Export DNS resolver

Author: nekohasekai

control/controlclient/direct.go

@@ -156,6 +156,8 @@ type Options struct {
 	// If we receive a new DialPlan from the server, this value will be
 	// updated.
 	DialPlan ControlDialPlanner
+
+	LookupHook dnscache.LookupHookFunc
 }
 
 // ControlDialPlanner is the interface optionally supplied when creating a
@@ -251,6 +253,7 @@ func NewDirect(opts Options) (*Direct, error) {
 		UseLastGood:      true,
 		LookupIPFallback: dnsfallback.MakeLookupFunc(opts.Logf, netMon),
 		Logf:             opts.Logf,
+		LookupHook:       opts.LookupHook,
 	}
 
 	httpc := opts.HTTPTestClient

ipn/ipnlocal/local.go

@@ -377,6 +377,8 @@ type LocalBackend struct {
 	// backend is healthy and captive portal detection is not required
 	// (sending false).
 	needsCaptiveDetection chan bool
+
+	lookupHook dnscache.LookupHookFunc
 }
 
 // HealthTracker returns the health tracker for the backend.
@@ -416,7 +418,7 @@ type clientGen func(controlclient.Options) (controlclient.Client, error)
 // but is not actually running.
 //
 // If dialer is nil, a new one is made.
-func NewLocalBackend(logf logger.Logf, logID logid.PublicID, sys *tsd.System, loginFlags controlclient.LoginFlags) (_ *LocalBackend, err error) {
+func NewLocalBackend(logf logger.Logf, logID logid.PublicID, sys *tsd.System, loginFlags controlclient.LoginFlags, lookupHook dnscache.LookupHookFunc) (_ *LocalBackend, err error) {
 	e := sys.Engine.Get()
 	store := sys.StateStore.Get()
 	dialer := sys.Dialer.Get()
@@ -2196,6 +2198,7 @@ func (b *LocalBackend) Start(opts ipn.Options) error {
 		// Don't warn about broken Linux IP forwarding when
 		// netstack is being used.
 		SkipIPForwardingCheck: isNetstack,
+		LookupHook:            b.lookupHook,
 	})
 	if err != nil {
 		return err

net/dnscache/dnscache.go

@@ -66,6 +66,8 @@ type Resolver struct {
 	// to use if Forward returns an error or no results.
 	LookupIPFallback func(ctx context.Context, host string) ([]netip.Addr, error)
 
+	LookupHook LookupHookFunc
+
 	// TTL is how long to keep entries cached
 	//
 	// If zero, a default (currently 10 minutes) is used.

net/dnscache/export.go

@@ -0,0 +1,8 @@
+package dnscache
+
+import (
+	"context"
+	"net/netip"
+)
+
+type LookupHookFunc func(ctx context.Context, host string) ([]netip.Addr, error)

tsnet/tsnet.go

@@ -11,6 +11,7 @@ import (
 	"encoding/hex"
 	"errors"
 	"fmt"
+	"github.com/sagernet/tailscale/net/dnscache"
 	"io"
 	"log"
 	"math"
@@ -120,6 +121,8 @@ type Server struct {
 	// field at zero unless you know what you are doing.
 	Port uint16
 
+	LookupHook      dnscache.LookupHookFunc
+
 	getCertForTesting func(*tls.ClientHelloInfo) (*tls.Certificate, error)
 
 	initOnce         sync.Once
@@ -595,7 +598,7 @@ func (s *Server) start() (reterr error) {
 	if s.Ephemeral {
 		loginFlags = controlclient.LoginEphemeral
 	}
-	lb, err := ipnlocal.NewLocalBackend(tsLogf, s.logid, sys, loginFlags|controlclient.LocalBackendStartKeyOSNeutral)
+	lb, err := ipnlocal.NewLocalBackend(tsLogf, s.logid, sys, loginFlags|controlclient.LocalBackendStartKeyOSNeutral, s.LookupHook)
 	if err != nil {
 		return fmt.Errorf("NewLocalBackend: %v", err)
 	}