commit dnsproxy for openSUSE:Factory

1 Aug 2024

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package dnsproxy for openSUSE:Factory checked in at 2024-08-01 22:04:41
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/dnsproxy (Old)
 and      /work/SRC/openSUSE:Factory/.dnsproxy.new.7232 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "dnsproxy"

Thu Aug  1 22:04:41 2024 rev:29 rq:1190826 version:0.72.2

Changes:
--------

--- /work/SRC/openSUSE:Factory/dnsproxy/dnsproxy.changes	2024-07-08 19:08:44.183784880 +0200
+++ /work/SRC/openSUSE:Factory/.dnsproxy.new.7232/dnsproxy.changes	2024-08-01 22:05:17.474599382 +0200
@@ -1,0 +2,10 @@
+Wed Jul 31 21:50:26 UTC 2024 - Eyad Issa <eyadlorenzo@gmail.com>
+
+- Update to version 0.72.2:
+  * General memory performance improvements
+  
+- Update to version 0.72.1:
+  * Race conditions on message ID in DNS-over-HTTPS and 
+    DNS-over-QUIC upstream implementations
+
+-------------------------------------------------------------------

Old:
----
  dnsproxy-0.72.0.obscpio

New:
----
  dnsproxy-0.72.2.obscpio

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ dnsproxy.spec ++++++
--- /var/tmp/diff_new_pack.RTNjtw/_old	2024-08-01 22:05:18.286632873 +0200
+++ /var/tmp/diff_new_pack.RTNjtw/_new	2024-08-01 22:05:18.286632873 +0200
@@ -17,7 +17,7 @@
 
 
 Name:           dnsproxy
-Version:        0.72.0
+Version:        0.72.2
 Release:        0
 Summary:        A DNS proxy server
 License:        Apache-2.0

++++++ _service ++++++
--- /var/tmp/diff_new_pack.RTNjtw/_old	2024-08-01 22:05:18.318634193 +0200
+++ /var/tmp/diff_new_pack.RTNjtw/_new	2024-08-01 22:05:18.322634358 +0200
@@ -2,7 +2,7 @@
   <service name="obs_scm" mode="manual">
     <param name="scm">git</param>
     <param name="url">https://github.com/AdguardTeam/dnsproxy.git</param>
-    <param name="revision">v0.72.0</param>
+    <param name="revision">v0.72.2</param>
     <param name="match-tag">*</param>
     <param name="versionrewrite-pattern">v(\d+\.\d+\.\d+)</param>
    <param name="versionformat">@PARENT_TAG@</param>

++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.RTNjtw/_old	2024-08-01 22:05:18.342635183 +0200
+++ /var/tmp/diff_new_pack.RTNjtw/_new	2024-08-01 22:05:18.346635348 +0200
@@ -1,6 +1,6 @@
 <servicedata>
 <service name="tar_scm">
                 <param name="url">https://github.com/AdguardTeam/dnsproxy.git</param>
-              <param name="changesrevision">a81c05991fd66d16377541944fdfaead7cb1edbc</param></service></servicedata>
+              <param name="changesrevision">791906ea48e8bb350a79b456ceeac69915583df0</param></service></servicedata>
 (No newline at EOF)
 

++++++ dnsproxy-0.72.0.obscpio -> dnsproxy-0.72.2.obscpio ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dnsproxy-0.72.0/README.md new/dnsproxy-0.72.2/README.md
--- old/dnsproxy-0.72.0/README.md	2024-07-05 09:16:04.000000000 +0200
+++ new/dnsproxy-0.72.2/README.md	2024-07-31 18:36:46.000000000 +0200
@@ -56,6 +56,7 @@
       --https-userinfo=            If set, all DoH queries are required to have this basic authentication information.
   -g, --dnscrypt-config=           Path to a file with DNSCrypt configuration. You can generate one using https://github.com/ameshkov/dnscrypt
       --edns-addr=                 Send EDNS Client Address
+      --upstream-mode=             Defines the upstreams logic mode, possible values: load_balance, parallel, fastest_addr (default: load_balance)
   -l, --listen=                    Listening addresses
   -p, --port=                      Listening ports. Zero value disables TCP and UDP listeners
   -s, --https-port=                Listening ports for DNS-over-HTTPS
@@ -86,7 +87,6 @@
       --insecure                   Disable secure TLS certificate validation
       --ipv6-disabled              If specified, all AAAA requests will be replied with NoError RCode and empty answer
       --http3                      Enable HTTP/3 support
-      --upstream-mode              If specified, determines the upstream usage logic.
       --cache-optimistic           If specified, optimistic DNS cache is enabled
       --cache                      If specified, DNS cache is enabled
       --refuse-any                 If specified, refuse ANY requests
@@ -221,7 +221,7 @@
 
 Runs a DNS proxy on 127.0.0.1:5353 with multiple upstreams and enable parallel queries to all configured upstream servers.
 ```shell
-./dnsproxy -l 127.0.0.1 -p 5353 -u 8.8.8.8:53 -u 1.1.1.1:53 -u tls://dns.adguard.com --all-servers
+./dnsproxy -l 127.0.0.1 -p 5353 -u 8.8.8.8:53 -u 1.1.1.1:53 -u tls://dns.adguard.com --upstream-mode parallel
 ```
 
 Loads upstreams list from a file.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dnsproxy-0.72.0/go.mod new/dnsproxy-0.72.2/go.mod
--- old/dnsproxy-0.72.0/go.mod	2024-07-05 09:16:04.000000000 +0200
+++ new/dnsproxy-0.72.2/go.mod	2024-07-31 18:36:46.000000000 +0200
@@ -3,7 +3,7 @@
 go 1.22.5
 
 require (
-	github.com/AdguardTeam/golibs v0.24.1
+	github.com/AdguardTeam/golibs v0.25.1
 	github.com/ameshkov/dnscrypt/v2 v2.2.7
 	github.com/ameshkov/dnsstamps v1.0.3
 	github.com/beefsack/go-rate v0.0.0-20220214233405-116f4ca011a0
@@ -13,9 +13,9 @@
 	github.com/patrickmn/go-cache v2.1.0+incompatible
 	github.com/quic-go/quic-go v0.44.0
 	github.com/stretchr/testify v1.9.0
-	golang.org/x/exp v0.0.0-20240604190554-fc45aab8b7f8
-	golang.org/x/net v0.26.0
-	golang.org/x/sys v0.21.0
+	golang.org/x/exp v0.0.0-20240707233637-46b078467d37
+	golang.org/x/net v0.27.0
+	golang.org/x/sys v0.22.0
 	gopkg.in/yaml.v3 v3.0.1
 )
 
@@ -31,11 +31,11 @@
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/quic-go/qpack v0.4.0 // indirect
 	go.uber.org/mock v0.4.0 // indirect
-	golang.org/x/crypto v0.24.0 // indirect
-	golang.org/x/mod v0.18.0 // indirect
+	golang.org/x/crypto v0.25.0 // indirect
+	golang.org/x/mod v0.19.0 // indirect
 	golang.org/x/sync v0.7.0 // indirect
 	golang.org/x/text v0.16.0 // indirect
-	golang.org/x/tools v0.22.0 // indirect
+	golang.org/x/tools v0.23.0 // indirect
 	gonum.org/v1/gonum v0.14.0
 	gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f // indirect
 )
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dnsproxy-0.72.0/go.sum new/dnsproxy-0.72.2/go.sum
--- old/dnsproxy-0.72.0/go.sum	2024-07-05 09:16:04.000000000 +0200
+++ new/dnsproxy-0.72.2/go.sum	2024-07-31 18:36:46.000000000 +0200
@@ -1,5 +1,5 @@
-github.com/AdguardTeam/golibs v0.24.1 h1:/ulkfm65wi33p72ybxiOt3lSdP0nr1GggSoaT4sHbns=
-github.com/AdguardTeam/golibs v0.24.1/go.mod h1:9/vJcYznW7RlmCT/Qzi8XNZGj+ZbWfHZJmEXKnRpCAU=
+github.com/AdguardTeam/golibs v0.25.1 h1:po5dBbFCoZAySsbsMN/ZRB0WTLYDA1d8BxPgvriu/EA=
+github.com/AdguardTeam/golibs v0.25.1/go.mod h1:HaTyS2wCbxFudjht9N/+/Qf1b5cMad2BAYSwe7DPCXI=
 github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da h1:KjTM2ks9d14ZYCvmHS9iAKVt9AyzRSqNU1qabPih5BY=
 github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da/go.mod h1:eHEWzANqSiWQsof+nXEI9bUVUyV6F53Fp89EuCh2EAA=
 github.com/aead/poly1305 v0.0.0-20180717145839-3fee0db0b635 h1:52m0LGchQBBVqJRyYYufQuIbVqRawmubW3OFGqK1ekw=
@@ -54,25 +54,25 @@
 github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
 go.uber.org/mock v0.4.0 h1:VcM4ZOtdbR4f6VXfiOpwpVJDL6lCReaZ6mw31wqh7KU=
 go.uber.org/mock v0.4.0/go.mod h1:a6FSlNadKUHUa9IP5Vyt1zh4fC7uAwxMutEAscFbkZc=
-golang.org/x/crypto v0.24.0 h1:mnl8DM0o513X8fdIkmyFE/5hTYxbwYOjDS/+rK6qpRI=
-golang.org/x/crypto v0.24.0/go.mod h1:Z1PMYSOR5nyMcyAVAIQSKCDwalqy85Aqn1x3Ws4L5DM=
-golang.org/x/exp v0.0.0-20240604190554-fc45aab8b7f8 h1:LoYXNGAShUG3m/ehNk4iFctuhGX/+R1ZpfJ4/ia80JM=
-golang.org/x/exp v0.0.0-20240604190554-fc45aab8b7f8/go.mod h1:jj3sYF3dwk5D+ghuXyeI3r5MFf+NT2An6/9dOA95KSI=
-golang.org/x/mod v0.18.0 h1:5+9lSbEzPSdWkH32vYPBwEpX8KwDbM52Ud9xBUvNlb0=
-golang.org/x/mod v0.18.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
-golang.org/x/net v0.26.0 h1:soB7SVo0PWrY4vPW/+ay0jKDNScG2X9wFeYlXIvJsOQ=
-golang.org/x/net v0.26.0/go.mod h1:5YKkiSynbBIh3p6iOc/vibscux0x38BZDkn8sCUPxHE=
+golang.org/x/crypto v0.25.0 h1:ypSNr+bnYL2YhwoMt2zPxHFmbAN1KZs/njMG3hxUp30=
+golang.org/x/crypto v0.25.0/go.mod h1:T+wALwcMOSE0kXgUAnPAHqTLW+XHgcELELW8VaDgm/M=
+golang.org/x/exp v0.0.0-20240707233637-46b078467d37 h1:uLDX+AfeFCct3a2C7uIWBKMJIR3CJMhcgfrUAqjRK6w=
+golang.org/x/exp v0.0.0-20240707233637-46b078467d37/go.mod h1:M4RDyNAINzryxdtnbRXRL/OHtkFuWGRjvuhBJpk2IlY=
+golang.org/x/mod v0.19.0 h1:fEdghXQSo20giMthA7cd28ZC+jts4amQ3YMXiP5oMQ8=
+golang.org/x/mod v0.19.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
+golang.org/x/net v0.27.0 h1:5K3Njcw06/l2y9vpGCSdcxWOYHOUk3dVNGDXN+FvAys=
+golang.org/x/net v0.27.0/go.mod h1:dDi0PyhWNoiUOrAS8uXv/vnScO4wnHQO4mj9fn/RytE=
 golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M=
 golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
 golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.21.0 h1:rF+pYz3DAGSQAxAu1CbC7catZg4ebC4UIeIhKxBZvws=
-golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.22.0 h1:RI27ohtqKCnwULzJLqkv897zojh5/DwS/ENaMzUOaWI=
+golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4=
 golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI=
 golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk=
 golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
-golang.org/x/tools v0.22.0 h1:gqSGLZqv+AI9lIQzniJ0nZDRG5GBPsSi+DRNHWNz6yA=
-golang.org/x/tools v0.22.0/go.mod h1:aCwcsjqvq7Yqt6TNyX7QMU2enbQ/Gt0bo6krSeEri+c=
+golang.org/x/tools v0.23.0 h1:SGsXPZ+2l4JsgaCKkx+FQ9YZ5XEtA1GZYuoDjenLjvg=
+golang.org/x/tools v0.23.0/go.mod h1:pnu6ufv6vQkll6szChhK3C3L/ruaIv5eBeztNG8wtsI=
 gonum.org/v1/gonum v0.14.0 h1:2NiG67LD1tEH0D7kM+ps2V+fXmsAnpUeec7n8tcr4S0=
 gonum.org/v1/gonum v0.14.0/go.mod h1:AoWeoz0becf9QMWtE8iWXNXc27fK4fNeHNf/oMejGfU=
 google.golang.org/protobuf v1.28.0 h1:w43yiav+6bVFTBQFZX0r7ipe9JQ1QsbMgHwbBziscLw=
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dnsproxy-0.72.0/main.go new/dnsproxy-0.72.2/main.go
--- old/dnsproxy-0.72.0/main.go	2024-07-05 09:16:04.000000000 +0200
+++ new/dnsproxy-0.72.2/main.go	2024-07-31 18:36:46.000000000 +0200
@@ -68,7 +68,7 @@
 
 	// UpstreamMode determines the logic through which upstreams will be used.
 	// If not specified the [proxy.UpstreamModeLoadBalance] is used.
-	UpstreamMode string `yaml:"upstream-mode" long:"upstream-mode" description:"Upstreams logic mode" optional:"yes" optional-value:"load_balance"`
+	UpstreamMode string `yaml:"upstream-mode" long:"upstream-mode" description:"Defines the upstreams logic mode, possible values: load_balance, parallel, fastest_addr (default: load_balance)" optional:"yes" optional-value:"load_balance"`
 
 	// ListenAddrs is the list of server's listen addresses.
 	ListenAddrs []string `yaml:"listen-addrs" short:"l" long:"listen" description:"Listening addresses"`
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dnsproxy-0.72.0/proxy/beforerequest_test.go new/dnsproxy-0.72.2/proxy/beforerequest_test.go
--- old/dnsproxy-0.72.0/proxy/beforerequest_test.go	2024-07-05 09:16:04.000000000 +0200
+++ new/dnsproxy-0.72.2/proxy/beforerequest_test.go	2024-07-31 18:36:46.000000000 +0200
@@ -9,6 +9,7 @@
 
 	"github.com/AdguardTeam/dnsproxy/upstream"
 	"github.com/AdguardTeam/golibs/errors"
+	"github.com/AdguardTeam/golibs/logutil/slogutil"
 	"github.com/AdguardTeam/golibs/netutil"
 	"github.com/AdguardTeam/golibs/testutil"
 	"github.com/miekg/dns"
@@ -52,6 +53,7 @@
 	errorResponse := (&dns.Msg{}).SetReply(errorRequest)
 
 	p := mustNew(t, &Config{
+		Logger:        slogutil.NewDiscardLogger(),
 		TCPListenAddr: []*net.TCPAddr{net.TCPAddrFromAddrPort(localhostAnyPort)},
 		UpstreamConfig: &UpstreamConfig{
 			Upstreams: []upstream.Upstream{&fakeUpstream{
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dnsproxy-0.72.0/proxy/bogusnxdomain_test.go new/dnsproxy-0.72.2/proxy/bogusnxdomain_test.go
--- old/dnsproxy-0.72.0/proxy/bogusnxdomain_test.go	2024-07-05 09:16:04.000000000 +0200
+++ new/dnsproxy-0.72.2/proxy/bogusnxdomain_test.go	2024-07-31 18:36:46.000000000 +0200
@@ -7,6 +7,7 @@
 	"testing"
 
 	"github.com/AdguardTeam/dnsproxy/upstream"
+	"github.com/AdguardTeam/golibs/logutil/slogutil"
 	"github.com/AdguardTeam/golibs/testutil"
 	"github.com/miekg/dns"
 	"github.com/stretchr/testify/assert"
@@ -15,6 +16,7 @@
 
 func TestProxy_IsBogusNXDomain(t *testing.T) {
 	prx := mustNew(t, &Config{
+		Logger:                 slogutil.NewDiscardLogger(),
 		UDPListenAddr:          []*net.UDPAddr{net.UDPAddrFromAddrPort(localhostAnyPort)},
 		TCPListenAddr:          []*net.TCPAddr{net.TCPAddrFromAddrPort(localhostAnyPort)},
 		UpstreamConfig:         newTestUpstreamConfig(t, defaultTimeout, testDefaultUpstreamAddr),
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dnsproxy-0.72.0/proxy/cache_test.go new/dnsproxy-0.72.2/proxy/cache_test.go
--- old/dnsproxy-0.72.0/proxy/cache_test.go	2024-07-05 09:16:04.000000000 +0200
+++ new/dnsproxy-0.72.2/proxy/cache_test.go	2024-07-31 18:36:46.000000000 +0200
@@ -32,6 +32,7 @@
 
 func TestServeCached(t *testing.T) {
 	dnsProxy := mustNew(t, &Config{
+		Logger:                 slogutil.NewDiscardLogger(),
 		UDPListenAddr:          []*net.UDPAddr{net.UDPAddrFromAddrPort(localhostAnyPort)},
 		TCPListenAddr:          []*net.TCPAddr{net.TCPAddrFromAddrPort(localhostAnyPort)},
 		UpstreamConfig:         newTestUpstreamConfig(t, defaultTimeout, testDefaultUpstreamAddr),
@@ -288,6 +289,7 @@
 	t.Parallel()
 
 	dnsProxy := mustNew(t, &Config{
+		Logger:                 slogutil.NewDiscardLogger(),
 		UDPListenAddr:          []*net.UDPAddr{net.UDPAddrFromAddrPort(localhostAnyPort)},
 		TCPListenAddr:          []*net.TCPAddr{net.TCPAddrFromAddrPort(localhostAnyPort)},
 		UpstreamConfig:         newTestUpstreamConfig(t, defaultTimeout, testDefaultUpstreamAddr),
@@ -347,6 +349,7 @@
 	u := testUpstream{}
 
 	dnsProxy := mustNew(t, &Config{
+		Logger:        slogutil.NewDiscardLogger(),
 		UDPListenAddr: []*net.UDPAddr{net.UDPAddrFromAddrPort(localhostAnyPort)},
 		TCPListenAddr: []*net.TCPAddr{net.TCPAddrFromAddrPort(localhostAnyPort)},
 		UpstreamConfig: &UpstreamConfig{
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dnsproxy-0.72.0/proxy/dns64_test.go new/dnsproxy-0.72.2/proxy/dns64_test.go
--- old/dnsproxy-0.72.0/proxy/dns64_test.go	2024-07-05 09:16:04.000000000 +0200
+++ new/dnsproxy-0.72.2/proxy/dns64_test.go	2024-07-31 18:36:46.000000000 +0200
@@ -8,6 +8,7 @@
 	"testing"
 
 	"github.com/AdguardTeam/dnsproxy/upstream"
+	"github.com/AdguardTeam/golibs/logutil/slogutil"
 	"github.com/AdguardTeam/golibs/netutil"
 	"github.com/AdguardTeam/golibs/testutil"
 	"github.com/miekg/dns"
@@ -38,6 +39,7 @@
 	}
 
 	dnsProxy := mustNew(t, &Config{
+		Logger:         slogutil.NewDiscardLogger(),
 		UDPListenAddr:  []*net.UDPAddr{net.UDPAddrFromAddrPort(localhostAnyPort)},
 		TCPListenAddr:  []*net.TCPAddr{net.TCPAddrFromAddrPort(localhostAnyPort)},
 		PrivateSubnets: netutil.SubnetSetFunc(netutil.IsLocallyServed),
@@ -355,6 +357,7 @@
 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {
 			p := mustNew(t, &Config{
+				Logger:        slogutil.NewDiscardLogger(),
 				UDPListenAddr: []*net.UDPAddr{net.UDPAddrFromAddrPort(localhostAnyPort)},
 				TCPListenAddr: []*net.TCPAddr{net.TCPAddrFromAddrPort(localhostAnyPort)},
 				UpstreamConfig: &UpstreamConfig{
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dnsproxy-0.72.0/proxy/exchange_internal_test.go new/dnsproxy-0.72.2/proxy/exchange_internal_test.go
--- old/dnsproxy-0.72.0/proxy/exchange_internal_test.go	2024-07-05 09:16:04.000000000 +0200
+++ new/dnsproxy-0.72.2/proxy/exchange_internal_test.go	2024-07-31 18:36:46.000000000 +0200
@@ -8,6 +8,7 @@
 	"time"
 
 	"github.com/AdguardTeam/dnsproxy/upstream"
+	"github.com/AdguardTeam/golibs/logutil/slogutil"
 	"github.com/AdguardTeam/golibs/netutil"
 	"github.com/miekg/dns"
 	"github.com/stretchr/testify/assert"
@@ -215,6 +216,7 @@
 		}
 
 		p := mustNew(t, &Config{
+			Logger:        slogutil.NewDiscardLogger(),
 			UDPListenAddr: []*net.UDPAddr{net.UDPAddrFromAddrPort(localhostAnyPort)},
 			TCPListenAddr: []*net.TCPAddr{net.TCPAddrFromAddrPort(localhostAnyPort)},
 			UpstreamConfig: &UpstreamConfig{
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dnsproxy-0.72.0/proxy/handler_test.go new/dnsproxy-0.72.2/proxy/handler_test.go
--- old/dnsproxy-0.72.0/proxy/handler_test.go	2024-07-05 09:16:04.000000000 +0200
+++ new/dnsproxy-0.72.2/proxy/handler_test.go	2024-07-31 18:36:46.000000000 +0200
@@ -6,6 +6,7 @@
 	"sync"
 	"testing"
 
+	"github.com/AdguardTeam/golibs/logutil/slogutil"
 	"github.com/AdguardTeam/golibs/testutil"
 	"github.com/miekg/dns"
 	"github.com/stretchr/testify/assert"
@@ -19,6 +20,7 @@
 
 	// Prepare the proxy server
 	dnsProxy := mustNew(t, &Config{
+		Logger:                 slogutil.NewDiscardLogger(),
 		UDPListenAddr:          []*net.UDPAddr{net.UDPAddrFromAddrPort(localhostAnyPort)},
 		TCPListenAddr:          []*net.TCPAddr{net.TCPAddrFromAddrPort(localhostAnyPort)},
 		UpstreamConfig:         newTestUpstreamConfig(t, defaultTimeout, testDefaultUpstreamAddr),
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dnsproxy-0.72.0/proxy/lookup_test.go new/dnsproxy-0.72.2/proxy/lookup_test.go
--- old/dnsproxy-0.72.0/proxy/lookup_test.go	2024-07-05 09:16:04.000000000 +0200
+++ new/dnsproxy-0.72.2/proxy/lookup_test.go	2024-07-31 18:36:46.000000000 +0200
@@ -23,6 +23,7 @@
 	require.NoError(t, err)
 
 	conf := &Config{
+		Logger: slogutil.NewDiscardLogger(),
 		UpstreamConfig: &UpstreamConfig{
 			Upstreams: []upstream.Upstream{dnsUpstream},
 		},
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dnsproxy-0.72.0/proxy/proxy_test.go new/dnsproxy-0.72.2/proxy/proxy_test.go
--- old/dnsproxy-0.72.0/proxy/proxy_test.go	2024-07-05 09:16:04.000000000 +0200
+++ new/dnsproxy-0.72.2/proxy/proxy_test.go	2024-07-31 18:36:46.000000000 +0200
@@ -261,6 +261,7 @@
 	t.Helper()
 
 	p = mustNew(t, &Config{
+		Logger:                 slogutil.NewDiscardLogger(),
 		UDPListenAddr:          []*net.UDPAddr{net.UDPAddrFromAddrPort(localhostAnyPort)},
 		TCPListenAddr:          []*net.TCPAddr{net.TCPAddrFromAddrPort(localhostAnyPort)},
 		UpstreamConfig:         newTestUpstreamConfig(t, defaultTimeout, testDefaultUpstreamAddr),
@@ -288,6 +289,7 @@
 		testDefaultUpstreamAddr,
 	)
 	dnsProxy := mustNew(t, &Config{
+		Logger:                 slogutil.NewDiscardLogger(),
 		UDPListenAddr:          []*net.UDPAddr{net.UDPAddrFromAddrPort(localhostAnyPort)},
 		TCPListenAddr:          []*net.TCPAddr{net.TCPAddrFromAddrPort(localhostAnyPort)},
 		UpstreamConfig:         upsConf,
@@ -487,6 +489,7 @@
 	}
 
 	p := mustNew(t, &Config{
+		Logger:                 slogutil.NewDiscardLogger(),
 		UDPListenAddr:          []*net.UDPAddr{net.UDPAddrFromAddrPort(localhostAnyPort)},
 		TCPListenAddr:          []*net.TCPAddr{net.TCPAddrFromAddrPort(localhostAnyPort)},
 		UpstreamConfig:         &UpstreamConfig{Upstreams: []upstream.Upstream{u}},
@@ -583,6 +586,7 @@
 	t.Parallel()
 
 	dnsProxy := mustNew(t, &Config{
+		Logger:        slogutil.NewDiscardLogger(),
 		UDPListenAddr: []*net.UDPAddr{net.UDPAddrFromAddrPort(localhostAnyPort)},
 		TCPListenAddr: []*net.TCPAddr{net.TCPAddrFromAddrPort(localhostAnyPort)},
 		UpstreamConfig: newTestUpstreamConfigWithBoot(
@@ -652,6 +656,7 @@
 	t.Parallel()
 
 	dnsProxy := mustNew(t, &Config{
+		Logger:        slogutil.NewDiscardLogger(),
 		UDPListenAddr: []*net.UDPAddr{net.UDPAddrFromAddrPort(localhostAnyPort)},
 		TCPListenAddr: []*net.TCPAddr{net.TCPAddrFromAddrPort(localhostAnyPort)},
 		UpstreamConfig: newTestUpstreamConfigWithBoot(
@@ -745,6 +750,7 @@
 	}).String()
 
 	dnsProxy := mustNew(t, &Config{
+		Logger:        slogutil.NewDiscardLogger(),
 		UDPListenAddr: []*net.UDPAddr{net.UDPAddrFromAddrPort(localhostAnyPort)},
 		TCPListenAddr: []*net.TCPAddr{net.TCPAddrFromAddrPort(localhostAnyPort)},
 		UpstreamConfig: newTestUpstreamConfig(
@@ -842,6 +848,7 @@
 	require.NoError(t, err)
 
 	dnsProxy := mustNew(t, &Config{
+		Logger:         slogutil.NewDiscardLogger(),
 		UDPListenAddr:  []*net.UDPAddr{net.UDPAddrFromAddrPort(localhostAnyPort)},
 		TCPListenAddr:  []*net.TCPAddr{net.TCPAddrFromAddrPort(localhostAnyPort)},
 		UpstreamConfig: upsConf,
@@ -883,6 +890,7 @@
 
 func TestRefuseAny(t *testing.T) {
 	dnsProxy := mustNew(t, &Config{
+		Logger:                 slogutil.NewDiscardLogger(),
 		UDPListenAddr:          []*net.UDPAddr{net.UDPAddrFromAddrPort(localhostAnyPort)},
 		TCPListenAddr:          []*net.TCPAddr{net.TCPAddrFromAddrPort(localhostAnyPort)},
 		UpstreamConfig:         newTestUpstreamConfig(t, defaultTimeout, testDefaultUpstreamAddr),
@@ -921,6 +929,7 @@
 
 func TestInvalidDNSRequest(t *testing.T) {
 	dnsProxy := mustNew(t, &Config{
+		Logger:                 slogutil.NewDiscardLogger(),
 		UDPListenAddr:          []*net.UDPAddr{net.UDPAddrFromAddrPort(localhostAnyPort)},
 		TCPListenAddr:          []*net.TCPAddr{net.TCPAddrFromAddrPort(localhostAnyPort)},
 		UpstreamConfig:         newTestUpstreamConfig(t, defaultTimeout, testDefaultUpstreamAddr),
@@ -1093,6 +1102,7 @@
 
 func TestExchangeCustomUpstreamConfigCache(t *testing.T) {
 	prx := mustNew(t, &Config{
+		Logger:                 slogutil.NewDiscardLogger(),
 		UDPListenAddr:          []*net.UDPAddr{net.UDPAddrFromAddrPort(localhostAnyPort)},
 		TCPListenAddr:          []*net.TCPAddr{net.TCPAddrFromAddrPort(localhostAnyPort)},
 		UpstreamConfig:         newTestUpstreamConfig(t, defaultTimeout, testDefaultUpstreamAddr),
@@ -1224,6 +1234,7 @@
 	}
 
 	prx := mustNew(t, &Config{
+		Logger:        slogutil.NewDiscardLogger(),
 		UDPListenAddr: []*net.UDPAddr{net.UDPAddrFromAddrPort(localhostAnyPort)},
 		TCPListenAddr: []*net.TCPAddr{net.TCPAddrFromAddrPort(localhostAnyPort)},
 		UpstreamConfig: &UpstreamConfig{
@@ -1333,6 +1344,7 @@
 	}
 
 	prx := mustNew(t, &Config{
+		Logger:                 slogutil.NewDiscardLogger(),
 		UDPListenAddr:          []*net.UDPAddr{net.UDPAddrFromAddrPort(localhostAnyPort)},
 		TCPListenAddr:          []*net.TCPAddr{net.TCPAddrFromAddrPort(localhostAnyPort)},
 		UpstreamConfig:         &UpstreamConfig{Upstreams: []upstream.Upstream{u}},
@@ -1576,6 +1588,7 @@
 	}
 
 	p := mustNew(t, &Config{
+		Logger:        slogutil.NewDiscardLogger(),
 		UDPListenAddr: []*net.UDPAddr{net.UDPAddrFromAddrPort(localhostAnyPort)},
 		UpstreamConfig: &UpstreamConfig{
 			Upstreams: []upstream.Upstream{generalUps},
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dnsproxy-0.72.0/proxy/ratelimit_test.go new/dnsproxy-0.72.2/proxy/ratelimit_test.go
--- old/dnsproxy-0.72.0/proxy/ratelimit_test.go	2024-07-05 09:16:04.000000000 +0200
+++ new/dnsproxy-0.72.2/proxy/ratelimit_test.go	2024-07-31 18:36:46.000000000 +0200
@@ -6,6 +6,7 @@
 	"net/netip"
 	"testing"
 
+	"github.com/AdguardTeam/golibs/logutil/slogutil"
 	"github.com/AdguardTeam/golibs/testutil"
 	"github.com/miekg/dns"
 	"github.com/stretchr/testify/require"
@@ -13,6 +14,7 @@
 
 func TestRatelimitingProxy(t *testing.T) {
 	dnsProxy := mustNew(t, &Config{
+		Logger:                 slogutil.NewDiscardLogger(),
 		UDPListenAddr:          []*net.UDPAddr{net.UDPAddrFromAddrPort(localhostAnyPort)},
 		TCPListenAddr:          []*net.TCPAddr{net.TCPAddrFromAddrPort(localhostAnyPort)},
 		UpstreamConfig:         newTestUpstreamConfig(t, defaultTimeout, testDefaultUpstreamAddr),
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dnsproxy-0.72.0/proxy/server_dnscrypt_test.go new/dnsproxy-0.72.2/proxy/server_dnscrypt_test.go
--- old/dnsproxy-0.72.0/proxy/server_dnscrypt_test.go	2024-07-05 09:16:04.000000000 +0200
+++ new/dnsproxy-0.72.2/proxy/server_dnscrypt_test.go	2024-07-31 18:36:46.000000000 +0200
@@ -7,6 +7,7 @@
 	"testing"
 	"time"
 
+	"github.com/AdguardTeam/golibs/logutil/slogutil"
 	"github.com/AdguardTeam/golibs/testutil"
 	"github.com/ameshkov/dnscrypt/v2"
 	"github.com/ameshkov/dnsstamps"
@@ -14,6 +15,11 @@
 	"github.com/stretchr/testify/require"
 )
 
+// TODO(d.kolyshev): Remove this after migrating dnscrypt to slog.
+func TestMain(m *testing.M) {
+	testutil.DiscardLogOutput(m)
+}
+
 func getFreePort() uint {
 	l, _ := net.Listen("tcp", "127.0.0.1:0")
 	port := uint(l.Addr().(*net.TCPAddr).Port)
@@ -35,6 +41,7 @@
 
 	port := getFreePort()
 	p := mustNew(t, &Config{
+		Logger: slogutil.NewDiscardLogger(),
 		DNSCryptUDPListenAddr: []*net.UDPAddr{{
 			Port: int(port), IP: net.ParseIP(listenIP),
 		}},
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dnsproxy-0.72.0/proxy/server_https_test.go new/dnsproxy-0.72.2/proxy/server_https_test.go
--- old/dnsproxy-0.72.0/proxy/server_https_test.go	2024-07-05 09:16:04.000000000 +0200
+++ new/dnsproxy-0.72.2/proxy/server_https_test.go	2024-07-31 18:36:46.000000000 +0200
@@ -39,6 +39,7 @@
 		t.Run(tc.name, func(t *testing.T) {
 			tlsConf, caPem := newTLSConfig(t)
 			dnsProxy := mustNew(t, &Config{
+				Logger:                 slogutil.NewDiscardLogger(),
 				TLSListenAddr:          []*net.TCPAddr{net.TCPAddrFromAddrPort(localhostAnyPort)},
 				HTTPSListenAddr:        []*net.TCPAddr{net.TCPAddrFromAddrPort(localhostAnyPort)},
 				QUICListenAddr:         []*net.UDPAddr{net.UDPAddrFromAddrPort(localhostAnyPort)},
@@ -80,6 +81,7 @@
 		// Prepare the proxy server.
 		tlsConf, caPem := newTLSConfig(t)
 		dnsProxy := mustNew(t, &Config{
+			Logger:                 slogutil.NewDiscardLogger(),
 			TLSListenAddr:          []*net.TCPAddr{net.TCPAddrFromAddrPort(localhostAnyPort)},
 			HTTPSListenAddr:        []*net.TCPAddr{net.TCPAddrFromAddrPort(localhostAnyPort)},
 			QUICListenAddr:         []*net.UDPAddr{net.UDPAddrFromAddrPort(localhostAnyPort)},
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dnsproxy-0.72.0/proxy/server_quic_test.go new/dnsproxy-0.72.2/proxy/server_quic_test.go
--- old/dnsproxy-0.72.0/proxy/server_quic_test.go	2024-07-05 09:16:04.000000000 +0200
+++ new/dnsproxy-0.72.2/proxy/server_quic_test.go	2024-07-31 18:36:46.000000000 +0200
@@ -10,6 +10,7 @@
 	"time"
 
 	"github.com/AdguardTeam/dnsproxy/proxyutil"
+	"github.com/AdguardTeam/golibs/logutil/slogutil"
 	"github.com/AdguardTeam/golibs/testutil"
 	"github.com/miekg/dns"
 	"github.com/quic-go/quic-go"
@@ -28,6 +29,7 @@
 	}
 
 	conf := &Config{
+		Logger:                 slogutil.NewDiscardLogger(),
 		QUICListenAddr:         []*net.UDPAddr{net.UDPAddrFromAddrPort(localhostAnyPort)},
 		TLSConfig:              serverConfig,
 		UpstreamConfig:         newTestUpstreamConfig(t, defaultTimeout, testDefaultUpstreamAddr),
@@ -89,6 +91,7 @@
 func TestQuicProxy_largePackets(t *testing.T) {
 	serverConfig, caPem := newTLSConfig(t)
 	dnsProxy := mustNew(t, &Config{
+		Logger:                 slogutil.NewDiscardLogger(),
 		TLSListenAddr:          []*net.TCPAddr{net.TCPAddrFromAddrPort(localhostAnyPort)},
 		HTTPSListenAddr:        []*net.TCPAddr{net.TCPAddrFromAddrPort(localhostAnyPort)},
 		QUICListenAddr:         []*net.UDPAddr{net.UDPAddrFromAddrPort(localhostAnyPort)},
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dnsproxy-0.72.0/proxy/server_tcp_test.go new/dnsproxy-0.72.2/proxy/server_tcp_test.go
--- old/dnsproxy-0.72.0/proxy/server_tcp_test.go	2024-07-05 09:16:04.000000000 +0200
+++ new/dnsproxy-0.72.2/proxy/server_tcp_test.go	2024-07-31 18:36:46.000000000 +0200
@@ -7,6 +7,7 @@
 	"net"
 	"testing"
 
+	"github.com/AdguardTeam/golibs/logutil/slogutil"
 	"github.com/AdguardTeam/golibs/testutil"
 	"github.com/miekg/dns"
 	"github.com/stretchr/testify/require"
@@ -26,6 +27,7 @@
 func TestTlsProxy(t *testing.T) {
 	serverConfig, caPem := newTLSConfig(t)
 	dnsProxy := mustNew(t, &Config{
+		Logger:                 slogutil.NewDiscardLogger(),
 		TLSListenAddr:          []*net.TCPAddr{net.TCPAddrFromAddrPort(localhostAnyPort)},
 		HTTPSListenAddr:        []*net.TCPAddr{net.TCPAddrFromAddrPort(localhostAnyPort)},
 		QUICListenAddr:         []*net.UDPAddr{net.UDPAddrFromAddrPort(localhostAnyPort)},
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dnsproxy-0.72.0/upstream/dnscrypt.go new/dnsproxy-0.72.2/upstream/dnscrypt.go
--- old/dnsproxy-0.72.0/upstream/dnscrypt.go	2024-07-05 09:16:04.000000000 +0200
+++ new/dnsproxy-0.72.2/upstream/dnscrypt.go	2024-07-31 18:36:46.000000000 +0200
@@ -56,8 +56,8 @@
 func (p *dnsCrypt) Address() string { return p.addr.String() }
 
 // Exchange implements the [Upstream] interface for *dnsCrypt.
-func (p *dnsCrypt) Exchange(m *dns.Msg) (resp *dns.Msg, err error) {
-	resp, err = p.exchangeDNSCrypt(m)
+func (p *dnsCrypt) Exchange(req *dns.Msg) (resp *dns.Msg, err error) {
+	resp, err = p.exchangeDNSCrypt(req)
 	if errors.Is(err, os.ErrDeadlineExceeded) || errors.Is(err, io.EOF) {
 		// If request times out, it is possible that the server configuration
 		// has been changed.  It is safe to assume that the key was rotated, see
@@ -68,7 +68,7 @@
 			return nil, err
 		}
 
-		return p.exchangeDNSCrypt(m)
+		return p.exchangeDNSCrypt(req)
 	}
 
 	return resp, err
@@ -80,7 +80,7 @@
 }
 
 // exchangeDNSCrypt attempts to send the DNS query and returns the response.
-func (p *dnsCrypt) exchangeDNSCrypt(m *dns.Msg) (resp *dns.Msg, err error) {
+func (p *dnsCrypt) exchangeDNSCrypt(req *dns.Msg) (resp *dns.Msg, err error) {
 	var client *dnscrypt.Client
 	var resolverInfo *dnscrypt.ResolverInfo
 	func() {
@@ -108,9 +108,9 @@
 		// Go on.
 	}
 
-	resp, err = client.Exchange(m, resolverInfo)
+	resp, err = client.Exchange(req, resolverInfo)
 	if resp != nil && resp.Truncated {
-		q := &m.Question[0]
+		q := &req.Question[0]
 		p.logger.Debug(
 			"dnscrypt received truncated, falling back to tcp",
 			"addr", p.addr,
@@ -118,9 +118,9 @@
 		)
 
 		tcpClient := &dnscrypt.Client{Timeout: p.timeout, Net: networkTCP}
-		resp, err = tcpClient.Exchange(m, resolverInfo)
+		resp, err = tcpClient.Exchange(req, resolverInfo)
 	}
-	if err == nil && resp != nil && resp.Id != m.Id {
+	if err == nil && resp != nil && resp.Id != req.Id {
 		err = dns.ErrId
 	}
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dnsproxy-0.72.0/upstream/doh.go new/dnsproxy-0.72.2/upstream/doh.go
--- old/dnsproxy-0.72.0/upstream/doh.go	2024-07-05 09:16:04.000000000 +0200
+++ new/dnsproxy-0.72.2/upstream/doh.go	2024-07-31 18:36:46.000000000 +0200
@@ -16,6 +16,7 @@
 
 	"github.com/AdguardTeam/dnsproxy/internal/bootstrap"
 	"github.com/AdguardTeam/golibs/errors"
+	"github.com/AdguardTeam/golibs/httphdr"
 	"github.com/AdguardTeam/golibs/logutil/slogutil"
 	"github.com/miekg/dns"
 	"github.com/quic-go/quic-go"
@@ -140,19 +141,21 @@
 // password, the password is replaced with "xxxxx".
 func (p *dnsOverHTTPS) Address() string { return p.addrRedacted }
 
-// Exchange implements the Upstream interface for *dnsOverHTTPS.
-func (p *dnsOverHTTPS) Exchange(m *dns.Msg) (resp *dns.Msg, err error) {
+// Exchange implements the [Upstream] interface for *dnsOverHTTPS.
+func (p *dnsOverHTTPS) Exchange(req *dns.Msg) (resp *dns.Msg, err error) {
+	// TODO(e.burkov):  Use some smarter cloning approach.
+	req = req.Copy()
+
 	// In order to maximize HTTP cache friendliness, DoH clients using media
-	// formats that include the ID field from the DNS message header, such
-	// as "application/dns-message", SHOULD use a DNS ID of 0 in every DNS
-	// request.
+	// formats that include the ID field from the DNS message header, such as
+	// "application/dns-message", SHOULD use a DNS ID of 0 in every DNS request.
 	//
 	// See https://www.rfc-editor.org/rfc/rfc8484.html.
-	id := m.Id
-	m.Id = 0
+	id := req.Id
+	req.Id = 0
 	defer func() {
 		// Restore the original ID to not break compatibility with proxies.
-		m.Id = id
+		req.Id = id
 		if resp != nil {
 			resp.Id = id
 		}
@@ -166,7 +169,7 @@
 	}
 
 	// Make the first attempt to send the DNS query.
-	resp, err = p.exchangeHTTPS(client, m)
+	resp, err = p.exchangeHTTPS(client, req)
 
 	// Make up to 2 attempts to re-create the HTTP client and send the request
 	// again.  There are several cases (mostly, with QUIC) where this workaround
@@ -179,7 +182,7 @@
 			return nil, fmt.Errorf("failed to reset http client: %w", err)
 		}
 
-		resp, err = p.exchangeHTTPS(client, m)
+		resp, err = p.exchangeHTTPS(client, req)
 	}
 
 	if err != nil {
@@ -266,8 +269,10 @@
 		return nil, fmt.Errorf("creating http request to %s: %w", p.addrRedacted, err)
 	}
 
-	httpReq.Header.Set("Accept", "application/dns-message")
-	httpReq.Header.Set("User-Agent", "")
+	// Prevent the client from sending User-Agent header, see
+	// https://github.com/AdguardTeam/dnsproxy/issues/211.
+	httpReq.Header.Set(httphdr.UserAgent, "")
+	httpReq.Header.Set(httphdr.Accept, "application/dns-message")
 
 	httpResp, err := client.Do(httpReq)
 	if err != nil {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dnsproxy-0.72.0/upstream/doq.go new/dnsproxy-0.72.2/upstream/doq.go
--- old/dnsproxy-0.72.0/upstream/doq.go	2024-07-05 09:16:04.000000000 +0200
+++ new/dnsproxy-0.72.2/upstream/doq.go	2024-07-31 18:36:46.000000000 +0200
@@ -142,14 +142,20 @@
 func (p *dnsOverQUIC) Address() string { return p.addr.String() }
 
 // Exchange implements the [Upstream] interface for *dnsOverQUIC.
-func (p *dnsOverQUIC) Exchange(m *dns.Msg) (resp *dns.Msg, err error) {
+func (p *dnsOverQUIC) Exchange(req *dns.Msg) (resp *dns.Msg, err error) {
+	// TODO(e.burkov):  Use some smarter cloning approach.
+	req = req.Copy()
+
 	// When sending queries over a QUIC connection, the DNS Message ID MUST be
-	// set to zero.
-	id := m.Id
-	m.Id = 0
+	// set to 0.  The stream mapping for DoQ allows for unambiguous correlation
+	// of queries and responses, so the Message ID field is not required.
+	//
+	// See https://www.rfc-editor.org/rfc/rfc9250#section-4.2.1.
+	id := req.Id
+	req.Id = 0
 	defer func() {
 		// Restore the original ID to not break compatibility with proxies.
-		m.Id = id
+		req.Id = id
 		if resp != nil {
 			resp.Id = id
 		}
@@ -162,7 +168,7 @@
 	}
 
 	// Make the first attempt to send the DNS query.
-	resp, err = p.exchangeQUIC(m, conn)
+	resp, err = p.exchangeQUIC(req, conn)
 
 	// Failure to use a cached connection should be handled gracefully as this
 	// connection could have been closed by the server or simply be broken due
@@ -182,7 +188,7 @@
 		}
 
 		// Retry sending the request through the new connection.
-		resp, err = p.exchangeQUIC(m, conn)
+		resp, err = p.exchangeQUIC(req, conn)
 	}
 
 	if err != nil {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dnsproxy-0.72.0/upstream/dot.go new/dnsproxy-0.72.2/upstream/dot.go
--- old/dnsproxy-0.72.0/upstream/dot.go	2024-07-05 09:16:04.000000000 +0200
+++ new/dnsproxy-0.72.2/upstream/dot.go	2024-07-31 18:36:46.000000000 +0200
@@ -89,7 +89,7 @@
 func (p *dnsOverTLS) Address() string { return p.addr.String() }
 
 // Exchange implements the [Upstream] interface for *dnsOverTLS.
-func (p *dnsOverTLS) Exchange(m *dns.Msg) (reply *dns.Msg, err error) {
+func (p *dnsOverTLS) Exchange(req *dns.Msg) (reply *dns.Msg, err error) {
 	h, err := p.getDialer()
 	if err != nil {
 		return nil, fmt.Errorf("getting conn to %s: %w", p.addr, err)
@@ -100,7 +100,7 @@
 		return nil, fmt.Errorf("getting conn to %s: %w", p.addr, err)
 	}
 
-	reply, err = p.exchangeWithConn(conn, m)
+	reply, err = p.exchangeWithConn(conn, req)
 	if err != nil {
 		// The pooled connection might have been closed already, see
 		// https://github.com/AdguardTeam/dnsproxy/issues/3.  The following
@@ -120,7 +120,7 @@
 			)
 		}
 
-		reply, err = p.exchangeWithConn(conn, m)
+		reply, err = p.exchangeWithConn(conn, req)
 		if err != nil {
 			return reply, errors.WithDeferred(err, conn.Close())
 		}
@@ -192,15 +192,15 @@
 }
 
 // exchangeWithConn tries to exchange the query using conn.
-func (p *dnsOverTLS) exchangeWithConn(conn net.Conn, m *dns.Msg) (reply *dns.Msg, err error) {
+func (p *dnsOverTLS) exchangeWithConn(conn net.Conn, req *dns.Msg) (reply *dns.Msg, err error) {
 	addr := p.Address()
 
-	logBegin(p.logger, addr, networkTCP, m)
+	logBegin(p.logger, addr, networkTCP, req)
 	defer func() { logFinish(p.logger, addr, networkTCP, err) }()
 
 	dnsConn := dns.Conn{Conn: conn}
 
-	err = dnsConn.WriteMsg(m)
+	err = dnsConn.WriteMsg(req)
 	if err != nil {
 		return nil, fmt.Errorf("sending request to %s: %w", addr, err)
 	}
@@ -208,7 +208,7 @@
 	reply, err = dnsConn.ReadMsg()
 	if err != nil {
 		return nil, fmt.Errorf("reading response from %s: %w", addr, err)
-	} else if reply.Id != m.Id {
+	} else if reply.Id != req.Id {
 		return reply, dns.ErrId
 	}
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dnsproxy-0.72.0/upstream/resolver.go new/dnsproxy-0.72.2/upstream/resolver.go
--- old/dnsproxy-0.72.0/upstream/resolver.go	2024-07-05 09:16:04.000000000 +0200
+++ new/dnsproxy-0.72.2/upstream/resolver.go	2024-07-31 18:36:46.000000000 +0200
@@ -6,6 +6,7 @@
 	"math"
 	"net/netip"
 	"net/url"
+	"slices"
 	"strings"
 	"sync"
 	"time"
@@ -265,13 +266,13 @@
 	// resolver is the underlying resolver to use for lookups.
 	resolver *UpstreamResolver
 
-	// mu protects cached and it's elements.
+	// mu protects cache and it's elements.
 	mu *sync.RWMutex
 
-	// cached is the set of cached results sorted by [resolveResult.name].
+	// cache is the set of resolved hostnames mapped to cached addresses.
 	//
 	// TODO(e.burkov):  Use expiration cache.
-	cached map[string]*ipResult
+	cache map[string]*ipResult
 }
 
 // NewCachingResolver creates a new caching resolver that uses r for lookups.
@@ -279,7 +280,7 @@
 	return &CachingResolver{
 		resolver: r,
 		mu:       &sync.RWMutex{},
-		cached:   map[string]*ipResult{},
+		cache:    map[string]*ipResult{},
 	}
 }
 
@@ -300,32 +301,38 @@
 
 	addrs = r.findCached(host, now)
 	if addrs != nil {
-		return addrs, nil
+		return slices.Clone(addrs), nil
 	}
 
-	newRes, err := r.resolver.lookupNetIP(ctx, network, host)
+	res, err := r.resolver.lookupNetIP(ctx, network, host)
 	if err != nil {
 		return []netip.Addr{}, err
 	}
 
-	r.mu.Lock()
-	defer r.mu.Unlock()
+	r.setCached(host, res)
 
-	r.cached[host] = newRes
-
-	return newRes.addrs, nil
+	return slices.Clone(res.addrs), nil
 }
 
 // findCached returns the cached addresses for host if it's not expired yet, and
-// the corresponding cached result, if any.
+// the corresponding cached result, if any.  It's safe for concurrent use.
 func (r *CachingResolver) findCached(host string, now time.Time) (addrs []netip.Addr) {
 	r.mu.RLock()
 	defer r.mu.RUnlock()
 
-	res, ok := r.cached[host]
+	res, ok := r.cache[host]
 	if !ok || res.expire.Before(now) {
 		return nil
 	}
 
 	return res.addrs
 }
+
+// setCached sets the result into the address cache for host.  It's safe for
+// concurrent use.
+func (r *CachingResolver) setCached(host string, res *ipResult) {
+	r.mu.Lock()
+	defer r.mu.Unlock()
+
+	r.cache[host] = res
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dnsproxy-0.72.0/upstream/upstream.go new/dnsproxy-0.72.2/upstream/upstream.go
--- old/dnsproxy-0.72.0/upstream/upstream.go	2024-07-05 09:16:04.000000000 +0200
+++ new/dnsproxy-0.72.2/upstream/upstream.go	2024-07-31 18:36:46.000000000 +0200
@@ -28,17 +28,20 @@
 	"github.com/quic-go/quic-go/logging"
 )
 
-// Upstream is an interface for a DNS resolver.
+// Upstream is an interface for a DNS resolver.  All the methods must be safe
+// for concurrent use.
 type Upstream interface {
-	// Exchange sends the DNS query req to this upstream and returns the
-	// response that has been received or an error if something went wrong.
+	// Exchange sends req to this upstream and returns the response that has
+	// been received or an error if something went wrong.  The implementations
+	// must not modify req as well as the caller must not modify it until the
+	// method returns.  It shouldn't be called after closing.
 	Exchange(req *dns.Msg) (resp *dns.Msg, err error)
 
-	// Address returns the address of the upstream DNS resolver.
+	// Address returns the human-readable address of the upstream DNS resolver.
+	// It may differ from what was passed to [AddressToUpstream].
 	Address() (addr string)
 
-	// Closer used to close the upstreams properly.  Exchange shouldn't be
-	// called after calling Close.
+	// Closer used to close the upstreams properly.
 	io.Closer
 }
 
@@ -228,15 +231,18 @@
 		host = h
 	}
 
-	// If it's an IPv6 address enclosed in square brackets with no port.
-	//
-	// See https://github.com/AdguardTeam/dnsproxy/issues/379.
-	if strings.HasPrefix(host, "[") && strings.HasSuffix(host, "]") {
-		_, err = netip.ParseAddr(host[1 : len(host)-1])
-	} else {
-		_, err = netip.ParseAddr(host)
+	// minEnclosedIPv6Len is the minimum length of an IP address enclosed in
+	// square brackets.
+	const minEnclosedIPv6Len = len("[::]")
+
+	possibleIP := host
+	if l := len(host); l >= minEnclosedIPv6Len && host[0] == '[' && host[l-1] == ']' {
+		// Might be an IPv6 address enclosed in square brackets with no port.
+		//
+		// See https://github.com/AdguardTeam/dnsproxy/issues/379.
+		possibleIP = host[1 : l-1]
 	}
-	if err == nil {
+	if netutil.IsValidIPString(possibleIP) {
 		return nil
 	}
 
@@ -380,6 +386,7 @@
 		l = slog.Default()
 	}
 
+	// TODO(e.burkov):  Add netutil.IsValidIPPortString.
 	if _, err := netip.ParseAddrPort(u.Host); err == nil {
 		// Don't resolve the address of the server since it's already an IP.
 		handler := bootstrap.NewDialContext(opts.Timeout, l, u.Host)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dnsproxy-0.72.0/upstream/upstream_internal_test.go new/dnsproxy-0.72.2/upstream/upstream_internal_test.go
--- old/dnsproxy-0.72.0/upstream/upstream_internal_test.go	2024-07-05 09:16:04.000000000 +0200
+++ new/dnsproxy-0.72.2/upstream/upstream_internal_test.go	2024-07-31 18:36:46.000000000 +0200
@@ -28,6 +28,7 @@
 
 // TODO(ameshkov): Make tests here not depend on external servers.
 
+// TODO(d.kolyshev): Remove this after migrating dnscrypt to slog.
 func TestMain(m *testing.M) {
 	testutil.DiscardLogOutput(m)
 }
@@ -106,7 +107,7 @@
 func TestUpstreams(t *testing.T) {
 	t.Parallel()
 
-	const upsTimeout = 500 * time.Second
+	const upsTimeout = 10 * time.Second
 
 	l := slogutil.NewDiscardLogger()
 
@@ -209,6 +210,8 @@
 
 	for _, test := range upstreams {
 		t.Run(test.address, func(t *testing.T) {
+			t.Parallel()
+
 			u, upsErr := AddressToUpstream(
 				test.address,
 				&Options{Logger: l, Bootstrap: test.bootstrap, Timeout: upsTimeout},

++++++ dnsproxy.obsinfo ++++++
--- /var/tmp/diff_new_pack.RTNjtw/_old	2024-08-01 22:05:18.482640957 +0200
+++ /var/tmp/diff_new_pack.RTNjtw/_new	2024-08-01 22:05:18.486641122 +0200
@@ -1,5 +1,5 @@
 name: dnsproxy
-version: 0.72.0
-mtime: 1720163764
-commit: a81c05991fd66d16377541944fdfaead7cb1edbc
+version: 0.72.2
+mtime: 1722443806
+commit: 791906ea48e8bb350a79b456ceeac69915583df0
 

++++++ vendor.tar.zstd ++++++
Binary files /var/tmp/diff_new_pack.RTNjtw/_old and /var/tmp/diff_new_pack.RTNjtw/_new differ

    

Source-Sync

tags

participants (1)