Pull request #1473: svcb dohpath support

Merge in DNS/adguard-home from 4463-ddr-support to master

Squashed commit of the following:

commit 99a149e9024354ad0341739c3c9b08cefbd74468
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Tue Apr 12 14:13:17 2022 +0200

    imp docs

commit 26150be8df8b35e47c108f6e3319c57b39fb8e38
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Mon Apr 11 20:36:18 2022 +0200

    imp code docs

commit 5a4607f71abba83a9ac8753abd74c9fb97e4a545
Merge: 00f0abf5 9f0fdc5e
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Mon Apr 11 16:14:49 2022 +0200

    Merge remote-tracking branch 'origin/master' into 4463-ddr-support

    # Conflicts:
    #	internal/dnsforward/svcbmsg.go

commit 00f0abf5eea07aeeebc2a856a958215021a51ab7
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Mon Apr 11 16:06:42 2022 +0200

    svcb dohpath support

commit ace81ce1ea2fb96c4434c6c1fded4a79427cf17e
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Thu Apr 7 14:31:32 2022 +0200

    svcb dohpath support

commit a1b5df4fb2e87dab265d6ca55928610a6acc1c00
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Wed Apr 6 16:53:17 2022 +0200

    svcb dohpath support
This commit is contained in:
Dimitry Kolyshev 2022-04-12 15:45:18 +03:00
parent 9f0fdc5e78
commit 2c2c0d445b
6 changed files with 45 additions and 6 deletions

View File

@ -17,6 +17,8 @@ and this project adheres to
### Added ### Added
- Support for SVCB/HTTPS parameter `dohpath` in filtering rules with
`dnsrewrite` modifier according to the [RFC draft][dns-draft-02] ([#4463]).
- The ability to customize the set of networks that are considered private - The ability to customize the set of networks that are considered private
through the new `dns.private_networks` property in the configuration file through the new `dns.private_networks` property in the configuration file
([#3142]). ([#3142]).
@ -120,10 +122,12 @@ In this release, the schema version has changed from 12 to 13.
[#4238]: https://github.com/AdguardTeam/AdGuardHome/issues/4238 [#4238]: https://github.com/AdguardTeam/AdGuardHome/issues/4238
[#4276]: https://github.com/AdguardTeam/AdGuardHome/issues/4276 [#4276]: https://github.com/AdguardTeam/AdGuardHome/issues/4276
[#4437]: https://github.com/AdguardTeam/AdGuardHome/issues/4437 [#4437]: https://github.com/AdguardTeam/AdGuardHome/issues/4437
[#4463]: https://github.com/AdguardTeam/AdGuardHome/issues/4463
[repr]: https://reproducible-builds.org/docs/source-date-epoch/ [repr]: https://reproducible-builds.org/docs/source-date-epoch/
[doq-draft-10]: https://datatracker.ietf.org/doc/html/draft-ietf-dprive-dnsoquic-10#section-10.2 [doq-draft-10]: https://datatracker.ietf.org/doc/html/draft-ietf-dprive-dnsoquic-10#section-10.2
[svcb-draft-08]: https://www.ietf.org/archive/id/draft-ietf-dnsop-svcb-https-08.html [svcb-draft-08]: https://www.ietf.org/archive/id/draft-ietf-dnsop-svcb-https-08.html
[dns-draft-02]: https://datatracker.ietf.org/doc/html/draft-ietf-add-svcb-dns-02#section-5.1

3
go.mod
View File

@ -64,3 +64,6 @@ require (
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
honnef.co/go/tools v0.2.2 // indirect honnef.co/go/tools v0.2.2 // indirect
) )
// TODO(a.garipov): Return to the main repo once miekg/dns#1359 is merged.
replace github.com/miekg/dns => github.com/ainar-g/dns v1.1.49-0.20220411125901-8a162bbc18d8

2
go.sum
View File

@ -29,6 +29,8 @@ github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da h1:KjTM2ks9d14ZYCvmH
github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da/go.mod h1:eHEWzANqSiWQsof+nXEI9bUVUyV6F53Fp89EuCh2EAA= github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da/go.mod h1:eHEWzANqSiWQsof+nXEI9bUVUyV6F53Fp89EuCh2EAA=
github.com/aead/poly1305 v0.0.0-20180717145839-3fee0db0b635 h1:52m0LGchQBBVqJRyYYufQuIbVqRawmubW3OFGqK1ekw= github.com/aead/poly1305 v0.0.0-20180717145839-3fee0db0b635 h1:52m0LGchQBBVqJRyYYufQuIbVqRawmubW3OFGqK1ekw=
github.com/aead/poly1305 v0.0.0-20180717145839-3fee0db0b635/go.mod h1:lmLxL+FV291OopO93Bwf9fQLQeLyt33VJRUg5VJ30us= github.com/aead/poly1305 v0.0.0-20180717145839-3fee0db0b635/go.mod h1:lmLxL+FV291OopO93Bwf9fQLQeLyt33VJRUg5VJ30us=
github.com/ainar-g/dns v1.1.49-0.20220411125901-8a162bbc18d8 h1:Hp2waLwK989ui3bDkFpedlIHfyWdZ77gynvd+GPEqXY=
github.com/ainar-g/dns v1.1.49-0.20220411125901-8a162bbc18d8/go.mod h1:e3IlAVfNqAllflbibAZEWOXOQ+Ynzk/dDozDxY7XnME=
github.com/ameshkov/dnscrypt/v2 v2.2.3 h1:X9UP5AHtwp46Ji+sGFfF/1Is6OPI/SjxLqhKpx0P5UI= github.com/ameshkov/dnscrypt/v2 v2.2.3 h1:X9UP5AHtwp46Ji+sGFfF/1Is6OPI/SjxLqhKpx0P5UI=
github.com/ameshkov/dnscrypt/v2 v2.2.3/go.mod h1:xJB9cE1/GF+NB6EEQqRlkoa4bjcV2w7VYn1G+zVq7Bs= github.com/ameshkov/dnscrypt/v2 v2.2.3/go.mod h1:xJB9cE1/GF+NB6EEQqRlkoa4bjcV2w7VYn1G+zVq7Bs=
github.com/ameshkov/dnsstamps v1.0.1/go.mod h1:Ii3eUu73dx4Vw5O4wjzmT5+lkCwovjzaEZZ4gKyIH5A= github.com/ameshkov/dnsstamps v1.0.1/go.mod h1:Ii3eUu73dx4Vw5O4wjzmT5+lkCwovjzaEZZ4gKyIH5A=

View File

@ -22,7 +22,7 @@ func TestServer_FilterDNSRewrite(t *testing.T) {
Preference: 32, Preference: 32,
} }
svcbVal := &rules.DNSSVCB{ svcbVal := &rules.DNSSVCB{
Params: map[string]string{"alpn": "h3"}, Params: map[string]string{"alpn": "h3", "dohpath": "/dns-query"},
Target: dns.Fqdn(domain), Target: dns.Fqdn(domain),
Priority: 32, Priority: 32,
} }
@ -164,10 +164,20 @@ func TestServer_FilterDNSRewrite(t *testing.T) {
require.Len(t, d.Res.Answer, 1) require.Len(t, d.Res.Answer, 1)
ans, ok := d.Res.Answer[0].(*dns.SVCB) ans, ok := d.Res.Answer[0].(*dns.SVCB)
require.True(t, ok)
assert.Equal(t, dns.SVCB_ALPN, ans.Value[0].Key()) require.True(t, ok)
assert.Equal(t, svcbVal.Params["alpn"], ans.Value[0].String()) require.Len(t, ans.Value, 2)
assert.ElementsMatch(
t,
[]dns.SVCBKey{dns.SVCB_ALPN, dns.SVCB_DOHPATH},
[]dns.SVCBKey{ans.Value[0].Key(), ans.Value[1].Key()},
)
assert.ElementsMatch(
t,
[]string{svcbVal.Params["alpn"], svcbVal.Params["dohpath"]},
[]string{ans.Value[0].String(), ans.Value[1].String()},
)
assert.Equal(t, svcbVal.Target, ans.Target) assert.Equal(t, svcbVal.Target, ans.Target)
assert.Equal(t, svcbVal.Priority, ans.Priority) assert.Equal(t, svcbVal.Priority, ans.Priority)
}) })
@ -186,8 +196,18 @@ func TestServer_FilterDNSRewrite(t *testing.T) {
ans, ok := d.Res.Answer[0].(*dns.HTTPS) ans, ok := d.Res.Answer[0].(*dns.HTTPS)
require.True(t, ok) require.True(t, ok)
assert.Equal(t, dns.SVCB_ALPN, ans.Value[0].Key()) require.Len(t, ans.Value, 2)
assert.Equal(t, svcbVal.Params["alpn"], ans.Value[0].String())
assert.ElementsMatch(
t,
[]dns.SVCBKey{dns.SVCB_ALPN, dns.SVCB_DOHPATH},
[]dns.SVCBKey{ans.Value[0].Key(), ans.Value[1].Key()},
)
assert.ElementsMatch(
t,
[]string{svcbVal.Params["alpn"], svcbVal.Params["dohpath"]},
[]string{ans.Value[0].String(), ans.Value[1].String()},
)
assert.Equal(t, svcbVal.Target, ans.Target) assert.Equal(t, svcbVal.Target, ans.Target)
assert.Equal(t, svcbVal.Priority, ans.Priority) assert.Equal(t, svcbVal.Priority, ans.Priority)
}) })

View File

@ -143,6 +143,12 @@ var svcbKeyHandlers = map[string]svcbKeyHandler{
ECH: ech, ECH: ech,
} }
}, },
"dohpath": func(valStr string) (val dns.SVCBKeyValue) {
return &dns.SVCBDoHPath{
Template: valStr,
}
},
} }
// genAnswerSVCB returns a properly initialized SVCB resource record. // genAnswerSVCB returns a properly initialized SVCB resource record.

View File

@ -127,6 +127,10 @@ func TestGenAnswerHTTPS_andSVCB(t *testing.T) {
svcb: dnssvcb("no-default-alpn", ""), svcb: dnssvcb("no-default-alpn", ""),
want: wantsvcb(&dns.SVCBNoDefaultAlpn{}), want: wantsvcb(&dns.SVCBNoDefaultAlpn{}),
name: "no_default_alpn", name: "no_default_alpn",
}, {
svcb: dnssvcb("dohpath", "/dns-query"),
want: wantsvcb(&dns.SVCBDoHPath{Template: "/dns-query"}),
name: "dohpath",
}, { }, {
svcb: dnssvcb("port", "8080"), svcb: dnssvcb("port", "8080"),
want: wantsvcb(&dns.SVCBPort{Port: 8080}), want: wantsvcb(&dns.SVCBPort{Port: 8080}),