Merge pull request #409 from CHTJonas/master

Make internal DNS resolution opt-in

src/cli/cli.go

@@ -80,6 +80,7 @@ func Run() (err error) {
 		},
 	}
 	app.Flags = []cli.Flag{
+		&cli.BoolFlag{Name: "internal-dns", Usage: "use a built-in DNS stub resolver rather than the host operating system"},
 		&cli.BoolFlag{Name: "remember", Usage: "save these settings to reuse next time"},
 		&cli.BoolFlag{Name: "debug", Usage: "toggle debug mode"},
 		&cli.BoolFlag{Name: "yes", Usage: "automatically agree to all prompts"},

src/models/constants.go

@@ -4,7 +4,7 @@ import (
 	"context"
 	"fmt"
 	"net"
-	"time"
+	"os"
 )
 
 // TCP_BUFFER_SIZE is the maximum packet size
@@ -16,25 +16,38 @@ var (
 	DEFAULT_RELAY6     = "croc6.schollz.com"
 	DEFAULT_PORT       = "9009"
 	DEFAULT_PASSPHRASE = "pass123"
+	INTERNAL_DNS       = false
 )
 
-// lookupTimeout for DNS requests
-const lookupTimeout = time.Second
-
 // publicDns are servers to be queried if a local lookup fails
 var publicDns = []string{
 	"1.0.0.1",                // Cloudflare
 	"1.1.1.1",                // Cloudflare
+	"[2606:4700:4700::1111]", // Cloudflare
+	"[2606:4700:4700::1001]", // Cloudflare
 	"8.8.4.4",                // Google
 	"8.8.8.8",                // Google
-	"8.26.56.26",             // Comodo
-	"208.67.220.220",         // Cisco OpenDNS
-	"208.67.222.222",         // Cisco OpenDNS
 	"[2001:4860:4860::8844]", // Google
 	"[2001:4860:4860::8888]", // Google
+	"9.9.9.9",                // Quad9
+	"149.112.112.112",        // Quad9
+	"[2620:fe::fe]",          // Quad9
+	"[2620:fe::fe:9]",        // Quad9
+	"8.26.56.26",             // Comodo
+	"8.20.247.20",            // Comodo
+	"208.67.220.220",         // Cisco OpenDNS
+	"208.67.222.222",         // Cisco OpenDNS
+	"[2620:119:35::35]",      // Cisco OpenDNS
+	"[2620:119:53::53]",      // Cisco OpenDNS
 }
 
 func init() {
+	for _, flag := range os.Args {
+		if flag == "--internal-dns" {
+			INTERNAL_DNS = true
+			break
+		}
+	}
 	var err error
 	DEFAULT_RELAY, err = lookup(DEFAULT_RELAY)
 	if err == nil {
@@ -50,42 +63,33 @@ func init() {
 	}
 }
 
-// lookup an IP address.
+// Resolve a hostname to an IP address using DNS.
-//
-// Priority is given to local queries, and the system falls back to a list of
-// public DNS servers.
 func lookup(address string) (ipaddress string, err error) {
-	ipaddress, err = localLookupIP(address)
+	if !INTERNAL_DNS {
-	if err == nil {
+		return localLookupIP(address)
-		return
 	}
-	err = nil
-
 	result := make(chan string, len(publicDns))
 	for _, dns := range publicDns {
 		go func(dns string) {
-			s, _ := remoteLookupIP(address, dns)
+			s, err := remoteLookupIP(address, dns)
-			result <- s
+			if err == nil {
+				result <- s
+			}
 		}(dns)
 	}
-
 	for i := 0; i < len(publicDns); i++ {
 		ipaddress = <-result
 		if ipaddress != "" {
 			return
 		}
 	}
-
+	err = fmt.Errorf("failed to resolve %s: all DNS servers exhausted", address)
-	err = fmt.Errorf("failed to lookup %s at any DNS server", address)
 	return
 }
 
 // localLookupIP returns a host's IP address based on the local resolver.
 func localLookupIP(address string) (ipaddress string, err error) {
-	ctx, cancel := context.WithTimeout(context.Background(), lookupTimeout)
+	ip, err := net.LookupHost(address)
-	defer cancel()
-
-	ip, err := net.DefaultResolver.LookupHost(ctx, address)
 	if err != nil {
 		return
 	}
@@ -98,10 +102,8 @@ func remoteLookupIP(address, dns string) (ipaddress string, err error) {
 	r := &net.Resolver{
 		PreferGo: true,
 		Dial: func(ctx context.Context, network, address string) (net.Conn, error) {
-			d := net.Dialer{
+			d := new(net.Dialer)
-				Timeout: lookupTimeout,
+			return d.DialContext(ctx, network, dns+":53")
-			}
-			return d.DialContext(ctx, "udp", dns+":53")
 		},
 	}
 	ip, err := r.LookupHost(context.Background(), address)