From 652e32f5f7032e54e4a59c97fa77b138cfb8add2 Mon Sep 17 00:00:00 2001 From: nimeetshah0 Date: Fri, 29 Oct 2021 19:38:52 +0100 Subject: [PATCH 1/3] feature: added support for unencrypted DNS --- bin/gt.js | 24 ++++++++++++++++++------ package-lock.json | 30 +++++++++++++++++++++--------- package.json | 1 + src/config.js | 6 ++++-- src/dns/base.js | 2 +- src/dns/unencrypted.js | 25 +++++++++++++++++++++++++ src/proxy.js | 21 +++++++++++++-------- 7 files changed, 83 insertions(+), 26 deletions(-) create mode 100644 src/dns/unencrypted.js diff --git a/bin/gt.js b/bin/gt.js index 1c0aeb1..589a3b1 100755 --- a/bin/gt.js +++ b/bin/gt.js @@ -7,11 +7,11 @@ const ora = require('ora'); const debug = require('debug'); const yargs = require('yargs'); const pkg = require('../package.json'); -const {Proxy, config, getLogger} = require('../src/index.cjs'); +const { Proxy, config, getLogger } = require('../src/index.cjs'); const logger = getLogger('cli'); -const {argv} = yargs +const { argv } = yargs .usage('Usage: green-tunnel [options]') .usage('Usage: gt [options]') .alias('help', 'h') @@ -37,7 +37,7 @@ const {argv} = yargs .option('dns-type', { type: 'string', - choices: ['https', 'tls'], + choices: ['https', 'tls', 'unencrypted'], default: config.dns.type, }) @@ -46,6 +46,16 @@ const {argv} = yargs default: config.dns.server, }) + .option('dns-ip', { + type: 'string', + default: config.dns.ip, + }) + + .option('dns-port', { + type: 'number', + default: config.dns.port, + }) + .option('silent', { alias: 's', type: 'boolean', @@ -113,7 +123,9 @@ async function main() { httpsOnly: argv['https-only'], dns: { type: argv['dns-type'], - server: argv['dns-server'] + server: argv['dns-server'], + ip: argv['dns-ip'], + port: argv['dns-port'] }, source: 'CLI', }); @@ -138,12 +150,12 @@ async function main() { process.on('unhandledRejection', errorTrap); process.on('uncaughtException', errorTrap); - await proxy.start({setProxy: argv['system-proxy']}); + await proxy.start({ setProxy: argv['system-proxy'] }); if (!argv['silent'] && !argv['verbose']) { clear(); printBanner(); - updateNotifier({pkg}).notify(); + updateNotifier({ pkg }).notify(); printAlert(proxy); showSpinner(); } diff --git a/package-lock.json b/package-lock.json index 894b237..6c145e3 100644 --- a/package-lock.json +++ b/package-lock.json @@ -24,6 +24,11 @@ "js-tokens": "^4.0.0" } }, + "@leichtgewicht/ip-codec": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/@leichtgewicht/ip-codec/-/ip-codec-2.0.3.tgz", + "integrity": "sha512-nkalE/f1RvRGChwBnEIoBfSEYOXnCRdleKuv6+lePbMDrMZXeDQnqak5XDOeBgrPPyPfAdcCu/B5z+v3VhplGg==" + }, "acorn": { "version": "6.4.1", "resolved": "https://registry.npmjs.org/acorn/-/acorn-6.4.1.tgz", @@ -418,6 +423,14 @@ "safe-buffer": "^5.1.1" } }, + "dns-socket": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/dns-socket/-/dns-socket-3.0.0.tgz", + "integrity": "sha512-M0WkByoJ/mTm+HtwBQLsRJPe5uGIC/lYVOp+s6ZzhbZ5iq4GxjFyxYPQhB85dgCLvVb43aJQXHDC9aUgyKGc/Q==", + "requires": { + "dns-packet": "^4.1.0" + } + }, "lru-cache": { "version": "4.1.5", "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-4.1.5.tgz", @@ -451,20 +464,19 @@ } }, "dns-socket": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/dns-socket/-/dns-socket-3.0.0.tgz", - "integrity": "sha512-M0WkByoJ/mTm+HtwBQLsRJPe5uGIC/lYVOp+s6ZzhbZ5iq4GxjFyxYPQhB85dgCLvVb43aJQXHDC9aUgyKGc/Q==", + "version": "4.2.2", + "resolved": "https://registry.npmjs.org/dns-socket/-/dns-socket-4.2.2.tgz", + "integrity": "sha512-BDeBd8najI4/lS00HSKpdFia+OvUMytaVjfzR9n5Lq8MlZRSvtbI+uLtx1+XmQFls5wFU9dssccTmQQ6nfpjdg==", "requires": { - "dns-packet": "^4.1.0" + "dns-packet": "^5.2.4" }, "dependencies": { "dns-packet": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/dns-packet/-/dns-packet-4.2.0.tgz", - "integrity": "sha512-bn1AKpfkFbm0MIioOMHZ5qJzl2uypdBwI4nYNsqvhjsegBhcKJUlCrMPWLx6JEezRjxZmxhtIz/FkBEur2l8Cw==", + "version": "5.3.0", + "resolved": "https://registry.npmjs.org/dns-packet/-/dns-packet-5.3.0.tgz", + "integrity": "sha512-Nce7YLu6YCgWRvOmDBsJMo9M5/jV3lEZ5vUWnWXYmwURvPylHvq7nkDWhNmk1ZQoZZOP7oQh/S0lSxbisKOfHg==", "requires": { - "ip": "^1.1.5", - "safe-buffer": "^5.1.1" + "@leichtgewicht/ip-codec": "^2.0.1" } } } diff --git a/package.json b/package.json index a2ee9ed..1cea56a 100644 --- a/package.json +++ b/package.json @@ -38,6 +38,7 @@ "debug": "^4.1.1", "dns-over-http": "^0.1.2", "dns-over-tls": "0.0.6", + "dns-socket": "^4.2.2", "esm": "^3.2.22", "is-docker": "^2.0.0", "lru-cache": "^5.1.1", diff --git a/src/config.js b/src/config.js index c0630d6..52d0764 100644 --- a/src/config.js +++ b/src/config.js @@ -1,11 +1,13 @@ const config = { - ip: '127.0.0.1', + ip: '0.0.0.0', port: 8000, httpsOnly: false, clientHelloMTU: 100, dns: { - type: 'https', // 'tls' or 'https' + type: 'unencrypted', // 'tls' or 'https' or 'unencrypted' server: 'https://cloudflare-dns.com/dns-query', + ip: '127.0.0.1', + port: 53, cacheSize: 1000, } }; diff --git a/src/dns/base.js b/src/dns/base.js index 16e2741..c59dd00 100644 --- a/src/dns/base.js +++ b/src/dns/base.js @@ -1,5 +1,5 @@ import LRU from 'lru-cache'; -import {isIP} from 'validator'; +import { isIP } from 'validator'; import getLogger from '../logger'; import config from '../config'; diff --git a/src/dns/unencrypted.js b/src/dns/unencrypted.js new file mode 100644 index 0000000..23c2385 --- /dev/null +++ b/src/dns/unencrypted.js @@ -0,0 +1,25 @@ +import dnsSocket from 'dns-socket'; +import BaseDNS from './base'; + +const socket = dnsSocket() + +export default class DNSOverHTTPS extends BaseDNS { + constructor(dnsIp, dnsPort) { + super(); + this.dnsIp = dnsIp; + this.dnsPort = dnsPort; + } + + _lookup(hostname) { + return new Promise((resolve, reject) => { + socket.query({ + questions: [{ + type: 'A', + name: hostname + }] + }, this.dnsPort, this.dnsIp, (err, res, query) => { + resolve(res.answers[0].data); + }); + }); + } +} \ No newline at end of file diff --git a/src/proxy.js b/src/proxy.js index 7df0b61..1c22337 100644 --- a/src/proxy.js +++ b/src/proxy.js @@ -1,17 +1,18 @@ import net from 'net'; -import {setProxy, unsetProxy} from './utils/system-proxy'; +import { setProxy, unsetProxy } from './utils/system-proxy'; import handleRequest from './handlers/request'; import DNSOverTLS from './dns/tls'; import DNSOverHTTPS from './dns/https'; +import DNSUnencrypted from './dns/unencrypted'; import config from './config'; import getLogger from './logger'; -import {appInit} from './utils/analytics'; +import { appInit } from './utils/analytics'; const logger = getLogger('proxy'); export default class Proxy { constructor(customConfig) { - this.config = {...config, ...customConfig}; + this.config = { ...config, ...customConfig }; this.server = undefined; this.isSystemProxySet = false; this.initDNS(); @@ -19,15 +20,19 @@ export default class Proxy { } initDNS() { - this.dns = this.config.dns.type === 'https' ? - new DNSOverHTTPS(this.config.dns.server) : - new DNSOverTLS(this.config.dns.server); + if (this.config.dns.type === 'https') { + this.dns = new DNSOverHTTPS(this.config.dns.server); + } else if (this.config.dns.type === 'tls') { + this.dns = new DNSOverTLS(this.config.dns.server); + } else { + this.dns = new DNSUnencrypted(this.config.dns.ip, this.config.dns.port); + } } async start(options = {}) { options.setProxy = options.setProxy === undefined ? false : options.setProxy; - this.server = net.createServer({pauseOnConnect: true}, clientSocket => { + this.server = net.createServer({ pauseOnConnect: true }, clientSocket => { handleRequest(clientSocket, this).catch(err => { logger.debug(String(err)); }); @@ -45,7 +50,7 @@ export default class Proxy { this.server.listen(this.config.port, this.config.ip, () => resolve()); }); - const {address, port} = this.server.address(); + const { address, port } = this.server.address(); logger.debug(`server listen on ${address} port ${port}`); if (options.setProxy) { From 6369a439dd469dee6d88103463c7e9a19fc3ae5e Mon Sep 17 00:00:00 2001 From: Nimeet Shah Date: Sun, 31 Oct 2021 08:30:28 +0530 Subject: [PATCH 2/3] Update README.md --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index c61f3db..a984131 100644 --- a/README.md +++ b/README.md @@ -43,6 +43,8 @@ Options: --port port address to bind proxy server [number] [default: 8000] --dns-type [string] [choices: "https", "tls"] [default: "https"] --dns-server [string] [default: "https://cloudflare-dns.com/dns-query"] + --dns-ip IP address for unencrypted DNS [string][default: "127.0.0.1"] + --dns-port Port for unencrypted DNS [number] [default: 53] --silent, -s run in silent mode [boolean] [default: false] --verbose, -v debug mode [string] [default: ""] --system-proxy automatic set system-proxy [boolean] [default: true] From fa229487c517c33c639bc3fc2795ecf642c6e984 Mon Sep 17 00:00:00 2001 From: nimeetshah0 Date: Sun, 31 Oct 2021 03:06:20 +0000 Subject: [PATCH 3/3] chore: revert to default config --- src/config.js | 4 ++-- src/dns/unencrypted.js | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/config.js b/src/config.js index 52d0764..2b0fc5b 100644 --- a/src/config.js +++ b/src/config.js @@ -1,10 +1,10 @@ const config = { - ip: '0.0.0.0', + ip: '127.0.0.1', port: 8000, httpsOnly: false, clientHelloMTU: 100, dns: { - type: 'unencrypted', // 'tls' or 'https' or 'unencrypted' + type: 'https', // 'tls' or 'https' or 'unencrypted' server: 'https://cloudflare-dns.com/dns-query', ip: '127.0.0.1', port: 53, diff --git a/src/dns/unencrypted.js b/src/dns/unencrypted.js index 23c2385..f2fa04d 100644 --- a/src/dns/unencrypted.js +++ b/src/dns/unencrypted.js @@ -3,7 +3,7 @@ import BaseDNS from './base'; const socket = dnsSocket() -export default class DNSOverHTTPS extends BaseDNS { +export default class DNSUnencrypted extends BaseDNS { constructor(dnsIp, dnsPort) { super(); this.dnsIp = dnsIp;