From 197f13ea0f4fcc2a6e2df17e0025b48d71afb4f5 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Sun, 3 Jan 2021 16:00:02 +0100 Subject: [PATCH] Fix typo and update message --- dnscrypt-proxy/config.go | 2 +- dnscrypt-proxy/example-dnscrypt-proxy.toml | 2 + dnscrypt-proxy/proxy.go | 164 ++++++++++----------- dnscrypt-proxy/serversInfo.go | 8 +- 4 files changed, 89 insertions(+), 87 deletions(-) diff --git a/dnscrypt-proxy/config.go b/dnscrypt-proxy/config.go index f8490030..de610592 100644 --- a/dnscrypt-proxy/config.go +++ b/dnscrypt-proxy/config.go @@ -612,7 +612,7 @@ func ConfigLoad(proxy *Proxy, flags *ConfigFlags) error { } proxy.routes = &routes } - proxy.skipAnonIncompatbibleResolvers = config.AnonymizedDNS.SkipIncompatible + proxy.skipAnonIncompatibleResolvers = config.AnonymizedDNS.SkipIncompatible proxy.anonDirectCertFallback = config.AnonymizedDNS.DirectCertFallback if config.DoHClientX509AuthLegacy.Creds != nil { diff --git a/dnscrypt-proxy/example-dnscrypt-proxy.toml b/dnscrypt-proxy/example-dnscrypt-proxy.toml index 12d9bdec..852abd7c 100644 --- a/dnscrypt-proxy/example-dnscrypt-proxy.toml +++ b/dnscrypt-proxy/example-dnscrypt-proxy.toml @@ -766,6 +766,8 @@ fragments_blocked = ['cisco', 'cisco-ipv6', 'cisco-familyshield', 'cisco-familys # { server_name='example-server-2', via=['sdns://gRIxMzcuNzQuMjIzLjIzNDo0NDM'] } # ] +routes = { server_name='*', via = ['*'] } + # Skip resolvers incompatible with anonymization instead of using them directly diff --git a/dnscrypt-proxy/proxy.go b/dnscrypt-proxy/proxy.go index c918e4e7..03ccd040 100644 --- a/dnscrypt-proxy/proxy.go +++ b/dnscrypt-proxy/proxy.go @@ -19,88 +19,88 @@ ) type Proxy struct { - pluginsGlobals PluginsGlobals - serversInfo ServersInfo - questionSizeEstimator QuestionSizeEstimator - registeredServers []RegisteredServer - dns64Resolvers []string - dns64Prefixes []string - serversBlockingFragments []string - ednsClientSubnets []*net.IPNet - queryLogIgnoredQtypes []string - localDoHListeners []*net.TCPListener - queryMeta []string - udpListeners []*net.UDPConn - sources []*Source - tcpListeners []*net.TCPListener - registeredRelays []RegisteredServer - listenAddresses []string - localDoHListenAddresses []string - xTransport *XTransport - dohCreds *map[string]DOHClientCreds - allWeeklyRanges *map[string]WeeklyRanges - routes *map[string][]string - captivePortalMap *CaptivePortalMap - nxLogFormat string - localDoHCertFile string - localDoHCertKeyFile string - captivePortalMapFile string - localDoHPath string - mainProto string - cloakFile string - forwardFile string - blockIPFormat string - blockIPLogFile string - allowedIPFile string - allowedIPFormat string - allowedIPLogFile string - queryLogFormat string - blockIPFile string - whitelistNameFormat string - whitelistNameLogFile string - blockNameLogFile string - whitelistNameFile string - blockNameFile string - queryLogFile string - blockedQueryResponse string - userName string - nxLogFile string - blockNameFormat string - proxySecretKey [32]byte - proxyPublicKey [32]byte - certRefreshDelayAfterFailure time.Duration - timeout time.Duration - certRefreshDelay time.Duration - cacheSize int - logMaxBackups int - logMaxAge int - logMaxSize int - cacheNegMinTTL uint32 - rejectTTL uint32 - cacheMaxTTL uint32 - clientsCount uint32 - maxClients uint32 - cacheMinTTL uint32 - cacheNegMaxTTL uint32 - cloakTTL uint32 - cache bool - pluginBlockIPv6 bool - ephemeralKeys bool - pluginBlockUnqualified bool - showCerts bool - certIgnoreTimestamp bool - skipAnonIncompatbibleResolvers bool - anonDirectCertFallback bool - pluginBlockUndelegated bool - child bool - daemonize bool - requiredProps stamps.ServerInformalProperties - ServerNames []string - DisabledServerNames []string - SourceIPv4 bool - SourceIPv6 bool - SourceDNSCrypt bool - SourceDoH bool + pluginsGlobals PluginsGlobals + serversInfo ServersInfo + questionSizeEstimator QuestionSizeEstimator + registeredServers []RegisteredServer + dns64Resolvers []string + dns64Prefixes []string + serversBlockingFragments []string + ednsClientSubnets []*net.IPNet + queryLogIgnoredQtypes []string + localDoHListeners []*net.TCPListener + queryMeta []string + udpListeners []*net.UDPConn + sources []*Source + tcpListeners []*net.TCPListener + registeredRelays []RegisteredServer + listenAddresses []string + localDoHListenAddresses []string + xTransport *XTransport + dohCreds *map[string]DOHClientCreds + allWeeklyRanges *map[string]WeeklyRanges + routes *map[string][]string + captivePortalMap *CaptivePortalMap + nxLogFormat string + localDoHCertFile string + localDoHCertKeyFile string + captivePortalMapFile string + localDoHPath string + mainProto string + cloakFile string + forwardFile string + blockIPFormat string + blockIPLogFile string + allowedIPFile string + allowedIPFormat string + allowedIPLogFile string + queryLogFormat string + blockIPFile string + whitelistNameFormat string + whitelistNameLogFile string + blockNameLogFile string + whitelistNameFile string + blockNameFile string + queryLogFile string + blockedQueryResponse string + userName string + nxLogFile string + blockNameFormat string + proxySecretKey [32]byte + proxyPublicKey [32]byte + certRefreshDelayAfterFailure time.Duration + timeout time.Duration + certRefreshDelay time.Duration + cacheSize int + logMaxBackups int + logMaxAge int + logMaxSize int + cacheNegMinTTL uint32 + rejectTTL uint32 + cacheMaxTTL uint32 + clientsCount uint32 + maxClients uint32 + cacheMinTTL uint32 + cacheNegMaxTTL uint32 + cloakTTL uint32 + cache bool + pluginBlockIPv6 bool + ephemeralKeys bool + pluginBlockUnqualified bool + showCerts bool + certIgnoreTimestamp bool + skipAnonIncompatibleResolvers bool + anonDirectCertFallback bool + pluginBlockUndelegated bool + child bool + daemonize bool + requiredProps stamps.ServerInformalProperties + ServerNames []string + DisabledServerNames []string + SourceIPv4 bool + SourceIPv6 bool + SourceDNSCrypt bool + SourceDoH bool } func (proxy *Proxy) registerUDPListener(conn *net.UDPConn) { diff --git a/dnscrypt-proxy/serversInfo.go b/dnscrypt-proxy/serversInfo.go index a1ba1029..f6e84104 100644 --- a/dnscrypt-proxy/serversInfo.go +++ b/dnscrypt-proxy/serversInfo.go @@ -426,11 +426,11 @@ func fetchDNSCryptServerInfo(proxy *Proxy, name string, stamp stamps.ServerStamp } if knownBugs.fragmentsBlocked && relay != nil && relay.Dnscrypt != nil { relay = nil - if proxy.skipAnonIncompatbibleResolvers { - dlog.Infof("[%v] is incompatible with anonymization, it will be ignored", name) - return ServerInfo{}, errors.New("Resolver is incompatible with anonymization") + if proxy.skipAnonIncompatibleResolvers { + dlog.Infof("[%v] couldn't be reached anonymously, it will be ignored", name) + return ServerInfo{}, errors.New("Resolver couldn't be reached anonymously") } - dlog.Warnf("[%v] is incompatible with anonymization", name) + dlog.Warnf("[%v] couldn't be reached anonymously - check the relay and that your router doesn't drop UDP fragments", name) } if err != nil { return ServerInfo{}, err