commit 009fe50ca95667cde056788f4c3023ad9b9db366 · seiso.moe/alky

+22

docs/alky.toml

···

       12
       12
        
       # This is used only if logging.output is "file".

     

       13
       13
        
       file_path = "/var/log/alky.log"

     

       14
       14
        
       

     

       15
       15
       +
       [ratelimit]

     

       16
       16
       +
       # rate: The steady-state rate of requests allowed (r in GCRA)

     

       17
       17
       +
       # Defines how many requests are allowed per second in normal conditions

     

       18
       18
       +
       # Type: Integer

     

       19
       19
       +
       rate = 250

     

       20
       20
       +
       

     

       21
       21
       +
       # burst: Maximum number of requests allowed to exceed the steady-state rate temporarily

     

       22
       22
       +
       # Allows for short bursts of traffic above the defined rate

     

       23
       23
       +
       # Type: Integer

     

       24
       24
       +
       burst = 500

     

       25
       25
       +
       

     

       26
       26
       +
       # window: The interval (in seconds) at which the rate limit is checked and potentially reset

     

       27
       27
       +
       # Implements a sliding window rate limit mechanism

     

       28
       28
       +
       # Type: Integer

     

       29
       29
       +
       window = 3

     

       30
       30
       +
       

     

       31
       31
       +
       # expiration_time: Duration (in seconds) for keeping a client's rate limit data in memory

     

       32
       32
       +
       # After this period of inactivity, a client's rate limit data is removed to free up memory

     

       33
       33
       +
       # Type: Integer

     

       34
       34
       +
       expiration_time = 300

     

       35
       35
       +
       

     

       36
       36
       +
       

     

       15
       37
        
       [advanced]

     

       16
       38
        
       # Timeout (in milliseconds) for outgoing queries before being cancelled.

     

       17
       39
        
       query_timeout = 100

+1 -1

go.mod

···

       3
       3
        
       go 1.22.5

     

       4
       4
        
       

     

       5
       5
        
       require (

     

       6
       6
       -
       	code.kiri.systems/kiri/magna v0.0.0-20240721214902-8d0a079dbd84

     

       6
       6
       +
       	code.kiri.systems/kiri/magna v0.0.0-20240922043826-2c2a1c508469

     

       7
       7
        
       	github.com/BurntSushi/toml v1.4.0

     

       8
       8
        
       )

go.sum

···

       1
       1
        
       code.kiri.systems/kiri/magna v0.0.0-20240721214902-8d0a079dbd84 h1:igzBX4k3REg0WZExjGLWW7/wu/X+U6QlbMc8aeO2030=

     

       2
       2
        
       code.kiri.systems/kiri/magna v0.0.0-20240721214902-8d0a079dbd84/go.mod h1:gSzCiTKyKlUEjGgl/qTb8rxF0QUVuWOEORAsTXA0qyI=

     

       3
       3
       +
       code.kiri.systems/kiri/magna v0.0.0-20240922043826-2c2a1c508469 h1:LUvvGcJ7DuW3eo7yblNH2igCJzYsbWJQ08iZEXBWplc=

     

       4
       4
       +
       code.kiri.systems/kiri/magna v0.0.0-20240922043826-2c2a1c508469/go.mod h1:gSzCiTKyKlUEjGgl/qTb8rxF0QUVuWOEORAsTXA0qyI=

     

       3
       5
        
       github.com/BurntSushi/toml v1.4.0 h1:kuoIxZQy2WRRk1pttg9asf+WVv6tWQuBNVmK8+nqPr0=

     

       4
       6
        
       github.com/BurntSushi/toml v1.4.0/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2lLoLwho=

     

       5
       7
        
       github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=

+31 -11

main.go

···

       1
       1
        
       package main

     

       2
       2
        
       

     

       3
       3
        
       import (

     

       4
       4
       +
       	"flag"

     

       4
       5
        
       	"log"

     

       5
       6
        
       	"log/slog"

     

       6
       7
        
       	"os"

     

       7
       7
       -
         "flag"

     

       8
       8
       +
       	"time"

     

       8
       9
        
       

     

       9
       10
        
       	"code.kiri.systems/kiri/alky/pkg/config"

     

       10
       11
        
       	"code.kiri.systems/kiri/alky/pkg/dns"

     
···

       14
       15
        
       var configFlag string

     

       15
       16
        
       

     

       16
       17
        
       func init() {

     

       17
       17
       -
         flag.StringVar(&configFlag, "config", "/etc/alky/alky.toml", "config file path for alky")

     

       18
       18
       +
       	flag.StringVar(&configFlag, "config", "/etc/alky/alky.toml", "config file path for alky")

     

       18
       19
        
       

     

       19
       19
       -
         flag.Parse()

     

       20
       20
       +
       	flag.Parse()

     

       20
       21
        
       }

     

       21
       22
        
       

     

       22
       23
        
       func main() {

     
···

       45
       46
        
       		logger = slog.New(slog.NewJSONHandler(os.Stdout, nil))

     

       46
       47
        
       	}

     

       47
       48
        
       

     

       48
       48
       -
       	s := dns.Server{

     

       49
       49
       -
       		Address:     cfg.Server.Address,

     

       50
       50
       -
       		Port:        cfg.Server.Port,

     

       51
       51
       -
       		Timeout:     cfg.Advanced.QueryTimeout,

     

       49
       49
       +
       	memCache := dns.NewMemoryCache()

     

       50
       50
       +
       	var cache dns.Cache = memCache

     

       51
       51
       +
       

     

       52
       52
       +
       	handler := &dns.QueryHandler{

     

       52
       53
        
       		RootServers: rootServers,

     

       54
       54
       +
       		Timeout:     time.Duration(cfg.Advanced.QueryTimeout) * time.Second,

     

       55
       55
       +
       		Cache:       &cache,

     

       56
       56
       +
       	}

     

       57
       57
       +
       

     

       58
       58
       +
       	logConfig := &dns.LogConfig{Logger: logger}

     

       59
       59
       +
       

     

       60
       60
       +
       	rateLimitHandler := dns.RateLimitMiddleware(&dns.RateLimitConfig{

     

       61
       61
       +
       		Rate:           float64(cfg.Ratelimit.Rate),

     

       62
       62
       +
       		Burst:          cfg.Ratelimit.Burst,

     

       63
       63
       +
       		WindowLength:   time.Duration(cfg.Ratelimit.Window) * time.Second,

     

       64
       64
       +
       		ExpirationTime: time.Duration(cfg.Ratelimit.ExpirationTime) * time.Second,

     

       65
       65
       +
       	})(handler)

     

       66
       66
       +
       	loggingHandler := dns.LoggingMiddleware(logConfig)(rateLimitHandler)

     

       67
       67
       +
       

     

       68
       68
       +
       	s := dns.Server{

     

       69
       69
       +
       		Address:      cfg.Server.Address,

     

       70
       70
       +
       		Port:         cfg.Server.Port,

     

       71
       71
       +
       		Handler:      loggingHandler,

     

       72
       72
       +
       		UDPSize:      512,

     

       73
       73
       +
       		ReadTimeout:  2 * time.Second,

     

       74
       74
       +
       		WriteTimeout: 2 * time.Second,

     

       53
       75
        
       

     

       54
       76
        
       		Logger: logger,

     

       55
       77
        
       	}

     

       56
       78
        
       

     

       57
       57
       -
       	go s.TCPListenAndServe()

     

       58
       58
       -
       	go s.UDPListenAndServe()

     

       59
       59
       -
       

     

       60
       60
       -
       	for {

     

       79
       79
       +
       	if err := s.ListenAndServe(); err != nil {

     

       80
       80
       +
       		slog.Error("Failed to start server", "error", err)

     

       61
       81
        
       	}

     

       62
       82
        
       }

+11 -3

pkg/config/config.go

···

       17
       17
        
       	FilePath string `toml:"file_path"`

     

       18
       18
        
       }

     

       19
       19
        
       

     

       20
       20
       +
       type RatelimitConfig struct {

     

       21
       21
       +
       	Rate           int `toml:"rate"`

     

       22
       22
       +
       	Burst          int `toml:"burst"`

     

       23
       23
       +
       	Window         int `toml:"window"`

     

       24
       24
       +
       	ExpirationTime int `toml:"expiration_time"`

     

       25
       25
       +
       }

     

       26
       26
       +
       

     

       20
       27
        
       type AdvancedConfig struct {

     

       21
       28
        
       	QueryTimeout int `toml:"query_timeout"`

     

       22
       29
        
       }

     

       23
       30
        
       

     

       24
       31
        
       type Config struct {

     

       25
       25
       -
       	Server   ServerConfig   `toml:"server"`

     

       26
       26
       -
       	Logging  LoggingConfig  `toml:"logging"`

     

       27
       27
       -
       	Advanced AdvancedConfig `toml:"advanced"`

     

       32
       32
       +
       	Server    ServerConfig    `toml:"server"`

     

       33
       33
       +
       	Logging   LoggingConfig   `toml:"logging"`

     

       34
       34
       +
       	Ratelimit RatelimitConfig `toml:"ratelimit"`

     

       35
       35
       +
       	Advanced  AdvancedConfig  `toml:"advanced"`

     

       28
       36
        
       }

     

       29
       37
        
       

     

       30
       38
        
       func LoadConfig(path string) (Config, error) {

+52

pkg/dns/cache.go

···

       1
       1
       +
       package dns

     

       2
       2
       +
       

     

       3
       3
       +
       import (

     

       4
       4
       +
       	"sync"

     

       5
       5
       +
       	"time"

     

       6
       6
       +
       

     

       7
       7
       +
       	"code.kiri.systems/kiri/magna"

     

       8
       8
       +
       )

     

       9
       9
       +
       

     

       10
       10
       +
       type CachedResourceRecord struct {

     

       11
       11
       +
       	Record   magna.ResourceRecord

     

       12
       12
       +
       	ExpireAt time.Time

     

       13
       13
       +
       }

     

       14
       14
       +
       

     

       15
       15
       +
       type CacheEntry struct {

     

       16
       16
       +
       	Answer []CachedResourceRecord

     

       17
       17
       +
       }

     

       18
       18
       +
       

     

       19
       19
       +
       type Cache interface {

     

       20
       20
       +
       	Get(key string) (*CacheEntry, bool)

     

       21
       21
       +
       	Set(key string, entry *CacheEntry)

     

       22
       22
       +
       }

     

       23
       23
       +
       

     

       24
       24
       +
       type MemoryCache struct {

     

       25
       25
       +
       	entries map[string]*CacheEntry

     

       26
       26
       +
       	mu      sync.RWMutex

     

       27
       27
       +
       }

     

       28
       28
       +
       

     

       29
       29
       +
       func NewMemoryCache() *MemoryCache {

     

       30
       30
       +
       	return &MemoryCache{

     

       31
       31
       +
       		entries: make(map[string]*CacheEntry),

     

       32
       32
       +
       	}

     

       33
       33
       +
       }

     

       34
       34
       +
       

     

       35
       35
       +
       func (c *MemoryCache) Get(key string) (*CacheEntry, bool) {

     

       36
       36
       +
       	c.mu.RLock()

     

       37
       37
       +
       	c.mu.RUnlock()

     

       38
       38
       +
       

     

       39
       39
       +
       	entry, exists := c.entries[key]

     

       40
       40
       +
       	if !exists {

     

       41
       41
       +
       		return nil, false

     

       42
       42
       +
       	}

     

       43
       43
       +
       

     

       44
       44
       +
       	return entry, true

     

       45
       45
       +
       }

     

       46
       46
       +
       

     

       47
       47
       +
       func (c *MemoryCache) Set(key string, entry *CacheEntry) {

     

       48
       48
       +
       	c.mu.Lock()

     

       49
       49
       +
       	defer c.mu.Unlock()

     

       50
       50
       +
       

     

       51
       51
       +
       	c.entries[key] = entry

     

       52
       52
       +
       }

-300

pkg/dns/dns.go

···

       1
       1
        
       package dns

     

       2
       2
       -
       

     

       3
       3
       -
       import (

     

       4
       4
       -
       	"context"

     

       5
       5
       -
       	"encoding/binary"

     

       6
       6
       -
       	"fmt"

     

       7
       7
       -
       	"io"

     

       8
       8
       -
       	"log/slog"

     

       9
       9
       -
       	"math/rand/v2"

     

       10
       10
       -
       	"net"

     

       11
       11
       -
       	"time"

     

       12
       12
       -
       

     

       13
       13
       -
       	"code.kiri.systems/kiri/magna"

     

       14
       14
       -
       )

     

       15
       15
       -
       

     

       16
       16
       -
       type Server struct {

     

       17
       17
       -
       	Address     string

     

       18
       18
       -
       	Port        int

     

       19
       19
       -
       	Timeout     int

     

       20
       20
       -
       	RootServers []string

     

       21
       21
       -
       

     

       22
       22
       -
       	Logger *slog.Logger

     

       23
       23
       -
       }

     

       24
       24
       -
       

     

       25
       25
       -
       type queryResponse struct {

     

       26
       26
       -
       	MSG    magna.Message

     

       27
       27
       -
       	Server string

     

       28
       28
       -
       	Error  error

     

       29
       29
       -
       }

     

       30
       30
       -
       

     

       31
       31
       -
       func (s *Server) UDPListenAndServe() error {

     

       32
       32
       -
       	addr := net.UDPAddr{

     

       33
       33
       -
       		Port: s.Port,

     

       34
       34
       -
       		IP:   net.ParseIP(s.Address),

     

       35
       35
       -
       	}

     

       36
       36
       -
       	server, err := net.ListenUDP("udp", &addr)

     

       37
       37
       -
       	if err != nil {

     

       38
       38
       -
       		return err

     

       39
       39
       -
       	}

     

       40
       40
       -
       	defer server.Close()

     

       41
       41
       -
       

     

       42
       42
       -
       	for {

     

       43
       43
       -
       		b := make([]byte, 512)

     

       44
       44
       -
       		_, remote_addr, err := server.ReadFromUDP(b)

     

       45
       45
       -
       		if err != nil {

     

       46
       46
       -
       			s.Logger.Warn(err.Error())

     

       47
       47
       -
       			continue

     

       48
       48
       -
       		}

     

       49
       49
       -
       

     

       50
       50
       -
           start := time.Now()

     

       51
       51
       -
       		msg := s.processQuery(b)

     

       52
       52
       -
       		s.Logger.Info("query", "class", msg.Question[0].QClass.String(), "type", msg.Question[0].QType.String(), "name", msg.Question[0].QName, "rcode", msg.Header.RCode.String(), "remote_addr", remote_addr.IP, "time_taken", time.Since(start).Nanoseconds())

     

       53
       53
       -
       		if err != nil {

     

       54
       54
       -
       			s.Logger.Warn(err.Error())

     

       55
       55
       -
       			continue

     

       56
       56
       -
       		}

     

       57
       57
       -
       

     

       58
       58
       -
       		ans := msg.Encode()

     

       59
       59
       -
       		// xxx: set the TC bit if the message is over 512 bytes

     

       60
       60
       -
       		if len(ans) > 512 {

     

       61
       61
       -
       			ans[3] |= 1 << 6

     

       62
       62
       -
       		}

     

       63
       63
       -
       

     

       64
       64
       -
       		if _, err := server.WriteToUDP(ans, remote_addr); err != nil {

     

       65
       65
       -
       			s.Logger.Warn("sending response", "err", err.Error())

     

       66
       66
       -
       		}

     

       67
       67
       -
       	}

     

       68
       68
       -
       }

     

       69
       69
       -
       

     

       70
       70
       -
       func (s *Server) TCPListenAndServe() error {

     

       71
       71
       -
       	addr := net.TCPAddr{

     

       72
       72
       -
       		Port: s.Port,

     

       73
       73
       -
       		IP:   net.ParseIP(s.Address),

     

       74
       74
       -
       	}

     

       75
       75
       -
       

     

       76
       76
       -
       	server, err := net.ListenTCP("tcp", &addr)

     

       77
       77
       -
       	if err != nil {

     

       78
       78
       -
       		return err

     

       79
       79
       -
       	}

     

       80
       80
       -
       	defer server.Close()

     

       81
       81
       -
       

     

       82
       82
       -
       	for {

     

       83
       83
       -
       		conn, err := server.Accept()

     

       84
       84
       -
       		if err != nil {

     

       85
       85
       -
       			s.Logger.Warn("conn error:", err)

     

       86
       86
       -
       			continue

     

       87
       87
       -
       		}

     

       88
       88
       -
       

     

       89
       89
       -
       		sizeBuffer := make([]byte, 2)

     

       90
       90
       -
       		if _, err := io.ReadFull(conn, sizeBuffer); err != nil {

     

       91
       91
       -
       			s.Logger.Warn("tcp-error", err)

     

       92
       92
       -
       			continue

     

       93
       93
       -
       		}

     

       94
       94
       -
       

     

       95
       95
       -
       		size := binary.BigEndian.Uint16(sizeBuffer)

     

       96
       96
       -
       

     

       97
       97
       -
       		data := make([]byte, size)

     

       98
       98
       -
       		if _, err := io.ReadFull(conn, data); err != nil {

     

       99
       99
       -
       			s.Logger.Warn("tcp-error", err)

     

       100
       100
       -
       			continue

     

       101
       101
       -
       		}

     

       102
       102
       -
       

     

       103
       103
       -
           start := time.Now()

     

       104
       104
       -
       		msg := s.processQuery(data)

     

       105
       105
       -
       		s.Logger.Info("query", "class", msg.Question[0].QClass.String(), "type", msg.Question[0].QType.String(), "name", msg.Question[0].QName, "rcode", msg.Header.RCode.String(), "remote_addr", conn.RemoteAddr(), "time_taken", time.Since(start).Nanoseconds())

     

       106
       106
       -
       

     

       107
       107
       -
       		ans := msg.Encode()

     

       108
       108
       -
       		conn.Write(binary.BigEndian.AppendUint16([]byte{}, uint16(len(ans))))

     

       109
       109
       -
       		if _, err := conn.Write(ans); err != nil {

     

       110
       110
       -
       			s.Logger.Error("tcp-error", err)

     

       111
       111
       -
       		}

     

       112
       112
       -
       	}

     

       113
       113
       -
       }

     

       114
       114
       -
       

     

       115
       115
       -
       func (s *Server) processQuery(messageBuffer []byte) (msg magna.Message) {

     

       116
       116
       -
       	var query magna.Message

     

       117
       117
       -
       	if err := query.Decode(messageBuffer); err != nil {

     

       118
       118
       -
       		slog.Warn("decode", err)

     

       119
       119
       -
       		return

     

       120
       120
       -
       	}

     

       121
       121
       -
       

     

       122
       122
       -
       	msg = magna.Message{

     

       123
       123
       -
       		Header: magna.Header{

     

       124
       124
       -
       			ID:      query.Header.ID,

     

       125
       125
       -
       			QR:      true,

     

       126
       126
       -
       			OPCode:  0,

     

       127
       127
       -
       			AA:      false,

     

       128
       128
       -
       			TC:      false,

     

       129
       129
       -
       			RD:      query.Header.RD,

     

       130
       130
       -
       			RA:      true,

     

       131
       131
       -
       			Z:       0,

     

       132
       132
       -
       			RCode:   magna.NOERROR,

     

       133
       133
       -
       			QDCount: 1,

     

       134
       134
       -
       			ANCount: 0,

     

       135
       135
       -
       			NSCount: 0,

     

       136
       136
       -
       			ARCount: 0,

     

       137
       137
       -
       		},

     

       138
       138
       -
       		Question:   []magna.Question{},

     

       139
       139
       -
       		Answer:     []magna.ResourceRecord{},

     

       140
       140
       -
       		Additional: []magna.ResourceRecord{},

     

       141
       141
       -
       		Authority:  []magna.ResourceRecord{},

     

       142
       142
       -
       	}

     

       143
       143
       -
       

     

       144
       144
       -
       	if len(query.Question) < 0 {

     

       145
       145
       -
       		msg.Header.RCode = magna.FORMERR

     

       146
       146
       -
       		return

     

       147
       147
       -
       	}

     

       148
       148
       -
       	question := query.Question[0]

     

       149
       149
       -
       	msg.Question = append(msg.Question, question)

     

       150
       150
       -
       

     

       151
       151
       -
       	if question.QClass != magna.IN {

     

       152
       152
       -
       		msg.Header.RCode = magna.NOTIMP

     

       153
       153
       -
       		return

     

       154
       154
       -
       	} else {

     

       155
       155
       -
       		answer, err := s.resolveQuestion(question, s.RootServers)

     

       156
       156
       -
       		if err != nil {

     

       157
       157
       -
       			slog.Warn("resolve-question", err)

     

       158
       158
       -
       			msg.Header.RCode = magna.SERVFAIL

     

       159
       159
       -
       			return

     

       160
       160
       -
       		}

     

       161
       161
       -
       

     

       162
       162
       -
       		msg.Header.ANCount = uint16(len(answer))

     

       163
       163
       -
       		msg.Answer = answer

     

       164
       164
       -
       

     

       165
       165
       -
       		if msg.Header.ANCount == 0 {

     

       166
       166
       -
       			msg.Header.RCode = magna.NXDOMAIN

     

       167
       167
       -
       			return

     

       168
       168
       -
       		}

     

       169
       169
       -
       	}

     

       170
       170
       -
       

     

       171
       171
       -
       	return

     

       172
       172
       -
       }

     

       173
       173
       -
       

     

       174
       174
       -
       func (s *Server) resolveQuestion(question magna.Question, servers []string) ([]magna.ResourceRecord, error) {

     

       175
       175
       -
       	ctx, cancel := context.WithCancel(context.Background())

     

       176
       176
       -
       	defer cancel()

     

       177
       177
       -
       

     

       178
       178
       -
       	ch := make(chan queryResponse, len(servers))

     

       179
       179
       -
       

     

       180
       180
       -
       	for _, s := range servers {

     

       181
       181
       -
       		go queryServer(ctx, question, s, ch)

     

       182
       182
       -
       	}

     

       183
       183
       -
       

     

       184
       184
       -
       	for i := 0; i < len(servers); i++ {

     

       185
       185
       -
       		select {

     

       186
       186
       -
       		case res := <-ch:

     

       187
       187
       -
       			if res.Error != nil {

     

       188
       188
       -
       				slog.Warn("error", "question", question, "server", res.Server, "error", res.Error)

     

       189
       189
       -
       				break

     

       190
       190
       -
       			}

     

       191
       191
       -
       

     

       192
       192
       -
       			msg := res.MSG

     

       193
       193
       -
       			if msg.Header.ANCount > 0 {

     

       194
       194
       -
       				if msg.Answer[0].RType == magna.CNAMEType {

     

       195
       195
       -
       					cname_answers, err := s.resolveQuestion(magna.Question{QName: msg.Answer[0].RData.String(), QType: question.QType, QClass: question.QClass}, s.RootServers)

     

       196
       196
       -
       					if err != nil {

     

       197
       197
       -
       						slog.Warn("error with cname request", err)

     

       198
       198
       -
       						continue

     

       199
       199
       -
       					}

     

       200
       200
       -
       					msg.Answer = append(msg.Answer, cname_answers...)

     

       201
       201
       -
       				}

     

       202
       202
       -
       

     

       203
       203
       -
       				return msg.Answer, nil

     

       204
       204
       -
       			}

     

       205
       205
       -
       

     

       206
       206
       -
       			if msg.Header.ARCount > 0 {

     

       207
       207
       -
       				var nextZone []string

     

       208
       208
       -
       				for _, ans := range msg.Additional {

     

       209
       209
       -
       					if ans.RType == magna.AType {

     

       210
       210
       -
       						nextZone = append(nextZone, ans.RData.String())

     

       211
       211
       -
       					}

     

       212
       212
       -
       				}

     

       213
       213
       -
       

     

       214
       214
       -
       				return s.resolveQuestion(question, nextZone)

     

       215
       215
       -
       			}

     

       216
       216
       -
       

     

       217
       217
       -
       			if msg.Header.NSCount > 0 {

     

       218
       218
       -
       				var ns []string

     

       219
       219
       -
       				for _, a := range msg.Authority {

     

       220
       220
       -
       					if a.RType == magna.NSType {

     

       221
       221
       -
       						ans, err := s.resolveQuestion(magna.Question{QName: a.RData.String(), QType: magna.AType, QClass: magna.IN}, s.RootServers)

     

       222
       222
       -
       						if err != nil {

     

       223
       223
       -
       							slog.Warn("error with ns request", err)

     

       224
       224
       -
       							break

     

       225
       225
       -
       						}

     

       226
       226
       -
       						for _, x := range ans {

     

       227
       227
       -
       							ns = append(ns, x.RData.String())

     

       228
       228
       -
       						}

     

       229
       229
       -
       					}

     

       230
       230
       -
       				}

     

       231
       231
       -
       

     

       232
       232
       -
       				return s.resolveQuestion(question, ns)

     

       233
       233
       -
       			}

     

       234
       234
       -
       

     

       235
       235
       -
       			return []magna.ResourceRecord{}, nil

     

       236
       236
       -
       		case <-time.After(time.Duration(s.Timeout) * time.Millisecond):

     

       237
       237
       -
       			cancel()

     

       238
       238
       -
       		}

     

       239
       239
       -
       	}

     

       240
       240
       -
       

     

       241
       241
       -
       	return []magna.ResourceRecord{}, nil

     

       242
       242
       -
       }

     

       243
       243
       -
       

     

       244
       244
       -
       func queryServer(ctx context.Context, question magna.Question, server string, ch chan<- queryResponse) {

     

       245
       245
       -
         done := make(chan struct{}, 1)

     

       246
       246
       -
       

     

       247
       247
       -
         go func() {

     

       248
       248
       -
           conn, err := net.Dial("udp", fmt.Sprintf("%s:53", server))

     

       249
       249
       -
           if err != nil {

     

       250
       250
       -
             ch <- queryResponse{Error: err}

     

       251
       251
       -
             return

     

       252
       252
       -
           }

     

       253
       253
       -
           defer conn.Close()

     

       254
       254
       -
       

     

       255
       255
       -
           query := magna.Message{

     

       256
       256
       -
             Header: magna.Header{

     

       257
       257
       -
               ID:      uint16(rand.Int() % 65535),

     

       258
       258
       -
               QR:      false,

     

       259
       259
       -
               OPCode:  0,

     

       260
       260
       -
               AA:      false,

     

       261
       261
       -
               TC:      false,

     

       262
       262
       -
               RD:      false,

     

       263
       263
       -
               RA:      false,

     

       264
       264
       -
               Z:       0,

     

       265
       265
       -
               RCode:   magna.NOERROR,

     

       266
       266
       -
               QDCount: 1,

     

       267
       267
       -
               ARCount: 0,

     

       268
       268
       -
               NSCount: 0,

     

       269
       269
       -
               ANCount: 0,

     

       270
       270
       -
             },

     

       271
       271
       -
             Question: []magna.Question{question},

     

       272
       272
       -
           }

     

       273
       273
       -
           if _, err := conn.Write(query.Encode()); err != nil {

     

       274
       274
       -
             ch <- queryResponse{Server: server, Error: err}

     

       275
       275
       -
             return

     

       276
       276
       -
           }

     

       277
       277
       -
       

     

       278
       278
       -
           p := make([]byte, 512)

     

       279
       279
       -
           nn, err := conn.Read(p)

     

       280
       280
       -
       

     

       281
       281
       -
           // TODO: retry request with TCP

     

       282
       282
       -
           if err != nil || nn > 512 {

     

       283
       283
       -
             if err == nil {

     

       284
       284
       -
               err = fmt.Errorf("truncated response")

     

       285
       285
       -
             }

     

       286
       286
       -
             ch <- queryResponse{Server: server, Error: err}

     

       287
       287
       -
             return

     

       288
       288
       -
           }

     

       289
       289
       -
       

     

       290
       290
       -
           var response magna.Message

     

       291
       291
       -
           err = response.Decode(p)

     

       292
       292
       -
           ch <- queryResponse{MSG: response, Server: server, Error: err}

     

       293
       293
       -
         }()

     

       294
       294
       -
       

     

       295
       295
       -
         select {

     

       296
       296
       -
         case <-ctx.Done():

     

       297
       297
       -
           ch <- queryResponse{Server: server, Error: ctx.Err()}

     

       298
       298
       -
         case <-done:

     

       299
       299
       -
           // goroutine finished with no cancellation

     

       300
       300
       -
         }

     

       301
       301
       -
       }

+46

pkg/dns/logging.go

···

       1
       1
       +
       package dns

     

       2
       2
       +
       

     

       3
       3
       +
       import (

     

       4
       4
       +
       	"log/slog"

     

       5
       5
       +
       	"os"

     

       6
       6
       +
       	"time"

     

       7
       7
       +
       )

     

       8
       8
       +
       

     

       9
       9
       +
       type LogConfig struct {

     

       10
       10
       +
       	Logger *slog.Logger

     

       11
       11
       +
       	Level  slog.Level

     

       12
       12
       +
       }

     

       13
       13
       +
       

     

       14
       14
       +
       func NewDefaultLogConfig() *LogConfig {

     

       15
       15
       +
       	return &LogConfig{

     

       16
       16
       +
       		Logger: slog.New(slog.NewJSONHandler(os.Stderr, &slog.HandlerOptions{

     

       17
       17
       +
       			Level: slog.LevelInfo,

     

       18
       18
       +
       		})),

     

       19
       19
       +
       		Level: slog.LevelInfo,

     

       20
       20
       +
       	}

     

       21
       21
       +
       }

     

       22
       22
       +
       

     

       23
       23
       +
       func LoggingMiddleware(config *LogConfig) func(Handler) Handler {

     

       24
       24
       +
       	if config == nil {

     

       25
       25
       +
       		config = NewDefaultLogConfig()

     

       26
       26
       +
       	}

     

       27
       27
       +
       

     

       28
       28
       +
       	return func(next Handler) Handler {

     

       29
       29
       +
       		return HandlerFunc(func(w ResponseWriter, r *Request) {

     

       30
       30
       +
       			start := time.Now()

     

       31
       31
       +
       

     

       32
       32
       +
       			next.ServeDNS(w, r)

     

       33
       33
       +
       

     

       34
       34
       +
       			duration := time.Since(start)

     

       35
       35
       +
       			question := r.Message.Question[0]

     

       36
       36
       +
       			config.Logger.Info("query",

     

       37
       37
       +
       				"class", question.QClass.String(),

     

       38
       38
       +
       				"type", question.QType.String(),

     

       39
       39
       +
       				"name", question.QName,

     

       40
       40
       +
       				"rcode", r.Message.Header.RCode.String(),

     

       41
       41
       +
       				"remote_addr", r.RemoteAddr,

     

       42
       42
       +
       				"time_taken", duration.Nanoseconds(),

     

       43
       43
       +
       			)

     

       44
       44
       +
       		})

     

       45
       45
       +
       	}

     

       46
       46
       +
       }

+137

pkg/dns/ratelimit.go

···

       1
       1
       +
       package dns

     

       2
       2
       +
       

     

       3
       3
       +
       import (

     

       4
       4
       +
       	"net"

     

       5
       5
       +
       	"sync"

     

       6
       6
       +
       	"time"

     

       7
       7
       +
       

     

       8
       8
       +
       	"code.kiri.systems/kiri/magna"

     

       9
       9
       +
       )

     

       10
       10
       +
       

     

       11
       11
       +
       type RateLimitConfig struct {

     

       12
       12
       +
       	Rate           float64

     

       13
       13
       +
       	Burst          int

     

       14
       14
       +
       	WindowLength   time.Duration

     

       15
       15
       +
       	ExpirationTime time.Duration

     

       16
       16
       +
       }

     

       17
       17
       +
       

     

       18
       18
       +
       type rateLimiter struct {

     

       19
       19
       +
       	config RateLimitConfig

     

       20
       20
       +
       	ipData map[string]*ipRateData

     

       21
       21
       +
       	mu     sync.RWMutex

     

       22
       22
       +
       }

     

       23
       23
       +
       

     

       24
       24
       +
       type ipRateData struct {

     

       25
       25
       +
       	time time.Time

     

       26
       26
       +
       }

     

       27
       27
       +
       

     

       28
       28
       +
       func NewDefaultRateLimitConfig() *RateLimitConfig {

     

       29
       29
       +
       	return &RateLimitConfig{

     

       30
       30
       +
       		Rate:           1,

     

       31
       31
       +
       		Burst:          1,

     

       32
       32
       +
       		WindowLength:   time.Hour,

     

       33
       33
       +
       		ExpirationTime: time.Hour,

     

       34
       34
       +
       	}

     

       35
       35
       +
       }

     

       36
       36
       +
       

     

       37
       37
       +
       func newRateLimiter(config RateLimitConfig) *rateLimiter {

     

       38
       38
       +
       	return &rateLimiter{

     

       39
       39
       +
       		config: config,

     

       40
       40
       +
       		ipData: make(map[string]*ipRateData),

     

       41
       41
       +
       	}

     

       42
       42
       +
       }

     

       43
       43
       +
       

     

       44
       44
       +
       func (rl *rateLimiter) allow(ip string) bool {

     

       45
       45
       +
       	rl.mu.Lock()

     

       46
       46
       +
       	defer rl.mu.Unlock()

     

       47
       47
       +
       

     

       48
       48
       +
       	now := time.Now()

     

       49
       49
       +
       	cost := time.Duration(float64(time.Second) / rl.config.Rate)

     

       50
       50
       +
       

     

       51
       51
       +
       	data, exists := rl.ipData[ip]

     

       52
       52
       +
       	if !exists {

     

       53
       53
       +
       		data = &ipRateData{time: now.Add(-rl.config.WindowLength)}

     

       54
       54
       +
       		rl.ipData[ip] = data

     

       55
       55
       +
       	}

     

       56
       56
       +
       

     

       57
       57
       +
       	if data.time.Before(now.Add(-rl.config.WindowLength)) {

     

       58
       58
       +
       		data.time = now.Add(-rl.config.WindowLength)

     

       59
       59
       +
       	}

     

       60
       60
       +
       

     

       61
       61
       +
       	nextTime := data.time.Add(cost)

     

       62
       62
       +
       	if now.Before(nextTime) {

     

       63
       63
       +
       		return false

     

       64
       64
       +
       	}

     

       65
       65
       +
       

     

       66
       66
       +
       	if nextTime.Sub(now.Add(-rl.config.WindowLength)) > time.Duration(rl.config.Burst)*cost {

     

       67
       67
       +
       		nextTime = now.Add(cost)

     

       68
       68
       +
       	}

     

       69
       69
       +
       

     

       70
       70
       +
       	data.time = nextTime

     

       71
       71
       +
       	return true

     

       72
       72
       +
       }

     

       73
       73
       +
       

     

       74
       74
       +
       func (rl *rateLimiter) cleanup() {

     

       75
       75
       +
       	rl.mu.Lock()

     

       76
       76
       +
       	defer rl.mu.Unlock()

     

       77
       77
       +
       

     

       78
       78
       +
       	now := time.Now()

     

       79
       79
       +
       	for ip, data := range rl.ipData {

     

       80
       80
       +
       		if data.time.Before(now.Add(-rl.config.WindowLength)) {

     

       81
       81
       +
       			delete(rl.ipData, ip)

     

       82
       82
       +
       		}

     

       83
       83
       +
       	}

     

       84
       84
       +
       }

     

       85
       85
       +
       

     

       86
       86
       +
       func extractIP(addr net.Addr) string {

     

       87
       87
       +
       	switch v := addr.(type) {

     

       88
       88
       +
       	case *net.UDPAddr:

     

       89
       89
       +
       		return v.IP.String()

     

       90
       90
       +
       	case *net.TCPAddr:

     

       91
       91
       +
       		return v.IP.String()

     

       92
       92
       +
       	default:

     

       93
       93
       +
       		host, _, err := net.SplitHostPort(addr.String())

     

       94
       94
       +
       		if err != nil {

     

       95
       95
       +
       			return addr.String()

     

       96
       96
       +
       		}

     

       97
       97
       +
       		return host

     

       98
       98
       +
       	}

     

       99
       99
       +
       }

     

       100
       100
       +
       

     

       101
       101
       +
       func RateLimitMiddleware(config *RateLimitConfig) func(Handler) Handler {

     

       102
       102
       +
       	if config == nil {

     

       103
       103
       +
       		config = NewDefaultRateLimitConfig()

     

       104
       104
       +
       	}

     

       105
       105
       +
       

     

       106
       106
       +
       	rl := newRateLimiter(*config)

     

       107
       107
       +
       

     

       108
       108
       +
       	go func() {

     

       109
       109
       +
       		ticker := time.NewTicker(config.ExpirationTime)

     

       110
       110
       +
       		for range ticker.C {

     

       111
       111
       +
       			rl.cleanup()

     

       112
       112
       +
       		}

     

       113
       113
       +
       	}()

     

       114
       114
       +
       

     

       115
       115
       +
       	return func(next Handler) Handler {

     

       116
       116
       +
       		return HandlerFunc(func(w ResponseWriter, r *Request) {

     

       117
       117
       +
       			if !rl.allow(extractIP(r.RemoteAddr)) {

     

       118
       118
       +
       				r.Message.Header.RA = true

     

       119
       119
       +
       				msg := r.Message.CreateReply(r.Message)

     

       120
       120
       +
       				msg = r.Message.SetRCode(magna.REFUSED)

     

       121
       121
       +
       

     

       122
       122
       +
       				// XXX: dont support edns yet and these get copied over on responses

     

       123
       123
       +
       				msg.Header.ANCount = 0

     

       124
       124
       +
       				msg.Header.NSCount = 0

     

       125
       125
       +
       				msg.Header.ARCount = 0

     

       126
       126
       +
       				msg.Answer = []magna.ResourceRecord{}

     

       127
       127
       +
       				msg.Additional = []magna.ResourceRecord{}

     

       128
       128
       +
       				msg.Authority = []magna.ResourceRecord{}

     

       129
       129
       +
       

     

       130
       130
       +
       				w.WriteMsg(msg)

     

       131
       131
       +
       				return

     

       132
       132
       +
       			}

     

       133
       133
       +
       

     

       134
       134
       +
       			next.ServeDNS(w, r)

     

       135
       135
       +
       		})

     

       136
       136
       +
       	}

     

       137
       137
       +
       }

+240

pkg/dns/resolve.go

···

       1
       1
       +
       package dns

     

       2
       2
       +
       

     

       3
       3
       +
       import (

     

       4
       4
       +
       	"context"

     

       5
       5
       +
       	"fmt"

     

       6
       6
       +
       	"net"

     

       7
       7
       +
       	"strings"

     

       8
       8
       +
       	"time"

     

       9
       9
       +
       

     

       10
       10
       +
       	"code.kiri.systems/kiri/magna"

     

       11
       11
       +
       )

     

       12
       12
       +
       

     

       13
       13
       +
       type QueryHandler struct {

     

       14
       14
       +
       	RootServers []string

     

       15
       15
       +
       	Timeout     time.Duration

     

       16
       16
       +
       	Cache       *Cache

     

       17
       17
       +
       }

     

       18
       18
       +
       

     

       19
       19
       +
       type queryResponse struct {

     

       20
       20
       +
       	MSG    magna.Message

     

       21
       21
       +
       	Server string

     

       22
       22
       +
       	Error  error

     

       23
       23
       +
       }

     

       24
       24
       +
       

     

       25
       25
       +
       func (h *QueryHandler) ServeDNS(w ResponseWriter, r *Request) {

     

       26
       26
       +
       	msg := h.processQuery(r.Message.Encode())

     

       27
       27
       +
       	w.WriteMsg(msg)

     

       28
       28
       +
       }

     

       29
       29
       +
       

     

       30
       30
       +
       func (h *QueryHandler) processQuery(messageBuffer []byte) *magna.Message {

     

       31
       31
       +
       	var query magna.Message

     

       32
       32
       +
       	if err := query.Decode(messageBuffer); err != nil {

     

       33
       33
       +
       		return nil

     

       34
       34
       +
       	}

     

       35
       35
       +
       

     

       36
       36
       +
       	msg := new(magna.Message)

     

       37
       37
       +
       	msg = msg.CreateReply(&query)

     

       38
       38
       +
       

     

       39
       39
       +
       	if len(query.Question) < 1 {

     

       40
       40
       +
       		return msg.SetRCode(magna.FORMERR)

     

       41
       41
       +
       	}

     

       42
       42
       +
       

     

       43
       43
       +
       	question := query.Question[0]

     

       44
       44
       +
       	msg = msg.AddQuestion(question)

     

       45
       45
       +
       

     

       46
       46
       +
       	if question.QClass != magna.IN {

     

       47
       47
       +
       		return msg.SetRCode(magna.NOTIMP)

     

       48
       48
       +
       	}

     

       49
       49
       +
       

     

       50
       50
       +
       	answer, err := h.resolveWithCache(question)

     

       51
       51
       +
       	if err != nil {

     

       52
       52
       +
       		return msg.SetRCode(magna.SERVFAIL)

     

       53
       53
       +
       	}

     

       54
       54
       +
       

     

       55
       55
       +
       	if len(answer) == 0 {

     

       56
       56
       +
       		return msg.SetRCode(magna.NXDOMAIN)

     

       57
       57
       +
       	}

     

       58
       58
       +
       

     

       59
       59
       +
       	msg.Header.ANCount = uint16(len(answer))

     

       60
       60
       +
       	msg.Answer = answer

     

       61
       61
       +
       	return msg.SetRCode(magna.NOERROR)

     

       62
       62
       +
       }

     

       63
       63
       +
       

     

       64
       64
       +
       func (h *QueryHandler) resolveWithCache(question magna.Question) ([]magna.ResourceRecord, error) {

     

       65
       65
       +
       	cacheKey := fmt.Sprintf("%s:%s:%s", strings.ToLower(question.QName), question.QType.String(), question.QClass.String())

     

       66
       66
       +
       

     

       67
       67
       +
       	if e, found := (*h.Cache).Get(cacheKey); found {

     

       68
       68
       +
       		now := time.Now()

     

       69
       69
       +
       		var updatedAnswer []magna.ResourceRecord

     

       70
       70
       +
       		var cname *magna.ResourceRecord

     

       71
       71
       +
       		hasAddressRecord := false

     

       72
       72
       +
       

     

       73
       73
       +
       		for _, cachedRR := range e.Answer {

     

       74
       74
       +
       			if now.Before(cachedRR.ExpireAt) {

     

       75
       75
       +
       				updatedRR := cachedRR.Record

     

       76
       76
       +
       				updatedRR.TTL = uint32(cachedRR.ExpireAt.Sub(now).Seconds())

     

       77
       77
       +
       				updatedAnswer = append(updatedAnswer, updatedRR)

     

       78
       78
       +
       

     

       79
       79
       +
       				if updatedRR.RType == magna.CNAMEType && cname == nil {

     

       80
       80
       +
       					cname = &updatedRR

     

       81
       81
       +
       				} else if updatedRR.RType == question.QType {

     

       82
       82
       +
       					hasAddressRecord = true

     

       83
       83
       +
       				}

     

       84
       84
       +
       			}

     

       85
       85
       +
       		}

     

       86
       86
       +
       

     

       87
       87
       +
       		if len(updatedAnswer) > 0 {

     

       88
       88
       +
       			// add AAAA types when magna supports those record types

     

       89
       89
       +
       			if cname != nil && !hasAddressRecord && (question.QType == magna.AType) {

     

       90
       90
       +
       				cnameTarget := cname.RData.String()

     

       91
       91
       +
       				aRecords, err := h.resolveWithCache(magna.Question{QName: cnameTarget, QType: question.QType, QClass: question.QClass})

     

       92
       92
       +
       				if err == nil && len(aRecords) > 0 {

     

       93
       93
       +
       					updatedAnswer = append(updatedAnswer, aRecords...)

     

       94
       94
       +
       				}

     

       95
       95
       +
       			}

     

       96
       96
       +
       			return updatedAnswer, nil

     

       97
       97
       +
       		}

     

       98
       98
       +
       	}

     

       99
       99
       +
       

     

       100
       100
       +
       	answer, err := h.resolveQuestion(question, h.RootServers)

     

       101
       101
       +
       	if err != nil {

     

       102
       102
       +
       		return nil, err

     

       103
       103
       +
       	}

     

       104
       104
       +
       

     

       105
       105
       +
       	now := time.Now()

     

       106
       106
       +
       	cachedAnswer := make([]CachedResourceRecord, len(answer))

     

       107
       107
       +
       	for i, rr := range answer {

     

       108
       108
       +
       		cachedAnswer[i] = CachedResourceRecord{

     

       109
       109
       +
       			Record:   rr,

     

       110
       110
       +
       			ExpireAt: now.Add(time.Duration(rr.TTL) * time.Second),

     

       111
       111
       +
       		}

     

       112
       112
       +
       	}

     

       113
       113
       +
       

     

       114
       114
       +
       	entry := &CacheEntry{

     

       115
       115
       +
       		Answer: cachedAnswer,

     

       116
       116
       +
       	}

     

       117
       117
       +
       	(*h.Cache).Set(cacheKey, entry)

     

       118
       118
       +
       

     

       119
       119
       +
       	if len(answer) > 0 && answer[0].RType == magna.CNAMEType && question.QType == magna.AType {

     

       120
       120
       +
       		cnameTarget := answer[len(answer)-1].RData.String()

     

       121
       121
       +
       		addressRecords, err := h.resolveWithCache(magna.Question{QName: cnameTarget, QType: question.QType, QClass: question.QClass})

     

       122
       122
       +
       		if err == nil && len(addressRecords) > 0 {

     

       123
       123
       +
       			answer = append(answer, addressRecords...)

     

       124
       124
       +
       		}

     

       125
       125
       +
       	}

     

       126
       126
       +
       

     

       127
       127
       +
       	return answer, nil

     

       128
       128
       +
       }

     

       129
       129
       +
       

     

       130
       130
       +
       func (h *QueryHandler) resolveQuestion(question magna.Question, servers []string) ([]magna.ResourceRecord, error) {

     

       131
       131
       +
       	ctx, cancel := context.WithCancel(context.Background())

     

       132
       132
       +
       	defer cancel()

     

       133
       133
       +
       

     

       134
       134
       +
       	ch := make(chan queryResponse, len(servers))

     

       135
       135
       +
       

     

       136
       136
       +
       	for _, s := range servers {

     

       137
       137
       +
       		go queryServer(ctx, question, s, ch, h.Timeout)

     

       138
       138
       +
       	}

     

       139
       139
       +
       

     

       140
       140
       +
       	for i := 0; i < len(servers); i++ {

     

       141
       141
       +
       		select {

     

       142
       142
       +
       		case res := <-ch:

     

       143
       143
       +
       			if res.Error != nil {

     

       144
       144
       +
       				break

     

       145
       145
       +
       			}

     

       146
       146
       +
       

     

       147
       147
       +
       			msg := res.MSG

     

       148
       148
       +
       			if msg.Header.ANCount > 0 {

     

       149
       149
       +
       				if msg.Answer[0].RType == magna.CNAMEType {

     

       150
       150
       +
       					cname_answers, err := h.resolveQuestion(magna.Question{QName: msg.Answer[0].RData.String(), QType: question.QType, QClass: question.QClass}, h.RootServers)

     

       151
       151
       +
       					if err != nil {

     

       152
       152
       +
       						continue

     

       153
       153
       +
       					}

     

       154
       154
       +
       					msg.Answer = append(msg.Answer, cname_answers...)

     

       155
       155
       +
       				}

     

       156
       156
       +
       

     

       157
       157
       +
       				return msg.Answer, nil

     

       158
       158
       +
       			}

     

       159
       159
       +
       

     

       160
       160
       +
       			if msg.Header.ARCount > 0 {

     

       161
       161
       +
       				var nextZone []string

     

       162
       162
       +
       				for _, ans := range msg.Additional {

     

       163
       163
       +
       					if ans.RType == magna.AType {

     

       164
       164
       +
       						nextZone = append(nextZone, ans.RData.String())

     

       165
       165
       +
       					}

     

       166
       166
       +
       				}

     

       167
       167
       +
       

     

       168
       168
       +
       				return h.resolveQuestion(question, nextZone)

     

       169
       169
       +
       			}

     

       170
       170
       +
       

     

       171
       171
       +
       			if msg.Header.NSCount > 0 {

     

       172
       172
       +
       				var ns []string

     

       173
       173
       +
       				for _, a := range msg.Authority {

     

       174
       174
       +
       					if a.RType == magna.NSType {

     

       175
       175
       +
       						ans, err := h.resolveQuestion(magna.Question{QName: a.RData.String(), QType: magna.AType, QClass: magna.IN}, h.RootServers)

     

       176
       176
       +
       						if err != nil {

     

       177
       177
       +
       							break

     

       178
       178
       +
       						}

     

       179
       179
       +
       						for _, x := range ans {

     

       180
       180
       +
       							ns = append(ns, x.RData.String())

     

       181
       181
       +
       						}

     

       182
       182
       +
       					}

     

       183
       183
       +
       				}

     

       184
       184
       +
       

     

       185
       185
       +
       				return h.resolveQuestion(question, ns)

     

       186
       186
       +
       			}

     

       187
       187
       +
       

     

       188
       188
       +
       			return []magna.ResourceRecord{}, nil

     

       189
       189
       +
       		case <-time.After(h.Timeout):

     

       190
       190
       +
       			cancel()

     

       191
       191
       +
       		}

     

       192
       192
       +
       	}

     

       193
       193
       +
       

     

       194
       194
       +
       	return []magna.ResourceRecord{}, nil

     

       195
       195
       +
       }

     

       196
       196
       +
       

     

       197
       197
       +
       func queryServer(ctx context.Context, question magna.Question, server string, ch chan<- queryResponse, timeout time.Duration) {

     

       198
       198
       +
       	done := make(chan struct{}, 1)

     

       199
       199
       +
       

     

       200
       200
       +
       	go func() {

     

       201
       201
       +
       		conn, err := net.Dial("udp", fmt.Sprintf("%s:53", server))

     

       202
       202
       +
       		if err != nil {

     

       203
       203
       +
       			ch <- queryResponse{Error: err}

     

       204
       204
       +
       			return

     

       205
       205
       +
       		}

     

       206
       206
       +
       		defer conn.Close()

     

       207
       207
       +
       

     

       208
       208
       +
       		query := magna.CreateRequest(0, false)

     

       209
       209
       +
       		query = query.AddQuestion(question)

     

       210
       210
       +
       		if _, err := conn.Write(query.Encode()); err != nil {

     

       211
       211
       +
       			ch <- queryResponse{Server: server, Error: err}

     

       212
       212
       +
       			return

     

       213
       213
       +
       		}

     

       214
       214
       +
       

     

       215
       215
       +
       		p := make([]byte, 512)

     

       216
       216
       +
       		nn, err := conn.Read(p)

     

       217
       217
       +
       

     

       218
       218
       +
       		// TODO: retry request with TCP

     

       219
       219
       +
       		if err != nil || nn > 512 {

     

       220
       220
       +
       			if err == nil {

     

       221
       221
       +
       				err = fmt.Errorf("truncated response")

     

       222
       222
       +
       			}

     

       223
       223
       +
       			ch <- queryResponse{Server: server, Error: err}

     

       224
       224
       +
       			return

     

       225
       225
       +
       		}

     

       226
       226
       +
       

     

       227
       227
       +
       		var response magna.Message

     

       228
       228
       +
       		err = response.Decode(p)

     

       229
       229
       +
       		ch <- queryResponse{MSG: response, Server: server, Error: err}

     

       230
       230
       +
       	}()

     

       231
       231
       +
       

     

       232
       232
       +
       	select {

     

       233
       233
       +
       	case <-ctx.Done():

     

       234
       234
       +
       		ch <- queryResponse{Server: server, Error: ctx.Err()}

     

       235
       235
       +
       	case <-done:

     

       236
       236
       +
       	// goroutine finished with no cancellation

     

       237
       237
       +
       	case <-time.After(timeout):

     

       238
       238
       +
       		ch <- queryResponse{Server: server, Error: fmt.Errorf("timeout")}

     

       239
       239
       +
       	}

     

       240
       240
       +
       }

+239

pkg/dns/server.go

···

       1
       1
       +
       package dns

     

       2
       2
       +
       

     

       3
       3
       +
       import (

     

       4
       4
       +
       	"encoding/binary"

     

       5
       5
       +
       	"fmt"

     

       6
       6
       +
       	"io"

     

       7
       7
       +
       	"log/slog"

     

       8
       8
       +
       	"net"

     

       9
       9
       +
       	"sync"

     

       10
       10
       +
       	"time"

     

       11
       11
       +
       

     

       12
       12
       +
       	"code.kiri.systems/kiri/magna"

     

       13
       13
       +
       )

     

       14
       14
       +
       

     

       15
       15
       +
       type Handler interface {

     

       16
       16
       +
       	ServeDNS(ResponseWriter, *Request)

     

       17
       17
       +
       }

     

       18
       18
       +
       

     

       19
       19
       +
       type HandlerFunc func(ResponseWriter, *Request)

     

       20
       20
       +
       

     

       21
       21
       +
       func (f HandlerFunc) ServeDNS(w ResponseWriter, r *Request) {

     

       22
       22
       +
       	f(w, r)

     

       23
       23
       +
       }

     

       24
       24
       +
       

     

       25
       25
       +
       type Request struct {

     

       26
       26
       +
       	RemoteAddr net.Addr

     

       27
       27
       +
       	Message    *magna.Message

     

       28
       28
       +
       }

     

       29
       29
       +
       

     

       30
       30
       +
       type ResponseWriter interface {

     

       31
       31
       +
       	WriteMsg(*magna.Message)

     

       32
       32
       +
       }

     

       33
       33
       +
       

     

       34
       34
       +
       type udpResponseWriter struct {

     

       35
       35
       +
       	udpConn      *net.UDPConn

     

       36
       36
       +
       	addr         *net.UDPAddr

     

       37
       37
       +
       	logger       *slog.Logger

     

       38
       38
       +
       	writeTimeout time.Duration

     

       39
       39
       +
       }

     

       40
       40
       +
       

     

       41
       41
       +
       func (w *udpResponseWriter) WriteMsg(msg *magna.Message) {

     

       42
       42
       +
       	ans := msg.Encode()

     

       43
       43
       +
       	if len(ans) > 512 {

     

       44
       44
       +
       		ans[3] |= 1 << 6 // set the truncated bit

     

       45
       45
       +
       	}

     

       46
       46
       +
       

     

       47
       47
       +
       	err := w.udpConn.SetWriteDeadline(time.Now().Add(w.writeTimeout))

     

       48
       48
       +
       	if err != nil {

     

       49
       49
       +
       		w.logger.Warn("error setting write deadline for UDP", "error", err)

     

       50
       50
       +
       	}

     

       51
       51
       +
       

     

       52
       52
       +
       	_, err = w.udpConn.WriteToUDP(ans, w.addr)

     

       53
       53
       +
       	if err != nil {

     

       54
       54
       +
       		w.logger.Error("error writing UDP response", "error", err)

     

       55
       55
       +
       	}

     

       56
       56
       +
       }

     

       57
       57
       +
       

     

       58
       58
       +
       type tcpResponseWriter struct {

     

       59
       59
       +
       	tcpConn      net.Conn

     

       60
       60
       +
       	logger       *slog.Logger

     

       61
       61
       +
       	writeTiemout time.Duration

     

       62
       62
       +
       }

     

       63
       63
       +
       

     

       64
       64
       +
       func (w *tcpResponseWriter) WriteMsg(msg *magna.Message) {

     

       65
       65
       +
       	ans := msg.Encode()

     

       66
       66
       +
       

     

       67
       67
       +
       	err := w.tcpConn.SetWriteDeadline(time.Now().Add(w.writeTiemout))

     

       68
       68
       +
       	if err != nil {

     

       69
       69
       +
       		w.logger.Warn("error setting write deadline for TCP", "error", err)

     

       70
       70
       +
       	}

     

       71
       71
       +
       

     

       72
       72
       +
       	_, err = w.tcpConn.Write(binary.BigEndian.AppendUint16([]byte{}, uint16(len(ans))))

     

       73
       73
       +
       	if err != nil {

     

       74
       74
       +
       		w.logger.Error("error writing TCP message length", "error", err)

     

       75
       75
       +
       		return

     

       76
       76
       +
       	}

     

       77
       77
       +
       

     

       78
       78
       +
       	_, err = w.tcpConn.Write(ans)

     

       79
       79
       +
       	if err != nil {

     

       80
       80
       +
       		w.logger.Error("error writing TCP response", "error", err)

     

       81
       81
       +
       	}

     

       82
       82
       +
       }

     

       83
       83
       +
       

     

       84
       84
       +
       type Server struct {

     

       85
       85
       +
       	Address      string

     

       86
       86
       +
       	Port         int

     

       87
       87
       +
       	Handler      Handler

     

       88
       88
       +
       	UDPSize      int

     

       89
       89
       +
       	ReadTimeout  time.Duration

     

       90
       90
       +
       	WriteTimeout time.Duration

     

       91
       91
       +
       	Logger       *slog.Logger

     

       92
       92
       +
       	Cache        Cache

     

       93
       93
       +
       }

     

       94
       94
       +
       

     

       95
       95
       +
       func (srv *Server) ListenAndServe() error {

     

       96
       96
       +
       	var wg sync.WaitGroup

     

       97
       97
       +
       	errChan := make(chan error, 2)

     

       98
       98
       +
       

     

       99
       99
       +
       	wg.Add(2)

     

       100
       100
       +
       

     

       101
       101
       +
       	go func() {

     

       102
       102
       +
       		defer wg.Done()

     

       103
       103
       +
       		if err := srv.serveTCP(); err != nil {

     

       104
       104
       +
       			errChan <- fmt.Errorf("TCP server error: %w", err)

     

       105
       105
       +
       		}

     

       106
       106
       +
       	}()

     

       107
       107
       +
       

     

       108
       108
       +
       	go func() {

     

       109
       109
       +
       		defer wg.Done()

     

       110
       110
       +
       		if err := srv.serveUDP(); err != nil {

     

       111
       111
       +
       			errChan <- fmt.Errorf("TCP server error: %w", err)

     

       112
       112
       +
       		}

     

       113
       113
       +
       	}()

     

       114
       114
       +
       

     

       115
       115
       +
       	go func() {

     

       116
       116
       +
       		wg.Wait()

     

       117
       117
       +
       		close(errChan)

     

       118
       118
       +
       	}()

     

       119
       119
       +
       

     

       120
       120
       +
       	for err := range errChan {

     

       121
       121
       +
       		return err

     

       122
       122
       +
       	}

     

       123
       123
       +
       

     

       124
       124
       +
       	return nil

     

       125
       125
       +
       }

     

       126
       126
       +
       

     

       127
       127
       +
       func (srv *Server) serveUDP() error {

     

       128
       128
       +
       	addr := net.UDPAddr{

     

       129
       129
       +
       		Port: srv.Port,

     

       130
       130
       +
       		IP:   net.ParseIP(srv.Address),

     

       131
       131
       +
       	}

     

       132
       132
       +
       	conn, err := net.ListenUDP("udp", &addr)

     

       133
       133
       +
       	if err != nil {

     

       134
       134
       +
       		return err

     

       135
       135
       +
       	}

     

       136
       136
       +
       	defer conn.Close()

     

       137
       137
       +
       

     

       138
       138
       +
       	for {

     

       139
       139
       +
       		buf := make([]byte, srv.UDPSize)

     

       140
       140
       +
       

     

       141
       141
       +
       		err := conn.SetReadDeadline(time.Now().Add(srv.ReadTimeout))

     

       142
       142
       +
       		if err != nil {

     

       143
       143
       +
       			return fmt.Errorf("error setting read deadline: %w", err)

     

       144
       144
       +
       		}

     

       145
       145
       +
       

     

       146
       146
       +
       		n, remoteAddr, err := conn.ReadFromUDP(buf)

     

       147
       147
       +
       		if err != nil {

     

       148
       148
       +
       			// skip logging timeout errors

     

       149
       149
       +
       			if netErr, ok := err.(net.Error); ok && netErr.Timeout() {

     

       150
       150
       +
       				continue

     

       151
       151
       +
       			}

     

       152
       152
       +
       

     

       153
       153
       +
       			srv.Logger.Warn(err.Error())

     

       154
       154
       +
       			continue

     

       155
       155
       +
       		}

     

       156
       156
       +
       

     

       157
       157
       +
       		go srv.handleUDPQuery(conn, buf[:n], remoteAddr)

     

       158
       158
       +
       	}

     

       159
       159
       +
       }

     

       160
       160
       +
       

     

       161
       161
       +
       func (srv *Server) handleUDPQuery(conn *net.UDPConn, query []byte, remoteAddr *net.UDPAddr) {

     

       162
       162
       +
       	w := &udpResponseWriter{

     

       163
       163
       +
       		udpConn:      conn,

     

       164
       164
       +
       		addr:         remoteAddr,

     

       165
       165
       +
       		logger:       srv.Logger,

     

       166
       166
       +
       		writeTimeout: srv.WriteTimeout,

     

       167
       167
       +
       	}

     

       168
       168
       +
       

     

       169
       169
       +
       	srv.handleQuery(query, w, remoteAddr)

     

       170
       170
       +
       }

     

       171
       171
       +
       

     

       172
       172
       +
       func (srv *Server) serveTCP() error {

     

       173
       173
       +
       	addr := net.TCPAddr{

     

       174
       174
       +
       		Port: srv.Port,

     

       175
       175
       +
       		IP:   net.ParseIP(srv.Address),

     

       176
       176
       +
       	}

     

       177
       177
       +
       

     

       178
       178
       +
       	listener, err := net.ListenTCP("tcp", &addr)

     

       179
       179
       +
       	if err != nil {

     

       180
       180
       +
       		return err

     

       181
       181
       +
       	}

     

       182
       182
       +
       	defer listener.Close()

     

       183
       183
       +
       

     

       184
       184
       +
       	for {

     

       185
       185
       +
       		conn, err := listener.Accept()

     

       186
       186
       +
       		if err != nil {

     

       187
       187
       +
       			srv.Logger.Warn("tcp accept error:", err)

     

       188
       188
       +
       			continue

     

       189
       189
       +
       		}

     

       190
       190
       +
       

     

       191
       191
       +
       		go srv.handleTCPQuery(conn)

     

       192
       192
       +
       	}

     

       193
       193
       +
       }

     

       194
       194
       +
       

     

       195
       195
       +
       func (srv *Server) handleTCPQuery(conn net.Conn) {

     

       196
       196
       +
       	defer conn.Close()

     

       197
       197
       +
       

     

       198
       198
       +
       	err := conn.SetReadDeadline(time.Now().Add(srv.ReadTimeout))

     

       199
       199
       +
       	if err != nil {

     

       200
       200
       +
       		srv.Logger.Error("error setting read deadline", "error", err)

     

       201
       201
       +
       		return

     

       202
       202
       +
       	}

     

       203
       203
       +
       

     

       204
       204
       +
       	sizeBuffer := make([]byte, 2)

     

       205
       205
       +
       	if _, err := io.ReadFull(conn, sizeBuffer); err != nil {

     

       206
       206
       +
       		srv.Logger.Warn("tcp-error", err)

     

       207
       207
       +
       		return

     

       208
       208
       +
       	}

     

       209
       209
       +
       

     

       210
       210
       +
       	size := binary.BigEndian.Uint16(sizeBuffer)

     

       211
       211
       +
       	data := make([]byte, size)

     

       212
       212
       +
       	if _, err := io.ReadFull(conn, data); err != nil {

     

       213
       213
       +
       		srv.Logger.Warn("tcp-error", err)

     

       214
       214
       +
       		return

     

       215
       215
       +
       	}

     

       216
       216
       +
       

     

       217
       217
       +
       	w := &tcpResponseWriter{

     

       218
       218
       +
       		tcpConn:      conn,

     

       219
       219
       +
       		logger:       srv.Logger,

     

       220
       220
       +
       		writeTiemout: srv.WriteTimeout,

     

       221
       221
       +
       	}

     

       222
       222
       +
       

     

       223
       223
       +
       	srv.handleQuery(data, w, conn.RemoteAddr())

     

       224
       224
       +
       }

     

       225
       225
       +
       

     

       226
       226
       +
       func (srv *Server) handleQuery(messageBuffer []byte, w ResponseWriter, remoteAddr net.Addr) {

     

       227
       227
       +
       	var query magna.Message

     

       228
       228
       +
       	if err := query.Decode(messageBuffer); err != nil {

     

       229
       229
       +
       		srv.Logger.Warn("decode error", err)

     

       230
       230
       +
       		return

     

       231
       231
       +
       	}

     

       232
       232
       +
       

     

       233
       233
       +
       	r := &Request{

     

       234
       234
       +
       		Message:    &query,

     

       235
       235
       +
       		RemoteAddr: remoteAddr,

     

       236
       236
       +
       	}

     

       237
       237
       +
       

     

       238
       238
       +
       	srv.Handler.ServeDNS(w, r)

     

       239
       239
       +
       }