mirror of
https://github.com/jedisct1/encrypted-dns-server
synced 2024-11-12 13:10:44 +00:00
kaboom the compiler
This commit is contained in:
Frank Denis
parent
77a5878a52
commit
0592855b25
@ -1,11 +1,15 @@
|
|||||||
use crate::crypto::*;
|
use crate::crypto::*;
|
||||||
|
use crate::dnscrypt_certs::*;
|
||||||
use crate::errors::*;
|
use crate::errors::*;
|
||||||
|
|
||||||
use std::fs::File;
|
use std::fs::{File, OpenOptions};
|
||||||
use std::io::prelude::*;
|
use std::io::prelude::*;
|
||||||
use std::net::{IpAddr, SocketAddr};
|
use std::net::{IpAddr, SocketAddr};
|
||||||
use std::path::{Path, PathBuf};
|
use std::path::{Path, PathBuf};
|
||||||
|
|
||||||
|
#[cfg(unix)]
|
||||||
|
use std::os::unix::fs::OpenOptionsExt;
|
||||||
|
|
||||||
#[derive(Serialize, Deserialize, Debug)]
|
#[derive(Serialize, Deserialize, Debug)]
|
||||||
pub struct DNSCryptConfig {
|
pub struct DNSCryptConfig {
|
||||||
pub provider_name: String,
|
pub provider_name: String,
|
||||||
@ -53,11 +57,37 @@ impl Config {
|
|||||||
#[derive(Serialize, Deserialize, Debug)]
|
#[derive(Serialize, Deserialize, Debug)]
|
||||||
pub struct State {
|
pub struct State {
|
||||||
pub provider_kp: SignKeyPair,
|
pub provider_kp: SignKeyPair,
|
||||||
|
pub dnscrypt_encryption_params_set: Vec<DNSCryptEncryptionParams>,
|
||||||
}
|
}
|
||||||
|
|
||||||
impl State {
|
impl State {
|
||||||
pub fn new() -> Self {
|
pub fn new() -> Self {
|
||||||
let provider_kp = SignKeyPair::new();
|
let provider_kp = SignKeyPair::new();
|
||||||
State { provider_kp }
|
let dnscrypt_encryption_params_set = vec![DNSCryptEncryptionParams::new(&provider_kp)];
|
||||||
|
State {
|
||||||
|
provider_kp,
|
||||||
|
dnscrypt_encryption_params_set,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
pub fn save<P: AsRef<Path>>(&self, path: P) -> Result<(), Error> {
|
||||||
|
let mut fpb = OpenOptions::new();
|
||||||
|
let mut fpb = fpb.create(true).write(true);
|
||||||
|
#[cfg(unix)]
|
||||||
|
{
|
||||||
|
fpb = fpb.mode(0o600);
|
||||||
|
}
|
||||||
|
let mut fp = fpb.open(path.as_ref())?;
|
||||||
|
let state_bin = toml::to_vec(&self)?;
|
||||||
|
fp.write_all(&state_bin)?;
|
||||||
|
Ok(())
|
||||||
|
}
|
||||||
|
|
||||||
|
pub fn from_file<P: AsRef<Path>>(path: P) -> Result<Self, Error> {
|
||||||
|
let mut fp = File::open(path.as_ref())?;
|
||||||
|
let mut state_bin = vec![];
|
||||||
|
fp.read_to_end(&mut state_bin)?;
|
||||||
|
let state = toml::from_slice(&state_bin)?;
|
||||||
|
Ok(state)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -25,7 +25,7 @@ impl Signature {
|
|||||||
|
|
||||||
big_array! { BigArray; }
|
big_array! { BigArray; }
|
||||||
|
|
||||||
#[derive(Serialize, Deserialize, Derivative)]
|
#[derive(Serialize, Deserialize, Derivativ, Clone)]
|
||||||
#[derivative(Default)]
|
#[derivative(Default)]
|
||||||
pub struct SignSK(
|
pub struct SignSK(
|
||||||
#[serde(with = "BigArray")]
|
#[serde(with = "BigArray")]
|
||||||
@ -58,7 +58,7 @@ impl SignSK {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Debug, Serialize, Deserialize, Default)]
|
#[derive(Debug, Serialize, Deserialize, Default, Clone)]
|
||||||
pub struct SignPK([u8; crypto_sign_PUBLICKEYBYTES as usize]);
|
pub struct SignPK([u8; crypto_sign_PUBLICKEYBYTES as usize]);
|
||||||
|
|
||||||
impl SignPK {
|
impl SignPK {
|
||||||
@ -75,7 +75,7 @@ impl SignPK {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Derivative, Serialize, Deserialize)]
|
#[derive(Derivative, Serialize, Deserialize, Clone)]
|
||||||
#[derivative(Debug, Default)]
|
#[derivative(Debug, Default)]
|
||||||
pub struct SignKeyPair {
|
pub struct SignKeyPair {
|
||||||
#[derivative(Debug = "ignore")]
|
#[derivative(Debug = "ignore")]
|
||||||
@ -91,7 +91,7 @@ impl SignKeyPair {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Debug, Default, Clone)]
|
#[derive(Debug, Default, Clone, Serialize, Deserialize)]
|
||||||
pub struct CryptSK([u8; crypto_box_curve25519xchacha20poly1305_SECRETKEYBYTES as usize]);
|
pub struct CryptSK([u8; crypto_box_curve25519xchacha20poly1305_SECRETKEYBYTES as usize]);
|
||||||
|
|
||||||
impl CryptSK {
|
impl CryptSK {
|
||||||
@ -108,7 +108,7 @@ impl CryptSK {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Debug, Default, Clone)]
|
#[derive(Debug, Default, Clone, Serialize, Deserialize)]
|
||||||
pub struct CryptPK([u8; crypto_box_curve25519xchacha20poly1305_PUBLICKEYBYTES as usize]);
|
pub struct CryptPK([u8; crypto_box_curve25519xchacha20poly1305_PUBLICKEYBYTES as usize]);
|
||||||
|
|
||||||
impl CryptPK {
|
impl CryptPK {
|
||||||
@ -125,7 +125,7 @@ impl CryptPK {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Debug, Default, Clone)]
|
#[derive(Debug, Default, Clone, Serialize, Deserialize)]
|
||||||
pub struct CryptKeyPair {
|
pub struct CryptKeyPair {
|
||||||
pub sk: CryptSK,
|
pub sk: CryptSK,
|
||||||
pub pk: CryptPK,
|
pub pk: CryptPK,
|
||||||
|
|||||||
@ -1,3 +1,4 @@
|
|||||||
|
use crate::config::*;
|
||||||
use crate::crypto::*;
|
use crate::crypto::*;
|
||||||
use crate::globals::*;
|
use crate::globals::*;
|
||||||
|
|
||||||
@ -14,7 +15,7 @@ fn now() -> u32 {
|
|||||||
Clock::now_since_epoch().as_secs() as u32
|
Clock::now_since_epoch().as_secs() as u32
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Debug, Default, Clone)]
|
#[derive(Debug, Default, Clone, Serialize, Deserialize)]
|
||||||
#[repr(C, packed)]
|
#[repr(C, packed)]
|
||||||
pub struct DNSCryptCertInner {
|
pub struct DNSCryptCertInner {
|
||||||
resolver_pk: [u8; 32],
|
resolver_pk: [u8; 32],
|
||||||
@ -30,7 +31,9 @@ impl DNSCryptCertInner {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Derivative)]
|
big_array! { BigArray; }
|
||||||
|
|
||||||
|
#[derive(Derivative, Serialize, Deserialize)]
|
||||||
#[derivative(Debug, Default, Clone)]
|
#[derivative(Debug, Default, Clone)]
|
||||||
#[repr(C, packed)]
|
#[repr(C, packed)]
|
||||||
pub struct DNSCryptCert {
|
pub struct DNSCryptCert {
|
||||||
@ -38,6 +41,7 @@ pub struct DNSCryptCert {
|
|||||||
es_version: [u8; 2],
|
es_version: [u8; 2],
|
||||||
minor_version: [u8; 2],
|
minor_version: [u8; 2],
|
||||||
#[derivative(Debug = "ignore", Default(value = "[0u8; 64]"))]
|
#[derivative(Debug = "ignore", Default(value = "[0u8; 64]"))]
|
||||||
|
#[serde(with = "BigArray")]
|
||||||
signature: [u8; 64],
|
signature: [u8; 64],
|
||||||
inner: DNSCryptCertInner,
|
inner: DNSCryptCertInner,
|
||||||
}
|
}
|
||||||
@ -86,7 +90,7 @@ impl DNSCryptCert {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Debug)]
|
#[derive(Serialize, Deserialize, Debug)]
|
||||||
pub struct DNSCryptEncryptionParams {
|
pub struct DNSCryptEncryptionParams {
|
||||||
dnscrypt_cert: DNSCryptCert,
|
dnscrypt_cert: DNSCryptCert,
|
||||||
resolver_kp: CryptKeyPair,
|
resolver_kp: CryptKeyPair,
|
||||||
@ -137,6 +141,13 @@ impl DNSCryptEncryptionParamsUpdater {
|
|||||||
}
|
}
|
||||||
let new_params = DNSCryptEncryptionParams::new(&self.globals.provider_kp);
|
let new_params = DNSCryptEncryptionParams::new(&self.globals.provider_kp);
|
||||||
new_params_set.push(Arc::new(new_params));
|
new_params_set.push(Arc::new(new_params));
|
||||||
|
|
||||||
|
let state = State {
|
||||||
|
provider_kp: self.globals.provider_kp.clone(),
|
||||||
|
dnscrypt_encryption_params_set: new_params_set,
|
||||||
|
};
|
||||||
|
state.save(&self.globals.state_file);
|
||||||
|
|
||||||
*self.globals.dnscrypt_encryption_params_set.write() = Arc::new(new_params_set);
|
*self.globals.dnscrypt_encryption_params_set.write() = Arc::new(new_params_set);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -4,6 +4,7 @@ use crate::dnscrypt_certs::*;
|
|||||||
use parking_lot::{Mutex, RwLock};
|
use parking_lot::{Mutex, RwLock};
|
||||||
use std::collections::vec_deque::VecDeque;
|
use std::collections::vec_deque::VecDeque;
|
||||||
use std::net::SocketAddr;
|
use std::net::SocketAddr;
|
||||||
|
use std::path::PathBuf;
|
||||||
use std::sync::atomic::AtomicU32;
|
use std::sync::atomic::AtomicU32;
|
||||||
use std::sync::Arc;
|
use std::sync::Arc;
|
||||||
use std::time::Duration;
|
use std::time::Duration;
|
||||||
@ -13,6 +14,7 @@ use tokio::sync::oneshot;
|
|||||||
#[derive(Debug)]
|
#[derive(Debug)]
|
||||||
pub struct Globals {
|
pub struct Globals {
|
||||||
pub runtime: Arc<Runtime>,
|
pub runtime: Arc<Runtime>,
|
||||||
|
pub state_file: PathBuf,
|
||||||
pub dnscrypt_encryption_params_set: Arc<RwLock<Arc<Vec<Arc<DNSCryptEncryptionParams>>>>>,
|
pub dnscrypt_encryption_params_set: Arc<RwLock<Arc<Vec<Arc<DNSCryptEncryptionParams>>>>>,
|
||||||
pub provider_name: String,
|
pub provider_name: String,
|
||||||
pub provider_kp: SignKeyPair,
|
pub provider_kp: SignKeyPair,
|
||||||
|
|||||||
41
src/main.rs
41
src/main.rs
@ -1,7 +1,7 @@
|
|||||||
//#![allow(clippy::assertions_on_constants)]
|
#![allow(clippy::assertions_on_constants)]
|
||||||
//#![allow(unused_imports)]
|
#![allow(unused_imports)]
|
||||||
//#![allow(unused_variables)]
|
#![allow(unused_variables)]
|
||||||
//#![allow(dead_code)]
|
#![allow(dead_code)]
|
||||||
|
|
||||||
#[global_allocator]
|
#[global_allocator]
|
||||||
static ALLOC: jemallocator::Jemalloc = jemallocator::Jemalloc;
|
static ALLOC: jemallocator::Jemalloc = jemallocator::Jemalloc;
|
||||||
@ -47,7 +47,7 @@ use privdrop::PrivDrop;
|
|||||||
use rand::prelude::*;
|
use rand::prelude::*;
|
||||||
use std::collections::vec_deque::VecDeque;
|
use std::collections::vec_deque::VecDeque;
|
||||||
use std::convert::TryFrom;
|
use std::convert::TryFrom;
|
||||||
use std::fs::{File, OpenOptions};
|
use std::fs::File;
|
||||||
use std::io::prelude::*;
|
use std::io::prelude::*;
|
||||||
use std::mem;
|
use std::mem;
|
||||||
use std::net::SocketAddr;
|
use std::net::SocketAddr;
|
||||||
@ -60,9 +60,6 @@ use tokio::runtime::Runtime;
|
|||||||
use tokio::sync::oneshot;
|
use tokio::sync::oneshot;
|
||||||
use tokio_net::driver::Handle;
|
use tokio_net::driver::Handle;
|
||||||
|
|
||||||
#[cfg(unix)]
|
|
||||||
use std::os::unix::fs::OpenOptionsExt;
|
|
||||||
|
|
||||||
#[derive(Debug)]
|
#[derive(Debug)]
|
||||||
struct UdpClientCtx {
|
struct UdpClientCtx {
|
||||||
net_udp_socket: std::net::UdpSocket,
|
net_udp_socket: std::net::UdpSocket,
|
||||||
@ -401,29 +398,19 @@ fn main() -> Result<(), Error> {
|
|||||||
let external_addr = SocketAddr::new(config.external_addr, 0);
|
let external_addr = SocketAddr::new(config.external_addr, 0);
|
||||||
|
|
||||||
let state_file = &config.state_file;
|
let state_file = &config.state_file;
|
||||||
let state = match File::open(state_file) {
|
let state = match State::from_file(state_file) {
|
||||||
Err(_) => {
|
Err(_) => {
|
||||||
println!("No state file found... creating a new provider key");
|
println!("No state file found... creating a new provider key");
|
||||||
let state = State::new();
|
let state = State::new();
|
||||||
let mut fpb = OpenOptions::new();
|
state.save(state_file)?;
|
||||||
let mut fpb = fpb.create(true).write(true);
|
|
||||||
#[cfg(unix)]
|
|
||||||
{
|
|
||||||
fpb = fpb.mode(0o600);
|
|
||||||
}
|
|
||||||
let mut fp = fpb.open(state_file)?;
|
|
||||||
let state_bin = toml::to_vec(&state)?;
|
|
||||||
fp.write_all(&state_bin)?;
|
|
||||||
state
|
state
|
||||||
}
|
}
|
||||||
Ok(mut fp) => {
|
Ok(state) => {
|
||||||
println!(
|
println!(
|
||||||
"State file [{}] found; using existing provider key",
|
"State file [{}] found; using existing provider key",
|
||||||
state_file.as_os_str().to_string_lossy()
|
state_file.as_os_str().to_string_lossy()
|
||||||
);
|
);
|
||||||
let mut state_bin = vec![];
|
state
|
||||||
fp.read_to_end(&mut state_bin)?;
|
|
||||||
toml::from_slice(&state_bin)?
|
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
let provider_kp = state.provider_kp;
|
let provider_kp = state.provider_kp;
|
||||||
@ -445,7 +432,11 @@ fn main() -> Result<(), Error> {
|
|||||||
println!("DNS Stamp: {}", stamp);
|
println!("DNS Stamp: {}", stamp);
|
||||||
}
|
}
|
||||||
|
|
||||||
let dnscrypt_encryption_params = DNSCryptEncryptionParams::new(&provider_kp);
|
let dnscrypt_encryption_params = state
|
||||||
|
.dnscrypt_encryption_params
|
||||||
|
.into_iter()
|
||||||
|
.map(Arc::new)
|
||||||
|
.collect::<Vec<_>>();
|
||||||
let mut runtime_builder = tokio::runtime::Builder::new();
|
let mut runtime_builder = tokio::runtime::Builder::new();
|
||||||
runtime_builder.name_prefix("encrypted-dns-");
|
runtime_builder.name_prefix("encrypted-dns-");
|
||||||
let runtime = Arc::new(runtime_builder.build()?);
|
let runtime = Arc::new(runtime_builder.build()?);
|
||||||
@ -466,9 +457,7 @@ fn main() -> Result<(), Error> {
|
|||||||
}
|
}
|
||||||
let globals = Arc::new(Globals {
|
let globals = Arc::new(Globals {
|
||||||
runtime: runtime.clone(),
|
runtime: runtime.clone(),
|
||||||
dnscrypt_encryption_params_set: Arc::new(RwLock::new(Arc::new(vec![Arc::new(
|
dnscrypt_encryption_params_set: Arc::new(RwLock::new(Arc::new(dnscrypt_encryption_params))),
|
||||||
dnscrypt_encryption_params,
|
|
||||||
)]))),
|
|
||||||
provider_name,
|
provider_name,
|
||||||
provider_kp,
|
provider_kp,
|
||||||
listen_addrs: config.listen_addrs,
|
listen_addrs: config.listen_addrs,
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user