Merge pull request #409 from CHTJonas/master

Make internal DNS resolution opt-in
2025-10-11 13:21:00 +02:00 · 2021-08-16 12:27:57 -07:00 · 2021-08-16 12:27:57 -07:00 · 9ce2321d01
commit 9ce2321d01
parent b73fdff702 d75530b78b
2 changed files with 32 additions and 29 deletions
--- a/src/cli/cli.go
+++ b/src/cli/cli.go
@ -80,6 +80,7 @@ func Run() (err error) {
 		},
 	}
 	app.Flags = []cli.Flag{
+		&cli.BoolFlag{Name: "internal-dns", Usage: "use a built-in DNS stub resolver rather than the host operating system"},
 		&cli.BoolFlag{Name: "remember", Usage: "save these settings to reuse next time"},
 		&cli.BoolFlag{Name: "debug", Usage: "toggle debug mode"},
 		&cli.BoolFlag{Name: "yes", Usage: "automatically agree to all prompts"},
--- a/src/models/constants.go
+++ b/src/models/constants.go
@ -4,7 +4,7 @@ import (
 	"context"
 	"fmt"
 	"net"
-	"time"
+	"os"
 )

 // TCP_BUFFER_SIZE is the maximum packet size
@ -16,25 +16,38 @@ var (
 	DEFAULT_RELAY6     = "croc6.schollz.com"
 	DEFAULT_PORT       = "9009"
 	DEFAULT_PASSPHRASE = "pass123"
+	INTERNAL_DNS       = false
 )

-// lookupTimeout for DNS requests
-const lookupTimeout = time.Second
-
 // publicDns are servers to be queried if a local lookup fails
 var publicDns = []string{
 	"1.0.0.1",                // Cloudflare
 	"1.1.1.1",                // Cloudflare
+	"[2606:4700:4700::1111]", // Cloudflare
+	"[2606:4700:4700::1001]", // Cloudflare
 	"8.8.4.4",                // Google
 	"8.8.8.8",                // Google
-	"8.26.56.26",             // Comodo
-	"208.67.220.220",         // Cisco OpenDNS
-	"208.67.222.222",         // Cisco OpenDNS
 	"[2001:4860:4860::8844]", // Google
 	"[2001:4860:4860::8888]", // Google
+	"9.9.9.9",                // Quad9
+	"149.112.112.112",        // Quad9
+	"[2620:fe::fe]",          // Quad9
+	"[2620:fe::fe:9]",        // Quad9
+	"8.26.56.26",             // Comodo
+	"8.20.247.20",            // Comodo
+	"208.67.220.220",         // Cisco OpenDNS
+	"208.67.222.222",         // Cisco OpenDNS
+	"[2620:119:35::35]",      // Cisco OpenDNS
+	"[2620:119:53::53]",      // Cisco OpenDNS
 }

 func init() {
+	for _, flag := range os.Args {
+		if flag == "--internal-dns" {
+			INTERNAL_DNS = true
+			break
+		}
+	}
 	var err error
 	DEFAULT_RELAY, err = lookup(DEFAULT_RELAY)
 	if err == nil {
@ -50,42 +63,33 @@ func init() {
 	}
 }

-// lookup an IP address.
-//
-// Priority is given to local queries, and the system falls back to a list of
-// public DNS servers.
+// Resolve a hostname to an IP address using DNS.
 func lookup(address string) (ipaddress string, err error) {
-	ipaddress, err = localLookupIP(address)
-	if err == nil {
-		return
+	if !INTERNAL_DNS {
+		return localLookupIP(address)
 	}
-	err = nil
-
 	result := make(chan string, len(publicDns))
 	for _, dns := range publicDns {
 		go func(dns string) {
-			s, _ := remoteLookupIP(address, dns)
-			result <- s
+			s, err := remoteLookupIP(address, dns)
+			if err == nil {
+				result <- s
+			}
 		}(dns)
 	}
-
 	for i := 0; i < len(publicDns); i++ {
 		ipaddress = <-result
 		if ipaddress != "" {
 			return
 		}
 	}
-
-	err = fmt.Errorf("failed to lookup %s at any DNS server", address)
+	err = fmt.Errorf("failed to resolve %s: all DNS servers exhausted", address)
 	return
 }

 // localLookupIP returns a host's IP address based on the local resolver.
 func localLookupIP(address string) (ipaddress string, err error) {
-	ctx, cancel := context.WithTimeout(context.Background(), lookupTimeout)
-	defer cancel()
-
-	ip, err := net.DefaultResolver.LookupHost(ctx, address)
+	ip, err := net.LookupHost(address)
 	if err != nil {
 		return
 	}
@ -98,10 +102,8 @@ func remoteLookupIP(address, dns string) (ipaddress string, err error) {
 	r := &net.Resolver{
 		PreferGo: true,
 		Dial: func(ctx context.Context, network, address string) (net.Conn, error) {
-			d := net.Dialer{
-				Timeout: lookupTimeout,
-			}
-			return d.DialContext(ctx, "udp", dns+":53")
+			d := new(net.Dialer)
+			return d.DialContext(ctx, network, dns+":53")
 		},
 	}
 	ip, err := r.LookupHost(context.Background(), address)