2020-07-08 13:14:39 +00:00
|
|
|
package dns
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"context"
|
|
|
|
|
"net"
|
2020-07-08 23:36:02 +00:00
|
|
|
"sync"
|
2020-07-08 13:14:39 +00:00
|
|
|
"time"
|
|
|
|
|
|
2020-07-26 12:07:06 +00:00
|
|
|
"github.com/qdm12/gluetun/internal/constants"
|
|
|
|
|
"github.com/qdm12/gluetun/internal/settings"
|
2020-07-08 13:14:39 +00:00
|
|
|
"github.com/qdm12/golibs/command"
|
|
|
|
|
"github.com/qdm12/golibs/logging"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
type Looper interface {
|
2020-09-12 18:50:42 +00:00
|
|
|
Run(ctx context.Context, wg *sync.WaitGroup, signalDNSReady func())
|
2020-09-12 14:34:15 -04:00
|
|
|
RunRestartTicker(ctx context.Context, wg *sync.WaitGroup)
|
2020-07-15 01:34:46 +00:00
|
|
|
Restart()
|
2020-07-15 23:51:34 +00:00
|
|
|
Start()
|
|
|
|
|
Stop()
|
2020-07-16 01:45:05 +00:00
|
|
|
GetSettings() (settings settings.DNS)
|
|
|
|
|
SetSettings(settings settings.DNS)
|
2020-07-08 13:14:39 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
type looper struct {
|
2020-07-16 12:00:25 +00:00
|
|
|
conf Configurator
|
|
|
|
|
settings settings.DNS
|
|
|
|
|
settingsMutex sync.RWMutex
|
|
|
|
|
logger logging.Logger
|
|
|
|
|
streamMerger command.StreamMerger
|
|
|
|
|
uid int
|
|
|
|
|
gid int
|
|
|
|
|
restart chan struct{}
|
|
|
|
|
start chan struct{}
|
|
|
|
|
stop chan struct{}
|
|
|
|
|
updateTicker chan struct{}
|
2020-10-15 23:20:36 +00:00
|
|
|
timeNow func() time.Time
|
|
|
|
|
timeSince func(time.Time) time.Duration
|
2020-07-08 13:14:39 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func NewLooper(conf Configurator, settings settings.DNS, logger logging.Logger,
|
|
|
|
|
streamMerger command.StreamMerger, uid, gid int) Looper {
|
|
|
|
|
return &looper{
|
|
|
|
|
conf: conf,
|
|
|
|
|
settings: settings,
|
|
|
|
|
logger: logger.WithPrefix("dns over tls: "),
|
|
|
|
|
uid: uid,
|
|
|
|
|
gid: gid,
|
|
|
|
|
streamMerger: streamMerger,
|
2020-07-15 01:34:46 +00:00
|
|
|
restart: make(chan struct{}),
|
2020-07-15 23:51:34 +00:00
|
|
|
start: make(chan struct{}),
|
|
|
|
|
stop: make(chan struct{}),
|
2020-07-16 01:45:05 +00:00
|
|
|
updateTicker: make(chan struct{}),
|
2020-10-15 23:20:36 +00:00
|
|
|
timeNow: time.Now,
|
|
|
|
|
timeSince: time.Since,
|
2020-07-08 13:14:39 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-07-15 01:34:46 +00:00
|
|
|
func (l *looper) Restart() { l.restart <- struct{}{} }
|
2020-07-15 23:51:34 +00:00
|
|
|
func (l *looper) Start() { l.start <- struct{}{} }
|
|
|
|
|
func (l *looper) Stop() { l.stop <- struct{}{} }
|
2020-07-15 01:34:46 +00:00
|
|
|
|
2020-07-16 01:45:05 +00:00
|
|
|
func (l *looper) GetSettings() (settings settings.DNS) {
|
|
|
|
|
l.settingsMutex.RLock()
|
|
|
|
|
defer l.settingsMutex.RUnlock()
|
|
|
|
|
return l.settings
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (l *looper) SetSettings(settings settings.DNS) {
|
|
|
|
|
l.settingsMutex.Lock()
|
|
|
|
|
defer l.settingsMutex.Unlock()
|
|
|
|
|
updatePeriodDiffers := l.settings.UpdatePeriod != settings.UpdatePeriod
|
|
|
|
|
l.settings = settings
|
|
|
|
|
l.settingsMutex.Unlock()
|
|
|
|
|
if updatePeriodDiffers {
|
|
|
|
|
l.updateTicker <- struct{}{}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (l *looper) isEnabled() bool {
|
|
|
|
|
l.settingsMutex.RLock()
|
|
|
|
|
defer l.settingsMutex.RUnlock()
|
|
|
|
|
return l.settings.Enabled
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (l *looper) setEnabled(enabled bool) {
|
|
|
|
|
l.settingsMutex.Lock()
|
|
|
|
|
defer l.settingsMutex.Unlock()
|
|
|
|
|
l.settings.Enabled = enabled
|
|
|
|
|
}
|
|
|
|
|
|
2020-07-11 20:59:30 +00:00
|
|
|
func (l *looper) logAndWait(ctx context.Context, err error) {
|
2020-07-08 13:14:39 +00:00
|
|
|
l.logger.Warn(err)
|
|
|
|
|
l.logger.Info("attempting restart in 10 seconds")
|
2020-07-11 20:59:30 +00:00
|
|
|
ctx, cancel := context.WithTimeout(ctx, 10*time.Second)
|
|
|
|
|
defer cancel()
|
|
|
|
|
<-ctx.Done()
|
2020-07-08 13:14:39 +00:00
|
|
|
}
|
|
|
|
|
|
2020-09-12 18:50:42 +00:00
|
|
|
func (l *looper) waitForFirstStart(ctx context.Context, signalDNSReady func()) {
|
2020-07-17 01:16:49 +00:00
|
|
|
for {
|
2020-07-15 23:51:34 +00:00
|
|
|
select {
|
|
|
|
|
case <-l.stop:
|
2020-07-17 01:16:49 +00:00
|
|
|
l.setEnabled(false)
|
2020-07-15 23:51:34 +00:00
|
|
|
l.logger.Info("not started yet")
|
|
|
|
|
case <-l.restart:
|
2020-07-17 01:16:49 +00:00
|
|
|
if l.isEnabled() {
|
|
|
|
|
return
|
|
|
|
|
}
|
2020-09-12 18:50:42 +00:00
|
|
|
signalDNSReady()
|
2020-07-17 01:16:49 +00:00
|
|
|
l.logger.Info("not restarting because disabled")
|
|
|
|
|
case <-l.start:
|
|
|
|
|
l.setEnabled(true)
|
|
|
|
|
return
|
|
|
|
|
case <-ctx.Done():
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (l *looper) waitForSubsequentStart(ctx context.Context, unboundCancel context.CancelFunc) {
|
|
|
|
|
if l.isEnabled() {
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
for {
|
|
|
|
|
// wait for a signal to re-enable
|
|
|
|
|
select {
|
|
|
|
|
case <-l.stop:
|
|
|
|
|
l.logger.Info("already disabled")
|
|
|
|
|
case <-l.restart:
|
|
|
|
|
if !l.isEnabled() {
|
|
|
|
|
l.logger.Info("not restarting because disabled")
|
|
|
|
|
} else {
|
|
|
|
|
return
|
|
|
|
|
}
|
2020-07-15 23:51:34 +00:00
|
|
|
case <-l.start:
|
2020-07-17 01:16:49 +00:00
|
|
|
l.setEnabled(true)
|
|
|
|
|
return
|
2020-07-15 23:51:34 +00:00
|
|
|
case <-ctx.Done():
|
2020-07-17 01:16:49 +00:00
|
|
|
unboundCancel()
|
2020-07-15 23:51:34 +00:00
|
|
|
return
|
|
|
|
|
}
|
2020-07-08 13:14:39 +00:00
|
|
|
}
|
2020-07-17 01:16:49 +00:00
|
|
|
}
|
|
|
|
|
|
2020-09-12 18:50:42 +00:00
|
|
|
func (l *looper) Run(ctx context.Context, wg *sync.WaitGroup, signalDNSReady func()) {
|
2020-07-17 01:16:49 +00:00
|
|
|
defer wg.Done()
|
2020-09-09 21:44:50 +00:00
|
|
|
const fallback = false
|
|
|
|
|
l.useUnencryptedDNS(fallback)
|
2020-09-12 18:50:42 +00:00
|
|
|
l.waitForFirstStart(ctx, signalDNSReady)
|
2020-07-17 01:16:49 +00:00
|
|
|
if ctx.Err() != nil {
|
|
|
|
|
return
|
|
|
|
|
}
|
2020-07-11 20:59:30 +00:00
|
|
|
defer l.logger.Warn("loop exited")
|
|
|
|
|
|
|
|
|
|
var unboundCtx context.Context
|
|
|
|
|
var unboundCancel context.CancelFunc = func() {}
|
|
|
|
|
var waitError chan error
|
|
|
|
|
triggeredRestart := false
|
2020-07-16 01:45:05 +00:00
|
|
|
l.setEnabled(true)
|
2020-07-11 20:59:30 +00:00
|
|
|
for ctx.Err() == nil {
|
2020-07-17 01:16:49 +00:00
|
|
|
l.waitForSubsequentStart(ctx, unboundCancel)
|
2020-07-08 13:14:39 +00:00
|
|
|
|
2020-07-16 01:45:05 +00:00
|
|
|
settings := l.GetSettings()
|
|
|
|
|
|
2020-07-08 13:14:39 +00:00
|
|
|
// Setup
|
2020-10-18 02:24:34 +00:00
|
|
|
if err := l.conf.DownloadRootHints(ctx, l.uid, l.gid); err != nil {
|
2020-07-11 20:59:30 +00:00
|
|
|
l.logAndWait(ctx, err)
|
2020-07-08 13:14:39 +00:00
|
|
|
continue
|
|
|
|
|
}
|
2020-10-18 02:24:34 +00:00
|
|
|
if err := l.conf.DownloadRootKey(ctx, l.uid, l.gid); err != nil {
|
2020-07-11 20:59:30 +00:00
|
|
|
l.logAndWait(ctx, err)
|
2020-07-08 13:14:39 +00:00
|
|
|
continue
|
|
|
|
|
}
|
2020-10-18 02:24:34 +00:00
|
|
|
if err := l.conf.MakeUnboundConf(ctx, settings, l.uid, l.gid); err != nil {
|
2020-07-11 20:59:30 +00:00
|
|
|
l.logAndWait(ctx, err)
|
2020-07-08 13:14:39 +00:00
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
|
2020-07-11 20:59:30 +00:00
|
|
|
if triggeredRestart {
|
|
|
|
|
triggeredRestart = false
|
|
|
|
|
unboundCancel()
|
|
|
|
|
<-waitError
|
|
|
|
|
close(waitError)
|
|
|
|
|
}
|
|
|
|
|
unboundCtx, unboundCancel = context.WithCancel(context.Background())
|
2020-07-16 01:45:05 +00:00
|
|
|
stream, waitFn, err := l.conf.Start(unboundCtx, settings.VerbosityDetailsLevel)
|
2020-07-08 13:14:39 +00:00
|
|
|
if err != nil {
|
|
|
|
|
unboundCancel()
|
2020-09-09 21:44:50 +00:00
|
|
|
const fallback = true
|
|
|
|
|
l.useUnencryptedDNS(fallback)
|
2020-07-11 20:59:30 +00:00
|
|
|
l.logAndWait(ctx, err)
|
|
|
|
|
continue
|
2020-07-08 13:14:39 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Started successfully
|
2020-07-12 21:19:44 -04:00
|
|
|
go l.streamMerger.Merge(unboundCtx, stream, command.MergeName("unbound"))
|
2020-07-16 01:45:05 +00:00
|
|
|
l.conf.UseDNSInternally(net.IP{127, 0, 0, 1}) // use Unbound
|
|
|
|
|
if err := l.conf.UseDNSSystemWide(net.IP{127, 0, 0, 1}, settings.KeepNameserver); err != nil { // use Unbound
|
2020-07-11 20:59:30 +00:00
|
|
|
l.logger.Error(err)
|
2020-07-08 13:14:39 +00:00
|
|
|
}
|
|
|
|
|
if err := l.conf.WaitForUnbound(); err != nil {
|
|
|
|
|
unboundCancel()
|
2020-09-09 21:44:50 +00:00
|
|
|
const fallback = true
|
|
|
|
|
l.useUnencryptedDNS(fallback)
|
2020-07-11 20:59:30 +00:00
|
|
|
l.logAndWait(ctx, err)
|
|
|
|
|
continue
|
2020-07-08 13:14:39 +00:00
|
|
|
}
|
2020-07-11 20:59:30 +00:00
|
|
|
waitError = make(chan error)
|
2020-07-08 13:14:39 +00:00
|
|
|
go func() {
|
|
|
|
|
err := waitFn() // blocking
|
2020-07-08 23:42:54 +00:00
|
|
|
waitError <- err
|
2020-07-08 13:14:39 +00:00
|
|
|
}()
|
2020-09-09 21:44:50 +00:00
|
|
|
l.logger.Info("DNS over TLS is ready")
|
2020-09-12 18:50:42 +00:00
|
|
|
signalDNSReady()
|
2020-07-08 13:14:39 +00:00
|
|
|
|
2020-07-15 23:51:34 +00:00
|
|
|
stayHere := true
|
|
|
|
|
for stayHere {
|
|
|
|
|
select {
|
|
|
|
|
case <-ctx.Done():
|
|
|
|
|
l.logger.Warn("context canceled: exiting loop")
|
|
|
|
|
unboundCancel()
|
|
|
|
|
<-waitError
|
|
|
|
|
close(waitError)
|
|
|
|
|
return
|
|
|
|
|
case <-l.restart: // triggered restart
|
|
|
|
|
l.logger.Info("restarting")
|
|
|
|
|
// unboundCancel occurs next loop run when the setup is complete
|
|
|
|
|
triggeredRestart = true
|
|
|
|
|
stayHere = false
|
|
|
|
|
case <-l.start:
|
|
|
|
|
l.logger.Info("already started")
|
|
|
|
|
case <-l.stop:
|
|
|
|
|
l.logger.Info("stopping")
|
|
|
|
|
unboundCancel()
|
|
|
|
|
<-waitError
|
|
|
|
|
close(waitError)
|
2020-07-16 01:45:05 +00:00
|
|
|
l.setEnabled(false)
|
2020-07-15 23:51:34 +00:00
|
|
|
stayHere = false
|
|
|
|
|
case err := <-waitError: // unexpected error
|
|
|
|
|
close(waitError)
|
|
|
|
|
unboundCancel()
|
2020-09-09 21:44:50 +00:00
|
|
|
const fallback = true
|
|
|
|
|
l.useUnencryptedDNS(fallback)
|
2020-07-15 23:51:34 +00:00
|
|
|
l.logAndWait(ctx, err)
|
|
|
|
|
stayHere = false
|
|
|
|
|
}
|
2020-07-08 13:14:39 +00:00
|
|
|
}
|
|
|
|
|
}
|
2020-07-11 20:59:30 +00:00
|
|
|
unboundCancel()
|
2020-07-08 13:14:39 +00:00
|
|
|
}
|
|
|
|
|
|
2020-09-09 21:44:50 +00:00
|
|
|
func (l *looper) useUnencryptedDNS(fallback bool) {
|
2020-07-16 01:45:05 +00:00
|
|
|
settings := l.GetSettings()
|
|
|
|
|
|
2020-07-08 13:14:39 +00:00
|
|
|
// Try with user provided plaintext ip address
|
2020-07-16 01:45:05 +00:00
|
|
|
targetIP := settings.PlaintextAddress
|
2020-07-08 13:14:39 +00:00
|
|
|
if targetIP != nil {
|
2020-09-09 21:44:50 +00:00
|
|
|
if fallback {
|
|
|
|
|
l.logger.Info("falling back on plaintext DNS at address %s", targetIP)
|
|
|
|
|
} else {
|
|
|
|
|
l.logger.Info("using plaintext DNS at address %s", targetIP)
|
|
|
|
|
}
|
2020-07-08 13:14:39 +00:00
|
|
|
l.conf.UseDNSInternally(targetIP)
|
2020-07-16 01:45:05 +00:00
|
|
|
if err := l.conf.UseDNSSystemWide(targetIP, settings.KeepNameserver); err != nil {
|
2020-07-08 13:14:39 +00:00
|
|
|
l.logger.Error(err)
|
|
|
|
|
}
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Try with any IPv4 address from the providers chosen
|
2020-07-16 01:45:05 +00:00
|
|
|
for _, provider := range settings.Providers {
|
2020-07-08 13:14:39 +00:00
|
|
|
data := constants.DNSProviderMapping()[provider]
|
|
|
|
|
for _, targetIP = range data.IPs {
|
|
|
|
|
if targetIP.To4() != nil {
|
2020-07-11 21:04:46 +00:00
|
|
|
l.logger.Info("falling back on plaintext DNS at address %s", targetIP)
|
2020-07-08 13:14:39 +00:00
|
|
|
l.conf.UseDNSInternally(targetIP)
|
2020-07-16 01:45:05 +00:00
|
|
|
if err := l.conf.UseDNSSystemWide(targetIP, settings.KeepNameserver); err != nil {
|
2020-07-08 13:14:39 +00:00
|
|
|
l.logger.Error(err)
|
|
|
|
|
}
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// No IPv4 address found
|
2020-07-16 01:45:05 +00:00
|
|
|
l.logger.Error("no ipv4 DNS address found for providers %s", settings.Providers)
|
2020-07-08 13:14:39 +00:00
|
|
|
}
|
|
|
|
|
|
2020-09-12 14:34:15 -04:00
|
|
|
func (l *looper) RunRestartTicker(ctx context.Context, wg *sync.WaitGroup) {
|
|
|
|
|
defer wg.Done()
|
2020-10-15 23:20:36 +00:00
|
|
|
// Timer that acts as a ticker
|
|
|
|
|
timer := time.NewTimer(time.Hour)
|
|
|
|
|
timer.Stop()
|
|
|
|
|
timerIsStopped := true
|
2020-07-16 01:45:05 +00:00
|
|
|
settings := l.GetSettings()
|
|
|
|
|
if settings.UpdatePeriod > 0 {
|
2020-10-15 23:20:36 +00:00
|
|
|
timer.Reset(settings.UpdatePeriod)
|
|
|
|
|
timerIsStopped = false
|
2020-07-08 13:14:39 +00:00
|
|
|
}
|
2020-10-15 23:20:36 +00:00
|
|
|
lastTick := time.Unix(0, 0)
|
2020-07-08 13:14:39 +00:00
|
|
|
for {
|
|
|
|
|
select {
|
|
|
|
|
case <-ctx.Done():
|
2020-10-15 23:20:36 +00:00
|
|
|
if !timerIsStopped && !timer.Stop() {
|
|
|
|
|
<-timer.C
|
|
|
|
|
}
|
2020-07-08 13:14:39 +00:00
|
|
|
return
|
2020-10-15 23:20:36 +00:00
|
|
|
case <-timer.C:
|
|
|
|
|
lastTick = l.timeNow()
|
2020-07-15 01:34:46 +00:00
|
|
|
l.restart <- struct{}{}
|
2020-10-15 23:20:36 +00:00
|
|
|
settings := l.GetSettings()
|
|
|
|
|
timer.Reset(settings.UpdatePeriod)
|
2020-07-16 01:45:05 +00:00
|
|
|
case <-l.updateTicker:
|
2020-10-15 23:20:36 +00:00
|
|
|
if !timer.Stop() {
|
|
|
|
|
<-timer.C
|
|
|
|
|
}
|
|
|
|
|
timerIsStopped = true
|
|
|
|
|
settings := l.GetSettings()
|
|
|
|
|
newUpdatePeriod := settings.UpdatePeriod
|
|
|
|
|
if newUpdatePeriod == 0 {
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
var waited time.Duration
|
|
|
|
|
if lastTick.UnixNano() != 0 {
|
|
|
|
|
waited = l.timeSince(lastTick)
|
|
|
|
|
}
|
|
|
|
|
leftToWait := newUpdatePeriod - waited
|
|
|
|
|
timer.Reset(leftToWait)
|
|
|
|
|
timerIsStopped = false
|
2020-07-08 13:14:39 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
