Add an option to ignore servers incompatible with anonymization

2020-03-26 13:41:57 +01:00 · 2020-03-26 13:41:57 +01:00 · 5049516f53
parent 7621737dde
commit 5049516f53
4 changed files with 16 additions and 1 deletions
--- a/dnscrypt-proxy/config.go
+++ b/dnscrypt-proxy/config.go
@ -193,7 +193,8 @@ type AnonymizedDNSRouteConfig struct {
 }

 type AnonymizedDNSConfig struct {
-	Routes []AnonymizedDNSRouteConfig `toml:"routes"`
+	Routes           []AnonymizedDNSRouteConfig `toml:"routes"`
+	SkipIncompatible bool                       `toml:"skip_incompatible"`
 }

 type BrokenImplementationsConfig struct {
@ -498,6 +499,8 @@ func ConfigLoad(proxy *Proxy, flags *ConfigFlags) error {
 		}
 		proxy.routes = &routes
 	}
+	proxy.skipAnonIncompatbibleResolvers = config.AnonymizedDNS.SkipIncompatible
+
 	configClientCreds := config.TLSClientAuth.Creds
 	creds := make(map[string]DOHClientCreds)
 	for _, configClientCred := range configClientCreds {
--- a/dnscrypt-proxy/example-dnscrypt-proxy.toml
+++ b/dnscrypt-proxy/example-dnscrypt-proxy.toml
@ -643,6 +643,7 @@ larger_responses_dropped = ['quad9-dnscrypt-ip4-filter-alt', 'quad9-dnscrypt-ip4



+
 ################################
 #   TLS Client Authentication  #
 ################################
@ -692,6 +693,13 @@ larger_responses_dropped = ['quad9-dnscrypt-ip4-filter-alt', 'quad9-dnscrypt-ip4
 # ]


+# skip resolvers incompatible with anonymization instead of using them directly
+
+skip_incompatible = false
+
+
+
+
 ## Optional, local, static list of additional servers
 ## Mostly useful for testing your own servers.

--- a/dnscrypt-proxy/proxy.go
+++ b/dnscrypt-proxy/proxy.go
@ -79,6 +79,7 @@ type Proxy struct {
 	serversDroppingLargerResponses []string
 	showCerts                      bool
 	dohCreds                       *map[string]DOHClientCreds
+	skipAnonIncompatbibleResolvers bool
 }

 func (proxy *Proxy) addDNSListener(listenAddrStr string) {
--- a/dnscrypt-proxy/serversInfo.go
+++ b/dnscrypt-proxy/serversInfo.go
@ -346,6 +346,9 @@ func fetchDNSCryptServerInfo(proxy *Proxy, name string, stamp stamps.ServerStamp
 	if knownBugs.fragmentsBlocked && (relayUDPAddr != nil || relayTCPAddr != nil) {
 		dlog.Warnf("[%v] is incompatible with anonymization", name)
 		relayTCPAddr, relayUDPAddr = nil, nil
+		if proxy.skipAnonIncompatbibleResolvers {
+			return ServerInfo{}, errors.New("Resolver is incompatible with anonymization")
+		}
 	}
 	if err != nil {
 		return ServerInfo{}, err