mirrors/doh-server
1
0
Fork 0
mirror of https://github.com/DNSCrypt/doh-server.git synced 2025-04-05 05:57:38 +03:00
Code Issues Projects Releases Packages Wiki Activity

Switch to the PADME padding scheme

Browse source
This commit is contained in:
Frank Denis 2020-01-08 22:04:14 -07:00
parent ccca660359
commit 071af94eba
2 changed files with 8 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

3
src/libdoh/Cargo.toml
View file

@ -18,9 +18,10 @@ tls = ["native-tls", "tokio-tls"]
anyhow = "1.0" anyhow = "1.0"
byteorder = "1.3" byteorder = "1.3"
base64 = "0.11" base64 = "0.11"
futures = { version = "0.3" } futures = "0.3"
hyper = { version = "0.13", default-features = false, features = ["stream"] } hyper = { version = "0.13", default-features = false, features = ["stream"] }
native-tls = { version = "0.2.3", optional = true } native-tls = { version = "0.2.3", optional = true }
padme-padding = "0.1"
tokio = { version = "0.2", features = ["rt-threaded", "time", "tcp", "udp", "stream"] } tokio = { version = "0.2", features = ["rt-threaded", "time", "tcp", "udp", "stream"] }
tokio-tls = { version = "0.3", optional = true } tokio-tls = { version = "0.3", optional = true }

10
src/libdoh/src/dns.rs
View file

@ -1,5 +1,7 @@
use anyhow::{ensure, Error}; use anyhow::{ensure, Error};
use byteorder::{BigEndian, ByteOrder}; use byteorder::{BigEndian, ByteOrder};
use padme_padding::Padme;
use std::cmp;
const DNS_HEADER_SIZE: usize = 12; const DNS_HEADER_SIZE: usize = 12;
const DNS_MAX_HOSTNAME_SIZE: usize = 256; const DNS_MAX_HOSTNAME_SIZE: usize = 256;
@ -208,7 +210,7 @@ pub fn set_edns_max_payload_size(packet: &mut Vec<u8>, max_payload_size: u16) ->
Ok(()) Ok(())
} }
pub fn add_edns_padding(packet: &mut Vec<u8>, block_size: usize) -> Result<(), Error> { pub fn add_edns_padding(packet: &mut Vec<u8>, min_size: usize) -> Result<(), Error> {
let mut packet_len = packet.len(); let mut packet_len = packet.len();
ensure!(packet_len > DNS_OFFSET_QUESTION, "Short packet"); ensure!(packet_len > DNS_OFFSET_QUESTION, "Short packet");
ensure!(packet_len <= DNS_MAX_PACKET_SIZE, "Large packet"); ensure!(packet_len <= DNS_MAX_PACKET_SIZE, "Large packet");
@ -243,10 +245,10 @@ pub fn add_edns_padding(packet: &mut Vec<u8>, block_size: usize) -> Result<(), E
} }
}; };
ensure!(packet_len < DNS_MAX_PACKET_SIZE, "Large packet"); ensure!(packet_len < DNS_MAX_PACKET_SIZE, "Large packet");
let pad_len = (block_size - 1) - ((packet_len + (block_size - 1)) & (block_size - 1)); let padding_len = cmp::max(min_size, Padme::padding_len(packet_len));
let mut edns_padding_prr = vec![b'X'; 4 + pad_len]; let mut edns_padding_prr = vec![b'X'; 4 + padding_len];
BigEndian::write_u16(&mut edns_padding_prr[0..], DNS_PTYPE_PADDING); BigEndian::write_u16(&mut edns_padding_prr[0..], DNS_PTYPE_PADDING);
BigEndian::write_u16(&mut edns_padding_prr[2..], pad_len as u16); BigEndian::write_u16(&mut edns_padding_prr[2..], padding_len as u16);
let edns_padding_prr_len = edns_padding_prr.len(); let edns_padding_prr_len = edns_padding_prr.len();
let edns_rdlen_offset: usize = edns_offset + 8; let edns_rdlen_offset: usize = edns_offset + 8;
ensure!(packet_len - edns_rdlen_offset >= 2, "Short packet"); ensure!(packet_len - edns_rdlen_offset >= 2, "Short packet");