Pull request: all: add dnscrypt support
Merge in DNS/adguard-home from 1361-dnscrypt to master Closes #1361. Squashed commit of the following: commit 31b780c16cc6b68336b95275f62381cee2e822a2 Merge: c2ce98aaf9b963fc77Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Mon Dec 7 17:48:41 2020 +0300 Merge branch 'master' into 1361-dnscrypt commit c2ce98aaf24bd5ed5b5cd7da86aae093866ab34e Merge: 3bf3d7b9663e513e33Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Fri Dec 4 19:32:40 2020 +0300 Merge branch 'master' into 1361-dnscrypt commit 3bf3d7b96530c86b54545462390562ebedc616b2 Merge: 5de4519964134220c5Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Thu Dec 3 17:31:59 2020 +0300 Merge branch 'master' into 1361-dnscrypt commit 5de451996d48ab3792ce78291068f72785303494 Merge: 60d7976f7ab8defdb0Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Wed Dec 2 19:07:56 2020 +0300 Merge branch 'master' into 1361-dnscrypt commit 60d7976f7c7ad0316751b92477a31f882c1e3134 Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Mon Nov 30 19:11:14 2020 +0300 all: add dnscrypt support
This commit is contained in:
Ainar Garipov
@@ -15,6 +15,7 @@ import (
|
||||
"github.com/AdguardTeam/dnsproxy/proxy"
|
||||
"github.com/AdguardTeam/dnsproxy/upstream"
|
||||
"github.com/AdguardTeam/golibs/log"
|
||||
"github.com/ameshkov/dnscrypt/v2"
|
||||
)
|
||||
|
||||
// FilteringConfig represents the DNS filtering configuration of AdGuard Home
|
||||
@@ -114,6 +115,15 @@ type TLSConfig struct {
|
||||
dnsNames []string
|
||||
}
|
||||
|
||||
// DNSCryptConfig is the DNSCrypt server configuration struct.
|
||||
type DNSCryptConfig struct {
|
||||
UDPListenAddr *net.UDPAddr
|
||||
TCPListenAddr *net.TCPAddr
|
||||
ProviderName string
|
||||
ResolverCert *dnscrypt.Cert
|
||||
Enabled bool
|
||||
}
|
||||
|
||||
// ServerConfig represents server configuration.
|
||||
// The zero ServerConfig is empty and ready for use.
|
||||
type ServerConfig struct {
|
||||
@@ -124,6 +134,7 @@ type ServerConfig struct {
|
||||
|
||||
FilteringConfig
|
||||
TLSConfig
|
||||
DNSCryptConfig
|
||||
TLSAllowUnencryptedDOH bool
|
||||
|
||||
TLSv12Roots *x509.CertPool // list of root CAs for TLSv1.2
|
||||
@@ -189,6 +200,13 @@ func (s *Server) createProxyConfig() (proxy.Config, error) {
|
||||
return proxyConfig, err
|
||||
}
|
||||
|
||||
if s.conf.DNSCryptConfig.Enabled {
|
||||
proxyConfig.DNSCryptUDPListenAddr = []*net.UDPAddr{s.conf.DNSCryptConfig.UDPListenAddr}
|
||||
proxyConfig.DNSCryptTCPListenAddr = []*net.TCPAddr{s.conf.DNSCryptConfig.TCPListenAddr}
|
||||
proxyConfig.DNSCryptProviderName = s.conf.DNSCryptConfig.ProviderName
|
||||
proxyConfig.DNSCryptResolverCert = s.conf.DNSCryptConfig.ResolverCert
|
||||
}
|
||||
|
||||
// Validate proxy config
|
||||
if proxyConfig.UpstreamConfig == nil || len(proxyConfig.UpstreamConfig.Upstreams) == 0 {
|
||||
return proxyConfig, errors.New("no default upstream servers configured")
|
||||
|
||||
Reference in New Issue
Block a user