Add a config file
This commit is contained in:
parent
f24884a27a
commit
2822a9781b
|
@ -22,5 +22,6 @@ vendor
|
||||||
.glide/
|
.glide/
|
||||||
|
|
||||||
# Binaries
|
# Binaries
|
||||||
dnscrypt-proxy
|
dnscrypt-proxy/dnscrypt-proxy2
|
||||||
dnscrypt-proxy2
|
dnscrypt-proxy/dnscrypt-proxy
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,83 @@
|
||||||
|
package main
|
||||||
|
|
||||||
|
import (
|
||||||
|
"errors"
|
||||||
|
"fmt"
|
||||||
|
"log"
|
||||||
|
"time"
|
||||||
|
|
||||||
|
"github.com/BurntSushi/toml"
|
||||||
|
)
|
||||||
|
|
||||||
|
type Config struct {
|
||||||
|
ServerNames []string `toml:"server_names"`
|
||||||
|
ListenAddresses []string `toml:"listen_addresses"`
|
||||||
|
Daemonize bool
|
||||||
|
ForceTCP bool `toml:"force_tcp"`
|
||||||
|
Timeout int `toml:"timeout_ms"`
|
||||||
|
CertRefreshDelay int `toml:"cert_refresh_delay"`
|
||||||
|
ServersConfig map[string]ServerConfig `toml:"servers"`
|
||||||
|
}
|
||||||
|
|
||||||
|
func newConfig() Config {
|
||||||
|
return Config{
|
||||||
|
ListenAddresses: []string{"127.0.0.1:53"},
|
||||||
|
Timeout: 2500,
|
||||||
|
CertRefreshDelay: 30,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
type ServerConfig struct {
|
||||||
|
Stamp string
|
||||||
|
ProviderName string `toml:"provider_name"`
|
||||||
|
Address string
|
||||||
|
PublicKey string `toml:"public_key"`
|
||||||
|
NoLog bool `toml:"no_log"`
|
||||||
|
DNSSEC bool `toml:"dnssec"`
|
||||||
|
}
|
||||||
|
|
||||||
|
func ConfigLoad(proxy *Proxy, config_file string) error {
|
||||||
|
config := newConfig()
|
||||||
|
if _, err := toml.DecodeFile(config_file, &config); err != nil {
|
||||||
|
log.Println(err)
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
proxy.timeout = time.Duration(config.Timeout) * time.Millisecond
|
||||||
|
proxy.mainProto = "udp"
|
||||||
|
if config.ForceTCP {
|
||||||
|
proxy.mainProto = "tcp"
|
||||||
|
}
|
||||||
|
proxy.certRefreshDelay = time.Duration(config.CertRefreshDelay) * time.Minute
|
||||||
|
if len(config.ListenAddresses) == 0 {
|
||||||
|
return errors.New("No local IP/port configured")
|
||||||
|
}
|
||||||
|
proxy.listenAddresses = config.ListenAddresses
|
||||||
|
proxy.daemonize = config.Daemonize
|
||||||
|
if len(config.ServerNames) == 0 {
|
||||||
|
for serverName := range config.ServersConfig {
|
||||||
|
config.ServerNames = append(config.ServerNames, serverName)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if len(config.ServerNames) == 0 {
|
||||||
|
return errors.New("No servers configured")
|
||||||
|
}
|
||||||
|
for _, serverName := range config.ServerNames {
|
||||||
|
serverConfig, ok := config.ServersConfig[serverName]
|
||||||
|
if !ok {
|
||||||
|
return fmt.Errorf("No definitions found for server [%v]", serverName)
|
||||||
|
}
|
||||||
|
var stamp ServerStamp
|
||||||
|
var err error
|
||||||
|
if len(serverConfig.Stamp) > 0 {
|
||||||
|
panic("Stamps are not implemented yet")
|
||||||
|
} else {
|
||||||
|
stamp, err = NewServerStampFromLegacy(serverConfig.Address, serverConfig.PublicKey, serverConfig.ProviderName)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
proxy.registeredServers = append(proxy.registeredServers,
|
||||||
|
RegisteredServer{name: serverName, stamp: stamp})
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
|
@ -0,0 +1,27 @@
|
||||||
|
# dnscrypt-proxy configuration
|
||||||
|
|
||||||
|
# List of servers to use
|
||||||
|
# If this line is commented, all registered servers will be used
|
||||||
|
server_names = ["dnscrypt.org-fr"]
|
||||||
|
|
||||||
|
# List of local addresses and ports to listen to. Can be IPv4 and/or IPv6.
|
||||||
|
listen_addresses = ["127.0.0.1:53", "[::1]:53"]
|
||||||
|
|
||||||
|
# Run the server as a background process
|
||||||
|
daemonize = false
|
||||||
|
|
||||||
|
# Always use TCP to connect to upstream servers
|
||||||
|
force_tcp = false
|
||||||
|
|
||||||
|
# Timeout, in milliseconds
|
||||||
|
timeout = 2500
|
||||||
|
|
||||||
|
# Delay, in minutes, after which certificates are reloaded
|
||||||
|
cert_refresh_delay = 30
|
||||||
|
|
||||||
|
# Static list of available servers
|
||||||
|
[servers]
|
||||||
|
[servers."dnscrypt.org-fr"]
|
||||||
|
provider_name = "2.dnscrypt-cert.fr.dnscrypt.org"
|
||||||
|
address = "212.47.228.136:443"
|
||||||
|
public_key = "E801:B84E:A606:BFB0:BAC0:CE43:445B:B15E:BA64:B02F:A3C4:AA31:AE10:636A:0790:324D"
|
|
@ -16,22 +16,32 @@ type Proxy struct {
|
||||||
questionSizeEstimator QuestionSizeEstimator
|
questionSizeEstimator QuestionSizeEstimator
|
||||||
serversInfo ServersInfo
|
serversInfo ServersInfo
|
||||||
timeout time.Duration
|
timeout time.Duration
|
||||||
|
certRefreshDelay time.Duration
|
||||||
mainProto string
|
mainProto string
|
||||||
|
listenAddresses []string
|
||||||
|
daemonize bool
|
||||||
|
registeredServers []RegisteredServer
|
||||||
}
|
}
|
||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
log.SetFlags(0)
|
log.SetFlags(0)
|
||||||
stamp, _ := NewServerStampFromLegacy("212.47.228.136:443", "E801:B84E:A606:BFB0:BAC0:CE43:445B:B15E:BA64:B02F:A3C4:AA31:AE10:636A:0790:324D", "2.dnscrypt-cert.fr.dnscrypt.org")
|
proxy := Proxy{}
|
||||||
NewProxy("127.0.0.1:5399", "dnscrypt.org-fr", stamp, "udp")
|
if err := ConfigLoad(&proxy, "dnscrypt-proxy.toml"); err != nil {
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
proxy.StartProxy()
|
||||||
}
|
}
|
||||||
|
|
||||||
func NewProxy(listenAddrStr string, serverName string, stamp ServerStamp, mainProto string) {
|
func (proxy *Proxy) StartProxy() {
|
||||||
proxy := Proxy{questionSizeEstimator: NewQuestionSizeEstimator(), timeout: TimeoutMax, mainProto: mainProto}
|
proxy.questionSizeEstimator = NewQuestionSizeEstimator()
|
||||||
if _, err := rand.Read(proxy.proxySecretKey[:]); err != nil {
|
if _, err := rand.Read(proxy.proxySecretKey[:]); err != nil {
|
||||||
log.Fatal(err)
|
log.Fatal(err)
|
||||||
}
|
}
|
||||||
curve25519.ScalarBaseMult(&proxy.proxyPublicKey, &proxy.proxySecretKey)
|
curve25519.ScalarBaseMult(&proxy.proxyPublicKey, &proxy.proxySecretKey)
|
||||||
proxy.serversInfo.registerServer(&proxy, serverName, stamp)
|
for _, registeredServer := range proxy.registeredServers {
|
||||||
|
proxy.serversInfo.registerServer(proxy, registeredServer.name, registeredServer.stamp)
|
||||||
|
}
|
||||||
|
for _, listenAddrStr := range proxy.listenAddresses {
|
||||||
listenUDPAddr, err := net.ResolveUDPAddr("udp", listenAddrStr)
|
listenUDPAddr, err := net.ResolveUDPAddr("udp", listenAddrStr)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Fatal(err)
|
log.Fatal(err)
|
||||||
|
@ -40,15 +50,16 @@ func NewProxy(listenAddrStr string, serverName string, stamp ServerStamp, mainPr
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Fatal(err)
|
log.Fatal(err)
|
||||||
}
|
}
|
||||||
go func() {
|
if err := proxy.udpListener(listenUDPAddr); err != nil {
|
||||||
proxy.udpListener(listenUDPAddr)
|
log.Fatal(err)
|
||||||
}()
|
}
|
||||||
go func() {
|
if err := proxy.tcpListener(listenTCPAddr); err != nil {
|
||||||
proxy.tcpListener(listenTCPAddr)
|
log.Fatal(err)
|
||||||
}()
|
}
|
||||||
|
}
|
||||||
for {
|
for {
|
||||||
time.Sleep(CertRefreshDelay)
|
time.Sleep(CertRefreshDelay)
|
||||||
proxy.serversInfo.refresh(&proxy)
|
proxy.serversInfo.refresh(proxy)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -57,19 +68,22 @@ func (proxy *Proxy) udpListener(listenAddr *net.UDPAddr) error {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
go func() {
|
||||||
defer clientPc.Close()
|
defer clientPc.Close()
|
||||||
fmt.Printf("Now listening to %v [UDP]\n", listenAddr)
|
fmt.Printf("Now listening to %v [UDP]\n", listenAddr)
|
||||||
for {
|
for {
|
||||||
buffer := make([]byte, MaxDNSPacketSize-1)
|
buffer := make([]byte, MaxDNSPacketSize-1)
|
||||||
length, clientAddr, err := clientPc.ReadFrom(buffer)
|
length, clientAddr, err := clientPc.ReadFrom(buffer)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return
|
||||||
}
|
}
|
||||||
packet := buffer[:length]
|
packet := buffer[:length]
|
||||||
go func() {
|
go func() {
|
||||||
proxy.processIncomingQuery(proxy.serversInfo.getOne(), proxy.mainProto, packet, &clientAddr, clientPc)
|
proxy.processIncomingQuery(proxy.serversInfo.getOne(), proxy.mainProto, packet, &clientAddr, clientPc)
|
||||||
}()
|
}()
|
||||||
}
|
}
|
||||||
|
}()
|
||||||
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (proxy *Proxy) tcpListener(listenAddr *net.TCPAddr) error {
|
func (proxy *Proxy) tcpListener(listenAddr *net.TCPAddr) error {
|
||||||
|
@ -77,6 +91,7 @@ func (proxy *Proxy) tcpListener(listenAddr *net.TCPAddr) error {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
go func() {
|
||||||
defer acceptPc.Close()
|
defer acceptPc.Close()
|
||||||
fmt.Printf("Now listening to %v [TCP]\n", listenAddr)
|
fmt.Printf("Now listening to %v [TCP]\n", listenAddr)
|
||||||
for {
|
for {
|
||||||
|
@ -94,6 +109,8 @@ func (proxy *Proxy) tcpListener(listenAddr *net.TCPAddr) error {
|
||||||
proxy.processIncomingQuery(proxy.serversInfo.getOne(), "tcp", packet, nil, clientPc)
|
proxy.processIncomingQuery(proxy.serversInfo.getOne(), "tcp", packet, nil, clientPc)
|
||||||
}()
|
}()
|
||||||
}
|
}
|
||||||
|
}()
|
||||||
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (proxy *Proxy) exchangeWithUDPServer(serverInfo *ServerInfo, encryptedQuery []byte, clientNonce []byte) ([]byte, error) {
|
func (proxy *Proxy) exchangeWithUDPServer(serverInfo *ServerInfo, encryptedQuery []byte, clientNonce []byte) ([]byte, error) {
|
||||||
|
|
Loading…
Reference in New Issue