Add support for DoT to DNS probes (#643)

author André Cruz <andre@cabine.org>

Wed, 17 Jun 2020 13:59:50 +0000 (14:59 +0100)

committer GitHub <noreply@github.com>

Wed, 17 Jun 2020 13:59:50 +0000 (14:59 +0100)
author André Cruz <andre@cabine.org>
Wed, 17 Jun 2020 13:59:50 +0000 (14:59 +0100)
committer GitHub <noreply@github.com>
Wed, 17 Jun 2020 13:59:50 +0000 (14:59 +0100)
diff --git a/CONFIGURATION.md b/CONFIGURATION.md

index f20707faae45c79bc8093fbf437f2fc19faa15b1..2d7fe5fb6f13f62a6949ac494f692b4ccbef1c81 100644 (file)
--- a/CONFIGURATION.md
+++ b/CONFIGURATION.md
@@ -153,6 +153,9 @@ tls_config:
  
  [ transport_protocol: <string> | default = "udp" ] # udp, tcp
  
+# Whether to use DNS over TLS. This only works with TCP.
+[ dns_over_tls: <boolean | default = false> ]
+
  query_name: <string>
  
  [ query_type: <string> | default = "ANY" ]
diff --git a/config/config.go b/config/config.go

index 3fddb3c52a3e31f587f498e6e00ab8846a519e89..a13468017ebcddde621296b3a6976ae430f9940a 100644 (file)
--- a/config/config.go
+++ b/config/config.go
@@ -174,6 +174,7 @@ type ICMPProbe struct {
  type DNSProbe struct {
         IPProtocol         string         `yaml:"preferred_ip_protocol,omitempty"`
         IPProtocolFallback bool           `yaml:"ip_protocol_fallback,omitempty"`
+       DNSOverTLS         bool           `yaml:"dns_over_tls,omitempty"`
         SourceIPAddress    string         `yaml:"source_ip_address,omitempty"`
         TransportProtocol  string         `yaml:"transport_protocol,omitempty"`
         QueryClass         string         `yaml:"query_class,omitempty"` // Defaults to IN.
diff --git a/prober/dns.go b/prober/dns.go

index edb5b28203222bc2aeadc825b9e25cc73de429ac..a69a7812304a35c2f0f39e95499153d281a2caa7 100644 (file)
--- a/prober/dns.go
+++ b/prober/dns.go
@@ -190,6 +190,15 @@ func ProbeDNS(ctx context.Context, target string, module config.Module, registry
                 dialProtocol = module.DNS.TransportProtocol + "4"
         }
  
+       if module.DNS.DNSOverTLS {
+               if module.DNS.TransportProtocol == "tcp" {
+                       dialProtocol += "-tls"
+               } else {
+                       level.Error(logger).Log("msg", "Configuration error: Expected transport protocol tcp for DoT", "protocol", module.DNS.TransportProtocol)
+                       return false
+               }
+       }
+
         client := new(dns.Client)
         client.Net = dialProtocol
author	André Cruz <andre@cabine.org>
	Wed, 17 Jun 2020 13:59:50 +0000 (14:59 +0100)
committer	GitHub <noreply@github.com>
	Wed, 17 Jun 2020 13:59:50 +0000 (14:59 +0100)
CONFIGURATION.md		patch \| blob \| blame \| history
config/config.go		patch \| blob \| blame \| history
prober/dns.go		patch \| blob \| blame \| history