Merge pull request #7 from Snawoot/libs_upgrade

Libs upgrade
upd Makefile
2026-04-04 17:48:17 +00:00 · 2022-06-25 14:46:51 +03:00 · 2022-06-25 14:36:44 +03:00 · 2022-06-25 14:35:10 +03:00 · 2022-06-25 14:33:42 +03:00 · 2022-06-25 14:31:28 +03:00
12 changed files with 652 additions and 234 deletions
--- a/.github/workflows/docker-ci.yml
+++ b/.github/workflows/docker-ci.yml
@@ -0,0 +1,58 @@
+name: docker-ci
+
+on:
+  push:
+    branches:
+      - 'master'
+  release:
+    types: [published]
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+      -
+        name: Find Git Tag
+        id: tagger
+        uses: jimschubert/query-tag-action@v2
+        with:
+          include: 'v*'
+          exclude: '*-rc*'
+          commit-ish: 'HEAD'
+          skip-unshallow: 'true'
+          abbrev: 7
+      -
+        name: Determine image tag type
+        uses: haya14busa/action-cond@v1
+        id: imgtag
+        with:
+          cond: ${{ github.event_name == 'release' }}
+          if_true: ${{ secrets.DOCKERHUB_USERNAME }}/${{ github.event.repository.name }}:${{ github.event.release.tag_name }},${{ secrets.DOCKERHUB_USERNAME }}/${{ github.event.repository.name }}:latest
+          if_false: ${{ secrets.DOCKERHUB_USERNAME }}/${{ github.event.repository.name }}:latest
+      -
+        name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+      -
+        name: Login to DockerHub
+        uses: docker/login-action@v1 
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      -
+        name: Build and push
+        id: docker_build
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64,linux/386,linux/arm/v7
+          push: true
+          tags: ${{ steps.imgtag.outputs.value }}
+          build-args: 'GIT_DESC=${{steps.tagger.outputs.tag}}'
--- a/4
+++ b/4
@@ -7,13 +7,15 @@ COPY . .
 RUN CGO_ENABLED=0 go build -a -tags netgo -ldflags '-s -w -extldflags "-static" -X main.version='"$GIT_DESC"
 ADD https://curl.haxx.se/ca/cacert.pem /certs.crt
 RUN chmod 0644 /certs.crt
+RUN mkdir /state

 FROM scratch AS arrange
 COPY --from=build /go/src/github.com/Snawoot/windscribe-proxy/windscribe-proxy /
 COPY --from=build /certs.crt /etc/ssl/certs/ca-certificates.crt
+COPY --from=build --chown=9999:9999 /state /state

 FROM scratch
 COPY --from=arrange / /
 USER 9999:9999
 EXPOSE 18080/tcp
-ENTRYPOINT ["/windscribe-proxy", "-bind-address", "0.0.0.0:28080"]
+ENTRYPOINT ["/windscribe-proxy", "-state-file", "/state/wndstate.json", "-bind-address", "0.0.0.0:28080"]
--- a/21
+++ b/21
@@ -10,10 +10,11 @@ NDK_CC_ARM64 = $(abspath ../../ndk-toolchain-arm64/bin/aarch64-linux-android21-c

 GO := go

-src = $(wildcard *.go)
+src = $(wildcard *.go */*.go */*/*.go) go.mod go.sum

 native: bin-native
-all: bin-linux-amd64 bin-linux-386 bin-linux-arm \
+all: bin-linux-amd64 bin-linux-386 bin-linux-arm bin-linux-arm64 \
+	bin-linux-mips bin-linux-mipsle bin-linux-mips64 bin-linux-mips64le \
 	bin-freebsd-amd64 bin-freebsd-386 bin-freebsd-arm bin-freebsd-arm64 \
 	bin-netbsd-amd64 bin-netbsd-386 bin-netbsd-arm bin-netbsd-arm64 \
 	bin-openbsd-amd64 bin-openbsd-386 bin-openbsd-arm bin-openbsd-arm64 \
@@ -28,6 +29,10 @@ bin-linux-amd64: $(OUTSUFFIX).linux-amd64
 bin-linux-386: $(OUTSUFFIX).linux-386
 bin-linux-arm: $(OUTSUFFIX).linux-arm
 bin-linux-arm64: $(OUTSUFFIX).linux-arm64
+bin-linux-mips: $(OUTSUFFIX).linux-mips
+bin-linux-mipsle: $(OUTSUFFIX).linux-mipsle
+bin-linux-mips64: $(OUTSUFFIX).linux-mips64
+bin-linux-mips64le: $(OUTSUFFIX).linux-mips64le
 bin-freebsd-amd64: $(OUTSUFFIX).freebsd-amd64
 bin-freebsd-386: $(OUTSUFFIX).freebsd-386
 bin-freebsd-arm: $(OUTSUFFIX).freebsd-arm
@@ -63,6 +68,18 @@ $(OUTSUFFIX).linux-arm: $(src)
 $(OUTSUFFIX).linux-arm64: $(src)
 	CGO_ENABLED=0 GOOS=linux GOARCH=arm64 $(GO) build $(BUILDOPTS) $(LDFLAGS) -o $@

+$(OUTSUFFIX).linux-mips: $(src)
+	CGO_ENABLED=0 GOOS=linux GOARCH=mips GOMIPS=softfloat $(GO) build $(BUILDOPTS) $(LDFLAGS) -o $@
+
+$(OUTSUFFIX).linux-mips64: $(src)
+	CGO_ENABLED=0 GOOS=linux GOARCH=mips64 GOMIPS=softfloat $(GO) build $(BUILDOPTS) $(LDFLAGS) -o $@
+
+$(OUTSUFFIX).linux-mipsle: $(src)
+	CGO_ENABLED=0 GOOS=linux GOARCH=mipsle GOMIPS=softfloat $(GO) build $(BUILDOPTS) $(LDFLAGS) -o $@
+
+$(OUTSUFFIX).linux-mips64le: $(src)
+	CGO_ENABLED=0 GOOS=linux GOARCH=mips64le GOMIPS=softfloat $(GO) build $(BUILDOPTS) $(LDFLAGS) -o $@
+
 $(OUTSUFFIX).freebsd-amd64: $(src)
 	CGO_ENABLED=0 GOOS=freebsd GOARCH=amd64 $(GO) build $(BUILDOPTS) $(LDFLAGS) -o $@

--- a/README.md
+++ b/README.md
@@ -1,3 +1,82 @@
-# windscribe-proxy
+windscribe-proxy
+================

-Work in progress...
+Standalone Windscribe proxy client. Younger brother of [opera-proxy](https://github.com/Snawoot/opera-proxy/).
+
+Just run it and it'll start a plain HTTP proxy server forwarding traffic through Windscribe proxies of your choice.
+By default the application listens on 127.0.0.1:28080.
+
+## Features
+
+* Cross-platform (Windows/Mac OS/Linux/Android (via shell)/\*BSD)
+* Uses TLS for secure communication with upstream proxies
+* Zero configuration
+* Simple and straightforward
+
+## Installation
+
+#### Binaries
+
+Pre-built binaries are available [here](https://github.com/Snawoot/windscribe-proxy/releases/latest).
+
+#### Build from source
+
+Alternatively, you may install windscribe-proxy from source. Run the following within the source directory:
+
+```
+make install
+```
+
+#### Docker
+
+A docker image is available as well. Here is an example of running windscribe-proxy as a background service:
+
+```sh
+docker run -d \
+    --security-opt no-new-privileges \
+    -p 127.0.0.1:28080:28080 \
+    --restart unless-stopped \
+    --name windscribe-proxy \
+    yarmak/windscribe-proxy
+```
+
+## Usage
+
+List available locations:
+
+```
+windscribe-proxy -list-locations
+```
+
+Run proxy via location of your choice:
+
+```
+windscribe-proxy -location Germany/Frankfurt
+```
+
+Also it is possible to export proxy addresses and credentials:
+
+```
+windscribe-proxy -list-proxies
+```
+
+## List of arguments
+
+| Argument | Type | Description |
+| -------- | ---- | ----------- |
+| auth-secret | String | client auth secret (default `952b4412f002315aa50751032fcaab03`) |
+| bind-address | String | HTTP proxy listen address (default `127.0.0.1:28080`) |
+| cafile | String | use custom CA certificate bundle file |
+| list-locations | - | list available locations and exit |
+| list-proxies | - | output proxy list and exit |
+| location | String | desired proxy location. Default: best location |
+| proxy | String | sets base proxy to use for all dial-outs. Format: `<http\|https\|socks5\|socks5h>://[login:password@]host[:port]` Examples: `http://user:password@192.168.1.1:3128`, `socks5://10.0.0.1:1080` |
+| resolver | String | Use DNS/DoH/DoT/DoQ resolver for all dial-outs. See https://github.com/ameshkov/dnslookup/ for upstream DNS URL format. Examples: `https://1.1.1.1/dns-query`, `quic://dns.adguard.com` |
+| state-file | String | file name used to persist Windscribe API client state. Default: `wndstate.json` |
+| timeout | Duration | timeout for network operations. Default: `10s` |
+| verbosity | Number | logging verbosity (10 - debug, 20 - info, 30 - warning, 40 - error, 50 - critical). Default: `20` |
+| version | - | show program version and exit |
+
+## See also
+
+* [Project wiki](https://github.com/Snawoot/windscribe-proxy/wiki)
--- a/go.mod
+++ b/go.mod
@@ -3,7 +3,16 @@ module github.com/Snawoot/windscribe-proxy
 go 1.16

 require (
-	github.com/AdguardTeam/dnsproxy v0.37.7
-	github.com/miekg/dns v1.1.43
-	golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4
+	github.com/AdguardTeam/dnsproxy v0.43.1
+	github.com/AdguardTeam/golibs v0.10.9 // indirect
+	github.com/fsnotify/fsnotify v1.5.4 // indirect
+	github.com/jellydator/ttlcache/v2 v2.11.1
+	github.com/lucas-clemente/quic-go v0.27.2 // indirect
+	github.com/miekg/dns v1.1.50
+	golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d // indirect
+	golang.org/x/net v0.0.0-20220624214902-1bab6f366d9e
+	golang.org/x/sync v0.0.0-20220601150217-0de741cfad7f // indirect
+	golang.org/x/sys v0.0.0-20220624220833-87e55d714810 // indirect
+	golang.org/x/tools v0.1.11 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
--- a/go.sum
+++ b/go.sum
@@ -7,18 +7,19 @@ dmitri.shuralyov.com/html/belt v0.0.0-20180602232347-f7d459c86be0/go.mod h1:JLBr
 dmitri.shuralyov.com/service/change v0.0.0-20181023043359-a85b471d5412/go.mod h1:a1inKt/atXimZ4Mv927x+r7UpyzRUf4emIoiiSC2TN4=
 dmitri.shuralyov.com/state v0.0.0-20180228185332-28bcc343414c/go.mod h1:0PRwlb0D6DFvNNtx+9ybjezNCa8XF0xaYcETyp6rHWU=
 git.apache.org/thrift.git v0.0.0-20180902110319-2566ecd5d999/go.mod h1:fPE2ZNJGynbRyZ4dJvy6G277gSllfV2HJqblrnkyeyg=
-github.com/AdguardTeam/dnsproxy v0.37.7 h1:yp0vEVYobf/1l8iY7es9yMqguw8BUEeC74OGA4G2v2A=
-github.com/AdguardTeam/dnsproxy v0.37.7/go.mod h1:xMfevPAwpK1ULoLO0CARg/OiUsPH92kfyliXhPTc62M=
+github.com/AdguardTeam/dnsproxy v0.43.1 h1:E777KfQAi+VurOoWEdGQ5iqjSOOAzzbTfLOEzj8heCs=
+github.com/AdguardTeam/dnsproxy v0.43.1/go.mod h1:JUGTm5dmlll47JltztsT0N//pVJjdg6zu0SNeUeaA7g=
 github.com/AdguardTeam/golibs v0.4.2/go.mod h1:skKsDKIBB7kkFflLJBpfGX+G8QFTx0WKUzB6TIgtUj4=
-github.com/AdguardTeam/golibs v0.4.4 h1:cM9UySQiYFW79zo5XRwnaIWVzfW4eNXmZktMrWbthpw=
-github.com/AdguardTeam/golibs v0.4.4/go.mod h1:skKsDKIBB7kkFflLJBpfGX+G8QFTx0WKUzB6TIgtUj4=
+github.com/AdguardTeam/golibs v0.10.8/go.mod h1:rSfQRGHIdgfxriDDNgNJ7HmE5zRoURq8R+VdR81Zuzw=
+github.com/AdguardTeam/golibs v0.10.9 h1:F9oP2da0dQ9RQDM1lGR7LxUTfUWu8hEFOs4icwAkKM0=
+github.com/AdguardTeam/golibs v0.10.9/go.mod h1:W+5rznZa1cSNSFt+gPS7f4Wytnr9fOrd5ZYqwadPw14=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da h1:KjTM2ks9d14ZYCvmHS9iAKVt9AyzRSqNU1qabPih5BY=
 github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da/go.mod h1:eHEWzANqSiWQsof+nXEI9bUVUyV6F53Fp89EuCh2EAA=
 github.com/aead/poly1305 v0.0.0-20180717145839-3fee0db0b635 h1:52m0LGchQBBVqJRyYYufQuIbVqRawmubW3OFGqK1ekw=
 github.com/aead/poly1305 v0.0.0-20180717145839-3fee0db0b635/go.mod h1:lmLxL+FV291OopO93Bwf9fQLQeLyt33VJRUg5VJ30us=
-github.com/ameshkov/dnscrypt/v2 v2.1.3 h1:DG4Uf7LSDg6XDj9sp3maxh3Ur26jeGQaP5MeYosn6v0=
-github.com/ameshkov/dnscrypt/v2 v2.1.3/go.mod h1:+8SbPbVXpxxcUsgGi8eodkqWPo1MyNHxKYC8hDpqLSo=
+github.com/ameshkov/dnscrypt/v2 v2.2.3 h1:X9UP5AHtwp46Ji+sGFfF/1Is6OPI/SjxLqhKpx0P5UI=
+github.com/ameshkov/dnscrypt/v2 v2.2.3/go.mod h1:xJB9cE1/GF+NB6EEQqRlkoa4bjcV2w7VYn1G+zVq7Bs=
 github.com/ameshkov/dnsstamps v1.0.1/go.mod h1:Ii3eUu73dx4Vw5O4wjzmT5+lkCwovjzaEZZ4gKyIH5A=
 github.com/ameshkov/dnsstamps v1.0.3 h1:Srzik+J9mivH1alRACTbys2xOxs0lRH9qnTA7Y1OYVo=
 github.com/ameshkov/dnsstamps v1.0.3/go.mod h1:Ii3eUu73dx4Vw5O4wjzmT5+lkCwovjzaEZZ4gKyIH5A=
@@ -39,12 +40,15 @@ github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25Kn
 github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc=
 github.com/francoispqt/gojay v1.2.13/go.mod h1:ehT5mTG4ua4581f1++1WLG0vPdaA9HaiDsoyrBGkyDY=
 github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
-github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4=
 github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ=
+github.com/fsnotify/fsnotify v1.5.1/go.mod h1:T3375wBYaZdLLcVNkcVbzGHY7f1l/uK5T5Ai1i3InKU=
+github.com/fsnotify/fsnotify v1.5.4 h1:jRbGcIw6P2Meqdwuo0H1p6JVLbL5DHKAKlYndzMwVZI=
+github.com/fsnotify/fsnotify v1.5.4/go.mod h1:OVB6XrOHzAwXMpEM7uPOzcehqUV2UqJxmVXmkdnm1bU=
 github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
 github.com/gliderlabs/ssh v0.1.1/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0=
 github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q=
-github.com/go-test/deep v1.0.5/go.mod h1:QV8Hv/iy04NyLBxAdO9njL0iVPN1S4d/A3NVv1V36o8=
+github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0 h1:p104kn46Q8WdvHunIJ9dAyjPVtrBPhSr3KT2yUst43I=
+github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE=
 github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
 github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
 github.com/golang/lint v0.0.0-20180702182130-06c8688daad7/go.mod h1:tluoj9z5200jBnyusfRPU2LqT6J+DAorxEvtC7LHB+E=
@@ -61,11 +65,15 @@ github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrU
 github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
 github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
 github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
+github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
+github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw=
+github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
 github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
 github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
 github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
 github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
 github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-github v17.0.0+incompatible/go.mod h1:zLgOLi98H3fifZn+44m+umXrS52loVEgC2AApnigrVQ=
 github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck=
 github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs=
@@ -77,9 +85,10 @@ github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:Fecb
 github.com/grpc-ecosystem/grpc-gateway v1.5.0/go.mod h1:RSKVYQBd5MCa4OVpNdGskqpgL2+G+NZTnrVHpWWfpdw=
 github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
 github.com/jellevandenhooff/dkim v0.0.0-20150330215556-f50fe3d243e1/go.mod h1:E0B/fFc00Y+Rasa88328GlI/XbtyysCtTHZS8h7IrBU=
+github.com/jellydator/ttlcache/v2 v2.11.1 h1:AZGME43Eh2Vv3giG6GeqeLeFXxwxn1/qHItqWZl6U64=
+github.com/jellydator/ttlcache/v2 v2.11.1/go.mod h1:RtE5Snf0/57e+2cLWFYWCCsLas2Hy3c5Z4n14XmSvTI=
 github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=
-github.com/joomcode/errorx v1.0.3 h1:3e1mi0u7/HTPNdg6d6DYyKGBhA5l9XpsfuVE29NxnWw=
-github.com/joomcode/errorx v1.0.3/go.mod h1:eQzdtdlNyN7etw6YCS4W4+lu442waxZYw5yvz0ULrRo=
+github.com/jessevdk/go-flags v1.5.0/go.mod h1:Fw0T6WPc1dYxT4mKEZRfG5kJhaTDP9pj1c2EWnYs/m4=
 github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
 github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
@@ -88,36 +97,45 @@ github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/pty v1.1.3/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
-github.com/lucas-clemente/quic-go v0.21.1 h1:uuhCcu885TE9u/piPYMChI/yqA1lXfaLUEx8uCMxf8w=
-github.com/lucas-clemente/quic-go v0.21.1/go.mod h1:U9kFi5LKbNIlU30dkuM9vxmTxWq4Bvzee/MjBI+07UA=
+github.com/lucas-clemente/quic-go v0.27.1/go.mod h1:AzgQoPda7N+3IqMMMkywBKggIFo2KT6pfnlrQ2QieeI=
+github.com/lucas-clemente/quic-go v0.27.2 h1:zsMwwniyybb8B/UDNXRSYee7WpQJVOcjQEGgpw2ikXs=
+github.com/lucas-clemente/quic-go v0.27.2/go.mod h1:vXgO/11FBSKM+js1NxoaQ/bPtVFYfB7uxhfHXyMhl1A=
 github.com/lunixbochs/vtclean v1.0.0/go.mod h1:pHhQNgMf3btfWnGBVipUOjRYhoOsdGqdm/+2c2E2WMI=
 github.com/mailru/easyjson v0.0.0-20190312143242-1de009706dbe/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
 github.com/marten-seemann/qpack v0.2.1/go.mod h1:F7Gl5L1jIgN1D11ucXefiuJS9UMVP2opoCp2jDKb7wc=
-github.com/marten-seemann/qtls-go1-15 v0.1.4 h1:RehYMOyRW8hPVEja1KBVsFVNSm35Jj9Mvs5yNoZZ28A=
-github.com/marten-seemann/qtls-go1-15 v0.1.4/go.mod h1:GyFwywLKkRt+6mfU99csTEY1joMZz5vmB1WNZH3P81I=
-github.com/marten-seemann/qtls-go1-16 v0.1.3 h1:XEZ1xGorVy9u+lJq+WXNE+hiqRYLNvJGYmwfwKQN2gU=
-github.com/marten-seemann/qtls-go1-16 v0.1.3/go.mod h1:gNpI2Ol+lRS3WwSOtIUUtRwZEQMXjYK+dQSBFbethAk=
-github.com/marten-seemann/qtls-go1-17 v0.1.0-beta.1.2 h1:SficYjyOthSrliKI+EaFuXS6HqSsX3dkY9AqxAAjBjw=
-github.com/marten-seemann/qtls-go1-17 v0.1.0-beta.1.2/go.mod h1:fz4HIxByo+LlWcreM4CZOYNuz3taBQ8rN2X6FqvaWo8=
+github.com/marten-seemann/qtls-go1-16 v0.1.5 h1:o9JrYPPco/Nukd/HpOHMHZoBDXQqoNtUCmny98/1uqQ=
+github.com/marten-seemann/qtls-go1-16 v0.1.5/go.mod h1:gNpI2Ol+lRS3WwSOtIUUtRwZEQMXjYK+dQSBFbethAk=
+github.com/marten-seemann/qtls-go1-17 v0.1.1/go.mod h1:C2ekUKcDdz9SDWxec1N/MvcXBpaX9l3Nx67XaR84L5s=
+github.com/marten-seemann/qtls-go1-17 v0.1.2 h1:JADBlm0LYiVbuSySCHeY863dNkcpMmDR7s0bLKJeYlQ=
+github.com/marten-seemann/qtls-go1-17 v0.1.2/go.mod h1:C2ekUKcDdz9SDWxec1N/MvcXBpaX9l3Nx67XaR84L5s=
+github.com/marten-seemann/qtls-go1-18 v0.1.1/go.mod h1:mJttiymBAByA49mhlNZZGrH5u1uXYZJ+RW28Py7f4m4=
+github.com/marten-seemann/qtls-go1-18 v0.1.2 h1:JH6jmzbduz0ITVQ7ShevK10Av5+jBEKAHMntXmIV7kM=
+github.com/marten-seemann/qtls-go1-18 v0.1.2/go.mod h1:mJttiymBAByA49mhlNZZGrH5u1uXYZJ+RW28Py7f4m4=
 github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
 github.com/microcosm-cc/bluemonday v1.0.1/go.mod h1:hsXNsILzKxV+sX77C5b8FSuKF00vh2OMYv+xgHpAMF4=
 github.com/miekg/dns v1.1.40/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM=
-github.com/miekg/dns v1.1.43 h1:JKfpVSCB84vrAmHzyrsxB5NAr5kLoMXZArPSw7Qlgyg=
-github.com/miekg/dns v1.1.43/go.mod h1:+evo5L0630/F6ca/Z9+GAqzhjGyn8/c+TBaOyfEl0V4=
+github.com/miekg/dns v1.1.44/go.mod h1:e3IlAVfNqAllflbibAZEWOXOQ+Ynzk/dDozDxY7XnME=
+github.com/miekg/dns v1.1.50 h1:DQUfb9uc6smULcREF09Uc+/Gd46YWqJd5DbpPE9xkcA=
+github.com/miekg/dns v1.1.50/go.mod h1:e3IlAVfNqAllflbibAZEWOXOQ+Ynzk/dDozDxY7XnME=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
 github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
 github.com/neelance/astrewrite v0.0.0-20160511093645-99348263ae86/go.mod h1:kHJEU3ofeGjhHklVoIGuVj85JJwZ6kWPaJwCIxgnFmo=
 github.com/neelance/sourcemap v0.0.0-20151028013722-8c68805598ab/go.mod h1:Qr6/a/Q4r9LP1IltGz7tA7iOK1WonHEYhu1HRBA7ZiM=
 github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
-github.com/nxadm/tail v1.4.4 h1:DQuhQpB1tVlglWS2hLQ5OV6B5r8aGxSrPc5Qo6uTN78=
 github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A=
+github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE=
+github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU=
 github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
 github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk=
-github.com/onsi/ginkgo v1.14.0 h1:2mOpI4JVVPBN+WQRa0WKH2eXR+Ey+uK4n7Zj0aYpIQA=
 github.com/onsi/ginkgo v1.14.0/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY=
+github.com/onsi/ginkgo v1.16.2/go.mod h1:CObGmKUOKaSC0RjmoAK7tKyn4Azo5P2IWuoMnvwxz1E=
+github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0=
+github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE=
+github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU=
 github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY=
-github.com/onsi/gomega v1.10.1 h1:o0+MgICZLuZ7xjH7Vx6zS/zcu93/BEp1VwkIW1mEXCE=
 github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo=
+github.com/onsi/gomega v1.13.0 h1:7lLHu94wT9Ij0o6EWWclhu0aOh32VxhkwEJvzuWPeak=
+github.com/onsi/gomega v1.13.0/go.mod h1:lRk9szgn8TxENtWd0Tp4c3wjlRfMTMH27I+3Je41yGY=
 github.com/openzipkin/zipkin-go v0.1.1/go.mod h1:NtoC/o8u3JlF1lSlyPNswIbeQH9bJTmOf0Erfk+hxe8=
 github.com/patrickmn/go-cache v2.1.0+incompatible/go.mod h1:3Qf8kWWT7OJRJbdiICTKqZju1ZixQ/KpMGzzAfe6+WQ=
 github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
@@ -155,14 +173,21 @@ github.com/sourcegraph/annotate v0.0.0-20160123013949-f4cad6c6324d/go.mod h1:Udh
 github.com/sourcegraph/syntaxhighlight v0.0.0-20170531221838-bd320f5d308e/go.mod h1:HuIsMU8RRBOtsCgI77wP899iHVBQpCmg4ErYMZB+2IA=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
+github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
 github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
-github.com/stretchr/testify v1.6.1 h1:hDPOHmpOpP40lSULcqw7IrRb/u7w6RpDC9399XyoNd0=
 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.7.1 h1:5TQK59W5E3v0r2duFAb7P95B6hEeOyEnHRa8MjYSMTY=
+github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/tarm/serial v0.0.0-20180830185346-98f6abe2eb07/go.mod h1:kDXzergiv9cbyO7IOYJZWg1U88JhDg3PB6klq9Hg2pA=
 github.com/viant/assertly v0.4.8/go.mod h1:aGifi++jvCrUaklKEKT0BU95igDNaqkvz+49uaYMPRU=
 github.com/viant/toolbox v0.24.0/go.mod h1:OxMCG57V0PXuIP2HNQrtJf2CjqdmbrOx5EkMILuUhzM=
+github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
+github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
 go.opencensus.io v0.18.0/go.mod h1:vKdFvxhtzZ9onBp9VKHK8z/sRpBMnKAsufL7wlDrCOA=
+go.uber.org/goleak v1.1.10 h1:z+mqJhf6ss6BSfSM671tgKyZBFPTTJM+HLxnhPC3wu0=
+go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A=
 go4.org v0.0.0-20180809161055-417644f6feb5/go.mod h1:MkTOUMDaeVYJUOUsaDXIhWPZYa1yOyC1qaOBpL57BhE=
 golang.org/x/build v0.0.0-20190111050920-041ab4dc3f9d/go.mod h1:OWs+y06UdEOHN4y+MfF/py+xQ/tYqIWW03b70/CG9Rw=
 golang.org/x/crypto v0.0.0-20181030102418-4d3f4d9ffa16/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
@@ -172,14 +197,23 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8U
 golang.org/x/crypto v0.0.0-20200221231518-2aa609cf4a9d/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20200323165209-0ec3e9974c59/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.0.0-20201208171446-5f87f3452ae9 h1:sYNJzB4J8toYPQTM6pAkcmBRgw9SnQKP9oXCHfgy604=
-golang.org/x/crypto v0.0.0-20201208171446-5f87f3452ae9/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
+golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
+golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
+golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d h1:sK3txAijHtOK88l68nt020reeT1ZdKLIYetKl95FzVY=
+golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/lint v0.0.0-20180702182130-06c8688daad7/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
 golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
 golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
+golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
+golang.org/x/lint v0.0.0-20201208152925-83fdc39ff7b5 h1:2M3HP5CCK1Si9FQhwnzYhXdG6DXeebvUHFpre8QvbyI=
+golang.org/x/lint v0.0.0-20201208152925-83fdc39ff7b5/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
 golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
+golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
+golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3/go.mod h1:3p9vT2HGsQu2K1YbXdKPJLVgG5VJdoTa1poYQBtP1AY=
+golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4 h1:6zppjxzCulZykYSLyVDYbneBfbaBIQPYMevg0bEwv2s=
+golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
 golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@@ -195,9 +229,18 @@ golang.org/x/net v0.0.0-20190923162816-aa69164e4478/go.mod h1:z5CRVTTTmAJ677TzLL
 golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
 golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
 golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
+golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
-golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4 h1:4nGaVu0QrbjT/AK2PRLuQfQuh6DJve+pELhqTdAj3x0=
 golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
+golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk=
+golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
+golang.org/x/net v0.0.0-20210929193557-e81a3d93ecf6/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
+golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
+golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
+golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
+golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
+golang.org/x/net v0.0.0-20220624214902-1bab6f366d9e h1:TsQ7F31D3bUCLeqPT0u+yjp1guoArKaNKmCr22PYgTQ=
+golang.org/x/net v0.0.0-20220624214902-1bab6f366d9e/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20181017192945-9dcd33a902f4/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20181203162652-d668ce993890/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
@@ -208,8 +251,10 @@ golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJ
 golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20210220032951-036812b2e83c h1:5KslGYwFpkhGh+Q16bwMP3cOontH8FOep7tGV86Y7SQ=
+golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20220601150217-0de741cfad7f h1:Ax0t5p6N38Ga0dThY21weqDEyz2oklo4IvDkpigvkD8=
+golang.org/x/sync v0.0.0-20220601150217-0de741cfad7f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20181029174526-d69651ed3497/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@@ -219,25 +264,36 @@ golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190924154521-2837fb4f24fe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200331124033-c3d80250170d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200519105757-fe76b779f299/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210303074136-134d130e1a04/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210510120138-977fb7262007 h1:gG67DSER+11cZvqIMb8S8bt0vZtiN6xWYARwirrOSfE=
+golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
+golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220319134239-a9b59b0215f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220412211240-33da011f77ad/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220624220833-87e55d714810 h1:rHZQSjJdAI4Xf5Qzeh2bBc5YJIkPFVM6oDtMFYmgws0=
+golang.org/x/sys v0.0.0-20220624220833-87e55d714810/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
+golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.3.4 h1:0YWbFKbhXG/wIiuHDSKpS0Iy7FSA+u45VtBMfQcFTTc=
-golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk=
+golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
 golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
@@ -245,14 +301,22 @@ golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGm
 golang.org/x/tools v0.0.0-20181030000716-a0a13e073c7b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
+golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
 golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
+golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191216052735-49a3e744a425/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
+golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
+golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
+golang.org/x/tools v0.0.0-20210112230658-8b4aab62c064/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
 golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
+golang.org/x/tools v0.1.6-0.20210726203631-07bc1bf47fb2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
+golang.org/x/tools v0.1.10/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E=
+golang.org/x/tools v0.1.11 h1:loJ25fNOEhSXfHrpoGj91eCUThwdNX6u24rO1xnNteY=
+golang.org/x/tools v0.1.11/go.mod h1:SgwaegtQh8clINPpECJMqnxLv9I09HLqnW3RMqW0CA4=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE=
 golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 google.golang.org/api v0.0.0-20180910000450-7ca32eb868bf/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0=
 google.golang.org/api v0.0.0-20181030000543-1d582fd0359e/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0=
@@ -276,6 +340,9 @@ google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQ
 google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
 google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
 google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
+google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
+google.golang.org/protobuf v1.26.0 h1:bxAC2xTBsZGibn2RTntX0oH50xLsqy1OxA9tTL3p/lk=
+google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
@@ -287,11 +354,13 @@ gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
-gopkg.in/yaml.v2 v2.3.0 h1:clyUAQHOM3G0M3f5vQj7LuJrETvjVot3Z5el9nffUtU=
 gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
+gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776 h1:tQIYjPdBoyREyB9XMu+nnTclpTYkz2zFM+lzLJFO4gQ=
-gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 grpc.go4.org v0.0.0-20170609214715-11d0a25b4919/go.mod h1:77eQGdRu53HpSqPFJFmuJdjuHRquDANNeA4x7B8WQ9o=
 honnef.co/go/tools v0.0.0-20180728063816-88497007e858/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
--- a/main.go
+++ b/main.go
@@ -2,7 +2,6 @@ package main

 import (
 	"context"
-	"crypto/tls"
 	"crypto/x509"
 	"encoding/csv"
 	"encoding/json"
@@ -11,11 +10,13 @@ import (
 	"fmt"
 	"io/ioutil"
 	"log"
+	"math/rand"
 	"net"
 	"net/http"
 	"net/url"
 	"os"
-	//"strings"
+	"sort"
+	"strconv"
 	"time"

 	xproxy "golang.org/x/net/proxy"
@@ -24,8 +25,8 @@ import (
 )

 const (
-	DEFAULT_CLIENT_AUTH_SECRET = "952b4412f002315aa50751032fcaab03"
-	ASSUMED_PROXY_PORT         = 443
+	DEFAULT_CLIENT_AUTH_SECRET        = "952b4412f002315aa50751032fcaab03"
+	ASSUMED_PROXY_PORT         uint16 = 443
 )

 var (
@@ -45,17 +46,15 @@ func arg_fail(msg string) {
 }

 type CLIArgs struct {
-	country          string
-	listCountries    bool
+	location         string
+	listLocations    bool
 	listProxies      bool
 	bindAddress      string
 	verbosity        int
 	timeout          time.Duration
 	showVersion      bool
 	proxy            string
-	bootstrapDNS     string
-	refresh          time.Duration
-	refreshRetry     time.Duration
+	resolver         string
 	caFile           string
 	clientAuthSecret string
 	stateFile        string
@@ -63,8 +62,8 @@ type CLIArgs struct {

 func parse_args() CLIArgs {
 	var args CLIArgs
-	flag.StringVar(&args.country, "country", "EU", "desired proxy location")
-	flag.BoolVar(&args.listCountries, "list-countries", false, "list available countries and exit")
+	flag.StringVar(&args.location, "location", "", "desired proxy location. Default: best location")
+	flag.BoolVar(&args.listLocations, "list-locations", false, "list available locations and exit")
 	flag.BoolVar(&args.listProxies, "list-proxies", false, "output proxy list and exit")
 	flag.StringVar(&args.bindAddress, "bind-address", "127.0.0.1:28080", "HTTP proxy listen address")
 	flag.IntVar(&args.verbosity, "verbosity", 20, "logging verbosity "+
@@ -75,22 +74,17 @@ func parse_args() CLIArgs {
 		"Format: <http|https|socks5|socks5h>://[login:password@]host[:port] "+
 		"Examples: http://user:password@192.168.1.1:3128, socks5://10.0.0.1:1080")
 	// TODO: implement DNS resolving or remove it
-	flag.StringVar(&args.bootstrapDNS, "bootstrap-dns", "",
-		"DNS/DoH/DoT/DoQ resolver for initial discovering of SurfEasy API address. "+
+	flag.StringVar(&args.resolver, "resolver", "",
+		"Use DNS/DoH/DoT/DoQ resolver for all dial-outs. "+
 			"See https://github.com/ameshkov/dnslookup/ for upstream DNS URL format. "+
 			"Examples: https://1.1.1.1/dns-query, quic://dns.adguard.com")
-	flag.DurationVar(&args.refresh, "refresh", 4*time.Hour, "login refresh interval")
-	flag.DurationVar(&args.refreshRetry, "refresh-retry", 5*time.Second, "login refresh retry interval")
 	flag.StringVar(&args.caFile, "cafile", "", "use custom CA certificate bundle file")
 	flag.StringVar(&args.clientAuthSecret, "auth-secret", DEFAULT_CLIENT_AUTH_SECRET, "client auth secret")
 	flag.StringVar(&args.stateFile, "state-file", "wndstate.json", "file name used to persist "+
 		"Windscribe API client state")
 	flag.Parse()
-	if args.country == "" {
-		arg_fail("Country can't be empty string.")
-	}
-	if args.listCountries && args.listProxies {
-		arg_fail("list-countries and list-proxies flags are mutually exclusive")
+	if args.listLocations && args.listProxies {
+		arg_fail("list-locations and list-proxies flags are mutually exclusive")
 	}
 	return args
 }
@@ -105,6 +99,7 @@ func proxyFromURLWrapper(u *url.URL, next xproxy.Dialer) (xproxy.Dialer, error)
 }

 func run() int {
+	var err error
 	args := parse_args()
 	if args.showVersion {
 		fmt.Println(version)
@@ -120,6 +115,9 @@ func run() int {
 	proxyLogger := NewCondLogger(log.New(logWriter, "PROXY   : ",
 		log.LstdFlags|log.Lshortfile),
 		args.verbosity)
+	resolverLogger := NewCondLogger(log.New(logWriter, "RESOLVER: ",
+		log.LstdFlags|log.Lshortfile),
+		args.verbosity)

 	mainLogger.Info("windscribe-proxy client version %s is starting...", version)

@@ -128,6 +126,20 @@ func run() int {
 		KeepAlive: 30 * time.Second,
 	}

+	var caPool *x509.CertPool
+	if args.caFile != "" {
+		caPool = x509.NewCertPool()
+		certs, err := ioutil.ReadFile(args.caFile)
+		if err != nil {
+			mainLogger.Error("Can't load CA file: %v", err)
+			return 15
+		}
+		if ok := caPool.AppendCertsFromPEM(certs); !ok {
+			mainLogger.Error("Can't load certificates from CA file")
+			return 15
+		}
+	}
+
 	if args.proxy != "" {
 		xproxy.RegisterDialerType("http", proxyFromURLWrapper)
 		xproxy.RegisterDialerType("https", proxyFromURLWrapper)
@@ -144,22 +156,19 @@ func run() int {
 		dialer = pxDialer.(ContextDialer)
 	}

+	if args.resolver != "" {
+		dialer, err = NewResolvingDialer(args.resolver, args.timeout, dialer, resolverLogger)
+		if err != nil {
+			mainLogger.Critical("Unable to instantiate resolver: %v", err)
+			return 5
+		}
+	}
+
 	wndclientDialer := dialer

-	// TODO: properly validate cert, move TLSDialer to utils
-	tlsConfig := &tls.Config{
-		ServerName:         "",
-		InsecureSkipVerify: true,
-	}
-	wndclient, err := wndclient.NewWndClient(&http.Transport{
-		DialContext: wndclientDialer.DialContext,
-		DialTLSContext: func(ctx context.Context, network, addr string) (net.Conn, error) {
-			conn, err := wndclientDialer.DialContext(ctx, network, addr)
-			if err != nil {
-				return conn, err
-			}
-			return tls.Client(conn, tlsConfig), nil
-		},
+	wndc, err := wndclient.NewWndClient(&http.Transport{
+		DialContext:           wndclientDialer.DialContext,
+		DialTLSContext:        NewNoSNIDialer(caPool, wndclientDialer).DialTLSContext,
 		ForceAttemptHTTP2:     true,
 		MaxIdleConns:          100,
 		IdleConnTimeout:       90 * time.Second,
@@ -170,95 +179,118 @@ func run() int {
 		mainLogger.Critical("Unable to construct WndClient: %v", err)
 		return 8
 	}
+	wndc.Mux.Lock()
+	wndc.State.Settings.ClientAuthSecret = args.clientAuthSecret
+	wndc.Mux.Unlock()

 	// Try ressurect state
 	state, err := loadState(args.stateFile)
 	if err != nil {
 		mainLogger.Warning("Failed to load client state: %v. Performing cold init...", err)
-		err = coldInit(wndclient, args.timeout)
+		err = coldInit(wndc, args.timeout)
 		if err != nil {
 			mainLogger.Critical("Cold init failed: %v", err)
 			return 9
 		}
-		err = saveState(args.stateFile, &wndclient.State)
+		err = saveState(args.stateFile, &wndc.State)
 		if err != nil {
 			mainLogger.Error("Unable to save state file! Error: %v", err)
 		}
 	} else {
-		wndclient.State = *state
+		wndc.Mux.Lock()
+		wndc.State = *state
+		wndc.Mux.Unlock()
 	}

-	ctx, cl := context.WithTimeout(context.Background(), args.timeout)
-	serverList, err := wndclient.ServerList(ctx)
-	cl()
-	if err != nil {
-		mainLogger.Critical("Server list retrieve failed: %v", err)
-		return 12
+	var serverList wndclient.ServerList
+	if args.listProxies || args.listLocations || args.location != "" {
+		ctx, cl := context.WithTimeout(context.Background(), args.timeout)
+		serverList, err = wndc.ServerList(ctx)
+		cl()
+		if err != nil {
+			mainLogger.Critical("Server list retrieve failed: %v", err)
+			return 12
+		}
 	}

 	if args.listProxies {
-		username, password := wndclient.GetProxyCredentials()
+		username, password := wndc.GetProxyCredentials()
 		return printProxies(username, password, serverList)
 	}

-	//if len(ips) == 0 {
-	//	mainLogger.Critical("Empty endpoint list!")
-	//	return 13
-	//}
-
-	//runTicker(context.Background(), args.refresh, args.refreshRetry, func(ctx context.Context) error {
-	//	mainLogger.Info("Refreshing login...")
-	//	reqCtx, cl := context.WithTimeout(ctx, args.timeout)
-	//	defer cl()
-	//	err := wndclient.Login(reqCtx)
-	//	if err != nil {
-	//		mainLogger.Error("Login refresh failed: %v", err)
-	//		return err
-	//	}
-	//	mainLogger.Info("Login refreshed.")
-
-	//	mainLogger.Info("Refreshing device password...")
-	//	reqCtx, cl = context.WithTimeout(ctx, args.timeout)
-	//	defer cl()
-	//	err = wndclient.DeviceGeneratePassword(reqCtx)
-	//	if err != nil {
-	//		mainLogger.Error("Device password refresh failed: %v", err)
-	//		return err
-	//	}
-	//	mainLogger.Info("Device password refreshed.")
-	//	return nil
-	//})
-
-	//endpoint := ips[0]
-	auth := func() string {
-		return basic_auth_header(wndclient.GetProxyCredentials())
+	if args.listLocations {
+		return printLocations(serverList)
 	}

-	var caPool *x509.CertPool
-	if args.caFile != "" {
-		caPool = x509.NewCertPool()
-		certs, err := ioutil.ReadFile(args.caFile)
+	var proxyHostname string
+	if args.location == "" {
+		ctx, cl := context.WithTimeout(context.Background(), args.timeout)
+		bestLocation, err := wndc.BestLocation(ctx)
+		cl()
 		if err != nil {
-			mainLogger.Error("Can't load CA file: %v", err)
-			return 15
+			mainLogger.Critical("Unable to get best location endpoint: %v", err)
+			return 13
 		}
-		if ok := caPool.AppendCertsFromPEM(certs); !ok {
-			mainLogger.Error("Can't load certificates from CA file")
-			return 15
+		proxyHostname = bestLocation.Hostname
+	} else {
+		proxyHostname = pickServer(serverList, args.location)
+		if proxyHostname == "" {
+			mainLogger.Critical("Server for location \"%s\" not found.", args.location)
+			return 13
 		}
 	}

-	// TODO: set servername
-	//handlerDialer := NewProxyDialer(endpoint.NetAddr(), "", auth, caPool, dialer)
-	//mainLogger.Info("Endpoint: %s", endpoint.NetAddr())
-	//mainLogger.Info("Starting proxy server...")
-	//handler := NewProxyHandler(handlerDialer, proxyLogger)
-	//mainLogger.Info("Init complete.")
-	//err = http.ListenAndServe(args.bindAddress, handler)
-	//mainLogger.Critical("Server terminated with a reason: %v", err)
-	//mainLogger.Info("Shutting down...")
-	_ = proxyLogger
-	_ = auth
+	auth := func() string {
+		return basic_auth_header(wndc.GetProxyCredentials())
+	}
+
+	proxyNetAddr := net.JoinHostPort(proxyHostname, strconv.FormatUint(uint64(ASSUMED_PROXY_PORT), 10))
+	handlerDialer := NewProxyDialer(proxyNetAddr, proxyHostname, auth, caPool, dialer)
+	mainLogger.Info("Endpoint: %s", proxyNetAddr)
+	mainLogger.Info("Starting proxy server...")
+	handler := NewProxyHandler(handlerDialer, proxyLogger)
+	mainLogger.Info("Init complete.")
+	err = http.ListenAndServe(args.bindAddress, handler)
+	mainLogger.Critical("Server terminated with a reason: %v", err)
+	mainLogger.Info("Shutting down...")
+	return 0
+}
+
+type locationPair struct {
+	country string
+	city    string
+}
+
+func printLocations(serverList wndclient.ServerList) int {
+	var locs []locationPair
+	for _, country := range serverList {
+		for _, group := range country.Groups {
+			if len(group.Hosts) > 1 {
+				locs = append(locs, locationPair{country.Name, group.City})
+			}
+		}
+	}
+	if len(locs) == 0 {
+		return 0
+	}
+
+	sort.Slice(locs, func(i, j int) bool {
+		if locs[i].country < locs[j].country {
+			return true
+		}
+		if locs[i].country == locs[j].country && locs[i].city < locs[j].city {
+			return true
+		}
+		return false
+	})
+
+	var prevLoc locationPair
+	for _, loc := range locs {
+		if loc != prevLoc {
+			fmt.Println(loc.country + "/" + loc.city)
+			prevLoc = loc
+		}
+	}
 	return 0
 }

@@ -269,24 +301,48 @@ func printProxies(username, password string, serverList wndclient.ServerList) in
 	fmt.Println("Proxy password:", password)
 	fmt.Println("Proxy-Authorization:", basic_auth_header(username, password))
 	fmt.Println("")
-	//wr.Write([]string{"host", "ip_address", "port"})
-	//for i, ip := range ips {
-	//	for _, port := range ip.Ports {
-	//		wr.Write([]string{
-	//			fmt.Sprintf("%s%d.%s", strings.ToLower(ip.Geo.CountryCode), i, PROXY_SUFFIX),
-	//			ip.IP,
-	//			fmt.Sprintf("%d", port),
-	//		})
-	//	}
-	//}
+	wr.Write([]string{"location", "hostname", "port"})
+	for _, country := range serverList {
+		for _, group := range country.Groups {
+			for _, host := range group.Hosts {
+				wr.Write([]string{
+					country.Name + "/" + group.City,
+					host.Hostname,
+					strconv.FormatUint(uint64(ASSUMED_PROXY_PORT), 10),
+				})
+			}
+		}
+	}
 	return 0
 }

+func pickServer(serverList wndclient.ServerList, location string) string {
+	var candidates []string
+	for _, country := range serverList {
+		for _, group := range country.Groups {
+			for _, host := range group.Hosts {
+				if country.Name+"/"+group.City == location {
+					candidates = append(candidates, host.Hostname)
+				}
+			}
+		}
+	}
+
+	if len(candidates) == 0 {
+		return ""
+	}
+
+	rnd := rand.New(rand.NewSource(time.Now().UnixNano()))
+
+	return candidates[rnd.Intn(len(candidates))]
+}
+
 func loadState(filename string) (*wndclient.WndClientState, error) {
 	file, err := os.Open(filename)
 	if err != nil {
 		return nil, err
 	}
+	defer file.Close()

 	var state wndclient.WndClientState
 	dec := json.NewDecoder(file)
@@ -303,6 +359,7 @@ func saveState(filename string, state *wndclient.WndClientState) error {
 	if err != nil {
 		return err
 	}
+	defer file.Close()

 	enc := json.NewEncoder(file)
 	enc.SetIndent("", "    ")
@@ -310,23 +367,23 @@ func saveState(filename string, state *wndclient.WndClientState) error {
 	return err
 }

-func coldInit(wndclient *wndclient.WndClient, timeout time.Duration) error {
+func coldInit(wndc *wndclient.WndClient, timeout time.Duration) error {
 	ctx, cl := context.WithTimeout(context.Background(), timeout)
-	err := wndclient.RegisterToken(ctx)
+	err := wndc.RegisterToken(ctx)
 	cl()
 	if err != nil {
 		return err
 	}

 	ctx, cl = context.WithTimeout(context.Background(), timeout)
-	err = wndclient.Users(ctx)
+	err = wndc.Users(ctx)
 	cl()
 	if err != nil {
 		return err
 	}

 	ctx, cl = context.WithTimeout(context.Background(), timeout)
-	err = wndclient.ServerCredentials(ctx)
+	err = wndc.ServerCredentials(ctx)
 	cl()
 	if err != nil {
 		return err
--- a/resolver.go
+++ b/resolver.go
@@ -1,82 +1,147 @@
 package main

 import (
-	"github.com/AdguardTeam/dnsproxy/upstream"
-	"github.com/miekg/dns"
+	"context"
+	"errors"
+	"net"
+	"strings"
 	"time"
+
+	"github.com/AdguardTeam/dnsproxy/upstream"
+	"github.com/jellydator/ttlcache/v2"
+	"github.com/miekg/dns"
 )

 type Resolver struct {
 	upstream upstream.Upstream
 }

-const DOT = 0x2e
+const (
+	DOT                  = 0x2e
+	DNS_CACHE_SIZE_LIMIT = 1024
+)

-func NewResolver(address string, timeout time.Duration) (*Resolver, error) {
-	opts := upstream.Options{Timeout: timeout}
-	u, err := upstream.AddressToUpstream(address, opts)
+type ResolvingDialer struct {
+	next     ContextDialer
+	upstream upstream.Upstream
+	cache4   *ttlcache.Cache
+	cache6   *ttlcache.Cache
+	logger   *CondLogger
+}
+
+func NewResolvingDialer(resolverAddress string, timeout time.Duration, next ContextDialer, logger *CondLogger) (*ResolvingDialer, error) {
+	opts := &upstream.Options{Timeout: timeout}
+	u, err := upstream.AddressToUpstream(resolverAddress, opts)
 	if err != nil {
 		return nil, err
 	}
-	return &Resolver{upstream: u}, nil
+	cache4 := ttlcache.NewCache()
+	cache6 := ttlcache.NewCache()
+	d := &ResolvingDialer{
+		upstream: u,
+		next:     next,
+		cache4:   cache4,
+		cache6:   cache6,
+		logger:   logger,
+	}
+	cache4.SetLoaderFunction(d.resolveA)
+	cache6.SetLoaderFunction(d.resolveAAAA)
+	cache4.SetCacheSizeLimit(DNS_CACHE_SIZE_LIMIT)
+	cache6.SetCacheSizeLimit(DNS_CACHE_SIZE_LIMIT)
+	cache4.SkipTTLExtensionOnHit(true)
+	cache6.SkipTTLExtensionOnHit(true)
+
+	return d, nil
 }

-func (r *Resolver) ResolveA(domain string) []string {
-	res := make([]string, 0)
+func (d *ResolvingDialer) resolveA(domain string) (interface{}, time.Duration, error) {
+	d.logger.Debug("resolveA(%#v)", domain)
+	return d.resolve(domain, dns.TypeA)
+}
+
+func (d *ResolvingDialer) resolveAAAA(domain string) (interface{}, time.Duration, error) {
+	d.logger.Debug("resolveAAAA(%#v)", domain)
+	return d.resolve(domain, dns.TypeAAAA)
+}
+
+func (d *ResolvingDialer) resolve(domain string, typ uint16) (string, time.Duration, error) {
 	if len(domain) == 0 {
-		return res
-	}
-	if domain[len(domain)-1] != DOT {
-		domain = domain + "."
+		return "", 0, errors.New("empty domain name")
 	}
+	domain = absDomain(domain)
+
 	req := dns.Msg{}
 	req.Id = dns.Id()
 	req.RecursionDesired = true
 	req.Question = []dns.Question{
-		{Name: domain, Qtype: dns.TypeA, Qclass: dns.ClassINET},
+		{Name: domain, Qtype: typ, Qclass: dns.ClassINET},
 	}
-	reply, err := r.upstream.Exchange(&req)
+	reply, err := d.upstream.Exchange(&req)
 	if err != nil {
-		return res
+		return "", 0, err
 	}
 	for _, rr := range reply.Answer {
 		if a, ok := rr.(*dns.A); ok {
-			res = append(res, a.A.String())
+			return a.A.String(), (time.Second * time.Duration(a.Hdr.Ttl)), nil
 		}
 	}
-	return res
+	return "", 0, errors.New("no data in DNS response")
 }

-func (r *Resolver) ResolveAAAA(domain string) []string {
-	res := make([]string, 0)
-	if len(domain) == 0 {
-		return res
+func (d *ResolvingDialer) DialContext(ctx context.Context, network, address string) (net.Conn, error) {
+	name, port, err := net.SplitHostPort(address)
+	if err != nil {
+		return nil, err
+	}
+
+	if net.ParseIP(name) != nil || len(name) == 0 {
+		// Address is already in numeric form
+		return d.next.DialContext(ctx, network, address)
+	}
+
+	if len(network) == 0 {
+		return d.next.DialContext(ctx, network, address)
+	}
+
+	name = absDomain(name)
+	switch network[len(network)-1] {
+	case '4':
+		res, err := d.cache4.Get(name)
+		if err != nil {
+			return nil, err
+		}
+		name = res.(string)
+	case '6':
+		res, err := d.cache6.Get(name)
+		if err != nil {
+			return nil, err
+		}
+		name = res.(string)
+	default:
+		res, err := d.cache4.Get(name)
+		if err != nil {
+			res, err = d.cache6.Get(name)
+			if err != nil {
+				return nil, err
+			}
+		}
+		name = res.(string)
+	}
+	newAddress := net.JoinHostPort(name, port)
+	d.logger.Debug("resolve rewrite: %s => %s", address, newAddress)
+	return d.next.DialContext(ctx, network, newAddress)
+}
+
+func (d *ResolvingDialer) Dial(network, address string) (net.Conn, error) {
+	return d.DialContext(context.Background(), network, address)
+}
+
+func absDomain(domain string) string {
+	if domain == "" {
+		return ""
 	}
 	if domain[len(domain)-1] != DOT {
 		domain = domain + "."
 	}
-	req := dns.Msg{}
-	req.Id = dns.Id()
-	req.RecursionDesired = true
-	req.Question = []dns.Question{
-		{Name: domain, Qtype: dns.TypeAAAA, Qclass: dns.ClassINET},
-	}
-	reply, err := r.upstream.Exchange(&req)
-	if err != nil {
-		return res
-	}
-	for _, rr := range reply.Answer {
-		if a, ok := rr.(*dns.AAAA); ok {
-			res = append(res, a.AAAA.String())
-		}
-	}
-	return res
-}
-
-func (r *Resolver) Resolve(domain string) []string {
-	res := r.ResolveA(domain)
-	if len(res) == 0 {
-		res = r.ResolveAAAA(domain)
-	}
-	return res
+	return strings.ToLower(domain)
 }
--- a/snapcraft.yaml
+++ b/snapcraft.yaml
@@ -1,27 +0,0 @@
-name: windscribe-proxy
-version: '1.0.0'
-summary: Standalone Windscribe proxies client.
-description: |
-  Standalone Windscribe proxies client. Just run it and it'll start plain HTTP proxy server forwarding traffic via proxies of your choice.
-
-confinement: strict
-base: core18
-
-parts:
-  windscribe-proxy:
-    plugin: go
-    source: .
-    build-packages:
-      - gcc
-    override-build:
-      make &&
-      cp bin/windscribe-proxy "$SNAPCRAFT_PART_INSTALL"
-    stage:
-      - windscribe-proxy
-
-apps:
-  windscribe-proxy:
-    command: windscribe-proxy
-    plugs:
-      - network
-      - network-bind
--- a/upstream.go
+++ b/upstream.go
@@ -32,12 +32,11 @@ type ContextDialer interface {
 }

 type ProxyDialer struct {
-	address                string
-	tlsServerName          string
-	auth                   AuthProvider
-	next                   ContextDialer
-	intermediateWorkaround bool
-	caPool                 *x509.CertPool
+	address       string
+	tlsServerName string
+	auth          AuthProvider
+	next          ContextDialer
+	caPool        *x509.CertPool
 }

 func NewProxyDialer(address, tlsServerName string, auth AuthProvider, caPool *x509.CertPool, nextDialer ContextDialer) *ProxyDialer {
@@ -185,3 +184,48 @@ func readResponse(r io.Reader, req *http.Request) (*http.Response, error) {
 	}
 	return http.ReadResponse(bufio.NewReader(buf), req)
 }
+
+type NoSNIDialer struct {
+	caPool *x509.CertPool
+	next   ContextDialer
+}
+
+func NewNoSNIDialer(caPool *x509.CertPool, nextDialer ContextDialer) *NoSNIDialer {
+	return &NoSNIDialer{
+		caPool: caPool,
+		next:   nextDialer,
+	}
+}
+
+func (d *NoSNIDialer) DialTLSContext(ctx context.Context, network, addr string) (net.Conn, error) {
+	conn, err := d.next.DialContext(ctx, network, addr)
+	if err != nil {
+		return nil, err
+	}
+
+	name, _, err := net.SplitHostPort(addr)
+	if err != nil {
+		return nil, err
+	}
+
+	tlsConfig := &tls.Config{
+		ServerName:         "",
+		InsecureSkipVerify: true,
+		VerifyConnection: func(cs tls.ConnectionState) error {
+			opts := x509.VerifyOptions{
+				DNSName:       name,
+				Intermediates: x509.NewCertPool(),
+				Roots:         d.caPool,
+			}
+			for _, cert := range cs.PeerCertificates[1:] {
+				opts.Intermediates.AddCert(cert)
+			}
+			_, err := cs.PeerCertificates[0].Verify(opts)
+			return err
+		},
+	}
+	if err != nil {
+		return conn, err
+	}
+	return tls.Client(conn, tlsConfig), nil
+}
--- a/wndclient/messages.go
+++ b/wndclient/messages.go
@@ -82,3 +82,17 @@ type ServerListGroupHost struct {
 	Hostname string  `json:"hostname"`
 	Weight   float64 `json:"weight"`
 }
+
+type BestLocation struct {
+	CountryCode  string `json:"country_code"`
+	ShortName    string `json:"short_name"`
+	LocationName string `json:"location_name"`
+	CityName     string `json:"city_name"`
+	DCID         int    `json:"dc_id"`
+	ServerID     int    `json:"server_id"`
+	Hostname     string `json:"hostname"`
+}
+
+type BestLocationResponse struct {
+	Data *BestLocation `json:"data"`
+}
--- a/wndclient/wndclient.go
+++ b/wndclient/wndclient.go
@@ -33,6 +33,7 @@ type WndEndpoints struct {
 	Users             string `json:"Users"`
 	ServerList        string `json:"serverlist"`
 	ServerCredentials string `json:"ServerCredentials"`
+	BestLocation      string `json:"BestLocation"`
 }

 var DefaultWndEndpoints = WndEndpoints{
@@ -40,6 +41,7 @@ var DefaultWndEndpoints = WndEndpoints{
 	Users:             "https://api.windscribe.com/Users",
 	ServerList:        "https://assets.windscribe.com/serverlist",
 	ServerCredentials: "https://api.windscribe.com/ServerCredentials",
+	BestLocation:      "https://api.windscribe.com/BestLocation",
 }

 type WndSettings struct {
@@ -193,6 +195,35 @@ func (c *WndClient) ServerCredentials(ctx context.Context) error {
 	return nil
 }

+func (c *WndClient) BestLocation(ctx context.Context) (*BestLocation, error) {
+	c.Mux.Lock()
+	defer c.Mux.Unlock()
+
+	clientAuthHash, authTime := MakeAuthHash(c.State.Settings.ClientAuthSecret)
+
+	requestUrl, err := url.Parse(c.State.Settings.Endpoints.BestLocation)
+	if err != nil {
+		return nil, err
+	}
+	queryValues := requestUrl.Query()
+	queryValues.Set("client_auth_hash", clientAuthHash)
+	queryValues.Set("session_auth_hash", c.State.SessionAuthHash)
+	queryValues.Set("time", strconv.FormatInt(authTime, 10))
+	requestUrl.RawQuery = queryValues.Encode()
+
+	var output BestLocationResponse
+
+	err = c.getJSON(ctx, requestUrl.String(), &output)
+	if err != nil {
+		return nil, err
+	}
+	if output.Data == nil {
+		return nil, ErrNoDataInResponse
+	}
+
+	return output.Data, nil
+}
+
 func (c *WndClient) ServerList(ctx context.Context) (ServerList, error) {
 	c.Mux.Lock()
 	defer c.Mux.Unlock()
Author	SHA1	Message	Date
Snawoot	b0c022b7ed	Merge pull request #7 from Snawoot/libs_upgrade Libs upgrade	2022-06-25 14:46:51 +03:00
Vladislav Yarmak	6ea55ccdc9	upd Makefile	2022-06-25 14:36:44 +03:00
Vladislav Yarmak	4b9011d1b7	upgrade x/sync	2022-06-25 14:35:10 +03:00
Vladislav Yarmak	d93d65f701	upgrade ttlcache	2022-06-25 14:33:42 +03:00
Vladislav Yarmak	d09373362a	upgrade dns libs	2022-06-25 14:31:28 +03:00
Vladislav Yarmak	932de63765	makefile: add mips	2021-07-17 21:10:37 +03:00
Vladislav Yarmak	6ed529d8eb	fix panic	2021-06-30 00:22:49 +03:00
Vladislav Yarmak	6232a3dea9	drop old resolver	2021-06-26 14:52:43 +03:00
Vladislav Yarmak	6ebcb66a57	fix auth-secret command line argument	2021-06-25 23:33:20 +03:00
Vladislav Yarmak	378547283b	fix makefile	2021-06-25 23:04:16 +03:00
Vladislav Yarmak	4fe260ff46	fix dockerfile	2021-06-25 22:34:54 +03:00
Vladislav Yarmak	07faf6dfea	add doc; fix dockerfile	2021-06-25 21:07:29 +03:00
Vladislav Yarmak	f3d2b06f48	ci: docker	2021-06-25 20:44:37 +03:00
Vladislav Yarmak	abdbbbe687	resolver: finished	2021-06-25 19:49:06 +03:00
Vladislav Yarmak	d0b50bc52b	resolver: WIP	2021-06-25 17:58:15 +03:00
Vladislav Yarmak	cfaf0bd449	cleanup	2021-06-25 14:54:57 +03:00
Vladislav Yarmak	b11ab2192e	cleanup	2021-06-25 14:31:47 +03:00
Vladislav Yarmak	4d74c597a9	proper nosni dialer	2021-06-25 14:25:36 +03:00
Vladislav Yarmak	9011828de5	fix config fd leak	2021-06-25 13:58:35 +03:00
Vladislav Yarmak	ed775ab070	main: add location picking	2021-06-25 04:53:53 +03:00
Vladislav Yarmak	abb10a90d6	first working version	2021-06-25 04:16:41 +03:00
Vladislav Yarmak	c96b7ca763	wndclient: add BestLocation method	2021-06-25 03:39:42 +03:00
Vladislav Yarmak	857d435bf9	main: list locations	2021-06-25 02:36:37 +03:00
Vladislav Yarmak	b016b8a4d3	main: list proxies	2021-06-25 01:53:51 +03:00