Improve management of multiple servers, and unreachable-at-boot servers

This commit is contained in:
Frank Denis 2018-01-17 21:23:01 +01:00
parent cd15ba4538
commit df3a5f608d
3 changed files with 28 additions and 8 deletions

View File

@ -72,19 +72,19 @@ func FetchCurrentCert(proxy *Proxy, proto string, pk ed25519.PublicKey, serverAd
tsBegin := binary.BigEndian.Uint32(binCert[116:120])
tsEnd := binary.BigEndian.Uint32(binCert[120:124])
if now > tsEnd || now < tsBegin {
dlog.Infof("[%v] Certificate not valid at the current date", providerName)
dlog.Debugf("[%v] Certificate not valid at the current date", providerName)
continue
}
if serial < highestSerial {
dlog.Infof("[%v] Superseded by a previous certificate", providerName)
dlog.Debugf("[%v] Superseded by a previous certificate", providerName)
continue
}
if serial == highestSerial {
if cryptoConstruction < certInfo.CryptoConstruction {
dlog.Infof("[%v] Keeping the previous, preferred crypto construction", providerName)
dlog.Debugf("[%v] Keeping the previous, preferred crypto construction", providerName)
continue
} else {
dlog.Infof("[%v] Upgrading the construction from %v to %v", providerName, certInfo.CryptoConstruction, cryptoConstruction)
dlog.Debugf("[%v] Upgrading the construction from %v to %v", providerName, certInfo.CryptoConstruction, cryptoConstruction)
}
}
if cryptoConstruction != XChacha20Poly1305 && cryptoConstruction != XSalsa20Poly1305 {
@ -108,7 +108,7 @@ func FetchCurrentCert(proxy *Proxy, proto string, pk ed25519.PublicKey, serverAd
certInfo.CryptoConstruction = cryptoConstruction
copy(certInfo.ServerPk[:], serverPk[:])
copy(certInfo.MagicQuery[:], binCert[104:112])
dlog.Noticef("[%v] Valid cert found", providerName)
dlog.Noticef("[%v] Valid cert (crypto version %d) found", providerName, cryptoConstruction)
}
if certInfo.CryptoConstruction == UndefinedConstruction {
return certInfo, errors.New("No useable certificate found")

View File

@ -138,7 +138,13 @@ func (proxy *Proxy) StartProxy() {
dlog.Fatal(err)
}
}
dlog.Notice("dnscrypt-proxy is ready")
liveServers, err := proxy.serversInfo.refresh(proxy)
if liveServers > 0 {
dlog.Noticef("dnscrypt-proxy is ready - live servers: %d", liveServers)
} else if err != nil {
dlog.Error(err)
dlog.Notice("dnscrypt-proxy is waiting for at least one server to be reachable")
}
go func() {
for {
delay := proxy.certRefreshDelay

View File

@ -62,6 +62,20 @@ type ServersInfo struct {
}
func (serversInfo *ServersInfo) registerServer(proxy *Proxy, name string, stamp ServerStamp) error {
newRegisteredServer := RegisteredServer{name: name, stamp: stamp}
serversInfo.Lock()
defer serversInfo.Unlock()
for i, oldRegisteredServer := range serversInfo.registeredServers {
if oldRegisteredServer.name == name {
serversInfo.registeredServers[i] = newRegisteredServer
return nil
}
}
serversInfo.registeredServers = append(serversInfo.registeredServers, newRegisteredServer)
return nil
}
func (serversInfo *ServersInfo) refreshServer(proxy *Proxy, name string, stamp ServerStamp) error {
serversInfo.Lock()
defer serversInfo.Unlock()
newServer, err := serversInfo.fetchServerInfo(proxy, name, stamp)
@ -88,7 +102,7 @@ func (serversInfo *ServersInfo) refresh(proxy *Proxy) (int, error) {
liveServers := 0
var err error
for _, registeredServer := range registeredServers {
if err = serversInfo.registerServer(proxy, registeredServer.name, registeredServer.stamp); err == nil {
if err = serversInfo.refreshServer(proxy, registeredServer.name, registeredServer.stamp); err == nil {
liveServers++
}
}
@ -97,7 +111,7 @@ func (serversInfo *ServersInfo) refresh(proxy *Proxy) (int, error) {
func (serversInfo *ServersInfo) liveServers() int {
serversInfo.RLock()
liveServers := len(serversInfo.registeredServers)
liveServers := len(serversInfo.inner)
serversInfo.RUnlock()
return liveServers
}