• Home
  • Features
  • Pricing
  • Docs
  • Announcements
  • Sign In

PowerDNS / pdns / 12595591960

03 Jan 2025 09:27AM UTC coverage: 62.774% (+2.5%) from 60.245%
12595591960

Pull #15008

github

web-flow
Merge c2a2749d3 into 788f396a7
Pull Request #15008: Do not follow CNAME records for ANY or CNAME queries

30393 of 78644 branches covered (38.65%)

Branch coverage included in aggregate %.

105822 of 138350 relevant lines covered (76.49%)

4613078.44 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

76.55
/pdns/credentials.cc
1
/*
2
 * This file is part of PowerDNS or dnsdist.
3
 * Copyright -- PowerDNS.COM B.V. and its contributors
4
 *
5
 * This program is free software; you can redistribute it and/or modify
6
 * it under the terms of version 2 of the GNU General Public License as
7
 * published by the Free Software Foundation.
8
 *
9
 * In addition, for the avoidance of any doubt, permission is granted to
10
 * link this program with OpenSSL and to (re)distribute the binaries
11
 * produced as the result of such linking.
12
 *
13
 * This program is distributed in the hope that it will be useful,
14
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16
 * GNU General Public License for more details.
17
 *
18
 * You should have received a copy of the GNU General Public License
19
 * along with this program; if not, write to the Free Software
20
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
21
 */
22
#include "config.h"
23

24
#include <cmath>
25
#include <stdexcept>
26

27
#ifdef HAVE_LIBSODIUM
28
#include <sodium.h>
29
#endif
30

31
#if !defined(DISABLE_HASHED_CREDENTIALS) && defined(HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT)
32
#include <openssl/evp.h>
33
#include <openssl/kdf.h>
34
#include <openssl/opensslv.h>
35
#include <openssl/rand.h>
36
#endif
37

38
#include <fcntl.h>
39
#include <sys/stat.h>
40
#include <unistd.h>
41

42
#include "base64.hh"
43
#include "dns_random.hh"
44
#include "credentials.hh"
45
#include "misc.hh"
46

47
#if !defined(DISABLE_HASHED_CREDENTIALS) && defined(HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT)
48
static size_t const pwhash_max_size = 128U; /* maximum size of the output */
49
static size_t const pwhash_output_size = 32U; /* size of the hashed output (before base64 encoding) */
50
static unsigned int const pwhash_salt_size = 16U; /* size of the salt (before base64 encoding */
51
static uint64_t const pwhash_max_work_factor = 32768U; /* max N for interactive login purposes */
52

53
/* PHC string format, storing N as log2(N) as done by passlib.
54
   for now we only support one algo but we might have to change that later */
55
static std::string const pwhash_prefix = "$scrypt$";
56
static size_t const pwhash_prefix_size = pwhash_prefix.size();
57
#endif
58

59
SensitiveData::SensitiveData(std::string&& data) :
60
  d_data(std::move(data))
61
{
353✔
62
  data.clear();
353✔
63
#ifdef HAVE_LIBSODIUM
345✔
64
  sodium_mlock(d_data.data(), d_data.size());
345✔
65
#endif
345✔
66
}
353✔
67

68
SensitiveData& SensitiveData::operator=(SensitiveData&& rhs) noexcept
69
{
160✔
70
  d_data = std::move(rhs.d_data);
160✔
71
  rhs.clear();
160✔
72
  return *this;
160✔
73
}
160✔
74

75
SensitiveData::SensitiveData(size_t bytes)
76
{
5✔
77
  d_data.resize(bytes);
5✔
78
#ifdef HAVE_LIBSODIUM
3✔
79
  sodium_mlock(d_data.data(), d_data.size());
3✔
80
#endif
3✔
81
}
5✔
82

83
SensitiveData::~SensitiveData()
84
{
179✔
85
  clear();
179✔
86
}
179✔
87

88
void SensitiveData::clear()
89
{
344✔
90
#ifdef HAVE_LIBSODIUM
328✔
91
  sodium_munlock(d_data.data(), d_data.size());
328✔
92
#endif
328✔
93
  d_data.clear();
344✔
94
}
344✔
95

96
static std::string hashPasswordInternal([[maybe_unused]] const std::string& password, [[maybe_unused]] const std::string& salt, [[maybe_unused]] uint64_t workFactor, [[maybe_unused]] uint64_t parallelFactor, [[maybe_unused]] uint64_t blockSize)
97
{
344✔
98
#if !defined(DISABLE_HASHED_CREDENTIALS) && defined(HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT)
344✔
99
  auto pctx = std::unique_ptr<EVP_PKEY_CTX, void (*)(EVP_PKEY_CTX*)>(EVP_PKEY_CTX_new_id(EVP_PKEY_SCRYPT, nullptr), EVP_PKEY_CTX_free);
344✔
100
  if (!pctx) {
344!
101
    throw std::runtime_error("Error getting a scrypt context to hash the supplied password");
102
  }
103

104
  if (EVP_PKEY_derive_init(pctx.get()) <= 0) {
344!
105
    throw std::runtime_error("Error intializing the scrypt context to hash the supplied password");
106
  }
107

108
  // OpenSSL 3.0 changed the string arg to const unsigned char*, other versions use const char *
109
#if OPENSSL_VERSION_MAJOR >= 3
344✔
110
  auto passwordData = reinterpret_cast<const char*>(password.data());
344✔
111
#else
112
  auto passwordData = reinterpret_cast<const unsigned char*>(password.data());
113
#endif
114
  if (EVP_PKEY_CTX_set1_pbe_pass(pctx.get(), passwordData, password.size()) <= 0) {
344!
115
    throw std::runtime_error("Error adding the password to the scrypt context to hash the supplied password");
116
  }
117

118
  if (EVP_PKEY_CTX_set1_scrypt_salt(pctx.get(), reinterpret_cast<const unsigned char*>(salt.data()), salt.size()) <= 0) {
344!
119
    throw std::runtime_error("Error adding the salt to the scrypt context to hash the supplied password");
120
  }
121

122
  if (EVP_PKEY_CTX_set_scrypt_N(pctx.get(), workFactor) <= 0) {
344!
123
    throw std::runtime_error("Error setting the work factor to the scrypt context to hash the supplied password");
124
  }
125

126
  if (EVP_PKEY_CTX_set_scrypt_r(pctx.get(), blockSize) <= 0) {
344✔
127
    throw std::runtime_error("Error setting the block size to the scrypt context to hash the supplied password");
4✔
128
  }
4✔
129

130
  if (EVP_PKEY_CTX_set_scrypt_p(pctx.get(), parallelFactor) <= 0) {
340✔
131
    throw std::runtime_error("Error setting the parallel factor to the scrypt context to hash the supplied password");
4✔
132
  }
4✔
133

134
  std::string out;
336✔
135
  out.resize(pwhash_output_size);
336✔
136
  size_t outlen = out.size();
336✔
137

138
  if (EVP_PKEY_derive(pctx.get(), reinterpret_cast<unsigned char*>(out.data()), &outlen) <= 0 || outlen != pwhash_output_size) {
336!
139
    throw std::runtime_error("Error deriving the output from the scrypt context to hash the supplied password");
140
  }
141

142
  return out;
336✔
143
#else
144
  throw std::runtime_error("Hashing support is not available");
145
#endif
146
}
336✔
147

148
static std::string generateRandomSalt()
149
{
20✔
150
#if !defined(DISABLE_HASHED_CREDENTIALS) && defined(HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT)
20✔
151
  /* generate a random salt */
152
  std::string salt;
20✔
153
  salt.resize(pwhash_salt_size);
20✔
154

155
  if (RAND_bytes(reinterpret_cast<unsigned char*>(salt.data()), salt.size()) != 1) {
20!
156
    throw std::runtime_error("Error while generating a salt to hash the supplied password");
157
  }
158

159
  return salt;
20✔
160
#else
161
  throw std::runtime_error("Generating a salted password requires scrypt support in OpenSSL, and it is not available");
162
#endif
163
}
20✔
164

165
std::string hashPassword([[maybe_unused]] const std::string& password, [[maybe_unused]] uint64_t workFactor, [[maybe_unused]] uint64_t parallelFactor, [[maybe_unused]] uint64_t blockSize)
166
{
20✔
167
#if !defined(DISABLE_HASHED_CREDENTIALS) && defined(HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT)
20✔
168
  if (workFactor == 0) {
20✔
169
    throw std::runtime_error("Invalid work factor of " + std::to_string(workFactor) + " passed to hashPassword()");
4✔
170
  }
4✔
171

172
  std::string result;
16✔
173
  result.reserve(pwhash_max_size);
16✔
174

175
  result.append(pwhash_prefix);
16✔
176
  result.append("ln=");
16✔
177
  result.append(std::to_string(static_cast<uint64_t>(std::log2(workFactor))));
16✔
178
  result.append(",p=");
16✔
179
  result.append(std::to_string(parallelFactor));
16✔
180
  result.append(",r=");
16✔
181
  result.append(std::to_string(blockSize));
16✔
182
  result.append("$");
16✔
183
  auto salt = generateRandomSalt();
16✔
184
  result.append(Base64Encode(salt));
16✔
185
  result.append("$");
16✔
186

187
  auto out = hashPasswordInternal(password, salt, workFactor, parallelFactor, blockSize);
16✔
188

189
  result.append(Base64Encode(out));
16✔
190

191
  return result;
16✔
192
#else
193
  throw std::runtime_error("Hashing a password requires scrypt support in OpenSSL, and it is not available");
194
#endif
195
}
20✔
196

197
std::string hashPassword([[maybe_unused]] const std::string& password)
198
{
4✔
199
#if !defined(DISABLE_HASHED_CREDENTIALS) && defined(HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT)
4✔
200
  return hashPassword(password, CredentialsHolder::s_defaultWorkFactor, CredentialsHolder::s_defaultParallelFactor, CredentialsHolder::s_defaultBlockSize);
4✔
201
#else
202
  throw std::runtime_error("Hashing a password requires scrypt support in OpenSSL, and it is not available");
203
#endif
204
}
4✔
205

206
bool verifyPassword([[maybe_unused]] const std::string& binaryHash, [[maybe_unused]] const std::string& salt, [[maybe_unused]] uint64_t workFactor, [[maybe_unused]] uint64_t parallelFactor, [[maybe_unused]] uint64_t blockSize, [[maybe_unused]] const std::string& binaryPassword)
207
{
304✔
208
#if !defined(DISABLE_HASHED_CREDENTIALS) && defined(HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT)
304✔
209
  auto expected = hashPasswordInternal(binaryPassword, salt, workFactor, parallelFactor, blockSize);
304✔
210
  return constantTimeStringEquals(expected, binaryHash);
304✔
211
#else
212
  throw std::runtime_error("Hashing a password requires scrypt support in OpenSSL, and it is not available");
213
#endif
214
}
304✔
215

216
/* parse a hashed password in PHC string format */
217
static void parseHashed([[maybe_unused]] const std::string& hash, [[maybe_unused]] std::string& salt, [[maybe_unused]] std::string& hashedPassword, [[maybe_unused]] uint64_t& workFactor, [[maybe_unused]] uint64_t& parallelFactor, [[maybe_unused]] uint64_t& blockSize)
218
{
215✔
219
#if !defined(DISABLE_HASHED_CREDENTIALS) && defined(HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT)
215✔
220
  auto parametersEnd = hash.find('$', pwhash_prefix.size());
215✔
221
  if (parametersEnd == std::string::npos || parametersEnd == hash.size()) {
215!
222
    throw std::runtime_error("Invalid hashed password format, no parameters");
223
  }
224

225
  auto parametersStr = hash.substr(pwhash_prefix.size(), parametersEnd);
215✔
226
  std::vector<std::string> parameters;
215✔
227
  parameters.reserve(3);
215✔
228
  stringtok(parameters, parametersStr, ",");
215✔
229
  if (parameters.size() != 3) {
215✔
230
    throw std::runtime_error("Invalid hashed password format, expecting 3 parameters, got " + std::to_string(parameters.size()));
8✔
231
  }
8✔
232

233
  if (!boost::starts_with(parameters.at(0), "ln=")) {
207✔
234
    throw std::runtime_error("Invalid hashed password format, ln= parameter not found");
4✔
235
  }
4✔
236

237
  if (!boost::starts_with(parameters.at(1), "p=")) {
203✔
238
    throw std::runtime_error("Invalid hashed password format, p= parameter not found");
4✔
239
  }
4✔
240

241
  if (!boost::starts_with(parameters.at(2), "r=")) {
199!
242
    throw std::runtime_error("Invalid hashed password format, r= parameter not found");
243
  }
244

245
  auto saltPos = parametersEnd + 1;
199✔
246
  auto saltEnd = hash.find('$', saltPos);
199✔
247
  if (saltEnd == std::string::npos || saltEnd == hash.size()) {
199!
248
    throw std::runtime_error("Invalid hashed password format");
249
  }
250

251
  try {
199✔
252
    workFactor = pdns::checked_stoi<uint64_t>(parameters.at(0).substr(3));
199✔
253
    workFactor = static_cast<uint64_t>(1) << workFactor;
199✔
254
    if (workFactor > pwhash_max_work_factor) {
199✔
255
      throw std::runtime_error("Invalid work factor of " + std::to_string(workFactor) + " in hashed password string, maximum is " + std::to_string(pwhash_max_work_factor));
4✔
256
    }
4✔
257

258
    parallelFactor = pdns::checked_stoi<uint64_t>(parameters.at(1).substr(2));
195✔
259
    blockSize = pdns::checked_stoi<uint64_t>(parameters.at(2).substr(2));
195✔
260

261
    auto b64Salt = hash.substr(saltPos, saltEnd - saltPos);
195✔
262
    salt.reserve(pwhash_salt_size);
195✔
263
    B64Decode(b64Salt, salt);
195✔
264

265
    if (salt.size() != pwhash_salt_size) {
195✔
266
      throw std::runtime_error("Invalid salt in hashed password string");
8✔
267
    }
8✔
268

269
    hashedPassword.reserve(pwhash_output_size);
187✔
270
    B64Decode(hash.substr(saltEnd + 1), hashedPassword);
187✔
271

272
    if (hashedPassword.size() != pwhash_output_size) {
187✔
273
      throw std::runtime_error("Invalid hash in hashed password string");
4✔
274
    }
4✔
275
  }
187✔
276
  catch (const std::exception& e) {
199✔
277
    throw std::runtime_error("Invalid hashed password format, unable to parse parameters");
28✔
278
  }
28✔
279
#endif
199✔
280
}
199✔
281

282
bool verifyPassword(const std::string& hash, [[maybe_unused]] const std::string& password)
283
{
68✔
284
  if (!isPasswordHashed(hash)) {
68✔
285
    return false;
4✔
286
  }
4✔
287

288
#if !defined(DISABLE_HASHED_CREDENTIALS) && defined(HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT)
64✔
289
  std::string salt;
64✔
290
  std::string hashedPassword;
64✔
291
  uint64_t workFactor = 0;
64✔
292
  uint64_t parallelFactor = 0;
64✔
293
  uint64_t blockSize = 0;
64✔
294
  parseHashed(hash, salt, hashedPassword, workFactor, parallelFactor, blockSize);
64✔
295

296
  auto expected = hashPasswordInternal(password, salt, workFactor, parallelFactor, blockSize);
64✔
297

298
  return constantTimeStringEquals(expected, hashedPassword);
64✔
299
#else
300
  throw std::runtime_error("Verifying a hashed password requires scrypt support in OpenSSL, and it is not available");
301
#endif
302
}
68✔
303

304
bool isPasswordHashed([[maybe_unused]] const std::string& password)
305
{
324✔
306
#if !defined(DISABLE_HASHED_CREDENTIALS) && defined(HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT)
324✔
307
  if (password.size() < pwhash_prefix_size || password.size() > pwhash_max_size) {
324✔
308
    return false;
25✔
309
  }
25✔
310

311
  if (!boost::starts_with(password, pwhash_prefix)) {
299✔
312
    return false;
40✔
313
  }
40✔
314

315
  auto parametersEnd = password.find('$', pwhash_prefix.size());
259✔
316
  if (parametersEnd == std::string::npos || parametersEnd == password.size()) {
259!
317
    return false;
4✔
318
  }
4✔
319

320
  size_t parametersSize = parametersEnd - pwhash_prefix.size();
255✔
321
  /* ln=X,p=Y,r=Z */
322
  if (parametersSize < 12) {
255✔
323
    return false;
8✔
324
  }
8✔
325

326
  auto saltEnd = password.find('$', parametersEnd + 1);
247✔
327
  if (saltEnd == std::string::npos || saltEnd == password.size()) {
247!
328
    return false;
12✔
329
  }
12✔
330

331
  /* the salt is base64 encoded so it has to be larger than that */
332
  if ((saltEnd - parametersEnd - 1) < pwhash_salt_size) {
235✔
333
    return false;
4✔
334
  }
4✔
335

336
  /* the hash base64 encoded so it has to be larger than that */
337
  if ((password.size() - saltEnd - 1) < pwhash_output_size) {
231✔
338
    return false;
8✔
339
  }
8✔
340

341
  return true;
223✔
342
#else
343
  return false;
344
#endif
345
}
231✔
346

347
/* if the password is in cleartext and hashing is available,
348
   the hashed form will be kept in memory */
349
CredentialsHolder::CredentialsHolder(std::string&& password, bool hashPlaintext) :
350
  d_credentials(std::move(password))
351
{
193✔
352
  if (isHashingAvailable()) {
193✔
353
    if (!isPasswordHashed(d_credentials.getString())) {
192✔
354
      if (hashPlaintext) {
41✔
355
        d_salt = generateRandomSalt();
4✔
356
        d_workFactor = s_defaultWorkFactor;
4✔
357
        d_parallelFactor = s_defaultParallelFactor;
4✔
358
        d_blockSize = s_defaultBlockSize;
4✔
359
        d_credentials = SensitiveData(hashPasswordInternal(d_credentials.getString(), d_salt, d_workFactor, d_parallelFactor, d_blockSize));
4✔
360
        d_isHashed = true;
4✔
361
      }
4✔
362
    }
41✔
363
    else {
151✔
364
      d_wasHashed = true;
151✔
365
      d_isHashed = true;
151✔
366
      std::string hashedPassword;
151✔
367
      parseHashed(d_credentials.getString(), d_salt, hashedPassword, d_workFactor, d_parallelFactor, d_blockSize);
151✔
368
      d_credentials = SensitiveData(std::move(hashedPassword));
151✔
369
    }
151✔
370
  }
192✔
371

372
  if (!d_isHashed) {
193✔
373
    d_fallbackHashPerturb = dns_random_uint32();
38✔
374
    d_fallbackHash = burtle(reinterpret_cast<const unsigned char*>(d_credentials.getString().data()), d_credentials.getString().size(), d_fallbackHashPerturb);
38✔
375
  }
38✔
376
}
193✔
377

378
CredentialsHolder::~CredentialsHolder()
379
{
14✔
380
  d_fallbackHashPerturb = 0;
14✔
381
  d_fallbackHash = 0;
14✔
382
}
14✔
383

384
bool CredentialsHolder::matches(const std::string& password) const
385
{
454✔
386
  if (d_isHashed) {
454✔
387
    return verifyPassword(d_credentials.getString(), d_salt, d_workFactor, d_parallelFactor, d_blockSize, password);
304✔
388
  }
304✔
389
  else {
150✔
390
    uint32_t fallback = burtle(reinterpret_cast<const unsigned char*>(password.data()), password.size(), d_fallbackHashPerturb);
150✔
391
    if (fallback != d_fallbackHash) {
150✔
392
      return false;
8✔
393
    }
8✔
394

395
    return constantTimeStringEquals(password, d_credentials.getString());
142✔
396
  }
150✔
397
}
454✔
398

399
bool CredentialsHolder::isHashingAvailable()
400
{
199✔
401
#if !defined(DISABLE_HASHED_CREDENTIALS) && defined(HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT)
197✔
402
  return true;
197✔
403
#else
404
  return false;
2✔
405
#endif
2✔
406
}
199✔
407

408
#include <csignal>
409
#include <termios.h>
410

411
SensitiveData CredentialsHolder::readFromTerminal()
412
{
×
413
  struct termios term;
×
414
  struct termios oterm;
×
415
  bool restoreTermSettings = false;
×
416
  int termAction = TCSAFLUSH;
×
417
#ifdef TCSASOFT
418
  termAction |= TCSASOFT;
419
#endif
420

421
  FDWrapper input(open("/dev/tty", O_RDONLY));
×
422
  if (int(input) != -1) {
×
423
    if (tcgetattr(input, &oterm) == 0) {
×
424
      memcpy(&term, &oterm, sizeof(term));
×
425
      term.c_lflag &= ~(ECHO | ECHONL);
×
426
      tcsetattr(input, termAction, &term);
×
427
      restoreTermSettings = true;
×
428
    }
×
429
  }
×
430
  else {
×
431
    input = FDWrapper(dup(STDIN_FILENO));
×
432
    restoreTermSettings = false;
×
433
  }
×
434

435
  FDWrapper output(open("/dev/tty", O_WRONLY));
×
436
  if (int(output) == -1) {
×
437
    output = FDWrapper(dup(STDERR_FILENO));
×
438
  }
×
439

440
  struct std::map<int, struct sigaction> signals;
×
441
  struct sigaction sa;
×
442
  sigemptyset(&sa.sa_mask);
×
443
  sa.sa_flags = 0;
×
444
  sa.sa_handler = [](int /* s */) {};
×
445
  sigaction(SIGALRM, &sa, &signals[SIGALRM]);
×
446
  sigaction(SIGHUP, &sa, &signals[SIGHUP]);
×
447
  sigaction(SIGINT, &sa, &signals[SIGINT]);
×
448
  sigaction(SIGPIPE, &sa, &signals[SIGPIPE]);
×
449
  sigaction(SIGQUIT, &sa, &signals[SIGQUIT]);
×
450
  sigaction(SIGTERM, &sa, &signals[SIGTERM]);
×
451
  sigaction(SIGTSTP, &sa, &signals[SIGTSTP]);
×
452
  sigaction(SIGTTIN, &sa, &signals[SIGTTIN]);
×
453
  sigaction(SIGTTOU, &sa, &signals[SIGTTOU]);
×
454

455
  std::string buffer;
×
456
  /* let's allocate a huge buffer now to prevent reallocation,
457
     which would leave parts of the buffer around */
458
  buffer.reserve(512);
×
459

460
  for (;;) {
×
461
    char ch = '\0';
×
462
    auto got = read(input, &ch, 1);
×
463
    if (got == 1 && ch != '\n' && ch != '\r') {
×
464
      buffer.push_back(ch);
×
465
    }
×
466
    else {
×
467
      break;
×
468
    }
×
469
  }
×
470

471
  if (restoreTermSettings) {
×
472
    tcsetattr(input, termAction, &oterm);
×
473
  }
×
474

475
  for (const auto& sig : signals) {
×
476
    sigaction(sig.first, &sig.second, nullptr);
×
477
  }
×
478

479
  return SensitiveData(std::move(buffer));
×
480
}
×
STATUS · Troubleshooting · Open an Issue · Sales · Support · CAREERS · ENTERPRISE · START FREE · SCHEDULE DEMO
ANNOUNCEMENTS · TWITTER · TOS & SLA · Supported CI Services · What's a CI service? · Automated Testing

© 2025 Coveralls, Inc