badguardhome/internal/home/controlfiltering.go

406 lines
10 KiB
Go
Raw Normal View History

package home
import (
"encoding/json"
"fmt"
"io/ioutil"
"net"
"net/http"
"net/url"
"os"
"path/filepath"
"strings"
"time"
"github.com/AdguardTeam/AdGuardHome/internal/util"
"github.com/AdguardTeam/golibs/log"
"github.com/miekg/dns"
)
// isValidURL - return TRUE if URL or file path is valid
func isValidURL(rawurl string) bool {
if filepath.IsAbs(rawurl) {
// this is a file path
return util.FileExists(rawurl)
}
url, err := url.ParseRequestURI(rawurl)
if err != nil {
return false // Couldn't even parse the rawurl
}
if len(url.Scheme) == 0 {
return false // No Scheme found
}
return true
}
type filterAddJSON struct {
Name string `json:"name"`
URL string `json:"url"`
Whitelist bool `json:"whitelist"`
}
func (f *Filtering) handleFilteringAddURL(w http.ResponseWriter, r *http.Request) {
fj := filterAddJSON{}
err := json.NewDecoder(r.Body).Decode(&fj)
if err != nil {
httpError(w, http.StatusBadRequest, "Failed to parse request body json: %s", err)
return
}
if !isValidURL(fj.URL) {
http.Error(w, "Invalid URL or file path", http.StatusBadRequest)
return
}
// Check for duplicates
if filterExists(fj.URL) {
httpError(w, http.StatusBadRequest, "Filter URL already added -- %s", fj.URL)
return
}
// Set necessary properties
filt := filter{
Enabled: true,
URL: fj.URL,
Name: fj.Name,
white: fj.Whitelist,
}
filt.ID = assignUniqueFilterID()
// Download the filter contents
ok, err := f.update(&filt)
if err != nil {
httpError(w, http.StatusBadRequest, "Couldn't fetch filter from url %s: %s", filt.URL, err)
return
}
if !ok {
httpError(w, http.StatusBadRequest, "Filter at the url %s is invalid (maybe it points to blank page?)", filt.URL)
return
}
// URL is deemed valid, append it to filters, update config, write new filter file and tell dns to reload it
if !filterAdd(filt) {
httpError(w, http.StatusBadRequest, "Filter URL already added -- %s", filt.URL)
return
}
onConfigModified()
enableFilters(true)
_, err = fmt.Fprintf(w, "OK %d rules\n", filt.RulesCount)
if err != nil {
httpError(w, http.StatusInternalServerError, "Couldn't write body: %s", err)
}
}
func (f *Filtering) handleFilteringRemoveURL(w http.ResponseWriter, r *http.Request) {
type request struct {
URL string `json:"url"`
Whitelist bool `json:"whitelist"`
}
req := request{}
err := json.NewDecoder(r.Body).Decode(&req)
if err != nil {
httpError(w, http.StatusBadRequest, "failed to parse request body json: %s", err)
return
}
config.Lock()
filters := &config.Filters
if req.Whitelist {
filters = &config.WhitelistFilters
}
var deleted filter
var newFilters []filter
for _, f := range *filters {
if f.URL != req.URL {
newFilters = append(newFilters, f)
continue
}
deleted = f
path := f.Path()
err = os.Rename(path, path+".old")
if err != nil {
log.Error("deleting filter %q: %s", path, err)
}
}
*filters = newFilters
config.Unlock()
onConfigModified()
enableFilters(true)
// NOTE: The old files "filter.txt.old" aren't deleted. It's not really
// necessary, but will require the additional complicated code to run
// after enableFilters is done.
//
// TODO(a.garipov): Make sure the above comment is true.
_, err = fmt.Fprintf(w, "OK %d rules\n", deleted.RulesCount)
if err != nil {
httpError(w, http.StatusInternalServerError, "couldn't write body: %s", err)
}
}
type filterURLJSON struct {
Name string `json:"name"`
URL string `json:"url"`
Enabled bool `json:"enabled"`
}
type filterURLReq struct {
URL string `json:"url"`
Whitelist bool `json:"whitelist"`
Data filterURLJSON `json:"data"`
}
func (f *Filtering) handleFilteringSetURL(w http.ResponseWriter, r *http.Request) {
fj := filterURLReq{}
err := json.NewDecoder(r.Body).Decode(&fj)
if err != nil {
httpError(w, http.StatusBadRequest, "json decode: %s", err)
return
}
if !isValidURL(fj.Data.URL) {
http.Error(w, "invalid URL or file path", http.StatusBadRequest)
return
}
filt := filter{
Enabled: fj.Data.Enabled,
Name: fj.Data.Name,
URL: fj.Data.URL,
}
status := f.filterSetProperties(fj.URL, filt, fj.Whitelist)
if (status & statusFound) == 0 {
http.Error(w, "URL doesn't exist", http.StatusBadRequest)
return
}
if (status & statusURLExists) != 0 {
http.Error(w, "URL already exists", http.StatusBadRequest)
return
}
onConfigModified()
restart := false
if (status & statusEnabledChanged) != 0 {
// we must add or remove filter rules
restart = true
}
if (status&statusUpdateRequired) != 0 && fj.Data.Enabled {
// download new filter and apply its rules
flags := filterRefreshBlocklists
if fj.Whitelist {
flags = filterRefreshAllowlists
}
nUpdated, _ := f.refreshFilters(flags, true)
// if at least 1 filter has been updated, refreshFilters() restarts the filtering automatically
// if not - we restart the filtering ourselves
restart = false
if nUpdated == 0 {
restart = true
}
}
if restart {
enableFilters(true)
}
}
func (f *Filtering) handleFilteringSetRules(w http.ResponseWriter, r *http.Request) {
Pull request: 2305 limit message size Merge in DNS/adguard-home from 2305-limit-message-size to master Closes #2305. Squashed commit of the following: commit 6edd1e0521277a680f0053308efcf3d9cacc8e62 Author: Eugene Burkov <e.burkov@adguard.com> Date: Mon Nov 23 14:03:36 2020 +0300 aghio: fix final inaccuracies commit 4dd382aaf25132b31eb269749a2cd36daf0cb792 Author: Eugene Burkov <e.burkov@adguard.com> Date: Mon Nov 23 13:59:10 2020 +0300 all: improve code quality commit 060f923f6023d0e6f26441559b7023d5e5f96843 Author: Eugene Burkov <e.burkov@adguard.com> Date: Mon Nov 23 13:10:57 2020 +0300 aghio: add validation to constructor commit f57a2f596f5dc578548241c315c68dce7fc93905 Author: Eugene Burkov <e.burkov@adguard.com> Date: Fri Nov 20 19:19:26 2020 +0300 all: fix minor inaccuracies commit 93462c71725d3d00655a4bd565b77e64451fff60 Author: Eugene Burkov <e.burkov@adguard.com> Date: Fri Nov 20 19:13:23 2020 +0300 home: make test name follow convention commit 4922986ad84481b054479c43b4133a1b97bee86b Merge: 1f5472abc 046ec13fd Author: Eugene Burkov <e.burkov@adguard.com> Date: Fri Nov 20 19:09:01 2020 +0300 Merge branch 'master' into 2305-limit-message-size commit 1f5472abcfa7427f389825fc59eb4253e1e2bfb7 Author: Eugene Burkov <e.burkov@adguard.com> Date: Fri Nov 20 19:08:21 2020 +0300 aghio: improve readability commit 60dc706b093fa22bbf62f13b2341934364ddc4df Author: Eugene Burkov <e.burkov@adguard.com> Date: Fri Nov 20 18:44:08 2020 +0300 home: cover middleware with test commit bedf436b947ca1fa4493af2fc94f1f40beec7c35 Author: Eugene Burkov <e.burkov@adguard.com> Date: Fri Nov 20 17:10:23 2020 +0300 aghio: improved error informativeness commit 682c5da9f21fa330fb3536bb1c112129c91b9990 Author: Eugene Burkov <e.burkov@adguard.com> Date: Fri Nov 20 13:37:51 2020 +0300 all: limit readers for ReadAll dealing with miscellanious data. commit 78c6dd8d90a0a43fe6ee3f9ed4d5fc637b15ba74 Author: Eugene Burkov <e.burkov@adguard.com> Date: Thu Nov 19 20:07:43 2020 +0300 all: handle ReadAll calls dealing with request's bodies. commit bfe1a6faf6468eb44515e2b0ecffa8c51f90b7e8 Author: Eugene Burkov <e.burkov@adguard.com> Date: Thu Nov 19 17:25:34 2020 +0300 home: add middlewares commit bbd1d491b318e6ba07f8af23ad546183383783a8 Merge: 7b77c2cad 62a8fe0b7 Author: Eugene Burkov <e.burkov@adguard.com> Date: Thu Nov 19 16:44:04 2020 +0300 Merge branch 'master' into 2305-limit-message-size commit 7b77c2cad03154177392460982e1d73ee2a30177 Author: Eugene Burkov <e.burkov@adguard.com> Date: Tue Nov 17 15:33:33 2020 +0300 aghio: create package
2020-11-23 11:14:08 +00:00
// This use of ReadAll is safe, because request's body is now limited.
body, err := ioutil.ReadAll(r.Body)
if err != nil {
httpError(w, http.StatusBadRequest, "Failed to read request body: %s", err)
return
}
config.UserRules = strings.Split(string(body), "\n")
onConfigModified()
enableFilters(true)
}
func (f *Filtering) handleFilteringRefresh(w http.ResponseWriter, r *http.Request) {
type Req struct {
White bool `json:"whitelist"`
}
type Resp struct {
Updated int `json:"updated"`
}
resp := Resp{}
var err error
req := Req{}
err = json.NewDecoder(r.Body).Decode(&req)
if err != nil {
httpError(w, http.StatusBadRequest, "json decode: %s", err)
return
}
Fix #1069 install: check static ip Squashed commit of the following: commit 57466233cbeb89aff82d8610778f7c3b60fe8426 Merge: 2df5f281 867bf545 Author: Andrey Meshkov <am@adguard.com> Date: Thu Feb 13 18:39:15 2020 +0300 Merge branch 'master' into 1069-install-static-ip commit 2df5f281c4f5949b92edd4747ece60ff73799e54 Author: Andrey Meshkov <am@adguard.com> Date: Thu Feb 13 18:35:54 2020 +0300 *: lang fix commit b4649a6b2781741979531faf862b88c2557f1445 Merge: c2785253 f61d5f0f Author: Andrey Meshkov <am@adguard.com> Date: Thu Feb 13 16:47:30 2020 +0300 *(home): fixed issues with setting static IP on Mac commit c27852537d2f5ce62b16c43f4241a15d0fb8c9fd Author: Andrey Meshkov <am@adguard.com> Date: Thu Feb 13 14:14:30 2020 +0300 +(dhcpd): added static IP for MacOS commit f61d5f0f85a954120b2676a5153f10a05662cf42 Author: Ildar Kamalov <i.kamalov@adguard.com> Date: Thu Feb 13 14:13:35 2020 +0300 + client: show confirm before setting static IP commit 7afa16fbe76dff4485d166f6164bae171e0110c9 Author: Ildar Kamalov <i.kamalov@adguard.com> Date: Thu Feb 13 13:51:52 2020 +0300 - client: fix text commit 019bff0851c584302fa44317fc748b3319be9470 Author: Ildar Kamalov <i.kamalov@adguard.com> Date: Thu Feb 13 13:49:16 2020 +0300 - client: pass all params to the check_config request commit 194bed72f567ae815cbd424e2df1ac5be65e0c02 Author: Andrey Meshkov <am@adguard.com> Date: Wed Feb 12 17:12:16 2020 +0300 *: fix home_test commit 9359f6b55f5e36dd311fb85b6a83bb6227308f03 Merge: ae299058 c5ca2a77 Author: Andrey Meshkov <am@adguard.com> Date: Wed Feb 12 15:54:54 2020 +0300 Merge with master commit ae2990582defd8062b99c546b2a932a8ba06c35d Author: Andrey Meshkov <am@adguard.com> Date: Wed Feb 12 15:53:36 2020 +0300 *(global): refactoring - moved runtime properties to Context commit d8d48c53869a94d18c5ea7bcf78613e83b24bfd8 Author: Andrey Meshkov <am@adguard.com> Date: Wed Feb 12 15:04:25 2020 +0300 *(dhcpd): refactoring, use dhcpd/network_utils where possible commit 8d039c572f0e5f5245bd155a4e4d35400e6962c6 Author: Ildar Kamalov <i.kamalov@adguard.com> Date: Fri Feb 7 18:37:39 2020 +0300 - client: fix button position commit 26c47e59dd63317bdb959cb416e7c1c0bfdf7dc1 Author: Ildar Kamalov <i.kamalov@adguard.com> Date: Fri Feb 7 18:08:56 2020 +0300 - client: fix static ip description commit cb12babc4698d048478570303af8955a35e8531d Author: Andrey Meshkov <am@adguard.com> Date: Fri Feb 7 17:08:39 2020 +0300 *: lower log level for some commands commit d9001ff84852d708e400d039503141929e06d774 Author: Andrey Meshkov <am@adguard.com> Date: Fri Feb 7 16:17:59 2020 +0300 *(documentation): updated openapi commit 1d213d53c88d5009a4b1d33d4cfa9e215c644bec Merge: 8406d7d2 80861860 Author: Andrey Meshkov <am@adguard.com> Date: Fri Feb 7 15:16:46 2020 +0300 *: merge with master commit 8406d7d28827ce1ed9d9f6770ce1700681811535 Author: Ildar Kamalov <i.kamalov@adguard.com> Date: Fri Jan 31 16:52:22 2020 +0300 - client: fix locales commit fb476b011768367be51010c89754dcd23b383f5a Author: Simon Zolin <s.zolin@adguard.com> Date: Fri Jan 31 13:29:03 2020 +0300 linter commit 84b5708e71c88a9643d402ab630270f5e7bf35b8 Author: Simon Zolin <s.zolin@adguard.com> Date: Fri Jan 31 13:27:53 2020 +0300 linter commit 143a86a28a3465776f803f6b99b9f3c64b26400e Author: Simon Zolin <s.zolin@adguard.com> Date: Fri Jan 31 13:26:47 2020 +0300 linter ... and 7 more commits
2020-02-13 15:42:07 +00:00
Context.controlLock.Unlock()
flags := filterRefreshBlocklists
if req.White {
flags = filterRefreshAllowlists
}
resp.Updated, err = f.refreshFilters(flags|filterRefreshForce, false)
Fix #1069 install: check static ip Squashed commit of the following: commit 57466233cbeb89aff82d8610778f7c3b60fe8426 Merge: 2df5f281 867bf545 Author: Andrey Meshkov <am@adguard.com> Date: Thu Feb 13 18:39:15 2020 +0300 Merge branch 'master' into 1069-install-static-ip commit 2df5f281c4f5949b92edd4747ece60ff73799e54 Author: Andrey Meshkov <am@adguard.com> Date: Thu Feb 13 18:35:54 2020 +0300 *: lang fix commit b4649a6b2781741979531faf862b88c2557f1445 Merge: c2785253 f61d5f0f Author: Andrey Meshkov <am@adguard.com> Date: Thu Feb 13 16:47:30 2020 +0300 *(home): fixed issues with setting static IP on Mac commit c27852537d2f5ce62b16c43f4241a15d0fb8c9fd Author: Andrey Meshkov <am@adguard.com> Date: Thu Feb 13 14:14:30 2020 +0300 +(dhcpd): added static IP for MacOS commit f61d5f0f85a954120b2676a5153f10a05662cf42 Author: Ildar Kamalov <i.kamalov@adguard.com> Date: Thu Feb 13 14:13:35 2020 +0300 + client: show confirm before setting static IP commit 7afa16fbe76dff4485d166f6164bae171e0110c9 Author: Ildar Kamalov <i.kamalov@adguard.com> Date: Thu Feb 13 13:51:52 2020 +0300 - client: fix text commit 019bff0851c584302fa44317fc748b3319be9470 Author: Ildar Kamalov <i.kamalov@adguard.com> Date: Thu Feb 13 13:49:16 2020 +0300 - client: pass all params to the check_config request commit 194bed72f567ae815cbd424e2df1ac5be65e0c02 Author: Andrey Meshkov <am@adguard.com> Date: Wed Feb 12 17:12:16 2020 +0300 *: fix home_test commit 9359f6b55f5e36dd311fb85b6a83bb6227308f03 Merge: ae299058 c5ca2a77 Author: Andrey Meshkov <am@adguard.com> Date: Wed Feb 12 15:54:54 2020 +0300 Merge with master commit ae2990582defd8062b99c546b2a932a8ba06c35d Author: Andrey Meshkov <am@adguard.com> Date: Wed Feb 12 15:53:36 2020 +0300 *(global): refactoring - moved runtime properties to Context commit d8d48c53869a94d18c5ea7bcf78613e83b24bfd8 Author: Andrey Meshkov <am@adguard.com> Date: Wed Feb 12 15:04:25 2020 +0300 *(dhcpd): refactoring, use dhcpd/network_utils where possible commit 8d039c572f0e5f5245bd155a4e4d35400e6962c6 Author: Ildar Kamalov <i.kamalov@adguard.com> Date: Fri Feb 7 18:37:39 2020 +0300 - client: fix button position commit 26c47e59dd63317bdb959cb416e7c1c0bfdf7dc1 Author: Ildar Kamalov <i.kamalov@adguard.com> Date: Fri Feb 7 18:08:56 2020 +0300 - client: fix static ip description commit cb12babc4698d048478570303af8955a35e8531d Author: Andrey Meshkov <am@adguard.com> Date: Fri Feb 7 17:08:39 2020 +0300 *: lower log level for some commands commit d9001ff84852d708e400d039503141929e06d774 Author: Andrey Meshkov <am@adguard.com> Date: Fri Feb 7 16:17:59 2020 +0300 *(documentation): updated openapi commit 1d213d53c88d5009a4b1d33d4cfa9e215c644bec Merge: 8406d7d2 80861860 Author: Andrey Meshkov <am@adguard.com> Date: Fri Feb 7 15:16:46 2020 +0300 *: merge with master commit 8406d7d28827ce1ed9d9f6770ce1700681811535 Author: Ildar Kamalov <i.kamalov@adguard.com> Date: Fri Jan 31 16:52:22 2020 +0300 - client: fix locales commit fb476b011768367be51010c89754dcd23b383f5a Author: Simon Zolin <s.zolin@adguard.com> Date: Fri Jan 31 13:29:03 2020 +0300 linter commit 84b5708e71c88a9643d402ab630270f5e7bf35b8 Author: Simon Zolin <s.zolin@adguard.com> Date: Fri Jan 31 13:27:53 2020 +0300 linter commit 143a86a28a3465776f803f6b99b9f3c64b26400e Author: Simon Zolin <s.zolin@adguard.com> Date: Fri Jan 31 13:26:47 2020 +0300 linter ... and 7 more commits
2020-02-13 15:42:07 +00:00
Context.controlLock.Lock()
if err != nil {
httpError(w, http.StatusInternalServerError, "%s", err)
return
}
js, err := json.Marshal(resp)
if err != nil {
httpError(w, http.StatusInternalServerError, "json encode: %s", err)
return
}
w.Header().Set("Content-Type", "application/json")
_, _ = w.Write(js)
}
type filterJSON struct {
ID int64 `json:"id"`
Enabled bool `json:"enabled"`
URL string `json:"url"`
Name string `json:"name"`
RulesCount uint32 `json:"rules_count"`
LastUpdated string `json:"last_updated"`
}
type filteringConfig struct {
Enabled bool `json:"enabled"`
Interval uint32 `json:"interval"` // in hours
Filters []filterJSON `json:"filters"`
WhitelistFilters []filterJSON `json:"whitelist_filters"`
UserRules []string `json:"user_rules"`
}
func filterToJSON(f filter) filterJSON {
fj := filterJSON{
ID: f.ID,
Enabled: f.Enabled,
URL: f.URL,
Name: f.Name,
RulesCount: uint32(f.RulesCount),
}
if !f.LastUpdated.IsZero() {
fj.LastUpdated = f.LastUpdated.Format(time.RFC3339)
}
return fj
}
// Get filtering configuration
func (f *Filtering) handleFilteringStatus(w http.ResponseWriter, r *http.Request) {
resp := filteringConfig{}
config.RLock()
resp.Enabled = config.DNS.FilteringEnabled
resp.Interval = config.DNS.FiltersUpdateIntervalHours
for _, f := range config.Filters {
fj := filterToJSON(f)
resp.Filters = append(resp.Filters, fj)
}
for _, f := range config.WhitelistFilters {
fj := filterToJSON(f)
resp.WhitelistFilters = append(resp.WhitelistFilters, fj)
}
resp.UserRules = config.UserRules
config.RUnlock()
jsonVal, err := json.Marshal(resp)
if err != nil {
httpError(w, http.StatusInternalServerError, "json encode: %s", err)
return
}
w.Header().Set("Content-Type", "application/json")
_, err = w.Write(jsonVal)
if err != nil {
httpError(w, http.StatusInternalServerError, "http write: %s", err)
}
}
// Set filtering configuration
func (f *Filtering) handleFilteringConfig(w http.ResponseWriter, r *http.Request) {
req := filteringConfig{}
err := json.NewDecoder(r.Body).Decode(&req)
if err != nil {
httpError(w, http.StatusBadRequest, "json decode: %s", err)
return
}
if !checkFiltersUpdateIntervalHours(req.Interval) {
httpError(w, http.StatusBadRequest, "Unsupported interval")
return
}
config.DNS.FilteringEnabled = req.Enabled
config.DNS.FiltersUpdateIntervalHours = req.Interval
onConfigModified()
enableFilters(true)
}
type checkHostResp struct {
Reason string `json:"reason"`
FilterID int64 `json:"filter_id"`
Rule string `json:"rule"`
// for FilteredBlockedService:
SvcName string `json:"service_name"`
// for ReasonRewrite:
CanonName string `json:"cname"` // CNAME value
IPList []net.IP `json:"ip_addrs"` // list of IP addresses
}
func (f *Filtering) handleCheckHost(w http.ResponseWriter, r *http.Request) {
q := r.URL.Query()
host := q.Get("name")
setts := Context.dnsFilter.GetConfig()
setts.FilteringEnabled = true
Context.dnsFilter.ApplyBlockedServices(&setts, nil, true)
result, err := Context.dnsFilter.CheckHost(host, dns.TypeA, &setts)
if err != nil {
httpError(w, http.StatusInternalServerError, "couldn't apply filtering: %s: %s", host, err)
return
}
resp := checkHostResp{}
resp.Reason = result.Reason.String()
resp.FilterID = result.FilterID
resp.Rule = result.Rule
resp.SvcName = result.ServiceName
resp.CanonName = result.CanonName
resp.IPList = result.IPList
js, err := json.Marshal(resp)
if err != nil {
httpError(w, http.StatusInternalServerError, "json encode: %s", err)
return
}
w.Header().Set("Content-Type", "application/json")
_, _ = w.Write(js)
}
// RegisterFilteringHandlers - register handlers
func (f *Filtering) RegisterFilteringHandlers() {
httpRegister("GET", "/control/filtering/status", f.handleFilteringStatus)
httpRegister("POST", "/control/filtering/config", f.handleFilteringConfig)
httpRegister("POST", "/control/filtering/add_url", f.handleFilteringAddURL)
httpRegister("POST", "/control/filtering/remove_url", f.handleFilteringRemoveURL)
httpRegister("POST", "/control/filtering/set_url", f.handleFilteringSetURL)
httpRegister("POST", "/control/filtering/refresh", f.handleFilteringRefresh)
httpRegister("POST", "/control/filtering/set_rules", f.handleFilteringSetRules)
httpRegister("GET", "/control/filtering/check_host", f.handleCheckHost)
}
func checkFiltersUpdateIntervalHours(i uint32) bool {
return i == 0 || i == 1 || i == 12 || i == 1*24 || i == 3*24 || i == 7*24
}