Transform queries via an initial edns mangling plugin

Yet another thing that was utterly broken in dnscrypt-proxy v1.x
This commit is contained in:
Frank Denis 2018-01-10 09:04:03 +01:00
parent 705cf440b1
commit f4346691bc
2 changed files with 65 additions and 0 deletions

View File

@ -138,6 +138,8 @@ func (proxy *Proxy) processIncomingQuery(serverInfo *ServerInfo, serverProto str
if len(query) < MinDNSPacketSize { if len(query) < MinDNSPacketSize {
return return
} }
pluginsState := NewPluginsState()
query, _ = pluginsState.ApplyQueryPlugins(query)
encryptedQuery, clientNonce, err := proxy.Encrypt(serverInfo, query, serverProto) encryptedQuery, clientNonce, err := proxy.Encrypt(serverInfo, query, serverProto)
if err != nil { if err != nil {
return return

63
dnscrypt-proxy/plugins.go Normal file
View File

@ -0,0 +1,63 @@
package main
import (
"github.com/miekg/dns"
)
type PluginsAction int
const (
PluginsActionNone = 0
PluginsActionForward = 1
)
type PluginsState struct {
sessionData map[string]interface{}
action PluginsAction
originalMaxPayloadSize int
maxPayloadSize int
proto string
}
func NewPluginsState() PluginsState {
return PluginsState{action: PluginsActionForward, maxPayloadSize: MaxDNSUDPPacketSize - ResponseOverhead}
}
func (pluginsState *PluginsState) ApplyQueryPlugins(packet []byte) ([]byte, error) {
msg := dns.Msg{}
if err := msg.Unpack(packet); err != nil {
return packet, err
}
if ret := pluginsState.BuiltinPluginsGetSetPayloadSize(&msg); ret != nil {
return packet, ret
}
packet2, err := msg.PackBuffer(packet)
if err != nil {
return packet, err
}
return packet2, nil
}
func (pluginsState *PluginsState) BuiltinPluginsGetSetPayloadSize(msg *dns.Msg) error {
pluginsState.originalMaxPayloadSize = 512 - ResponseOverhead
opt := msg.IsEdns0()
dnssec := false
if opt != nil {
pluginsState.originalMaxPayloadSize = Min(int(opt.UDPSize())-ResponseOverhead, pluginsState.originalMaxPayloadSize)
dnssec = opt.Do()
}
pluginsState.maxPayloadSize = Min(MaxDNSUDPPacketSize-ResponseOverhead, Max(pluginsState.originalMaxPayloadSize, pluginsState.maxPayloadSize))
if pluginsState.maxPayloadSize > 512 {
extra2 := []dns.RR{}
for _, extra := range msg.Extra {
if extra.Header().Rrtype != dns.TypeOPT {
extra2 = append(extra2, extra)
}
}
msg.Extra = extra2
msg.SetEdns0(uint16(pluginsState.maxPayloadSize), dnssec)
}
return nil
}