Last active
June 4, 2019 11:55
-
-
Save Nibbler999/850edb03a447dba0f1c456c2735633f9 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| "use strict"; | |
| const fs = require('fs'); | |
| const url = require('url'); | |
| const spdy = require('spdy'); | |
| const dgram = require('dgram'); | |
| const express = require('express'); | |
| const getRawBody = require('raw-body'); | |
| const base64url = require('base64url'); | |
| const cfg = { | |
| tls: { | |
| key: fs.readFileSync('/etc/letsencrypt/live/example.com/privkey.pem'), | |
| cert: fs.readFileSync('/etc/letsencrypt/live/example.com/fullchain.pem') | |
| }, | |
| password: '', | |
| port: 443, | |
| 'content-type': 'application/dns-message' | |
| }; | |
| const app = express(); | |
| app.use((req, res, next) => { | |
| if (req.headers['accept'] !== cfg['content-type']) { | |
| res.statusCode = 415; | |
| return next('Unsupported Media Type'); | |
| } | |
| next(); | |
| }); | |
| app.use((req, res, next) => { | |
| if (cfg.password && req.headers['authorization'] !== cfg.password) { | |
| res.statusCode = 403; | |
| return next('Access denied'); | |
| } | |
| next(); | |
| }); | |
| app.use((req, res, next) => { | |
| getRawBody(req, { | |
| length: req.headers['content-length'], | |
| limit: 65535, | |
| }, (err, data) => { | |
| if (err) return next(err); | |
| req.body = data; | |
| next(); | |
| }) | |
| }); | |
| app.post('/', (req, res) => { | |
| handle(req.body, res); | |
| }); | |
| app.get('/', (req, res) => { | |
| const query = url.parse(req.url, true).query; | |
| const msg = base64url.toBuffer(query.dns); | |
| handle(msg, res); | |
| }); | |
| function handle(msg, res) | |
| { | |
| const server = dgram.createSocket('udp6'); | |
| server.on('error', (err) => { | |
| res.statusCode = 500; | |
| res.end('Internal Server Error'); | |
| server.close(); | |
| }); | |
| server.on('message', (msg) => { | |
| res.set('Content-Type', cfg['content-type']); | |
| res.end(msg); | |
| server.close(); | |
| }); | |
| server.bind(0, '::1', () => { | |
| server.send(msg, 53, '::1'); | |
| }); | |
| } | |
| spdy.createServer(cfg.tls, app).listen(cfg.port); |
Yes, the code worked with Firefox Nightly at the time of posting. I haven't tested it since.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Were you able to get this to work? Public DoH servers send more bytes in the response than what I'm seeing in the lab, and Mozilla testing is not working.