Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: support custom DoH resolvers #8068

Merged
merged 17 commits into from
May 11, 2021
Merged

feat: support custom DoH resolvers #8068

merged 17 commits into from
May 11, 2021

Conversation

vyzo
Copy link
Contributor

@vyzo vyzo commented Apr 12, 2021
edited by lidel
Loading

@vyzo vyzo requested review from lidel and aschmahmann April 12, 2021 11:08
@vyzo
Copy link
Contributor Author

vyzo commented Apr 12, 2021

seems like go-doh-resolver has an implicit dependency on go 1.16; fixing upstream package.

@vyzo vyzo force-pushed the feat/custom-resolver branch 2 times, most recently from 685bd0d to 45b9be5 Compare April 12, 2021 11:26
@vyzo
Copy link
Contributor Author

vyzo commented Apr 12, 2021

squashed the gomod dep update commits.

@lidel lidel mentioned this pull request Apr 12, 2021
Closed
9 tasks
aschmahmann
aschmahmann requested changes Apr 12, 2021
View reviewed changes
Copy link
Contributor

@aschmahmann aschmahmann left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall looking good, left a few comments/questions.

There's also a DNS usage to update here https:/ipfs/go-ipfs/blob/ef866a1400b3b2861e5e8b6cc9edc8633b890a0a/core/commands/swarm.go#L491

core/node/dns.go Outdated Show resolved Hide resolved
core/coreapi/coreapi.go Outdated Show resolved Hide resolved
@vyzo vyzo requested a review from aschmahmann April 12, 2021 18:42
@vyzo
Copy link
Contributor Author

vyzo commented Apr 12, 2021

I'll give it a rebase to resolve the conflicts in go.{mod,sum}

@vyzo vyzo force-pushed the feat/custom-resolver branch 2 times, most recently from e4537b2 to 40cbf8b Compare April 12, 2021 18:49
@vyzo
Copy link
Contributor Author

vyzo commented Apr 12, 2021

gave it a rebase, resolved the conflict, and squashed a few commits.

aschmahmann
aschmahmann reviewed Apr 12, 2021
View reviewed changes
core/node/groups.go
@@ -281,6 +283,7 @@ func Online(bcfg *BuildCfg, cfg *config.Config) fx.Option {
func Offline(cfg *config.Config) fx.Option {
return fx.Options(
fx.Provide(offline.Exchange),
fx.Provide(DNSResolver),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This preserves existing behavior. @Stebalien Is this the correct behavior, or would we want some nilDNSResolver here?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, we should use the nilDNSResolver. I'd consider this a bug fix.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

But we can also punt to a second PR.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's pretty easy to do, so I can do it here.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

undone, as it is a behaviour change that leads to a regression; we can easily consider it in a follow up pr.

core/node/dns.go Outdated Show resolved Hide resolved
@Stebalien
Copy link
Member

This needs some config documentation (config.md). Especially, how do we format DoH addresses?

Related: consider an upgrade path to DNS over TLS, and maybe even DNS over libp2p.

@vyzo
Copy link
Contributor Author

vyzo commented Apr 12, 2021 via email

lidel
lidel requested changes Apr 13, 2021
View reviewed changes
Copy link
Member

@lidel lidel left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

core/node/dns.go Show resolved Hide resolved
@vyzo vyzo requested review from lidel and aschmahmann April 13, 2021 14:52
lidel
lidel requested changes Apr 13, 2021
View reviewed changes
Copy link
Member

@lidel lidel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is taking a nice shape 👍
I tweaked docs + left some inline comments regarding implicit defaults.
(I believe we should include implicit defaults in this PR, so we can then simply remove special-casing of eth in go-namesys and be done with it)

docs/config.md Outdated Show resolved Hide resolved
core/node/dns.go Show resolved Hide resolved
core/node/dns.go Outdated Show resolved Hide resolved
docs/config.md Outdated Show resolved Hide resolved
@vyzo vyzo requested a review from lidel April 14, 2021 07:12
lidel
lidel requested changes Apr 14, 2021
View reviewed changes
Copy link
Member

@lidel lidel left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Took this for a spin and works as expected 🚀
Only remaining ask is to add DNS record cache and make config bit more flexible (details below and inline)

DNS Cache

I think we need to add cache – DoH lookups are too expensive (~1 second each) for this to be useful for loading websites (each subresource would be slowed down by this). I filled multiformats/go-multiaddr-dns#28 for this, because we should have a global cache, and that seems like a good home for it.

Config

  • it should be possible to disable implicit default by setting value to "" (we need this, so people can run cleartext ENS resolver on localhost)
  • {} needs more work – details inline

docs/config.md Show resolved Hide resolved
@vyzo vyzo requested a review from lidel April 14, 2021 16:04
@vyzo vyzo force-pushed the feat/custom-resolver branch 2 times, most recently from fb908f6 to 66afda4 Compare April 14, 2021 16:08
@vyzo
Copy link
Contributor Author

vyzo commented Apr 14, 2021

DoH resolver cache implementation in libp2p/go-doh-resolver#3

@vyzo
Copy link
Contributor Author

vyzo commented Apr 14, 2021

there is a failing sharness test, not sure if it is related:

130 - request for example.com/ipns/{fqdn} with X-Forwarded-Proto redirects to TLS-safe label in subdomain - sharnessLinux.t0114-gateway-subdomains

curl -H "Host: example.com" -H "X-Forwarded-Proto: https" -sD - "http://127.0.0.1:42979/ipns/en.wikipedia-on-ipfs.org/wiki" > response && test_should_contain "Location: https://en-wikipedia--on--ipfs-org.ipns.example.com/wiki" response

@vyzo
Copy link
Contributor Author

vyzo commented Apr 15, 2021

Updated deps to go-libp2p@master and go-ipfs-config@master and squashed the gomod commits.

@vyzo
Copy link
Contributor Author

vyzo commented Apr 15, 2021

Updated for the changes in the namesys constructor api.

@lidel lidel mentioned this pull request Apr 26, 2021
Closed
@aschmahmann aschmahmann added status/accepted This issue has been accepted status/blocked Unable to be worked further until needs are met and removed status/in-progress In progress labels Apr 27, 2021
vyzo and others added 16 commits May 10, 2021 21:03
@vyzo @Stebalien
gomod: deps, tidy
c9a0a03
@vyzo @Stebalien
explicit construction of DNS resolver
543c5da
@vyzo @Stebalien
fix dns test
aca3a20
@vyzo @Stebalien
create custom resolvers from config
b6a1ba9
@vyzo @Stebalien
update resolver config parsing, add eth. resolver by default
0ef2f8c
@vyzo @Stebalien
use NilDNSResolver for offline operation
531e9c1
@vyzo @Stebalien
update config documentation
5a1593e
@vyzo @Stebalien
the dot is not really an FQDN
b8eb1bb
@lidel @Stebalien
docs: fix formatting and add links to DNS section
0a4defe
@vyzo @Stebalien
better handling of implicit defaults, reuse resolver object for the s…
77d6a08 
…ame URL
@vyzo @Stebalien
use {} as default for DNS.Resolvers in config
9866c13
@lidel @Stebalien
docs: clarify DNS.Resolvers
35fe392 
- document implicit defaults for eth and crypto TLDs
- be very honest and link to ToS of cloudflare-eth.com
- provide suggestion that one should run own resolver if they really care about decentralization
@vyzo @Stebalien
allow overriding implicit defaults with the default resolver
0b4037c 
License: MIT
Signed-off-by: vyzo <[email protected]>
@vyzo @Stebalien
update for the new namesys api
eb7456d
@vyzo @Stebalien
undo dns neutering from offline mode
664c66c
@Stebalien
chore: update deps
75e0141
@Stebalien Stebalien removed the status/blocked Unable to be worked further until needs are met label May 11, 2021
@Stebalien
Copy link
Member

Updated to a released go-libp2p & go-ipfs-config.

@Stebalien Stebalien merged commit 4f4c947 into master May 11, 2021
@Stebalien Stebalien deleted the feat/custom-resolver branch May 11, 2021 05:10
@aschmahmann aschmahmann mentioned this pull request May 14, 2021
Closed
71 tasks
@rvagg rvagg mentioned this pull request Jun 7, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Stebalien Stebalien Stebalien approved these changes

@aschmahmann aschmahmann aschmahmann approved these changes

@lidel lidel Awaiting requested review from lidel

Assignees
No one assigned
Labels
status/accepted This issue has been accepted
Projects
None yet
Milestone
No milestone
4 participants
@vyzo @Stebalien @aschmahmann @lidel