add dns proxy server

8ec3d8cb · ginuerzh · ae36ad0f · 8ec3d8cb · 8ec3d8cb · 8ec3d8cb
Commit 8ec3d8cb authored Jan 15, 2020 by ginuerzh
7 changed files
--- a/cmd/gost/cfg.go
+++ b/cmd/gost/cfg.go
@@ -223,9 +223,7 @@ func parseResolver(cfg string) gost.Resolver {
 					Addr:     s,
 					Protocol: "https",
 				}
-				if err := ns.Init(); err == nil {
-					nss = append(nss, ns)
-				}
+				nss = append(nss, ns)
 				continue
 			}

@@ -234,18 +232,14 @@ func parseResolver(cfg string) gost.Resolver {
 				ns := gost.NameServer{
 					Addr: ss[0],
 				}
-				if err := ns.Init(); err == nil {
-					nss = append(nss, ns)
-				}
+				nss = append(nss, ns)
 			}
 			if len(ss) == 2 {
 				ns := gost.NameServer{
 					Addr:     ss[0],
 					Protocol: ss[1],
 				}
-				if err := ns.Init(); err == nil {
-					nss = append(nss, ns)
-				}
+				nss = append(nss, ns)
 			}
 		}
 		return gost.NewResolver(0, nss...)

--- a/cmd/gost/route.go
+++ b/cmd/gost/route.go
@@ -477,6 +477,13 @@ func (r *route) GenRouters() ([]router, error) {
 					QueueSize: node.GetInt("queue"),
 				},
 			)
+		case "dns":
+			ln, err = gost.DNSListener(
+				node.Addr,
+				&gost.DNSOptions{
+					TCPMode: node.GetBool("tcp"),
+				},
+			)
 		default:
 			ln, err = gost.TCPListener(node.Addr)
 		}
@@ -518,6 +525,8 @@ func (r *route) GenRouters() ([]router, error) {
 			handler = gost.TunHandler()
 		case "tap":
 			handler = gost.TapHandler()
+		case "dns", "dot", "doh":
+			handler = gost.DNSHandler(node.Remote)
 		default:
 			// start from 2.5, if remote is not empty, then we assume that it is a forward tunnel.
 			if node.Remote != "" {
@@ -540,10 +549,14 @@ func (r *route) GenRouters() ([]router, error) {
 		}

 		node.Bypass = parseBypass(node.Get("bypass"))
-		resolver := parseResolver(node.Get("dns"))
 		hosts := parseHosts(node.Get("hosts"))
 		ips := parseIP(node.Get("ip"), "")

+		resolver := parseResolver(node.Get("dns"))
+		if resolver != nil {
+			resolver.Init(gost.ChainResolverOption(chain))
+		}
+
 		handler.Init(
 			gost.AddrHandlerOption(ln.Addr().String()),
 			gost.ChainHandlerOption(chain),

--- a/dns.go
+++ b/dns.go
+package gost
+
+import (
+	"bytes"
+	"context"
+	"errors"
+	"net"
+	"strconv"
+	"time"
+
+	"github.com/go-log/log"
+	"github.com/miekg/dns"
+)
+
+type dnsHandler struct {
+	options *HandlerOptions
+}
+
+// DNSHandler creates a Handler for DNS server.
+func DNSHandler(raddr string, opts ...HandlerOption) Handler {
+	h := &dnsHandler{}
+
+	for _, opt := range opts {
+		opt(h.options)
+	}
+	return h
+}
+
+func (h *dnsHandler) Init(opts ...HandlerOption) {
+	if h.options == nil {
+		h.options = &HandlerOptions{}
+	}
+
+	for _, opt := range opts {
+		opt(h.options)
+	}
+}
+
+func (h *dnsHandler) Handle(conn net.Conn) {
+	defer conn.Close()
+
+	b := mPool.Get().([]byte)
+	defer mPool.Put(b)
+
+	n, err := conn.Read(b)
+	if err != nil {
+		log.Logf("[dns] %s - %s: %v", conn.RemoteAddr(), conn.LocalAddr(), err)
+	}
+
+	mq := &dns.Msg{}
+	if err = mq.Unpack(b[:n]); err != nil {
+		log.Logf("[dns] %s - %s request unpack: %v", conn.RemoteAddr(), conn.LocalAddr(), err)
+		return
+	}
+	log.Logf("[dns] %s -> %s: %s", conn.RemoteAddr(), conn.LocalAddr(), h.dumpMsgHeader(mq))
+	if Debug {
+		log.Logf("[dns] %s >>> %s: %s", conn.RemoteAddr(), conn.LocalAddr(), mq.String())
+	}
+
+	start := time.Now()
+	reply, err := h.options.Resolver.Exchange(context.Background(), b[:n])
+	if err != nil {
+		log.Logf("[dns] %s - %s exchange: %v", conn.RemoteAddr(), conn.LocalAddr(), err)
+		return
+	}
+
+	rtt := time.Since(start)
+
+	mr := &dns.Msg{}
+	if err = mr.Unpack(reply); err != nil {
+		log.Logf("[dns] %s - %s reply unpack: %v", conn.RemoteAddr(), conn.LocalAddr(), err)
+		return
+	}
+	log.Logf("[dns] %s <- %s: %s [%s]",
+		conn.RemoteAddr(), conn.LocalAddr(), h.dumpMsgHeader(mr), rtt)
+	if Debug {
+		log.Logf("[dns] %s <<< %s: %s", conn.RemoteAddr(), conn.LocalAddr(), mr.String())
+	}
+
+	if _, err = conn.Write(reply); err != nil {
+		log.Logf("[dns] %s - %s reply unpack: %v", conn.RemoteAddr(), conn.LocalAddr(), err)
+	}
+}
+
+func (h *dnsHandler) dumpMsgHeader(m *dns.Msg) string {
+	buf := new(bytes.Buffer)
+	buf.WriteString(m.MsgHdr.String() + " ")
+	buf.WriteString("QUERY: " + strconv.Itoa(len(m.Question)) + ", ")
+	buf.WriteString("ANSWER: " + strconv.Itoa(len(m.Answer)) + ", ")
+	buf.WriteString("AUTHORITY: " + strconv.Itoa(len(m.Ns)) + ", ")
+	buf.WriteString("ADDITIONAL: " + strconv.Itoa(len(m.Extra)))
+	return buf.String()
+}
+
+type DNSOptions struct {
+	TCPMode      bool
+	UDPSize      int
+	ReadTimeout  time.Duration
+	WriteTimeout time.Duration
+}
+
+type dnsListener struct {
+	addr     net.Addr
+	server   *dns.Server
+	connChan chan net.Conn
+	errc     chan error
+}
+
+func DNSListener(addr string, options *DNSOptions) (Listener, error) {
+	if options == nil {
+		options = &DNSOptions{}
+	}
+
+	ln := &dnsListener{
+		connChan: make(chan net.Conn, 128),
+		errc:     make(chan error, 1),
+	}
+
+	var nets string
+	var err error
+
+	if options.TCPMode {
+		nets = "tcp"
+		ln.addr, err = net.ResolveTCPAddr("tcp", addr)
+	} else {
+		nets = "udp"
+		ln.addr, err = net.ResolveUDPAddr("udp", addr)
+	}
+	if err != nil {
+		return nil, err
+	}
+
+	ln.server = &dns.Server{
+		Addr: addr,
+		Net:  nets,
+	}
+
+	dns.HandleFunc(".", ln.handleRequest)
+
+	go func() {
+		if err := ln.server.ListenAndServe(); err != nil {
+			ln.errc <- err
+			return
+		}
+	}()
+
+	select {
+	case err := <-ln.errc:
+		return nil, err
+	default:
+	}
+
+	return ln, nil
+}
+
+func (l *dnsListener) handleRequest(w dns.ResponseWriter, m *dns.Msg) {
+	if w == nil || m == nil {
+		return
+	}
+
+	conn := &dnsServerConn{
+		mq:             make(chan []byte, 1),
+		ResponseWriter: w,
+	}
+
+	buf := mPool.Get().([]byte)
+	defer mPool.Put(buf)
+	buf = buf[:0]
+	b, err := m.PackBuffer(buf)
+	if err != nil {
+		log.Logf("[dns] %s: %v", l.addr, err)
+		return
+	}
+	conn.mq <- b
+
+	select {
+	case l.connChan <- conn:
+	default:
+		log.Logf("[dns] %s: connection queue is full", l.addr)
+	}
+}
+
+func (l *dnsListener) Accept() (conn net.Conn, err error) {
+	select {
+	case conn = <-l.connChan:
+	case err = <-l.errc:
+	}
+	return
+}
+
+func (l *dnsListener) Close() error {
+	return l.server.Shutdown()
+}
+
+func (l *dnsListener) Addr() net.Addr {
+	return l.addr
+}
+
+type dnsServerConn struct {
+	mq chan []byte
+	dns.ResponseWriter
+}
+
+func (c *dnsServerConn) Read(b []byte) (n int, err error) {
+	var mb []byte
+	select {
+	case mb = <-c.mq:
+	default:
+	}
+	n = copy(b, mb)
+	return
+}
+
+func (c *dnsServerConn) SetDeadline(t time.Time) error {
+	return &net.OpError{Op: "set", Net: "dns", Source: nil, Addr: nil, Err: errors.New("deadline not supported")}
+}
+
+func (c *dnsServerConn) SetReadDeadline(t time.Time) error {
+	return &net.OpError{Op: "set", Net: "dns", Source: nil, Addr: nil, Err: errors.New("deadline not supported")}
+}
+
+func (c *dnsServerConn) SetWriteDeadline(t time.Time) error {
+	return &net.OpError{Op: "set", Net: "dns", Source: nil, Addr: nil, Err: errors.New("deadline not supported")}
+}
--- a/go.mod
+++ b/go.mod
@@ -27,7 +27,7 @@ require (
 	github.com/lucas-clemente/aes12 v0.0.0-20171027163421-cd47fb39b79f // indirect
 	github.com/lucas-clemente/quic-go v0.10.0
 	github.com/lucas-clemente/quic-go-certificates v0.0.0-20160823095156-d2f86524cced // indirect
-	github.com/miekg/dns v1.1.3
+	github.com/miekg/dns v1.1.27
 	github.com/milosgajdos83/tenus v0.0.0-20190415114537-1f3ed00ae7d8
 	github.com/onsi/ginkgo v1.7.0 // indirect
 	github.com/onsi/gomega v1.4.3 // indirect
@@ -40,9 +40,8 @@ require (
 	github.com/templexxx/xor v0.0.0-20181023030647-4e92f724b73b // indirect
 	github.com/tjfoc/gmsm v1.0.1 // indirect
 	github.com/xtaci/tcpraw v1.2.25
-	golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2
-	golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3
-	golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4 // indirect
+	golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550
+	golang.org/x/net v0.0.0-20190923162816-aa69164e4478
 	gopkg.in/gorilla/websocket.v1 v1.4.0
 	gopkg.in/xtaci/kcp-go.v4 v4.3.2
 	gopkg.in/xtaci/smux.v1 v1.0.7

--- a/go.sum
+++ b/go.sum
@@ -58,6 +58,8 @@ github.com/lucas-clemente/quic-go-certificates v0.0.0-20160823095156-d2f86524cce
 github.com/lucas-clemente/quic-go-certificates v0.0.0-20160823095156-d2f86524cced/go.mod h1:NCcRLrOTZbzhZvixZLlERbJtDtYsmMw8Jc4vS8Z0g58=
 github.com/miekg/dns v1.1.3 h1:1g0r1IvskvgL8rR+AcHzUA+oFmGcQlaIm4IqakufeMM=
 github.com/miekg/dns v1.1.3/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg=
+github.com/miekg/dns v1.1.27 h1:aEH/kqUzUxGJ/UHcEKdJY+ugH6WEzsEBBSPa8zuy1aM=
+github.com/miekg/dns v1.1.27/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM=
 github.com/milosgajdos83/tenus v0.0.0-20190415114537-1f3ed00ae7d8 h1:4WFQEfEJ7zaHYViIVM2Cd6tnQOOhiEHbmQtlcV7aOpc=
 github.com/milosgajdos83/tenus v0.0.0-20190415114537-1f3ed00ae7d8/go.mod h1:G95Wwn625/q6JCCytI4VR/a5VtPwrtI0B+Q1Gi38QLA=
 github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
@@ -88,23 +90,35 @@ golang.org/x/crypto v0.0.0-20190130090550-b01c7a725664 h1:YbZJ76lQ1BqNhVe7dKTSB6
 golang.org/x/crypto v0.0.0-20190130090550-b01c7a725664/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2 h1:VklqNMn3ovrHsnt90PveolxSbWFaJdECFbxSq0Mqo2M=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550 h1:ObdrDkeb4kJdCP557AjRjq69pTHfNouLtWZG7j9rPN8=
+golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
 golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20181011144130-49bb7cea24b1/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190125091013-d26f9f9a57f3 h1:ulvT7fqt0yHWzpJwI57MezWnYDVpCAYBVuYst/L+fAY=
 golang.org/x/net v0.0.0-20190125091013-d26f9f9a57f3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3 h1:0GoQqolDA55aaLxZyTzK/Y2ePZzZTUrRacwib7cNsYQ=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20190923162816-aa69164e4478 h1:l5EDrHhldLYb3ZRHDUhXF7Om7MvYXnkV9/iQNo1lX6g=
+golang.org/x/net v0.0.0-20190923162816-aa69164e4478/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4 h1:YUO/7uOKsKeq9UokNS62b8FYywz3ker1l1vDZRCRefw=
 golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190228124157-a34e9553db1e h1:ZytStCyV048ZqDsWHiYDdoI2Vd4msMcrDECFxS+tL9c=
 golang.org/x/sys v0.0.0-20190228124157-a34e9553db1e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190405154228-4b34438f7a67 h1:1Fzlr8kkDLQwqMP8GxrhptBLqZG/EDpiATneiZHY998=
 golang.org/x/sys v0.0.0-20190405154228-4b34438f7a67/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190924154521-2837fb4f24fe h1:6fAMxZRR6sl1Uq8U61gxU+kPTs2tR8uOySCbBP7BN/M=
+golang.org/x/sys v0.0.0-20190924154521-2837fb4f24fe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/tools v0.0.0-20191216052735-49a3e744a425/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
+golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/fsnotify.v1 v1.4.7 h1:xOHLXZwVvI9hhs+cLKq5+I5onOuwQLhQwiu63xxlHs4=

--- a/node.go
+++ b/node.go
@@ -84,6 +84,7 @@ func ParseNode(s string) (node Node, err error) {
 	case "ohttp": // obfs-http
 	case "tun", "tap": // tun/tap device
 	case "ftcp": // fake TCP
+	case "dns", "dot", "doh":
 	default:
 		node.Transport = "tcp"
 	}
@@ -97,6 +98,7 @@ func ParseNode(s string) (node Node, err error) {
 	case "redirect": // TCP transparent proxy
 	case "tun", "tap": // tun/tap device
 	case "ftcp": // fake TCP
+	case "dns", "dot", "doh":
 	default:
 		node.Protocol = ""
 	}

--- a/resolver.go
+++ b/resolver.go