Skip to content

Commit

Permalink
Merge branch 'develop' of github.com:junkurihara/doh-auth-proxy into …
Browse files Browse the repository at this point in the history
…develop [ci skip]
  • Loading branch information
junkurihara committed Nov 15, 2023
2 parents 4529ce0 + 57bba94 commit 7f96e66
Show file tree
Hide file tree
Showing 7 changed files with 41 additions and 9 deletions.
7 changes: 3 additions & 4 deletions doh-auth-proxy.toml
Original file line number Diff line number Diff line change
Expand Up @@ -29,12 +29,9 @@ bootstrap_dns = ["8.8.8.8", "1.1.1.1"]
## URL of (O)DoH target server like "https://dns.google/dns-query".
## You can specify multiple servers by repeatedly set this option, then one of given
## servers is chosen (if target_randomization = true, randomly every time).
## Note that we do not choose looped paths, so you need at least one diffrent relay host when (M)ODoH.
target_urls = ["https://odoh.cloudflare-dns.com/dns-query"]

## Currently, we cannot detect loop of path, and it sometimes stops
## (responds nothing) when a relaying host forward a request to itself.
## So, for safety, target_urls, odoh_relay_urls, and mid_relay_urls
## should be DISJOINT one another.

## According to the suggestion in "Designing for Tussle in Encrypted DNS" (HotNets'21),
## multiple (O)DoH servers should be specified and used in randomized fashion in this
Expand All @@ -46,6 +43,8 @@ target_randomization = true
## Use Get method to query if true. Default is false
# use_get_method = false

## User agent string to be sent to target server. Default is "doh-auth-proxy".
# user_agent = "doh-auth-proxy"

##################################
# Auth settings #
Expand Down
5 changes: 5 additions & 0 deletions proxy-bin/src/config/target_config.rs
Original file line number Diff line number Diff line change
Expand Up @@ -139,6 +139,11 @@ impl TryInto<ProxyConfig> for &TargetConfig {
info!("Use GET method for query");
}
}
/////////////////////////////
// User agent
if let Some(val) = &self.config_toml.user_agent {
proxy_config.http_user_agent = val.clone();
}

/////////////////////////////
// Anonymization
Expand Down
1 change: 1 addition & 0 deletions proxy-bin/src/config/toml.rs
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ pub struct ConfigToml {
pub target_urls: Option<Vec<String>>,
pub target_randomization: Option<bool>,
pub use_get_method: Option<bool>,
pub user_agent: Option<String>,
pub authentication: Option<Authentication>,
pub anonymization: Option<Anonymization>,
pub plugins: Option<Plugins>,
Expand Down
11 changes: 11 additions & 0 deletions proxy-lib/src/globals.rs
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,11 @@ pub struct Globals {

#[derive(PartialEq, Eq, Debug, Clone)]
pub struct ProxyConfig {
/// listen addresses
pub listen_addresses: Vec<SocketAddr>,
/// maximum number of connections
pub max_connections: usize,
/// maximum cache size
pub max_cache_size: usize,

/// bootstrap DNS
Expand All @@ -34,14 +37,21 @@ pub struct ProxyConfig {
pub healthcheck_period_sec: Duration,

// udp and tcp proxy setting
/// UDP buffer size
pub udp_buffer_size: usize,
/// UDP channel capacity
pub udp_channel_capacity: usize,
/// UDP timeout
pub udp_timeout_sec: Duration,
/// TCP listen backlog
pub tcp_listen_backlog: u32,

/// timeout for HTTP requests (DoH, ODoH, and authentication requests)
pub http_timeout_sec: Duration,

/// http user agent
pub http_user_agent: String,

/// doh, odoh, modoh target settings
pub target_config: TargetConfig,

Expand Down Expand Up @@ -139,6 +149,7 @@ impl Default for ProxyConfig {
tcp_listen_backlog: TCP_LISTEN_BACKLOG,

http_timeout_sec: Duration::from_secs(HTTP_TIMEOUT_SEC),
http_user_agent: format!("{}/{}", HTTP_USER_AGENT, env!("CARGO_PKG_VERSION")),

target_config: TargetConfig::default(),
nexthop_relay_config: None,
Expand Down
17 changes: 13 additions & 4 deletions proxy-lib/src/http_client/http_client_main.rs
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
use crate::{
constants::HTTP_USER_AGENT,
error::*,
trait_resolve_ips::{resolve_ips, ResolveIpResponse, ResolveIps},
};
Expand All @@ -23,6 +22,9 @@ pub struct HttpClient {
/// timeout for http request
timeout_sec: Duration,

/// http user agent
user_agent: String,

/// period for endpoint ip resolution, such as next hop relay
endpoint_resolution_period_sec: Duration,
}
Expand All @@ -32,17 +34,19 @@ impl HttpClient {
pub async fn new(
endpoints: &[Url],
timeout_sec: Duration,
user_agent: &str,
default_headers: Option<&HeaderMap>,
resolver_ips: impl ResolveIps,
endpoint_resolution_period_sec: Duration,
) -> Result<Self> {
let resolved_ips = resolve_ips(endpoints, resolver_ips).await?;
Ok(Self {
inner: Arc::new(RwLock::new(
HttpClientInner::new(timeout_sec, default_headers, &resolved_ips).await?,
HttpClientInner::new(timeout_sec, user_agent, default_headers, &resolved_ips).await?,
)),
default_headers: default_headers.cloned(),
timeout_sec,
user_agent: user_agent.to_string(),
endpoints: endpoints.to_vec(),
endpoint_resolution_period_sec,
})
Expand Down Expand Up @@ -72,23 +76,28 @@ impl HttpClient {
pub fn endpoint_resolution_period_sec(&self) -> Duration {
self.endpoint_resolution_period_sec
}

/// Get user agent
pub fn user_agent(&self) -> &str {
&self.user_agent
}
}

#[derive(Debug)]
/// Simple wrapper of reqwest::Client
pub struct HttpClientInner {
/// client: reqwest::Client,
pub client: Client,
}
impl HttpClientInner {
/// Build HttpClientInner
pub(super) async fn new(
timeout_sec: Duration,
user_agent: &str,
default_headers: Option<&HeaderMap>,
resolved_ips: &[ResolveIpResponse],
) -> Result<Self> {
let mut client = Client::builder()
.user_agent(format!("{}/{}", HTTP_USER_AGENT, env!("CARGO_PKG_VERSION")))
.user_agent(user_agent)
.timeout(timeout_sec)
.trust_dns(true);

Expand Down
8 changes: 7 additions & 1 deletion proxy-lib/src/http_client/http_client_service.rs
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,13 @@ impl HttpClient {
async fn update_inner(&self, resolved_ips: &[ResolveIpResponse]) -> Result<()> {
let inner = self.inner();
let mut inner_lock = inner.write().await;
*inner_lock = HttpClientInner::new(self.timeout_sec(), self.default_headers(), resolved_ips).await?;
*inner_lock = HttpClientInner::new(
self.timeout_sec(),
self.user_agent(),
self.default_headers(),
resolved_ips,
)
.await?;
drop(inner_lock);
Ok(())
}
Expand Down
1 change: 1 addition & 0 deletions proxy-lib/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,7 @@ pub async fn entrypoint(
let http_client = HttpClient::new(
&endpoint_candidates,
proxy_config.http_timeout_sec,
&proxy_config.http_user_agent,
None,
bootstrap_dns_resolver.clone(),
proxy_config.endpoint_resolution_period_sec,
Expand Down

0 comments on commit 7f96e66

Please sign in to comment.