Bug 2070495
| Summary: | Unbound fails resolution of any SHA-1 signed domain | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 9 | Reporter: | Petr Menšík <pemensik> | |
| Component: | unbound | Assignee: | Petr Menšík <pemensik> | |
| Status: | CLOSED ERRATA | QA Contact: | Petr Sklenar <psklenar> | |
| Severity: | high | Docs Contact: | Jan Fiala <jafiala> | |
| Priority: | high | |||
| Version: | 9.0 | CC: | jafiala, jjelen, mharri, omejzlik, peter.van.dijk, pvlasin, sjanderk | |
| Target Milestone: | rc | Keywords: | AutoVerified, Triaged | |
| Target Release: | --- | |||
| Hardware: | Unspecified | |||
| OS: | Unspecified | |||
| Whiteboard: | ||||
| Fixed In Version: | unbound-1.13.1-13.el9_0 | Doc Type: | Known Issue | |
| Doc Text: |
.Both `bind` and `unbound` disable validation of SHA-1-based signatures
The `bind` and `unbound` components disable validation support of all RSA/SHA1 (algorithm number 5) and RSASHA1-NSEC3-SHA1 (algorithm number 7) signatures, and the SHA-1 usage for signatures is restricted in the DEFAULT system-wide cryptographic policy.
As a result, certain DNSSEC records signed with the SHA-1, RSA/SHA1, and RSASHA1-NSEC3-SHA1 digest algorithms fail to verify in Red Hat Enterprise Linux 9 and the affected domain names become vulnerable.
To work around this problem, upgrade to a different signature algorithm, such as RSA/SHA-256 or elliptic curve keys.
For more information and a list of top-level domains that are affected and vulnerable, see the link:https://access.redhat.com/solutions/6955455/[DNSSEC records signed with RSASHA1 fail to verify] solution.
|
Story Points: | --- | |
| Clone Of: | ||||
| : | 2071543 (view as bug list) | Environment: | ||
| Last Closed: | 2022-05-17 13:59:08 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | 2070230, 2070923 | |||
| Bug Blocks: | 2073066, 2135933, 2071543 | |||
|
Description
Petr Menšík
2022-03-31 09:42:04 UTC
Current only workaround is setting crypto-policy to DEFAULT:SHA1, which enables also SHA1 algorithm. Then it passes verification of RSASHA1 (algorithm 5) or NSEC3RSASHA1 (algorithm 7). Of course it affects also unbound daemon running in unbound.service, unbound-host example is given just to extract more simple logs and if possible debugging. It seems there is build time support for disabling sha1. According to ./configure --disable-sha1, it would not disable NSEC3 (which has no alternative to SHA-1), but should avoid SHA-1. That might be used as a template to enable SHA-1 if enabled by policy, but make it insecure if SHA-1 is disabled. Quick and dirty solution would be adding --disable-sha1 flag to unbound build. It would make all SHA-1 domains insecure, but resolution should still work also on affected domains, regardless crypto-policy setting. Create issue [1] on upstream to notify them about or problem and desire how it should be solved in ideal way. That would need more work and maybe not small changes to used validator logic. So for emergency fix we would disable validation of all SHA-1 DNSSEC signatures, but later we would like to enable its validation depending on dnssec-policy mode. 1. https://github.com/NLnetLabs/unbound/issues/656 I can confirm that the builds from this MR https://gitlab.com/redhat/centos-stream/rpms/unbound/-/merge_requests/12 re-enables the resolution of domains such as paypal.com Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (new packages: unbound), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2022:2630 |