Pull request: 4542 clientid case

Merge in DNS/adguard-home from 4542-clientid-case to master Updates #4542. Squashed commit of the following: commit 2a3111ebcef09460b407cd1c870cad2391cd5650 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Wed May 4 20:44:18 2022 +0300 all: fix changelog link commit 3732def83e2a36eeff2d682149dc4dcef4e92a7d Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Wed May 4 20:43:37 2022 +0300 all: log changes commit 9fe1001cf586669ae238c9c4818070cf94e23ce8 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Wed May 4 19:37:33 2022 +0300 dnsforward: lowercase clientid
2024-11-21 20:45:33 +03:00 · 2022-05-04 21:01:41 +03:00 · 2022-05-04 21:01:41 +03:00 · 58515fce43
commit 58515fce43
parent 21905d9869
4 changed files with 27 additions and 3 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -127,6 +127,7 @@ In this release, the schema version has changed from 12 to 14.

 ### Fixed

+- Case-sensitive ClientID ([#4542]).
 - Slow version update queries making other HTTP APIs unresponsible ([#4499]).
 - ARP tables refreshing process causing excessive PTR requests ([#3157]).

@ -148,6 +149,7 @@ In this release, the schema version has changed from 12 to 14.
 [#4276]: https://github.com/AdguardTeam/AdGuardHome/issues/4276
 [#4499]: https://github.com/AdguardTeam/AdGuardHome/issues/4499
 [#4533]: https://github.com/AdguardTeam/AdGuardHome/issues/4533
+[#4542]: https://github.com/AdguardTeam/AdGuardHome/issues/4542

 [ddr-draft-06]: https://www.ietf.org/archive/id/draft-ietf-add-ddr-06.html
 [doq-draft-10]: https://datatracker.ietf.org/doc/html/draft-ietf-dprive-dnsoquic-10#section-10.2
--- a/internal/dnsforward/clientid.go
+++ b/internal/dnsforward/clientid.go
@ -65,7 +65,7 @@ func clientIDFromClientServerName(
 		return "", err
 	}

-	return clientID, nil
+	return strings.ToLower(clientID), nil
 }

 // clientIDFromDNSContextHTTPS extracts the client's ID from the path of the
@ -104,7 +104,7 @@ func clientIDFromDNSContextHTTPS(pctx *proxy.DNSContext) (clientID string, err e
 		return "", fmt.Errorf("clientid check: %w", err)
 	}

-	return clientID, nil
+	return strings.ToLower(clientID), nil
 }

 // tlsConn is a narrow interface for *tls.Conn to simplify testing.
--- a/internal/dnsforward/clientid_test.go
+++ b/internal/dnsforward/clientid_test.go
@ -143,6 +143,22 @@ func TestServer_clientIDFromDNSContext(t *testing.T) {
 		wantErrMsg: `clientid check: client server name "cli.myexample.com" ` +
 			`doesn't match host server name "example.com"`,
 		strictSNI: true,
+	}, {
+		name:         "tls_case",
+		proto:        proxy.ProtoTLS,
+		hostSrvName:  "example.com",
+		cliSrvName:   "InSeNsItIvE.example.com",
+		wantClientID: "insensitive",
+		wantErrMsg:   ``,
+		strictSNI:    true,
+	}, {
+		name:         "quic_case",
+		proto:        proxy.ProtoQUIC,
+		hostSrvName:  "example.com",
+		cliSrvName:   "InSeNsItIvE.example.com",
+		wantClientID: "insensitive",
+		wantErrMsg:   ``,
+		strictSNI:    true,
 	}}

 	for _, tc := range testCases {
@ -210,6 +226,11 @@ func TestClientIDFromDNSContextHTTPS(t *testing.T) {
 		path:         "/dns-query/cli/",
 		wantClientID: "cli",
 		wantErrMsg:   "",
+	}, {
+		name:         "clientid_case",
+		path:         "/dns-query/InSeNsItIvE",
+		wantClientID: "insensitive",
+		wantErrMsg:   ``,
 	}, {
 		name:         "bad_url",
 		path:         "/foo",
--- a/internal/home/clients.go
+++ b/internal/home/clients.go
@ -5,6 +5,7 @@ import (
 	"fmt"
 	"net"
 	"sort"
+	"strings"
 	"sync"
 	"time"

@ -546,7 +547,7 @@ func (clients *clientsContainer) check(c *Client) (err error) {
 		} else if mac, err = net.ParseMAC(id); err == nil {
 			c.IDs[i] = mac.String()
 		} else if err = dnsforward.ValidateClientID(id); err == nil {
-			c.IDs[i] = id
+			c.IDs[i] = strings.ToLower(id)
 		} else {
 			return fmt.Errorf("invalid clientid at index %d: %q", i, id)
 		}