Update dns-fix.js

dns-fix.js

@@ -14,15 +14,25 @@
 const dns = require("dns");
 const https = require("https");
 
+// Domains where system DNS resolves but TCP connections are blocked on HF Spaces
+const FORCED_DOH_DOMAINS = new Set(["api.telegram.org"]);
+
+// Last-resort fallback IPs if DoH itself fails
+const FALLBACK_IPS = {
+  "api.telegram.org": [
+    { address: "149.154.167.220", family: 4 },
+    { address: "149.154.166.110", family: 4 },
+  ],
+};
+
 // In-memory cache for runtime DoH resolutions
-const runtimeCache = new Map(); // hostname -> { ip, expiry }
+const runtimeCache = new Map(); // hostname -> { entries, expiry }
 
-// DNS-over-HTTPS resolver
+// DNS-over-HTTPS resolver — returns all A records, shuffled
 function dohResolve(hostname, callback) {
-  // Check runtime cache
   const cached = runtimeCache.get(hostname);
   if (cached && cached.expiry > Date.now()) {
-    return callback(null, cached.ip);
+    return callback(null, cached.entries);
   }
 
   const url = `https://1.1.1.1/dns-query?name=${encodeURIComponent(hostname)}&type=A`;
@@ -39,10 +49,15 @@ function dohResolve(hostname, callback) {
           if (aRecords.length === 0) {
             return callback(new Error(`DoH: no A record for ${hostname}`));
           }
-          const ip = aRecords[0].data;
+          const entries = aRecords.map((r) => ({ address: r.data, family: 4 }));
+          // Shuffle so retries hit different IPs
+          for (let i = entries.length - 1; i > 0; i--) {
+            const j = Math.floor(Math.random() * (i + 1));
+            [entries[i], entries[j]] = [entries[j], entries[i]];
+          }
           const ttl = Math.max((aRecords[0].TTL || 300) * 1000, 60000);
-          runtimeCache.set(hostname, { ip, expiry: Date.now() + ttl });
-          callback(null, ip);
+          runtimeCache.set(hostname, { entries, expiry: Date.now() + ttl });
+          callback(null, entries);
         } catch (e) {
           callback(new Error(`DoH parse error: ${e.message}`));
         }
@@ -83,6 +98,24 @@ dns.lookup = function patchedLookup(hostname, options, callback) {
     return origLookup.call(dns, hostname, options, callback);
   }
 
+  // For domains known to be blocked on HF Spaces, skip system DNS entirely
+  if (FORCED_DOH_DOMAINS.has(hostname)) {
+    dohResolve(hostname, (dohErr, entries) => {
+      if (dohErr || !entries || entries.length === 0) {
+        // Last resort: use hardcoded fallback IPs
+        const fb = FALLBACK_IPS[hostname];
+        if (fb && fb.length > 0) {
+          if (options.all) return callback(null, fb);
+          return callback(null, fb[0].address, fb[0].family);
+        }
+        return callback(dohErr || new Error(`No IPs for ${hostname}`));
+      }
+      if (options.all) return callback(null, entries);
+      callback(null, entries[0].address, entries[0].family);
+    });
+    return;
+  }
+
   // 1) Try system DNS first
   origLookup.call(dns, hostname, options, (err, address, family) => {
     if (!err && address) {
@@ -91,14 +124,12 @@ dns.lookup = function patchedLookup(hostname, options, callback) {
 
     // 2) System DNS failed with ENOTFOUND or EAI_AGAIN — fall back to DoH
     if (err && (err.code === "ENOTFOUND" || err.code === "EAI_AGAIN")) {
-      dohResolve(hostname, (dohErr, ip) => {
-        if (dohErr || !ip) {
+      dohResolve(hostname, (dohErr, entries) => {
+        if (dohErr || !entries || entries.length === 0) {
           return callback(err); // Return original error
         }
-        if (options.all) {
-          return callback(null, [{ address: ip, family: 4 }]);
-        }
-        callback(null, ip, 4);
+        if (options.all) return callback(null, entries);
+        callback(null, entries[0].address, entries[0].family);
       });
     } else {
       // Other DNS errors — pass through