Pull request 2353: AGDNS-2688-check-host
Merge in DNS/adguard-home from AGDNS-2688-check-host to master Squashed commit of the following: commit bd9ed498b0e36fa044e6921fa946062ac40fe616 Merge: 8dffd94a3c41af2763Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Fri Mar 14 13:42:34 2025 +0300 Merge branch 'master' into AGDNS-2688-check-host commit 8dffd94a3bc700cf014cbb16aee9c6339bdc7ffa Author: Stanislav Chzhen <s.chzhen@adguard.com> Date: Wed Mar 12 17:12:56 2025 +0300 filtering: imp code commit d9a01c8fa60c70e3fd19c40c1a58aec00ae64a6a Author: Stanislav Chzhen <s.chzhen@adguard.com> Date: Tue Mar 11 20:33:18 2025 +0300 all: imp code commit f1aca5f2eb71a1d8bb155a309c618e7a80f8fde5 Author: Ildar Kamalov <ik@adguard.com> Date: Tue Mar 11 16:05:32 2025 +0300 ADG-9783 update check form commit a8ebb0401dbaa08fdd04171b1ac66b87d0228c7b Author: Stanislav Chzhen <s.chzhen@adguard.com> Date: Mon Mar 10 16:41:55 2025 +0300 dnsforward: imp docs commit 36f5db9075cc525c13905e0318dfbc4089355523 Merge: 9a746ee9a66fba942cAuthor: Stanislav Chzhen <s.chzhen@adguard.com> Date: Mon Mar 10 16:09:22 2025 +0300 Merge branch 'master' into AGDNS-2688-check-host commit 9a746ee9a05895676a60980eb4bd1381fe8d8e4b Author: Stanislav Chzhen <s.chzhen@adguard.com> Date: Mon Mar 10 16:06:48 2025 +0300 all: imp docs commit 0a25e1e8f3536053e30049497bb42a58c6a153d6 Author: Stanislav Chzhen <s.chzhen@adguard.com> Date: Thu Mar 6 21:48:44 2025 +0300 all: imp code commit ec618bc484190dde52a0dc57d144bade8dfc22e2 Author: Stanislav Chzhen <s.chzhen@adguard.com> Date: Thu Mar 6 17:38:35 2025 +0300 all: imp code commit 979c5cfd4c34e2aac46ea11b7fcba8d2929966b8 Author: Stanislav Chzhen <s.chzhen@adguard.com> Date: Wed Mar 5 21:22:54 2025 +0300 all: add tests commit ce0d6117ad7f341edcc018a68acedaa0b718bef1 Author: Stanislav Chzhen <s.chzhen@adguard.com> Date: Tue Mar 4 15:13:06 2025 +0300 all: check host
This commit is contained in:
Stanislav Chzhen
committed by
Eugene Burkov
Eugene Burkov
parent
c41af2763f
commit
1a3853d52a
@@ -121,6 +121,8 @@ func (clients *clientsContainer) Init(
|
||||
|
||||
sigHdlr.addClientStorage(clients.storage)
|
||||
|
||||
filteringConf.ApplyClientFiltering = clients.storage.ApplyClientFiltering
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
|
||||
@@ -247,7 +247,6 @@ func newServerConfig(
|
||||
hosts := aghalg.CoalesceSlice(dnsConf.BindHosts, []netip.Addr{netutil.IPv4Localhost()})
|
||||
|
||||
fwdConf := dnsConf.Config
|
||||
fwdConf.FilterHandler = applyAdditionalFiltering
|
||||
fwdConf.ClientsContainer = clientsContainer
|
||||
|
||||
newConf = &dnsforward.ServerConfig{
|
||||
@@ -411,57 +410,6 @@ func getDNSEncryption(tlsMgr *tlsManager) (de dnsEncryption) {
|
||||
return de
|
||||
}
|
||||
|
||||
// applyAdditionalFiltering adds additional client information and settings if
|
||||
// the client has them.
|
||||
func applyAdditionalFiltering(clientIP netip.Addr, clientID string, setts *filtering.Settings) {
|
||||
// pref is a prefix for logging messages around the scope.
|
||||
const pref = "applying filters"
|
||||
|
||||
globalContext.filters.ApplyBlockedServices(setts)
|
||||
|
||||
log.Debug("%s: looking for client with ip %s and clientid %q", pref, clientIP, clientID)
|
||||
|
||||
if !clientIP.IsValid() {
|
||||
return
|
||||
}
|
||||
|
||||
setts.ClientIP = clientIP
|
||||
|
||||
c, ok := globalContext.clients.storage.Find(clientID)
|
||||
if !ok {
|
||||
c, ok = globalContext.clients.storage.Find(clientIP.String())
|
||||
if !ok {
|
||||
log.Debug("%s: no clients with ip %s and clientid %q", pref, clientIP, clientID)
|
||||
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
log.Debug("%s: using settings for client %q (%s; %q)", pref, c.Name, clientIP, clientID)
|
||||
|
||||
if c.UseOwnBlockedServices {
|
||||
// TODO(e.burkov): Get rid of this crutch.
|
||||
setts.ServicesRules = nil
|
||||
svcs := c.BlockedServices.IDs
|
||||
if !c.BlockedServices.Schedule.Contains(time.Now()) {
|
||||
globalContext.filters.ApplyBlockedServicesList(setts, svcs)
|
||||
log.Debug("%s: services for client %q set: %s", pref, c.Name, svcs)
|
||||
}
|
||||
}
|
||||
|
||||
setts.ClientName = c.Name
|
||||
setts.ClientTags = c.Tags
|
||||
if !c.UseOwnSettings {
|
||||
return
|
||||
}
|
||||
|
||||
setts.FilteringEnabled = c.FilteringEnabled
|
||||
setts.SafeSearchEnabled = c.SafeSearchConf.Enabled
|
||||
setts.ClientSafeSearch = c.SafeSearch
|
||||
setts.SafeBrowsingEnabled = c.SafeBrowsingEnabled
|
||||
setts.ParentalEnabled = c.ParentalEnabled
|
||||
}
|
||||
|
||||
func startDNSServer() error {
|
||||
config.RLock()
|
||||
defer config.RUnlock()
|
||||
|
||||
@@ -1,206 +0,0 @@
|
||||
package home
|
||||
|
||||
import (
|
||||
"net/netip"
|
||||
"testing"
|
||||
|
||||
"github.com/AdguardTeam/AdGuardHome/internal/client"
|
||||
"github.com/AdguardTeam/AdGuardHome/internal/filtering"
|
||||
"github.com/AdguardTeam/AdGuardHome/internal/schedule"
|
||||
"github.com/AdguardTeam/golibs/logutil/slogutil"
|
||||
"github.com/AdguardTeam/golibs/testutil"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
var testIPv4 = netip.AddrFrom4([4]byte{1, 2, 3, 4})
|
||||
|
||||
// newStorage is a helper function that returns a client storage filled with
|
||||
// persistent clients. It also generates a UID for each client.
|
||||
func newStorage(tb testing.TB, clients []*client.Persistent) (s *client.Storage) {
|
||||
tb.Helper()
|
||||
|
||||
ctx := testutil.ContextWithTimeout(tb, testTimeout)
|
||||
s, err := client.NewStorage(ctx, &client.StorageConfig{
|
||||
Logger: slogutil.NewDiscardLogger(),
|
||||
})
|
||||
require.NoError(tb, err)
|
||||
|
||||
for _, p := range clients {
|
||||
p.UID = client.MustNewUID()
|
||||
require.NoError(tb, s.Add(ctx, p))
|
||||
}
|
||||
|
||||
return s
|
||||
}
|
||||
|
||||
func TestApplyAdditionalFiltering(t *testing.T) {
|
||||
var err error
|
||||
|
||||
globalContext.filters, err = filtering.New(&filtering.Config{
|
||||
BlockedServices: &filtering.BlockedServices{
|
||||
Schedule: schedule.EmptyWeekly(),
|
||||
},
|
||||
}, nil)
|
||||
require.NoError(t, err)
|
||||
|
||||
globalContext.clients.storage = newStorage(t, []*client.Persistent{{
|
||||
Name: "default",
|
||||
ClientIDs: []string{"default"},
|
||||
UseOwnSettings: false,
|
||||
SafeSearchConf: filtering.SafeSearchConfig{Enabled: false},
|
||||
FilteringEnabled: false,
|
||||
SafeBrowsingEnabled: false,
|
||||
ParentalEnabled: false,
|
||||
}, {
|
||||
Name: "custom_filtering",
|
||||
ClientIDs: []string{"custom_filtering"},
|
||||
UseOwnSettings: true,
|
||||
SafeSearchConf: filtering.SafeSearchConfig{Enabled: true},
|
||||
FilteringEnabled: true,
|
||||
SafeBrowsingEnabled: true,
|
||||
ParentalEnabled: true,
|
||||
}, {
|
||||
Name: "partial_custom_filtering",
|
||||
ClientIDs: []string{"partial_custom_filtering"},
|
||||
UseOwnSettings: true,
|
||||
SafeSearchConf: filtering.SafeSearchConfig{Enabled: true},
|
||||
FilteringEnabled: true,
|
||||
SafeBrowsingEnabled: false,
|
||||
ParentalEnabled: false,
|
||||
}})
|
||||
|
||||
testCases := []struct {
|
||||
name string
|
||||
id string
|
||||
FilteringEnabled assert.BoolAssertionFunc
|
||||
SafeSearchEnabled assert.BoolAssertionFunc
|
||||
SafeBrowsingEnabled assert.BoolAssertionFunc
|
||||
ParentalEnabled assert.BoolAssertionFunc
|
||||
}{{
|
||||
name: "global_settings",
|
||||
id: "default",
|
||||
FilteringEnabled: assert.False,
|
||||
SafeSearchEnabled: assert.False,
|
||||
SafeBrowsingEnabled: assert.False,
|
||||
ParentalEnabled: assert.False,
|
||||
}, {
|
||||
name: "custom_settings",
|
||||
id: "custom_filtering",
|
||||
FilteringEnabled: assert.True,
|
||||
SafeSearchEnabled: assert.True,
|
||||
SafeBrowsingEnabled: assert.True,
|
||||
ParentalEnabled: assert.True,
|
||||
}, {
|
||||
name: "partial",
|
||||
id: "partial_custom_filtering",
|
||||
FilteringEnabled: assert.True,
|
||||
SafeSearchEnabled: assert.True,
|
||||
SafeBrowsingEnabled: assert.False,
|
||||
ParentalEnabled: assert.False,
|
||||
}}
|
||||
|
||||
for _, tc := range testCases {
|
||||
t.Run(tc.name, func(t *testing.T) {
|
||||
setts := &filtering.Settings{}
|
||||
|
||||
applyAdditionalFiltering(testIPv4, tc.id, setts)
|
||||
tc.FilteringEnabled(t, setts.FilteringEnabled)
|
||||
tc.SafeSearchEnabled(t, setts.SafeSearchEnabled)
|
||||
tc.SafeBrowsingEnabled(t, setts.SafeBrowsingEnabled)
|
||||
tc.ParentalEnabled(t, setts.ParentalEnabled)
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
func TestApplyAdditionalFiltering_blockedServices(t *testing.T) {
|
||||
filtering.InitModule()
|
||||
|
||||
var (
|
||||
globalBlockedServices = []string{"ok"}
|
||||
clientBlockedServices = []string{"ok", "mail_ru", "vk"}
|
||||
invalidBlockedServices = []string{"invalid"}
|
||||
|
||||
err error
|
||||
)
|
||||
|
||||
globalContext.filters, err = filtering.New(&filtering.Config{
|
||||
BlockedServices: &filtering.BlockedServices{
|
||||
Schedule: schedule.EmptyWeekly(),
|
||||
IDs: globalBlockedServices,
|
||||
},
|
||||
}, nil)
|
||||
require.NoError(t, err)
|
||||
|
||||
globalContext.clients.storage = newStorage(t, []*client.Persistent{{
|
||||
Name: "default",
|
||||
ClientIDs: []string{"default"},
|
||||
UseOwnBlockedServices: false,
|
||||
}, {
|
||||
Name: "no_services",
|
||||
ClientIDs: []string{"no_services"},
|
||||
BlockedServices: &filtering.BlockedServices{
|
||||
Schedule: schedule.EmptyWeekly(),
|
||||
},
|
||||
UseOwnBlockedServices: true,
|
||||
}, {
|
||||
Name: "services",
|
||||
ClientIDs: []string{"services"},
|
||||
BlockedServices: &filtering.BlockedServices{
|
||||
Schedule: schedule.EmptyWeekly(),
|
||||
IDs: clientBlockedServices,
|
||||
},
|
||||
UseOwnBlockedServices: true,
|
||||
}, {
|
||||
Name: "invalid_services",
|
||||
ClientIDs: []string{"invalid_services"},
|
||||
BlockedServices: &filtering.BlockedServices{
|
||||
Schedule: schedule.EmptyWeekly(),
|
||||
IDs: invalidBlockedServices,
|
||||
},
|
||||
UseOwnBlockedServices: true,
|
||||
}, {
|
||||
Name: "allow_all",
|
||||
ClientIDs: []string{"allow_all"},
|
||||
BlockedServices: &filtering.BlockedServices{
|
||||
Schedule: schedule.FullWeekly(),
|
||||
IDs: clientBlockedServices,
|
||||
},
|
||||
UseOwnBlockedServices: true,
|
||||
}})
|
||||
|
||||
testCases := []struct {
|
||||
name string
|
||||
id string
|
||||
wantLen int
|
||||
}{{
|
||||
name: "global_settings",
|
||||
id: "default",
|
||||
wantLen: len(globalBlockedServices),
|
||||
}, {
|
||||
name: "custom_settings",
|
||||
id: "no_services",
|
||||
wantLen: 0,
|
||||
}, {
|
||||
name: "custom_settings_block",
|
||||
id: "services",
|
||||
wantLen: len(clientBlockedServices),
|
||||
}, {
|
||||
name: "custom_settings_invalid",
|
||||
id: "invalid_services",
|
||||
wantLen: 0,
|
||||
}, {
|
||||
name: "custom_settings_inactive_schedule",
|
||||
id: "allow_all",
|
||||
wantLen: 0,
|
||||
}}
|
||||
|
||||
for _, tc := range testCases {
|
||||
t.Run(tc.name, func(t *testing.T) {
|
||||
setts := &filtering.Settings{}
|
||||
|
||||
applyAdditionalFiltering(testIPv4, tc.id, setts)
|
||||
require.Len(t, setts.ServicesRules, tc.wantLen)
|
||||
})
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user