From a82ec09afdfbc66a8f07614b77e825f527a3b35b Mon Sep 17 00:00:00 2001 From: Ainar Garipov Date: Tue, 24 May 2022 19:47:09 +0300 Subject: [PATCH] Pull request: all: upd dnsproxy, supp rfc 9250 Updates #4592. Squashed commit of the following: commit 1a80875d6aa7811d7d1d978f6fa8d558dec1ca87 Author: Ainar Garipov Date: Tue May 24 19:28:27 2022 +0300 all: upd dnsproxy, supp rfc 9250 --- CHANGELOG.md | 10 ++++++---- go.mod | 4 ++-- go.sum | 14 ++++---------- internal/dnsforward/clientid.go | 12 ++++++------ internal/dnsforward/clientid_test.go | 25 +++++++++++++------------ 5 files changed, 31 insertions(+), 34 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9d837c95..e0c32ce7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -23,6 +23,7 @@ and this project adheres to ### Added +- Support for the final DNS-over-QUIC standard, [RFC 9250][rfc-9250] ([#4592]). - Support upstreams for subdomains of a domain only ([#4503]). - Support for Discovery of Designated Resolvers (DDR) according to the [RFC draft][ddr-draft-06] ([#4463]). @@ -45,7 +46,7 @@ and this project adheres to instead of the `/bin/sh` one ([#4533]). To apply this change, backup your data and run `AdGuardHome -s uninstall && AdGuardHome -s install`. - The default DNS-over-QUIC port number is now `853` instead of `754` in - accordance with the latest [RFC draft][doq-draft-10] ([#4276]). + accordance with [RFC 9250][rfc-9250] ([#4276]). - Reverse DNS now has a greater priority as the source of runtime clients' information than ARP neighborhood. - Improved detection of runtime clients through more resilient ARP processing @@ -100,7 +101,7 @@ In this release, the schema version has changed from 12 to 14. `dns.resolve_clients` property. To rollback this change, remove the `runtime_sources` property, move the contents of `persistent` into the `clients` itself, the value of `clients.runtime_sources.rdns` into the - `dns.resolve_clietns`, and change the `schema_version` back to `13`. + `dns.resolve_clients`, and change the `schema_version` back to `13`. - Property `local_domain_name`, which in schema versions 12 and earlier used to be a part of the `dns` object, is now a part of the `dhcp` object: @@ -131,7 +132,7 @@ In this release, the schema version has changed from 12 to 14. - Service startup on boot on systems using SysV-init ([#4480]). - Detection of the stopped service status on macOS and Linux ([#4273]). - Case-sensitive ClientID ([#4542]). -- Slow version update queries making other HTTP APIs unresponsible ([#4499]). +- Slow version update queries making other HTTP APIs unresponsive ([#4499]). - ARP tables refreshing process causing excessive PTR requests ([#3157]). [#1730]: https://github.com/AdguardTeam/AdGuardHome/issues/1730 @@ -156,9 +157,10 @@ In this release, the schema version has changed from 12 to 14. [#4503]: https://github.com/AdguardTeam/AdGuardHome/issues/4503 [#4533]: https://github.com/AdguardTeam/AdGuardHome/issues/4533 [#4542]: https://github.com/AdguardTeam/AdGuardHome/issues/4542 +[#4592]: https://github.com/AdguardTeam/AdGuardHome/issues/4592 +[rfc-9250]: https://datatracker.ietf.org/doc/html/rfc9250 [ddr-draft-06]: https://www.ietf.org/archive/id/draft-ietf-add-ddr-06.html -[doq-draft-10]: https://datatracker.ietf.org/doc/html/draft-ietf-dprive-dnsoquic-10#section-10.2 [repr]: https://reproducible-builds.org/docs/source-date-epoch/ diff --git a/go.mod b/go.mod index 4d9d2191..d3c3e1de 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module github.com/AdguardTeam/AdGuardHome go 1.17 require ( - github.com/AdguardTeam/dnsproxy v0.42.4 + github.com/AdguardTeam/dnsproxy v0.43.0 github.com/AdguardTeam/golibs v0.10.8 github.com/AdguardTeam/urlfilter v0.16.0 github.com/NYTimes/gziphandler v1.1.1 @@ -17,7 +17,7 @@ require ( github.com/google/renameio v1.0.1 github.com/insomniacslk/dhcp v0.0.0-20220405050111-12fbdcb11b41 github.com/kardianos/service v1.2.1 - github.com/lucas-clemente/quic-go v0.26.0 + github.com/lucas-clemente/quic-go v0.27.1 github.com/mdlayher/ethernet v0.0.0-20220221185849-529eae5b6118 github.com/mdlayher/netlink v1.6.0 // TODO(a.garipov): This package is deprecated; find a new one or use diff --git a/go.sum b/go.sum index 73accb25..ae65fdab 100644 --- a/go.sum +++ b/go.sum @@ -7,8 +7,8 @@ dmitri.shuralyov.com/html/belt v0.0.0-20180602232347-f7d459c86be0/go.mod h1:JLBr dmitri.shuralyov.com/service/change v0.0.0-20181023043359-a85b471d5412/go.mod h1:a1inKt/atXimZ4Mv927x+r7UpyzRUf4emIoiiSC2TN4= dmitri.shuralyov.com/state v0.0.0-20180228185332-28bcc343414c/go.mod h1:0PRwlb0D6DFvNNtx+9ybjezNCa8XF0xaYcETyp6rHWU= git.apache.org/thrift.git v0.0.0-20180902110319-2566ecd5d999/go.mod h1:fPE2ZNJGynbRyZ4dJvy6G277gSllfV2HJqblrnkyeyg= -github.com/AdguardTeam/dnsproxy v0.42.4 h1:Rf45a3H6U/8XqWMYAMEsC1g/dVudyfgx4WY8N2syJMw= -github.com/AdguardTeam/dnsproxy v0.42.4/go.mod h1:thHuk3599mgmucsv5J9HR9lBVQHnf4YleE08EbxNrN0= +github.com/AdguardTeam/dnsproxy v0.43.0 h1:K082nx37DaNqSyT3kDtAfgBACNWc+ZDI1Yr/kGppu1k= +github.com/AdguardTeam/dnsproxy v0.43.0/go.mod h1:JUGTm5dmlll47JltztsT0N//pVJjdg6zu0SNeUeaA7g= github.com/AdguardTeam/golibs v0.4.0/go.mod h1:skKsDKIBB7kkFflLJBpfGX+G8QFTx0WKUzB6TIgtUj4= github.com/AdguardTeam/golibs v0.4.2/go.mod h1:skKsDKIBB7kkFflLJBpfGX+G8QFTx0WKUzB6TIgtUj4= github.com/AdguardTeam/golibs v0.10.4/go.mod h1:rSfQRGHIdgfxriDDNgNJ7HmE5zRoURq8R+VdR81Zuzw= @@ -143,21 +143,15 @@ github.com/kr/pty v1.1.3/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/lucas-clemente/quic-go v0.25.0/go.mod h1:YtzP8bxRVCBlO77yRanE264+fY/T2U9ZlW1AaHOsMOg= -github.com/lucas-clemente/quic-go v0.26.0 h1:ALBQXr9UJ8A1LyzvceX4jd9QFsHvlI0RR6BkV16o00A= -github.com/lucas-clemente/quic-go v0.26.0/go.mod h1:AzgQoPda7N+3IqMMMkywBKggIFo2KT6pfnlrQ2QieeI= +github.com/lucas-clemente/quic-go v0.27.1 h1:sOw+4kFSVrdWOYmUjufQ9GBVPqZ+tu+jMtXxXNmRJyk= +github.com/lucas-clemente/quic-go v0.27.1/go.mod h1:AzgQoPda7N+3IqMMMkywBKggIFo2KT6pfnlrQ2QieeI= github.com/lunixbochs/vtclean v1.0.0/go.mod h1:pHhQNgMf3btfWnGBVipUOjRYhoOsdGqdm/+2c2E2WMI= github.com/mailru/easyjson v0.0.0-20190312143242-1de009706dbe/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/marten-seemann/qpack v0.2.1/go.mod h1:F7Gl5L1jIgN1D11ucXefiuJS9UMVP2opoCp2jDKb7wc= -github.com/marten-seemann/qtls-go1-15 v0.1.4/go.mod h1:GyFwywLKkRt+6mfU99csTEY1joMZz5vmB1WNZH3P81I= -github.com/marten-seemann/qtls-go1-16 v0.1.4/go.mod h1:gNpI2Ol+lRS3WwSOtIUUtRwZEQMXjYK+dQSBFbethAk= github.com/marten-seemann/qtls-go1-16 v0.1.5 h1:o9JrYPPco/Nukd/HpOHMHZoBDXQqoNtUCmny98/1uqQ= github.com/marten-seemann/qtls-go1-16 v0.1.5/go.mod h1:gNpI2Ol+lRS3WwSOtIUUtRwZEQMXjYK+dQSBFbethAk= -github.com/marten-seemann/qtls-go1-17 v0.1.0/go.mod h1:fz4HIxByo+LlWcreM4CZOYNuz3taBQ8rN2X6FqvaWo8= github.com/marten-seemann/qtls-go1-17 v0.1.1 h1:DQjHPq+aOzUeh9/lixAGunn6rIOQyWChPSI4+hgW7jc= github.com/marten-seemann/qtls-go1-17 v0.1.1/go.mod h1:C2ekUKcDdz9SDWxec1N/MvcXBpaX9l3Nx67XaR84L5s= -github.com/marten-seemann/qtls-go1-18 v0.1.0-beta.1/go.mod h1:PUhIQk19LoFt2174H4+an8TYvWOGjb/hHwphBeaDHwI= -github.com/marten-seemann/qtls-go1-18 v0.1.0/go.mod h1:PUhIQk19LoFt2174H4+an8TYvWOGjb/hHwphBeaDHwI= github.com/marten-seemann/qtls-go1-18 v0.1.1 h1:qp7p7XXUFL7fpBvSS1sWD+uSqPvzNQK43DH+/qEkj0Y= github.com/marten-seemann/qtls-go1-18 v0.1.1/go.mod h1:mJttiymBAByA49mhlNZZGrH5u1uXYZJ+RW28Py7f4m4= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= diff --git a/internal/dnsforward/clientid.go b/internal/dnsforward/clientid.go index bb687a41..16bac881 100644 --- a/internal/dnsforward/clientid.go +++ b/internal/dnsforward/clientid.go @@ -112,8 +112,8 @@ type tlsConn interface { ConnectionState() (cs tls.ConnectionState) } -// quicSession is a narrow interface for quic.Session to simplify testing. -type quicSession interface { +// quicConnection is a narrow interface for quic.Connection to simplify testing. +type quicConnection interface { ConnectionState() (cs quic.ConnectionState) } @@ -148,16 +148,16 @@ func (s *Server) clientIDFromDNSContext(pctx *proxy.DNSContext) (clientID string cliSrvName = tc.ConnectionState().ServerName case proxy.ProtoQUIC: - qs, ok := pctx.QUICSession.(quicSession) + conn, ok := pctx.QUICConnection.(quicConnection) if !ok { return "", fmt.Errorf( - "proxy ctx quic session of proto %s is %T, want quic.Session", + "proxy ctx quic conn of proto %s is %T, want quic.Connection", proto, - pctx.QUICSession, + pctx.QUICConnection, ) } - cliSrvName = qs.ConnectionState().TLS.ServerName + cliSrvName = conn.ConnectionState().TLS.ServerName } clientID, err = clientIDFromClientServerName( diff --git a/internal/dnsforward/clientid_test.go b/internal/dnsforward/clientid_test.go index 6e23d639..31c55fcd 100644 --- a/internal/dnsforward/clientid_test.go +++ b/internal/dnsforward/clientid_test.go @@ -29,17 +29,18 @@ func (c testTLSConn) ConnectionState() (cs tls.ConnectionState) { return cs } -// testQUICSession is a quicSession for tests. -type testQUICSession struct { - // Session is embedded here simply to make testQUICSession a quic.Session - // without actually implementing all methods. - quic.Session +// testQUICConnection is a quicConnection for tests. +type testQUICConnection struct { + // Connection is embedded here simply to make testQUICConnection a + // quic.Connection without actually implementing all methods. + quic.Connection serverName string } -// ConnectionState implements the quicSession interface for testQUICSession. -func (c testQUICSession) ConnectionState() (cs quic.ConnectionState) { +// ConnectionState implements the quicConnection interface for +// testQUICConnection. +func (c testQUICConnection) ConnectionState() (cs quic.ConnectionState) { cs.TLS.ServerName = c.serverName return cs @@ -179,17 +180,17 @@ func TestServer_clientIDFromDNSContext(t *testing.T) { } } - var qs quic.Session + var qconn quic.Connection if tc.proto == proxy.ProtoQUIC { - qs = testQUICSession{ + qconn = testQUICConnection{ serverName: tc.cliSrvName, } } pctx := &proxy.DNSContext{ - Proto: tc.proto, - Conn: conn, - QUICSession: qs, + Proto: tc.proto, + Conn: conn, + QUICConnection: qconn, } clientID, err := srv.clientIDFromDNSContext(pctx)