megacheck
This commit is contained in:
Frank Denis
parent
b076e01f7a
commit
9ffa61c9e3
8
certs.go
8
certs.go
|
|
@ -1,10 +1,10 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"encoding/binary"
|
||||
"errors"
|
||||
"log"
|
||||
"reflect"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
|
|
@ -24,7 +24,7 @@ func FetchCurrentCert(proxy *Proxy, pk ed25519.PublicKey, serverAddress string,
|
|||
if len(pk) != ed25519.PublicKeySize {
|
||||
return CertInfo{}, errors.New("Invalid public key length")
|
||||
}
|
||||
if strings.HasSuffix(providerName, ".") == false {
|
||||
if !strings.HasSuffix(providerName, ".") {
|
||||
providerName = providerName + "."
|
||||
}
|
||||
query := new(dns.Msg)
|
||||
|
|
@ -45,7 +45,7 @@ func FetchCurrentCert(proxy *Proxy, pk ed25519.PublicKey, serverAddress string,
|
|||
if len(binCert) < 124 {
|
||||
return certInfo, errors.New("Certificate too short")
|
||||
}
|
||||
if reflect.DeepEqual(binCert[:4], CertMagic[:4]) == false {
|
||||
if !bytes.Equal(binCert[:4], CertMagic[:4]) {
|
||||
return certInfo, errors.New("Invalid cert magic")
|
||||
}
|
||||
cryptoConstruction := CryptoConstruction(0)
|
||||
|
|
@ -59,7 +59,7 @@ func FetchCurrentCert(proxy *Proxy, pk ed25519.PublicKey, serverAddress string,
|
|||
}
|
||||
signature := binCert[8:72]
|
||||
signed := binCert[72:]
|
||||
if ed25519.Verify(pk, signed, signature) == false {
|
||||
if !ed25519.Verify(pk, signed, signature) {
|
||||
log.Fatal("Incorrect signature")
|
||||
}
|
||||
serial := binary.BigEndian.Uint32(binCert[112:116])
|
||||
|
|
|
|||
|
|
@ -13,10 +13,6 @@ const (
|
|||
XChacha20Poly1305
|
||||
)
|
||||
|
||||
type ServerParams struct {
|
||||
CertInfo CertInfo
|
||||
}
|
||||
|
||||
var (
|
||||
CertMagic = [4]byte{0x44, 0x4e, 0x53, 0x43}
|
||||
ServerMagic = [8]byte{0x72, 0x36, 0x66, 0x6e, 0x76, 0x57, 0x6a, 0x38}
|
||||
|
|
|
|||
|
|
@ -97,10 +97,10 @@ func (proxy *Proxy) processIncomingQuery(serverInfo *ServerInfo, packet []byte,
|
|||
encrypted = append(encrypted, nonce[:xsecretbox.NonceSize/2]...)
|
||||
encrypted = xsecretbox.Seal(encrypted, nonce, packet, serverInfo.SharedKey[:])
|
||||
pc, err := net.DialUDP("udp", nil, serverInfo.UDPAddr)
|
||||
defer pc.Close()
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
defer pc.Close()
|
||||
pc.SetDeadline(time.Now().Add(serverInfo.Timeout))
|
||||
pc.Write(encrypted)
|
||||
buffer := make([]byte, MaxDNSPacketSize)
|
||||
|
|
|
|||
Loading…
Reference in New Issue