mirror of
https://github.com/jedisct1/encrypted-dns-server
synced 2024-11-12 13:10:44 +00:00
kaboom the compiler
This commit is contained in:
Frank Denis
parent
77a5878a52
commit
0592855b25
@ -1,11 +1,15 @@
|
||||
use crate::crypto::*;
|
||||
use crate::dnscrypt_certs::*;
|
||||
use crate::errors::*;
|
||||
|
||||
use std::fs::File;
|
||||
use std::fs::{File, OpenOptions};
|
||||
use std::io::prelude::*;
|
||||
use std::net::{IpAddr, SocketAddr};
|
||||
use std::path::{Path, PathBuf};
|
||||
|
||||
#[cfg(unix)]
|
||||
use std::os::unix::fs::OpenOptionsExt;
|
||||
|
||||
#[derive(Serialize, Deserialize, Debug)]
|
||||
pub struct DNSCryptConfig {
|
||||
pub provider_name: String,
|
||||
@ -53,11 +57,37 @@ impl Config {
|
||||
#[derive(Serialize, Deserialize, Debug)]
|
||||
pub struct State {
|
||||
pub provider_kp: SignKeyPair,
|
||||
pub dnscrypt_encryption_params_set: Vec<DNSCryptEncryptionParams>,
|
||||
}
|
||||
|
||||
impl State {
|
||||
pub fn new() -> Self {
|
||||
let provider_kp = SignKeyPair::new();
|
||||
State { provider_kp }
|
||||
let dnscrypt_encryption_params_set = vec![DNSCryptEncryptionParams::new(&provider_kp)];
|
||||
State {
|
||||
provider_kp,
|
||||
dnscrypt_encryption_params_set,
|
||||
}
|
||||
}
|
||||
|
||||
pub fn save<P: AsRef<Path>>(&self, path: P) -> Result<(), Error> {
|
||||
let mut fpb = OpenOptions::new();
|
||||
let mut fpb = fpb.create(true).write(true);
|
||||
#[cfg(unix)]
|
||||
{
|
||||
fpb = fpb.mode(0o600);
|
||||
}
|
||||
let mut fp = fpb.open(path.as_ref())?;
|
||||
let state_bin = toml::to_vec(&self)?;
|
||||
fp.write_all(&state_bin)?;
|
||||
Ok(())
|
||||
}
|
||||
|
||||
pub fn from_file<P: AsRef<Path>>(path: P) -> Result<Self, Error> {
|
||||
let mut fp = File::open(path.as_ref())?;
|
||||
let mut state_bin = vec![];
|
||||
fp.read_to_end(&mut state_bin)?;
|
||||
let state = toml::from_slice(&state_bin)?;
|
||||
Ok(state)
|
||||
}
|
||||
}
|
||||
|
||||
@ -25,7 +25,7 @@ impl Signature {
|
||||
|
||||
big_array! { BigArray; }
|
||||
|
||||
#[derive(Serialize, Deserialize, Derivative)]
|
||||
#[derive(Serialize, Deserialize, Derivativ, Clone)]
|
||||
#[derivative(Default)]
|
||||
pub struct SignSK(
|
||||
#[serde(with = "BigArray")]
|
||||
@ -58,7 +58,7 @@ impl SignSK {
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(Debug, Serialize, Deserialize, Default)]
|
||||
#[derive(Debug, Serialize, Deserialize, Default, Clone)]
|
||||
pub struct SignPK([u8; crypto_sign_PUBLICKEYBYTES as usize]);
|
||||
|
||||
impl SignPK {
|
||||
@ -75,7 +75,7 @@ impl SignPK {
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(Derivative, Serialize, Deserialize)]
|
||||
#[derive(Derivative, Serialize, Deserialize, Clone)]
|
||||
#[derivative(Debug, Default)]
|
||||
pub struct SignKeyPair {
|
||||
#[derivative(Debug = "ignore")]
|
||||
@ -91,7 +91,7 @@ impl SignKeyPair {
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(Debug, Default, Clone)]
|
||||
#[derive(Debug, Default, Clone, Serialize, Deserialize)]
|
||||
pub struct CryptSK([u8; crypto_box_curve25519xchacha20poly1305_SECRETKEYBYTES as usize]);
|
||||
|
||||
impl CryptSK {
|
||||
@ -108,7 +108,7 @@ impl CryptSK {
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(Debug, Default, Clone)]
|
||||
#[derive(Debug, Default, Clone, Serialize, Deserialize)]
|
||||
pub struct CryptPK([u8; crypto_box_curve25519xchacha20poly1305_PUBLICKEYBYTES as usize]);
|
||||
|
||||
impl CryptPK {
|
||||
@ -125,7 +125,7 @@ impl CryptPK {
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(Debug, Default, Clone)]
|
||||
#[derive(Debug, Default, Clone, Serialize, Deserialize)]
|
||||
pub struct CryptKeyPair {
|
||||
pub sk: CryptSK,
|
||||
pub pk: CryptPK,
|
||||
|
||||
@ -1,3 +1,4 @@
|
||||
use crate::config::*;
|
||||
use crate::crypto::*;
|
||||
use crate::globals::*;
|
||||
|
||||
@ -14,7 +15,7 @@ fn now() -> u32 {
|
||||
Clock::now_since_epoch().as_secs() as u32
|
||||
}
|
||||
|
||||
#[derive(Debug, Default, Clone)]
|
||||
#[derive(Debug, Default, Clone, Serialize, Deserialize)]
|
||||
#[repr(C, packed)]
|
||||
pub struct DNSCryptCertInner {
|
||||
resolver_pk: [u8; 32],
|
||||
@ -30,7 +31,9 @@ impl DNSCryptCertInner {
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(Derivative)]
|
||||
big_array! { BigArray; }
|
||||
|
||||
#[derive(Derivative, Serialize, Deserialize)]
|
||||
#[derivative(Debug, Default, Clone)]
|
||||
#[repr(C, packed)]
|
||||
pub struct DNSCryptCert {
|
||||
@ -38,6 +41,7 @@ pub struct DNSCryptCert {
|
||||
es_version: [u8; 2],
|
||||
minor_version: [u8; 2],
|
||||
#[derivative(Debug = "ignore", Default(value = "[0u8; 64]"))]
|
||||
#[serde(with = "BigArray")]
|
||||
signature: [u8; 64],
|
||||
inner: DNSCryptCertInner,
|
||||
}
|
||||
@ -86,7 +90,7 @@ impl DNSCryptCert {
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(Debug)]
|
||||
#[derive(Serialize, Deserialize, Debug)]
|
||||
pub struct DNSCryptEncryptionParams {
|
||||
dnscrypt_cert: DNSCryptCert,
|
||||
resolver_kp: CryptKeyPair,
|
||||
@ -137,6 +141,13 @@ impl DNSCryptEncryptionParamsUpdater {
|
||||
}
|
||||
let new_params = DNSCryptEncryptionParams::new(&self.globals.provider_kp);
|
||||
new_params_set.push(Arc::new(new_params));
|
||||
|
||||
let state = State {
|
||||
provider_kp: self.globals.provider_kp.clone(),
|
||||
dnscrypt_encryption_params_set: new_params_set,
|
||||
};
|
||||
state.save(&self.globals.state_file);
|
||||
|
||||
*self.globals.dnscrypt_encryption_params_set.write() = Arc::new(new_params_set);
|
||||
}
|
||||
|
||||
|
||||
@ -4,6 +4,7 @@ use crate::dnscrypt_certs::*;
|
||||
use parking_lot::{Mutex, RwLock};
|
||||
use std::collections::vec_deque::VecDeque;
|
||||
use std::net::SocketAddr;
|
||||
use std::path::PathBuf;
|
||||
use std::sync::atomic::AtomicU32;
|
||||
use std::sync::Arc;
|
||||
use std::time::Duration;
|
||||
@ -13,6 +14,7 @@ use tokio::sync::oneshot;
|
||||
#[derive(Debug)]
|
||||
pub struct Globals {
|
||||
pub runtime: Arc<Runtime>,
|
||||
pub state_file: PathBuf,
|
||||
pub dnscrypt_encryption_params_set: Arc<RwLock<Arc<Vec<Arc<DNSCryptEncryptionParams>>>>>,
|
||||
pub provider_name: String,
|
||||
pub provider_kp: SignKeyPair,
|
||||
|
||||
41
src/main.rs
41
src/main.rs
@ -1,7 +1,7 @@
|
||||
//#![allow(clippy::assertions_on_constants)]
|
||||
//#![allow(unused_imports)]
|
||||
//#![allow(unused_variables)]
|
||||
//#![allow(dead_code)]
|
||||
#![allow(clippy::assertions_on_constants)]
|
||||
#![allow(unused_imports)]
|
||||
#![allow(unused_variables)]
|
||||
#![allow(dead_code)]
|
||||
|
||||
#[global_allocator]
|
||||
static ALLOC: jemallocator::Jemalloc = jemallocator::Jemalloc;
|
||||
@ -47,7 +47,7 @@ use privdrop::PrivDrop;
|
||||
use rand::prelude::*;
|
||||
use std::collections::vec_deque::VecDeque;
|
||||
use std::convert::TryFrom;
|
||||
use std::fs::{File, OpenOptions};
|
||||
use std::fs::File;
|
||||
use std::io::prelude::*;
|
||||
use std::mem;
|
||||
use std::net::SocketAddr;
|
||||
@ -60,9 +60,6 @@ use tokio::runtime::Runtime;
|
||||
use tokio::sync::oneshot;
|
||||
use tokio_net::driver::Handle;
|
||||
|
||||
#[cfg(unix)]
|
||||
use std::os::unix::fs::OpenOptionsExt;
|
||||
|
||||
#[derive(Debug)]
|
||||
struct UdpClientCtx {
|
||||
net_udp_socket: std::net::UdpSocket,
|
||||
@ -401,29 +398,19 @@ fn main() -> Result<(), Error> {
|
||||
let external_addr = SocketAddr::new(config.external_addr, 0);
|
||||
|
||||
let state_file = &config.state_file;
|
||||
let state = match File::open(state_file) {
|
||||
let state = match State::from_file(state_file) {
|
||||
Err(_) => {
|
||||
println!("No state file found... creating a new provider key");
|
||||
let state = State::new();
|
||||
let mut fpb = OpenOptions::new();
|
||||
let mut fpb = fpb.create(true).write(true);
|
||||
#[cfg(unix)]
|
||||
{
|
||||
fpb = fpb.mode(0o600);
|
||||
}
|
||||
let mut fp = fpb.open(state_file)?;
|
||||
let state_bin = toml::to_vec(&state)?;
|
||||
fp.write_all(&state_bin)?;
|
||||
state.save(state_file)?;
|
||||
state
|
||||
}
|
||||
Ok(mut fp) => {
|
||||
Ok(state) => {
|
||||
println!(
|
||||
"State file [{}] found; using existing provider key",
|
||||
state_file.as_os_str().to_string_lossy()
|
||||
);
|
||||
let mut state_bin = vec![];
|
||||
fp.read_to_end(&mut state_bin)?;
|
||||
toml::from_slice(&state_bin)?
|
||||
state
|
||||
}
|
||||
};
|
||||
let provider_kp = state.provider_kp;
|
||||
@ -445,7 +432,11 @@ fn main() -> Result<(), Error> {
|
||||
println!("DNS Stamp: {}", stamp);
|
||||
}
|
||||
|
||||
let dnscrypt_encryption_params = DNSCryptEncryptionParams::new(&provider_kp);
|
||||
let dnscrypt_encryption_params = state
|
||||
.dnscrypt_encryption_params
|
||||
.into_iter()
|
||||
.map(Arc::new)
|
||||
.collect::<Vec<_>>();
|
||||
let mut runtime_builder = tokio::runtime::Builder::new();
|
||||
runtime_builder.name_prefix("encrypted-dns-");
|
||||
let runtime = Arc::new(runtime_builder.build()?);
|
||||
@ -466,9 +457,7 @@ fn main() -> Result<(), Error> {
|
||||
}
|
||||
let globals = Arc::new(Globals {
|
||||
runtime: runtime.clone(),
|
||||
dnscrypt_encryption_params_set: Arc::new(RwLock::new(Arc::new(vec![Arc::new(
|
||||
dnscrypt_encryption_params,
|
||||
)]))),
|
||||
dnscrypt_encryption_params_set: Arc::new(RwLock::new(Arc::new(dnscrypt_encryption_params))),
|
||||
provider_name,
|
||||
provider_kp,
|
||||
listen_addrs: config.listen_addrs,
|
||||
|
||||
Loading…
Reference in New Issue
Block a user