all: imp code, docs

2023-09-22 18:31:37 +03:00 · 2023-09-22 18:31:37 +03:00 · 5819c594a2
parent d07ea96bb5
commit 5819c594a2
6 changed files with 41 additions and 26 deletions
--- a/internal/aghnet/net.go
+++ b/internal/aghnet/net.go
@ -310,9 +310,9 @@ func ParseAddrPort(s string, defaultPort uint16) (ipp netip.AddrPort, err error)

 // IsContained checks if addr is contained by subnets for any of ports.
 func IsContained(
+	addr netip.AddrPort,
 	subnets []netip.Prefix,
 	ports []uint16,
-	addr netip.AddrPort,
 ) (ok bool) {
 	ip := addr.Addr()

--- a/internal/aghnet/net_test.go
+++ b/internal/aghnet/net_test.go
@ -98,8 +98,8 @@ func TestIsContained(t *testing.T) {

 	v4addr := netip.MustParseAddr("1.2.3.4")

-	v4pref := netip.MustParsePrefix("1.2.3.4/24")
-	v4anotherPref := netip.MustParsePrefix("4.3.2.1/24")
+	v4pref := netip.MustParsePrefix("1.2.3.0/24")
+	v4anotherPref := netip.MustParsePrefix("4.3.2.0/24")

 	testCases := []struct {
 		name    string
@ -129,7 +129,7 @@ func TestIsContained(t *testing.T) {

 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {
-			tc.want(t, aghnet.IsContained(tc.subnets, tc.ports, tc.addr))
+			tc.want(t, aghnet.IsContained(tc.addr, tc.subnets, tc.ports))
 		})
 	}
 }
--- a/internal/dnsforward/config.go
+++ b/internal/dnsforward/config.go
@ -411,7 +411,8 @@ func filterUpstreamConfig(upsConf *proxy.UpstreamConfig, df func(u upstream.Upst

 // filterUs filters out all the upstreams that pointing to the local listening
 // addresses to avoid recursive queries.  upsConf may appear empty after the
-// filtering.
+// filtering.  All the filtered upstreams are closed and these closings errors
+// are joined.
 func (conf *ServerConfig) filterUs(upsConf *proxy.UpstreamConfig) (err error) {
 	addrs, uns := conf.collectDNSIPAddrs()
 	if len(addrs) == 0 {
@ -435,7 +436,7 @@ func (conf *ServerConfig) filterUs(upsConf *proxy.UpstreamConfig) (err error) {

 		log.Debug("dnsforward: filtering out networks %s on ports %d", nets, uns)

-		isOurFunc = func(a netip.AddrPort) (ok bool) { return aghnet.IsContained(nets, uns, a) }
+		isOurFunc = func(a netip.AddrPort) (ok bool) { return aghnet.IsContained(a, nets, uns) }
 	}

 	filterUpstreamConfig(upsConf, func(u upstream.Upstream) (ok bool) {
--- a/internal/dnsforward/dnsforward.go
+++ b/internal/dnsforward/dnsforward.go
@ -482,7 +482,7 @@ func (s *Server) setupLocalResolvers() (err error) {

 	log.Debug("dnsforward: upstreams to resolve ptr for local addresses: %v", resolvers)

-	uc, err := s.prepareUpstreamConfig(resolvers, nil, &upstream.Options{
+	uc, err := s.prepareLocalUpstreamConfig(resolvers, nil, &upstream.Options{
 		Bootstrap: bootstraps,
 		Timeout:   defaultLocalTimeout,
 		// TODO(e.burkov): Should we verify server's certificates?
@ -493,11 +493,6 @@ func (s *Server) setupLocalResolvers() (err error) {
 		return fmt.Errorf("preparing private upstreams: %w", err)
 	}

-	err = s.conf.filterUs(uc)
-	if err != nil {
-		return err
-	}
-
 	s.localResolvers = &proxy.Proxy{
 		Config: proxy.Config{
 			UpstreamConfig: uc,
--- a/internal/dnsforward/http.go
+++ b/internal/dnsforward/http.go
@ -142,20 +142,18 @@ func (s *Server) getDNSConfig() (c *jsonDNSConfig) {
 		upstreamMode = "parallel"
 	}

-	uc, err := s.prepareUpstreamConfig(
-		stringutil.FilterOut(s.sysResolvers.Get(), IsCommentOrEmpty),
-		nil,
-		nil,
-	)
+	defLocalPTRUps := []string{}
+	uc, err := s.prepareLocalUpstreamConfig(s.sysResolvers.Get(), nil, nil)
 	if err != nil {
-		log.Debug("dnsforward: getting dns configuration: %s", err)
-	} else if err = s.conf.filterUs(uc); err != nil {
-		log.Debug("dnsforward: getting dns configuration: %s", err)
-	}
+		log.Error("dnsforward: getting system upstream config: %s", err)
+	} else {
+		for _, u := range uc.Upstreams {
+			defLocalPTRUps = append(defLocalPTRUps, u.Address())
+		}

-	var defLocalPTRUps []string
-	for _, u := range uc.Upstreams {
-		defLocalPTRUps = append(defLocalPTRUps, u.Address())
+		if err = uc.Close(); err != nil {
+			log.Error("dnsforward: closing system upstream config: %s", err)
+		}
 	}

 	return &jsonDNSConfig{
--- a/internal/dnsforward/upstreams.go
+++ b/internal/dnsforward/upstreams.go
@ -69,8 +69,8 @@ func (s *Server) prepareUpstreamSettings() (err error) {
 	return nil
 }

-// prepareUpstreamConfig sets upstream configuration based on upstreams and
-// configuration of s.
+// prepareUpstreamConfig returns the upstream configuration based on upstreams
+// and configuration of s.
 func (s *Server) prepareUpstreamConfig(
 	upstreams []string,
 	defaultUpstreams []string,
@ -103,6 +103,27 @@ func (s *Server) prepareUpstreamConfig(
 	return uc, nil
 }

+// prepareLocalUpstreamConfig returns the upstream configuration for private
+// upstreams based on upstreams and configuration of s.  It also filters out
+// the own listening addresses from the upstreams, so it may appear empty.
+func (s *Server) prepareLocalUpstreamConfig(
+	upstreams []string,
+	defaultUpstreams []string,
+	opts *upstream.Options,
+) (uc *proxy.UpstreamConfig, err error) {
+	uc, err = s.prepareUpstreamConfig(upstreams, defaultUpstreams, opts)
+	if err != nil {
+		return nil, fmt.Errorf("preparing private upstreams: %w", err)
+	}
+
+	err = s.conf.filterUs(uc)
+	if err != nil {
+		return nil, fmt.Errorf("filtering private upstreams: %w", err)
+	}
+
+	return uc, nil
+}
+
 // replaceUpstreamsWithHosts replaces unique upstreams with their resolved
 // versions based on the system hosts file.
 //