Pull request 2187: upd-golibs

Squashed commit of the following:

commit 63c14cf0eb395f58149f5a82ff1389353f7f8127
Author: Ainar Garipov <A.Garipov@AdGuard.COM>
Date:   Tue Apr 2 20:10:10 2024 +0300

    all: imp code, docs

commit 185ccdd1d9f5acc8376fabeac647f6fddcf108b5
Merge: b6ca80a9f d4fff41b3
Author: Ainar Garipov <A.Garipov@AdGuard.COM>
Date:   Tue Apr 2 20:04:23 2024 +0300

    Merge branch 'master' into upd-golibs

commit b6ca80a9f639394758cc9000345c132a713c183c
Author: Ainar Garipov <A.Garipov@AdGuard.COM>
Date:   Tue Apr 2 20:01:10 2024 +0300

    all: upd to tags

commit 474f62319befbe22cf1bccd2320cd0d3da1629b1
Author: Ainar Garipov <a.garipov@adguard.com>
Date:   Tue Mar 26 16:33:45 2024 +0300

    all: upd golibs

internal/dnsforward/access.go

@@ -5,10 +5,12 @@ import (
 	"fmt"
 	"net/http"
 	"net/netip"
+	"slices"
 	"strings"
 
 	"github.com/AdguardTeam/AdGuardHome/internal/aghalg"
 	"github.com/AdguardTeam/AdGuardHome/internal/aghhttp"
+	"github.com/AdguardTeam/golibs/container"
 	"github.com/AdguardTeam/golibs/log"
 	"github.com/AdguardTeam/golibs/stringutil"
 	"github.com/AdguardTeam/urlfilter"
@@ -16,22 +18,19 @@ import (
 	"github.com/AdguardTeam/urlfilter/rules"
 )
 
-// unit is a convenient alias for struct{}
-type unit = struct{}
-
 // accessManager controls IP and client blocking that takes place before all
 // other processing.  An accessManager is safe for concurrent use.
 type accessManager struct {
-	allowedIPs map[netip.Addr]unit
-	blockedIPs map[netip.Addr]unit
+	allowedIPs *container.MapSet[netip.Addr]
+	blockedIPs *container.MapSet[netip.Addr]
 
-	allowedClientIDs *stringutil.Set
-	blockedClientIDs *stringutil.Set
+	allowedClientIDs *container.MapSet[string]
+	blockedClientIDs *container.MapSet[string]
 
 	// TODO(s.chzhen):  Use [aghnet.IgnoreEngine].
 	blockedHostsEng *urlfilter.DNSEngine
 
-	// TODO(a.garipov): Create a type for a set of IP networks.
+	// TODO(a.garipov): Create a type for an efficient tree set of IP networks.
 	allowedNets []netip.Prefix
 	blockedNets []netip.Prefix
 }
@@ -40,15 +39,15 @@ type accessManager struct {
 // which may be an IP address, a CIDR, or a ClientID.
 func processAccessClients(
 	clientStrs []string,
-	ips map[netip.Addr]unit,
+	ips *container.MapSet[netip.Addr],
 	nets *[]netip.Prefix,
-	clientIDs *stringutil.Set,
+	clientIDs *container.MapSet[string],
 ) (err error) {
 	for i, s := range clientStrs {
 		var ip netip.Addr
 		var ipnet netip.Prefix
 		if ip, err = netip.ParseAddr(s); err == nil {
-			ips[ip] = unit{}
+			ips.Add(ip)
 		} else if ipnet, err = netip.ParsePrefix(s); err == nil {
 			*nets = append(*nets, ipnet)
 		} else {
@@ -67,11 +66,11 @@ func processAccessClients(
 // newAccessCtx creates a new accessCtx.
 func newAccessCtx(allowed, blocked, blockedHosts []string) (a *accessManager, err error) {
 	a = &accessManager{
-		allowedIPs: map[netip.Addr]unit{},
-		blockedIPs: map[netip.Addr]unit{},
+		allowedIPs: container.NewMapSet[netip.Addr](),
+		blockedIPs: container.NewMapSet[netip.Addr](),
 
-		allowedClientIDs: stringutil.NewSet(),
-		blockedClientIDs: stringutil.NewSet(),
+		allowedClientIDs: container.NewMapSet[string](),
+		blockedClientIDs: container.NewMapSet[string](),
 	}
 
 	err = processAccessClients(allowed, a.allowedIPs, &a.allowedNets, a.allowedClientIDs)
@@ -109,7 +108,7 @@ func newAccessCtx(allowed, blocked, blockedHosts []string) (a *accessManager, er
 
 // allowlistMode returns true if this *accessCtx is in the allowlist mode.
 func (a *accessManager) allowlistMode() (ok bool) {
-	return len(a.allowedIPs) != 0 || a.allowedClientIDs.Len() != 0 || len(a.allowedNets) != 0
+	return a.allowedIPs.Len() != 0 || a.allowedClientIDs.Len() != 0 || len(a.allowedNets) != 0
 }
 
 // isBlockedClientID returns true if the ClientID should be blocked.
@@ -152,7 +151,7 @@ func (a *accessManager) isBlockedIP(ip netip.Addr) (blocked bool, rule string) {
 		ipnets = a.allowedNets
 	}
 
-	if _, ok := ips[ip]; ok {
+	if ips.Has(ip) {
 		return blocked, ip.String()
 	}
 
@@ -176,9 +175,9 @@ func (s *Server) accessListJSON() (j accessListJSON) {
 	defer s.serverLock.RUnlock()
 
 	return accessListJSON{
-		AllowedClients:    stringutil.CloneSlice(s.conf.AllowedClients),
-		DisallowedClients: stringutil.CloneSlice(s.conf.DisallowedClients),
-		BlockedHosts:      stringutil.CloneSlice(s.conf.BlockedHosts),
+		AllowedClients:    slices.Clone(s.conf.AllowedClients),
+		DisallowedClients: slices.Clone(s.conf.DisallowedClients),
+		BlockedHosts:      slices.Clone(s.conf.BlockedHosts),
 	}
 }
 

internal/dnsforward/config.go

@@ -19,6 +19,7 @@ import (
 	"github.com/AdguardTeam/AdGuardHome/internal/filtering"
 	"github.com/AdguardTeam/dnsproxy/proxy"
 	"github.com/AdguardTeam/dnsproxy/upstream"
+	"github.com/AdguardTeam/golibs/container"
 	"github.com/AdguardTeam/golibs/errors"
 	"github.com/AdguardTeam/golibs/log"
 	"github.com/AdguardTeam/golibs/netutil"
@@ -461,26 +462,27 @@ func (s *Server) prepareIpsetListSettings() (err error) {
 // unspecPorts if its address is unspecified.
 func collectListenAddr(
 	addrPort netip.AddrPort,
-	addrs map[netip.AddrPort]unit,
-	unspecPorts map[uint16]unit,
+	addrs *container.MapSet[netip.AddrPort],
+	unspecPorts *container.MapSet[uint16],
 ) {
 	if addrPort == (netip.AddrPort{}) {
 		return
 	}
 
-	addrs[addrPort] = unit{}
+	addrs.Add(addrPort)
 	if addrPort.Addr().IsUnspecified() {
-		unspecPorts[addrPort.Port()] = unit{}
+		unspecPorts.Add(addrPort.Port())
 	}
 }
 
 // collectDNSAddrs returns configured set of listening addresses.  It also
 // returns a set of ports of each unspecified listening address.
-func (conf *ServerConfig) collectDNSAddrs() (addrs mapAddrPortSet, unspecPorts map[uint16]unit) {
-	// TODO(e.burkov):  Perhaps, we shouldn't allocate as much memory, since the
-	// TCP and UDP listening addresses are currently the same.
-	addrs = make(map[netip.AddrPort]unit, len(conf.TCPListenAddrs)+len(conf.UDPListenAddrs))
-	unspecPorts = map[uint16]unit{}
+func (conf *ServerConfig) collectDNSAddrs() (
+	addrs *container.MapSet[netip.AddrPort],
+	unspecPorts *container.MapSet[uint16],
+) {
+	addrs = container.NewMapSet[netip.AddrPort]()
+	unspecPorts = container.NewMapSet[uint16]()
 
 	for _, laddr := range conf.TCPListenAddrs {
 		collectListenAddr(laddr.AddrPort(), addrs, unspecPorts)
@@ -511,26 +513,12 @@ type emptyAddrPortSet struct{}
 // Has implements the [addrPortSet] interface for [emptyAddrPortSet].
 func (emptyAddrPortSet) Has(_ netip.AddrPort) (ok bool) { return false }
 
-// mapAddrPortSet is the [addrPortSet] containing values of [netip.AddrPort] as
-// keys of a map.
-type mapAddrPortSet map[netip.AddrPort]unit
-
-// type check
-var _ addrPortSet = mapAddrPortSet{}
-
-// Has implements the [addrPortSet] interface for [mapAddrPortSet].
-func (m mapAddrPortSet) Has(addrPort netip.AddrPort) (ok bool) {
-	_, ok = m[addrPort]
-
-	return ok
-}
-
 // combinedAddrPortSet is the [addrPortSet] defined by some IP addresses along
 // with ports, any combination of which is considered being in the set.
 type combinedAddrPortSet struct {
-	// TODO(e.burkov):  Use sorted slices in combination with binary search.
-	ports map[uint16]unit
-	addrs []netip.Addr
+	// TODO(e.burkov):  Use container.SliceSet when available.
+	ports *container.MapSet[uint16]
+	addrs *container.MapSet[netip.Addr]
 }
 
 // type check
@@ -538,9 +526,7 @@ var _ addrPortSet = (*combinedAddrPortSet)(nil)
 
 // Has implements the [addrPortSet] interface for [*combinedAddrPortSet].
 func (m *combinedAddrPortSet) Has(addrPort netip.AddrPort) (ok bool) {
-	_, ok = m.ports[addrPort.Port()]
-
-	return ok && slices.Contains(m.addrs, addrPort.Addr())
+	return m.ports.Has(addrPort.Port()) && m.addrs.Has(addrPort.Addr())
 }
 
 // filterOut filters out all the upstreams that match um.  It returns all the
@@ -578,11 +564,11 @@ func filterOutAddrs(upsConf *proxy.UpstreamConfig, set addrPortSet) (err error)
 func (conf *ServerConfig) ourAddrsSet() (m addrPortSet, err error) {
 	addrs, unspecPorts := conf.collectDNSAddrs()
 	switch {
-	case len(addrs) == 0:
+	case addrs.Len() == 0:
 		log.Debug("dnsforward: no listen addresses")
 
 		return emptyAddrPortSet{}, nil
-	case len(unspecPorts) == 0:
+	case unspecPorts.Len() == 0:
 		log.Debug("dnsforward: filtering out addresses %s", addrs)
 
 		return addrs, nil
@@ -598,7 +584,7 @@ func (conf *ServerConfig) ourAddrsSet() (m addrPortSet, err error) {
 
 		return &combinedAddrPortSet{
 			ports: unspecPorts,
-			addrs: ifaceAddrs,
+			addrs: container.NewMapSet(ifaceAddrs...),
 		}, nil
 	}
 }

internal/dnsforward/dnsforward.go

@@ -308,13 +308,13 @@ func (s *Server) WriteDiskConfig(c *Config) {
 	sc := s.conf.Config
 	*c = sc
 	c.RatelimitWhitelist = slices.Clone(sc.RatelimitWhitelist)
-	c.BootstrapDNS = stringutil.CloneSlice(sc.BootstrapDNS)
-	c.FallbackDNS = stringutil.CloneSlice(sc.FallbackDNS)
-	c.AllowedClients = stringutil.CloneSlice(sc.AllowedClients)
-	c.DisallowedClients = stringutil.CloneSlice(sc.DisallowedClients)
-	c.BlockedHosts = stringutil.CloneSlice(sc.BlockedHosts)
+	c.BootstrapDNS = slices.Clone(sc.BootstrapDNS)
+	c.FallbackDNS = slices.Clone(sc.FallbackDNS)
+	c.AllowedClients = slices.Clone(sc.AllowedClients)
+	c.DisallowedClients = slices.Clone(sc.DisallowedClients)
+	c.BlockedHosts = slices.Clone(sc.BlockedHosts)
 	c.TrustedProxies = slices.Clone(sc.TrustedProxies)
-	c.UpstreamDNS = stringutil.CloneSlice(sc.UpstreamDNS)
+	c.UpstreamDNS = slices.Clone(sc.UpstreamDNS)
 }
 
 // LocalPTRResolvers returns the current local PTR resolver configuration.
@@ -322,7 +322,7 @@ func (s *Server) LocalPTRResolvers() (localPTRResolvers []string) {
 	s.serverLock.RLock()
 	defer s.serverLock.RUnlock()
 
-	return stringutil.CloneSlice(s.conf.LocalPTRResolvers)
+	return slices.Clone(s.conf.LocalPTRResolvers)
 }
 
 // AddrProcConfig returns the current address processing configuration.  Only