Pull request 1892: next-imp-dnssvc

Squashed commit of the following:

commit 770a3f338ecb270fcff7792a4ffe3cf95492d2ae
Author: Ainar Garipov <A.Garipov@AdGuard.COM>
Date:   Tue Jun 27 20:10:39 2023 +0300

    dnssvc: fix test for darwin

commit 6564abcc0904784ff3787e1a046d665519a108b3
Author: Ainar Garipov <A.Garipov@AdGuard.COM>
Date:   Tue Jun 27 19:57:19 2023 +0300

    all: fix .gitignore, tests

commit 3ff1be0462b3adea81d98b1f65eeb685d2d72030
Author: Ainar Garipov <A.Garipov@AdGuard.COM>
Date:   Tue Jun 27 19:30:05 2023 +0300

    next: add conf example; imp dnssvc

internal/next/dnssvc/config.go

@@ -0,0 +1,35 @@
+package dnssvc
+
+import (
+	"net/netip"
+	"time"
+)
+
+// Config is the AdGuard Home DNS service configuration structure.
+//
+// TODO(a.garipov): Add timeout for incoming requests.
+type Config struct {
+	// Addresses are the addresses on which to serve plain DNS queries.
+	Addresses []netip.AddrPort
+
+	// BootstrapServers are the addresses of DNS servers used for bootstrapping
+	// the upstream DNS server addresses.
+	BootstrapServers []string
+
+	// UpstreamServers are the upstream DNS server addresses to use.
+	UpstreamServers []string
+
+	// DNS64Prefixes is a slice of NAT64 prefixes to be used for DNS64.  See
+	// also [Config.UseDNS64].
+	DNS64Prefixes []netip.Prefix
+
+	// UpstreamTimeout is the timeout for upstream requests.
+	UpstreamTimeout time.Duration
+
+	// BootstrapPreferIPv6, if true, instructs the bootstrapper to prefer IPv6
+	// addresses to IPv4 ones when bootstrapping.
+	BootstrapPreferIPv6 bool
+
+	// UseDNS64, if true, enables DNS64 protection for incoming requests.
+	UseDNS64 bool
+}

internal/next/dnssvc/dnssvc.go

@@ -19,40 +19,20 @@ import (
 	"github.com/AdguardTeam/dnsproxy/upstream"
 )
 
-// Config is the AdGuard Home DNS service configuration structure.
-//
-// TODO(a.garipov): Add timeout for incoming requests.
-type Config struct {
-	// Addresses are the addresses on which to serve plain DNS queries.
-	Addresses []netip.AddrPort
-
-	// Upstreams are the DNS upstreams to use.  If not set, upstreams are
-	// created using data from BootstrapServers, UpstreamServers, and
-	// UpstreamTimeout.
-	//
-	// TODO(a.garipov): Think of a better scheme.  Those other three parameters
-	// are here only to make Config work properly.
-	Upstreams []upstream.Upstream
-
-	// BootstrapServers are the addresses for bootstrapping the upstream DNS
-	// server addresses.
-	BootstrapServers []string
-
-	// UpstreamServers are the upstream DNS server addresses to use.
-	UpstreamServers []string
-
-	// UpstreamTimeout is the timeout for upstream requests.
-	UpstreamTimeout time.Duration
-}
-
 // Service is the AdGuard Home DNS service.  A nil *Service is a valid
 // [agh.Service] that does nothing.
+//
+// TODO(a.garipov): Consider saving a [*proxy.Config] instance for those
+// fields that are only used in [New] and [Service.Config].
 type Service struct {
-	proxy      *proxy.Proxy
-	bootstraps []string
-	upstreams  []string
-	upsTimeout time.Duration
-	running    atomic.Bool
+	proxy               *proxy.Proxy
+	bootstraps          []string
+	upstreams           []string
+	dns64Prefixes       []netip.Prefix
+	upsTimeout          time.Duration
+	running             atomic.Bool
+	bootstrapPreferIPv6 bool
+	useDNS64            bool
 }
 
 // New returns a new properly initialized *Service.  If c is nil, svc is a nil
@@ -64,23 +44,22 @@ func New(c *Config) (svc *Service, err error) {
 	}
 
 	svc = &Service{
-		bootstraps: c.BootstrapServers,
-		upstreams:  c.UpstreamServers,
-		upsTimeout: c.UpstreamTimeout,
+		bootstraps:          c.BootstrapServers,
+		upstreams:           c.UpstreamServers,
+		dns64Prefixes:       c.DNS64Prefixes,
+		upsTimeout:          c.UpstreamTimeout,
+		bootstrapPreferIPv6: c.BootstrapPreferIPv6,
+		useDNS64:            c.UseDNS64,
 	}
 
-	var upstreams []upstream.Upstream
-	if len(c.Upstreams) > 0 {
-		upstreams = c.Upstreams
-	} else {
-		upstreams, err = addressesToUpstreams(
-			c.UpstreamServers,
-			c.BootstrapServers,
-			c.UpstreamTimeout,
-		)
-		if err != nil {
-			return nil, fmt.Errorf("converting upstreams: %w", err)
-		}
+	upstreams, err := addressesToUpstreams(
+		c.UpstreamServers,
+		c.BootstrapServers,
+		c.UpstreamTimeout,
+		c.BootstrapPreferIPv6,
+	)
+	if err != nil {
+		return nil, fmt.Errorf("converting upstreams: %w", err)
 	}
 
 	svc.proxy = &proxy.Proxy{
@@ -90,6 +69,8 @@ func New(c *Config) (svc *Service, err error) {
 			UpstreamConfig: &proxy.UpstreamConfig{
 				Upstreams: upstreams,
 			},
+			UseDNS64:   c.UseDNS64,
+			DNS64Prefs: c.DNS64Prefixes,
 		},
 	}
 
@@ -108,12 +89,14 @@ func addressesToUpstreams(
 	upsStrs []string,
 	bootstraps []string,
 	timeout time.Duration,
+	preferIPv6 bool,
 ) (upstreams []upstream.Upstream, err error) {
 	upstreams = make([]upstream.Upstream, len(upsStrs))
 	for i, upsStr := range upsStrs {
 		upstreams[i], err = upstream.AddressToUpstream(upsStr, &upstream.Options{
-			Bootstrap: bootstraps,
-			Timeout:   timeout,
+			Bootstrap:  bootstraps,
+			Timeout:    timeout,
+			PreferIPv6: preferIPv6,
 		})
 		if err != nil {
 			return nil, fmt.Errorf("upstream at index %d: %w", i, err)
@@ -206,10 +189,13 @@ func (svc *Service) Config() (c *Config) {
 	}
 
 	c = &Config{
-		Addresses:        addrs,
-		BootstrapServers: svc.bootstraps,
-		UpstreamServers:  svc.upstreams,
-		UpstreamTimeout:  svc.upsTimeout,
+		Addresses:           addrs,
+		BootstrapServers:    svc.bootstraps,
+		UpstreamServers:     svc.upstreams,
+		DNS64Prefixes:       svc.dns64Prefixes,
+		UpstreamTimeout:     svc.upsTimeout,
+		BootstrapPreferIPv6: svc.bootstrapPreferIPv6,
+		UseDNS64:            svc.useDNS64,
 	}
 
 	return c

internal/next/dnssvc/dnssvc_test.go

@@ -6,10 +6,7 @@ import (
 	"testing"
 	"time"
 
-	"github.com/AdguardTeam/AdGuardHome/internal/aghtest"
 	"github.com/AdguardTeam/AdGuardHome/internal/next/dnssvc"
-	"github.com/AdguardTeam/dnsproxy/upstream"
-	"github.com/AdguardTeam/golibs/errors"
 	"github.com/AdguardTeam/golibs/testutil"
 	"github.com/miekg/dns"
 	"github.com/stretchr/testify/assert"
@@ -21,36 +18,55 @@ func TestMain(m *testing.M) {
 }
 
 // testTimeout is the common timeout for tests.
-const testTimeout = 100 * time.Millisecond
+const testTimeout = 1 * time.Second
 
 func TestService(t *testing.T) {
 	const (
-		bootstrapAddr = "bootstrap.example"
+		listenAddr    = "127.0.0.1:0"
+		bootstrapAddr = "127.0.0.1:0"
 		upstreamAddr  = "upstream.example"
-
-		closeErr errors.Error = "closing failed"
 	)
 
-	ups := &aghtest.UpstreamMock{
-		OnAddress: func() (addr string) {
-			return upstreamAddr
-		},
-		OnExchange: func(req *dns.Msg) (resp *dns.Msg, err error) {
-			resp = (&dns.Msg{}).SetReply(req)
+	upstreamErrCh := make(chan error, 1)
+	upstreamStartedCh := make(chan struct{})
+	upstreamSrv := &dns.Server{
+		Addr: bootstrapAddr,
+		Net:  "udp",
+		Handler: dns.HandlerFunc(func(w dns.ResponseWriter, req *dns.Msg) {
+			pt := testutil.PanicT{}
 
-			return resp, nil
-		},
-		OnClose: func() (err error) {
-			return closeErr
-		},
+			resp := (&dns.Msg{}).SetReply(req)
+			resp.Answer = append(resp.Answer, &dns.A{
+				Hdr: dns.RR_Header{},
+				A:   netip.MustParseAddrPort(bootstrapAddr).Addr().AsSlice(),
+			})
+
+			writeErr := w.WriteMsg(resp)
+			require.NoError(pt, writeErr)
+		}),
+		NotifyStartedFunc: func() { close(upstreamStartedCh) },
 	}
 
+	go func() {
+		listenErr := upstreamSrv.ListenAndServe()
+		if listenErr != nil {
+			// Log these immediately to see what happens.
+			t.Logf("upstream listen error: %s", listenErr)
+		}
+
+		upstreamErrCh <- listenErr
+	}()
+
+	_, _ = testutil.RequireReceive(t, upstreamStartedCh, testTimeout)
+
 	c := &dnssvc.Config{
-		Addresses:        []netip.AddrPort{netip.MustParseAddrPort("127.0.0.1:0")},
-		Upstreams:        []upstream.Upstream{ups},
-		BootstrapServers: []string{bootstrapAddr},
-		UpstreamServers:  []string{upstreamAddr},
-		UpstreamTimeout:  testTimeout,
+		Addresses:           []netip.AddrPort{netip.MustParseAddrPort(listenAddr)},
+		BootstrapServers:    []string{upstreamSrv.PacketConn.LocalAddr().String()},
+		UpstreamServers:     []string{upstreamAddr},
+		DNS64Prefixes:       nil,
+		UpstreamTimeout:     testTimeout,
+		BootstrapPreferIPv6: false,
+		UseDNS64:            false,
 	}
 
 	svc, err := dnssvc.New(c)
@@ -82,8 +98,14 @@ func TestService(t *testing.T) {
 		defer cancel()
 
 		cli := &dns.Client{}
-		resp, _, excErr := cli.ExchangeContext(ctx, req, addr.String())
-		require.NoError(t, excErr)
+
+		var resp *dns.Msg
+		require.Eventually(t, func() (ok bool) {
+			var excErr error
+			resp, _, excErr = cli.ExchangeContext(ctx, req, addr.String())
+
+			return excErr == nil
+		}, testTimeout, testTimeout/10)
 
 		assert.NotNil(t, resp)
 	})
@@ -92,5 +114,12 @@ func TestService(t *testing.T) {
 	defer cancel()
 
 	err = svc.Shutdown(ctx)
-	require.ErrorIs(t, err, closeErr)
+	require.NoError(t, err)
+
+	err = upstreamSrv.Shutdown()
+	require.NoError(t, err)
+
+	err, ok := testutil.RequireReceive(t, upstreamErrCh, testTimeout)
+	require.True(t, ok)
+	require.NoError(t, err)
 }