From 1b7b6418f1a499c74e66884e0b82d5fe8976657a Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Sun, 14 Jan 2018 00:08:46 +0100 Subject: [PATCH] Restrict the set of resolvers used from a remote source --- dnscrypt-proxy/config.go | 20 ++++++++++++++++++-- dnscrypt-proxy/dnscrypt-proxy.toml | 2 +- 2 files changed, 19 insertions(+), 3 deletions(-) diff --git a/dnscrypt-proxy/config.go b/dnscrypt-proxy/config.go index 972136e3..ac538e71 100644 --- a/dnscrypt-proxy/config.go +++ b/dnscrypt-proxy/config.go @@ -4,6 +4,7 @@ import ( "errors" "flag" "fmt" + "strings" "time" "github.com/BurntSushi/toml" @@ -112,12 +113,18 @@ func ConfigLoad(proxy *Proxy, config_file string) error { dlog.Criticalf("Unable use source [%s]: [%s]", sourceName, err) continue } - proxy.registeredServers = append(proxy.registeredServers, registeredServers...) + for _, registeredServer := range registeredServers { + if !includesName(config.ServerNames, registeredServer.name) { + continue + } + dlog.Infof("Adding [%s] to the set of wanted resolvers", registeredServer.name) + proxy.registeredServers = append(proxy.registeredServers, registeredServer) + } } for _, serverName := range config.ServerNames { serverConfig, ok := config.ServersConfig[serverName] if !ok { - return fmt.Errorf("No definitions found for server [%v]", serverName) + continue } var stamp ServerStamp var err error @@ -137,3 +144,12 @@ func ConfigLoad(proxy *Proxy, config_file string) error { } return nil } + +func includesName(names []string, name string) bool { + for _, found := range names { + if strings.EqualFold(found, name) { + return true + } + } + return false +} diff --git a/dnscrypt-proxy/dnscrypt-proxy.toml b/dnscrypt-proxy/dnscrypt-proxy.toml index a0accccd..0336568b 100644 --- a/dnscrypt-proxy/dnscrypt-proxy.toml +++ b/dnscrypt-proxy/dnscrypt-proxy.toml @@ -11,7 +11,7 @@ ## List of servers to use ## If this line is commented, all registered servers will be used -server_names = ["dnscrypt.org-fr"] +server_names = ["dnscrypt.org-fr", "adguard-dns"] ## List of local addresses and ports to listen to. Can be IPv4 and/or IPv6.