mirrors/dnscrypt-proxy
1
0
Fork 0
mirror of https://github.com/DNSCrypt/dnscrypt-proxy.git synced 2025-03-04 02:14:40 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

megacheck

Browse source
This commit is contained in:
Frank Denis 2018-01-09 08:15:58 +01:00
parent b076e01f7a
commit 9ffa61c9e3
3 changed files with 5 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
certs.go
View file

@ -1,10 +1,10 @@
package main package main
import ( import (
"bytes"
"encoding/binary" "encoding/binary"
"errors" "errors"
"log" "log"
"reflect"
"strings" "strings"
"time" "time"
@ -24,7 +24,7 @@ func FetchCurrentCert(proxy *Proxy, pk ed25519.PublicKey, serverAddress string,
if len(pk) != ed25519.PublicKeySize { if len(pk) != ed25519.PublicKeySize {
return CertInfo{}, errors.New("Invalid public key length") return CertInfo{}, errors.New("Invalid public key length")
} }
if strings.HasSuffix(providerName, ".") == false { if !strings.HasSuffix(providerName, ".") {
providerName = providerName + "." providerName = providerName + "."
} }
query := new(dns.Msg) query := new(dns.Msg)
@ -45,7 +45,7 @@ func FetchCurrentCert(proxy *Proxy, pk ed25519.PublicKey, serverAddress string,
if len(binCert) < 124 { if len(binCert) < 124 {
return certInfo, errors.New("Certificate too short") return certInfo, errors.New("Certificate too short")
} }
if reflect.DeepEqual(binCert[:4], CertMagic[:4]) == false { if !bytes.Equal(binCert[:4], CertMagic[:4]) {
return certInfo, errors.New("Invalid cert magic") return certInfo, errors.New("Invalid cert magic")
} }
cryptoConstruction := CryptoConstruction(0) cryptoConstruction := CryptoConstruction(0)
@ -59,7 +59,7 @@ func FetchCurrentCert(proxy *Proxy, pk ed25519.PublicKey, serverAddress string,
} }
signature := binCert[8:72] signature := binCert[8:72]
signed := binCert[72:] signed := binCert[72:]
if ed25519.Verify(pk, signed, signature) == false { if !ed25519.Verify(pk, signed, signature) {
log.Fatal("Incorrect signature") log.Fatal("Incorrect signature")
} }
serial := binary.BigEndian.Uint32(binCert[112:116]) serial := binary.BigEndian.Uint32(binCert[112:116])

4
common.go
View file

@ -13,10 +13,6 @@ const (
XChacha20Poly1305 XChacha20Poly1305
) )
type ServerParams struct {
CertInfo CertInfo
}
var ( var (
CertMagic = [4]byte{0x44, 0x4e, 0x53, 0x43} CertMagic = [4]byte{0x44, 0x4e, 0x53, 0x43}
ServerMagic = [8]byte{0x72, 0x36, 0x66, 0x6e, 0x76, 0x57, 0x6a, 0x38} ServerMagic = [8]byte{0x72, 0x36, 0x66, 0x6e, 0x76, 0x57, 0x6a, 0x38}

2
dnscrypt-proxy.go
View file

@ -97,10 +97,10 @@ func (proxy *Proxy) processIncomingQuery(serverInfo *ServerInfo, packet []byte,
encrypted = append(encrypted, nonce[:xsecretbox.NonceSize/2]...) encrypted = append(encrypted, nonce[:xsecretbox.NonceSize/2]...)
encrypted = xsecretbox.Seal(encrypted, nonce, packet, serverInfo.SharedKey[:]) encrypted = xsecretbox.Seal(encrypted, nonce, packet, serverInfo.SharedKey[:])
pc, err := net.DialUDP("udp", nil, serverInfo.UDPAddr) pc, err := net.DialUDP("udp", nil, serverInfo.UDPAddr)
defer pc.Close()
if err != nil { if err != nil {
return return
} }
defer pc.Close()
pc.SetDeadline(time.Now().Add(serverInfo.Timeout)) pc.SetDeadline(time.Now().Add(serverInfo.Timeout))
pc.Write(encrypted) pc.Write(encrypted)
buffer := make([]byte, MaxDNSPacketSize) buffer := make([]byte, MaxDNSPacketSize)