Mark servers as failing more aggressively

2018-02-22 14:20:59 +01:00 · 2018-02-22 14:20:59 +01:00 · 4ec5461b2f
parent 358481d728
commit 4ec5461b2f
3 changed files with 18 additions and 6 deletions
--- a/dnscrypt-proxy/dnsutils.go
+++ b/dnscrypt-proxy/dnsutils.go
@ -52,6 +52,10 @@ func SetTransactionID(packet []byte, tid uint16) {
 	binary.BigEndian.PutUint16(packet[0:2], tid)
 }

+func Rcode(packet []byte) uint8 {
+	return packet[3] & 0xf
+}
+
 func NormalizeName(name *[]byte) {
 	for i, c := range *name {
 		if c >= 65 && c <= 90 {
--- a/dnscrypt-proxy/proxy.go
+++ b/dnscrypt-proxy/proxy.go
@ -289,10 +289,12 @@ func (proxy *Proxy) processIncomingQuery(serverInfo *ServerInfo, clientProto str
 			resp, _, err := proxy.xTransport.DoHQuery(serverInfo.useGet, serverInfo.URL, query, proxy.timeout)
 			SetTransactionID(query, tid)
 			if err != nil {
+				serverInfo.noticeFailure(proxy)
 				return
 			}
 			response, err = ioutil.ReadAll(io.LimitReader(resp.Body, int64(MaxDNSPacketSize)))
 			if err != nil {
+				serverInfo.noticeFailure(proxy)
 				return
 			}
 			if len(response) >= MinDNSPacketSize {
@ -302,17 +304,21 @@ func (proxy *Proxy) processIncomingQuery(serverInfo *ServerInfo, clientProto str
 		} else {
 			dlog.Fatal("Unsupported protocol")
 		}
+		if len(response) < MinDNSPacketSize || len(response) > MaxDNSPacketSize {
+			serverInfo.noticeFailure(proxy)
+			return
+		}
+		response, err = pluginsState.ApplyResponsePlugins(&proxy.pluginsGlobals, response, ttl)
 		if err != nil {
 			serverInfo.noticeFailure(proxy)
 			return
 		}
-		response, _ = pluginsState.ApplyResponsePlugins(&proxy.pluginsGlobals, response, ttl)
+		if rcode := Rcode(response); rcode == 2 || rcode == 5 { // SERVFAIL / REFUSED
+			serverInfo.noticeFailure(proxy)
+		} else {
+			serverInfo.noticeSuccess(proxy)
+		}
 	}
-	if len(response) < MinDNSPacketSize || len(response) > MaxDNSPacketSize {
-		serverInfo.noticeFailure(proxy)
-		return
-	}
-	serverInfo.noticeSuccess(proxy)
 	if clientProto == "udp" {
 		if len(response) > MaxDNSUDPPacketSize {
 			response, err = TruncatedResponse(response)
--- a/dnscrypt-proxy/serversInfo.go
+++ b/dnscrypt-proxy/serversInfo.go
@ -201,6 +201,8 @@ func (serversInfo *ServersInfo) getOne() *ServerInfo {
 		candidate = rand.Intn(Min(serversCount, 2))
 	}
 	serverInfo := &serversInfo.inner[candidate]
+	dlog.Debugf("Using candidate %v: [%v]", candidate, serverInfo.Name)
+
 	return serverInfo
 }