Skip to content

Commit

Permalink
Support DNS over TLS resolver
Browse files Browse the repository at this point in the history
  • Loading branch information
@mohanson
mohanson authored Aug 30, 2023
1 parent c45a5f5 commit 1882a19
Show file tree
Hide file tree
Showing 3 changed files with 59 additions and 36 deletions.
29 changes: 15 additions & 14 deletions cmd/daze/main.go
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
package main

import (
"context"
"flag"
"fmt"
"log"
Expand Down Expand Up @@ -55,15 +54,7 @@ func main() {
// If daze runs in Android through termux, then we set a default dns for it. See:
// https://stackoverflow.com/questions/38959067/dns-lookup-issue-when-running-my-go-app-in-termux
if os.Getenv("ANDROID_ROOT") != "" {
for _, e := range daze.LoadOpenResolver() {
d := daze.Resolver(e)
_, f := d.LookupHost(context.Background(), "google.com")
if f == nil {
log.Println("main: domain server is", e)
net.DefaultResolver = d
break
}
}
net.DefaultResolver = daze.ResolverDns("1.1.1.1:53")
}
resExec := filepath.Dir(doa.Try(os.Executable()))
subCommand := os.Args[1]
Expand All @@ -73,15 +64,20 @@ func main() {
var (
flListen = flag.String("l", "0.0.0.0:1081", "listen address")
flCipher = flag.String("k", "daze", "password, should be same with the one specified by client")
flDnserv = flag.String("dns", "", "such as 8.8.8.8:53")
flDnserv = flag.String("dns", "", "specifies the DNS/DoT host:port, such as 1.1.1.1:53")
flProtoc = flag.String("p", "ashe", "protocol {ashe, baboon, czar, dahlia}")
flExtend = flag.String("e", "", "extend data for different protocols")
)
flag.Parse()
log.Println("main: server cipher is", *flCipher)
log.Println("main: protocol is used", *flProtoc)
if *flDnserv != "" {
net.DefaultResolver = daze.Resolver(*flDnserv)
switch {
case strings.HasSuffix(*flDnserv, ":53"):
net.DefaultResolver = daze.ResolverDns(*flDnserv)
case strings.HasSuffix(*flDnserv, ":853"):
net.DefaultResolver = daze.ResolverDot(*flDnserv)
}
log.Println("main: domain server is", *flDnserv)
}
switch *flProtoc {
Expand Down Expand Up @@ -114,15 +110,20 @@ func main() {
flFilter = flag.String("f", "rule", "filter {rule, remote, locale}")
flRulels = flag.String("r", filepath.Join(resExec, Conf.PathRule), "rule path")
flCIDRls = flag.String("c", filepath.Join(resExec, Conf.PathCIDR), "cidr path")
flDnserv = flag.String("dns", "", "such as 8.8.8.8:53")
flDnserv = flag.String("dns", "", "specifies the DNS/DoT host:port, such as 1.1.1.1:53")
flProtoc = flag.String("p", "ashe", "protocol {ashe, baboon, czar, dahlia}")
)
flag.Parse()
log.Println("main: remote server is", *flServer)
log.Println("main: client cipher is", *flCipher)
log.Println("main: protocol is used", *flProtoc)
if *flDnserv != "" {
net.DefaultResolver = daze.Resolver(*flDnserv)
switch {
case strings.HasSuffix(*flDnserv, ":53"):
net.DefaultResolver = daze.ResolverDns(*flDnserv)
case strings.HasSuffix(*flDnserv, ":853"):
net.DefaultResolver = daze.ResolverDot(*flDnserv)
}
log.Println("main: domain server is", *flDnserv)
}
switch *flProtoc {
Expand Down
49 changes: 27 additions & 22 deletions daze.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ import (
"crypto/rand"
"crypto/rc4"
"crypto/sha256"
"crypto/tls"
"encoding/binary"
"encoding/hex"
"errors"
Expand Down Expand Up @@ -55,14 +56,8 @@ var Conf = struct {
RouterLruSize: 64,
}

// Resolver returns a new Resolver used by the package-level Lookup functions and by Dialers without a specified
// Resolver.
//
// Examples:
//
// Resolver("8.8.8.8:53")
// Resolver("1.1.1.1:53")
func Resolver(addr string) *net.Resolver {
// Resolver returns a DNS resolver.
func ResolverDns(addr string) *net.Resolver {
return &net.Resolver{
PreferGo: true,
Dial: func(ctx context.Context, network, address string) (net.Conn, error) {
Expand All @@ -74,6 +69,30 @@ func Resolver(addr string) *net.Resolver {
}
}

// ResolverDot returns a DNS over TLS resolver.
func ResolverDot(addr string) *net.Resolver {
host, _, _ := net.SplitHostPort(addr)
conf := &tls.Config{
ServerName: host,
ClientSessionCache: tls.NewLRUClientSessionCache(32),
}
return &net.Resolver{
PreferGo: true,
Dial: func(context context.Context, network, address string) (net.Conn, error) {
d := net.Dialer{
Timeout: Conf.DialerTimeout,
}
c, err := d.DialContext(context, "tcp", addr)
if err != nil {
return nil, err
}
_ = c.(*net.TCPConn).SetKeepAlive(true)
_ = c.(*net.TCPConn).SetKeepAlivePeriod(10 * time.Minute)
return tls.Client(c, conf), nil
},
}
}

// Link copies from src to dst and dst to src until either EOF is reached.
func Link(a, b io.ReadWriteCloser) {
w := sync.WaitGroup{}
Expand Down Expand Up @@ -1048,20 +1067,6 @@ func LoadApnic() map[string][]*net.IPNet {
return r
}

// LoadOpenResolver returns best and free public DNS servers (valid april 2023).
func LoadOpenResolver() []string {
return []string{
"8.8.8.8:53", // Google
"8.8.4.4:53", // Google
"4.2.2.1:53", // Microsoft
"4.2.2.2:53", // Microsoft
"1.1.1.1:53", // Cloudflare DNS
"1.0.0.1:53", // Cloudflare DNS
"208.67.222.222:53", // OpenDNS
"208.67.220.220:53", // OpenDNS
}
}

// LoadReservedIP loads reserved ip addresses.
//
// Introduction:
Expand Down
17 changes: 17 additions & 0 deletions daze_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package daze

import (
"bytes"
"context"
"os/exec"
"testing"

Expand Down Expand Up @@ -60,3 +61,19 @@ func TestLocaleSocks5(t *testing.T) {
t.FailNow()
}
}

func TestResolverDns(t *testing.T) {
dns := ResolverDns("1.1.1.1:53")
_, err := dns.LookupHost(context.Background(), "google.com")
if err != nil {
t.FailNow()
}
}

func TestResolverDot(t *testing.T) {
dot := ResolverDot("1.1.1.1:853")
_, err := dot.LookupHost(context.Background(), "google.com")
if err != nil {
t.FailNow()
}
}

0 comments on commit 1882a19

Please sign in to comment.