all: upd proxy

go.mod

@@ -3,7 +3,7 @@ module github.com/AdguardTeam/AdGuardHome
 go 1.22.5
 
 require (
-	github.com/AdguardTeam/dnsproxy v0.72.3-0.20240806061520-4cc9af6704ef
+	github.com/AdguardTeam/dnsproxy v0.72.4-0.20240816100403-7b95e9d45693
 	github.com/AdguardTeam/golibs v0.25.2
 	github.com/AdguardTeam/urlfilter v0.19.0
 	github.com/NYTimes/gziphandler v1.1.1

go.sum

@@ -1,5 +1,5 @@
-github.com/AdguardTeam/dnsproxy v0.72.3-0.20240806061520-4cc9af6704ef h1:j6MtYGWnMOj5TdRFeLA/YmUuS4GKsatt1z3bmIJQtZ8=
-github.com/AdguardTeam/dnsproxy v0.72.3-0.20240806061520-4cc9af6704ef/go.mod h1:DCHTuklaAuvCgtZzpoA0TrqCdOBZJQnKjgKxbC9/kQ8=
+github.com/AdguardTeam/dnsproxy v0.72.4-0.20240816100403-7b95e9d45693 h1:C7zs6ZWYA2VwIORIdmJ868tXueR8ON/ezkGuObIbKIg=
+github.com/AdguardTeam/dnsproxy v0.72.4-0.20240816100403-7b95e9d45693/go.mod h1:DCHTuklaAuvCgtZzpoA0TrqCdOBZJQnKjgKxbC9/kQ8=
 github.com/AdguardTeam/golibs v0.25.2 h1:4+c9LjAIdd9trRk71hXghJ5OL/VRosBm+/0dKH+H39U=
 github.com/AdguardTeam/golibs v0.25.2/go.mod h1:HaTyS2wCbxFudjht9N/+/Qf1b5cMad2BAYSwe7DPCXI=
 github.com/AdguardTeam/urlfilter v0.19.0 h1:q7eH13+yNETlpD/VD3u5rLQOripcUdEktqZFy+KiQLk=

internal/dnsforward/config.go

@@ -427,8 +427,6 @@ func parseBogusNXDOMAIN(confBogusNXDOMAIN []string) (subnets []netip.Prefix, err
 	return subnets, nil
 }
 
-const defaultBlockedResponseTTL = 3600
-
 // initDefaultSettings initializes default settings if nothing
 // is configured
 func (s *Server) initDefaultSettings() {

internal/dnsforward/msg.go

@@ -58,7 +58,7 @@ func (s *Server) genDNSFilterMessage(
 			return s.replyCompressed(req)
 		}
 
-		return s.newMsgNODATA(req)
+		return s.NewMsgNODATA(req)
 	}
 
 	switch res.Reason {
@@ -344,51 +344,6 @@ func (s *Server) makeResponseREFUSED(req *dns.Msg) *dns.Msg {
 	return s.reply(req, dns.RcodeRefused)
 }
 
-// newMsgNODATA returns a properly initialized NODATA response.
-//
-// See https://www.rfc-editor.org/rfc/rfc2308#section-2.2.
-func (s *Server) newMsgNODATA(req *dns.Msg) (resp *dns.Msg) {
-	resp = s.reply(req, dns.RcodeSuccess)
-	resp.Ns = s.genSOA(req)
-
-	return resp
-}
-
-func (s *Server) genSOA(request *dns.Msg) []dns.RR {
-	zone := ""
-	if len(request.Question) > 0 {
-		zone = request.Question[0].Name
-	}
-
-	soa := dns.SOA{
-		// values copied from verisign's nonexistent .com domain
-		// their exact values are not important in our use case because they are used for domain transfers between primary/secondary DNS servers
-		Refresh: 1800,
-		Retry:   900,
-		Expire:  604800,
-		Minttl:  86400,
-		// copied from AdGuard DNS
-		Ns:     "fake-for-negative-caching.adguard.com.",
-		Serial: 100500,
-		// rest is request-specific
-		Hdr: dns.RR_Header{
-			Name:   zone,
-			Rrtype: dns.TypeSOA,
-			Ttl:    s.dnsFilter.BlockedResponseTTL(),
-			Class:  dns.ClassINET,
-		},
-		Mbox: "hostmaster.", // zone will be appended later if it's not empty or "."
-	}
-	if soa.Hdr.Ttl == 0 {
-		soa.Hdr.Ttl = defaultBlockedResponseTTL
-	}
-	if len(zone) > 0 && zone[0] != '.' {
-		soa.Mbox += zone
-	}
-
-	return []dns.RR{&soa}
-}
-
 // type check
 var _ proxy.MessageConstructor = (*Server)(nil)
 
@@ -425,3 +380,52 @@ func (s *Server) NewMsgNOTIMPLEMENTED(req *dns.Msg) (resp *dns.Msg) {
 
 	return resp
 }
+
+// NewMsgNODATA implements the [proxy.MessageConstructor] interface for *Server.
+func (s *Server) NewMsgNODATA(req *dns.Msg) (resp *dns.Msg) {
+	resp = s.reply(req, dns.RcodeSuccess)
+	resp.Ns = s.genSOA(req)
+
+	return resp
+}
+
+func (s *Server) genSOA(req *dns.Msg) []dns.RR {
+	zone := ""
+	if len(req.Question) > 0 {
+		zone = req.Question[0].Name
+	}
+
+	const defaultBlockedResponseTTL = 3600
+
+	soa := dns.SOA{
+		// Values copied from verisign's nonexistent.com domain.
+		//
+		// Their exact values are not important in our use case because they are
+		// used for domain transfers between primary/secondary DNS servers.
+		Refresh: 1800,
+		Retry:   900,
+		Expire:  604800,
+		Minttl:  86400,
+		// copied from AdGuard DNS
+		Ns:     "fake-for-negative-caching.adguard.com.",
+		Serial: 100500,
+		// rest is request-specific
+		Hdr: dns.RR_Header{
+			Name:   zone,
+			Rrtype: dns.TypeSOA,
+			Ttl:    s.dnsFilter.BlockedResponseTTL(),
+			Class:  dns.ClassINET,
+		},
+		// zone will be appended later if it's not ".".
+		Mbox: "hostmaster.",
+	}
+	if soa.Hdr.Ttl == 0 {
+		soa.Hdr.Ttl = defaultBlockedResponseTTL
+	}
+
+	if zone != "." {
+		soa.Mbox += zone
+	}
+
+	return []dns.RR{&soa}
+}

internal/dnsforward/process.go

@@ -159,7 +159,7 @@ func (s *Server) processInitial(dctx *dnsContext) (rc resultCode) {
 	q := pctx.Req.Question[0]
 	qt := q.Qtype
 	if s.conf.AAAADisabled && qt == dns.TypeAAAA {
-		pctx.Res = s.newMsgNODATA(pctx.Req)
+		pctx.Res = s.NewMsgNODATA(pctx.Req)
 
 		return resultCodeFinish
 	}