Pull request: 3371 pipe-tailed rules

Merge in DNS/adguard-home from 3371-rules-validation to master Updates #3371. Squashed commit of the following: commit 7881a0bc788f130eaed27ea9306309dea52f62e7 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Thu Nov 11 15:06:42 2021 +0300 all: imp code, docs commit 613775a4bc3e75ca7792fb6896e161f3ef6b1a29 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Tue Nov 2 16:50:43 2021 +0300 all: upd urlfilter
2021-11-11 16:19:33 +03:00
parent 6fd9e72fbb
commit 884a98501d
7 changed files with 63 additions and 37 deletions
--- a/internal/aghnet/hostscontainer.go
+++ b/internal/aghnet/hostscontainer.go
@@ -112,16 +112,16 @@ func NewHostsContainer(
 }

 // MatchRequest is the request processing method to resolve hostnames and
-// addresses from the operating system's hosts files.  Any request not of A/AAAA
-// or PTR type will return with an empty result.  It's safe for concurrent use.
+// addresses from the operating system's hosts files.  res is nil for any
+// request having not an A/AAAA or PTR type.  It's safe for concurrent use.
 func (hc *HostsContainer) MatchRequest(
 	req urlfilter.DNSRequest,
-) (res urlfilter.DNSResult, ok bool) {
+) (res *urlfilter.DNSResult, ok bool) {
 	switch req.DNSType {
 	case dns.TypeA, dns.TypeAAAA, dns.TypePTR:
 		log.Debug("%s: handling the request", hostsContainerPref)
 	default:
-		return urlfilter.DNSResult{}, false
+		return nil, false
 	}

 	hc.engLock.RLock()
--- a/internal/aghnet/hostscontainer_test.go
+++ b/internal/aghnet/hostscontainer_test.go
@@ -256,39 +256,42 @@ func TestHostsContainer_MatchRequest(t *testing.T) {

 	testCase := []struct {
 		name string
-		want interface{}
+		want []interface{}
 		req  urlfilter.DNSRequest
 	}{{
 		name: "a",
-		want: ip4.To16(),
+		want: []interface{}{ip4.To16()},
 		req: urlfilter.DNSRequest{
 			Hostname: hostname4,
 			DNSType:  dns.TypeA,
 		},
 	}, {
 		name: "aaaa",
-		want: ip6,
+		want: []interface{}{ip6},
 		req: urlfilter.DNSRequest{
 			Hostname: hostname6,
-			DNSType:  dns.TypeA,
+			DNSType:  dns.TypeAAAA,
 		},
 	}, {
 		name: "ptr",
-		want: dns.Fqdn(hostname4),
+		want: []interface{}{
+			dns.Fqdn(hostname4),
+			dns.Fqdn(hostname4a),
+		},
 		req: urlfilter.DNSRequest{
 			Hostname: reversed4,
 			DNSType:  dns.TypePTR,
 		},
 	}, {
 		name: "ptr_v6",
-		want: dns.Fqdn(hostname6),
+		want: []interface{}{dns.Fqdn(hostname6)},
 		req: urlfilter.DNSRequest{
 			Hostname: reversed6,
 			DNSType:  dns.TypePTR,
 		},
 	}, {
 		name: "a_alias",
-		want: ip4.To16(),
+		want: []interface{}{ip4.To16()},
 		req: urlfilter.DNSRequest{
 			Hostname: hostname4a,
 			DNSType:  dns.TypeA,
@@ -299,8 +302,19 @@ func TestHostsContainer_MatchRequest(t *testing.T) {
 		t.Run(tc.name, func(t *testing.T) {
 			res, ok := hc.MatchRequest(tc.req)
 			require.False(t, ok)
+			require.NotNil(t, res)

-			assert.Equal(t, tc.want, res.DNSRewrites()[0].DNSRewrite.Value)
+			rws := res.DNSRewrites()
+			require.Len(t, rws, len(tc.want))
+
+			for i, w := range tc.want {
+				require.NotNil(t, rws[i])
+
+				rw := rws[i].DNSRewrite
+				require.NotNil(t, rw)
+
+				assert.Equal(t, w, rw.Value)
+			}
 		})
 	}

@@ -311,7 +325,7 @@ func TestHostsContainer_MatchRequest(t *testing.T) {
 		})
 		require.False(t, ok)

-		assert.Empty(t, res)
+		assert.Nil(t, res)
 	})
 }

--- a/internal/dnsforward/dns.go
+++ b/internal/dnsforward/dns.go
@@ -341,14 +341,12 @@ func (s *Server) processRestrictLocal(ctx *dnsContext) (rc resultCode) {
 	// Restrict an access to local addresses for external clients.  We also
 	// assume that all the DHCP leases we give are locally-served or at
 	// least don't need to be inaccessible externally.
-	if s.subnetDetector.IsLocallyServedNetwork(ip) {
-		if !ctx.isLocalClient {
-			log.Debug("dns: %q requests for internal ip", d.Addr)
-			d.Res = s.genNXDomain(req)
+	if s.subnetDetector.IsLocallyServedNetwork(ip) && !ctx.isLocalClient {
+		log.Debug("dns: %q requests for internal ip", d.Addr)
+		d.Res = s.genNXDomain(req)

-			// Do not even put into query log.
-			return resultCodeFinish
-		}
+		// Do not even put into query log.
+		return resultCodeFinish
 	}

 	// Do not perform unreversing ever again.
--- a/internal/filtering/filtering.go
+++ b/internal/filtering/filtering.go
@@ -451,7 +451,11 @@ func (d *DNSFilter) CheckHost(

 // matchSysHosts tries to match the host against the operating system's hosts
 // database.
-func (d *DNSFilter) matchSysHosts(host string, qtype uint16, setts *Settings) (res Result, err error) {
+func (d *DNSFilter) matchSysHosts(
+	host string,
+	qtype uint16,
+	setts *Settings,
+) (res Result, err error) {
 	if !setts.FilteringEnabled || d.EtcHosts == nil {
 		return Result{}, nil
 	}
@@ -464,6 +468,9 @@ func (d *DNSFilter) matchSysHosts(host string, qtype uint16, setts *Settings) (r
 		ClientName: setts.ClientName,
 		DNSType:    qtype,
 	})
+	if dnsres == nil {
+		return Result{}, nil
+	}

 	dnsr := dnsres.DNSRewrites()
 	if len(dnsr) == 0 {
@@ -695,7 +702,7 @@ func hostRulesToRules(netRules []*rules.HostRule) (res []rules.Rule) {
 // matching.
 func (d *DNSFilter) matchHostProcessAllowList(
 	host string,
-	dnsres urlfilter.DNSResult,
+	dnsres *urlfilter.DNSResult,
 ) (res Result, err error) {
 	var matchedRules []rules.Rule
 	if dnsres.NetworkRule != nil {
@@ -718,7 +725,7 @@ func (d *DNSFilter) matchHostProcessAllowList(
 // matchHostProcessDNSResult processes the matched DNS filtering result.
 func (d *DNSFilter) matchHostProcessDNSResult(
 	qtype uint16,
-	dnsres urlfilter.DNSResult,
+	dnsres *urlfilter.DNSResult,
 ) (res Result) {
 	if dnsres.NetworkRule != nil {
 		reason := FilteredBlockList