Revert "Initial implementation of ForwardCRD plugin (#4512)" (#4981)

This reverts commit 2e6953c7db.
2025-11-01 02:33:14 -04:00 · 2021-11-12 13:19:16 -05:00
parent 2e6953c7db
commit 3288b111b2
22 changed files with 91 additions and 2471 deletions
--- a/plugin/forward/setup.go
+++ b/plugin/forward/setup.go
@@ -1,6 +1,8 @@
 package forward

 import (
+	"crypto/tls"
+	"errors"
 	"fmt"
 	"strconv"
 	"time"
@@ -9,7 +11,9 @@ import (
 	"github.com/coredns/coredns/core/dnsserver"
 	"github.com/coredns/coredns/plugin"
 	"github.com/coredns/coredns/plugin/dnstap"
+	"github.com/coredns/coredns/plugin/pkg/parse"
 	pkgtls "github.com/coredns/coredns/plugin/pkg/tls"
+	"github.com/coredns/coredns/plugin/pkg/transport"
 )

 func init() { plugin.Register("forward", setup) }
@@ -83,46 +87,90 @@ func parseForward(c *caddy.Controller) (*Forward, error) {
 }

 func parseStanza(c *caddy.Controller) (*Forward, error) {
-	cfg := ForwardConfig{}
+	f := New()

-	if !c.Args(&cfg.From) {
-		return nil, c.ArgErr()
+	if !c.Args(&f.from) {
+		return f, c.ArgErr()
+	}
+	origFrom := f.from
+	zones := plugin.Host(f.from).NormalizeExact()
+	f.from = zones[0] // there can only be one here, won't work with non-octet reverse
+
+	if len(zones) > 1 {
+		log.Warningf("Unsupported CIDR notation: '%s' expands to multiple zones. Using only '%s'.", origFrom, f.from)
 	}

-	cfg.To = c.RemainingArgs()
-	if len(cfg.To) == 0 {
-		return nil, c.ArgErr()
+	to := c.RemainingArgs()
+	if len(to) == 0 {
+		return f, c.ArgErr()
+	}
+
+	toHosts, err := parse.HostPortOrFile(to...)
+	if err != nil {
+		return f, err
+	}
+
+	transports := make([]string, len(toHosts))
+	allowedTrans := map[string]bool{"dns": true, "tls": true}
+	for i, host := range toHosts {
+		trans, h := parse.Transport(host)
+
+		if !allowedTrans[trans] {
+			return f, fmt.Errorf("'%s' is not supported as a destination protocol in forward: %s", trans, host)
+		}
+		p := NewProxy(h, trans)
+		f.proxies = append(f.proxies, p)
+		transports[i] = trans
 	}

 	for c.NextBlock() {
-		if err := parseBlock(c, &cfg); err != nil {
-			return nil, err
+		if err := parseBlock(c, f); err != nil {
+			return f, err
 		}
 	}

-	return NewWithConfig(cfg)
+	if f.tlsServerName != "" {
+		f.tlsConfig.ServerName = f.tlsServerName
+	}
+
+	// Initialize ClientSessionCache in tls.Config. This may speed up a TLS handshake
+	// in upcoming connections to the same TLS server.
+	f.tlsConfig.ClientSessionCache = tls.NewLRUClientSessionCache(len(f.proxies))
+
+	for i := range f.proxies {
+		// Only set this for proxies that need it.
+		if transports[i] == transport.TLS {
+			f.proxies[i].SetTLSConfig(f.tlsConfig)
+		}
+		f.proxies[i].SetExpire(f.expire)
+		f.proxies[i].health.SetRecursionDesired(f.opts.hcRecursionDesired)
+	}
+
+	return f, nil
 }

-func parseBlock(c *caddy.Controller, cfg *ForwardConfig) error {
+func parseBlock(c *caddy.Controller, f *Forward) error {
 	switch c.Val() {
 	case "except":
-		cfg.Except = c.RemainingArgs()
-		if len(cfg.Except) == 0 {
+		ignore := c.RemainingArgs()
+		if len(ignore) == 0 {
 			return c.ArgErr()
 		}
+		for i := 0; i < len(ignore); i++ {
+			f.ignored = append(f.ignored, plugin.Host(ignore[i]).NormalizeExact()...)
+		}
 	case "max_fails":
 		if !c.NextArg() {
 			return c.ArgErr()
 		}
-		n, err := strconv.ParseInt(c.Val(), 10, 32)
+		n, err := strconv.Atoi(c.Val())
 		if err != nil {
 			return err
 		}
 		if n < 0 {
 			return fmt.Errorf("max_fails can't be negative: %d", n)
 		}
-		maxFails := uint32(n)
-		cfg.MaxFails = &maxFails
+		f.maxfails = uint32(n)
 	case "health_check":
 		if !c.NextArg() {
 			return c.ArgErr()
@@ -131,12 +179,15 @@ func parseBlock(c *caddy.Controller, cfg *ForwardConfig) error {
 		if err != nil {
 			return err
 		}
-		cfg.HealthCheck = &dur
+		if dur < 0 {
+			return fmt.Errorf("health_check can't be negative: %d", dur)
+		}
+		f.hcInterval = dur

 		for c.NextArg() {
 			switch hcOpts := c.Val(); hcOpts {
 			case "no_rec":
-				cfg.HealthCheckNoRec = true
+				f.opts.hcRecursionDesired = false
 			default:
 				return fmt.Errorf("health_check: unknown option %s", hcOpts)
 			}
@@ -146,12 +197,12 @@ func parseBlock(c *caddy.Controller, cfg *ForwardConfig) error {
 		if c.NextArg() {
 			return c.ArgErr()
 		}
-		cfg.ForceTCP = true
+		f.opts.forceTCP = true
 	case "prefer_udp":
 		if c.NextArg() {
 			return c.ArgErr()
 		}
-		cfg.PreferUDP = true
+		f.opts.preferUDP = true
 	case "tls":
 		args := c.RemainingArgs()
 		if len(args) > 3 {
@@ -162,12 +213,12 @@ func parseBlock(c *caddy.Controller, cfg *ForwardConfig) error {
 		if err != nil {
 			return err
 		}
-		cfg.TLSConfig = tlsConfig
+		f.tlsConfig = tlsConfig
 	case "tls_servername":
 		if !c.NextArg() {
 			return c.ArgErr()
 		}
-		cfg.TLSServerName = c.Val()
+		f.tlsServerName = c.Val()
 	case "expire":
 		if !c.NextArg() {
 			return c.ArgErr()
@@ -176,12 +227,24 @@ func parseBlock(c *caddy.Controller, cfg *ForwardConfig) error {
 		if err != nil {
 			return err
 		}
-		cfg.Expire = &dur
+		if dur < 0 {
+			return fmt.Errorf("expire can't be negative: %s", dur)
+		}
+		f.expire = dur
 	case "policy":
 		if !c.NextArg() {
 			return c.ArgErr()
 		}
-		cfg.Policy = c.Val()
+		switch x := c.Val(); x {
+		case "random":
+			f.p = &random{}
+		case "round_robin":
+			f.p = &roundRobin{}
+		case "sequential":
+			f.p = &sequential{}
+		default:
+			return c.Errf("unknown policy '%s'", x)
+		}
 	case "max_concurrent":
 		if !c.NextArg() {
 			return c.ArgErr()
@@ -190,8 +253,11 @@ func parseBlock(c *caddy.Controller, cfg *ForwardConfig) error {
 		if err != nil {
 			return err
 		}
-		maxConcurrent := int64(n)
-		cfg.MaxConcurrent = &maxConcurrent
+		if n < 0 {
+			return fmt.Errorf("max_concurrent can't be negative: %d", n)
+		}
+		f.ErrLimitExceeded = errors.New("concurrent queries exceeded maximum " + c.Val())
+		f.maxConcurrent = int64(n)

 	default:
 		return c.Errf("unknown property '%s'", c.Val())