miracle091/dnscrypt-proxy
miracle091
/
dnscrypt-proxy
mirror of https://github.com/DNSCrypt/dnscrypt-proxy.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Misc fixes 

- Set LBEstimator to true by default
- Shuffle the servers list at startup
- Add the server name to the query log
This commit is contained in:
Frank Denis 2019-06-03 16:44:09 +02:00
parent ec1b03b026
commit 30f2a4fd6b
7 changed files with 33 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
dnscrypt-proxy/config.go
View File

@ -5,6 +5,7 @@ import (
"errors" "errors"
"flag" "flag"
"fmt" "fmt"
"math/rand"
"net/http" "net/http"
"net/url" "net/url"
"os" "os"
@ -115,6 +116,7 @@ func newConfig() Config {
NetprobeTimeout: 60, NetprobeTimeout: 60,
OfflineMode: false, OfflineMode: false,
RefusedCodeInResponses: false, RefusedCodeInResponses: false,
LBEstimator: true,
} }
} }
@ -519,6 +521,10 @@ func (config *Config) loadSources(proxy *Proxy) error {
} }
proxy.registeredServers = append(proxy.registeredServers, RegisteredServer{name: serverName, stamp: stamp}) proxy.registeredServers = append(proxy.registeredServers, RegisteredServer{name: serverName, stamp: stamp})
} }
rand.Shuffle(len(proxy.registeredServers), func(i, j int) {
proxy.registeredServers[i], proxy.registeredServers[j] = proxy.registeredServers[j], proxy.registeredServers[i]
})
return nil return nil
} }

5
dnscrypt-proxy/crypto.go
View File

@ -2,9 +2,10 @@ package main
import ( import (
"bytes" "bytes"
"crypto/rand" crypto_rand "crypto/rand"
"crypto/sha512" "crypto/sha512"
"errors" "errors"
"math/rand"
"github.com/jedisct1/dlog" "github.com/jedisct1/dlog"
"github.com/jedisct1/xsecretbox" "github.com/jedisct1/xsecretbox"
@ -59,7 +60,7 @@ func ComputeSharedKey(cryptoConstruction CryptoConstruction, secretKey *[32]byte
func (proxy *Proxy) Encrypt(serverInfo *ServerInfo, packet []byte, proto string) (sharedKey *[32]byte, encrypted []byte, clientNonce []byte, err error) { func (proxy *Proxy) Encrypt(serverInfo *ServerInfo, packet []byte, proto string) (sharedKey *[32]byte, encrypted []byte, clientNonce []byte, err error) {
nonce, clientNonce := make([]byte, NonceSize), make([]byte, HalfNonceSize) nonce, clientNonce := make([]byte, NonceSize), make([]byte, HalfNonceSize)
rand.Read(clientNonce) crypto_rand.Read(clientNonce)
copy(nonce, clientNonce) copy(nonce, clientNonce)
var publicKey *[PublicKeySize]byte var publicKey *[PublicKeySize]byte
if proxy.ephemeralKeys { if proxy.ephemeralKeys {

7
dnscrypt-proxy/main.go
View File

@ -1,8 +1,11 @@
package main package main
import ( import (
crypto_rand "crypto/rand"
"encoding/binary"
"flag" "flag"
"fmt" "fmt"
"math/rand"
"os" "os"
"sync" "sync"
@ -26,6 +29,10 @@ func main() {
dlog.Init("dnscrypt-proxy", dlog.SeverityNotice, "DAEMON") dlog.Init("dnscrypt-proxy", dlog.SeverityNotice, "DAEMON")
os.Setenv("GODEBUG", os.Getenv("GODEBUG")+",tls13=1") os.Setenv("GODEBUG", os.Getenv("GODEBUG")+",tls13=1")
seed := make([]byte, 8)
crypto_rand.Read(seed)
rand.Seed(int64(binary.LittleEndian.Uint64(seed[:])))
pwd, err := os.Getwd() pwd, err := os.Getwd()
if err != nil { if err != nil {
dlog.Fatal("Unable to find the path to the current directory") dlog.Fatal("Unable to find the path to the current directory")

7
dnscrypt-proxy/plugin_query_log.go
View File

@ -82,14 +82,15 @@ func (plugin *PluginQueryLog) Eval(pluginsState *PluginsState, msg *dns.Msg) err
year, month, day := now.Date() year, month, day := now.Date()
hour, minute, second := now.Clock() hour, minute, second := now.Clock()
tsStr := fmt.Sprintf("[%d-%02d-%02d %02d:%02d:%02d]", year, int(month), day, hour, minute, second) tsStr := fmt.Sprintf("[%d-%02d-%02d %02d:%02d:%02d]", year, int(month), day, hour, minute, second)
line = fmt.Sprintf("%s\t%s\t%s\t%s\t%s\t%dms\n", tsStr, clientIPStr, StringQuote(qName), qType, returnCode, requestDuration/time.Millisecond) line = fmt.Sprintf("%s\t%s\t%s\t%s\t%s\t%dms\t%s\n", tsStr, clientIPStr, StringQuote(qName), qType, returnCode, requestDuration/time.Millisecond,
StringQuote(pluginsState.serverName))
} else if plugin.format == "ltsv" { } else if plugin.format == "ltsv" {
cached := 0 cached := 0
if pluginsState.cacheHit { if pluginsState.cacheHit {
cached = 1 cached = 1
} }
line = fmt.Sprintf("time:%d\thost:%s\tmessage:%s\ttype:%s\treturn:%s\tcached:%d\tduration:%d\n", line = fmt.Sprintf("time:%d\thost:%s\tmessage:%s\ttype:%s\treturn:%s\tcached:%d\tduration:%d\tserver:%s\n",
time.Now().Unix(), clientIPStr, StringQuote(qName), qType, returnCode, cached, requestDuration/time.Millisecond) time.Now().Unix(), clientIPStr, StringQuote(qName), qType, returnCode, cached, requestDuration/time.Millisecond, StringQuote(pluginsState.serverName))
} else { } else {
dlog.Fatalf("Unexpected log format: [%s]", plugin.format) dlog.Fatalf("Unexpected log format: [%s]", plugin.format)
} }

4
dnscrypt-proxy/plugins.go
View File

@ -75,6 +75,7 @@ type PluginsState struct {
requestEnd time.Time requestEnd time.Time
cacheHit bool cacheHit bool
returnCode PluginsReturnCode returnCode PluginsReturnCode
serverName string
} }
func InitPluginsGlobals(pluginsGlobals *PluginsGlobals, proxy *Proxy) error { func InitPluginsGlobals(pluginsGlobals *PluginsGlobals, proxy *Proxy) error {
@ -163,10 +164,11 @@ func NewPluginsState(proxy *Proxy, clientProto string, clientAddr *net.Addr, sta
} }
} }
func (pluginsState *PluginsState) ApplyQueryPlugins(pluginsGlobals *PluginsGlobals, packet []byte) ([]byte, error) { func (pluginsState *PluginsState) ApplyQueryPlugins(pluginsGlobals *PluginsGlobals, packet []byte, serverName *string) ([]byte, error) {
if len(*pluginsGlobals.queryPlugins) == 0 && len(*pluginsGlobals.loggingPlugins) == 0 { if len(*pluginsGlobals.queryPlugins) == 0 && len(*pluginsGlobals.loggingPlugins) == 0 {
return packet, nil return packet, nil
} }
pluginsState.serverName = *serverName
pluginsState.action = PluginsActionForward pluginsState.action = PluginsActionForward
msg := dns.Msg{} msg := dns.Msg{}
if err := msg.Unpack(packet); err != nil { if err := msg.Unpack(packet); err != nil {

8
dnscrypt-proxy/proxy.go
View File

@ -1,9 +1,9 @@
package main package main
import ( import (
crypto_rand "crypto/rand"
"io" "io"
"io/ioutil" "io/ioutil"
"math/rand"
"net" "net"
"os" "os"
"sync/atomic" "sync/atomic"
@ -68,7 +68,7 @@ type Proxy struct {
func (proxy *Proxy) StartProxy() { func (proxy *Proxy) StartProxy() {
proxy.questionSizeEstimator = NewQuestionSizeEstimator() proxy.questionSizeEstimator = NewQuestionSizeEstimator()
if _, err := rand.Read(proxy.proxySecretKey[:]); err != nil { if _, err := crypto_rand.Read(proxy.proxySecretKey[:]); err != nil {
dlog.Fatal(err) dlog.Fatal(err)
} }
curve25519.ScalarBaseMult(&proxy.proxyPublicKey, &proxy.proxySecretKey) curve25519.ScalarBaseMult(&proxy.proxyPublicKey, &proxy.proxySecretKey)
@ -332,7 +332,7 @@ func (proxy *Proxy) processIncomingQuery(serverInfo *ServerInfo, clientProto str
return return
} }
pluginsState := NewPluginsState(proxy, clientProto, clientAddr, start) pluginsState := NewPluginsState(proxy, clientProto, clientAddr, start)
query, _ = pluginsState.ApplyQueryPlugins(&proxy.pluginsGlobals, query) query, _ = pluginsState.ApplyQueryPlugins(&proxy.pluginsGlobals, query, &serverInfo.Name)
if len(query) < MinDNSPacketSize || len(query) > MaxDNSPacketSize { if len(query) < MinDNSPacketSize || len(query) > MaxDNSPacketSize {
return return
} }
@ -461,6 +461,6 @@ func (proxy *Proxy) processIncomingQuery(serverInfo *ServerInfo, clientProto str
func NewProxy() Proxy { func NewProxy() Proxy {
return Proxy{ return Proxy{
serversInfo: ServersInfo{lbStrategy: DefaultLBStrategy, lbEstimator: true}, serversInfo: NewServersInfo(),
} }
} }

7
dnscrypt-proxy/serversInfo.go
View File

@ -70,6 +70,10 @@ type ServersInfo struct {
lbEstimator bool lbEstimator bool
} }
func NewServersInfo() ServersInfo {
return ServersInfo{lbStrategy: DefaultLBStrategy, lbEstimator: true, registeredServers: make([]RegisteredServer, 0)}
}
func (serversInfo *ServersInfo) registerServer(proxy *Proxy, name string, stamp stamps.ServerStamp) error { func (serversInfo *ServersInfo) registerServer(proxy *Proxy, name string, stamp stamps.ServerStamp) error {
newRegisteredServer := RegisteredServer{name: name, stamp: stamp} newRegisteredServer := RegisteredServer{name: name, stamp: stamp}
serversInfo.Lock() serversInfo.Lock()
@ -175,9 +179,10 @@ func (serversInfo *ServersInfo) estimatorUpdate(candidate int) {
serversInfo.inner[candidate], serversInfo.inner[0] = serversInfo.inner[0], serversInfo.inner[candidate] serversInfo.inner[candidate], serversInfo.inner[0] = serversInfo.inner[0], serversInfo.inner[candidate]
partialSort = true partialSort = true
dlog.Debugf("New preferred candidate: %v (rtt: %v vs previous: %v)", serversInfo.inner[0].Name, candidateRtt, currentBestRtt) dlog.Debugf("New preferred candidate: %v (rtt: %v vs previous: %v)", serversInfo.inner[0].Name, candidateRtt, currentBestRtt)
} else if candidateRtt >= currentBestRtt*4.0 { } else if candidateRtt > 0 && candidateRtt >= currentBestRtt*4.0 {
if time.Since(serversInfo.inner[candidate].lastActionTS) > time.Duration(1*time.Minute) { if time.Since(serversInfo.inner[candidate].lastActionTS) > time.Duration(1*time.Minute) {
serversInfo.inner[candidate].rtt.Add(MinF(MaxF(candidateRtt/2.0, currentBestRtt*2.0), candidateRtt)) serversInfo.inner[candidate].rtt.Add(MinF(MaxF(candidateRtt/2.0, currentBestRtt*2.0), candidateRtt))
dlog.Debugf("Giving a new chance to candidate [%s], setting its RTT from %v to %v (best: %v)", serversInfo.inner[candidate].Name, candidateRtt, serversInfo.inner[candidate].rtt.Value(), currentBestRtt)
partialSort = true partialSort = true
} }
} }