mirror of
https://github.com/klzgrad/naiveproxy.git
synced 2024-12-01 01:36:09 +03:00
Improve redirect resolver
Print info. Fail fast if connecting to naked address in resolved range.
This commit is contained in:
parent
46b390f403
commit
fbe0ed569a
@ -211,10 +211,16 @@ int NaiveConnection::DoConnectServer() {
|
|||||||
if (rv == 0) {
|
if (rv == 0) {
|
||||||
IPEndPoint ipe;
|
IPEndPoint ipe;
|
||||||
if (ipe.FromSockAddr(dst.addr, dst.addr_len)) {
|
if (ipe.FromSockAddr(dst.addr, dst.addr_len)) {
|
||||||
origin = HostPortPair::FromIPEndPoint(ipe);
|
const auto& addr = ipe.address();
|
||||||
auto name = resolver_->FindNameByAddress(ipe.address());
|
auto name = resolver_->FindNameByAddress(addr);
|
||||||
if (!name.empty()) {
|
if (!name.empty()) {
|
||||||
origin.set_host(name);
|
origin.set_host(name);
|
||||||
|
} else if (!resolver_->IsInResolvedRange(addr)) {
|
||||||
|
origin = HostPortPair::FromIPEndPoint(ipe);
|
||||||
|
} else {
|
||||||
|
LOG(ERROR) << "Connection " << id_ << " to unresolved name for "
|
||||||
|
<< addr.ToString();
|
||||||
|
return ERR_ADDRESS_INVALID;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -20,6 +20,12 @@
|
|||||||
|
|
||||||
namespace {
|
namespace {
|
||||||
constexpr int kUdpReadBufferSize = 1024;
|
constexpr int kUdpReadBufferSize = 1024;
|
||||||
|
constexpr int kResolutionTtl = 60;
|
||||||
|
constexpr int kResolutionRecycleTime = 60 * 5;
|
||||||
|
|
||||||
|
std::string PackedIPv4ToString(uint32_t addr) {
|
||||||
|
return net::IPAddress(addr >> 24, addr >> 16, addr >> 8, addr).ToString();
|
||||||
|
}
|
||||||
} // namespace
|
} // namespace
|
||||||
|
|
||||||
namespace net {
|
namespace net {
|
||||||
@ -133,6 +139,9 @@ int RedirectResolver::HandleReadResult(int result) {
|
|||||||
// Too few available addresses. Overwrites old one.
|
// Too few available addresses. Overwrites old one.
|
||||||
auto res_it = by_addr->second;
|
auto res_it = by_addr->second;
|
||||||
|
|
||||||
|
LOG(INFO) << "Overwrite " << res_it->name << " "
|
||||||
|
<< PackedIPv4ToString(res_it->addr) << " with " << name << " "
|
||||||
|
<< PackedIPv4ToString(addr);
|
||||||
resolution_by_name_.erase(res_it->by_name);
|
resolution_by_name_.erase(res_it->by_name);
|
||||||
resolutions_.erase(res_it);
|
resolutions_.erase(res_it);
|
||||||
resolutions_.emplace_back();
|
resolutions_.emplace_back();
|
||||||
@ -146,6 +155,7 @@ int RedirectResolver::HandleReadResult(int result) {
|
|||||||
res_it->by_name = by_name;
|
res_it->by_name = by_name;
|
||||||
res_it->by_addr = by_addr;
|
res_it->by_addr = by_addr;
|
||||||
} else {
|
} else {
|
||||||
|
LOG(INFO) << "Add " << name << " " << PackedIPv4ToString(addr);
|
||||||
resolutions_.emplace_back();
|
resolutions_.emplace_back();
|
||||||
auto res_it = std::prev(resolutions_.end());
|
auto res_it = std::prev(resolutions_.end());
|
||||||
|
|
||||||
@ -161,8 +171,10 @@ int RedirectResolver::HandleReadResult(int result) {
|
|||||||
auto now = base::TimeTicks::Now();
|
auto now = base::TimeTicks::Now();
|
||||||
for (auto it = resolutions_.begin();
|
for (auto it = resolutions_.begin();
|
||||||
it != resolutions_.end() &&
|
it != resolutions_.end() &&
|
||||||
(now - it->time).InSeconds() > 60 * 5;) {
|
(now - it->time).InSeconds() > kResolutionRecycleTime;) {
|
||||||
auto next = std::next(it);
|
auto next = std::next(it);
|
||||||
|
LOG(INFO) << "Drop " << it->name << " "
|
||||||
|
<< PackedIPv4ToString(it->addr);
|
||||||
resolution_by_name_.erase(it->by_name);
|
resolution_by_name_.erase(it->by_name);
|
||||||
resolution_by_addr_.erase(it->by_addr);
|
resolution_by_addr_.erase(it->by_addr);
|
||||||
resolutions_.erase(it);
|
resolutions_.erase(it);
|
||||||
@ -175,7 +187,7 @@ int RedirectResolver::HandleReadResult(int result) {
|
|||||||
record.name = name;
|
record.name = name;
|
||||||
record.type = dns_protocol::kTypeA;
|
record.type = dns_protocol::kTypeA;
|
||||||
record.klass = dns_protocol::kClassIN;
|
record.klass = dns_protocol::kClassIN;
|
||||||
record.ttl = 60;
|
record.ttl = kResolutionTtl;
|
||||||
uint32_t addr = by_name->second->addr;
|
uint32_t addr = by_name->second->addr;
|
||||||
record.SetOwnedRdata(IPAddressToPackedString(
|
record.SetOwnedRdata(IPAddressToPackedString(
|
||||||
IPAddress(addr >> 24, addr >> 16, addr >> 8, addr)));
|
IPAddress(addr >> 24, addr >> 16, addr >> 8, addr)));
|
||||||
@ -208,6 +220,12 @@ int RedirectResolver::HandleReadResult(int result) {
|
|||||||
base::BindOnce(&RedirectResolver::OnSend, base::Unretained(this)));
|
base::BindOnce(&RedirectResolver::OnSend, base::Unretained(this)));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
bool RedirectResolver::IsInResolvedRange(const IPAddress& address) const {
|
||||||
|
if (!address.IsIPv4())
|
||||||
|
return false;
|
||||||
|
return IPAddressMatchesPrefix(address, range_, prefix_);
|
||||||
|
}
|
||||||
|
|
||||||
std::string RedirectResolver::FindNameByAddress(
|
std::string RedirectResolver::FindNameByAddress(
|
||||||
const IPAddress& address) const {
|
const IPAddress& address) const {
|
||||||
if (!address.IsIPv4())
|
if (!address.IsIPv4())
|
||||||
|
@ -41,6 +41,7 @@ class RedirectResolver {
|
|||||||
size_t prefix);
|
size_t prefix);
|
||||||
~RedirectResolver();
|
~RedirectResolver();
|
||||||
|
|
||||||
|
bool IsInResolvedRange(const IPAddress& address) const;
|
||||||
std::string FindNameByAddress(const IPAddress& address) const;
|
std::string FindNameByAddress(const IPAddress& address) const;
|
||||||
|
|
||||||
private:
|
private:
|
||||||
|
Loading…
Reference in New Issue
Block a user