From b98adbc0cc6eeaffb262d57775c487e03b1d5ba5 Mon Sep 17 00:00:00 2001 From: Eugene Burkov Date: Wed, 10 Apr 2024 19:21:44 +0300 Subject: [PATCH] dnsforward: upd proxy, imp code, docs --- go.mod | 2 +- go.sum | 4 ++-- internal/dnsforward/dnsforward.go | 13 ++++--------- internal/dnsforward/http.go | 7 ++++--- internal/dnsforward/upstreams.go | 30 ++++++++++++++++-------------- 5 files changed, 27 insertions(+), 29 deletions(-) diff --git a/go.mod b/go.mod index 1e3f8a25827..5a3ed07bb91 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module github.com/AdguardTeam/AdGuardHome go 1.22.2 require ( - github.com/AdguardTeam/dnsproxy v0.69.0 + github.com/AdguardTeam/dnsproxy v0.69.1 github.com/AdguardTeam/golibs v0.23.0 github.com/AdguardTeam/urlfilter v0.18.0 github.com/NYTimes/gziphandler v1.1.1 diff --git a/go.sum b/go.sum index 497b57ea92b..6b04e9b2b5e 100644 --- a/go.sum +++ b/go.sum @@ -1,5 +1,5 @@ -github.com/AdguardTeam/dnsproxy v0.69.0 h1:VaaXpvkkNkf3gx9d8EvUutRQu/BVtT8vvDa572U3wTk= -github.com/AdguardTeam/dnsproxy v0.69.0/go.mod h1:atO3WeeuyepyhjSt6hC+MF7/IN7TZHfG3/ZwhImHzYs= +github.com/AdguardTeam/dnsproxy v0.69.1 h1:KiLkKUSrvHeUO/YEf4Bbo/5zyFRIvQstjL7W9G/24pk= +github.com/AdguardTeam/dnsproxy v0.69.1/go.mod h1:atO3WeeuyepyhjSt6hC+MF7/IN7TZHfG3/ZwhImHzYs= github.com/AdguardTeam/golibs v0.23.0 h1:PHz/QhJhLmoaOokkqrPFUgu9Hw4iVAqLtBP0O3g1D3Q= github.com/AdguardTeam/golibs v0.23.0/go.mod h1:/xZCf6gZZzz7k1qaoJmI+hhxN98kHFr7LJ22j1nLH0c= github.com/AdguardTeam/urlfilter v0.18.0 h1:ZZzwODC/ADpjJSODxySrrUnt/fvOCfGFaCW6j+wsGfQ= diff --git a/internal/dnsforward/dnsforward.go b/internal/dnsforward/dnsforward.go index 8b4c6afb2e3..fda29f0a7f1 100644 --- a/internal/dnsforward/dnsforward.go +++ b/internal/dnsforward/dnsforward.go @@ -517,7 +517,7 @@ func (s *Server) prepareUpstreamSettings(boot upstream.Resolver) (err error) { return fmt.Errorf("loading upstreams: %w", err) } - s.conf.UpstreamConfig, err = newUpstreamConfig(upstreams, defaultDNS, &upstream.Options{ + uc, err := newUpstreamConfig(upstreams, defaultDNS, &upstream.Options{ Bootstrap: boot, Timeout: s.conf.UpstreamTimeout, HTTPVersions: UpstreamHTTPVersions(s.conf.UseHTTP3Upstreams), @@ -536,6 +536,8 @@ func (s *Server) prepareUpstreamSettings(boot upstream.Resolver) (err error) { return fmt.Errorf("preparing upstream config: %w", err) } + s.conf.UpstreamConfig = uc + return nil } @@ -582,18 +584,11 @@ func (s *Server) prepareLocalResolvers() (uc *proxy.UpstreamConfig, err error) { } addrs := s.conf.LocalPTRResolvers - uc, err = newLocalResolvers(addrs, ownAddrs, s.sysResolvers, s.privateNets, opts) + uc, err = newPrivateConfig(addrs, ownAddrs, s.sysResolvers, s.privateNets, opts) if err != nil { return nil, fmt.Errorf("preparing resolvers: %w", err) } - // Prevalidate the config to catch the exact error before creating proxy. - // See TODO on [ErrBadPrivateRDNSUpstreams]. - err = proxy.ValidatePrivateConfig(uc, s.privateNets) - if err != nil { - return nil, err - } - return uc, nil } diff --git a/internal/dnsforward/http.go b/internal/dnsforward/http.go index ea7592937d6..1a1a7b31491 100644 --- a/internal/dnsforward/http.go +++ b/internal/dnsforward/http.go @@ -342,7 +342,7 @@ func (req *jsonDNSConfig) validateUpstreamDNSServers( opts := &upstream.Options{} if req.Upstreams != nil { - uc, err = newUpstreamConfig(*req.Upstreams, nil, opts) + uc, err = proxy.ParseUpstreamsConfig(*req.Upstreams, opts) err = errors.WithDeferred(err, uc.Close()) if err != nil { return fmt.Errorf("upstream servers: %w", err) @@ -350,7 +350,7 @@ func (req *jsonDNSConfig) validateUpstreamDNSServers( } if addrs := req.LocalPTRUpstreams; addrs != nil { - uc, err = newLocalResolvers(*addrs, ownAddrs, sysResolvers, privateNets, opts) + uc, err = newPrivateConfig(*addrs, ownAddrs, sysResolvers, privateNets, opts) err = errors.WithDeferred(err, uc.Close()) if err != nil { return fmt.Errorf("private upstream servers: %w", err) @@ -364,7 +364,7 @@ func (req *jsonDNSConfig) validateUpstreamDNSServers( } if req.Fallbacks != nil { - uc, err = newUpstreamConfig(*req.Fallbacks, nil, opts) + uc, err = proxy.ParseUpstreamsConfig(*req.Fallbacks, opts) err = errors.WithDeferred(err, uc.Close()) if err != nil { return fmt.Errorf("fallback servers: %w", err) @@ -440,6 +440,7 @@ func (s *Server) handleSetConfig(w http.ResponseWriter, r *http.Request) { // TODO(e.burkov): Consider prebuilding this set on startup. ourAddrs, err := s.conf.ourAddrsSet() if err != nil { + // TODO(e.burkov): !! Put into openapi aghhttp.Error(r, w, http.StatusInternalServerError, "getting our addresses: %s", err) return diff --git a/internal/dnsforward/upstreams.go b/internal/dnsforward/upstreams.go index 9fd574f071e..0754daae63c 100644 --- a/internal/dnsforward/upstreams.go +++ b/internal/dnsforward/upstreams.go @@ -81,11 +81,11 @@ func newUpstreamConfig( return uc, nil } -// newLocalResolvers creates an upstream configuration for resolving PTR records +// newPrivateConfig creates an upstream configuration for resolving PTR records // for local addresses. The configuration is built either from the provided // addresses or from the system resolvers. unwanted filters the resulting // upstream configuration. -func newLocalResolvers( +func newPrivateConfig( addrs []string, unwanted addrPortSet, sysResolvers SystemResolvers, @@ -105,23 +105,25 @@ func newLocalResolvers( log.Debug("dnsforward: upstreams to resolve ptr for local addresses: %v", addrs) - uc, err = newUpstreamConfig(addrs, nil, opts) + uc, err = proxy.ParseUpstreamsConfig(addrs, opts) if err != nil { - return nil, fmt.Errorf("preparing private upstreams: %w", err) + return uc, fmt.Errorf("preparing private upstreams: %w", err) } - if confNeedsFiltering { - err = filterOutAddrs(uc, unwanted) - if err != nil { - return nil, fmt.Errorf("filtering private upstreams: %w", err) - } + if !confNeedsFiltering { + return uc, nil + } - err = proxy.ValidatePrivateConfig(uc, privateNets) - if err != nil { - log.Debug("dnsforward: validating private rdns upstreams: %s", err) + err = filterOutAddrs(uc, unwanted) + if err != nil { + return uc, fmt.Errorf("filtering private upstreams: %w", err) + } - return nil, &PrivateRDNSError{err: err} - } + // Prevalidate the config to catch the exact error before creating proxy. + // See TODO on [PrivateRDNSError]. + err = proxy.ValidatePrivateConfig(uc, privateNets) + if err != nil { + return uc, &PrivateRDNSError{err: err} } return uc, nil