Pull request: home: don't miss blocked clients in client search api

Merge in DNS/adguard-home from 2428-blocked-runtime-fix to master

Updates #2428.

Squashed commit of the following:

commit 8aaa3e22a894f0335ced93339655771989846c94
Author: Ainar Garipov <A.Garipov@AdGuard.COM>
Date:   Fri Jan 15 16:32:53 2021 +0300

    home: don't miss blocked clients in client search api
This commit is contained in:
Ainar Garipov 2021-01-15 20:30:48 +03:00
parent 56cb8a4dde
commit 679bbcdc26
5 changed files with 75 additions and 17 deletions

View file

@ -233,24 +233,22 @@ func (clients *clientsContainer) handleFindClient(w http.ResponseWriter, r *http
if len(ip) == 0 { if len(ip) == 0 {
break break
} }
el := map[string]interface{}{} el := map[string]interface{}{}
c, ok := clients.Find(ip) c, ok := clients.Find(ip)
var cj clientJSON
if !ok { if !ok {
ch, ok := clients.FindAutoClient(ip) var found bool
if !ok { cj, found = clients.findTemporary(ip)
continue // a client with this IP isn't found if !found {
continue
} }
cj := clientHostToJSON(ip, ch)
cj.Disallowed, cj.DisallowedRule = clients.dnsServer.IsBlockedIP(ip)
el[ip] = cj
} else { } else {
cj := clientToJSON(&c) cj = clientToJSON(&c)
cj.Disallowed, cj.DisallowedRule = clients.dnsServer.IsBlockedIP(ip) cj.Disallowed, cj.DisallowedRule = clients.dnsServer.IsBlockedIP(ip)
el[ip] = cj
} }
el[ip] = cj
data = append(data, el) data = append(data, el)
} }
@ -267,6 +265,36 @@ func (clients *clientsContainer) handleFindClient(w http.ResponseWriter, r *http
} }
} }
// findTemporary looks up the IP in temporary storages, like autohosts or
// blocklists.
func (clients *clientsContainer) findTemporary(ip string) (cj clientJSON, found bool) {
ch, ok := clients.FindAutoClient(ip)
if !ok {
// It is still possible that the IP used to be in the runtime
// clients list, but then the server was reloaded. So, check
// the DNS server's blocked IP list.
//
// See https://github.com/AdguardTeam/AdGuardHome/issues/2428.
disallowed, rule := clients.dnsServer.IsBlockedIP(ip)
if rule == "" {
return clientJSON{}, false
}
cj = clientJSON{
IDs: []string{ip},
Disallowed: disallowed,
DisallowedRule: rule,
}
return cj, true
}
cj = clientHostToJSON(ip, ch)
cj.Disallowed, cj.DisallowedRule = clients.dnsServer.IsBlockedIP(ip)
return cj, true
}
// RegisterClientsHandlers registers HTTP handlers // RegisterClientsHandlers registers HTTP handlers
func (clients *clientsContainer) registerWebHandlers() { func (clients *clientsContainer) registerWebHandlers() {
httpRegister("GET", "/control/clients", clients.handleGetClients) httpRegister("GET", "/control/clients", clients.handleGetClients)

View file

@ -68,8 +68,8 @@ kXS9jgARhhiWXJrk
data.KeyType == "RSA" && data.KeyType == "RSA" &&
data.Subject == "CN=AdGuard Home,O=AdGuard Ltd" && data.Subject == "CN=AdGuard Home,O=AdGuard Ltd" &&
data.Issuer == "CN=AdGuard Home,O=AdGuard Ltd" && data.Issuer == "CN=AdGuard Home,O=AdGuard Ltd" &&
data.NotBefore == notBefore && data.NotBefore.Equal(notBefore) &&
data.NotAfter == notAfter && data.NotAfter.Equal(notAfter) &&
// data.DNSNames[0] == && // data.DNSNames[0] == &&
data.ValidPair) { data.ValidPair) {
t.Fatalf("valid cert & priv key: validateCertificates(): %v", data) t.Fatalf("valid cert & priv key: validateCertificates(): %v", data)

View file

@ -109,7 +109,7 @@ func (web *Web) handleInstallCheckConfig(w http.ResponseWriter, r *http.Request)
if reqData.Web.Port != 0 && reqData.Web.Port != config.BindPort && reqData.Web.Port != config.BetaBindPort { if reqData.Web.Port != 0 && reqData.Web.Port != config.BindPort && reqData.Web.Port != config.BetaBindPort {
err = util.CheckPortAvailable(reqData.Web.IP, reqData.Web.Port) err = util.CheckPortAvailable(reqData.Web.IP, reqData.Web.Port)
if err != nil { if err != nil {
respData.Web.Status = fmt.Sprintf("%v", err) respData.Web.Status = err.Error()
} }
} }
@ -137,7 +137,7 @@ func (web *Web) handleInstallCheckConfig(w http.ResponseWriter, r *http.Request)
} }
if err != nil { if err != nil {
respData.DNS.Status = fmt.Sprintf("%v", err) respData.DNS.Status = err.Error()
} else if reqData.DNS.IP != "0.0.0.0" { } else if reqData.DNS.IP != "0.0.0.0" {
respData.StaticIP = handleStaticIP(reqData.DNS.IP, reqData.SetStaticIP) respData.StaticIP = handleStaticIP(reqData.DNS.IP, reqData.SetStaticIP)
} }

View file

@ -27,5 +27,13 @@ go="${GO:-go}"
# those aren't set. # those aren't set.
"$go" mod download $x_flags "$go" mod download $x_flags
env GOBIN="${PWD}/bin" "$go" install $v_flags $x_flags\ # Reset GOARCH and GOOS to make sure we install the tools for the native
# architecture even when we're cross-compiling the main binary, and also
# to prevent the "cannot install cross-compiled binaries when GOBIN is
# set" error.
env\
GOARCH=""\
GOOS=""\
GOBIN="${PWD}/bin"\
"$go" install $v_flags $x_flags\
github.com/gobuffalo/packr/packr github.com/gobuffalo/packr/packr

View file

@ -2,16 +2,38 @@
verbose="${VERBOSE:-0}" verbose="${VERBOSE:-0}"
if [ "$verbose" -gt '0' ] if [ "$verbose" -gt '1' ]
then then
set -x set -x
readonly v_flags='-v'
readonly x_flags='-x'
elif [ "$verbose" -gt '0' ]
then
set -x
readonly v_flags='-v'
readonly x_flags=''
else
set +x
readonly v_flags=''
readonly x_flags=''
fi fi
set -e -f -u set -e -f -u
go="${GO:-go}"
# TODO(a.garipov): Add goconst? # TODO(a.garipov): Add goconst?
env GOBIN="${PWD}/bin" "$GO" install --modfile=./internal/tools/go.mod\ # Reset GOARCH and GOOS to make sure we install the tools for the native
# architecture even when we're cross-compiling the main binary, and also
# to prevent the "cannot install cross-compiled binaries when GOBIN is
# set" error.
env\
GOARCH=""\
GOOS=""\
GOBIN="${PWD}/bin"\
"$go" install --modfile=./internal/tools/go.mod\
$v_flags $x_flags\
github.com/fzipp/gocyclo/cmd/gocyclo\ github.com/fzipp/gocyclo/cmd/gocyclo\
github.com/golangci/misspell/cmd/misspell\ github.com/golangci/misspell/cmd/misspell\
github.com/gordonklaus/ineffassign\ github.com/gordonklaus/ineffassign\