fix relative path

.gitignore

@@ -3,6 +3,7 @@
 *.dll
 *.so
 *.dylib
+build/
 
 # Test binary, build with `go test -c`
 *.test

Changelog.md

@@ -4,13 +4,6 @@ This Changelog records major changes between versions.
 
 Not all changes are recorded. Please check git log for details.
 
-## Version 2.1.0
-
-- Add `local_addr` configuration for doh-server (#39)
-- Fix a problem when compiling on macOS 10.14.4 or newer
-- Add Quad9 DoH server to the example `doh-client.conf`
-- Use TCP when appropriate for the given query type/response (AXFR/IXFR)
-
 ## Version 2.0.1
 
 - Fix a crash with the random load balancing algorithm.

contrib/package.sh

@@ -0,0 +1,173 @@
+#!/bin/bash 
+set -euo pipefail
+
+# This is a script used for automated packaging.
+# Debian maintainers please don't use this.
+# 
+# Environment assumption:
+#  * Ubuntu 16.04
+#  * run with normal user
+#  * sudo with no password
+#  * go and fpm is pre-installed
+#  * rpmbuild is required if you need rpm packages
+#
+# Compatible with Azure DevOps hosted Ubuntu 16.04 agent
+
+export DEBIAN_FRONTEND="noninteractive"
+export DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"/..
+export BUILD_BINARIESDIRECTORY="${BUILD_BINARIESDIRECTORY:-${DIR}/build/bin}"
+export BUILD_ARTIFACTSTAGINGDIRECTORY="${BUILD_ARTIFACTSTAGINGDIRECTORY:-${DIR}/build/packages}"
+export TMP_DIRECTORY="/tmp/dohbuild"
+export GOPATH="${GOPATH:-/tmp/go}"
+export GOBIN="${GOBIN:-/tmp/go/bin}"
+
+function prepare_env() {
+    echo "Checking dependencies"
+
+    if ! [ -x "$(command -v go)" ]; then
+        echo "Please install golang"
+        exit 1
+    fi
+
+    if [ -x "$(command -v apt-get)" ]; then
+        sudo apt-get -y update
+    fi
+
+    if ! [ -x "$(command -v rpmbuild)" ]; then
+        # TODO: correctly install rpmbuild
+        ! sudo apt-get -y install rpmbuild
+    fi
+
+    # if ! [ -x "$(command -v upx)" ]; then
+    #     sudo apt-get -y install upx
+    # fi
+
+    echo "Creating directories"
+
+    mkdir -p "${BUILD_BINARIESDIRECTORY}/nm-dispatcher"
+    mkdir -p "${BUILD_BINARIESDIRECTORY}/launchd"
+    mkdir -p "${BUILD_BINARIESDIRECTORY}/systemd"
+    mkdir -p "${BUILD_BINARIESDIRECTORY}/config"
+    mkdir -p "${BUILD_ARTIFACTSTAGINGDIRECTORY}"
+    mkdir -p "${TMP_DIRECTORY}"
+}
+
+function build_common() {
+    cp NetworkManager/dispatcher.d/* "${BUILD_BINARIESDIRECTORY}"/nm-dispatcher
+    cp launchd/*.plist "${BUILD_BINARIESDIRECTORY}"/launchd
+    cp systemd/*.service "${BUILD_BINARIESDIRECTORY}"/systemd
+    cp doh-server/doh-server.conf "${BUILD_BINARIESDIRECTORY}"/config
+    cp doh-client/doh-client.conf "${BUILD_BINARIESDIRECTORY}"/config
+}
+
+# used to get version
+function build_native() {
+    echo "Building a native binary..."
+
+    go build -ldflags="-s -w" -o ${BUILD_BINARIESDIRECTORY}/"${EXE}"-native
+}
+
+function build() {
+    echo "Building ${EXE} for OS=$1 ARCH=$2"
+    env GOOS="$1" GOARCH="$2" go build -ldflags="-s -w" -o ${BUILD_BINARIESDIRECTORY}/"${EXE}"-"$3"
+
+    # echo "Compressing executable"
+    # ! upx --ultra-brute ${BUILD_BINARIESDIRECTORY}/${EXE}-"$3" || true
+}
+
+function package() {
+    VERSION=$("${BUILD_BINARIESDIRECTORY}/${EXE}-native" --version | head -n 1 | cut -d" " -f2)
+    REVISION=$(git log --pretty=format:'%h' -n 1)
+
+    echo "Packaging ${EXE} ${VERSION} for OS=$1 ARCH=$2 TYPE=$3 DST=$4"
+
+    ! rm -rf "${TMP_DIRECTORY}"/*
+
+    mkdir -p "${TMP_DIRECTORY}"/usr/bin
+    cp "${BUILD_BINARIESDIRECTORY}"/"${EXE}"-"$3" "${TMP_DIRECTORY}"/usr/bin/"${EXE}"
+
+    mkdir -p "${TMP_DIRECTORY}"/usr/lib/systemd/system
+    cp "${BUILD_BINARIESDIRECTORY}"/systemd/"${EXE}".service "${TMP_DIRECTORY}"/usr/lib/systemd/system
+
+    mkdir -p "${TMP_DIRECTORY}"/etc/dns-over-https
+    cp "${BUILD_BINARIESDIRECTORY}"/config/"${EXE}".conf "${TMP_DIRECTORY}"/etc/dns-over-https
+
+    mkdir -p "${TMP_DIRECTORY}"/etc/NetworkManager/dispatcher.d
+    cp "${BUILD_BINARIESDIRECTORY}"/nm-dispatcher/"${EXE}" "${TMP_DIRECTORY}"/etc/NetworkManager/dispatcher.d
+
+    # call fpm
+    fpm --input-type dir \
+        --output-type $4 \
+        --chdir "${TMP_DIRECTORY}" \
+        --package "${BUILD_ARTIFACTSTAGINGDIRECTORY}" \
+        --name "${EXE}" \
+        --description "${DESCR}" \
+        --version "${VERSION}" \
+        --iteration "${REVISION}" \
+        --url "https://github.com/m13253/dns-over-https" \
+        --vendor "Star Brilliant <coder@poorlab.com>" \
+        --license "MIT License" \
+        --category "net" \
+        --maintainer "James Swineson <autopkg@public.swineson.me>" \
+        --architecture "$2" \
+        --force \
+        .
+}
+
+cd "${DIR}"/..
+prepare_env
+make deps
+build_common
+
+pushd doh-server
+export EXE="doh-server"
+export DESCR="DNS-over-HTTPS Server"
+
+build_native
+
+build linux amd64 linux-amd64
+package linux amd64 linux-amd64 deb
+! package linux amd64 linux-amd64 rpm
+package linux amd64 linux-amd64 pacman
+
+build linux arm linux-armhf
+package linux arm linux-armhf deb
+! package linux arm linux-armhf rpm
+package linux arm linux-armhf pacman
+
+build linux arm64 linux-arm64
+package linux arm64 linux-arm64 deb
+! package linux arm64 linux-arm64 rpm
+package linux arm64 linux-arm64 pacman
+
+# build darwin amd64 darwin-amd64
+# build windows 386 windows-x86.exe
+# build windows amd64 windows-amd64.exe
+popd
+
+pushd doh-client
+export EXE="doh-client"
+export DESCR="DNS-over-HTTPS Client"
+
+build_native
+
+build linux amd64 linux-amd64
+package linux amd64 linux-amd64 deb
+! package linux amd64 linux-amd64 rpm
+package linux amd64 linux-amd64 pacman
+
+build linux arm linux-armhf
+package linux arm linux-armhf deb
+! package linux arm linux-armhf rpm
+package linux arm linux-armhf pacman
+
+build linux arm64 linux-arm64
+package linux arm64 linux-arm64 deb
+! package linux arm64 linux-arm64 rpm
+package linux arm64 linux-arm64 pacman
+
+# build darwin amd64 darwin-amd64
+# build windows 386 windows-x86.exe
+# build windows amd64 windows-amd64.exe
+popd
+

darwin-wrapper/Makefile

@@ -6,7 +6,7 @@ PREFIX = /usr/local
 all: doh-logger
 
 doh-logger: doh-logger.swift
-	$(SWIFTC) -o $@ -O $<
+	$(SWIFTC) -o $@ -O -static-stdlib $<
 
 clean:
 	rm -f doh-logger

doh-client/doh-client.conf

@@ -21,24 +21,25 @@ upstream_selector = "random"
 #    weight = 50
 
 ## CloudFlare's resolver, bad ECS, good DNSSEC
-## ECS is disabled for privacy by design: https://developers.cloudflare.com/1.1.1.1/nitty-gritty-details/#edns-client-subnet
+#[[upstream.upstream_google]]
+#    url = "https://cloudflare-dns.com/dns-query"
+#    weight = 50
+
+## CloudFlare's resolver, bad ECS, good DNSSEC
+#[[upstream.upstream_google]]
+#    url = "https://1.1.1.1/dns-query"
+#    weight = 50
+
+# CloudFlare's resolver, bad ECS, good DNSSEC
 [[upstream.upstream_ietf]]
     url = "https://cloudflare-dns.com/dns-query"
     weight = 50
 
 ## CloudFlare's resolver, bad ECS, good DNSSEC
-## ECS is disabled for privacy by design: https://developers.cloudflare.com/1.1.1.1/nitty-gritty-details/#edns-client-subnet
-## Note that some ISPs have problems connecting to 1.1.1.1, try 1.0.0.1 if problems happen.
 #[[upstream.upstream_ietf]]
 #    url = "https://1.1.1.1/dns-query"
 #    weight = 50
 
-## Quad9's resolver, bad ECS, good DNSSEC
-## ECS is disabled for privacy by design: https://www.quad9.net/faq/#What_is_EDNS_Client-Subnet
-#[[upstream.upstream_ietf]]
-#    url = "https://9.9.9.9/dns-query"
-#    weight = 50
-
 ## Google's experimental resolver, good ECS, good DNSSEC
 #[[upstream.upstream_ietf]]
 #    url = "https://dns.google.com/experimental"

doh-client/version.go

@@ -24,6 +24,6 @@
 package main
 
 const (
-	VERSION    = "2.1.0"
+	VERSION    = "2.0.1"
 	USER_AGENT = "DNS-over-HTTPS/" + VERSION + " (+https://github.com/m13253/dns-over-https)"
 )

doh-server/server.go

@@ -263,38 +263,19 @@ func (s *Server) patchRootRD(req *DNSRequest) *DNSRequest {
 	return req
 }
 
-// Return the position index for the question of qtype from a DNS msg, otherwise return -1
-func (s *Server) indexQuestionType(msg *dns.Msg, qtype uint16) int {
-	for i, question := range msg.Question {
-		if question.Qtype == qtype {
-			return i
-		}
-	}
-	return -1
-}
-
 func (s *Server) doDNSQuery(ctx context.Context, req *DNSRequest) (resp *DNSRequest, err error) {
 	// TODO(m13253): Make ctx work. Waiting for a patch for ExchangeContext from miekg/dns.
 	numServers := len(s.conf.Upstream)
 	for i := uint(0); i < s.conf.Tries; i++ {
 		req.currentUpstream = s.conf.Upstream[rand.Intn(numServers)]
-
-		// Use TCP if always configured to or if the Query type dictates it (AXFR)
-		if s.conf.TCPOnly || (s.indexQuestionType(req.request, dns.TypeAXFR) > -1) {
-			req.response, _, err = s.tcpClient.Exchange(req.request, req.currentUpstream)
-		} else {
+		if !s.conf.TCPOnly {
 			req.response, _, err = s.udpClient.Exchange(req.request, req.currentUpstream)
 			if err == nil && req.response != nil && req.response.Truncated {
 				log.Println(err)
 				req.response, _, err = s.tcpClient.Exchange(req.request, req.currentUpstream)
 			}
-
-			// Retry with TCP if this was an IXFR request and we only received an SOA
-			if (s.indexQuestionType(req.request, dns.TypeIXFR) > -1) &&
-				(len(req.response.Answer) == 1) &&
-				(req.response.Answer[0].Header().Rrtype == dns.TypeSOA) {
-				req.response, _, err = s.tcpClient.Exchange(req.request, req.currentUpstream)
-			}
+		} else {
+			req.response, _, err = s.tcpClient.Exchange(req.request, req.currentUpstream)
 		}
 		if err == nil {
 			return req, nil

doh-server/version.go

@@ -24,6 +24,6 @@
 package main
 
 const (
-	VERSION    = "2.1.0"
+	VERSION    = "2.0.1"
 	USER_AGENT = "DNS-over-HTTPS/" + VERSION + " (+https://github.com/m13253/dns-over-https)"
 )