Commit Graph

179 Commits

Author SHA1 Message Date
Simon Zolin
dd7d9dc334 * move getDNSAddresses() and "/dns-query" handler to DNS module 2020-03-17 17:12:02 +03:00
Simon Zolin
1000aef1d2 + DNS, Web: Entware: use special directory with the system root certificates
+ use custom RootsCA for HTTPS client, for server cert verify
2020-03-16 15:15:38 +03:00
Simon Zolin
579177fc70 Merge: * DNS: use "unrestricted" Quad9 servers; - dnsfilter: fix hanging on error
Close #1451

Squashed commit of the following:

commit 91e5c98d7543b7c8872cc494818d66bb823ec7c0
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Thu Mar 5 13:09:01 2020 +0300

    fix

commit 4f80865e55f27206fa9cef1d72fb3652498da582
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Thu Mar 5 13:08:31 2020 +0300

    * fix race-detector issue

commit 5513c6c12c112c8f9325dbc8a8d09e58fe7611e0
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Thu Mar 5 13:01:46 2020 +0300

    - dnsfilter: fix hanging on error

commit c7b81286833a523349efb8ca972eba3540518944
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Thu Mar 5 12:42:19 2020 +0300

    * DNS: use "unrestricted" Quad9 servers
2020-03-05 13:12:21 +03:00
Simon Zolin
140d5553e7 * DNS rewrites: don't pass request to an upstream server if matched by Rewrite rule
For example, if there's an A rewrite rule, but no AAAA rule,
 the response to AAAA request must be empty.
2020-03-02 15:24:40 +03:00
Andrey Meshkov
d839136fee Merge: fix #822 - Whitelist filter rules
Squashed commit of the following:

commit 350c6d5fadd77145b801df8887284bf4d64fbd19
Author: Ildar Kamalov <i.kamalov@adguard.com>
Date:   Wed Feb 26 15:43:29 2020 +0300

    * client: update translations

commit a884dffcd59f2259e2eee2c1e5a3270819bf8962
Author: Ildar Kamalov <i.kamalov@adguard.com>
Date:   Mon Feb 17 17:32:10 2020 +0300

    + client: handle whitelist filters

commit a586ec5bc614ffb0e01584a1fbdc7292b4865e68
Author: ArtemBaskal <a.baskal@adguard.com>
Date:   Wed Jan 29 18:16:59 2020 +0300

    + client: add whitelist

commit a52c3de62cf2fa34be6394771fb8bb56b4ee81e3
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Thu Feb 20 17:50:44 2020 +0300

    * change /filtering/refresh

commit 7f8f2ecccb9f7fa65318c1717dc6a7bd61afccf4
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Thu Feb 20 16:17:07 2020 +0300

    * fix race-detector issue

commit ac4b64c4a52c5b364a4b154bf18dea0fdf45647f
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Mon Jan 20 20:08:21 2020 +0300

    + whitelist filters
2020-02-26 19:58:25 +03:00
Andrey Meshkov
6c18b71010 *(dnsforward): fix safe search returning nxdomain
 Closes: https://github.com/AdguardTeam/AdGuardHome/issues/1387
2020-02-05 14:30:43 +03:00
Simon Zolin
dcc575402b Merge: * clients: update runtime clients of type DHCP by event from DHCP module
Close #1378

Squashed commit of the following:

commit e45e2d0e2768fe0677eee43538d381b3eaba39ca
Merge: bea8f79d 5e9c21b0
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Wed Jan 29 20:08:20 2020 +0300

    Merge remote-tracking branch 'origin/master' into 1378-dhcp-clients

commit bea8f79dd6f8f3eae87649d853917b503df29616
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Wed Jan 29 20:08:06 2020 +0300

    minor

commit 6f1da9c6ea9db5bf80acf234ffe322a4cd2d8d92
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Wed Jan 29 19:31:08 2020 +0300

    fix

commit a88b46c1ded2b460ef7f0bfbcf1b80a066edf1c1
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Wed Jan 29 12:53:22 2020 +0300

    minor

commit d2897fe0a9b726fcd97a04906e3be3d21f6b42d7
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Tue Jan 28 19:55:10 2020 +0300

    * clients: update runtime clients of type DHCP by event from DHCP module

commit 3aa352ed2372141617d77363b2f2aeaf3a7e47a0
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Tue Jan 28 19:52:08 2020 +0300

    * minor

commit f5c2291e39df4d13b9baf9aa773284890494bb0a
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Tue Jan 28 19:08:23 2020 +0300

    * clients: remove old entries of source type /etc/hosts or ARP
2020-01-30 10:25:02 +03:00
Simon Zolin
bfd1f3b650 + DNS: TLS handshake: terminate handshake on bad SNI 2020-01-28 13:25:43 +03:00
Simon Zolin
3f7e2f7241 Merge: * dns: refactor
Squashed commit of the following:

commit e9469266cafa3df537b5a4d5e28ca51db8289a34
Merge: 17cf6d60 e7e946fa
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Tue Jan 21 13:04:30 2020 +0300

    Merge remote-tracking branch 'origin/master' into refactor

commit 17cf6d60d11602df3837316119ba8828f41a95df
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Mon Jan 20 15:25:43 2020 +0300

    minor

commit 7b79462ebbeb743a10417bd28ceb70262ff9fa5c
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Fri Jan 17 17:50:09 2020 +0300

    minor

commit d8b175c7eda36005c0277e7876f0f0a55a661b05
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Fri Jan 17 15:30:37 2020 +0300

    minor

commit 93370aa32aa560d42fc67c95fd13f027ddc01b94
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Fri Jan 17 14:28:14 2020 +0300

    * dns: refactor

    . introduce a local context object
    . move filtering, upstream logic, stats, querylog code to separate functions
2020-01-21 13:49:34 +03:00
Simon Zolin
07ebcc2bf3 * DNS: nxdomain: don't return IP address for a blocked domain
Don't return IP address for a blocked domain
 when blocking mode is "nxdomain".
2020-01-20 19:14:14 +03:00
Simon Zolin
6563886b49 Merge: - install: recover from error on DNS server start
Close #1293

Squashed commit of the following:

commit 0981754c5c2c67f2567ee4af0d9ab24377c53413
Merge: ef81f2c8 a6d75118
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Thu Jan 16 14:19:20 2020 +0300

    Merge remote-tracking branch 'origin/master' into 1293-install

commit ef81f2c886f3bfcff4e4352d7ecea6642be7d8e1
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Mon Dec 30 18:32:11 2019 +0300

    linter

commit 9e205be53d9de25bd2ad63398644e14b09f95238
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Mon Dec 30 17:22:17 2019 +0300

    - install: recover from error on DNS server start

    Close all modules properly
    Don't register HTTP handlers twice
2020-01-16 14:25:40 +03:00
Simon Zolin
7ac5760509 + dns: add "aaaa_disabled" setting 2020-01-14 14:50:20 +03:00
Simon Zolin
3b9d758510 * refactor 2020-01-10 19:08:07 +03:00
Simon Zolin
0ef8e5cdae * dnsforward: get per-client settings only once
+ dnsforward: add 'ProtectionEnabled = false' test
2020-01-10 19:08:05 +03:00
Simon Zolin
8d2a9ce923 * dnsfilter: change DNS answer for host rules
When matched by a host rule, return only the IP address specified in rule.
Respond with an empty IP list to another request type.

:: host -- return nothing to A, return :: to AAAA request
0.0.0.0 host -- return 0.0.0.0 to A, return nothing to AAAA request
2020-01-09 19:31:14 +03:00
Andrey Meshkov
cdd55139fa *(dnsforward): cache upstream instances
 Closes: https://github.com/AdguardTeam/AdGuardHome/issues/1296
2019-12-23 19:31:27 +03:00
Andrey Meshkov
b4f4111609 -(dnsfilter): match DNS response against filtering rules only
Supposedly, this will fix #1290
2019-12-23 15:59:49 +03:00
Andrey Meshkov
5077f1a2b3 -(dnsforward): fix client settings for CNAME matching
 Closes: https://github.com/AdguardTeam/AdGuardHome/issues/1274
2019-12-23 13:36:59 +03:00
Simon Zolin
d65cdd4544 - DNS: configuration settings were not applied until full restart 2019-12-19 14:49:15 +03:00
Simon Zolin
4540a4e94a - DNS: set RecursionAvailable flag in response message 2019-12-19 11:52:21 +03:00
Simon Zolin
8521635f63 - DNS: fix slow response to /status and /access/list requests 2019-12-17 13:09:03 +03:00
Simon Zolin
04de9d0f7b Merge: - DNS: "custom_ip" blocking mode didn't work after app restart
Close #1262

Squashed commit of the following:

commit bacd683ef5b52e275323a3c07b370ca08702403e
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Mon Dec 16 17:00:49 2019 +0300

    fix

commit 3d4f9626460de3e13a621f2b8e535e9e0939e2bb
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Mon Dec 16 16:54:23 2019 +0300

    fix

commit bf924bf90e9b705883bec88f8d7af11c39c1f322
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Mon Dec 16 16:45:41 2019 +0300

    add test

commit 43338ea3645a025d69dd838bc732344255960bed
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Mon Dec 16 16:07:51 2019 +0300

    - DNS: "custom_ip" blocking mode didn't work after app restart

commit 220f32e713a95d2c67355c61e419dd09df9d42b2
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Mon Dec 16 15:46:01 2019 +0300

    - first run: fix panic on stop in case initialization didn't complete

    e.g. when Stats module can't be initialized because of incompatible file system
2019-12-16 17:04:30 +03:00
Simon Zolin
6a2430b799 Merge: - clients: IPv6 address matching didn't work
Close #1261

Squashed commit of the following:

commit acc39ea6c0d88cb9d2b07837e89db2c170263891
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Mon Dec 16 12:29:33 2019 +0300

    minor

commit 0d2ef3d53185d5ca17797e2ac20f0efc1498a53c
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Mon Dec 16 12:13:17 2019 +0300

    add link to GH

commit 0da754b1751057968780b457a2f490f4148275a8
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Mon Dec 16 11:53:42 2019 +0300

    - clients: IPv6 address matching didn't work
2019-12-16 12:36:52 +03:00
Simon Zolin
b00a789ca3 Revert "Merge: + DNS: TLS handshake: terminate handshake on bad SNI"
This reverts commit c8c76ae12b.
2019-12-13 17:38:17 +03:00
Simon Zolin
c8c76ae12b Merge: + DNS: TLS handshake: terminate handshake on bad SNI
Close #1014

Squashed commit of the following:

commit 759248efc0587ff2f288996c47739e602c557a76
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Thu Dec 12 19:26:46 2019 +0300

    support empty ServerName

commit 68afecd5eca5ae66262b12dcb414b50efe88dc02
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Wed Dec 11 14:40:22 2019 +0300

    + DNS: TLS handshake: terminate handshake on bad SNI
2019-12-13 13:06:37 +03:00
Simon Zolin
ef57f7e192 - DNS: fix race in WriteDiskConfig() 2019-12-12 15:04:29 +03:00
Simon Zolin
000e842f7b - DNS: fix deadlock in Server.ServeHTTP()
s.RLock() is called again in filterResponse() while another thread
 holds s.Lock()
2019-12-12 15:00:10 +03:00
Simon Zolin
c9ccc53282 Merge: * set BlockingMode: "null_ip" by default; minor improvements
Squashed commit of the following:

commit 653544b98dc4d1b9a74e1509d0e6104b71bcdcb3
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Wed Dec 11 17:34:41 2019 +0300

    * DNS reconfigure: protect against delayed socket fd close

commit 9e650f37dee7f771bf1d9d714c35f0a81788aa16
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Wed Dec 11 15:28:33 2019 +0300

    - fix race on startup

commit 878fdb8fc4ebbc6fab683a65f5e4298e64c2073e
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Wed Dec 11 15:11:21 2019 +0300

    * travis: don't run tests

commit 1c4ab60684ee22d55e6d2a3350c0f24d9844255c
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Wed Dec 11 14:56:28 2019 +0300

    * travis: 'release.sh' and then run tests

commit e1f644b8d9a1f3b46990cdfb1b75fd81b3a49d33
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Wed Dec 11 14:52:59 2019 +0300

    * set BlockingMode: "null_ip" by default
2019-12-11 17:54:34 +03:00
Simon Zolin
0a66913b4d Merge: * use upstream servers directly for the internal DNS resolver
Close #1212

* Server.Start(config *ServerConfig) -> Start()
+ Server.Prepare(config *ServerConfig)
+ Server.Resolve(host string)
+ Server.Exchange()
* rDNS: use internal DNS resolver
- clients: fix race in WriteDiskConfig()
- fix race: move 'clients' object from 'configuration' to 'HomeContext'
    Go race detector didn't like our 'clients' object in 'configuration'.
+ add AGH startup test
    . Create a configuration file
    . Start AGH instance
    . Check Web server
    . Check DNS server
    . Wait until the filters are downloaded
    . Stop and cleanup
* move module objects from config.* to Context.*
* don't call log.SetLevel() if not necessary
    This helps to avoid Go race detector's warning
* ci.sh: 'make' and then run tests

Squashed commit of the following:

commit 86500c7f749307f37af4cc8c2a1066f679d0cfad
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Tue Dec 10 18:08:53 2019 +0300

    minor

commit 6e6abb9dca3cd250c458bec23aa30d2250a9eb40
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Tue Dec 10 18:08:31 2019 +0300

    * ci.sh: 'make' and then run tests

commit 114192eefea6800e565ba9ab238202c006516c27
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Tue Dec 10 17:50:04 2019 +0300

    fix

commit d426deea7f02cdfd4c7217a38c59e51251956a0f
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Tue Dec 10 17:46:33 2019 +0300

    tests

commit 7b350edf03027895b4e43dee908d0155a9b0ac9b
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Tue Dec 10 15:56:12 2019 +0300

    fix test

commit 2f5f116873bbbfdd4bb7f82a596f9e1f5c2bcfd8
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Tue Dec 10 15:48:56 2019 +0300

    fix tests

commit 3fbdc77f9c34726e2295185279444983652d559e
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Tue Dec 10 15:45:00 2019 +0300

    linter

commit 9da0b6965a2b6863bcd552fa83a4de2866600bb8
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Tue Dec 10 15:33:23 2019 +0300

    * config.dnsctx.whois -> Context.whois

commit c71ebdbdf6efd88c877b2f243c69d3bc00a997d7
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Tue Dec 10 15:31:08 2019 +0300

    * don't call log.SetLevel() if not necessary

    This helps to avoid Go race detector's warning

commit 0f250220133cefdcb0843a50000cb932802b8324
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Tue Dec 10 15:28:19 2019 +0300

    * rdns: refactor

commit c460d8c9414940dac852e390b6c1b4d4fb38dff9
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Tue Dec 10 14:08:08 2019 +0300

    Revert: * stats: serialize access to 'limit'

    Use 'conf *Config' and update it atomically, as in querylog module.
    (Note: Race detector still doesn't like it)

commit 488bcb884971276de0d5629384b29e22c59ee7e6
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Tue Dec 10 13:50:23 2019 +0300

    * config.dnsFilter -> Context.dnsFilter

commit 86c0a6827a450414b50acec7ebfc5220d13b81e4
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Tue Dec 10 13:45:05 2019 +0300

    * config.dnsServer -> Context.dnsServer

commit ee35ef095ccaabc89e3de0ef52c9b5ed56b36873
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Tue Dec 10 13:42:10 2019 +0300

    * config.dhcpServer -> Context.dhcpServer

commit 1537001cd211099d5fad01696c0b806ae5d257b1
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Tue Dec 10 13:39:45 2019 +0300

    * config.queryLog -> Context.queryLog

commit e5955fe4ff1ef6f41763461b37b502ea25a3d04c
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Tue Dec 10 13:03:18 2019 +0300

    * config.httpsServer -> Context.httpsServer

commit 6153c10a9ac173e159d1f05e0db1512579b9203c
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Mon Dec 9 20:12:24 2019 +0300

    * config.httpServer -> Context.httpServer

commit abd021fb94039015cd45c97614e8b78d4694f956
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Mon Dec 9 20:08:05 2019 +0300

    * stats: serialize access to 'limit'

commit 38c2decfd87c712100edcabe62a6d4518719cb53
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Mon Dec 9 19:57:04 2019 +0300

    * config.stats -> Context.stats

commit 6caf8965ad44db9dce9a7a5103aa8fa305ad9a06
Author: Simon Zolin <s.zolin@adguard.com>
Date:   Mon Dec 9 19:45:23 2019 +0300

    fix Restart()

... and 6 more commits
2019-12-11 12:38:58 +03:00
Simon Zolin
19a94bf789 + dns: add "edns_client_subnet" setting 2019-12-10 16:01:17 +03:00
Simon Zolin
87bb773d3e * DNS: remove /enable_protection and /disable_protection 2019-12-10 16:01:17 +03:00
Simon Zolin
1b3122dd35 * /control/set_upstreams_config: allow empty upstream list 2019-12-10 16:01:17 +03:00
Simon Zolin
4f4da3397c + dns: support blocking_mode=custom_ip 2019-12-10 16:01:16 +03:00
Simon Zolin
26ccee47b5 + DNS: Get/Set DNS general settings
GET /control/dns_info
POST /control/dns_config
2019-12-10 16:01:16 +03:00
Simon Zolin
7313c3bc53 + use per-client DNS servers 2019-12-05 13:16:41 +03:00
Simon Zolin
e7727e9f63 + dnsforward: match CNAME with filtering rules
+ GET /control/querylog: add "cname_match" field

* querylog: Add() now receives an object with parameters
2019-12-03 17:01:26 +03:00
Simon Zolin
d6d0d53761 * DNS: use Quad9 as default server 2019-12-02 15:40:54 +03:00
Simon Zolin
f579c23bc9 * minor fixes 2019-12-02 15:25:11 +03:00
Simon Zolin
9b8cccdfcf * dnsforward: refactor code for default DNS servers logic 2019-12-02 14:58:17 +03:00
Simon Zolin
8bf75b54a4 * update tests 2019-12-02 14:58:17 +03:00
Simon Zolin
19a1c03d3b * dnsforward: move access settings and web handlers 2019-12-02 14:58:17 +03:00
Simon Zolin
7bb32eae3d + dnsforward: refactor
+ dnsforward: own HTTP handlers
* dnsforward: no DNS reload on ProtectionEnabled setting change
* dnsforward: move QueryLog* settings out
* dnsforward: move dnsfilter settings out
* clients,i18n: no DNS reload on settings change
2019-12-02 14:58:17 +03:00
Simon Zolin
0cd6781a9a * QueryLog.Add() now receives net.IP, not net.Addr 2019-11-19 15:09:53 +03:00
Simon Zolin
090f549833 - dns rewrites: CNAME record didn't work 2019-11-07 15:27:39 +03:00
Simon Zolin
3b443bc9c8 * dns: enable DNS message compression 2019-10-23 20:02:42 +03:00
Simon Zolin
b7b32e2f01 - windows: dns: fix reconfigure procedure 2019-10-21 15:58:14 +03:00
Simon Zolin
a59e346d4a * dnsfilter: major refactoring
* dnsfilter is controlled by package home, not dnsforward
* move HTTP handlers to dnsfilter/
* apply filtering settings without DNS server restart
* use only 1 goroutine for filters update
* apply new filters quickly (after they are ready to be used)
2019-10-09 20:05:21 +03:00
Simon Zolin
90db91b0fd * querylog: refactor: move HTTP handlers to querylog/ 2019-10-09 19:38:58 +03:00
Simon Zolin
bbb5413331 * stats: refactor: move HTTP handlers to stats/
DNS module passes additional parameters to Stats module.
This allows Stats to handle HTTP requests by itself - completely removing
 all stats-related code from outside.
2019-09-26 16:52:28 +03:00
Simon Zolin
75b864f25e * dnsforward: create dnsfilter asynchronously 2019-09-23 20:00:11 +03:00