From 7fb62d98ea5eed8a3b8de3385879be5b7b4dc3ad Mon Sep 17 00:00:00 2001
From: Frank Denis <github@pureftpd.org>
Date: Sun, 5 Jan 2020 21:12:29 -0500
Subject: [PATCH] Use EDNS0 padding for local DoH

---
 dnscrypt-proxy/local-doh.go | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/dnscrypt-proxy/local-doh.go b/dnscrypt-proxy/local-doh.go
index ea638f6a..9ce018d5 100644
--- a/dnscrypt-proxy/local-doh.go
+++ b/dnscrypt-proxy/local-doh.go
@@ -6,10 +6,10 @@ import (
 	"io/ioutil"
 	"net"
 	"net/http"
-	"strings"
 	"time"
 
 	"github.com/jedisct1/dlog"
+	"github.com/miekg/dns"
 )
 
 type localDoHHandler struct {
@@ -52,11 +52,19 @@ func (handler localDoHHandler) ServeHTTP(writer http.ResponseWriter, request *ht
 		writer.WriteHeader(500)
 		return
 	}
+	msg := dns.Msg{}
+	if err := msg.Unpack(packet); err != nil {
+		writer.WriteHeader(500)
+		return
+	}
 	padLen := 127 - (len(response)+127)&127
+	paddedResponse, err := addEDNS0PaddingIfNoneFound(&msg, response, padLen)
+	if err != nil {
+		return
+	}
 	writer.Header().Set("Content-Type", dataType)
-	writer.Header().Set("X-Pad", strings.Repeat("X", padLen))
 	writer.WriteHeader(200)
-	writer.Write(response)
+	writer.Write(paddedResponse)
 }
 
 func (proxy *Proxy) localDoHListener(acceptPc *net.TCPListener) {