|
|
@ -1,9 +1,13 @@
|
|
|
|
use crate::config::*;
|
|
|
|
use crate::config::*;
|
|
|
|
use crate::crypto::*;
|
|
|
|
use crate::crypto::*;
|
|
|
|
|
|
|
|
use crate::dnscrypt::*;
|
|
|
|
|
|
|
|
use crate::errors::*;
|
|
|
|
use crate::globals::*;
|
|
|
|
use crate::globals::*;
|
|
|
|
|
|
|
|
|
|
|
|
use byteorder::{BigEndian, ByteOrder};
|
|
|
|
use byteorder::{BigEndian, ByteOrder};
|
|
|
|
|
|
|
|
use clockpro_cache::ClockProCache;
|
|
|
|
use coarsetime::Clock;
|
|
|
|
use coarsetime::Clock;
|
|
|
|
|
|
|
|
use parking_lot::Mutex;
|
|
|
|
use std::mem;
|
|
|
|
use std::mem;
|
|
|
|
use std::slice;
|
|
|
|
use std::slice;
|
|
|
|
use std::sync::Arc;
|
|
|
|
use std::sync::Arc;
|
|
|
@ -90,22 +94,33 @@ impl DNSCryptCert {
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
#[derive(Serialize, Deserialize, Debug, Clone)]
|
|
|
|
#[derive(Serialize, Deserialize, Clone, Derivative)]
|
|
|
|
|
|
|
|
#[derivative(Debug)]
|
|
|
|
pub struct DNSCryptEncryptionParams {
|
|
|
|
pub struct DNSCryptEncryptionParams {
|
|
|
|
dnscrypt_cert: DNSCryptCert,
|
|
|
|
dnscrypt_cert: DNSCryptCert,
|
|
|
|
resolver_kp: CryptKeyPair,
|
|
|
|
resolver_kp: CryptKeyPair,
|
|
|
|
|
|
|
|
#[serde(skip)]
|
|
|
|
|
|
|
|
#[derivative(Debug = "ignore")]
|
|
|
|
|
|
|
|
pub cache: Option<Arc<Mutex<ClockProCache<[u8; DNSCRYPT_QUERY_PK_SIZE], SharedKey>>>>,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
impl DNSCryptEncryptionParams {
|
|
|
|
impl DNSCryptEncryptionParams {
|
|
|
|
pub fn new(provider_kp: &SignKeyPair) -> Self {
|
|
|
|
pub fn new(provider_kp: &SignKeyPair, cache_capacity: usize) -> Self {
|
|
|
|
let resolver_kp = CryptKeyPair::new();
|
|
|
|
let resolver_kp = CryptKeyPair::new();
|
|
|
|
let dnscrypt_cert = DNSCryptCert::new(&provider_kp, &resolver_kp);
|
|
|
|
let dnscrypt_cert = DNSCryptCert::new(&provider_kp, &resolver_kp);
|
|
|
|
|
|
|
|
let cache = ClockProCache::new(cache_capacity).unwrap();
|
|
|
|
DNSCryptEncryptionParams {
|
|
|
|
DNSCryptEncryptionParams {
|
|
|
|
dnscrypt_cert,
|
|
|
|
dnscrypt_cert,
|
|
|
|
resolver_kp,
|
|
|
|
resolver_kp,
|
|
|
|
|
|
|
|
cache: Some(Arc::new(Mutex::new(cache))),
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
pub fn add_key_cache(&mut self, cache_capacity: usize) {
|
|
|
|
|
|
|
|
let cache = ClockProCache::new(cache_capacity).unwrap();
|
|
|
|
|
|
|
|
self.cache = Some(Arc::new(Mutex::new(cache)));
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
pub fn client_magic(&self) -> &[u8] {
|
|
|
|
pub fn client_magic(&self) -> &[u8] {
|
|
|
|
self.dnscrypt_cert.client_magic()
|
|
|
|
self.dnscrypt_cert.client_magic()
|
|
|
|
}
|
|
|
|
}
|
|
|
@ -139,7 +154,10 @@ impl DNSCryptEncryptionParamsUpdater {
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
let new_params = DNSCryptEncryptionParams::new(&self.globals.provider_kp);
|
|
|
|
let new_params = DNSCryptEncryptionParams::new(
|
|
|
|
|
|
|
|
&self.globals.provider_kp,
|
|
|
|
|
|
|
|
self.globals.key_cache_capacity,
|
|
|
|
|
|
|
|
);
|
|
|
|
new_params_set.push(Arc::new(new_params));
|
|
|
|
new_params_set.push(Arc::new(new_params));
|
|
|
|
let state = State {
|
|
|
|
let state = State {
|
|
|
|
provider_kp: self.globals.provider_kp.clone(),
|
|
|
|
provider_kp: self.globals.provider_kp.clone(),
|
|
|
@ -150,6 +168,7 @@ impl DNSCryptEncryptionParamsUpdater {
|
|
|
|
let _ = state.async_save(state_file).await;
|
|
|
|
let _ = state.async_save(state_file).await;
|
|
|
|
});
|
|
|
|
});
|
|
|
|
*self.globals.dnscrypt_encryption_params_set.write() = Arc::new(new_params_set);
|
|
|
|
*self.globals.dnscrypt_encryption_params_set.write() = Arc::new(new_params_set);
|
|
|
|
|
|
|
|
debug!("New certificate issued");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
pub async fn run(self) {
|
|
|
|
pub async fn run(self) {
|
|
|
|