Archives
/
encrypted-dns-server
mirror of https://github.com/jedisct1/encrypted-dns-server
2
0
Fork 0
Code Issues Releases Wiki Activity

Ensure that PK prefixes don't match the Anonymized DNSCrypt query magic

Browse Source
pull/12/head
Frank Denis 5 years ago
parent 1ab66d4b51
commit ca35d6fdc8
3 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File

2
src/anomymized_dns.rs
Unescape Escape View File

@ -0,0 +1,2 @@
pub const ANONYMIZED_DNSCRYPT_QUERY_MAGIC: [u8; 10] =
[0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00];

8
src/dnscrypt_certs.rs
Unescape Escape View File

@ -1,3 +1,4 @@
use crate::anomymized_dns::*;
use crate::config::*;
use crate::crypto::*;
use crate::dnscrypt::*;
@ -105,7 +106,12 @@ pub struct DNSCryptEncryptionParams {
impl DNSCryptEncryptionParams {
pub fn new(provider_kp: &SignKeyPair, cache_capacity: usize) -> Self {
let resolver_kp = CryptKeyPair::new();
let mut resolver_kp;
while {
resolver_kp = CryptKeyPair::new();
resolver_kp.pk.as_bytes()
== &ANONYMIZED_DNSCRYPT_QUERY_MAGIC[..DNSCRYPT_QUERY_MAGIC_SIZE]
} {}
let dnscrypt_cert = DNSCryptCert::new(&provider_kp, &resolver_kp);
let cache = ClockProCache::new(cache_capacity).unwrap();
DNSCryptEncryptionParams {

1
src/main.rs
Unescape Escape View File

@ -22,6 +22,7 @@ extern crate serde_big_array;
#[macro_use]
extern crate prometheus;
mod anomymized_dns;
mod blacklist;
mod cache;
mod config;

Write Preview
Loading…
Cancel
Save