From 8d7b78f3f795e781d939750893610639b224d81a Mon Sep 17 00:00:00 2001 From: KevinLiang10 <37811973+KevinLiang10@users.noreply.github.com> Date: Wed, 10 Jul 2024 15:28:03 -0400 Subject: [PATCH] net/dns/publicdns: remove additional information in DOH URL passed to IPv6 address generation for controlD. This commit truncates any additional information (mainly hostnames) that's passed to controlD via DOH URL in DoHIPsOfBase. This change is to make sure only resolverID is passed to controlDv6Gen but not the additional information. Updates: #7946 Signed-off-by: KevinLiang10 <37811973+KevinLiang10@users.noreply.github.com> --- net/dns/publicdns/publicdns.go | 9 ++++++++- net/dns/publicdns/publicdns_test.go | 9 +++++++++ 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/net/dns/publicdns/publicdns.go b/net/dns/publicdns/publicdns.go index 1024b321b..0dbd3ab82 100644 --- a/net/dns/publicdns/publicdns.go +++ b/net/dns/publicdns/publicdns.go @@ -10,6 +10,7 @@ import ( "encoding/binary" "encoding/hex" "fmt" + "log" "math/big" "net/netip" "sort" @@ -122,6 +123,9 @@ func DoHIPsOfBase(dohBase string) []netip.Addr { } } if pathStr, ok := strings.CutPrefix(dohBase, controlDBase); ok { + if i := strings.IndexFunc(pathStr, isSlashOrQuestionMark); i != -1 { + pathStr = pathStr[:i] + } return []netip.Addr{ controlDv4One, controlDv4Two, @@ -318,7 +322,10 @@ func nextDNSv6Gen(ip netip.Addr, id []byte) netip.Addr { // e.g. https://dns.controld.com/hyq3ipr2ct func controlDv6Gen(ip netip.Addr, id string) netip.Addr { b := make([]byte, 8) - decoded, _ := strconv.ParseUint(id, 36, 64) + decoded, err := strconv.ParseUint(id, 36, 64) + if err != nil { + log.Printf("controlDv6Gen: failed to parse id %q: %v", id, err) + } binary.BigEndian.PutUint64(b, decoded) a := ip.AsSlice() copy(a[6:14], b) diff --git a/net/dns/publicdns/publicdns_test.go b/net/dns/publicdns/publicdns_test.go index a10660bf2..6efeb2c6f 100644 --- a/net/dns/publicdns/publicdns_test.go +++ b/net/dns/publicdns/publicdns_test.go @@ -134,6 +134,15 @@ func TestDoHIPsOfBase(t *testing.T) { "2606:1a40:1:ffff:ffff:ffff:ffff:0", ), }, + { + base: "https://dns.controld.com/hyq3ipr2ct/test-host-name", + want: ips( + "76.76.2.22", + "76.76.10.22", + "2606:1a40:0:6:7b5b:5949:35ad:0", + "2606:1a40:1:6:7b5b:5949:35ad:0", + ), + }, } for _, tt := range tests { got := DoHIPsOfBase(tt.base)