diff --git a/dnscrypt-proxy/plugin_forward.go b/dnscrypt-proxy/plugin_forward.go index ff144c1a..03672b8d 100644 --- a/dnscrypt-proxy/plugin_forward.go +++ b/dnscrypt-proxy/plugin_forward.go @@ -54,6 +54,7 @@ func (plugin *PluginForward) Init(proxy *Proxy) error { if err != nil { return err } + requiresDHCP := false for lineNo, line := range strings.Split(lines, "\n") { line = TrimAndStripInlineComments(line) if len(line) == 0 { @@ -71,7 +72,6 @@ func (plugin *PluginForward) Init(proxy *Proxy) error { ) } domain = strings.ToLower(domain) - requiresDHCP := false var sequence []SearchSequenceItem for _, server := range strings.Split(serversStr, ",") { server = strings.TrimSpace(server) @@ -120,36 +120,28 @@ func (plugin *PluginForward) Init(proxy *Proxy) error { dlog.Infof("Forwarding [%s] to [%s]", domain, server) } } - if requiresDHCP { - if len(proxy.userName) > 0 { - dlog.Warn("DHCP/DNS detection may not work when 'user_name' is set or when starting as a non-root user") - } - if proxy.SourceIPv6 { - dlog.Notice("Starting a DHCP/DNS detector for IPv6") - d6 := &dhcpdns.Detector{RemoteIPPort: "[2001:DB8::53]:80"} - if err := d6.Detect(); err != nil { - dlog.Criticalf("Failed to start the DHCP/DNS IPv6 server: %s", err) - continue - } - go d6.Serve(9, 10) - plugin.dhcpdns = append(plugin.dhcpdns, d6) - } - if proxy.SourceIPv4 { - dlog.Notice("Starting a DHCP/DNS detector for IPv4") - d4 := &dhcpdns.Detector{RemoteIPPort: "192.0.2.53:80"} - if err := d4.Detect(); err != nil { - dlog.Criticalf("Failed to start the DHCP/DNS IPv4 server: %s", err) - continue - } - go d4.Serve(9, 10) - plugin.dhcpdns = append(plugin.dhcpdns, d4) - } - } plugin.forwardMap = append(plugin.forwardMap, PluginForwardEntry{ domain: domain, sequence: sequence, }) } + if requiresDHCP { + if len(proxy.userName) > 0 { + dlog.Warn("DHCP/DNS detection may not work when 'user_name' is set or when starting as a non-root user") + } + if proxy.SourceIPv6 { + dlog.Notice("Starting a DHCP/DNS detector for IPv6") + d6 := &dhcpdns.Detector{RemoteIPPort: "[2001:DB8::53]:80"} + go d6.Serve(9, 10) + plugin.dhcpdns = append(plugin.dhcpdns, d6) + } + if proxy.SourceIPv4 { + dlog.Notice("Starting a DHCP/DNS detector for IPv4") + d4 := &dhcpdns.Detector{RemoteIPPort: "192.0.2.53:80"} + go d4.Serve(9, 10) + plugin.dhcpdns = append(plugin.dhcpdns, d4) + } + } return nil } diff --git a/go.mod b/go.mod index 54bb6326..97c55a1e 100644 --- a/go.mod +++ b/go.mod @@ -23,7 +23,7 @@ require ( github.com/powerman/check v1.8.0 github.com/quic-go/quic-go v0.50.1 golang.org/x/crypto v0.36.0 - golang.org/x/net v0.37.0 + golang.org/x/net v0.38.0 golang.org/x/sys v0.31.0 gopkg.in/natefinch/lumberjack.v2 v2.2.1 ) diff --git a/go.sum b/go.sum index 58dd76de..655a71c0 100644 --- a/go.sum +++ b/go.sum @@ -93,8 +93,8 @@ golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842 h1:vr/HnozRka3pE4EsMEg1lgkXJ golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842/go.mod h1:XtvwrStGgqGPLc4cjQfWqZHG1YFdYs6swckp8vpsjnc= golang.org/x/mod v0.23.0 h1:Zb7khfcRGKk+kqfxFaP5tZqCnDZMjC5VtUBs87Hr6QM= golang.org/x/mod v0.23.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY= -golang.org/x/net v0.37.0 h1:1zLorHbz+LYj7MQlSf1+2tPIIgibq2eL5xkrGk6f+2c= -golang.org/x/net v0.37.0/go.mod h1:ivrbrMbzFq5J41QOQh0siUuly180yBYtLp+CKbEaFx8= +golang.org/x/net v0.38.0 h1:vRMAPTMaeGqVhG5QyLJHqNDwecKTomGeqbnfZyKlBI8= +golang.org/x/net v0.38.0/go.mod h1:ivrbrMbzFq5J41QOQh0siUuly180yBYtLp+CKbEaFx8= golang.org/x/sync v0.12.0 h1:MHc5BpPuC30uJk597Ri8TV3CNZcTLu6B6z4lJy+g6Jw= golang.org/x/sync v0.12.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA= golang.org/x/sys v0.0.0-20190529164535-6a60838ec259/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= diff --git a/vendor/golang.org/x/net/http2/frame.go b/vendor/golang.org/x/net/http2/frame.go index 81faec7e..97bd8b06 100644 --- a/vendor/golang.org/x/net/http2/frame.go +++ b/vendor/golang.org/x/net/http2/frame.go @@ -225,6 +225,11 @@ var fhBytes = sync.Pool{ }, } +func invalidHTTP1LookingFrameHeader() FrameHeader { + fh, _ := readFrameHeader(make([]byte, frameHeaderLen), strings.NewReader("HTTP/1.1 ")) + return fh +} + // ReadFrameHeader reads 9 bytes from r and returns a FrameHeader. // Most users should use Framer.ReadFrame instead. func ReadFrameHeader(r io.Reader) (FrameHeader, error) { @@ -503,10 +508,16 @@ func (fr *Framer) ReadFrame() (Frame, error) { return nil, err } if fh.Length > fr.maxReadSize { + if fh == invalidHTTP1LookingFrameHeader() { + return nil, fmt.Errorf("http2: failed reading the frame payload: %w, note that the frame header looked like an HTTP/1.1 header", err) + } return nil, ErrFrameTooLarge } payload := fr.getReadBuf(fh.Length) if _, err := io.ReadFull(fr.r, payload); err != nil { + if fh == invalidHTTP1LookingFrameHeader() { + return nil, fmt.Errorf("http2: failed reading the frame payload: %w, note that the frame header looked like an HTTP/1.1 header", err) + } return nil, err } f, err := typeFrameParser(fh.Type)(fr.frameCache, fh, fr.countError, payload) diff --git a/vendor/golang.org/x/net/http2/server.go b/vendor/golang.org/x/net/http2/server.go index b640deb0..51fca38f 100644 --- a/vendor/golang.org/x/net/http2/server.go +++ b/vendor/golang.org/x/net/http2/server.go @@ -1068,7 +1068,10 @@ func (sc *serverConn) serve(conf http2Config) { func (sc *serverConn) handlePingTimer(lastFrameReadTime time.Time) { if sc.pingSent { - sc.vlogf("timeout waiting for PING response") + sc.logf("timeout waiting for PING response") + if f := sc.countErrorFunc; f != nil { + f("conn_close_lost_ping") + } sc.conn.Close() return } diff --git a/vendor/modules.txt b/vendor/modules.txt index d0a1277d..a90cc2d1 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -154,7 +154,7 @@ golang.org/x/mod/internal/lazyregexp golang.org/x/mod/modfile golang.org/x/mod/module golang.org/x/mod/semver -# golang.org/x/net v0.37.0 +# golang.org/x/net v0.38.0 ## explicit; go 1.23.0 golang.org/x/net/bpf golang.org/x/net/http/httpguts