fix: use custom DNS resolver (#1364)

* add DefaultResolver * style: fmt * chore: remove unused feature Co-authored-by: Jiahao XU <Jiahao_XU@outlook.com> * chore: remove unused `ipconfig/computer` feature Co-authored-by: Jiahao XU <Jiahao_XU@outlook.com> * chore: update `trust-dns-resolver` * refactor: apply requested changes * chore: revert `trust-dns-resolver` upgrade I mistakenly thought `reqwest` already updated to the newest version, but it hasn't! (no release was made yet) * refactor: cleanup --------- Co-authored-by: GNQG <my.t.gnq+dev@gmail.com> Co-authored-by: Jiahao XU <Jiahao_XU@outlook.com>
2025-04-22 05:28:42 +00:00 · 2023-09-17 01:51:07 +02:00 · 2023-09-17 01:51:07 +02:00 · 6560225c03
commit 6560225c03
parent 04c5c00669
5 changed files with 196 additions and 2 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -283,9 +283,13 @@ dependencies = [
 "bytes",
 "bzip2",
 "compact_str",
+ "default-net",
 "flate2",
 "futures-util",
 "httpdate",
+ "hyper",
+ "ipconfig",
+ "once_cell",
 "percent-encoding",
 "reqwest",
 "serde",
@ -786,6 +790,23 @@ version = "2.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "c2e66c9d817f1720209181c316d28635c050fa304f9c79e47a520882661b7308"

+[[package]]
+name = "default-net"
+version = "0.17.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d5d1b93f7700c45c26856522aed3982b685edb0532e4dbdd3a4ec84bb4185526"
+dependencies = [
+ "dlopen2",
+ "libc",
+ "memalloc",
+ "netlink-packet-core",
+ "netlink-packet-route",
+ "netlink-sys",
+ "once_cell",
+ "system-configuration",
+ "windows 0.48.0",
+]
+
 [[package]]
 name = "deranged"
 version = "0.3.8"
@ -852,6 +873,17 @@ dependencies = [
 "windows-sys",
 ]

+[[package]]
+name = "dlopen2"
+version = "0.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "09b4f5f101177ff01b8ec4ecc81eead416a8aa42819a2869311b3420fa114ffa"
+dependencies = [
+ "libc",
+ "once_cell",
+ "winapi",
+]
+
 [[package]]
 name = "dunce"
 version = "1.0.4"
@ -2402,6 +2434,12 @@ dependencies = [
 "serde",
 ]

+[[package]]
+name = "memalloc"
+version = "0.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "df39d232f5c40b0891c10216992c2f250c054105cb1e56f0fc9032db6203ecc1"
+
 [[package]]
 name = "memchr"
 version = "2.6.3"
@ -2511,6 +2549,54 @@ dependencies = [
 "tempfile",
 ]

+[[package]]
+name = "netlink-packet-core"
+version = "0.7.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "72724faf704479d67b388da142b186f916188505e7e0b26719019c525882eda4"
+dependencies = [
+ "anyhow",
+ "byteorder",
+ "netlink-packet-utils",
+]
+
+[[package]]
+name = "netlink-packet-route"
+version = "0.17.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "053998cea5a306971f88580d0829e90f270f940befd7cf928da179d4187a5a66"
+dependencies = [
+ "anyhow",
+ "bitflags 1.3.2",
+ "byteorder",
+ "libc",
+ "netlink-packet-core",
+ "netlink-packet-utils",
+]
+
+[[package]]
+name = "netlink-packet-utils"
+version = "0.5.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0ede8a08c71ad5a95cdd0e4e52facd37190977039a4704eb82a283f713747d34"
+dependencies = [
+ "anyhow",
+ "byteorder",
+ "paste",
+ "thiserror",
+]
+
+[[package]]
+name = "netlink-sys"
+version = "0.8.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6471bf08e7ac0135876a9581bf3217ef0333c191c128d34878079f42ee150411"
+dependencies = [
+ "bytes",
+ "libc",
+ "log",
+]
+
 [[package]]
 name = "nix"
 version = "0.26.4"
@ -2664,6 +2750,12 @@ dependencies = [
 "windows-targets",
 ]

+[[package]]
+name = "paste"
+version = "1.0.14"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "de3145af08024dea9fa9914f381a17b8fc6034dfb00f3a84013f7ff43f29ed4c"
+
 [[package]]
 name = "percent-encoding"
 version = "2.3.0"
@ -3465,6 +3557,27 @@ dependencies = [
 "unicode-ident",
 ]

+[[package]]
+name = "system-configuration"
+version = "0.5.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ba3a3adc5c275d719af8cb4272ea1c4a6d668a777f37e115f6d11ddbc1c8e0e7"
+dependencies = [
+ "bitflags 1.3.2",
+ "core-foundation",
+ "system-configuration-sys",
+]
+
+[[package]]
+name = "system-configuration-sys"
+version = "0.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a75fb188eb626b924683e3b95e3a48e63551fcfb51949de2f06a9d91dbee93c9"
+dependencies = [
+ "core-foundation-sys",
+ "libc",
+]
+
 [[package]]
 name = "target-lexicon"
 version = "0.12.11"
--- a/crates/binstalk-downloader/Cargo.toml
+++ b/crates/binstalk-downloader/Cargo.toml
@ -37,7 +37,9 @@ tokio-tar = "0.3.0"
 tokio-util = { version = "0.7.8", features = ["io"] }
 tracing = "0.1.37"
 # trust-dns-resolver must be kept in sync with the version reqwest uses
-trust-dns-resolver = { version = "0.22.0", optional = true, default-features = false, features = ["dnssec-ring"] }
+trust-dns-resolver = { version = "0.22.0", optional = true, features = ["dnssec-ring"] }
+hyper = { version = "0.14.27", optional = true }
+once_cell = { version = "1.18.0", optional = true }
 url = "2.3.1"

 xz2 = "0.1.7"
@ -78,7 +80,7 @@ native-tls = [
 ]

 # Enable trust-dns-resolver so that features on it will also be enabled.
-trust-dns = ["trust-dns-resolver", "reqwest/trust-dns"]
+trust-dns = ["trust-dns-resolver", "default-net", "ipconfig", "hyper", "once_cell"]

 # Experimental HTTP/3 client, this would require `--cfg reqwest_unstable`
 # to be passed to `rustc`.
@ -91,6 +93,10 @@ cross-lang-fat-lto = ["zstd/fat-lto"]
 gh-api-client = ["json"]
 json = ["serde", "serde_json"]

+[target."cfg(windows)".dependencies]
+default-net = { version = "0.17.0", optional = true }
+ipconfig = { version = "0.3.2", optional = true, default-features = false }
+
 [package.metadata.docs.rs]
 features = ["gh-api-client"]
 rustdoc-args = ["--cfg", "docsrs"]
--- a/crates/binstalk-downloader/src/lib.rs
+++ b/crates/binstalk-downloader/src/lib.rs
@ -12,4 +12,7 @@ pub mod gh_api_client;

 pub mod remote;

+#[cfg(feature = "trust-dns")]
+mod resolver;
+
 mod utils;
--- a/crates/binstalk-downloader/src/remote.rs
+++ b/crates/binstalk-downloader/src/remote.rs
@ -18,6 +18,9 @@ use tracing::{debug, info, instrument};
 pub use reqwest::{header, Error as ReqwestError, Method, StatusCode};
 pub use url::Url;

+#[cfg(feature = "trust-dns")]
+use crate::resolver::TrustDnsResolver;
+
 mod delay_request;
 use delay_request::DelayRequest;

@ -107,6 +110,11 @@ impl Client {
                .https_only(true)
                .tcp_nodelay(false);

+            #[cfg(feature = "trust-dns")]
+            {
+                builder = builder.dns_resolver(Arc::new(TrustDnsResolver::default()));
+            }
+
            #[cfg(feature = "__tls")]
            {
                let tls_ver = min_tls
--- a/crates/binstalk-downloader/src/resolver.rs
+++ b/crates/binstalk-downloader/src/resolver.rs
@ -0,0 +1,64 @@
+use std::{net::SocketAddr, sync::Arc};
+
+use hyper::client::connect::dns::Name;
+use once_cell::sync::OnceCell;
+use reqwest::dns::{Addrs, Resolve};
+use trust_dns_resolver::config::{NameServerConfig, Protocol, ResolverConfig, ResolverOpts};
+use trust_dns_resolver::TokioAsyncResolver;
+
+#[derive(Debug, Default, Clone)]
+pub struct TrustDnsResolver(Arc<OnceCell<TokioAsyncResolver>>);
+
+impl Resolve for TrustDnsResolver {
+    fn resolve(&self, name: Name) -> reqwest::dns::Resolving {
+        let resolver = self.clone();
+        Box::pin(async move {
+            let resolver = resolver.0.get_or_try_init(new_resolver)?;
+
+            let lookup = resolver.lookup_ip(name.as_str()).await?;
+            let addrs: Addrs = Box::new(lookup.into_iter().map(|ip| SocketAddr::new(ip, 0)));
+            Ok(addrs)
+        })
+    }
+}
+
+fn new_resolver() -> Result<TokioAsyncResolver, Box<dyn std::error::Error + Send + Sync>> {
+    #[cfg(unix)]
+    {
+        let (config, opts) = trust_dns_resolver::system_conf::read_system_conf()?;
+        Ok(TokioAsyncResolver::tokio(config, opts)?)
+    }
+    #[cfg(windows)]
+    {
+        let mut config = ResolverConfig::new();
+        let opts = ResolverOpts::default();
+
+        let current_interface = default_net::get_default_interface()?;
+        ipconfig::get_adapters()?
+            .iter()
+            .filter_map(|adapter| {
+                if adapter.adapter_name() == current_interface.name {
+                    Some(adapter.dns_servers())
+                } else {
+                    None
+                }
+            })
+            .flatten()
+            .for_each(|addr| {
+                let socket_addr = SocketAddr::new(*addr, 53);
+                for protocol in [Protocol::Udp, Protocol::Tcp] {
+                    config.add_name_server(NameServerConfig {
+                        socket_addr,
+                        protocol,
+                        tls_dns_name: None,
+                        trust_nx_responses: false,
+                        #[cfg(feature = "rustls")]
+                        tls_config: None,
+                        bind_addr: None,
+                    })
+                }
+            });
+
+        Ok(TokioAsyncResolver::tokio(config, opts)?)
+    }
+}