clash/dns/middleware.go

package dns

import (
	"net/netip"
	"strings"
	"time"

	"github.com/Dreamacro/clash/common/cache"
	"github.com/Dreamacro/clash/common/nnip"
	"github.com/Dreamacro/clash/component/fakeip"
	"github.com/Dreamacro/clash/component/trie"
	C "github.com/Dreamacro/clash/constant"
	"github.com/Dreamacro/clash/context"
	"github.com/Dreamacro/clash/log"

	D "github.com/miekg/dns"
)

type (
	handler    func(ctx *context.DNSContext, r *D.Msg) (*D.Msg, error)
	middleware func(next handler) handler
)

func withHosts(hosts *trie.DomainTrie[netip.Addr], mapping *cache.LruCache[netip.Addr, string]) middleware {
	return func(next handler) handler {
		return func(ctx *context.DNSContext, r *D.Msg) (*D.Msg, error) {
			q := r.Question[0]

			if !isIPRequest(q) {
				return next(ctx, r)
			}

			host := strings.TrimRight(q.Name, ".")

			record := hosts.Search(host)
			if record == nil {
				return next(ctx, r)
			}

			ip := record.Data
			msg := r.Copy()

			if ip.Is4() && q.Qtype == D.TypeA {
				rr := &D.A{}
				rr.Hdr = D.RR_Header{Name: q.Name, Rrtype: D.TypeA, Class: D.ClassINET, Ttl: 10}
				rr.A = ip.AsSlice()

				msg.Answer = []D.RR{rr}
			} else if q.Qtype == D.TypeAAAA {
				rr := &D.AAAA{}
				rr.Hdr = D.RR_Header{Name: q.Name, Rrtype: D.TypeAAAA, Class: D.ClassINET, Ttl: 10}
				ip := ip.As16()
				rr.AAAA = ip[:]
				msg.Answer = []D.RR{rr}
			} else {
				return next(ctx, r)
			}

			if mapping != nil {
				mapping.SetWithExpire(ip, host, time.Now().Add(time.Second*10))
			}

			ctx.SetType(context.DNSTypeHost)
			msg.SetRcode(r, D.RcodeSuccess)
			msg.Authoritative = true
			msg.RecursionAvailable = true

			return msg, nil
		}
	}
}

func withMapping(mapping *cache.LruCache[netip.Addr, string]) middleware {
	return func(next handler) handler {
		return func(ctx *context.DNSContext, r *D.Msg) (*D.Msg, error) {
			q := r.Question[0]

			if !isIPRequest(q) {
				return next(ctx, r)
			}

			msg, err := next(ctx, r)
			if err != nil {
				return nil, err
			}

			host := strings.TrimRight(q.Name, ".")

			for _, ans := range msg.Answer {
				var ip netip.Addr
				var ttl uint32

				switch a := ans.(type) {
				case *D.A:
					ip = nnip.IpToAddr(a.A)
					ttl = a.Hdr.Ttl
				case *D.AAAA:
					ip = nnip.IpToAddr(a.AAAA)
					ttl = a.Hdr.Ttl
				default:
					continue
				}

				mapping.SetWithExpire(ip, host, time.Now().Add(time.Second*time.Duration(ttl)))
			}

			return msg, nil
		}
	}
}

func withFakeIP(fakePool *fakeip.Pool) middleware {
	return func(next handler) handler {
		return func(ctx *context.DNSContext, r *D.Msg) (*D.Msg, error) {
			q := r.Question[0]

			host := strings.TrimRight(q.Name, ".")
			if fakePool.ShouldSkipped(host) {
				return next(ctx, r)
			}

			switch q.Qtype {
			case D.TypeAAAA, D.TypeSVCB, D.TypeHTTPS:
				return handleMsgWithEmptyAnswer(r), nil
			}

			if q.Qtype != D.TypeA {
				return next(ctx, r)
			}

			rr := &D.A{}
			rr.Hdr = D.RR_Header{Name: q.Name, Rrtype: D.TypeA, Class: D.ClassINET, Ttl: dnsDefaultTTL}
			ip := fakePool.Lookup(host)
			rr.A = ip.AsSlice()
			msg := r.Copy()
			msg.Answer = []D.RR{rr}

			ctx.SetType(context.DNSTypeFakeIP)
			setMsgTTL(msg, 1)
			msg.SetRcode(r, D.RcodeSuccess)
			msg.Authoritative = true
			msg.RecursionAvailable = true

			return msg, nil
		}
	}
}

func withResolver(resolver *Resolver) handler {
	return func(ctx *context.DNSContext, r *D.Msg) (*D.Msg, error) {
		ctx.SetType(context.DNSTypeRaw)
		q := r.Question[0]

		// return a empty AAAA msg when ipv6 disabled
		if !resolver.ipv6 && q.Qtype == D.TypeAAAA {
			return handleMsgWithEmptyAnswer(r), nil
		}

		msg, err := resolver.Exchange(r)
		if err != nil {
			log.Debugln("[DNS Server] Exchange %s failed: %v", q.String(), err)
			return msg, err
		}
		msg.SetRcode(r, msg.Rcode)
		msg.Authoritative = true

		log.Debugln("[DNS] %s --> %s", msgToDomain(r), msgToIP(msg))
		return msg, nil
	}
}

func compose(middlewares []middleware, endpoint handler) handler {
	length := len(middlewares)
	h := endpoint
	for i := length - 1; i >= 0; i-- {
		middleware := middlewares[i]
		h = middleware(h)
	}

	return h
}

func NewHandler(resolver *Resolver, mapper *ResolverEnhancer) handler {
	middlewares := []middleware{}

	if resolver.hosts != nil {
		middlewares = append(middlewares, withHosts(resolver.hosts, mapper.mapping))
	}

	if mapper.mode == C.DNSFakeIP {
		middlewares = append(middlewares, withFakeIP(mapper.fakePool))
	}

	if mapper.mode != C.DNSNormal {
		middlewares = append(middlewares, withMapping(mapper.mapping))
	}

	return compose(middlewares, withResolver(resolver))
}
Feature(dns): support custom hosts 2019-07-14 11:29:58 +00:00			`package dns`

			`import (`
Refactor: DomainTrie use generics 2022-04-05 20:25:53 +00:00			`"net/netip"`
Feature(dns): support custom hosts 2019-07-14 11:29:58 +00:00			`"strings"`
Chore: split enhanced mode instance (#936) Co-authored-by: Dreamacro <305009791@qq.com> 2020-09-17 02:48:42 +00:00			`"time"`
Feature(dns): support custom hosts 2019-07-14 11:29:58 +00:00
Chore: split enhanced mode instance (#936) Co-authored-by: Dreamacro <305009791@qq.com> 2020-09-17 02:48:42 +00:00			`"github.com/Dreamacro/clash/common/cache"`
Chore: IpToAddr 2022-04-19 09:46:13 +00:00			`"github.com/Dreamacro/clash/common/nnip"`
Feature(dns): support custom hosts 2019-07-14 11:29:58 +00:00			`"github.com/Dreamacro/clash/component/fakeip"`
Feature: dns server could lookup hosts (#872) 2020-08-11 02:28:17 +00:00			`"github.com/Dreamacro/clash/component/trie"`
Fix: unexpected proxy dial behavior on mapping mode 2021-10-18 13:08:27 +00:00			`C "github.com/Dreamacro/clash/constant"`
Refactor: make inbound request contextual 2021-01-23 06:49:46 +00:00			`"github.com/Dreamacro/clash/context"`
Feature(dns): support custom hosts 2019-07-14 11:29:58 +00:00			`"github.com/Dreamacro/clash/log"`

			`D "github.com/miekg/dns"`
			`)`

Style: use gofumpt for fmt 2021-10-10 15:44:09 +00:00			`type (`
			`handler func(ctx context.DNSContext, r D.Msg) (*D.Msg, error)`
			`middleware func(next handler) handler`
			`)`
Feature(dns): support custom hosts 2019-07-14 11:29:58 +00:00
Refactor: fakeip pool use netip.Prefix, supports ipv6 range 2022-04-11 16:31:04 +00:00			`func withHosts(hosts trie.DomainTrie[netip.Addr], mapping cache.LruCache[netip.Addr, string]) middleware {`
Feature: dns server could lookup hosts (#872) 2020-08-11 02:28:17 +00:00			`return func(next handler) handler {`
Refactor: make inbound request contextual 2021-01-23 06:49:46 +00:00			`return func(ctx context.DNSContext, r D.Msg) (*D.Msg, error) {`
Feature: dns server could lookup hosts (#872) 2020-08-11 02:28:17 +00:00			`q := r.Question[0]`

			`if !isIPRequest(q) {`
Refactor: make inbound request contextual 2021-01-23 06:49:46 +00:00			`return next(ctx, r)`
Feature: dns server could lookup hosts (#872) 2020-08-11 02:28:17 +00:00			`}`

Chore: fix typos 2022-04-10 22:28:42 +00:00			`host := strings.TrimRight(q.Name, ".")`

			`record := hosts.Search(host)`
Feature: dns server could lookup hosts (#872) 2020-08-11 02:28:17 +00:00			`if record == nil {`
Refactor: make inbound request contextual 2021-01-23 06:49:46 +00:00			`return next(ctx, r)`
Feature: dns server could lookup hosts (#872) 2020-08-11 02:28:17 +00:00			`}`

Refactor: DomainTrie use generics 2022-04-05 20:25:53 +00:00			`ip := record.Data`
Feature: dns server could lookup hosts (#872) 2020-08-11 02:28:17 +00:00			`msg := r.Copy()`

Refactor: DomainTrie use generics 2022-04-05 20:25:53 +00:00			`if ip.Is4() && q.Qtype == D.TypeA {`
Feature: dns server could lookup hosts (#872) 2020-08-11 02:28:17 +00:00			`rr := &D.A{}`
Chore: fix typos 2022-04-10 22:28:42 +00:00			`rr.Hdr = D.RR_Header{Name: q.Name, Rrtype: D.TypeA, Class: D.ClassINET, Ttl: 10}`
Refactor: DomainTrie use generics 2022-04-05 20:25:53 +00:00			`rr.A = ip.AsSlice()`
Feature: dns server could lookup hosts (#872) 2020-08-11 02:28:17 +00:00
			`msg.Answer = []D.RR{rr}`
fix: leak dns when domain in hosts list 2022-06-10 06:29:19 +00:00			`} else if q.Qtype == D.TypeAAAA {`
Feature: dns server could lookup hosts (#872) 2020-08-11 02:28:17 +00:00			`rr := &D.AAAA{}`
Chore: fix typos 2022-04-10 22:28:42 +00:00			`rr.Hdr = D.RR_Header{Name: q.Name, Rrtype: D.TypeAAAA, Class: D.ClassINET, Ttl: 10}`
fix: leak dns when domain in hosts list 2022-06-10 06:29:19 +00:00			`ip := ip.As16()`
			`rr.AAAA = ip[:]`
Feature: dns server could lookup hosts (#872) 2020-08-11 02:28:17 +00:00			`msg.Answer = []D.RR{rr}`
			`} else {`
Refactor: make inbound request contextual 2021-01-23 06:49:46 +00:00			`return next(ctx, r)`
Feature: dns server could lookup hosts (#872) 2020-08-11 02:28:17 +00:00			`}`

Chore: fix typos 2022-04-10 22:28:42 +00:00			`if mapping != nil {`
Refactor: fakeip pool use netip.Prefix, supports ipv6 range 2022-04-11 16:31:04 +00:00			`mapping.SetWithExpire(ip, host, time.Now().Add(time.Second*10))`
Chore: fix typos 2022-04-10 22:28:42 +00:00			`}`

Refactor: make inbound request contextual 2021-01-23 06:49:46 +00:00			`ctx.SetType(context.DNSTypeHost)`
Feature: dns server could lookup hosts (#872) 2020-08-11 02:28:17 +00:00			`msg.SetRcode(r, D.RcodeSuccess)`
			`msg.Authoritative = true`
			`msg.RecursionAvailable = true`

Chore: split enhanced mode instance (#936) Co-authored-by: Dreamacro <305009791@qq.com> 2020-09-17 02:48:42 +00:00			`return msg, nil`
			`}`
			`}`
			`}`

Refactor: fakeip pool use netip.Prefix, supports ipv6 range 2022-04-11 16:31:04 +00:00			`func withMapping(mapping *cache.LruCache[netip.Addr, string]) middleware {`
Chore: split enhanced mode instance (#936) Co-authored-by: Dreamacro <305009791@qq.com> 2020-09-17 02:48:42 +00:00			`return func(next handler) handler {`
Refactor: make inbound request contextual 2021-01-23 06:49:46 +00:00			`return func(ctx context.DNSContext, r D.Msg) (*D.Msg, error) {`
Chore: split enhanced mode instance (#936) Co-authored-by: Dreamacro <305009791@qq.com> 2020-09-17 02:48:42 +00:00			`q := r.Question[0]`

			`if !isIPRequest(q) {`
Refactor: make inbound request contextual 2021-01-23 06:49:46 +00:00			`return next(ctx, r)`
Chore: split enhanced mode instance (#936) Co-authored-by: Dreamacro <305009791@qq.com> 2020-09-17 02:48:42 +00:00			`}`

Refactor: make inbound request contextual 2021-01-23 06:49:46 +00:00			`msg, err := next(ctx, r)`
Chore: split enhanced mode instance (#936) Co-authored-by: Dreamacro <305009791@qq.com> 2020-09-17 02:48:42 +00:00			`if err != nil {`
			`return nil, err`
			`}`

			`host := strings.TrimRight(q.Name, ".")`

			`for _, ans := range msg.Answer {`
Refactor: metadata use netip.Addr 2022-04-19 17:52:51 +00:00			`var ip netip.Addr`
Chore: split enhanced mode instance (#936) Co-authored-by: Dreamacro <305009791@qq.com> 2020-09-17 02:48:42 +00:00			`var ttl uint32`

			`switch a := ans.(type) {`
			`case *D.A:`
Refactor: metadata use netip.Addr 2022-04-19 17:52:51 +00:00			`ip = nnip.IpToAddr(a.A)`
Chore: split enhanced mode instance (#936) Co-authored-by: Dreamacro <305009791@qq.com> 2020-09-17 02:48:42 +00:00			`ttl = a.Hdr.Ttl`
			`case *D.AAAA:`
Refactor: metadata use netip.Addr 2022-04-19 17:52:51 +00:00			`ip = nnip.IpToAddr(a.AAAA)`
Chore: split enhanced mode instance (#936) Co-authored-by: Dreamacro <305009791@qq.com> 2020-09-17 02:48:42 +00:00			`ttl = a.Hdr.Ttl`
			`default:`
			`continue`
			`}`

Refactor: metadata use netip.Addr 2022-04-19 17:52:51 +00:00			`mapping.SetWithExpire(ip, host, time.Now().Add(time.Second*time.Duration(ttl)))`
Chore: split enhanced mode instance (#936) Co-authored-by: Dreamacro <305009791@qq.com> 2020-09-17 02:48:42 +00:00			`}`

			`return msg, nil`
Feature: dns server could lookup hosts (#872) 2020-08-11 02:28:17 +00:00			`}`
			`}`
			`}`

Feature: move hosts to the top 2019-09-11 09:00:55 +00:00			`func withFakeIP(fakePool *fakeip.Pool) middleware {`
			`return func(next handler) handler {`
Refactor: make inbound request contextual 2021-01-23 06:49:46 +00:00			`return func(ctx context.DNSContext, r D.Msg) (*D.Msg, error) {`
Feature: move hosts to the top 2019-09-11 09:00:55 +00:00			`q := r.Question[0]`
Fix(fake-ip): return failed when type is AAAA 2019-09-21 02:30:43 +00:00
Fix: the priority of fake-ip-filter 2020-10-08 16:04:24 +00:00			`host := strings.TrimRight(q.Name, ".")`
Feature: persistence fakeip (#1662) 2021-10-11 12:48:58 +00:00			`if fakePool.ShouldSkipped(host) {`
Refactor: make inbound request contextual 2021-01-23 06:49:46 +00:00			`return next(ctx, r)`
Fix: the priority of fake-ip-filter 2020-10-08 16:04:24 +00:00			`}`

Chore: return empty record in SVCB/HTTPSSVC on fake-ip mode 2020-10-12 16:15:49 +00:00			`switch q.Qtype {`
			`case D.TypeAAAA, D.TypeSVCB, D.TypeHTTPS:`
			`return handleMsgWithEmptyAnswer(r), nil`
			`}`
Fix: dns return empty success for AAAA & recursion in fake ip mode (#663) 2020-04-29 03:21:37 +00:00
Chore: return empty record in SVCB/HTTPSSVC on fake-ip mode 2020-10-12 16:15:49 +00:00			`if q.Qtype != D.TypeA {`
Refactor: make inbound request contextual 2021-01-23 06:49:46 +00:00			`return next(ctx, r)`
Feature: move hosts to the top 2019-09-11 09:00:55 +00:00			`}`

			`rr := &D.A{}`
			`rr.Hdr = D.RR_Header{Name: q.Name, Rrtype: D.TypeA, Class: D.ClassINET, Ttl: dnsDefaultTTL}`
			`ip := fakePool.Lookup(host)`
Refactor: fakeip pool use netip.Prefix, supports ipv6 range 2022-04-11 16:31:04 +00:00			`rr.A = ip.AsSlice()`
Feature: move hosts to the top 2019-09-11 09:00:55 +00:00			`msg := r.Copy()`
			`msg.Answer = []D.RR{rr}`

Refactor: make inbound request contextual 2021-01-23 06:49:46 +00:00			`ctx.SetType(context.DNSTypeFakeIP)`
Feature: move hosts to the top 2019-09-11 09:00:55 +00:00			`setMsgTTL(msg, 1)`
Fix: dns return empty success for AAAA & recursion in fake ip mode (#663) 2020-04-29 03:21:37 +00:00			`msg.SetRcode(r, D.RcodeSuccess)`
Fix: use the fastest whether the result is successful 2020-02-14 08:36:20 +00:00			`msg.Authoritative = true`
Fix: dns return empty success for AAAA & recursion in fake ip mode (#663) 2020-04-29 03:21:37 +00:00			`msg.RecursionAvailable = true`

Chore: split enhanced mode instance (#936) Co-authored-by: Dreamacro <305009791@qq.com> 2020-09-17 02:48:42 +00:00			`return msg, nil`
Feature: move hosts to the top 2019-09-11 09:00:55 +00:00			`}`
Feature(dns): support custom hosts 2019-07-14 11:29:58 +00:00			`}`
			`}`

			`func withResolver(resolver *Resolver) handler {`
Refactor: make inbound request contextual 2021-01-23 06:49:46 +00:00			`return func(ctx context.DNSContext, r D.Msg) (*D.Msg, error) {`
			`ctx.SetType(context.DNSTypeRaw)`
Change: ipv6 logic 2020-06-18 10:11:02 +00:00			`q := r.Question[0]`

			`// return a empty AAAA msg when ipv6 disabled`
			`if !resolver.ipv6 && q.Qtype == D.TypeAAAA {`
Chore: return empty record in SVCB/HTTPSSVC on fake-ip mode 2020-10-12 16:15:49 +00:00			`return handleMsgWithEmptyAnswer(r), nil`
Change: ipv6 logic 2020-06-18 10:11:02 +00:00			`}`

Feature(dns): support custom hosts 2019-07-14 11:29:58 +00:00			`msg, err := resolver.Exchange(r)`
			`if err != nil {`
Feature: move hosts to the top 2019-09-11 09:00:55 +00:00			`log.Debugln("[DNS Server] Exchange %s failed: %v", q.String(), err)`
Chore: split enhanced mode instance (#936) Co-authored-by: Dreamacro <305009791@qq.com> 2020-09-17 02:48:42 +00:00			`return msg, err`
Feature(dns): support custom hosts 2019-07-14 11:29:58 +00:00			`}`
Fix: use the fastest whether the result is successful 2020-02-14 08:36:20 +00:00			`msg.SetRcode(r, msg.Rcode)`
			`msg.Authoritative = true`
Chore: split enhanced mode instance (#936) Co-authored-by: Dreamacro <305009791@qq.com> 2020-09-17 02:48:42 +00:00
chore: debug log print dns result 2022-05-17 10:21:18 +00:00			`log.Debugln("[DNS] %s --> %s", msgToDomain(r), msgToIP(msg))`
Chore: split enhanced mode instance (#936) Co-authored-by: Dreamacro <305009791@qq.com> 2020-09-17 02:48:42 +00:00			`return msg, nil`
Feature(dns): support custom hosts 2019-07-14 11:29:58 +00:00			`}`
			`}`

Feature: move hosts to the top 2019-09-11 09:00:55 +00:00			`func compose(middlewares []middleware, endpoint handler) handler {`
			`length := len(middlewares)`
			`h := endpoint`
			`for i := length - 1; i >= 0; i-- {`
			`middleware := middlewares[i]`
			`h = middleware(h)`
Feature(dns): support custom hosts 2019-07-14 11:29:58 +00:00			`}`

Feature: move hosts to the top 2019-09-11 09:00:55 +00:00			`return h`
Feature(dns): support custom hosts 2019-07-14 11:29:58 +00:00			`}`

[test] 2021-11-17 08:03:47 +00:00			`func NewHandler(resolver Resolver, mapper ResolverEnhancer) handler {`
Feature: move hosts to the top 2019-09-11 09:00:55 +00:00			`middlewares := []middleware{}`
Feature(dns): support custom hosts 2019-07-14 11:29:58 +00:00
Feature: dns server could lookup hosts (#872) 2020-08-11 02:28:17 +00:00			`if resolver.hosts != nil {`
Chore: fix typos 2022-04-10 22:28:42 +00:00			`middlewares = append(middlewares, withHosts(resolver.hosts, mapper.mapping))`
Feature: dns server could lookup hosts (#872) 2020-08-11 02:28:17 +00:00			`}`

Fix: unexpected proxy dial behavior on mapping mode 2021-10-18 13:08:27 +00:00			`if mapper.mode == C.DNSFakeIP {`
Chore: split enhanced mode instance (#936) Co-authored-by: Dreamacro <305009791@qq.com> 2020-09-17 02:48:42 +00:00			`middlewares = append(middlewares, withFakeIP(mapper.fakePool))`
			`}`

Fix: unexpected proxy dial behavior on mapping mode 2021-10-18 13:08:27 +00:00			`if mapper.mode != C.DNSNormal {`
Chore: split enhanced mode instance (#936) Co-authored-by: Dreamacro <305009791@qq.com> 2020-09-17 02:48:42 +00:00			`middlewares = append(middlewares, withMapping(mapper.mapping))`
Feature(dns): support custom hosts 2019-07-14 11:29:58 +00:00			`}`

Feature: move hosts to the top 2019-09-11 09:00:55 +00:00			`return compose(middlewares, withResolver(resolver))`
Feature(dns): support custom hosts 2019-07-14 11:29:58 +00:00			`}`