Allow disable cookie

shawn1m · shawn1m · commit 3872a5003e8c · 2018-12-09T18:48:16.000+08:00
diff --git a/README.md b/README.md
@@ -85,7 +85,8 @@ Configuration file is "config.json" by default:
       "Timeout": 6,
       "EDNSClientSubnet": {
         "Policy": "disable",
-        "ExternalIP": ""
+        "ExternalIP": "",
+        "NoCookie": true
       }
     }
   ],
@@ -98,7 +99,8 @@ Configuration file is "config.json" by default:
       "Timeout": 6,
       "EDNSClientSubnet": {
         "Policy": "disable",
-        "ExternalIP": ""
+        "ExternalIP": "",
+        "NoCookie": true
       }
     }
   ],
@@ -135,6 +137,7 @@ IPv6). Overture will handle both TCP and UDP requests. Literal IPv6 addresses ar
             + `manual`: Use external IP if this field is not empty, otherwise use client IP if it is not reserved IP.
             + `disable`: Disable this feature.
         + ExternalIP: If this field is empty, ECS will be disabled when the inbound IP is not an external IP.
+        + NoCookie: Disable cookie.
 + OnlyPrimaryDNS: Disable dispatcher feature, use primary DNS only.
 + IPv6UseAlternativeDNS: Redirect IPv6 DNS queries to alternative DNS servers.
 + File: Absolute path like `/path/to/file` is allowed. For Windows users, please use properly escaped path like
diff --git a/config.sample.json b/config.sample.json
@@ -9,7 +9,8 @@
       "Timeout": 6,
       "EDNSClientSubnet": {
         "Policy": "disable",
-        "ExternalIP": ""
+        "ExternalIP": "",
+        "NoCookie": true
       }
     }
   ],
@@ -22,7 +23,8 @@
       "Timeout": 6,
       "EDNSClientSubnet": {
         "Policy": "disable",
-        "ExternalIP": ""
+        "ExternalIP": "",
+        "NoCookie": true
       }
     }
   ],
diff --git a/config.test.json b/config.test.json
@@ -9,7 +9,8 @@
       "Timeout": 6,
       "EDNSClientSubnet": {
         "Policy": "disable",
-        "ExternalIP": ""
+        "ExternalIP": "",
+        "NoCookie": true
       }
     }
   ],
@@ -22,7 +23,8 @@
       "Timeout": 6,
       "EDNSClientSubnet": {
         "Policy": "disable",
-        "ExternalIP": ""
+        "ExternalIP": "",
+        "NoCookie": true
       }
     }
   ],
diff --git a/core/common/edns.go b/core/common/edns.go
@@ -9,9 +9,10 @@ import (
 type EDNSClientSubnetType struct {
 	Policy     string
 	ExternalIP string
+	NoCookie   bool
 }
 
-func SetEDNSClientSubnet(m *dns.Msg, ip string) {
+func SetEDNSClientSubnet(m *dns.Msg, ip string, isNoCookie bool) {
 
 	if ip == "" {
 		return
@@ -40,6 +41,19 @@ func SetEDNSClientSubnet(m *dns.Msg, ip string) {
 		}
 		es.SourceScope = 0
 		o.Option = append(o.Option, es)
+		if isNoCookie {
+			deleteCookie(o)
+		}
+	}
+}
+
+func deleteCookie(o *dns.OPT) {
+
+	for i, e0 := range o.Option {
+		switch e0.(type) {
+		case *dns.EDNS0_COOKIE:
+			o.Option = append(o.Option[:i], o.Option[i+1:]...)
+		}
 	}
 }
 
diff --git a/core/outbound/client.go b/core/outbound/client.go
@@ -55,7 +55,7 @@ func (c *Client) getEDNSClientSubnetIP() {
 
 func (c *Client) ExchangeFromRemote(isCache bool, isLog bool) {
 
-	common.SetEDNSClientSubnet(c.QuestionMessage, c.EDNSClientSubnetIP)
+	common.SetEDNSClientSubnet(c.QuestionMessage, c.EDNSClientSubnetIP, c.DNSUpstream.EDNSClientSubnet.NoCookie)
 	c.EDNSClientSubnetIP = common.GetEDNSClientSubnetIP(c.QuestionMessage)
 
 	var conn net.Conn

Original file line number	Diff line number	Diff line change
`@@ -9,7 +9,8 @@`
`9`	`9`	`"Timeout": 6,`
`10`	`10`	`"EDNSClientSubnet": {`
`11`	`11`	`"Policy": "disable",`
`12`		`- "ExternalIP": ""`
	`12`	`+ "ExternalIP": "",`
	`13`	`+ "NoCookie": true`
`13`	`14`	`}`
`14`	`15`	`}`
`15`	`16`	`],`
`@@ -22,7 +23,8 @@`
`22`	`23`	`"Timeout": 6,`
`23`	`24`	`"EDNSClientSubnet": {`
`24`	`25`	`"Policy": "disable",`
`25`		`- "ExternalIP": ""`
	`26`	`+ "ExternalIP": "",`
	`27`	`+ "NoCookie": true`
`26`	`28`	`}`
`27`	`29`	`}`
`28`	`30`	`],`