From a726a40dc552bae23f545e73f5d42fab3ea1af68 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Sat, 23 Feb 2019 00:58:25 +0100 Subject: [PATCH] Add refused_code_in_responses Fixes #737 --- dnscrypt-proxy/config.go | 3 +++ dnscrypt-proxy/dnsutils.go | 8 ++++++-- dnscrypt-proxy/plugins.go | 12 +++++++----- dnscrypt-proxy/proxy.go | 1 + 4 files changed, 17 insertions(+), 7 deletions(-) diff --git a/dnscrypt-proxy/config.go b/dnscrypt-proxy/config.go index c48e2d5a..d9d9fdee 100644 --- a/dnscrypt-proxy/config.go +++ b/dnscrypt-proxy/config.go @@ -73,6 +73,7 @@ type Config struct { NetprobeTimeout int `toml:"netprobe_timeout"` OfflineMode bool `toml:"offline_mode"` HTTPProxyURL string `toml:"http_proxy"` + RefusedCodeInResponses bool `toml:"refused_code_in_responses"` } func newConfig() Config { @@ -108,6 +109,7 @@ func newConfig() Config { NetprobeAddress: "9.9.9.9:53", NetprobeTimeout: 60, OfflineMode: false, + RefusedCodeInResponses: false, } } @@ -278,6 +280,7 @@ func ConfigLoad(proxy *Proxy, svcFlag *string) error { proxy.xTransport.rebuildTransport() + proxy.refusedCodeInResponses = config.RefusedCodeInResponses proxy.timeout = time.Duration(config.Timeout) * time.Millisecond proxy.maxClients = config.MaxClients proxy.mainProto = "udp" diff --git a/dnscrypt-proxy/dnsutils.go b/dnscrypt-proxy/dnsutils.go index e8c5e214..0c1cc61c 100644 --- a/dnscrypt-proxy/dnsutils.go +++ b/dnscrypt-proxy/dnsutils.go @@ -31,12 +31,16 @@ func EmptyResponseFromMessage(srcMsg *dns.Msg) (*dns.Msg, error) { return dstMsg, nil } -func RefusedResponseFromMessage(srcMsg *dns.Msg) (*dns.Msg, error) { +func RefusedResponseFromMessage(srcMsg *dns.Msg, refusedCode bool) (*dns.Msg, error) { dstMsg, err := EmptyResponseFromMessage(srcMsg) if err != nil { return dstMsg, err } - dstMsg.Rcode = dns.RcodeRefused + if refusedCode { + dstMsg.Rcode = dns.RcodeRefused + } else { + dstMsg.Rcode = dns.RcodeSuccess + } return dstMsg, nil } diff --git a/dnscrypt-proxy/plugins.go b/dnscrypt-proxy/plugins.go index 73bbf32a..56bc59ce 100644 --- a/dnscrypt-proxy/plugins.go +++ b/dnscrypt-proxy/plugins.go @@ -21,9 +21,10 @@ const ( type PluginsGlobals struct { sync.RWMutex - queryPlugins *[]Plugin - responsePlugins *[]Plugin - loggingPlugins *[]Plugin + queryPlugins *[]Plugin + responsePlugins *[]Plugin + loggingPlugins *[]Plugin + refusedCodeInResponses bool } type PluginsReturnCode int @@ -127,6 +128,7 @@ func InitPluginsGlobals(pluginsGlobals *PluginsGlobals, proxy *Proxy) error { (*pluginsGlobals).queryPlugins = queryPlugins (*pluginsGlobals).responsePlugins = responsePlugins (*pluginsGlobals).loggingPlugins = loggingPlugins + (*pluginsGlobals).refusedCodeInResponses = proxy.refusedCodeInResponses return nil } @@ -175,7 +177,7 @@ func (pluginsState *PluginsState) ApplyQueryPlugins(pluginsGlobals *PluginsGloba return packet, ret } if pluginsState.action == PluginsActionReject { - synth, err := RefusedResponseFromMessage(&msg) + synth, err := RefusedResponseFromMessage(&msg, pluginsGlobals.refusedCodeInResponses) if err != nil { return nil, err } @@ -223,7 +225,7 @@ func (pluginsState *PluginsState) ApplyResponsePlugins(pluginsGlobals *PluginsGl return packet, ret } if pluginsState.action == PluginsActionReject { - synth, err := RefusedResponseFromMessage(&msg) + synth, err := RefusedResponseFromMessage(&msg, pluginsGlobals.refusedCodeInResponses) if err != nil { return nil, err } diff --git a/dnscrypt-proxy/proxy.go b/dnscrypt-proxy/proxy.go index c41cf404..9e62dbe5 100644 --- a/dnscrypt-proxy/proxy.go +++ b/dnscrypt-proxy/proxy.go @@ -63,6 +63,7 @@ type Proxy struct { logMaxSize int logMaxAge int logMaxBackups int + refusedCodeInResponses bool } func (proxy *Proxy) StartProxy() {