feat: support custom DoH resolvers#8068
Conversation
|
seems like |
685bd0d to
45b9be5
Compare
|
squashed the gomod dep update commits. |
aschmahmann
left a comment
There was a problem hiding this comment.
Overall looking good, left a few comments/questions.
There's also a DNS usage to update here https://github.com/ipfs/go-ipfs/blob/ef866a1400b3b2861e5e8b6cc9edc8633b890a0a/core/commands/swarm.go#L491
|
I'll give it a rebase to resolve the conflicts in |
e4537b2 to
40cbf8b
Compare
|
gave it a rebase, resolved the conflict, and squashed a few commits. |
| func Offline(cfg *config.Config) fx.Option { | ||
| return fx.Options( | ||
| fx.Provide(offline.Exchange), | ||
| fx.Provide(DNSResolver), |
There was a problem hiding this comment.
This preserves existing behavior. @Stebalien Is this the correct behavior, or would we want some nilDNSResolver here?
There was a problem hiding this comment.
Yes, we should use the nilDNSResolver. I'd consider this a bug fix.
There was a problem hiding this comment.
But we can also punt to a second PR.
There was a problem hiding this comment.
It's pretty easy to do, so I can do it here.
There was a problem hiding this comment.
undone, as it is a behaviour change that leads to a regression; we can easily consider it in a follow up pr.
|
This needs some config documentation ( Related: consider an upgrade path to DNS over TLS, and maybe even DNS over libp2p. |
|
sure, I'll add some documentation.
Upgrade path could be very easy by using the appropriate url scheme -- eg
`tls:` or `libp2p:`.
…On Mon, Apr 12, 2021, 23:16 Steven Allen ***@***.***> wrote:
This needs some config documentation (config.md). Especially, how do we
format DoH addresses?
Related: consider an upgrade path to DNS over TLS, and maybe even DNS over
libp2p.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#8068 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAAI4SX6DETLPCLRG7BVBMTTINILNANCNFSM42ZCEYHA>
.
|
There was a problem hiding this comment.
- We most likely will accept Multiadrs and URLs for DNS resolver endpoints,
but for now onlyhttps://URL with DoH endpoint will be used in practice (Brave, ENS). Multiaddr support can be added later. - I requested config changes in ipfs/go-ipfs-config#126 (comment) / ipfs/go-ipfs-config#126 (review), it also includes example which we could re-use in docs.
lidel
left a comment
There was a problem hiding this comment.
This is taking a nice shape 👍
I tweaked docs + left some inline comments regarding implicit defaults.
(I believe we should include implicit defaults in this PR, so we can then simply remove special-casing of eth in go-namesys and be done with it)
There was a problem hiding this comment.
Took this for a spin and works as expected 🚀
Only remaining ask is to add DNS record cache and make config bit more flexible (details below and inline)
DNS Cache
I think we need to add cache – DoH lookups are too expensive (~1 second each) for this to be useful for loading websites (each subresource would be slowed down by this). I filled multiformats/go-multiaddr-dns#28 for this, because we should have a global cache, and that seems like a good home for it.
Config
- it should be possible to disable implicit default by setting value to "" (we need this, so people can run cleartext ENS resolver on localhost)
{}needs more work – details inline
fb908f6 to
66afda4
Compare
|
DoH resolver cache implementation in libp2p/go-doh-resolver#3 |
|
there is a failing sharness test, not sure if it is related: |
047ec45 to
d78cb68
Compare
|
Updated deps to |
|
Updated for the changes in the namesys constructor api. |
- document implicit defaults for eth and crypto TLDs - be very honest and link to ToS of cloudflare-eth.com - provide suggestion that one should run own resolver if they really care about decentralization
License: MIT Signed-off-by: vyzo <vyzo@hackzen.org>
b79689b to
75e0141
Compare
|
Updated to a released go-libp2p & go-ipfs-config. |
Closes #6532
Closes #6915
Closes #3942
Closes #2934
Depends on: