From e0f127f1b128a776affbc176817bdf3004ae87e5 Mon Sep 17 00:00:00 2001 From: Star Brilliant Date: Wed, 4 Oct 2017 12:42:18 +0800 Subject: [PATCH] Reduce source address reveal --- doh-server/server.go | 4 ++++ json-dns/marshal.go | 4 +++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/doh-server/server.go b/doh-server/server.go index 0827c16..d1c8793 100644 --- a/doh-server/server.go +++ b/doh-server/server.go @@ -81,6 +81,7 @@ func (s *Server) handlerFunc(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json; charset=UTF-8") w.Header().Set("Server", "DNS-over-HTTPS/1.0 (+https://github.com/m13253/dns-over-https)") w.Header().Set("X-Powered-By", "DNS-over-HTTPS/1.0 (+https://github.com/m13253/dns-over-https)") + w.Header().Set("Vary", "X-Edns-Client-Subnet") name := r.FormValue("name") if name == "" { @@ -204,6 +205,9 @@ func (s *Server) handlerFunc(w http.ResponseWriter, r *http.Request) { w.Header().Set("Cache-Control", "max-age=" + strconv.Itoa(int(respJson.LeastTTL))) w.Header().Set("Expires", respJson.EarliestExpires.Format(time.RFC1123)) } + if respJson.EdnsClientSubnet != "" { + w.Header().Set("X-Edns-Client-Subnet", respJson.EdnsClientSubnet) + } w.Write(respStr) } diff --git a/json-dns/marshal.go b/json-dns/marshal.go index a88c798..01209a3 100644 --- a/json-dns/marshal.go +++ b/json-dns/marshal.go @@ -19,6 +19,7 @@ package jsonDNS import ( + "net" "strconv" "strings" "time" @@ -77,7 +78,8 @@ func Marshal(msg *dns.Msg) *Response { for _, option := range opt.Option { if option.Option() == dns.EDNS0SUBNET { edns0 := option.(*dns.EDNS0_SUBNET) - resp.EdnsClientSubnet = edns0.Address.String() + "/" + strconv.Itoa(int(edns0.SourceScope)) + scopeMask := net.CIDRMask(int(edns0.SourceScope), len(edns0.Address)) + resp.EdnsClientSubnet = edns0.Address.Mask(scopeMask).String() + "/" + strconv.Itoa(int(edns0.SourceScope)) } } continue