From 679bbcdc26775bc3d961cbeef553dce7aa9c091b Mon Sep 17 00:00:00 2001 From: Ainar Garipov Date: Fri, 15 Jan 2021 20:30:48 +0300 Subject: [PATCH] Pull request: home: don't miss blocked clients in client search api Merge in DNS/adguard-home from 2428-blocked-runtime-fix to master Updates #2428. Squashed commit of the following: commit 8aaa3e22a894f0335ced93339655771989846c94 Author: Ainar Garipov Date: Fri Jan 15 16:32:53 2021 +0300 home: don't miss blocked clients in client search api --- internal/home/clientshttp.go | 48 ++++++++++++++++++++++++++------- internal/home/control_test.go | 4 +-- internal/home/controlinstall.go | 4 +-- scripts/make/go-deps.sh | 10 ++++++- scripts/make/go-tools.sh | 26 ++++++++++++++++-- 5 files changed, 75 insertions(+), 17 deletions(-) diff --git a/internal/home/clientshttp.go b/internal/home/clientshttp.go index d8cc3ee3..51a193f9 100644 --- a/internal/home/clientshttp.go +++ b/internal/home/clientshttp.go @@ -233,24 +233,22 @@ func (clients *clientsContainer) handleFindClient(w http.ResponseWriter, r *http if len(ip) == 0 { break } + el := map[string]interface{}{} c, ok := clients.Find(ip) + var cj clientJSON if !ok { - ch, ok := clients.FindAutoClient(ip) - if !ok { - continue // a client with this IP isn't found + var found bool + cj, found = clients.findTemporary(ip) + if !found { + continue } - cj := clientHostToJSON(ip, ch) - - cj.Disallowed, cj.DisallowedRule = clients.dnsServer.IsBlockedIP(ip) - el[ip] = cj } else { - cj := clientToJSON(&c) - + cj = clientToJSON(&c) cj.Disallowed, cj.DisallowedRule = clients.dnsServer.IsBlockedIP(ip) - el[ip] = cj } + el[ip] = cj data = append(data, el) } @@ -267,6 +265,36 @@ func (clients *clientsContainer) handleFindClient(w http.ResponseWriter, r *http } } +// findTemporary looks up the IP in temporary storages, like autohosts or +// blocklists. +func (clients *clientsContainer) findTemporary(ip string) (cj clientJSON, found bool) { + ch, ok := clients.FindAutoClient(ip) + if !ok { + // It is still possible that the IP used to be in the runtime + // clients list, but then the server was reloaded. So, check + // the DNS server's blocked IP list. + // + // See https://github.com/AdguardTeam/AdGuardHome/issues/2428. + disallowed, rule := clients.dnsServer.IsBlockedIP(ip) + if rule == "" { + return clientJSON{}, false + } + + cj = clientJSON{ + IDs: []string{ip}, + Disallowed: disallowed, + DisallowedRule: rule, + } + + return cj, true + } + + cj = clientHostToJSON(ip, ch) + cj.Disallowed, cj.DisallowedRule = clients.dnsServer.IsBlockedIP(ip) + + return cj, true +} + // RegisterClientsHandlers registers HTTP handlers func (clients *clientsContainer) registerWebHandlers() { httpRegister("GET", "/control/clients", clients.handleGetClients) diff --git a/internal/home/control_test.go b/internal/home/control_test.go index b047b65a..5b08c2bd 100644 --- a/internal/home/control_test.go +++ b/internal/home/control_test.go @@ -68,8 +68,8 @@ kXS9jgARhhiWXJrk data.KeyType == "RSA" && data.Subject == "CN=AdGuard Home,O=AdGuard Ltd" && data.Issuer == "CN=AdGuard Home,O=AdGuard Ltd" && - data.NotBefore == notBefore && - data.NotAfter == notAfter && + data.NotBefore.Equal(notBefore) && + data.NotAfter.Equal(notAfter) && // data.DNSNames[0] == && data.ValidPair) { t.Fatalf("valid cert & priv key: validateCertificates(): %v", data) diff --git a/internal/home/controlinstall.go b/internal/home/controlinstall.go index 7d67d140..2abfc4ba 100644 --- a/internal/home/controlinstall.go +++ b/internal/home/controlinstall.go @@ -109,7 +109,7 @@ func (web *Web) handleInstallCheckConfig(w http.ResponseWriter, r *http.Request) if reqData.Web.Port != 0 && reqData.Web.Port != config.BindPort && reqData.Web.Port != config.BetaBindPort { err = util.CheckPortAvailable(reqData.Web.IP, reqData.Web.Port) if err != nil { - respData.Web.Status = fmt.Sprintf("%v", err) + respData.Web.Status = err.Error() } } @@ -137,7 +137,7 @@ func (web *Web) handleInstallCheckConfig(w http.ResponseWriter, r *http.Request) } if err != nil { - respData.DNS.Status = fmt.Sprintf("%v", err) + respData.DNS.Status = err.Error() } else if reqData.DNS.IP != "0.0.0.0" { respData.StaticIP = handleStaticIP(reqData.DNS.IP, reqData.SetStaticIP) } diff --git a/scripts/make/go-deps.sh b/scripts/make/go-deps.sh index f9bfb365..f3c8a77b 100644 --- a/scripts/make/go-deps.sh +++ b/scripts/make/go-deps.sh @@ -27,5 +27,13 @@ go="${GO:-go}" # those aren't set. "$go" mod download $x_flags -env GOBIN="${PWD}/bin" "$go" install $v_flags $x_flags\ +# Reset GOARCH and GOOS to make sure we install the tools for the native +# architecture even when we're cross-compiling the main binary, and also +# to prevent the "cannot install cross-compiled binaries when GOBIN is +# set" error. +env\ + GOARCH=""\ + GOOS=""\ + GOBIN="${PWD}/bin"\ + "$go" install $v_flags $x_flags\ github.com/gobuffalo/packr/packr diff --git a/scripts/make/go-tools.sh b/scripts/make/go-tools.sh index 6c96e1cb..32e30c08 100644 --- a/scripts/make/go-tools.sh +++ b/scripts/make/go-tools.sh @@ -2,16 +2,38 @@ verbose="${VERBOSE:-0}" -if [ "$verbose" -gt '0' ] +if [ "$verbose" -gt '1' ] then set -x + readonly v_flags='-v' + readonly x_flags='-x' +elif [ "$verbose" -gt '0' ] +then + set -x + readonly v_flags='-v' + readonly x_flags='' +else + set +x + readonly v_flags='' + readonly x_flags='' fi set -e -f -u +go="${GO:-go}" + # TODO(a.garipov): Add goconst? -env GOBIN="${PWD}/bin" "$GO" install --modfile=./internal/tools/go.mod\ +# Reset GOARCH and GOOS to make sure we install the tools for the native +# architecture even when we're cross-compiling the main binary, and also +# to prevent the "cannot install cross-compiled binaries when GOBIN is +# set" error. +env\ + GOARCH=""\ + GOOS=""\ + GOBIN="${PWD}/bin"\ + "$go" install --modfile=./internal/tools/go.mod\ + $v_flags $x_flags\ github.com/fzipp/gocyclo/cmd/gocyclo\ github.com/golangci/misspell/cmd/misspell\ github.com/gordonklaus/ineffassign\