Pull request 1837: AG-21462-imp-safebrowsing-parental

Merge in DNS/adguard-home from AG-21462-imp-safebrowsing-parental to master

Squashed commit of the following:

commit 85016d4f1105e21a407efade0bd45b8362808061
Merge: 0e61edade 620b51e3e
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date:   Thu Apr 27 16:36:30 2023 +0300

    Merge branch 'master' into AG-21462-imp-safebrowsing-parental

commit 0e61edadeff34f6305e941c1db94575c82f238d9
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date:   Thu Apr 27 14:51:37 2023 +0300

    filtering: imp tests

commit 994255514cc0f67dfe33d5a0892432e8924d1e36
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date:   Thu Apr 27 11:13:19 2023 +0300

    filtering: fix typo

commit 96d1069573171538333330d6af94ef0f4208a9c4
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date:   Thu Apr 27 11:00:18 2023 +0300

    filtering: imp code more

commit c2a5620b04c4a529eea69983f1520cd2bc82ea9b
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date:   Wed Apr 26 19:13:26 2023 +0300

    all: add todo

commit e5dcc2e9701f8bccfde6ef8c01a4a2e7eb31599e
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date:   Wed Apr 26 14:36:08 2023 +0300

    all: imp code more

commit b6e734ccbeda82669023f6578481260b7c1f7161
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date:   Tue Apr 25 15:01:56 2023 +0300

    filtering: imp code

commit 530648dadf836c1a4bd9917e0d3b47256fa8ff52
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date:   Mon Apr 24 20:06:36 2023 +0300

    all: imp code

commit 49fa6e587052a40bb431fea457701ee860493527
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date:   Mon Apr 24 14:57:19 2023 +0300

    all: rm safe browsing ctx

commit bbcb66cb03e18fa875e3c33cf16295892739e507
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date:   Fri Apr 21 17:54:18 2023 +0300

    filtering: add cache item

commit cb7c9fffe8c4ff5e7a21ca912c223c799f61385f
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date:   Thu Apr 20 18:43:02 2023 +0300

    filtering: fix hashes

commit 153fec46270212af03f3631bfb42c5d680c4e142
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date:   Thu Apr 20 16:15:15 2023 +0300

    filtering: add test cases

commit 09372f92bbb1fc082f1b1283594ee589100209c5
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date:   Thu Apr 20 15:38:05 2023 +0300

    filtering: imp code

commit 466bc26d524ea6d1c3efb33692a7785d39e491ca
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date:   Wed Apr 19 18:38:40 2023 +0300

    filtering: add tests

commit 24365ecf8c60512fdac65833ee603c80864ae018
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date:   Wed Apr 19 11:38:57 2023 +0300

    filtering: add hashprefix

internal/filtering/filtering.go

@@ -18,8 +18,6 @@ import (
 
 	"github.com/AdguardTeam/AdGuardHome/internal/aghhttp"
 	"github.com/AdguardTeam/AdGuardHome/internal/aghnet"
-	"github.com/AdguardTeam/dnsproxy/upstream"
-	"github.com/AdguardTeam/golibs/cache"
 	"github.com/AdguardTeam/golibs/errors"
 	"github.com/AdguardTeam/golibs/log"
 	"github.com/AdguardTeam/golibs/mathutil"
@@ -75,6 +73,12 @@ type Resolver interface {
 
 // Config allows you to configure DNS filtering with New() or just change variables directly.
 type Config struct {
+	// SafeBrowsingChecker is the safe browsing hash-prefix checker.
+	SafeBrowsingChecker Checker `yaml:"-"`
+
+	// ParentControl is the parental control hash-prefix checker.
+	ParentalControlChecker Checker `yaml:"-"`
+
 	// enabled is used to be returned within Settings.
 	//
 	// It is of type uint32 to be accessed by atomic.
@@ -158,8 +162,22 @@ type hostChecker struct {
 	name  string
 }
 
+// Checker is used for safe browsing or parental control hash-prefix filtering.
+type Checker interface {
+	// Check returns true if request for the host should be blocked.
+	Check(host string) (block bool, err error)
+}
+
 // DNSFilter matches hostnames and DNS requests against filtering rules.
 type DNSFilter struct {
+	safeSearch SafeSearch
+
+	// safeBrowsingChecker is the safe browsing hash-prefix checker.
+	safeBrowsingChecker Checker
+
+	// parentalControl is the parental control hash-prefix checker.
+	parentalControlChecker Checker
+
 	rulesStorage    *filterlist.RuleStorage
 	filteringEngine *urlfilter.DNSEngine
 
@@ -168,14 +186,6 @@ type DNSFilter struct {
 
 	engineLock sync.RWMutex
 
-	parentalServer       string // access via methods
-	safeBrowsingServer   string // access via methods
-	parentalUpstream     upstream.Upstream
-	safeBrowsingUpstream upstream.Upstream
-
-	safebrowsingCache cache.Cache
-	parentalCache     cache.Cache
-
 	Config // for direct access by library users, even a = assignment
 	// confLock protects Config.
 	confLock sync.RWMutex
@@ -192,7 +202,6 @@ type DNSFilter struct {
 	// TODO(e.burkov):  Don't use regexp for such a simple text processing task.
 	filterTitleRegexp *regexp.Regexp
 
-	safeSearch   SafeSearch
 	hostCheckers []hostChecker
 }
 
@@ -940,19 +949,12 @@ func InitModule() {
 // be non-nil.
 func New(c *Config, blockFilters []Filter) (d *DNSFilter, err error) {
 	d = &DNSFilter{
-		refreshLock:       &sync.Mutex{},
-		filterTitleRegexp: regexp.MustCompile(`^! Title: +(.*)$`),
+		refreshLock:            &sync.Mutex{},
+		filterTitleRegexp:      regexp.MustCompile(`^! Title: +(.*)$`),
+		safeBrowsingChecker:    c.SafeBrowsingChecker,
+		parentalControlChecker: c.ParentalControlChecker,
 	}
 
-	d.safebrowsingCache = cache.New(cache.Config{
-		EnableLRU: true,
-		MaxSize:   c.SafeBrowsingCacheSize,
-	})
-	d.parentalCache = cache.New(cache.Config{
-		EnableLRU: true,
-		MaxSize:   c.ParentalCacheSize,
-	})
-
 	d.safeSearch = c.SafeSearch
 
 	d.hostCheckers = []hostChecker{{
@@ -977,11 +979,6 @@ func New(c *Config, blockFilters []Filter) (d *DNSFilter, err error) {
 
 	defer func() { err = errors.Annotate(err, "filtering: %w") }()
 
-	err = d.initSecurityServices()
-	if err != nil {
-		return nil, fmt.Errorf("initializing services: %s", err)
-	}
-
 	d.Config = *c
 	d.filtersMu = &sync.RWMutex{}