fix: validate domains before DNS dispatch#8
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Motivation
app/dns: failed to pack dns query > packing Question: Name: zero length segment。Description
normalizeDNSDomain用于域名合法性归一化与校验(trim、去尾点、长度限制、禁止空 label、禁止非法字符、label 长度与 - 边界检查)。normalizeDestination,在 destination 为域名时调用normalizeDNSDomain并用net.ParseAddress覆盖合法域名地址;非法则返回失败而不继续调度。Dispatch与DispatchLink入口处调用normalizeDestination,当域名非法时在Dispatch返回错误并记录警告,在DispatchLink关闭/interrupt outbound 并返回错误以避免连接泄露。normalizeDNSDomain校验 sniffed domain,非法 sniffed domain 不会覆盖原始 destination,改为继续使用原 destination(不默认关闭 sniffing)。core/xray/outbound.go中var domainStrategy = "Asis"为"AsIs"(拼写大小写修正,不改变其他逻辑)。Testing
go test ./core/xray/...,测试结果:通过。go test ./...,测试结果:通过。Codex Task