Improve management of multiple servers, and unreachable-at-boot servers

dnscrypt-proxy/certs.go

@@ -72,19 +72,19 @@ func FetchCurrentCert(proxy *Proxy, proto string, pk ed25519.PublicKey, serverAd
 		tsBegin := binary.BigEndian.Uint32(binCert[116:120])
 		tsEnd := binary.BigEndian.Uint32(binCert[120:124])
 		if now > tsEnd || now < tsBegin {
-			dlog.Infof("[%v] Certificate not valid at the current date", providerName)
+			dlog.Debugf("[%v] Certificate not valid at the current date", providerName)
 			continue
 		}
 		if serial < highestSerial {
-			dlog.Infof("[%v] Superseded by a previous certificate", providerName)
+			dlog.Debugf("[%v] Superseded by a previous certificate", providerName)
 			continue
 		}
 		if serial == highestSerial {
 			if cryptoConstruction < certInfo.CryptoConstruction {
-				dlog.Infof("[%v] Keeping the previous, preferred crypto construction", providerName)
+				dlog.Debugf("[%v] Keeping the previous, preferred crypto construction", providerName)
 				continue
 			} else {
-				dlog.Infof("[%v] Upgrading the construction from %v to %v", providerName, certInfo.CryptoConstruction, cryptoConstruction)
+				dlog.Debugf("[%v] Upgrading the construction from %v to %v", providerName, certInfo.CryptoConstruction, cryptoConstruction)
 			}
 		}
 		if cryptoConstruction != XChacha20Poly1305 && cryptoConstruction != XSalsa20Poly1305 {
@@ -108,7 +108,7 @@ func FetchCurrentCert(proxy *Proxy, proto string, pk ed25519.PublicKey, serverAd
 		certInfo.CryptoConstruction = cryptoConstruction
 		copy(certInfo.ServerPk[:], serverPk[:])
 		copy(certInfo.MagicQuery[:], binCert[104:112])
-		dlog.Noticef("[%v] Valid cert found", providerName)
+		dlog.Noticef("[%v] Valid cert (crypto version %d) found", providerName, cryptoConstruction)
 	}
 	if certInfo.CryptoConstruction == UndefinedConstruction {
 		return certInfo, errors.New("No useable certificate found")

dnscrypt-proxy/main.go

@@ -138,7 +138,13 @@ func (proxy *Proxy) StartProxy() {
 			dlog.Fatal(err)
 		}
 	}
-	dlog.Notice("dnscrypt-proxy is ready")
+	liveServers, err := proxy.serversInfo.refresh(proxy)
+	if liveServers > 0 {
+		dlog.Noticef("dnscrypt-proxy is ready - live servers: %d", liveServers)
+	} else if err != nil {
+		dlog.Error(err)
+		dlog.Notice("dnscrypt-proxy is waiting for at least one server to be reachable")
+	}
 	go func() {
 		for {
 			delay := proxy.certRefreshDelay

dnscrypt-proxy/serversInfo.go

@@ -62,6 +62,20 @@ type ServersInfo struct {
 }
 
 func (serversInfo *ServersInfo) registerServer(proxy *Proxy, name string, stamp ServerStamp) error {
+	newRegisteredServer := RegisteredServer{name: name, stamp: stamp}
+	serversInfo.Lock()
+	defer serversInfo.Unlock()
+	for i, oldRegisteredServer := range serversInfo.registeredServers {
+		if oldRegisteredServer.name == name {
+			serversInfo.registeredServers[i] = newRegisteredServer
+			return nil
+		}
+	}
+	serversInfo.registeredServers = append(serversInfo.registeredServers, newRegisteredServer)
+	return nil
+}
+
+func (serversInfo *ServersInfo) refreshServer(proxy *Proxy, name string, stamp ServerStamp) error {
 	serversInfo.Lock()
 	defer serversInfo.Unlock()
 	newServer, err := serversInfo.fetchServerInfo(proxy, name, stamp)
@@ -88,7 +102,7 @@ func (serversInfo *ServersInfo) refresh(proxy *Proxy) (int, error) {
 	liveServers := 0
 	var err error
 	for _, registeredServer := range registeredServers {
-		if err = serversInfo.registerServer(proxy, registeredServer.name, registeredServer.stamp); err == nil {
+		if err = serversInfo.refreshServer(proxy, registeredServer.name, registeredServer.stamp); err == nil {
 			liveServers++
 		}
 	}
@@ -97,7 +111,7 @@ func (serversInfo *ServersInfo) refresh(proxy *Proxy) (int, error) {
 
 func (serversInfo *ServersInfo) liveServers() int {
 	serversInfo.RLock()
-	liveServers := len(serversInfo.registeredServers)
+	liveServers := len(serversInfo.inner)
 	serversInfo.RUnlock()
 	return liveServers
 }