message_decoder: handle empty server_name

YongBinnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn · Dec 14, 2023 · 4e065a1 · 4e065a1
1 parent 833c8aa
commit 4e065a1
Show file tree

Hide file tree

Showing 7 changed files with 29 additions and 27 deletions.
diff --git a/init_pi.sh b/init_pi.sh
@@ -16,11 +16,10 @@ EOF
 fi
 cp -Rf $script_dir/../v/home/x/.mozilla ~/
 
+exit
 sudo sed -i "s/dtoverlay=vc4-kms-v3d/dtoverlay=vc4-fkms-v3d/g" /boot/firmware/config.txt
 sudo sed -i "s/.*udp dport {6.*//g" /etc/NetworkManager/dispatcher.d/02-hood-dispatcher
 
-exit
-
 sudo tee /etc/modprobe.d/bin-y-blacklist.conf <<EOF
 blacklist bluetooth
 EOF

diff --git a/proxy/CMakeLists.txt b/proxy/CMakeLists.txt
@@ -3,9 +3,9 @@ project (hood_proxy)
 
 
 set(Boost_NO_WARN_NEW_VERSIONS 1)
-set(BOOST_ROOT "${CMAKE_CURRENT_SOURCE_DIR}/libs/${CMAKE_HOST_SYSTEM_NAME}/boost_1_83_0-install")
+set(BOOST_ROOT "${CMAKE_CURRENT_SOURCE_DIR}/libs/${CMAKE_HOST_SYSTEM_NAME}/boost_1_84_0-install")
 set(Boost_USE_STATIC_LIBS ON)
-find_package( Boost 1.83 COMPONENTS program_options system log REQUIRED )
+find_package( Boost 1.84 COMPONENTS program_options system log REQUIRED )
 include_directories (SYSTEM ${Boost_INCLUDE_DIR})
 
 set(CMAKE_CXX_STANDARD 20)

diff --git a/proxy/hood_proxy.conf b/proxy/hood_proxy.conf
@@ -1,7 +1,7 @@
 listen-address=0.0.0.0
 listen-port=53
 tls-proxy-port=443
-tls-proxy-address=127.0.0.1
+tls-proxy-address=0.0.0.0
 
 # Remote servers
 # See: https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Public+Resolvers

diff --git a/proxy/install_dependencies_debian.sh b/proxy/install_dependencies_debian.sh
@@ -16,7 +16,7 @@ export TAR_OPTIONS=--no-same-owner
 # -- Get boost includes --------------------------------------------------------
 # ==============================================================================
 
-BOOST_VERSION="1.83.0"
+BOOST_VERSION="1.84.0"
 BOOST_FILE_NAME=$(echo boost_$BOOST_VERSION|tr '.' '_')
 
 if [ -d "${BOOST_FILE_NAME}-install" ] ; then
@@ -28,8 +28,8 @@ else
       curl -L -O -C - "https://boostorg.jfrog.io/artifactory/main/release/${BOOST_VERSION}/source/${BOOST_FILE_NAME}.tar.gz"
     fi
     echo "Extracting boost."
-    tar -xvmf boost_1_83_0.tar.gz --exclude "libs" --exclude "doc" --exclude "example" --exclude "test"
-    tar -xvmf boost_1_83_0.tar.gz --exclude "test" --exclude "example" --exclude "doc" boost_1_83_0/libs/
+    tar -xvmf $BOOST_FILE_NAME.tar.gz --exclude "libs" --exclude "doc" --exclude "example" --exclude "test"
+    tar -xvmf $BOOST_FILE_NAME.tar.gz --exclude "test" --exclude "example" --exclude "doc" ${BOOST_FILE_NAME}/libs/
     mkdir -p $(uname -s)/${BOOST_FILE_NAME}-install/include
     mv ${BOOST_FILE_NAME} ${BOOST_FILE_NAME}-source
   fi

diff --git a/proxy/src/tls_message_decoder.cpp b/proxy/src/tls_message_decoder.cpp
@@ -268,6 +268,10 @@ inline MessageDecoder::ResultType MessageDecoder::DecodeExtensions(
       return ResultType::bad;
     }
     if (extension.type == protocol::extension::Type::server_name) {
+      if (length == 0) {
+        extension.content.emplace<extension::ServerName>();
+        return ResultType::good;
+      }
       if (end_of_extension < offset + sizeof(protocol::extension::ServerName)) {
         LOG_DEBUG();
         return ResultType::bad;

diff --git a/scripts/02-hood-dispatcher b/scripts/02-hood-dispatcher
@@ -35,7 +35,7 @@ function proxy_access_on(){
   nft insert rule ip filter input index 5 iif $1 ip daddr $interface_address udp dport {53} accept
   nft insert rule ip filter input index 5 iif $1 udp sport {68} udp dport {67} log prefix \"[HOOD A]\" flags all accept
   nft insert rule ip filter output index 5 oif $1 udp sport {67} udp dport {68} log prefix \"[HOOD A]\" flags all accept
-  nohup /usr/sbin/dnsmasq --pid-file=/tmp/hood/dnsmasq-$1.pid --conf-file=/dev/null --no-hosts --no-resolv --keep-in-foreground --interface=$1 --clear-on-reload --strict-order --listen-address=$interface_address --bind-dynamic --no-poll --address=/#/$interface_address --cache-size=0  --dhcp-range=$interface_address,10.0.${counter}.255,255.255.255.0,400w --dhcp-authoritative --dhcp-leasefile=/tmp/hood/dnsmasq-$1.lease --dhcp-option=option:dns-server,$interface_address > /tmp/hood/dnsmasq-$1.log &2>1  &
+  nohup /usr/sbin/dnsmasq --pid-file=/tmp/hood/dnsmasq-$1.pid --conf-file=/dev/null --no-hosts --no-resolv --keep-in-foreground --interface=$1 --except-interface=lo --clear-on-reload --strict-order --listen-address=$interface_address --bind-interfaces --no-poll --address=/#/$interface_address --cache-size=0  --dhcp-range=$interface_address,10.0.${counter}.255,255.255.255.0,400w --dhcp-authoritative --dhcp-leasefile=/tmp/hood/dnsmasq-$1.lease --dhcp-option=option:dns-server,$interface_address > /tmp/hood/dnsmasq-$1.log &2>1  &
   disown
 }
 
@@ -131,24 +131,6 @@ function http_timesync(){
 
 if [ "$2" = "before-network-service" ]; then
   initial_firewall_rules
-
-  hostname_format=$(($RANDOM % 6))
-  if [[ $hostname_format == 0 ]]; then
-    hostname="WIN-"`cat /dev/random | tr -dc "A-Z0-9"|head -c 11`
-  elif [[ $hostname_format == 1 ]]; then
-    hostname="LAPTOP-"`cat /dev/random | tr -dc "A-Z0-9"|head -c 8`
-  elif [[ $hostname_format == 2 ]]; then
-    hostname="DESKTOP-"`cat /dev/random | tr -dc "A-Z0-9"|head -c 7`
-  elif [[ $hostname_format == 3 ]]; then
-    hostname="iPad"
-  elif [[ $hostname_format == 4 ]]; then
-    hostname="iPhone"
-  elif [[ $hostname_format == 5 ]]; then
-    hostname="Apple Watch"
-  fi
-
-  hostnamectl set-hostname $hostname
-
 elif [ "$2" = "pre-up" ]; then
   #ifconfig $1 link random
   wan_port=0

diff --git a/scripts/rc.local b/scripts/rc.local
@@ -3,6 +3,23 @@
 #echo '1-1' > /sys/class/backlight/
 #ls /sys/class/backlight/ > /var/tmp/test
 
+hostname_format=$(($RANDOM % 6))
+if [[ $hostname_format == 0 ]]; then
+  hostname="WIN-"`cat /dev/random | tr -dc "A-Z0-9"|head -c 11`
+elif [[ $hostname_format == 1 ]]; then
+  hostname="LAPTOP-"`cat /dev/random | tr -dc "A-Z0-9"|head -c 8`
+elif [[ $hostname_format == 2 ]]; then
+  hostname="DESKTOP-"`cat /dev/random | tr -dc "A-Z0-9"|head -c 7`
+elif [[ $hostname_format == 3 ]]; then
+  hostname="iPad"
+elif [[ $hostname_format == 4 ]]; then
+  hostname="iPhone"
+elif [[ $hostname_format == 5 ]]; then
+  hostname="Apple Watch"
+fi
+
+hostnamectl set-hostname $hostname
+
 if test -f /var/lib/hood/flags/harden_only; then
   exit 0
 fi