simulator/encrypted-dns: handle BindAddr; display proto in HostMsg

BindAddr, if set by the user via -iface, will be used in the various
dialers.  Simulation HostMsg() will display the protocol used in the
simulation run (ie. DoH, DoT, DNSCrypt).

Author: kmroz

simulator/encdns/dnscrypt/providers/providers.go

@@ -17,6 +17,7 @@ type Provider struct {
 	ctx       context.Context
 	sdnsStamp string
 	c         dnscrypt.Client
+	bindIP    net.IP
 }
 
 // Providers supporting DNSCrypt.
@@ -26,33 +27,35 @@ var providers = []encdns.ProviderType{
 }
 
 // NewRandom returns a 'random' Queryable provider.
-func NewRandom(ctx context.Context) encdns.Queryable {
+func NewRandom(ctx context.Context, bindIP net.IP) encdns.Queryable {
 	pIdx := encdns.ProviderType(rand.Intn(len(providers)))
 	var p encdns.Queryable
 	switch providers[pIdx] {
 	case encdns.ScalewayFR:
-		p = NewScalewayFR(ctx)
+		p = NewScalewayFR(ctx, bindIP)
 	case encdns.Yandex:
-		p = NewYandex(ctx)
+		p = NewYandex(ctx, bindIP)
 	}
 	return p
 }
 
 // NewYandex returns a *Provider for Yandex's DNSCrypt service.
-func NewYandex(ctx context.Context) *Provider {
+func NewYandex(ctx context.Context, bindIP net.IP) *Provider {
 	return &Provider{
 		ctx:       ctx,
 		sdnsStamp: "sdns://AQQAAAAAAAAAEDc3Ljg4LjguNzg6MTUzNTMg04TAccn3RmKvKszVe13MlxTUB7atNgHhrtwG1W1JYyciMi5kbnNjcnlwdC1jZXJ0LmJyb3dzZXIueWFuZGV4Lm5ldA",
 		c:         dnscrypt.Client{Net: "udp"},
+		bindIP:    bindIP,
 	}
 }
 
 // NewScalewayFR returns a *Provider for ScalewayFR's DNSCrypt service.
-func NewScalewayFR(ctx context.Context) *Provider {
+func NewScalewayFR(ctx context.Context, bindIP net.IP) *Provider {
 	return &Provider{
 		ctx:       ctx,
 		sdnsStamp: "sdns://AQcAAAAAAAAADjIxMi40Ny4yMjguMTM2IOgBuE6mBr-wusDOQ0RbsV66ZLAvo8SqMa4QY2oHkDJNHzIuZG5zY3J5cHQtY2VydC5mci5kbnNjcnlwdC5vcmc",
 		c:         dnscrypt.Client{Net: "udp"},
+		bindIP:    bindIP,
 	}
 }
 
@@ -65,6 +68,9 @@ func (p *Provider) QueryTXT(ctx context.Context, domain string) (*encdns.Respons
 		return nil, err
 	}
 	d := net.Dialer{}
+	if p.bindIP != nil {
+		d.LocalAddr = &net.UDPAddr{IP: p.bindIP}
+	}
 	// Dial the actual server address obtained in ResliverInfo.
 	conn, err := d.DialContext(p.ctx, p.c.Net, ri.ServerAddress)
 	if err != nil {

simulator/encdns/doh/providers/cloudflare.go

@@ -14,14 +14,18 @@ type CloudFlare struct {
 }
 
 // NewCloudFlare returns a *CloudFlare wrapping a Provider ready to use for DoH queries.
-func NewCloudFlare(ctx context.Context) *CloudFlare {
+func NewCloudFlare(ctx context.Context, bindIP net.IP) *CloudFlare {
 	p := CloudFlare{
 		Provider{
 			addr:     "cloudflare-dns.com:443",
 			queryURL: "https://cloudflare-dns.com/dns-query",
+			bindIP:   bindIP,
 		},
 	}
 	d := net.Dialer{}
+	if bindIP != nil {
+		d.LocalAddr = &net.TCPAddr{IP: p.bindIP}
+	}
 	tr := &http.Transport{
 		DialContext: func(ctx context.Context, network, addr string) (net.Conn, error) {
 			return d.DialContext(ctx, "tcp", p.addr)

simulator/encdns/doh/providers/google.go

@@ -14,14 +14,18 @@ type Google struct {
 }
 
 // NewGoogle returns a *Google wrapping a Provider ready to use for DoH queries.
-func NewGoogle(ctx context.Context) *Google {
+func NewGoogle(ctx context.Context, bindIP net.IP) *Google {
 	p := Google{
 		Provider{
 			addr:     "dns.google:443",
 			queryURL: "https://dns.google/resolve",
+			bindIP:   bindIP,
 		},
 	}
 	d := net.Dialer{}
+	if bindIP != nil {
+		d.LocalAddr = &net.TCPAddr{IP: p.bindIP}
+	}
 	tr := &http.Transport{
 		DialContext: func(ctx context.Context, network, addr string) (net.Conn, error) {
 			return d.DialContext(ctx, "tcp", p.addr)

simulator/encdns/doh/providers/opendns.go

@@ -16,14 +16,18 @@ type OpenDNS struct {
 }
 
 // NewOpenDNS returns an *OpenDNS wrapping a Provider ready to use for DoH queries.
-func NewOpenDNS(ctx context.Context) *OpenDNS {
+func NewOpenDNS(ctx context.Context, bindIP net.IP) *OpenDNS {
 	p := OpenDNS{
 		Provider{
 			addr:     "doh.opendns.com:443",
 			queryURL: "https://doh.opendns.com/dns-query",
+			bindIP:   bindIP,
 		},
 	}
 	d := net.Dialer{}
+	if bindIP != nil {
+		d.LocalAddr = &net.TCPAddr{IP: p.bindIP}
+	}
 	tr := &http.Transport{
 		DialContext: func(ctxt context.Context, network, addr string) (net.Conn, error) {
 			return d.DialContext(ctx, "tcp", p.addr)

simulator/encdns/doh/providers/providers.go

@@ -4,6 +4,7 @@ package providers
 import (
 	"context"
 	"math/rand"
+	"net"
 	"net/http"
 
 	"github.com/alphasoc/flightsim/simulator/encdns"
@@ -15,6 +16,7 @@ type Provider struct {
 	addr     string
 	queryURL string
 	client   *http.Client
+	bindIP   net.IP
 }
 
 // Providers supporting DoH.
@@ -26,18 +28,18 @@ var providers = []encdns.ProviderType{
 }
 
 // NewRandom returns a 'random' Queryable provider.
-func NewRandom(ctx context.Context) encdns.Queryable {
+func NewRandom(ctx context.Context, bindIP net.IP) encdns.Queryable {
 	pIdx := encdns.ProviderType(rand.Intn(len(providers)))
 	var p encdns.Queryable
 	switch providers[pIdx] {
 	case encdns.GoogleProvider:
-		p = NewGoogle(ctx)
+		p = NewGoogle(ctx, bindIP)
 	case encdns.CloudFlareProvider:
-		p = NewCloudFlare(ctx)
+		p = NewCloudFlare(ctx, bindIP)
 	case encdns.Quad9Provider:
-		p = NewQuad9(ctx)
+		p = NewQuad9(ctx, bindIP)
 	case encdns.OpenDNSProvider:
-		p = NewOpenDNS(ctx)
+		p = NewOpenDNS(ctx, bindIP)
 	}
 	return p
 }

simulator/encdns/doh/providers/quad9.go

@@ -14,14 +14,18 @@ type Quad9 struct {
 }
 
 // NewQuad9 returns a *Quad9 wrapping a Provider ready to use for DoH queries.
-func NewQuad9(ctx context.Context) *Quad9 {
+func NewQuad9(ctx context.Context, bindIP net.IP) *Quad9 {
 	p := Quad9{
 		Provider{
 			addr:     "dns.quad9.net:5053",
 			queryURL: "https://dns.quad9.net:5053/dns-query",
+			bindIP:   bindIP,
 		},
 	}
 	d := net.Dialer{}
+	if bindIP != nil {
+		d.LocalAddr = &net.TCPAddr{IP: p.bindIP}
+	}
 	tr := &http.Transport{
 		DialContext: func(ctxt context.Context, network, addr string) (net.Conn, error) {
 			return d.DialContext(ctx, "tcp", p.addr)

simulator/encdns/dot/providers/providers.go

@@ -12,8 +12,9 @@ import (
 
 // Provider represents a DoT provider.  addr and ctx are used to dial.
 type Provider struct {
-	ctx  context.Context
-	addr string
+	ctx    context.Context
+	addr   string
+	bindIP net.IP
 }
 
 // Providers supporting DoT.
@@ -25,39 +26,42 @@ var providers = []encdns.ProviderType{
 }
 
 // NewRandom returns a 'random' Queryable provider.
-func NewRandom(ctx context.Context) encdns.Queryable {
+func NewRandom(ctx context.Context, bindIP net.IP) encdns.Queryable {
 	pIdx := encdns.ProviderType(rand.Intn(len(providers)))
 	var p encdns.Queryable
 	switch providers[pIdx] {
 	case encdns.GoogleProvider:
-		p = NewGoogle(ctx)
+		p = NewGoogle(ctx, bindIP)
 	case encdns.CloudFlareProvider:
-		p = NewCloudFlare(ctx)
+		p = NewCloudFlare(ctx, bindIP)
 	case encdns.Quad9Provider:
-		p = NewQuad9(ctx)
+		p = NewQuad9(ctx, bindIP)
 	}
 	return p
 }
 
 // NewGoogle returns a *Provider for Google's DoT service.
-func NewGoogle(ctx context.Context) *Provider {
-	return &Provider{ctx: ctx, addr: "dns.google:853"}
+func NewGoogle(ctx context.Context, bindIP net.IP) *Provider {
+	return &Provider{ctx: ctx, addr: "dns.google:853", bindIP: bindIP}
 }
 
 // NewGoogle returns a *Provider tied for CloudFlare's DoT service.
-func NewCloudFlare(ctx context.Context) *Provider {
-	return &Provider{ctx: ctx, addr: "1dot1dot1dot1.cloudflare-dns.com:853"}
+func NewCloudFlare(ctx context.Context, bindIP net.IP) *Provider {
+	return &Provider{ctx: ctx, addr: "1dot1dot1dot1.cloudflare-dns.com:853", bindIP: bindIP}
 }
 
 // NewGoogle returns a *Provider for Quad9's DoT service.
-func NewQuad9(ctx context.Context) *Provider {
-	return &Provider{ctx: ctx, addr: "dns.quad9.net:853"}
+func NewQuad9(ctx context.Context, bindIP net.IP) *Provider {
+	return &Provider{ctx: ctx, addr: "dns.quad9.net:853", bindIP: bindIP}
 }
 
 // QueryTXT performs a DoT TXT lookup using Provider p, and returns a *encdns.Response and
 // an error.
 func (p *Provider) QueryTXT(ctx context.Context, domain string) (*encdns.Response, error) {
 	d := tls.Dialer{}
+	if p.bindIP != nil {
+		d.NetDialer = &net.Dialer{LocalAddr: &net.TCPAddr{IP: p.bindIP}}
+	}
 	r := &net.Resolver{
 		PreferGo: true,
 		Dial: func(ctx context.Context, network, addr string) (net.Conn, error) {

simulator/encdns/encdns.go

@@ -15,8 +15,7 @@ type Protocol int
 
 // Supported DNS protocols.
 const (
-	Random Protocol = iota
-	DoH
+	DoH = iota
 	DoT
 	DNSCrypt
 )
@@ -25,8 +24,7 @@ var protocolMap map[string]Protocol = map[string]Protocol{"doh": DoH, "dot": DoT
 
 // RandomProtocol returns a random supported Protocol.
 func RandomProtocol() Protocol {
-	// Account for the fact that Protocol(0) == Random.
-	return Protocol(rand.Intn(len(protocolMap)) + 1)
+	return Protocol(rand.Intn(len(protocolMap)))
 }
 
 // A generic response wrapper for DoH/DoT, etc.

simulator/encrypted-dns.go

@@ -3,6 +3,7 @@ package simulator
 import (
 	"context"
 	"fmt"
+	"net"
 	"strings"
 	"time"
 
@@ -28,23 +29,42 @@ func NewEncryptedDNS() *EncryptedDNS {
 }
 
 func (s *EncryptedDNS) Init(bind BindAddr) error {
-	// TODO: along with issues/39, bind if iface specififed.
 	s.bind = bind
 	return nil
 }
 
 func (EncryptedDNS) Cleanup() {
 }
 
+// HostMsg implements the HostMsgFormatter interface, returning a custom host message
+// string to be output by the run command.
+func (s *EncryptedDNS) HostMsg(host string) string {
+	var protoStr string
+	switch s.Proto {
+	case encdns.DoH:
+		protoStr = "DNS-over-HTTPS"
+	case encdns.DoT:
+		protoStr = "DNS-over-TLS"
+	case encdns.DNSCrypt:
+		protoStr = "DNSCrypt"
+	}
+	return fmt.Sprintf("Simulating Encrypted DNS (%s) via *.%s", protoStr, host)
+}
+
 // randomProvider returns a random Protocol p Provider.
-func randomProvider(ctx context.Context, p encdns.Protocol) encdns.Queryable {
-	switch p {
+func (s *EncryptedDNS) randomProvider(ctx context.Context) encdns.Queryable {
+	// If the user has set a bind interface via the -iface flag, have providers use it.
+	var bindIP net.IP
+	if s.bind.UserSet {
+		bindIP = s.bind.Addr
+	}
+	switch s.Proto {
 	case encdns.DoH:
-		return dohproviders.NewRandom(ctx)
+		return dohproviders.NewRandom(ctx, bindIP)
 	case encdns.DoT:
-		return dotproviders.NewRandom(ctx)
+		return dotproviders.NewRandom(ctx, bindIP)
 	case encdns.DNSCrypt:
-		return dnscryptproviders.NewRandom(ctx)
+		return dnscryptproviders.NewRandom(ctx, bindIP)
 	default:
 		return nil
 	}
@@ -53,12 +73,8 @@ func randomProvider(ctx context.Context, p encdns.Protocol) encdns.Queryable {
 // Simulate lookups for txt records for give host.
 func (s *EncryptedDNS) Simulate(ctx context.Context, host string) error {
 	host = utils.FQDN(host)
-	// Select random Protocol (DoH/DoT/etc) if not specified on the commandline.
-	if s.Proto == encdns.Random {
-		s.Proto = encdns.RandomProtocol()
-	}
 	// Select a random Provider to be used in this simulation.
-	p := randomProvider(ctx, s.Proto)
+	p := s.randomProvider(ctx)
 	if p == nil {
 		return fmt.Errorf("invalid DNS protocol: unable to select provider")
 	}
@@ -78,7 +94,6 @@ func (s *EncryptedDNS) Simulate(ctx context.Context, host string) error {
 
 		// Ignore timeout.  In case of DoH, when err != nil, resp.Body has already been
 		// closed.
-		// TODO: Need timeout/dial error check from issues/39
 		if err != nil {
 			if isSoftError(err) {
 				continue
@@ -111,7 +126,6 @@ func (s *EncryptedDNS) Simulate(ctx context.Context, host string) error {
 			// TODO: If that's not the case, we can add more comprehensive response parsing.
 		case encdns.DNSCrypt:
 			dnsCryptResp, err := resp.DNSCryptResponse()
-			fmt.Println(dnsCryptResp)
 			if err != nil {
 				return fmt.Errorf("failed extracting DNSCrypt response: %v", err)
 			}
@@ -133,7 +147,9 @@ func (s *EncryptedDNS) Hosts(scope string, size int) ([]string, error) {
 		}
 		s.Proto = proto
 	} else {
-		s.Proto = encdns.Random
+		// Select random Protocol (DoH/DoT/etc) if not specified on the commandline.
+		// NOTE: doing this from Hosts() to display in HostMsg().
+		s.Proto = encdns.RandomProtocol()
 	}
 	return []string{"sandbox.alphasoc.xyz"}, nil
 }