resolver/factory.go

package resolver

import (
	"crypto/tls"
	"crypto/x509"
	"errors"
	"net"
	"net/http"
	"net/url"
	"strings"
	"time"

	"github.com/ncruces/go-dns"
)

func FromURL(u string, caPool *x509.CertPool) (*net.Resolver, error) {
begin:
	parsed, err := url.Parse(u)
	if err != nil {
		return nil, err
	}
	host := parsed.Hostname()
	port := parsed.Port()
	switch scheme := strings.ToLower(parsed.Scheme); scheme {
	case "":
		switch {
		case strings.HasPrefix(u, "//"):
			u = "dns:" + u
		default:
			u = "dns://" + u
		}
		goto begin
	case "udp", "dns":
		if port == "" {
			port = "53"
		}
		return NewPlainResolver(net.JoinHostPort(host, port)), nil
	case "tcp":
		if port == "" {
			port = "53"
		}
		return NewTCPResolver(net.JoinHostPort(host, port)), nil
	case "http", "https", "doh":
		if port == "" {
			if scheme == "http" {
				port = "80"
			} else {
				port = "443"
			}
		}
		if scheme == "doh" {
			parsed.Scheme = "https"
			u = parsed.String()
		}
		return dns.NewDoHResolver(u,
			dns.DoHAddresses(net.JoinHostPort(host, port)),
			dns.DoHTransport(&http.Transport{
				MaxIdleConns:        http.DefaultMaxIdleConnsPerHost,
				IdleConnTimeout:     90 * time.Second,
				TLSHandshakeTimeout: 10 * time.Second,
				ForceAttemptHTTP2:   true,
				TLSClientConfig: &tls.Config{
					RootCAs: caPool,
				},
			}),
		)
	case "tls", "dot":
		if port == "" {
			port = "853"
		}
		hp := net.JoinHostPort(host, port)
		return dns.NewDoTResolver(hp,
			dns.DoTAddresses(hp),
			dns.DoTConfig(&tls.Config{
				RootCAs: caPool,
			}),
		)
	default:
		return nil, errors.New("not implemented")
	}
}
Switch to lightweight secure DNS client 2025-08-12 19:38:17 +03:00			`package resolver`

			`import (`
use custom CA pool for DoT 2026-01-08 22:38:17 +02:00			`"crypto/tls"`
			`"crypto/x509"`
Switch to lightweight secure DNS client 2025-08-12 19:38:17 +03:00			`"errors"`
			`"net"`
use custom CA pool for DoH 2026-01-08 22:53:27 +02:00			`"net/http"`
Switch to lightweight secure DNS client 2025-08-12 19:38:17 +03:00			`"net/url"`
			`"strings"`
use custom CA pool for DoH 2026-01-08 22:53:27 +02:00			`"time"`
Switch to lightweight secure DNS client 2025-08-12 19:38:17 +03:00
			`"github.com/ncruces/go-dns"`
			`)`

use custom CA pool for DoT 2026-01-08 22:38:17 +02:00			`func FromURL(u string, caPool x509.CertPool) (net.Resolver, error) {`
resolver: fix empty scheme 2025-09-24 00:32:48 +03:00			`begin:`
Switch to lightweight secure DNS client 2025-08-12 19:38:17 +03:00			`parsed, err := url.Parse(u)`
			`if err != nil {`
			`return nil, err`
			`}`
resolver fix 2025-08-16 02:52:52 +03:00			`host := parsed.Hostname()`
			`port := parsed.Port()`
resolver: more liberal factory 2025-09-23 23:37:29 +03:00			`switch scheme := strings.ToLower(parsed.Scheme); scheme {`
resolver: fix empty scheme 2025-09-24 00:32:48 +03:00			`case "":`
			`switch {`
			`case strings.HasPrefix(u, "//"):`
			`u = "dns:" + u`
			`default:`
			`u = "dns://" + u`
			`}`
			`goto begin`
			`case "udp", "dns":`
Switch to lightweight secure DNS client 2025-08-12 19:38:17 +03:00			`if port == "" {`
			`port = "53"`
			`}`
			`return NewPlainResolver(net.JoinHostPort(host, port)), nil`
			`case "tcp":`
			`if port == "" {`
			`port = "53"`
			`}`
			`return NewTCPResolver(net.JoinHostPort(host, port)), nil`
resolver: more liberal factory 2025-09-23 23:37:29 +03:00			`case "http", "https", "doh":`
resolver fix 2025-08-16 02:52:52 +03:00			`if port == "" {`
resolver: more liberal factory 2025-09-23 23:37:29 +03:00			`if scheme == "http" {`
			`port = "80"`
			`} else {`
			`port = "443"`
			`}`
			`}`
			`if scheme == "doh" {`
			`parsed.Scheme = "https"`
			`u = parsed.String()`
resolver fix 2025-08-16 02:52:52 +03:00			`}`
use custom CA pool for DoH 2026-01-08 22:53:27 +02:00			`return dns.NewDoHResolver(u,`
			`dns.DoHAddresses(net.JoinHostPort(host, port)),`
			`dns.DoHTransport(&http.Transport{`
			`MaxIdleConns: http.DefaultMaxIdleConnsPerHost,`
			`IdleConnTimeout: 90 * time.Second,`
			`TLSHandshakeTimeout: 10 * time.Second,`
			`ForceAttemptHTTP2: true,`
			`TLSClientConfig: &tls.Config{`
			`RootCAs: caPool,`
			`},`
			`}),`
			`)`
resolver: more liberal factory 2025-09-23 23:37:29 +03:00			`case "tls", "dot":`
Switch to lightweight secure DNS client 2025-08-12 19:38:17 +03:00			`if port == "" {`
			`port = "853"`
			`}`
resolver fix 2025-08-16 02:52:52 +03:00			`hp := net.JoinHostPort(host, port)`
use custom CA pool for DoT 2026-01-08 22:38:17 +02:00			`return dns.NewDoTResolver(hp,`
			`dns.DoTAddresses(hp),`
			`dns.DoTConfig(&tls.Config{`
			`RootCAs: caPool,`
			`}),`
			`)`
Switch to lightweight secure DNS client 2025-08-12 19:38:17 +03:00			`default:`
			`return nil, errors.New("not implemented")`
			`}`
			`}`