mirror of
https://github.com/AdguardTeam/AdGuardHome.git
synced 2024-11-29 10:28:53 +03:00
Pull request: home: don't miss blocked clients in client search api
Merge in DNS/adguard-home from 2428-blocked-runtime-fix to master Updates #2428. Squashed commit of the following: commit 8aaa3e22a894f0335ced93339655771989846c94 Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Fri Jan 15 16:32:53 2021 +0300 home: don't miss blocked clients in client search api
This commit is contained in:
parent
56cb8a4dde
commit
679bbcdc26
5 changed files with 75 additions and 17 deletions
|
@ -233,24 +233,22 @@ func (clients *clientsContainer) handleFindClient(w http.ResponseWriter, r *http
|
||||||
if len(ip) == 0 {
|
if len(ip) == 0 {
|
||||||
break
|
break
|
||||||
}
|
}
|
||||||
|
|
||||||
el := map[string]interface{}{}
|
el := map[string]interface{}{}
|
||||||
c, ok := clients.Find(ip)
|
c, ok := clients.Find(ip)
|
||||||
|
var cj clientJSON
|
||||||
if !ok {
|
if !ok {
|
||||||
ch, ok := clients.FindAutoClient(ip)
|
var found bool
|
||||||
if !ok {
|
cj, found = clients.findTemporary(ip)
|
||||||
continue // a client with this IP isn't found
|
if !found {
|
||||||
|
continue
|
||||||
}
|
}
|
||||||
cj := clientHostToJSON(ip, ch)
|
|
||||||
|
|
||||||
cj.Disallowed, cj.DisallowedRule = clients.dnsServer.IsBlockedIP(ip)
|
|
||||||
el[ip] = cj
|
|
||||||
} else {
|
} else {
|
||||||
cj := clientToJSON(&c)
|
cj = clientToJSON(&c)
|
||||||
|
|
||||||
cj.Disallowed, cj.DisallowedRule = clients.dnsServer.IsBlockedIP(ip)
|
cj.Disallowed, cj.DisallowedRule = clients.dnsServer.IsBlockedIP(ip)
|
||||||
el[ip] = cj
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
el[ip] = cj
|
||||||
data = append(data, el)
|
data = append(data, el)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -267,6 +265,36 @@ func (clients *clientsContainer) handleFindClient(w http.ResponseWriter, r *http
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// findTemporary looks up the IP in temporary storages, like autohosts or
|
||||||
|
// blocklists.
|
||||||
|
func (clients *clientsContainer) findTemporary(ip string) (cj clientJSON, found bool) {
|
||||||
|
ch, ok := clients.FindAutoClient(ip)
|
||||||
|
if !ok {
|
||||||
|
// It is still possible that the IP used to be in the runtime
|
||||||
|
// clients list, but then the server was reloaded. So, check
|
||||||
|
// the DNS server's blocked IP list.
|
||||||
|
//
|
||||||
|
// See https://github.com/AdguardTeam/AdGuardHome/issues/2428.
|
||||||
|
disallowed, rule := clients.dnsServer.IsBlockedIP(ip)
|
||||||
|
if rule == "" {
|
||||||
|
return clientJSON{}, false
|
||||||
|
}
|
||||||
|
|
||||||
|
cj = clientJSON{
|
||||||
|
IDs: []string{ip},
|
||||||
|
Disallowed: disallowed,
|
||||||
|
DisallowedRule: rule,
|
||||||
|
}
|
||||||
|
|
||||||
|
return cj, true
|
||||||
|
}
|
||||||
|
|
||||||
|
cj = clientHostToJSON(ip, ch)
|
||||||
|
cj.Disallowed, cj.DisallowedRule = clients.dnsServer.IsBlockedIP(ip)
|
||||||
|
|
||||||
|
return cj, true
|
||||||
|
}
|
||||||
|
|
||||||
// RegisterClientsHandlers registers HTTP handlers
|
// RegisterClientsHandlers registers HTTP handlers
|
||||||
func (clients *clientsContainer) registerWebHandlers() {
|
func (clients *clientsContainer) registerWebHandlers() {
|
||||||
httpRegister("GET", "/control/clients", clients.handleGetClients)
|
httpRegister("GET", "/control/clients", clients.handleGetClients)
|
||||||
|
|
|
@ -68,8 +68,8 @@ kXS9jgARhhiWXJrk
|
||||||
data.KeyType == "RSA" &&
|
data.KeyType == "RSA" &&
|
||||||
data.Subject == "CN=AdGuard Home,O=AdGuard Ltd" &&
|
data.Subject == "CN=AdGuard Home,O=AdGuard Ltd" &&
|
||||||
data.Issuer == "CN=AdGuard Home,O=AdGuard Ltd" &&
|
data.Issuer == "CN=AdGuard Home,O=AdGuard Ltd" &&
|
||||||
data.NotBefore == notBefore &&
|
data.NotBefore.Equal(notBefore) &&
|
||||||
data.NotAfter == notAfter &&
|
data.NotAfter.Equal(notAfter) &&
|
||||||
// data.DNSNames[0] == &&
|
// data.DNSNames[0] == &&
|
||||||
data.ValidPair) {
|
data.ValidPair) {
|
||||||
t.Fatalf("valid cert & priv key: validateCertificates(): %v", data)
|
t.Fatalf("valid cert & priv key: validateCertificates(): %v", data)
|
||||||
|
|
|
@ -109,7 +109,7 @@ func (web *Web) handleInstallCheckConfig(w http.ResponseWriter, r *http.Request)
|
||||||
if reqData.Web.Port != 0 && reqData.Web.Port != config.BindPort && reqData.Web.Port != config.BetaBindPort {
|
if reqData.Web.Port != 0 && reqData.Web.Port != config.BindPort && reqData.Web.Port != config.BetaBindPort {
|
||||||
err = util.CheckPortAvailable(reqData.Web.IP, reqData.Web.Port)
|
err = util.CheckPortAvailable(reqData.Web.IP, reqData.Web.Port)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
respData.Web.Status = fmt.Sprintf("%v", err)
|
respData.Web.Status = err.Error()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -137,7 +137,7 @@ func (web *Web) handleInstallCheckConfig(w http.ResponseWriter, r *http.Request)
|
||||||
}
|
}
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
respData.DNS.Status = fmt.Sprintf("%v", err)
|
respData.DNS.Status = err.Error()
|
||||||
} else if reqData.DNS.IP != "0.0.0.0" {
|
} else if reqData.DNS.IP != "0.0.0.0" {
|
||||||
respData.StaticIP = handleStaticIP(reqData.DNS.IP, reqData.SetStaticIP)
|
respData.StaticIP = handleStaticIP(reqData.DNS.IP, reqData.SetStaticIP)
|
||||||
}
|
}
|
||||||
|
|
|
@ -27,5 +27,13 @@ go="${GO:-go}"
|
||||||
# those aren't set.
|
# those aren't set.
|
||||||
"$go" mod download $x_flags
|
"$go" mod download $x_flags
|
||||||
|
|
||||||
env GOBIN="${PWD}/bin" "$go" install $v_flags $x_flags\
|
# Reset GOARCH and GOOS to make sure we install the tools for the native
|
||||||
|
# architecture even when we're cross-compiling the main binary, and also
|
||||||
|
# to prevent the "cannot install cross-compiled binaries when GOBIN is
|
||||||
|
# set" error.
|
||||||
|
env\
|
||||||
|
GOARCH=""\
|
||||||
|
GOOS=""\
|
||||||
|
GOBIN="${PWD}/bin"\
|
||||||
|
"$go" install $v_flags $x_flags\
|
||||||
github.com/gobuffalo/packr/packr
|
github.com/gobuffalo/packr/packr
|
||||||
|
|
|
@ -2,16 +2,38 @@
|
||||||
|
|
||||||
verbose="${VERBOSE:-0}"
|
verbose="${VERBOSE:-0}"
|
||||||
|
|
||||||
if [ "$verbose" -gt '0' ]
|
if [ "$verbose" -gt '1' ]
|
||||||
then
|
then
|
||||||
set -x
|
set -x
|
||||||
|
readonly v_flags='-v'
|
||||||
|
readonly x_flags='-x'
|
||||||
|
elif [ "$verbose" -gt '0' ]
|
||||||
|
then
|
||||||
|
set -x
|
||||||
|
readonly v_flags='-v'
|
||||||
|
readonly x_flags=''
|
||||||
|
else
|
||||||
|
set +x
|
||||||
|
readonly v_flags=''
|
||||||
|
readonly x_flags=''
|
||||||
fi
|
fi
|
||||||
|
|
||||||
set -e -f -u
|
set -e -f -u
|
||||||
|
|
||||||
|
go="${GO:-go}"
|
||||||
|
|
||||||
# TODO(a.garipov): Add goconst?
|
# TODO(a.garipov): Add goconst?
|
||||||
|
|
||||||
env GOBIN="${PWD}/bin" "$GO" install --modfile=./internal/tools/go.mod\
|
# Reset GOARCH and GOOS to make sure we install the tools for the native
|
||||||
|
# architecture even when we're cross-compiling the main binary, and also
|
||||||
|
# to prevent the "cannot install cross-compiled binaries when GOBIN is
|
||||||
|
# set" error.
|
||||||
|
env\
|
||||||
|
GOARCH=""\
|
||||||
|
GOOS=""\
|
||||||
|
GOBIN="${PWD}/bin"\
|
||||||
|
"$go" install --modfile=./internal/tools/go.mod\
|
||||||
|
$v_flags $x_flags\
|
||||||
github.com/fzipp/gocyclo/cmd/gocyclo\
|
github.com/fzipp/gocyclo/cmd/gocyclo\
|
||||||
github.com/golangci/misspell/cmd/misspell\
|
github.com/golangci/misspell/cmd/misspell\
|
||||||
github.com/gordonklaus/ineffassign\
|
github.com/gordonklaus/ineffassign\
|
||||||
|
|
Loading…
Reference in a new issue