mirror of
https://github.com/AdguardTeam/AdGuardHome.git
synced 2024-12-15 19:31:45 +03:00
fc9ddcf941
Merge in DNS/adguard-home from 1383-client-id to master Updates #1383. Squashed commit of the following: commit ebe2678bfa9bf651a2cb1e64499b38edcf19a7ad Author: Ildar Kamalov <ik@adguard.com> Date: Wed Jan 27 17:51:59 2021 +0300 - client: check if IP is valid commit 0c330585a170ea149ee75e43dfa65211e057299c Author: Ildar Kamalov <ik@adguard.com> Date: Wed Jan 27 17:07:50 2021 +0300 - client: find clients by client_id commit 71c9593ee35d996846f061e114b7867c3aa3c978 Merge: 9104f1613e9edd9e
Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Wed Jan 27 16:09:45 2021 +0300 Merge branch 'master' into 1383-client-id commit 9104f1615d2d462606c52017df25a422df872cea Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Wed Jan 27 13:28:50 2021 +0300 dnsforward: imp tests commit ed47f26e611ade625a2cc2c2f71a291b796bbf8f Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Wed Jan 27 12:39:52 2021 +0300 dnsforward: fix address commit 98b222ba69a5d265f620c180c960d01c84a1fb3b Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Tue Jan 26 19:50:31 2021 +0300 home: imp code commit 4f3966548a2d8437d0b68207dd108dd1a6cb7d20 Merge: 199fdc05c215b820
Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Tue Jan 26 19:45:13 2021 +0300 Merge branch 'master' into 1383-client-id commit 199fdc056f8a8be5500584f3aaee32865188aedc Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Tue Jan 26 19:20:37 2021 +0300 all: imp tests, logging, etc commit 35ff14f4d534251aecb2ea60baba225f3eed8a3e Author: Ildar Kamalov <ik@adguard.com> Date: Tue Jan 26 18:55:19 2021 +0300 + client: remove block button from clients with client_id commit 32991a0b4c56583a02fb5e00bba95d96000bce20 Author: Ildar Kamalov <ik@adguard.com> Date: Tue Jan 26 18:54:25 2021 +0300 + client: add requests count for client_id commit 2d68df4d2eac4a296d7469923e601dad4575c1a1 Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Tue Jan 26 15:49:50 2021 +0300 stats: handle client ids commit 4e14ab3590328f93a8cd6e9cbe1665baf74f220b Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Tue Jan 26 13:45:25 2021 +0300 openapi: fix example commit ca9cf3f744fe197cace2c28ddc5bc68f71dad1f3 Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Tue Jan 26 13:37:10 2021 +0300 openapi: improve clients find api docs commit f79876e550c424558b704bc316a4cd04f25db011 Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Tue Jan 26 13:18:52 2021 +0300 home: accept ids in clients find commit 5b72595122aa0bd64debadfd753ed8a0e0840629 Merge: 607e241fabf8f65f
Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Mon Jan 25 18:34:56 2021 +0300 Merge branch 'master' into 1383-client-id commit 607e241f1c339dd6397218f70b8301e3de6a1ee0 Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Mon Jan 25 18:30:39 2021 +0300 dnsforward: fix quic commit f046352fef93e46234c2bbe8ae316d21034260e5 Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Mon Jan 25 16:53:09 2021 +0300 all: remove wildcard requirement commit 3b679489bae82c54177372be453fe184d8f0bab6 Author: Andrey Meshkov <am@adguard.com> Date: Mon Jan 25 16:02:28 2021 +0300 workDir now supports symlinks commit 0647ab4f113de2223f6949df001f42ecab05c995 Author: Ildar Kamalov <ik@adguard.com> Date: Mon Jan 25 14:59:46 2021 +0300 - client: remove wildcard from domain validation commit b1aec04a4ecadc9d65648ed6d284188fecce01c3 Author: Ildar Kamalov <ik@adguard.com> Date: Mon Jan 25 14:55:39 2021 +0300 + client: add form to download mobileconfig ... and 12 more commits
304 lines
7.7 KiB
Go
304 lines
7.7 KiB
Go
package home
|
|
|
|
import (
|
|
"encoding/json"
|
|
"fmt"
|
|
"net"
|
|
"net/http"
|
|
)
|
|
|
|
type clientJSON struct {
|
|
IDs []string `json:"ids"`
|
|
Tags []string `json:"tags"`
|
|
Name string `json:"name"`
|
|
UseGlobalSettings bool `json:"use_global_settings"`
|
|
FilteringEnabled bool `json:"filtering_enabled"`
|
|
ParentalEnabled bool `json:"parental_enabled"`
|
|
SafeSearchEnabled bool `json:"safesearch_enabled"`
|
|
SafeBrowsingEnabled bool `json:"safebrowsing_enabled"`
|
|
|
|
UseGlobalBlockedServices bool `json:"use_global_blocked_services"`
|
|
BlockedServices []string `json:"blocked_services"`
|
|
|
|
Upstreams []string `json:"upstreams"`
|
|
|
|
WhoisInfo map[string]string `json:"whois_info"`
|
|
|
|
// Disallowed - if true -- client's IP is not disallowed
|
|
// Otherwise, it is blocked.
|
|
Disallowed bool `json:"disallowed"`
|
|
|
|
// DisallowedRule - the rule due to which the client is disallowed
|
|
// If Disallowed is true, and this string is empty - it means that the client IP
|
|
// is disallowed by the "allowed IP list", i.e. it is not included in allowed.
|
|
DisallowedRule string `json:"disallowed_rule"`
|
|
}
|
|
|
|
type clientHostJSON struct {
|
|
IP string `json:"ip"`
|
|
Name string `json:"name"`
|
|
Source string `json:"source"`
|
|
|
|
WhoisInfo map[string]string `json:"whois_info"`
|
|
}
|
|
|
|
type clientListJSON struct {
|
|
Clients []clientJSON `json:"clients"`
|
|
AutoClients []clientHostJSON `json:"auto_clients"`
|
|
Tags []string `json:"supported_tags"`
|
|
}
|
|
|
|
// respond with information about configured clients
|
|
func (clients *clientsContainer) handleGetClients(w http.ResponseWriter, _ *http.Request) {
|
|
data := clientListJSON{}
|
|
|
|
clients.lock.Lock()
|
|
for _, c := range clients.list {
|
|
cj := clientToJSON(c)
|
|
data.Clients = append(data.Clients, cj)
|
|
}
|
|
for ip, ch := range clients.ipHost {
|
|
cj := clientHostJSON{
|
|
IP: ip,
|
|
Name: ch.Host,
|
|
}
|
|
|
|
cj.Source = "etc/hosts"
|
|
switch ch.Source {
|
|
case ClientSourceDHCP:
|
|
cj.Source = "DHCP"
|
|
case ClientSourceRDNS:
|
|
cj.Source = "rDNS"
|
|
case ClientSourceARP:
|
|
cj.Source = "ARP"
|
|
case ClientSourceWHOIS:
|
|
cj.Source = "WHOIS"
|
|
}
|
|
|
|
cj.WhoisInfo = map[string]string{}
|
|
for _, wi := range ch.WhoisInfo {
|
|
cj.WhoisInfo[wi[0]] = wi[1]
|
|
}
|
|
|
|
data.AutoClients = append(data.AutoClients, cj)
|
|
}
|
|
clients.lock.Unlock()
|
|
|
|
data.Tags = clientTags
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
e := json.NewEncoder(w).Encode(data)
|
|
if e != nil {
|
|
httpError(w, http.StatusInternalServerError, "Failed to encode to json: %v", e)
|
|
return
|
|
}
|
|
}
|
|
|
|
// Convert JSON object to Client object
|
|
func jsonToClient(cj clientJSON) (c *Client) {
|
|
return &Client{
|
|
Name: cj.Name,
|
|
IDs: cj.IDs,
|
|
Tags: cj.Tags,
|
|
UseOwnSettings: !cj.UseGlobalSettings,
|
|
FilteringEnabled: cj.FilteringEnabled,
|
|
ParentalEnabled: cj.ParentalEnabled,
|
|
SafeSearchEnabled: cj.SafeSearchEnabled,
|
|
SafeBrowsingEnabled: cj.SafeBrowsingEnabled,
|
|
|
|
UseOwnBlockedServices: !cj.UseGlobalBlockedServices,
|
|
BlockedServices: cj.BlockedServices,
|
|
|
|
Upstreams: cj.Upstreams,
|
|
}
|
|
}
|
|
|
|
// Convert Client object to JSON
|
|
func clientToJSON(c *Client) clientJSON {
|
|
cj := clientJSON{
|
|
Name: c.Name,
|
|
IDs: c.IDs,
|
|
Tags: c.Tags,
|
|
UseGlobalSettings: !c.UseOwnSettings,
|
|
FilteringEnabled: c.FilteringEnabled,
|
|
ParentalEnabled: c.ParentalEnabled,
|
|
SafeSearchEnabled: c.SafeSearchEnabled,
|
|
SafeBrowsingEnabled: c.SafeBrowsingEnabled,
|
|
|
|
UseGlobalBlockedServices: !c.UseOwnBlockedServices,
|
|
BlockedServices: c.BlockedServices,
|
|
|
|
Upstreams: c.Upstreams,
|
|
}
|
|
return cj
|
|
}
|
|
|
|
// Convert ClientHost object to JSON
|
|
func clientHostToJSON(ip string, ch ClientHost) clientJSON {
|
|
cj := clientJSON{
|
|
Name: ch.Host,
|
|
IDs: []string{ip},
|
|
}
|
|
|
|
cj.WhoisInfo = map[string]string{}
|
|
for _, wi := range ch.WhoisInfo {
|
|
cj.WhoisInfo[wi[0]] = wi[1]
|
|
}
|
|
return cj
|
|
}
|
|
|
|
// Add a new client
|
|
func (clients *clientsContainer) handleAddClient(w http.ResponseWriter, r *http.Request) {
|
|
cj := clientJSON{}
|
|
err := json.NewDecoder(r.Body).Decode(&cj)
|
|
if err != nil {
|
|
httpError(w, http.StatusBadRequest, "failed to process request body: %s", err)
|
|
|
|
return
|
|
}
|
|
|
|
c := jsonToClient(cj)
|
|
ok, err := clients.Add(c)
|
|
if err != nil {
|
|
httpError(w, http.StatusBadRequest, "%s", err)
|
|
return
|
|
}
|
|
if !ok {
|
|
httpError(w, http.StatusBadRequest, "Client already exists")
|
|
return
|
|
}
|
|
|
|
onConfigModified()
|
|
}
|
|
|
|
// Remove client
|
|
func (clients *clientsContainer) handleDelClient(w http.ResponseWriter, r *http.Request) {
|
|
cj := clientJSON{}
|
|
err := json.NewDecoder(r.Body).Decode(&cj)
|
|
if err != nil {
|
|
httpError(w, http.StatusBadRequest, "failed to process request body: %s", err)
|
|
|
|
return
|
|
}
|
|
|
|
if len(cj.Name) == 0 {
|
|
httpError(w, http.StatusBadRequest, "client's name must be non-empty")
|
|
|
|
return
|
|
}
|
|
|
|
if !clients.Del(cj.Name) {
|
|
httpError(w, http.StatusBadRequest, "Client not found")
|
|
return
|
|
}
|
|
|
|
onConfigModified()
|
|
}
|
|
|
|
type updateJSON struct {
|
|
Name string `json:"name"`
|
|
Data clientJSON `json:"data"`
|
|
}
|
|
|
|
// Update client's properties
|
|
func (clients *clientsContainer) handleUpdateClient(w http.ResponseWriter, r *http.Request) {
|
|
dj := updateJSON{}
|
|
err := json.NewDecoder(r.Body).Decode(&dj)
|
|
if err != nil {
|
|
httpError(w, http.StatusBadRequest, "failed to process request body: %s", err)
|
|
|
|
return
|
|
}
|
|
|
|
if len(dj.Name) == 0 {
|
|
httpError(w, http.StatusBadRequest, "Invalid request")
|
|
return
|
|
}
|
|
|
|
c := jsonToClient(dj.Data)
|
|
err = clients.Update(dj.Name, c)
|
|
if err != nil {
|
|
httpError(w, http.StatusBadRequest, "%s", err)
|
|
return
|
|
}
|
|
|
|
onConfigModified()
|
|
}
|
|
|
|
// Get the list of clients by IP address list
|
|
func (clients *clientsContainer) handleFindClient(w http.ResponseWriter, r *http.Request) {
|
|
q := r.URL.Query()
|
|
data := []map[string]clientJSON{}
|
|
for i := 0; i < len(q); i++ {
|
|
idStr := q.Get(fmt.Sprintf("ip%d", i))
|
|
if idStr == "" {
|
|
break
|
|
}
|
|
|
|
ip := net.ParseIP(idStr)
|
|
c, ok := clients.Find(idStr)
|
|
var cj clientJSON
|
|
if !ok {
|
|
var found bool
|
|
cj, found = clients.findTemporary(ip, idStr)
|
|
if !found {
|
|
continue
|
|
}
|
|
} else {
|
|
cj = clientToJSON(c)
|
|
cj.Disallowed, cj.DisallowedRule = clients.dnsServer.IsBlockedIP(ip)
|
|
}
|
|
|
|
data = append(data, map[string]clientJSON{
|
|
idStr: cj,
|
|
})
|
|
}
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
err := json.NewEncoder(w).Encode(data)
|
|
if err != nil {
|
|
httpError(w, http.StatusInternalServerError, "Couldn't write response: %s", err)
|
|
}
|
|
}
|
|
|
|
// findTemporary looks up the IP in temporary storages, like autohosts or
|
|
// blocklists.
|
|
func (clients *clientsContainer) findTemporary(ip net.IP, idStr string) (cj clientJSON, found bool) {
|
|
ch, ok := clients.FindAutoClient(idStr)
|
|
if !ok && ip != nil {
|
|
// It is still possible that the IP used to be in the runtime
|
|
// clients list, but then the server was reloaded. So, check
|
|
// the DNS server's blocked IP list.
|
|
//
|
|
// See https://github.com/AdguardTeam/AdGuardHome/issues/2428.
|
|
disallowed, rule := clients.dnsServer.IsBlockedIP(ip)
|
|
if rule == "" {
|
|
return clientJSON{}, false
|
|
}
|
|
|
|
cj = clientJSON{
|
|
IDs: []string{idStr},
|
|
Disallowed: disallowed,
|
|
DisallowedRule: rule,
|
|
}
|
|
|
|
return cj, true
|
|
}
|
|
|
|
cj = clientHostToJSON(idStr, ch)
|
|
if ip != nil {
|
|
cj.Disallowed, cj.DisallowedRule = clients.dnsServer.IsBlockedIP(ip)
|
|
}
|
|
|
|
return cj, true
|
|
}
|
|
|
|
// RegisterClientsHandlers registers HTTP handlers
|
|
func (clients *clientsContainer) registerWebHandlers() {
|
|
httpRegister("GET", "/control/clients", clients.handleGetClients)
|
|
httpRegister("POST", "/control/clients/add", clients.handleAddClient)
|
|
httpRegister("POST", "/control/clients/delete", clients.handleDelClient)
|
|
httpRegister("POST", "/control/clients/update", clients.handleUpdateClient)
|
|
httpRegister("GET", "/control/clients/find", clients.handleFindClient)
|
|
}
|