feat: add tls config for dot lookups
Ref https://github.com/mr-karan/doggo/issues/29
This commit is contained in:
Karan Sharma
parent
0ce04d0c13
commit
53f7b70af4
7 changed files with 83 additions and 78 deletions
|
|
@ -1,6 +1,7 @@
|
|||
package resolvers
|
||||
|
||||
import (
|
||||
"crypto/tls"
|
||||
"time"
|
||||
|
||||
"github.com/miekg/dns"
|
||||
|
|
@ -16,10 +17,8 @@ type ClassicResolver struct {
|
|||
|
||||
// ClassicResolverOpts holds options for setting up a Classic resolver.
|
||||
type ClassicResolverOpts struct {
|
||||
IPv4Only bool
|
||||
IPv6Only bool
|
||||
UseTLS bool
|
||||
UseTCP bool
|
||||
UseTLS bool
|
||||
UseTCP bool
|
||||
}
|
||||
|
||||
// NewClassicResolver accepts a list of nameservers and configures a DNS resolver.
|
||||
|
|
@ -34,15 +33,20 @@ func NewClassicResolver(server string, classicOpts ClassicResolverOpts, resolver
|
|||
net = "tcp"
|
||||
}
|
||||
|
||||
if classicOpts.IPv4Only {
|
||||
if resolverOpts.UseIPv4 {
|
||||
net = net + "4"
|
||||
}
|
||||
if classicOpts.IPv6Only {
|
||||
if resolverOpts.UseIPv6 {
|
||||
net = net + "6"
|
||||
}
|
||||
|
||||
if classicOpts.UseTLS {
|
||||
net = net + "-tls"
|
||||
// Provide extra TLS config for doing/skipping hostname verification.
|
||||
client.TLSConfig = &tls.Config{
|
||||
ServerName: resolverOpts.TLSHostname,
|
||||
InsecureSkipVerify: resolverOpts.InsecureSkipVerify,
|
||||
}
|
||||
}
|
||||
|
||||
client.Net = net
|
||||
|
|
|
|||
|
|
@ -18,10 +18,7 @@ type DNSCryptResolver struct {
|
|||
|
||||
// DNSCryptResolverOpts holds options for setting up a DNSCrypt resolver.
|
||||
type DNSCryptResolverOpts struct {
|
||||
IPv4Only bool
|
||||
IPv6Only bool
|
||||
UseTLS bool
|
||||
UseTCP bool
|
||||
UseTCP bool
|
||||
}
|
||||
|
||||
// NewDNSCryptResolver accepts a list of nameservers and configures a DNS resolver.
|
||||
|
|
@ -30,6 +27,7 @@ func NewDNSCryptResolver(server string, dnscryptOpts DNSCryptResolverOpts, resol
|
|||
if dnscryptOpts.UseTCP {
|
||||
net = "tcp"
|
||||
}
|
||||
|
||||
client := &dnscrypt.Client{Net: net, Timeout: resolverOpts.Timeout, UDPSize: 4096}
|
||||
resolverInfo, err := client.Dial(server)
|
||||
if err != nil {
|
||||
|
|
|
|||
|
|
@ -11,14 +11,17 @@ import (
|
|||
// Options represent a set of common options
|
||||
// to configure a Resolver.
|
||||
type Options struct {
|
||||
Nameservers []models.Nameserver
|
||||
UseIPv4 bool
|
||||
UseIPv6 bool
|
||||
SearchList []string
|
||||
Ndots int
|
||||
Timeout time.Duration
|
||||
Logger *logrus.Logger
|
||||
Strategy string
|
||||
Logger *logrus.Logger
|
||||
|
||||
Nameservers []models.Nameserver
|
||||
UseIPv4 bool
|
||||
UseIPv6 bool
|
||||
SearchList []string
|
||||
Ndots int
|
||||
Timeout time.Duration
|
||||
Strategy string
|
||||
InsecureSkipVerify bool
|
||||
TLSHostname string
|
||||
}
|
||||
|
||||
// Resolver implements the configuration for a DNS
|
||||
|
|
@ -68,18 +71,13 @@ type Authority struct {
|
|||
// LoadResolvers loads differently configured
|
||||
// resolvers based on a list of nameserver.
|
||||
func LoadResolvers(opts Options) ([]Resolver, error) {
|
||||
var resolverOpts = Options{
|
||||
Timeout: opts.Timeout,
|
||||
Ndots: opts.Ndots,
|
||||
SearchList: opts.SearchList,
|
||||
Logger: opts.Logger,
|
||||
}
|
||||
// for each nameserver, initialise the correct resolver
|
||||
// For each nameserver, initialise the correct resolver.
|
||||
rslvrs := make([]Resolver, 0, len(opts.Nameservers))
|
||||
|
||||
for _, ns := range opts.Nameservers {
|
||||
if ns.Type == models.DOHResolver {
|
||||
opts.Logger.Debug("initiating DOH resolver")
|
||||
rslvr, err := NewDOHResolver(ns.Address, resolverOpts)
|
||||
rslvr, err := NewDOHResolver(ns.Address, opts)
|
||||
if err != nil {
|
||||
return rslvrs, err
|
||||
}
|
||||
|
|
@ -89,11 +87,9 @@ func LoadResolvers(opts Options) ([]Resolver, error) {
|
|||
opts.Logger.Debug("initiating DOT resolver")
|
||||
rslvr, err := NewClassicResolver(ns.Address,
|
||||
ClassicResolverOpts{
|
||||
IPv4Only: opts.UseIPv4,
|
||||
IPv6Only: opts.UseIPv6,
|
||||
UseTLS: true,
|
||||
UseTCP: true,
|
||||
}, resolverOpts)
|
||||
UseTLS: true,
|
||||
UseTCP: true,
|
||||
}, opts)
|
||||
|
||||
if err != nil {
|
||||
return rslvrs, err
|
||||
|
|
@ -104,11 +100,9 @@ func LoadResolvers(opts Options) ([]Resolver, error) {
|
|||
opts.Logger.Debug("initiating TCP resolver")
|
||||
rslvr, err := NewClassicResolver(ns.Address,
|
||||
ClassicResolverOpts{
|
||||
IPv4Only: opts.UseIPv4,
|
||||
IPv6Only: opts.UseIPv6,
|
||||
UseTLS: false,
|
||||
UseTCP: true,
|
||||
}, resolverOpts)
|
||||
UseTLS: false,
|
||||
UseTCP: true,
|
||||
}, opts)
|
||||
if err != nil {
|
||||
return rslvrs, err
|
||||
}
|
||||
|
|
@ -118,11 +112,9 @@ func LoadResolvers(opts Options) ([]Resolver, error) {
|
|||
opts.Logger.Debug("initiating UDP resolver")
|
||||
rslvr, err := NewClassicResolver(ns.Address,
|
||||
ClassicResolverOpts{
|
||||
IPv4Only: opts.UseIPv4,
|
||||
IPv6Only: opts.UseIPv6,
|
||||
UseTLS: false,
|
||||
UseTCP: false,
|
||||
}, resolverOpts)
|
||||
UseTLS: false,
|
||||
UseTCP: false,
|
||||
}, opts)
|
||||
if err != nil {
|
||||
return rslvrs, err
|
||||
}
|
||||
|
|
@ -133,7 +125,7 @@ func LoadResolvers(opts Options) ([]Resolver, error) {
|
|||
rslvr, err := NewDNSCryptResolver(ns.Address,
|
||||
DNSCryptResolverOpts{
|
||||
UseTCP: false,
|
||||
}, resolverOpts)
|
||||
}, opts)
|
||||
if err != nil {
|
||||
return rslvrs, err
|
||||
}
|
||||
|
|
@ -141,7 +133,7 @@ func LoadResolvers(opts Options) ([]Resolver, error) {
|
|||
}
|
||||
if ns.Type == models.DOQResolver {
|
||||
opts.Logger.Debug("initiating DOQ resolver")
|
||||
rslvr, err := NewDOQResolver(ns.Address, resolverOpts)
|
||||
rslvr, err := NewDOQResolver(ns.Address, opts)
|
||||
if err != nil {
|
||||
return rslvrs, err
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue