Store IP addresses, not references

2019-02-25 18:25:35 +01:00 · 2019-02-25 18:25:35 +01:00 · 8899389d8b
parent 734483226b
commit 8899389d8b
2 changed files with 17 additions and 8 deletions
--- a/dnscrypt-proxy/dnsutils.go
+++ b/dnscrypt-proxy/dnsutils.go
@ -40,6 +40,15 @@ func RefusedResponseFromMessage(srcMsg *dns.Msg, refusedCode bool) (*dns.Msg, er
 		dstMsg.Rcode = dns.RcodeRefused
 	} else {
 		dstMsg.Rcode = dns.RcodeSuccess
+		questions := srcMsg.Question
+		if len(questions) > 0 {
+			hinfo := new(dns.HINFO)
+			hinfo.Hdr = dns.RR_Header{Name: questions[0].Name, Rrtype: dns.TypeHINFO,
+				Class: dns.ClassINET, Ttl: 1}
+			hinfo.Cpu = "This query has been locally blocked"
+			hinfo.Os = "by dnscrypt-proxy"
+			dstMsg.Answer = []dns.RR{hinfo}
+		}
 	}
 	return dstMsg, nil
 }
--- a/dnscrypt-proxy/plugin_cloak.go
+++ b/dnscrypt-proxy/plugin_cloak.go
@ -14,8 +14,8 @@ import (

 type CloakedName struct {
 	target     string
-	ipv4       []*net.IP
-	ipv6       []*net.IP
+	ipv4       []net.IP
+	ipv6       []net.IP
 	lastUpdate *time.Time
 	lineNo     int
 	isIP       bool
@ -69,9 +69,9 @@ func (plugin *PluginCloak) Init(proxy *Proxy) error {
 		}
 		if ip := net.ParseIP(target); ip != nil {
 			if ipv4 := ip.To4(); ipv4 != nil {
-				cloakedName.ipv4 = append((*cloakedName).ipv4, &ipv4)
+				cloakedName.ipv4 = append((*cloakedName).ipv4, ipv4)
 			} else if ipv6 := ip.To16(); ipv6 != nil {
-				cloakedName.ipv6 = append((*cloakedName).ipv6, &ipv6)
+				cloakedName.ipv6 = append((*cloakedName).ipv6, ipv6)
 			} else {
 				dlog.Errorf("Invalid IP address in cloaking rule at line %d", 1+lineNo)
 				continue
@ -139,12 +139,12 @@ func (plugin *PluginCloak) Eval(pluginsState *PluginsState, msg *dns.Msg) error
 		cloakedName.ipv6 = nil
 		for _, foundIP := range foundIPs {
 			if ipv4 := foundIP.To4(); ipv4 != nil {
-				cloakedName.ipv4 = append(cloakedName.ipv4, &foundIP)
+				cloakedName.ipv4 = append(cloakedName.ipv4, foundIP)
 				if len(cloakedName.ipv4) >= 16 {
 					break
 				}
 			} else {
-				cloakedName.ipv6 = append(cloakedName.ipv6, &foundIP)
+				cloakedName.ipv6 = append(cloakedName.ipv6, foundIP)
 				if len(cloakedName.ipv6) >= 16 {
 					break
 				}
@ -158,12 +158,12 @@ func (plugin *PluginCloak) Eval(pluginsState *PluginsState, msg *dns.Msg) error
 	if question.Qtype == dns.TypeA {
 		ipLen := len(cloakedName.ipv4)
 		if ipLen > 0 {
-			ip = cloakedName.ipv4[rand.Intn(ipLen)]
+			ip = &cloakedName.ipv4[rand.Intn(ipLen)]
 		}
 	} else {
 		ipLen := len(cloakedName.ipv6)
 		if ipLen > 0 {
-			ip = cloakedName.ipv6[rand.Intn(ipLen)]
+			ip = &cloakedName.ipv6[rand.Intn(ipLen)]
 		}
 	}
 	synth, err := EmptyResponseFromMessage(msg)