Pull request: filtering: fix letter case in cname matching

Updates #3335. Squashed commit of the following: commit ff55c112417199e4b04098a32c5f4805b59356f9 Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Mon Jul 12 12:38:46 2021 +0300 filtering: fix letter case in cname matching
2021-07-12 13:10:47 +03:00 · 2021-07-12 13:10:47 +03:00 · f419896ec6
parent 1a693f790b
commit f419896ec6
3 changed files with 21 additions and 14 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -62,6 +62,7 @@ released by then.
 ### Fixed
 - Letter case mismatches in `CNAME` filtering ([#3335]).
 - Occasional breakages on network errors with DNS-over-HTTP upstreams ([#3217]).
 - Errors when setting static IP on Linux ([#3257]).
 - Treatment of domain names and FQDNs in custom rules with `$dnsrewrite` that
@ -101,6 +102,7 @@ released by then.
 [#3217]: https://github.com/AdguardTeam/AdGuardHome/issues/3217
 [#3256]: https://github.com/AdguardTeam/AdGuardHome/issues/3256
 [#3257]: https://github.com/AdguardTeam/AdGuardHome/issues/3257
 [#3335]: https://github.com/AdguardTeam/AdGuardHome/issues/3335
--- a/internal/dnsforward/dnsforward_test.go
+++ b/internal/dnsforward/dnsforward_test.go
@ -58,7 +58,7 @@ func createTestServer(
 	t.Helper()
 	rules := `||nxdomain.example.org
-||null.example.org^
+||NULL.example.org^
 127.0.0.1	host.example.org
@@||whitelist.example.org^
 ||127.0.0.255`
@ -581,13 +581,13 @@ func TestServerCustomClientUpstream(t *testing.T) {
 // testCNAMEs is a map of names and CNAMEs necessary for the TestUpstream work.
 var testCNAMEs = map[string]string{
-	"badhost.":               "null.example.org.",
+	"badhost.":               "NULL.example.org.",
-	"whitelist.example.org.": "null.example.org.",
+	"whitelist.example.org.": "NULL.example.org.",
 }
 // testIPv4 is a map of names and IPv4s necessary for the TestUpstream work.
 var testIPv4 = map[string][]net.IP{
-	"null.example.org.": {{1, 2, 3, 4}},
+	"NULL.example.org.": {{1, 2, 3, 4}},
 	"example.org.":      {{127, 0, 0, 255}},
 }
@ -609,7 +609,7 @@ func TestBlockCNAMEProtectionEnabled(t *testing.T) {
 	addr := s.dnsProxy.Addr(proxy.ProtoUDP)
-	// 'badhost' has a canonical name 'null.example.org' which should be
+	// 'badhost' has a canonical name 'NULL.example.org' which should be
 	// blocked by filters, but protection is disabled so it is not.
 	req := createTestMessage("badhost.")
@ -644,13 +644,13 @@ func TestBlockCNAME(t *testing.T) {
 		want bool
 	}{{
 		host: "badhost.",
-		// 'badhost' has a canonical name 'null.example.org' which is
+		// 'badhost' has a canonical name 'NULL.example.org' which is
 		// blocked by filters: response is blocked.
 		want: true,
 	}, {
 		host: "whitelist.example.org.",
 		// 'whitelist.example.org' has a canonical name
-		// 'null.example.org' which is blocked by filters
+		// 'NULL.example.org' which is blocked by filters
 		// but 'whitelist.example.org' is in a whitelist:
 		// response isn't blocked.
 		want: false,
@ -671,8 +671,11 @@ func TestBlockCNAME(t *testing.T) {
 			assert.Equal(t, dns.RcodeSuccess, reply.Rcode)
 			if tc.want {
 				require.Len(t, reply.Answer, 1)
-				a, ok := reply.Answer[0].(*dns.A)
+
-				require.True(t, ok)
+				ans := reply.Answer[0]
 				a, ok := ans.(*dns.A)
 				require.Truef(t, ok, "got %T", ans)
 				assert.True(t, a.A.IsUnspecified())
 			}
 		})
@ -701,7 +704,7 @@ func TestClientRulesForCNAMEMatching(t *testing.T) {
 	addr := s.dnsProxy.Addr(proxy.ProtoUDP)
-	// 'badhost' has a canonical name 'null.example.org' which is blocked by
+	// 'badhost' has a canonical name 'NULL.example.org' which is blocked by
 	// filters: response is blocked.
 	req := dns.Msg{
 		MsgHdr: dns.MsgHdr{
@ -742,7 +745,7 @@ func TestNullBlockedRequest(t *testing.T) {
 			RecursionDesired: true,
 		},
 		Question: []dns.Question{{
-			Name:   "null.example.org.",
+			Name:   "NULL.example.org.",
 			Qtype:  dns.TypeA,
 			Qclass: dns.ClassINET,
 		}},
@ -757,7 +760,7 @@ func TestNullBlockedRequest(t *testing.T) {
 }
 func TestBlockedCustomIP(t *testing.T) {
-	rules := "||nxdomain.example.org^\n||null.example.org^\n127.0.0.1	host.example.org\n@@||whitelist.example.org^\n||127.0.0.255\n"
+	rules := "||nxdomain.example.org^\n||NULL.example.org^\n127.0.0.1	host.example.org\n@@||whitelist.example.org^\n||127.0.0.255\n"
 	filters := []filtering.Filter{{
 		ID:   0,
 		Data: []byte(rules),
@ -802,7 +805,7 @@ func TestBlockedCustomIP(t *testing.T) {
 	addr := s.dnsProxy.Addr(proxy.ProtoUDP)
-	req := createTestMessageWithType("null.example.org.", dns.TypeA)
+	req := createTestMessageWithType("NULL.example.org.", dns.TypeA)
 	reply, err := dns.Exchange(req, addr.String())
 	require.NoError(t, err)
@ -813,7 +816,7 @@ func TestBlockedCustomIP(t *testing.T) {
 	assert.True(t, net.IP{0, 0, 0, 1}.Equal(a.A))
-	req = createTestMessageWithType("null.example.org.", dns.TypeAAAA)
+	req = createTestMessageWithType("NULL.example.org.", dns.TypeAAAA)
 	reply, err = dns.Exchange(req, addr.String())
 	require.NoError(t, err)
--- a/internal/filtering/filtering.go
+++ b/internal/filtering/filtering.go
@ -403,6 +403,8 @@ func (d *DNSFilter) CheckHostRules(host string, qtype uint16, setts *Settings) (
 		return Result{}, nil
 	}
 	host = strings.ToLower(host)
 	return d.matchHost(host, qtype, setts)
 }