dnsfilter -- Get rid of accessors.

This commit is contained in:
Eugene Bujak 2018-11-30 13:32:51 +03:00
parent 87c54ebd4c
commit ce615e1855
2 changed files with 34 additions and 42 deletions

View File

@ -88,7 +88,7 @@ func setupPlugin(c *caddy.Controller) (*plug, error) {
switch blockValue { switch blockValue {
case "safebrowsing": case "safebrowsing":
log.Println("Browsing security service is enabled") log.Println("Browsing security service is enabled")
p.d.EnableSafeBrowsing() p.d.SafeBrowsingEnabled = true
if c.NextArg() { if c.NextArg() {
if len(c.Val()) == 0 { if len(c.Val()) == 0 {
return nil, c.ArgErr() return nil, c.ArgErr()
@ -97,7 +97,7 @@ func setupPlugin(c *caddy.Controller) (*plug, error) {
} }
case "safesearch": case "safesearch":
log.Println("Safe search is enabled") log.Println("Safe search is enabled")
p.d.EnableSafeSearch() p.d.SafeSearchEnabled = true
case "parental": case "parental":
if !c.NextArg() { if !c.NextArg() {
return nil, c.ArgErr() return nil, c.ArgErr()
@ -108,10 +108,11 @@ func setupPlugin(c *caddy.Controller) (*plug, error) {
} }
log.Println("Parental control is enabled") log.Println("Parental control is enabled")
err = p.d.EnableParental(sensitivity) if !dnsfilter.IsParentalSensitivityValid(sensitivity) {
if err != nil { return nil, dnsfilter.ErrInvalidParental
return nil, c.ArgErr()
} }
p.d.ParentalEnabled = true
p.d.ParentalSensitivity = sensitivity
if c.NextArg() { if c.NextArg() {
if len(c.Val()) == 0 { if len(c.Val()) == 0 {
return nil, c.ArgErr() return nil, c.ArgErr()

View File

@ -46,13 +46,17 @@ const shortcutLength = 6 // used for rule search optimization, 6 hits the sweet
const enableFastLookup = true // flag for debugging, must be true in production for faster performance const enableFastLookup = true // flag for debugging, must be true in production for faster performance
const enableDelayedCompilation = true // flag for debugging, must be true in production for faster performance const enableDelayedCompilation = true // flag for debugging, must be true in production for faster performance
type config struct { // Config allows you to configure DNS filtering with New() or just change variables directly.
parentalServer string type Config struct {
parentalSensitivity int // must be either 3, 10, 13 or 17 ParentalSensitivity int `yaml:"parental_sensitivity"` // must be either 3, 10, 13 or 17
parentalEnabled bool ParentalEnabled bool `yaml:"parental_enabled"`
safeSearchEnabled bool SafeSearchEnabled bool `yaml:"safesearch_enabled"`
safeBrowsingEnabled bool SafeBrowsingEnabled bool `yaml:"safebrowsing_enabled"`
safeBrowsingServer string }
type privateConfig struct {
parentalServer string // access via methods
safeBrowsingServer string // access via methods
} }
type rule struct { type rule struct {
@ -110,7 +114,8 @@ type Dnsfilter struct {
client http.Client // handle for http client -- single instance as recommended by docs client http.Client // handle for http client -- single instance as recommended by docs
transport *http.Transport // handle for http transport used by http client transport *http.Transport // handle for http transport used by http client
config config Config // for direct access by library users, even a = assignment
privateConfig
} }
type Filter struct { type Filter struct {
@ -176,7 +181,7 @@ func (d *Dnsfilter) CheckHost(host string) (Result, error) {
} }
// check safebrowsing if no match // check safebrowsing if no match
if d.config.safeBrowsingEnabled { if d.SafeBrowsingEnabled {
result, err = d.checkSafeBrowsing(host) result, err = d.checkSafeBrowsing(host)
if err != nil { if err != nil {
// failed to do HTTP lookup -- treat it as if we got empty response, but don't save cache // failed to do HTTP lookup -- treat it as if we got empty response, but don't save cache
@ -189,7 +194,7 @@ func (d *Dnsfilter) CheckHost(host string) (Result, error) {
} }
// check parental if no match // check parental if no match
if d.config.parentalEnabled { if d.ParentalEnabled {
result, err = d.checkParental(host) result, err = d.checkParental(host)
if err != nil { if err != nil {
// failed to do HTTP lookup -- treat it as if we got empty response, but don't save cache // failed to do HTTP lookup -- treat it as if we got empty response, but don't save cache
@ -574,11 +579,11 @@ func hostnameToHashParam(host string, addslash bool) (string, map[string]bool) {
func (d *Dnsfilter) checkSafeBrowsing(host string) (Result, error) { func (d *Dnsfilter) checkSafeBrowsing(host string) (Result, error) {
// prevent recursion -- checking the host of safebrowsing server makes no sense // prevent recursion -- checking the host of safebrowsing server makes no sense
if host == d.config.safeBrowsingServer { if host == d.safeBrowsingServer {
return Result{}, nil return Result{}, nil
} }
format := func(hashparam string) string { format := func(hashparam string) string {
url := fmt.Sprintf(defaultSafebrowsingURL, d.config.safeBrowsingServer, hashparam) url := fmt.Sprintf(defaultSafebrowsingURL, d.safeBrowsingServer, hashparam)
return url return url
} }
handleBody := func(body []byte, hashes map[string]bool) (Result, error) { handleBody := func(body []byte, hashes map[string]bool) (Result, error) {
@ -615,11 +620,11 @@ func (d *Dnsfilter) checkSafeBrowsing(host string) (Result, error) {
func (d *Dnsfilter) checkParental(host string) (Result, error) { func (d *Dnsfilter) checkParental(host string) (Result, error) {
// prevent recursion -- checking the host of parental safety server makes no sense // prevent recursion -- checking the host of parental safety server makes no sense
if host == d.config.parentalServer { if host == d.parentalServer {
return Result{}, nil return Result{}, nil
} }
format := func(hashparam string) string { format := func(hashparam string) string {
url := fmt.Sprintf(defaultParentalURL, d.config.parentalServer, hashparam, d.config.parentalSensitivity) url := fmt.Sprintf(defaultParentalURL, d.parentalServer, hashparam, d.ParentalSensitivity)
return url return url
} }
handleBody := func(body []byte, hashes map[string]bool) (Result, error) { handleBody := func(body []byte, hashes map[string]bool) (Result, error) {
@ -872,8 +877,8 @@ func New() *Dnsfilter {
Transport: d.transport, Transport: d.transport,
Timeout: defaultHTTPTimeout, Timeout: defaultHTTPTimeout,
} }
d.config.safeBrowsingServer = defaultSafebrowsingServer d.safeBrowsingServer = defaultSafebrowsingServer
d.config.parentalServer = defaultParentalServer d.parentalServer = defaultParentalServer
return d return d
} }
@ -890,35 +895,21 @@ func (d *Dnsfilter) Destroy() {
// config manipulation helpers // config manipulation helpers
// //
// EnableSafeBrowsing turns on checking hostnames in malware/phishing database // IsParentalSensitivityValid checks if sensitivity is valid value
func (d *Dnsfilter) EnableSafeBrowsing() { func IsParentalSensitivityValid(sensitivity int) bool {
d.config.safeBrowsingEnabled = true
}
// EnableParental turns on checking hostnames for containing adult content
func (d *Dnsfilter) EnableParental(sensitivity int) error {
switch sensitivity { switch sensitivity {
case 3, 10, 13, 17: case 3, 10, 13, 17:
d.config.parentalSensitivity = sensitivity return true
d.config.parentalEnabled = true
return nil
default:
return ErrInvalidParental
} }
} return false
// EnableSafeSearch turns on enforcing safesearch in search engines
// only used in coredns plugin and requires caller to use SafeSearchDomain()
func (d *Dnsfilter) EnableSafeSearch() {
d.config.safeSearchEnabled = true
} }
// SetSafeBrowsingServer lets you optionally change hostname of safesearch lookup // SetSafeBrowsingServer lets you optionally change hostname of safesearch lookup
func (d *Dnsfilter) SetSafeBrowsingServer(host string) { func (d *Dnsfilter) SetSafeBrowsingServer(host string) {
if len(host) == 0 { if len(host) == 0 {
d.config.safeBrowsingServer = defaultSafebrowsingServer d.safeBrowsingServer = defaultSafebrowsingServer
} else { } else {
d.config.safeBrowsingServer = host d.safeBrowsingServer = host
} }
} }
@ -934,7 +925,7 @@ func (d *Dnsfilter) ResetHTTPTimeout() {
// SafeSearchDomain returns replacement address for search engine // SafeSearchDomain returns replacement address for search engine
func (d *Dnsfilter) SafeSearchDomain(host string) (string, bool) { func (d *Dnsfilter) SafeSearchDomain(host string) (string, bool) {
if d.config.safeSearchEnabled { if d.SafeSearchEnabled {
val, ok := safeSearchDomains[host] val, ok := safeSearchDomains[host]
return val, ok return val, ok
} }