Merge branch 'master' into 1383-client-id

heyxkhoa · Jan 27, 2021 · 71c9593 · 71c9593
2 parents 9104f16 + 3e9edd9
commit 71c9593
Show file tree

Hide file tree

Showing 3 changed files with 120 additions and 1 deletion.
diff --git a/.github/ISSUE_TEMPLATE/Bug_report.md b/.github/ISSUE_TEMPLATE/Bug_report.md
@@ -21,6 +21,8 @@ Please answer the following questions for yourself before submitting an issue. *
 
 * **Version of AdGuard Home server:**
   * <!-- (e.g. v1.0) -->
+* **How did you install AdGuard Home:**
+  * <!-- (e.g. Snapcraft, Docker, Github releases) -->
 * **How did you setup DNS configuration:**
   * <!-- (System/Router/IoT) -->
 * **If it's a router or IoT, please write device model:**

diff --git a/internal/dnsfilter/safebrowsing.go b/internal/dnsfilter/safebrowsing.go
@@ -200,7 +200,6 @@ func (c *sbCtx) processTXT(resp *dns.Msg) (bool, [][]byte) {
 		log.Debug("%s: received hashes for %s: %v", c.svc, c.host, txt.Txt)
 
 		for _, t := range txt.Txt {
-
 			if len(t) != 32*2 {
 				continue
 			}

diff --git a/internal/dnsfilter/safebrowsing_test.go b/internal/dnsfilter/safebrowsing_test.go
@@ -2,6 +2,7 @@ package dnsfilter
 
 import (
 	"crypto/sha256"
+	"encoding/hex"
 	"strings"
 	"testing"
 
@@ -134,3 +135,120 @@ func TestSBPC_checkErrorUpstream(t *testing.T) {
 	_, err = d.checkParental("smthng.com")
 	assert.NotNil(t, err)
 }
+
+// testSbUpstream implements upstream.Upstream interface for replacing real
+// upstream in tests.
+type testSbUpstream struct {
+	hostname      string
+	block         bool
+	requestsCount int
+}
+
+// Exchange returns a message depending on the upstream settings (hostname, block)
+func (u *testSbUpstream) Exchange(r *dns.Msg) (*dns.Msg, error) {
+	u.requestsCount++
+
+	hash := sha256.Sum256([]byte(u.hostname))
+	prefix := hash[0:2]
+	hashToReturn := hex.EncodeToString(prefix) + strings.Repeat("ab", 28)
+	if u.block {
+		hashToReturn = hex.EncodeToString(hash[:])
+	}
+
+	m := &dns.Msg{}
+	m.Answer = []dns.RR{
+		&dns.TXT{
+			Hdr: dns.RR_Header{
+				Name: r.Question[0].Name,
+			},
+			Txt: []string{
+				hashToReturn,
+			},
+		},
+	}
+
+	return m, nil
+}
+
+func (u *testSbUpstream) Address() string {
+	return ""
+}
+
+func TestSBPC_sbValidResponse(t *testing.T) {
+	d := NewForTest(&Config{SafeBrowsingEnabled: true}, nil)
+	defer d.Close()
+
+	ups := &testSbUpstream{}
+	d.safeBrowsingUpstream = ups
+	d.parentalUpstream = ups
+
+	// Prepare the upstream
+	ups.hostname = "example.org"
+	ups.block = false
+	ups.requestsCount = 0
+
+	// First - check that the request is not blocked
+	res, err := d.checkSafeBrowsing("example.org")
+	assert.Nil(t, err)
+	assert.False(t, res.IsFiltered)
+
+	// Check the cache state, check that the response is now cached
+	assert.Equal(t, 1, gctx.safebrowsingCache.Stats().Count)
+	assert.Equal(t, 0, gctx.safebrowsingCache.Stats().Hit)
+
+	// There was one request to an upstream
+	assert.Equal(t, 1, ups.requestsCount)
+
+	// Now make the same request to check that the cache was used
+	res, err = d.checkSafeBrowsing("example.org")
+	assert.Nil(t, err)
+	assert.False(t, res.IsFiltered)
+
+	// Check the cache state, it should've been used
+	assert.Equal(t, 1, gctx.safebrowsingCache.Stats().Count)
+	assert.Equal(t, 1, gctx.safebrowsingCache.Stats().Hit)
+
+	// Check that there were no additional requests
+	assert.Equal(t, 1, ups.requestsCount)
+}
+
+func TestSBPC_pcBlockedResponse(t *testing.T) {
+	d := NewForTest(&Config{SafeBrowsingEnabled: true}, nil)
+	defer d.Close()
+
+	ups := &testSbUpstream{}
+	d.safeBrowsingUpstream = ups
+	d.parentalUpstream = ups
+
+	// Prepare the upstream
+	// Make sure that the upstream will return a response that matches the queried domain
+	ups.hostname = "example.com"
+	ups.block = true
+	ups.requestsCount = 0
+
+	// Make a lookup
+	res, err := d.checkParental("example.com")
+	assert.Nil(t, err)
+	assert.True(t, res.IsFiltered)
+	assert.Len(t, res.Rules, 1)
+
+	// Check the cache state, check that the response is now cached
+	assert.Equal(t, 1, gctx.parentalCache.Stats().Count)
+	assert.Equal(t, 1, gctx.parentalCache.Stats().Hit)
+
+	// There was one request to an upstream
+	assert.Equal(t, 1, ups.requestsCount)
+
+	// Make a second lookup for the same domain
+	res, err = d.checkParental("example.com")
+	assert.Nil(t, err)
+	assert.True(t, res.IsFiltered)
+	assert.Len(t, res.Rules, 1)
+
+	// Check the cache state, it should've been used
+	assert.Equal(t, 1, gctx.parentalCache.Stats().Count)
+	assert.Equal(t, 2, gctx.parentalCache.Stats().Hit)
+
+	// Check that there were no additional requests
+	assert.Equal(t, 1, ups.requestsCount)
+}