Pull request: Pull request: 4884 Update golibs

Merge in DNS/adguard-home from 4884-upd-golibs to master

Updates #4884.

Squashed commit of the following:

commit 4d076021c2e500a75d0b3662643c0c26fd53f6c3
Merge: d780ad00 91dee098
Author: Eugene Burkov <E.Burkov@AdGuard.COM>
Date:   Tue Feb 21 16:47:08 2023 +0300

    Merge branch 'master' into 4884-upd-golibs

commit d780ad008b8925a1f499d70f827b79be597c60b5
Author: Eugene Burkov <E.Burkov@AdGuard.COM>
Date:   Tue Feb 21 14:17:11 2023 +0300

    dnsforward: imp tests

commit ff9963da35d0220af461cdec66a38134f85ec956
Author: Eugene Burkov <E.Burkov@AdGuard.COM>
Date:   Tue Feb 21 13:50:05 2023 +0300

    all: log changes

commit 5703f7a52a364c2d075ed2d862a38587c2650cae
Author: Eugene Burkov <E.Burkov@AdGuard.COM>
Date:   Tue Feb 21 13:36:43 2023 +0300

    all: upd golibs and fix breaking changes
This commit is contained in:
Eugene Burkov 2023-02-21 16:52:33 +03:00
parent 91dee0986b
commit 20531de760
15 changed files with 34 additions and 22 deletions

View File

@ -25,12 +25,17 @@ NOTE: Add new changes BELOW THIS COMMENT.
### Fixed ### Fixed
- Requirements to domain names in domain-specific upstream configurations have
been relaxed to meet those from [RFC 3696][rfc3696] ([#4884]).
- Panic when using unencrypted DNS-over-HTTPS ([#5518]). - Panic when using unencrypted DNS-over-HTTPS ([#5518]).
- Failing service installation via script on FreeBSD ([#5431]). - Failing service installation via script on FreeBSD ([#5431]).
[#4884]: https://github.com/AdguardTeam/AdGuardHome/issues/4884
[#5518]: https://github.com/AdguardTeam/AdGuardHome/issues/5518 [#5518]: https://github.com/AdguardTeam/AdGuardHome/issues/5518
[#5431]: https://github.com/AdguardTeam/AdGuardHome/issues/5431 [#5431]: https://github.com/AdguardTeam/AdGuardHome/issues/5431
[rfc3696]: https://datatracker.ietf.org/doc/html/rfc3696
<!-- <!--
NOTE: Add new changes ABOVE THIS COMMENT. NOTE: Add new changes ABOVE THIS COMMENT.
--> -->

4
go.mod
View File

@ -4,8 +4,8 @@ go 1.19
require ( require (
// TODO(a.garipov): Use v0.48.0 when it's released. // TODO(a.garipov): Use v0.48.0 when it's released.
github.com/AdguardTeam/dnsproxy v0.47.1-0.20230207130636-533058b17239 github.com/AdguardTeam/dnsproxy v0.48.0
github.com/AdguardTeam/golibs v0.11.4 github.com/AdguardTeam/golibs v0.12.0
github.com/AdguardTeam/urlfilter v0.16.1 github.com/AdguardTeam/urlfilter v0.16.1
github.com/NYTimes/gziphandler v1.1.1 github.com/NYTimes/gziphandler v1.1.1
github.com/ameshkov/dnscrypt/v2 v2.2.5 github.com/ameshkov/dnscrypt/v2 v2.2.5

8
go.sum
View File

@ -1,9 +1,9 @@
github.com/AdguardTeam/dnsproxy v0.47.1-0.20230207130636-533058b17239 h1:n1oOiywOvdeqWLto809bK1rK1EPDkpaSfT/r1OiCVaQ= github.com/AdguardTeam/dnsproxy v0.48.0 h1:sGViYy2pV0cEp2zCsxPjFd9rlgD0+yELpIeLkBxHAoI=
github.com/AdguardTeam/dnsproxy v0.47.1-0.20230207130636-533058b17239/go.mod h1:+Sdi5ISrjDFbeCsKNqzcC1Ag7pJ5Hh9y+UBNb3dfqJ4= github.com/AdguardTeam/dnsproxy v0.48.0/go.mod h1:9OHoeaVod+moWwrLjHF95RQnFWGi/6B1tfKsxWc/yGE=
github.com/AdguardTeam/golibs v0.4.0/go.mod h1:skKsDKIBB7kkFflLJBpfGX+G8QFTx0WKUzB6TIgtUj4= github.com/AdguardTeam/golibs v0.4.0/go.mod h1:skKsDKIBB7kkFflLJBpfGX+G8QFTx0WKUzB6TIgtUj4=
github.com/AdguardTeam/golibs v0.10.4/go.mod h1:rSfQRGHIdgfxriDDNgNJ7HmE5zRoURq8R+VdR81Zuzw= github.com/AdguardTeam/golibs v0.10.4/go.mod h1:rSfQRGHIdgfxriDDNgNJ7HmE5zRoURq8R+VdR81Zuzw=
github.com/AdguardTeam/golibs v0.11.4 h1:IltyvxwCTN+xxJF5sh6VadF8Zfbf8elgCm9dgijSVzM= github.com/AdguardTeam/golibs v0.12.0 h1:z4Q3Mz0pHJ2Zag4B0RBaIXEUue1TPOKkbRiYkwC4r7I=
github.com/AdguardTeam/golibs v0.11.4/go.mod h1:87bN2x4VsTritptE3XZg9l8T6gznWsIxHBcQ1DeRIXA= github.com/AdguardTeam/golibs v0.12.0/go.mod h1:87bN2x4VsTritptE3XZg9l8T6gznWsIxHBcQ1DeRIXA=
github.com/AdguardTeam/gomitmproxy v0.2.0/go.mod h1:Qdv0Mktnzer5zpdpi5rAwixNJzW2FN91LjKJCkVbYGU= github.com/AdguardTeam/gomitmproxy v0.2.0/go.mod h1:Qdv0Mktnzer5zpdpi5rAwixNJzW2FN91LjKJCkVbYGU=
github.com/AdguardTeam/urlfilter v0.16.1 h1:ZPi0rjqo8cQf2FVdzo6cqumNoHZx2KPXj2yZa1A5BBw= github.com/AdguardTeam/urlfilter v0.16.1 h1:ZPi0rjqo8cQf2FVdzo6cqumNoHZx2KPXj2yZa1A5BBw=
github.com/AdguardTeam/urlfilter v0.16.1/go.mod h1:46YZDOV1+qtdRDuhZKVPSSp7JWWes0KayqHrKAFBdEI= github.com/AdguardTeam/urlfilter v0.16.1/go.mod h1:46YZDOV1+qtdRDuhZKVPSSp7JWWes0KayqHrKAFBdEI=

View File

@ -67,7 +67,7 @@ func parseArpA(sc *bufio.Scanner, lenHint int) (ns []Neighbor) {
} }
host := fields[0] host := fields[0]
err = netutil.ValidateDomainName(host) err = netutil.ValidateHostname(host)
if err != nil { if err != nil {
log.Debug("arpdb: parsing arp output: host: %s", err) log.Debug("arpdb: parsing arp output: host: %s", err)
} else { } else {

View File

@ -198,7 +198,7 @@ func parseArpA(sc *bufio.Scanner, lenHint int) (ns []Neighbor) {
} }
host := fields[0] host := fields[0]
if verr := netutil.ValidateDomainName(host); verr != nil { if verr := netutil.ValidateHostname(host); verr != nil {
log.Debug("arpdb: parsing arp output: host: %s", verr) log.Debug("arpdb: parsing arp output: host: %s", verr)
} else { } else {
n.Name = host n.Name = host

View File

@ -343,7 +343,7 @@ func (hp *hostsParser) parseLine(line string) (ip netip.Addr, hosts []string) {
// See https://github.com/AdguardTeam/AdGuardHome/issues/3946. // See https://github.com/AdguardTeam/AdGuardHome/issues/3946.
// //
// TODO(e.burkov): Investigate if hosts may contain DNS-SD domains. // TODO(e.burkov): Investigate if hosts may contain DNS-SD domains.
err = netutil.ValidateDomainName(f) err = netutil.ValidateHostname(f)
if err != nil { if err != nil {
log.Error("%s: host %q is invalid, ignoring", hostsContainerPref, f) log.Error("%s: host %q is invalid, ignoring", hostsContainerPref, f)

View File

@ -108,7 +108,7 @@ func (s *v4Server) validHostnameForClient(cliHostname string, ip net.IP) (hostna
hostname = aghnet.GenerateHostname(ip) hostname = aghnet.GenerateHostname(ip)
} }
err = netutil.ValidateDomainName(hostname) err = netutil.ValidateHostname(hostname)
if err != nil { if err != nil {
log.Info("dhcpv4: %s", err) log.Info("dhcpv4: %s", err)
hostname = "" hostname = ""
@ -372,7 +372,7 @@ func (s *v4Server) AddStaticLease(l *Lease) (err error) {
return err return err
} }
err = netutil.ValidateDomainName(hostname) err = netutil.ValidateHostname(hostname)
if err != nil { if err != nil {
return fmt.Errorf("validating hostname: %w", err) return fmt.Errorf("validating hostname: %w", err)
} }

View File

@ -251,8 +251,8 @@ func TestV4Server_AddRemove_static(t *testing.T) {
}, },
name: "bad_hostname", name: "bad_hostname",
wantErrMsg: `dhcpv4: adding static lease: validating hostname: ` + wantErrMsg: `dhcpv4: adding static lease: validating hostname: ` +
`bad domain name "bad-lbl-.local": ` + `bad hostname "bad-lbl-.local": ` +
`bad domain name label "bad-lbl-": bad domain name label rune '-'`, `bad hostname label "bad-lbl-": bad hostname label rune '-'`,
}} }}
for _, tc := range testCases { for _, tc := range testCases {

View File

@ -14,7 +14,7 @@ import (
// ValidateClientID returns an error if id is not a valid ClientID. // ValidateClientID returns an error if id is not a valid ClientID.
func ValidateClientID(id string) (err error) { func ValidateClientID(id string) (err error) {
err = netutil.ValidateDomainNameLabel(id) err = netutil.ValidateHostnameLabel(id)
if err != nil { if err != nil {
// Replace the domain name label wrapper with our own. // Replace the domain name label wrapper with our own.
return fmt.Errorf("invalid clientid %q: %w", id, errors.Unwrap(err)) return fmt.Errorf("invalid clientid %q: %w", id, errors.Unwrap(err))

View File

@ -119,7 +119,7 @@ func TestServer_clientIDFromDNSContext(t *testing.T) {
cliSrvName: "!!!.example.com", cliSrvName: "!!!.example.com",
wantClientID: "", wantClientID: "",
wantErrMsg: `clientid check: invalid clientid "!!!": ` + wantErrMsg: `clientid check: invalid clientid "!!!": ` +
`bad domain name label rune '!'`, `bad hostname label rune '!'`,
inclHTTPTLS: false, inclHTTPTLS: false,
strictSNI: true, strictSNI: true,
}, { }, {
@ -131,7 +131,7 @@ func TestServer_clientIDFromDNSContext(t *testing.T) {
wantClientID: "", wantClientID: "",
wantErrMsg: `clientid check: invalid clientid "abcdefghijklmno` + wantErrMsg: `clientid check: invalid clientid "abcdefghijklmno` +
`pqrstuvwxyz0123456789abcdefghijklmnopqrstuvwxyz0123456789": ` + `pqrstuvwxyz0123456789abcdefghijklmnopqrstuvwxyz0123456789": ` +
`domain name label is too long: got 72, max 63`, `hostname label is too long: got 72, max 63`,
inclHTTPTLS: false, inclHTTPTLS: false,
strictSNI: true, strictSNI: true,
}, { }, {
@ -330,7 +330,7 @@ func TestClientIDFromDNSContextHTTPS(t *testing.T) {
path: "/dns-query/!!!", path: "/dns-query/!!!",
cliSrvName: "example.com", cliSrvName: "example.com",
wantClientID: "", wantClientID: "",
wantErrMsg: `clientid check: invalid clientid "!!!": bad domain name label rune '!'`, wantErrMsg: `clientid check: invalid clientid "!!!": bad hostname label rune '!'`,
}, { }, {
name: "both_ids", name: "both_ids",
path: "/dns-query/right", path: "/dns-query/right",

View File

@ -540,7 +540,8 @@ func matchesDomainWildcard(host, pat string) (ok bool) {
// anyNameMatches returns true if sni, the client's SNI value, matches any of // anyNameMatches returns true if sni, the client's SNI value, matches any of
// the DNS names and patterns from certificate. dnsNames must be sorted. // the DNS names and patterns from certificate. dnsNames must be sorted.
func anyNameMatches(dnsNames []string, sni string) (ok bool) { func anyNameMatches(dnsNames []string, sni string) (ok bool) {
if netutil.ValidateDomainName(sni) != nil { // Check sni is either a valid hostname or a valid IP address.
if netutil.ValidateHostname(sni) != nil && net.ParseIP(sni) == nil {
return false return false
} }

View File

@ -31,6 +31,10 @@ func TestAnyNameMatches(t *testing.T) {
name: "match", name: "match",
dnsName: "1.2.3.4", dnsName: "1.2.3.4",
want: true, want: true,
}, {
name: "mismatch_bad_ip",
dnsName: "1.2.3.256",
want: false,
}, { }, {
name: "mismatch", name: "mismatch",
dnsName: "host2", dnsName: "host2",

View File

@ -230,7 +230,7 @@ func (s *Server) onDHCPLeaseChanged(flags int) {
for _, l := range ll { for _, l := range ll {
// TODO(a.garipov): Remove this after we're finished with the client // TODO(a.garipov): Remove this after we're finished with the client
// hostname validations in the DHCP server code. // hostname validations in the DHCP server code.
err := netutil.ValidateDomainName(l.Hostname) err := netutil.ValidateHostname(l.Hostname)
if err != nil { if err != nil {
log.Debug("dnsforward: skipping invalid hostname %q from dhcp: %s", l.Hostname, err) log.Debug("dnsforward: skipping invalid hostname %q from dhcp: %s", l.Hostname, err)
@ -468,7 +468,7 @@ func (s *Server) processRestrictLocal(dctx *dnsContext) (rc resultCode) {
return resultCodeError return resultCodeError
} }
log.Debug("dnsforward: request is for a service domain") log.Debug("dnsforward: request is not for arpa domain")
return resultCodeSuccess return resultCodeSuccess
} }

View File

@ -1171,7 +1171,8 @@ func TestNewServer(t *testing.T) {
LocalDomain: "!!!", LocalDomain: "!!!",
}, },
wantErrMsg: `local domain: bad domain name "!!!": ` + wantErrMsg: `local domain: bad domain name "!!!": ` +
`bad domain name label "!!!": bad domain name label rune '!'`, `bad top-level domain name label "!!!": ` +
`bad top-level domain name label rune '!'`,
}} }}
for _, tc := range testCases { for _, tc := range testCases {

View File

@ -337,7 +337,8 @@ func TestValidateUpstreams(t *testing.T) {
}, { }, {
name: "bad_domain", name: "bad_domain",
wantErr: `bad upstream for domain "[/!/]8.8.8.8": domain at index 0: ` + wantErr: `bad upstream for domain "[/!/]8.8.8.8": domain at index 0: ` +
`bad domain name "!": bad domain name label "!": bad domain name label rune '!'`, `bad domain name "!": bad top-level domain name label "!": ` +
`bad top-level domain name label rune '!'`,
set: []string{"[/!/]8.8.8.8"}, set: []string{"[/!/]8.8.8.8"},
}} }}