mirror of
https://github.com/DNSCrypt/dnscrypt-proxy.git
synced 2024-12-25 00:00:55 +01:00
Transform queries via an initial edns mangling plugin
Yet another thing that was utterly broken in dnscrypt-proxy v1.x
This commit is contained in:
parent
705cf440b1
commit
f4346691bc
@ -138,6 +138,8 @@ func (proxy *Proxy) processIncomingQuery(serverInfo *ServerInfo, serverProto str
|
||||
if len(query) < MinDNSPacketSize {
|
||||
return
|
||||
}
|
||||
pluginsState := NewPluginsState()
|
||||
query, _ = pluginsState.ApplyQueryPlugins(query)
|
||||
encryptedQuery, clientNonce, err := proxy.Encrypt(serverInfo, query, serverProto)
|
||||
if err != nil {
|
||||
return
|
||||
|
63
dnscrypt-proxy/plugins.go
Normal file
63
dnscrypt-proxy/plugins.go
Normal file
@ -0,0 +1,63 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"github.com/miekg/dns"
|
||||
)
|
||||
|
||||
type PluginsAction int
|
||||
|
||||
const (
|
||||
PluginsActionNone = 0
|
||||
PluginsActionForward = 1
|
||||
)
|
||||
|
||||
type PluginsState struct {
|
||||
sessionData map[string]interface{}
|
||||
action PluginsAction
|
||||
originalMaxPayloadSize int
|
||||
maxPayloadSize int
|
||||
proto string
|
||||
}
|
||||
|
||||
func NewPluginsState() PluginsState {
|
||||
return PluginsState{action: PluginsActionForward, maxPayloadSize: MaxDNSUDPPacketSize - ResponseOverhead}
|
||||
}
|
||||
|
||||
func (pluginsState *PluginsState) ApplyQueryPlugins(packet []byte) ([]byte, error) {
|
||||
msg := dns.Msg{}
|
||||
if err := msg.Unpack(packet); err != nil {
|
||||
return packet, err
|
||||
}
|
||||
|
||||
if ret := pluginsState.BuiltinPluginsGetSetPayloadSize(&msg); ret != nil {
|
||||
return packet, ret
|
||||
}
|
||||
|
||||
packet2, err := msg.PackBuffer(packet)
|
||||
if err != nil {
|
||||
return packet, err
|
||||
}
|
||||
return packet2, nil
|
||||
}
|
||||
|
||||
func (pluginsState *PluginsState) BuiltinPluginsGetSetPayloadSize(msg *dns.Msg) error {
|
||||
pluginsState.originalMaxPayloadSize = 512 - ResponseOverhead
|
||||
opt := msg.IsEdns0()
|
||||
dnssec := false
|
||||
if opt != nil {
|
||||
pluginsState.originalMaxPayloadSize = Min(int(opt.UDPSize())-ResponseOverhead, pluginsState.originalMaxPayloadSize)
|
||||
dnssec = opt.Do()
|
||||
}
|
||||
pluginsState.maxPayloadSize = Min(MaxDNSUDPPacketSize-ResponseOverhead, Max(pluginsState.originalMaxPayloadSize, pluginsState.maxPayloadSize))
|
||||
if pluginsState.maxPayloadSize > 512 {
|
||||
extra2 := []dns.RR{}
|
||||
for _, extra := range msg.Extra {
|
||||
if extra.Header().Rrtype != dns.TypeOPT {
|
||||
extra2 = append(extra2, extra)
|
||||
}
|
||||
}
|
||||
msg.Extra = extra2
|
||||
msg.SetEdns0(uint16(pluginsState.maxPayloadSize), dnssec)
|
||||
}
|
||||
return nil
|
||||
}
|
Loading…
Reference in New Issue
Block a user