From cd403a2897ae56a9059a78f24b104af5805d84ab Mon Sep 17 00:00:00 2001 From: Dimitry Kolyshev Date: Thu, 11 Apr 2024 12:09:27 +0200 Subject: [PATCH] Revert "all: safesearch https" This reverts commit 1c9564b9b4db70f85b2f827cc06b65d2b67b08b1. --- internal/dnsforward/msg.go | 9 +----- internal/filtering/safesearch/safesearch.go | 32 +++++++-------------- 2 files changed, 12 insertions(+), 29 deletions(-) diff --git a/internal/dnsforward/msg.go b/internal/dnsforward/msg.go index e8ef647e9ec..10dceb11505 100644 --- a/internal/dnsforward/msg.go +++ b/internal/dnsforward/msg.go @@ -48,7 +48,7 @@ func (s *Server) genDNSFilterMessage( ) (resp *dns.Msg) { req := dctx.Req qt := req.Question[0].Qtype - if qt != dns.TypeA && qt != dns.TypeAAAA && qt != dns.TypeHTTPS { + if qt != dns.TypeA && qt != dns.TypeAAAA { m, _, _ := s.dnsFilter.BlockingMode() if m == filtering.BlockingModeNullIP { return s.makeResponse(req) @@ -97,13 +97,6 @@ func (s *Server) getCNAMEWithIPs(req *dns.Msg, ips []netip.Addr, cname string) ( ans = append(ans, s.genAnswerAAAA(req, ip)) } } - case dns.TypeHTTPS: - ans = append(ans, s.genAnswersWithIPv4s(req, ips)...) - for _, ip := range ips { - if ip.Is6() { - ans = append(ans, s.genAnswerAAAA(req, ip)) - } - } default: // Go on and return an empty response. } diff --git a/internal/filtering/safesearch/safesearch.go b/internal/filtering/safesearch/safesearch.go index 86e124357be..d1ec36f86cb 100644 --- a/internal/filtering/safesearch/safesearch.go +++ b/internal/filtering/safesearch/safesearch.go @@ -226,8 +226,8 @@ func (ss *Default) searchHost(host string, qtype rules.RRType) (res *rules.DNSRe } // newResult creates Result object from rewrite rule. qtype must be either -// [dns.TypeA] or [dns.TypeAAAA], or [dns.TypeHTTPS]. If err is nil, res is -// never nil, so that the empty result is converted into a NODATA response. +// [dns.TypeA] or [dns.TypeAAAA]. If err is nil, res is never nil, so that the +// empty result is converted into a NODATA response. // // TODO(a.garipov): Use the main rewrite result mechanism used in // [dnsforward.Server.filterDNSRequest]. Now we resolve IPs for CNAME to save @@ -286,11 +286,11 @@ func (ss *Default) newResult( return res, nil } -// qtypeToProto returns "ip4" for [dns.TypeA] or [dns.TypeHTTPS], and "ip6" for -// [dns.TypeAAAA]. It panics for other types. +// qtypeToProto returns "ip4" for [dns.TypeA] and "ip6" for [dns.TypeAAAA]. +// It panics for other types. func qtypeToProto(qtype rules.RRType) (proto string) { switch qtype { - case dns.TypeA, dns.TypeHTTPS: + case dns.TypeA: return "ip4" case dns.TypeAAAA: return "ip6" @@ -300,31 +300,21 @@ func qtypeToProto(qtype rules.RRType) (proto string) { } // fitToProto returns a non-nil IP address if ip is the correct protocol version -// for qtype. qtype is expected to be either [dns.TypeA] or [dns.TypeAAAA], or -// [dns.TypeHTTPS]. +// for qtype. qtype is expected to be either [dns.TypeA] or [dns.TypeAAAA]. func fitToProto(ip net.IP, qtype rules.RRType) (res netip.Addr) { - ip4 := ip.To4() - ip6 := ip.To16() - - if qtype == dns.TypeA && ip4 != nil { - return netip.AddrFrom4([4]byte(ip4)) - } else if ip6 != nil && qtype == dns.TypeAAAA { - return netip.AddrFrom16([16]byte(ip6)) - } - - if qtype == dns.TypeHTTPS { + if ip4 := ip.To4(); qtype == dns.TypeA { if ip4 != nil { return netip.AddrFrom4([4]byte(ip4)) - } else if ip6 != nil { - return netip.AddrFrom16([16]byte(ip6)) } + } else if ip = ip.To16(); ip != nil && qtype == dns.TypeAAAA { + return netip.AddrFrom16([16]byte(ip)) } return netip.Addr{} } // setCacheResult stores data in cache for host. qtype is expected to be either -// [dns.TypeA] or [dns.TypeAAAA], or [dns.TypeHTTPS]. +// [dns.TypeA] or [dns.TypeAAAA]. func (ss *Default) setCacheResult(host string, qtype rules.RRType, res filtering.Result) { expire := uint32(time.Now().Add(ss.cacheTTL).Unix()) exp := make([]byte, 4) @@ -345,7 +335,7 @@ func (ss *Default) setCacheResult(host string, qtype rules.RRType, res filtering } // getCachedResult returns stored data from cache for host. qtype is expected -// to be either [dns.TypeA] or [dns.TypeAAAA], or [dns.TypeHTTPS]. +// to be either [dns.TypeA] or [dns.TypeAAAA]. func (ss *Default) getCachedResult( host string, qtype rules.RRType,