Pull request: create aghnet package

Merge in DNS/adguard-home from mk-aghnet to master Updates #2829. Squashed commit of the following: commit 519806c04b8d0517aacce9c31f2d06ab56631937 Merge: 92376c86 97361234 Author: Eugene Burkov <e.burkov@adguard.com> Date: Tue Mar 16 19:13:56 2021 +0300 Merge branch 'master' into mk-aghnet commit 92376c8665e529191aa482432f9d5e3e2e3afdc8 Author: Eugene Burkov <e.burkov@adguard.com> Date: Tue Mar 16 18:37:22 2021 +0300 aghnet: fix linux commit 7f36d19b0e650d4e4fc5cf9ea4b501a7f636abeb Author: Eugene Burkov <e.burkov@adguard.com> Date: Tue Mar 16 18:08:30 2021 +0300 aghnet: mv network utils from util commit aa68c70c1146b8c32303c6e037953a41aa7d72f9 Author: Eugene Burkov <e.burkov@adguard.com> Date: Tue Mar 16 17:30:06 2021 +0300 aghnet: mv ipDetector here commit b033657f5c5ee91f869c36508a5eb15976a174a0 Author: Eugene Burkov <e.burkov@adguard.com> Date: Tue Mar 16 17:24:07 2021 +0300 all: mk aghnet package, rename sysutil package
2021-03-16 19:42:15 +03:00
parent 9736123483
commit 3a67cc2c45
26 changed files with 135 additions and 148 deletions
--- a/internal/aghos/os.go
+++ b/internal/aghos/os.go
@@ -0,0 +1,26 @@
+// Package aghos contains utilities for functions requiring system calls.
+package aghos
+
+import "syscall"
+
+// CanBindPrivilegedPorts checks if current process can bind to privileged
+// ports.
+func CanBindPrivilegedPorts() (can bool, err error) {
+	return canBindPrivilegedPorts()
+}
+
+// SetRlimit sets user-specified limit of how many fd's we can use
+// https://github.com/AdguardTeam/AdGuardHome/internal/issues/659.
+func SetRlimit(val uint) {
+	setRlimit(val)
+}
+
+// HaveAdminRights checks if the current user has root (administrator) rights.
+func HaveAdminRights() (bool, error) {
+	return haveAdminRights()
+}
+
+// SendProcessSignal sends signal to a process.
+func SendProcessSignal(pid int, sig syscall.Signal) error {
+	return sendProcessSignal(pid, sig)
+}
--- a/internal/aghos/os_freebsd.go
+++ b/internal/aghos/os_freebsd.go
@@ -0,0 +1,32 @@
+// +build freebsd
+
+package aghos
+
+import (
+	"os"
+	"syscall"
+
+	"github.com/AdguardTeam/golibs/log"
+)
+
+func canBindPrivilegedPorts() (can bool, err error) {
+	return HaveAdminRights()
+}
+
+func setRlimit(val uint) {
+	var rlim syscall.Rlimit
+	rlim.Max = int64(val)
+	rlim.Cur = int64(val)
+	err := syscall.Setrlimit(syscall.RLIMIT_NOFILE, &rlim)
+	if err != nil {
+		log.Error("Setrlimit() failed: %v", err)
+	}
+}
+
+func haveAdminRights() (bool, error) {
+	return os.Getuid() == 0, nil
+}
+
+func sendProcessSignal(pid int, sig syscall.Signal) error {
+	return syscall.Kill(pid, sig)
+}
--- a/internal/aghos/os_linux.go
+++ b/internal/aghos/os_linux.go
@@ -0,0 +1,39 @@
+// +build linux
+
+package aghos
+
+import (
+	"os"
+	"syscall"
+
+	"github.com/AdguardTeam/golibs/log"
+	"golang.org/x/sys/unix"
+)
+
+func canBindPrivilegedPorts() (can bool, err error) {
+	cnbs, err := unix.PrctlRetInt(unix.PR_CAP_AMBIENT, unix.PR_CAP_AMBIENT_IS_SET, unix.CAP_NET_BIND_SERVICE, 0, 0)
+	// Don't check the error because it's always nil on Linux.
+	adm, _ := haveAdminRights()
+
+	return cnbs == 1 || adm, err
+}
+
+func setRlimit(val uint) {
+	var rlim syscall.Rlimit
+	rlim.Max = uint64(val)
+	rlim.Cur = uint64(val)
+	err := syscall.Setrlimit(syscall.RLIMIT_NOFILE, &rlim)
+	if err != nil {
+		log.Error("Setrlimit() failed: %v", err)
+	}
+}
+
+func haveAdminRights() (bool, error) {
+	// The error is nil because the platform-independent function signature
+	// requires returning an error.
+	return os.Getuid() == 0, nil
+}
+
+func sendProcessSignal(pid int, sig syscall.Signal) error {
+	return syscall.Kill(pid, sig)
+}
--- a/internal/aghos/os_unix.go
+++ b/internal/aghos/os_unix.go
@@ -0,0 +1,32 @@
+// +build aix darwin dragonfly netbsd openbsd solaris
+
+package aghos
+
+import (
+	"os"
+	"syscall"
+
+	"github.com/AdguardTeam/golibs/log"
+)
+
+func canBindPrivilegedPorts() (can bool, err error) {
+	return HaveAdminRights()
+}
+
+func setRlimit(val uint) {
+	var rlim syscall.Rlimit
+	rlim.Max = uint64(val)
+	rlim.Cur = uint64(val)
+	err := syscall.Setrlimit(syscall.RLIMIT_NOFILE, &rlim)
+	if err != nil {
+		log.Error("Setrlimit() failed: %v", err)
+	}
+}
+
+func haveAdminRights() (bool, error) {
+	return os.Getuid() == 0, nil
+}
+
+func sendProcessSignal(pid int, sig syscall.Signal) error {
+	return syscall.Kill(pid, sig)
+}
--- a/internal/aghos/os_windows.go
+++ b/internal/aghos/os_windows.go
@@ -0,0 +1,42 @@
+// +build windows
+
+package aghos
+
+import (
+	"fmt"
+	"syscall"
+
+	"golang.org/x/sys/windows"
+)
+
+func canBindPrivilegedPorts() (can bool, err error) {
+	return HaveAdminRights()
+}
+
+func setRlimit(val uint) {
+}
+
+func haveAdminRights() (bool, error) {
+	var token windows.Token
+	h := windows.CurrentProcess()
+	err := windows.OpenProcessToken(h, windows.TOKEN_QUERY, &token)
+	if err != nil {
+		return false, err
+	}
+
+	info := make([]byte, 4)
+	var returnedLen uint32
+	err = windows.GetTokenInformation(token, windows.TokenElevation, &info[0], uint32(len(info)), &returnedLen)
+	token.Close()
+	if err != nil {
+		return false, err
+	}
+	if info[0] == 0 {
+		return false, nil
+	}
+	return true, nil
+}
+
+func sendProcessSignal(pid int, sig syscall.Signal) error {
+	return fmt.Errorf("not supported on Windows")
+}
--- a/internal/aghos/syslog.go
+++ b/internal/aghos/syslog.go
@@ -0,0 +1,6 @@
+package aghos
+
+// ConfigureSyslog reroutes standard logger output to syslog.
+func ConfigureSyslog(serviceName string) error {
+	return configureSyslog(serviceName)
+}
--- a/internal/aghos/syslog_others.go
+++ b/internal/aghos/syslog_others.go
@@ -0,0 +1,18 @@
+// +build !windows,!plan9
+
+package aghos
+
+import (
+	"log/syslog"
+
+	"github.com/AdguardTeam/golibs/log"
+)
+
+func configureSyslog(serviceName string) error {
+	w, err := syslog.New(syslog.LOG_NOTICE|syslog.LOG_USER, serviceName)
+	if err != nil {
+		return err
+	}
+	log.SetOutput(w)
+	return nil
+}
--- a/internal/aghos/syslog_windows.go
+++ b/internal/aghos/syslog_windows.go
@@ -0,0 +1,41 @@
+// +build windows plan9
+
+package aghos
+
+import (
+	"strings"
+
+	"github.com/AdguardTeam/golibs/log"
+	"golang.org/x/sys/windows"
+	"golang.org/x/sys/windows/svc/eventlog"
+)
+
+type eventLogWriter struct {
+	el *eventlog.Log
+}
+
+// Write implements io.Writer interface for eventLogWriter.
+func (w *eventLogWriter) Write(b []byte) (int, error) {
+	return len(b), w.el.Info(1, string(b))
+}
+
+func configureSyslog(serviceName string) error {
+	// Note that the eventlog src is the same as the service name
+	// Otherwise, we will get "the description for event id cannot be found" warning in every log record
+
+	// Continue if we receive "registry key already exists" or if we get
+	// ERROR_ACCESS_DENIED so that we can log without administrative permissions
+	// for pre-existing eventlog sources.
+	if err := eventlog.InstallAsEventCreate(serviceName, eventlog.Info|eventlog.Warning|eventlog.Error); err != nil {
+		if !strings.Contains(err.Error(), "registry key already exists") && err != windows.ERROR_ACCESS_DENIED {
+			return err
+		}
+	}
+	el, err := eventlog.Open(serviceName)
+	if err != nil {
+		return err
+	}
+
+	log.SetOutput(&eventLogWriter{el: el})
+	return nil
+}
--- a/internal/aghos/sysutil_test.go
+++ b/internal/aghos/sysutil_test.go
@@ -0,0 +1,11 @@
+package aghos
+
+import (
+	"testing"
+
+	"github.com/AdguardTeam/AdGuardHome/internal/aghtest"
+)
+
+func TestMain(m *testing.M) {
+	aghtest.DiscardLogOutput(m)
+}