Archives
/
encrypted-dns-server
mirror of https://github.com/jedisct1/encrypted-dns-server
2
0
Fork 0
Code Issues Releases Wiki Activity

Add ignore_unqualified_hostnames

Browse Source
solofilter
Frank Denis 5 years ago
parent f3fe2fa123
commit e9e5c700f0
5 changed files with 13 additions and 8 deletions
Show Stats Download Patch File Download Diff File

4
example-encrypted-dns.toml
Unescape Escape View File

@ -178,6 +178,10 @@ key_cache_capacity = 10000
# undelegated_list = "/etc/undelegated.txt" # undelegated_list = "/etc/undelegated.txt"
## Ignore A and AAAA queries for unqualified host names.
# ignore_unqualified_hostnames = true
######################### #########################
# Metrics # # Metrics #

1
src/config.rs
Unescape Escape View File

@ -49,6 +49,7 @@ pub struct ListenAddrConfig {
pub struct FilteringConfig { pub struct FilteringConfig {
pub domain_blacklist: Option<PathBuf>, pub domain_blacklist: Option<PathBuf>,
pub undelegated_list: Option<PathBuf>, pub undelegated_list: Option<PathBuf>,
pub ignore_unqualified_hostnames: Option<bool>,
} }
#[derive(Serialize, Deserialize, Debug, Clone)] #[derive(Serialize, Deserialize, Debug, Clone)]

1
src/globals.rs
Unescape Escape View File

@ -42,6 +42,7 @@ pub struct Globals {
pub cert_cache: Cache, pub cert_cache: Cache,
pub blacklist: Option<BlackList>, pub blacklist: Option<BlackList>,
pub undelegated_list: Option<BlackList>, pub undelegated_list: Option<BlackList>,
pub ignore_unqualified_hostnames: bool,
pub anonymized_dns_enabled: bool, pub anonymized_dns_enabled: bool,
pub anonymized_dns_allowed_ports: Vec<u16>, pub anonymized_dns_allowed_ports: Vec<u16>,
pub anonymized_dns_allow_non_reserved_ports: bool, pub anonymized_dns_allow_non_reserved_ports: bool,

5
src/main.rs
Unescape Escape View File

@ -628,6 +628,10 @@ fn main() -> Result<(), Error> {
) )
})?), })?),
}; };
let ignore_unqualified_hostnames = config
.filtering
.ignore_unqualified_hostnames
.unwrap_or(true);
let ( let (
anonymized_dns_enabled, anonymized_dns_enabled,
anonymized_dns_allowed_ports, anonymized_dns_allowed_ports,
@ -673,6 +677,7 @@ fn main() -> Result<(), Error> {
cert_cache, cert_cache,
blacklist, blacklist,
undelegated_list, undelegated_list,
ignore_unqualified_hostnames,
anonymized_dns_enabled, anonymized_dns_enabled,
anonymized_dns_allowed_ports, anonymized_dns_allowed_ports,
anonymized_dns_allow_non_reserved_ports, anonymized_dns_allow_non_reserved_ports,

10
src/resolver.rs
Unescape Escape View File

@ -172,16 +172,10 @@ pub async fn get_cached_response_or_resolve(
} }
let tld = dns::qname_tld(&packet_qname); let tld = dns::qname_tld(&packet_qname);
let synthesize_nxdomain = { let synthesize_nxdomain = {
if tld.len() == packet_qname.len() { if globals.ignore_unqualified_hostnames && tld.len() == packet_qname.len() {
let (qtype, qclass) = dns::qtype_qclass(&packet)?; let (qtype, qclass) = dns::qtype_qclass(&packet)?;
if qtype == dns::DNS_CLASS_INET qtype == dns::DNS_CLASS_INET
&& (qclass == dns::DNS_TYPE_A || qclass == dns::DNS_TYPE_AAAA) && (qclass == dns::DNS_TYPE_A || qclass == dns::DNS_TYPE_AAAA)
{
dbg!(String::from_utf8_lossy(&packet_qname));
true
} else {
false
}
} else if let Some(undelegated_list) = &globals.undelegated_list { } else if let Some(undelegated_list) = &globals.undelegated_list {
undelegated_list.find(tld) undelegated_list.find(tld)
} else { } else {

Write Preview
Loading…
Cancel
Save