Pull request: all: upd dnsproxy, supp rfc 9250

Updates #4592.

Squashed commit of the following:

commit 1a80875d6aa7811d7d1d978f6fa8d558dec1ca87
Author: Ainar Garipov <A.Garipov@AdGuard.COM>
Date:   Tue May 24 19:28:27 2022 +0300

    all: upd dnsproxy, supp rfc 9250
This commit is contained in:
Ainar Garipov 2022-05-24 19:47:09 +03:00
parent c0ac82be6a
commit a82ec09afd
5 changed files with 31 additions and 34 deletions

View File

@ -23,6 +23,7 @@ and this project adheres to
### Added ### Added
- Support for the final DNS-over-QUIC standard, [RFC 9250][rfc-9250] ([#4592]).
- Support upstreams for subdomains of a domain only ([#4503]). - Support upstreams for subdomains of a domain only ([#4503]).
- Support for Discovery of Designated Resolvers (DDR) according to the [RFC - Support for Discovery of Designated Resolvers (DDR) according to the [RFC
draft][ddr-draft-06] ([#4463]). draft][ddr-draft-06] ([#4463]).
@ -45,7 +46,7 @@ and this project adheres to
instead of the `/bin/sh` one ([#4533]). To apply this change, backup your instead of the `/bin/sh` one ([#4533]). To apply this change, backup your
data and run `AdGuardHome -s uninstall && AdGuardHome -s install`. data and run `AdGuardHome -s uninstall && AdGuardHome -s install`.
- The default DNS-over-QUIC port number is now `853` instead of `754` in - The default DNS-over-QUIC port number is now `853` instead of `754` in
accordance with the latest [RFC draft][doq-draft-10] ([#4276]). accordance with [RFC 9250][rfc-9250] ([#4276]).
- Reverse DNS now has a greater priority as the source of runtime clients' - Reverse DNS now has a greater priority as the source of runtime clients'
information than ARP neighborhood. information than ARP neighborhood.
- Improved detection of runtime clients through more resilient ARP processing - Improved detection of runtime clients through more resilient ARP processing
@ -100,7 +101,7 @@ In this release, the schema version has changed from 12 to 14.
`dns.resolve_clients` property. To rollback this change, remove the `dns.resolve_clients` property. To rollback this change, remove the
`runtime_sources` property, move the contents of `persistent` into the `runtime_sources` property, move the contents of `persistent` into the
`clients` itself, the value of `clients.runtime_sources.rdns` into the `clients` itself, the value of `clients.runtime_sources.rdns` into the
`dns.resolve_clietns`, and change the `schema_version` back to `13`. `dns.resolve_clients`, and change the `schema_version` back to `13`.
- Property `local_domain_name`, which in schema versions 12 and earlier used to - Property `local_domain_name`, which in schema versions 12 and earlier used to
be a part of the `dns` object, is now a part of the `dhcp` object: be a part of the `dns` object, is now a part of the `dhcp` object:
@ -131,7 +132,7 @@ In this release, the schema version has changed from 12 to 14.
- Service startup on boot on systems using SysV-init ([#4480]). - Service startup on boot on systems using SysV-init ([#4480]).
- Detection of the stopped service status on macOS and Linux ([#4273]). - Detection of the stopped service status on macOS and Linux ([#4273]).
- Case-sensitive ClientID ([#4542]). - Case-sensitive ClientID ([#4542]).
- Slow version update queries making other HTTP APIs unresponsible ([#4499]). - Slow version update queries making other HTTP APIs unresponsive ([#4499]).
- ARP tables refreshing process causing excessive PTR requests ([#3157]). - ARP tables refreshing process causing excessive PTR requests ([#3157]).
[#1730]: https://github.com/AdguardTeam/AdGuardHome/issues/1730 [#1730]: https://github.com/AdguardTeam/AdGuardHome/issues/1730
@ -156,9 +157,10 @@ In this release, the schema version has changed from 12 to 14.
[#4503]: https://github.com/AdguardTeam/AdGuardHome/issues/4503 [#4503]: https://github.com/AdguardTeam/AdGuardHome/issues/4503
[#4533]: https://github.com/AdguardTeam/AdGuardHome/issues/4533 [#4533]: https://github.com/AdguardTeam/AdGuardHome/issues/4533
[#4542]: https://github.com/AdguardTeam/AdGuardHome/issues/4542 [#4542]: https://github.com/AdguardTeam/AdGuardHome/issues/4542
[#4592]: https://github.com/AdguardTeam/AdGuardHome/issues/4592
[rfc-9250]: https://datatracker.ietf.org/doc/html/rfc9250
[ddr-draft-06]: https://www.ietf.org/archive/id/draft-ietf-add-ddr-06.html [ddr-draft-06]: https://www.ietf.org/archive/id/draft-ietf-add-ddr-06.html
[doq-draft-10]: https://datatracker.ietf.org/doc/html/draft-ietf-dprive-dnsoquic-10#section-10.2
[repr]: https://reproducible-builds.org/docs/source-date-epoch/ [repr]: https://reproducible-builds.org/docs/source-date-epoch/

4
go.mod
View File

@ -3,7 +3,7 @@ module github.com/AdguardTeam/AdGuardHome
go 1.17 go 1.17
require ( require (
github.com/AdguardTeam/dnsproxy v0.42.4 github.com/AdguardTeam/dnsproxy v0.43.0
github.com/AdguardTeam/golibs v0.10.8 github.com/AdguardTeam/golibs v0.10.8
github.com/AdguardTeam/urlfilter v0.16.0 github.com/AdguardTeam/urlfilter v0.16.0
github.com/NYTimes/gziphandler v1.1.1 github.com/NYTimes/gziphandler v1.1.1
@ -17,7 +17,7 @@ require (
github.com/google/renameio v1.0.1 github.com/google/renameio v1.0.1
github.com/insomniacslk/dhcp v0.0.0-20220405050111-12fbdcb11b41 github.com/insomniacslk/dhcp v0.0.0-20220405050111-12fbdcb11b41
github.com/kardianos/service v1.2.1 github.com/kardianos/service v1.2.1
github.com/lucas-clemente/quic-go v0.26.0 github.com/lucas-clemente/quic-go v0.27.1
github.com/mdlayher/ethernet v0.0.0-20220221185849-529eae5b6118 github.com/mdlayher/ethernet v0.0.0-20220221185849-529eae5b6118
github.com/mdlayher/netlink v1.6.0 github.com/mdlayher/netlink v1.6.0
// TODO(a.garipov): This package is deprecated; find a new one or use // TODO(a.garipov): This package is deprecated; find a new one or use

14
go.sum
View File

@ -7,8 +7,8 @@ dmitri.shuralyov.com/html/belt v0.0.0-20180602232347-f7d459c86be0/go.mod h1:JLBr
dmitri.shuralyov.com/service/change v0.0.0-20181023043359-a85b471d5412/go.mod h1:a1inKt/atXimZ4Mv927x+r7UpyzRUf4emIoiiSC2TN4= dmitri.shuralyov.com/service/change v0.0.0-20181023043359-a85b471d5412/go.mod h1:a1inKt/atXimZ4Mv927x+r7UpyzRUf4emIoiiSC2TN4=
dmitri.shuralyov.com/state v0.0.0-20180228185332-28bcc343414c/go.mod h1:0PRwlb0D6DFvNNtx+9ybjezNCa8XF0xaYcETyp6rHWU= dmitri.shuralyov.com/state v0.0.0-20180228185332-28bcc343414c/go.mod h1:0PRwlb0D6DFvNNtx+9ybjezNCa8XF0xaYcETyp6rHWU=
git.apache.org/thrift.git v0.0.0-20180902110319-2566ecd5d999/go.mod h1:fPE2ZNJGynbRyZ4dJvy6G277gSllfV2HJqblrnkyeyg= git.apache.org/thrift.git v0.0.0-20180902110319-2566ecd5d999/go.mod h1:fPE2ZNJGynbRyZ4dJvy6G277gSllfV2HJqblrnkyeyg=
github.com/AdguardTeam/dnsproxy v0.42.4 h1:Rf45a3H6U/8XqWMYAMEsC1g/dVudyfgx4WY8N2syJMw= github.com/AdguardTeam/dnsproxy v0.43.0 h1:K082nx37DaNqSyT3kDtAfgBACNWc+ZDI1Yr/kGppu1k=
github.com/AdguardTeam/dnsproxy v0.42.4/go.mod h1:thHuk3599mgmucsv5J9HR9lBVQHnf4YleE08EbxNrN0= github.com/AdguardTeam/dnsproxy v0.43.0/go.mod h1:JUGTm5dmlll47JltztsT0N//pVJjdg6zu0SNeUeaA7g=
github.com/AdguardTeam/golibs v0.4.0/go.mod h1:skKsDKIBB7kkFflLJBpfGX+G8QFTx0WKUzB6TIgtUj4= github.com/AdguardTeam/golibs v0.4.0/go.mod h1:skKsDKIBB7kkFflLJBpfGX+G8QFTx0WKUzB6TIgtUj4=
github.com/AdguardTeam/golibs v0.4.2/go.mod h1:skKsDKIBB7kkFflLJBpfGX+G8QFTx0WKUzB6TIgtUj4= github.com/AdguardTeam/golibs v0.4.2/go.mod h1:skKsDKIBB7kkFflLJBpfGX+G8QFTx0WKUzB6TIgtUj4=
github.com/AdguardTeam/golibs v0.10.4/go.mod h1:rSfQRGHIdgfxriDDNgNJ7HmE5zRoURq8R+VdR81Zuzw= github.com/AdguardTeam/golibs v0.10.4/go.mod h1:rSfQRGHIdgfxriDDNgNJ7HmE5zRoURq8R+VdR81Zuzw=
@ -143,21 +143,15 @@ github.com/kr/pty v1.1.3/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
github.com/lucas-clemente/quic-go v0.25.0/go.mod h1:YtzP8bxRVCBlO77yRanE264+fY/T2U9ZlW1AaHOsMOg= github.com/lucas-clemente/quic-go v0.27.1 h1:sOw+4kFSVrdWOYmUjufQ9GBVPqZ+tu+jMtXxXNmRJyk=
github.com/lucas-clemente/quic-go v0.26.0 h1:ALBQXr9UJ8A1LyzvceX4jd9QFsHvlI0RR6BkV16o00A= github.com/lucas-clemente/quic-go v0.27.1/go.mod h1:AzgQoPda7N+3IqMMMkywBKggIFo2KT6pfnlrQ2QieeI=
github.com/lucas-clemente/quic-go v0.26.0/go.mod h1:AzgQoPda7N+3IqMMMkywBKggIFo2KT6pfnlrQ2QieeI=
github.com/lunixbochs/vtclean v1.0.0/go.mod h1:pHhQNgMf3btfWnGBVipUOjRYhoOsdGqdm/+2c2E2WMI= github.com/lunixbochs/vtclean v1.0.0/go.mod h1:pHhQNgMf3btfWnGBVipUOjRYhoOsdGqdm/+2c2E2WMI=
github.com/mailru/easyjson v0.0.0-20190312143242-1de009706dbe/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20190312143242-1de009706dbe/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
github.com/marten-seemann/qpack v0.2.1/go.mod h1:F7Gl5L1jIgN1D11ucXefiuJS9UMVP2opoCp2jDKb7wc= github.com/marten-seemann/qpack v0.2.1/go.mod h1:F7Gl5L1jIgN1D11ucXefiuJS9UMVP2opoCp2jDKb7wc=
github.com/marten-seemann/qtls-go1-15 v0.1.4/go.mod h1:GyFwywLKkRt+6mfU99csTEY1joMZz5vmB1WNZH3P81I=
github.com/marten-seemann/qtls-go1-16 v0.1.4/go.mod h1:gNpI2Ol+lRS3WwSOtIUUtRwZEQMXjYK+dQSBFbethAk=
github.com/marten-seemann/qtls-go1-16 v0.1.5 h1:o9JrYPPco/Nukd/HpOHMHZoBDXQqoNtUCmny98/1uqQ= github.com/marten-seemann/qtls-go1-16 v0.1.5 h1:o9JrYPPco/Nukd/HpOHMHZoBDXQqoNtUCmny98/1uqQ=
github.com/marten-seemann/qtls-go1-16 v0.1.5/go.mod h1:gNpI2Ol+lRS3WwSOtIUUtRwZEQMXjYK+dQSBFbethAk= github.com/marten-seemann/qtls-go1-16 v0.1.5/go.mod h1:gNpI2Ol+lRS3WwSOtIUUtRwZEQMXjYK+dQSBFbethAk=
github.com/marten-seemann/qtls-go1-17 v0.1.0/go.mod h1:fz4HIxByo+LlWcreM4CZOYNuz3taBQ8rN2X6FqvaWo8=
github.com/marten-seemann/qtls-go1-17 v0.1.1 h1:DQjHPq+aOzUeh9/lixAGunn6rIOQyWChPSI4+hgW7jc= github.com/marten-seemann/qtls-go1-17 v0.1.1 h1:DQjHPq+aOzUeh9/lixAGunn6rIOQyWChPSI4+hgW7jc=
github.com/marten-seemann/qtls-go1-17 v0.1.1/go.mod h1:C2ekUKcDdz9SDWxec1N/MvcXBpaX9l3Nx67XaR84L5s= github.com/marten-seemann/qtls-go1-17 v0.1.1/go.mod h1:C2ekUKcDdz9SDWxec1N/MvcXBpaX9l3Nx67XaR84L5s=
github.com/marten-seemann/qtls-go1-18 v0.1.0-beta.1/go.mod h1:PUhIQk19LoFt2174H4+an8TYvWOGjb/hHwphBeaDHwI=
github.com/marten-seemann/qtls-go1-18 v0.1.0/go.mod h1:PUhIQk19LoFt2174H4+an8TYvWOGjb/hHwphBeaDHwI=
github.com/marten-seemann/qtls-go1-18 v0.1.1 h1:qp7p7XXUFL7fpBvSS1sWD+uSqPvzNQK43DH+/qEkj0Y= github.com/marten-seemann/qtls-go1-18 v0.1.1 h1:qp7p7XXUFL7fpBvSS1sWD+uSqPvzNQK43DH+/qEkj0Y=
github.com/marten-seemann/qtls-go1-18 v0.1.1/go.mod h1:mJttiymBAByA49mhlNZZGrH5u1uXYZJ+RW28Py7f4m4= github.com/marten-seemann/qtls-go1-18 v0.1.1/go.mod h1:mJttiymBAByA49mhlNZZGrH5u1uXYZJ+RW28Py7f4m4=
github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=

View File

@ -112,8 +112,8 @@ type tlsConn interface {
ConnectionState() (cs tls.ConnectionState) ConnectionState() (cs tls.ConnectionState)
} }
// quicSession is a narrow interface for quic.Session to simplify testing. // quicConnection is a narrow interface for quic.Connection to simplify testing.
type quicSession interface { type quicConnection interface {
ConnectionState() (cs quic.ConnectionState) ConnectionState() (cs quic.ConnectionState)
} }
@ -148,16 +148,16 @@ func (s *Server) clientIDFromDNSContext(pctx *proxy.DNSContext) (clientID string
cliSrvName = tc.ConnectionState().ServerName cliSrvName = tc.ConnectionState().ServerName
case proxy.ProtoQUIC: case proxy.ProtoQUIC:
qs, ok := pctx.QUICSession.(quicSession) conn, ok := pctx.QUICConnection.(quicConnection)
if !ok { if !ok {
return "", fmt.Errorf( return "", fmt.Errorf(
"proxy ctx quic session of proto %s is %T, want quic.Session", "proxy ctx quic conn of proto %s is %T, want quic.Connection",
proto, proto,
pctx.QUICSession, pctx.QUICConnection,
) )
} }
cliSrvName = qs.ConnectionState().TLS.ServerName cliSrvName = conn.ConnectionState().TLS.ServerName
} }
clientID, err = clientIDFromClientServerName( clientID, err = clientIDFromClientServerName(

View File

@ -29,17 +29,18 @@ func (c testTLSConn) ConnectionState() (cs tls.ConnectionState) {
return cs return cs
} }
// testQUICSession is a quicSession for tests. // testQUICConnection is a quicConnection for tests.
type testQUICSession struct { type testQUICConnection struct {
// Session is embedded here simply to make testQUICSession a quic.Session // Connection is embedded here simply to make testQUICConnection a
// without actually implementing all methods. // quic.Connection without actually implementing all methods.
quic.Session quic.Connection
serverName string serverName string
} }
// ConnectionState implements the quicSession interface for testQUICSession. // ConnectionState implements the quicConnection interface for
func (c testQUICSession) ConnectionState() (cs quic.ConnectionState) { // testQUICConnection.
func (c testQUICConnection) ConnectionState() (cs quic.ConnectionState) {
cs.TLS.ServerName = c.serverName cs.TLS.ServerName = c.serverName
return cs return cs
@ -179,9 +180,9 @@ func TestServer_clientIDFromDNSContext(t *testing.T) {
} }
} }
var qs quic.Session var qconn quic.Connection
if tc.proto == proxy.ProtoQUIC { if tc.proto == proxy.ProtoQUIC {
qs = testQUICSession{ qconn = testQUICConnection{
serverName: tc.cliSrvName, serverName: tc.cliSrvName,
} }
} }
@ -189,7 +190,7 @@ func TestServer_clientIDFromDNSContext(t *testing.T) {
pctx := &proxy.DNSContext{ pctx := &proxy.DNSContext{
Proto: tc.proto, Proto: tc.proto,
Conn: conn, Conn: conn,
QUICSession: qs, QUICConnection: qconn,
} }
clientID, err := srv.clientIDFromDNSContext(pctx) clientID, err := srv.clientIDFromDNSContext(pctx)