Adding support for DNS over TLS (DOT) & Some bug fixes

client.go

@@ -16,6 +16,7 @@ import (
 	"github.com/projectdiscovery/iputil"
 	"github.com/projectdiscovery/retryabledns/doh"
 	"github.com/projectdiscovery/retryabledns/hostsfile"
+	"github.com/projectdiscovery/retryablehttp-go"
 )
 
 func init() {
@@ -28,8 +29,10 @@ type Client struct {
 	options      Options
 	serversIndex uint32
 	TCPFallback  bool
+	udpClient    *dns.Client
 	tcpClient    *dns.Client
 	dohClient    *doh.Client
+	dotClient    *dns.Client
 	knownHosts   map[string][]string
 }
 
@@ -45,11 +48,19 @@ func NewWithOptions(options Options) *Client {
 	if options.Hostsfile {
 		knownHosts, _ = hostsfile.ParseDefault()
 	}
+	httpOptions := retryablehttp.DefaultOptionsSingle
+	httpOptions.Timeout = options.Timeout
 	client := Client{
-		options:    options,
-		resolvers:  parsedBaseResolvers,
-		tcpClient:  &dns.Client{Net: TCP.String(), Timeout: options.Timeout},
-		dohClient:  doh.New(),
+		options:   options,
+		resolvers: parsedBaseResolvers,
+		udpClient: &dns.Client{Net: "", Timeout: options.Timeout},
+		tcpClient: &dns.Client{Net: TCP.String(), Timeout: options.Timeout},
+		dohClient: doh.NewWithOptions(
+			doh.Options{
+				HttpClient: retryablehttp.NewClient(httpOptions),
+			},
+		),
+		dotClient:  &dns.Client{Net: "tcp-tls", Timeout: options.Timeout},
 		knownHosts: knownHosts,
 	}
 	return &client
@@ -94,10 +105,16 @@ func (c *Client) Do(msg *dns.Msg) (*dns.Msg, error) {
 			case TCP:
 				resp, _, err = c.tcpClient.Exchange(msg, resolver.String())
 			case UDP:
-				resp, err = dns.Exchange(msg, resolver.String())
+				resp, _, err = c.udpClient.Exchange(msg, resolver.String())
+			case DOT:
+				resp, _, err = c.dotClient.Exchange(msg, resolver.String())
 			}
 		case *DohResolver:
-			resp, err = c.dohClient.QueryWithDOHMsg(doh.Method(r.Method()), doh.Resolver{URL: r.URL}, msg)
+			method := doh.MethodPost
+			if r.Protocol == GET {
+				method = doh.MethodGet
+			}
+			resp, err = c.dohClient.QueryWithDOHMsg(method, doh.Resolver{URL: r.URL}, msg)
 		}
 
 		if err != nil || resp == nil {
@@ -219,7 +236,9 @@ func (c *Client) QueryMultiple(host string, requestTypes []uint16) (*DNSData, er
 				case TCP:
 					resp, _, err = c.tcpClient.Exchange(msg, resolver.String())
 				case UDP:
-					resp, err = dns.Exchange(msg, resolver.String())
+					resp, _, err = c.udpClient.Exchange(msg, resolver.String())
+				case DOT:
+					resp, _, err = c.dotClient.Exchange(msg, resolver.String())
 				}
 			case *DohResolver:
 				method := doh.MethodPost

client_test.go

@@ -33,6 +33,16 @@ func TestDOH(t *testing.T) {
 	require.True(t, len(d.A) > 0)
 }
 
+func TestDOT(t *testing.T) {
+	client := New([]string{"dot:dns.google:853", "dot:1dot1dot1dot1.cloudflare-dns.com"}, 5)
+
+	d, err := client.QueryMultiple("example.com", []uint16{dns.TypeA})
+	require.Nil(t, err)
+
+	// From current dig result
+	require.True(t, len(d.A) > 0)
+}
+
 func TestQueryMultiple(t *testing.T) {
 	client := New([]string{"8.8.8.8:53", "1.1.1.1:53"}, 5)
 

doh/doh_client.go

@@ -18,11 +18,11 @@ type Client struct {
 }
 
 func NewWithOptions(options Options) *Client {
-	return &Client{DefaultResolver: options.DefaultResolver, httpClient: options.httpClient}
+	return &Client{DefaultResolver: options.DefaultResolver, httpClient: options.HttpClient}
 }
 
 func New() *Client {
-	return NewWithOptions(Options{DefaultResolver: Cloudflare, httpClient: retryablehttp.NewClient(retryablehttp.DefaultOptionsSingle)})
+	return NewWithOptions(Options{DefaultResolver: Cloudflare, HttpClient: retryablehttp.NewClient(retryablehttp.DefaultOptionsSingle)})
 }
 
 func (c *Client) Query(name string, question QuestionType) (*Response, error) {

doh/options.go

@@ -9,7 +9,7 @@ import (
 
 type Options struct {
 	DefaultResolver Resolver
-	httpClient      *retryablehttp.Client
+	HttpClient      *retryablehttp.Client
 }
 
 type Resolver struct {

resolver.go

@@ -13,6 +13,7 @@ const (
 	UDP Protocol = iota
 	TCP
 	DOH
+	DOT
 )
 
 func (p Protocol) String() string {
@@ -23,6 +24,8 @@ func (p Protocol) String() string {
 		return "udp"
 	case TCP:
 		return "tcp"
+	case DOT:
+		return "dot"
 	}
 
 	return ""
@@ -89,12 +92,14 @@ func (r DohResolver) String() string {
 }
 
 func parseResolver(r string) (resolver Resolver) {
-	isTcp, isUDP, isDoh := hasProtocol(r, TCP.StringWithSemicolon()), hasProtocol(r, UDP.StringWithSemicolon()), hasProtocol(r, DOH.StringWithSemicolon())
+	isTcp, isUDP, isDoh, isDot := hasProtocol(r, TCP.StringWithSemicolon()), hasProtocol(r, UDP.StringWithSemicolon()), hasProtocol(r, DOH.StringWithSemicolon()), hasProtocol(r, DOT.StringWithSemicolon())
 	rNetworkTokens := trimProtocol(r)
-	if isTcp || isUDP {
+	if isTcp || isUDP || isDot {
 		networkResolver := &NetworkResolver{Protocol: UDP}
 		if isTcp {
 			networkResolver.Protocol = TCP
+		} else if isDot {
+			networkResolver.Protocol = DOT
 		}
 		parseHostPort(networkResolver, rNetworkTokens)
 		resolver = networkResolver
@@ -123,7 +128,11 @@ func parseHostPort(networkResolver *NetworkResolver, r string) {
 		networkResolver.Port = port
 	} else {
 		networkResolver.Host = r
-		networkResolver.Port = "53"
+		if networkResolver.Protocol == DOT {
+			networkResolver.Port = "853"
+		} else {
+			networkResolver.Port = "53"
+		}
 	}
 }
 
@@ -136,7 +145,7 @@ func hasDohProtocol(resolver, protocol string) bool {
 }
 
 func trimProtocol(resolver string) string {
-	return stringsutil.TrimPrefixAny(resolver, TCP.StringWithSemicolon(), UDP.StringWithSemicolon(), DOH.StringWithSemicolon())
+	return stringsutil.TrimPrefixAny(resolver, TCP.StringWithSemicolon(), UDP.StringWithSemicolon(), DOH.StringWithSemicolon(), DOT.StringWithSemicolon())
 }
 
 func trimDohProtocol(resolver string) string {