Skip to content

Commit

Permalink
Merge remote-tracking branch 'origin/master' into 6352-safesearch-cname
Browse files Browse the repository at this point in the history
  • Loading branch information
Mizzick committed Dec 12, 2023
2 parents 2d2c174 + 79d7a1e commit 78d726e
Show file tree
Hide file tree
Showing 6 changed files with 370 additions and 20 deletions.
27 changes: 18 additions & 9 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -14,15 +14,25 @@ and this project adheres to
<!--
## [v0.108.0] - TBA
## [v0.107.43] - 2023-12-20 (APPROX.)
## [v0.107.44] - 2023-12-20 (APPROX.)
See also the [v0.107.43 GitHub milestone][ms-v0.107.43].
See also the [v0.107.44 GitHub milestone][ms-v0.107.44].
[ms-v0.107.43]: https://github.com/AdguardTeam/AdGuardHome/milestone/78?closed=1
[ms-v0.107.44]: https://github.com/AdguardTeam/AdGuardHome/milestone/79?closed=1
NOTE: Add new changes BELOW THIS COMMENT.
-->

<!--
NOTE: Add new changes ABOVE THIS COMMENT.
-->



## [v0.107.43] - 2023-12-11

See also the [v0.107.43 GitHub milestone][ms-v0.107.43].

### Fixed

- Omitted CNAME records in safe search results, which can cause YouTube to not
Expand All @@ -33,9 +43,7 @@ NOTE: Add new changes BELOW THIS COMMENT.
[#6352]: https://github.com/AdguardTeam/AdGuardHome/issues/6352
[#6510]: https://github.com/AdguardTeam/AdGuardHome/issues/6510

<!--
NOTE: Add new changes ABOVE THIS COMMENT.
-->
[ms-v0.107.43]: https://github.com/AdguardTeam/AdGuardHome/milestone/78?closed=1



Expand Down Expand Up @@ -2668,11 +2676,12 @@ See also the [v0.104.2 GitHub milestone][ms-v0.104.2].


<!--
[Unreleased]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.43...HEAD
[v0.107.43]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.42...v0.107.43
[Unreleased]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.44...HEAD
[v0.107.44]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.43...v0.107.44
-->

[Unreleased]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.42...HEAD
[Unreleased]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.43...HEAD
[v0.107.43]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.42...v0.107.43
[v0.107.42]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.41...v0.107.42
[v0.107.41]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.40...v0.107.41
[v0.107.40]: https://github.com/AdguardTeam/AdGuardHome/compare/v0.107.39...v0.107.40
Expand Down
3 changes: 1 addition & 2 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,7 @@ module github.com/AdguardTeam/AdGuardHome
go 1.20

require (
// TODO(a.garipov): Update to a tag when released.
github.com/AdguardTeam/dnsproxy v0.60.1-0.20231208162350-afd2d3e77dd2
github.com/AdguardTeam/dnsproxy v0.60.1
github.com/AdguardTeam/golibs v0.18.0
github.com/AdguardTeam/urlfilter v0.17.3
github.com/NYTimes/gziphandler v1.1.1
Expand Down
4 changes: 2 additions & 2 deletions go.sum
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
github.com/AdguardTeam/dnsproxy v0.60.1-0.20231208162350-afd2d3e77dd2 h1:7RiKfmX4G5tNvCUJkfrZhPDdPe8MiEPsLK3o+WHscRs=
github.com/AdguardTeam/dnsproxy v0.60.1-0.20231208162350-afd2d3e77dd2/go.mod h1:B7FvvTFQZBfey1cJXQo732EyCLX6xj4JqrciCawATzg=
github.com/AdguardTeam/dnsproxy v0.60.1 h1:YveGe7UZLaAiePkaV3orkc0IIfPX9vi/qQDIFdeO//A=
github.com/AdguardTeam/dnsproxy v0.60.1/go.mod h1:B7FvvTFQZBfey1cJXQo732EyCLX6xj4JqrciCawATzg=
github.com/AdguardTeam/golibs v0.18.0 h1:ckS2YK7t2Ub6UkXl0fnreVaM15Zb07Hh1gmFqttjpWg=
github.com/AdguardTeam/golibs v0.18.0/go.mod h1:DKhCIXHcUYtBhU8ibTLKh1paUL96n5zhQBlx763sj+U=
github.com/AdguardTeam/urlfilter v0.17.3 h1:fg/ObbnO0Cv6aw0tW6N/ETDMhhNvmcUUOZ7HlmKC3rw=
Expand Down
215 changes: 211 additions & 4 deletions internal/dhcpsvc/v4.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,10 @@ import (
"net/netip"
"time"

"github.com/AdguardTeam/golibs/log"
"github.com/AdguardTeam/golibs/netutil"
"github.com/google/gopacket/layers"
"golang.org/x/exp/slices"
)

// IPv4Config is the interface-specific configuration for DHCPv4.
Expand All @@ -26,7 +29,9 @@ type IPv4Config struct {
// RangeEnd is the last address in the range to assign to DHCP clients.
RangeEnd netip.Addr

// Options is the list of DHCP options to send to DHCP clients.
// Options is the list of DHCP options to send to DHCP clients. The options
// having a zero value within the Length field are treated as deletions of
// the corresponding options, either implicit or explicit.
Options layers.DHCPOptions

// LeaseDuration is the TTL of a DHCP lease.
Expand Down Expand Up @@ -73,7 +78,14 @@ type iface4 struct {
// name is the name of the interface.
name string

// TODO(e.burkov): Add options.
// implicitOpts are the options listed in Appendix A of RFC 2131 and
// initialized with default values. It must not have intersections with
// explicitOpts.
implicitOpts layers.DHCPOptions

// explicitOpts are the user-configured options. It must not have
// intersections with implicitOpts.
explicitOpts layers.DHCPOptions

// leaseTTL is the time-to-live of dynamic leases on this interface.
leaseTTL time.Duration
Expand Down Expand Up @@ -103,11 +115,206 @@ func newIface4(name string, conf *IPv4Config) (i *iface4, err error) {
return nil, fmt.Errorf("gateway ip %s in the ip range %s", conf.GatewayIP, addrSpace)
}

return &iface4{
i = &iface4{
name: name,
gateway: conf.GatewayIP,
subnet: subnet,
addrSpace: addrSpace,
leaseTTL: conf.LeaseDuration,
}, nil
}
i.implicitOpts, i.explicitOpts = conf.options()

return i, nil
}

// options returns the implicit and explicit options for the interface. The two
// lists are disjoint and the implicit options are initialized with default
// values.
//
// TODO(e.burkov): DRY with the IPv6 version.
func (conf *IPv4Config) options() (implicit, explicit layers.DHCPOptions) {
// Set default values of host configuration parameters listed in Appendix A
// of RFC-2131.
implicit = layers.DHCPOptions{
// Values From Configuration

layers.NewDHCPOption(layers.DHCPOptSubnetMask, conf.SubnetMask.AsSlice()),
layers.NewDHCPOption(layers.DHCPOptRouter, conf.GatewayIP.AsSlice()),

// IP-Layer Per Host

// An Internet host that includes embedded gateway code MUST have a
// configuration switch to disable the gateway function, and this switch
// MUST default to the non-gateway mode.
//
// See https://datatracker.ietf.org/doc/html/rfc1122#section-3.3.5.
layers.NewDHCPOption(layers.DHCPOptIPForwarding, []byte{0x0}),

// A host that supports non-local source-routing MUST have a
// configurable switch to disable forwarding, and this switch MUST
// default to disabled.
//
// See https://datatracker.ietf.org/doc/html/rfc1122#section-3.3.5.
layers.NewDHCPOption(layers.DHCPOptSourceRouting, []byte{0x0}),

// Do not set the Policy Filter Option since it only makes sense when
// the non-local source routing is enabled.

// The minimum legal value is 576.
//
// See https://datatracker.ietf.org/doc/html/rfc2132#section-4.4.
layers.NewDHCPOption(layers.DHCPOptDatagramMTU, []byte{0x2, 0x40}),

// Set the current recommended default time to live for the Internet
// Protocol which is 64.
//
// See https://www.iana.org/assignments/ip-parameters/ip-parameters.xhtml#ip-parameters-2.
layers.NewDHCPOption(layers.DHCPOptDefaultTTL, []byte{0x40}),

// For example, after the PTMU estimate is decreased, the timeout should
// be set to 10 minutes; once this timer expires and a larger MTU is
// attempted, the timeout can be set to a much smaller value.
//
// See https://datatracker.ietf.org/doc/html/rfc1191#section-6.6.
layers.NewDHCPOption(layers.DHCPOptPathMTUAgingTimeout, []byte{0x0, 0x0, 0x2, 0x58}),

// There is a table describing the MTU values representing all major
// data-link technologies in use in the Internet so that each set of
// similar MTUs is associated with a plateau value equal to the lowest
// MTU in the group.
//
// See https://datatracker.ietf.org/doc/html/rfc1191#section-7.
layers.NewDHCPOption(layers.DHCPOptPathPlateuTableOption, []byte{
0x0, 0x44,
0x1, 0x28,
0x1, 0xFC,
0x3, 0xEE,
0x5, 0xD4,
0x7, 0xD2,
0x11, 0x0,
0x1F, 0xE6,
0x45, 0xFA,
}),

// IP-Layer Per Interface

// Don't set the Interface MTU because client may choose the value on
// their own since it's listed in the [Host Requirements RFC]. It also
// seems the values listed there sometimes appear obsolete, see
// https://github.com/AdguardTeam/AdGuardHome/issues/5281.
//
// [Host Requirements RFC]: https://datatracker.ietf.org/doc/html/rfc1122#section-3.3.3.

// Set the All Subnets Are Local Option to false since commonly the
// connected hosts aren't expected to be multihomed.
//
// See https://datatracker.ietf.org/doc/html/rfc1122#section-3.3.3.
layers.NewDHCPOption(layers.DHCPOptAllSubsLocal, []byte{0x0}),

// Set the Perform Mask Discovery Option to false to provide the subnet
// mask by options only.
//
// See https://datatracker.ietf.org/doc/html/rfc1122#section-3.2.2.9.
layers.NewDHCPOption(layers.DHCPOptMaskDiscovery, []byte{0x0}),

// A system MUST NOT send an Address Mask Reply unless it is an
// authoritative agent for address masks. An authoritative agent may be
// a host or a gateway, but it MUST be explicitly configured as a
// address mask agent.
//
// See https://datatracker.ietf.org/doc/html/rfc1122#section-3.2.2.9.
layers.NewDHCPOption(layers.DHCPOptMaskSupplier, []byte{0x0}),

// Set the Perform Router Discovery Option to true as per Router
// Discovery Document.
//
// See https://datatracker.ietf.org/doc/html/rfc1256#section-5.1.
layers.NewDHCPOption(layers.DHCPOptRouterDiscovery, []byte{0x1}),

// The all-routers address is preferred wherever possible.
//
// See https://datatracker.ietf.org/doc/html/rfc1256#section-5.1.
layers.NewDHCPOption(layers.DHCPOptSolicitAddr, netutil.IPv4allrouter()),

// Don't set the Static Routes Option since it should be set up by
// system administrator.
//
// See https://datatracker.ietf.org/doc/html/rfc1122#section-3.3.1.2.

// A datagram with the destination address of limited broadcast will be
// received by every host on the connected physical network but will not
// be forwarded outside that network.
//
// See https://datatracker.ietf.org/doc/html/rfc1122#section-3.2.1.3.
layers.NewDHCPOption(layers.DHCPOptBroadcastAddr, netutil.IPv4bcast()),

// Link-Layer Per Interface

// If the system does not dynamically negotiate use of the trailer
// protocol on a per-destination basis, the default configuration MUST
// disable the protocol.
//
// See https://datatracker.ietf.org/doc/html/rfc1122#section-2.3.1.
layers.NewDHCPOption(layers.DHCPOptARPTrailers, []byte{0x0}),

// For proxy ARP situations, the timeout needs to be on the order of a
// minute.
//
// See https://datatracker.ietf.org/doc/html/rfc1122#section-2.3.2.1.
layers.NewDHCPOption(layers.DHCPOptARPTimeout, []byte{0x0, 0x0, 0x0, 0x3C}),

// An Internet host that implements sending both the RFC-894 and the
// RFC-1042 encapsulations MUST provide a configuration switch to select
// which is sent, and this switch MUST default to RFC-894.
//
// See https://datatracker.ietf.org/doc/html/rfc1122#section-2.3.3.
layers.NewDHCPOption(layers.DHCPOptEthernetEncap, []byte{0x0}),

// TCP Per Host

// A fixed value must be at least big enough for the Internet diameter,
// i.e., the longest possible path. A reasonable value is about twice
// the diameter, to allow for continued Internet growth.
//
// See https://datatracker.ietf.org/doc/html/rfc1122#section-3.2.1.7.
layers.NewDHCPOption(layers.DHCPOptTCPTTL, []byte{0x0, 0x0, 0x0, 0x3C}),

// The interval MUST be configurable and MUST default to no less than
// two hours.
//
// See https://datatracker.ietf.org/doc/html/rfc1122#section-4.2.3.6.
layers.NewDHCPOption(layers.DHCPOptTCPKeepAliveInt, []byte{0x0, 0x0, 0x1C, 0x20}),

// Unfortunately, some misbehaved TCP implementations fail to respond to
// a probe segment unless it contains data.
//
// See https://datatracker.ietf.org/doc/html/rfc1122#section-4.2.3.6.
layers.NewDHCPOption(layers.DHCPOptTCPKeepAliveGarbage, []byte{0x1}),
}
slices.SortFunc(implicit, compareV4OptionCodes)

// Set values for explicitly configured options.
for _, exp := range conf.Options {
i, found := slices.BinarySearchFunc(implicit, exp, compareV4OptionCodes)
if found {
implicit = slices.Delete(implicit, i, i+1)
}

i, found = slices.BinarySearchFunc(explicit, exp, compareV4OptionCodes)
if exp.Length > 0 {
explicit = slices.Insert(explicit, i, exp)
} else if found {
explicit = slices.Delete(explicit, i, i+1)
}
}

log.Debug("dhcpsvc: v4: implicit options: %s", implicit)
log.Debug("dhcpsvc: v4: explicit options: %s", explicit)

return implicit, explicit
}

// compareV4OptionCodes compares option codes of a and b.
func compareV4OptionCodes(a, b layers.DHCPOption) (res int) {
return int(a.Type) - int(b.Type)
}
Loading

0 comments on commit 78d726e

Please sign in to comment.