ProfessionalUwU/echoip-slatecave
1
0
Fork 0
mirror of https://codeberg.org/slatian/service.echoip-slatecave.git synced 2025-01-28 02:45:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

Slightly better handling of invalid domain names

Browse Source
This commit is contained in:
Slatian 2023-08-07 20:05:25 +02:00
parent 1fe59d24d5
commit 2e1f6a77ac
2 changed files with 38 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
src/main.rs
View File

@ -22,6 +22,7 @@ use serde::{Deserialize,Serialize};
use tera::Tera; use tera::Tera;
use tower::ServiceBuilder; use tower::ServiceBuilder;
use tower_http::services::ServeDir; use tower_http::services::ServeDir;
use trust_dns_resolver::Name;
use trust_dns_resolver::TokioAsyncResolver; use trust_dns_resolver::TokioAsyncResolver;
use tokio::signal::unix::{ use tokio::signal::unix::{
@ -679,32 +680,33 @@ async fn get_dig_result(
let name = &dig_query.trim().trim_end_matches(".").to_string(); let name = &dig_query.trim().trim_end_matches(".").to_string();
let idna_name = IdnaName::from_string(&name); let idna_name = IdnaName::from_string(&name);
if let Some(dns_resolver) = &state.dns_resolvers.get(dns_resolver_name) { if let Some(dns_resolver) = &state.dns_resolvers.get(dns_resolver_name) {
if match_domain_hidden_list(&name, &state.config.dns.hidden_suffixes) { if let Ok(domain_name) = Name::from_str_relaxed(name) {
// Try to hide the fact that we didn't do dns resolution at all if match_domain_hidden_list(&name, &state.config.dns.hidden_suffixes) {
// We resolve example.org as basic avoidance of timing sidechannels. // Try to hide the fact that we didn't do dns resolution at all
// WARNING: this timing sidechannel avoidance is very crude. // We resolve example.org as basic avoidance of timing sidechannels.
simple_dns::lookup( // WARNING: this timing sidechannel avoidance is very crude.
simple_dns::lookup(
&dns_resolver,
&Name::from_ascii("example.org.").expect("Static Dummy Name"),
do_full_lookup).await;
return DigResult {
records: DnsLookupResult{ nxdomain: true , ..Default::default() },
idn: idna_name,
partial_lookup: !do_full_lookup,
used_dns_resolver: dns_resolver_name.clone(),
}
} else {
return DigResult {
records: simple_dns::lookup(
&dns_resolver, &dns_resolver,
&("example.org.".to_string()), &domain_name,
do_full_lookup).await; do_full_lookup).await,
DigResult { idn: idna_name,
records: DnsLookupResult{ nxdomain: true , ..Default::default() }, partial_lookup: !do_full_lookup,
idn: idna_name, used_dns_resolver: dns_resolver_name.clone(),
partial_lookup: !do_full_lookup, }
used_dns_resolver: dns_resolver_name.clone(),
}
} else {
DigResult {
records: simple_dns::lookup(
&dns_resolver,
&(idna_name.idn.clone().unwrap_or(name.to_owned())+"."),
do_full_lookup).await,
idn: idna_name,
partial_lookup: !do_full_lookup,
used_dns_resolver: dns_resolver_name.clone(),
} }
} }
} else {
return Default::default();
} }
return Default::default();
} }

23
src/simple_dns.rs
View File

@ -15,6 +15,7 @@ use trust_dns_resolver::{
error::ResolveError, error::ResolveError,
error::ResolveErrorKind, error::ResolveErrorKind,
lookup::Lookup, lookup::Lookup,
Name,
TokioAsyncResolver, TokioAsyncResolver,
}; };
@ -216,7 +217,7 @@ pub fn integrate_lookup_result(dig_result: &mut DnsLookupResult, lookup_result:
// records will be fetched. // records will be fetched.
pub async fn lookup( pub async fn lookup(
resolver: &TokioAsyncResolver, resolver: &TokioAsyncResolver,
name: &String, name: &Name,
do_full_lookup: bool, do_full_lookup: bool,
) -> DnsLookupResult { ) -> DnsLookupResult {
let ( let (
@ -225,10 +226,10 @@ pub async fn lookup(
cname_lookup_res, cname_lookup_res,
aname_lookup_res aname_lookup_res
) = join!( ) = join!(
resolver.lookup(name, RecordType::A), resolver.lookup(name.clone(), RecordType::A),
resolver.lookup(name, RecordType::AAAA), resolver.lookup(name.clone(), RecordType::AAAA),
resolver.lookup(name, RecordType::CNAME), resolver.lookup(name.clone(), RecordType::CNAME),
resolver.lookup(name, RecordType::ANAME), resolver.lookup(name.clone(), RecordType::ANAME),
); );
// initlize an empty lookup result // initlize an empty lookup result
@ -249,12 +250,12 @@ pub async fn lookup(
srv_lookup_res, srv_lookup_res,
txt_lookup_res txt_lookup_res
) = join!( ) = join!(
resolver.lookup(name, RecordType::MX), resolver.lookup(name.clone(), RecordType::MX),
resolver.lookup(name, RecordType::NS), resolver.lookup(name.clone(), RecordType::NS),
resolver.lookup(name, RecordType::SOA), resolver.lookup(name.clone(), RecordType::SOA),
resolver.lookup(name, RecordType::CAA), resolver.lookup(name.clone(), RecordType::CAA),
resolver.lookup(name, RecordType::SRV), resolver.lookup(name.clone(), RecordType::SRV),
resolver.lookup(name, RecordType::TXT), resolver.lookup(name.clone(), RecordType::TXT),
); );
integrate_lookup_result(&mut dig_result, mx_lookup_res); integrate_lookup_result(&mut dig_result, mx_lookup_res);