Pull request: all: imp docs, names

Merge in DNS/adguard-home from imp-text to master

Squashed commit of the following:

commit fa7d64014fb2ac379e1c137eaccc7aefca86419d
Author: Ainar Garipov <A.Garipov@AdGuard.COM>
Date:   Fri Jun 11 17:09:00 2021 +0300

    all: imp docs, names
This commit is contained in:
Ainar Garipov 2021-06-18 18:13:36 +03:00
parent 3ee0369cb9
commit dab7b439d1
25 changed files with 110 additions and 112 deletions

View File

@ -20,7 +20,7 @@ Please answer the following questions for yourself before submitting an issue. *
* **Version of AdGuard Home server:** * **Version of AdGuard Home server:**
* <!-- (e.g. v0.123.4) --> * <!-- (e.g. v0.123.4) -->
* **How did you install AdGuard Home:** * **How did you install AdGuard Home:**
* <!-- (e.g. Built from source, Snapcraft, Docker, Github releases, etc.) --> * <!-- (e.g. Built from source, Snapcraft, Docker, GitHub releases, etc.) -->
* **How did you setup DNS configuration:** * **How did you setup DNS configuration:**
* <!-- (System/Router/IoT) --> * <!-- (System/Router/IoT) -->
* **If it's a router or IoT, please write device model:** * **If it's a router or IoT, please write device model:**

View File

@ -34,11 +34,11 @@
'jobs': 'jobs':
- 'Publish to Snapstore' - 'Publish to Snapstore'
- 'Publish to Github Releases': - 'Publish to GitHub Releases':
'manual': false 'manual': false
'final': false 'final': false
'jobs': 'jobs':
- 'Publish to Github Releases' - 'Publish to GitHub Releases'
'Make release': 'Make release':
'docker': 'docker':
@ -194,7 +194,7 @@
'requirements': 'requirements':
- 'adg-docker': 'true' - 'adg-docker': 'true'
'Publish to Github Releases': 'Publish to GitHub Releases':
'key': 'PTGR' 'key': 'PTGR'
'other': 'other':
'clean-working-dir': true 'clean-working-dir': true
@ -215,7 +215,7 @@
export CHANNEL="${bamboo.channel}" export CHANNEL="${bamboo.channel}"
if [ "$CHANNEL" != 'release' ] && [ "${CHANNEL}" != 'beta' ] if [ "$CHANNEL" != 'release' ] && [ "${CHANNEL}" != 'beta' ]
then then
echo "don't publish to Github Releases for this channel" echo "don't publish to GitHub Releases for this channel"
exit 0 exit 0
fi fi

View File

@ -13,8 +13,8 @@ import (
"github.com/AdguardTeam/golibs/errors" "github.com/AdguardTeam/golibs/errors"
) )
// hardwarePortInfo - information obtained using MacOS networksetup // hardwarePortInfo contains information about the current state of the internet
// about the current state of the internet connection // connection obtained from macOS networksetup.
type hardwarePortInfo struct { type hardwarePortInfo struct {
name string name string
ip string ip string

View File

@ -109,7 +109,7 @@ type quicSession interface {
} }
// processClientID extracts the client's ID from the server name of the client's // processClientID extracts the client's ID from the server name of the client's
// DOT or DOQ request or the path of the client's DOH. // DoT or DoQ request or the path of the client's DoH.
func processClientID(dctx *dnsContext) (rc resultCode) { func processClientID(dctx *dnsContext) (rc resultCode) {
pctx := dctx.proxyCtx pctx := dctx.proxyCtx
proto := pctx.Proto proto := pctx.Proto

View File

@ -167,7 +167,7 @@ type ServerConfig struct {
FilteringConfig FilteringConfig
TLSConfig TLSConfig
DNSCryptConfig DNSCryptConfig
TLSAllowUnencryptedDOH bool TLSAllowUnencryptedDoH bool
// UpstreamTimeout is the timeout for querying upstream servers. // UpstreamTimeout is the timeout for querying upstream servers.
UpstreamTimeout time.Duration UpstreamTimeout time.Duration

View File

@ -32,7 +32,7 @@ type dnsContext struct {
unreversedReqIP net.IP unreversedReqIP net.IP
// err is the error returned from a processing function. // err is the error returned from a processing function.
err error err error
// clientID is the clientID from DOH, DOQ, or DOT, if provided. // clientID is the clientID from DoH, DoQ, or DoT, if provided.
clientID string clientID string
// origQuestion is the question received from the client. It is set // origQuestion is the question received from the client. It is set
// when the request is modified by rewrites. // when the request is modified by rewrites.

View File

@ -621,11 +621,11 @@ func (s *Server) handleTestUpstreamDNS(w http.ResponseWriter, r *http.Request) {
// Control flow: // Control flow:
// web // web
// -> dnsforward.handleDOH -> dnsforward.ServeHTTP // -> dnsforward.handleDoH -> dnsforward.ServeHTTP
// -> proxy.ServeHTTP -> proxy.handleDNSRequest // -> proxy.ServeHTTP -> proxy.handleDNSRequest
// -> dnsforward.handleDNSRequest // -> dnsforward.handleDNSRequest
func (s *Server) handleDOH(w http.ResponseWriter, r *http.Request) { func (s *Server) handleDoH(w http.ResponseWriter, r *http.Request) {
if !s.conf.TLSAllowUnencryptedDOH && r.TLS == nil { if !s.conf.TLSAllowUnencryptedDoH && r.TLS == nil {
httpError(r, w, http.StatusNotFound, "Not Found") httpError(r, w, http.StatusNotFound, "Not Found")
return return
} }
@ -653,6 +653,6 @@ func (s *Server) registerHandlers() {
// See go doc net/http.ServeMux. // See go doc net/http.ServeMux.
// //
// See also https://github.com/AdguardTeam/AdGuardHome/issues/2628. // See also https://github.com/AdguardTeam/AdGuardHome/issues/2628.
s.conf.HTTPRegister("", "/dns-query", s.handleDOH) s.conf.HTTPRegister("", "/dns-query", s.handleDoH)
s.conf.HTTPRegister("", "/dns-query/", s.handleDOH) s.conf.HTTPRegister("", "/dns-query/", s.handleDoH)
} }

View File

@ -44,11 +44,11 @@ func processQueryLogsAndStats(ctx *dnsContext) (rc resultCode) {
switch pctx.Proto { switch pctx.Proto {
case proxy.ProtoHTTPS: case proxy.ProtoHTTPS:
p.ClientProto = querylog.ClientProtoDOH p.ClientProto = querylog.ClientProtoDoH
case proxy.ProtoQUIC: case proxy.ProtoQUIC:
p.ClientProto = querylog.ClientProtoDOQ p.ClientProto = querylog.ClientProtoDoQ
case proxy.ProtoTLS: case proxy.ProtoTLS:
p.ClientProto = querylog.ClientProtoDOT p.ClientProto = querylog.ClientProtoDoT
case proxy.ProtoDNSCrypt: case proxy.ProtoDNSCrypt:
p.ClientProto = querylog.ClientProtoDNSCrypt p.ClientProto = querylog.ClientProtoDNSCrypt
default: default:

View File

@ -69,7 +69,7 @@ func TestProcessQueryLogsAndStats(t *testing.T) {
proto: proxy.ProtoTLS, proto: proxy.ProtoTLS,
addr: &net.TCPAddr{IP: net.IP{1, 2, 3, 4}, Port: 1234}, addr: &net.TCPAddr{IP: net.IP{1, 2, 3, 4}, Port: 1234},
clientID: "cli42", clientID: "cli42",
wantLogProto: querylog.ClientProtoDOT, wantLogProto: querylog.ClientProtoDoT,
wantStatClient: "cli42", wantStatClient: "cli42",
wantCode: resultCodeSuccess, wantCode: resultCodeSuccess,
reason: filtering.NotFilteredNotFound, reason: filtering.NotFilteredNotFound,
@ -79,7 +79,7 @@ func TestProcessQueryLogsAndStats(t *testing.T) {
proto: proxy.ProtoTLS, proto: proxy.ProtoTLS,
addr: &net.TCPAddr{IP: net.IP{1, 2, 3, 4}, Port: 1234}, addr: &net.TCPAddr{IP: net.IP{1, 2, 3, 4}, Port: 1234},
clientID: "", clientID: "",
wantLogProto: querylog.ClientProtoDOT, wantLogProto: querylog.ClientProtoDoT,
wantStatClient: "1.2.3.4", wantStatClient: "1.2.3.4",
wantCode: resultCodeSuccess, wantCode: resultCodeSuccess,
reason: filtering.NotFilteredNotFound, reason: filtering.NotFilteredNotFound,
@ -89,7 +89,7 @@ func TestProcessQueryLogsAndStats(t *testing.T) {
proto: proxy.ProtoQUIC, proto: proxy.ProtoQUIC,
addr: &net.UDPAddr{IP: net.IP{1, 2, 3, 4}, Port: 1234}, addr: &net.UDPAddr{IP: net.IP{1, 2, 3, 4}, Port: 1234},
clientID: "", clientID: "",
wantLogProto: querylog.ClientProtoDOQ, wantLogProto: querylog.ClientProtoDoQ,
wantStatClient: "1.2.3.4", wantStatClient: "1.2.3.4",
wantCode: resultCodeSuccess, wantCode: resultCodeSuccess,
reason: filtering.NotFilteredNotFound, reason: filtering.NotFilteredNotFound,
@ -99,7 +99,7 @@ func TestProcessQueryLogsAndStats(t *testing.T) {
proto: proxy.ProtoHTTPS, proto: proxy.ProtoHTTPS,
addr: &net.TCPAddr{IP: net.IP{1, 2, 3, 4}, Port: 1234}, addr: &net.TCPAddr{IP: net.IP{1, 2, 3, 4}, Port: 1234},
clientID: "", clientID: "",
wantLogProto: querylog.ClientProtoDOH, wantLogProto: querylog.ClientProtoDoH,
wantStatClient: "1.2.3.4", wantStatClient: "1.2.3.4",
wantCode: resultCodeSuccess, wantCode: resultCodeSuccess,
reason: filtering.NotFilteredNotFound, reason: filtering.NotFilteredNotFound,

View File

@ -63,13 +63,13 @@ const (
// RuntimeClient information // RuntimeClient information
type RuntimeClient struct { type RuntimeClient struct {
WhoisInfo *RuntimeClientWhoisInfo WHOISInfo *RuntimeClientWHOISInfo
Host string Host string
Source clientSource Source clientSource
} }
// RuntimeClientWhoisInfo is the filtered WHOIS data for a runtime client. // RuntimeClientWHOISInfo is the filtered WHOIS data for a runtime client.
type RuntimeClientWhoisInfo struct { type RuntimeClientWHOISInfo struct {
City string `json:"city,omitempty"` City string `json:"city,omitempty"`
Country string `json:"country,omitempty"` Country string `json:"country,omitempty"`
Orgname string `json:"orgname,omitempty"` Orgname string `json:"orgname,omitempty"`
@ -270,12 +270,12 @@ func (clients *clientsContainer) Exists(id string, source clientSource) (ok bool
return source <= rc.Source return source <= rc.Source
} }
func toQueryLogWhois(wi *RuntimeClientWhoisInfo) (cw *querylog.ClientWhois) { func toQueryLogWHOIS(wi *RuntimeClientWHOISInfo) (cw *querylog.ClientWHOIS) {
if wi == nil { if wi == nil {
return &querylog.ClientWhois{} return &querylog.ClientWHOIS{}
} }
return &querylog.ClientWhois{ return &querylog.ClientWHOIS{
City: wi.City, City: wi.City,
Country: wi.Country, Country: wi.Country,
Orgname: wi.Orgname, Orgname: wi.Orgname,
@ -287,7 +287,7 @@ func toQueryLogWhois(wi *RuntimeClientWhoisInfo) (cw *querylog.ClientWhois) {
func (clients *clientsContainer) findMultiple(ids []string) (c *querylog.Client, err error) { func (clients *clientsContainer) findMultiple(ids []string) (c *querylog.Client, err error) {
for _, id := range ids { for _, id := range ids {
var name string var name string
whois := &querylog.ClientWhois{} whois := &querylog.ClientWHOIS{}
c, ok := clients.Find(id) c, ok := clients.Find(id)
if ok { if ok {
@ -300,7 +300,7 @@ func (clients *clientsContainer) findMultiple(ids []string) (c *querylog.Client,
} }
name = rc.Host name = rc.Host
whois = toQueryLogWhois(rc.WhoisInfo) whois = toQueryLogWHOIS(rc.WHOISInfo)
} }
ip := net.ParseIP(id) ip := net.ParseIP(id)
@ -309,7 +309,7 @@ func (clients *clientsContainer) findMultiple(ids []string) (c *querylog.Client,
return &querylog.Client{ return &querylog.Client{
Name: name, Name: name,
DisallowedRule: disallowedRule, DisallowedRule: disallowedRule,
Whois: whois, WHOIS: whois,
Disallowed: disallowed, Disallowed: disallowed,
}, nil }, nil
} }
@ -620,8 +620,8 @@ func (clients *clientsContainer) Update(name string, c *Client) (err error) {
return nil return nil
} }
// SetWhoisInfo sets the WHOIS information for a client. // SetWHOISInfo sets the WHOIS information for a client.
func (clients *clientsContainer) SetWhoisInfo(ip string, wi *RuntimeClientWhoisInfo) { func (clients *clientsContainer) SetWHOISInfo(ip string, wi *RuntimeClientWHOISInfo) {
clients.lock.Lock() clients.lock.Lock()
defer clients.lock.Unlock() defer clients.lock.Unlock()
@ -633,7 +633,7 @@ func (clients *clientsContainer) SetWhoisInfo(ip string, wi *RuntimeClientWhoisI
rc, ok := clients.ipToRC[ip] rc, ok := clients.ipToRC[ip]
if ok { if ok {
rc.WhoisInfo = wi rc.WHOISInfo = wi
log.Debug("clients: set whois info for runtime client %s: %+v", rc.Host, wi) log.Debug("clients: set whois info for runtime client %s: %+v", rc.Host, wi)
return return
@ -645,7 +645,7 @@ func (clients *clientsContainer) SetWhoisInfo(ip string, wi *RuntimeClientWhoisI
Source: ClientSourceWHOIS, Source: ClientSourceWHOIS,
} }
rc.WhoisInfo = wi rc.WHOISInfo = wi
clients.ipToRC[ip] = rc clients.ipToRC[ip] = rc
log.Debug("clients: set whois info for runtime client with ip %s: %+v", ip, wi) log.Debug("clients: set whois info for runtime client with ip %s: %+v", ip, wi)
@ -676,7 +676,7 @@ func (clients *clientsContainer) addHostLocked(ip, host string, src clientSource
rc = &RuntimeClient{ rc = &RuntimeClient{
Host: host, Host: host,
Source: src, Source: src,
WhoisInfo: &RuntimeClientWhoisInfo{}, WHOISInfo: &RuntimeClientWHOISInfo{},
} }
clients.ipToRC[ip] = rc clients.ipToRC[ip] = rc

View File

@ -172,25 +172,25 @@ func TestClients(t *testing.T) {
}) })
} }
func TestClientsWhois(t *testing.T) { func TestClientsWHOIS(t *testing.T) {
clients := clientsContainer{ clients := clientsContainer{
testing: true, testing: true,
} }
clients.Init(nil, nil, nil) clients.Init(nil, nil, nil)
whois := &RuntimeClientWhoisInfo{ whois := &RuntimeClientWHOISInfo{
Country: "AU", Country: "AU",
Orgname: "Example Org", Orgname: "Example Org",
} }
t.Run("new_client", func(t *testing.T) { t.Run("new_client", func(t *testing.T) {
clients.SetWhoisInfo("1.1.1.255", whois) clients.SetWHOISInfo("1.1.1.255", whois)
require.NotNil(t, clients.ipToRC["1.1.1.255"]) require.NotNil(t, clients.ipToRC["1.1.1.255"])
h := clients.ipToRC["1.1.1.255"] h := clients.ipToRC["1.1.1.255"]
require.NotNil(t, h) require.NotNil(t, h)
assert.Equal(t, h.WhoisInfo, whois) assert.Equal(t, h.WHOISInfo, whois)
}) })
t.Run("existing_auto-client", func(t *testing.T) { t.Run("existing_auto-client", func(t *testing.T) {
@ -198,13 +198,13 @@ func TestClientsWhois(t *testing.T) {
require.NoError(t, err) require.NoError(t, err)
assert.True(t, ok) assert.True(t, ok)
clients.SetWhoisInfo("1.1.1.1", whois) clients.SetWHOISInfo("1.1.1.1", whois)
require.NotNil(t, clients.ipToRC["1.1.1.1"]) require.NotNil(t, clients.ipToRC["1.1.1.1"])
h := clients.ipToRC["1.1.1.1"] h := clients.ipToRC["1.1.1.1"]
require.NotNil(t, h) require.NotNil(t, h)
assert.Equal(t, h.WhoisInfo, whois) assert.Equal(t, h.WHOISInfo, whois)
}) })
t.Run("can't_set_manually-added", func(t *testing.T) { t.Run("can't_set_manually-added", func(t *testing.T) {
@ -215,7 +215,7 @@ func TestClientsWhois(t *testing.T) {
require.NoError(t, err) require.NoError(t, err)
assert.True(t, ok) assert.True(t, ok)
clients.SetWhoisInfo("1.1.1.2", whois) clients.SetWHOISInfo("1.1.1.2", whois)
require.Nil(t, clients.ipToRC["1.1.1.2"]) require.Nil(t, clients.ipToRC["1.1.1.2"])
assert.True(t, clients.Del("client1")) assert.True(t, clients.Del("client1"))
}) })

View File

@ -24,7 +24,7 @@ type clientJSON struct {
// the allowlist. // the allowlist.
DisallowedRule *string `json:"disallowed_rule,omitempty"` DisallowedRule *string `json:"disallowed_rule,omitempty"`
WhoisInfo *RuntimeClientWhoisInfo `json:"whois_info,omitempty"` WHOISInfo *RuntimeClientWHOISInfo `json:"whois_info,omitempty"`
Name string `json:"name"` Name string `json:"name"`
@ -42,7 +42,7 @@ type clientJSON struct {
} }
type runtimeClientJSON struct { type runtimeClientJSON struct {
WhoisInfo *RuntimeClientWhoisInfo `json:"whois_info"` WHOISInfo *RuntimeClientWHOISInfo `json:"whois_info"`
IP string `json:"ip"` IP string `json:"ip"`
Name string `json:"name"` Name string `json:"name"`
@ -70,7 +70,7 @@ func (clients *clientsContainer) handleGetClients(w http.ResponseWriter, _ *http
cj := runtimeClientJSON{ cj := runtimeClientJSON{
IP: ip, IP: ip,
Name: rc.Host, Name: rc.Host,
WhoisInfo: rc.WhoisInfo, WHOISInfo: rc.WHOISInfo,
} }
cj.Source = "etc/hosts" cj.Source = "etc/hosts"
@ -143,7 +143,7 @@ func runtimeClientToJSON(ip string, rc RuntimeClient) (cj clientJSON) {
cj = clientJSON{ cj = clientJSON{
Name: rc.Host, Name: rc.Host,
IDs: []string{ip}, IDs: []string{ip},
WhoisInfo: rc.WhoisInfo, WHOISInfo: rc.WHOISInfo,
} }
return cj return cj
@ -287,7 +287,7 @@ func (clients *clientsContainer) findRuntime(ip net.IP, idStr string) (cj client
IDs: []string{idStr}, IDs: []string{idStr},
Disallowed: &disallowed, Disallowed: &disallowed,
DisallowedRule: &rule, DisallowedRule: &rule,
WhoisInfo: &RuntimeClientWhoisInfo{}, WHOISInfo: &RuntimeClientWHOISInfo{},
} }
return cj, true return cj, true

View File

@ -135,11 +135,11 @@ type dnsConfig struct {
} }
type tlsConfigSettings struct { type tlsConfigSettings struct {
Enabled bool `yaml:"enabled" json:"enabled"` // Enabled is the encryption (DOT/DOH/HTTPS) status Enabled bool `yaml:"enabled" json:"enabled"` // Enabled is the encryption (DoT/DoH/HTTPS) status
ServerName string `yaml:"server_name" json:"server_name,omitempty"` // ServerName is the hostname of your HTTPS/TLS server ServerName string `yaml:"server_name" json:"server_name,omitempty"` // ServerName is the hostname of your HTTPS/TLS server
ForceHTTPS bool `yaml:"force_https" json:"force_https,omitempty"` // ForceHTTPS: if true, forces HTTP->HTTPS redirect ForceHTTPS bool `yaml:"force_https" json:"force_https,omitempty"` // ForceHTTPS: if true, forces HTTP->HTTPS redirect
PortHTTPS int `yaml:"port_https" json:"port_https,omitempty"` // HTTPS port. If 0, HTTPS will be disabled PortHTTPS int `yaml:"port_https" json:"port_https,omitempty"` // HTTPS port. If 0, HTTPS will be disabled
PortDNSOverTLS int `yaml:"port_dns_over_tls" json:"port_dns_over_tls,omitempty"` // DNS-over-TLS port. If 0, DOT will be disabled PortDNSOverTLS int `yaml:"port_dns_over_tls" json:"port_dns_over_tls,omitempty"` // DNS-over-TLS port. If 0, DoT will be disabled
PortDNSOverQUIC int `yaml:"port_dns_over_quic" json:"port_dns_over_quic,omitempty"` // DNS-over-QUIC port. If 0, DoQ will be disabled PortDNSOverQUIC int `yaml:"port_dns_over_quic" json:"port_dns_over_quic,omitempty"` // DNS-over-QUIC port. If 0, DoQ will be disabled
// PortDNSCrypt is the port for DNSCrypt requests. If it's zero, // PortDNSCrypt is the port for DNSCrypt requests. If it's zero,
@ -152,8 +152,8 @@ type tlsConfigSettings struct {
// https://github.com/ameshkov/dnscrypt. // https://github.com/ameshkov/dnscrypt.
DNSCryptConfigFile string `yaml:"dnscrypt_config_file" json:"dnscrypt_config_file"` DNSCryptConfigFile string `yaml:"dnscrypt_config_file" json:"dnscrypt_config_file"`
// Allow DOH queries via unencrypted HTTP (e.g. for reverse proxying) // Allow DoH queries via unencrypted HTTP (e.g. for reverse proxying)
AllowUnencryptedDOH bool `yaml:"allow_unencrypted_doh" json:"allow_unencrypted_doh"` AllowUnencryptedDoH bool `yaml:"allow_unencrypted_doh" json:"allow_unencrypted_doh"`
dnsforward.TLSConfig `yaml:",inline" json:",inline"` dnsforward.TLSConfig `yaml:",inline" json:",inline"`
} }

View File

@ -198,9 +198,9 @@ func registerControlHandlers() {
httpRegister(http.MethodPost, "/control/update", handleUpdate) httpRegister(http.MethodPost, "/control/update", handleUpdate)
httpRegister(http.MethodGet, "/control/profile", handleGetProfile) httpRegister(http.MethodGet, "/control/profile", handleGetProfile)
// No auth is necessary for DOH/DOT configurations // No auth is necessary for DoH/DoT configurations
Context.mux.HandleFunc("/apple/doh.mobileconfig", postInstall(handleMobileConfigDOH)) Context.mux.HandleFunc("/apple/doh.mobileconfig", postInstall(handleMobileConfigDoH))
Context.mux.HandleFunc("/apple/dot.mobileconfig", postInstall(handleMobileConfigDOT)) Context.mux.HandleFunc("/apple/dot.mobileconfig", postInstall(handleMobileConfigDoT))
RegisterAuthHandlers() RegisterAuthHandlers()
} }

View File

@ -95,7 +95,7 @@ func initDNSServer() error {
} }
Context.rdns = NewRDNS(Context.dnsServer, &Context.clients, config.DNS.UsePrivateRDNS) Context.rdns = NewRDNS(Context.dnsServer, &Context.clients, config.DNS.UsePrivateRDNS)
Context.whois = initWhois(&Context.clients) Context.whois = initWHOIS(&Context.clients)
Context.filters.Init() Context.filters.Init()
return nil return nil
@ -194,7 +194,7 @@ func generateServerConfig() (newConf dnsforward.ServerConfig, err error) {
newConf.TLSv12Roots = Context.tlsRoots newConf.TLSv12Roots = Context.tlsRoots
newConf.TLSCiphers = Context.tlsCiphers newConf.TLSCiphers = Context.tlsCiphers
newConf.TLSAllowUnencryptedDOH = tlsConf.AllowUnencryptedDOH newConf.TLSAllowUnencryptedDoH = tlsConf.AllowUnencryptedDoH
newConf.FilterHandler = applyAdditionalFiltering newConf.FilterHandler = applyAdditionalFiltering
newConf.GetCustomUpstreamByClient = Context.clients.findUpstreams newConf.GetCustomUpstreamByClient = Context.clients.findUpstreams

View File

@ -48,7 +48,7 @@ type homeContext struct {
queryLog querylog.QueryLog // query log module queryLog querylog.QueryLog // query log module
dnsServer *dnsforward.Server // DNS module dnsServer *dnsforward.Server // DNS module
rdns *RDNS // rDNS module rdns *RDNS // rDNS module
whois *Whois // WHOIS module whois *WHOIS // WHOIS module
dnsFilter *filtering.DNSFilter // DNS filtering module dnsFilter *filtering.DNSFilter // DNS filtering module
dhcpServer *dhcpd.Server // DHCP module dhcpServer *dhcpd.Server // DHCP module
auth *Auth // HTTP authentication module auth *Auth // HTTP authentication module

View File

@ -163,10 +163,10 @@ func handleMobileConfig(w http.ResponseWriter, r *http.Request, dnsp string) {
_, _ = w.Write(mobileconfig) _, _ = w.Write(mobileconfig)
} }
func handleMobileConfigDOH(w http.ResponseWriter, r *http.Request) { func handleMobileConfigDoH(w http.ResponseWriter, r *http.Request) {
handleMobileConfig(w, r, dnsProtoHTTPS) handleMobileConfig(w, r, dnsProtoHTTPS)
} }
func handleMobileConfigDOT(w http.ResponseWriter, r *http.Request) { func handleMobileConfigDoT(w http.ResponseWriter, r *http.Request) {
handleMobileConfig(w, r, dnsProtoTLS) handleMobileConfig(w, r, dnsProtoTLS)
} }

View File

@ -12,14 +12,14 @@ import (
"howett.net/plist" "howett.net/plist"
) )
func TestHandleMobileConfigDOH(t *testing.T) { func TestHandleMobileConfigDoH(t *testing.T) {
t.Run("success", func(t *testing.T) { t.Run("success", func(t *testing.T) {
r, err := http.NewRequest(http.MethodGet, "https://example.com:12345/apple/doh.mobileconfig?host=example.org", nil) r, err := http.NewRequest(http.MethodGet, "https://example.com:12345/apple/doh.mobileconfig?host=example.org", nil)
require.NoError(t, err) require.NoError(t, err)
w := httptest.NewRecorder() w := httptest.NewRecorder()
handleMobileConfigDOH(w, r) handleMobileConfigDoH(w, r)
require.Equal(t, http.StatusOK, w.Code) require.Equal(t, http.StatusOK, w.Code)
var mc mobileConfig var mc mobileConfig
@ -49,7 +49,7 @@ func TestHandleMobileConfigDOH(t *testing.T) {
w := httptest.NewRecorder() w := httptest.NewRecorder()
handleMobileConfigDOH(w, r) handleMobileConfigDoH(w, r)
assert.Equal(t, http.StatusInternalServerError, w.Code) assert.Equal(t, http.StatusInternalServerError, w.Code)
assert.JSONEq(t, w.Body.String(), b.String()) assert.JSONEq(t, w.Body.String(), b.String())
}) })
@ -60,7 +60,7 @@ func TestHandleMobileConfigDOH(t *testing.T) {
w := httptest.NewRecorder() w := httptest.NewRecorder()
handleMobileConfigDOH(w, r) handleMobileConfigDoH(w, r)
require.Equal(t, http.StatusOK, w.Code) require.Equal(t, http.StatusOK, w.Code)
var mc mobileConfig var mc mobileConfig
@ -74,14 +74,14 @@ func TestHandleMobileConfigDOH(t *testing.T) {
}) })
} }
func TestHandleMobileConfigDOT(t *testing.T) { func TestHandleMobileConfigDoT(t *testing.T) {
t.Run("success", func(t *testing.T) { t.Run("success", func(t *testing.T) {
r, err := http.NewRequest(http.MethodGet, "https://example.com:12345/apple/dot.mobileconfig?host=example.org", nil) r, err := http.NewRequest(http.MethodGet, "https://example.com:12345/apple/dot.mobileconfig?host=example.org", nil)
require.NoError(t, err) require.NoError(t, err)
w := httptest.NewRecorder() w := httptest.NewRecorder()
handleMobileConfigDOT(w, r) handleMobileConfigDoT(w, r)
require.Equal(t, http.StatusOK, w.Code) require.Equal(t, http.StatusOK, w.Code)
var mc mobileConfig var mc mobileConfig
@ -111,7 +111,7 @@ func TestHandleMobileConfigDOT(t *testing.T) {
w := httptest.NewRecorder() w := httptest.NewRecorder()
handleMobileConfigDOT(w, r) handleMobileConfigDoT(w, r)
assert.Equal(t, http.StatusInternalServerError, w.Code) assert.Equal(t, http.StatusInternalServerError, w.Code)
assert.JSONEq(t, w.Body.String(), b.String()) assert.JSONEq(t, w.Body.String(), b.String())
@ -123,7 +123,7 @@ func TestHandleMobileConfigDOT(t *testing.T) {
w := httptest.NewRecorder() w := httptest.NewRecorder()
handleMobileConfigDOT(w, r) handleMobileConfigDoT(w, r)
require.Equal(t, http.StatusOK, w.Code) require.Equal(t, http.StatusOK, w.Code)
var mc mobileConfig var mc mobileConfig

View File

@ -48,7 +48,7 @@ func tlsCreate(conf tlsConfigSettings) *TLSMod {
PortHTTPS: conf.PortHTTPS, PortHTTPS: conf.PortHTTPS,
PortDNSOverTLS: conf.PortDNSOverTLS, PortDNSOverTLS: conf.PortDNSOverTLS,
PortDNSOverQUIC: conf.PortDNSOverQUIC, PortDNSOverQUIC: conf.PortDNSOverQUIC,
AllowUnencryptedDOH: conf.AllowUnencryptedDOH, AllowUnencryptedDoH: conf.AllowUnencryptedDoH,
}} }}
} }
t.setCertFileTime() t.setCertFileTime()

View File

@ -23,8 +23,8 @@ const (
whoisTTL = 1 * 60 * 60 // 1 hour whoisTTL = 1 * 60 * 60 // 1 hour
) )
// Whois - module context // WHOIS - module context
type Whois struct { type WHOIS struct {
clients *clientsContainer clients *clientsContainer
ipChan chan net.IP ipChan chan net.IP
@ -41,9 +41,9 @@ type Whois struct {
timeoutMsec uint timeoutMsec uint
} }
// initWhois creates the Whois module context. // initWHOIS creates the WHOIS module context.
func initWhois(clients *clientsContainer) *Whois { func initWHOIS(clients *clientsContainer) *WHOIS {
w := Whois{ w := WHOIS{
timeoutMsec: 5000, timeoutMsec: 5000,
clients: clients, clients: clients,
ipAddrs: cache.New(cache.Config{ ipAddrs: cache.New(cache.Config{
@ -67,8 +67,8 @@ func trimValue(s string) string {
return s[:maxValueLength-3] + "..." return s[:maxValueLength-3] + "..."
} }
// isWhoisComment returns true if the string is empty or is a WHOIS comment. // isWHOISComment returns true if the string is empty or is a WHOIS comment.
func isWhoisComment(s string) (ok bool) { func isWHOISComment(s string) (ok bool) {
return len(s) == 0 || s[0] == '#' || s[0] == '%' return len(s) == 0 || s[0] == '#' || s[0] == '%'
} }
@ -83,7 +83,7 @@ func whoisParse(data string) (m strmap) {
var orgname string var orgname string
lines := strings.Split(data, "\n") lines := strings.Split(data, "\n")
for _, l := range lines { for _, l := range lines {
if isWhoisComment(l) { if isWHOISComment(l) {
continue continue
} }
@ -128,7 +128,7 @@ func whoisParse(data string) (m strmap) {
const MaxConnReadSize = 64 * 1024 const MaxConnReadSize = 64 * 1024
// Send request to a server and receive the response // Send request to a server and receive the response
func (w *Whois) query(ctx context.Context, target, serverAddr string) (data string, err error) { func (w *WHOIS) query(ctx context.Context, target, serverAddr string) (data string, err error) {
addr, _, _ := net.SplitHostPort(serverAddr) addr, _, _ := net.SplitHostPort(serverAddr)
if addr == "whois.arin.net" { if addr == "whois.arin.net" {
target = "n + " + target target = "n + " + target
@ -162,7 +162,7 @@ func (w *Whois) query(ctx context.Context, target, serverAddr string) (data stri
} }
// Query WHOIS servers (handle redirects) // Query WHOIS servers (handle redirects)
func (w *Whois) queryAll(ctx context.Context, target string) (string, error) { func (w *WHOIS) queryAll(ctx context.Context, target string) (string, error) {
server := net.JoinHostPort(defaultServer, defaultPort) server := net.JoinHostPort(defaultServer, defaultPort)
const maxRedirects = 5 const maxRedirects = 5
for i := 0; i != maxRedirects; i++ { for i := 0; i != maxRedirects; i++ {
@ -170,7 +170,7 @@ func (w *Whois) queryAll(ctx context.Context, target string) (string, error) {
if err != nil { if err != nil {
return "", err return "", err
} }
log.Debug("Whois: received response (%d bytes) from %s IP:%s", len(resp), server, target) log.Debug("whois: received response (%d bytes) from %s IP:%s", len(resp), server, target)
m := whoisParse(resp) m := whoisParse(resp)
redir, ok := m["whois"] redir, ok := m["whois"]
@ -186,25 +186,25 @@ func (w *Whois) queryAll(ctx context.Context, target string) (string, error) {
server = redir server = redir
} }
log.Debug("Whois: redirected to %s IP:%s", redir, target) log.Debug("whois: redirected to %s IP:%s", redir, target)
} }
return "", fmt.Errorf("whois: redirect loop") return "", fmt.Errorf("whois: redirect loop")
} }
// Request WHOIS information // Request WHOIS information
func (w *Whois) process(ctx context.Context, ip net.IP) (wi *RuntimeClientWhoisInfo) { func (w *WHOIS) process(ctx context.Context, ip net.IP) (wi *RuntimeClientWHOISInfo) {
resp, err := w.queryAll(ctx, ip.String()) resp, err := w.queryAll(ctx, ip.String())
if err != nil { if err != nil {
log.Debug("Whois: error: %s IP:%s", err, ip) log.Debug("whois: error: %s IP:%s", err, ip)
return nil return nil
} }
log.Debug("Whois: IP:%s response: %d bytes", ip, len(resp)) log.Debug("whois: IP:%s response: %d bytes", ip, len(resp))
m := whoisParse(resp) m := whoisParse(resp)
wi = &RuntimeClientWhoisInfo{ wi = &RuntimeClientWHOISInfo{
City: m["city"], City: m["city"],
Country: m["country"], Country: m["country"],
Orgname: m["orgname"], Orgname: m["orgname"],
@ -212,7 +212,7 @@ func (w *Whois) process(ctx context.Context, ip net.IP) (wi *RuntimeClientWhoisI
// Don't return an empty struct so that the frontend doesn't get // Don't return an empty struct so that the frontend doesn't get
// confused. // confused.
if *wi == (RuntimeClientWhoisInfo{}) { if *wi == (RuntimeClientWHOISInfo{}) {
return nil return nil
} }
@ -220,7 +220,7 @@ func (w *Whois) process(ctx context.Context, ip net.IP) (wi *RuntimeClientWhoisI
} }
// Begin - begin requesting WHOIS info // Begin - begin requesting WHOIS info
func (w *Whois) Begin(ip net.IP) { func (w *WHOIS) Begin(ip net.IP) {
now := uint64(time.Now().Unix()) now := uint64(time.Now().Unix())
expire := w.ipAddrs.Get([]byte(ip)) expire := w.ipAddrs.Get([]byte(ip))
if len(expire) != 0 { if len(expire) != 0 {
@ -234,18 +234,18 @@ func (w *Whois) Begin(ip net.IP) {
binary.BigEndian.PutUint64(expire, now+whoisTTL) binary.BigEndian.PutUint64(expire, now+whoisTTL)
_ = w.ipAddrs.Set([]byte(ip), expire) _ = w.ipAddrs.Set([]byte(ip), expire)
log.Debug("Whois: adding %s", ip) log.Debug("whois: adding %s", ip)
select { select {
case w.ipChan <- ip: case w.ipChan <- ip:
// //
default: default:
log.Debug("Whois: queue is full") log.Debug("whois: queue is full")
} }
} }
// workerLoop processes the IP addresses it got from the channel and associates // workerLoop processes the IP addresses it got from the channel and associates
// the retrieving WHOIS info with a client. // the retrieving WHOIS info with a client.
func (w *Whois) workerLoop() { func (w *WHOIS) workerLoop() {
for ip := range w.ipChan { for ip := range w.ipChan {
info := w.process(context.Background(), ip) info := w.process(context.Background(), ip)
if info == nil { if info == nil {
@ -253,6 +253,6 @@ func (w *Whois) workerLoop() {
} }
id := ip.String() id := ip.String()
w.clients.SetWhoisInfo(id, info) w.clients.SetWHOISInfo(id, info)
} }
} }

View File

@ -50,7 +50,7 @@ func (c *fakeConn) fakeDial(ctx context.Context, network, addr string) (conn net
return c, nil return c, nil
} }
func TestWhois(t *testing.T) { func TestWHOIS(t *testing.T) {
const ( const (
nl = "\n" nl = "\n"
data = `OrgName: FakeOrg LLC` + nl + data = `OrgName: FakeOrg LLC` + nl +
@ -62,7 +62,7 @@ func TestWhois(t *testing.T) {
data: []byte(data), data: []byte(data),
} }
w := Whois{ w := WHOIS{
timeoutMsec: 5000, timeoutMsec: 5000,
dialContext: fc.fakeDial, dialContext: fc.fakeDial,
} }
@ -77,7 +77,7 @@ func TestWhois(t *testing.T) {
assert.Equal(t, "Nonreal", m["city"]) assert.Equal(t, "Nonreal", m["city"])
} }
func TestWhoisParse(t *testing.T) { func TestWHOISParse(t *testing.T) {
const ( const (
city = "Nonreal" city = "Nonreal"
country = "Imagiland" country = "Imagiland"

View File

@ -3,17 +3,17 @@ package querylog
// Client is the information required by the query log to match against clients // Client is the information required by the query log to match against clients
// during searches. // during searches.
type Client struct { type Client struct {
Whois *ClientWhois `json:"whois,omitempty"` WHOIS *ClientWHOIS `json:"whois,omitempty"`
Name string `json:"name"` Name string `json:"name"`
DisallowedRule string `json:"disallowed_rule"` DisallowedRule string `json:"disallowed_rule"`
Disallowed bool `json:"disallowed"` Disallowed bool `json:"disallowed"`
} }
// ClientWhois is the filtered WHOIS data for the client. // ClientWHOIS is the filtered WHOIS data for the client.
// //
// TODO(a.garipov): Merge with home.RuntimeClientWhoisInfo after the // TODO(a.garipov): Merge with home.RuntimeClientWHOISInfo after the
// refactoring is done. // refactoring is done.
type ClientWhois struct { type ClientWHOIS struct {
City string `json:"city,omitempty"` City string `json:"city,omitempty"`
Country string `json:"country,omitempty"` Country string `json:"country,omitempty"`
Orgname string `json:"orgname,omitempty"` Orgname string `json:"orgname,omitempty"`

View File

@ -42,9 +42,9 @@ type ClientProto string
// Client protocol names. // Client protocol names.
const ( const (
ClientProtoDOH ClientProto = "doh" ClientProtoDoH ClientProto = "doh"
ClientProtoDOQ ClientProto = "doq" ClientProtoDoQ ClientProto = "doq"
ClientProtoDOT ClientProto = "dot" ClientProtoDoT ClientProto = "dot"
ClientProtoDNSCrypt ClientProto = "dnscrypt" ClientProtoDNSCrypt ClientProto = "dnscrypt"
ClientProtoPlain ClientProto = "" ClientProtoPlain ClientProto = ""
) )
@ -54,9 +54,9 @@ const (
func NewClientProto(s string) (cp ClientProto, err error) { func NewClientProto(s string) (cp ClientProto, err error) {
switch cp = ClientProto(s); cp { switch cp = ClientProto(s); cp {
case case
ClientProtoDOH, ClientProtoDoH,
ClientProtoDOQ, ClientProtoDoQ,
ClientProtoDOT, ClientProtoDoT,
ClientProtoDNSCrypt, ClientProtoDNSCrypt,
ClientProtoPlain: ClientProtoPlain:

View File

@ -41,7 +41,7 @@
- 'name': 'stats' - 'name': 'stats'
'description': 'AdGuard Home statistics' 'description': 'AdGuard Home statistics'
- 'name': 'tls' - 'name': 'tls'
'description': 'AdGuard Home HTTPS/DOH/DOT settings' 'description': 'AdGuard Home HTTPS/DoH/DoQ/DoT settings'
'paths': 'paths':
'/status': '/status':
@ -1877,7 +1877,7 @@
'type': 'string' 'type': 'string'
'client_id': 'client_id':
'description': > 'description': >
The client ID, if provided in DOH, DOQ, or DOT. The client ID, if provided in DoH, DoQ, or DoT.
'example': 'cli123' 'example': 'cli123'
'type': 'string' 'type': 'string'
'client_info': 'client_info':
@ -2036,7 +2036,7 @@
'enabled': 'enabled':
'type': 'boolean' 'type': 'boolean'
'example': true 'example': true
'description': 'enabled is the encryption (DOT/DOH/HTTPS) status' 'description': 'enabled is the encryption (DoT/DoH/HTTPS) status'
'server_name': 'server_name':
'type': 'string' 'type': 'string'
'example': 'example.org' 'example': 'example.org'
@ -2054,12 +2054,12 @@
'type': 'integer' 'type': 'integer'
'format': 'uint16' 'format': 'uint16'
'example': 853 'example': 853
'description': 'DNS-over-TLS port. If 0, DOT will be disabled.' 'description': 'DNS-over-TLS port. If 0, DoT will be disabled.'
'port_dns_over_quic': 'port_dns_over_quic':
'type': 'integer' 'type': 'integer'
'format': 'uint16' 'format': 'uint16'
'example': 784 'example': 784
'description': 'DNS-over-QUIC port. If 0, DOQ will be disabled.' 'description': 'DNS-over-QUIC port. If 0, DoQ will be disabled.'
'certificate_chain': 'certificate_chain':
'type': 'string' 'type': 'string'
'description': 'Base64 string with PEM-encoded certificates chain' 'description': 'Base64 string with PEM-encoded certificates chain'

View File

@ -5,9 +5,6 @@ initialisms = [
# Do not add "PTR" since we use "Ptr" as a suffix. # Do not add "PTR" since we use "Ptr" as a suffix.
"inherit" "inherit"
, "DHCP" , "DHCP"
, "DOH"
, "DOQ"
, "DOT"
, "EDNS" , "EDNS"
, "MX" , "MX"
, "QUIC" , "QUIC"
@ -16,6 +13,7 @@ initialisms = [
, "SLAAC" , "SLAAC"
, "SVCB" , "SVCB"
, "TLD" , "TLD"
, "WHOIS"
] ]
dot_import_whitelist = [] dot_import_whitelist = []
http_status_code_whitelist = [] http_status_code_whitelist = []