mirror of
https://github.com/AdguardTeam/AdGuardHome.git
synced 2025-03-29 21:49:03 +03:00
143616ca6e
Merge in DNS/adguard-home from 4299-querylog-stats-api to master Updates #1717. Updates #4299. Squashed commit of the following: commit 5b706b7997a536bc4fd2c532fb89ca5ab3536848 Merge: 48b62b0f306c1983Author: Stanislav Chzhen <s.chzhen@adguard.com> Date: Wed Mar 22 13:53:09 2023 +0300 Merge branch 'master' into 4299-querylog-stats-api commit 48b62b0f1882f1ad120c6cdd90cd7dd8cb8a7738 Author: Vladislav Abdulmyanov <v.abdulmyanov@adguard.com> Date: Wed Mar 22 12:25:04 2023 +0200 client: fix styles, add titles and descrs commit 97e31cff70d05b51bd0e5ea2d20e8e7a251a7e41 Author: Vladislav Abdulmyanov <v.abdulmyanov@adguard.com> Date: Tue Mar 21 18:38:12 2023 +0200 client: add ignored domains for querylog commit 24d75c4376382205ae6b8f731b1cd23d517772c9 Author: Vladislav Abdulmyanov <v.abdulmyanov@adguard.com> Date: Tue Mar 21 18:21:13 2023 +0200 client: add ignore domains for stats commit eefc3891d01f90af79fdac9ba8eea06d4d54a0bc Merge: 978675ea1daabb97Author: Stanislav Chzhen <s.chzhen@adguard.com> Date: Tue Mar 21 10:53:35 2023 +0300 Merge branch 'master' into 4299-querylog-stats-api commit 978675ea2c07bf248b4c8f26ebdf78cf59a12ef5 Author: Stanislav Chzhen <s.chzhen@adguard.com> Date: Tue Mar 21 10:53:11 2023 +0300 openapi: fix chlog commit 2ed33007aade115d38b0ca582206cc10678b084c Author: Stanislav Chzhen <s.chzhen@adguard.com> Date: Mon Mar 20 17:49:07 2023 +0300 home: fix tests commit 6af11520c164553ee9fce8f214ea169672188d7e Author: Stanislav Chzhen <s.chzhen@adguard.com> Date: Mon Mar 20 17:40:16 2023 +0300 home: fix typo commit 56acdfde5b1ee8d16b232c1293b91affbe319ad1 Merge: 319da34d48431f8bAuthor: Stanislav Chzhen <s.chzhen@adguard.com> Date: Mon Mar 20 17:32:58 2023 +0300 Merge branch 'master' into 4299-querylog-stats-api commit 319da34de41ec84310b23bba2ad79c8a3a4c14ff Author: Stanislav Chzhen <s.chzhen@adguard.com> Date: Fri Mar 3 17:34:38 2023 +0300 querylog: fix docs commit d5a8f24d5b336e7bdbbca18069f6ede8c96bcc2c Author: Stanislav Chzhen <s.chzhen@adguard.com> Date: Fri Mar 3 11:42:00 2023 +0300 stats: fix docs commit e0cbfc1c4078180a05835ce7587e9f45484adc81 Merge: 4743c810012e5bebAuthor: Stanislav Chzhen <s.chzhen@adguard.com> Date: Wed Mar 1 18:45:17 2023 +0300 Merge branch 'master' into 4299-querylog-stats-api commit 4743c81038052b9e0ca29ae5f1565021d36ca1ef Author: Stanislav Chzhen <s.chzhen@adguard.com> Date: Wed Mar 1 18:14:16 2023 +0300 all: imp code; fix time conversion commit 34310cffd7e331d098c535590245387051674fa8 Author: Stanislav Chzhen <s.chzhen@adguard.com> Date: Wed Mar 1 12:34:11 2023 +0300 chlog: restore order commit cadd864a66655242948f1cb16e6d4945c0235d7e Merge: 2f3e25bebb226434Author: Stanislav Chzhen <s.chzhen@adguard.com> Date: Wed Mar 1 12:26:06 2023 +0300 Merge branch 'master' into 4299-querylog-stats-api commit 2f3e25bee56d2c6ddcf4aa2fc6a1dc51ed9b06e1 Author: Stanislav Chzhen <s.chzhen@adguard.com> Date: Wed Mar 1 12:25:14 2023 +0300 all: fix fmt commit d54022baa6c8a3d0d3c308a9b6b1a6a9dc6ac7b6 Author: Stanislav Chzhen <s.chzhen@adguard.com> Date: Tue Feb 28 16:16:40 2023 +0300 all: imp code; fix chlog commit df22de91f59a51194c55e7bcbe5bc3fcc60cb8e3 Merge: e1ea4797a772212dAuthor: Stanislav Chzhen <s.chzhen@adguard.com> Date: Mon Feb 27 17:24:09 2023 +0300 Merge branch 'master' into 4299-querylog-stats-api commit e1ea4797af974c36f06683ffc6eaaae917921a43 Merge: d7db0a5abb80a7c2Author: Stanislav Chzhen <s.chzhen@adguard.com> Date: Mon Feb 27 17:23:20 2023 +0300 Merge branch 'master' into 4299-querylog-stats-api commit d7db0a5af1e1f49f6174c1c42e6d9306f2381d16 Author: Stanislav Chzhen <s.chzhen@adguard.com> Date: Mon Feb 27 17:12:20 2023 +0300 all: imp docs ... and 15 more commits
370 lines
9.8 KiB
Go
370 lines
9.8 KiB
Go
package querylog
|
|
|
|
import (
|
|
"encoding/json"
|
|
"fmt"
|
|
"math"
|
|
"net"
|
|
"net/http"
|
|
"net/url"
|
|
"strconv"
|
|
"strings"
|
|
"time"
|
|
|
|
"github.com/AdguardTeam/AdGuardHome/internal/aghalg"
|
|
"github.com/AdguardTeam/AdGuardHome/internal/aghhttp"
|
|
"github.com/AdguardTeam/AdGuardHome/internal/aghnet"
|
|
"github.com/AdguardTeam/golibs/log"
|
|
"github.com/AdguardTeam/golibs/stringutil"
|
|
"github.com/AdguardTeam/golibs/timeutil"
|
|
"golang.org/x/exp/slices"
|
|
"golang.org/x/net/idna"
|
|
)
|
|
|
|
// configJSON is the JSON structure for the querylog configuration.
|
|
type configJSON struct {
|
|
// Interval is the querylog rotation interval. Use float64 here to support
|
|
// fractional numbers and not mess the API users by changing the units.
|
|
Interval float64 `json:"interval"`
|
|
|
|
// Enabled shows if the querylog is enabled. It is an aghalg.NullBool to
|
|
// be able to tell when it's set without using pointers.
|
|
Enabled aghalg.NullBool `json:"enabled"`
|
|
|
|
// AnonymizeClientIP shows if the clients' IP addresses must be anonymized.
|
|
// It is an [aghalg.NullBool] to be able to tell when it's set without using
|
|
// pointers.
|
|
AnonymizeClientIP aghalg.NullBool `json:"anonymize_client_ip"`
|
|
}
|
|
|
|
// getConfigResp is the JSON structure for the querylog configuration.
|
|
type getConfigResp struct {
|
|
// Ignored is the list of host names, which should not be written to log.
|
|
Ignored []string `json:"ignored"`
|
|
|
|
// Interval is the querylog rotation interval in milliseconds.
|
|
Interval float64 `json:"interval"`
|
|
|
|
// Enabled shows if the querylog is enabled. It is an aghalg.NullBool to
|
|
// be able to tell when it's set without using pointers.
|
|
Enabled aghalg.NullBool `json:"enabled"`
|
|
|
|
// AnonymizeClientIP shows if the clients' IP addresses must be anonymized.
|
|
// It is an aghalg.NullBool to be able to tell when it's set without using
|
|
// pointers.
|
|
//
|
|
// TODO(a.garipov): Consider using separate setting for statistics.
|
|
AnonymizeClientIP aghalg.NullBool `json:"anonymize_client_ip"`
|
|
}
|
|
|
|
// Register web handlers
|
|
func (l *queryLog) initWeb() {
|
|
l.conf.HTTPRegister(http.MethodGet, "/control/querylog", l.handleQueryLog)
|
|
l.conf.HTTPRegister(http.MethodGet, "/control/querylog_info", l.handleQueryLogInfo)
|
|
l.conf.HTTPRegister(http.MethodPost, "/control/querylog_clear", l.handleQueryLogClear)
|
|
l.conf.HTTPRegister(http.MethodPost, "/control/querylog_config", l.handleQueryLogConfig)
|
|
|
|
l.conf.HTTPRegister(http.MethodGet, "/control/querylog/config", l.handleGetQueryLogConfig)
|
|
l.conf.HTTPRegister(
|
|
http.MethodPut,
|
|
"/control/querylog/config/update",
|
|
l.handlePutQueryLogConfig,
|
|
)
|
|
}
|
|
|
|
func (l *queryLog) handleQueryLog(w http.ResponseWriter, r *http.Request) {
|
|
l.lock.Lock()
|
|
defer l.lock.Unlock()
|
|
|
|
params, err := l.parseSearchParams(r)
|
|
if err != nil {
|
|
aghhttp.Error(r, w, http.StatusBadRequest, "failed to parse params: %s", err)
|
|
|
|
return
|
|
}
|
|
|
|
entries, oldest := l.search(params)
|
|
data := l.entriesToJSON(entries, oldest)
|
|
|
|
_ = aghhttp.WriteJSONResponse(w, r, data)
|
|
}
|
|
|
|
func (l *queryLog) handleQueryLogClear(_ http.ResponseWriter, _ *http.Request) {
|
|
l.clear()
|
|
}
|
|
|
|
// handleQueryLogInfo handles requests to the GET /control/querylog_info
|
|
// endpoint.
|
|
//
|
|
// Deprecated: Remove it when migration to the new API is over.
|
|
func (l *queryLog) handleQueryLogInfo(w http.ResponseWriter, r *http.Request) {
|
|
l.lock.Lock()
|
|
defer l.lock.Unlock()
|
|
|
|
ivl := l.conf.RotationIvl
|
|
|
|
if !checkInterval(ivl) {
|
|
// NOTE: If interval is custom we set it to 90 days for compatibility
|
|
// with old API.
|
|
ivl = timeutil.Day * 90
|
|
}
|
|
|
|
_ = aghhttp.WriteJSONResponse(w, r, configJSON{
|
|
Enabled: aghalg.BoolToNullBool(l.conf.Enabled),
|
|
Interval: ivl.Hours() / 24,
|
|
AnonymizeClientIP: aghalg.BoolToNullBool(l.conf.AnonymizeClientIP),
|
|
})
|
|
}
|
|
|
|
// handleGetQueryLogConfig handles requests to the GET /control/querylog/config
|
|
// endpoint.
|
|
func (l *queryLog) handleGetQueryLogConfig(w http.ResponseWriter, r *http.Request) {
|
|
l.lock.Lock()
|
|
defer l.lock.Unlock()
|
|
|
|
ignored := l.conf.Ignored.Values()
|
|
slices.Sort(ignored)
|
|
_ = aghhttp.WriteJSONResponse(w, r, getConfigResp{
|
|
Ignored: ignored,
|
|
Interval: float64(l.conf.RotationIvl.Milliseconds()),
|
|
Enabled: aghalg.BoolToNullBool(l.conf.Enabled),
|
|
AnonymizeClientIP: aghalg.BoolToNullBool(l.conf.AnonymizeClientIP),
|
|
})
|
|
}
|
|
|
|
// AnonymizeIP masks ip to anonymize the client if the ip is a valid one.
|
|
func AnonymizeIP(ip net.IP) {
|
|
// zeroes is a slice of zero bytes from which the IP address tail is copied.
|
|
// Using constant string as source of copying is more efficient than byte
|
|
// slice, see https://github.com/golang/go/issues/49997.
|
|
const zeroes = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
|
|
|
|
if ip4 := ip.To4(); ip4 != nil {
|
|
copy(ip4[net.IPv4len-2:net.IPv4len], zeroes)
|
|
} else if len(ip) == net.IPv6len {
|
|
copy(ip[net.IPv6len-10:net.IPv6len], zeroes)
|
|
}
|
|
}
|
|
|
|
// handleQueryLogConfig handles the POST /control/querylog_config queries.
|
|
//
|
|
// Deprecated: Remove it when migration to the new API is over.
|
|
func (l *queryLog) handleQueryLogConfig(w http.ResponseWriter, r *http.Request) {
|
|
// Set NaN as initial value to be able to know if it changed later by
|
|
// comparing it to NaN.
|
|
newConf := &configJSON{
|
|
Interval: math.NaN(),
|
|
}
|
|
|
|
err := json.NewDecoder(r.Body).Decode(newConf)
|
|
if err != nil {
|
|
aghhttp.Error(r, w, http.StatusBadRequest, "%s", err)
|
|
|
|
return
|
|
}
|
|
|
|
ivl := time.Duration(float64(timeutil.Day) * newConf.Interval)
|
|
|
|
hasIvl := !math.IsNaN(newConf.Interval)
|
|
if hasIvl && !checkInterval(ivl) {
|
|
aghhttp.Error(r, w, http.StatusBadRequest, "unsupported interval")
|
|
|
|
return
|
|
}
|
|
|
|
defer l.conf.ConfigModified()
|
|
|
|
l.lock.Lock()
|
|
defer l.lock.Unlock()
|
|
|
|
conf := *l.conf
|
|
if newConf.Enabled != aghalg.NBNull {
|
|
conf.Enabled = newConf.Enabled == aghalg.NBTrue
|
|
}
|
|
|
|
if hasIvl {
|
|
conf.RotationIvl = ivl
|
|
}
|
|
|
|
if newConf.AnonymizeClientIP != aghalg.NBNull {
|
|
conf.AnonymizeClientIP = newConf.AnonymizeClientIP == aghalg.NBTrue
|
|
if conf.AnonymizeClientIP {
|
|
l.anonymizer.Store(AnonymizeIP)
|
|
} else {
|
|
l.anonymizer.Store(nil)
|
|
}
|
|
}
|
|
|
|
l.conf = &conf
|
|
}
|
|
|
|
// handlePutQueryLogConfig handles the PUT /control/querylog/config/update
|
|
// queries.
|
|
func (l *queryLog) handlePutQueryLogConfig(w http.ResponseWriter, r *http.Request) {
|
|
newConf := &getConfigResp{}
|
|
err := json.NewDecoder(r.Body).Decode(newConf)
|
|
if err != nil {
|
|
aghhttp.Error(r, w, http.StatusBadRequest, "%s", err)
|
|
|
|
return
|
|
}
|
|
|
|
set, err := aghnet.NewDomainNameSet(newConf.Ignored)
|
|
if err != nil {
|
|
aghhttp.Error(r, w, http.StatusUnprocessableEntity, "ignored: %s", err)
|
|
|
|
return
|
|
}
|
|
|
|
ivl := time.Duration(newConf.Interval) * time.Millisecond
|
|
err = validateIvl(ivl)
|
|
if err != nil {
|
|
aghhttp.Error(r, w, http.StatusUnprocessableEntity, "unsupported interval: %s", err)
|
|
|
|
return
|
|
}
|
|
|
|
if newConf.Enabled == aghalg.NBNull {
|
|
aghhttp.Error(r, w, http.StatusUnprocessableEntity, "enabled is null")
|
|
|
|
return
|
|
}
|
|
|
|
if newConf.AnonymizeClientIP == aghalg.NBNull {
|
|
aghhttp.Error(r, w, http.StatusUnprocessableEntity, "anonymize_client_ip is null")
|
|
|
|
return
|
|
}
|
|
|
|
defer l.conf.ConfigModified()
|
|
|
|
l.lock.Lock()
|
|
defer l.lock.Unlock()
|
|
|
|
conf := *l.conf
|
|
|
|
conf.Ignored = set
|
|
conf.RotationIvl = ivl
|
|
conf.Enabled = newConf.Enabled == aghalg.NBTrue
|
|
|
|
conf.AnonymizeClientIP = newConf.AnonymizeClientIP == aghalg.NBTrue
|
|
if conf.AnonymizeClientIP {
|
|
l.anonymizer.Store(AnonymizeIP)
|
|
} else {
|
|
l.anonymizer.Store(nil)
|
|
}
|
|
|
|
l.conf = &conf
|
|
}
|
|
|
|
// "value" -> value, return TRUE
|
|
func getDoubleQuotesEnclosedValue(s *string) bool {
|
|
t := *s
|
|
if len(t) >= 2 && t[0] == '"' && t[len(t)-1] == '"' {
|
|
*s = t[1 : len(t)-1]
|
|
return true
|
|
}
|
|
return false
|
|
}
|
|
|
|
// parseSearchCriterion parses a search criterion from the query parameter.
|
|
func (l *queryLog) parseSearchCriterion(q url.Values, name string, ct criterionType) (
|
|
ok bool,
|
|
sc searchCriterion,
|
|
err error,
|
|
) {
|
|
val := q.Get(name)
|
|
if val == "" {
|
|
return false, sc, nil
|
|
}
|
|
|
|
strict := getDoubleQuotesEnclosedValue(&val)
|
|
|
|
var asciiVal string
|
|
switch ct {
|
|
case ctTerm:
|
|
// Decode lowercased value from punycode to make EqualFold and
|
|
// friends work properly with IDNAs.
|
|
//
|
|
// TODO(e.burkov): Make it work with parts of IDNAs somehow.
|
|
loweredVal := strings.ToLower(val)
|
|
if asciiVal, err = idna.ToASCII(loweredVal); err != nil {
|
|
log.Debug("can't convert %q to ascii: %s", val, err)
|
|
} else if asciiVal == loweredVal {
|
|
// Purge asciiVal to prevent checking the same value
|
|
// twice.
|
|
asciiVal = ""
|
|
}
|
|
case ctFilteringStatus:
|
|
if !stringutil.InSlice(filteringStatusValues, val) {
|
|
return false, sc, fmt.Errorf("invalid value %s", val)
|
|
}
|
|
default:
|
|
return false, sc, fmt.Errorf(
|
|
"invalid criterion type %v: should be one of %v",
|
|
ct,
|
|
[]criterionType{ctTerm, ctFilteringStatus},
|
|
)
|
|
}
|
|
|
|
sc = searchCriterion{
|
|
criterionType: ct,
|
|
value: val,
|
|
asciiVal: asciiVal,
|
|
strict: strict,
|
|
}
|
|
|
|
return true, sc, nil
|
|
}
|
|
|
|
// parseSearchParams - parses "searchParams" from the HTTP request's query string
|
|
func (l *queryLog) parseSearchParams(r *http.Request) (p *searchParams, err error) {
|
|
p = newSearchParams()
|
|
|
|
q := r.URL.Query()
|
|
olderThan := q.Get("older_than")
|
|
if len(olderThan) != 0 {
|
|
p.olderThan, err = time.Parse(time.RFC3339Nano, olderThan)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
|
|
var limit64 int64
|
|
if limit64, err = strconv.ParseInt(q.Get("limit"), 10, 64); err == nil {
|
|
p.limit = int(limit64)
|
|
}
|
|
|
|
var offset64 int64
|
|
if offset64, err = strconv.ParseInt(q.Get("offset"), 10, 64); err == nil {
|
|
p.offset = int(offset64)
|
|
|
|
// If we don't use "olderThan" and use offset/limit instead, we should change the default behavior
|
|
// and scan all log records until we found enough log entries
|
|
p.maxFileScanEntries = 0
|
|
}
|
|
|
|
for _, v := range []struct {
|
|
urlField string
|
|
ct criterionType
|
|
}{{
|
|
urlField: "search",
|
|
ct: ctTerm,
|
|
}, {
|
|
urlField: "response_status",
|
|
ct: ctFilteringStatus,
|
|
}} {
|
|
var ok bool
|
|
var c searchCriterion
|
|
ok, c, err = l.parseSearchCriterion(q, v.urlField, v.ct)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if ok {
|
|
p.searchCriteria = append(p.searchCriteria, c)
|
|
}
|
|
}
|
|
|
|
return p, nil
|
|
}
|