Switch to the PADME padding scheme

This commit is contained in:
Frank Denis 2020-01-08 22:04:14 -07:00
parent ccca660359
commit 071af94eba
2 changed files with 8 additions and 5 deletions

View file

@ -18,9 +18,10 @@ tls = ["native-tls", "tokio-tls"]
anyhow = "1.0"
byteorder = "1.3"
base64 = "0.11"
futures = { version = "0.3" }
futures = "0.3"
hyper = { version = "0.13", default-features = false, features = ["stream"] }
native-tls = { version = "0.2.3", optional = true }
padme-padding = "0.1"
tokio = { version = "0.2", features = ["rt-threaded", "time", "tcp", "udp", "stream"] }
tokio-tls = { version = "0.3", optional = true }

View file

@ -1,5 +1,7 @@
use anyhow::{ensure, Error};
use byteorder::{BigEndian, ByteOrder};
use padme_padding::Padme;
use std::cmp;
const DNS_HEADER_SIZE: usize = 12;
const DNS_MAX_HOSTNAME_SIZE: usize = 256;
@ -208,7 +210,7 @@ pub fn set_edns_max_payload_size(packet: &mut Vec<u8>, max_payload_size: u16) ->
Ok(())
}
pub fn add_edns_padding(packet: &mut Vec<u8>, block_size: usize) -> Result<(), Error> {
pub fn add_edns_padding(packet: &mut Vec<u8>, min_size: usize) -> Result<(), Error> {
let mut packet_len = packet.len();
ensure!(packet_len > DNS_OFFSET_QUESTION, "Short packet");
ensure!(packet_len <= DNS_MAX_PACKET_SIZE, "Large packet");
@ -243,10 +245,10 @@ pub fn add_edns_padding(packet: &mut Vec<u8>, block_size: usize) -> Result<(), E
}
};
ensure!(packet_len < DNS_MAX_PACKET_SIZE, "Large packet");
let pad_len = (block_size - 1) - ((packet_len + (block_size - 1)) & (block_size - 1));
let mut edns_padding_prr = vec![b'X'; 4 + pad_len];
let padding_len = cmp::max(min_size, Padme::padding_len(packet_len));
let mut edns_padding_prr = vec![b'X'; 4 + padding_len];
BigEndian::write_u16(&mut edns_padding_prr[0..], DNS_PTYPE_PADDING);
BigEndian::write_u16(&mut edns_padding_prr[2..], pad_len as u16);
BigEndian::write_u16(&mut edns_padding_prr[2..], padding_len as u16);
let edns_padding_prr_len = edns_padding_prr.len();
let edns_rdlen_offset: usize = edns_offset + 8;
ensure!(packet_len - edns_rdlen_offset >= 2, "Short packet");