From 58515fce4304538ba374305c27d71640993f046e Mon Sep 17 00:00:00 2001 From: Eugene Burkov Date: Wed, 4 May 2022 21:01:41 +0300 Subject: [PATCH] Pull request: 4542 clientid case Merge in DNS/adguard-home from 4542-clientid-case to master Updates #4542. Squashed commit of the following: commit 2a3111ebcef09460b407cd1c870cad2391cd5650 Author: Eugene Burkov Date: Wed May 4 20:44:18 2022 +0300 all: fix changelog link commit 3732def83e2a36eeff2d682149dc4dcef4e92a7d Author: Eugene Burkov Date: Wed May 4 20:43:37 2022 +0300 all: log changes commit 9fe1001cf586669ae238c9c4818070cf94e23ce8 Author: Eugene Burkov Date: Wed May 4 19:37:33 2022 +0300 dnsforward: lowercase clientid --- CHANGELOG.md | 2 ++ internal/dnsforward/clientid.go | 4 ++-- internal/dnsforward/clientid_test.go | 21 +++++++++++++++++++++ internal/home/clients.go | 3 ++- 4 files changed, 27 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 289b1d2e..3c2fa06c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -127,6 +127,7 @@ In this release, the schema version has changed from 12 to 14. ### Fixed +- Case-sensitive ClientID ([#4542]). - Slow version update queries making other HTTP APIs unresponsible ([#4499]). - ARP tables refreshing process causing excessive PTR requests ([#3157]). @@ -148,6 +149,7 @@ In this release, the schema version has changed from 12 to 14. [#4276]: https://github.com/AdguardTeam/AdGuardHome/issues/4276 [#4499]: https://github.com/AdguardTeam/AdGuardHome/issues/4499 [#4533]: https://github.com/AdguardTeam/AdGuardHome/issues/4533 +[#4542]: https://github.com/AdguardTeam/AdGuardHome/issues/4542 [ddr-draft-06]: https://www.ietf.org/archive/id/draft-ietf-add-ddr-06.html [doq-draft-10]: https://datatracker.ietf.org/doc/html/draft-ietf-dprive-dnsoquic-10#section-10.2 diff --git a/internal/dnsforward/clientid.go b/internal/dnsforward/clientid.go index 481fb84d..bb687a41 100644 --- a/internal/dnsforward/clientid.go +++ b/internal/dnsforward/clientid.go @@ -65,7 +65,7 @@ func clientIDFromClientServerName( return "", err } - return clientID, nil + return strings.ToLower(clientID), nil } // clientIDFromDNSContextHTTPS extracts the client's ID from the path of the @@ -104,7 +104,7 @@ func clientIDFromDNSContextHTTPS(pctx *proxy.DNSContext) (clientID string, err e return "", fmt.Errorf("clientid check: %w", err) } - return clientID, nil + return strings.ToLower(clientID), nil } // tlsConn is a narrow interface for *tls.Conn to simplify testing. diff --git a/internal/dnsforward/clientid_test.go b/internal/dnsforward/clientid_test.go index e62dbe58..6e23d639 100644 --- a/internal/dnsforward/clientid_test.go +++ b/internal/dnsforward/clientid_test.go @@ -143,6 +143,22 @@ func TestServer_clientIDFromDNSContext(t *testing.T) { wantErrMsg: `clientid check: client server name "cli.myexample.com" ` + `doesn't match host server name "example.com"`, strictSNI: true, + }, { + name: "tls_case", + proto: proxy.ProtoTLS, + hostSrvName: "example.com", + cliSrvName: "InSeNsItIvE.example.com", + wantClientID: "insensitive", + wantErrMsg: ``, + strictSNI: true, + }, { + name: "quic_case", + proto: proxy.ProtoQUIC, + hostSrvName: "example.com", + cliSrvName: "InSeNsItIvE.example.com", + wantClientID: "insensitive", + wantErrMsg: ``, + strictSNI: true, }} for _, tc := range testCases { @@ -210,6 +226,11 @@ func TestClientIDFromDNSContextHTTPS(t *testing.T) { path: "/dns-query/cli/", wantClientID: "cli", wantErrMsg: "", + }, { + name: "clientid_case", + path: "/dns-query/InSeNsItIvE", + wantClientID: "insensitive", + wantErrMsg: ``, }, { name: "bad_url", path: "/foo", diff --git a/internal/home/clients.go b/internal/home/clients.go index d4d6b959..4ba6b884 100644 --- a/internal/home/clients.go +++ b/internal/home/clients.go @@ -5,6 +5,7 @@ import ( "fmt" "net" "sort" + "strings" "sync" "time" @@ -546,7 +547,7 @@ func (clients *clientsContainer) check(c *Client) (err error) { } else if mac, err = net.ParseMAC(id); err == nil { c.IDs[i] = mac.String() } else if err = dnsforward.ValidateClientID(id); err == nil { - c.IDs[i] = id + c.IDs[i] = strings.ToLower(id) } else { return fmt.Errorf("invalid clientid at index %d: %q", i, id) }