val_verify_new_DNSKEYs(struct regional* region, struct module_env* env,
+ struct val_env* ve, struct ub_packed_rrset_key* dnskey_rrset,
+ struct ub_packed_rrset_key* ds_rrset, int downprot, char** reason)
+{
+ uint8_t sigalg[ALGO_NEEDS_MAX+1];
+ enum sec_status sec = val_verify_DNSKEY_with_DS(env, ve,
+ dnskey_rrset, ds_rrset, downprot?sigalg:NULL, reason);
+
+ if(sec == sec_status_secure) {
+ return key_entry_create_rrset(region,
+ ds_rrset->rk.dname, ds_rrset->rk.dname_len,
+ ntohs(ds_rrset->rk.rrset_class), dnskey_rrset,
+ downprot?sigalg:NULL, *env->now);
+ } else if(sec == sec_status_insecure) {
+ return key_entry_create_null(region, ds_rrset->rk.dname,
+ ds_rrset->rk.dname_len,
+ ntohs(ds_rrset->rk.rrset_class),
+ rrset_get_ttl(ds_rrset), *env->now);
+ }
+ return key_entry_create_bad(region, ds_rrset->rk.dname,
+ ds_rrset->rk.dname_len, ntohs(ds_rrset->rk.rrset_class),
+ BOGUS_KEY_TTL, *env->now);
+}
+
+enum sec_status
+val_verify_DNSKEY_with_TA(struct module_env* env, struct val_env* ve,
+ struct ub_packed_rrset_key* dnskey_rrset,
+ struct ub_packed_rrset_key* ta_ds,
+ struct ub_packed_rrset_key* ta_dnskey, uint8_t* sigalg, char** reason)
+{
+ /* as long as this is false, we can consider this anchor to be
+ * equivalent to no anchor. */
+ int has_useful_ta = 0, digest_algo = 0, alg;
+ struct algo_needs needs;
+ size_t i, num;
+ enum sec_status sec;
+
+ if(ta_ds && (dnskey_rrset->rk.dname_len != ta_ds->rk.dname_len ||
+ query_dname_compare(dnskey_rrset->rk.dname, ta_ds->rk.dname)
+ != 0)) {
+ verbose(VERB_QUERY, "DNSKEY RRset did not match DS RRset "
+ "by name");
+ *reason = "DNSKEY RRset did not match DS RRset by name";
+ return sec_status_bogus;
+ }
+ if(ta_dnskey && (dnskey_rrset->rk.dname_len != ta_dnskey->rk.dname_len
+ || query_dname_compare(dnskey_rrset->rk.dname, ta_dnskey->rk.dname)
+ != 0)) {
+ verbose(VERB_QUERY, "DNSKEY RRset did not match anchor RRset "
+ "by name");
+ *reason = "DNSKEY RRset did not match anchor RRset by name";
+ return sec_status_bogus;
+ }
+
+ if(ta_ds)
+ digest_algo = val_favorite_ds_algo(ta_ds);
+ if(sigalg) {
+ if(ta_ds)
+ algo_needs_init_ds(&needs, ta_ds, digest_algo, sigalg);
+ else memset(&needs, 0, sizeof(needs));
+ if(ta_dnskey)
+ algo_needs_init_dnskey_add(&needs, ta_dnskey, sigalg);
+ }
+ if(ta_ds) {
+ num = rrset_get_count(ta_ds);
+ for(i=0; i<num; i++) {
+ /* Check to see if we can understand this DS.
+ * And check it is the strongest digest */
+ if(!ds_digest_algo_is_supported(ta_ds, i) ||
+ !ds_key_algo_is_supported(ta_ds, i) ||
+ ds_get_digest_algo(ta_ds, i) != digest_algo)
+ continue;
+
+ /* Once we see a single DS with a known digestID and
+ * algorithm, we cannot return INSECURE (with a
+ * "null" KeyEntry). */
+ has_useful_ta = 1;
+
+ sec = verify_dnskeys_with_ds_rr(env, ve, dnskey_rrset,
+ ta_ds, i, reason);
+ if(sec == sec_status_secure) {
+ if(!sigalg || algo_needs_set_secure(&needs,
+ (uint8_t)ds_get_key_algo(ta_ds, i))) {
+ verbose(VERB_ALGO, "DS matched DNSKEY.");
+ return sec_status_secure;
+ }
+ } else if(sigalg && sec == sec_status_bogus) {
+ algo_needs_set_bogus(&needs,
+ (uint8_t)ds_get_key_algo(ta_ds, i));
+ }
+ }
+ }
+
+ /* None of the DS's worked out: check the DNSKEYs. */
+ if(ta_dnskey) {
+ num = rrset_get_count(ta_dnskey);
+ for(i=0; i<num; i++) {
+ /* Check to see if we can understand this DNSKEY */
+ if(!dnskey_algo_is_supported(ta_dnskey, i))
+ continue;
+
+ /* we saw a useful TA */
+ has_useful_ta = 1;
+
+ sec = dnskey_verify_rrset(env, ve, dnskey_rrset,
+ ta_dnskey, i, reason);
+ if(sec == sec_status_secure) {
+ if(!sigalg || algo_needs_set_secure(&needs,
+ (uint8_t)dnskey_get_algo(ta_dnskey, i))) {
+ verbose(VERB_ALGO, "anchor matched DNSKEY.");
+ return sec_status_secure;
+ }
+ } else if(sigalg && sec == sec_status_bogus) {
+ algo_needs_set_bogus(&needs,
+ (uint8_t)dnskey_get_algo(ta_dnskey, i));
+ }
+ }
+ }
+
+ /* If no DSs were understandable, then this is OK. */
+ if(!has_useful_ta) {
+ verbose(VERB_ALGO, "No usable trust anchors were found -- "
+ "treating as insecure.");
+ return sec_status_insecure;
+ }
+ /* If any were understandable, then it is bad. */
+ verbose(VERB_QUERY, "Failed to match any usable anchor to a DNSKEY.");
+ if(sigalg && (alg=algo_needs_missing(&needs)) != 0) {
+ algo_needs_reason(env, alg, reason, "missing verification of "
+ "DNSKEY signature");
+ }
+ return sec_status_bogus;
+}
+
+struct key_entry_key*
+val_verify_new_DNSKEYs_with_ta(struct regional* region, struct module_env* env,
+ struct val_env* ve, struct ub_packed_rrset_key* dnskey_rrset,
+ struct ub_packed_rrset_key* ta_ds_rrset,
+ struct ub_packed_rrset_key* ta_dnskey_rrset, int downprot,
+ char** reason)
+{
+ uint8_t sigalg[ALGO_NEEDS_MAX+1];
+ enum sec_status sec = val_verify_DNSKEY_with_TA(env, ve,
+ dnskey_rrset, ta_ds_rrset, ta_dnskey_rrset,
+ downprot?sigalg:NULL, reason);
+
+ if(sec == sec_status_secure) {
+ return key_entry_create_rrset(region,
+ dnskey_rrset->rk.dname, dnskey_rrset->rk.dname_len,
+ ntohs(dnskey_rrset->rk.rrset_class), dnskey_rrset,
+ downprot?sigalg:NULL, *env->now);
+ } else if(sec == sec_status_insecure) {
+ return key_entry_create_null(region, dnskey_rrset->rk.dname,
+ dnskey_rrset->rk.dname_len,
+ ntohs(dnskey_rrset->rk.rrset_class),
+ rrset_get_ttl(dnskey_rrset), *env->now);
+ }
+ return key_entry_create_bad(region, dnskey_rrset->rk.dname,
+ dnskey_rrset->rk.dname_len, ntohs(dnskey_rrset->rk.rrset_class),
+ BOGUS_KEY_TTL, *env->now);
+}
+
+int
+val_dsset_isusable(struct ub_packed_rrset_key* ds_rrset)
+{
+ size_t i;
+ for(i=0; i<rrset_get_count(ds_rrset); i++) {
+ if(ds_digest_algo_is_supported(ds_rrset, i) &&
+ ds_key_algo_is_supported(ds_rrset, i))
+ return 1;
+ }
+ return 0;
+}
+
+/** get label count for a signature */
+static uint8_t
+rrsig_get_labcount(struct packed_rrset_data* d, size_t sig)
+{
+ if(d->rr_len[sig] < 2+4)
+ return 0; /* bad sig length */
+ return d->rr_data[sig][2+3];
+}
+
+int
+val_rrset_wildcard(struct ub_packed_rrset_key* rrset, uint8_t** wc)
+{
+ struct packed_rrset_data* d = (struct packed_rrset_data*)rrset->
+ entry.data;
+ uint8_t labcount;
+ int labdiff;
+ uint8_t* wn;
+ size_t i, wl;
+ if(d->rrsig_count == 0) {
+ return 1;
+ }
+ labcount = rrsig_get_labcount(d, d->count + 0);
+ /* check rest of signatures identical */
+ for(i=1; i<d->rrsig_count; i++) {
+ if(labcount != rrsig_get_labcount(d, d->count + i)) {
+ return 0;
+ }
+ }
+ /* OK the rrsigs check out */
+ /* if the RRSIG label count is shorter than the number of actual
+ * labels, then this rrset was synthesized from a wildcard.
+ * Note that the RRSIG label count doesn't count the root label. */
+ wn = rrset->rk.dname;
+ wl = rrset->rk.dname_len;
+ /* skip a leading wildcard label in the dname (RFC4035 2.2) */
+ if(dname_is_wild(wn)) {
+ wn += 2;
+ wl -= 2;
+ }
+ labdiff = (dname_count_labels(wn) - 1) - (int)labcount;
+ if(labdiff > 0) {
+ *wc = wn;
+ dname_remove_labels(wc, &wl, labdiff);
+ return 1;
+ }
+ return 1;
+}
+
+int
+val_chase_cname(struct query_info* qchase, struct reply_info* rep,
+ size_t* cname_skip) {
+ size_t i;
+ /* skip any DNAMEs, go to the CNAME for next part */
+ for(i = *cname_skip; i < rep->an_numrrsets; i++) {
+ if(ntohs(rep->rrsets[i]->rk.type) == LDNS_RR_TYPE_CNAME &&
+ query_dname_compare(qchase->qname, rep->rrsets[i]->
+ rk.dname) == 0) {
+ qchase->qname = NULL;
+ get_cname_target(rep->rrsets[i], &qchase->qname,
+ &qchase->qname_len);
+ if(!qchase->qname)
+ return 0; /* bad CNAME rdata */
+ (*cname_skip) = i+1;
+ return 1;
+ }
+ }
+ return 0; /* CNAME classified but no matching CNAME ?! */
+}
+
+/** see if rrset has signer name as one of the rrsig signers */
+static int
+rrset_has_signer(struct ub_packed_rrset_key* rrset, uint8_t* name, size_t len)
+{
+ struct packed_rrset_data* d = (struct packed_rrset_data*)rrset->
+ entry.data;
+ size_t i;
+ for(i = d->count; i< d->count+d->rrsig_count; i++) {
+ if(d->rr_len[i] > 2+18+len) {
+ /* at least rdatalen + signature + signame (+1 sig)*/
+ if(!dname_valid(d->rr_data[i]+2+18, d->rr_len[i]-2-18))
+ continue;
+ if(query_dname_compare(name, d->rr_data[i]+2+18) == 0)
+ {
+ return 1;
+ }
+ }
+ }
+ return 0;
+}
+
+void
+val_fill_reply(struct reply_info* chase, struct reply_info* orig,
+ size_t skip, uint8_t* name, size_t len, uint8_t* signer)
+{
+ size_t i;
+ int seen_dname = 0;
+ chase->rrset_count = 0;
+ chase->an_numrrsets = 0;
+ chase->ns_numrrsets = 0;
+ chase->ar_numrrsets = 0;
+ /* ANSWER section */
+ for(i=skip; i<orig->an_numrrsets; i++) {
+ if(!signer) {
+ if(query_dname_compare(name,
+ orig->rrsets[i]->rk.dname) == 0)
+ chase->rrsets[chase->an_numrrsets++] =
+ orig->rrsets[i];
+ } else if(seen_dname && ntohs(orig->rrsets[i]->rk.type) ==
+ LDNS_RR_TYPE_CNAME) {
+ chase->rrsets[chase->an_numrrsets++] = orig->rrsets[i];
+ seen_dname = 0;
+ } else if(rrset_has_signer(orig->rrsets[i], name, len)) {
+ chase->rrsets[chase->an_numrrsets++] = orig->rrsets[i];
+ if(ntohs(orig->rrsets[i]->rk.type) ==
+ LDNS_RR_TYPE_DNAME) {
+ seen_dname = 1;
+ }
+ }
+ }
+ /* AUTHORITY section */
+ for(i = (skip > orig->an_numrrsets)?skip:orig->an_numrrsets;
+ i<orig->an_numrrsets+orig->ns_numrrsets;
+ i++) {
+ if(!signer) {
+ if(query_dname_compare(name,
+ orig->rrsets[i]->rk.dname) == 0)
+ chase->rrsets[chase->an_numrrsets+
+ chase->ns_numrrsets++] = orig->rrsets[i];
+ } else if(rrset_has_signer(orig->rrsets[i], name, len)) {
+ chase->rrsets[chase->an_numrrsets+
+ chase->ns_numrrsets++] = orig->rrsets[i];
+ }
+ }
+ /* ADDITIONAL section */
+ for(i= (skip>orig->an_numrrsets+orig->ns_numrrsets)?
+ skip:orig->an_numrrsets+orig->ns_numrrsets;
+ i<orig->rrset_count; i++) {
+ if(!signer) {
+ if(query_dname_compare(name,
+ orig->rrsets[i]->rk.dname) == 0)
+ chase->rrsets[chase->an_numrrsets
+ +orig->ns_numrrsets+chase->ar_numrrsets++]
+ = orig->rrsets[i];
+ } else if(rrset_has_signer(orig->rrsets[i], name, len)) {
+ chase->rrsets[chase->an_numrrsets+orig->ns_numrrsets+
+ chase->ar_numrrsets++] = orig->rrsets[i];
+ }
+ }
+ chase->rrset_count = chase->an_numrrsets + chase->ns_numrrsets +
+ chase->ar_numrrsets;
+}
+
+void
+val_check_nonsecure(struct val_env* ve, struct reply_info* rep)
+{
+ size_t i;
+ /* authority */
+ for(i=rep->an_numrrsets; i<rep->an_numrrsets+rep->ns_numrrsets; i++) {
+ if(((struct packed_rrset_data*)rep->rrsets[i]->entry.data)
+ ->security != sec_status_secure) {
+ /* because we want to return the authentic original
+ * message when presented with CD-flagged queries,
+ * we need to preserve AUTHORITY section data.
+ * However, this rrset is not signed or signed
+ * with the wrong keys. Validation has tried to
+ * verify this rrset with the keysets of import.
+ * But this rrset did not verify.
+ * Therefore the message is bogus.
+ */
+
+ /* check if authority consists of only an NS record
+ * which is bad, and there is an answer section with
+ * data. In that case, delete NS and additional to
+ * be lenient and make a minimal response */
+ if(rep->an_numrrsets != 0 && rep->ns_numrrsets == 1 &&
+ ntohs(rep->rrsets[i]->rk.type)
+ == LDNS_RR_TYPE_NS) {
+ verbose(VERB_ALGO, "truncate to minimal");
+ rep->ns_numrrsets = 0;
+ rep->ar_numrrsets = 0;
+ rep->rrset_count = rep->an_numrrsets;
+ return;
+ }
+
+ log_nametypeclass(VERB_QUERY, "message is bogus, "
+ "non secure rrset",
+ rep->rrsets[i]->rk.dname,
+ ntohs(rep->rrsets[i]->rk.type),
+ ntohs(rep->rrsets[i]->rk.rrset_class));
+ rep->security = sec_status_bogus;
+ return;
+ }
+ }
+ /* additional */
+ if(!ve->clean_additional)
+ return;
+ for(i=rep->an_numrrsets+rep->ns_numrrsets; i<rep->rrset_count; i++) {
+ if(((struct packed_rrset_data*)rep->rrsets[i]->entry.data)
+ ->security != sec_status_secure) {
+ /* This does not cause message invalidation. It was
+ * simply unsigned data in the additional. The
+ * RRSIG must have been truncated off the message.
+ *
+ * However, we do not want to return possible bogus
+ * data to clients that rely on this service for
+ * their authentication.
+ */
+ /* remove this unneeded additional rrset */
+ memmove(rep->rrsets+i, rep->rrsets+i+1,
+ sizeof(struct ub_packed_rrset_key*)*
+ (rep->rrset_count - i - 1));
+ rep->ar_numrrsets--;
+ rep->rrset_count--;
+ i--;
+ }
+ }
+}
+
+/** check no anchor and unlock */
+static int
+check_no_anchor(struct val_anchors* anchors, uint8_t* nm, size_t l, uint16_t c)
+{
+ struct trust_anchor* ta;
+ if((ta=anchors_lookup(anchors, nm, l, c))) {
+ lock_basic_unlock(&ta->lock);
+ }
+ return !ta;
+}
+
+void
+val_mark_indeterminate(struct reply_info* rep, struct val_anchors* anchors,
+ struct rrset_cache* r, struct module_env* env)
+{
+ size_t i;
+ struct packed_rrset_data* d;
+ for(i=0; i<rep->rrset_count; i++) {
+ d = (struct packed_rrset_data*)rep->rrsets[i]->entry.data;
+ if(d->security == sec_status_unchecked &&
+ check_no_anchor(anchors, rep->rrsets[i]->rk.dname,
+ rep->rrsets[i]->rk.dname_len,
+ ntohs(rep->rrsets[i]->rk.rrset_class)))
+ {
+ /* mark as indeterminate */
+ d->security = sec_status_indeterminate;
+ rrset_update_sec_status(r, rep->rrsets[i], *env->now);
+ }
+ }
+}
+
+void
+val_mark_insecure(struct reply_info* rep, uint8_t* kname,
+ struct rrset_cache* r, struct module_env* env)
+{
+ size_t i;
+ struct packed_rrset_data* d;
+ for(i=0; i<rep->rrset_count; i++) {
+ d = (struct packed_rrset_data*)rep->rrsets[i]->entry.data;
+ if(d->security == sec_status_unchecked &&
+ dname_subdomain_c(rep->rrsets[i]->rk.dname, kname)) {
+ /* mark as insecure */
+ d->security = sec_status_insecure;
+ rrset_update_sec_status(r, rep->rrsets[i], *env->now);
+ }
+ }
+}
+
+size_t
+val_next_unchecked(struct reply_info* rep, size_t skip)
+{
+ size_t i;
+ struct packed_rrset_data* d;
+ for(i=skip+1; i<rep->rrset_count; i++) {
+ d = (struct packed_rrset_data*)rep->rrsets[i]->entry.data;
+ if(d->security == sec_status_unchecked) {
+ return i;
+ }
+ }
+ return rep->rrset_count;
+}
+
+const char*
+val_classification_to_string(enum val_classification subtype)
+{
+ switch(subtype) {
+ case VAL_CLASS_UNTYPED: return "untyped";
+ case VAL_CLASS_UNKNOWN: return "unknown";
+ case VAL_CLASS_POSITIVE: return "positive";
+ case VAL_CLASS_CNAME: return "cname";
+ case VAL_CLASS_NODATA: return "nodata";
+ case VAL_CLASS_NAMEERROR: return "nameerror";
+ case VAL_CLASS_CNAMENOANSWER: return "cnamenoanswer";
+ case VAL_CLASS_REFERRAL: return "referral";
+ case VAL_CLASS_ANY: return "qtype_any";
+ default:
+ return "bad_val_classification";
+ }
+}
+
+/** log a sock_list entry */
+static void
+sock_list_logentry(enum verbosity_value v, const char* s, struct sock_list* p)
+{
+ if(p->len)
+ log_addr(v, s, &p->addr, p->len);
+ else verbose(v, "%s cache", s);
+}
+
+void val_blacklist(struct sock_list** blacklist, struct regional* region,
+ struct sock_list* origin, int cross)
+{
+ /* debug printout */
+ if(verbosity >= VERB_ALGO) {
+ struct sock_list* p;
+ for(p=*blacklist; p; p=p->next)
+ sock_list_logentry(VERB_ALGO, "blacklist", p);
+ if(!origin)
+ verbose(VERB_ALGO, "blacklist add: cache");
+ for(p=origin; p; p=p->next)
+ sock_list_logentry(VERB_ALGO, "blacklist add", p);
+ }
+ /* blacklist the IPs or the cache */
+ if(!origin) {
+ /* only add if nothing there. anything else also stops cache*/
+ if(!*blacklist)
+ sock_list_insert(blacklist, NULL, 0, region);
+ } else if(!cross)
+ sock_list_prepend(blacklist, origin);
+ else sock_list_merge(blacklist, region, origin);
+}
+
+int val_has_signed_nsecs(struct reply_info* rep, char** reason)
+{
+ size_t i, num_nsec = 0, num_nsec3 = 0;
+ struct packed_rrset_data* d;
+ for(i=rep->an_numrrsets; i<rep->an_numrrsets+rep->ns_numrrsets; i++) {
+ if(rep->rrsets[i]->rk.type == htons(LDNS_RR_TYPE_NSEC))
+ num_nsec++;
+ else if(rep->rrsets[i]->rk.type == htons(LDNS_RR_TYPE_NSEC3))
+ num_nsec3++;
+ else continue;
+ d = (struct packed_rrset_data*)rep->rrsets[i]->entry.data;
+ if(d && d->rrsig_count != 0) {
+ return 1;
+ }
+ }
+ if(num_nsec == 0 && num_nsec3 == 0)
+ *reason = "no DNSSEC records";
+ else if(num_nsec != 0)
+ *reason = "no signatures over NSECs";
+ else *reason = "no signatures over NSEC3s";
+ return 0;
+}
+
+struct dns_msg*
+val_find_DS(struct module_env* env, uint8_t* nm, size_t nmlen, uint16_t c,
+ struct regional* region, uint8_t* topname)
+{
+ struct dns_msg* msg;
+ struct query_info qinfo;
+ struct ub_packed_rrset_key *rrset = rrset_cache_lookup(
+ env->rrset_cache, nm, nmlen, LDNS_RR_TYPE_DS, c, 0,
+ *env->now, 0);
+ if(rrset) {
+ /* DS rrset exists. Return it to the validator immediately*/
+ struct ub_packed_rrset_key* copy = packed_rrset_copy_region(
+ rrset, region, *env->now);
+ lock_rw_unlock(&rrset->entry.lock);
+ if(!copy)
+ return NULL;
+ msg = dns_msg_create(nm, nmlen, LDNS_RR_TYPE_DS, c, region, 1);
+ if(!msg)
+ return NULL;
+ msg->rep->rrsets[0] = copy;
+ msg->rep->rrset_count++;
+ msg->rep->an_numrrsets++;
+ return msg;
+ }
+ /* lookup in rrset and negative cache for NSEC/NSEC3 */
+ qinfo.qname = nm;
+ qinfo.qname_len = nmlen;
+ qinfo.qtype = LDNS_RR_TYPE_DS;
+ qinfo.qclass = c;
+ /* do not add SOA to reply message, it is going to be used internal */
+ msg = val_neg_getmsg(env->neg_cache, &qinfo, region, env->rrset_cache,
+ env->scratch_buffer, *env->now, 0, topname);
+ return msg;
+}
diff --git a/external/unbound/validator/val_utils.h b/external/unbound/validator/val_utils.h
new file mode 100644
index 000000000..b0344eff7
--- /dev/null
+++ b/external/unbound/validator/val_utils.h
@@ -0,0 +1,403 @@
+/*
+ * validator/val_utils.h - validator utility functions.
+ *
+ * Copyright (c) 2007, NLnet Labs. All rights reserved.
+ *
+ * This software is open source.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of the NLNET LABS nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/**
+ * \file
+ *
+ * This file contains helper functions for the validator module.
+ */
+
+#ifndef VALIDATOR_VAL_UTILS_H
+#define VALIDATOR_VAL_UTILS_H
+#include "util/data/packed_rrset.h"
+struct query_info;
+struct reply_info;
+struct val_env;
+struct module_env;
+struct ub_packed_rrset_key;
+struct key_entry_key;
+struct regional;
+struct val_anchors;
+struct rrset_cache;
+struct sock_list;
+
+/**
+ * Response classifications for the validator. The different types of proofs.
+ */
+enum val_classification {
+ /** Not subtyped yet. */
+ VAL_CLASS_UNTYPED = 0,
+ /** Not a recognized subtype. */
+ VAL_CLASS_UNKNOWN,
+ /** A positive, direct, response */
+ VAL_CLASS_POSITIVE,
+ /** A positive response, with a CNAME/DNAME chain. */
+ VAL_CLASS_CNAME,
+ /** A NOERROR/NODATA response. */
+ VAL_CLASS_NODATA,
+ /** A NXDOMAIN response. */
+ VAL_CLASS_NAMEERROR,
+ /** A CNAME/DNAME chain, and the offset is at the end of it,
+ * but there is no answer here, it can be NAMERROR or NODATA. */
+ VAL_CLASS_CNAMENOANSWER,
+ /** A referral, from cache with a nonRD query. */
+ VAL_CLASS_REFERRAL,
+ /** A response to a qtype=ANY query. */
+ VAL_CLASS_ANY
+};
+
+/**
+ * Given a response, classify ANSWER responses into a subtype.
+ * @param query_flags: query flags for the original query.
+ * @param origqinf: query info. The original query name.
+ * @param qinf: query info. The chased query name.
+ * @param rep: response. The original response.
+ * @param skip: offset into the original response answer section.
+ * @return A subtype, all values possible except UNTYPED .
+ * Once CNAME type is returned you can increase skip.
+ * Then, another CNAME type, CNAME_NOANSWER or POSITIVE are possible.
+ */
+enum val_classification val_classify_response(uint16_t query_flags,
+ struct query_info* origqinf, struct query_info* qinf,
+ struct reply_info* rep, size_t skip);
+
+/**
+ * Given a response, determine the name of the "signer". This is primarily
+ * to determine if the response is, in fact, signed at all, and, if so, what
+ * is the name of the most pertinent keyset.
+ *
+ * @param subtype: the type from classify.
+ * @param qinf: query, the chased query name.
+ * @param rep: response to that, original response.
+ * @param cname_skip: how many answer rrsets have been skipped due to CNAME
+ * chains being chased around.
+ * @param signer_name: signer name, if the response is signed
+ * (even partially), or null if the response isn't signed.
+ * @param signer_len: length of signer_name of 0 if signer_name is NULL.
+ */
+void val_find_signer(enum val_classification subtype,
+ struct query_info* qinf, struct reply_info* rep,
+ size_t cname_skip, uint8_t** signer_name, size_t* signer_len);
+
+/**
+ * Verify RRset with keys
+ * @param env: module environment (scratch buffer)
+ * @param ve: validator environment (verification settings)
+ * @param rrset: what to verify
+ * @param keys: dnskey rrset to verify with.
+ * @param sigalg: if nonNULL provide downgrade protection otherwise one
+ * algorithm is enough. Algo list is constructed in here.
+ * @param reason: reason of failure. Fixed string or alloced in scratch.
+ * @return security status of verification.
+ */
+enum sec_status val_verify_rrset(struct module_env* env, struct val_env* ve,
+ struct ub_packed_rrset_key* rrset, struct ub_packed_rrset_key* keys,
+ uint8_t* sigalg, char** reason);
+
+/**
+ * Verify RRset with keys from a keyset.
+ * @param env: module environment (scratch buffer)
+ * @param ve: validator environment (verification settings)
+ * @param rrset: what to verify
+ * @param kkey: key_entry to verify with.
+ * @param reason: reason of failure. Fixed string or alloced in scratch.
+ * @return security status of verification.
+ */
+enum sec_status val_verify_rrset_entry(struct module_env* env,
+ struct val_env* ve, struct ub_packed_rrset_key* rrset,
+ struct key_entry_key* kkey, char** reason);
+
+/**
+ * Verify DNSKEYs with DS rrset. Like val_verify_new_DNSKEYs but
+ * returns a sec_status instead of a key_entry.
+ * @param env: module environment (scratch buffer)
+ * @param ve: validator environment (verification settings)
+ * @param dnskey_rrset: DNSKEY rrset to verify
+ * @param ds_rrset: DS rrset to verify with.
+ * @param sigalg: if nonNULL provide downgrade protection otherwise one
+ * algorithm is enough. The list of signalled algorithms is returned,
+ * must have enough space for ALGO_NEEDS_MAX+1.
+ * @param reason: reason of failure. Fixed string or alloced in scratch.
+ * @return: sec_status_secure if a DS matches.
+ * sec_status_insecure if end of trust (i.e., unknown algorithms).
+ * sec_status_bogus if it fails.
+ */
+enum sec_status val_verify_DNSKEY_with_DS(struct module_env* env,
+ struct val_env* ve, struct ub_packed_rrset_key* dnskey_rrset,
+ struct ub_packed_rrset_key* ds_rrset, uint8_t* sigalg, char** reason);
+
+/**
+ * Verify DNSKEYs with DS and DNSKEY rrset. Like val_verify_DNSKEY_with_DS
+ * but for a trust anchor.
+ * @param env: module environment (scratch buffer)
+ * @param ve: validator environment (verification settings)
+ * @param dnskey_rrset: DNSKEY rrset to verify
+ * @param ta_ds: DS rrset to verify with.
+ * @param ta_dnskey: DNSKEY rrset to verify with.
+ * @param sigalg: if nonNULL provide downgrade protection otherwise one
+ * algorithm is enough. The list of signalled algorithms is returned,
+ * must have enough space for ALGO_NEEDS_MAX+1.
+ * @param reason: reason of failure. Fixed string or alloced in scratch.
+ * @return: sec_status_secure if a DS matches.
+ * sec_status_insecure if end of trust (i.e., unknown algorithms).
+ * sec_status_bogus if it fails.
+ */
+enum sec_status val_verify_DNSKEY_with_TA(struct module_env* env,
+ struct val_env* ve, struct ub_packed_rrset_key* dnskey_rrset,
+ struct ub_packed_rrset_key* ta_ds,
+ struct ub_packed_rrset_key* ta_dnskey, uint8_t* sigalg, char** reason);
+
+/**
+ * Verify new DNSKEYs with DS rrset. The DS contains hash values that should
+ * match the DNSKEY keys.
+ * match the DS to a DNSKEY and verify the DNSKEY rrset with that key.
+ *
+ * @param region: where to allocate key entry result.
+ * @param env: module environment (scratch buffer)
+ * @param ve: validator environment (verification settings)
+ * @param dnskey_rrset: DNSKEY rrset to verify
+ * @param ds_rrset: DS rrset to verify with.
+ * @param downprot: if true provide downgrade protection otherwise one
+ * algorithm is enough.
+ * @param reason: reason of failure. Fixed string or alloced in scratch.
+ * @return a KeyEntry. This will either contain the now trusted
+ * dnskey_rrset, a "null" key entry indicating that this DS
+ * rrset/DNSKEY pair indicate an secure end to the island of trust
+ * (i.e., unknown algorithms), or a "bad" KeyEntry if the dnskey
+ * rrset fails to verify. Note that the "null" response should
+ * generally only occur in a private algorithm scenario: normally
+ * this sort of thing is checked before fetching the matching DNSKEY
+ * rrset.
+ * if downprot is set, a key entry with an algo list is made.
+ */
+struct key_entry_key* val_verify_new_DNSKEYs(struct regional* region,
+ struct module_env* env, struct val_env* ve,
+ struct ub_packed_rrset_key* dnskey_rrset,
+ struct ub_packed_rrset_key* ds_rrset, int downprot, char** reason);
+
+
+/**
+ * Verify rrset with trust anchor: DS and DNSKEY rrset.
+ *
+ * @param region: where to allocate key entry result.
+ * @param env: module environment (scratch buffer)
+ * @param ve: validator environment (verification settings)
+ * @param dnskey_rrset: DNSKEY rrset to verify
+ * @param ta_ds_rrset: DS rrset to verify with.
+ * @param ta_dnskey_rrset: the DNSKEY rrset to verify with.
+ * @param downprot: if true provide downgrade protection otherwise one
+ * algorithm is enough.
+ * @param reason: reason of failure. Fixed string or alloced in scratch.
+ * @return a KeyEntry. This will either contain the now trusted
+ * dnskey_rrset, a "null" key entry indicating that this DS
+ * rrset/DNSKEY pair indicate an secure end to the island of trust
+ * (i.e., unknown algorithms), or a "bad" KeyEntry if the dnskey
+ * rrset fails to verify. Note that the "null" response should
+ * generally only occur in a private algorithm scenario: normally
+ * this sort of thing is checked before fetching the matching DNSKEY
+ * rrset.
+ * if downprot is set, a key entry with an algo list is made.
+ */
+struct key_entry_key* val_verify_new_DNSKEYs_with_ta(struct regional* region,
+ struct module_env* env, struct val_env* ve,
+ struct ub_packed_rrset_key* dnskey_rrset,
+ struct ub_packed_rrset_key* ta_ds_rrset,
+ struct ub_packed_rrset_key* ta_dnskey_rrset,
+ int downprot, char** reason);
+
+/**
+ * Determine if DS rrset is usable for validator or not.
+ * Returns true if the algorithms for key and DShash are supported,
+ * for at least one RR.
+ *
+ * @param ds_rrset: the newly received DS rrset.
+ * @return true or false if not usable.
+ */
+int val_dsset_isusable(struct ub_packed_rrset_key* ds_rrset);
+
+/**
+ * Determine by looking at a signed RRset whether or not the RRset name was
+ * the result of a wildcard expansion. If so, return the name of the
+ * generating wildcard.
+ *
+ * @param rrset The rrset to chedck.
+ * @param wc: the wildcard name, if the rrset was synthesized from a wildcard.
+ * unchanged if not. The wildcard name, without "*." in front, is
+ * returned. This is a pointer into the rrset owner name.
+ * @return false if the signatures are inconsistent in indicating the
+ * wildcard status; possible spoofing of wildcard response for other
+ * responses is being tried. We lost the status which rrsig was verified
+ * after the verification routine finished, so we simply check if
+ * the signatures are consistent; inserting a fake signature is a denial
+ * of service; but in that you could also have removed the real
+ * signature anyway.
+ */
+int val_rrset_wildcard(struct ub_packed_rrset_key* rrset, uint8_t** wc);
+
+/**
+ * Chase the cname to the next query name.
+ * @param qchase: the current query name, updated to next target.
+ * @param rep: original message reply to look at CNAMEs.
+ * @param cname_skip: the skip into the answer section. Updated to skip
+ * DNAME and CNAME to the next part of the answer.
+ * @return false on error (bad rdata).
+ */
+int val_chase_cname(struct query_info* qchase, struct reply_info* rep,
+ size_t* cname_skip);
+
+/**
+ * Fill up the chased reply with the content from the original reply;
+ * as pointers to those rrsets. Select the part after the cname_skip into
+ * the answer section, NS and AR sections that are signed with same signer.
+ *
+ * @param chase: chased reply, filled up.
+ * @param orig: original reply.
+ * @param cname_skip: which part of the answer section to skip.
+ * The skipped part contains CNAME(and DNAME)s that have been chased.
+ * @param name: the signer name to look for.
+ * @param len: length of name.
+ * @param signer: signer name or NULL if an unsigned RRset is considered.
+ * If NULL, rrsets with the lookup name are copied over.
+ */
+void val_fill_reply(struct reply_info* chase, struct reply_info* orig,
+ size_t cname_skip, uint8_t* name, size_t len, uint8_t* signer);
+
+/**
+ * Remove all unsigned or non-secure status rrsets from NS and AR sections.
+ * So that unsigned data does not get let through to clients, when we have
+ * found the data to be secure.
+ *
+ * @param ve: validator environment with cleaning options.
+ * @param rep: reply to dump all nonsecure stuff out of.
+ */
+void val_check_nonsecure(struct val_env* ve, struct reply_info* rep);
+
+/**
+ * Mark all unchecked rrset entries not below a trust anchor as indeterminate.
+ * Only security==unchecked rrsets are updated.
+ * @param rep: the reply with rrsets.
+ * @param anchors: the trust anchors.
+ * @param r: rrset cache to store updated security status into.
+ * @param env: module environment
+ */
+void val_mark_indeterminate(struct reply_info* rep,
+ struct val_anchors* anchors, struct rrset_cache* r,
+ struct module_env* env);
+
+/**
+ * Mark all unchecked rrset entries below a NULL key entry as insecure.
+ * Only security==unchecked rrsets are updated.
+ * @param rep: the reply with rrsets.
+ * @param kname: end of secure space name.
+ * @param r: rrset cache to store updated security status into.
+ * @param env: module environment
+ */
+void val_mark_insecure(struct reply_info* rep, uint8_t* kname,
+ struct rrset_cache* r, struct module_env* env);
+
+/**
+ * Find next unchecked rrset position, return it for skip.
+ * @param rep: the original reply to look into.
+ * @param skip: the skip now.
+ * @return new skip, which may be at the rep->rrset_count position to signal
+ * there are no unchecked items.
+ */
+size_t val_next_unchecked(struct reply_info* rep, size_t skip);
+
+/**
+ * Find the signer name for an RRset.
+ * @param rrset: the rrset.
+ * @param sname: signer name is returned or NULL if not signed.
+ * @param slen: length of sname (or 0).
+ */
+void val_find_rrset_signer(struct ub_packed_rrset_key* rrset, uint8_t** sname,
+ size_t* slen);
+
+/**
+ * Get string to denote the classification result.
+ * @param subtype: from classification function.
+ * @return static string to describe the classification.
+ */
+const char* val_classification_to_string(enum val_classification subtype);
+
+/**
+ * Add existing list to blacklist.
+ * @param blacklist: the blacklist with result
+ * @param region: the region where blacklist is allocated.
+ * Allocation failures are logged.
+ * @param origin: origin list to add, if NULL, a cache-entry is added to
+ * the blacklist to stop cache from being used.
+ * @param cross: if true this is a cross-qstate copy, and the 'origin'
+ * list is not allocated in the same region as the blacklist.
+ */
+void val_blacklist(struct sock_list** blacklist, struct regional* region,
+ struct sock_list* origin, int cross);
+
+/**
+ * check if has dnssec info, and if it has signed nsecs. gives error reason.
+ * @param rep: reply to check.
+ * @param reason: returned on fail.
+ * @return false if message has no signed nsecs. Can not prove negatives.
+ */
+int val_has_signed_nsecs(struct reply_info* rep, char** reason);
+
+/**
+ * Return algo number for favorite (best) algorithm that we support in DS.
+ * @param ds_rrset: the DSes in this rrset are inspected and best algo chosen.
+ * @return algo number or 0 if none supported. 0 is unused as algo number.
+ */
+int val_favorite_ds_algo(struct ub_packed_rrset_key* ds_rrset);
+
+/**
+ * Find DS denial message in cache. Saves new qstate allocation and allows
+ * the validator to use partial content which is not enough to construct a
+ * message for network (or user) consumption. Without SOA for example,
+ * which is a common occurence in the unbound code since the referrals contain
+ * NSEC/NSEC3 rrs without the SOA element, thus do not allow synthesis of a
+ * full negative reply, but do allow synthesis of sufficient proof.
+ * @param env: query env with caches and time.
+ * @param nm: name of DS record sought.
+ * @param nmlen: length of name.
+ * @param c: class of DS RR.
+ * @param region: where to allocate result.
+ * @param topname: name of the key that is currently in use, that will get
+ * used to validate the result, and thus no higher entries from the
+ * negative cache need to be examined.
+ * @return a dns_msg on success. NULL on failure.
+ */
+struct dns_msg* val_find_DS(struct module_env* env, uint8_t* nm, size_t nmlen,
+ uint16_t c, struct regional* region, uint8_t* topname);
+
+#endif /* VALIDATOR_VAL_UTILS_H */
diff --git a/external/unbound/validator/validator.c b/external/unbound/validator/validator.c
new file mode 100644
index 000000000..aefa26a27
--- /dev/null
+++ b/external/unbound/validator/validator.c
@@ -0,0 +1,2985 @@
+/*
+ * validator/validator.c - secure validator DNS query response module
+ *
+ * Copyright (c) 2007, NLnet Labs. All rights reserved.
+ *
+ * This software is open source.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of the NLNET LABS nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/**
+ * \file
+ *
+ * This file contains a module that performs validation of DNS queries.
+ * According to RFC 4034.
+ */
+#include "config.h"
+#include "validator/validator.h"
+#include "validator/val_anchor.h"
+#include "validator/val_kcache.h"
+#include "validator/val_kentry.h"
+#include "validator/val_utils.h"
+#include "validator/val_nsec.h"
+#include "validator/val_nsec3.h"
+#include "validator/val_neg.h"
+#include "validator/val_sigcrypt.h"
+#include "validator/autotrust.h"
+#include "services/cache/dns.h"
+#include "util/data/dname.h"
+#include "util/module.h"
+#include "util/log.h"
+#include "util/net_help.h"
+#include "util/regional.h"
+#include "util/config_file.h"
+#include "util/fptr_wlist.h"
+#include "ldns/rrdef.h"
+#include "ldns/wire2str.h"
+
+/* forward decl for cache response and normal super inform calls of a DS */
+static void process_ds_response(struct module_qstate* qstate,
+ struct val_qstate* vq, int id, int rcode, struct dns_msg* msg,
+ struct query_info* qinfo, struct sock_list* origin);
+
+/** fill up nsec3 key iterations config entry */
+static int
+fill_nsec3_iter(struct val_env* ve, char* s, int c)
+{
+ char* e;
+ int i;
+ free(ve->nsec3_keysize);
+ free(ve->nsec3_maxiter);
+ ve->nsec3_keysize = (size_t*)calloc(sizeof(size_t), (size_t)c);
+ ve->nsec3_maxiter = (size_t*)calloc(sizeof(size_t), (size_t)c);
+ if(!ve->nsec3_keysize || !ve->nsec3_maxiter) {
+ log_err("out of memory");
+ return 0;
+ }
+ for(i=0; i<c; i++) {
+ ve->nsec3_keysize[i] = (size_t)strtol(s, &e, 10);
+ if(s == e) {
+ log_err("cannot parse: %s", s);
+ return 0;
+ }
+ s = e;
+ ve->nsec3_maxiter[i] = (size_t)strtol(s, &e, 10);
+ if(s == e) {
+ log_err("cannot parse: %s", s);
+ return 0;
+ }
+ s = e;
+ if(i>0 && ve->nsec3_keysize[i-1] >= ve->nsec3_keysize[i]) {
+ log_err("nsec3 key iterations not ascending: %d %d",
+ (int)ve->nsec3_keysize[i-1],
+ (int)ve->nsec3_keysize[i]);
+ return 0;
+ }
+ verbose(VERB_ALGO, "validator nsec3cfg keysz %d mxiter %d",
+ (int)ve->nsec3_keysize[i], (int)ve->nsec3_maxiter[i]);
+ }
+ return 1;
+}
+
+/** apply config settings to validator */
+static int
+val_apply_cfg(struct module_env* env, struct val_env* val_env,
+ struct config_file* cfg)
+{
+ int c;
+ val_env->bogus_ttl = (uint32_t)cfg->bogus_ttl;
+ val_env->clean_additional = cfg->val_clean_additional;
+ val_env->permissive_mode = cfg->val_permissive_mode;
+ if(!env->anchors)
+ env->anchors = anchors_create();
+ if(!env->anchors) {
+ log_err("out of memory");
+ return 0;
+ }
+ if(!val_env->kcache)
+ val_env->kcache = key_cache_create(cfg);
+ if(!val_env->kcache) {
+ log_err("out of memory");
+ return 0;
+ }
+ env->key_cache = val_env->kcache;
+ if(!anchors_apply_cfg(env->anchors, cfg)) {
+ log_err("validator: error in trustanchors config");
+ return 0;
+ }
+ val_env->date_override = cfg->val_date_override;
+ val_env->skew_min = cfg->val_sig_skew_min;
+ val_env->skew_max = cfg->val_sig_skew_max;
+ c = cfg_count_numbers(cfg->val_nsec3_key_iterations);
+ if(c < 1 || (c&1)) {
+ log_err("validator: unparseable or odd nsec3 key "
+ "iterations: %s", cfg->val_nsec3_key_iterations);
+ return 0;
+ }
+ val_env->nsec3_keyiter_count = c/2;
+ if(!fill_nsec3_iter(val_env, cfg->val_nsec3_key_iterations, c/2)) {
+ log_err("validator: cannot apply nsec3 key iterations");
+ return 0;
+ }
+ if(!val_env->neg_cache)
+ val_env->neg_cache = val_neg_create(cfg,
+ val_env->nsec3_maxiter[val_env->nsec3_keyiter_count-1]);
+ if(!val_env->neg_cache) {
+ log_err("out of memory");
+ return 0;
+ }
+ env->neg_cache = val_env->neg_cache;
+ return 1;
+}
+
+int
+val_init(struct module_env* env, int id)
+{
+ struct val_env* val_env = (struct val_env*)calloc(1,
+ sizeof(struct val_env));
+ if(!val_env) {
+ log_err("malloc failure");
+ return 0;
+ }
+ env->modinfo[id] = (void*)val_env;
+ env->need_to_validate = 1;
+ val_env->permissive_mode = 0;
+ lock_basic_init(&val_env->bogus_lock);
+ lock_protect(&val_env->bogus_lock, &val_env->num_rrset_bogus,
+ sizeof(val_env->num_rrset_bogus));
+ if(!val_apply_cfg(env, val_env, env->cfg)) {
+ log_err("validator: could not apply configuration settings.");
+ return 0;
+ }
+ return 1;
+}
+
+void
+val_deinit(struct module_env* env, int id)
+{
+ struct val_env* val_env;
+ if(!env || !env->modinfo[id])
+ return;
+ val_env = (struct val_env*)env->modinfo[id];
+ lock_basic_destroy(&val_env->bogus_lock);
+ anchors_delete(env->anchors);
+ env->anchors = NULL;
+ key_cache_delete(val_env->kcache);
+ neg_cache_delete(val_env->neg_cache);
+ free(val_env->nsec3_keysize);
+ free(val_env->nsec3_maxiter);
+ free(val_env);
+ env->modinfo[id] = NULL;
+}
+
+/** fill in message structure */
+static struct val_qstate*
+val_new_getmsg(struct module_qstate* qstate, struct val_qstate* vq)
+{
+ if(!qstate->return_msg || qstate->return_rcode != LDNS_RCODE_NOERROR) {
+ /* create a message to verify */
+ verbose(VERB_ALGO, "constructing reply for validation");
+ vq->orig_msg = (struct dns_msg*)regional_alloc(qstate->region,
+ sizeof(struct dns_msg));
+ if(!vq->orig_msg)
+ return NULL;
+ vq->orig_msg->qinfo = qstate->qinfo;
+ vq->orig_msg->rep = (struct reply_info*)regional_alloc(
+ qstate->region, sizeof(struct reply_info));
+ if(!vq->orig_msg->rep)
+ return NULL;
+ memset(vq->orig_msg->rep, 0, sizeof(struct reply_info));
+ vq->orig_msg->rep->flags = (uint16_t)(qstate->return_rcode&0xf)
+ |BIT_QR|BIT_RA|(qstate->query_flags|(BIT_CD|BIT_RD));
+ vq->orig_msg->rep->qdcount = 1;
+ } else {
+ vq->orig_msg = qstate->return_msg;
+ }
+ vq->qchase = qstate->qinfo;
+ /* chase reply will be an edited (sub)set of the orig msg rrset ptrs */
+ vq->chase_reply = regional_alloc_init(qstate->region,
+ vq->orig_msg->rep,
+ sizeof(struct reply_info) - sizeof(struct rrset_ref));
+ if(!vq->chase_reply)
+ return NULL;
+ vq->chase_reply->rrsets = regional_alloc_init(qstate->region,
+ vq->orig_msg->rep->rrsets, sizeof(struct ub_packed_rrset_key*)
+ * vq->orig_msg->rep->rrset_count);
+ if(!vq->chase_reply->rrsets)
+ return NULL;
+ vq->rrset_skip = 0;
+ return vq;
+}
+
+/** allocate new validator query state */
+static struct val_qstate*
+val_new(struct module_qstate* qstate, int id)
+{
+ struct val_qstate* vq = (struct val_qstate*)regional_alloc(
+ qstate->region, sizeof(*vq));
+ log_assert(!qstate->minfo[id]);
+ if(!vq)
+ return NULL;
+ memset(vq, 0, sizeof(*vq));
+ qstate->minfo[id] = vq;
+ vq->state = VAL_INIT_STATE;
+ return val_new_getmsg(qstate, vq);
+}
+
+/**
+ * Exit validation with an error status
+ *
+ * @param qstate: query state
+ * @param id: validator id.
+ * @return false, for use by caller to return to stop processing.
+ */
+static int
+val_error(struct module_qstate* qstate, int id)
+{
+ qstate->ext_state[id] = module_error;
+ qstate->return_rcode = LDNS_RCODE_SERVFAIL;
+ return 0;
+}
+
+/**
+ * Check to see if a given response needs to go through the validation
+ * process. Typical reasons for this routine to return false are: CD bit was
+ * on in the original request, or the response is a kind of message that
+ * is unvalidatable (i.e., SERVFAIL, REFUSED, etc.)
+ *
+ * @param qstate: query state.
+ * @param ret_rc: rcode for this message (if noerror - examine ret_msg).
+ * @param ret_msg: return msg, can be NULL; look at rcode instead.
+ * @return true if the response could use validation (although this does not
+ * mean we can actually validate this response).
+ */
+static int
+needs_validation(struct module_qstate* qstate, int ret_rc,
+ struct dns_msg* ret_msg)
+{
+ int rcode;
+
+ /* If the CD bit is on in the original request, then we don't bother to
+ * validate anything.*/
+ if(qstate->query_flags & BIT_CD) {
+ verbose(VERB_ALGO, "not validating response due to CD bit");
+ return 0;
+ }
+
+ if(ret_rc != LDNS_RCODE_NOERROR || !ret_msg)
+ rcode = ret_rc;
+ else rcode = (int)FLAGS_GET_RCODE(ret_msg->rep->flags);
+
+ if(rcode != LDNS_RCODE_NOERROR && rcode != LDNS_RCODE_NXDOMAIN) {
+ if(verbosity >= VERB_ALGO) {
+ char rc[16];
+ rc[0]=0;
+ (void)sldns_wire2str_rcode_buf(rcode, rc, sizeof(rc));
+ verbose(VERB_ALGO, "cannot validate non-answer, rcode %s", rc);
+ }
+ return 0;
+ }
+
+ /* cannot validate positive RRSIG response. (negatives can) */
+ if(qstate->qinfo.qtype == LDNS_RR_TYPE_RRSIG &&
+ rcode == LDNS_RCODE_NOERROR && ret_msg &&
+ ret_msg->rep->an_numrrsets > 0) {
+ verbose(VERB_ALGO, "cannot validate RRSIG, no sigs on sigs.");
+ return 0;
+ }
+ return 1;
+}
+
+/**
+ * Check to see if the response has already been validated.
+ * @param ret_msg: return msg, can be NULL
+ * @return true if the response has already been validated
+ */
+static int
+already_validated(struct dns_msg* ret_msg)
+{
+ /* validate unchecked, and re-validate bogus messages */
+ if (ret_msg && ret_msg->rep->security > sec_status_bogus)
+ {
+ verbose(VERB_ALGO, "response has already been validated: %s",
+ sec_status_to_string(ret_msg->rep->security));
+ return 1;
+ }
+ return 0;
+}
+
+/**
+ * Generate a request for DNS data.
+ *
+ * @param qstate: query state that is the parent.
+ * @param id: module id.
+ * @param name: what name to query for.
+ * @param namelen: length of name.
+ * @param qtype: query type.
+ * @param qclass: query class.
+ * @param flags: additional flags, such as the CD bit (BIT_CD), or 0.
+ * @return false on alloc failure.
+ */
+static int
+generate_request(struct module_qstate* qstate, int id, uint8_t* name,
+ size_t namelen, uint16_t qtype, uint16_t qclass, uint16_t flags)
+{
+ struct val_qstate* vq = (struct val_qstate*)qstate->minfo[id];
+ struct module_qstate* newq;
+ struct query_info ask;
+ ask.qname = name;
+ ask.qname_len = namelen;
+ ask.qtype = qtype;
+ ask.qclass = qclass;
+ log_query_info(VERB_ALGO, "generate request", &ask);
+ fptr_ok(fptr_whitelist_modenv_attach_sub(qstate->env->attach_sub));
+ if(!(*qstate->env->attach_sub)(qstate, &ask,
+ (uint16_t)(BIT_RD|flags), 0, &newq)){
+ log_err("Could not generate request: out of memory");
+ return 0;
+ }
+ /* newq; validator does not need state created for that
+ * query, and its a 'normal' for iterator as well */
+ if(newq) {
+ /* add our blacklist to the query blacklist */
+ sock_list_merge(&newq->blacklist, newq->region,
+ vq->chain_blacklist);
+ }
+ qstate->ext_state[id] = module_wait_subquery;
+ return 1;
+}
+
+/**
+ * Prime trust anchor for use.
+ * Generate and dispatch a priming query for the given trust anchor.
+ * The trust anchor can be DNSKEY or DS and does not have to be signed.
+ *
+ * @param qstate: query state.
+ * @param vq: validator query state.
+ * @param id: module id.
+ * @param toprime: what to prime.
+ * @return false on a processing error.
+ */
+static int
+prime_trust_anchor(struct module_qstate* qstate, struct val_qstate* vq,
+ int id, struct trust_anchor* toprime)
+{
+ int ret = generate_request(qstate, id, toprime->name, toprime->namelen,
+ LDNS_RR_TYPE_DNSKEY, toprime->dclass, BIT_CD);
+ if(!ret) {
+ log_err("Could not prime trust anchor: out of memory");
+ return 0;
+ }
+ /* ignore newq; validator does not need state created for that
+ * query, and its a 'normal' for iterator as well */
+ vq->wait_prime_ta = 1; /* to elicit PRIME_RESP_STATE processing
+ from the validator inform_super() routine */
+ /* store trust anchor name for later lookup when prime returns */
+ vq->trust_anchor_name = regional_alloc_init(qstate->region,
+ toprime->name, toprime->namelen);
+ vq->trust_anchor_len = toprime->namelen;
+ vq->trust_anchor_labs = toprime->namelabs;
+ if(!vq->trust_anchor_name) {
+ log_err("Could not prime trust anchor: out of memory");
+ return 0;
+ }
+ return 1;
+}
+
+/**
+ * Validate if the ANSWER and AUTHORITY sections contain valid rrsets.
+ * They must be validly signed with the given key.
+ * Tries to validate ADDITIONAL rrsets as well, but only to check them.
+ * Allows unsigned CNAME after a DNAME that expands the DNAME.
+ *
+ * Note that by the time this method is called, the process of finding the
+ * trusted DNSKEY rrset that signs this response must already have been
+ * completed.
+ *
+ * @param qstate: query state.
+ * @param env: module env for verify.
+ * @param ve: validator env for verify.
+ * @param qchase: query that was made.
+ * @param chase_reply: answer to validate.
+ * @param key_entry: the key entry, which is trusted, and which matches
+ * the signer of the answer. The key entry isgood().
+ * @return false if any of the rrsets in the an or ns sections of the message
+ * fail to verify. The message is then set to bogus.
+ */
+static int
+validate_msg_signatures(struct module_qstate* qstate, struct module_env* env,
+ struct val_env* ve, struct query_info* qchase,
+ struct reply_info* chase_reply, struct key_entry_key* key_entry)
+{
+ uint8_t* sname;
+ size_t i, slen;
+ struct ub_packed_rrset_key* s;
+ enum sec_status sec;
+ int dname_seen = 0;
+ char* reason = NULL;
+
+ /* validate the ANSWER section */
+ for(i=0; i<chase_reply->an_numrrsets; i++) {
+ s = chase_reply->rrsets[i];
+ /* Skip the CNAME following a (validated) DNAME.
+ * Because of the normalization routines in the iterator,
+ * there will always be an unsigned CNAME following a DNAME
+ * (unless qtype=DNAME). */
+ if(dname_seen && ntohs(s->rk.type) == LDNS_RR_TYPE_CNAME) {
+ dname_seen = 0;
+ /* CNAME was synthesized by our own iterator */
+ /* since the DNAME verified, mark the CNAME as secure */
+ ((struct packed_rrset_data*)s->entry.data)->security =
+ sec_status_secure;
+ ((struct packed_rrset_data*)s->entry.data)->trust =
+ rrset_trust_validated;
+ continue;
+ }
+
+ /* Verify the answer rrset */
+ sec = val_verify_rrset_entry(env, ve, s, key_entry, &reason);
+ /* If the (answer) rrset failed to validate, then this
+ * message is BAD. */
+ if(sec != sec_status_secure) {
+ log_nametypeclass(VERB_QUERY, "validator: response "
+ "has failed ANSWER rrset:", s->rk.dname,
+ ntohs(s->rk.type), ntohs(s->rk.rrset_class));
+ errinf(qstate, reason);
+ if(ntohs(s->rk.type) == LDNS_RR_TYPE_CNAME)
+ errinf(qstate, "for CNAME");
+ else if(ntohs(s->rk.type) == LDNS_RR_TYPE_DNAME)
+ errinf(qstate, "for DNAME");
+ errinf_origin(qstate, qstate->reply_origin);
+ chase_reply->security = sec_status_bogus;
+ return 0;
+ }
+
+ /* Notice a DNAME that should be followed by an unsigned
+ * CNAME. */
+ if(qchase->qtype != LDNS_RR_TYPE_DNAME &&
+ ntohs(s->rk.type) == LDNS_RR_TYPE_DNAME) {
+ dname_seen = 1;
+ }
+ }
+
+ /* validate the AUTHORITY section */
+ for(i=chase_reply->an_numrrsets; i<chase_reply->an_numrrsets+
+ chase_reply->ns_numrrsets; i++) {
+ s = chase_reply->rrsets[i];
+ sec = val_verify_rrset_entry(env, ve, s, key_entry, &reason);
+ /* If anything in the authority section fails to be secure,
+ * we have a bad message. */
+ if(sec != sec_status_secure) {
+ log_nametypeclass(VERB_QUERY, "validator: response "
+ "has failed AUTHORITY rrset:", s->rk.dname,
+ ntohs(s->rk.type), ntohs(s->rk.rrset_class));
+ errinf(qstate, reason);
+ errinf_rrset(qstate, s);
+ errinf_origin(qstate, qstate->reply_origin);
+ chase_reply->security = sec_status_bogus;
+ return 0;
+ }
+ }
+
+ /* attempt to validate the ADDITIONAL section rrsets */
+ if(!ve->clean_additional)
+ return 1;
+ for(i=chase_reply->an_numrrsets+chase_reply->ns_numrrsets;
+ i<chase_reply->rrset_count; i++) {
+ s = chase_reply->rrsets[i];
+ /* only validate rrs that have signatures with the key */
+ /* leave others unchecked, those get removed later on too */
+ val_find_rrset_signer(s, &sname, &slen);
+ if(sname && query_dname_compare(sname, key_entry->name)==0)
+ (void)val_verify_rrset_entry(env, ve, s, key_entry,
+ &reason);
+ /* the additional section can fail to be secure,
+ * it is optional, check signature in case we need
+ * to clean the additional section later. */
+ }
+
+ return 1;
+}
+
+/**
+ * Detect wrong truncated response (say from BIND 9.6.1 that is forwarding
+ * and saw the NS record without signatures from a referral).
+ * The positive response has a mangled authority section.
+ * Remove that authority section and the additional section.
+ * @param rep: reply
+ * @return true if a wrongly truncated response.
+ */
+static int
+detect_wrongly_truncated(struct reply_info* rep)
+{
+ size_t i;
+ /* only NS in authority, and it is bogus */
+ if(rep->ns_numrrsets != 1 || rep->an_numrrsets == 0)
+ return 0;
+ if(ntohs(rep->rrsets[ rep->an_numrrsets ]->rk.type) != LDNS_RR_TYPE_NS)
+ return 0;
+ if(((struct packed_rrset_data*)rep->rrsets[ rep->an_numrrsets ]
+ ->entry.data)->security == sec_status_secure)
+ return 0;
+ /* answer section is present and secure */
+ for(i=0; i<rep->an_numrrsets; i++) {
+ if(((struct packed_rrset_data*)rep->rrsets[ i ]
+ ->entry.data)->security != sec_status_secure)
+ return 0;
+ }
+ verbose(VERB_ALGO, "truncating to minimal response");
+ return 1;
+}
+
+
+/**
+ * Given a "positive" response -- a response that contains an answer to the
+ * question, and no CNAME chain, validate this response.
+ *
+ * The answer and authority RRsets must already be verified as secure.
+ *
+ * @param env: module env for verify.
+ * @param ve: validator env for verify.
+ * @param qchase: query that was made.
+ * @param chase_reply: answer to that query to validate.
+ * @param kkey: the key entry, which is trusted, and which matches
+ * the signer of the answer. The key entry isgood().
+ */
+static void
+validate_positive_response(struct module_env* env, struct val_env* ve,
+ struct query_info* qchase, struct reply_info* chase_reply,
+ struct key_entry_key* kkey)
+{
+ uint8_t* wc = NULL;
+ int wc_NSEC_ok = 0;
+ int nsec3s_seen = 0;
+ size_t i;
+ struct ub_packed_rrset_key* s;
+
+ /* validate the ANSWER section - this will be the answer itself */
+ for(i=0; i<chase_reply->an_numrrsets; i++) {
+ s = chase_reply->rrsets[i];
+
+ /* Check to see if the rrset is the result of a wildcard
+ * expansion. If so, an additional check will need to be
+ * made in the authority section. */
+ if(!val_rrset_wildcard(s, &wc)) {
+ log_nametypeclass(VERB_QUERY, "Positive response has "
+ "inconsistent wildcard sigs:", s->rk.dname,
+ ntohs(s->rk.type), ntohs(s->rk.rrset_class));
+ chase_reply->security = sec_status_bogus;
+ return;
+ }
+ }
+
+ /* validate the AUTHORITY section as well - this will generally be
+ * the NS rrset (which could be missing, no problem) */
+ for(i=chase_reply->an_numrrsets; i<chase_reply->an_numrrsets+
+ chase_reply->ns_numrrsets; i++) {
+ s = chase_reply->rrsets[i];
+
+ /* If this is a positive wildcard response, and we have a
+ * (just verified) NSEC record, try to use it to 1) prove
+ * that qname doesn't exist and 2) that the correct wildcard
+ * was used. */
+ if(wc != NULL && ntohs(s->rk.type) == LDNS_RR_TYPE_NSEC) {
+ if(val_nsec_proves_positive_wildcard(s, qchase, wc)) {
+ wc_NSEC_ok = 1;
+ }
+ /* if not, continue looking for proof */
+ }
+
+ /* Otherwise, if this is a positive wildcard response and
+ * we have NSEC3 records */
+ if(wc != NULL && ntohs(s->rk.type) == LDNS_RR_TYPE_NSEC3) {
+ nsec3s_seen = 1;
+ }
+ }
+
+ /* If this was a positive wildcard response that we haven't already
+ * proven, and we have NSEC3 records, try to prove it using the NSEC3
+ * records. */
+ if(wc != NULL && !wc_NSEC_ok && nsec3s_seen) {
+ enum sec_status sec = nsec3_prove_wildcard(env, ve,
+ chase_reply->rrsets+chase_reply->an_numrrsets,
+ chase_reply->ns_numrrsets, qchase, kkey, wc);
+ if(sec == sec_status_insecure) {
+ verbose(VERB_ALGO, "Positive wildcard response is "
+ "insecure");
+ chase_reply->security = sec_status_insecure;
+ return;
+ } else if(sec == sec_status_secure)
+ wc_NSEC_ok = 1;
+ }
+
+ /* If after all this, we still haven't proven the positive wildcard
+ * response, fail. */
+ if(wc != NULL && !wc_NSEC_ok) {
+ verbose(VERB_QUERY, "positive response was wildcard "
+ "expansion and did not prove original data "
+ "did not exist");
+ chase_reply->security = sec_status_bogus;
+ return;
+ }
+
+ verbose(VERB_ALGO, "Successfully validated positive response");
+ chase_reply->security = sec_status_secure;
+}
+
+/**
+ * Validate a NOERROR/NODATA signed response -- a response that has a
+ * NOERROR Rcode but no ANSWER section RRsets. This consists of making
+ * certain that the authority section NSEC/NSEC3s proves that the qname
+ * does exist and the qtype doesn't.
+ *
+ * The answer and authority RRsets must already be verified as secure.
+ *
+ * @param env: module env for verify.
+ * @param ve: validator env for verify.
+ * @param qchase: query that was made.
+ * @param chase_reply: answer to that query to validate.
+ * @param kkey: the key entry, which is trusted, and which matches
+ * the signer of the answer. The key entry isgood().
+ */
+static void
+validate_nodata_response(struct module_env* env, struct val_env* ve,
+ struct query_info* qchase, struct reply_info* chase_reply,
+ struct key_entry_key* kkey)
+{
+ /* Since we are here, there must be nothing in the ANSWER section to
+ * validate. */
+ /* (Note: CNAME/DNAME responses will not directly get here --
+ * instead, they are chased down into indiviual CNAME validations,
+ * and at the end of the cname chain a POSITIVE, or CNAME_NOANSWER
+ * validation.) */
+
+ /* validate the AUTHORITY section */
+ int has_valid_nsec = 0; /* If true, then the NODATA has been proven.*/
+ uint8_t* ce = NULL; /* for wildcard nodata responses. This is the
+ proven closest encloser. */
+ uint8_t* wc = NULL; /* for wildcard nodata responses. wildcard nsec */
+ int nsec3s_seen = 0; /* nsec3s seen */
+ struct ub_packed_rrset_key* s;
+ size_t i;
+
+ for(i=chase_reply->an_numrrsets; i<chase_reply->an_numrrsets+
+ chase_reply->ns_numrrsets; i++) {
+ s = chase_reply->rrsets[i];
+ /* If we encounter an NSEC record, try to use it to prove
+ * NODATA.
+ * This needs to handle the ENT NODATA case. */
+ if(ntohs(s->rk.type) == LDNS_RR_TYPE_NSEC) {
+ if(nsec_proves_nodata(s, qchase, &wc)) {
+ has_valid_nsec = 1;
+ /* sets wc-encloser if wildcard applicable */
+ }
+ if(val_nsec_proves_name_error(s, qchase->qname)) {
+ ce = nsec_closest_encloser(qchase->qname, s);
+ }
+ if(val_nsec_proves_insecuredelegation(s, qchase)) {
+ verbose(VERB_ALGO, "delegation is insecure");
+ chase_reply->security = sec_status_insecure;
+ return;
+ }
+ } else if(ntohs(s->rk.type) == LDNS_RR_TYPE_NSEC3) {
+ nsec3s_seen = 1;
+ }
+ }
+
+ /* check to see if we have a wildcard NODATA proof. */
+
+ /* The wildcard NODATA is 1 NSEC proving that qname does not exist
+ * (and also proving what the closest encloser is), and 1 NSEC
+ * showing the matching wildcard, which must be *.closest_encloser. */
+ if(wc && !ce)
+ has_valid_nsec = 0;
+ else if(wc && ce) {
+ if(query_dname_compare(wc, ce) != 0) {
+ has_valid_nsec = 0;
+ }
+ }
+
+ if(!has_valid_nsec && nsec3s_seen) {
+ enum sec_status sec = nsec3_prove_nodata(env, ve,
+ chase_reply->rrsets+chase_reply->an_numrrsets,
+ chase_reply->ns_numrrsets, qchase, kkey);
+ if(sec == sec_status_insecure) {
+ verbose(VERB_ALGO, "NODATA response is insecure");
+ chase_reply->security = sec_status_insecure;
+ return;
+ } else if(sec == sec_status_secure)
+ has_valid_nsec = 1;
+ }
+
+ if(!has_valid_nsec) {
+ verbose(VERB_QUERY, "NODATA response failed to prove NODATA "
+ "status with NSEC/NSEC3");
+ if(verbosity >= VERB_ALGO)
+ log_dns_msg("Failed NODATA", qchase, chase_reply);
+ chase_reply->security = sec_status_bogus;
+ return;
+ }
+
+ verbose(VERB_ALGO, "successfully validated NODATA response.");
+ chase_reply->security = sec_status_secure;
+}
+
+/**
+ * Validate a NAMEERROR signed response -- a response that has a NXDOMAIN
+ * Rcode.
+ * This consists of making certain that the authority section NSEC proves
+ * that the qname doesn't exist and the covering wildcard also doesn't exist..
+ *
+ * The answer and authority RRsets must have already been verified as secure.
+ *
+ * @param env: module env for verify.
+ * @param ve: validator env for verify.
+ * @param qchase: query that was made.
+ * @param chase_reply: answer to that query to validate.
+ * @param kkey: the key entry, which is trusted, and which matches
+ * the signer of the answer. The key entry isgood().
+ * @param rcode: adjusted RCODE, in case of RCODE/proof mismatch leniency.
+ */
+static void
+validate_nameerror_response(struct module_env* env, struct val_env* ve,
+ struct query_info* qchase, struct reply_info* chase_reply,
+ struct key_entry_key* kkey, int* rcode)
+{
+ int has_valid_nsec = 0;
+ int has_valid_wnsec = 0;
+ int nsec3s_seen = 0;
+ struct ub_packed_rrset_key* s;
+ size_t i;
+
+ for(i=chase_reply->an_numrrsets; i<chase_reply->an_numrrsets+
+ chase_reply->ns_numrrsets; i++) {
+ s = chase_reply->rrsets[i];
+ if(ntohs(s->rk.type) == LDNS_RR_TYPE_NSEC) {
+ if(val_nsec_proves_name_error(s, qchase->qname))
+ has_valid_nsec = 1;
+ if(val_nsec_proves_no_wc(s, qchase->qname,
+ qchase->qname_len))
+ has_valid_wnsec = 1;
+ if(val_nsec_proves_insecuredelegation(s, qchase)) {
+ verbose(VERB_ALGO, "delegation is insecure");
+ chase_reply->security = sec_status_insecure;
+ return;
+ }
+ } else if(ntohs(s->rk.type) == LDNS_RR_TYPE_NSEC3)
+ nsec3s_seen = 1;
+ }
+
+ if((!has_valid_nsec || !has_valid_wnsec) && nsec3s_seen) {
+ /* use NSEC3 proof, both answer and auth rrsets, in case
+ * NSEC3s end up in the answer (due to qtype=NSEC3 or so) */
+ chase_reply->security = nsec3_prove_nameerror(env, ve,
+ chase_reply->rrsets, chase_reply->an_numrrsets+
+ chase_reply->ns_numrrsets, qchase, kkey);
+ if(chase_reply->security != sec_status_secure) {
+ verbose(VERB_QUERY, "NameError response failed nsec, "
+ "nsec3 proof was %s", sec_status_to_string(
+ chase_reply->security));
+ return;
+ }
+ has_valid_nsec = 1;
+ has_valid_wnsec = 1;
+ }
+
+ /* If the message fails to prove either condition, it is bogus. */
+ if(!has_valid_nsec) {
+ verbose(VERB_QUERY, "NameError response has failed to prove: "
+ "qname does not exist");
+ chase_reply->security = sec_status_bogus;
+ /* Be lenient with RCODE in NSEC NameError responses */
+ validate_nodata_response(env, ve, qchase, chase_reply, kkey);
+ if (chase_reply->security == sec_status_secure)
+ *rcode = LDNS_RCODE_NOERROR;
+ return;
+ }
+
+ if(!has_valid_wnsec) {
+ verbose(VERB_QUERY, "NameError response has failed to prove: "
+ "covering wildcard does not exist");
+ chase_reply->security = sec_status_bogus;
+ /* Be lenient with RCODE in NSEC NameError responses */
+ validate_nodata_response(env, ve, qchase, chase_reply, kkey);
+ if (chase_reply->security == sec_status_secure)
+ *rcode = LDNS_RCODE_NOERROR;
+ return;
+ }
+
+ /* Otherwise, we consider the message secure. */
+ verbose(VERB_ALGO, "successfully validated NAME ERROR response.");
+ chase_reply->security = sec_status_secure;
+}
+
+/**
+ * Given a referral response, validate rrsets and take least trusted rrset
+ * as the current validation status.
+ *
+ * Note that by the time this method is called, the process of finding the
+ * trusted DNSKEY rrset that signs this response must already have been
+ * completed.
+ *
+ * @param chase_reply: answer to validate.
+ */
+static void
+validate_referral_response(struct reply_info* chase_reply)
+{
+ size_t i;
+ enum sec_status s;
+ /* message security equals lowest rrset security */
+ chase_reply->security = sec_status_secure;
+ for(i=0; i<chase_reply->rrset_count; i++) {
+ s = ((struct packed_rrset_data*)chase_reply->rrsets[i]
+ ->entry.data)->security;
+ if(s < chase_reply->security)
+ chase_reply->security = s;
+ }
+ verbose(VERB_ALGO, "validated part of referral response as %s",
+ sec_status_to_string(chase_reply->security));
+}
+
+/**
+ * Given an "ANY" response -- a response that contains an answer to a
+ * qtype==ANY question, with answers. This does no checking that all
+ * types are present.
+ *
+ * NOTE: it may be possible to get parent-side delegation point records
+ * here, which won't all be signed. Right now, this routine relies on the
+ * upstream iterative resolver to not return these responses -- instead
+ * treating them as referrals.
+ *
+ * NOTE: RFC 4035 is silent on this issue, so this may change upon
+ * clarification. Clarification draft -05 says to not check all types are
+ * present.
+ *
+ * Note that by the time this method is called, the process of finding the
+ * trusted DNSKEY rrset that signs this response must already have been
+ * completed.
+ *
+ * @param env: module env for verify.
+ * @param ve: validator env for verify.
+ * @param qchase: query that was made.
+ * @param chase_reply: answer to that query to validate.
+ * @param kkey: the key entry, which is trusted, and which matches
+ * the signer of the answer. The key entry isgood().
+ */
+static void
+validate_any_response(struct module_env* env, struct val_env* ve,
+ struct query_info* qchase, struct reply_info* chase_reply,
+ struct key_entry_key* kkey)
+{
+ /* all answer and auth rrsets already verified */
+ /* but check if a wildcard response is given, then check NSEC/NSEC3
+ * for qname denial to see if wildcard is applicable */
+ uint8_t* wc = NULL;
+ int wc_NSEC_ok = 0;
+ int nsec3s_seen = 0;
+ size_t i;
+ struct ub_packed_rrset_key* s;
+
+ if(qchase->qtype != LDNS_RR_TYPE_ANY) {
+ log_err("internal error: ANY validation called for non-ANY");
+ chase_reply->security = sec_status_bogus;
+ return;
+ }
+
+ /* validate the ANSWER section - this will be the answer itself */
+ for(i=0; i<chase_reply->an_numrrsets; i++) {
+ s = chase_reply->rrsets[i];
+
+ /* Check to see if the rrset is the result of a wildcard
+ * expansion. If so, an additional check will need to be
+ * made in the authority section. */
+ if(!val_rrset_wildcard(s, &wc)) {
+ log_nametypeclass(VERB_QUERY, "Positive ANY response"
+ " has inconsistent wildcard sigs:",
+ s->rk.dname, ntohs(s->rk.type),
+ ntohs(s->rk.rrset_class));
+ chase_reply->security = sec_status_bogus;
+ return;
+ }
+ }
+
+ /* if it was a wildcard, check for NSEC/NSEC3s in both answer
+ * and authority sections (NSEC may be moved to the ANSWER section) */
+ if(wc != NULL)
+ for(i=0; i<chase_reply->an_numrrsets+chase_reply->ns_numrrsets;
+ i++) {
+ s = chase_reply->rrsets[i];
+
+ /* If this is a positive wildcard response, and we have a
+ * (just verified) NSEC record, try to use it to 1) prove
+ * that qname doesn't exist and 2) that the correct wildcard
+ * was used. */
+ if(ntohs(s->rk.type) == LDNS_RR_TYPE_NSEC) {
+ if(val_nsec_proves_positive_wildcard(s, qchase, wc)) {
+ wc_NSEC_ok = 1;
+ }
+ /* if not, continue looking for proof */
+ }
+
+ /* Otherwise, if this is a positive wildcard response and
+ * we have NSEC3 records */
+ if(ntohs(s->rk.type) == LDNS_RR_TYPE_NSEC3) {
+ nsec3s_seen = 1;
+ }
+ }
+
+ /* If this was a positive wildcard response that we haven't already
+ * proven, and we have NSEC3 records, try to prove it using the NSEC3
+ * records. */
+ if(wc != NULL && !wc_NSEC_ok && nsec3s_seen) {
+ /* look both in answer and auth section for NSEC3s */
+ enum sec_status sec = nsec3_prove_wildcard(env, ve,
+ chase_reply->rrsets,
+ chase_reply->an_numrrsets+chase_reply->ns_numrrsets,
+ qchase, kkey, wc);
+ if(sec == sec_status_insecure) {
+ verbose(VERB_ALGO, "Positive ANY wildcard response is "
+ "insecure");
+ chase_reply->security = sec_status_insecure;
+ return;
+ } else if(sec == sec_status_secure)
+ wc_NSEC_ok = 1;
+ }
+
+ /* If after all this, we still haven't proven the positive wildcard
+ * response, fail. */
+ if(wc != NULL && !wc_NSEC_ok) {
+ verbose(VERB_QUERY, "positive ANY response was wildcard "
+ "expansion and did not prove original data "
+ "did not exist");
+ chase_reply->security = sec_status_bogus;
+ return;
+ }
+
+ verbose(VERB_ALGO, "Successfully validated positive ANY response");
+ chase_reply->security = sec_status_secure;
+}
+
+/**
+ * Validate CNAME response, or DNAME+CNAME.
+ * This is just like a positive proof, except that this is about a
+ * DNAME+CNAME. Possible wildcard proof.
+ * Difference with positive proof is that this routine refuses
+ * wildcarded DNAMEs.
+ *
+ * The answer and authority rrsets must already be verified as secure.
+ *
+ * @param env: module env for verify.
+ * @param ve: validator env for verify.
+ * @param qchase: query that was made.
+ * @param chase_reply: answer to that query to validate.
+ * @param kkey: the key entry, which is trusted, and which matches
+ * the signer of the answer. The key entry isgood().
+ */
+static void
+validate_cname_response(struct module_env* env, struct val_env* ve,
+ struct query_info* qchase, struct reply_info* chase_reply,
+ struct key_entry_key* kkey)
+{
+ uint8_t* wc = NULL;
+ int wc_NSEC_ok = 0;
+ int nsec3s_seen = 0;
+ size_t i;
+ struct ub_packed_rrset_key* s;
+
+ /* validate the ANSWER section - this will be the CNAME (+DNAME) */
+ for(i=0; i<chase_reply->an_numrrsets; i++) {
+ s = chase_reply->rrsets[i];
+
+ /* Check to see if the rrset is the result of a wildcard
+ * expansion. If so, an additional check will need to be
+ * made in the authority section. */
+ if(!val_rrset_wildcard(s, &wc)) {
+ log_nametypeclass(VERB_QUERY, "Cname response has "
+ "inconsistent wildcard sigs:", s->rk.dname,
+ ntohs(s->rk.type), ntohs(s->rk.rrset_class));
+ chase_reply->security = sec_status_bogus;
+ return;
+ }
+
+ /* Refuse wildcarded DNAMEs rfc 4597.
+ * Do not follow a wildcarded DNAME because
+ * its synthesized CNAME expansion is underdefined */
+ if(qchase->qtype != LDNS_RR_TYPE_DNAME &&
+ ntohs(s->rk.type) == LDNS_RR_TYPE_DNAME && wc) {
+ log_nametypeclass(VERB_QUERY, "cannot validate a "
+ "wildcarded DNAME:", s->rk.dname,
+ ntohs(s->rk.type), ntohs(s->rk.rrset_class));
+ chase_reply->security = sec_status_bogus;
+ return;
+ }
+
+ /* If we have found a CNAME, stop looking for one.
+ * The iterator has placed the CNAME chain in correct
+ * order. */
+ if (ntohs(s->rk.type) == LDNS_RR_TYPE_CNAME) {
+ break;
+ }
+ }
+
+ /* AUTHORITY section */
+ for(i=chase_reply->an_numrrsets; i<chase_reply->an_numrrsets+
+ chase_reply->ns_numrrsets; i++) {
+ s = chase_reply->rrsets[i];
+
+ /* If this is a positive wildcard response, and we have a
+ * (just verified) NSEC record, try to use it to 1) prove
+ * that qname doesn't exist and 2) that the correct wildcard
+ * was used. */
+ if(wc != NULL && ntohs(s->rk.type) == LDNS_RR_TYPE_NSEC) {
+ if(val_nsec_proves_positive_wildcard(s, qchase, wc)) {
+ wc_NSEC_ok = 1;
+ }
+ /* if not, continue looking for proof */
+ }
+
+ /* Otherwise, if this is a positive wildcard response and
+ * we have NSEC3 records */
+ if(wc != NULL && ntohs(s->rk.type) == LDNS_RR_TYPE_NSEC3) {
+ nsec3s_seen = 1;
+ }
+ }
+
+ /* If this was a positive wildcard response that we haven't already
+ * proven, and we have NSEC3 records, try to prove it using the NSEC3
+ * records. */
+ if(wc != NULL && !wc_NSEC_ok && nsec3s_seen) {
+ enum sec_status sec = nsec3_prove_wildcard(env, ve,
+ chase_reply->rrsets+chase_reply->an_numrrsets,
+ chase_reply->ns_numrrsets, qchase, kkey, wc);
+ if(sec == sec_status_insecure) {
+ verbose(VERB_ALGO, "wildcard CNAME response is "
+ "insecure");
+ chase_reply->security = sec_status_insecure;
+ return;
+ } else if(sec == sec_status_secure)
+ wc_NSEC_ok = 1;
+ }
+
+ /* If after all this, we still haven't proven the positive wildcard
+ * response, fail. */
+ if(wc != NULL && !wc_NSEC_ok) {
+ verbose(VERB_QUERY, "CNAME response was wildcard "
+ "expansion and did not prove original data "
+ "did not exist");
+ chase_reply->security = sec_status_bogus;
+ return;
+ }
+
+ verbose(VERB_ALGO, "Successfully validated CNAME response");
+ chase_reply->security = sec_status_secure;
+}
+
+/**
+ * Validate CNAME NOANSWER response, no more data after a CNAME chain.
+ * This can be a NODATA or a NAME ERROR case, but not both at the same time.
+ * We don't know because the rcode has been set to NOERROR by the CNAME.
+ *
+ * The answer and authority rrsets must already be verified as secure.
+ *
+ * @param env: module env for verify.
+ * @param ve: validator env for verify.
+ * @param qchase: query that was made.
+ * @param chase_reply: answer to that query to validate.
+ * @param kkey: the key entry, which is trusted, and which matches
+ * the signer of the answer. The key entry isgood().
+ */
+static void
+validate_cname_noanswer_response(struct module_env* env, struct val_env* ve,
+ struct query_info* qchase, struct reply_info* chase_reply,
+ struct key_entry_key* kkey)
+{
+ int nodata_valid_nsec = 0; /* If true, then NODATA has been proven.*/
+ uint8_t* ce = NULL; /* for wildcard nodata responses. This is the
+ proven closest encloser. */
+ uint8_t* wc = NULL; /* for wildcard nodata responses. wildcard nsec */
+ int nxdomain_valid_nsec = 0; /* if true, namerror has been proven */
+ int nxdomain_valid_wnsec = 0;
+ int nsec3s_seen = 0; /* nsec3s seen */
+ struct ub_packed_rrset_key* s;
+ size_t i;
+
+ /* the AUTHORITY section */
+ for(i=chase_reply->an_numrrsets; i<chase_reply->an_numrrsets+
+ chase_reply->ns_numrrsets; i++) {
+ s = chase_reply->rrsets[i];
+
+ /* If we encounter an NSEC record, try to use it to prove
+ * NODATA. This needs to handle the ENT NODATA case.
+ * Also try to prove NAMEERROR, and absence of a wildcard */
+ if(ntohs(s->rk.type) == LDNS_RR_TYPE_NSEC) {
+ if(nsec_proves_nodata(s, qchase, &wc)) {
+ nodata_valid_nsec = 1;
+ /* set wc encloser if wildcard applicable */
+ }
+ if(val_nsec_proves_name_error(s, qchase->qname)) {
+ ce = nsec_closest_encloser(qchase->qname, s);
+ nxdomain_valid_nsec = 1;
+ }
+ if(val_nsec_proves_no_wc(s, qchase->qname,
+ qchase->qname_len))
+ nxdomain_valid_wnsec = 1;
+ if(val_nsec_proves_insecuredelegation(s, qchase)) {
+ verbose(VERB_ALGO, "delegation is insecure");
+ chase_reply->security = sec_status_insecure;
+ return;
+ }
+ } else if(ntohs(s->rk.type) == LDNS_RR_TYPE_NSEC3) {
+ nsec3s_seen = 1;
+ }
+ }
+
+ /* check to see if we have a wildcard NODATA proof. */
+
+ /* The wildcard NODATA is 1 NSEC proving that qname does not exists
+ * (and also proving what the closest encloser is), and 1 NSEC
+ * showing the matching wildcard, which must be *.closest_encloser. */
+ if(wc && !ce)
+ nodata_valid_nsec = 0;
+ else if(wc && ce) {
+ if(query_dname_compare(wc, ce) != 0) {
+ nodata_valid_nsec = 0;
+ }
+ }
+ if(nxdomain_valid_nsec && !nxdomain_valid_wnsec) {
+ /* name error is missing wildcard denial proof */
+ nxdomain_valid_nsec = 0;
+ }
+
+ if(nodata_valid_nsec && nxdomain_valid_nsec) {
+ verbose(VERB_QUERY, "CNAMEchain to noanswer proves that name "
+ "exists and not exists, bogus");
+ chase_reply->security = sec_status_bogus;
+ return;
+ }
+ if(!nodata_valid_nsec && !nxdomain_valid_nsec && nsec3s_seen) {
+ int nodata;
+ enum sec_status sec = nsec3_prove_nxornodata(env, ve,
+ chase_reply->rrsets+chase_reply->an_numrrsets,
+ chase_reply->ns_numrrsets, qchase, kkey, &nodata);
+ if(sec == sec_status_insecure) {
+ verbose(VERB_ALGO, "CNAMEchain to noanswer response "
+ "is insecure");
+ chase_reply->security = sec_status_insecure;
+ return;
+ } else if(sec == sec_status_secure) {
+ if(nodata)
+ nodata_valid_nsec = 1;
+ else nxdomain_valid_nsec = 1;
+ }
+ }
+
+ if(!nodata_valid_nsec && !nxdomain_valid_nsec) {
+ verbose(VERB_QUERY, "CNAMEchain to noanswer response failed "
+ "to prove status with NSEC/NSEC3");
+ if(verbosity >= VERB_ALGO)
+ log_dns_msg("Failed CNAMEnoanswer", qchase, chase_reply);
+ chase_reply->security = sec_status_bogus;
+ return;
+ }
+
+ if(nodata_valid_nsec)
+ verbose(VERB_ALGO, "successfully validated CNAME chain to a "
+ "NODATA response.");
+ else verbose(VERB_ALGO, "successfully validated CNAME chain to a "
+ "NAMEERROR response.");
+ chase_reply->security = sec_status_secure;
+}
+
+/**
+ * Process init state for validator.
+ * Process the INIT state. First tier responses start in the INIT state.
+ * This is where they are vetted for validation suitability, and the initial
+ * key search is done.
+ *
+ * Currently, events the come through this routine will be either promoted
+ * to FINISHED/CNAME_RESP (no validation needed), FINDKEY (next step to
+ * validation), or will be (temporarily) retired and a new priming request
+ * event will be generated.
+ *
+ * @param qstate: query state.
+ * @param vq: validator query state.
+ * @param ve: validator shared global environment.
+ * @param id: module id.
+ * @return true if the event should be processed further on return, false if
+ * not.
+ */
+static int
+processInit(struct module_qstate* qstate, struct val_qstate* vq,
+ struct val_env* ve, int id)
+{
+ uint8_t* lookup_name;
+ size_t lookup_len;
+ struct trust_anchor* anchor;
+ enum val_classification subtype = val_classify_response(
+ qstate->query_flags, &qstate->qinfo, &vq->qchase,
+ vq->orig_msg->rep, vq->rrset_skip);
+ if(vq->restart_count > VAL_MAX_RESTART_COUNT) {
+ verbose(VERB_ALGO, "restart count exceeded");
+ return val_error(qstate, id);
+ }
+ verbose(VERB_ALGO, "validator classification %s",
+ val_classification_to_string(subtype));
+ if(subtype == VAL_CLASS_REFERRAL &&
+ vq->rrset_skip < vq->orig_msg->rep->rrset_count) {
+ /* referral uses the rrset name as qchase, to find keys for
+ * that rrset */
+ vq->qchase.qname = vq->orig_msg->rep->
+ rrsets[vq->rrset_skip]->rk.dname;
+ vq->qchase.qname_len = vq->orig_msg->rep->
+ rrsets[vq->rrset_skip]->rk.dname_len;
+ vq->qchase.qtype = ntohs(vq->orig_msg->rep->
+ rrsets[vq->rrset_skip]->rk.type);
+ vq->qchase.qclass = ntohs(vq->orig_msg->rep->
+ rrsets[vq->rrset_skip]->rk.rrset_class);
+ }
+ lookup_name = vq->qchase.qname;
+ lookup_len = vq->qchase.qname_len;
+ /* for type DS look at the parent side for keys/trustanchor */
+ /* also for NSEC not at apex */
+ if(vq->qchase.qtype == LDNS_RR_TYPE_DS ||
+ (vq->qchase.qtype == LDNS_RR_TYPE_NSEC &&
+ vq->orig_msg->rep->rrset_count > vq->rrset_skip &&
+ ntohs(vq->orig_msg->rep->rrsets[vq->rrset_skip]->rk.type) ==
+ LDNS_RR_TYPE_NSEC &&
+ !(vq->orig_msg->rep->rrsets[vq->rrset_skip]->
+ rk.flags&PACKED_RRSET_NSEC_AT_APEX))) {
+ dname_remove_label(&lookup_name, &lookup_len);
+ }
+
+ val_mark_indeterminate(vq->chase_reply, qstate->env->anchors,
+ qstate->env->rrset_cache, qstate->env);
+ vq->key_entry = NULL;
+ vq->empty_DS_name = NULL;
+ vq->ds_rrset = 0;
+ anchor = anchors_lookup(qstate->env->anchors,
+ lookup_name, lookup_len, vq->qchase.qclass);
+
+ /* Determine the signer/lookup name */
+ val_find_signer(subtype, &vq->qchase, vq->orig_msg->rep,
+ vq->rrset_skip, &vq->signer_name, &vq->signer_len);
+ if(vq->signer_name != NULL &&
+ !dname_subdomain_c(lookup_name, vq->signer_name)) {
+ log_nametypeclass(VERB_ALGO, "this signer name is not a parent "
+ "of lookupname, omitted", vq->signer_name, 0, 0);
+ vq->signer_name = NULL;
+ }
+ if(vq->signer_name == NULL) {
+ log_nametypeclass(VERB_ALGO, "no signer, using", lookup_name,
+ 0, 0);
+ } else {
+ lookup_name = vq->signer_name;
+ lookup_len = vq->signer_len;
+ log_nametypeclass(VERB_ALGO, "signer is", lookup_name, 0, 0);
+ }
+
+ /* for NXDOMAIN it could be signed by a parent of the trust anchor */
+ if(subtype == VAL_CLASS_NAMEERROR && vq->signer_name &&
+ anchor && dname_strict_subdomain_c(anchor->name, lookup_name)){
+ lock_basic_unlock(&anchor->lock);
+ anchor = anchors_lookup(qstate->env->anchors,
+ lookup_name, lookup_len, vq->qchase.qclass);
+ if(!anchor) { /* unsigned parent denies anchor*/
+ verbose(VERB_QUERY, "unsigned parent zone denies"
+ " trust anchor, indeterminate");
+ vq->chase_reply->security = sec_status_indeterminate;
+ vq->state = VAL_FINISHED_STATE;
+ return 1;
+ }
+ verbose(VERB_ALGO, "trust anchor NXDOMAIN by signed parent");
+ } else if(subtype == VAL_CLASS_POSITIVE &&
+ qstate->qinfo.qtype == LDNS_RR_TYPE_DNSKEY &&
+ query_dname_compare(lookup_name, qstate->qinfo.qname) == 0) {
+ /* is a DNSKEY so lookup a bit higher since we want to
+ * get it from a parent or from trustanchor */
+ dname_remove_label(&lookup_name, &lookup_len);
+ }
+
+ if(vq->rrset_skip > 0 || subtype == VAL_CLASS_CNAME ||
+ subtype == VAL_CLASS_REFERRAL) {
+ /* extract this part of orig_msg into chase_reply for
+ * the eventual VALIDATE stage */
+ val_fill_reply(vq->chase_reply, vq->orig_msg->rep,
+ vq->rrset_skip, lookup_name, lookup_len,
+ vq->signer_name);
+ if(verbosity >= VERB_ALGO)
+ log_dns_msg("chased extract", &vq->qchase,
+ vq->chase_reply);
+ }
+
+ vq->key_entry = key_cache_obtain(ve->kcache, lookup_name, lookup_len,
+ vq->qchase.qclass, qstate->region, *qstate->env->now);
+
+ /* there is no key(from DLV) and no trust anchor */
+ if(vq->key_entry == NULL && anchor == NULL) {
+ /*response isn't under a trust anchor, so we cannot validate.*/
+ vq->chase_reply->security = sec_status_indeterminate;
+ /* go to finished state to cache this result */
+ vq->state = VAL_FINISHED_STATE;
+ return 1;
+ }
+ /* if not key, or if keyentry is *above* the trustanchor, i.e.
+ * the keyentry is based on another (higher) trustanchor */
+ else if(vq->key_entry == NULL || (anchor &&
+ dname_strict_subdomain_c(anchor->name, vq->key_entry->name))) {
+ /* trust anchor is an 'unsigned' trust anchor */
+ if(anchor && anchor->numDS == 0 && anchor->numDNSKEY == 0) {
+ vq->chase_reply->security = sec_status_insecure;
+ val_mark_insecure(vq->chase_reply, anchor->name,
+ qstate->env->rrset_cache, qstate->env);
+ lock_basic_unlock(&anchor->lock);
+ vq->dlv_checked=1; /* skip DLV check */
+ /* go to finished state to cache this result */
+ vq->state = VAL_FINISHED_STATE;
+ return 1;
+ }
+ /* fire off a trust anchor priming query. */
+ verbose(VERB_DETAIL, "prime trust anchor");
+ if(!prime_trust_anchor(qstate, vq, id, anchor)) {
+ lock_basic_unlock(&anchor->lock);
+ return val_error(qstate, id);
+ }
+ lock_basic_unlock(&anchor->lock);
+ /* and otherwise, don't continue processing this event.
+ * (it will be reactivated when the priming query returns). */
+ vq->state = VAL_FINDKEY_STATE;
+ return 0;
+ }
+ if(anchor) {
+ lock_basic_unlock(&anchor->lock);
+ }
+
+ if(key_entry_isnull(vq->key_entry)) {
+ /* response is under a null key, so we cannot validate
+ * However, we do set the status to INSECURE, since it is
+ * essentially proven insecure. */
+ vq->chase_reply->security = sec_status_insecure;
+ val_mark_insecure(vq->chase_reply, vq->key_entry->name,
+ qstate->env->rrset_cache, qstate->env);
+ /* go to finished state to cache this result */
+ vq->state = VAL_FINISHED_STATE;
+ return 1;
+ } else if(key_entry_isbad(vq->key_entry)) {
+ /* key is bad, chain is bad, reply is bogus */
+ errinf_dname(qstate, "key for validation", vq->key_entry->name);
+ errinf(qstate, "is marked as invalid");
+ if(key_entry_get_reason(vq->key_entry)) {
+ errinf(qstate, "because of a previous");
+ errinf(qstate, key_entry_get_reason(vq->key_entry));
+ }
+ /* no retries, stop bothering the authority until timeout */
+ vq->restart_count = VAL_MAX_RESTART_COUNT;
+ vq->chase_reply->security = sec_status_bogus;
+ vq->state = VAL_FINISHED_STATE;
+ return 1;
+ }
+
+ /* otherwise, we have our "closest" cached key -- continue
+ * processing in the next state. */
+ vq->state = VAL_FINDKEY_STATE;
+ return 1;
+}
+
+/**
+ * Process the FINDKEY state. Generally this just calculates the next name
+ * to query and either issues a DS or a DNSKEY query. It will check to see
+ * if the correct key has already been reached, in which case it will
+ * advance the event to the next state.
+ *
+ * @param qstate: query state.
+ * @param vq: validator query state.
+ * @param id: module id.
+ * @return true if the event should be processed further on return, false if
+ * not.
+ */
+static int
+processFindKey(struct module_qstate* qstate, struct val_qstate* vq, int id)
+{
+ uint8_t* target_key_name, *current_key_name;
+ size_t target_key_len;
+ int strip_lab;
+
+ log_query_info(VERB_ALGO, "validator: FindKey", &vq->qchase);
+ /* We know that state.key_entry is not 0 or bad key -- if it were,
+ * then previous processing should have directed this event to
+ * a different state.
+ * It could be an isnull key, which signals that a DLV was just
+ * done and the DNSKEY after the DLV failed with dnssec-retry state
+ * and the DNSKEY has to be performed again. */
+ log_assert(vq->key_entry && !key_entry_isbad(vq->key_entry));
+ if(key_entry_isnull(vq->key_entry)) {
+ if(!generate_request(qstate, id, vq->ds_rrset->rk.dname,
+ vq->ds_rrset->rk.dname_len, LDNS_RR_TYPE_DNSKEY,
+ vq->qchase.qclass, BIT_CD)) {
+ log_err("mem error generating DNSKEY request");
+ return val_error(qstate, id);
+ }
+ return 0;
+ }
+
+ target_key_name = vq->signer_name;
+ target_key_len = vq->signer_len;
+ if(!target_key_name) {
+ target_key_name = vq->qchase.qname;
+ target_key_len = vq->qchase.qname_len;
+ }
+
+ current_key_name = vq->key_entry->name;
+
+ /* If our current key entry matches our target, then we are done. */
+ if(query_dname_compare(target_key_name, current_key_name) == 0) {
+ vq->state = VAL_VALIDATE_STATE;
+ return 1;
+ }
+
+ if(vq->empty_DS_name) {
+ /* if the last empty nonterminal/emptyDS name we detected is
+ * below the current key, use that name to make progress
+ * along the chain of trust */
+ if(query_dname_compare(target_key_name,
+ vq->empty_DS_name) == 0) {
+ /* do not query for empty_DS_name again */
+ verbose(VERB_ALGO, "Cannot retrieve DS for signature");
+ errinf(qstate, "no signatures");
+ errinf_origin(qstate, qstate->reply_origin);
+ vq->chase_reply->security = sec_status_bogus;
+ vq->state = VAL_FINISHED_STATE;
+ return 1;
+ }
+ current_key_name = vq->empty_DS_name;
+ }
+
+ log_nametypeclass(VERB_ALGO, "current keyname", current_key_name,
+ LDNS_RR_TYPE_DNSKEY, LDNS_RR_CLASS_IN);
+ log_nametypeclass(VERB_ALGO, "target keyname", target_key_name,
+ LDNS_RR_TYPE_DNSKEY, LDNS_RR_CLASS_IN);
+ /* assert we are walking down the DNS tree */
+ if(!dname_subdomain_c(target_key_name, current_key_name)) {
+ verbose(VERB_ALGO, "bad signer name");
+ vq->chase_reply->security = sec_status_bogus;
+ vq->state = VAL_FINISHED_STATE;
+ return 1;
+ }
+ /* so this value is >= -1 */
+ strip_lab = dname_count_labels(target_key_name) -
+ dname_count_labels(current_key_name) - 1;
+ log_assert(strip_lab >= -1);
+ verbose(VERB_ALGO, "striplab %d", strip_lab);
+ if(strip_lab > 0) {
+ dname_remove_labels(&target_key_name, &target_key_len,
+ strip_lab);
+ }
+ log_nametypeclass(VERB_ALGO, "next keyname", target_key_name,
+ LDNS_RR_TYPE_DNSKEY, LDNS_RR_CLASS_IN);
+
+ /* The next step is either to query for the next DS, or to query
+ * for the next DNSKEY. */
+ if(vq->ds_rrset)
+ log_nametypeclass(VERB_ALGO, "DS RRset", vq->ds_rrset->rk.dname, LDNS_RR_TYPE_DS, LDNS_RR_CLASS_IN);
+ else verbose(VERB_ALGO, "No DS RRset");
+
+ if(vq->ds_rrset && query_dname_compare(vq->ds_rrset->rk.dname,
+ vq->key_entry->name) != 0) {
+ if(!generate_request(qstate, id, vq->ds_rrset->rk.dname,
+ vq->ds_rrset->rk.dname_len, LDNS_RR_TYPE_DNSKEY,
+ vq->qchase.qclass, BIT_CD)) {
+ log_err("mem error generating DNSKEY request");
+ return val_error(qstate, id);
+ }
+ return 0;
+ }
+
+ if(!vq->ds_rrset || query_dname_compare(vq->ds_rrset->rk.dname,
+ target_key_name) != 0) {
+ /* check if there is a cache entry : pick up an NSEC if
+ * there is no DS, check if that NSEC has DS-bit unset, and
+ * thus can disprove the secure delagation we seek.
+ * We can then use that NSEC even in the absence of a SOA
+ * record that would be required by the iterator to supply
+ * a completely protocol-correct response.
+ * Uses negative cache for NSEC3 lookup of DS responses. */
+ /* only if cache not blacklisted, of course */
+ struct dns_msg* msg;
+ if(!qstate->blacklist && !vq->chain_blacklist &&
+ (msg=val_find_DS(qstate->env, target_key_name,
+ target_key_len, vq->qchase.qclass, qstate->region,
+ vq->key_entry->name)) ) {
+ verbose(VERB_ALGO, "Process cached DS response");
+ process_ds_response(qstate, vq, id, LDNS_RCODE_NOERROR,
+ msg, &msg->qinfo, NULL);
+ return 1; /* continue processing ds-response results */
+ }
+ if(!generate_request(qstate, id, target_key_name,
+ target_key_len, LDNS_RR_TYPE_DS, vq->qchase.qclass,
+ BIT_CD)) {
+ log_err("mem error generating DS request");
+ return val_error(qstate, id);
+ }
+ return 0;
+ }
+
+ /* Otherwise, it is time to query for the DNSKEY */
+ if(!generate_request(qstate, id, vq->ds_rrset->rk.dname,
+ vq->ds_rrset->rk.dname_len, LDNS_RR_TYPE_DNSKEY,
+ vq->qchase.qclass, BIT_CD)) {
+ log_err("mem error generating DNSKEY request");
+ return val_error(qstate, id);
+ }
+
+ return 0;
+}
+
+/**
+ * Process the VALIDATE stage, the init and findkey stages are finished,
+ * and the right keys are available to validate the response.
+ * Or, there are no keys available, in order to invalidate the response.
+ *
+ * After validation, the status is recorded in the message and rrsets,
+ * and finished state is started.
+ *
+ * @param qstate: query state.
+ * @param vq: validator query state.
+ * @param ve: validator shared global environment.
+ * @param id: module id.
+ * @return true if the event should be processed further on return, false if
+ * not.
+ */
+static int
+processValidate(struct module_qstate* qstate, struct val_qstate* vq,
+ struct val_env* ve, int id)
+{
+ enum val_classification subtype;
+ int rcode;
+
+ if(!vq->key_entry) {
+ verbose(VERB_ALGO, "validate: no key entry, failed");
+ return val_error(qstate, id);
+ }
+
+ /* This is the default next state. */
+ vq->state = VAL_FINISHED_STATE;
+
+ /* Unsigned responses must be underneath a "null" key entry.*/
+ if(key_entry_isnull(vq->key_entry)) {
+ verbose(VERB_DETAIL, "Verified that %sresponse is INSECURE",
+ vq->signer_name?"":"unsigned ");
+ vq->chase_reply->security = sec_status_insecure;
+ val_mark_insecure(vq->chase_reply, vq->key_entry->name,
+ qstate->env->rrset_cache, qstate->env);
+ key_cache_insert(ve->kcache, vq->key_entry, qstate);
+ return 1;
+ }
+
+ if(key_entry_isbad(vq->key_entry)) {
+ log_nametypeclass(VERB_DETAIL, "Could not establish a chain "
+ "of trust to keys for", vq->key_entry->name,
+ LDNS_RR_TYPE_DNSKEY, vq->key_entry->key_class);
+ vq->chase_reply->security = sec_status_bogus;
+ errinf(qstate, "while building chain of trust");
+ if(vq->restart_count >= VAL_MAX_RESTART_COUNT)
+ key_cache_insert(ve->kcache, vq->key_entry, qstate);
+ return 1;
+ }
+
+ /* signerName being null is the indicator that this response was
+ * unsigned */
+ if(vq->signer_name == NULL) {
+ log_query_info(VERB_ALGO, "processValidate: state has no "
+ "signer name", &vq->qchase);
+ verbose(VERB_DETAIL, "Could not establish validation of "
+ "INSECURE status of unsigned response.");
+ errinf(qstate, "no signatures");
+ errinf_origin(qstate, qstate->reply_origin);
+ vq->chase_reply->security = sec_status_bogus;
+ return 1;
+ }
+ subtype = val_classify_response(qstate->query_flags, &qstate->qinfo,
+ &vq->qchase, vq->orig_msg->rep, vq->rrset_skip);
+
+ /* check signatures in the message;
+ * answer and authority must be valid, additional is only checked. */
+ if(!validate_msg_signatures(qstate, qstate->env, ve, &vq->qchase,
+ vq->chase_reply, vq->key_entry)) {
+ /* workaround bad recursor out there that truncates (even
+ * with EDNS4k) to 512 by removing RRSIG from auth section
+ * for positive replies*/
+ if((subtype == VAL_CLASS_POSITIVE || subtype == VAL_CLASS_ANY
+ || subtype == VAL_CLASS_CNAME) &&
+ detect_wrongly_truncated(vq->orig_msg->rep)) {
+ /* truncate the message some more */
+ vq->orig_msg->rep->ns_numrrsets = 0;
+ vq->orig_msg->rep->ar_numrrsets = 0;
+ vq->orig_msg->rep->rrset_count =
+ vq->orig_msg->rep->an_numrrsets;
+ vq->chase_reply->ns_numrrsets = 0;
+ vq->chase_reply->ar_numrrsets = 0;
+ vq->chase_reply->rrset_count =
+ vq->chase_reply->an_numrrsets;
+ qstate->errinf = NULL;
+ }
+ else {
+ verbose(VERB_DETAIL, "Validate: message contains "
+ "bad rrsets");
+ return 1;
+ }
+ }
+
+ switch(subtype) {
+ case VAL_CLASS_POSITIVE:
+ verbose(VERB_ALGO, "Validating a positive response");
+ validate_positive_response(qstate->env, ve,
+ &vq->qchase, vq->chase_reply, vq->key_entry);
+ verbose(VERB_DETAIL, "validate(positive): %s",
+ sec_status_to_string(
+ vq->chase_reply->security));
+ break;
+
+ case VAL_CLASS_NODATA:
+ verbose(VERB_ALGO, "Validating a nodata response");
+ validate_nodata_response(qstate->env, ve,
+ &vq->qchase, vq->chase_reply, vq->key_entry);
+ verbose(VERB_DETAIL, "validate(nodata): %s",
+ sec_status_to_string(
+ vq->chase_reply->security));
+ break;
+
+ case VAL_CLASS_NAMEERROR:
+ rcode = (int)FLAGS_GET_RCODE(vq->orig_msg->rep->flags);
+ verbose(VERB_ALGO, "Validating a nxdomain response");
+ validate_nameerror_response(qstate->env, ve,
+ &vq->qchase, vq->chase_reply, vq->key_entry, &rcode);
+ verbose(VERB_DETAIL, "validate(nxdomain): %s",
+ sec_status_to_string(
+ vq->chase_reply->security));
+ FLAGS_SET_RCODE(vq->orig_msg->rep->flags, rcode);
+ FLAGS_SET_RCODE(vq->chase_reply->flags, rcode);
+ break;
+
+ case VAL_CLASS_CNAME:
+ verbose(VERB_ALGO, "Validating a cname response");
+ validate_cname_response(qstate->env, ve,
+ &vq->qchase, vq->chase_reply, vq->key_entry);
+ verbose(VERB_DETAIL, "validate(cname): %s",
+ sec_status_to_string(
+ vq->chase_reply->security));
+ break;
+
+ case VAL_CLASS_CNAMENOANSWER:
+ verbose(VERB_ALGO, "Validating a cname noanswer "
+ "response");
+ validate_cname_noanswer_response(qstate->env, ve,
+ &vq->qchase, vq->chase_reply, vq->key_entry);
+ verbose(VERB_DETAIL, "validate(cname_noanswer): %s",
+ sec_status_to_string(
+ vq->chase_reply->security));
+ break;
+
+ case VAL_CLASS_REFERRAL:
+ verbose(VERB_ALGO, "Validating a referral response");
+ validate_referral_response(vq->chase_reply);
+ verbose(VERB_DETAIL, "validate(referral): %s",
+ sec_status_to_string(
+ vq->chase_reply->security));
+ break;
+
+ case VAL_CLASS_ANY:
+ verbose(VERB_ALGO, "Validating a positive ANY "
+ "response");
+ validate_any_response(qstate->env, ve, &vq->qchase,
+ vq->chase_reply, vq->key_entry);
+ verbose(VERB_DETAIL, "validate(positive_any): %s",
+ sec_status_to_string(
+ vq->chase_reply->security));
+ break;
+
+ default:
+ log_err("validate: unhandled response subtype: %d",
+ subtype);
+ }
+ if(vq->chase_reply->security == sec_status_bogus) {
+ if(subtype == VAL_CLASS_POSITIVE)
+ errinf(qstate, "wildcard");
+ else errinf(qstate, val_classification_to_string(subtype));
+ errinf(qstate, "proof failed");
+ errinf_origin(qstate, qstate->reply_origin);
+ }
+
+ return 1;
+}
+
+/**
+ * Init DLV check.
+ * Called when a query is determined by other trust anchors to be insecure
+ * (or indeterminate). Then we look if there is a key in the DLV.
+ * Performs aggressive negative cache check to see if there is no key.
+ * Otherwise, spawns a DLV query, and changes to the DLV wait state.
+ *
+ * @param qstate: query state.
+ * @param vq: validator query state.
+ * @param ve: validator shared global environment.
+ * @param id: module id.
+ * @return true if there is no DLV.
+ * false: processing is finished for the validator operate().
+ * This function may exit in three ways:
+ * o no DLV (agressive cache), so insecure. (true)
+ * o error - stop processing (false)
+ * o DLV lookup was started, stop processing (false)
+ */
+static int
+val_dlv_init(struct module_qstate* qstate, struct val_qstate* vq,
+ struct val_env* ve, int id)
+{
+ uint8_t* nm;
+ size_t nm_len;
+ /* there must be a DLV configured */
+ log_assert(qstate->env->anchors->dlv_anchor);
+ /* this bool is true to avoid looping in the DLV checks */
+ log_assert(vq->dlv_checked);
+
+ /* init the DLV lookup variables */
+ vq->dlv_lookup_name = NULL;
+ vq->dlv_lookup_name_len = 0;
+ vq->dlv_insecure_at = NULL;
+ vq->dlv_insecure_at_len = 0;
+
+ /* Determine the name for which we want to lookup DLV.
+ * This name is for the current message, or
+ * for the current RRset for CNAME, referral subtypes.
+ * If there is a signer, use that, otherwise the domain name */
+ if(vq->signer_name) {
+ nm = vq->signer_name;
+ nm_len = vq->signer_len;
+ } else {
+ /* use qchase */
+ nm = vq->qchase.qname;
+ nm_len = vq->qchase.qname_len;
+ if(vq->qchase.qtype == LDNS_RR_TYPE_DS)
+ dname_remove_label(&nm, &nm_len);
+ }
+ log_nametypeclass(VERB_ALGO, "DLV init look", nm, LDNS_RR_TYPE_DS,
+ vq->qchase.qclass);
+ log_assert(nm && nm_len);
+ /* sanity check: no DLV lookups below the DLV anchor itself.
+ * Like, an securely insecure delegation there makes no sense. */
+ if(dname_subdomain_c(nm, qstate->env->anchors->dlv_anchor->name)) {
+ verbose(VERB_ALGO, "DLV lookup within DLV repository denied");
+ return 1;
+ }
+ /* concat name (minus root label) + dlv name */
+ vq->dlv_lookup_name_len = nm_len - 1 +
+ qstate->env->anchors->dlv_anchor->namelen;
+ vq->dlv_lookup_name = regional_alloc(qstate->region,
+ vq->dlv_lookup_name_len);
+ if(!vq->dlv_lookup_name) {
+ log_err("Out of memory preparing DLV lookup");
+ return val_error(qstate, id);
+ }
+ memmove(vq->dlv_lookup_name, nm, nm_len-1);
+ memmove(vq->dlv_lookup_name+nm_len-1,
+ qstate->env->anchors->dlv_anchor->name,
+ qstate->env->anchors->dlv_anchor->namelen);
+ log_nametypeclass(VERB_ALGO, "DLV name", vq->dlv_lookup_name,
+ LDNS_RR_TYPE_DLV, vq->qchase.qclass);
+
+ /* determine where the insecure point was determined, the DLV must
+ * be equal or below that to continue building the trust chain
+ * down. May be NULL if no trust chain was built yet */
+ nm = NULL;
+ if(vq->key_entry && key_entry_isnull(vq->key_entry)) {
+ nm = vq->key_entry->name;
+ nm_len = vq->key_entry->namelen;
+ }
+ if(nm) {
+ vq->dlv_insecure_at_len = nm_len - 1 +
+ qstate->env->anchors->dlv_anchor->namelen;
+ vq->dlv_insecure_at = regional_alloc(qstate->region,
+ vq->dlv_insecure_at_len);
+ if(!vq->dlv_insecure_at) {
+ log_err("Out of memory preparing DLV lookup");
+ return val_error(qstate, id);
+ }
+ memmove(vq->dlv_insecure_at, nm, nm_len-1);
+ memmove(vq->dlv_insecure_at+nm_len-1,
+ qstate->env->anchors->dlv_anchor->name,
+ qstate->env->anchors->dlv_anchor->namelen);
+ log_nametypeclass(VERB_ALGO, "insecure_at",
+ vq->dlv_insecure_at, 0, vq->qchase.qclass);
+ }
+
+ /* If we can find the name in the aggressive negative cache,
+ * give up; insecure is the answer */
+ while(val_neg_dlvlookup(ve->neg_cache, vq->dlv_lookup_name,
+ vq->dlv_lookup_name_len, vq->qchase.qclass,
+ qstate->env->rrset_cache, *qstate->env->now)) {
+ /* go up */
+ dname_remove_label(&vq->dlv_lookup_name,
+ &vq->dlv_lookup_name_len);
+ /* too high? */
+ if(!dname_subdomain_c(vq->dlv_lookup_name,
+ qstate->env->anchors->dlv_anchor->name)) {
+ verbose(VERB_ALGO, "ask above dlv repo");
+ return 1; /* Above the repo is insecure */
+ }
+ /* above chain of trust? */
+ if(vq->dlv_insecure_at && !dname_subdomain_c(
+ vq->dlv_lookup_name, vq->dlv_insecure_at)) {
+ verbose(VERB_ALGO, "ask above insecure endpoint");
+ return 1;
+ }
+ }
+
+ /* perform a lookup for the DLV; with validation */
+ vq->state = VAL_DLVLOOKUP_STATE;
+ if(!generate_request(qstate, id, vq->dlv_lookup_name,
+ vq->dlv_lookup_name_len, LDNS_RR_TYPE_DLV,
+ vq->qchase.qclass, 0)) {
+ return val_error(qstate, id);
+ }
+
+ /* Find the closest encloser DLV from the repository.
+ * then that is used to build another chain of trust
+ * This may first require a query 'too low' that has NSECs in
+ * the answer, from which we determine the closest encloser DLV.
+ * When determine the closest encloser, skip empty nonterminals,
+ * since we want a nonempty node in the DLV repository. */
+
+ return 0;
+}
+
+/**
+ * The Finished state. The validation status (good or bad) has been determined.
+ *
+ * @param qstate: query state.
+ * @param vq: validator query state.
+ * @param ve: validator shared global environment.
+ * @param id: module id.
+ * @return true if the event should be processed further on return, false if
+ * not.
+ */
+static int
+processFinished(struct module_qstate* qstate, struct val_qstate* vq,
+ struct val_env* ve, int id)
+{
+ enum val_classification subtype = val_classify_response(
+ qstate->query_flags, &qstate->qinfo, &vq->qchase,
+ vq->orig_msg->rep, vq->rrset_skip);
+
+ /* if the result is insecure or indeterminate and we have not
+ * checked the DLV yet, check the DLV */
+ if((vq->chase_reply->security == sec_status_insecure ||
+ vq->chase_reply->security == sec_status_indeterminate) &&
+ qstate->env->anchors->dlv_anchor && !vq->dlv_checked) {
+ vq->dlv_checked = 1;
+ if(!val_dlv_init(qstate, vq, ve, id))
+ return 0;
+ }
+
+ /* store overall validation result in orig_msg */
+ if(vq->rrset_skip == 0)
+ vq->orig_msg->rep->security = vq->chase_reply->security;
+ else if(subtype != VAL_CLASS_REFERRAL ||
+ vq->rrset_skip < vq->orig_msg->rep->an_numrrsets +
+ vq->orig_msg->rep->ns_numrrsets) {
+ /* ignore sec status of additional section if a referral
+ * type message skips there and
+ * use the lowest security status as end result. */
+ if(vq->chase_reply->security < vq->orig_msg->rep->security)
+ vq->orig_msg->rep->security =
+ vq->chase_reply->security;
+ }
+
+ if(subtype == VAL_CLASS_REFERRAL) {
+ /* for a referral, move to next unchecked rrset and check it*/
+ vq->rrset_skip = val_next_unchecked(vq->orig_msg->rep,
+ vq->rrset_skip);
+ if(vq->rrset_skip < vq->orig_msg->rep->rrset_count) {
+ /* and restart for this rrset */
+ verbose(VERB_ALGO, "validator: go to next rrset");
+ vq->chase_reply->security = sec_status_unchecked;
+ vq->dlv_checked = 0; /* can do DLV for this RR */
+ vq->state = VAL_INIT_STATE;
+ return 1;
+ }
+ /* referral chase is done */
+ }
+ if(vq->chase_reply->security != sec_status_bogus &&
+ subtype == VAL_CLASS_CNAME) {
+ /* chase the CNAME; process next part of the message */
+ if(!val_chase_cname(&vq->qchase, vq->orig_msg->rep,
+ &vq->rrset_skip)) {
+ verbose(VERB_ALGO, "validator: failed to chase CNAME");
+ vq->orig_msg->rep->security = sec_status_bogus;
+ } else {
+ /* restart process for new qchase at rrset_skip */
+ log_query_info(VERB_ALGO, "validator: chased to",
+ &vq->qchase);
+ vq->chase_reply->security = sec_status_unchecked;
+ vq->dlv_checked = 0; /* can do DLV for this RR */
+ vq->state = VAL_INIT_STATE;
+ return 1;
+ }
+ }
+
+ if(vq->orig_msg->rep->security == sec_status_secure) {
+ /* If the message is secure, check that all rrsets are
+ * secure (i.e. some inserted RRset for CNAME chain with
+ * a different signer name). And drop additional rrsets
+ * that are not secure (if clean-additional option is set) */
+ /* this may cause the msg to be marked bogus */
+ val_check_nonsecure(ve, vq->orig_msg->rep);
+ if(vq->orig_msg->rep->security == sec_status_secure) {
+ log_query_info(VERB_DETAIL, "validation success",
+ &qstate->qinfo);
+ }
+ }
+
+ /* if the result is bogus - set message ttl to bogus ttl to avoid
+ * endless bogus revalidation */
+ if(vq->orig_msg->rep->security == sec_status_bogus) {
+ /* see if we can try again to fetch data */
+ if(vq->restart_count < VAL_MAX_RESTART_COUNT) {
+ int restart_count = vq->restart_count+1;
+ verbose(VERB_ALGO, "validation failed, "
+ "blacklist and retry to fetch data");
+ val_blacklist(&qstate->blacklist, qstate->region,
+ qstate->reply_origin, 0);
+ qstate->reply_origin = NULL;
+ qstate->errinf = NULL;
+ memset(vq, 0, sizeof(*vq));
+ vq->restart_count = restart_count;
+ vq->state = VAL_INIT_STATE;
+ verbose(VERB_ALGO, "pass back to next module");
+ qstate->ext_state[id] = module_restart_next;
+ return 0;
+ }
+
+ vq->orig_msg->rep->ttl = ve->bogus_ttl;
+ vq->orig_msg->rep->prefetch_ttl =
+ PREFETCH_TTL_CALC(vq->orig_msg->rep->ttl);
+ if(qstate->env->cfg->val_log_level >= 1 &&
+ !qstate->env->cfg->val_log_squelch) {
+ if(qstate->env->cfg->val_log_level < 2)
+ log_query_info(0, "validation failure",
+ &qstate->qinfo);
+ else {
+ char* err = errinf_to_str(qstate);
+ if(err) log_info("%s", err);
+ free(err);
+ }
+ }
+ /* If we are in permissive mode, bogus gets indeterminate */
+ if(ve->permissive_mode)
+ vq->orig_msg->rep->security = sec_status_indeterminate;
+ }
+
+ /* store results in cache */
+ if(qstate->query_flags&BIT_RD) {
+ /* if secure, this will override cache anyway, no need
+ * to check if from parentNS */
+ if(!dns_cache_store(qstate->env, &vq->orig_msg->qinfo,
+ vq->orig_msg->rep, 0, qstate->prefetch_leeway, 0, NULL)) {
+ log_err("out of memory caching validator results");
+ }
+ } else {
+ /* for a referral, store the verified RRsets */
+ /* and this does not get prefetched, so no leeway */
+ if(!dns_cache_store(qstate->env, &vq->orig_msg->qinfo,
+ vq->orig_msg->rep, 1, 0, 0, NULL)) {
+ log_err("out of memory caching validator results");
+ }
+ }
+ qstate->return_rcode = LDNS_RCODE_NOERROR;
+ qstate->return_msg = vq->orig_msg;
+ qstate->ext_state[id] = module_finished;
+ return 0;
+}
+
+/**
+ * The DLVLookup state. Process DLV lookups.
+ *
+ * @param qstate: query state.
+ * @param vq: validator query state.
+ * @param ve: validator shared global environment.
+ * @param id: module id.
+ * @return true if the event should be processed further on return, false if
+ * not.
+ */
+static int
+processDLVLookup(struct module_qstate* qstate, struct val_qstate* vq,
+ struct val_env* ve, int id)
+{
+ /* see if this we are ready to continue normal resolution */
+ /* we may need more DLV lookups */
+ if(vq->dlv_status==dlv_error)
+ verbose(VERB_ALGO, "DLV woke up with status dlv_error");
+ else if(vq->dlv_status==dlv_success)
+ verbose(VERB_ALGO, "DLV woke up with status dlv_success");
+ else if(vq->dlv_status==dlv_ask_higher)
+ verbose(VERB_ALGO, "DLV woke up with status dlv_ask_higher");
+ else if(vq->dlv_status==dlv_there_is_no_dlv)
+ verbose(VERB_ALGO, "DLV woke up with status dlv_there_is_no_dlv");
+ else verbose(VERB_ALGO, "DLV woke up with status unknown");
+
+ if(vq->dlv_status == dlv_error) {
+ verbose(VERB_QUERY, "failed DLV lookup");
+ return val_error(qstate, id);
+ } else if(vq->dlv_status == dlv_success) {
+ uint8_t* nm;
+ size_t nmlen;
+ /* chain continues with DNSKEY, continue in FINDKEY */
+ vq->state = VAL_FINDKEY_STATE;
+
+ /* strip off the DLV suffix from the name; could result in . */
+ log_assert(dname_subdomain_c(vq->ds_rrset->rk.dname,
+ qstate->env->anchors->dlv_anchor->name));
+ nmlen = vq->ds_rrset->rk.dname_len -
+ qstate->env->anchors->dlv_anchor->namelen + 1;
+ nm = regional_alloc_init(qstate->region,
+ vq->ds_rrset->rk.dname, nmlen);
+ if(!nm) {
+ log_err("Out of memory in DLVLook");
+ return val_error(qstate, id);
+ }
+ nm[nmlen-1] = 0;
+
+ vq->ds_rrset->rk.dname = nm;
+ vq->ds_rrset->rk.dname_len = nmlen;
+
+ /* create a nullentry for the key so the dnskey lookup
+ * can be retried after a validation failure for it */
+ vq->key_entry = key_entry_create_null(qstate->region,
+ nm, nmlen, vq->qchase.qclass, 0, 0);
+ if(!vq->key_entry) {
+ log_err("Out of memory in DLVLook");
+ return val_error(qstate, id);
+ }
+
+ if(!generate_request(qstate, id, vq->ds_rrset->rk.dname,
+ vq->ds_rrset->rk.dname_len, LDNS_RR_TYPE_DNSKEY,
+ vq->qchase.qclass, BIT_CD)) {
+ log_err("mem error generating DNSKEY request");
+ return val_error(qstate, id);
+ }
+ return 0;
+ } else if(vq->dlv_status == dlv_there_is_no_dlv) {
+ /* continue with the insecure result we got */
+ vq->state = VAL_FINISHED_STATE;
+ return 1;
+ }
+ log_assert(vq->dlv_status == dlv_ask_higher);
+
+ /* ask higher, make sure we stay in DLV repo, below dlv_at */
+ if(!dname_subdomain_c(vq->dlv_lookup_name,
+ qstate->env->anchors->dlv_anchor->name)) {
+ /* just like, there is no DLV */
+ verbose(VERB_ALGO, "ask above dlv repo");
+ vq->state = VAL_FINISHED_STATE;
+ return 1;
+ }
+ if(vq->dlv_insecure_at && !dname_subdomain_c(vq->dlv_lookup_name,
+ vq->dlv_insecure_at)) {
+ /* already checked a chain lower than dlv_lookup_name */
+ verbose(VERB_ALGO, "ask above insecure endpoint");
+ log_nametypeclass(VERB_ALGO, "enpt", vq->dlv_insecure_at, 0, 0);
+ vq->state = VAL_FINISHED_STATE;
+ return 1;
+ }
+
+ /* check negative cache before making new request */
+ if(val_neg_dlvlookup(ve->neg_cache, vq->dlv_lookup_name,
+ vq->dlv_lookup_name_len, vq->qchase.qclass,
+ qstate->env->rrset_cache, *qstate->env->now)) {
+ /* does not exist, go up one (go higher). */
+ dname_remove_label(&vq->dlv_lookup_name,
+ &vq->dlv_lookup_name_len);
+ /* limit number of labels, limited number of recursion */
+ return processDLVLookup(qstate, vq, ve, id);
+ }
+
+ if(!generate_request(qstate, id, vq->dlv_lookup_name,
+ vq->dlv_lookup_name_len, LDNS_RR_TYPE_DLV,
+ vq->qchase.qclass, 0)) {
+ return val_error(qstate, id);
+ }
+
+ return 0;
+}
+
+/**
+ * Handle validator state.
+ * If a method returns true, the next state is started. If false, then
+ * processing will stop.
+ * @param qstate: query state.
+ * @param vq: validator query state.
+ * @param ve: validator shared global environment.
+ * @param id: module id.
+ */
+static void
+val_handle(struct module_qstate* qstate, struct val_qstate* vq,
+ struct val_env* ve, int id)
+{
+ int cont = 1;
+ while(cont) {
+ verbose(VERB_ALGO, "val handle processing q with state %s",
+ val_state_to_string(vq->state));
+ switch(vq->state) {
+ case VAL_INIT_STATE:
+ cont = processInit(qstate, vq, ve, id);
+ break;
+ case VAL_FINDKEY_STATE:
+ cont = processFindKey(qstate, vq, id);
+ break;
+ case VAL_VALIDATE_STATE:
+ cont = processValidate(qstate, vq, ve, id);
+ break;
+ case VAL_FINISHED_STATE:
+ cont = processFinished(qstate, vq, ve, id);
+ break;
+ case VAL_DLVLOOKUP_STATE:
+ cont = processDLVLookup(qstate, vq, ve, id);
+ break;
+ default:
+ log_warn("validator: invalid state %d",
+ vq->state);
+ cont = 0;
+ break;
+ }
+ }
+}
+
+void
+val_operate(struct module_qstate* qstate, enum module_ev event, int id,
+ struct outbound_entry* outbound)
+{
+ struct val_env* ve = (struct val_env*)qstate->env->modinfo[id];
+ struct val_qstate* vq = (struct val_qstate*)qstate->minfo[id];
+ verbose(VERB_QUERY, "validator[module %d] operate: extstate:%s "
+ "event:%s", id, strextstate(qstate->ext_state[id]),
+ strmodulevent(event));
+ log_query_info(VERB_QUERY, "validator operate: query",
+ &qstate->qinfo);
+ if(vq && qstate->qinfo.qname != vq->qchase.qname)
+ log_query_info(VERB_QUERY, "validator operate: chased to",
+ &vq->qchase);
+ (void)outbound;
+ if(event == module_event_new ||
+ (event == module_event_pass && vq == NULL)) {
+ /* pass request to next module, to get it */
+ verbose(VERB_ALGO, "validator: pass to next module");
+ qstate->ext_state[id] = module_wait_module;
+ return;
+ }
+ if(event == module_event_moddone) {
+ /* check if validation is needed */
+ verbose(VERB_ALGO, "validator: nextmodule returned");
+ if(!needs_validation(qstate, qstate->return_rcode,
+ qstate->return_msg)) {
+ /* no need to validate this */
+ if(qstate->return_msg)
+ qstate->return_msg->rep->security =
+ sec_status_indeterminate;
+ qstate->ext_state[id] = module_finished;
+ return;
+ }
+ if(already_validated(qstate->return_msg)) {
+ qstate->ext_state[id] = module_finished;
+ return;
+ }
+ /* qclass ANY should have validation result from spawned
+ * queries. If we get here, it is bogus or an internal error */
+ if(qstate->qinfo.qclass == LDNS_RR_CLASS_ANY) {
+ verbose(VERB_ALGO, "cannot validate classANY: bogus");
+ if(qstate->return_msg)
+ qstate->return_msg->rep->security =
+ sec_status_bogus;
+ qstate->ext_state[id] = module_finished;
+ return;
+ }
+ /* create state to start validation */
+ qstate->ext_state[id] = module_error; /* override this */
+ if(!vq) {
+ vq = val_new(qstate, id);
+ if(!vq) {
+ log_err("validator: malloc failure");
+ qstate->ext_state[id] = module_error;
+ return;
+ }
+ } else if(!vq->orig_msg) {
+ if(!val_new_getmsg(qstate, vq)) {
+ log_err("validator: malloc failure");
+ qstate->ext_state[id] = module_error;
+ return;
+ }
+ }
+ val_handle(qstate, vq, ve, id);
+ return;
+ }
+ if(event == module_event_pass) {
+ qstate->ext_state[id] = module_error; /* override this */
+ /* continue processing, since val_env exists */
+ val_handle(qstate, vq, ve, id);
+ return;
+ }
+ log_err("validator: bad event %s", strmodulevent(event));
+ qstate->ext_state[id] = module_error;
+ return;
+}
+
+/**
+ * Evaluate the response to a priming request.
+ *
+ * @param dnskey_rrset: DNSKEY rrset (can be NULL if none) in prime reply.
+ * (this rrset is allocated in the wrong region, not the qstate).
+ * @param ta: trust anchor.
+ * @param qstate: qstate that needs key.
+ * @param id: module id.
+ * @return new key entry or NULL on allocation failure.
+ * The key entry will either contain a validated DNSKEY rrset, or
+ * represent a Null key (query failed, but validation did not), or a
+ * Bad key (validation failed).
+ */
+static struct key_entry_key*
+primeResponseToKE(struct ub_packed_rrset_key* dnskey_rrset,
+ struct trust_anchor* ta, struct module_qstate* qstate, int id)
+{
+ struct val_env* ve = (struct val_env*)qstate->env->modinfo[id];
+ struct key_entry_key* kkey = NULL;
+ enum sec_status sec = sec_status_unchecked;
+ char* reason = NULL;
+ int downprot = 1;
+
+ if(!dnskey_rrset) {
+ log_nametypeclass(VERB_OPS, "failed to prime trust anchor -- "
+ "could not fetch DNSKEY rrset",
+ ta->name, LDNS_RR_TYPE_DNSKEY, ta->dclass);
+ if(qstate->env->cfg->harden_dnssec_stripped) {
+ errinf(qstate, "no DNSKEY rrset");
+ kkey = key_entry_create_bad(qstate->region, ta->name,
+ ta->namelen, ta->dclass, BOGUS_KEY_TTL,
+ *qstate->env->now);
+ } else kkey = key_entry_create_null(qstate->region, ta->name,
+ ta->namelen, ta->dclass, NULL_KEY_TTL,
+ *qstate->env->now);
+ if(!kkey) {
+ log_err("out of memory: allocate fail prime key");
+ return NULL;
+ }
+ return kkey;
+ }
+ /* attempt to verify with trust anchor DS and DNSKEY */
+ kkey = val_verify_new_DNSKEYs_with_ta(qstate->region, qstate->env, ve,
+ dnskey_rrset, ta->ds_rrset, ta->dnskey_rrset, downprot,
+ &reason);
+ if(!kkey) {
+ log_err("out of memory: verifying prime TA");
+ return NULL;
+ }
+ if(key_entry_isgood(kkey))
+ sec = sec_status_secure;
+ else
+ sec = sec_status_bogus;
+ verbose(VERB_DETAIL, "validate keys with anchor(DS): %s",
+ sec_status_to_string(sec));
+
+ if(sec != sec_status_secure) {
+ log_nametypeclass(VERB_OPS, "failed to prime trust anchor -- "
+ "DNSKEY rrset is not secure",
+ ta->name, LDNS_RR_TYPE_DNSKEY, ta->dclass);
+ /* NOTE: in this case, we should probably reject the trust
+ * anchor for longer, perhaps forever. */
+ if(qstate->env->cfg->harden_dnssec_stripped) {
+ errinf(qstate, reason);
+ kkey = key_entry_create_bad(qstate->region, ta->name,
+ ta->namelen, ta->dclass, BOGUS_KEY_TTL,
+ *qstate->env->now);
+ } else kkey = key_entry_create_null(qstate->region, ta->name,
+ ta->namelen, ta->dclass, NULL_KEY_TTL,
+ *qstate->env->now);
+ if(!kkey) {
+ log_err("out of memory: allocate null prime key");
+ return NULL;
+ }
+ return kkey;
+ }
+
+ log_nametypeclass(VERB_DETAIL, "Successfully primed trust anchor",
+ ta->name, LDNS_RR_TYPE_DNSKEY, ta->dclass);
+ return kkey;
+}
+
+/**
+ * In inform supers, with the resulting message and rcode and the current
+ * keyset in the super state, validate the DS response, returning a KeyEntry.
+ *
+ * @param qstate: query state that is validating and asked for a DS.
+ * @param vq: validator query state
+ * @param id: module id.
+ * @param rcode: rcode result value.
+ * @param msg: result message (if rcode is OK).
+ * @param qinfo: from the sub query state, query info.
+ * @param ke: the key entry to return. It returns
+ * is_bad if the DS response fails to validate, is_null if the
+ * DS response indicated an end to secure space, is_good if the DS
+ * validated. It returns ke=NULL if the DS response indicated that the
+ * request wasn't a delegation point.
+ * @return 0 on servfail error (malloc failure).
+ */
+static int
+ds_response_to_ke(struct module_qstate* qstate, struct val_qstate* vq,
+ int id, int rcode, struct dns_msg* msg, struct query_info* qinfo,
+ struct key_entry_key** ke)
+{
+ struct val_env* ve = (struct val_env*)qstate->env->modinfo[id];
+ char* reason = NULL;
+ enum val_classification subtype;
+ if(rcode != LDNS_RCODE_NOERROR) {
+ char rc[16];
+ rc[0]=0;
+ (void)sldns_wire2str_rcode_buf(rcode, rc, sizeof(rc));
+ /* errors here pretty much break validation */
+ verbose(VERB_DETAIL, "DS response was error, thus bogus");
+ errinf(qstate, rc);
+ errinf(qstate, "no DS");
+ goto return_bogus;
+ }
+
+ subtype = val_classify_response(BIT_RD, qinfo, qinfo, msg->rep, 0);
+ if(subtype == VAL_CLASS_POSITIVE) {
+ struct ub_packed_rrset_key* ds;
+ enum sec_status sec;
+ ds = reply_find_answer_rrset(qinfo, msg->rep);
+ /* If there was no DS rrset, then we have mis-classified
+ * this message. */
+ if(!ds) {
+ log_warn("internal error: POSITIVE DS response was "
+ "missing DS.");
+ errinf(qstate, "no DS record");
+ goto return_bogus;
+ }
+ /* Verify only returns BOGUS or SECURE. If the rrset is
+ * bogus, then we are done. */
+ sec = val_verify_rrset_entry(qstate->env, ve, ds,
+ vq->key_entry, &reason);
+ if(sec != sec_status_secure) {
+ verbose(VERB_DETAIL, "DS rrset in DS response did "
+ "not verify");
+ errinf(qstate, reason);
+ goto return_bogus;
+ }
+
+ /* If the DS rrset validates, we still have to make sure
+ * that they are usable. */
+ if(!val_dsset_isusable(ds)) {
+ /* If they aren't usable, then we treat it like
+ * there was no DS. */
+ *ke = key_entry_create_null(qstate->region,
+ qinfo->qname, qinfo->qname_len, qinfo->qclass,
+ ub_packed_rrset_ttl(ds), *qstate->env->now);
+ return (*ke) != NULL;
+ }
+
+ /* Otherwise, we return the positive response. */
+ log_query_info(VERB_DETAIL, "validated DS", qinfo);
+ *ke = key_entry_create_rrset(qstate->region,
+ qinfo->qname, qinfo->qname_len, qinfo->qclass, ds,
+ NULL, *qstate->env->now);
+ return (*ke) != NULL;
+ } else if(subtype == VAL_CLASS_NODATA ||
+ subtype == VAL_CLASS_NAMEERROR) {
+ /* NODATA means that the qname exists, but that there was
+ * no DS. This is a pretty normal case. */
+ time_t proof_ttl = 0;
+ enum sec_status sec;
+
+ /* make sure there are NSECs or NSEC3s with signatures */
+ if(!val_has_signed_nsecs(msg->rep, &reason)) {
+ verbose(VERB_ALGO, "no NSECs: %s", reason);
+ errinf(qstate, reason);
+ goto return_bogus;
+ }
+
+ /* For subtype Name Error.
+ * attempt ANS 2.8.1.0 compatibility where it sets rcode
+ * to nxdomain, but really this is an Nodata/Noerror response.
+ * Find and prove the empty nonterminal in that case */
+
+ /* Try to prove absence of the DS with NSEC */
+ sec = val_nsec_prove_nodata_dsreply(
+ qstate->env, ve, qinfo, msg->rep, vq->key_entry,
+ &proof_ttl, &reason);
+ switch(sec) {
+ case sec_status_secure:
+ verbose(VERB_DETAIL, "NSEC RRset for the "
+ "referral proved no DS.");
+ *ke = key_entry_create_null(qstate->region,
+ qinfo->qname, qinfo->qname_len,
+ qinfo->qclass, proof_ttl,
+ *qstate->env->now);
+ return (*ke) != NULL;
+ case sec_status_insecure:
+ verbose(VERB_DETAIL, "NSEC RRset for the "
+ "referral proved not a delegation point");
+ *ke = NULL;
+ return 1;
+ case sec_status_bogus:
+ verbose(VERB_DETAIL, "NSEC RRset for the "
+ "referral did not prove no DS.");
+ errinf(qstate, reason);
+ goto return_bogus;
+ case sec_status_unchecked:
+ default:
+ /* NSEC proof did not work, try next */
+ break;
+ }
+
+ sec = nsec3_prove_nods(qstate->env, ve,
+ msg->rep->rrsets + msg->rep->an_numrrsets,
+ msg->rep->ns_numrrsets, qinfo, vq->key_entry, &reason);
+ switch(sec) {
+ case sec_status_insecure:
+ /* case insecure also continues to unsigned
+ * space. If nsec3-iter-count too high or
+ * optout, then treat below as unsigned */
+ case sec_status_secure:
+ verbose(VERB_DETAIL, "NSEC3s for the "
+ "referral proved no DS.");
+ *ke = key_entry_create_null(qstate->region,
+ qinfo->qname, qinfo->qname_len,
+ qinfo->qclass, proof_ttl,
+ *qstate->env->now);
+ return (*ke) != NULL;
+ case sec_status_indeterminate:
+ verbose(VERB_DETAIL, "NSEC3s for the "
+ "referral proved no delegation");
+ *ke = NULL;
+ return 1;
+ case sec_status_bogus:
+ verbose(VERB_DETAIL, "NSEC3s for the "
+ "referral did not prove no DS.");
+ errinf(qstate, reason);
+ goto return_bogus;
+ case sec_status_unchecked:
+ default:
+ /* NSEC3 proof did not work */
+ break;
+ }
+
+ /* Apparently, no available NSEC/NSEC3 proved NODATA, so
+ * this is BOGUS. */
+ verbose(VERB_DETAIL, "DS %s ran out of options, so return "
+ "bogus", val_classification_to_string(subtype));
+ errinf(qstate, "no DS but also no proof of that");
+ goto return_bogus;
+ } else if(subtype == VAL_CLASS_CNAME ||
+ subtype == VAL_CLASS_CNAMENOANSWER) {
+ /* if the CNAME matches the exact name we want and is signed
+ * properly, then also, we are sure that no DS exists there,
+ * much like a NODATA proof */
+ enum sec_status sec;
+ struct ub_packed_rrset_key* cname;
+ cname = reply_find_rrset_section_an(msg->rep, qinfo->qname,
+ qinfo->qname_len, LDNS_RR_TYPE_CNAME, qinfo->qclass);
+ if(!cname) {
+ errinf(qstate, "validator classified CNAME but no "
+ "CNAME of the queried name for DS");
+ goto return_bogus;
+ }
+ if(((struct packed_rrset_data*)cname->entry.data)->rrsig_count
+ == 0) {
+ if(msg->rep->an_numrrsets != 0 && ntohs(msg->rep->
+ rrsets[0]->rk.type)==LDNS_RR_TYPE_DNAME) {
+ errinf(qstate, "DS got DNAME answer");
+ } else {
+ errinf(qstate, "DS got unsigned CNAME answer");
+ }
+ goto return_bogus;
+ }
+ sec = val_verify_rrset_entry(qstate->env, ve, cname,
+ vq->key_entry, &reason);
+ if(sec == sec_status_secure) {
+ verbose(VERB_ALGO, "CNAME validated, "
+ "proof that DS does not exist");
+ /* and that it is not a referral point */
+ *ke = NULL;
+ return 1;
+ }
+ errinf(qstate, "CNAME in DS response was not secure.");
+ errinf(qstate, reason);
+ goto return_bogus;
+ } else {
+ verbose(VERB_QUERY, "Encountered an unhandled type of "
+ "DS response, thus bogus.");
+ errinf(qstate, "no DS and");
+ if(FLAGS_GET_RCODE(msg->rep->flags) != LDNS_RCODE_NOERROR) {
+ char rc[16];
+ rc[0]=0;
+ (void)sldns_wire2str_rcode_buf((int)FLAGS_GET_RCODE(
+ msg->rep->flags), rc, sizeof(rc));
+ errinf(qstate, rc);
+ } else errinf(qstate, val_classification_to_string(subtype));
+ errinf(qstate, "message fails to prove that");
+ goto return_bogus;
+ }
+return_bogus:
+ *ke = key_entry_create_bad(qstate->region, qinfo->qname,
+ qinfo->qname_len, qinfo->qclass,
+ BOGUS_KEY_TTL, *qstate->env->now);
+ return (*ke) != NULL;
+}
+
+/**
+ * Process DS response. Called from inform_supers.
+ * Because it is in inform_supers, the mesh itself is busy doing callbacks
+ * for a state that is to be deleted soon; don't touch the mesh; instead
+ * set a state in the super, as the super will be reactivated soon.
+ * Perform processing to determine what state to set in the super.
+ *
+ * @param qstate: query state that is validating and asked for a DS.
+ * @param vq: validator query state
+ * @param id: module id.
+ * @param rcode: rcode result value.
+ * @param msg: result message (if rcode is OK).
+ * @param qinfo: from the sub query state, query info.
+ * @param origin: the origin of msg.
+ */
+static void
+process_ds_response(struct module_qstate* qstate, struct val_qstate* vq,
+ int id, int rcode, struct dns_msg* msg, struct query_info* qinfo,
+ struct sock_list* origin)
+{
+ struct key_entry_key* dske = NULL;
+ uint8_t* olds = vq->empty_DS_name;
+ vq->empty_DS_name = NULL;
+ if(!ds_response_to_ke(qstate, vq, id, rcode, msg, qinfo, &dske)) {
+ log_err("malloc failure in process_ds_response");
+ vq->key_entry = NULL; /* make it error */
+ vq->state = VAL_VALIDATE_STATE;
+ return;
+ }
+ if(dske == NULL) {
+ vq->empty_DS_name = regional_alloc_init(qstate->region,
+ qinfo->qname, qinfo->qname_len);
+ if(!vq->empty_DS_name) {
+ log_err("malloc failure in empty_DS_name");
+ vq->key_entry = NULL; /* make it error */
+ vq->state = VAL_VALIDATE_STATE;
+ return;
+ }
+ vq->empty_DS_len = qinfo->qname_len;
+ vq->chain_blacklist = NULL;
+ /* ds response indicated that we aren't on a delegation point.
+ * Keep the forState.state on FINDKEY. */
+ } else if(key_entry_isgood(dske)) {
+ vq->ds_rrset = key_entry_get_rrset(dske, qstate->region);
+ if(!vq->ds_rrset) {
+ log_err("malloc failure in process DS");
+ vq->key_entry = NULL; /* make it error */
+ vq->state = VAL_VALIDATE_STATE;
+ return;
+ }
+ vq->chain_blacklist = NULL; /* fresh blacklist for next part*/
+ /* Keep the forState.state on FINDKEY. */
+ } else if(key_entry_isbad(dske)
+ && vq->restart_count < VAL_MAX_RESTART_COUNT) {
+ vq->empty_DS_name = olds;
+ val_blacklist(&vq->chain_blacklist, qstate->region, origin, 1);
+ qstate->errinf = NULL;
+ vq->restart_count++;
+ } else {
+ if(key_entry_isbad(dske)) {
+ errinf_origin(qstate, origin);
+ errinf_dname(qstate, "for DS", qinfo->qname);
+ }
+ /* NOTE: the reason for the DS to be not good (that is,
+ * either bad or null) should have been logged by
+ * dsResponseToKE. */
+ vq->key_entry = dske;
+ /* The FINDKEY phase has ended, so move on. */
+ vq->state = VAL_VALIDATE_STATE;
+ }
+}
+
+/**
+ * Process DNSKEY response. Called from inform_supers.
+ * Sets the key entry in the state.
+ * Because it is in inform_supers, the mesh itself is busy doing callbacks
+ * for a state that is to be deleted soon; don't touch the mesh; instead
+ * set a state in the super, as the super will be reactivated soon.
+ * Perform processing to determine what state to set in the super.
+ *
+ * @param qstate: query state that is validating and asked for a DNSKEY.
+ * @param vq: validator query state
+ * @param id: module id.
+ * @param rcode: rcode result value.
+ * @param msg: result message (if rcode is OK).
+ * @param qinfo: from the sub query state, query info.
+ * @param origin: the origin of msg.
+ */
+static void
+process_dnskey_response(struct module_qstate* qstate, struct val_qstate* vq,
+ int id, int rcode, struct dns_msg* msg, struct query_info* qinfo,
+ struct sock_list* origin)
+{
+ struct val_env* ve = (struct val_env*)qstate->env->modinfo[id];
+ struct key_entry_key* old = vq->key_entry;
+ struct ub_packed_rrset_key* dnskey = NULL;
+ int downprot;
+ char* reason = NULL;
+
+ if(rcode == LDNS_RCODE_NOERROR)
+ dnskey = reply_find_answer_rrset(qinfo, msg->rep);
+
+ if(dnskey == NULL) {
+ /* bad response */
+ verbose(VERB_DETAIL, "Missing DNSKEY RRset in response to "
+ "DNSKEY query.");
+ if(vq->restart_count < VAL_MAX_RESTART_COUNT) {
+ val_blacklist(&vq->chain_blacklist, qstate->region,
+ origin, 1);
+ qstate->errinf = NULL;
+ vq->restart_count++;
+ return;
+ }
+ vq->key_entry = key_entry_create_bad(qstate->region,
+ qinfo->qname, qinfo->qname_len, qinfo->qclass,
+ BOGUS_KEY_TTL, *qstate->env->now);
+ if(!vq->key_entry) {
+ log_err("alloc failure in missing dnskey response");
+ /* key_entry is NULL for failure in Validate */
+ }
+ errinf(qstate, "No DNSKEY record");
+ errinf_origin(qstate, origin);
+ errinf_dname(qstate, "for key", qinfo->qname);
+ vq->state = VAL_VALIDATE_STATE;
+ return;
+ }
+ if(!vq->ds_rrset) {
+ log_err("internal error: no DS rrset for new DNSKEY response");
+ vq->key_entry = NULL;
+ vq->state = VAL_VALIDATE_STATE;
+ return;
+ }
+ downprot = 1;
+ vq->key_entry = val_verify_new_DNSKEYs(qstate->region, qstate->env,
+ ve, dnskey, vq->ds_rrset, downprot, &reason);
+
+ if(!vq->key_entry) {
+ log_err("out of memory in verify new DNSKEYs");
+ vq->state = VAL_VALIDATE_STATE;
+ return;
+ }
+ /* If the key entry isBad or isNull, then we can move on to the next
+ * state. */
+ if(!key_entry_isgood(vq->key_entry)) {
+ if(key_entry_isbad(vq->key_entry)) {
+ if(vq->restart_count < VAL_MAX_RESTART_COUNT) {
+ val_blacklist(&vq->chain_blacklist,
+ qstate->region, origin, 1);
+ qstate->errinf = NULL;
+ vq->restart_count++;
+ vq->key_entry = old;
+ return;
+ }
+ verbose(VERB_DETAIL, "Did not match a DS to a DNSKEY, "
+ "thus bogus.");
+ errinf(qstate, reason);
+ errinf_origin(qstate, origin);
+ errinf_dname(qstate, "for key", qinfo->qname);
+ }
+ vq->chain_blacklist = NULL;
+ vq->state = VAL_VALIDATE_STATE;
+ return;
+ }
+ vq->chain_blacklist = NULL;
+ qstate->errinf = NULL;
+
+ /* The DNSKEY validated, so cache it as a trusted key rrset. */
+ key_cache_insert(ve->kcache, vq->key_entry, qstate);
+
+ /* If good, we stay in the FINDKEY state. */
+ log_query_info(VERB_DETAIL, "validated DNSKEY", qinfo);
+}
+
+/**
+ * Process prime response
+ * Sets the key entry in the state.
+ *
+ * @param qstate: query state that is validating and primed a trust anchor.
+ * @param vq: validator query state
+ * @param id: module id.
+ * @param rcode: rcode result value.
+ * @param msg: result message (if rcode is OK).
+ * @param origin: the origin of msg.
+ */
+static void
+process_prime_response(struct module_qstate* qstate, struct val_qstate* vq,
+ int id, int rcode, struct dns_msg* msg, struct sock_list* origin)
+{
+ struct val_env* ve = (struct val_env*)qstate->env->modinfo[id];
+ struct ub_packed_rrset_key* dnskey_rrset = NULL;
+ struct trust_anchor* ta = anchor_find(qstate->env->anchors,
+ vq->trust_anchor_name, vq->trust_anchor_labs,
+ vq->trust_anchor_len, vq->qchase.qclass);
+ if(!ta) {
+ /* trust anchor revoked, restart with less anchors */
+ vq->state = VAL_INIT_STATE;
+ if(!vq->trust_anchor_name)
+ vq->state = VAL_VALIDATE_STATE; /* break a loop */
+ vq->trust_anchor_name = NULL;
+ return;
+ }
+ /* Fetch and validate the keyEntry that corresponds to the
+ * current trust anchor. */
+ if(rcode == LDNS_RCODE_NOERROR) {
+ dnskey_rrset = reply_find_rrset_section_an(msg->rep,
+ ta->name, ta->namelen, LDNS_RR_TYPE_DNSKEY,
+ ta->dclass);
+ }
+ if(ta->autr) {
+ if(!autr_process_prime(qstate->env, ve, ta, dnskey_rrset)) {
+ /* trust anchor revoked, restart with less anchors */
+ vq->state = VAL_INIT_STATE;
+ vq->trust_anchor_name = NULL;
+ return;
+ }
+ }
+ vq->key_entry = primeResponseToKE(dnskey_rrset, ta, qstate, id);
+ lock_basic_unlock(&ta->lock);
+ if(vq->key_entry) {
+ if(key_entry_isbad(vq->key_entry)
+ && vq->restart_count < VAL_MAX_RESTART_COUNT) {
+ val_blacklist(&vq->chain_blacklist, qstate->region,
+ origin, 1);
+ qstate->errinf = NULL;
+ vq->restart_count++;
+ vq->key_entry = NULL;
+ vq->state = VAL_INIT_STATE;
+ return;
+ }
+ vq->chain_blacklist = NULL;
+ errinf_origin(qstate, origin);
+ errinf_dname(qstate, "for trust anchor", ta->name);
+ /* store the freshly primed entry in the cache */
+ key_cache_insert(ve->kcache, vq->key_entry, qstate);
+ }
+
+ /* If the result of the prime is a null key, skip the FINDKEY state.*/
+ if(!vq->key_entry || key_entry_isnull(vq->key_entry) ||
+ key_entry_isbad(vq->key_entry)) {
+ vq->state = VAL_VALIDATE_STATE;
+ }
+ /* the qstate will be reactivated after inform_super is done */
+}
+
+/**
+ * Process DLV response. Called from inform_supers.
+ * Because it is in inform_supers, the mesh itself is busy doing callbacks
+ * for a state that is to be deleted soon; don't touch the mesh; instead
+ * set a state in the super, as the super will be reactivated soon.
+ * Perform processing to determine what state to set in the super.
+ *
+ * @param qstate: query state that is validating and asked for a DLV.
+ * @param vq: validator query state
+ * @param id: module id.
+ * @param rcode: rcode result value.
+ * @param msg: result message (if rcode is OK).
+ * @param qinfo: from the sub query state, query info.
+ */
+static void
+process_dlv_response(struct module_qstate* qstate, struct val_qstate* vq,
+ int id, int rcode, struct dns_msg* msg, struct query_info* qinfo)
+{
+ struct val_env* ve = (struct val_env*)qstate->env->modinfo[id];
+
+ verbose(VERB_ALGO, "process dlv response to super");
+ if(rcode != LDNS_RCODE_NOERROR) {
+ /* lookup failed, set in vq to give up */
+ vq->dlv_status = dlv_error;
+ verbose(VERB_ALGO, "response is error");
+ return;
+ }
+ if(msg->rep->security != sec_status_secure) {
+ vq->dlv_status = dlv_error;
+ verbose(VERB_ALGO, "response is not secure, %s",
+ sec_status_to_string(msg->rep->security));
+ return;
+ }
+ /* was the lookup a success? validated DLV? */
+ if(FLAGS_GET_RCODE(msg->rep->flags) == LDNS_RCODE_NOERROR &&
+ msg->rep->an_numrrsets == 1 &&
+ msg->rep->security == sec_status_secure &&
+ ntohs(msg->rep->rrsets[0]->rk.type) == LDNS_RR_TYPE_DLV &&
+ ntohs(msg->rep->rrsets[0]->rk.rrset_class) == qinfo->qclass &&
+ query_dname_compare(msg->rep->rrsets[0]->rk.dname,
+ vq->dlv_lookup_name) == 0) {
+ /* yay! it is just like a DS */
+ vq->ds_rrset = (struct ub_packed_rrset_key*)
+ regional_alloc_init(qstate->region,
+ msg->rep->rrsets[0], sizeof(*vq->ds_rrset));
+ if(!vq->ds_rrset) {
+ log_err("out of memory in process_dlv");
+ return;
+ }
+ vq->ds_rrset->entry.key = vq->ds_rrset;
+ vq->ds_rrset->rk.dname = (uint8_t*)regional_alloc_init(
+ qstate->region, vq->ds_rrset->rk.dname,
+ vq->ds_rrset->rk.dname_len);
+ if(!vq->ds_rrset->rk.dname) {
+ log_err("out of memory in process_dlv");
+ vq->dlv_status = dlv_error;
+ return;
+ }
+ vq->ds_rrset->entry.data = regional_alloc_init(qstate->region,
+ vq->ds_rrset->entry.data,
+ packed_rrset_sizeof(vq->ds_rrset->entry.data));
+ if(!vq->ds_rrset->entry.data) {
+ log_err("out of memory in process_dlv");
+ vq->dlv_status = dlv_error;
+ return;
+ }
+ packed_rrset_ptr_fixup(vq->ds_rrset->entry.data);
+ /* make vq do a DNSKEY query next up */
+ vq->dlv_status = dlv_success;
+ return;
+ }
+ /* store NSECs into negative cache */
+ val_neg_addreply(ve->neg_cache, msg->rep);
+
+ /* was the lookup a failure?
+ * if we have to go up into the DLV for a higher DLV anchor
+ * then set this in the vq, so it can make queries when activated.
+ * See if the NSECs indicate that we should look for higher DLV
+ * or, that there is no DLV securely */
+ if(!val_nsec_check_dlv(qinfo, msg->rep, &vq->dlv_lookup_name,
+ &vq->dlv_lookup_name_len)) {
+ vq->dlv_status = dlv_error;
+ verbose(VERB_ALGO, "nsec error");
+ return;
+ }
+ if(!dname_subdomain_c(vq->dlv_lookup_name,
+ qstate->env->anchors->dlv_anchor->name)) {
+ vq->dlv_status = dlv_there_is_no_dlv;
+ return;
+ }
+ vq->dlv_status = dlv_ask_higher;
+}
+
+/*
+ * inform validator super.
+ *
+ * @param qstate: query state that finished.
+ * @param id: module id.
+ * @param super: the qstate to inform.
+ */
+void
+val_inform_super(struct module_qstate* qstate, int id,
+ struct module_qstate* super)
+{
+ struct val_qstate* vq = (struct val_qstate*)super->minfo[id];
+ log_query_info(VERB_ALGO, "validator: inform_super, sub is",
+ &qstate->qinfo);
+ log_query_info(VERB_ALGO, "super is", &super->qinfo);
+ if(!vq) {
+ verbose(VERB_ALGO, "super: has no validator state");
+ return;
+ }
+ if(vq->wait_prime_ta) {
+ vq->wait_prime_ta = 0;
+ process_prime_response(super, vq, id, qstate->return_rcode,
+ qstate->return_msg, qstate->reply_origin);
+ return;
+ }
+ if(qstate->qinfo.qtype == LDNS_RR_TYPE_DS) {
+ process_ds_response(super, vq, id, qstate->return_rcode,
+ qstate->return_msg, &qstate->qinfo,
+ qstate->reply_origin);
+ return;
+ } else if(qstate->qinfo.qtype == LDNS_RR_TYPE_DNSKEY) {
+ process_dnskey_response(super, vq, id, qstate->return_rcode,
+ qstate->return_msg, &qstate->qinfo,
+ qstate->reply_origin);
+ return;
+ } else if(qstate->qinfo.qtype == LDNS_RR_TYPE_DLV) {
+ process_dlv_response(super, vq, id, qstate->return_rcode,
+ qstate->return_msg, &qstate->qinfo);
+ return;
+ }
+ log_err("internal error in validator: no inform_supers possible");
+}
+
+void
+val_clear(struct module_qstate* qstate, int id)
+{
+ if(!qstate)
+ return;
+ /* everything is allocated in the region, so assign NULL */
+ qstate->minfo[id] = NULL;
+}
+
+size_t
+val_get_mem(struct module_env* env, int id)
+{
+ struct val_env* ve = (struct val_env*)env->modinfo[id];
+ if(!ve)
+ return 0;
+ return sizeof(*ve) + key_cache_get_mem(ve->kcache) +
+ val_neg_get_mem(ve->neg_cache) +
+ sizeof(size_t)*2*ve->nsec3_keyiter_count;
+}
+
+/**
+ * The validator function block
+ */
+static struct module_func_block val_block = {
+ "validator",
+ &val_init, &val_deinit, &val_operate, &val_inform_super, &val_clear,
+ &val_get_mem
+};
+
+struct module_func_block*
+val_get_funcblock(void)
+{
+ return &val_block;
+}
+
+const char*
+val_state_to_string(enum val_state state)
+{
+ switch(state) {
+ case VAL_INIT_STATE: return "VAL_INIT_STATE";
+ case VAL_FINDKEY_STATE: return "VAL_FINDKEY_STATE";
+ case VAL_VALIDATE_STATE: return "VAL_VALIDATE_STATE";
+ case VAL_FINISHED_STATE: return "VAL_FINISHED_STATE";
+ case VAL_DLVLOOKUP_STATE: return "VAL_DLVLOOKUP_STATE";
+ }
+ return "UNKNOWN VALIDATOR STATE";
+}
+
diff --git a/external/unbound/validator/validator.h b/external/unbound/validator/validator.h
new file mode 100644
index 000000000..20f806ada
--- /dev/null
+++ b/external/unbound/validator/validator.h
@@ -0,0 +1,294 @@
+/*
+ * validator/validator.h - secure validator DNS query response module
+ *
+ * Copyright (c) 2007, NLnet Labs. All rights reserved.
+ *
+ * This software is open source.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of the NLNET LABS nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/**
+ * \file
+ *
+ * This file contains a module that performs validation of DNS queries.
+ * According to RFC 4034.
+ */
+
+#ifndef VALIDATOR_VALIDATOR_H
+#define VALIDATOR_VALIDATOR_H
+#include "util/module.h"
+#include "util/data/msgreply.h"
+#include "validator/val_utils.h"
+struct val_anchors;
+struct key_cache;
+struct key_entry_key;
+struct val_neg_cache;
+struct config_strlist;
+
+/**
+ * This is the TTL to use when a trust anchor fails to prime. A trust anchor
+ * will be primed no more often than this interval. Used when harden-
+ * dnssec-stripped is off and the trust anchor fails.
+ */
+#define NULL_KEY_TTL 60 /* seconds */
+
+/**
+ * TTL for bogus key entries. When a DS or DNSKEY fails in the chain of
+ * trust the entire zone for that name is blacked out for this TTL.
+ */
+#define BOGUS_KEY_TTL 60 /* seconds */
+
+/** max number of query restarts, number of IPs to probe */
+#define VAL_MAX_RESTART_COUNT 5
+
+/**
+ * Global state for the validator.
+ */
+struct val_env {
+ /** key cache; these are validated keys. trusted keys only
+ * end up here after being primed. */
+ struct key_cache* kcache;
+
+ /** aggressive negative cache. index into NSECs in rrset cache. */
+ struct val_neg_cache* neg_cache;
+
+ /** for debug testing a fixed validation date can be entered.
+ * if 0, current time is used for rrsig validation */
+ int32_t date_override;
+
+ /** clock skew min for signatures */
+ int32_t skew_min;
+
+ /** clock skew max for signatures */
+ int32_t skew_max;
+
+ /** TTL for bogus data; used instead of untrusted TTL from data.
+ * Bogus data will not be verified more often than this interval.
+ * seconds. */
+ uint32_t bogus_ttl;
+
+ /** If set, the validator should clean the additional section of
+ * secure messages.
+ */
+ int clean_additional;
+
+ /**
+ * If set, the validator will not make messages bogus, instead
+ * indeterminate is issued, so that no clients receive SERVFAIL.
+ * This allows an operator to run validation 'shadow' without
+ * hurting responses to clients.
+ */
+ int permissive_mode;
+
+ /**
+ * Number of entries in the NSEC3 maximum iteration count table.
+ * Keep this table short, and sorted by size
+ */
+ int nsec3_keyiter_count;
+
+ /**
+ * NSEC3 maximum iteration count per signing key size.
+ * This array contains key size values (in increasing order)
+ */
+ size_t* nsec3_keysize;
+
+ /**
+ * NSEC3 maximum iteration count per signing key size.
+ * This array contains the maximum iteration count for the keysize
+ * in the keysize array.
+ */
+ size_t* nsec3_maxiter;
+
+ /** lock on bogus counter */
+ lock_basic_t bogus_lock;
+ /** number of times rrsets marked bogus */
+ size_t num_rrset_bogus;
+};
+
+/**
+ * State of the validator for a query.
+ */
+enum val_state {
+ /** initial state for validation */
+ VAL_INIT_STATE = 0,
+ /** find the proper keys for validation, follow trust chain */
+ VAL_FINDKEY_STATE,
+ /** validate the answer, using found key entry */
+ VAL_VALIDATE_STATE,
+ /** finish up */
+ VAL_FINISHED_STATE,
+ /** DLV lookup state, processing DLV queries */
+ VAL_DLVLOOKUP_STATE
+};
+
+/**
+ * Per query state for the validator module.
+ */
+struct val_qstate {
+ /**
+ * State of the validator module.
+ */
+ enum val_state state;
+
+ /**
+ * The original message we have been given to validate.
+ */
+ struct dns_msg* orig_msg;
+
+ /**
+ * The query restart count
+ */
+ int restart_count;
+ /** The blacklist saved for chainoftrust elements */
+ struct sock_list* chain_blacklist;
+
+ /**
+ * The query name we have chased to; qname after following CNAMEs
+ */
+ struct query_info qchase;
+
+ /**
+ * The chased reply, extract from original message. Can be:
+ * o CNAME
+ * o DNAME + CNAME
+ * o answer
+ * plus authority, additional (nsecs) that have same signature.
+ */
+ struct reply_info* chase_reply;
+
+ /**
+ * The cname skip value; the number of rrsets that have been skipped
+ * due to chasing cnames. This is the offset into the
+ * orig_msg->rep->rrsets array, into the answer section.
+ * starts at 0 - for the full original message.
+ * if it is >0 - qchase followed the cname, chase_reply setup to be
+ * that message and relevant authority rrsets.
+ *
+ * The skip is also used for referral messages, where it will
+ * range from 0, over the answer, authority and additional sections.
+ */
+ size_t rrset_skip;
+
+ /** trust anchor name */
+ uint8_t* trust_anchor_name;
+ /** trust anchor labels */
+ int trust_anchor_labs;
+ /** trust anchor length */
+ size_t trust_anchor_len;
+
+ /** the DS rrset */
+ struct ub_packed_rrset_key* ds_rrset;
+
+ /** domain name for empty nonterminal detection */
+ uint8_t* empty_DS_name;
+ /** length of empty_DS_name */
+ size_t empty_DS_len;
+
+ /** the current key entry */
+ struct key_entry_key* key_entry;
+
+ /** subtype */
+ enum val_classification subtype;
+
+ /** signer name */
+ uint8_t* signer_name;
+ /** length of signer_name */
+ size_t signer_len;
+
+ /** true if this state is waiting to prime a trust anchor */
+ int wait_prime_ta;
+
+ /** have we already checked the DLV? */
+ int dlv_checked;
+ /** The name for which the DLV is looked up. For the current message
+ * or for the current RRset (for CNAME, REFERRAL types).
+ * If there is signer name, that may be it, else a domain name */
+ uint8_t* dlv_lookup_name;
+ /** length of dlv lookup name */
+ size_t dlv_lookup_name_len;
+ /** Name at which chain of trust stopped with insecure, starting DLV
+ * DLV must result in chain going further down */
+ uint8_t* dlv_insecure_at;
+ /** length of dlv insecure point name */
+ size_t dlv_insecure_at_len;
+ /** status of DLV lookup. Indication to VAL_DLV_STATE what to do */
+ enum dlv_status {
+ dlv_error, /* server failure */
+ dlv_success, /* got a DLV */
+ dlv_ask_higher, /* ask again */
+ dlv_there_is_no_dlv /* got no DLV, sure of it */
+ } dlv_status;
+};
+
+/**
+ * Get the validator function block.
+ * @return: function block with function pointers to validator methods.
+ */
+struct module_func_block* val_get_funcblock(void);
+
+/**
+ * Get validator state as a string
+ * @param state: to convert
+ * @return constant string that is printable.
+ */
+const char* val_state_to_string(enum val_state state);
+
+/** validator init */
+int val_init(struct module_env* env, int id);
+
+/** validator deinit */
+void val_deinit(struct module_env* env, int id);
+
+/** validator operate on a query */
+void val_operate(struct module_qstate* qstate, enum module_ev event, int id,
+ struct outbound_entry* outbound);
+
+/**
+ * inform validator super.
+ *
+ * @param qstate: query state that finished.
+ * @param id: module id.
+ * @param super: the qstate to inform.
+ */
+void val_inform_super(struct module_qstate* qstate, int id,
+ struct module_qstate* super);
+
+/** validator cleanup query state */
+void val_clear(struct module_qstate* qstate, int id);
+
+/**
+ * Debug helper routine that assists worker in determining memory in
+ * use.
+ * @param env: module environment
+ * @param id: module id.
+ * @return memory in use in bytes.
+ */
+size_t val_get_mem(struct module_env* env, int id);
+
+#endif /* VALIDATOR_VALIDATOR_H */