Optionally restrict DNS queries to TCP

Sample use:
DNS_PUBLIC=tcp torsocks bin/bitmonerod --p2p-bind-ip 127.0.0.1

Test:
Run above with --log-level 4 with and without DNS_PUBLIC environment
variable set.

DNS debugging info should show successful DNS lookups only when
DNS_PUBLIC is set to "tcp":

  DNS lookup for seeds.moneroseeds.se: 17 results
  DNS lookup for seeds.moneroseeds.ae.org: 17 results
  DNS lookup for seeds.moneroseeds.ch: 12 results
  DNS lookup for seeds.moneroseeds.li: 12 results
This commit is contained in:
warptangent 2015-12-15 09:23:17 -08:00
parent 9079a32c07
commit 0d40de48c2
No known key found for this signature in database
GPG key ID: 0E490BEBFBE4E92D

View file

@ -183,12 +183,33 @@ struct DNSResolverData
DNSResolver::DNSResolver() : m_data(new DNSResolverData()) DNSResolver::DNSResolver() : m_data(new DNSResolverData())
{ {
int use_dns_public = 0;
const char* dns_public_addr = "8.8.4.4";
if (auto res = getenv("DNS_PUBLIC"))
{
std::string dns_public(res);
// TODO: could allow parsing of IP and protocol: e.g. DNS_PUBLIC=tcp:8.8.8.8
if (dns_public == "tcp")
{
LOG_PRINT_L0("Using public DNS server: " << dns_public_addr << " (TCP)");
use_dns_public = 1;
}
}
// init libunbound context // init libunbound context
m_data->m_ub_context = ub_ctx_create(); m_data->m_ub_context = ub_ctx_create();
// look for "/etc/resolv.conf" and "/etc/hosts" or platform equivalent if (use_dns_public)
ub_ctx_resolvconf(m_data->m_ub_context, NULL); {
ub_ctx_hosts(m_data->m_ub_context, NULL); ub_ctx_set_fwd(m_data->m_ub_context, dns_public_addr);
ub_ctx_set_option(m_data->m_ub_context, "do-udp:", "no");
ub_ctx_set_option(m_data->m_ub_context, "do-tcp:", "yes");
}
else {
// look for "/etc/resolv.conf" and "/etc/hosts" or platform equivalent
ub_ctx_resolvconf(m_data->m_ub_context, NULL);
ub_ctx_hosts(m_data->m_ub_context, NULL);
}
#ifdef DEVELOPER_LIBUNBOUND_OLD #ifdef DEVELOPER_LIBUNBOUND_OLD
#pragma message "Using the work around for old libunbound" #pragma message "Using the work around for old libunbound"