Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Binary files dnscrypt.old/dnscrypt_cert.dir/2_chacha.cert and dnscrypt.new/dnscrypt_cert.dir/2_chacha.cert differ
diff -ruN dnscrypt.old/dnscrypt_cert.dir/dnscrypt_cert.conf dnscrypt.new/dnscrypt_cert.dir/dnscrypt_cert.conf
--- dnscrypt.old/dnscrypt_cert.dir/dnscrypt_cert.conf 2017-03-06 09:56:29.000000000 -0800
+++ dnscrypt.new/dnscrypt_cert.dir/dnscrypt_cert.conf 2017-06-01 19:14:27.000000000 -0700
@@ -22,5 +22,6 @@
dnscrypt-secret-key: 1.key
dnscrypt-secret-key: 2.key
dnscrypt-provider-cert: 1.cert
+ dnscrypt-provider-cert: 2_chacha.cert
dnscrypt-provider-cert: 2.cert
diff -ruN dnscrypt.old/dnscrypt_cert.dir/dnscrypt_cert.test dnscrypt.new/dnscrypt_cert.dir/dnscrypt_cert.test
--- dnscrypt.old/dnscrypt_cert.dir/dnscrypt_cert.test 2017-03-20 08:41:22.000000000 -0700
+++ dnscrypt.new/dnscrypt_cert.dir/dnscrypt_cert.test 2017-06-01 19:33:26.000000000 -0700
@@ -64,8 +64,23 @@
for opt in '' '+tcp'
do
# Plaintext query on dnscrypt port returns cert when asking for providername/TXT.
- # Check that it returns cert1.
- echo "> dig TXT 2.dnscrypt-cert.example.com. CERT 1. DNSCrypt plaintext ${opt}"
+ # Check that it returns 1.cert.
+ echo "> dig TXT 2.dnscrypt-cert.example.com. 1.CERT. DNSCrypt plaintext ${opt}"
+ dig ${opt} @127.0.0.1 -p $DNSCRYPT_PORT 2.dnscrypt-cert.example.com. TXT | tee outfile
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "> check answer"
+ if grep 'DNSC\\000\\001\\000\\000+WS\\171'"'"'OMF\\003\\240:\\012`uD\\029\\147\\\\\\013\\027f^\\169\\247\\231\\132\\001\\238\\004\\205\\221\\028Z\\243MpaN4\\024\\212l\\177?\\240,\\129f\\028\\147Aj\\184S\\205}1\\176e\\226\\190:\\017\\011O\\157\\007\[s6q\\150\\128\\169\\016J5cD\\237\\242:\\2500\\005U\\203\\161\\146\\132\\133)js./O\\157\\007\[s6q\\150W\\1904\\234W\\1904\\234Y\\159hj' outfile; then
+ echo "OK"
+ else
+ echo "Not OK"
+ exit 1
+ fi
+
+ # Plaintext query on dnscrypt port returns cert when asking for providername/TXT.
+ # Check that it returns 2.cert.
+ echo "> dig TXT 2.dnscrypt-cert.example.com. 2.CERT. DNSCrypt plaintext ${opt}"
dig ${opt} @127.0.0.1 -p $DNSCRYPT_PORT 2.dnscrypt-cert.example.com. TXT | tee outfile
echo "> cat logfiles"
cat fwd.log
@@ -79,14 +94,14 @@
fi
# Plaintext query on dnscrypt port returns cert when asking for providername/TXT.
- # Check that it returns cert2.
- echo "> dig TXT 2.dnscrypt-cert.example.com. CERT 2. DNSCrypt plaintext ${opt}"
+ # Check that it returns 2_chacha.cert
+ echo "> dig TXT 2.dnscrypt-cert.example.com. 2_CHACHA.CERT. DNSCrypt plaintext ${opt}"
dig ${opt} @127.0.0.1 -p $DNSCRYPT_PORT 2.dnscrypt-cert.example.com. TXT | tee outfile
echo "> cat logfiles"
cat fwd.log
cat unbound.log
echo "> check answer"
- if grep 'DNSC\\000\\001\\000\\000+WS\\171'"'"'OMF\\003\\240:\\012`uD\\029\\147\\\\\\013\\027f^\\169\\247\\231\\132\\001\\238\\004\\205\\221\\028Z\\243MpaN4\\024\\212l\\177?\\240,\\129f\\028\\147Aj\\184S\\205}1\\176e\\226\\190:\\017\\011O\\157\\007\[s6q\\150\\128\\169\\016J5cD\\237\\242:\\2500\\005U\\203\\161\\146\\132\\133)js./O\\157\\007\[s6q\\150W\\1904\\234W\\1904\\234Y\\159hj' outfile; then
+ if grep 'DNSC\\000\\002\\000\\000\\249\\143\\;\\160H$tX\\153\\239^\\171\\160\\204`\\012mjU\\214a\\142\\138u\\161\\160W_\\012\\207x2A\\243=B+\\171X\\167tN\\202\\016\\213\\183\\012\\138\\161\\182\\204\\158\.^\\011ZQ\\003\\0214Nz\\210\\001\\142v\\190R\\193\\167\\011g\\"\\206\\210\\234|\\209\\234\\023\\216\\249eE\\163p\\143\\023)4\\149\\177}0~6\\143v\\190R\\193\\167\\011gX\\200\\231\\160X\\200\\231\\160Z\\170\\027' outfile; then
echo "OK"
else
echo "Not OK"
@@ -95,7 +110,7 @@
# Certificates are local-data for unbound. We can also retrieve them from unbound
# port.
- echo "> dig TXT 2.dnscrypt-cert.example.com. CERT 2. Unbound ${opt}"
+ echo "> dig TXT 2.dnscrypt-cert.example.com. 1.CERT. Unbound ${opt}"
dig ${opt} @127.0.0.1 -p $UNBOUND_PORT 2.dnscrypt-cert.example.com. TXT | tee outfile
echo "> cat logfiles"
cat fwd.log
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.