From d413dd7ee5d9ecca0111d00332c72e180df0e0b8 Mon Sep 17 00:00:00 2001
From: Andrew Dunham <andrew@du.nham.ca>
Date: Wed, 6 Sep 2023 10:18:27 -0400
Subject: [PATCH] net/dns/publicdns: add support for Wikimedia DNS

RELNOTE=Adds support for Wikimedia DNS

Updates #9255

Signed-off-by: Andrew Dunham <andrew@du.nham.ca>
Change-Id: I4213c29e0f91ea5aa0304a5a026c32b6690fead9
---
 net/dns/publicdns/publicdns.go | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/net/dns/publicdns/publicdns.go b/net/dns/publicdns/publicdns.go
index 806dea431..54cc2e8b9 100644
--- a/net/dns/publicdns/publicdns.go
+++ b/net/dns/publicdns/publicdns.go
@@ -129,6 +129,11 @@ func addDoH(ipStr, base string) {
 	dohIPsOfBase[base] = append(dohIPsOfBase[base], ip)
 }
 
+const (
+	wikimediaDNSv4 = "185.71.138.138"
+	wikimediaDNSv6 = "2001:67c:930::1"
+)
+
 // populate is called once to initialize the knownDoH and dohIPsOfBase maps.
 func populate() {
 	// Cloudflare
@@ -185,6 +190,10 @@ func populate() {
 	addDoH("194.242.2.3", "https://adblock.doh.mullvad.net/dns-query")
 	addDoH("193.19.108.3", "https://adblock.doh.mullvad.net/dns-query")
 	addDoH("2a07:e340::3", "https://adblock.doh.mullvad.net/dns-query")
+
+	// Wikimedia
+	addDoH(wikimediaDNSv4, "https://wikimedia-dns.org/dns-query")
+	addDoH(wikimediaDNSv6, "https://wikimedia-dns.org/dns-query")
 }
 
 var (
@@ -207,6 +216,10 @@ var (
 	nextDNSv4RangeB = netip.MustParsePrefix("45.90.30.0/24")
 	nextDNSv4One    = nextDNSv4RangeA.Addr()
 	nextDNSv4Two    = nextDNSv4RangeB.Addr()
+
+	// Wikimedia DNS server IPs (anycast)
+	wikimediaDNSv4Addr = netip.MustParseAddr(wikimediaDNSv4)
+	wikimediaDNSv6Addr = netip.MustParseAddr(wikimediaDNSv6)
 )
 
 // nextDNSv6Gen generates a NextDNS IPv6 address from the upper 8 bytes in the
@@ -224,5 +237,6 @@ func nextDNSv6Gen(ip netip.Addr, id []byte) netip.Addr {
 // DNS-over-HTTPS (not regular port 53 DNS).
 func IPIsDoHOnlyServer(ip netip.Addr) bool {
 	return nextDNSv6RangeA.Contains(ip) || nextDNSv6RangeB.Contains(ip) ||
-		nextDNSv4RangeA.Contains(ip) || nextDNSv4RangeB.Contains(ip)
+		nextDNSv4RangeA.Contains(ip) || nextDNSv4RangeB.Contains(ip) ||
+		ip == wikimediaDNSv4Addr || ip == wikimediaDNSv6Addr
 }