Commit 3c45f0dd authored by Mark Andrews's avatar Mark Andrews

Merge branch...

Merge branch '852-bind-returning-malformed-packet-error-when-sshfp-record-has-fingerprint-value-less-than-4-characters-v9_11' into 'v9_11'

Resolve "Bind returning malformed packet error when sshfp record has fingerprint value less than 4 characters"

See merge request !1906
parents 8cb78ee5 702cc2dd
Pipeline #14247 passed with stages
in 1 minute and 4 seconds
5229. [protocol] Enforce known SSHFP fingerprint lengths. [GL #852]
5224. [bug] Only test provide-ixfr on TCP streams. [GL #991]
5222. [bug] 'delv -t ANY' could leak memory. [GL #983]
......
......@@ -20,6 +20,7 @@
static inline isc_result_t
fromtext_sshfp(ARGS_FROMTEXT) {
isc_token_t token;
int len = -1;
REQUIRE(type == dns_rdatatype_sshfp);
......@@ -47,10 +48,24 @@ fromtext_sshfp(ARGS_FROMTEXT) {
RETTOK(ISC_R_RANGE);
RETERR(uint8_tobuffer(token.value.as_ulong, target));
/*
* Enforce known digest lengths.
*/
switch (token.value.as_ulong) {
case 1:
len = ISC_SHA1_DIGESTLENGTH;
break;
case 2:
len = ISC_SHA256_DIGESTLENGTH;
break;
default:
break;
}
/*
* Digest.
*/
return (isc_hex_tobuffer(lexer, target, -2));
return (isc_hex_tobuffer(lexer, target, len));
}
static inline isc_result_t
......@@ -82,6 +97,10 @@ totext_sshfp(ARGS_TOTEXT) {
snprintf(buf, sizeof(buf), "%u", n);
RETERR(str_totext(buf, target));
if (sr.length == 0U) {
return (ISC_R_SUCCESS);
}
/*
* Digest.
*/
......@@ -110,8 +129,14 @@ fromwire_sshfp(ARGS_FROMWIRE) {
UNUSED(options);
isc_buffer_activeregion(source, &sr);
if (sr.length < 4)
if (sr.length < 2) {
return (ISC_R_UNEXPECTEDEND);
}
if ((sr.base[1] == 1 && sr.length != ISC_SHA1_DIGESTLENGTH + 2) ||
(sr.base[1] == 2 && sr.length != ISC_SHA256_DIGESTLENGTH + 2)) {
return (DNS_R_FORMERR);
}
isc_buffer_forward(source, sr.length);
return (mem_tobuffer(target, sr.base, sr.length));
......
......@@ -2090,6 +2090,82 @@ rkey(void **state) {
dns_rdatatype_rkey, sizeof(dns_rdata_rkey_t));
}
/* SSHFP RDATA manipulations */
static void
sshfp(void **state) {
text_ok_t text_ok[] = {
TEXT_INVALID(""), /* too short */
TEXT_INVALID("0"), /* reserved, too short */
TEXT_VALID("0 0"), /* no finger print */
TEXT_VALID("0 0 AA"), /* reserved */
TEXT_INVALID("0 1 AA"), /* too short SHA 1 digest */
TEXT_INVALID("0 2 AA"), /* too short SHA 256 digest */
TEXT_VALID("0 3 AA"), /* unknown finger print type */
/* good length SHA 1 digest */
TEXT_VALID("1 1 00112233445566778899AABBCCDDEEFF17181920"),
/* good length SHA 256 digest */
TEXT_VALID("4 2 A87F1B687AC0E57D2A081A2F282672334D90ED316D2B818CA9580EA3 84D92401"),
/*
* totext splits the fingerprint into chunks and
* emits uppercase hex.
*/
TEXT_VALID_CHANGED("1 2 00112233445566778899aabbccddeeff "
"00112233445566778899AABBCCDDEEFF",
"1 2 00112233445566778899AABBCCDDEEFF"
"00112233445566778899AABB CCDDEEFF"),
TEXT_SENTINEL()
};
wire_ok_t wire_ok[] = {
WIRE_INVALID(0x00), /* reserved too short */
WIRE_VALID(0x00, 0x00), /* reserved no finger print */
WIRE_VALID(0x00, 0x00, 0x00), /* reserved */
/* too short SHA 1 digests */
WIRE_INVALID(0x00, 0x01),
WIRE_INVALID(0x00, 0x01, 0x00),
WIRE_INVALID(0x00, 0x01, 0x00, 0x11, 0x22, 0x33, 0x44, 0x55,
0x66, 0x77, 0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD,
0xEE, 0xFF, 0x17, 0x18, 0x19),
/* good length SHA 1 digest */
WIRE_VALID(0x00, 0x01, 0x00, 0x11, 0x22, 0x33, 0x44, 0x55,
0x66, 0x77, 0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD,
0xEE, 0xFF, 0x17, 0x18, 0x19, 0x20),
/* too long SHA 1 digest */
WIRE_INVALID(0x00, 0x01, 0x00, 0x11, 0x22, 0x33, 0x44, 0x55,
0x66, 0x77, 0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD,
0xEE, 0xFF, 0x17, 0x18, 0x19, 0x20, 0x21),
/* too short SHA 256 digests */
WIRE_INVALID(0x00, 0x02),
WIRE_INVALID(0x00, 0x02, 0x00),
WIRE_INVALID(0x00, 0x02, 0x00, 0x11, 0x22, 0x33, 0x44, 0x55,
0x66, 0x77, 0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD,
0xEE, 0xFF, 0x17, 0x18, 0x19, 0x20, 0x21, 0x22,
0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x30,
0x31),
/* good length SHA 256 digest */
WIRE_VALID(0x00, 0x02, 0x00, 0x11, 0x22, 0x33, 0x44, 0x55,
0x66, 0x77, 0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD,
0xEE, 0xFF, 0x17, 0x18, 0x19, 0x20, 0x21, 0x22,
0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x30,
0x31, 0x32),
/* too long SHA 256 digest */
WIRE_INVALID(0x00, 0x02, 0x00, 0x11, 0x22, 0x33, 0x44, 0x55,
0x66, 0x77, 0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD,
0xEE, 0xFF, 0x17, 0x18, 0x19, 0x20, 0x21, 0x22,
0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x30,
0x31, 0x32, 0x33),
/* unknown digest, * no fingerprint */
WIRE_VALID(0x00, 0x03),
WIRE_VALID(0x00, 0x03, 0x00), /* unknown digest */
WIRE_SENTINEL()
};
UNUSED(state);
check_rdata(text_ok, wire_ok, NULL, false, dns_rdataclass_in,
dns_rdatatype_sshfp, sizeof(dns_rdata_sshfp_t));
}
/*
* WKS tests.
*
......@@ -2412,6 +2488,7 @@ main(int argc, char **argv) {
cmocka_unit_test_setup_teardown(nsec, _setup, _teardown),
cmocka_unit_test_setup_teardown(nsec3, _setup, _teardown),
cmocka_unit_test_setup_teardown(nxt, _setup, _teardown),
cmocka_unit_test_setup_teardown(sshfp, _setup, _teardown),
cmocka_unit_test_setup_teardown(wks, _setup, _teardown),
cmocka_unit_test_setup_teardown(rkey, _setup, _teardown),
cmocka_unit_test_setup_teardown(zonemd, _setup, _teardown),
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment