mirrors/dnscrypt-proxy
1
0
Fork 0
mirror of https://github.com/DNSCrypt/dnscrypt-proxy.git synced 2025-03-04 02:14:40 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Make HTTP/3 support configurable

Browse source
This commit is contained in:
Frank Denis 2022-07-24 16:13:14 +02:00
parent 0c88e2a1a0
commit 442f2e15cb
3 changed files with 22 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
dnscrypt-proxy/config.go
View file

@ -38,6 +38,7 @@ type Config struct {
LocalDoH LocalDoHConfig `toml:"local_doh"`
UserName string `toml:"user_name"`
ForceTCP bool `toml:"force_tcp"`
HTTP3 bool `toml:"http3"`
Timeout int `toml:"timeout"`
KeepAlive int `toml:"keepalive"`
Proxy string `toml:"proxy"`
@ -115,6 +116,7 @@ func newConfig() Config {
Timeout: 5000,
KeepAlive: 5,
CertRefreshDelay: 240,
HTTP3: false,
CertIgnoreTimestamp: false,
EphemeralKeys: false,
Cache: true,
@ -374,6 +376,7 @@ func ConfigLoad(proxy *Proxy, flags *ConfigFlags) error {
proxy.xTransport.tlsDisableSessionTickets = config.TLSDisableSessionTickets
proxy.xTransport.tlsCipherSuite = config.TLSCipherSuite
proxy.xTransport.mainProto = proxy.mainProto
proxy.xTransport.http3 = config.HTTP3
if len(config.BootstrapResolvers) == 0 && len(config.BootstrapResolversLegacy) > 0 {
dlog.Warnf("fallback_resolvers was renamed to bootstrap_resolvers - Please update your configuration")
config.BootstrapResolvers = config.BootstrapResolversLegacy

6
dnscrypt-proxy/proxy.go
View file

@ -68,6 +68,9 @@ type Proxy struct {
nxLogFile string
proxySecretKey [32]byte
proxyPublicKey [32]byte
ServerNames []string
DisabledServerNames []string
requiredProps stamps.ServerInformalProperties
certRefreshDelayAfterFailure time.Duration
timeout time.Duration
certRefreshDelay time.Duration
@ -94,9 +97,6 @@ type Proxy struct {
anonDirectCertFallback bool
pluginBlockUndelegated bool
child bool
requiredProps stamps.ServerInformalProperties
ServerNames []string
DisabledServerNames []string
SourceIPv4 bool
SourceIPv6 bool
SourceDNSCrypt bool

26
dnscrypt-proxy/xtransport.go
View file

@ -64,6 +64,7 @@ type XTransport struct {
ignoreSystemDNS bool
useIPv4 bool
useIPv6 bool
http3 bool
tlsDisableSessionTickets bool
tlsCipherSuite []uint16
proxyDialer *netproxy.Dialer
@ -221,8 +222,10 @@ func (xTransport *XTransport) rebuildTransport() {
http2Transport.AllowHTTP = false
}
xTransport.transport = transport
h3Transport := &http3.RoundTripper{DisableCompression: true, TLSClientConfig: &tlsClientConfig}
xTransport.h3Transport = h3Transport
if xTransport.http3 {
h3Transport := &http3.RoundTripper{DisableCompression: true, TLSClientConfig: &tlsClientConfig}
xTransport.h3Transport = h3Transport
}
}
func (xTransport *XTransport) resolveUsingSystem(host string) (ip net.IP, ttl time.Duration, err error) {
@ -395,13 +398,16 @@ func (xTransport *XTransport) Fetch(
Timeout: timeout,
}
host, port := ExtractHostAndPort(url.Host, 443)
xTransport.altSupport.RLock()
altPort, hasAltSupport := xTransport.altSupport.cache[url.Host]
xTransport.altSupport.RUnlock()
if hasAltSupport {
if int(altPort) == port {
client.Transport = xTransport.h3Transport
dlog.Debugf("Using HTTP/3 transport for [%s]", url.Host)
hasAltSupport := false
if xTransport.h3Transport != nil {
xTransport.altSupport.RLock()
altPort, hasAltSupport := xTransport.altSupport.cache[url.Host]
xTransport.altSupport.RUnlock()
if hasAltSupport {
if int(altPort) == port {
client.Transport = xTransport.h3Transport
dlog.Debugf("Using HTTP/3 transport for [%s]", url.Host)
}
}
}
header := map[string][]string{"User-Agent": {"dnscrypt-proxy"}}
@ -467,7 +473,7 @@ func (xTransport *XTransport) Fetch(
}
return nil, statusCode, nil, rtt, err
}
if !hasAltSupport {
if xTransport.h3Transport != nil && !hasAltSupport {
if alt, found := resp.Header["Alt-Svc"]; found {
dlog.Debugf("Alt-Svc [%s]: [%s]", url.Host, alt)
altPort := uint16(port)