From 7c76ee9a139f20ad01c2329837f46e3abe9fd74b Mon Sep 17 00:00:00 2001
From: Frank Denis <github@pureftpd.org>
Date: Wed, 18 Sep 2019 13:40:05 +0200
Subject: [PATCH] Clean a few things

---
 Cargo.toml            |  1 +
 src/crypto.rs         |  4 ----
 src/dnscrypt.rs       |  3 ---
 src/dnscrypt_certs.rs |  5 +++++
 src/globals.rs        |  1 -
 src/main.rs           | 21 ++++++++-------------
 6 files changed, 14 insertions(+), 21 deletions(-)

diff --git a/Cargo.toml b/Cargo.toml
index 8cebbaf..66560ff 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -8,6 +8,7 @@ edition = "2018"
 bincode = "1.1.4"
 byteorder = "1.3.2"
 clap = { version="2.33.0", features=["suggestions", "wrap_help", "nightly"] }
+coarsetime = "0.1.11"
 derivative = "1.0.3"
 dnsstamps = "0.1.1"
 env_logger = "0.6.2"
diff --git a/src/crypto.rs b/src/crypto.rs
index b3544fe..50f5e31 100644
--- a/src/crypto.rs
+++ b/src/crypto.rs
@@ -6,10 +6,6 @@ use std::ffi::CStr;
 use std::hash::Hasher;
 use std::ptr;
 
-#[allow(non_upper_case_globals)]
-pub const crypto_box_curve25519xchacha20poly1305_HALFNONCEBYTES: usize =
-    crypto_box_curve25519xchacha20poly1305_NONCEBYTES as usize / 2;
-
 #[derive(Derivative)]
 #[derivative(Default)]
 pub struct Signature(
diff --git a/src/dnscrypt.rs b/src/dnscrypt.rs
index a4e3e9d..87cc782 100644
--- a/src/dnscrypt.rs
+++ b/src/dnscrypt.rs
@@ -5,8 +5,6 @@ use crate::errors::*;
 
 use libsodium_sys::*;
 use rand::prelude::*;
-use std::ffi::CStr;
-use std::ptr;
 
 pub const DNSCRYPT_FULL_NONCE_SIZE: usize =
     crypto_box_curve25519xchacha20poly1305_NONCEBYTES as usize;
@@ -58,7 +56,6 @@ pub fn decrypt(
     let client_nonce = &wrapped_packet[DNSCRYPT_QUERY_MAGIC_SIZE + DNSCRYPT_QUERY_PK_SIZE
         ..DNSCRYPT_QUERY_MAGIC_SIZE + DNSCRYPT_QUERY_PK_SIZE + DNSCRYPT_QUERY_NONCE_SIZE];
     let encrypted_packet = &wrapped_packet[DNSCRYPT_QUERY_HEADER_SIZE..];
-    let encrypted_packet_len = encrypted_packet.len();
 
     let dnscrypt_encryption_params = dnscrypt_encryption_params_set
         .iter()
diff --git a/src/dnscrypt_certs.rs b/src/dnscrypt_certs.rs
index 92f029e..24dde9d 100644
--- a/src/dnscrypt_certs.rs
+++ b/src/dnscrypt_certs.rs
@@ -1,6 +1,7 @@
 use crate::crypto::*;
 
 use byteorder::{BigEndian, ByteOrder};
+use coarsetime::{Clock, Duration};
 use std::mem;
 use std::slice;
 use std::time::SystemTime;
@@ -78,6 +79,10 @@ impl DNSCryptCert {
     pub fn client_magic(&self) -> &[u8] {
         &self.inner.client_magic
     }
+
+    pub fn ts_end(&self) -> Duration {
+        Duration::from_secs(u64::from(BigEndian::read_u32(&self.inner.ts_end)))
+    }
 }
 
 #[derive(Debug)]
diff --git a/src/globals.rs b/src/globals.rs
index fdc0252..e697ba9 100644
--- a/src/globals.rs
+++ b/src/globals.rs
@@ -1,4 +1,3 @@
-use crate::crypto::*;
 use crate::dnscrypt_certs::*;
 
 use parking_lot::Mutex;
diff --git a/src/main.rs b/src/main.rs
index cd03423..e3596cc 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -35,12 +35,11 @@ use dnscrypt_certs::*;
 use errors::*;
 use globals::*;
 
-use byteorder::{BigEndian, ByteOrder, WriteBytesExt};
+use byteorder::{BigEndian, ByteOrder};
 use clap::Arg;
 use dnsstamps::{InformalProperty, WithInformalProperty};
 use failure::{bail, ensure};
 use futures::prelude::*;
-use futures::{pin_mut, FutureExt, StreamExt};
 use parking_lot::Mutex;
 use rand::prelude::*;
 use std::collections::vec_deque::VecDeque;
@@ -49,8 +48,7 @@ use std::fs::File;
 use std::io::prelude::*;
 use std::mem;
 use std::net::SocketAddr;
-use std::os::unix::io::{AsRawFd, FromRawFd, RawFd};
-use std::path::{Path, PathBuf};
+use std::path::PathBuf;
 use std::sync::atomic::{AtomicU32, Ordering};
 use std::sync::Arc;
 use std::time::Duration;
@@ -147,7 +145,7 @@ async fn handle_client_query(
     let (shared_key, nonce, mut packet) =
         match dnscrypt::decrypt(&encrypted_packet, &globals.dnscrypt_encryption_params_set) {
             Ok(x) => x,
-            Err(e) => {
+            Err(_) => {
                 let packet = encrypted_packet;
                 if let Some(synth_packet) = serve_certificates(
                     &packet,
@@ -295,6 +293,9 @@ async fn udp_acceptor(
     loop {
         let mut packet = vec![0u8; DNSCRYPT_UDP_QUERY_MAX_SIZE];
         let (packet_len, client_addr) = tokio_udp_socket.recv_from(&mut packet).await?;
+        if packet_len < DNSCRYPT_UDP_QUERY_MIN_SIZE {
+            continue;
+        }
         let net_udp_socket = net_udp_socket.try_clone()?;
         packet.truncate(packet_len);
         let client_ctx = ClientCtx::Udp(UdpClientCtx {
@@ -334,6 +335,8 @@ async fn start(globals: Arc<Globals>, runtime: Arc<Runtime>) -> Result<(), Error
 fn main() -> Result<(), Error> {
     env_logger::init();
     crypto::init()?;
+    let updater = coarsetime::Updater::new(1000).start()?;
+    mem::forget(updater);
 
     let matches = app_from_crate!()
         .arg(
@@ -378,11 +381,6 @@ fn main() -> Result<(), Error> {
         )
         .get_matches();
 
-    let listen_addr = matches
-        .value_of("listen-addr")
-        .unwrap()
-        .to_ascii_lowercase();
-
     let provider_name = match matches.value_of("provider-name").unwrap() {
         provider_name if provider_name.starts_with("2.dnscrypt.") => provider_name.to_string(),
         provider_name => format!("2.dnscrypt.{}", provider_name),
@@ -440,9 +438,6 @@ fn main() -> Result<(), Error> {
     .unwrap();
     println!("DNS Stamp: {}", stamp);
 
-    let resolver_kp = CryptKeyPair::new();
-    let dnscrypt_cert = DNSCryptCert::new(&provider_kp, &resolver_kp);
-
     let dnscrypt_encryption_params = DNSCryptEncryptionParams::new(&provider_kp);
 
     let runtime = Arc::new(Runtime::new()?);