diff --git a/src/dnscrypt_certs.rs b/src/dnscrypt_certs.rs index c924b71..0be74f2 100644 --- a/src/dnscrypt_certs.rs +++ b/src/dnscrypt_certs.rs @@ -13,10 +13,7 @@ pub const DNSCRYPT_CERTS_TTL: u32 = 86400; pub const DNSCRYPT_CERTS_RENEWAL: u32 = 28800; fn now() -> u32 { - SystemTime::now() - .duration_since(SystemTime::UNIX_EPOCH) - .unwrap() - .as_secs() as u32 + Clock::now_since_epoch().as_secs() as u32 } #[derive(Debug, Default, Clone)] @@ -86,8 +83,8 @@ impl DNSCryptCert { &self.inner.client_magic } - pub fn ts_end(&self) -> Duration { - Duration::from_secs(u64::from(BigEndian::read_u32(&self.inner.ts_end))) + pub fn ts_end(&self) -> u32 { + BigEndian::read_u32(&self.inner.ts_end) } } @@ -129,20 +126,30 @@ impl DNSCryptEncryptionParamsUpdater { DNSCryptEncryptionParamsUpdater { globals } } + fn update(&self) { + let now = now(); + let mut new_params_set = vec![]; + { + let params_set = self.globals.dnscrypt_encryption_params_set.read(); + for params in &**params_set { + if params.dnscrypt_cert().ts_end() >= now { + new_params_set.push(params.clone()); + } + } + } + let new_params = DNSCryptEncryptionParams::new(&self.globals.provider_kp); + new_params_set.push(Arc::new(new_params)); + *self.globals.dnscrypt_encryption_params_set.write() = Arc::new(new_params_set); + } + pub async fn run(self) { let mut fut_interval = tokio::timer::Interval::new_interval( std::time::Duration::from_secs(u64::from(DNSCRYPT_CERTS_RENEWAL)), ); - let fut = async { - loop { - fut_interval.next().await; - let new_params = DNSCryptEncryptionParams::new(&self.globals.provider_kp); + let fut = async move { + while fut_interval.next().await.is_some() { + self.update(); debug!("New cert issued"); - let mut params_set = self.globals.dnscrypt_encryption_params_set.write(); - if params_set.len() >= (DNSCRYPT_CERTS_TTL / DNSCRYPT_CERTS_RENEWAL) as usize { - params_set.swap_remove(0); - } - params_set.push(Arc::new(new_params)); } }; fut.await diff --git a/src/globals.rs b/src/globals.rs index 78ccae5..f5144b8 100644 --- a/src/globals.rs +++ b/src/globals.rs @@ -13,7 +13,7 @@ use tokio::sync::oneshot; #[derive(Debug)] pub struct Globals { pub runtime: Arc, - pub dnscrypt_encryption_params_set: Arc>>>, + pub dnscrypt_encryption_params_set: Arc>>>>, pub provider_name: String, pub provider_kp: SignKeyPair, pub listen_addrs: Vec, diff --git a/src/main.rs b/src/main.rs index 309e274..a8a6b73 100644 --- a/src/main.rs +++ b/src/main.rs @@ -150,7 +150,7 @@ async fn handle_client_query( ) -> Result<(), Error> { let original_packet_size = encrypted_packet.len(); let mut dnscrypt_encryption_params_set = vec![]; - for params in &*globals.dnscrypt_encryption_params_set.read() { + for params in &**globals.dnscrypt_encryption_params_set.read() { dnscrypt_encryption_params_set.push((*params).clone()) } let (shared_key, nonce, mut packet) = @@ -468,9 +468,9 @@ fn main() -> Result<(), Error> { } let globals = Arc::new(Globals { runtime: runtime.clone(), - dnscrypt_encryption_params_set: Arc::new(RwLock::new(vec![Arc::new( + dnscrypt_encryption_params_set: Arc::new(RwLock::new(Arc::new(vec![Arc::new( dnscrypt_encryption_params, - )])), + )]))), provider_name, provider_kp, listen_addrs: config.listen_addrs,