pdns/dnsdist-dnscrypt.cc

   1 /*
   2  * This file is part of PowerDNS or dnsdist.
   3  * Copyright -- PowerDNS.COM B.V. and its contributors
   4  *
   5  * This program is free software; you can redistribute it and/or modify
   6  * it under the terms of version 2 of the GNU General Public License as
   7  * published by the Free Software Foundation.
   8  *
   9  * In addition, for the avoidance of any doubt, permission is granted to
  10  * link this program with OpenSSL and to (re)distribute the binaries
  11  * produced as the result of such linking.
  12  *
  13  * This program is distributed in the hope that it will be useful,
  14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16  * GNU General Public License for more details.
  17  *
  18  * You should have received a copy of the GNU General Public License
  19  * along with this program; if not, write to the Free Software
  20  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  21  */
  22 #include "dolog.hh"
  23 #include "dnsdist.hh"
  24 #include "dnscrypt.hh"
  25
  26 #ifdef HAVE_DNSCRYPT
  27 int handleDNSCryptQuery(char* packet, uint16_t len, std::shared_ptr<DNSCryptQuery> query, uint16_t* decryptedQueryLen, bool tcp, time_t now, std::vector<uint8_t>& response)
  28 {
  29   query->parsePacket(packet, len, tcp, decryptedQueryLen, now);
  30
  31   if (query->isValid() == false) {
  32     vinfolog("Dropping DNSCrypt invalid query");
  33     return false;
  34   }
  35
  36   if (query->isEncrypted() == false) {
  37     query->getCertificateResponse(now, response);
  38
  39     return false;
  40   }
  41
  42   if(*decryptedQueryLen < static_cast<uint16_t>(sizeof(struct dnsheader))) {
  43     ++g_stats.nonCompliantQueries;
  44     return false;
  45   }
  46
  47   return true;
  48 }
  49 #endif