Merge pull request #2283 from openziti/use.existing.dns.ip.when.reapp…

…lying.intercept check for existing hostname/IP when applying intercept address
openziti · Dec 3, 2024 · 5644138 · 5644138
2 parents 9a83ca8 + e66649a
commit 5644138
Show file tree

Hide file tree

Showing 6 changed files with 23 additions and 2 deletions.
diff --git a/tunnel/dns/dummy.go b/tunnel/dns/dummy.go
@@ -22,6 +22,11 @@ func (d dummy) Lookup(_ net.IP) (string, error) {
 	return "", nil
 }
 
+func (d dummy) LookupIP(_ string) (net.IP, bool) {
+	pfxlog.Logger().Warnf("dummy resolver does not store hostname/ip mappings")
+	return nil, false
+}
+
 func (d dummy) RemoveHostname(_ string) net.IP {
 	return nil
 }

diff --git a/tunnel/dns/file.go b/tunnel/dns/file.go
@@ -60,6 +60,10 @@ func (h *hostFile) Lookup(_ net.IP) (string, error) {
 	return "", fmt.Errorf("not implemented")
 }
 
+func (h *hostFile) LookupIP(_ string) (net.IP, bool) {
+	return nil, false
+}
+
 func (h *hostFile) AddHostname(hostname string, ip net.IP) error {
 	h.mutex.Lock()
 	defer h.mutex.Unlock()

diff --git a/tunnel/dns/refcount.go b/tunnel/dns/refcount.go
@@ -21,6 +21,10 @@ func (self *RefCountingResolver) Lookup(ip net.IP) (string, error) {
 	return self.wrapped.Lookup(ip)
 }
 
+func (self *RefCountingResolver) LookupIP(hostname string) (net.IP, bool) {
+	return self.wrapped.LookupIP(hostname)
+}
+
 func (self *RefCountingResolver) AddDomain(name string, cb func(string) (net.IP, error)) error {
 	return self.wrapped.AddDomain(name, cb)
 }

diff --git a/tunnel/dns/resolver.go b/tunnel/dns/resolver.go
@@ -22,6 +22,7 @@ type Resolver interface {
 	AddHostname(string, net.IP) error
 	AddDomain(string, func(string) (net.IP, error)) error
 	Lookup(net.IP) (string, error)
+	LookupIP(string) (net.IP, bool)
 	RemoveHostname(string) net.IP
 	RemoveDomain(string)
 	Cleanup() error

diff --git a/tunnel/dns/server.go b/tunnel/dns/server.go
@@ -157,7 +157,7 @@ func (r *resolver) testSystemResolver() error {
 	return nil
 }
 
-func (r *resolver) getHostnameIp(name string) (net.IP, bool) {
+func (r *resolver) LookupIP(name string) (net.IP, bool) {
 	r.namesMtx.Lock()
 	defer r.namesMtx.Unlock()
 	canonical := strings.ToLower(name)
@@ -166,7 +166,7 @@ func (r *resolver) getHostnameIp(name string) (net.IP, bool) {
 }
 
 func (r *resolver) getAddress(name string) (net.IP, error) {
-	a, ok := r.getHostnameIp(name)
+	a, ok := r.LookupIP(name)
 	if ok {
 		return a, nil
 	}
@@ -271,6 +271,8 @@ func (r *resolver) AddHostname(hostname string, ip net.IP) error {
 		log.Infof("adding %s = %s to resolver", hostname, ip.String())
 		r.names[canonical] = ip
 		r.ips[ip.String()] = canonical[0 : len(canonical)-1] // drop the dot
+	} else {
+		log.Infof("hostname %s already assigned (%s)", hostname, r.names[canonical])
 	}
 
 	return nil

diff --git a/tunnel/intercept/iputils.go b/tunnel/intercept/iputils.go
@@ -82,6 +82,11 @@ func getDnsIp(host string, addrCB func(*net.IPNet, bool), svc *entities.Service,
 	defer dnsCurrentIpMtx.Unlock()
 	var ip netip.Addr
 
+	foundIP, found := resolver.LookupIP(host + ".")
+	if found {
+		return foundIP, nil
+	}
+
 	// look for returned IPs first
 	if dnsRecycledIps.Len() > 0 {
 		e := dnsRecycledIps.Front()