net/dns: support GetBaseConfig on Darwin OSS tailscaled (#13351)

Updates tailscale/tailscale#177 It appears that the OSS distribution of `tailscaled` is currently unable to get the current system base DNS configuration, as GetBaseConfig() in manager_darwin.go is unimplemented. This PR adds a basic implementation that reads the current values in `/etc/resolv.conf`, to at least unblock DNS resolution via Quad100 if `--accept-dns` is enabled. Signed-off-by: Andrea Gottardo <andrea@gottardo.me>
3 months ago · 0112da6070
parent 1fc4268aea
commit 0112da6070
1 changed files with 31 additions and 1 deletions
--- a/net/dns/manager_darwin.go
+++ b/net/dns/manager_darwin.go
@ -10,6 +10,8 @@ import (
 	"go4.org/mem"
 	"tailscale.com/control/controlknobs"
 	"tailscale.com/health"
+	"tailscale.com/net/dns/resolvconffile"
+	"tailscale.com/net/tsaddr"
 	"tailscale.com/types/logger"
 	"tailscale.com/util/mak"
 )
@ -83,8 +85,36 @@ func (c *darwinConfigurator) SetDNS(cfg OSConfig) error {
 	return c.removeResolverFiles(func(domain string) bool { return !keep[domain] })
 }

+// GetBaseConfig returns the current OS DNS configuration, extracting it from /etc/resolv.conf.
+// We should really be using the SystemConfiguration framework to get this information, as this
+// is not a stable public API, and is provided mostly as a compatibility effort with Unix
+// tools. Apple might break this in the future. But honestly, parsing the output of `scutil --dns`
+// is *even more* likely to break in the future.
 func (c *darwinConfigurator) GetBaseConfig() (OSConfig, error) {
-	return OSConfig{}, ErrGetBaseConfigNotSupported
+	cfg := OSConfig{}
+
+	resolvConf, err := resolvconffile.ParseFile("/etc/resolv.conf")
+	if err != nil {
+		c.logf("failed to parse /etc/resolv.conf: %v", err)
+		return cfg, ErrGetBaseConfigNotSupported
+	}
+
+	for _, ns := range resolvConf.Nameservers {
+		if ns == tsaddr.TailscaleServiceIP() || ns == tsaddr.TailscaleServiceIPv6() {
+			// If we find Quad100 in /etc/resolv.conf, we should ignore it
+			c.logf("ignoring 100.100.100.100 resolver IP found in /etc/resolv.conf")
+			continue
+		}
+		cfg.Nameservers = append(cfg.Nameservers, ns)
+	}
+	cfg.SearchDomains = resolvConf.SearchDomains
+
+	if len(cfg.Nameservers) == 0 {
+		// Log a warning in case we couldn't find any nameservers in /etc/resolv.conf.
+		c.logf("no nameservers found in /etc/resolv.conf, DNS resolution might fail")
+	}
+
+	return cfg, nil
 }

 const macResolverFileHeader = "# Added by tailscaled\n"