2 * unbound-anchor.c - update the root anchor if necessary.
4 * Copyright (c) 2010, NLnet Labs. All rights reserved.
6 * This software is open source.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
12 * Redistributions of source code must retain the above copyright notice,
13 * this list of conditions and the following disclaimer.
15 * Redistributions in binary form must reproduce the above copyright notice,
16 * this list of conditions and the following disclaimer in the documentation
17 * and/or other materials provided with the distribution.
19 * Neither the name of the NLNET LABS nor the names of its contributors may
20 * be used to endorse or promote products derived from this software without
21 * specific prior written permission.
23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
24 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
25 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
26 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
27 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
28 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
29 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
30 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
31 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
32 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
39 * This file checks to see that the current 5011 keys work to prime the
40 * current root anchor. If not a certificate is used to update the anchor,
41 * with RFC7958 https xml fetch.
43 * This is a concept solution for distribution of the DNSSEC root
44 * trust anchor. It is a small tool, called "unbound-anchor", that
45 * runs before the main validator starts. I.e. in the init script:
46 * unbound-anchor; unbound. Thus it is meant to run at system boot time.
48 * Management-Abstract:
49 * * first run: fill root.key file with hardcoded DS record.
50 * * mostly: use RFC5011 tracking, quick . DNSKEY UDP query.
51 * * failover: use RFC7958 builtin certificate, do https and update.
52 * Special considerations:
53 * * 30-days RFC5011 timer saves a lot of https traffic.
54 * * DNSKEY probe must be NOERROR, saves a lot of https traffic.
55 * * fail if clock before sign date of the root, if cert expired.
56 * * if the root goes back to unsigned, deals with it.
58 * It has hardcoded the root DS anchors and the ICANN CA root certificate.
59 * It allows with options to override those. It also takes root-hints (it
60 * has to do a DNS resolve), and also has hardcoded defaults for those.
62 * Once it starts, just before the validator starts, it quickly checks if
63 * the root anchor file needs to be updated. First it tries to use
64 * RFC5011-tracking of the root key. If that fails (and for 30-days since
65 * last successful probe), then it attempts to update using the
66 * certificate. So most of the time, the RFC5011 tracking will work fine,
67 * and within a couple milliseconds, the main daemon can start. It will
68 * have only probed the . DNSKEY, not done expensive https transfers on the
69 * root infrastructure.
71 * If there is no root key in the root.key file, it bootstraps the
72 * RFC5011-tracking with its builtin DS anchors; if that fails it
73 * bootstraps the RFC5011-tracking using the certificate. (again to avoid
74 * https, and it is also faster).
76 * It uses the XML file by converting it to DS records and writing that to the
77 * key file. Unbound can detect that the 'special comments' are gone, and
78 * the file contains a list of normal DNSKEY/DS records, and uses that to
79 * bootstrap 5011 (the KSK is made VALID).
81 * The certificate RFC7958 update is done by fetching root-anchors.xml and
82 * root-anchors.p7s via SSL. The HTTPS certificate can be logged but is
83 * not validated (https for channel security; the security comes from the
84 * certificate). The 'data.iana.org' domain name A and AAAA are resolved
85 * without DNSSEC. It tries a random IP until the transfer succeeds. It
86 * then checks the p7s signature.
88 * On any failure, it leaves the root key file untouched. The main
89 * validator has to cope with it, it cannot fix things (So a failure does
90 * not go 'without DNSSEC', no downgrade). If it used its builtin stuff or
91 * did the https, it exits with an exit code, so that this can trigger the
92 * init script to log the event and potentially alert the operator that can
95 * The date is also checked. Before 2010-07-15 is a failure (root not
96 * signed yet; avoids attacks on system clock). The
97 * last-successful-RFC5011-probe (if available) has to be more than 30 days
98 * in the past (otherwise, RFC5011 should have worked). This keeps
99 * unnecessary https traffic down. If the main certificate is expired, it
102 * The dates on the keys in the xml are checked (uses the libexpat xml
103 * parser), only the valid ones are used to re-enstate RFC5011 tracking.
104 * If 0 keys are valid, the zone has gone to insecure (a special marker is
105 * written in the keyfile that tells the main validator daemon the zone is
108 * Only the root ICANN CA is shipped, not the intermediate ones. The
109 * intermediate CAs are included in the p7s file that was downloaded. (the
110 * root cert is valid to 2028 and the intermediate to 2014, today).
112 * Obviously, the tool also has options so the operator can provide a new
113 * keyfile, a new certificate and new URLs, and fresh root hints. By
114 * default it logs nothing on failure and success; it 'just works'.
119 #include "libunbound/unbound.h"
120 #include "sldns/rrdef.h"
121 #include "sldns/parseutil.h"
124 #error "need libexpat to parse root-anchors.xml file."
129 #ifdef HAVE_OPENSSL_SSL_H
130 #include <openssl/ssl.h>
132 #ifdef HAVE_OPENSSL_ERR_H
133 #include <openssl/err.h>
135 #ifdef HAVE_OPENSSL_RAND_H
136 #include <openssl/rand.h>
138 #include <openssl/x509.h>
139 #include <openssl/x509v3.h>
140 #include <openssl/pem.h>
142 /** name of server in URL to fetch HTTPS from */
143 #define URLNAME "data.iana.org"
144 /** path on HTTPS server to xml file */
145 #define XMLNAME "root-anchors/root-anchors.xml"
146 /** path on HTTPS server to p7s file */
147 #define P7SNAME "root-anchors/root-anchors.p7s"
148 /** name of the signer of the certificate */
149 #define P7SIGNER "dnssec@iana.org"
150 /** port number for https access */
151 #define HTTPS_PORT 443
154 /* sneakily reuse the the wsa_strerror function, on windows */
155 char* wsa_strerror(int err);
158 /** verbosity for this application */
161 /** list of IP addresses */
164 struct ip_list* next;
165 /** length of addr */
167 /** address ready to connect to */
168 struct sockaddr_storage addr;
169 /** has the address been used */
173 /** Give unbound-anchor usage, and exit (1). */
177 printf("Usage: local-unbound-anchor [opts]\n");
178 printf(" Setup or update root anchor. "
179 "Most options have defaults.\n");
180 printf(" Run this program before you start the validator.\n");
182 printf(" The anchor and cert have default builtin content\n");
183 printf(" if the file does not exist or is empty.\n");
185 printf("-a file root key file, default %s\n", ROOT_ANCHOR_FILE);
186 printf(" The key is input and output for this tool.\n");
187 printf("-c file cert file, default %s\n", ROOT_CERT_FILE);
188 printf("-l list builtin key and cert on stdout\n");
189 printf("-u name server in https url, default %s\n", URLNAME);
190 printf("-x path pathname to xml in url, default %s\n", XMLNAME);
191 printf("-s path pathname to p7s in url, default %s\n", P7SNAME);
192 printf("-n name signer's subject emailAddress, default %s\n", P7SIGNER);
193 printf("-4 work using IPv4 only\n");
194 printf("-6 work using IPv6 only\n");
195 printf("-f resolv.conf use given resolv.conf\n");
196 printf("-r root.hints use given root.hints\n"
197 " builtin root hints are used by default\n");
198 printf("-R fallback from -f to root query on error\n");
199 printf("-v more verbose\n");
200 printf("-C conf debug, read config\n");
201 printf("-P port use port for https connect, default 443\n");
202 printf("-F debug, force update with cert\n");
203 printf("-h show this usage help\n");
204 printf("Version %s\n", PACKAGE_VERSION);
205 printf("BSD licensed, see LICENSE in source package for details.\n");
206 printf("Report bugs to %s\n", PACKAGE_BUGREPORT);
210 /** return the built in root update certificate */
212 get_builtin_cert(void)
215 /* The ICANN CA fetched at 24 Sep 2010. Valid to 2028 */
216 "-----BEGIN CERTIFICATE-----\n"
217 "MIIDdzCCAl+gAwIBAgIBATANBgkqhkiG9w0BAQsFADBdMQ4wDAYDVQQKEwVJQ0FO\n"
218 "TjEmMCQGA1UECxMdSUNBTk4gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxFjAUBgNV\n"
219 "BAMTDUlDQU5OIFJvb3QgQ0ExCzAJBgNVBAYTAlVTMB4XDTA5MTIyMzA0MTkxMloX\n"
220 "DTI5MTIxODA0MTkxMlowXTEOMAwGA1UEChMFSUNBTk4xJjAkBgNVBAsTHUlDQU5O\n"
221 "IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRYwFAYDVQQDEw1JQ0FOTiBSb290IENB\n"
222 "MQswCQYDVQQGEwJVUzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKDb\n"
223 "cLhPNNqc1NB+u+oVvOnJESofYS9qub0/PXagmgr37pNublVThIzyLPGCJ8gPms9S\n"
224 "G1TaKNIsMI7d+5IgMy3WyPEOECGIcfqEIktdR1YWfJufXcMReZwU4v/AdKzdOdfg\n"
225 "ONiwc6r70duEr1IiqPbVm5T05l1e6D+HkAvHGnf1LtOPGs4CHQdpIUcy2kauAEy2\n"
226 "paKcOcHASvbTHK7TbbvHGPB+7faAztABLoneErruEcumetcNfPMIjXKdv1V1E3C7\n"
227 "MSJKy+jAqqQJqjZoQGB0necZgUMiUv7JK1IPQRM2CXJllcyJrm9WFxY0c1KjBO29\n"
228 "iIKK69fcglKcBuFShUECAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8B\n"
229 "Af8EBAMCAf4wHQYDVR0OBBYEFLpS6UmDJIZSL8eZzfyNa2kITcBQMA0GCSqGSIb3\n"
230 "DQEBCwUAA4IBAQAP8emCogqHny2UYFqywEuhLys7R9UKmYY4suzGO4nkbgfPFMfH\n"
231 "6M+Zj6owwxlwueZt1j/IaCayoKU3QsrYYoDRolpILh+FPwx7wseUEV8ZKpWsoDoD\n"
232 "2JFbLg2cfB8u/OlE4RYmcxxFSmXBg0yQ8/IoQt/bxOcEEhhiQ168H2yE5rxJMt9h\n"
233 "15nu5JBSewrCkYqYYmaxyOC3WrVGfHZxVI7MpIFcGdvSb2a1uyuua8l0BKgk3ujF\n"
234 "0/wsHNeP22qNyVO+XVBzrM8fk8BSUFuiT/6tZTYXRtEt5aKQZgXbKU5dUF3jT9qg\n"
235 "j/Br5BZw3X/zd325TvnswzMC1+ljLzHnQGGk\n"
236 "-----END CERTIFICATE-----\n"
240 /** return the built in root DS trust anchor */
245 /* The anchors must start on a new line with ". IN DS and end with \n"[;]
246 * because the makedist script greps on the source here */
247 /* anchor 19036 is from 2010 */
248 /* anchor 20326 is from 2017 */
249 ". IN DS 19036 8 2 49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5\n"
250 ". IN DS 20326 8 2 E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC683457104237C7F8EC8D\n";
253 /** print hex data */
255 print_data(const char* msg, const char* data, int len)
259 for(i=0; i<len; i++) {
260 printf(" %2.2x", (unsigned char)data[i]);
265 /** print ub context creation error and exit */
267 ub_ctx_error_exit(struct ub_ctx* ctx, const char* str, const char* str2)
270 if(str && str2 && verb) printf("%s: %s\n", str, str2);
271 if(verb) printf("error: could not create unbound resolver context\n");
276 * Create a new unbound context with the commandline settings applied
278 static struct ub_ctx*
279 create_unbound_context(const char* res_conf, const char* root_hints,
280 const char* debugconf, int ip4only, int ip6only)
283 struct ub_ctx* ctx = ub_ctx_create();
285 if(verb) printf("out of memory\n");
288 /* do not waste time and network traffic to fetch extra nameservers */
289 r = ub_ctx_set_option(ctx, "target-fetch-policy:", "0 0 0 0 0");
290 if(r && verb) printf("ctx targetfetchpolicy: %s\n", ub_strerror(r));
291 /* read config file first, so its settings can be overridden */
293 r = ub_ctx_config(ctx, debugconf);
294 if(r) ub_ctx_error_exit(ctx, debugconf, ub_strerror(r));
297 r = ub_ctx_resolvconf(ctx, res_conf);
298 if(r) ub_ctx_error_exit(ctx, res_conf, ub_strerror(r));
301 r = ub_ctx_set_option(ctx, "root-hints:", root_hints);
302 if(r) ub_ctx_error_exit(ctx, root_hints, ub_strerror(r));
305 r = ub_ctx_set_option(ctx, "do-ip6:", "no");
306 if(r) ub_ctx_error_exit(ctx, "ip4only", ub_strerror(r));
309 r = ub_ctx_set_option(ctx, "do-ip4:", "no");
310 if(r) ub_ctx_error_exit(ctx, "ip6only", ub_strerror(r));
315 /** printout certificate in detail */
317 verb_cert(const char* msg, X509* x)
319 if(verb == 0 || verb == 1) return;
321 if(msg) printf("%s\n", msg);
322 X509_print_ex_fp(stdout, x, 0, (unsigned long)-1
323 ^(X509_FLAG_NO_SUBJECT
324 |X509_FLAG_NO_ISSUER|X509_FLAG_NO_VALIDITY));
327 if(msg) printf("%s\n", msg);
328 X509_print_fp(stdout, x);
331 /** printout certificates in detail */
333 verb_certs(const char* msg, STACK_OF(X509)* sk)
335 int i, num = sk_X509_num(sk);
336 if(verb == 0 || verb == 1) return;
337 for(i=0; i<num; i++) {
338 printf("%s (%d/%d)\n", msg, i, num);
339 verb_cert(NULL, sk_X509_value(sk, i));
343 /** read certificates from a PEM bio */
344 static STACK_OF(X509)*
345 read_cert_bio(BIO* bio)
347 STACK_OF(X509) *sk = sk_X509_new_null();
349 if(verb) printf("out of memory\n");
352 while(!BIO_eof(bio)) {
353 X509* x = PEM_read_bio_X509(bio, NULL, 0, NULL);
356 printf("failed to read X509\n");
357 ERR_print_errors_fp(stdout);
361 if(!sk_X509_push(sk, x)) {
362 if(verb) printf("out of memory\n");
369 /* read the certificate file */
370 static STACK_OF(X509)*
371 read_cert_file(const char* file)
377 if(file == NULL || strcmp(file, "") == 0) {
380 sk = sk_X509_new_null();
382 if(verb) printf("out of memory\n");
385 in = fopen(file, "r");
387 if(verb) printf("%s: %s\n", file, strerror(errno));
389 sk_X509_pop_free(sk, X509_free);
394 X509* x = PEM_read_X509(in, NULL, 0, NULL);
397 printf("failed to read X509 file\n");
398 ERR_print_errors_fp(stdout);
402 if(!sk_X509_push(sk, x)) {
403 if(verb) printf("out of memory\n");
408 /* read away newline after --END CERT-- */
409 if(!fgets(buf, (int)sizeof(buf), in))
414 if(verb) printf("%s is empty\n", file);
416 sk_X509_pop_free(sk, X509_free);
423 /** read certificates from the builtin certificate */
424 static STACK_OF(X509)*
425 read_builtin_cert(void)
427 const char* builtin_cert = get_builtin_cert();
429 BIO *bio = BIO_new_mem_buf(builtin_cert,
430 (int)strlen(builtin_cert));
432 if(verb) printf("out of memory\n");
435 sk = read_cert_bio(bio);
437 if(verb) printf("internal error, out of memory\n");
444 /** read update cert file or use builtin */
445 static STACK_OF(X509)*
446 read_cert_or_builtin(const char* file)
448 STACK_OF(X509) *sk = read_cert_file(file);
450 if(verb) printf("using builtin certificate\n");
451 sk = read_builtin_cert();
453 if(verb) printf("have %d trusted certificates\n", sk_X509_num(sk));
454 verb_certs("trusted certificates", sk);
459 do_list_builtin(void)
461 const char* builtin_cert = get_builtin_cert();
462 const char* builtin_ds = get_builtin_ds();
463 printf("%s\n", builtin_ds);
464 printf("%s\n", builtin_cert);
468 /** printout IP address with message */
470 verb_addr(const char* msg, struct ip_list* ip)
474 void* a = &((struct sockaddr_in*)&ip->addr)->sin_addr;
475 if(ip->len != (socklen_t)sizeof(struct sockaddr_in))
476 a = &((struct sockaddr_in6*)&ip->addr)->sin6_addr;
478 if(inet_ntop((int)((struct sockaddr_in*)&ip->addr)->sin_family,
479 a, out, (socklen_t)sizeof(out))==0)
480 printf("%s (inet_ntop error)\n", msg);
481 else printf("%s %s\n", msg, out);
487 ip_list_free(struct ip_list* p)
497 /** create ip_list entry for a RR record */
498 static struct ip_list*
499 RR_to_ip(int tp, char* data, int len, int port)
501 struct ip_list* ip = (struct ip_list*)calloc(1, sizeof(*ip));
502 uint16_t p = (uint16_t)port;
503 if(tp == LDNS_RR_TYPE_A) {
504 struct sockaddr_in* sa = (struct sockaddr_in*)&ip->addr;
505 ip->len = (socklen_t)sizeof(*sa);
506 sa->sin_family = AF_INET;
507 sa->sin_port = (in_port_t)htons(p);
508 if(len != (int)sizeof(sa->sin_addr)) {
509 if(verb) printf("skipped badly formatted A\n");
513 memmove(&sa->sin_addr, data, sizeof(sa->sin_addr));
515 } else if(tp == LDNS_RR_TYPE_AAAA) {
516 struct sockaddr_in6* sa = (struct sockaddr_in6*)&ip->addr;
517 ip->len = (socklen_t)sizeof(*sa);
518 sa->sin6_family = AF_INET6;
519 sa->sin6_port = (in_port_t)htons(p);
520 if(len != (int)sizeof(sa->sin6_addr)) {
521 if(verb) printf("skipped badly formatted AAAA\n");
525 memmove(&sa->sin6_addr, data, sizeof(sa->sin6_addr));
527 if(verb) printf("internal error: bad type in RRtoip\n");
531 verb_addr("resolved server address", ip);
535 /** Resolve name, type, class and add addresses to iplist */
537 resolve_host_ip(struct ub_ctx* ctx, const char* host, int port, int tp, int cl,
538 struct ip_list** head)
540 struct ub_result* res = NULL;
544 r = ub_resolve(ctx, host, tp, cl, &res);
546 if(verb) printf("error: resolve %s %s: %s\n", host,
547 (tp==LDNS_RR_TYPE_A)?"A":"AAAA", ub_strerror(r));
551 if(verb) printf("out of memory\n");
555 if(!res->havedata || res->rcode || !res->data) {
556 if(verb) printf("resolve %s %s: no result\n", host,
557 (tp==LDNS_RR_TYPE_A)?"A":"AAAA");
560 for(i = 0; res->data[i]; i++) {
561 struct ip_list* ip = RR_to_ip(tp, res->data[i], res->len[i],
567 ub_resolve_free(res);
570 /** parse a text IP address into a sockaddr */
571 static struct ip_list*
572 parse_ip_addr(const char* str, int port)
576 struct sockaddr_in6 a6;
577 struct sockaddr_in a;
580 uint16_t p = (uint16_t)port;
581 memset(&addr, 0, sizeof(addr));
583 if(inet_pton(AF_INET6, str, &addr.a6.sin6_addr) > 0) {
585 addr.a6.sin6_family = AF_INET6;
586 addr.a6.sin6_port = (in_port_t)htons(p);
587 len = (socklen_t)sizeof(addr.a6);
589 if(inet_pton(AF_INET, str, &addr.a.sin_addr) > 0) {
591 addr.a.sin_family = AF_INET;
592 addr.a.sin_port = (in_port_t)htons(p);
593 len = (socklen_t)sizeof(struct sockaddr_in);
595 if(!len) return NULL;
596 ip = (struct ip_list*)calloc(1, sizeof(*ip));
598 if(verb) printf("out of memory\n");
602 memmove(&ip->addr, &addr, len);
603 if(verb) printf("server address is %s\n", str);
608 * Resolve a domain name (even though the resolver is down and there is
609 * no trust anchor). Without DNSSEC validation.
610 * @param host: the name to resolve.
611 * If this name is an IP4 or IP6 address this address is returned.
612 * @param port: the port number used for the returned IP structs.
613 * @param res_conf: resolv.conf (if any).
614 * @param root_hints: root hints (if any).
615 * @param debugconf: unbound.conf for debugging options.
616 * @param ip4only: use only ip4 for resolve and only lookup A
617 * @param ip6only: use only ip6 for resolve and only lookup AAAA
618 * default is to lookup A and AAAA using ip4 and ip6.
619 * @return list of IP addresses.
621 static struct ip_list*
622 resolve_name(const char* host, int port, const char* res_conf,
623 const char* root_hints, const char* debugconf, int ip4only, int ip6only)
626 struct ip_list* list = NULL;
627 /* first see if name is an IP address itself */
628 if( (list=parse_ip_addr(host, port)) ) {
632 /* create resolver context */
633 ctx = create_unbound_context(res_conf, root_hints, debugconf,
636 /* try resolution of A */
638 resolve_host_ip(ctx, host, port, LDNS_RR_TYPE_A,
639 LDNS_RR_CLASS_IN, &list);
642 /* try resolution of AAAA */
644 resolve_host_ip(ctx, host, port, LDNS_RR_TYPE_AAAA,
645 LDNS_RR_CLASS_IN, &list);
650 if(verb) printf("%s has no IP addresses I can use\n", host);
656 /** clear used flags */
658 wipe_ip_usage(struct ip_list* p)
666 /** count unused IPs */
668 count_unused(struct ip_list* p)
678 /** pick random unused element from IP list */
679 static struct ip_list*
680 pick_random_ip(struct ip_list* list)
682 struct ip_list* p = list;
683 int num = count_unused(list);
685 if(num == 0) return NULL;
686 /* not perfect, but random enough */
687 sel = (int)arc4random_uniform((uint32_t)num);
688 /* skip over unused elements that we did not select */
689 while(sel > 0 && p) {
693 /* find the next unused element */
696 if(!p) return NULL; /* robustness */
711 /** printout socket errno */
713 print_sock_err(const char* msg)
716 if(verb) printf("%s: %s\n", msg, strerror(errno));
718 if(verb) printf("%s: %s\n", msg, wsa_strerror(WSAGetLastError()));
722 /** connect to IP address */
724 connect_to_ip(struct ip_list* ip)
727 verb_addr("connect to", ip);
728 fd = socket(ip->len==(socklen_t)sizeof(struct sockaddr_in)?
729 AF_INET:AF_INET6, SOCK_STREAM, 0);
731 print_sock_err("socket");
734 if(connect(fd, (struct sockaddr*)&ip->addr, ip->len) < 0) {
735 print_sock_err("connect");
742 /** create SSL context */
746 SSL_CTX* sslctx = SSL_CTX_new(SSLv23_client_method());
748 if(verb) printf("SSL_CTX_new error\n");
754 /** initiate TLS on a connection */
756 TLS_initiate(SSL_CTX* sslctx, int fd)
760 SSL* ssl = SSL_new(sslctx);
762 if(verb) printf("SSL_new error\n");
765 SSL_set_connect_state(ssl);
766 (void)SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
767 if(!SSL_set_fd(ssl, fd)) {
768 if(verb) printf("SSL_set_fd error\n");
774 if( (r=SSL_do_handshake(ssl)) == 1)
776 r = SSL_get_error(ssl, r);
777 if(r != SSL_ERROR_WANT_READ && r != SSL_ERROR_WANT_WRITE) {
778 if(verb) printf("SSL handshake failed\n");
782 /* wants to be called again */
784 x = SSL_get_peer_certificate(ssl);
786 if(verb) printf("Server presented no peer certificate\n");
790 verb_cert("server SSL certificate", x);
795 /** perform neat TLS shutdown */
797 TLS_shutdown(int fd, SSL* ssl, SSL_CTX* sslctx)
799 /* shutdown the SSL connection nicely */
800 if(SSL_shutdown(ssl) == 0) {
804 SSL_CTX_free(sslctx);
808 /** write a line over SSL */
810 write_ssl_line(SSL* ssl, const char* str, const char* sec)
815 snprintf(buf, sizeof(buf), str, sec);
817 snprintf(buf, sizeof(buf), "%s", str);
820 if(l+2 >= sizeof(buf)) {
821 if(verb) printf("line too long\n");
824 if(verb >= 2) printf("SSL_write: %s\n", buf);
829 if(SSL_write(ssl, buf, (int)strlen(buf)) <= 0) {
830 if(verb) printf("could not SSL_write %s", str);
836 /** process header line, check rcode and keeping track of size */
838 process_one_header(char* buf, size_t* clen, int* chunked)
840 if(verb>=2) printf("header: '%s'\n", buf);
841 if(strncasecmp(buf, "HTTP/1.1 ", 9) == 0) {
842 /* check returncode */
844 if(verb) printf("bad status %s\n", buf+9);
847 } else if(strncasecmp(buf, "Content-Length: ", 16) == 0) {
849 *clen = (size_t)atoi(buf+16);
850 } else if(strncasecmp(buf, "Transfer-Encoding: chunked", 19+7) == 0) {
858 * Read one line from SSL
860 * skips "\r\n" (but not copied to buf).
861 * @param ssl: the SSL connection to read from (blocking).
862 * @param buf: buffer to return line in.
863 * @param len: size of the buffer.
864 * @return 0 on error, 1 on success.
867 read_ssl_line(SSL* ssl, char* buf, size_t len)
874 if(verb) printf("line too long\n");
877 if((r = SSL_read(ssl, buf+n, 1)) <= 0) {
878 if(SSL_get_error(ssl, r) == SSL_ERROR_ZERO_RETURN) {
882 if(verb) printf("could not SSL_read\n");
885 if(endnl && buf[n] == '\n') {
889 if(verb) printf("error: stray linefeeds\n");
891 } else if(buf[n] == '\r') {
892 /* skip \r, and also \n on the wire */
895 } else if(buf[n] == '\n') {
896 /* skip the \n, we are done */
904 /** read http headers and process them */
906 read_http_headers(SSL* ssl, size_t* clen)
911 while(read_ssl_line(ssl, buf, sizeof(buf))) {
914 if(!process_one_header(buf, clen, &chunked))
920 /** read a data chunk */
922 read_data_chunk(SSL* ssl, size_t len)
927 if(len >= 0xfffffff0)
928 return NULL; /* to protect against integer overflow in malloc*/
929 data = malloc(len+1);
931 if(verb) printf("out of memory\n");
935 if((r = SSL_read(ssl, data+got, (int)(len-got))) <= 0) {
936 if(SSL_get_error(ssl, r) == SSL_ERROR_ZERO_RETURN) {
938 if(verb) printf("could not SSL_read: unexpected EOF\n");
942 if(verb) printf("could not SSL_read\n");
946 if(verb >= 2) printf("at %d/%d\n", (int)got, (int)len);
949 if(verb>=2) printf("read %d data\n", (int)len);
954 /** parse chunk header */
956 parse_chunk_header(char* buf, size_t* result)
959 size_t v = (size_t)strtol(buf, &e, 16);
966 /** read chunked data from connection */
968 do_chunked_read(SSL* ssl)
973 BIO* mem = BIO_new(BIO_s_mem());
974 if(verb>=3) printf("do_chunked_read\n");
976 if(verb) printf("out of memory\n");
979 while(read_ssl_line(ssl, buf, sizeof(buf))) {
980 /* read the chunked start line */
981 if(verb>=2) printf("chunk header: %s\n", buf);
982 if(!parse_chunk_header(buf, &len)) {
984 if(verb>=3) printf("could not parse chunk header\n");
987 if(verb>=2) printf("chunk len: %d\n", (int)len);
991 /* skip end-of-chunk-trailer lines,
992 * until the empty line after that */
994 if(!read_ssl_line(ssl, buf, sizeof(buf))) {
998 } while (strlen(buf) > 0);
999 /* end of chunks, zero terminate it */
1000 if(BIO_write(mem, &z, 1) <= 0) {
1001 if(verb) printf("out of memory\n");
1007 /* read the chunked body */
1008 body = read_data_chunk(ssl, len);
1013 if(BIO_write(mem, body, (int)len) <= 0) {
1014 if(verb) printf("out of memory\n");
1020 /* skip empty line after data chunk */
1021 if(!read_ssl_line(ssl, buf, sizeof(buf))) {
1030 /** start HTTP1.1 transaction on SSL */
1032 write_http_get(SSL* ssl, const char* pathname, const char* urlname)
1034 if(write_ssl_line(ssl, "GET /%s HTTP/1.1", pathname) &&
1035 write_ssl_line(ssl, "Host: %s", urlname) &&
1036 write_ssl_line(ssl, "User-Agent: unbound-anchor/%s",
1038 /* We do not really do multiple queries per connection,
1039 * but this header setting is also not needed.
1040 * write_ssl_line(ssl, "Connection: close", NULL) &&*/
1041 write_ssl_line(ssl, "", NULL)) {
1047 /** read chunked data and zero terminate; len is without zero */
1049 read_chunked_zero_terminate(SSL* ssl, size_t* len)
1051 /* do the chunked version */
1052 BIO* tmp = do_chunked_read(ssl);
1053 char* data, *d = NULL;
1056 if(verb) printf("could not read from https\n");
1059 l = (size_t)BIO_get_mem_data(tmp, &d);
1060 if(verb>=2) printf("chunked data is %d\n", (int)l);
1061 if(l == 0 || d == NULL) {
1062 if(verb) printf("out of memory\n");
1066 data = (char*)malloc(l);
1068 if(verb) printf("out of memory\n");
1076 /** read HTTP result from SSL */
1078 read_http_result(SSL* ssl)
1083 if(!read_http_headers(ssl, &len)) {
1087 data = read_chunked_zero_terminate(ssl, &len);
1089 data = read_data_chunk(ssl, len);
1091 if(!data) return NULL;
1092 if(verb >= 4) print_data("read data", data, (int)len);
1093 m = BIO_new_mem_buf(data, (int)len);
1095 if(verb) printf("out of memory\n");
1101 /** https to an IP addr, return BIO with pathname or NULL */
1103 https_to_ip(struct ip_list* ip, const char* pathname, const char* urlname)
1108 SSL_CTX* sslctx = setup_sslctx();
1112 fd = connect_to_ip(ip);
1114 SSL_CTX_free(sslctx);
1117 ssl = TLS_initiate(sslctx, fd);
1119 SSL_CTX_free(sslctx);
1123 if(!write_http_get(ssl, pathname, urlname)) {
1124 if(verb) printf("could not write to server\n");
1126 SSL_CTX_free(sslctx);
1130 bio = read_http_result(ssl);
1131 TLS_shutdown(fd, ssl, sslctx);
1136 * Do a HTTPS, HTTP1.1 over TLS, to fetch a file
1137 * @param ip_list: list of IP addresses to use to fetch from.
1138 * @param pathname: pathname of file on server to GET.
1139 * @param urlname: name to pass as the virtual host for this request.
1140 * @return a memory BIO with the file in it.
1143 https(struct ip_list* ip_list, const char* pathname, const char* urlname)
1147 /* try random address first, and work through the list */
1148 wipe_ip_usage(ip_list);
1149 while( (ip = pick_random_ip(ip_list)) ) {
1151 bio = https_to_ip(ip, pathname, urlname);
1155 if(verb) printf("could not fetch %s\n", pathname);
1158 if(verb) printf("fetched %s (%d bytes)\n",
1159 pathname, (int)BIO_ctrl_pending(bio));
1164 /** free up a downloaded file BIO */
1166 free_file_bio(BIO* bio)
1169 (void)BIO_reset(bio);
1170 (void)BIO_get_mem_data(bio, &pp);
1175 /** XML parse private data during the parse */
1177 /** the parser, reference */
1179 /** the current tag; malloced; or NULL outside of tags */
1181 /** current date to use during the parse */
1183 /** number of keys usefully read in */
1185 /** the compiled anchors as DS records */
1188 /** do we want to use this anchor? */
1190 /** the current anchor: Zone */
1192 /** the current anchor: KeyTag */
1194 /** the current anchor: Algorithm */
1196 /** the current anchor: DigestType */
1198 /** the current anchor: Digest*/
1202 /** The BIO for the tag */
1204 xml_selectbio(struct xml_data* data, const char* tag)
1207 if(strcasecmp(tag, "KeyTag") == 0)
1209 else if(strcasecmp(tag, "Algorithm") == 0)
1211 else if(strcasecmp(tag, "DigestType") == 0)
1213 else if(strcasecmp(tag, "Digest") == 0)
1219 * XML handle character data, the data inside an element.
1220 * @param userData: xml_data structure
1221 * @param s: the character data. May not all be in one callback.
1222 * NOT zero terminated.
1223 * @param len: length of this part of the data.
1226 xml_charhandle(void *userData, const XML_Char *s, int len)
1228 struct xml_data* data = (struct xml_data*)userData;
1230 /* skip characters outside of elements */
1235 printf("%s%s charhandle: '",
1236 data->use_key?"use ":"",
1237 data->tag?data->tag:"none");
1238 for(i=0; i<len; i++)
1242 if(strcasecmp(data->tag, "Zone") == 0) {
1243 if(BIO_write(data->czone, s, len) < 0) {
1244 if(verb) printf("out of memory in BIO_write\n");
1249 /* only store if key is used */
1252 b = xml_selectbio(data, data->tag);
1254 if(BIO_write(b, s, len) < 0) {
1255 if(verb) printf("out of memory in BIO_write\n");
1262 * XML fetch value of particular attribute(by name) or NULL if not present.
1263 * @param atts: attribute array (from xml_startelem).
1264 * @param name: name of attribute to look for.
1265 * @return the value or NULL. (ptr into atts).
1267 static const XML_Char*
1268 find_att(const XML_Char **atts, const XML_Char* name)
1271 for(i=0; atts[i]; i+=2) {
1272 if(strcasecmp(atts[i], name) == 0)
1279 * XML convert DateTime element to time_t.
1280 * [-]CCYY-MM-DDThh:mm:ss[Z|(+|-)hh:mm]
1281 * (with optional .ssssss fractional seconds)
1282 * @param str: the string
1283 * @return a time_t representation or 0 on failure.
1286 xml_convertdate(const char* str)
1291 /* for this application, ignore minus in front;
1292 * only positive dates are expected */
1294 if(s[0] == '-') s++;
1295 memset(&tm, 0, sizeof(tm));
1296 /* parse initial content of the string (lots of whitespace allowed) */
1297 s = strptime(s, "%t%Y%t-%t%m%t-%t%d%tT%t%H%t:%t%M%t:%t%S%t", &tm);
1299 if(verb) printf("xml_convertdate parse failure %s\n", str);
1302 /* parse remainder of date string */
1304 /* optional '.' and fractional seconds */
1305 int frac = 0, n = 0;
1306 if(sscanf(s+1, "%d%n", &frac, &n) < 1) {
1307 if(verb) printf("xml_convertdate f failure %s\n", str);
1310 /* fraction is not used, time_t has second accuracy */
1314 if(*s == 'Z' || *s == 'z') {
1315 /* nothing to do for this */
1317 } else if(*s == '+' || *s == '-') {
1318 /* optional timezone spec: Z or +hh:mm or -hh:mm */
1319 int hr = 0, mn = 0, n = 0;
1320 if(sscanf(s+1, "%d:%d%n", &hr, &mn, &n) < 2) {
1321 if(verb) printf("xml_convertdate tz failure %s\n", str);
1335 /* not ended properly */
1336 /* but ignore, (lenient) */
1339 t = sldns_mktime_from_utc(&tm);
1340 if(t == (time_t)-1) {
1341 if(verb) printf("xml_convertdate mktime failure\n");
1348 * XML handle the KeyDigest start tag, check validity periods.
1351 handle_keydigest(struct xml_data* data, const XML_Char **atts)
1354 if(find_att(atts, "validFrom")) {
1355 time_t from = xml_convertdate(find_att(atts, "validFrom"));
1357 if(verb) printf("error: xml cannot be parsed\n");
1360 if(data->date < from)
1363 if(find_att(atts, "validUntil")) {
1364 time_t until = xml_convertdate(find_att(atts, "validUntil"));
1366 if(verb) printf("error: xml cannot be parsed\n");
1369 if(data->date > until)
1372 /* yes we want to use this key */
1374 (void)BIO_reset(data->ctag);
1375 (void)BIO_reset(data->calgo);
1376 (void)BIO_reset(data->cdigtype);
1377 (void)BIO_reset(data->cdigest);
1380 /** See if XML element equals the zone name */
1382 xml_is_zone_name(BIO* zone, const char* name)
1387 (void)BIO_seek(zone, 0);
1388 zlen = BIO_get_mem_data(zone, &z);
1389 if(!zlen || !z) return 0;
1390 /* zero terminate */
1391 if(zlen >= (long)sizeof(buf)) return 0;
1392 memmove(buf, z, (size_t)zlen);
1395 return (strncasecmp(buf, name, strlen(name)) == 0);
1399 * XML start of element. This callback is called whenever an XML tag starts.
1401 * @param userData: the xml_data structure.
1402 * @param name: the tag that starts.
1403 * @param atts: array of strings, pairs of attr = value, ends with NULL.
1404 * i.e. att[0]="att[1]" att[2]="att[3]" att[4]isNull
1407 xml_startelem(void *userData, const XML_Char *name, const XML_Char **atts)
1409 struct xml_data* data = (struct xml_data*)userData;
1411 if(verb>=4) printf("xml tag start '%s'\n", name);
1413 data->tag = strdup(name);
1415 if(verb) printf("out of memory\n");
1420 for(i=0; atts[i]; i+=2) {
1421 printf(" %s='%s'\n", atts[i], atts[i+1]);
1424 /* handle attributes to particular types */
1425 if(strcasecmp(name, "KeyDigest") == 0) {
1426 handle_keydigest(data, atts);
1428 } else if(strcasecmp(name, "Zone") == 0) {
1429 (void)BIO_reset(data->czone);
1433 /* for other types we prepare to pick up the data */
1436 b = xml_selectbio(data, data->tag);
1443 /** Append str to bio */
1445 xml_append_str(BIO* b, const char* s)
1447 if(BIO_write(b, s, (int)strlen(s)) < 0) {
1448 if(verb) printf("out of memory in BIO_write\n");
1453 /** Append bio to bio */
1455 xml_append_bio(BIO* b, BIO* a)
1459 (void)BIO_seek(a, 0);
1460 len = BIO_get_mem_data(a, &z);
1462 if(verb) printf("out of memory in BIO_write\n");
1465 /* remove newlines in the data here */
1466 for(i=0; i<len; i++) {
1467 if(z[i] == '\r' || z[i] == '\n')
1471 if(BIO_write(b, z, len) < 0) {
1472 if(verb) printf("out of memory in BIO_write\n");
1477 /** write the parsed xml-DS to the DS list */
1479 xml_append_ds(struct xml_data* data)
1481 /* write DS to accumulated DS */
1482 xml_append_str(data->ds, ". IN DS ");
1483 xml_append_bio(data->ds, data->ctag);
1484 xml_append_str(data->ds, " ");
1485 xml_append_bio(data->ds, data->calgo);
1486 xml_append_str(data->ds, " ");
1487 xml_append_bio(data->ds, data->cdigtype);
1488 xml_append_str(data->ds, " ");
1489 xml_append_bio(data->ds, data->cdigest);
1490 xml_append_str(data->ds, "\n");
1495 * XML end of element. This callback is called whenever an XML tag ends.
1497 * @param userData: the xml_data structure
1498 * @param name: the tag that ends.
1501 xml_endelem(void *userData, const XML_Char *name)
1503 struct xml_data* data = (struct xml_data*)userData;
1504 if(verb>=4) printf("xml tag end '%s'\n", name);
1507 if(strcasecmp(name, "KeyDigest") == 0) {
1509 xml_append_ds(data);
1511 } else if(strcasecmp(name, "Zone") == 0) {
1512 if(!xml_is_zone_name(data->czone, ".")) {
1513 if(verb) printf("xml not for the right zone\n");
1519 /* Stop the parser when an entity declaration is encountered. For safety. */
1521 xml_entitydeclhandler(void *userData,
1522 const XML_Char *ATTR_UNUSED(entityName),
1523 int ATTR_UNUSED(is_parameter_entity),
1524 const XML_Char *ATTR_UNUSED(value), int ATTR_UNUSED(value_length),
1525 const XML_Char *ATTR_UNUSED(base),
1526 const XML_Char *ATTR_UNUSED(systemId),
1527 const XML_Char *ATTR_UNUSED(publicId),
1528 const XML_Char *ATTR_UNUSED(notationName))
1530 #if HAVE_DECL_XML_STOPPARSER
1531 (void)XML_StopParser((XML_Parser)userData, XML_FALSE);
1538 * XML parser setup of the callbacks for the tags
1541 xml_parse_setup(XML_Parser parser, struct xml_data* data, time_t now)
1544 memset(data, 0, sizeof(*data));
1545 XML_SetUserData(parser, data);
1546 data->parser = parser;
1548 data->ds = BIO_new(BIO_s_mem());
1549 data->ctag = BIO_new(BIO_s_mem());
1550 data->czone = BIO_new(BIO_s_mem());
1551 data->calgo = BIO_new(BIO_s_mem());
1552 data->cdigtype = BIO_new(BIO_s_mem());
1553 data->cdigest = BIO_new(BIO_s_mem());
1554 if(!data->ds || !data->ctag || !data->calgo || !data->czone ||
1555 !data->cdigtype || !data->cdigest) {
1556 if(verb) printf("out of memory\n");
1559 snprintf(buf, sizeof(buf), "; created by unbound-anchor on %s",
1561 if(BIO_write(data->ds, buf, (int)strlen(buf)) < 0) {
1562 if(verb) printf("out of memory\n");
1565 XML_SetEntityDeclHandler(parser, xml_entitydeclhandler);
1566 XML_SetElementHandler(parser, xml_startelem, xml_endelem);
1567 XML_SetCharacterDataHandler(parser, xml_charhandle);
1571 * Perform XML parsing of the root-anchors file
1572 * Its format description can be read here
1573 * https://data.iana.org/root-anchors/draft-icann-dnssec-trust-anchor.txt
1575 * @param xml: BIO with xml data.
1576 * @param now: the current time for checking DS validity periods.
1577 * @return memoryBIO with the DS data in zone format.
1578 * or NULL if the zone is insecure.
1579 * (It exit()s on error)
1582 xml_parse(BIO* xml, time_t now)
1587 struct xml_data data;
1589 parser = XML_ParserCreate(NULL);
1591 if(verb) printf("could not XML_ParserCreate\n");
1595 /* setup callbacks */
1596 xml_parse_setup(parser, &data, now);
1599 (void)BIO_reset(xml);
1600 len = (int)BIO_get_mem_data(xml, &pp);
1602 if(verb) printf("out of memory\n");
1605 if(!XML_Parse(parser, pp, len, 1 /*isfinal*/ )) {
1606 const char *e = XML_ErrorString(XML_GetErrorCode(parser));
1607 if(verb) printf("XML_Parse failure %s\n", e?e:"");
1612 if(verb) printf("XML was parsed successfully, %d keys\n",
1615 XML_ParserFree(parser);
1618 (void)BIO_seek(data.ds, 0);
1619 len = BIO_get_mem_data(data.ds, &pp);
1620 printf("got DS bio %d: '", len);
1621 if(!fwrite(pp, (size_t)len, 1, stdout))
1622 /* compilers do not allow us to ignore fwrite .. */
1623 fprintf(stderr, "error writing to stdout\n");
1626 BIO_free(data.czone);
1627 BIO_free(data.ctag);
1628 BIO_free(data.calgo);
1629 BIO_free(data.cdigtype);
1630 BIO_free(data.cdigest);
1632 if(data.num_keys == 0) {
1633 /* the root zone seems to have gone insecure */
1641 /* get key usage out of its extension, returns 0 if no key_usage extension */
1642 static unsigned long
1643 get_usage_of_ex(X509* cert)
1645 unsigned long val = 0;
1647 if((s=X509_get_ext_d2i(cert, NID_key_usage, NULL, NULL))) {
1651 val |= s->data[1] << 8;
1653 ASN1_BIT_STRING_free(s);
1658 /** get valid signers from the list of signers in the signature */
1659 static STACK_OF(X509)*
1660 get_valid_signers(PKCS7* p7, const char* p7signer)
1663 STACK_OF(X509)* validsigners = sk_X509_new_null();
1664 STACK_OF(X509)* signers = PKCS7_get0_signers(p7, NULL, 0);
1665 unsigned long usage = 0;
1667 if(verb) printf("out of memory\n");
1668 sk_X509_free(signers);
1672 if(verb) printf("no signers in pkcs7 signature\n");
1673 sk_X509_free(validsigners);
1676 for(i=0; i<sk_X509_num(signers); i++) {
1677 X509_NAME* nm = X509_get_subject_name(
1678 sk_X509_value(signers, i));
1681 if(verb) printf("signer %d: cert has no subject name\n", i);
1685 char* nmline = X509_NAME_oneline(nm, buf,
1687 printf("signer %d: Subject: %s\n", i,
1688 nmline?nmline:"no subject");
1689 if(verb >= 3 && X509_NAME_get_text_by_NID(nm,
1690 NID_commonName, buf, (int)sizeof(buf)))
1691 printf("commonName: %s\n", buf);
1692 if(verb >= 3 && X509_NAME_get_text_by_NID(nm,
1693 NID_pkcs9_emailAddress, buf, (int)sizeof(buf)))
1694 printf("emailAddress: %s\n", buf);
1697 int ku_loc = X509_get_ext_by_NID(
1698 sk_X509_value(signers, i), NID_key_usage, -1);
1699 if(verb >= 3 && ku_loc >= 0) {
1700 X509_EXTENSION *ex = X509_get_ext(
1701 sk_X509_value(signers, i), ku_loc);
1703 printf("keyUsage: ");
1704 X509V3_EXT_print_fp(stdout, ex, 0, 0);
1709 if(!p7signer || strcmp(p7signer, "")==0) {
1710 /* there is no name to check, return all records */
1711 if(verb) printf("did not check commonName of signer\n");
1713 if(!X509_NAME_get_text_by_NID(nm,
1714 NID_pkcs9_emailAddress,
1715 buf, (int)sizeof(buf))) {
1716 if(verb) printf("removed cert with no name\n");
1717 continue; /* no name, no use */
1719 if(strcmp(buf, p7signer) != 0) {
1720 if(verb) printf("removed cert with wrong name\n");
1721 continue; /* wrong name, skip it */
1725 /* check that the key usage allows digital signatures
1727 usage = get_usage_of_ex(sk_X509_value(signers, i));
1728 if(!(usage & KU_DIGITAL_SIGNATURE)) {
1729 if(verb) printf("removed cert with no key usage Digital Signature allowed\n");
1733 /* we like this cert, add it to our list of valid
1734 * signers certificates */
1735 sk_X509_push(validsigners, sk_X509_value(signers, i));
1737 sk_X509_free(signers);
1738 return validsigners;
1741 /** verify a PKCS7 signature, false on failure */
1743 verify_p7sig(BIO* data, BIO* p7s, STACK_OF(X509)* trust, const char* p7signer)
1746 X509_STORE *store = X509_STORE_new();
1747 STACK_OF(X509)* validsigners;
1750 #ifdef X509_V_FLAG_CHECK_SS_SIGNATURE
1751 X509_VERIFY_PARAM* param = X509_VERIFY_PARAM_new();
1753 if(verb) printf("out of memory\n");
1754 X509_STORE_free(store);
1757 /* do the selfcheck on the root certificate; it checks that the
1759 X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CHECK_SS_SIGNATURE);
1760 if(store) X509_STORE_set1_param(store, param);
1763 if(verb) printf("out of memory\n");
1764 #ifdef X509_V_FLAG_CHECK_SS_SIGNATURE
1765 X509_VERIFY_PARAM_free(param);
1769 #ifdef X509_V_FLAG_CHECK_SS_SIGNATURE
1770 X509_VERIFY_PARAM_free(param);
1773 (void)BIO_reset(p7s);
1774 (void)BIO_reset(data);
1776 /* convert p7s to p7 (the signature) */
1777 p7 = d2i_PKCS7_bio(p7s, NULL);
1779 if(verb) printf("could not parse p7s signature file\n");
1780 X509_STORE_free(store);
1783 if(verb >= 2) printf("parsed the PKCS7 signature\n");
1785 /* convert trust to trusted certificate store */
1786 for(i=0; i<sk_X509_num(trust); i++) {
1787 if(!X509_STORE_add_cert(store, sk_X509_value(trust, i))) {
1788 if(verb) printf("failed X509_STORE_add_cert\n");
1789 X509_STORE_free(store);
1794 if(verb >= 2) printf("setup the X509_STORE\n");
1796 /* check what is in the Subject name of the certificates,
1797 * and build a stack that contains only the right certificates */
1798 validsigners = get_valid_signers(p7, p7signer);
1800 X509_STORE_free(store);
1804 if(PKCS7_verify(p7, validsigners, store, data, NULL, PKCS7_NOINTERN) == 1) {
1806 if(verb) printf("the PKCS7 signature verified\n");
1809 ERR_print_errors_fp(stdout);
1813 sk_X509_free(validsigners);
1814 X509_STORE_free(store);
1819 /** write unsigned root anchor file, a 5011 revoked tp */
1821 write_unsigned_root(const char* root_anchor_file)
1824 time_t now = time(NULL);
1825 out = fopen(root_anchor_file, "w");
1827 if(verb) printf("%s: %s\n", root_anchor_file, strerror(errno));
1830 if(fprintf(out, "; autotrust trust anchor file\n"
1833 "; This file was written by unbound-anchor on %s"
1834 "; It indicates that the root does not use DNSSEC\n"
1835 "; to restart DNSSEC overwrite this file with a\n"
1836 "; valid trustanchor or (empty-it and run unbound-anchor)\n"
1837 , ctime(&now)) < 0) {
1838 if(verb) printf("failed to write 'unsigned' to %s\n",
1840 if(verb && errno != 0) printf("%s\n", strerror(errno));
1846 FlushFileBuffers((HANDLE)_get_osfhandle(_fileno(out)));
1851 /** write root anchor file */
1853 write_root_anchor(const char* root_anchor_file, BIO* ds)
1858 (void)BIO_seek(ds, 0);
1859 len = BIO_get_mem_data(ds, &pp);
1861 if(verb) printf("out of memory\n");
1864 out = fopen(root_anchor_file, "w");
1866 if(verb) printf("%s: %s\n", root_anchor_file, strerror(errno));
1869 if(fwrite(pp, (size_t)len, 1, out) != 1) {
1870 if(verb) printf("failed to write all data to %s\n",
1872 if(verb && errno != 0) printf("%s\n", strerror(errno));
1878 FlushFileBuffers((HANDLE)_get_osfhandle(_fileno(out)));
1883 /** Perform the verification and update of the trustanchor file */
1885 verify_and_update_anchor(const char* root_anchor_file, BIO* xml, BIO* p7s,
1886 STACK_OF(X509)* cert, const char* p7signer)
1890 /* verify xml file */
1891 if(!verify_p7sig(xml, p7s, cert, p7signer)) {
1892 printf("the PKCS7 signature failed\n");
1896 /* parse the xml file into DS records */
1897 ds = xml_parse(xml, time(NULL));
1899 /* the root zone is unsigned now */
1900 write_unsigned_root(root_anchor_file);
1902 /* reinstate 5011 tracking */
1903 write_root_anchor(root_anchor_file, ds);
1909 static void do_wsa_cleanup(void) { WSACleanup(); }
1912 /** perform actual certupdate work */
1914 do_certupdate(const char* root_anchor_file, const char* root_cert_file,
1915 const char* urlname, const char* xmlname, const char* p7sname,
1916 const char* p7signer, const char* res_conf, const char* root_hints,
1917 const char* debugconf, int ip4only, int ip6only, int port)
1919 STACK_OF(X509)* cert;
1921 struct ip_list* ip_list = NULL;
1923 /* read pem file or provide builtin */
1924 cert = read_cert_or_builtin(root_cert_file);
1926 /* lookup A, AAAA for the urlname (or parse urlname if IP address) */
1927 ip_list = resolve_name(urlname, port, res_conf, root_hints, debugconf,
1931 if(1) { /* libunbound finished, startup WSA for the https connection */
1934 if((r = WSAStartup(MAKEWORD(2,2), &wsa_data)) != 0) {
1935 if(verb) printf("WSAStartup failed: %s\n",
1939 atexit(&do_wsa_cleanup);
1943 /* fetch the necessary files over HTTPS */
1944 xml = https(ip_list, xmlname, urlname);
1945 p7s = https(ip_list, p7sname, urlname);
1947 /* verify and update the root anchor */
1948 verify_and_update_anchor(root_anchor_file, xml, p7s, cert, p7signer);
1949 if(verb) printf("success: the anchor has been updated "
1950 "using the cert\n");
1955 sk_X509_pop_free(cert, X509_free);
1957 ip_list_free(ip_list);
1962 * Try to read the root RFC5011 autotrust anchor file,
1963 * @param file: filename.
1965 * 0 if does not exist or empty
1966 * 1 if trust-point-revoked-5011
1970 try_read_anchor(const char* file)
1975 FILE* in = fopen(file, "r");
1977 /* only if the file does not exist, can we fix it */
1978 if(errno != ENOENT) {
1979 if(verb) printf("%s: %s\n", file, strerror(errno));
1980 if(verb) printf("error: cannot access the file\n");
1983 if(verb) printf("%s does not exist\n", file);
1986 while(fgets(line, (int)sizeof(line), in)) {
1987 line[sizeof(line)-1] = 0;
1988 if(strncmp(line, ";;REVOKED", 9) == 0) {
1990 if(verb) printf("%s : the trust point is revoked\n"
1991 "and the zone is considered unsigned.\n"
1992 "if you wish to re-enable, delete the file\n",
1997 while(*p == ' ' || *p == '\t')
1999 if(p[0]==0 || p[0]=='\n' || p[0]==';') continue;
2000 /* this line is a line of content */
2005 if(verb) printf("%s is empty\n", file);
2008 if(verb) printf("%s has content\n", file);
2012 /** Write the builtin root anchor to a file */
2014 write_builtin_anchor(const char* file)
2016 const char* builtin_root_anchor = get_builtin_ds();
2017 FILE* out = fopen(file, "w");
2019 if(verb) printf("%s: %s\n", file, strerror(errno));
2020 if(verb) printf(" could not write builtin anchor\n");
2023 if(!fwrite(builtin_root_anchor, strlen(builtin_root_anchor), 1, out)) {
2024 if(verb) printf("%s: %s\n", file, strerror(errno));
2025 if(verb) printf(" could not complete write builtin anchor\n");
2031 * Check the root anchor file.
2032 * If does not exist, provide builtin and write file.
2033 * If empty, provide builtin and write file.
2034 * If trust-point-revoked-5011 file: make the program exit.
2035 * @param root_anchor_file: filename of the root anchor.
2036 * @param used_builtin: set to 1 if the builtin is written.
2037 * @return 0 if trustpoint is insecure, 1 on success. Exit on failure.
2040 provide_builtin(const char* root_anchor_file, int* used_builtin)
2042 /* try to read it */
2043 switch(try_read_anchor(root_anchor_file))
2045 case 0: /* no exist or empty */
2046 write_builtin_anchor(root_anchor_file);
2049 case 1: /* revoked tp */
2051 case 2: /* it is fine */
2059 * add an autotrust anchor for the root to the context
2062 add_5011_probe_root(struct ub_ctx* ctx, const char* root_anchor_file)
2065 r = ub_ctx_set_option(ctx, "auto-trust-anchor-file:", root_anchor_file);
2067 if(verb) printf("add 5011 probe to ctx: %s\n", ub_strerror(r));
2074 * Prime the root key and return the result. Exit on error.
2075 * @param ctx: the unbound context to perform the priming with.
2076 * @return: the result of the prime, on error it exit()s.
2078 static struct ub_result*
2079 prime_root_key(struct ub_ctx* ctx)
2081 struct ub_result* res = NULL;
2083 r = ub_resolve(ctx, ".", LDNS_RR_TYPE_DNSKEY, LDNS_RR_CLASS_IN, &res);
2085 if(verb) printf("resolve DNSKEY: %s\n", ub_strerror(r));
2090 if(verb) printf("out of memory\n");
2097 /** see if ADDPEND keys exist in autotrust file (if possible) */
2099 read_if_pending_keys(const char* file)
2101 FILE* in = fopen(file, "r");
2104 if(verb>=2) printf("%s: %s\n", file, strerror(errno));
2107 while(fgets(line, (int)sizeof(line), in)) {
2108 if(line[0]==';') continue;
2109 if(strstr(line, "[ ADDPEND ]")) {
2111 if(verb) printf("RFC5011-state has ADDPEND keys\n");
2119 /** read last successful probe time from autotrust file (if possible) */
2121 read_last_success_time(const char* file)
2123 FILE* in = fopen(file, "r");
2126 if(verb) printf("%s: %s\n", file, strerror(errno));
2129 while(fgets(line, (int)sizeof(line), in)) {
2130 if(strncmp(line, ";;last_success: ", 16) == 0) {
2132 time_t x = (unsigned int)strtol(line+16, &e, 10);
2135 if(verb) printf("failed to parse "
2136 "last_success probe time\n");
2139 if(verb) printf("last successful probe: %s", ctime(&x));
2144 if(verb) printf("no last_success probe time in anchor file\n");
2149 * Read autotrust 5011 probe file and see if the date
2150 * compared to the current date allows a certupdate.
2151 * If the last successful probe was recent then 5011 cannot be behind,
2152 * and the failure cannot be solved with a certupdate.
2153 * The debugconf is to validation-override the date for testing.
2154 * @param root_anchor_file: filename of root key
2155 * @return true if certupdate is ok.
2158 probe_date_allows_certupdate(const char* root_anchor_file)
2160 int has_pending_keys = read_if_pending_keys(root_anchor_file);
2161 int32_t last_success = read_last_success_time(root_anchor_file);
2162 int32_t now = (int32_t)time(NULL);
2163 int32_t leeway = 30 * 24 * 3600; /* 30 days leeway */
2164 /* if the date is before 2010-07-15:00.00.00 then the root has not
2165 * been signed yet, and thus we refuse to take action. */
2166 if(time(NULL) < xml_convertdate("2010-07-15T00:00:00")) {
2167 if(verb) printf("the date is before the root was first signed,"
2168 " please correct the clock\n");
2171 if(last_success == 0)
2172 return 1; /* no probe time */
2173 if(has_pending_keys)
2174 return 1; /* key in ADDPEND state, a previous probe has
2175 inserted that, and it was present in all recent probes,
2176 but it has not become active. The 30 day timer may not have
2177 expired, but we know(for sure) there is a rollover going on.
2178 If we only managed to pickup the new key on its last day
2179 of announcement (for example) this can happen. */
2180 if(now - last_success < 0) {
2181 if(verb) printf("the last successful probe is in the future,"
2182 " clock was modified\n");
2185 if(now - last_success >= leeway) {
2186 if(verb) printf("the last successful probe was more than 30 "
2190 if(verb) printf("the last successful probe is recent\n");
2194 static struct ub_result *
2195 fetch_root_key(const char* root_anchor_file, const char* res_conf,
2196 const char* root_hints, const char* debugconf,
2197 int ip4only, int ip6only)
2200 struct ub_result* dnskey;
2202 ctx = create_unbound_context(res_conf, root_hints, debugconf,
2204 add_5011_probe_root(ctx, root_anchor_file);
2205 dnskey = prime_root_key(ctx);
2210 /** perform the unbound-anchor work */
2212 do_root_update_work(const char* root_anchor_file, const char* root_cert_file,
2213 const char* urlname, const char* xmlname, const char* p7sname,
2214 const char* p7signer, const char* res_conf, const char* root_hints,
2215 const char* debugconf, int ip4only, int ip6only, int force,
2216 int res_conf_fallback, int port)
2218 struct ub_result* dnskey;
2219 int used_builtin = 0;
2222 /* see if builtin rootanchor needs to be provided, or if
2223 * rootanchor is 'revoked-trust-point' */
2224 if(!provide_builtin(root_anchor_file, &used_builtin))
2227 /* make unbound context with 5011-probe for root anchor,
2228 * and probe . DNSKEY */
2229 dnskey = fetch_root_key(root_anchor_file, res_conf,
2230 root_hints, debugconf, ip4only, ip6only);
2231 rcode = dnskey->rcode;
2233 if (res_conf_fallback && res_conf && !dnskey->secure) {
2234 if (verb) printf("%s failed, retrying direct\n", res_conf);
2235 ub_resolve_free(dnskey);
2236 /* try direct query without res_conf */
2237 dnskey = fetch_root_key(root_anchor_file, NULL,
2238 root_hints, debugconf, ip4only, ip6only);
2239 if (rcode != 0 && dnskey->rcode == 0) {
2245 /* if secure: exit */
2246 if(dnskey->secure && !force) {
2247 if(verb) printf("success: the anchor is ok\n");
2248 ub_resolve_free(dnskey);
2249 return used_builtin;
2251 if(force && verb) printf("debug cert update forced\n");
2252 ub_resolve_free(dnskey);
2254 /* if not (and NOERROR): check date and do certupdate */
2256 probe_date_allows_certupdate(root_anchor_file)) || force) {
2257 if(do_certupdate(root_anchor_file, root_cert_file, urlname,
2258 xmlname, p7sname, p7signer, res_conf, root_hints,
2259 debugconf, ip4only, ip6only, port))
2261 return used_builtin;
2263 if(verb) printf("fail: the anchor is NOT ok and could not be fixed\n");
2264 return used_builtin;
2267 /** getopt global, in case header files fail to declare it. */
2269 /** getopt global, in case header files fail to declare it. */
2270 extern char* optarg;
2272 /** Main routine for unbound-anchor */
2273 int main(int argc, char* argv[])
2276 const char* root_anchor_file = ROOT_ANCHOR_FILE;
2277 const char* root_cert_file = ROOT_CERT_FILE;
2278 const char* urlname = URLNAME;
2279 const char* xmlname = XMLNAME;
2280 const char* p7sname = P7SNAME;
2281 const char* p7signer = P7SIGNER;
2282 const char* res_conf = NULL;
2283 const char* root_hints = NULL;
2284 const char* debugconf = NULL;
2285 int dolist=0, ip4only=0, ip6only=0, force=0, port = HTTPS_PORT;
2286 int res_conf_fallback = 0;
2287 /* parse the options */
2288 while( (c=getopt(argc, argv, "46C:FRP:a:c:f:hln:r:s:u:vx:")) != -1) {
2300 root_anchor_file = optarg;
2303 root_cert_file = optarg;
2321 root_hints = optarg;
2324 res_conf_fallback = 1;
2333 port = atoi(optarg);
2349 #ifdef HAVE_ERR_LOAD_CRYPTO_STRINGS
2350 ERR_load_crypto_strings();
2352 #if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_SSL)
2353 ERR_load_SSL_strings();
2355 #if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_CRYPTO)
2356 OpenSSL_add_all_algorithms();
2358 OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS
2359 | OPENSSL_INIT_ADD_ALL_DIGESTS
2360 | OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
2362 #if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_SSL)
2363 (void)SSL_library_init();
2365 (void)OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL);
2368 if(dolist) do_list_builtin();
2370 return do_root_update_work(root_anchor_file, root_cert_file, urlname,
2371 xmlname, p7sname, p7signer, res_conf, root_hints, debugconf,
2372 ip4only, ip6only, force, res_conf_fallback, port);