github.com/v2fly/v2ray-core/v5@v5.16.2-0.20240507031116-8191faa6e095/proxy/dns/dns.go (about) 1 package dns 2 3 import ( 4 "context" 5 "io" 6 "sync" 7 "time" 8 9 "golang.org/x/net/dns/dnsmessage" 10 11 core "github.com/v2fly/v2ray-core/v5" 12 "github.com/v2fly/v2ray-core/v5/common" 13 "github.com/v2fly/v2ray-core/v5/common/buf" 14 "github.com/v2fly/v2ray-core/v5/common/net" 15 dns_proto "github.com/v2fly/v2ray-core/v5/common/protocol/dns" 16 "github.com/v2fly/v2ray-core/v5/common/session" 17 "github.com/v2fly/v2ray-core/v5/common/signal" 18 "github.com/v2fly/v2ray-core/v5/common/strmatcher" 19 "github.com/v2fly/v2ray-core/v5/common/task" 20 "github.com/v2fly/v2ray-core/v5/features/dns" 21 "github.com/v2fly/v2ray-core/v5/features/policy" 22 "github.com/v2fly/v2ray-core/v5/transport" 23 "github.com/v2fly/v2ray-core/v5/transport/internet" 24 ) 25 26 func init() { 27 common.Must(common.RegisterConfig((*Config)(nil), func(ctx context.Context, config interface{}) (interface{}, error) { 28 h := new(Handler) 29 if err := core.RequireFeatures(ctx, func(dnsClient dns.Client, policyManager policy.Manager) error { 30 return h.Init(config.(*Config), dnsClient, policyManager) 31 }); err != nil { 32 return nil, err 33 } 34 return h, nil 35 })) 36 37 common.Must(common.RegisterConfig((*SimplifiedConfig)(nil), func(ctx context.Context, config interface{}) (interface{}, error) { 38 simplifiedServer := config.(*SimplifiedConfig) 39 _ = simplifiedServer 40 fullConfig := &Config{} 41 return common.CreateObject(ctx, fullConfig) 42 })) 43 } 44 45 type ownLinkVerifier interface { 46 IsOwnLink(ctx context.Context) bool 47 } 48 49 type Handler struct { 50 client dns.Client 51 ipv4Lookup dns.IPv4Lookup 52 ipv6Lookup dns.IPv6Lookup 53 ownLinkVerifier ownLinkVerifier 54 server net.Destination 55 timeout time.Duration 56 } 57 58 func (h *Handler) Init(config *Config, dnsClient dns.Client, policyManager policy.Manager) error { 59 // Enable FakeDNS for DNS outbound 60 if clientWithFakeDNS, ok := dnsClient.(dns.ClientWithFakeDNS); ok { 61 dnsClient = clientWithFakeDNS.AsFakeDNSClient() 62 } 63 h.client = dnsClient 64 h.timeout = policyManager.ForLevel(config.UserLevel).Timeouts.ConnectionIdle 65 66 if ipv4lookup, ok := dnsClient.(dns.IPv4Lookup); ok { 67 h.ipv4Lookup = ipv4lookup 68 } else { 69 return newError("dns.Client doesn't implement IPv4Lookup") 70 } 71 72 if ipv6lookup, ok := dnsClient.(dns.IPv6Lookup); ok { 73 h.ipv6Lookup = ipv6lookup 74 } else { 75 return newError("dns.Client doesn't implement IPv6Lookup") 76 } 77 78 if v, ok := dnsClient.(ownLinkVerifier); ok { 79 h.ownLinkVerifier = v 80 } 81 82 if config.Server != nil { 83 h.server = config.Server.AsDestination() 84 } 85 return nil 86 } 87 88 func (h *Handler) isOwnLink(ctx context.Context) bool { 89 return h.ownLinkVerifier != nil && h.ownLinkVerifier.IsOwnLink(ctx) 90 } 91 92 func parseIPQuery(b []byte) (r bool, domain string, id uint16, qType dnsmessage.Type) { 93 var parser dnsmessage.Parser 94 header, err := parser.Start(b) 95 if err != nil { 96 newError("parser start").Base(err).WriteToLog() 97 return 98 } 99 100 id = header.ID 101 q, err := parser.Question() 102 if err != nil { 103 newError("question").Base(err).WriteToLog() 104 return 105 } 106 qType = q.Type 107 if qType != dnsmessage.TypeA && qType != dnsmessage.TypeAAAA { 108 return 109 } 110 111 domain = q.Name.String() 112 r = true 113 return 114 } 115 116 // Process implements proxy.Outbound. 117 func (h *Handler) Process(ctx context.Context, link *transport.Link, d internet.Dialer) error { 118 outbound := session.OutboundFromContext(ctx) 119 if outbound == nil || !outbound.Target.IsValid() { 120 return newError("invalid outbound") 121 } 122 123 srcNetwork := outbound.Target.Network 124 125 dest := outbound.Target 126 if h.server.Network != net.Network_Unknown { 127 dest.Network = h.server.Network 128 } 129 if h.server.Address != nil { 130 dest.Address = h.server.Address 131 } 132 if h.server.Port != 0 { 133 dest.Port = h.server.Port 134 } 135 136 newError("handling DNS traffic to ", dest).WriteToLog(session.ExportIDToError(ctx)) 137 138 conn := &outboundConn{ 139 dialer: func() (internet.Connection, error) { 140 return d.Dial(ctx, dest) 141 }, 142 connReady: make(chan struct{}, 1), 143 } 144 145 var reader dns_proto.MessageReader 146 var writer dns_proto.MessageWriter 147 if srcNetwork == net.Network_TCP { 148 reader = dns_proto.NewTCPReader(link.Reader) 149 writer = &dns_proto.TCPWriter{ 150 Writer: link.Writer, 151 } 152 } else { 153 reader = &dns_proto.UDPReader{ 154 Reader: link.Reader, 155 } 156 writer = &dns_proto.UDPWriter{ 157 Writer: link.Writer, 158 } 159 } 160 161 var connReader dns_proto.MessageReader 162 var connWriter dns_proto.MessageWriter 163 if dest.Network == net.Network_TCP { 164 connReader = dns_proto.NewTCPReader(buf.NewReader(conn)) 165 connWriter = &dns_proto.TCPWriter{ 166 Writer: buf.NewWriter(conn), 167 } 168 } else { 169 connReader = &dns_proto.UDPReader{ 170 Reader: buf.NewPacketReader(conn), 171 } 172 connWriter = &dns_proto.UDPWriter{ 173 Writer: buf.NewWriter(conn), 174 } 175 } 176 177 ctx, cancel := context.WithCancel(ctx) 178 timer := signal.CancelAfterInactivity(ctx, cancel, h.timeout) 179 180 request := func() error { 181 defer conn.Close() 182 183 for { 184 b, err := reader.ReadMessage() 185 if err == io.EOF { 186 return nil 187 } 188 189 if err != nil { 190 return err 191 } 192 193 timer.Update() 194 195 if !h.isOwnLink(ctx) { 196 isIPQuery, domain, id, qType := parseIPQuery(b.Bytes()) 197 if isIPQuery { 198 if domain, err := strmatcher.ToDomain(domain); err == nil { 199 go h.handleIPQuery(id, qType, domain, writer) 200 continue 201 } 202 } 203 } 204 205 if err := connWriter.WriteMessage(b); err != nil { 206 return err 207 } 208 } 209 } 210 211 response := func() error { 212 for { 213 b, err := connReader.ReadMessage() 214 if err == io.EOF { 215 return nil 216 } 217 218 if err != nil { 219 return err 220 } 221 222 timer.Update() 223 224 if err := writer.WriteMessage(b); err != nil { 225 return err 226 } 227 } 228 } 229 230 if err := task.Run(ctx, request, response); err != nil { 231 return newError("connection ends").Base(err) 232 } 233 234 return nil 235 } 236 237 func (h *Handler) handleIPQuery(id uint16, qType dnsmessage.Type, domain string, writer dns_proto.MessageWriter) { 238 var ips []net.IP 239 var err error 240 241 var ttl uint32 = 600 242 243 switch qType { 244 case dnsmessage.TypeA: 245 ips, err = h.ipv4Lookup.LookupIPv4(domain) 246 case dnsmessage.TypeAAAA: 247 ips, err = h.ipv6Lookup.LookupIPv6(domain) 248 } 249 250 rcode := dns.RCodeFromError(err) 251 if rcode == 0 && len(ips) == 0 && err != dns.ErrEmptyResponse { 252 newError("ip query").Base(err).WriteToLog() 253 return 254 } 255 256 b := buf.New() 257 rawBytes := b.Extend(buf.Size) 258 builder := dnsmessage.NewBuilder(rawBytes[:0], dnsmessage.Header{ 259 ID: id, 260 RCode: dnsmessage.RCode(rcode), 261 RecursionAvailable: true, 262 RecursionDesired: true, 263 Response: true, 264 }) 265 builder.EnableCompression() 266 common.Must(builder.StartQuestions()) 267 common.Must(builder.Question(dnsmessage.Question{ 268 Name: dnsmessage.MustNewName(domain), 269 Class: dnsmessage.ClassINET, 270 Type: qType, 271 })) 272 common.Must(builder.StartAnswers()) 273 274 rHeader := dnsmessage.ResourceHeader{Name: dnsmessage.MustNewName(domain), Class: dnsmessage.ClassINET, TTL: ttl} 275 for _, ip := range ips { 276 if len(ip) == net.IPv4len { 277 var r dnsmessage.AResource 278 copy(r.A[:], ip) 279 common.Must(builder.AResource(rHeader, r)) 280 } else { 281 var r dnsmessage.AAAAResource 282 copy(r.AAAA[:], ip) 283 common.Must(builder.AAAAResource(rHeader, r)) 284 } 285 } 286 msgBytes, err := builder.Finish() 287 if err != nil { 288 newError("pack message").Base(err).WriteToLog() 289 b.Release() 290 return 291 } 292 b.Resize(0, int32(len(msgBytes))) 293 294 if err := writer.WriteMessage(b); err != nil { 295 newError("write IP answer").Base(err).WriteToLog() 296 } 297 } 298 299 type outboundConn struct { 300 access sync.Mutex 301 dialer func() (internet.Connection, error) 302 303 conn net.Conn 304 connReady chan struct{} 305 } 306 307 func (c *outboundConn) dial() error { 308 conn, err := c.dialer() 309 if err != nil { 310 return err 311 } 312 c.conn = conn 313 c.connReady <- struct{}{} 314 return nil 315 } 316 317 func (c *outboundConn) Write(b []byte) (int, error) { 318 c.access.Lock() 319 320 if c.conn == nil { 321 if err := c.dial(); err != nil { 322 c.access.Unlock() 323 newError("failed to dial outbound connection").Base(err).AtWarning().WriteToLog() 324 return len(b), nil 325 } 326 } 327 328 c.access.Unlock() 329 330 return c.conn.Write(b) 331 } 332 333 func (c *outboundConn) Read(b []byte) (int, error) { 334 var conn net.Conn 335 c.access.Lock() 336 conn = c.conn 337 c.access.Unlock() 338 339 if conn == nil { 340 _, open := <-c.connReady 341 if !open { 342 return 0, io.EOF 343 } 344 conn = c.conn 345 } 346 347 return conn.Read(b) 348 } 349 350 func (c *outboundConn) Close() error { 351 c.access.Lock() 352 close(c.connReady) 353 if c.conn != nil { 354 c.conn.Close() 355 } 356 c.access.Unlock() 357 return nil 358 }