dnscrypt-proxy/dnscrypt-proxy/dnsutils.go

package main

import (
	"encoding/binary"
	"strings"
	"time"

	"github.com/miekg/dns"
)

func TruncatedResponse(packet []byte) ([]byte, error) {
	srcMsg := new(dns.Msg)
	if err := srcMsg.Unpack(packet); err != nil {
		return nil, err
	}
	dstMsg := srcMsg
	dstMsg.Response = true
	dstMsg.Answer = make([]dns.RR, 0)
	dstMsg.Ns = make([]dns.RR, 0)
	dstMsg.Extra = make([]dns.RR, 0)
	dstMsg.Truncated = true
	return dstMsg.Pack()
}

func EmptyResponseFromMessage(srcMsg *dns.Msg) (*dns.Msg, error) {
	dstMsg := srcMsg
	dstMsg.Response = true
	dstMsg.Answer = make([]dns.RR, 0)
	dstMsg.Ns = make([]dns.RR, 0)
	dstMsg.Extra = make([]dns.RR, 0)
	return dstMsg, nil
}

func RefusedResponseFromMessage(srcMsg *dns.Msg) (*dns.Msg, error) {
	dstMsg, err := EmptyResponseFromMessage(srcMsg)
	if err != nil {
		return dstMsg, err
	}
	dstMsg.Rcode = dns.RcodeRefused
	return dstMsg, nil
}

func HasTCFlag(packet []byte) bool {
	return packet[2]&2 == 2
}

func TransactionID(packet []byte) uint16 {
	return binary.BigEndian.Uint16(packet[0:2])
}

func SetTransactionID(packet []byte, tid uint16) {
	binary.BigEndian.PutUint16(packet[0:2], tid)
}

func Rcode(packet []byte) uint8 {
	return packet[3] & 0xf
}

func NormalizeName(name *[]byte) {
	for i, c := range *name {
		if c >= 65 && c <= 90 {
			(*name)[i] = c + 32
		}
	}
}

func StripTrailingDot(str string) string {
	if len(str) > 1 && strings.HasSuffix(str, ".") {
		str = str[:len(str)-1]
	}
	return str
}

func getMinTTL(msg *dns.Msg, minTTL uint32, maxTTL uint32, cacheNegMinTTL uint32, cacheNegMaxTTL uint32) time.Duration {
	if (msg.Rcode != dns.RcodeSuccess && msg.Rcode != dns.RcodeNameError) || (len(msg.Answer) <= 0 && len(msg.Ns) <= 0) {
		return time.Duration(cacheNegMinTTL) * time.Second
	}
	var ttl uint32
	if msg.Rcode == dns.RcodeSuccess {
		ttl = uint32(maxTTL)
	} else {
		ttl = uint32(cacheNegMaxTTL)
	}
	if len(msg.Answer) > 0 {
		for _, rr := range msg.Answer {
			if rr.Header().Ttl < ttl {
				ttl = rr.Header().Ttl
			}
		}
	} else {
		for _, rr := range msg.Ns {
			if rr.Header().Ttl < ttl {
				ttl = rr.Header().Ttl
			}
		}
	}
	if msg.Rcode == dns.RcodeSuccess {
		if ttl < minTTL {
			ttl = minTTL
		}
	} else {
		if ttl < cacheNegMinTTL {
			ttl = cacheNegMinTTL
		}
	}
	return time.Duration(ttl) * time.Second
}

func setMaxTTL(msg *dns.Msg, ttl uint32) {
	for _, rr := range msg.Answer {
		if ttl < rr.Header().Ttl {
			rr.Header().Ttl = ttl
		}
	}
	for _, rr := range msg.Ns {
		if ttl < rr.Header().Ttl {
			rr.Header().Ttl = ttl
		}
	}
	for _, rr := range msg.Extra {
		header := rr.Header()
		if header.Class == dns.ClassINET && header.Rrtype == dns.TypeOPT {
			continue
		}
		if ttl < rr.Header().Ttl {
			rr.Header().Ttl = ttl
		}
	}
}

func updateTTL(msg *dns.Msg, expiration time.Time) {
	ttl := uint32(time.Until(expiration) / time.Second)

	for _, rr := range msg.Answer {
		rr.Header().Ttl = ttl
	}
	for _, rr := range msg.Ns {
		rr.Header().Ttl = ttl
	}
	for _, rr := range msg.Extra {
		header := rr.Header()
		if header.Class == dns.ClassINET && header.Rrtype == dns.TypeOPT {
			continue
		}
		rr.Header().Ttl = ttl
	}
}
Synthesize a truncated response if the response wouldn't fit the local MSS 2018-01-10 02:52:09 +01:00			`package main`

			`import (`
DoH: use 0 as a transaction ID Reject short TCP queries early by the way 2018-02-04 12:57:54 +01:00			`"encoding/binary"`
Implement blocking, fully compatible with rules from version 1 2018-01-17 02:40:47 +01:00			`"strings"`
Start implementing a basic cache 2018-01-10 18:32:05 +01:00			`"time"`

Synthesize a truncated response if the response wouldn't fit the local MSS 2018-01-10 02:52:09 +01:00			`"github.com/miekg/dns"`
			`)`

			`func TruncatedResponse(packet []byte) ([]byte, error) {`
			`srcMsg := new(dns.Msg)`
			`if err := srcMsg.Unpack(packet); err != nil {`
			`return nil, err`
			`}`
			`dstMsg := srcMsg`
			`dstMsg.Response = true`
			`dstMsg.Answer = make([]dns.RR, 0)`
			`dstMsg.Ns = make([]dns.RR, 0)`
			`dstMsg.Extra = make([]dns.RR, 0)`
			`dstMsg.Truncated = true`
			`return dstMsg.Pack()`
			`}`

Implement the IPv6 block plugin 2018-01-10 17:23:20 +01:00			`func EmptyResponseFromMessage(srcMsg dns.Msg) (dns.Msg, error) {`
			`dstMsg := srcMsg`
			`dstMsg.Response = true`
			`dstMsg.Answer = make([]dns.RR, 0)`
			`dstMsg.Ns = make([]dns.RR, 0)`
			`dstMsg.Extra = make([]dns.RR, 0)`
			`return dstMsg, nil`
			`}`

Implement blocking, fully compatible with rules from version 1 2018-01-17 02:40:47 +01:00			`func RefusedResponseFromMessage(srcMsg dns.Msg) (dns.Msg, error) {`
			`dstMsg, err := EmptyResponseFromMessage(srcMsg)`
			`if err != nil {`
			`return dstMsg, err`
			`}`
			`dstMsg.Rcode = dns.RcodeRefused`
			`return dstMsg, nil`
			`}`

Synthesize a truncated response if the response wouldn't fit the local MSS 2018-01-10 02:52:09 +01:00			`func HasTCFlag(packet []byte) bool {`
			`return packet[2]&2 == 2`
			`}`
Start implementing a basic cache 2018-01-10 18:32:05 +01:00
DoH: use 0 as a transaction ID Reject short TCP queries early by the way 2018-02-04 12:57:54 +01:00			`func TransactionID(packet []byte) uint16 {`
			`return binary.BigEndian.Uint16(packet[0:2])`
			`}`

			`func SetTransactionID(packet []byte, tid uint16) {`
			`binary.BigEndian.PutUint16(packet[0:2], tid)`
			`}`

Mark servers as failing more aggressively 2018-02-22 14:20:59 +01:00			`func Rcode(packet []byte) uint8 {`
			`return packet[3] & 0xf`
			`}`

Start implementing a basic cache 2018-01-10 18:32:05 +01:00			`func NormalizeName(name *[]byte) {`
			`for i, c := range *name {`
			`if c >= 65 && c <= 90 {`
			`(*name)[i] = c + 32`
			`}`
			`}`
			`}`

Implement blocking, fully compatible with rules from version 1 2018-01-17 02:40:47 +01:00			`func StripTrailingDot(str string) string {`
Print the root zone as a dot rather than an empty string Fixes #7 2018-01-19 12:33:27 +01:00			`if len(str) > 1 && strings.HasSuffix(str, ".") {`
Implement blocking, fully compatible with rules from version 1 2018-01-17 02:40:47 +01:00			`str = str[:len(str)-1]`
			`}`
			`return str`
			`}`

Add cache_neg_min_ttl and cache_neg_max_ttl 2018-04-17 00:24:49 +02:00			`func getMinTTL(msg *dns.Msg, minTTL uint32, maxTTL uint32, cacheNegMinTTL uint32, cacheNegMaxTTL uint32) time.Duration {`
			`if (msg.Rcode != dns.RcodeSuccess && msg.Rcode != dns.RcodeNameError) \|\| (len(msg.Answer) <= 0 && len(msg.Ns) <= 0) {`
			`return time.Duration(cacheNegMinTTL) * time.Second`
Start implementing a basic cache 2018-01-10 18:32:05 +01:00			`}`
Add cache_neg_min_ttl and cache_neg_max_ttl 2018-04-17 00:24:49 +02:00			`var ttl uint32`
			`if msg.Rcode == dns.RcodeSuccess {`
			`ttl = uint32(maxTTL)`
			`} else {`
			`ttl = uint32(cacheNegMaxTTL)`
			`}`
			`if len(msg.Answer) > 0 {`
			`for _, rr := range msg.Answer {`
			`if rr.Header().Ttl < ttl {`
			`ttl = rr.Header().Ttl`
			`}`
			`}`
			`} else {`
			`for _, rr := range msg.Ns {`
			`if rr.Header().Ttl < ttl {`
			`ttl = rr.Header().Ttl`
			`}`
Start implementing a basic cache 2018-01-10 18:32:05 +01:00			`}`
			`}`
Add cache_neg_min_ttl and cache_neg_max_ttl 2018-04-17 00:24:49 +02:00			`if msg.Rcode == dns.RcodeSuccess {`
			`if ttl < minTTL {`
			`ttl = minTTL`
			`}`
			`} else {`
			`if ttl < cacheNegMinTTL {`
			`ttl = cacheNegMinTTL`
			`}`
Start implementing a basic cache 2018-01-10 18:32:05 +01:00			`}`
			`return time.Duration(ttl) * time.Second`
			`}`
Add a setMaxTTL() function Will be useful to interprete HTTP cache headers in DoH 2018-02-04 12:39:33 +01:00
Cache Plugin: return non-fixed TTL for cached entries (refactor) 2018-02-09 21:13:24 +01:00			`func setMaxTTL(msg *dns.Msg, ttl uint32) {`
Add a setMaxTTL() function Will be useful to interprete HTTP cache headers in DoH 2018-02-04 12:39:33 +01:00			`for _, rr := range msg.Answer {`
Cache Plugin: return non-fixed TTL for cached entries (refactor) 2018-02-09 21:11:12 +01:00			`if ttl < rr.Header().Ttl {`
Add a setMaxTTL() function Will be useful to interprete HTTP cache headers in DoH 2018-02-04 12:39:33 +01:00			`rr.Header().Ttl = ttl`
			`}`
			`}`
			`for _, rr := range msg.Ns {`
Format 2018-02-09 22:40:29 +01:00			`if ttl < rr.Header().Ttl {`
Add a setMaxTTL() function Will be useful to interprete HTTP cache headers in DoH 2018-02-04 12:39:33 +01:00			`rr.Header().Ttl = ttl`
			`}`
			`}`
			`for _, rr := range msg.Extra {`
Don't update OPT records Fixes #527 2018-06-26 08:24:13 +02:00			`header := rr.Header()`
			`if header.Class == dns.ClassINET && header.Rrtype == dns.TypeOPT {`
			`continue`
			`}`
Format 2018-02-09 22:40:29 +01:00			`if ttl < rr.Header().Ttl {`
Add a setMaxTTL() function Will be useful to interprete HTTP cache headers in DoH 2018-02-04 12:39:33 +01:00			`rr.Header().Ttl = ttl`
			`}`
			`}`
			`}`
Cache Plugin: return non-fixed TTL for cached entries 2018-02-09 16:59:04 +01:00
			`func updateTTL(msg *dns.Msg, expiration time.Time) {`
Cache Plugin: return non-fixed TTL for cached entries (refactor) 2018-02-09 21:11:12 +01:00			`ttl := uint32(time.Until(expiration) / time.Second)`

			`for _, rr := range msg.Answer {`
Format 2018-02-09 22:40:29 +01:00			`rr.Header().Ttl = ttl`
Cache Plugin: return non-fixed TTL for cached entries (refactor) 2018-02-09 21:11:12 +01:00			`}`
			`for _, rr := range msg.Ns {`
Format 2018-02-09 22:40:29 +01:00			`rr.Header().Ttl = ttl`
Cache Plugin: return non-fixed TTL for cached entries (refactor) 2018-02-09 21:11:12 +01:00			`}`
			`for _, rr := range msg.Extra {`
Don't update OPT records Fixes #527 2018-06-26 08:24:13 +02:00			`header := rr.Header()`
			`if header.Class == dns.ClassINET && header.Rrtype == dns.TypeOPT {`
			`continue`
			`}`
Format 2018-02-09 22:40:29 +01:00			`rr.Header().Ttl = ttl`
Cache Plugin: return non-fixed TTL for cached entries (refactor) 2018-02-09 21:11:12 +01:00			`}`
Cache Plugin: return non-fixed TTL for cached entries 2018-02-09 16:59:04 +01:00			`}`