Archives
/
encrypted-dns-server
mirror of https://github.com/jedisct1/encrypted-dns-server
2
0
Fork 0
Code Issues Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
dependabot/cargo/parking_lot-0.12.2
master
sieve-cache
slab
tracing-locks
cart
packet-size
solofilter
ttl
0.9.15
0.9.14
0.9.13
0.9.12
0.9.11
0.9.10
0.9.9
0.9.8
0.9.7
0.9.6
0.9.5
0.9.4
0.9.3
0.9.2
0.9.1
0.9.0
0.3.23
0.3.22
0.3.21
0.3.20
0.3.17
0.3.14
0.3.12
0.3.11
0.3.10
0.3.8
0.3.7
0.3.6
0.3.5
0.3.3
0.3.2
0.3.1
0.3.0
0.2.10
0.2.9
0.2.8
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '78eb2719ab'
${ noResults }
encrypted-dns-server/src/config.rs

150 lines
4.3 KiB
Rust
Raw Blame History

use crate::crypto::*;
use crate::dnscrypt_certs::*;
use crate::errors::*;
use std::fs;
use std::mem;
use std::net::{IpAddr, SocketAddr};
use std::path::{Path, PathBuf};
use tokio::io::AsyncWriteExt;
#[derive(Serialize, Deserialize, Debug, Clone)]
pub struct AccessControlConfig {
pub enabled: bool,
pub tokens: Vec<String>,
}
#[derive(Serialize, Deserialize, Debug, Clone)]
pub struct AnonymizedDNSConfig {
pub enabled: bool,
pub allowed_ports: Vec<u16>,
pub allow_non_reserved_ports: Option<bool>,
pub blacklisted_ips: Vec<IpAddr>,
}
#[cfg(feature = "metrics")]
#[derive(Serialize, Deserialize, Debug, Clone)]
pub struct MetricsConfig {
pub r#type: String,
pub listen_addr: SocketAddr,
pub path: String,
}
#[derive(Serialize, Deserialize, Debug, Clone)]
pub struct DNSCryptConfig {
pub enabled: Option<bool>,
pub provider_name: String,
pub key_cache_capacity: usize,
pub dnssec: bool,
pub no_filters: bool,
pub no_logs: bool,
}
#[derive(Serialize, Deserialize, Debug, Clone)]
pub struct TLSConfig {
pub upstream_addr: Option<SocketAddr>,
}
#[derive(Serialize, Deserialize, Debug, Clone)]
pub struct ListenAddrConfig {
pub local: SocketAddr,
pub external: SocketAddr,
}
#[derive(Serialize, Deserialize, Debug, Clone)]
pub struct FilteringConfig {
pub domain_blacklist: Option<PathBuf>,
pub undelegated_list: Option<PathBuf>,
pub ignore_unqualified_hostnames: Option<bool>,
}
#[derive(Serialize, Deserialize, Debug, Clone)]
pub struct Config {
pub listen_addrs: Vec<ListenAddrConfig>,
pub external_addr: Option<IpAddr>,
pub upstream_addr: SocketAddr,
pub state_file: PathBuf,
pub udp_timeout: u32,
pub tcp_timeout: u32,
pub udp_max_active_connections: u32,
pub tcp_max_active_connections: u32,
pub cache_capacity: usize,
pub cache_ttl_min: u32,
pub cache_ttl_max: u32,
pub cache_ttl_error: u32,
pub user: Option<String>,
pub group: Option<String>,
pub chroot: Option<String>,
pub filtering: FilteringConfig,
pub dnscrypt: DNSCryptConfig,
pub tls: TLSConfig,
pub daemonize: bool,
pub pid_file: Option<PathBuf>,
pub log_file: Option<PathBuf>,
pub my_ip: Option<String>,
pub client_ttl_holdon: Option<u32>,
#[cfg(feature = "metrics")]
pub metrics: Option<MetricsConfig>,
pub anonymized_dns: Option<AnonymizedDNSConfig>,
pub access_control: Option<AccessControlConfig>,
}
impl Config {
pub fn from_string(toml: &str) -> Result<Config, Error> {
let config: Config = match toml::from_str(toml) {
Ok(config) => config,
Err(e) => bail!("Parse error in the configuration file: {}", e),
};
Ok(config)
}
pub fn from_path(path: impl AsRef<Path>) -> Result<Config, Error> {
let toml = fs::read_to_string(path)?;
Config::from_string(&toml)
}
}
#[derive(Serialize, Deserialize, Debug)]
pub struct State {
pub provider_kp: SignKeyPair,
pub dnscrypt_encryption_params_set: Vec<DNSCryptEncryptionParams>,
}
impl State {
pub fn with_key_pair(provider_kp: SignKeyPair, key_cache_capacity: usize) -> Self {
let dnscrypt_encryption_params_set =
DNSCryptEncryptionParams::new(&provider_kp, key_cache_capacity, None);
State {
provider_kp,
dnscrypt_encryption_params_set,
}
}
pub fn new(key_cache_capacity: usize) -> Self {
let provider_kp = SignKeyPair::new();
State::with_key_pair(provider_kp, key_cache_capacity)
}
pub async fn async_save(&self, path: impl AsRef<Path>) -> Result<(), Error> {
let path_tmp = path.as_ref().with_extension("tmp");
let mut fpb = tokio::fs::OpenOptions::new();
let fpb = fpb.create(true).write(true);
let mut fp = fpb.open(&path_tmp).await?;
let state_bin = toml::to_vec(&self)?;
fp.write_all(&state_bin).await?;
fp.sync_data().await?;
mem::drop(fp);
tokio::fs::rename(path_tmp, path).await?;
Ok(())
}
pub fn from_file(path: impl AsRef<Path>, key_cache_capacity: usize) -> Result<Self, Error> {
let state_bin = fs::read(path)?;
let mut state: State = toml::from_slice(&state_bin)?;
for params_set in &mut state.dnscrypt_encryption_params_set {
params_set.add_key_cache(key_cache_capacity);
}
Ok(state)
}
}
Reference in New Issue View Git Blame Copy Permalink