From e31521dd01ecefb14edd831e0b4821143aa2fff9 Mon Sep 17 00:00:00 2001
From: sbwml <admin@cooluc.com>
Date: Fri, 29 Sep 2023 03:26:17 +0800
Subject: [PATCH] luci-app-mosdns: enable http/3 protocol only for DNS with
 `h3://` prefix

* example: h3://dns.alidns.com/dns-query
* according #138
---
 .../luasrc/model/cbi/mosdns/basic.lua         | 11 +-----
 luci-app-mosdns/po/zh-cn/mosdns.po            | 15 ++------
 luci-app-mosdns/root/etc/config/mosdns        |  2 --
 luci-app-mosdns/root/etc/init.d/mosdns        | 35 ++++++++++++++-----
 4 files changed, 30 insertions(+), 33 deletions(-)

diff --git a/luci-app-mosdns/luasrc/model/cbi/mosdns/basic.lua b/luci-app-mosdns/luasrc/model/cbi/mosdns/basic.lua
index 7a13465..82d587a 100644
--- a/luci-app-mosdns/luasrc/model/cbi/mosdns/basic.lua
+++ b/luci-app-mosdns/luasrc/model/cbi/mosdns/basic.lua
@@ -66,6 +66,7 @@ o:value("180.76.76.76", translate("Baidu Public DNS (180.76.76.76)"))
 o:value("https://doh.pub/dns-query", translate("Tencent Public DNS (DNS over HTTPS)"))
 o:value("quic://dns.alidns.com", translate("Aliyun Public DNS (DNS over QUIC)"))
 o:value("https://dns.alidns.com/dns-query", translate("Aliyun Public DNS (DNS over HTTPS)"))
+o:value("h3://dns.alidns.com/dns-query", translate("Aliyun Public DNS (DNS over HTTPS/3)"))
 o:value("https://doh.360.cn/dns-query", translate("360 Public DNS (DNS over HTTPS)"))
 o:depends("custom_local_dns", "1")
 
@@ -120,16 +121,6 @@ o.rmempty = false
 o.default = false
 o:depends("configfile", "/etc/mosdns/config.yaml")
 
-o = s:taboption("advanced", Flag, "enable_http3_local", translate("China DNS Enable HTTP/3"), translate("Enable DoH HTTP/3 protocol for China DNS, Upstream DNS server support is required (Experimental feature)"))
-o.rmempty = false
-o.default = false
-o:depends("custom_local_dns", "1")
-
-o = s:taboption("advanced", Flag, "enable_http3_remote", translate("Remote DNS Enable HTTP/3"), translate("Enable DoH HTTP/3 protocol for Remote DNS, Upstream DNS server support is required (Experimental feature)"))
-o.rmempty = false
-o.default = false
-o:depends("configfile", "/etc/mosdns/config.yaml")
-
 o = s:taboption("advanced", Flag, "enable_ecs_remote", translate("Enable EDNS client subnet"), translate("Add the EDNS Client Subnet option (ECS) to Remote DNS") .. '<br />' .. translate("MosDNS will auto identify the IP address subnet segment of your remote connection (0/24)") .. '<br />' .. translate("If your remote access network changes, May need restart MosDNS to update the ECS request address"))
 o.rmempty = false
 o.default = false
diff --git a/luci-app-mosdns/po/zh-cn/mosdns.po b/luci-app-mosdns/po/zh-cn/mosdns.po
index a4cc74c..5394eeb 100644
--- a/luci-app-mosdns/po/zh-cn/mosdns.po
+++ b/luci-app-mosdns/po/zh-cn/mosdns.po
@@ -208,6 +208,9 @@ msgstr "阿里云公共 DNS（DNS over QUIC）"
 msgid "Aliyun Public DNS (DNS over HTTPS)"
 msgstr "阿里云公共 DNS（DNS over HTTPS）"
 
+msgid "Aliyun Public DNS (DNS over HTTPS/3)"
+msgstr "阿里云公共 DNS（DNS over HTTPS/3）"
+
 msgid "360 Public DNS (DNS over HTTPS)"
 msgstr "360 安全 DNS（DNS over HTTPS）"
 
@@ -265,18 +268,6 @@ msgstr "禁用 TLS 证书"
 msgid "Disable TLS Servers certificate validation, Can be useful if system CA certificate expires or the system time is out of order"
 msgstr "禁用 TLS 服务器证书验证，当系统 CA 证书过期或系统时间错乱时，本选项可能会有用"
 
-msgid "China DNS Enable HTTP/3"
-msgstr "国内 DNS 启用 HTTP/3"
-
-msgid "Enable DoH HTTP/3 protocol for China DNS, Upstream DNS server support is required (Experimental feature)"
-msgstr "国内 DNS 启用 DoH HTTP/3 协议，需要上游 DNS 服务器支持（实验性功能）"
-
-msgid "Remote DNS Enable HTTP/3"
-msgstr "远程 DNS 启用 HTTP/3"
-
-msgid "Enable DoH HTTP/3 protocol for Remote DNS, Upstream DNS server support is required (Experimental feature)"
-msgstr "远程 DNS 启用 DoH HTTP/3 协议，需要上游 DNS 服务器支持（实验性功能）"
-
 msgid "Enable EDNS client subnet"
 msgstr "启用 EDNS 客户端子网"
 
diff --git a/luci-app-mosdns/root/etc/config/mosdns b/luci-app-mosdns/root/etc/config/mosdns
index 8de3b6c..c2dac92 100644
--- a/luci-app-mosdns/root/etc/config/mosdns
+++ b/luci-app-mosdns/root/etc/config/mosdns
@@ -21,8 +21,6 @@ config mosdns 'config'
 	option custom_local_dns '0'
 	option enable_pipeline '0'
 	option insecure_skip_verify '0'
-	option enable_http3_local '0'
-	option enable_http3_remote '0'
 	option dns_leak '0'
 	option cloudflare '0'
 	option listen_port_api '9091'
diff --git a/luci-app-mosdns/root/etc/init.d/mosdns b/luci-app-mosdns/root/etc/init.d/mosdns
index 6de695e..5e3b37c 100755
--- a/luci-app-mosdns/root/etc/init.d/mosdns
+++ b/luci-app-mosdns/root/etc/init.d/mosdns
@@ -58,8 +58,6 @@ get_config() {
     config_get max_conns $1 max_conns 2
     config_get insecure_skip_verify $1 insecure_skip_verify 0
     config_get idle_timeout $1 idle_timeout 30
-    config_get enable_http3_local $1 enable_http3_local 0
-    config_get enable_http3_remote $1 enable_http3_remote 0
     config_get enable_ecs_remote $1 enable_ecs_remote 0
     config_get dns_leak $1 dns_leak 0
     config_get cloudflare $1 cloudflare 0
@@ -69,14 +67,31 @@ init_yaml() {
     TMPDIR=$(mktemp -d) || exit 1
     [ $enable_pipeline -eq 1 ] && enable_pipeline=true || enable_pipeline=false
     [ $insecure_skip_verify -eq 1 ] && insecure_skip_verify=true || insecure_skip_verify=false
-    # HTTP/3
-    [ $enable_http3_local -eq 1 ] && enable_http3_local=true || enable_http3_local=false
-    [ $enable_http3_remote -eq 1 ] && enable_http3_remote=true || enable_http3_remote=false
+    # China DNS
+    if [ "$custom_local_dns" -eq 1 ]; then
+        local_dns=$($MOSDNS_SCRIPT dns | awk -v s='        ' '{
+          for(i=1; i<=NF; i++) {
+            if ($i ~ /^h3:\/\//) {
+              printf "%s- addr: \"%s\"\n%s  bootstrap: '${bootstrap_dns}'\n%s  enable_pipeline: '${enable_pipeline}'\n%s  max_conns: '${max_conns}'\n%s  insecure_skip_verify: '${insecure_skip_verify}'\n%s  idle_timeout: '${idle_timeout}'\n%s  enable_http3: true\n",s,$i,s,s,s,s,s,s
+            } else {
+              printf "%s- addr: \"%s\"\n%s  bootstrap: '${bootstrap_dns}'\n%s  enable_pipeline: '${enable_pipeline}'\n%s  max_conns: '${max_conns}'\n%s  insecure_skip_verify: '${insecure_skip_verify}'\n%s  idle_timeout: '${idle_timeout}'\n",s,$i,s,s,s,s,s
+            }
+          }
+        }')
+    else
+        local_dns=$($MOSDNS_SCRIPT dns | awk '{for(i=1;i<=NF;i++)printf "%s- addr: \"%s\"\n",s,$i,s}' s='        ')
+    fi
+    # Remote DNS
+    remote_dns=$(echo $remote_dns | awk -v s='        ' '{
+      for(i=1; i<=NF; i++) {
+        if ($i ~ /^h3:\/\//) {
+          printf "%s- addr: \"%s\"\n%s  bootstrap: '${bootstrap_dns}'\n%s  enable_pipeline: '${enable_pipeline}'\n%s  max_conns: '${max_conns}'\n%s  insecure_skip_verify: '${insecure_skip_verify}'\n%s  idle_timeout: '${idle_timeout}'\n%s  enable_http3: true\n",s,$i,s,s,s,s,s,s
+        } else {
+          printf "%s- addr: \"%s\"\n%s  bootstrap: '${bootstrap_dns}'\n%s  enable_pipeline: '${enable_pipeline}'\n%s  max_conns: '${max_conns}'\n%s  insecure_skip_verify: '${insecure_skip_verify}'\n%s  idle_timeout: '${idle_timeout}'\n",s,$i,s,s,s,s,s
+        }
+      }
+    }')
     # Write parameters
-    [ "$custom_local_dns" -eq 1 ] && \
-    local_dns=$($MOSDNS_SCRIPT dns | awk '{for(i=1;i<=NF;i++)printf "%s- addr: \"%s\"\n%s  bootstrap: '${bootstrap_dns}'\n%s  enable_pipeline: '${enable_pipeline}'\n%s  max_conns: '${max_conns}'\n%s  insecure_skip_verify: '${insecure_skip_verify}'\n%s  idle_timeout: '${idle_timeout}'\n%s  enable_http3: '${enable_http3_local}'\n",s,$i,s,s,s,s,s,s}' s='        ') || \
-    local_dns=$($MOSDNS_SCRIPT dns | awk '{for(i=1;i<=NF;i++)printf "%s- addr: \"%s\"\n",s,$i,s}' s='        ')
-    remote_dns=$(echo $remote_dns | awk '{for(i=1;i<=NF;i++)printf "%s- addr: \"%s\"\n%s  bootstrap: '${bootstrap_dns}'\n%s  enable_pipeline: '${enable_pipeline}'\n%s  max_conns: '${max_conns}'\n%s  insecure_skip_verify: '${insecure_skip_verify}'\n%s  idle_timeout: '${idle_timeout}'\n%s  enable_http3: '${enable_http3_remote}'\n",s,$i,s,s,s,s,s,s}' s='        ')
     sed "s,log_level,$log_level,g;s,log_file,$log_file,g; \
     s,listen_port,$listen_port,g;s,cache_size,$cache_size,g; \
     s,cache_survival_time,$cache_survival_time,g; \
@@ -94,6 +109,8 @@ init_yaml() {
     echo "${local_dns}" > $TMPDIR/local_dns.txt
     echo "${remote_dns}" > $TMPDIR/remote_dns.txt
     sed -i -e '/- addr: local_dns/{r '$TMPDIR/local_dns.txt -e';d};/- addr: remote_dns/{r '$TMPDIR/remote_dns.txt -e';d}' $CONF
+    # Convert HTTP/3 prefix format
+    sed -i 's/h3:\/\//https:\/\//g' $CONF
     # Cache dump
     [ "$dump_file" -eq 1 ] && sed -i "/lazy_cache_ttl/a\      dump_file: $DUMP_FILE\n      dump_interval: $dump_interval" $CONF
     [ "$dump_file" -eq 1 ] && [ ! -f $DUMP_FILE ] && cp -a $DUMP_FILE_DEFAULT $DUMP_FILE