upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-05-28 04:34:54 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

1654. [bug] isc_result_totext() contained array bounds read

Browse source 
error.

1653.   [func]          Add key type checking to dst_key_fromfilename(),
                        DST_TYPE_KEY should be used to read TSIG, TKEY and
                        SIG(0) keys.

1652.   [bug]           TKEY still uses KEY.
This commit is contained in:
Mark Andrews 2004-06-11 00:27:06 +00:00
parent 68fb0934fd
commit 23fdb6a5a3
20 changed files with 71 additions and 51 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
CHANGES
View file

@ -5,11 +5,14 @@
1655. [placeholder] rt11446
1654. [placeholder] rt11541
1654. [bug] isc_result_totext() contained array bounds read
error.
1653. [placeholder] rt11541
1653. [func] Add key type checking to dst_key_fromfilename(),
DST_TYPE_KEY should be used to read TSIG, TKEY and
SIG(0) keys.
1652. [placeholder] rt11541
1652. [bug] TKEY still uses KEY.
1651. [bug] dig: process multiple dash options.

8
bin/dig/dighost.c
View file

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: dighost.c,v 1.261 2004/04/13 02:39:35 marka Exp $ */
/* $Id: dighost.c,v 1.262 2004/06/11 00:27:02 marka Exp $ */
/*
* Notice to programmers: Do not use this code as an example of how to
@ -864,7 +864,7 @@ setup_file_key(void) {
dst_key_t *dstkey = NULL;
debug("setup_file_key()");
result = dst_key_fromnamedfile(keyfile, DST_TYPE_PRIVATE,
result = dst_key_fromnamedfile(keyfile, DST_TYPE_PRIVATE | DST_TYPE_KEY,
mctx, &dstkey);
if (result != ISC_R_SUCCESS) {
fprintf(stderr, "Couldn't read key from %s: %s\n",
@ -3552,8 +3552,8 @@ get_trusted_key(isc_mem_t *mctx)
return ISC_R_FAILURE;
}
fclose(fptemp);
result = dst_key_fromnamedfile(filetemp, DST_TYPE_PUBLIC,
mctx, &key);
result = dst_key_fromnamedfile(filetemp, DST_TYPE_PUBLIC |
DST_TYPE_KEY, mctx, &key);
removetmpkey(mctx, filetemp);
isc_mem_free(mctx, filetemp);
if (result != ISC_R_SUCCESS ) {

7
bin/named/tkeyconf.c
View file

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: tkeyconf.c,v 1.20 2004/03/05 04:57:49 marka Exp $ */
/* $Id: tkeyconf.c,v 1.21 2004/06/11 00:27:03 marka Exp $ */
#include <config.h>
@ -53,6 +53,7 @@ ns_tkeyctx_fromconfig(cfg_obj_t *options, isc_mem_t *mctx, isc_entropy_t *ectx,
dns_name_t *name;
isc_buffer_t b;
cfg_obj_t *obj;
int type;
result = dns_tkeyctx_create(mctx, ectx, &tctx);
if (result != ISC_R_SUCCESS)
@ -69,9 +70,9 @@ ns_tkeyctx_fromconfig(cfg_obj_t *options, isc_mem_t *mctx, isc_entropy_t *ectx,
name = dns_fixedname_name(&fname);
RETERR(dns_name_fromtext(name, &b, dns_rootname,
ISC_FALSE, NULL));
type = DST_TYPE_PUBLIC|DST_TYPE_PRIVATE|DST_TYPE_KEY;
RETERR(dst_key_fromfile(name, (dns_keytag_t) n, DNS_KEYALG_DH,
DST_TYPE_PUBLIC|DST_TYPE_PRIVATE,
NULL, mctx, &tctx->dhkey));
type, NULL, mctx, &tctx->dhkey));
}
obj = NULL;

2
bin/tests/dst/Ktest.+001+00002.key
View file

@ -1 +1 @@
test. IN KEY 49152 2 1
test. IN DNSKEY 49152 2 1

2
bin/tests/dst/Ktest.+001+54622.key
View file

@ -1 +1 @@
test. IN KEY 257 3 1 AQPQjwSpaVzxIgRCpiUoozUQKGh2oX8NIFKDOvtxK+tn536OZg2cROKTlgGEHXJK9YHfW/6nzQULTVpb63P+SQMmjCCidb8IYyhItixRztVeJQ==
test. IN DNSKEY 257 3 1 AQPQjwSpaVzxIgRCpiUoozUQKGh2oX8NIFKDOvtxK+tn536OZg2cROKTlgGEHXJK9YHfW/6nzQULTVpb63P+SQMmjCCidb8IYyhItixRztVeJQ==

2
bin/tests/dst/Ktest.+003+23616.key
View file

@ -1 +1 @@
test. IN KEY 16641 3 3 ANp1//lqDlEfTavcFI+cyudNfgEz73V/K7fSDvkA0eDYcGg/kSvEjAEO/oLWCERltkuC55ZcM/mSv17WF1d/wR6kww/pLI9eXwkjftAYqs5sNxk+mbEGl6zwve9wq5z7IoTY5/J4l7XLCKftg/wGvrzXQhggIkRvEh3myhxd+ouILcpfvTIthWlTKiH59tSJpmgmiSMTE7nDYaf10iVRWN6DMSprgejiH05/fpmyZAt44tyAh4m1wXS5u4tam1PXDJYJozn7EfQ8e2weIv1yC+t6PHSx
test. IN DNSKEY 16641 3 3 ANp1//lqDlEfTavcFI+cyudNfgEz73V/K7fSDvkA0eDYcGg/kSvEjAEO/oLWCERltkuC55ZcM/mSv17WF1d/wR6kww/pLI9eXwkjftAYqs5sNxk+mbEGl6zwve9wq5z7IoTY5/J4l7XLCKftg/wGvrzXQhggIkRvEh3myhxd+ouILcpfvTIthWlTKiH59tSJpmgmiSMTE7nDYaf10iVRWN6DMSprgejiH05/fpmyZAt44tyAh4m1wXS5u4tam1PXDJYJozn7EfQ8e2weIv1yC+t6PHSx

2
bin/tests/dst/Ktest.+003+49667.key
View file

@ -1 +1 @@
test. IN KEY 49152 2 3
test. IN DNSKEY 49152 2 3

4
bin/tests/dst/dst_test.c
View file

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: dst_test.c,v 1.38 2004/03/05 04:58:46 marka Exp $ */
/* $Id: dst_test.c,v 1.39 2004/06/11 00:27:05 marka Exp $ */
#include <config.h>
@ -160,7 +160,7 @@ dh(dns_name_t *name1, int id1, dns_name_t *name2, int id2, isc_mem_t *mctx) {
isc_region_t r1, r2;
unsigned char array1[1024], array2[1024];
int alg = DST_ALG_DH;
int type = DST_TYPE_PUBLIC|DST_TYPE_PRIVATE;
int type = DST_TYPE_PUBLIC|DST_TYPE_PRIVATE|DST_TYPE_KEY;
ret = dst_key_fromfile(name1, id1, alg, type, current, mctx, &key1);
printf("read(%d) returned: %s\n", alg, isc_result_totext(ret));

4
bin/tests/dst/t_dst.c
View file

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: t_dst.c,v 1.48 2004/03/05 04:58:46 marka Exp $ */
/* $Id: t_dst.c,v 1.49 2004/06/11 00:27:05 marka Exp $ */
#include <config.h>
@ -168,7 +168,7 @@ dh(dns_name_t *name1, int id1, dns_name_t *name2, int id2, isc_mem_t *mctx,
char tmp[PATH_MAX + 1];
char *p;
int alg = DST_ALG_DH;
int type = DST_TYPE_PUBLIC|DST_TYPE_PRIVATE;
int type = DST_TYPE_PUBLIC|DST_TYPE_PRIVATE|DST_TYPE_KEY;
unsigned char array1[1024], array2[1024];
isc_buffer_t b1, b2;
isc_region_t r1, r2;

13
bin/tests/system/tkey/keycreate.c
View file

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: keycreate.c,v 1.10 2004/03/05 05:03:12 marka Exp $ */
/* $Id: keycreate.c,v 1.11 2004/06/11 00:27:05 marka Exp $ */
#include <config.h>
@ -75,6 +75,7 @@ recvquery(isc_task_t *task, isc_event_t *event) {
dns_message_t *query, *response;
char keyname[256];
isc_buffer_t keynamebuf;
int type;
UNUSED(task);
@ -115,8 +116,8 @@ recvquery(isc_task_t *task, isc_event_t *event) {
CHECK("dst_key_buildfilename", result);
printf("%.*s\n", (int)isc_buffer_usedlength(&keynamebuf),
(char *)isc_buffer_base(&keynamebuf));
result = dst_key_tofile(tsigkey->key,
DST_TYPE_PRIVATE | DST_TYPE_PUBLIC, "");
type = DST_TYPE_PRIVATE | DST_TYPE_PUBLIC | DST_TYPE_KEY;
result = dst_key_tofile(tsigkey->key, type, "");
CHECK("dst_key_tofile", result);
dns_message_destroy(&query);
@ -209,6 +210,7 @@ main(int argc, char *argv[]) {
isc_logconfig_t *logconfig;
isc_task_t *task;
isc_result_t result;
int type;
RUNCHECK(isc_app_start());
@ -280,9 +282,8 @@ main(int argc, char *argv[]) {
RUNCHECK(isc_app_onrun(mctx, task, sendquery, NULL));
ourkey = NULL;
result = dst_key_fromnamedfile(ourkeyname,
DST_TYPE_PUBLIC | DST_TYPE_PRIVATE,
mctx, &ourkey);
type = DST_TYPE_PUBLIC | DST_TYPE_PRIVATE | DST_TYPE_KEY;
result = dst_key_fromnamedfile(ourkeyname, type, mctx, &ourkey);
CHECK("dst_key_fromnamedfile", result);
isc_buffer_init(&nonce, noncedata, sizeof(noncedata));

8
bin/tests/system/tkey/keydelete.c
View file

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: keydelete.c,v 1.6 2004/03/05 05:03:12 marka Exp $ */
/* $Id: keydelete.c,v 1.7 2004/06/11 00:27:06 marka Exp $ */
#include <config.h>
@ -154,6 +154,7 @@ main(int argc, char **argv) {
isc_logconfig_t *logconfig;
isc_task_t *task;
isc_result_t result;
int type;
RUNCHECK(isc_app_start());
@ -222,9 +223,8 @@ main(int argc, char **argv) {
RUNCHECK(isc_app_onrun(mctx, task, sendquery, NULL));
dstkey = NULL;
result = dst_key_fromnamedfile(keyname,
DST_TYPE_PUBLIC | DST_TYPE_PRIVATE,
mctx, &dstkey);
type = DST_TYPE_PUBLIC | DST_TYPE_PRIVATE | DST_TYPE_KEY;
result = dst_key_fromnamedfile(keyname, type, mctx, &dstkey);
CHECK("dst_key_fromnamedfile", result);
result = dns_tsigkey_createfromkey(dst_key_name(dstkey),
DNS_TSIG_HMACMD5_NAME,

4
bin/tests/system/tkey/ns1/setup.sh
View file

@ -15,11 +15,11 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: setup.sh,v 1.5 2004/03/05 05:03:17 marka Exp $
# $Id: setup.sh,v 1.6 2004/06/11 00:27:06 marka Exp $
RANDFILE=../random.data
keyname=`$KEYGEN -a DH -b 768 -n host -r $RANDFILE server`
keyname=`$KEYGEN -k -a DH -b 768 -n host -r $RANDFILE server`
keyid=`echo $keyname | $PERL -p -e 's/^.*\+0*//;'`
rm -f named.conf
perl -p -e "s/KEYID/$keyid/;" < named.conf.in > named.conf

4
bin/tests/system/tkey/tests.sh
View file

@ -15,7 +15,7 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: tests.sh,v 1.4 2004/03/05 05:03:13 marka Exp $
# $Id: tests.sh,v 1.5 2004/06/11 00:27:06 marka Exp $
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
@ -28,7 +28,7 @@ RANDFILE=random.data
echo "I:generating new DH key"
ret=0
dhkeyname=`$KEYGEN -a DH -b 768 -n host -r $RANDFILE client` || ret=1
dhkeyname=`$KEYGEN -k -a DH -b 768 -n host -r $RANDFILE client` || ret=1
if [ $ret != 0 ]; then
echo "I:failed"
echo "I:exit status: $status"

4
lib/dns/dnssec.c
View file

@ -16,7 +16,7 @@
*/
/*
* $Id: dnssec.c,v 1.81 2004/03/05 05:09:19 marka Exp $
* $Id: dnssec.c,v 1.82 2004/06/11 00:26:59 marka Exp $
*/
@ -134,6 +134,8 @@ dns_dnssec_keyfromrdata(dns_name_t *name, dns_rdata_t *rdata, isc_mem_t *mctx,
INSIST(mctx != NULL);
INSIST(key != NULL);
INSIST(*key == NULL);
REQUIRE(rdata->type == dns_rdatatype_key ||
rdata->type == dns_rdatatype_dnskey);
dns_rdata_toregion(rdata, &r);
isc_buffer_init(&b, r.base, r.length);

21
lib/dns/sec/dst/dst_api.c
View file

@ -18,7 +18,7 @@
/*
* Principal Author: Brian Wellington
* $Id: dst_api.c,v 1.115 2004/05/21 08:09:27 marka Exp $
* $Id: dst_api.c,v 1.116 2004/06/11 00:27:00 marka Exp $
*/
#include <config.h>
@ -70,6 +70,7 @@ static dst_key_t * get_key_struct(dns_name_t *name,
dns_rdataclass_t rdclass,
isc_mem_t *mctx);
static isc_result_t read_public_key(const char *filename,
int type,
isc_mem_t *mctx,
dst_key_t **keyp);
static isc_result_t write_public_key(const dst_key_t *key, int type,
@ -391,7 +392,7 @@ dst_key_fromnamedfile(const char *filename, int type, isc_mem_t *mctx,
REQUIRE(mctx != NULL);
REQUIRE(keyp != NULL && *keyp == NULL);
result = read_public_key(filename, mctx, &pubkey);
result = read_public_key(filename, type, mctx, &pubkey);
if (result != ISC_R_SUCCESS)
return (result);
@ -825,7 +826,9 @@ get_key_struct(dns_name_t *name, unsigned int alg,
* Reads a public key from disk
*/
static isc_result_t
read_public_key(const char *filename, isc_mem_t *mctx, dst_key_t **keyp) {
read_public_key(const char *filename, int type,
isc_mem_t *mctx, dst_key_t **keyp)
{
u_char rdatabuf[DST_KEY_MAXSIZE];
isc_buffer_t b;
dns_fixedname_t name;
@ -840,7 +843,7 @@ read_public_key(const char *filename, isc_mem_t *mctx, dst_key_t **keyp) {
isc_lexspecials_t specials;
isc_uint32_t ttl;
isc_result_t result;
dns_rdatatype_t type;
dns_rdatatype_t keytype;
newfilenamelen = strlen(filename) + 5;
newfilename = isc_mem_get(mctx, newfilenamelen);
@ -913,12 +916,18 @@ read_public_key(const char *filename, isc_mem_t *mctx, dst_key_t **keyp) {
BADTOKEN();
if (strcasecmp(DST_AS_STR(token), "DNSKEY") == 0)
type = dns_rdatatype_dnskey;
keytype = dns_rdatatype_dnskey;
else if (strcasecmp(DST_AS_STR(token), "KEY") == 0)
type = dns_rdatatype_key; /* SIG(0) */
keytype = dns_rdatatype_key; /* SIG(0), TKEY */
else
BADTOKEN();
if (((type & DST_TYPE_KEY) != 0 && keytype != dns_rdatatype_key) ||
((type & DST_TYPE_KEY) == 0 && keytype != dns_rdatatype_dnskey)) {
ret = DST_R_BADKEYTYPE;
goto cleanup;
}
isc_buffer_init(&b, rdatabuf, sizeof(rdatabuf));
ret = dns_rdata_fromtext(&rdata, rdclass, type, lex, NULL,
ISC_FALSE, mctx, &b, NULL);

3
lib/dns/sec/dst/dst_result.c
View file

@ -17,7 +17,7 @@
/*
* Principal Author: Brian Wellington
* $Id: dst_result.c,v 1.20 2004/03/05 05:10:30 marka Exp $
* $Id: dst_result.c,v 1.21 2004/06/11 00:27:01 marka Exp $
*/
#include <config.h>
@ -49,6 +49,7 @@ static const char *text[DST_R_NRESULTS] = {
"not a key that can compute a secret", /* 17 */
"failure computing a shared secret", /* 18 */
"no randomness available", /* 19 */
"bad key type" /* 20 */
};
#define DST_RESULT_RESULTSET 2

4
lib/dns/sec/dst/include/dst/dst.h
View file

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: dst.h,v 1.47 2004/03/10 02:19:58 marka Exp $ */
/* $Id: dst.h,v 1.48 2004/06/11 00:27:01 marka Exp $ */
#ifndef DST_DST_H
#define DST_DST_H 1
@ -218,6 +218,7 @@ dst_key_fromfile(dns_name_t *name, dns_keytag_t id, unsigned int alg, int type,
* "id" is a valid key tag identifier.
* "alg" is a supported key algorithm.
* "type" is DST_TYPE_PUBLIC, DST_TYPE_PRIVATE, or the bitwise union.
* DST_TYPE_KEY look for a KEY record otherwise DNSKEY
* "mctx" is a valid memory context.
* "keyp" is not NULL and "*keyp" is NULL.
*
@ -240,6 +241,7 @@ dst_key_fromnamedfile(const char *filename, int type, isc_mem_t *mctx,
* Requires:
* "filename" is not NULL
* "type" is DST_TYPE_PUBLIC, DST_TYPE_PRIVATE, or the bitwise union
* DST_TYPE_KEY look for a KEY record otherwise DNSKEY
* "mctx" is a valid memory context
* "keyp" is not NULL and "*keyp" is NULL.
*

5
lib/dns/sec/dst/include/dst/result.h
View file

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: result.h,v 1.21 2004/03/05 05:10:38 marka Exp $ */
/* $Id: result.h,v 1.22 2004/06/11 00:27:01 marka Exp $ */
#ifndef DST_RESULT_H
#define DST_RESULT_H 1
@ -51,8 +51,9 @@
#define DST_R_KEYCANNOTCOMPUTESECRET (ISC_RESULTCLASS_DST + 17)
#define DST_R_COMPUTESECRETFAILURE (ISC_RESULTCLASS_DST + 18)
#define DST_R_NORANDOMNESS (ISC_RESULTCLASS_DST + 19)
#define DST_R_BADKEYTYPE (ISC_RESULTCLASS_DST + 20)
#define DST_R_NRESULTS 20 /* Number of results */
#define DST_R_NRESULTS 21 /* Number of results */
ISC_LANG_BEGINDECLS

12
lib/dns/tkey.c
View file

@ -16,7 +16,7 @@
*/
/*
* $Id: tkey.c,v 1.76 2004/03/05 05:09:25 marka Exp $
* $Id: tkey.c,v 1.77 2004/06/11 00:27:00 marka Exp $
*/
#include <config.h>
@ -285,7 +285,7 @@ process_dhtkey(dns_message_t *msg, dns_name_t *signer, dns_name_t *name,
keyname = NULL;
dns_message_currentname(msg, DNS_SECTION_ADDITIONAL, &keyname);
keyset = NULL;
result = dns_message_findtype(keyname, dns_rdatatype_dnskey, 0,
result = dns_message_findtype(keyname, dns_rdatatype_key, 0,
&keyset);
if (result != ISC_R_SUCCESS)
continue;
@ -333,7 +333,7 @@ process_dhtkey(dns_message_t *msg, dns_name_t *signer, dns_name_t *name,
RETERR(dst_key_todns(tctx->dhkey, &ourkeybuf));
isc_buffer_usedregion(&ourkeybuf, &ourkeyr);
dns_rdata_fromregion(&ourkeyrdata, dns_rdataclass_any,
dns_rdatatype_dnskey, &ourkeyr);
dns_rdatatype_key, &ourkeyr);
dns_name_init(&ourname, NULL);
dns_name_clone(dst_key_name(tctx->dhkey), &ourname);
@ -877,7 +877,7 @@ dns_tkey_builddhquery(dns_message_t *msg, dst_key_t *key, dns_name_t *name,
RETERR(dst_key_todns(key, dynbuf));
isc_buffer_usedregion(dynbuf, &r);
dns_rdata_fromregion(rdata, dns_rdataclass_any,
dns_rdatatype_dnskey, &r);
dns_rdatatype_key, &r);
dns_message_takebuffer(msg, &dynbuf);
dns_name_init(&keyname, NULL);
@ -1049,7 +1049,7 @@ dns_tkey_processdhresponse(dns_message_t *qmsg, dns_message_t *rmsg,
ourkeyname = NULL;
ourkeyset = NULL;
RETERR(dns_message_findname(rmsg, DNS_SECTION_ANSWER, &keyname,
dns_rdatatype_dnskey, 0, &ourkeyname,
dns_rdatatype_key, 0, &ourkeyname,
&ourkeyset));
result = dns_message_firstname(rmsg, DNS_SECTION_ANSWER);
@ -1060,7 +1060,7 @@ dns_tkey_processdhresponse(dns_message_t *qmsg, dns_message_t *rmsg,
if (dns_name_equal(theirkeyname, ourkeyname))
goto next;
theirkeyset = NULL;
result = dns_message_findtype(theirkeyname, dns_rdatatype_dnskey,
result = dns_message_findtype(theirkeyname, dns_rdatatype_key,
0, &theirkeyset);
if (result == ISC_R_SUCCESS) {
RETERR(dns_rdataset_first(theirkeyset));

4
lib/isc/result.c
View file

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: result.c,v 1.63 2004/05/15 03:37:33 jinmei Exp $ */
/* $Id: result.c,v 1.64 2004/06/11 00:27:02 marka Exp $ */
#include <config.h>
@ -125,7 +125,7 @@ register_table(unsigned int base, unsigned int nresults, const char **text,
if (table == NULL)
return (ISC_R_NOMEMORY);
table->base = base;
table->last = base + nresults;
table->last = base + nresults - 1;
table->text = text;
table->msgcat = msgcat;
table->set = set;