Merge pull request #25 from blinklabs-io/feat/dns-recursion

agaffney · web-flow · commit 140fb83bacee · 2023-08-16T11:13:22.000-05:00
feat: recursive DNS lookup support
diff --git a/internal/config/config.go b/internal/config/config.go
@@ -41,9 +41,10 @@ type LoggingConfig struct {
 }
 
 type DnsConfig struct {
-	ListenAddress   string   `yaml:"address" envconfig:"DNS_LISTEN_ADDRESS"`
-	ListenPort      uint     `yaml:"port" envconfig:"DNS_LISTEN_PORT"`
-	FallbackServers []string `yaml:"fallbackServers" envconfig:"DNS_FALLBACK_SERVERS"`
+	ListenAddress    string   `yaml:"address" envconfig:"DNS_LISTEN_ADDRESS"`
+	ListenPort       uint     `yaml:"port" envconfig:"DNS_LISTEN_PORT"`
+	RecursionEnabled bool     `yaml:"recursionEnabled" envconfig:"DNS_RECURSION"`
+	FallbackServers  []string `yaml:"fallbackServers" envconfig:"DNS_FALLBACK_SERVERS"`
 }
 
 type DebugConfig struct {
diff --git a/internal/dns/dns.go b/internal/dns/dns.go
@@ -35,6 +35,7 @@ func startListener(server *dns.Server) {
 
 func handleQuery(w dns.ResponseWriter, r *dns.Msg) {
 	logger := logging.GetLogger()
+	cfg := config.GetConfig()
 	m := new(dns.Msg)
 
 	// Split query name into labels and lookup each domain and parent until we get a hit
@@ -50,31 +51,58 @@ func handleQuery(w dns.ResponseWriter, r *dns.Msg) {
 		}
 		// Assemble response
 		m.SetReply(r)
-		for nameserver, ipAddress := range nameServers {
-			// Add trailing dot to make everybody happy
-			nameserver = nameserver + `.`
-			// NS record
-			ns := &dns.NS{
-				Hdr: dns.RR_Header{Name: (lookupDomainName + `.`), Rrtype: dns.TypeNS, Class: dns.ClassINET, Ttl: 999},
-				Ns:  nameserver,
+		if cfg.Dns.RecursionEnabled {
+			// Pick random nameserver for domain
+			tmpNameservers := []string{}
+			for nameserver := range nameServers {
+				tmpNameservers = append(tmpNameservers, nameserver)
 			}
-			m.Ns = append(m.Ns, ns)
-			// A or AAAA record
-			ipAddr := net.ParseIP(ipAddress)
-			if ipAddr.To4() != nil {
-				// IPv4
-				a := &dns.A{
-					Hdr: dns.RR_Header{Name: nameserver, Rrtype: dns.TypeA, Class: dns.ClassINET, Ttl: 999},
-					A:   ipAddr,
+			tmpNameserver := nameServers[tmpNameservers[rand.Intn(len(tmpNameservers))]]
+			// Query the random domain nameserver we picked above
+			resp, err := queryServer(r, tmpNameserver)
+			if err != nil {
+				// Send failure response
+				m.SetRcode(r, dns.RcodeServerFailure)
+				if err := w.WriteMsg(m); err != nil {
+					logger.Errorf("failed to write response: %s", err)
 				}
-				m.Extra = append(m.Extra, a)
+				logger.Errorf("failed to query domain nameserver: %s", err)
+				return
 			} else {
-				// IPv6
-				aaaa := &dns.AAAA{
-					Hdr:  dns.RR_Header{Name: nameserver, Rrtype: dns.TypeAAAA, Class: dns.ClassINET, Ttl: 999},
-					AAAA: ipAddr,
+				copyResponse(r, resp, m)
+				// Send response
+				if err := w.WriteMsg(m); err != nil {
+					logger.Errorf("failed to write response: %s", err)
+				}
+				return
+			}
+		} else {
+			for nameserver, ipAddress := range nameServers {
+				// Add trailing dot to make everybody happy
+				nameserver = nameserver + `.`
+				// NS record
+				ns := &dns.NS{
+					Hdr: dns.RR_Header{Name: (lookupDomainName + `.`), Rrtype: dns.TypeNS, Class: dns.ClassINET, Ttl: 999},
+					Ns:  nameserver,
+				}
+				m.Ns = append(m.Ns, ns)
+				// A or AAAA record
+				ipAddr := net.ParseIP(ipAddress)
+				if ipAddr.To4() != nil {
+					// IPv4
+					a := &dns.A{
+						Hdr: dns.RR_Header{Name: nameserver, Rrtype: dns.TypeA, Class: dns.ClassINET, Ttl: 999},
+						A:   ipAddr,
+					}
+					m.Extra = append(m.Extra, a)
+				} else {
+					// IPv6
+					aaaa := &dns.AAAA{
+						Hdr:  dns.RR_Header{Name: nameserver, Rrtype: dns.TypeAAAA, Class: dns.ClassINET, Ttl: 999},
+						AAAA: ipAddr,
+					}
+					m.Extra = append(m.Extra, aaaa)
 				}
-				m.Extra = append(m.Extra, aaaa)
 			}
 		}
 		// Send response
@@ -85,35 +113,28 @@ func handleQuery(w dns.ResponseWriter, r *dns.Msg) {
 		return
 	}
 
-	// Query fallback servers
-	fallbackResp, err := queryFallbackServer(r)
-	if err != nil {
-		// Send failure response
-		m.SetRcode(r, dns.RcodeServerFailure)
-		if err := w.WriteMsg(m); err != nil {
-			logger.Errorf("failed to write response: %s", err)
-		}
-		logger.Errorf("failed to query fallback server: %s", err)
-		return
-	} else {
-		// Copy relevant data from fallback response into our response
-		m.SetRcode(r, fallbackResp.MsgHdr.Rcode)
-		m.RecursionDesired = r.RecursionDesired
-		m.RecursionAvailable = fallbackResp.RecursionAvailable
-		if fallbackResp.Ns != nil {
-			m.Ns = append(m.Ns, fallbackResp.Ns...)
-		}
-		if fallbackResp.Answer != nil {
-			m.Answer = append(m.Answer, fallbackResp.Answer...)
-		}
-		if fallbackResp.Extra != nil {
-			m.Extra = append(m.Extra, fallbackResp.Extra...)
-		}
-		// Send response
-		if err := w.WriteMsg(m); err != nil {
-			logger.Errorf("failed to write response: %s", err)
+	// Query fallback servers if recursion is enabled
+	if cfg.Dns.RecursionEnabled {
+		// Pick random fallback server
+		fallbackServer := cfg.Dns.FallbackServers[rand.Intn(len(cfg.Dns.FallbackServers))]
+		// Query chosen server
+		fallbackResp, err := queryServer(r, fallbackServer)
+		if err != nil {
+			// Send failure response
+			m.SetRcode(r, dns.RcodeServerFailure)
+			if err := w.WriteMsg(m); err != nil {
+				logger.Errorf("failed to write response: %s", err)
+			}
+			logger.Errorf("failed to query fallback server: %s", err)
+			return
+		} else {
+			copyResponse(r, fallbackResp, m)
+			// Send response
+			if err := w.WriteMsg(m); err != nil {
+				logger.Errorf("failed to write response: %s", err)
+			}
+			return
 		}
-		return
 	}
 
 	// Return NXDOMAIN if we have no information about the requested domain or any of its parents
@@ -123,15 +144,27 @@ func handleQuery(w dns.ResponseWriter, r *dns.Msg) {
 	}
 }
 
-func queryFallbackServer(req *dns.Msg) (*dns.Msg, error) {
-	// Pick random fallback server
-	cfg := config.GetConfig()
-	fallbackServer := cfg.Dns.FallbackServers[rand.Intn(len(cfg.Dns.FallbackServers))]
-	// Query chosen server
+func copyResponse(req *dns.Msg, srcResp *dns.Msg, destResp *dns.Msg) {
+	// Copy relevant data from original request and source response into destination response
+	destResp.SetRcode(req, srcResp.MsgHdr.Rcode)
+	destResp.RecursionDesired = req.RecursionDesired
+	destResp.RecursionAvailable = srcResp.RecursionAvailable
+	if srcResp.Ns != nil {
+		destResp.Ns = append(destResp.Ns, srcResp.Ns...)
+	}
+	if srcResp.Answer != nil {
+		destResp.Answer = append(destResp.Answer, srcResp.Answer...)
+	}
+	if srcResp.Extra != nil {
+		destResp.Extra = append(destResp.Extra, srcResp.Extra...)
+	}
+}
+
+func queryServer(req *dns.Msg, nameserver string) (*dns.Msg, error) {
 	m := new(dns.Msg)
 	m.Id = dns.Id()
 	m.RecursionDesired = req.RecursionDesired
 	m.Question = append(m.Question, req.Question...)
-	in, err := dns.Exchange(m, fmt.Sprintf("%s:53", fallbackServer))
+	in, err := dns.Exchange(m, fmt.Sprintf("%s:53", nameserver))
 	return in, err
 }

Original file line number	Diff line number	Diff line change
`@@ -41,9 +41,10 @@ type LoggingConfig struct {`
`41`	`41`	`}`
`42`	`42`
`43`	`43`	`type DnsConfig struct {`
`44`		- ListenAddress string `yaml:"address" envconfig:"DNS_LISTEN_ADDRESS"`
`45`		- ListenPort uint `yaml:"port" envconfig:"DNS_LISTEN_PORT"`
`46`		- FallbackServers []string `yaml:"fallbackServers" envconfig:"DNS_FALLBACK_SERVERS"`
	`44`	+ ListenAddress string `yaml:"address" envconfig:"DNS_LISTEN_ADDRESS"`
	`45`	+ ListenPort uint `yaml:"port" envconfig:"DNS_LISTEN_PORT"`
	`46`	+ RecursionEnabled bool `yaml:"recursionEnabled" envconfig:"DNS_RECURSION"`
	`47`	+ FallbackServers []string `yaml:"fallbackServers" envconfig:"DNS_FALLBACK_SERVERS"`
`47`	`48`	`}`
`48`	`49`
`49`	`50`	`type DebugConfig struct {`