dnscrypt-proxy/dnscrypt-proxy/plugins.go

package main

import (
	"crypto/sha512"
	"encoding/binary"
	"errors"
	"net"
	"sync"
	"time"

	lru "github.com/hashicorp/golang-lru"
	"github.com/miekg/dns"
)

type PluginsAction int

const (
	PluginsActionNone    = 0
	PluginsActionForward = 1
	PluginsActionDrop    = 2
	PluginsActionReject  = 3
	PluginsActionSynth   = 4
)

type PluginsGlobals struct {
	sync.RWMutex
	queryPlugins    *[]Plugin
	responsePlugins *[]Plugin
}

var pluginsGlobals PluginsGlobals

type PluginsState struct {
	sessionData            map[string]interface{}
	action                 PluginsAction
	originalMaxPayloadSize int
	maxPayloadSize         int
	clientProto            string
	clientAddr             *net.Addr
	synthResponse          *dns.Msg
	dnssec                 bool
	cacheSize              int
	cacheNegTTL            uint32
	cacheMinTTL            uint32
	cacheMaxTTL            uint32
}

func InitPluginsGlobals(pluginsGlobals *PluginsGlobals, proxy *Proxy) error {
	queryPlugins := &[]Plugin{}
	if proxy.pluginBlockIPv6 {
		*queryPlugins = append(*queryPlugins, Plugin(new(PluginBlockIPv6)))
	}
	*queryPlugins = append(*queryPlugins, Plugin(new(PluginGetSetPayloadSize)))
	if proxy.cache {
		*queryPlugins = append(*queryPlugins, Plugin(new(PluginCache)))
	}

	responsePlugins := &[]Plugin{}
	if proxy.cache {
		*responsePlugins = append(*responsePlugins, Plugin(new(PluginCacheResponse)))
	}

	for _, plugin := range *queryPlugins {
		if err := plugin.Init(proxy); err != nil {
			return err
		}
	}
	for _, plugin := range *responsePlugins {
		if err := plugin.Init(proxy); err != nil {
			return err
		}
	}

	(*pluginsGlobals).queryPlugins = queryPlugins
	(*pluginsGlobals).responsePlugins = responsePlugins
	return nil
}

type Plugin interface {
	Name() string
	Description() string
	Init(proxy *Proxy) error
	Drop() error
	Reload() error
	Eval(pluginsState *PluginsState, msg *dns.Msg) error
}

func NewPluginsState(proxy *Proxy, clientProto string, clientAddr *net.Addr) PluginsState {
	return PluginsState{
		action:         PluginsActionForward,
		maxPayloadSize: MaxDNSUDPPacketSize - ResponseOverhead,
		clientProto:    clientProto,
		clientAddr:     clientAddr,
		cacheSize:      proxy.cacheSize,
		cacheNegTTL:    proxy.cacheNegTTL,
		cacheMinTTL:    proxy.cacheMinTTL,
		cacheMaxTTL:    proxy.cacheMaxTTL,
	}
}

// ---------------- Query plugins ----------------

func (pluginsState *PluginsState) ApplyQueryPlugins(pluginsGlobals *PluginsGlobals, packet []byte) ([]byte, error) {
	if len(*pluginsGlobals.queryPlugins) == 0 {
		return packet, nil
	}
	pluginsState.action = PluginsActionForward
	msg := dns.Msg{}
	if err := msg.Unpack(packet); err != nil {
		return packet, err
	}
	pluginsGlobals.RLock()
	for _, plugin := range *pluginsGlobals.queryPlugins {
		if ret := plugin.Eval(pluginsState, &msg); ret != nil {
			pluginsGlobals.RUnlock()
			pluginsState.action = PluginsActionDrop
			return packet, ret
		}
		if pluginsState.action != PluginsActionForward {
			break
		}
	}
	pluginsGlobals.RUnlock()
	packet2, err := msg.PackBuffer(packet)
	if err != nil {
		return packet, err
	}
	return packet2, nil
}

// -------- get_set_payload_size plugin --------

type PluginGetSetPayloadSize struct{}

func (plugin *PluginGetSetPayloadSize) Name() string {
	return "get_set_payload_size"
}

func (plugin *PluginGetSetPayloadSize) Description() string {
	return "Adjusts the maximum payload size advertised in queries sent to upstream servers."
}

func (plugin *PluginGetSetPayloadSize) Init(proxy *Proxy) error {
	return nil
}

func (plugin *PluginGetSetPayloadSize) Drop() error {
	return nil
}

func (plugin *PluginGetSetPayloadSize) Reload() error {
	return nil
}

func (plugin *PluginGetSetPayloadSize) Eval(pluginsState *PluginsState, msg *dns.Msg) error {
	pluginsState.originalMaxPayloadSize = 512 - ResponseOverhead
	opt := msg.IsEdns0()
	dnssec := false
	if opt != nil {
		pluginsState.originalMaxPayloadSize = Min(int(opt.UDPSize())-ResponseOverhead, pluginsState.originalMaxPayloadSize)
		dnssec = opt.Do()
	}
	pluginsState.dnssec = dnssec
	pluginsState.maxPayloadSize = Min(MaxDNSUDPPacketSize-ResponseOverhead, Max(pluginsState.originalMaxPayloadSize, pluginsState.maxPayloadSize))
	if pluginsState.maxPayloadSize > 512 {
		extra2 := []dns.RR{}
		for _, extra := range msg.Extra {
			if extra.Header().Rrtype != dns.TypeOPT {
				extra2 = append(extra2, extra)
			}
		}
		msg.Extra = extra2
		msg.SetEdns0(uint16(pluginsState.maxPayloadSize), dnssec)
	}
	return nil
}

// -------- block_ipv6 plugin --------

type PluginBlockIPv6 struct{}

func (plugin *PluginBlockIPv6) Name() string {
	return "block_ipv6"
}

func (plugin *PluginBlockIPv6) Description() string {
	return "Immediately return a synthetic response to AAAA queries"
}

func (plugin *PluginBlockIPv6) Init(proxy *Proxy) error {
	return nil
}

func (plugin *PluginBlockIPv6) Drop() error {
	return nil
}

func (plugin *PluginBlockIPv6) Reload() error {
	return nil
}

func (plugin *PluginBlockIPv6) Eval(pluginsState *PluginsState, msg *dns.Msg) error {
	questions := msg.Question
	if len(questions) != 1 {
		return nil
	}
	question := questions[0]
	if question.Qclass != dns.ClassINET || question.Qtype != dns.TypeAAAA {
		return nil
	}
	synth, err := EmptyResponseFromMessage(msg)
	if err != nil {
		return err
	}
	pluginsState.synthResponse = synth
	pluginsState.action = PluginsActionSynth
	return nil
}

// -------- querylog plugin --------

type PluginQueryLog struct{}

func (plugin *PluginQueryLog) Name() string {
	return "querylog"
}

func (plugin *PluginQueryLog) Description() string {
	return "Log DNS queries"
}

func (plugin *PluginQueryLog) Init(proxy *Proxy) error {
	return nil
}

func (plugin *PluginQueryLog) Drop() error {
	return nil
}

func (plugin *PluginQueryLog) Reload() error {
	return nil
}

func (plugin *PluginQueryLog) Eval(pluginsState *PluginsState, msg *dns.Msg) error {
	return nil
}

// ---------------- Response plugins ----------------

func (pluginsState *PluginsState) ApplyResponsePlugins(pluginsGlobals *PluginsGlobals, packet []byte) ([]byte, error) {
	if len(*pluginsGlobals.responsePlugins) == 0 {
		return packet, nil
	}
	pluginsState.action = PluginsActionForward
	msg := dns.Msg{}
	if err := msg.Unpack(packet); err != nil {
		return packet, err
	}
	pluginsGlobals.RLock()
	for _, plugin := range *pluginsGlobals.responsePlugins {
		if ret := plugin.Eval(pluginsState, &msg); ret != nil {
			pluginsGlobals.RUnlock()
			pluginsState.action = PluginsActionDrop
			return packet, ret
		}
		if pluginsState.action != PluginsActionForward {
			break
		}
	}
	pluginsGlobals.RUnlock()
	packet2, err := msg.PackBuffer(packet)
	if err != nil {
		return packet, err
	}
	return packet2, nil
}

// -------- cache plugin --------

type CachedResponse struct {
	expiration time.Time
	msg        dns.Msg
}

type CachedResponses struct {
	sync.RWMutex
	cache *lru.ARCCache
}

var cachedResponses CachedResponses

type PluginCacheResponse struct {
	cachedResponses *CachedResponses
}

func (plugin *PluginCacheResponse) Name() string {
	return "cache_response"
}

func (plugin *PluginCacheResponse) Description() string {
	return "DNS cache (writer)."
}

func (plugin *PluginCacheResponse) Init(proxy *Proxy) error {
	return nil
}

func (plugin *PluginCacheResponse) Drop() error {
	return nil
}

func (plugin *PluginCacheResponse) Reload() error {
	return nil
}

func (plugin *PluginCacheResponse) Eval(pluginsState *PluginsState, msg *dns.Msg) error {
	plugin.cachedResponses = &cachedResponses
	if msg.Rcode == dns.RcodeServerFailure {
		return nil
	}
	cacheKey, err := computeCacheKey(pluginsState, msg)
	if err != nil {
		return err
	}
	ttl := getMinTTL(msg, pluginsState.cacheMinTTL, pluginsState.cacheMaxTTL, pluginsState.cacheNegTTL)
	cachedResponse := CachedResponse{
		expiration: time.Now().Add(ttl),
		msg:        *msg,
	}
	plugin.cachedResponses.Lock()
	defer plugin.cachedResponses.Unlock()
	if plugin.cachedResponses.cache == nil {
		plugin.cachedResponses.cache, err = lru.NewARC(pluginsState.cacheSize)
		if err != nil {
			return err
		}
	}
	plugin.cachedResponses.cache.Add(cacheKey, cachedResponse)
	return nil
}

type PluginCache struct {
	cachedResponses *CachedResponses
}

func (plugin *PluginCache) Name() string {
	return "cache"
}

func (plugin *PluginCache) Description() string {
	return "DNS cache (reader)."
}

func (plugin *PluginCache) Init(proxy *Proxy) error {
	return nil
}

func (plugin *PluginCache) Drop() error {
	return nil
}

func (plugin *PluginCache) Reload() error {
	return nil
}

func (plugin *PluginCache) Eval(pluginsState *PluginsState, msg *dns.Msg) error {
	plugin.cachedResponses = &cachedResponses

	cacheKey, err := computeCacheKey(pluginsState, msg)
	if err != nil {
		return nil
	}
	plugin.cachedResponses.RLock()
	defer plugin.cachedResponses.RUnlock()
	if plugin.cachedResponses.cache == nil {
		return nil
	}
	cached_any, ok := plugin.cachedResponses.cache.Get(cacheKey)
	if !ok {
		return nil
	}
	cached := cached_any.(CachedResponse)
	if time.Now().After(cached.expiration) {
		return nil
	}
	synth := cached.msg
	synth.Id = msg.Id
	synth.Response = true
	synth.Compress = true
	synth.Question = msg.Question
	pluginsState.synthResponse = &synth
	pluginsState.action = PluginsActionSynth
	return nil
}

func computeCacheKey(pluginsState *PluginsState, msg *dns.Msg) ([32]byte, error) {
	questions := msg.Question
	if len(questions) != 1 {
		return [32]byte{}, errors.New("No question present")
	}
	question := questions[0]
	h := sha512.New512_256()
	var tmp [5]byte
	binary.LittleEndian.PutUint16(tmp[0:2], question.Qtype)
	binary.LittleEndian.PutUint16(tmp[2:4], question.Qclass)
	if pluginsState.dnssec {
		tmp[4] = 1
	}
	h.Write(tmp[:])
	normalizedName := []byte(question.Name)
	NormalizeName(&normalizedName)
	h.Write(normalizedName)
	var sum [32]byte
	h.Sum(sum[:0])
	return sum, nil
}
Transform queries via an initial edns mangling plugin Yet another thing that was utterly broken in dnscrypt-proxy v1.x 2018-01-10 09:04:03 +01:00			`package main`

			`import (`
Start implementing a basic cache 2018-01-10 18:32:05 +01:00			`"crypto/sha512"`
			`"encoding/binary"`
			`"errors"`
Plugins can now access the client IP. Useful for logging and ACLs. 2018-01-14 23:47:49 +01:00			`"net"`
Start implementing a basic cache 2018-01-10 18:32:05 +01:00			`"sync"`
			`"time"`

Use a LRU for the cache 2018-01-10 19:02:43 +01:00			`lru "github.com/hashicorp/golang-lru"`
Transform queries via an initial edns mangling plugin Yet another thing that was utterly broken in dnscrypt-proxy v1.x 2018-01-10 09:04:03 +01:00			`"github.com/miekg/dns"`
			`)`

			`type PluginsAction int`

			`const (`
			`PluginsActionNone = 0`
			`PluginsActionForward = 1`
Improve the plugins interface 2018-01-10 10:11:59 +01:00			`PluginsActionDrop = 2`
			`PluginsActionReject = 3`
Implement the IPv6 block plugin 2018-01-10 17:23:20 +01:00			`PluginsActionSynth = 4`
Transform queries via an initial edns mangling plugin Yet another thing that was utterly broken in dnscrypt-proxy v1.x 2018-01-10 09:04:03 +01:00			`)`

Add Init/Drop/Update methods to plugins Eventually, we may want to provide a specific structure for plugin initialization. Sending the whole Proxy structure doesn't scale well. 2018-01-15 23:07:41 +01:00			`type PluginsGlobals struct {`
			`sync.RWMutex`
			`queryPlugins *[]Plugin`
			`responsePlugins *[]Plugin`
			`}`

			`var pluginsGlobals PluginsGlobals`

Transform queries via an initial edns mangling plugin Yet another thing that was utterly broken in dnscrypt-proxy v1.x 2018-01-10 09:04:03 +01:00			`type PluginsState struct {`
			`sessionData map[string]interface{}`
			`action PluginsAction`
			`originalMaxPayloadSize int`
			`maxPayloadSize int`
Plugins can now access the client IP. Useful for logging and ACLs. 2018-01-14 23:47:49 +01:00			`clientProto string`
			`clientAddr *net.Addr`
Implement the IPv6 block plugin 2018-01-10 17:23:20 +01:00			`synthResponse *dns.Msg`
Start implementing a basic cache 2018-01-10 18:32:05 +01:00			`dnssec bool`
Add configuration cache size and other parameters 2018-01-10 19:32:56 +01:00			`cacheSize int`
			`cacheNegTTL uint32`
			`cacheMinTTL uint32`
			`cacheMaxTTL uint32`
Improve the plugins interface 2018-01-10 10:11:59 +01:00			`}`

Add Init/Drop/Update methods to plugins Eventually, we may want to provide a specific structure for plugin initialization. Sending the whole Proxy structure doesn't scale well. 2018-01-15 23:07:41 +01:00			`func InitPluginsGlobals(pluginsGlobals PluginsGlobals, proxy Proxy) error {`
Implement the IPv6 block plugin 2018-01-10 17:23:20 +01:00			`queryPlugins := &[]Plugin{}`
			`if proxy.pluginBlockIPv6 {`
			`queryPlugins = append(queryPlugins, Plugin(new(PluginBlockIPv6)))`
			`}`
			`queryPlugins = append(queryPlugins, Plugin(new(PluginGetSetPayloadSize)))`
Working DNS cache 2018-01-10 18:53:09 +01:00			`if proxy.cache {`
			`queryPlugins = append(queryPlugins, Plugin(new(PluginCache)))`
			`}`
Implement the IPv6 block plugin 2018-01-10 17:23:20 +01:00
Improve the plugins interface 2018-01-10 10:11:59 +01:00			`responsePlugins := &[]Plugin{}`
Start implementing a basic cache 2018-01-10 18:32:05 +01:00			`if proxy.cache {`
Working DNS cache 2018-01-10 18:53:09 +01:00			`responsePlugins = append(responsePlugins, Plugin(new(PluginCacheResponse)))`
Start implementing a basic cache 2018-01-10 18:32:05 +01:00			`}`
Implement the IPv6 block plugin 2018-01-10 17:23:20 +01:00
Add Init/Drop/Update methods to plugins Eventually, we may want to provide a specific structure for plugin initialization. Sending the whole Proxy structure doesn't scale well. 2018-01-15 23:07:41 +01:00			`for _, plugin := range *queryPlugins {`
			`if err := plugin.Init(proxy); err != nil {`
			`return err`
			`}`
			`}`
			`for _, plugin := range *responsePlugins {`
			`if err := plugin.Init(proxy); err != nil {`
			`return err`
			`}`
			`}`

			`(*pluginsGlobals).queryPlugins = queryPlugins`
			`(*pluginsGlobals).responsePlugins = responsePlugins`
			`return nil`
			`}`

			`type Plugin interface {`
			`Name() string`
			`Description() string`
			`Init(proxy *Proxy) error`
			`Drop() error`
			`Reload() error`
			`Eval(pluginsState PluginsState, msg dns.Msg) error`
			`}`

			`func NewPluginsState(proxy Proxy, clientProto string, clientAddr net.Addr) PluginsState {`
Start implementing a basic cache 2018-01-10 18:32:05 +01:00			`return PluginsState{`
Add Init/Drop/Update methods to plugins Eventually, we may want to provide a specific structure for plugin initialization. Sending the whole Proxy structure doesn't scale well. 2018-01-15 23:07:41 +01:00			`action: PluginsActionForward,`
			`maxPayloadSize: MaxDNSUDPPacketSize - ResponseOverhead,`
			`clientProto: clientProto,`
			`clientAddr: clientAddr,`
			`cacheSize: proxy.cacheSize,`
			`cacheNegTTL: proxy.cacheNegTTL,`
			`cacheMinTTL: proxy.cacheMinTTL,`
			`cacheMaxTTL: proxy.cacheMaxTTL,`
Start implementing a basic cache 2018-01-10 18:32:05 +01:00			`}`
Transform queries via an initial edns mangling plugin Yet another thing that was utterly broken in dnscrypt-proxy v1.x 2018-01-10 09:04:03 +01:00			`}`

Start implementing a basic cache 2018-01-10 18:32:05 +01:00			`// ---------------- Query plugins ----------------`

Add Init/Drop/Update methods to plugins Eventually, we may want to provide a specific structure for plugin initialization. Sending the whole Proxy structure doesn't scale well. 2018-01-15 23:07:41 +01:00			`func (pluginsState PluginsState) ApplyQueryPlugins(pluginsGlobals PluginsGlobals, packet []byte) ([]byte, error) {`
			`if len(*pluginsGlobals.queryPlugins) == 0 {`
Start implementing a basic cache 2018-01-10 18:32:05 +01:00			`return packet, nil`
			`}`
Improve the plugins interface 2018-01-10 10:11:59 +01:00			`pluginsState.action = PluginsActionForward`
Transform queries via an initial edns mangling plugin Yet another thing that was utterly broken in dnscrypt-proxy v1.x 2018-01-10 09:04:03 +01:00			`msg := dns.Msg{}`
			`if err := msg.Unpack(packet); err != nil {`
			`return packet, err`
			`}`
Add Init/Drop/Update methods to plugins Eventually, we may want to provide a specific structure for plugin initialization. Sending the whole Proxy structure doesn't scale well. 2018-01-15 23:07:41 +01:00			`pluginsGlobals.RLock()`
			`for _, plugin := range *pluginsGlobals.queryPlugins {`
Improve the plugins interface 2018-01-10 10:11:59 +01:00			`if ret := plugin.Eval(pluginsState, &msg); ret != nil {`
Add Init/Drop/Update methods to plugins Eventually, we may want to provide a specific structure for plugin initialization. Sending the whole Proxy structure doesn't scale well. 2018-01-15 23:07:41 +01:00			`pluginsGlobals.RUnlock()`
Improve the plugins interface 2018-01-10 10:11:59 +01:00			`pluginsState.action = PluginsActionDrop`
			`return packet, ret`
			`}`
Implement the IPv6 block plugin 2018-01-10 17:23:20 +01:00			`if pluginsState.action != PluginsActionForward {`
			`break`
			`}`
Transform queries via an initial edns mangling plugin Yet another thing that was utterly broken in dnscrypt-proxy v1.x 2018-01-10 09:04:03 +01:00			`}`
Add Init/Drop/Update methods to plugins Eventually, we may want to provide a specific structure for plugin initialization. Sending the whole Proxy structure doesn't scale well. 2018-01-15 23:07:41 +01:00			`pluginsGlobals.RUnlock()`
Transform queries via an initial edns mangling plugin Yet another thing that was utterly broken in dnscrypt-proxy v1.x 2018-01-10 09:04:03 +01:00			`packet2, err := msg.PackBuffer(packet)`
			`if err != nil {`
			`return packet, err`
			`}`
			`return packet2, nil`
			`}`

Implement the IPv6 block plugin 2018-01-10 17:23:20 +01:00			`// -------- get_set_payload_size plugin --------`

Improve the plugins interface 2018-01-10 10:11:59 +01:00			`type PluginGetSetPayloadSize struct{}`

			`func (plugin *PluginGetSetPayloadSize) Name() string {`
			`return "get_set_payload_size"`
			`}`

			`func (plugin *PluginGetSetPayloadSize) Description() string {`
			`return "Adjusts the maximum payload size advertised in queries sent to upstream servers."`
			`}`

Add Init/Drop/Update methods to plugins Eventually, we may want to provide a specific structure for plugin initialization. Sending the whole Proxy structure doesn't scale well. 2018-01-15 23:07:41 +01:00			`func (plugin PluginGetSetPayloadSize) Init(proxy Proxy) error {`
			`return nil`
			`}`

			`func (plugin *PluginGetSetPayloadSize) Drop() error {`
			`return nil`
			`}`

			`func (plugin *PluginGetSetPayloadSize) Reload() error {`
			`return nil`
			`}`

Improve the plugins interface 2018-01-10 10:11:59 +01:00			`func (plugin PluginGetSetPayloadSize) Eval(pluginsState PluginsState, msg *dns.Msg) error {`
Transform queries via an initial edns mangling plugin Yet another thing that was utterly broken in dnscrypt-proxy v1.x 2018-01-10 09:04:03 +01:00			`pluginsState.originalMaxPayloadSize = 512 - ResponseOverhead`
			`opt := msg.IsEdns0()`
			`dnssec := false`
			`if opt != nil {`
			`pluginsState.originalMaxPayloadSize = Min(int(opt.UDPSize())-ResponseOverhead, pluginsState.originalMaxPayloadSize)`
			`dnssec = opt.Do()`
			`}`
Start implementing a basic cache 2018-01-10 18:32:05 +01:00			`pluginsState.dnssec = dnssec`
Transform queries via an initial edns mangling plugin Yet another thing that was utterly broken in dnscrypt-proxy v1.x 2018-01-10 09:04:03 +01:00			`pluginsState.maxPayloadSize = Min(MaxDNSUDPPacketSize-ResponseOverhead, Max(pluginsState.originalMaxPayloadSize, pluginsState.maxPayloadSize))`
			`if pluginsState.maxPayloadSize > 512 {`
			`extra2 := []dns.RR{}`
			`for _, extra := range msg.Extra {`
			`if extra.Header().Rrtype != dns.TypeOPT {`
			`extra2 = append(extra2, extra)`
			`}`
			`}`
			`msg.Extra = extra2`
			`msg.SetEdns0(uint16(pluginsState.maxPayloadSize), dnssec)`
			`}`
			`return nil`
			`}`
Implement the IPv6 block plugin 2018-01-10 17:23:20 +01:00
			`// -------- block_ipv6 plugin --------`

			`type PluginBlockIPv6 struct{}`

			`func (plugin *PluginBlockIPv6) Name() string {`
			`return "block_ipv6"`
			`}`

			`func (plugin *PluginBlockIPv6) Description() string {`
			`return "Immediately return a synthetic response to AAAA queries"`
			`}`

Add Init/Drop/Update methods to plugins Eventually, we may want to provide a specific structure for plugin initialization. Sending the whole Proxy structure doesn't scale well. 2018-01-15 23:07:41 +01:00			`func (plugin PluginBlockIPv6) Init(proxy Proxy) error {`
			`return nil`
			`}`

			`func (plugin *PluginBlockIPv6) Drop() error {`
			`return nil`
			`}`

			`func (plugin *PluginBlockIPv6) Reload() error {`
			`return nil`
			`}`

Implement the IPv6 block plugin 2018-01-10 17:23:20 +01:00			`func (plugin PluginBlockIPv6) Eval(pluginsState PluginsState, msg *dns.Msg) error {`
			`questions := msg.Question`
			`if len(questions) != 1 {`
			`return nil`
			`}`
			`question := questions[0]`
			`if question.Qclass != dns.ClassINET \|\| question.Qtype != dns.TypeAAAA {`
			`return nil`
			`}`
			`synth, err := EmptyResponseFromMessage(msg)`
			`if err != nil {`
			`return err`
			`}`
			`pluginsState.synthResponse = synth`
			`pluginsState.action = PluginsActionSynth`
			`return nil`
			`}`
Start implementing a basic cache 2018-01-10 18:32:05 +01:00
Add Init/Drop/Update methods to plugins Eventually, we may want to provide a specific structure for plugin initialization. Sending the whole Proxy structure doesn't scale well. 2018-01-15 23:07:41 +01:00			`// -------- querylog plugin --------`

			`type PluginQueryLog struct{}`

			`func (plugin *PluginQueryLog) Name() string {`
			`return "querylog"`
			`}`

			`func (plugin *PluginQueryLog) Description() string {`
			`return "Log DNS queries"`
			`}`

			`func (plugin PluginQueryLog) Init(proxy Proxy) error {`
			`return nil`
			`}`

			`func (plugin *PluginQueryLog) Drop() error {`
			`return nil`
			`}`

			`func (plugin *PluginQueryLog) Reload() error {`
			`return nil`
			`}`

			`func (plugin PluginQueryLog) Eval(pluginsState PluginsState, msg *dns.Msg) error {`
			`return nil`
			`}`

Start implementing a basic cache 2018-01-10 18:32:05 +01:00			`// ---------------- Response plugins ----------------`

Add Init/Drop/Update methods to plugins Eventually, we may want to provide a specific structure for plugin initialization. Sending the whole Proxy structure doesn't scale well. 2018-01-15 23:07:41 +01:00			`func (pluginsState PluginsState) ApplyResponsePlugins(pluginsGlobals PluginsGlobals, packet []byte) ([]byte, error) {`
			`if len(*pluginsGlobals.responsePlugins) == 0 {`
Start implementing a basic cache 2018-01-10 18:32:05 +01:00			`return packet, nil`
			`}`
			`pluginsState.action = PluginsActionForward`
			`msg := dns.Msg{}`
			`if err := msg.Unpack(packet); err != nil {`
			`return packet, err`
			`}`
Add Init/Drop/Update methods to plugins Eventually, we may want to provide a specific structure for plugin initialization. Sending the whole Proxy structure doesn't scale well. 2018-01-15 23:07:41 +01:00			`pluginsGlobals.RLock()`
			`for _, plugin := range *pluginsGlobals.responsePlugins {`
Start implementing a basic cache 2018-01-10 18:32:05 +01:00			`if ret := plugin.Eval(pluginsState, &msg); ret != nil {`
Add Init/Drop/Update methods to plugins Eventually, we may want to provide a specific structure for plugin initialization. Sending the whole Proxy structure doesn't scale well. 2018-01-15 23:07:41 +01:00			`pluginsGlobals.RUnlock()`
Start implementing a basic cache 2018-01-10 18:32:05 +01:00			`pluginsState.action = PluginsActionDrop`
			`return packet, ret`
			`}`
			`if pluginsState.action != PluginsActionForward {`
			`break`
			`}`
			`}`
Add Init/Drop/Update methods to plugins Eventually, we may want to provide a specific structure for plugin initialization. Sending the whole Proxy structure doesn't scale well. 2018-01-15 23:07:41 +01:00			`pluginsGlobals.RUnlock()`
Start implementing a basic cache 2018-01-10 18:32:05 +01:00			`packet2, err := msg.PackBuffer(packet)`
			`if err != nil {`
			`return packet, err`
			`}`
			`return packet2, nil`
			`}`

			`// -------- cache plugin --------`

			`type CachedResponse struct {`
			`expiration time.Time`
			`msg dns.Msg`
			`}`

			`type CachedResponses struct {`
			`sync.RWMutex`
Use a LRU for the cache 2018-01-10 19:02:43 +01:00			`cache *lru.ARCCache`
Start implementing a basic cache 2018-01-10 18:32:05 +01:00			`}`

			`var cachedResponses CachedResponses`

Working DNS cache 2018-01-10 18:53:09 +01:00			`type PluginCacheResponse struct {`
Start implementing a basic cache 2018-01-10 18:32:05 +01:00			`cachedResponses *CachedResponses`
			`}`

Working DNS cache 2018-01-10 18:53:09 +01:00			`func (plugin *PluginCacheResponse) Name() string {`
			`return "cache_response"`
Start implementing a basic cache 2018-01-10 18:32:05 +01:00			`}`

Working DNS cache 2018-01-10 18:53:09 +01:00			`func (plugin *PluginCacheResponse) Description() string {`
			`return "DNS cache (writer)."`
Start implementing a basic cache 2018-01-10 18:32:05 +01:00			`}`

Add Init/Drop/Update methods to plugins Eventually, we may want to provide a specific structure for plugin initialization. Sending the whole Proxy structure doesn't scale well. 2018-01-15 23:07:41 +01:00			`func (plugin PluginCacheResponse) Init(proxy Proxy) error {`
			`return nil`
			`}`

			`func (plugin *PluginCacheResponse) Drop() error {`
			`return nil`
			`}`

			`func (plugin *PluginCacheResponse) Reload() error {`
			`return nil`
			`}`

Working DNS cache 2018-01-10 18:53:09 +01:00			`func (plugin PluginCacheResponse) Eval(pluginsState PluginsState, msg *dns.Msg) error {`
Start implementing a basic cache 2018-01-10 18:32:05 +01:00			`plugin.cachedResponses = &cachedResponses`
Always use negative caching except on srvfail (and obviously on success) 2018-01-10 23:26:03 +01:00			`if msg.Rcode == dns.RcodeServerFailure {`
Working DNS cache 2018-01-10 18:53:09 +01:00			`return nil`
			`}`
Start implementing a basic cache 2018-01-10 18:32:05 +01:00			`cacheKey, err := computeCacheKey(pluginsState, msg)`
			`if err != nil {`
If computeCacheKey ever returns an error, bubble it up 2018-01-10 19:23:24 +01:00			`return err`
Start implementing a basic cache 2018-01-10 18:32:05 +01:00			`}`
Improve caching 2018-01-10 22:47:29 +01:00			`ttl := getMinTTL(msg, pluginsState.cacheMinTTL, pluginsState.cacheMaxTTL, pluginsState.cacheNegTTL)`
Start implementing a basic cache 2018-01-10 18:32:05 +01:00			`cachedResponse := CachedResponse{`
			`expiration: time.Now().Add(ttl),`
			`msg: *msg,`
			`}`
			`plugin.cachedResponses.Lock()`
			`defer plugin.cachedResponses.Unlock()`
			`if plugin.cachedResponses.cache == nil {`
Improve caching 2018-01-10 22:47:29 +01:00			`plugin.cachedResponses.cache, err = lru.NewARC(pluginsState.cacheSize)`
Use a LRU for the cache 2018-01-10 19:02:43 +01:00			`if err != nil {`
			`return err`
Start implementing a basic cache 2018-01-10 18:32:05 +01:00			`}`
			`}`
Use a LRU for the cache 2018-01-10 19:02:43 +01:00			`plugin.cachedResponses.cache.Add(cacheKey, cachedResponse)`
Start implementing a basic cache 2018-01-10 18:32:05 +01:00			`return nil`
			`}`

Working DNS cache 2018-01-10 18:53:09 +01:00			`type PluginCache struct {`
			`cachedResponses *CachedResponses`
			`}`

			`func (plugin *PluginCache) Name() string {`
			`return "cache"`
			`}`

			`func (plugin *PluginCache) Description() string {`
			`return "DNS cache (reader)."`
			`}`

Add Init/Drop/Update methods to plugins Eventually, we may want to provide a specific structure for plugin initialization. Sending the whole Proxy structure doesn't scale well. 2018-01-15 23:07:41 +01:00			`func (plugin PluginCache) Init(proxy Proxy) error {`
			`return nil`
			`}`

			`func (plugin *PluginCache) Drop() error {`
			`return nil`
			`}`

			`func (plugin *PluginCache) Reload() error {`
			`return nil`
			`}`

Working DNS cache 2018-01-10 18:53:09 +01:00			`func (plugin PluginCache) Eval(pluginsState PluginsState, msg *dns.Msg) error {`
			`plugin.cachedResponses = &cachedResponses`

			`cacheKey, err := computeCacheKey(pluginsState, msg)`
			`if err != nil {`
			`return nil`
			`}`
			`plugin.cachedResponses.RLock()`
			`defer plugin.cachedResponses.RUnlock()`
			`if plugin.cachedResponses.cache == nil {`
			`return nil`
			`}`
Use a LRU for the cache 2018-01-10 19:02:43 +01:00			`cached_any, ok := plugin.cachedResponses.cache.Get(cacheKey)`
Working DNS cache 2018-01-10 18:53:09 +01:00			`if !ok {`
			`return nil`
			`}`
Use a LRU for the cache 2018-01-10 19:02:43 +01:00			`cached := cached_any.(CachedResponse)`
Working DNS cache 2018-01-10 18:53:09 +01:00			`if time.Now().After(cached.expiration) {`
			`return nil`
			`}`
			`synth := cached.msg`
Improve caching 2018-01-10 22:47:29 +01:00			`synth.Id = msg.Id`
			`synth.Response = true`
			`synth.Compress = true`
Working DNS cache 2018-01-10 18:53:09 +01:00			`synth.Question = msg.Question`
			`pluginsState.synthResponse = &synth`
			`pluginsState.action = PluginsActionSynth`
			`return nil`
			`}`

Start implementing a basic cache 2018-01-10 18:32:05 +01:00			`func computeCacheKey(pluginsState PluginsState, msg dns.Msg) ([32]byte, error) {`
			`questions := msg.Question`
			`if len(questions) != 1 {`
			`return [32]byte{}, errors.New("No question present")`
			`}`
			`question := questions[0]`
			`h := sha512.New512_256()`
			`var tmp [5]byte`
			`binary.LittleEndian.PutUint16(tmp[0:2], question.Qtype)`
			`binary.LittleEndian.PutUint16(tmp[2:4], question.Qclass)`
			`if pluginsState.dnssec {`
			`tmp[4] = 1`
			`}`
			`h.Write(tmp[:])`
			`normalizedName := []byte(question.Name)`
			`NormalizeName(&normalizedName)`
			`h.Write(normalizedName)`
			`var sum [32]byte`
Working DNS cache 2018-01-10 18:53:09 +01:00			`h.Sum(sum[:0])`
Start implementing a basic cache 2018-01-10 18:32:05 +01:00			`return sum, nil`
			`}`