Pull request 2207: 6882 Extend private rDNS

Updates #6882.

Squashed commit of the following:

commit 80fa6d62c67bdea6c4be6d8bcd066a0fb027a42a
Merge: c0fdf1a3c 762ef4a6d
Author: Eugene Burkov <E.Burkov@AdGuard.COM>
Date:   Mon Apr 22 18:53:18 2024 +0300

    Merge branch 'master' into 6882-extend-private-rdns

commit c0fdf1a3c56990a1d86850c1f723769361b6133d
Author: Eugene Burkov <E.Burkov@AdGuard.COM>
Date:   Thu Apr 18 18:19:36 2024 +0300

    client: imp ui text

commit f07a509d3d5b58f3fd83de304f6bfcb5c8c278e5
Author: Eugene Burkov <E.Burkov@AdGuard.COM>
Date:   Thu Apr 18 16:22:11 2024 +0300

    all: imp docs, upd proxy

commit 0d33079a96b70d10d363a8c32be789963e75438c
Author: Eugene Burkov <E.Burkov@AdGuard.COM>
Date:   Thu Apr 18 12:48:50 2024 +0300

    all: upd proxy

internal/dnsforward/process.go

@@ -380,8 +380,12 @@ func (s *Server) processDHCPAddrs(dctx *dnsContext) (rc resultCode) {
 		return resultCodeSuccess
 	}
 
+	req := pctx.Req
+	q := req.Question[0]
 	pref := pctx.RequestedPrivateRDNS
-	if pref == (netip.Prefix{}) {
+	// TODO(e.burkov):  Consider answering authoritatively for SOA and NS
+	// queries.
+	if pref == (netip.Prefix{}) || q.Qtype != dns.TypePTR {
 		return resultCodeSuccess
 	}
 
@@ -393,11 +397,10 @@ func (s *Server) processDHCPAddrs(dctx *dnsContext) (rc resultCode) {
 
 	log.Debug("dnsforward: dhcp client %s is %q", addr, host)
 
-	req := pctx.Req
 	resp := s.replyCompressed(req)
 	ptr := &dns.PTR{
 		Hdr: dns.RR_Header{
-			Name:   req.Question[0].Name,
+			Name:   q.Name,
 			Rrtype: dns.TypePTR,
 			// TODO(e.burkov):  Use [dhcpsvc.Lease.Expiry].  See
 			// https://github.com/AdguardTeam/AdGuardHome/issues/3932.

internal/home/config.go

@@ -203,15 +203,24 @@ type dnsConfig struct {
 	// resolver should be used.
 	PrivateNets []netutil.Prefix `yaml:"private_networks"`
 
-	// UsePrivateRDNS defines if the PTR requests for unknown addresses from
-	// locally-served networks should be resolved via private PTR resolvers.
+	// UsePrivateRDNS enables resolving requests containing a private IP address
+	// using private reverse DNS resolvers.  See PrivateRDNSResolvers.
+	//
+	// TODO(e.burkov):  Rename in YAML.
 	UsePrivateRDNS bool `yaml:"use_private_ptr_resolvers"`
 
-	// LocalPTRResolvers is the slice of addresses to be used as upstreams
-	// for PTR queries for locally-served networks.
-	LocalPTRResolvers []string `yaml:"local_ptr_upstreams"`
+	// PrivateRDNSResolvers is the slice of addresses to be used as upstreams
+	// for private requests.  It's only used for PTR, SOA, and NS queries,
+	// containing an ARPA subdomain, came from the the client with private
+	// address.  The address considered private according to PrivateNets.
+	//
+	// If empty, the OS-provided resolvers are used for private requests.
+	PrivateRDNSResolvers []string `yaml:"local_ptr_upstreams"`
 
-	// UseDNS64 defines if DNS64 should be used for incoming requests.
+	// UseDNS64 defines if DNS64 should be used for incoming requests.  Requests
+	// of type PTR for addresses within the configured prefixes will be resolved
+	// via [PrivateRDNSResolvers], so those should be valid and UsePrivateRDNS
+	// be set to true.
 	UseDNS64 bool `yaml:"use_dns64"`
 
 	// DNS64Prefixes is the list of NAT64 prefixes to be used for DNS64.
@@ -658,7 +667,7 @@ func (c *configuration) write() (err error) {
 		dns := &config.DNS
 		dns.Config = c
 
-		dns.LocalPTRResolvers = s.LocalPTRResolvers()
+		dns.PrivateRDNSResolvers = s.LocalPTRResolvers()
 
 		addrProcConf := s.AddrProcConfig()
 		config.Clients.Sources.RDNS = addrProcConf.UseRDNS

internal/home/dns.go

@@ -241,7 +241,7 @@ func newServerConfig(
 		TLSv12Roots:            Context.tlsRoots,
 		ConfigModified:         onConfigModified,
 		HTTPRegister:           httpReg,
-		LocalPTRResolvers:      dnsConf.LocalPTRResolvers,
+		LocalPTRResolvers:      dnsConf.PrivateRDNSResolvers,
 		UseDNS64:               dnsConf.UseDNS64,
 		DNS64Prefixes:          dnsConf.DNS64Prefixes,
 		UsePrivateRDNS:         dnsConf.UsePrivateRDNS,