mirrors/dnscrypt-proxy
1
0
Fork 0
mirror of https://github.com/DNSCrypt/dnscrypt-proxy.git synced 2025-04-04 13:47:39 +03:00
Code Issues Projects Releases Packages Wiki Activity

-resolve: report ECS support

Browse source 
Note that we can't randomize the source network, as Google and
possible others refuse networks that don't get BGP announcements.
This commit is contained in:
Frank Denis 2022-03-14 17:04:54 +01:00
parent 49c17f8e98
commit c0435772d4
1 changed files with 40 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

53
dnscrypt-proxy/resolve.go
View file

@ -14,7 +14,7 @@ import (
const myResolverHost string = "resolver.dnscrypt.info." const myResolverHost string = "resolver.dnscrypt.info."
const nonexistentName string = "nonexistent-zone.dnscrypt-test." const nonexistentName string = "nonexistent-zone.dnscrypt-test."
func resolveQuery(server string, qName string, qType uint16) (*dns.Msg, error) { func resolveQuery(server string, qName string, qType uint16, sendClientSubnet bool) (*dns.Msg, error) {
client := new(dns.Client) client := new(dns.Client)
client.ReadTimeout = 2 * time.Second client.ReadTimeout = 2 * time.Second
msg := &dns.Msg{ msg := &dns.Msg{
@ -30,9 +30,27 @@ func resolveQuery(server string, qName string, qType uint16) (*dns.Msg, error) {
Rrtype: dns.TypeOPT, Rrtype: dns.TypeOPT,
}, },
} }
if sendClientSubnet {
subnet := net.IPNet{IP: net.IPv4(93, 184, 216, 0), Mask: net.CIDRMask(24, 32)}
prr := dns.EDNS0_SUBNET{}
prr.Code = dns.EDNS0SUBNET
bits, totalSize := subnet.Mask.Size()
if totalSize == 32 {
prr.Family = 1
} else if totalSize == 128 { // if we want to test with IPv6
prr.Family = 2
}
prr.SourceNetmask = uint8(bits)
prr.SourceScope = 0
prr.Address = subnet.IP
options.Option = append(options.Option, &prr)
}
msg.Extra = append(msg.Extra, options) msg.Extra = append(msg.Extra, options)
options.SetDo() options.SetDo()
options.SetUDPSize(uint16(MaxDNSPacketSize)) options.SetUDPSize(uint16(MaxDNSPacketSize))
msg.Question[0] = dns.Question{Name: qName, Qtype: qType, Qclass: dns.ClassINET} msg.Question[0] = dns.Question{Name: qName, Qtype: qType, Qclass: dns.ClassINET}
msg.Id = dns.Id() msg.Id = dns.Id()
for i := 0; i < 3; i++ { for i := 0; i < 3; i++ {
@ -69,9 +87,10 @@ func Resolve(server string, name string, singleResolver bool) {
name = dns.Fqdn(name) name = dns.Fqdn(name)
cname := name cname := name
var clientSubnet string
for once := true; once; once = false { for once := true; once; once = false {
response, err := resolveQuery(server, myResolverHost, dns.TypeTXT) response, err := resolveQuery(server, myResolverHost, dns.TypeTXT, true)
if err != nil { if err != nil {
fmt.Printf("Unable to resolve: [%s]\n", err) fmt.Printf("Unable to resolve: [%s]\n", err)
os.Exit(1) os.Exit(1)
@ -86,14 +105,15 @@ func Resolve(server string, name string, singleResolver bool) {
for _, txt := range answer.(*dns.TXT).Txt { for _, txt := range answer.(*dns.TXT).Txt {
if strings.HasPrefix(txt, "Resolver IP: ") { if strings.HasPrefix(txt, "Resolver IP: ") {
ip = strings.TrimPrefix(txt, "Resolver IP: ") ip = strings.TrimPrefix(txt, "Resolver IP: ")
break } else if strings.HasPrefix(txt, "EDNS0 client subnet: ") {
clientSubnet = strings.TrimPrefix(txt, "EDNS0 client subnet: ")
} }
} }
if ip == "" { if ip == "" {
continue continue
} }
if rev, err := dns.ReverseAddr(ip); err == nil { if rev, err := dns.ReverseAddr(ip); err == nil {
response, err = resolveQuery(server, rev, dns.TypePTR) response, err = resolveQuery(server, rev, dns.TypePTR, false)
if err != nil { if err != nil {
break break
} }
@ -117,7 +137,7 @@ func Resolve(server string, name string, singleResolver bool) {
if singleResolver { if singleResolver {
for once := true; once; once = false { for once := true; once; once = false {
fmt.Printf("Lying : ") fmt.Printf("Lying : ")
response, err := resolveQuery(server, nonexistentName, dns.TypeA) response, err := resolveQuery(server, nonexistentName, dns.TypeA, false)
if err != nil { if err != nil {
break break
} }
@ -137,6 +157,13 @@ func Resolve(server string, name string, singleResolver bool) {
fmt.Println("no, the resolver doesn't support DNSSEC") fmt.Println("no, the resolver doesn't support DNSSEC")
} }
} }
fmt.Printf("ECS : ")
if clientSubnet != "" {
fmt.Println("client network address is sent to authoritative servers")
} else {
fmt.Println("ignored or selective")
}
} }
} }
@ -146,7 +173,7 @@ cname:
for once := true; once; once = false { for once := true; once; once = false {
fmt.Printf("Canonical name: ") fmt.Printf("Canonical name: ")
for i := 0; i < 100; i++ { for i := 0; i < 100; i++ {
response, err := resolveQuery(server, cname, dns.TypeCNAME) response, err := resolveQuery(server, cname, dns.TypeCNAME, false)
if err != nil { if err != nil {
break cname break cname
} }
@ -170,7 +197,7 @@ cname:
for once := true; once; once = false { for once := true; once; once = false {
fmt.Printf("IPv4 addresses: ") fmt.Printf("IPv4 addresses: ")
response, err := resolveQuery(server, cname, dns.TypeA) response, err := resolveQuery(server, cname, dns.TypeA, false)
if err != nil { if err != nil {
break break
} }
@ -190,7 +217,7 @@ cname:
for once := true; once; once = false { for once := true; once; once = false {
fmt.Printf("IPv6 addresses: ") fmt.Printf("IPv6 addresses: ")
response, err := resolveQuery(server, cname, dns.TypeAAAA) response, err := resolveQuery(server, cname, dns.TypeAAAA, false)
if err != nil { if err != nil {
break break
} }
@ -212,7 +239,7 @@ cname:
for once := true; once; once = false { for once := true; once; once = false {
fmt.Printf("Name servers : ") fmt.Printf("Name servers : ")
response, err := resolveQuery(server, cname, dns.TypeNS) response, err := resolveQuery(server, cname, dns.TypeNS, false)
if err != nil { if err != nil {
break break
} }
@ -242,7 +269,7 @@ cname:
for once := true; once; once = false { for once := true; once; once = false {
fmt.Printf("Mail servers : ") fmt.Printf("Mail servers : ")
response, err := resolveQuery(server, cname, dns.TypeMX) response, err := resolveQuery(server, cname, dns.TypeMX, false)
if err != nil { if err != nil {
break break
} }
@ -266,7 +293,7 @@ cname:
for once := true; once; once = false { for once := true; once; once = false {
fmt.Printf("HTTPS alias : ") fmt.Printf("HTTPS alias : ")
response, err := resolveQuery(server, cname, dns.TypeHTTPS) response, err := resolveQuery(server, cname, dns.TypeHTTPS, false)
if err != nil { if err != nil {
break break
} }
@ -312,7 +339,7 @@ cname:
for once := true; once; once = false { for once := true; once; once = false {
fmt.Printf("Host info : ") fmt.Printf("Host info : ")
response, err := resolveQuery(server, cname, dns.TypeHINFO) response, err := resolveQuery(server, cname, dns.TypeHINFO, false)
if err != nil { if err != nil {
break break
} }
@ -332,7 +359,7 @@ cname:
for once := true; once; once = false { for once := true; once; once = false {
fmt.Printf("TXT records : ") fmt.Printf("TXT records : ")
response, err := resolveQuery(server, cname, dns.TypeTXT) response, err := resolveQuery(server, cname, dns.TypeTXT, false)
if err != nil { if err != nil {
break break
} }