From 8c0692343807858f290caf9090a6c4386723a087 Mon Sep 17 00:00:00 2001 From: Nick Peng Date: Sat, 11 Nov 2023 23:57:18 +0800 Subject: [PATCH] dns_server: fix some DOH server issue. --- src/dns_conf.c | 7 +++++++ src/dns_server.c | 26 ++++++++++++++++---------- src/http_parse.c | 4 ++++ 3 files changed, 27 insertions(+), 10 deletions(-) diff --git a/src/dns_conf.c b/src/dns_conf.c index d92287d..cfbb9fb 100644 --- a/src/dns_conf.c +++ b/src/dns_conf.c @@ -717,6 +717,13 @@ static int _config_server(int argc, char *argv[], dns_server_type_t type, int de server->server_flag = server_flag; server->ttl = ttl; server->drop_packet_latency_ms = drop_packet_latency_ms; + + if (server->type == DNS_SERVER_HTTPS) { + if (server->path[0] == 0) { + safe_strncpy(server->path, "/", sizeof(server->path)); + } + } + dns_conf_server_num++; tlog(TLOG_DEBUG, "add server %s, flag: %X, ttl: %d", ip, result_flag, ttl); diff --git a/src/dns_server.c b/src/dns_server.c index 351c5d2..4f4c3e0 100644 --- a/src/dns_server.c +++ b/src/dns_server.c @@ -1148,12 +1148,14 @@ static int _dns_server_reply_http_error(struct dns_server_conn_tcp_client *tcpcl int send_len = 0; int http_len = 0; unsigned char data[DNS_IN_PACKSIZE]; + int msg_len = strlen(message); http_len = snprintf((char *)data, DNS_IN_PACKSIZE, "HTTP/1.1 %d %s\r\n" + "Content-Length: %d\r\n" "\r\n" - "%s", - code, code_msg, message); + "%s\r\n", + code, code_msg, msg_len + 2, message); send_len = _dns_server_tcp_socket_send(tcpclient, data, http_len); if (send_len < 0) { @@ -1185,7 +1187,7 @@ static int _dns_server_reply_https(struct dns_request *request, struct dns_serve http_len = snprintf((char *)inpacket, DNS_IN_PACKSIZE, "HTTP/1.1 200 OK\r\n" - "content-type: application/dns-message\r\n" + "Content-Type: application/dns-message\r\n" "Content-Length: %d\r\n" "\r\n", len); @@ -6205,12 +6207,12 @@ static int _dns_server_tcp_process_one_request(struct dns_server_conn_tcp_client goto out; } - tlog(TLOG_DEBUG, "remote server not supported."); + tlog(TLOG_DEBUG, "parser http header failed."); goto errout; } if (http_head_get_method(http_head) != HTTP_METHOD_POST) { - tlog(TLOG_DEBUG, "remote server not supported."); + tlog(TLOG_DEBUG, "http method is invalid."); goto errout; } @@ -6224,7 +6226,6 @@ static int _dns_server_tcp_process_one_request(struct dns_server_conn_tcp_client request_len = http_head_get_data_len(http_head); if (request_len >= len) { tlog(TLOG_DEBUG, "request length is invalid."); - goto errout; } request_data = (unsigned char *)http_head_get_data(http_head); @@ -6232,7 +6233,7 @@ static int _dns_server_tcp_process_one_request(struct dns_server_conn_tcp_client } else { if ((total_len - proceed_len) <= (int)sizeof(unsigned short)) { ret = RECV_ERROR_AGAIN; - break; + goto out; } /* Get record length */ @@ -6241,12 +6242,12 @@ static int _dns_server_tcp_process_one_request(struct dns_server_conn_tcp_client if (request_len >= sizeof(tcpclient->recvbuff.buf)) { tlog(TLOG_DEBUG, "request length is invalid."); - return RECV_ERROR_FAIL; + goto errout; } if (request_len > (total_len - proceed_len - sizeof(unsigned short))) { ret = RECV_ERROR_AGAIN; - break; + goto out; } request_data = (unsigned char *)(tcpclient->recvbuff.buf + proceed_len + sizeof(unsigned short)); @@ -6257,7 +6258,12 @@ static int _dns_server_tcp_process_one_request(struct dns_server_conn_tcp_client ret = _dns_server_recv(&tcpclient->head, request_data, request_len, &tcpclient->localaddr, tcpclient->localaddr_len, &tcpclient->addr, tcpclient->addr_len); if (ret != 0) { - return ret; + goto errout; + } + + if (http_head != NULL) { + http_head_destroy(http_head); + http_head = NULL; } } diff --git a/src/http_parse.c b/src/http_parse.c index afd8217..34071cc 100644 --- a/src/http_parse.c +++ b/src/http_parse.c @@ -384,6 +384,10 @@ int http_head_parse(struct http_head *http_head, const char *data, int data_len) if (http_head->head_ok == 0) { for (i = 0; i < data_len; i++, data++) { *(buff_end + i) = *data; + if (isprint(*data) == 0 && isspace(*data) == 0) { + return -2; + } + if (*data == '\n') { if (http_head->buff_len + i < 2) { continue;