Try to retrieve the certificates using UDP before TCP

2018-01-09 18:37:37 +01:00 · 2018-01-09 18:37:37 +01:00 · ce5e0c8031
parent 841bf65d61
commit ce5e0c8031
2 changed files with 7 additions and 4 deletions
--- a/dnscrypt-proxy/certs.go
+++ b/dnscrypt-proxy/certs.go
@ -20,7 +20,7 @@ type CertInfo struct {
 	CryptoConstruction CryptoConstruction
 }

-func FetchCurrentCert(proxy *Proxy, pk ed25519.PublicKey, serverAddress string, providerName string) (CertInfo, error) {
+func FetchCurrentCert(proxy *Proxy, proto string, pk ed25519.PublicKey, serverAddress string, providerName string) (CertInfo, error) {
 	if len(pk) != ed25519.PublicKeySize {
 		return CertInfo{}, errors.New("Invalid public key length")
 	}
@ -29,7 +29,7 @@ func FetchCurrentCert(proxy *Proxy, pk ed25519.PublicKey, serverAddress string,
 	}
 	query := new(dns.Msg)
 	query.SetQuestion(providerName, dns.TypeTXT)
-	client := dns.Client{Net: "tcp", UDPSize: 1252}
+	client := dns.Client{Net: proto, UDPSize: uint16(MaxDNSUDPPacketSize)}
 	in, _, err := client.Exchange(query, serverAddress)
 	if err != nil {
 		log.Fatal(err)
--- a/dnscrypt-proxy/serversInfo.go
+++ b/dnscrypt-proxy/serversInfo.go
@ -89,9 +89,12 @@ func (serversInfo *ServersInfo) fetchServerInfo(proxy *Proxy, name string, stamp
 	if err != nil || len(serverPk) != ed25519.PublicKeySize {
 		log.Fatal("Invalid public key")
 	}
-	certInfo, err := FetchCurrentCert(proxy, serverPk, stamp.serverAddrStr, stamp.providerName)
+	certInfo, err := FetchCurrentCert(proxy, "udp", serverPk, stamp.serverAddrStr, stamp.providerName)
 	if err != nil {
-		return ServerInfo{}, err
+		certInfo, err = FetchCurrentCert(proxy, "tcp", serverPk, stamp.serverAddrStr, stamp.providerName)
+		if err != nil {
+			return ServerInfo{}, err
+		}
 	}
 	remoteUDPAddr, err := net.ResolveUDPAddr("udp", stamp.serverAddrStr)
 	if err != nil {