mirror of
https://github.com/tailscale/tailscale.git
synced 2025-01-10 01:53:49 +00:00
cc575fe4d6
Two changes in one: * make DoH upgrades an explicitly scheduled send earlier, when we come up with the resolvers-and-delay send plan. Previously we were getting e.g. four Google DNS IPs and then spreading them out in time (for back when we only did UDP) but then later we added DoH upgrading at the UDP packet layer, which resulted in sometimes multiple DoH queries to the same provider running (each doing happy eyeballs dialing to 4x IPs themselves) for each of the 4 source IPs. Instead, take those 4 Google/Cloudflare IPs and schedule 5 things: first the DoH query (which can use all 4 IPs), and then each of the 4 IPs as UDP later. * clean up the dnstype.Resolver.Addr confusion; half the code was using it as an IP string (as documented) as half was using it as an IP:port (from some prior type we used), primarily for tests. Instead, document it was being primarily an IP string but also accepting an IP:port for tests, then add an accessor method on it to get the IPPort and use that consistently everywhere. Change-Id: Ifdd72b9e45433a5b9c029194d50db2b9f9217b53 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
100 lines
2.2 KiB
Go
100 lines
2.2 KiB
Go
// Copyright (c) 2022 Tailscale Inc & AUTHORS All rights reserved.
|
|
// Use of this source code is governed by a BSD-style
|
|
// license that can be found in the LICENSE file.
|
|
|
|
package resolver
|
|
|
|
import (
|
|
"context"
|
|
"flag"
|
|
"net/http"
|
|
"testing"
|
|
|
|
"golang.org/x/net/dns/dnsmessage"
|
|
"tailscale.com/net/dns/publicdns"
|
|
)
|
|
|
|
var testDoH = flag.Bool("test-doh", false, "do real DoH tests against the network")
|
|
|
|
const someDNSID = 123 // something non-zero as a test; in violation of spec's SHOULD of 0
|
|
|
|
func someDNSQuestion(t testing.TB) []byte {
|
|
b := dnsmessage.NewBuilder(nil, dnsmessage.Header{
|
|
OpCode: 0, // query
|
|
RecursionDesired: true,
|
|
ID: someDNSID,
|
|
})
|
|
b.StartQuestions() // err
|
|
b.Question(dnsmessage.Question{
|
|
Name: dnsmessage.MustNewName("tailscale.com."),
|
|
Type: dnsmessage.TypeA,
|
|
Class: dnsmessage.ClassINET,
|
|
})
|
|
msg, err := b.Finish()
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
return msg
|
|
}
|
|
|
|
func TestDoH(t *testing.T) {
|
|
if !*testDoH {
|
|
t.Skip("skipping manual test without --test-doh flag")
|
|
}
|
|
if len(publicdns.KnownDoH()) == 0 {
|
|
t.Fatal("no known DoH")
|
|
}
|
|
|
|
f := &forwarder{
|
|
dohSem: make(chan struct{}, 10),
|
|
}
|
|
|
|
for urlBase := range publicdns.DoHIPsOfBase() {
|
|
t.Run(urlBase, func(t *testing.T) {
|
|
c, ok := f.getKnownDoHClientForProvider(urlBase)
|
|
if !ok {
|
|
t.Fatal("expected DoH")
|
|
}
|
|
res, err := f.sendDoH(context.Background(), urlBase, c, someDNSQuestion(t))
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
c.Transport.(*http.Transport).CloseIdleConnections()
|
|
|
|
var p dnsmessage.Parser
|
|
h, err := p.Start(res)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if h.ID != someDNSID {
|
|
t.Errorf("response DNS ID = %v; want %v", h.ID, someDNSID)
|
|
}
|
|
|
|
p.SkipAllQuestions()
|
|
aa, err := p.AllAnswers()
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if len(aa) == 0 {
|
|
t.Fatal("no answers")
|
|
}
|
|
for _, r := range aa {
|
|
t.Logf("got: %v", r.GoString())
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestDoHV6Fallback(t *testing.T) {
|
|
for ip, base := range publicdns.KnownDoH() {
|
|
if ip.Is4() {
|
|
ip6, ok := publicdns.DoHV6(base)
|
|
if !ok {
|
|
t.Errorf("no v6 DoH known for %v", ip)
|
|
} else if !ip6.Is6() {
|
|
t.Errorf("dohV6(%q) returned non-v6 address %v", base, ip6)
|
|
}
|
|
}
|
|
}
|
|
}
|