From 8899389d8b87eec854a7d2872143a3a69a9b9df8 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Mon, 25 Feb 2019 18:25:35 +0100 Subject: [PATCH] Store IP addresses, not references --- dnscrypt-proxy/dnsutils.go | 9 +++++++++ dnscrypt-proxy/plugin_cloak.go | 16 ++++++++-------- 2 files changed, 17 insertions(+), 8 deletions(-) diff --git a/dnscrypt-proxy/dnsutils.go b/dnscrypt-proxy/dnsutils.go index 0c1cc61c..aa3b1f59 100644 --- a/dnscrypt-proxy/dnsutils.go +++ b/dnscrypt-proxy/dnsutils.go @@ -40,6 +40,15 @@ func RefusedResponseFromMessage(srcMsg *dns.Msg, refusedCode bool) (*dns.Msg, er dstMsg.Rcode = dns.RcodeRefused } else { dstMsg.Rcode = dns.RcodeSuccess + questions := srcMsg.Question + if len(questions) > 0 { + hinfo := new(dns.HINFO) + hinfo.Hdr = dns.RR_Header{Name: questions[0].Name, Rrtype: dns.TypeHINFO, + Class: dns.ClassINET, Ttl: 1} + hinfo.Cpu = "This query has been locally blocked" + hinfo.Os = "by dnscrypt-proxy" + dstMsg.Answer = []dns.RR{hinfo} + } } return dstMsg, nil } diff --git a/dnscrypt-proxy/plugin_cloak.go b/dnscrypt-proxy/plugin_cloak.go index 7a6f0929..248fbcd1 100644 --- a/dnscrypt-proxy/plugin_cloak.go +++ b/dnscrypt-proxy/plugin_cloak.go @@ -14,8 +14,8 @@ import ( type CloakedName struct { target string - ipv4 []*net.IP - ipv6 []*net.IP + ipv4 []net.IP + ipv6 []net.IP lastUpdate *time.Time lineNo int isIP bool @@ -69,9 +69,9 @@ func (plugin *PluginCloak) Init(proxy *Proxy) error { } if ip := net.ParseIP(target); ip != nil { if ipv4 := ip.To4(); ipv4 != nil { - cloakedName.ipv4 = append((*cloakedName).ipv4, &ipv4) + cloakedName.ipv4 = append((*cloakedName).ipv4, ipv4) } else if ipv6 := ip.To16(); ipv6 != nil { - cloakedName.ipv6 = append((*cloakedName).ipv6, &ipv6) + cloakedName.ipv6 = append((*cloakedName).ipv6, ipv6) } else { dlog.Errorf("Invalid IP address in cloaking rule at line %d", 1+lineNo) continue @@ -139,12 +139,12 @@ func (plugin *PluginCloak) Eval(pluginsState *PluginsState, msg *dns.Msg) error cloakedName.ipv6 = nil for _, foundIP := range foundIPs { if ipv4 := foundIP.To4(); ipv4 != nil { - cloakedName.ipv4 = append(cloakedName.ipv4, &foundIP) + cloakedName.ipv4 = append(cloakedName.ipv4, foundIP) if len(cloakedName.ipv4) >= 16 { break } } else { - cloakedName.ipv6 = append(cloakedName.ipv6, &foundIP) + cloakedName.ipv6 = append(cloakedName.ipv6, foundIP) if len(cloakedName.ipv6) >= 16 { break } @@ -158,12 +158,12 @@ func (plugin *PluginCloak) Eval(pluginsState *PluginsState, msg *dns.Msg) error if question.Qtype == dns.TypeA { ipLen := len(cloakedName.ipv4) if ipLen > 0 { - ip = cloakedName.ipv4[rand.Intn(ipLen)] + ip = &cloakedName.ipv4[rand.Intn(ipLen)] } } else { ipLen := len(cloakedName.ipv6) if ipLen > 0 { - ip = cloakedName.ipv6[rand.Intn(ipLen)] + ip = &cloakedName.ipv6[rand.Intn(ipLen)] } } synth, err := EmptyResponseFromMessage(msg)