From 14bc5297ac6cb7c6dbc74d55239eeb16c041c048 Mon Sep 17 00:00:00 2001 From: ArtemBaskal Date: Mon, 7 Sep 2020 13:50:03 +0300 Subject: [PATCH 1/3] + client: Add experimental DNS-over-QUIC support --- client/src/__locales/en.json | 8 +++++ client/src/actions/encryption.js | 2 ++ .../Settings/Dns/Upstream/Examples.js | 19 +++++++++++ .../components/Settings/Encryption/Form.js | 33 +++++++++++++++++-- .../components/Settings/Encryption/index.js | 2 ++ client/src/components/Settings/Settings.css | 2 +- client/src/helpers/constants.js | 1 + client/src/helpers/validators.js | 6 ++++ 8 files changed, 70 insertions(+), 3 deletions(-) diff --git a/client/src/__locales/en.json b/client/src/__locales/en.json index 6cce0d91..58e270be 100644 --- a/client/src/__locales/en.json +++ b/client/src/__locales/en.json @@ -186,6 +186,7 @@ "example_upstream_regular": "regular DNS (over UDP)", "example_upstream_dot": "encrypted <0>DNS-over-TLS", "example_upstream_doh": "encrypted <0>DNS-over-HTTPS", + "example_upstream_doq": "encrypted <0>DNS-over-QUIC", "example_upstream_sdns": "you can use <0>DNS Stamps for <1>DNSCrypt or <2>DNS-over-HTTPS resolvers", "example_upstream_tcp": "regular DNS (over TCP)", "all_lists_up_to_date_toast": "All lists are already up-to-date", @@ -330,6 +331,8 @@ "encryption_https_desc": "If HTTPS port is configured, AdGuard Home admin interface will be accessible via HTTPS, and it will also provide DNS-over-HTTPS on '/dns-query' location.", "encryption_dot": "DNS-over-TLS port", "encryption_dot_desc": "If this port is configured, AdGuard Home will run a DNS-over-TLS server on this port.", + "encryption_doq": "DNS-over-QUIC port", + "encryption_doq_desc": "If this port is configured, AdGuard Home will run a DNS-over-QUIC server on this port. It's experimental and may not be reliable at the moment. The only DNS provider that supports it now is AdGuard DNS", "encryption_certificates": "Certificates", "encryption_certificates_desc": "In order to use encryption, you need to provide a valid SSL certificates chain for your domain. You can get a free certificate on <0>{{link}} or you can buy it from one of the trusted Certificate Authorities.", "encryption_certificates_input": "Copy/paste your PEM-encoded certificates here.", @@ -574,5 +577,10 @@ "original_response": "Original response", "click_to_view_queries": "Click to view queries", "port_53_faq_link": "Port 53 is often occupied by \"DNSStubListener\" or \"systemd-resolved\" services. Please read <0>this instruction on how to resolve this.", +<<<<<<< Updated upstream "adg_will_drop_dns_queries": "AdGuard Home will be dropping all DNS queries from this client." +======= + "adg_will_drop_dns_queries": "AdGuard Home will be dropping all DNS queries from this client.", + "experimental": "Experimental" +>>>>>>> Stashed changes } diff --git a/client/src/actions/encryption.js b/client/src/actions/encryption.js index 0e743323..36faf2ec 100644 --- a/client/src/actions/encryption.js +++ b/client/src/actions/encryption.js @@ -34,6 +34,7 @@ export const setTlsConfig = (config) => async (dispatch, getState) => { values.private_key = btoa(values.private_key); values.port_https = values.port_https || 0; values.port_dns_over_tls = values.port_dns_over_tls || 0; + values.port_dns_over_quic = values.port_dns_over_quic || 0; const response = await apiClient.setTlsConfig(values); response.certificate_chain = atob(response.certificate_chain); @@ -59,6 +60,7 @@ export const validateTlsConfig = (config) => async (dispatch) => { values.private_key = btoa(values.private_key); values.port_https = values.port_https || 0; values.port_dns_over_tls = values.port_dns_over_tls || 0; + values.port_dns_over_quic = values.port_dns_over_quic || 0; const response = await apiClient.validateTlsConfig(values); response.certificate_chain = atob(response.certificate_chain); diff --git a/client/src/components/Settings/Dns/Upstream/Examples.js b/client/src/components/Settings/Dns/Upstream/Examples.js index de779b18..a18c1c90 100644 --- a/client/src/components/Settings/Dns/Upstream/Examples.js +++ b/client/src/components/Settings/Dns/Upstream/Examples.js @@ -63,6 +63,25 @@ const Examples = (props) => ( +
  • + quic://dns-unfiltered.adguard.com:784 –  + + + DNS-over-QUIC + , + ]} + > + example_upstream_doq + + +
  • tcp://9.9.9.9example_upstream_tcp
  • diff --git a/client/src/components/Settings/Encryption/Form.js b/client/src/components/Settings/Encryption/Form.js index 7be23b10..ee56b315 100644 --- a/client/src/components/Settings/Encryption/Form.js +++ b/client/src/components/Settings/Encryption/Form.js @@ -11,11 +11,15 @@ import { renderRadioField, toNumber, } from '../../../helpers/form'; -import { validateIsSafePort, validatePort, validatePortTLS } from '../../../helpers/validators'; +import { + validateIsSafePort, validatePort, validatePortQuic, validatePortTLS, +} from '../../../helpers/validators'; import i18n from '../../../i18n'; import KeyStatus from './KeyStatus'; import CertificateStatus from './CertificateStatus'; -import { DNS_OVER_TLS_PORT, FORM_NAME, STANDARD_HTTPS_PORT } from '../../../helpers/constants'; +import { + DNS_OVER_QUIC_PORT, DNS_OVER_TLS_PORT, FORM_NAME, STANDARD_HTTPS_PORT, +} from '../../../helpers/constants'; const validate = (values) => { const errors = {}; @@ -38,6 +42,7 @@ const clearFields = (change, setTlsConfig, t) => { certificate_path: '', port_https: STANDARD_HTTPS_PORT, port_dns_over_tls: DNS_OVER_TLS_PORT, + port_dns_over_quic: DNS_OVER_QUIC_PORT, server_name: '', force_https: false, enabled: false, @@ -189,6 +194,30 @@ let Form = (props) => { +
    +
    + + +
    + encryption_doq_desc +
    +
    +
    diff --git a/client/src/components/Settings/Encryption/index.js b/client/src/components/Settings/Encryption/index.js index 7c2cccc8..f7ca52e0 100644 --- a/client/src/components/Settings/Encryption/index.js +++ b/client/src/components/Settings/Encryption/index.js @@ -66,6 +66,7 @@ class Encryption extends Component { force_https, port_https, port_dns_over_tls, + port_dns_over_quic, certificate_chain, private_key, certificate_path, @@ -78,6 +79,7 @@ class Encryption extends Component { force_https, port_https, port_dns_over_tls, + port_dns_over_quic, certificate_chain, private_key, certificate_path, diff --git a/client/src/components/Settings/Settings.css b/client/src/components/Settings/Settings.css index 3bf1a121..4efb0868 100644 --- a/client/src/components/Settings/Settings.css +++ b/client/src/components/Settings/Settings.css @@ -54,7 +54,7 @@ } .form__message--error { - color: var(--red); + color: #cd201f; } .form__message--left-pad { diff --git a/client/src/helpers/constants.js b/client/src/helpers/constants.js index e0075a25..1020a50c 100644 --- a/client/src/helpers/constants.js +++ b/client/src/helpers/constants.js @@ -69,6 +69,7 @@ export const STANDARD_DNS_PORT = 53; export const STANDARD_WEB_PORT = 80; export const STANDARD_HTTPS_PORT = 443; export const DNS_OVER_TLS_PORT = 853; +export const DNS_OVER_QUIC_PORT = 784; export const MAX_PORT = 65535; export const EMPTY_DATE = '0001-01-01T00:00:00Z'; diff --git a/client/src/helpers/validators.js b/client/src/helpers/validators.js index 45055154..64c5fa49 100644 --- a/client/src/helpers/validators.js +++ b/client/src/helpers/validators.js @@ -180,6 +180,12 @@ export const validatePortTLS = (value) => { return undefined; }; +/** + * @param value {number} + * @returns {undefined|string} + */ +export const validatePortQuic = validatePortTLS; + /** * @param value {number} * @returns {undefined|string} From 4d1666eff1f5643dab485e35051677c103dd20b2 Mon Sep 17 00:00:00 2001 From: ArtemBaskal Date: Mon, 7 Sep 2020 13:52:23 +0300 Subject: [PATCH 2/3] Resolve conflict --- client/src/__locales/en.json | 4 ---- 1 file changed, 4 deletions(-) diff --git a/client/src/__locales/en.json b/client/src/__locales/en.json index 58e270be..eafb667b 100644 --- a/client/src/__locales/en.json +++ b/client/src/__locales/en.json @@ -577,10 +577,6 @@ "original_response": "Original response", "click_to_view_queries": "Click to view queries", "port_53_faq_link": "Port 53 is often occupied by \"DNSStubListener\" or \"systemd-resolved\" services. Please read <0>this instruction on how to resolve this.", -<<<<<<< Updated upstream - "adg_will_drop_dns_queries": "AdGuard Home will be dropping all DNS queries from this client." -======= "adg_will_drop_dns_queries": "AdGuard Home will be dropping all DNS queries from this client.", "experimental": "Experimental" ->>>>>>> Stashed changes } From 9f3c27c03a6fcba71ee84e3826c3e10bd270c348 Mon Sep 17 00:00:00 2001 From: ArtemBaskal Date: Tue, 8 Sep 2020 10:17:39 +0300 Subject: [PATCH 3/3] Change link and translation --- client/src/__locales/en.json | 2 +- client/src/components/Settings/Dns/Upstream/Examples.js | 4 +++- client/src/components/Settings/Encryption/Form.js | 2 +- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/client/src/__locales/en.json b/client/src/__locales/en.json index eafb667b..6abd1d4c 100644 --- a/client/src/__locales/en.json +++ b/client/src/__locales/en.json @@ -332,7 +332,7 @@ "encryption_dot": "DNS-over-TLS port", "encryption_dot_desc": "If this port is configured, AdGuard Home will run a DNS-over-TLS server on this port.", "encryption_doq": "DNS-over-QUIC port", - "encryption_doq_desc": "If this port is configured, AdGuard Home will run a DNS-over-QUIC server on this port. It's experimental and may not be reliable at the moment. The only DNS provider that supports it now is AdGuard DNS", + "encryption_doq_desc": "If this port is configured, AdGuard Home will run a DNS-over-QUIC server on this port. It's experimental and may not be reliable. Also, there are not too many clients that support it at the moment.", "encryption_certificates": "Certificates", "encryption_certificates_desc": "In order to use encryption, you need to provide a valid SSL certificates chain for your domain. You can get a free certificate on <0>{{link}} or you can buy it from one of the trusted Certificate Authorities.", "encryption_certificates_input": "Copy/paste your PEM-encoded certificates here.", diff --git a/client/src/components/Settings/Dns/Upstream/Examples.js b/client/src/components/Settings/Dns/Upstream/Examples.js index a18c1c90..70797909 100644 --- a/client/src/components/Settings/Dns/Upstream/Examples.js +++ b/client/src/components/Settings/Dns/Upstream/Examples.js @@ -69,7 +69,7 @@ const Examples = (props) => ( ( > example_upstream_doq +   + (experimental)
  • diff --git a/client/src/components/Settings/Encryption/Form.js b/client/src/components/Settings/Encryption/Form.js index ee56b315..15f8a3c6 100644 --- a/client/src/components/Settings/Encryption/Form.js +++ b/client/src/components/Settings/Encryption/Form.js @@ -199,7 +199,7 @@ let Form = (props) => {