luci-app-mosdns: enable http/3 protocol only for DNS with h3:// prefix

* example: h3://dns.alidns.com/dns-query * according #138
2023-09-29 03:26:17 +08:00 · 2023-09-29 03:26:17 +08:00 · e31521dd01
commit e31521dd01
parent 3078047cdb
4 changed files with 30 additions and 33 deletions
--- a/luci-app-mosdns/luasrc/model/cbi/mosdns/basic.lua
+++ b/luci-app-mosdns/luasrc/model/cbi/mosdns/basic.lua
@ -66,6 +66,7 @@ o:value("180.76.76.76", translate("Baidu Public DNS (180.76.76.76)"))
 o:value("https://doh.pub/dns-query", translate("Tencent Public DNS (DNS over HTTPS)"))
 o:value("quic://dns.alidns.com", translate("Aliyun Public DNS (DNS over QUIC)"))
 o:value("https://dns.alidns.com/dns-query", translate("Aliyun Public DNS (DNS over HTTPS)"))
+o:value("h3://dns.alidns.com/dns-query", translate("Aliyun Public DNS (DNS over HTTPS/3)"))
 o:value("https://doh.360.cn/dns-query", translate("360 Public DNS (DNS over HTTPS)"))
 o:depends("custom_local_dns", "1")

@ -120,16 +121,6 @@ o.rmempty = false
 o.default = false
 o:depends("configfile", "/etc/mosdns/config.yaml")

-o = s:taboption("advanced", Flag, "enable_http3_local", translate("China DNS Enable HTTP/3"), translate("Enable DoH HTTP/3 protocol for China DNS, Upstream DNS server support is required (Experimental feature)"))
-o.rmempty = false
-o.default = false
-o:depends("custom_local_dns", "1")
-
-o = s:taboption("advanced", Flag, "enable_http3_remote", translate("Remote DNS Enable HTTP/3"), translate("Enable DoH HTTP/3 protocol for Remote DNS, Upstream DNS server support is required (Experimental feature)"))
-o.rmempty = false
-o.default = false
-o:depends("configfile", "/etc/mosdns/config.yaml")
-
 o = s:taboption("advanced", Flag, "enable_ecs_remote", translate("Enable EDNS client subnet"), translate("Add the EDNS Client Subnet option (ECS) to Remote DNS") .. '<br />' .. translate("MosDNS will auto identify the IP address subnet segment of your remote connection (0/24)") .. '<br />' .. translate("If your remote access network changes, May need restart MosDNS to update the ECS request address"))
 o.rmempty = false
 o.default = false
--- a/luci-app-mosdns/po/zh-cn/mosdns.po
+++ b/luci-app-mosdns/po/zh-cn/mosdns.po
@ -208,6 +208,9 @@ msgstr "阿里云公共 DNS（DNS over QUIC）"
 msgid "Aliyun Public DNS (DNS over HTTPS)"
 msgstr "阿里云公共 DNS（DNS over HTTPS）"

+msgid "Aliyun Public DNS (DNS over HTTPS/3)"
+msgstr "阿里云公共 DNS（DNS over HTTPS/3）"
+
 msgid "360 Public DNS (DNS over HTTPS)"
 msgstr "360 安全 DNS（DNS over HTTPS）"

@ -265,18 +268,6 @@ msgstr "禁用 TLS 证书"
 msgid "Disable TLS Servers certificate validation, Can be useful if system CA certificate expires or the system time is out of order"
 msgstr "禁用 TLS 服务器证书验证，当系统 CA 证书过期或系统时间错乱时，本选项可能会有用"

-msgid "China DNS Enable HTTP/3"
-msgstr "国内 DNS 启用 HTTP/3"
-
-msgid "Enable DoH HTTP/3 protocol for China DNS, Upstream DNS server support is required (Experimental feature)"
-msgstr "国内 DNS 启用 DoH HTTP/3 协议，需要上游 DNS 服务器支持（实验性功能）"
-
-msgid "Remote DNS Enable HTTP/3"
-msgstr "远程 DNS 启用 HTTP/3"
-
-msgid "Enable DoH HTTP/3 protocol for Remote DNS, Upstream DNS server support is required (Experimental feature)"
-msgstr "远程 DNS 启用 DoH HTTP/3 协议，需要上游 DNS 服务器支持（实验性功能）"
-
 msgid "Enable EDNS client subnet"
 msgstr "启用 EDNS 客户端子网"

--- a/luci-app-mosdns/root/etc/config/mosdns
+++ b/luci-app-mosdns/root/etc/config/mosdns
@ -21,8 +21,6 @@ config mosdns 'config'
 	option custom_local_dns '0'
 	option enable_pipeline '0'
 	option insecure_skip_verify '0'
-	option enable_http3_local '0'
-	option enable_http3_remote '0'
 	option dns_leak '0'
 	option cloudflare '0'
 	option listen_port_api '9091'
--- a/luci-app-mosdns/root/etc/init.d/mosdns
+++ b/luci-app-mosdns/root/etc/init.d/mosdns
@ -58,8 +58,6 @@ get_config() {
    config_get max_conns $1 max_conns 2
    config_get insecure_skip_verify $1 insecure_skip_verify 0
    config_get idle_timeout $1 idle_timeout 30
-    config_get enable_http3_local $1 enable_http3_local 0
-    config_get enable_http3_remote $1 enable_http3_remote 0
    config_get enable_ecs_remote $1 enable_ecs_remote 0
    config_get dns_leak $1 dns_leak 0
    config_get cloudflare $1 cloudflare 0
@ -69,14 +67,31 @@ init_yaml() {
    TMPDIR=$(mktemp -d) || exit 1
    [ $enable_pipeline -eq 1 ] && enable_pipeline=true || enable_pipeline=false
    [ $insecure_skip_verify -eq 1 ] && insecure_skip_verify=true || insecure_skip_verify=false
-    # HTTP/3
-    [ $enable_http3_local -eq 1 ] && enable_http3_local=true || enable_http3_local=false
-    [ $enable_http3_remote -eq 1 ] && enable_http3_remote=true || enable_http3_remote=false
+    # China DNS
+    if [ "$custom_local_dns" -eq 1 ]; then
+        local_dns=$($MOSDNS_SCRIPT dns | awk -v s='        ' '{
+          for(i=1; i<=NF; i++) {
+            if ($i ~ /^h3:\/\//) {
+              printf "%s- addr: \"%s\"\n%s  bootstrap: '${bootstrap_dns}'\n%s  enable_pipeline: '${enable_pipeline}'\n%s  max_conns: '${max_conns}'\n%s  insecure_skip_verify: '${insecure_skip_verify}'\n%s  idle_timeout: '${idle_timeout}'\n%s  enable_http3: true\n",s,$i,s,s,s,s,s,s
+            } else {
+              printf "%s- addr: \"%s\"\n%s  bootstrap: '${bootstrap_dns}'\n%s  enable_pipeline: '${enable_pipeline}'\n%s  max_conns: '${max_conns}'\n%s  insecure_skip_verify: '${insecure_skip_verify}'\n%s  idle_timeout: '${idle_timeout}'\n",s,$i,s,s,s,s,s
+            }
+          }
+        }')
+    else
+        local_dns=$($MOSDNS_SCRIPT dns | awk '{for(i=1;i<=NF;i++)printf "%s- addr: \"%s\"\n",s,$i,s}' s='        ')
+    fi
+    # Remote DNS
+    remote_dns=$(echo $remote_dns | awk -v s='        ' '{
+      for(i=1; i<=NF; i++) {
+        if ($i ~ /^h3:\/\//) {
+          printf "%s- addr: \"%s\"\n%s  bootstrap: '${bootstrap_dns}'\n%s  enable_pipeline: '${enable_pipeline}'\n%s  max_conns: '${max_conns}'\n%s  insecure_skip_verify: '${insecure_skip_verify}'\n%s  idle_timeout: '${idle_timeout}'\n%s  enable_http3: true\n",s,$i,s,s,s,s,s,s
+        } else {
+          printf "%s- addr: \"%s\"\n%s  bootstrap: '${bootstrap_dns}'\n%s  enable_pipeline: '${enable_pipeline}'\n%s  max_conns: '${max_conns}'\n%s  insecure_skip_verify: '${insecure_skip_verify}'\n%s  idle_timeout: '${idle_timeout}'\n",s,$i,s,s,s,s,s
+        }
+      }
+    }')
    # Write parameters
-    [ "$custom_local_dns" -eq 1 ] && \
-    local_dns=$($MOSDNS_SCRIPT dns | awk '{for(i=1;i<=NF;i++)printf "%s- addr: \"%s\"\n%s  bootstrap: '${bootstrap_dns}'\n%s  enable_pipeline: '${enable_pipeline}'\n%s  max_conns: '${max_conns}'\n%s  insecure_skip_verify: '${insecure_skip_verify}'\n%s  idle_timeout: '${idle_timeout}'\n%s  enable_http3: '${enable_http3_local}'\n",s,$i,s,s,s,s,s,s}' s='        ') || \
-    local_dns=$($MOSDNS_SCRIPT dns | awk '{for(i=1;i<=NF;i++)printf "%s- addr: \"%s\"\n",s,$i,s}' s='        ')
-    remote_dns=$(echo $remote_dns | awk '{for(i=1;i<=NF;i++)printf "%s- addr: \"%s\"\n%s  bootstrap: '${bootstrap_dns}'\n%s  enable_pipeline: '${enable_pipeline}'\n%s  max_conns: '${max_conns}'\n%s  insecure_skip_verify: '${insecure_skip_verify}'\n%s  idle_timeout: '${idle_timeout}'\n%s  enable_http3: '${enable_http3_remote}'\n",s,$i,s,s,s,s,s,s}' s='        ')
    sed "s,log_level,$log_level,g;s,log_file,$log_file,g; \
    s,listen_port,$listen_port,g;s,cache_size,$cache_size,g; \
    s,cache_survival_time,$cache_survival_time,g; \
@ -94,6 +109,8 @@ init_yaml() {
    echo "${local_dns}" > $TMPDIR/local_dns.txt
    echo "${remote_dns}" > $TMPDIR/remote_dns.txt
    sed -i -e '/- addr: local_dns/{r '$TMPDIR/local_dns.txt -e';d};/- addr: remote_dns/{r '$TMPDIR/remote_dns.txt -e';d}' $CONF
+    # Convert HTTP/3 prefix format
+    sed -i 's/h3:\/\//https:\/\//g' $CONF
    # Cache dump
    [ "$dump_file" -eq 1 ] && sed -i "/lazy_cache_ttl/a\      dump_file: $DUMP_FILE\n      dump_interval: $dump_interval" $CONF
    [ "$dump_file" -eq 1 ] && [ ! -f $DUMP_FILE ] && cp -a $DUMP_FILE_DEFAULT $DUMP_FILE