|
|
|
@ -196,23 +196,26 @@ async fn handle_client_query(
|
|
|
|
Ok(x) => x,
|
|
|
|
Ok(x) => x,
|
|
|
|
Err(_) => {
|
|
|
|
Err(_) => {
|
|
|
|
let packet = encrypted_packet;
|
|
|
|
let packet = encrypted_packet;
|
|
|
|
if let Some(synth_packet) = serve_certificates(
|
|
|
|
match serve_certificates(
|
|
|
|
&packet,
|
|
|
|
&packet,
|
|
|
|
&globals.provider_name,
|
|
|
|
&globals.provider_name,
|
|
|
|
&dnscrypt_encryption_params_set,
|
|
|
|
&dnscrypt_encryption_params_set,
|
|
|
|
)? {
|
|
|
|
) {
|
|
|
|
return encrypt_and_respond_to_query(
|
|
|
|
Ok(Some(synth_packet)) => {
|
|
|
|
globals,
|
|
|
|
return encrypt_and_respond_to_query(
|
|
|
|
client_ctx,
|
|
|
|
globals,
|
|
|
|
packet,
|
|
|
|
client_ctx,
|
|
|
|
synth_packet,
|
|
|
|
packet,
|
|
|
|
original_packet_size,
|
|
|
|
synth_packet,
|
|
|
|
None,
|
|
|
|
original_packet_size,
|
|
|
|
None,
|
|
|
|
None,
|
|
|
|
)
|
|
|
|
None,
|
|
|
|
.await;
|
|
|
|
)
|
|
|
|
}
|
|
|
|
.await
|
|
|
|
bail!("Unencrypted query or QUIC protocol");
|
|
|
|
}
|
|
|
|
|
|
|
|
Ok(None) => return Ok(()),
|
|
|
|
|
|
|
|
Err(_) => bail!("Unencrypted query or QUIC protocol"),
|
|
|
|
|
|
|
|
};
|
|
|
|
}
|
|
|
|
}
|
|
|
|
};
|
|
|
|
};
|
|
|
|
ensure!(packet.len() >= DNS_HEADER_SIZE, "Short packet");
|
|
|
|
ensure!(packet.len() >= DNS_HEADER_SIZE, "Short packet");
|
|
|
|
|
Frank Denis
1 year ago