Pull request: 4542 clientid case

Merge in DNS/adguard-home from 4542-clientid-case to master

Updates #4542.

Squashed commit of the following:

commit 2a3111ebcef09460b407cd1c870cad2391cd5650
Author: Eugene Burkov <E.Burkov@AdGuard.COM>
Date:   Wed May 4 20:44:18 2022 +0300

    all: fix changelog link

commit 3732def83e2a36eeff2d682149dc4dcef4e92a7d
Author: Eugene Burkov <E.Burkov@AdGuard.COM>
Date:   Wed May 4 20:43:37 2022 +0300

    all: log changes

commit 9fe1001cf586669ae238c9c4818070cf94e23ce8
Author: Eugene Burkov <E.Burkov@AdGuard.COM>
Date:   Wed May 4 19:37:33 2022 +0300

    dnsforward: lowercase clientid
This commit is contained in:
Eugene Burkov 2022-05-04 21:01:41 +03:00
parent 21905d9869
commit 58515fce43
4 changed files with 27 additions and 3 deletions

View File

@ -127,6 +127,7 @@ In this release, the schema version has changed from 12 to 14.
### Fixed ### Fixed
- Case-sensitive ClientID ([#4542]).
- Slow version update queries making other HTTP APIs unresponsible ([#4499]). - Slow version update queries making other HTTP APIs unresponsible ([#4499]).
- ARP tables refreshing process causing excessive PTR requests ([#3157]). - ARP tables refreshing process causing excessive PTR requests ([#3157]).
@ -148,6 +149,7 @@ In this release, the schema version has changed from 12 to 14.
[#4276]: https://github.com/AdguardTeam/AdGuardHome/issues/4276 [#4276]: https://github.com/AdguardTeam/AdGuardHome/issues/4276
[#4499]: https://github.com/AdguardTeam/AdGuardHome/issues/4499 [#4499]: https://github.com/AdguardTeam/AdGuardHome/issues/4499
[#4533]: https://github.com/AdguardTeam/AdGuardHome/issues/4533 [#4533]: https://github.com/AdguardTeam/AdGuardHome/issues/4533
[#4542]: https://github.com/AdguardTeam/AdGuardHome/issues/4542
[ddr-draft-06]: https://www.ietf.org/archive/id/draft-ietf-add-ddr-06.html [ddr-draft-06]: https://www.ietf.org/archive/id/draft-ietf-add-ddr-06.html
[doq-draft-10]: https://datatracker.ietf.org/doc/html/draft-ietf-dprive-dnsoquic-10#section-10.2 [doq-draft-10]: https://datatracker.ietf.org/doc/html/draft-ietf-dprive-dnsoquic-10#section-10.2

View File

@ -65,7 +65,7 @@ func clientIDFromClientServerName(
return "", err return "", err
} }
return clientID, nil return strings.ToLower(clientID), nil
} }
// clientIDFromDNSContextHTTPS extracts the client's ID from the path of the // clientIDFromDNSContextHTTPS extracts the client's ID from the path of the
@ -104,7 +104,7 @@ func clientIDFromDNSContextHTTPS(pctx *proxy.DNSContext) (clientID string, err e
return "", fmt.Errorf("clientid check: %w", err) return "", fmt.Errorf("clientid check: %w", err)
} }
return clientID, nil return strings.ToLower(clientID), nil
} }
// tlsConn is a narrow interface for *tls.Conn to simplify testing. // tlsConn is a narrow interface for *tls.Conn to simplify testing.

View File

@ -143,6 +143,22 @@ func TestServer_clientIDFromDNSContext(t *testing.T) {
wantErrMsg: `clientid check: client server name "cli.myexample.com" ` + wantErrMsg: `clientid check: client server name "cli.myexample.com" ` +
`doesn't match host server name "example.com"`, `doesn't match host server name "example.com"`,
strictSNI: true, strictSNI: true,
}, {
name: "tls_case",
proto: proxy.ProtoTLS,
hostSrvName: "example.com",
cliSrvName: "InSeNsItIvE.example.com",
wantClientID: "insensitive",
wantErrMsg: ``,
strictSNI: true,
}, {
name: "quic_case",
proto: proxy.ProtoQUIC,
hostSrvName: "example.com",
cliSrvName: "InSeNsItIvE.example.com",
wantClientID: "insensitive",
wantErrMsg: ``,
strictSNI: true,
}} }}
for _, tc := range testCases { for _, tc := range testCases {
@ -210,6 +226,11 @@ func TestClientIDFromDNSContextHTTPS(t *testing.T) {
path: "/dns-query/cli/", path: "/dns-query/cli/",
wantClientID: "cli", wantClientID: "cli",
wantErrMsg: "", wantErrMsg: "",
}, {
name: "clientid_case",
path: "/dns-query/InSeNsItIvE",
wantClientID: "insensitive",
wantErrMsg: ``,
}, { }, {
name: "bad_url", name: "bad_url",
path: "/foo", path: "/foo",

View File

@ -5,6 +5,7 @@ import (
"fmt" "fmt"
"net" "net"
"sort" "sort"
"strings"
"sync" "sync"
"time" "time"
@ -546,7 +547,7 @@ func (clients *clientsContainer) check(c *Client) (err error) {
} else if mac, err = net.ParseMAC(id); err == nil { } else if mac, err = net.ParseMAC(id); err == nil {
c.IDs[i] = mac.String() c.IDs[i] = mac.String()
} else if err = dnsforward.ValidateClientID(id); err == nil { } else if err = dnsforward.ValidateClientID(id); err == nil {
c.IDs[i] = id c.IDs[i] = strings.ToLower(id)
} else { } else {
return fmt.Errorf("invalid clientid at index %d: %q", i, id) return fmt.Errorf("invalid clientid at index %d: %q", i, id)
} }