Pull request: all: upd dnsproxy, supp rfc 9250
Updates #4592. Squashed commit of the following: commit 1a80875d6aa7811d7d1d978f6fa8d558dec1ca87 Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Tue May 24 19:28:27 2022 +0300 all: upd dnsproxy, supp rfc 9250
This commit is contained in:
parent
c0ac82be6a
commit
a82ec09afd
10
CHANGELOG.md
10
CHANGELOG.md
|
@ -23,6 +23,7 @@ and this project adheres to
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
||||||
|
- Support for the final DNS-over-QUIC standard, [RFC 9250][rfc-9250] ([#4592]).
|
||||||
- Support upstreams for subdomains of a domain only ([#4503]).
|
- Support upstreams for subdomains of a domain only ([#4503]).
|
||||||
- Support for Discovery of Designated Resolvers (DDR) according to the [RFC
|
- Support for Discovery of Designated Resolvers (DDR) according to the [RFC
|
||||||
draft][ddr-draft-06] ([#4463]).
|
draft][ddr-draft-06] ([#4463]).
|
||||||
|
@ -45,7 +46,7 @@ and this project adheres to
|
||||||
instead of the `/bin/sh` one ([#4533]). To apply this change, backup your
|
instead of the `/bin/sh` one ([#4533]). To apply this change, backup your
|
||||||
data and run `AdGuardHome -s uninstall && AdGuardHome -s install`.
|
data and run `AdGuardHome -s uninstall && AdGuardHome -s install`.
|
||||||
- The default DNS-over-QUIC port number is now `853` instead of `754` in
|
- The default DNS-over-QUIC port number is now `853` instead of `754` in
|
||||||
accordance with the latest [RFC draft][doq-draft-10] ([#4276]).
|
accordance with [RFC 9250][rfc-9250] ([#4276]).
|
||||||
- Reverse DNS now has a greater priority as the source of runtime clients'
|
- Reverse DNS now has a greater priority as the source of runtime clients'
|
||||||
information than ARP neighborhood.
|
information than ARP neighborhood.
|
||||||
- Improved detection of runtime clients through more resilient ARP processing
|
- Improved detection of runtime clients through more resilient ARP processing
|
||||||
|
@ -100,7 +101,7 @@ In this release, the schema version has changed from 12 to 14.
|
||||||
`dns.resolve_clients` property. To rollback this change, remove the
|
`dns.resolve_clients` property. To rollback this change, remove the
|
||||||
`runtime_sources` property, move the contents of `persistent` into the
|
`runtime_sources` property, move the contents of `persistent` into the
|
||||||
`clients` itself, the value of `clients.runtime_sources.rdns` into the
|
`clients` itself, the value of `clients.runtime_sources.rdns` into the
|
||||||
`dns.resolve_clietns`, and change the `schema_version` back to `13`.
|
`dns.resolve_clients`, and change the `schema_version` back to `13`.
|
||||||
- Property `local_domain_name`, which in schema versions 12 and earlier used to
|
- Property `local_domain_name`, which in schema versions 12 and earlier used to
|
||||||
be a part of the `dns` object, is now a part of the `dhcp` object:
|
be a part of the `dns` object, is now a part of the `dhcp` object:
|
||||||
|
|
||||||
|
@ -131,7 +132,7 @@ In this release, the schema version has changed from 12 to 14.
|
||||||
- Service startup on boot on systems using SysV-init ([#4480]).
|
- Service startup on boot on systems using SysV-init ([#4480]).
|
||||||
- Detection of the stopped service status on macOS and Linux ([#4273]).
|
- Detection of the stopped service status on macOS and Linux ([#4273]).
|
||||||
- Case-sensitive ClientID ([#4542]).
|
- Case-sensitive ClientID ([#4542]).
|
||||||
- Slow version update queries making other HTTP APIs unresponsible ([#4499]).
|
- Slow version update queries making other HTTP APIs unresponsive ([#4499]).
|
||||||
- ARP tables refreshing process causing excessive PTR requests ([#3157]).
|
- ARP tables refreshing process causing excessive PTR requests ([#3157]).
|
||||||
|
|
||||||
[#1730]: https://github.com/AdguardTeam/AdGuardHome/issues/1730
|
[#1730]: https://github.com/AdguardTeam/AdGuardHome/issues/1730
|
||||||
|
@ -156,9 +157,10 @@ In this release, the schema version has changed from 12 to 14.
|
||||||
[#4503]: https://github.com/AdguardTeam/AdGuardHome/issues/4503
|
[#4503]: https://github.com/AdguardTeam/AdGuardHome/issues/4503
|
||||||
[#4533]: https://github.com/AdguardTeam/AdGuardHome/issues/4533
|
[#4533]: https://github.com/AdguardTeam/AdGuardHome/issues/4533
|
||||||
[#4542]: https://github.com/AdguardTeam/AdGuardHome/issues/4542
|
[#4542]: https://github.com/AdguardTeam/AdGuardHome/issues/4542
|
||||||
|
[#4592]: https://github.com/AdguardTeam/AdGuardHome/issues/4592
|
||||||
|
|
||||||
|
[rfc-9250]: https://datatracker.ietf.org/doc/html/rfc9250
|
||||||
[ddr-draft-06]: https://www.ietf.org/archive/id/draft-ietf-add-ddr-06.html
|
[ddr-draft-06]: https://www.ietf.org/archive/id/draft-ietf-add-ddr-06.html
|
||||||
[doq-draft-10]: https://datatracker.ietf.org/doc/html/draft-ietf-dprive-dnsoquic-10#section-10.2
|
|
||||||
[repr]: https://reproducible-builds.org/docs/source-date-epoch/
|
[repr]: https://reproducible-builds.org/docs/source-date-epoch/
|
||||||
|
|
||||||
|
|
||||||
|
|
4
go.mod
4
go.mod
|
@ -3,7 +3,7 @@ module github.com/AdguardTeam/AdGuardHome
|
||||||
go 1.17
|
go 1.17
|
||||||
|
|
||||||
require (
|
require (
|
||||||
github.com/AdguardTeam/dnsproxy v0.42.4
|
github.com/AdguardTeam/dnsproxy v0.43.0
|
||||||
github.com/AdguardTeam/golibs v0.10.8
|
github.com/AdguardTeam/golibs v0.10.8
|
||||||
github.com/AdguardTeam/urlfilter v0.16.0
|
github.com/AdguardTeam/urlfilter v0.16.0
|
||||||
github.com/NYTimes/gziphandler v1.1.1
|
github.com/NYTimes/gziphandler v1.1.1
|
||||||
|
@ -17,7 +17,7 @@ require (
|
||||||
github.com/google/renameio v1.0.1
|
github.com/google/renameio v1.0.1
|
||||||
github.com/insomniacslk/dhcp v0.0.0-20220405050111-12fbdcb11b41
|
github.com/insomniacslk/dhcp v0.0.0-20220405050111-12fbdcb11b41
|
||||||
github.com/kardianos/service v1.2.1
|
github.com/kardianos/service v1.2.1
|
||||||
github.com/lucas-clemente/quic-go v0.26.0
|
github.com/lucas-clemente/quic-go v0.27.1
|
||||||
github.com/mdlayher/ethernet v0.0.0-20220221185849-529eae5b6118
|
github.com/mdlayher/ethernet v0.0.0-20220221185849-529eae5b6118
|
||||||
github.com/mdlayher/netlink v1.6.0
|
github.com/mdlayher/netlink v1.6.0
|
||||||
// TODO(a.garipov): This package is deprecated; find a new one or use
|
// TODO(a.garipov): This package is deprecated; find a new one or use
|
||||||
|
|
14
go.sum
14
go.sum
|
@ -7,8 +7,8 @@ dmitri.shuralyov.com/html/belt v0.0.0-20180602232347-f7d459c86be0/go.mod h1:JLBr
|
||||||
dmitri.shuralyov.com/service/change v0.0.0-20181023043359-a85b471d5412/go.mod h1:a1inKt/atXimZ4Mv927x+r7UpyzRUf4emIoiiSC2TN4=
|
dmitri.shuralyov.com/service/change v0.0.0-20181023043359-a85b471d5412/go.mod h1:a1inKt/atXimZ4Mv927x+r7UpyzRUf4emIoiiSC2TN4=
|
||||||
dmitri.shuralyov.com/state v0.0.0-20180228185332-28bcc343414c/go.mod h1:0PRwlb0D6DFvNNtx+9ybjezNCa8XF0xaYcETyp6rHWU=
|
dmitri.shuralyov.com/state v0.0.0-20180228185332-28bcc343414c/go.mod h1:0PRwlb0D6DFvNNtx+9ybjezNCa8XF0xaYcETyp6rHWU=
|
||||||
git.apache.org/thrift.git v0.0.0-20180902110319-2566ecd5d999/go.mod h1:fPE2ZNJGynbRyZ4dJvy6G277gSllfV2HJqblrnkyeyg=
|
git.apache.org/thrift.git v0.0.0-20180902110319-2566ecd5d999/go.mod h1:fPE2ZNJGynbRyZ4dJvy6G277gSllfV2HJqblrnkyeyg=
|
||||||
github.com/AdguardTeam/dnsproxy v0.42.4 h1:Rf45a3H6U/8XqWMYAMEsC1g/dVudyfgx4WY8N2syJMw=
|
github.com/AdguardTeam/dnsproxy v0.43.0 h1:K082nx37DaNqSyT3kDtAfgBACNWc+ZDI1Yr/kGppu1k=
|
||||||
github.com/AdguardTeam/dnsproxy v0.42.4/go.mod h1:thHuk3599mgmucsv5J9HR9lBVQHnf4YleE08EbxNrN0=
|
github.com/AdguardTeam/dnsproxy v0.43.0/go.mod h1:JUGTm5dmlll47JltztsT0N//pVJjdg6zu0SNeUeaA7g=
|
||||||
github.com/AdguardTeam/golibs v0.4.0/go.mod h1:skKsDKIBB7kkFflLJBpfGX+G8QFTx0WKUzB6TIgtUj4=
|
github.com/AdguardTeam/golibs v0.4.0/go.mod h1:skKsDKIBB7kkFflLJBpfGX+G8QFTx0WKUzB6TIgtUj4=
|
||||||
github.com/AdguardTeam/golibs v0.4.2/go.mod h1:skKsDKIBB7kkFflLJBpfGX+G8QFTx0WKUzB6TIgtUj4=
|
github.com/AdguardTeam/golibs v0.4.2/go.mod h1:skKsDKIBB7kkFflLJBpfGX+G8QFTx0WKUzB6TIgtUj4=
|
||||||
github.com/AdguardTeam/golibs v0.10.4/go.mod h1:rSfQRGHIdgfxriDDNgNJ7HmE5zRoURq8R+VdR81Zuzw=
|
github.com/AdguardTeam/golibs v0.10.4/go.mod h1:rSfQRGHIdgfxriDDNgNJ7HmE5zRoURq8R+VdR81Zuzw=
|
||||||
|
@ -143,21 +143,15 @@ github.com/kr/pty v1.1.3/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
|
||||||
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
|
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
|
||||||
github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
|
github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
|
||||||
github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
|
github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
|
||||||
github.com/lucas-clemente/quic-go v0.25.0/go.mod h1:YtzP8bxRVCBlO77yRanE264+fY/T2U9ZlW1AaHOsMOg=
|
github.com/lucas-clemente/quic-go v0.27.1 h1:sOw+4kFSVrdWOYmUjufQ9GBVPqZ+tu+jMtXxXNmRJyk=
|
||||||
github.com/lucas-clemente/quic-go v0.26.0 h1:ALBQXr9UJ8A1LyzvceX4jd9QFsHvlI0RR6BkV16o00A=
|
github.com/lucas-clemente/quic-go v0.27.1/go.mod h1:AzgQoPda7N+3IqMMMkywBKggIFo2KT6pfnlrQ2QieeI=
|
||||||
github.com/lucas-clemente/quic-go v0.26.0/go.mod h1:AzgQoPda7N+3IqMMMkywBKggIFo2KT6pfnlrQ2QieeI=
|
|
||||||
github.com/lunixbochs/vtclean v1.0.0/go.mod h1:pHhQNgMf3btfWnGBVipUOjRYhoOsdGqdm/+2c2E2WMI=
|
github.com/lunixbochs/vtclean v1.0.0/go.mod h1:pHhQNgMf3btfWnGBVipUOjRYhoOsdGqdm/+2c2E2WMI=
|
||||||
github.com/mailru/easyjson v0.0.0-20190312143242-1de009706dbe/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
|
github.com/mailru/easyjson v0.0.0-20190312143242-1de009706dbe/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
|
||||||
github.com/marten-seemann/qpack v0.2.1/go.mod h1:F7Gl5L1jIgN1D11ucXefiuJS9UMVP2opoCp2jDKb7wc=
|
github.com/marten-seemann/qpack v0.2.1/go.mod h1:F7Gl5L1jIgN1D11ucXefiuJS9UMVP2opoCp2jDKb7wc=
|
||||||
github.com/marten-seemann/qtls-go1-15 v0.1.4/go.mod h1:GyFwywLKkRt+6mfU99csTEY1joMZz5vmB1WNZH3P81I=
|
|
||||||
github.com/marten-seemann/qtls-go1-16 v0.1.4/go.mod h1:gNpI2Ol+lRS3WwSOtIUUtRwZEQMXjYK+dQSBFbethAk=
|
|
||||||
github.com/marten-seemann/qtls-go1-16 v0.1.5 h1:o9JrYPPco/Nukd/HpOHMHZoBDXQqoNtUCmny98/1uqQ=
|
github.com/marten-seemann/qtls-go1-16 v0.1.5 h1:o9JrYPPco/Nukd/HpOHMHZoBDXQqoNtUCmny98/1uqQ=
|
||||||
github.com/marten-seemann/qtls-go1-16 v0.1.5/go.mod h1:gNpI2Ol+lRS3WwSOtIUUtRwZEQMXjYK+dQSBFbethAk=
|
github.com/marten-seemann/qtls-go1-16 v0.1.5/go.mod h1:gNpI2Ol+lRS3WwSOtIUUtRwZEQMXjYK+dQSBFbethAk=
|
||||||
github.com/marten-seemann/qtls-go1-17 v0.1.0/go.mod h1:fz4HIxByo+LlWcreM4CZOYNuz3taBQ8rN2X6FqvaWo8=
|
|
||||||
github.com/marten-seemann/qtls-go1-17 v0.1.1 h1:DQjHPq+aOzUeh9/lixAGunn6rIOQyWChPSI4+hgW7jc=
|
github.com/marten-seemann/qtls-go1-17 v0.1.1 h1:DQjHPq+aOzUeh9/lixAGunn6rIOQyWChPSI4+hgW7jc=
|
||||||
github.com/marten-seemann/qtls-go1-17 v0.1.1/go.mod h1:C2ekUKcDdz9SDWxec1N/MvcXBpaX9l3Nx67XaR84L5s=
|
github.com/marten-seemann/qtls-go1-17 v0.1.1/go.mod h1:C2ekUKcDdz9SDWxec1N/MvcXBpaX9l3Nx67XaR84L5s=
|
||||||
github.com/marten-seemann/qtls-go1-18 v0.1.0-beta.1/go.mod h1:PUhIQk19LoFt2174H4+an8TYvWOGjb/hHwphBeaDHwI=
|
|
||||||
github.com/marten-seemann/qtls-go1-18 v0.1.0/go.mod h1:PUhIQk19LoFt2174H4+an8TYvWOGjb/hHwphBeaDHwI=
|
|
||||||
github.com/marten-seemann/qtls-go1-18 v0.1.1 h1:qp7p7XXUFL7fpBvSS1sWD+uSqPvzNQK43DH+/qEkj0Y=
|
github.com/marten-seemann/qtls-go1-18 v0.1.1 h1:qp7p7XXUFL7fpBvSS1sWD+uSqPvzNQK43DH+/qEkj0Y=
|
||||||
github.com/marten-seemann/qtls-go1-18 v0.1.1/go.mod h1:mJttiymBAByA49mhlNZZGrH5u1uXYZJ+RW28Py7f4m4=
|
github.com/marten-seemann/qtls-go1-18 v0.1.1/go.mod h1:mJttiymBAByA49mhlNZZGrH5u1uXYZJ+RW28Py7f4m4=
|
||||||
github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
|
github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
|
||||||
|
|
|
@ -112,8 +112,8 @@ type tlsConn interface {
|
||||||
ConnectionState() (cs tls.ConnectionState)
|
ConnectionState() (cs tls.ConnectionState)
|
||||||
}
|
}
|
||||||
|
|
||||||
// quicSession is a narrow interface for quic.Session to simplify testing.
|
// quicConnection is a narrow interface for quic.Connection to simplify testing.
|
||||||
type quicSession interface {
|
type quicConnection interface {
|
||||||
ConnectionState() (cs quic.ConnectionState)
|
ConnectionState() (cs quic.ConnectionState)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -148,16 +148,16 @@ func (s *Server) clientIDFromDNSContext(pctx *proxy.DNSContext) (clientID string
|
||||||
|
|
||||||
cliSrvName = tc.ConnectionState().ServerName
|
cliSrvName = tc.ConnectionState().ServerName
|
||||||
case proxy.ProtoQUIC:
|
case proxy.ProtoQUIC:
|
||||||
qs, ok := pctx.QUICSession.(quicSession)
|
conn, ok := pctx.QUICConnection.(quicConnection)
|
||||||
if !ok {
|
if !ok {
|
||||||
return "", fmt.Errorf(
|
return "", fmt.Errorf(
|
||||||
"proxy ctx quic session of proto %s is %T, want quic.Session",
|
"proxy ctx quic conn of proto %s is %T, want quic.Connection",
|
||||||
proto,
|
proto,
|
||||||
pctx.QUICSession,
|
pctx.QUICConnection,
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
||||||
cliSrvName = qs.ConnectionState().TLS.ServerName
|
cliSrvName = conn.ConnectionState().TLS.ServerName
|
||||||
}
|
}
|
||||||
|
|
||||||
clientID, err = clientIDFromClientServerName(
|
clientID, err = clientIDFromClientServerName(
|
||||||
|
|
|
@ -29,17 +29,18 @@ func (c testTLSConn) ConnectionState() (cs tls.ConnectionState) {
|
||||||
return cs
|
return cs
|
||||||
}
|
}
|
||||||
|
|
||||||
// testQUICSession is a quicSession for tests.
|
// testQUICConnection is a quicConnection for tests.
|
||||||
type testQUICSession struct {
|
type testQUICConnection struct {
|
||||||
// Session is embedded here simply to make testQUICSession a quic.Session
|
// Connection is embedded here simply to make testQUICConnection a
|
||||||
// without actually implementing all methods.
|
// quic.Connection without actually implementing all methods.
|
||||||
quic.Session
|
quic.Connection
|
||||||
|
|
||||||
serverName string
|
serverName string
|
||||||
}
|
}
|
||||||
|
|
||||||
// ConnectionState implements the quicSession interface for testQUICSession.
|
// ConnectionState implements the quicConnection interface for
|
||||||
func (c testQUICSession) ConnectionState() (cs quic.ConnectionState) {
|
// testQUICConnection.
|
||||||
|
func (c testQUICConnection) ConnectionState() (cs quic.ConnectionState) {
|
||||||
cs.TLS.ServerName = c.serverName
|
cs.TLS.ServerName = c.serverName
|
||||||
|
|
||||||
return cs
|
return cs
|
||||||
|
@ -179,9 +180,9 @@ func TestServer_clientIDFromDNSContext(t *testing.T) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
var qs quic.Session
|
var qconn quic.Connection
|
||||||
if tc.proto == proxy.ProtoQUIC {
|
if tc.proto == proxy.ProtoQUIC {
|
||||||
qs = testQUICSession{
|
qconn = testQUICConnection{
|
||||||
serverName: tc.cliSrvName,
|
serverName: tc.cliSrvName,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -189,7 +190,7 @@ func TestServer_clientIDFromDNSContext(t *testing.T) {
|
||||||
pctx := &proxy.DNSContext{
|
pctx := &proxy.DNSContext{
|
||||||
Proto: tc.proto,
|
Proto: tc.proto,
|
||||||
Conn: conn,
|
Conn: conn,
|
||||||
QUICSession: qs,
|
QUICConnection: qconn,
|
||||||
}
|
}
|
||||||
|
|
||||||
clientID, err := srv.clientIDFromDNSContext(pctx)
|
clientID, err := srv.clientIDFromDNSContext(pctx)
|
||||||
|
|
Loading…
Reference in New Issue