Pull request: dnsfilter: imp code, decr cyclo
Updates #2646. Squashed commit of the following: commit c153f08bcf5ade4d0fb9b59d2a0e6a21598c4127 Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Thu Mar 25 21:03:51 2021 +0300 dnsfilter: imp code, decr cyclo
This commit is contained in:
parent
8c735d0dd5
commit
9631eff608
@ -659,6 +659,55 @@ func (d *DNSFilter) matchHostProcessAllowList(host string, dnsres urlfilter.DNSR
|
|||||||
return makeResult(rule, NotFilteredAllowList), nil
|
return makeResult(rule, NotFilteredAllowList), nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// matchHostProcessDNSResult processes the matched DNS filtering result.
|
||||||
|
func (d *DNSFilter) matchHostProcessDNSResult(
|
||||||
|
qtype uint16,
|
||||||
|
dnsres urlfilter.DNSResult,
|
||||||
|
) (res Result) {
|
||||||
|
if dnsres.NetworkRule != nil {
|
||||||
|
reason := FilteredBlockList
|
||||||
|
if dnsres.NetworkRule.Whitelist {
|
||||||
|
reason = NotFilteredAllowList
|
||||||
|
}
|
||||||
|
|
||||||
|
return makeResult(dnsres.NetworkRule, reason)
|
||||||
|
}
|
||||||
|
|
||||||
|
if qtype == dns.TypeA && dnsres.HostRulesV4 != nil {
|
||||||
|
rule := dnsres.HostRulesV4[0]
|
||||||
|
res = makeResult(rule, FilteredBlockList)
|
||||||
|
res.Rules[0].IP = rule.IP.To4()
|
||||||
|
|
||||||
|
return res
|
||||||
|
}
|
||||||
|
|
||||||
|
if qtype == dns.TypeAAAA && dnsres.HostRulesV6 != nil {
|
||||||
|
rule := dnsres.HostRulesV6[0]
|
||||||
|
res = makeResult(rule, FilteredBlockList)
|
||||||
|
res.Rules[0].IP = rule.IP.To16()
|
||||||
|
|
||||||
|
return res
|
||||||
|
}
|
||||||
|
|
||||||
|
if dnsres.HostRulesV4 != nil || dnsres.HostRulesV6 != nil {
|
||||||
|
// Question type doesn't match the host rules. Return the first
|
||||||
|
// matched host rule, but without an IP address.
|
||||||
|
var rule rules.Rule
|
||||||
|
if dnsres.HostRulesV4 != nil {
|
||||||
|
rule = dnsres.HostRulesV4[0]
|
||||||
|
} else if dnsres.HostRulesV6 != nil {
|
||||||
|
rule = dnsres.HostRulesV6[0]
|
||||||
|
}
|
||||||
|
|
||||||
|
res = makeResult(rule, FilteredBlockList)
|
||||||
|
res.Rules[0].IP = net.IP{}
|
||||||
|
|
||||||
|
return res
|
||||||
|
}
|
||||||
|
|
||||||
|
return Result{}
|
||||||
|
}
|
||||||
|
|
||||||
// matchHost is a low-level way to check only if hostname is filtered by rules,
|
// matchHost is a low-level way to check only if hostname is filtered by rules,
|
||||||
// skipping expensive safebrowsing and parental lookups.
|
// skipping expensive safebrowsing and parental lookups.
|
||||||
func (d *DNSFilter) matchHost(
|
func (d *DNSFilter) matchHost(
|
||||||
@ -697,13 +746,12 @@ func (d *DNSFilter) matchHost(
|
|||||||
|
|
||||||
dnsres, ok := d.filteringEngine.MatchRequest(ureq)
|
dnsres, ok := d.filteringEngine.MatchRequest(ureq)
|
||||||
|
|
||||||
// Check DNS rewrites first, because the API there is a bit
|
// Check DNS rewrites first, because the API there is a bit awkward.
|
||||||
// awkward.
|
|
||||||
if dnsr := dnsres.DNSRewrites(); len(dnsr) > 0 {
|
if dnsr := dnsres.DNSRewrites(); len(dnsr) > 0 {
|
||||||
res = d.processDNSRewrites(dnsr)
|
res = d.processDNSRewrites(dnsr)
|
||||||
if res.Reason == RewrittenRule && res.CanonName == host {
|
if res.Reason == RewrittenRule && res.CanonName == host {
|
||||||
// A rewrite of a host to itself. Go on and
|
// A rewrite of a host to itself. Go on and try
|
||||||
// try matching other things.
|
// matching other things.
|
||||||
} else {
|
} else {
|
||||||
return res, nil
|
return res, nil
|
||||||
}
|
}
|
||||||
@ -711,55 +759,18 @@ func (d *DNSFilter) matchHost(
|
|||||||
return Result{}, nil
|
return Result{}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
if dnsres.NetworkRule != nil {
|
res = d.matchHostProcessDNSResult(qtype, dnsres)
|
||||||
log.Debug("Filtering: found rule for host %q: %q list_id: %d",
|
if len(res.Rules) > 0 {
|
||||||
host, dnsres.NetworkRule.Text(), dnsres.NetworkRule.GetFilterListID())
|
r := res.Rules[0]
|
||||||
reason := FilteredBlockList
|
log.Debug(
|
||||||
if dnsres.NetworkRule.Whitelist {
|
"filtering: found rule %q for host %q, filter list id: %d",
|
||||||
reason = NotFilteredAllowList
|
r.Text,
|
||||||
|
host,
|
||||||
|
r.FilterListID,
|
||||||
|
)
|
||||||
}
|
}
|
||||||
|
|
||||||
return makeResult(dnsres.NetworkRule, reason), nil
|
|
||||||
}
|
|
||||||
|
|
||||||
if qtype == dns.TypeA && dnsres.HostRulesV4 != nil {
|
|
||||||
rule := dnsres.HostRulesV4[0] // note that we process only 1 matched rule
|
|
||||||
log.Debug("Filtering: found rule for host %q: %q list_id: %d",
|
|
||||||
host, rule.Text(), rule.GetFilterListID())
|
|
||||||
res = makeResult(rule, FilteredBlockList)
|
|
||||||
res.Rules[0].IP = rule.IP.To4()
|
|
||||||
|
|
||||||
return res, nil
|
return res, nil
|
||||||
}
|
|
||||||
|
|
||||||
if qtype == dns.TypeAAAA && dnsres.HostRulesV6 != nil {
|
|
||||||
rule := dnsres.HostRulesV6[0] // note that we process only 1 matched rule
|
|
||||||
log.Debug("Filtering: found rule for host %q: %q list_id: %d",
|
|
||||||
host, rule.Text(), rule.GetFilterListID())
|
|
||||||
res = makeResult(rule, FilteredBlockList)
|
|
||||||
res.Rules[0].IP = rule.IP
|
|
||||||
|
|
||||||
return res, nil
|
|
||||||
}
|
|
||||||
|
|
||||||
if dnsres.HostRulesV4 != nil || dnsres.HostRulesV6 != nil {
|
|
||||||
// Question Type doesn't match the host rules
|
|
||||||
// Return the first matched host rule, but without an IP address
|
|
||||||
var rule rules.Rule
|
|
||||||
if dnsres.HostRulesV4 != nil {
|
|
||||||
rule = dnsres.HostRulesV4[0]
|
|
||||||
} else if dnsres.HostRulesV6 != nil {
|
|
||||||
rule = dnsres.HostRulesV6[0]
|
|
||||||
}
|
|
||||||
log.Debug("Filtering: found rule for host %q: %q list_id: %d",
|
|
||||||
host, rule.Text(), rule.GetFilterListID())
|
|
||||||
res = makeResult(rule, FilteredBlockList)
|
|
||||||
res.Rules[0].IP = net.IP{}
|
|
||||||
|
|
||||||
return res, nil
|
|
||||||
}
|
|
||||||
|
|
||||||
return Result{}, nil
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// makeResult returns a properly constructed Result.
|
// makeResult returns a properly constructed Result.
|
||||||
|
@ -128,6 +128,12 @@ exit_on_output() (
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
# Constants
|
||||||
|
|
||||||
|
readonly go_files='./main.go ./tools.go ./internal/'
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# Checks
|
# Checks
|
||||||
|
|
||||||
exit_on_output blocklist_imports
|
exit_on_output blocklist_imports
|
||||||
@ -142,11 +148,12 @@ golint --set_exit_status ./...
|
|||||||
|
|
||||||
"$GO" vet ./...
|
"$GO" vet ./...
|
||||||
|
|
||||||
gocyclo --over 19 .
|
# Here and below, don't use quotes to get word splitting.
|
||||||
|
gocyclo --over 18 $go_files
|
||||||
|
|
||||||
gosec --quiet .
|
gosec --quiet $go_files
|
||||||
|
|
||||||
ineffassign .
|
ineffassign ./...
|
||||||
|
|
||||||
unparam ./...
|
unparam ./...
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user