'use strict'; const { isIP } = require('node:net'); const { lookup } = require('node:dns'); const DecoratorHandler = require('../handler/decorator-handler'); const { InvalidArgumentError, InformationalError } = require('../core/errors'); const maxInt = Math.pow(2, 31) - 1; class DNSInstance { #maxTTL = 0; #maxItems = 0; #records = new Map(); dualStack = true; affinity = null; lookup = null; pick = null; constructor(opts) { this.#maxTTL = opts.maxTTL; this.#maxItems = opts.maxItems; this.dualStack = opts.dualStack; this.affinity = opts.affinity; this.lookup = opts.lookup ?? this.#defaultLookup; this.pick = opts.pick ?? this.#defaultPick; } get full() { return this.#records.size === this.#maxItems; } runLookup(origin, opts, cb) { const ips = this.#records.get(origin.hostname); // If full, we just return the origin if (ips == null && this.full) { cb(null, origin); return; } const newOpts = { affinity: this.affinity, dualStack: this.dualStack, lookup: this.lookup, pick: this.pick, ...opts.dns, maxTTL: this.#maxTTL, maxItems: this.#maxItems, }; // If no IPs we lookup if (ips == null) { this.lookup(origin, newOpts, (err, addresses) => { if (err || addresses == null || addresses.length === 0) { cb(err ?? new InformationalError('No DNS entries found')); return; } this.setRecords(origin, addresses); const records = this.#records.get(origin.hostname); const ip = this.pick(origin, records, newOpts.affinity); let port; if (typeof ip.port === 'number') { port = `:${ip.port}`; } else if (origin.port !== '') { port = `:${origin.port}`; } else { port = ''; } cb( null, new URL( `${origin.protocol}//${ ip.family === 6 ? `[${ip.address}]` : ip.address }${port}` ) ); }); } else { // If there's IPs we pick const ip = this.pick(origin, ips, newOpts.affinity); // If no IPs we lookup - deleting old records if (ip == null) { this.#records.delete(origin.hostname); this.runLookup(origin, opts, cb); return; } let port; if (typeof ip.port === 'number') { port = `:${ip.port}`; } else if (origin.port !== '') { port = `:${origin.port}`; } else { port = ''; } cb( null, new URL( `${origin.protocol}//${ ip.family === 6 ? `[${ip.address}]` : ip.address }${port}` ) ); } } #defaultLookup(origin, opts, cb) { lookup( origin.hostname, { all: true, family: this.dualStack === false ? this.affinity : 0, order: 'ipv4first', }, (err, addresses) => { if (err) { return cb(err); } const results = new Map(); for (const addr of addresses) { // On linux we found duplicates, we attempt to remove them with // the latest record results.set(`${addr.address}:${addr.family}`, addr); } cb(null, results.values()); } ); } #defaultPick(origin, hostnameRecords, affinity) { let ip = null; const { records, offset } = hostnameRecords; let family; if (this.dualStack) { if (affinity == null) { // Balance between ip families if (offset == null || offset === maxInt) { hostnameRecords.offset = 0; affinity = 4; } else { hostnameRecords.offset++; affinity = (hostnameRecords.offset & 1) === 1 ? 6 : 4; } } if (records[affinity] != null && records[affinity].ips.length > 0) { family = records[affinity]; } else { family = records[affinity === 4 ? 6 : 4]; } } else { family = records[affinity]; } // If no IPs we return null if (family == null || family.ips.length === 0) { return ip; } if (family.offset == null || family.offset === maxInt) { family.offset = 0; } else { family.offset++; } const position = family.offset % family.ips.length; ip = family.ips[position] ?? null; if (ip == null) { return ip; } if (Date.now() - ip.timestamp > ip.ttl) { // record TTL is already in ms // We delete expired records // It is possible that they have different TTL, so we manage them individually family.ips.splice(position, 1); return this.pick(origin, hostnameRecords, affinity); } return ip; } pickFamily(origin, ipFamily) { const records = this.#records.get(origin.hostname)?.records; if (!records) { return null; } const family = records[ipFamily]; if (!family) { return null; } if (family.offset == null || family.offset === maxInt) { family.offset = 0; } else { family.offset++; } const position = family.offset % family.ips.length; const ip = family.ips[position] ?? null; if (ip == null) { return ip; } if (Date.now() - ip.timestamp > ip.ttl) { // record TTL is already in ms // We delete expired records // It is possible that they have different TTL, so we manage them individually family.ips.splice(position, 1); } return ip; } setRecords(origin, addresses) { const timestamp = Date.now(); const records = { records: { 4: null, 6: null } }; for (const record of addresses) { record.timestamp = timestamp; if (typeof record.ttl === 'number') { // The record TTL is expected to be in ms record.ttl = Math.min(record.ttl, this.#maxTTL); } else { record.ttl = this.#maxTTL; } const familyRecords = records.records[record.family] ?? { ips: [] }; familyRecords.ips.push(record); records.records[record.family] = familyRecords; } this.#records.set(origin.hostname, records); } deleteRecords(origin) { this.#records.delete(origin.hostname); } getHandler(meta, opts) { return new DNSDispatchHandler(this, meta, opts); } } class DNSDispatchHandler extends DecoratorHandler { #state = null; #opts = null; #dispatch = null; #origin = null; #controller = null; #newOrigin = null; #firstTry = true; constructor(state, { origin, handler, dispatch, newOrigin }, opts) { super(handler); this.#origin = origin; this.#newOrigin = newOrigin; this.#opts = { ...opts }; this.#state = state; this.#dispatch = dispatch; } onResponseError(controller, err) { switch (err.code) { case 'ETIMEDOUT': case 'ECONNREFUSED': { if (this.#state.dualStack) { if (!this.#firstTry) { super.onResponseError(controller, err); return; } this.#firstTry = false; // Pick an ip address from the other family const otherFamily = this.#newOrigin.hostname[0] === '[' ? 4 : 6; const ip = this.#state.pickFamily(this.#origin, otherFamily); if (ip == null) { super.onResponseError(controller, err); return; } let port; if (typeof ip.port === 'number') { port = `:${ip.port}`; } else if (this.#origin.port !== '') { port = `:${this.#origin.port}`; } else { port = ''; } const dispatchOpts = { ...this.#opts, origin: `${this.#origin.protocol}//${ ip.family === 6 ? `[${ip.address}]` : ip.address }${port}`, }; this.#dispatch(dispatchOpts, this); return; } // if dual-stack disabled, we error out super.onResponseError(controller, err); break; } case 'ENOTFOUND': this.#state.deleteRecords(this.#origin); super.onResponseError(controller, err); break; default: super.onResponseError(controller, err); break; } } } module.exports = (interceptorOpts) => { if ( interceptorOpts?.maxTTL != null && (typeof interceptorOpts?.maxTTL !== 'number' || interceptorOpts?.maxTTL < 0) ) { throw new InvalidArgumentError('Invalid maxTTL. Must be a positive number'); } if ( interceptorOpts?.maxItems != null && (typeof interceptorOpts?.maxItems !== 'number' || interceptorOpts?.maxItems < 1) ) { throw new InvalidArgumentError( 'Invalid maxItems. Must be a positive number and greater than zero' ); } if ( interceptorOpts?.affinity != null && interceptorOpts?.affinity !== 4 && interceptorOpts?.affinity !== 6 ) { throw new InvalidArgumentError('Invalid affinity. Must be either 4 or 6'); } if ( interceptorOpts?.dualStack != null && typeof interceptorOpts?.dualStack !== 'boolean' ) { throw new InvalidArgumentError('Invalid dualStack. Must be a boolean'); } if ( interceptorOpts?.lookup != null && typeof interceptorOpts?.lookup !== 'function' ) { throw new InvalidArgumentError('Invalid lookup. Must be a function'); } if ( interceptorOpts?.pick != null && typeof interceptorOpts?.pick !== 'function' ) { throw new InvalidArgumentError('Invalid pick. Must be a function'); } const dualStack = interceptorOpts?.dualStack ?? true; let affinity; if (dualStack) { affinity = interceptorOpts?.affinity ?? null; } else { affinity = interceptorOpts?.affinity ?? 4; } const opts = { maxTTL: interceptorOpts?.maxTTL ?? 10e3, // Expressed in ms lookup: interceptorOpts?.lookup ?? null, pick: interceptorOpts?.pick ?? null, dualStack, affinity, maxItems: interceptorOpts?.maxItems ?? Infinity, }; const instance = new DNSInstance(opts); return (dispatch) => { return function dnsInterceptor(origDispatchOpts, handler) { const origin = origDispatchOpts.origin.constructor === URL ? origDispatchOpts.origin : new URL(origDispatchOpts.origin); if (isIP(origin.hostname) !== 0) { return dispatch(origDispatchOpts, handler); } instance.runLookup(origin, origDispatchOpts, (err, newOrigin) => { if (err) { return handler.onResponseError(null, err); } const dispatchOpts = { ...origDispatchOpts, servername: origin.hostname, // For SNI on TLS origin: newOrigin.origin, headers: { host: origin.host, ...origDispatchOpts.headers, }, }; dispatch( dispatchOpts, instance.getHandler( { origin, dispatch, handler, newOrigin }, origDispatchOpts ) ); }); return true; }; }; };