diff --git a/src/anonymized_dns.rs b/src/anonymized_dns.rs index ab37660..f77b133 100644 --- a/src/anonymized_dns.rs +++ b/src/anonymized_dns.rs @@ -96,7 +96,7 @@ pub async fn handle_anonymized_dns( }, }; ext_socket.connect(&upstream_address).await?; - ext_socket.send(&encrypted_packet).await?; + ext_socket.send(encrypted_packet).await?; let mut response = vec![0u8; DNSCRYPT_UDP_RESPONSE_MAX_SIZE]; let (response_len, is_certificate_response) = loop { let fut = ext_socket.recv_from(&mut response[..]); @@ -107,7 +107,7 @@ pub async fn handle_anonymized_dns( if is_encrypted_response(&response, response_len) { break (response_len, false); } - if is_certificate_response(&response, &encrypted_packet) { + if is_certificate_response(&response, encrypted_packet) { break (response_len, true); } }; @@ -115,7 +115,7 @@ pub async fn handle_anonymized_dns( if is_certificate_response { let mut hasher = globals.hasher; hasher.write(&relayed_packet[..ANONYMIZED_DNSCRYPT_OVERHEAD]); - hasher.write(&dns::qname(&encrypted_packet)?); + hasher.write(&dns::qname(encrypted_packet)?); let packet_hash = hasher.finish128().as_u128(); let cached_response = { match globals.cert_cache.lock().get(&packet_hash) { diff --git a/src/crypto.rs b/src/crypto.rs index 1cd8da2..3231c7d 100644 --- a/src/crypto.rs +++ b/src/crypto.rs @@ -204,7 +204,7 @@ impl SharedKey { max_target_size - crypto_box_curve25519xchacha20poly1305_MACBYTES as usize; let mut hasher = SipHasher13::new(); hasher.write(&self.0); - hasher.write(&client_nonce); + hasher.write(client_nonce); let pad_size: usize = 1 + (hasher.finish() as usize & 0xff); let mut padded_plaintext_len = (plaintext_len + pad_size) & !63; if padded_plaintext_len < plaintext_len { diff --git a/src/dns.rs b/src/dns.rs index 7e25c06..95e64a4 100644 --- a/src/dns.rs +++ b/src/dns.rs @@ -467,7 +467,7 @@ pub fn serve_certificates<'t>( ensure!(client_packet.len() >= DNS_HEADER_SIZE, "Short packet"); ensure!(qdcount(client_packet) == 1, "No question"); ensure!( - !is_response(&client_packet), + !is_response(client_packet), "Question expected, but got a response instead" ); let offset = skip_name(client_packet, DNS_HEADER_SIZE)?; @@ -477,7 +477,7 @@ pub fn serve_certificates<'t>( if qtype != DNS_TYPE_TXT || qclass != DNS_CLASS_INET { return Ok(None); } - let qname_v = qname(&client_packet)?; + let qname_v = qname(client_packet)?; let qname = std::str::from_utf8(&qname_v)?; if !qname.eq_ignore_ascii_case(expected_qname) { return Ok(None); @@ -523,7 +523,7 @@ pub fn serve_truncated_response(client_packet: Vec) -> Result, Error pub fn qtype_qclass(packet: &[u8]) -> Result<(u16, u16), Error> { ensure!(packet.len() >= DNS_HEADER_SIZE, "Short packet"); - ensure!(qdcount(&packet) == 1, "No question"); + ensure!(qdcount(packet) == 1, "No question"); let offset = skip_name(packet, DNS_HEADER_SIZE)?; ensure!(packet.len() - offset >= 4, "Short packet"); let qtype = BigEndian::read_u16(&packet[offset..]); diff --git a/src/dnscrypt_certs.rs b/src/dnscrypt_certs.rs index ff90c0f..6122f01 100644 --- a/src/dnscrypt_certs.rs +++ b/src/dnscrypt_certs.rs @@ -139,7 +139,7 @@ impl DNSCryptEncryptionParams { continue; } if now >= ts_start { - let dnscrypt_cert = DNSCryptCert::new(&provider_kp, &resolver_kp, ts_start); + let dnscrypt_cert = DNSCryptCert::new(provider_kp, &resolver_kp, ts_start); let cache = ClockProCache::new(cache_capacity).unwrap(); active_params.push(DNSCryptEncryptionParams { dnscrypt_cert, @@ -153,7 +153,7 @@ impl DNSCryptEncryptionParams { warn!("Unable to recover a seed; creating an emergency certificate"); let ts_start = now - (now % DNSCRYPT_CERTS_RENEWAL); let resolver_kp = CryptKeyPair::from_seed(seed); - let dnscrypt_cert = DNSCryptCert::new(&provider_kp, &resolver_kp, ts_start); + let dnscrypt_cert = DNSCryptCert::new(provider_kp, &resolver_kp, ts_start); let cache = ClockProCache::new(cache_capacity).unwrap(); active_params.push(DNSCryptEncryptionParams { dnscrypt_cert, diff --git a/src/resolver.rs b/src/resolver.rs index facd3e4..b21100c 100644 --- a/src/resolver.rs +++ b/src/resolver.rs @@ -47,7 +47,7 @@ pub async fn resolve_udp( globals.udp_timeout }; loop { - ext_socket.send(&packet).await?; + ext_socket.send(packet).await?; response = vec![0u8; DNS_MAX_PACKET_SIZE]; dns::set_rcode_servfail(&mut response); let fut = tokio::time::timeout(timeout, ext_socket.recv_from(&mut response[..])); @@ -103,7 +103,7 @@ pub async fn resolve_tcp( let mut binlen = [0u8, 0]; BigEndian::write_u16(&mut binlen[..], packet.len() as u16); ext_socket.write_all(&binlen).await?; - ext_socket.write_all(&packet).await?; + ext_socket.write_all(packet).await?; ext_socket.flush().await?; ext_socket.read_exact(&mut binlen).await?; let response_len = BigEndian::read_u16(&binlen) as usize; @@ -185,7 +185,7 @@ pub async fn get_cached_response_or_resolve( client_ctx: &ClientCtx, mut packet: &mut Vec, ) -> Result, Error> { - let packet_qname = dns::qname(&packet)?; + let packet_qname = dns::qname(packet)?; if let Some(my_ip) = &globals.my_ip { if &packet_qname.to_ascii_lowercase() == my_ip { let client_ip = match client_ctx { @@ -206,7 +206,7 @@ pub async fn get_cached_response_or_resolve( let tld = dns::qname_tld(&packet_qname); let synthesize_nxdomain = { if globals.ignore_unqualified_hostnames && tld.len() == packet_qname.len() { - let (qtype, qclass) = dns::qtype_qclass(&packet)?; + let (qtype, qclass) = dns::qtype_qclass(packet)?; qtype == dns::DNS_CLASS_INET && (qclass == dns::DNS_TYPE_A || qclass == dns::DNS_TYPE_AAAA) } else if let Some(undelegated_list) = &globals.undelegated_list { @@ -220,11 +220,11 @@ pub async fn get_cached_response_or_resolve( globals.varz.client_queries_rcode_nxdomain.inc(); return dns::serve_nxdomain_response(packet.to_vec()); } - let original_tid = dns::tid(&packet); + let original_tid = dns::tid(packet); dns::set_tid(&mut packet, 0); dns::normalize_qname(&mut packet)?; let mut hasher = globals.hasher; - hasher.write(&packet); + hasher.write(packet); let packet_hash = hasher.finish128().as_u128(); let cached_response = { match globals.cache.lock().get(&packet_hash) {