Start intel package adjustments

2018-10-22 17:03:23 +02:00
parent b1cd19a8e8
commit bf55c1232d
14 changed files with 912 additions and 842 deletions
--- a/intel/clients.go
+++ b/intel/clients.go
@@ -0,0 +1,94 @@
+package intel
+
+import (
+	"crypto/tls"
+	"sync"
+	"time"
+
+	"github.com/miekg/dns"
+)
+
+type clientManager struct {
+	dnsClient *dns.Client
+	factory   func() *dns.Client
+
+	lock         sync.Mutex
+	refreshAfter time.Time
+	ttl          time.Duration // force refresh of connection to reduce traceability
+}
+
+// ref: https://godoc.org/github.com/miekg/dns#Client
+
+func newDNSClientManager(resolver *Resolver) *clientManager {
+	return &clientManager{
+		ttl: -1 * time.Minute,
+		factory: func() *dns.Client {
+			return &dns.Client{
+				Timeout: 5 * time.Second,
+			}
+		},
+	}
+}
+
+func newTCPClientManager(resolver *Resolver) *clientManager {
+	return &clientManager{
+		ttl: -15 * time.Minute,
+		factory: func() *dns.Client {
+			return &dns.Client{
+				Net:     "tcp",
+				Timeout: 5 * time.Second,
+			}
+		},
+	}
+}
+
+func newTLSClientManager(resolver *Resolver) *clientManager {
+	return &clientManager{
+		ttl: -15 * time.Minute,
+		factory: func() *dns.Client {
+			return &dns.Client{
+				Net: "tcp-tls",
+				TLSConfig: &tls.Config{
+					MinVersion: tls.VersionTLS12,
+					ServerName: resolver.VerifyDomain,
+					// TODO: use custom random
+					// Rand: io.Reader,
+				},
+				Timeout: 5 * time.Second,
+			}
+		},
+	}
+}
+
+func newHTTPSClientManager(resolver *Resolver) *clientManager {
+	return &clientManager{
+		ttl: -15 * time.Minute,
+		factory: func() *dns.Client {
+			new := &dns.Client{
+				Net: "https",
+				TLSConfig: &tls.Config{
+					MinVersion: tls.VersionTLS12,
+					// TODO: use custom random
+					// Rand: io.Reader,
+				},
+				Timeout: 5 * time.Second,
+			}
+			if resolver.VerifyDomain != "" {
+				new.TLSConfig.ServerName = resolver.VerifyDomain
+			}
+			return new
+		},
+	}
+}
+
+func (cm *clientManager) getDNSClient() *dns.Client {
+	cm.lock.Lock()
+	defer cm.lock.Unlock()
+
+	if cm.dnsClient == nil || time.Now().After(cm.refreshAfter) {
+		cm.dnsClient = cm.factory()
+		cm.refreshAfter = time.Now().Add(cm.ttl)
+	}
+
+	return cm.dnsClient
+}