mirrors/doh-server
1
0
Fork 0
mirror of https://github.com/DNSCrypt/doh-server.git synced 2025-04-05 14:07:37 +03:00
Code Issues Projects Releases Packages Wiki Activity

Add --allow-odoh-post

Browse source
This commit is contained in:
Frank Denis 2021-06-06 17:41:48 +02:00
parent a746e2822a
commit 3bc0d22f69
4 changed files with 15 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

7
src/config.rs
View file

@ -128,6 +128,12 @@ pub fn parse_opts(globals: &mut Globals) {
.short("P") .short("P")
.long("disable-post") .long("disable-post")
.help("Disable POST queries"), .help("Disable POST queries"),
)
.arg(
Arg::with_name("allow_odoh_post")
.short("O")
.long("allow-odoh-post")
.help("Allow POST queries over ODoH even with they have been disabed for DoH"),
); );
#[cfg(feature = "tls")] #[cfg(feature = "tls")]
@ -183,6 +189,7 @@ pub fn parse_opts(globals: &mut Globals) {
globals.err_ttl = matches.value_of("err_ttl").unwrap().parse().unwrap(); globals.err_ttl = matches.value_of("err_ttl").unwrap().parse().unwrap();
globals.keepalive = !matches.is_present("disable_keepalive"); globals.keepalive = !matches.is_present("disable_keepalive");
globals.disable_post = matches.is_present("disable_post"); globals.disable_post = matches.is_present("disable_post");
globals.allow_odoh_post = matches.is_present("allow_odoh_post");
#[cfg(feature = "tls")] #[cfg(feature = "tls")]
{ {

1
src/libdoh/src/globals.rs
View file

@ -29,6 +29,7 @@ pub struct Globals {
pub err_ttl: u32, pub err_ttl: u32,
pub keepalive: bool, pub keepalive: bool,
pub disable_post: bool, pub disable_post: bool,
pub allow_odoh_post: bool,
pub odoh_configs_path: String, pub odoh_configs_path: String,
pub odoh_rotator: Arc<ODoHRotator>, pub odoh_rotator: Arc<ODoHRotator>,

10
src/libdoh/src/lib.rs
View file

@ -122,10 +122,6 @@ impl DoH {
} }
async fn serve_post(&self, req: Request<Body>) -> Result<Response<Body>, http::Error> { async fn serve_post(&self, req: Request<Body>) -> Result<Response<Body>, http::Error> {
if self.globals.disable_post {
return http_error(StatusCode::METHOD_NOT_ALLOWED);
}
match Self::parse_content_type(&req) { match Self::parse_content_type(&req) {
Ok(DoHType::Standard) => self.serve_doh_post(req).await, Ok(DoHType::Standard) => self.serve_doh_post(req).await,
Ok(DoHType::Oblivious) => self.serve_odoh_post(req).await, Ok(DoHType::Oblivious) => self.serve_odoh_post(req).await,
@ -178,6 +174,9 @@ impl DoH {
} }
async fn serve_doh_post(&self, req: Request<Body>) -> Result<Response<Body>, http::Error> { async fn serve_doh_post(&self, req: Request<Body>) -> Result<Response<Body>, http::Error> {
if self.globals.disable_post {
return http_error(StatusCode::METHOD_NOT_ALLOWED);
}
let query = match self.read_body(req.into_body()).await { let query = match self.read_body(req.into_body()).await {
Ok(q) => q, Ok(q) => q,
Err(e) => return http_error(StatusCode::from(e)), Err(e) => return http_error(StatusCode::from(e)),
@ -221,6 +220,9 @@ impl DoH {
} }
async fn serve_odoh_post(&self, req: Request<Body>) -> Result<Response<Body>, http::Error> { async fn serve_odoh_post(&self, req: Request<Body>) -> Result<Response<Body>, http::Error> {
if self.globals.disable_post && !self.globals.allow_odoh_post {
return http_error(StatusCode::METHOD_NOT_ALLOWED);
}
let encrypted_query = match self.read_body(req.into_body()).await { let encrypted_query = match self.read_body(req.into_body()).await {
Ok(q) => q, Ok(q) => q,
Err(e) => return http_error(StatusCode::from(e)), Err(e) => return http_error(StatusCode::from(e)),

1
src/main.rs
View file

@ -49,6 +49,7 @@ fn main() {
err_ttl: ERR_TTL, err_ttl: ERR_TTL,
keepalive: true, keepalive: true,
disable_post: false, disable_post: false,
allow_odoh_post: false,
odoh_configs_path: ODOH_CONFIGS_PATH.to_string(), odoh_configs_path: ODOH_CONFIGS_PATH.to_string(),
odoh_rotator: Arc::new(rotator), odoh_rotator: Arc::new(rotator),