Pull request #1473: svcb dohpath support
Merge in DNS/adguard-home from 4463-ddr-support to master
Squashed commit of the following:
commit 99a149e9024354ad0341739c3c9b08cefbd74468
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date: Tue Apr 12 14:13:17 2022 +0200
imp docs
commit 26150be8df8b35e47c108f6e3319c57b39fb8e38
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date: Mon Apr 11 20:36:18 2022 +0200
imp code docs
commit 5a4607f71abba83a9ac8753abd74c9fb97e4a545
Merge: 00f0abf5 9f0fdc5e
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date: Mon Apr 11 16:14:49 2022 +0200
Merge remote-tracking branch 'origin/master' into 4463-ddr-support
# Conflicts:
# internal/dnsforward/svcbmsg.go
commit 00f0abf5eea07aeeebc2a856a958215021a51ab7
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date: Mon Apr 11 16:06:42 2022 +0200
svcb dohpath support
commit ace81ce1ea2fb96c4434c6c1fded4a79427cf17e
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date: Thu Apr 7 14:31:32 2022 +0200
svcb dohpath support
commit a1b5df4fb2e87dab265d6ca55928610a6acc1c00
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date: Wed Apr 6 16:53:17 2022 +0200
svcb dohpath support
This commit is contained in:
parent
9f0fdc5e78
commit
2c2c0d445b
|
@ -17,6 +17,8 @@ and this project adheres to
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
||||||
|
- Support for SVCB/HTTPS parameter `dohpath` in filtering rules with
|
||||||
|
`dnsrewrite` modifier according to the [RFC draft][dns-draft-02] ([#4463]).
|
||||||
- The ability to customize the set of networks that are considered private
|
- The ability to customize the set of networks that are considered private
|
||||||
through the new `dns.private_networks` property in the configuration file
|
through the new `dns.private_networks` property in the configuration file
|
||||||
([#3142]).
|
([#3142]).
|
||||||
|
@ -120,10 +122,12 @@ In this release, the schema version has changed from 12 to 13.
|
||||||
[#4238]: https://github.com/AdguardTeam/AdGuardHome/issues/4238
|
[#4238]: https://github.com/AdguardTeam/AdGuardHome/issues/4238
|
||||||
[#4276]: https://github.com/AdguardTeam/AdGuardHome/issues/4276
|
[#4276]: https://github.com/AdguardTeam/AdGuardHome/issues/4276
|
||||||
[#4437]: https://github.com/AdguardTeam/AdGuardHome/issues/4437
|
[#4437]: https://github.com/AdguardTeam/AdGuardHome/issues/4437
|
||||||
|
[#4463]: https://github.com/AdguardTeam/AdGuardHome/issues/4463
|
||||||
|
|
||||||
[repr]: https://reproducible-builds.org/docs/source-date-epoch/
|
[repr]: https://reproducible-builds.org/docs/source-date-epoch/
|
||||||
[doq-draft-10]: https://datatracker.ietf.org/doc/html/draft-ietf-dprive-dnsoquic-10#section-10.2
|
[doq-draft-10]: https://datatracker.ietf.org/doc/html/draft-ietf-dprive-dnsoquic-10#section-10.2
|
||||||
[svcb-draft-08]: https://www.ietf.org/archive/id/draft-ietf-dnsop-svcb-https-08.html
|
[svcb-draft-08]: https://www.ietf.org/archive/id/draft-ietf-dnsop-svcb-https-08.html
|
||||||
|
[dns-draft-02]: https://datatracker.ietf.org/doc/html/draft-ietf-add-svcb-dns-02#section-5.1
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
3
go.mod
3
go.mod
|
@ -64,3 +64,6 @@ require (
|
||||||
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
|
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
|
||||||
honnef.co/go/tools v0.2.2 // indirect
|
honnef.co/go/tools v0.2.2 // indirect
|
||||||
)
|
)
|
||||||
|
|
||||||
|
// TODO(a.garipov): Return to the main repo once miekg/dns#1359 is merged.
|
||||||
|
replace github.com/miekg/dns => github.com/ainar-g/dns v1.1.49-0.20220411125901-8a162bbc18d8
|
||||||
|
|
2
go.sum
2
go.sum
|
@ -29,6 +29,8 @@ github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da h1:KjTM2ks9d14ZYCvmH
|
||||||
github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da/go.mod h1:eHEWzANqSiWQsof+nXEI9bUVUyV6F53Fp89EuCh2EAA=
|
github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da/go.mod h1:eHEWzANqSiWQsof+nXEI9bUVUyV6F53Fp89EuCh2EAA=
|
||||||
github.com/aead/poly1305 v0.0.0-20180717145839-3fee0db0b635 h1:52m0LGchQBBVqJRyYYufQuIbVqRawmubW3OFGqK1ekw=
|
github.com/aead/poly1305 v0.0.0-20180717145839-3fee0db0b635 h1:52m0LGchQBBVqJRyYYufQuIbVqRawmubW3OFGqK1ekw=
|
||||||
github.com/aead/poly1305 v0.0.0-20180717145839-3fee0db0b635/go.mod h1:lmLxL+FV291OopO93Bwf9fQLQeLyt33VJRUg5VJ30us=
|
github.com/aead/poly1305 v0.0.0-20180717145839-3fee0db0b635/go.mod h1:lmLxL+FV291OopO93Bwf9fQLQeLyt33VJRUg5VJ30us=
|
||||||
|
github.com/ainar-g/dns v1.1.49-0.20220411125901-8a162bbc18d8 h1:Hp2waLwK989ui3bDkFpedlIHfyWdZ77gynvd+GPEqXY=
|
||||||
|
github.com/ainar-g/dns v1.1.49-0.20220411125901-8a162bbc18d8/go.mod h1:e3IlAVfNqAllflbibAZEWOXOQ+Ynzk/dDozDxY7XnME=
|
||||||
github.com/ameshkov/dnscrypt/v2 v2.2.3 h1:X9UP5AHtwp46Ji+sGFfF/1Is6OPI/SjxLqhKpx0P5UI=
|
github.com/ameshkov/dnscrypt/v2 v2.2.3 h1:X9UP5AHtwp46Ji+sGFfF/1Is6OPI/SjxLqhKpx0P5UI=
|
||||||
github.com/ameshkov/dnscrypt/v2 v2.2.3/go.mod h1:xJB9cE1/GF+NB6EEQqRlkoa4bjcV2w7VYn1G+zVq7Bs=
|
github.com/ameshkov/dnscrypt/v2 v2.2.3/go.mod h1:xJB9cE1/GF+NB6EEQqRlkoa4bjcV2w7VYn1G+zVq7Bs=
|
||||||
github.com/ameshkov/dnsstamps v1.0.1/go.mod h1:Ii3eUu73dx4Vw5O4wjzmT5+lkCwovjzaEZZ4gKyIH5A=
|
github.com/ameshkov/dnsstamps v1.0.1/go.mod h1:Ii3eUu73dx4Vw5O4wjzmT5+lkCwovjzaEZZ4gKyIH5A=
|
||||||
|
|
|
@ -22,7 +22,7 @@ func TestServer_FilterDNSRewrite(t *testing.T) {
|
||||||
Preference: 32,
|
Preference: 32,
|
||||||
}
|
}
|
||||||
svcbVal := &rules.DNSSVCB{
|
svcbVal := &rules.DNSSVCB{
|
||||||
Params: map[string]string{"alpn": "h3"},
|
Params: map[string]string{"alpn": "h3", "dohpath": "/dns-query"},
|
||||||
Target: dns.Fqdn(domain),
|
Target: dns.Fqdn(domain),
|
||||||
Priority: 32,
|
Priority: 32,
|
||||||
}
|
}
|
||||||
|
@ -164,10 +164,20 @@ func TestServer_FilterDNSRewrite(t *testing.T) {
|
||||||
|
|
||||||
require.Len(t, d.Res.Answer, 1)
|
require.Len(t, d.Res.Answer, 1)
|
||||||
ans, ok := d.Res.Answer[0].(*dns.SVCB)
|
ans, ok := d.Res.Answer[0].(*dns.SVCB)
|
||||||
require.True(t, ok)
|
|
||||||
|
|
||||||
assert.Equal(t, dns.SVCB_ALPN, ans.Value[0].Key())
|
require.True(t, ok)
|
||||||
assert.Equal(t, svcbVal.Params["alpn"], ans.Value[0].String())
|
require.Len(t, ans.Value, 2)
|
||||||
|
|
||||||
|
assert.ElementsMatch(
|
||||||
|
t,
|
||||||
|
[]dns.SVCBKey{dns.SVCB_ALPN, dns.SVCB_DOHPATH},
|
||||||
|
[]dns.SVCBKey{ans.Value[0].Key(), ans.Value[1].Key()},
|
||||||
|
)
|
||||||
|
assert.ElementsMatch(
|
||||||
|
t,
|
||||||
|
[]string{svcbVal.Params["alpn"], svcbVal.Params["dohpath"]},
|
||||||
|
[]string{ans.Value[0].String(), ans.Value[1].String()},
|
||||||
|
)
|
||||||
assert.Equal(t, svcbVal.Target, ans.Target)
|
assert.Equal(t, svcbVal.Target, ans.Target)
|
||||||
assert.Equal(t, svcbVal.Priority, ans.Priority)
|
assert.Equal(t, svcbVal.Priority, ans.Priority)
|
||||||
})
|
})
|
||||||
|
@ -186,8 +196,18 @@ func TestServer_FilterDNSRewrite(t *testing.T) {
|
||||||
ans, ok := d.Res.Answer[0].(*dns.HTTPS)
|
ans, ok := d.Res.Answer[0].(*dns.HTTPS)
|
||||||
|
|
||||||
require.True(t, ok)
|
require.True(t, ok)
|
||||||
assert.Equal(t, dns.SVCB_ALPN, ans.Value[0].Key())
|
require.Len(t, ans.Value, 2)
|
||||||
assert.Equal(t, svcbVal.Params["alpn"], ans.Value[0].String())
|
|
||||||
|
assert.ElementsMatch(
|
||||||
|
t,
|
||||||
|
[]dns.SVCBKey{dns.SVCB_ALPN, dns.SVCB_DOHPATH},
|
||||||
|
[]dns.SVCBKey{ans.Value[0].Key(), ans.Value[1].Key()},
|
||||||
|
)
|
||||||
|
assert.ElementsMatch(
|
||||||
|
t,
|
||||||
|
[]string{svcbVal.Params["alpn"], svcbVal.Params["dohpath"]},
|
||||||
|
[]string{ans.Value[0].String(), ans.Value[1].String()},
|
||||||
|
)
|
||||||
assert.Equal(t, svcbVal.Target, ans.Target)
|
assert.Equal(t, svcbVal.Target, ans.Target)
|
||||||
assert.Equal(t, svcbVal.Priority, ans.Priority)
|
assert.Equal(t, svcbVal.Priority, ans.Priority)
|
||||||
})
|
})
|
||||||
|
|
|
@ -143,6 +143,12 @@ var svcbKeyHandlers = map[string]svcbKeyHandler{
|
||||||
ECH: ech,
|
ECH: ech,
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
|
||||||
|
"dohpath": func(valStr string) (val dns.SVCBKeyValue) {
|
||||||
|
return &dns.SVCBDoHPath{
|
||||||
|
Template: valStr,
|
||||||
|
}
|
||||||
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
// genAnswerSVCB returns a properly initialized SVCB resource record.
|
// genAnswerSVCB returns a properly initialized SVCB resource record.
|
||||||
|
|
|
@ -127,6 +127,10 @@ func TestGenAnswerHTTPS_andSVCB(t *testing.T) {
|
||||||
svcb: dnssvcb("no-default-alpn", ""),
|
svcb: dnssvcb("no-default-alpn", ""),
|
||||||
want: wantsvcb(&dns.SVCBNoDefaultAlpn{}),
|
want: wantsvcb(&dns.SVCBNoDefaultAlpn{}),
|
||||||
name: "no_default_alpn",
|
name: "no_default_alpn",
|
||||||
|
}, {
|
||||||
|
svcb: dnssvcb("dohpath", "/dns-query"),
|
||||||
|
want: wantsvcb(&dns.SVCBDoHPath{Template: "/dns-query"}),
|
||||||
|
name: "dohpath",
|
||||||
}, {
|
}, {
|
||||||
svcb: dnssvcb("port", "8080"),
|
svcb: dnssvcb("port", "8080"),
|
||||||
want: wantsvcb(&dns.SVCBPort{Port: 8080}),
|
want: wantsvcb(&dns.SVCBPort{Port: 8080}),
|
||||||
|
|
Loading…
Reference in New Issue