✨ feat(dns): add DoH URL resolution function
This commit is contained in:
Ivan K
@@ -688,6 +688,46 @@ sing_box_inbound_proxy() {
|
|||||||
}' > $SING_BOX_CONFIG
|
}' > $SING_BOX_CONFIG
|
||||||
}
|
}
|
||||||
|
|
||||||
|
get_doh_url() {
|
||||||
|
local dns_server="$1"
|
||||||
|
local url=""
|
||||||
|
|
||||||
|
# Special case for Quad9 servers
|
||||||
|
if echo "$dns_server" | grep -q "quad9.net" || \
|
||||||
|
echo "$dns_server" | grep -qE "^9\.9\.9\.(9|10|11)$|^149\.112\.112\.(112|10|11)$|^2620:fe::(fe|9|10|11)$|^2620:fe::fe:(10|11)$"; then
|
||||||
|
url="https://$dns_server:5053/dns-query"
|
||||||
|
if curl --connect-timeout 3 -s -o /dev/null -w "%{http_code}" -H "accept: application/dns-json" "$url?name=example.com&type=A" 2>/dev/null | grep -q "200"; then
|
||||||
|
echo "$url"
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Try standard DoH path first (most common)
|
||||||
|
url="https://$dns_server/dns-query"
|
||||||
|
if curl --connect-timeout 3 -s -o /dev/null -w "%{http_code}" -H "accept: application/dns-json" "$url?name=example.com&type=A" 2>/dev/null | grep -q "200"; then
|
||||||
|
echo "$url"
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Try alternative path
|
||||||
|
url="https://$dns_server/resolve"
|
||||||
|
if curl --connect-timeout 3 -s -o /dev/null -w "%{http_code}" -H "accept: application/dns-json" "$url?name=example.com&type=A" 2>/dev/null | grep -q "200"; then
|
||||||
|
echo "$url"
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Try root path
|
||||||
|
url="https://$dns_server"
|
||||||
|
if curl --connect-timeout 3 -s -o /dev/null -w "%{http_code}" -H "accept: application/dns-json" "$url?name=example.com&type=A" 2>/dev/null | grep -q "200"; then
|
||||||
|
echo "$url"
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
# If no paths worked, return error
|
||||||
|
echo "error: no working DoH endpoint found for $dns_server"
|
||||||
|
return 1
|
||||||
|
}
|
||||||
|
|
||||||
sing_box_dns() {
|
sing_box_dns() {
|
||||||
local dns_type
|
local dns_type
|
||||||
local dns_server
|
local dns_server
|
||||||
@@ -711,25 +751,30 @@ sing_box_dns() {
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
log "Configure DNS in sing-box"
|
log "Configure DNS in sing-box"
|
||||||
|
|
||||||
|
local dns_address=""
|
||||||
|
if [ "$dns_type" = "doh" ]; then
|
||||||
|
dns_address=$(get_doh_url "$dns_server")
|
||||||
|
if [ $? -ne 0 ] || [ "${dns_address#error:}" != "$dns_address" ]; then
|
||||||
|
log "[critical] Failed to get working DoH URL for $dns_server"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
elif [ "$dns_type" = "dot" ]; then
|
||||||
|
dns_address="tls://$dns_server"
|
||||||
|
else
|
||||||
|
dns_address="$dns_server"
|
||||||
|
fi
|
||||||
|
|
||||||
server_json=$(jq -n \
|
server_json=$(jq -n \
|
||||||
--arg type "$dns_type" \
|
--arg type "$dns_type" \
|
||||||
--arg server "$dns_server" \
|
--arg address "$dns_address" \
|
||||||
--arg resolver "$resolver_tag" \
|
--arg resolver "$resolver_tag" \
|
||||||
--arg is_ip "$is_ip" \
|
--arg is_ip "$is_ip" \
|
||||||
'{
|
'{
|
||||||
"servers": [
|
"servers": [
|
||||||
{
|
{
|
||||||
"tag": "dns-server",
|
"tag": "dns-server",
|
||||||
"address": (
|
"address": $address,
|
||||||
if $type == "doh" then
|
|
||||||
"https://" + $server + "/dns-query"
|
|
||||||
elif $type == "dot" then
|
|
||||||
"tls://" + $server
|
|
||||||
else
|
|
||||||
$server
|
|
||||||
end
|
|
||||||
),
|
|
||||||
"detour": "direct-out"
|
"detour": "direct-out"
|
||||||
} + (
|
} + (
|
||||||
if $is_ip == "0" then
|
if $is_ip == "0" then
|
||||||
@@ -2078,20 +2123,8 @@ check_dns_available() {
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
if [ "$dns_type" = "doh" ]; then
|
if [ "$dns_type" = "doh" ]; then
|
||||||
local result=""
|
local doh_url=$(get_doh_url "$dns_server")
|
||||||
|
local result=$(curl --connect-timeout 5 -s -H "accept: application/dns-json" "$doh_url?name=itdog.info&type=A")
|
||||||
if echo "$dns_server" | grep -q "quad9.net" || \
|
|
||||||
echo "$dns_server" | grep -qE "^9\.9\.9\.(9|10|11)$|^149\.112\.112\.(112|10|11)$|^2620:fe::(fe|9|10|11)$|^2620:fe::fe:(10|11)$"; then
|
|
||||||
result=$(curl --connect-timeout 5 -s -H "accept: application/dns-json" "https://$dns_server:5053/dns-query?name=itdog.info&type=A")
|
|
||||||
else
|
|
||||||
result=$(curl --connect-timeout 5 -s -H "accept: application/dns-json" "https://$dns_server/dns-query?name=itdog.info&type=A")
|
|
||||||
if [ $? -eq 0 ] && echo "$result" | grep -q "data"; then
|
|
||||||
is_available=1
|
|
||||||
status="available"
|
|
||||||
else
|
|
||||||
result=$(curl --connect-timeout 5 -s -H "accept: application/dns-json" "https://$dns_server/resolve?name=itdog.info&type=A")
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ $? -eq 0 ] && echo "$result" | grep -q "data"; then
|
if [ $? -eq 0 ] && echo "$result" | grep -q "data"; then
|
||||||
is_available=1
|
is_available=1
|
||||||
|
|||||||
Reference in New Issue
Block a user