]>
Commit | Line | Data |
---|---|---|
12471842 PL |
1 | /* |
2 | * This file is part of PowerDNS or dnsdist. | |
3 | * Copyright -- PowerDNS.COM B.V. and its contributors | |
4 | * | |
5 | * This program is free software; you can redistribute it and/or modify | |
6 | * it under the terms of version 2 of the GNU General Public License as | |
7 | * published by the Free Software Foundation. | |
8 | * | |
9 | * In addition, for the avoidance of any doubt, permission is granted to | |
10 | * link this program with OpenSSL and to (re)distribute the binaries | |
11 | * produced as the result of such linking. | |
12 | * | |
13 | * This program is distributed in the hope that it will be useful, | |
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
16 | * GNU General Public License for more details. | |
17 | * | |
18 | * You should have received a copy of the GNU General Public License | |
19 | * along with this program; if not, write to the Free Software | |
20 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | |
21 | */ | |
11e1e08b RG |
22 | #include "dolog.hh" |
23 | #include "dnsdist.hh" | |
24 | #include "dnscrypt.hh" | |
25 | ||
26 | #ifdef HAVE_DNSCRYPT | |
43234e76 | 27 | int handleDNSCryptQuery(char* packet, uint16_t len, std::shared_ptr<DNSCryptQuery> query, uint16_t* decryptedQueryLen, bool tcp, time_t now, std::vector<uint8_t>& response) |
11e1e08b | 28 | { |
43234e76 | 29 | query->parsePacket(packet, len, tcp, decryptedQueryLen, now); |
11e1e08b | 30 | |
43234e76 | 31 | if (query->isValid() == false) { |
b8db58a2 | 32 | vinfolog("Dropping DNSCrypt invalid query"); |
11e1e08b RG |
33 | return false; |
34 | } | |
35 | ||
43234e76 RG |
36 | if (query->isEncrypted() == false) { |
37 | query->getCertificateResponse(now, response); | |
11e1e08b RG |
38 | |
39 | return false; | |
40 | } | |
41 | ||
43234e76 | 42 | if(*decryptedQueryLen < static_cast<uint16_t>(sizeof(struct dnsheader))) { |
cb167afd | 43 | ++g_stats.nonCompliantQueries; |
11e1e08b RG |
44 | return false; |
45 | } | |
46 | ||
47 | return true; | |
48 | } | |
49 | #endif |