diff --git a/CHANGELOG.md b/CHANGELOG.md index 856035800dc..582c4cb35a3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -23,12 +23,6 @@ See also the [v0.107.26 GitHub milestone][ms-v0.107.26]. NOTE: Add new changes BELOW THIS COMMENT. --> -### Added - -- The ability to set custom IP for EDNS Client Subnet by using the new - `dns.edns_client_subnet.use_custom` and `dns.edns_client_subnet.custom_ip` - fields ([#1472]). The UI changes are coming in the upcoming releases. - ### Changed #### Configuration Changes @@ -60,15 +54,28 @@ In this release, the schema version has changed from 16 to 17. `dns.edns_client_subnet.custom_ip`, and change the `schema_version` back to `16`. +### Added + +- The ability to set custom IP for EDNS Client Subnet by using the new + `dns.edns_client_subnet.use_custom` and `dns.edns_client_subnet.custom_ip` + fields ([#1472]). The UI changes are coming in the upcoming releases. +- The ability to use `dnstype` rules in the disallowed domains list ([#5468]). + This allows dropping requests based on their question types. + ### Fixed +- Automatic update on MIPS64 and little-endian 32-bit MIPS architectures + ([#5270], [#5373]). - Requirements to domain names in domain-specific upstream configurations have been relaxed to meet those from [RFC 3696][rfc3696] ([#4884]). - Failing service installation via script on FreeBSD ([#5431]). [#1472]: https://github.com/AdguardTeam/AdGuardHome/issues/1472 [#4884]: https://github.com/AdguardTeam/AdGuardHome/issues/4884 +[#5270]: https://github.com/AdguardTeam/AdGuardHome/issues/5270 +[#5373]: https://github.com/AdguardTeam/AdGuardHome/issues/5373 [#5431]: https://github.com/AdguardTeam/AdGuardHome/issues/5431 +[#5468]: https://github.com/AdguardTeam/AdGuardHome/issues/5468 [rfc3696]: https://datatracker.ietf.org/doc/html/rfc3696 diff --git a/internal/dnsforward/access.go b/internal/dnsforward/access.go index 6d45a6d5ac5..12f5f3c70e3 100644 --- a/internal/dnsforward/access.go +++ b/internal/dnsforward/access.go @@ -13,6 +13,7 @@ import ( "github.com/AdguardTeam/golibs/stringutil" "github.com/AdguardTeam/urlfilter" "github.com/AdguardTeam/urlfilter/filterlist" + "github.com/AdguardTeam/urlfilter/rules" ) // unit is a convenient alias for struct{} @@ -127,8 +128,12 @@ func (a *accessManager) isBlockedClientID(id string) (ok bool) { } // isBlockedHost returns true if host should be blocked. -func (a *accessManager) isBlockedHost(host string) (ok bool) { - _, ok = a.blockedHostsEng.Match(strings.ToLower(host)) +func (a *accessManager) isBlockedHost(host string, qt rules.RRType) (ok bool) { + _, ok = a.blockedHostsEng.MatchRequest(&urlfilter.DNSRequest{ + Hostname: host, + ClientIP: "0.0.0.0", + DNSType: qt, + }) return ok } diff --git a/internal/dnsforward/access_test.go b/internal/dnsforward/access_test.go index 7889cdad5f5..d5d7da26ca4 100644 --- a/internal/dnsforward/access_test.go +++ b/internal/dnsforward/access_test.go @@ -4,6 +4,8 @@ import ( "net/netip" "testing" + "github.com/AdguardTeam/urlfilter/rules" + "github.com/miekg/dns" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" ) @@ -28,54 +30,75 @@ func TestIsBlockedHost(t *testing.T) { "host1", "*.host.com", "||host3.com^", + "||*^$dnstype=HTTPS", }) require.NoError(t, err) testCases := []struct { + want assert.BoolAssertionFunc name string host string - want bool + qt rules.RRType }{{ + want: assert.True, name: "plain_match", host: "host1", - want: true, + qt: dns.TypeA, }, { + want: assert.False, name: "plain_mismatch", host: "host2", - want: false, + qt: dns.TypeA, }, { + want: assert.True, name: "subdomain_match_short", host: "asdf.host.com", - want: true, + qt: dns.TypeA, }, { + want: assert.True, name: "subdomain_match_long", host: "qwer.asdf.host.com", - want: true, + qt: dns.TypeA, }, { + want: assert.False, name: "subdomain_mismatch_no_lead", host: "host.com", - want: false, + qt: dns.TypeA, }, { + want: assert.False, name: "subdomain_mismatch_bad_asterisk", host: "asdf.zhost.com", - want: false, + qt: dns.TypeA, }, { + want: assert.True, name: "rule_match_simple", host: "host3.com", - want: true, + qt: dns.TypeA, }, { + want: assert.True, name: "rule_match_complex", host: "asdf.host3.com", - want: true, + qt: dns.TypeA, }, { + want: assert.False, name: "rule_mismatch", host: ".host3.com", - want: false, + qt: dns.TypeA, + }, { + want: assert.True, + name: "by_qtype", + host: "site-with-https-record.example", + qt: dns.TypeHTTPS, + }, { + want: assert.False, + name: "by_qtype_other", + host: "site-with-https-record.example", + qt: dns.TypeA, }} for _, tc := range testCases { t.Run(tc.name, func(t *testing.T) { - assert.Equal(t, tc.want, a.isBlockedHost(tc.host)) + tc.want(t, a.isBlockedHost(tc.host, tc.qt)) }) } } @@ -93,29 +116,29 @@ func TestIsBlockedIP(t *testing.T) { require.NoError(t, err) testCases := []struct { + ip netip.Addr name string wantRule string - ip netip.Addr wantBlocked bool }{{ + ip: netip.MustParseAddr("1.2.3.4"), name: "match_ip", wantRule: "1.2.3.4", - ip: netip.MustParseAddr("1.2.3.4"), wantBlocked: true, }, { + ip: netip.MustParseAddr("5.6.7.100"), name: "match_cidr", wantRule: "5.6.7.8/24", - ip: netip.MustParseAddr("5.6.7.100"), wantBlocked: true, }, { + ip: netip.MustParseAddr("9.2.3.4"), name: "no_match_ip", wantRule: "", - ip: netip.MustParseAddr("9.2.3.4"), wantBlocked: false, }, { + ip: netip.MustParseAddr("9.6.7.100"), name: "no_match_cidr", wantRule: "", - ip: netip.MustParseAddr("9.6.7.100"), wantBlocked: false, }} diff --git a/internal/dnsforward/filter.go b/internal/dnsforward/filter.go index f36fd52a5e2..6ee4e0f3741 100644 --- a/internal/dnsforward/filter.go +++ b/internal/dnsforward/filter.go @@ -31,9 +31,11 @@ func (s *Server) beforeRequestHandler( } if len(pctx.Req.Question) == 1 { - host := strings.TrimSuffix(pctx.Req.Question[0].Name, ".") - if s.access.isBlockedHost(host) { - log.Debug("host %s is in access blocklist", host) + q := pctx.Req.Question[0] + qt := q.Qtype + host := strings.TrimSuffix(q.Name, ".") + if s.access.isBlockedHost(host, qt) { + log.Debug("request %s %s is in access blocklist", dns.Type(qt), host) return s.preBlockedResponse(pctx) } diff --git a/internal/home/controlupdate.go b/internal/home/controlupdate.go index 5718bfaa003..1cea1d14464 100644 --- a/internal/home/controlupdate.go +++ b/internal/home/controlupdate.go @@ -98,7 +98,7 @@ func requestVersionInfo(resp *versionResponse, recheck bool) (err error) { if err != nil { vcu := Context.updater.VersionCheckURL() - return fmt.Errorf("getting version info from %s: %s", vcu, err) + return fmt.Errorf("getting version info from %s: %w", vcu, err) } return nil diff --git a/internal/querylog/decode.go b/internal/querylog/decode.go index b4cfd7e5a89..8cb2a164fce 100644 --- a/internal/querylog/decode.go +++ b/internal/querylog/decode.go @@ -247,55 +247,20 @@ var resultHandlers = map[string]logEntryHandler{ } func decodeResultRuleKey(key string, i int, dec *json.Decoder, ent *logEntry) { + var vToken json.Token switch key { case "FilterListID": - vToken, err := dec.Token() - if err != nil { - if err != io.EOF { - log.Debug("decodeResultRuleKey %s err: %s", key, err) - } - - return - } - - if len(ent.Result.Rules) < i+1 { - ent.Result.Rules = append(ent.Result.Rules, &filtering.ResultRule{}) - } - + ent.Result.Rules, vToken = decodeVTokenAndAddRule(key, i, dec, ent.Result.Rules) if n, ok := vToken.(json.Number); ok { ent.Result.Rules[i].FilterListID, _ = n.Int64() } case "IP": - vToken, err := dec.Token() - if err != nil { - if err != io.EOF { - log.Debug("decodeResultRuleKey %s err: %s", key, err) - } - - return - } - - if len(ent.Result.Rules) < i+1 { - ent.Result.Rules = append(ent.Result.Rules, &filtering.ResultRule{}) - } - + ent.Result.Rules, vToken = decodeVTokenAndAddRule(key, i, dec, ent.Result.Rules) if ipStr, ok := vToken.(string); ok { ent.Result.Rules[i].IP = net.ParseIP(ipStr) } case "Text": - vToken, err := dec.Token() - if err != nil { - if err != io.EOF { - log.Debug("decodeResultRuleKey %s err: %s", key, err) - } - - return - } - - if len(ent.Result.Rules) < i+1 { - ent.Result.Rules = append(ent.Result.Rules, &filtering.ResultRule{}) - } - + ent.Result.Rules, vToken = decodeVTokenAndAddRule(key, i, dec, ent.Result.Rules) if s, ok := vToken.(string); ok { ent.Result.Rules[i].Text = s } @@ -304,6 +269,30 @@ func decodeResultRuleKey(key string, i int, dec *json.Decoder, ent *logEntry) { } } +func decodeVTokenAndAddRule( + key string, + i int, + dec *json.Decoder, + rules []*filtering.ResultRule, +) (newRules []*filtering.ResultRule, vToken json.Token) { + newRules = rules + + vToken, err := dec.Token() + if err != nil { + if err != io.EOF { + log.Debug("decodeResultRuleKey %s err: %s", key, err) + } + + return newRules, nil + } + + if len(rules) < i+1 { + newRules = append(newRules, &filtering.ResultRule{}) + } + + return newRules, vToken +} + func decodeResultRules(dec *json.Decoder, ent *logEntry) { for { delimToken, err := dec.Token() diff --git a/internal/querylog/http.go b/internal/querylog/http.go index e8fbbc3059b..1d983d351e0 100644 --- a/internal/querylog/http.go +++ b/internal/querylog/http.go @@ -54,10 +54,7 @@ func (l *queryLog) handleQueryLog(w http.ResponseWriter, r *http.Request) { return } - // search for the log entries entries, oldest := l.search(params) - - // convert log entries to JSON data := l.entriesToJSON(entries, oldest) _ = aghhttp.WriteJSONResponse(w, r, data) diff --git a/internal/querylog/json.go b/internal/querylog/json.go index f570d40fb00..33fc997afdf 100644 --- a/internal/querylog/json.go +++ b/internal/querylog/json.go @@ -1,7 +1,6 @@ package querylog import ( - "fmt" "strconv" "strings" "time" @@ -117,7 +116,7 @@ func (l *queryLog) setMsgData(entry *logEntry, jsonEntry jobject) { // it from there as well. jsonEntry["answer_dnssec"] = entry.AuthenticatedData || msg.AuthenticatedData - if a := answerToMap(msg); a != nil { + if a := answerToJSON(msg); a != nil { jsonEntry["answer"] = a } } @@ -136,7 +135,7 @@ func (l *queryLog) setOrigAns(entry *logEntry, jsonEntry jobject) { return } - if a := answerToMap(orig); a != nil { + if a := answerToJSON(orig); a != nil { jsonEntry["original_answer"] = a } } @@ -159,55 +158,24 @@ type dnsAnswer struct { TTL uint32 `json:"ttl"` } -func answerToMap(a *dns.Msg) (answers []*dnsAnswer) { - if a == nil || len(a.Answer) == 0 { +// answerToJSON converts the answer records of msg, if any, to their JSON form. +func answerToJSON(msg *dns.Msg) (answers []*dnsAnswer) { + if msg == nil || len(msg.Answer) == 0 { return nil } - answers = make([]*dnsAnswer, 0, len(a.Answer)) - for _, k := range a.Answer { - header := k.Header() - answer := &dnsAnswer{ + answers = make([]*dnsAnswer, 0, len(msg.Answer)) + for _, rr := range msg.Answer { + header := rr.Header() + a := &dnsAnswer{ Type: dns.TypeToString[header.Rrtype], - TTL: header.Ttl, + // Remove the header string from the answer value since it's mostly + // unnecessary in the log. + Value: strings.TrimPrefix(rr.String(), header.String()), + TTL: header.Ttl, } - // Some special treatment for some well-known types. - // - // TODO(a.garipov): Consider just calling String() for everyone - // instead. - switch v := k.(type) { - case nil: - // Probably unlikely, but go on. - case *dns.A: - answer.Value = v.A.String() - case *dns.AAAA: - answer.Value = v.AAAA.String() - case *dns.MX: - answer.Value = fmt.Sprintf("%v %v", v.Preference, v.Mx) - case *dns.CNAME: - answer.Value = v.Target - case *dns.NS: - answer.Value = v.Ns - case *dns.SPF: - answer.Value = strings.Join(v.Txt, "\n") - case *dns.TXT: - answer.Value = strings.Join(v.Txt, "\n") - case *dns.PTR: - answer.Value = v.Ptr - case *dns.SOA: - answer.Value = fmt.Sprintf("%v %v %v %v %v %v %v", v.Ns, v.Mbox, v.Serial, v.Refresh, v.Retry, v.Expire, v.Minttl) - case *dns.CAA: - answer.Value = fmt.Sprintf("%v %v \"%v\"", v.Flag, v.Tag, v.Value) - case *dns.HINFO: - answer.Value = fmt.Sprintf("\"%v\" \"%v\"", v.Cpu, v.Os) - case *dns.RRSIG: - answer.Value = fmt.Sprintf("%v %v %v %v %v %v %v %v %v", dns.TypeToString[v.TypeCovered], v.Algorithm, v.Labels, v.OrigTtl, v.Expiration, v.Inception, v.KeyTag, v.SignerName, v.Signature) - default: - answer.Value = v.String() - } - - answers = append(answers, answer) + answers = append(answers, a) } return answers diff --git a/internal/querylog/qlog.go b/internal/querylog/qlog.go index 32ac1a73949..3b6c9efeef4 100644 --- a/internal/querylog/qlog.go +++ b/internal/querylog/qlog.go @@ -31,7 +31,8 @@ type queryLog struct { // bufferLock protects buffer. bufferLock sync.RWMutex - // buffer contains recent log entries. + // buffer contains recent log entries. The entries in this buffer must not + // be modified. buffer []*logEntry fileFlushLock sync.Mutex // synchronize a file-flushing goroutine and main thread @@ -100,6 +101,13 @@ type logEntry struct { AuthenticatedData bool `json:"AD,omitempty"` } +// shallowClone returns a shallow clone of e. +func (e *logEntry) shallowClone() (clone *logEntry) { + cloneVal := *e + + return &cloneVal +} + func (l *queryLog) Start() { if l.conf.HTTPRegister != nil { l.initWeb() diff --git a/internal/querylog/search.go b/internal/querylog/search.go index 035fcfc94ce..332c2e81106 100644 --- a/internal/querylog/search.go +++ b/internal/querylog/search.go @@ -52,7 +52,9 @@ func (l *queryLog) searchMemory(params *searchParams, cache clientCache) (entrie // Go through the buffer in the reverse order, from newer to older. var err error for i := len(l.buffer) - 1; i >= 0; i-- { - e := l.buffer[i] + // A shallow clone is enough, since the only thing that this loop + // modifies is the client field. + e := l.buffer[i].shallowClone() e.client, err = l.client(e.ClientID, e.IP.String(), cache) if err != nil { @@ -130,7 +132,7 @@ func (l *queryLog) search(params *searchParams) (entries []*logEntry, oldest tim // searchFiles looks up log records from all log files. It optionally uses the // client cache, if provided. searchFiles does not scan more than // maxFileScanEntries so callers may need to call it several times to get all -// results. oldset and total are the time of the oldest processed entry and the +// results. oldest and total are the time of the oldest processed entry and the // total number of processed entries, including discarded ones, correspondingly. func (l *queryLog) searchFiles( params *searchParams, diff --git a/internal/querylog/searchcriterion.go b/internal/querylog/searchcriterion.go index a9bd4cff71e..d53634513dd 100644 --- a/internal/querylog/searchcriterion.go +++ b/internal/querylog/searchcriterion.go @@ -1,6 +1,7 @@ package querylog import ( + "fmt" "strings" "github.com/AdguardTeam/AdGuardHome/internal/filtering" @@ -118,7 +119,7 @@ func (c *searchCriterion) match(entry *logEntry) bool { case ctTerm: return c.ctDomainOrClientCase(entry) case ctFilteringStatus: - return c.ctFilteringStatusCase(entry.Result) + return c.ctFilteringStatusCase(entry.Result.Reason, entry.Result.IsFiltered) } return false @@ -141,54 +142,70 @@ func (c *searchCriterion) ctDomainOrClientCase(e *logEntry) bool { return ctDomainOrClientCaseNonStrict(c.value, c.asciiVal, clientID, name, host, ip) } -func (c *searchCriterion) ctFilteringStatusCase(res filtering.Result) bool { +// ctFilteringStatusCase returns true if the result matches the value. +func (c *searchCriterion) ctFilteringStatusCase( + reason filtering.Reason, + isFiltered bool, +) (matched bool) { switch c.value { case filteringStatusAll: return true - - case filteringStatusFiltered: - return res.IsFiltered || - res.Reason.In( - filtering.NotFilteredAllowList, - filtering.Rewritten, - filtering.RewrittenAutoHosts, - filtering.RewrittenRule, - ) - - case filteringStatusBlocked: - return res.IsFiltered && - res.Reason.In(filtering.FilteredBlockList, filtering.FilteredBlockedService) - - case filteringStatusBlockedService: - return res.IsFiltered && res.Reason == filtering.FilteredBlockedService - - case filteringStatusBlockedParental: - return res.IsFiltered && res.Reason == filtering.FilteredParental - - case filteringStatusBlockedSafebrowsing: - return res.IsFiltered && res.Reason == filtering.FilteredSafeBrowsing - + case + filteringStatusBlocked, + filteringStatusBlockedParental, + filteringStatusBlockedSafebrowsing, + filteringStatusBlockedService, + filteringStatusFiltered, + filteringStatusSafeSearch: + return isFiltered && c.isFilteredWithReason(reason) case filteringStatusWhitelisted: - return res.Reason == filtering.NotFilteredAllowList - + return reason == filtering.NotFilteredAllowList case filteringStatusRewritten: - return res.Reason.In( + return reason.In( filtering.Rewritten, filtering.RewrittenAutoHosts, filtering.RewrittenRule, ) - - case filteringStatusSafeSearch: - return res.IsFiltered && res.Reason == filtering.FilteredSafeSearch - case filteringStatusProcessed: - return !res.Reason.In( + return !reason.In( filtering.FilteredBlockList, filtering.FilteredBlockedService, filtering.NotFilteredAllowList, ) - default: return false } } + +// isFilteredWithReason returns true if reason matches the criterion value. +// c.value must be one of: +// +// - filteringStatusBlocked +// - filteringStatusBlockedParental +// - filteringStatusBlockedSafebrowsing +// - filteringStatusBlockedService +// - filteringStatusFiltered +// - filteringStatusSafeSearch +func (c *searchCriterion) isFilteredWithReason(reason filtering.Reason) (matched bool) { + switch c.value { + case filteringStatusBlocked: + return reason.In(filtering.FilteredBlockList, filtering.FilteredBlockedService) + case filteringStatusBlockedParental: + return reason == filtering.FilteredParental + case filteringStatusBlockedSafebrowsing: + return reason == filtering.FilteredSafeBrowsing + case filteringStatusBlockedService: + return reason == filtering.FilteredBlockedService + case filteringStatusFiltered: + return reason.In( + filtering.NotFilteredAllowList, + filtering.Rewritten, + filtering.RewrittenAutoHosts, + filtering.RewrittenRule, + ) + case filteringStatusSafeSearch: + return reason == filtering.FilteredSafeSearch + default: + panic(fmt.Errorf("unexpected value %q", c.value)) + } +} diff --git a/internal/updater/check.go b/internal/updater/check.go index 5de7ecfc4ba..a72e58eeb97 100644 --- a/internal/updater/check.go +++ b/internal/updater/check.go @@ -10,6 +10,9 @@ import ( "github.com/AdguardTeam/AdGuardHome/internal/aghalg" "github.com/AdguardTeam/AdGuardHome/internal/aghio" "github.com/AdguardTeam/golibs/errors" + "github.com/AdguardTeam/golibs/log" + "golang.org/x/exp/maps" + "golang.org/x/exp/slices" ) // TODO(a.garipov): Make configurable. @@ -81,9 +84,9 @@ func (u *Updater) parseVersionResponse(data []byte) (VersionInfo, error) { return info, fmt.Errorf("version.json: %w", err) } - for _, v := range versionJSON { + for k, v := range versionJSON { if v == "" { - return info, fmt.Errorf("version.json: invalid data") + return info, fmt.Errorf("version.json: bad data: value for key %q is empty", k) } } @@ -91,9 +94,9 @@ func (u *Updater) parseVersionResponse(data []byte) (VersionInfo, error) { info.Announcement = versionJSON["announcement"] info.AnnouncementURL = versionJSON["announcement_url"] - packageURL, ok := u.downloadURL(versionJSON) - if !ok { - return info, fmt.Errorf("version.json: packageURL not found") + packageURL, key, found := u.downloadURL(versionJSON) + if !found { + return info, fmt.Errorf("version.json: no package URL: key %q not found in object", key) } info.CanAutoUpdate = aghalg.BoolToNullBool(info.NewVersion != u.version) @@ -104,25 +107,40 @@ func (u *Updater) parseVersionResponse(data []byte) (VersionInfo, error) { return info, nil } -// downloadURL returns the download URL for current build. -func (u *Updater) downloadURL(json map[string]string) (string, bool) { - var key string - +// downloadURL returns the download URL for current build as well as its key in +// versionObj. If the key is not found, it additionally prints an informative +// log message. +func (u *Updater) downloadURL(versionObj map[string]string) (dlURL, key string, ok bool) { if u.goarch == "arm" && u.goarm != "" { key = fmt.Sprintf("download_%s_%sv%s", u.goos, u.goarch, u.goarm) - } else if u.goarch == "mips" && u.gomips != "" { + } else if isMIPS(u.goarch) && u.gomips != "" { key = fmt.Sprintf("download_%s_%s_%s", u.goos, u.goarch, u.gomips) - } - - val, ok := json[key] - if !ok { + } else { key = fmt.Sprintf("download_%s_%s", u.goos, u.goarch) - val, ok = json[key] } - if !ok { - return "", false + dlURL, ok = versionObj[key] + if ok { + return dlURL, key, true } - return val, true + keys := maps.Keys(versionObj) + slices.Sort(keys) + log.Error("updater: key %q not found; got keys %q", key, keys) + + return "", key, false +} + +// isMIPS returns true if arch is any MIPS architecture. +func isMIPS(arch string) (ok bool) { + switch arch { + case + "mips", + "mips64", + "mips64le", + "mipsle": + return true + default: + return false + } } diff --git a/internal/updater/updater.go b/internal/updater/updater.go index f042ab3c3d1..1fdd858e81c 100644 --- a/internal/updater/updater.go +++ b/internal/updater/updater.go @@ -272,7 +272,7 @@ func (u *Updater) backup(firstRun bool) (err error) { wd := u.workDir err = copySupportingFiles(u.unpackedFiles, wd, u.backupDir) if err != nil { - return fmt.Errorf("copySupportingFiles(%s, %s) failed: %s", wd, u.backupDir, err) + return fmt.Errorf("copySupportingFiles(%s, %s) failed: %w", wd, u.backupDir, err) } return nil @@ -283,7 +283,7 @@ func (u *Updater) backup(firstRun bool) (err error) { func (u *Updater) replace() error { err := copySupportingFiles(u.unpackedFiles, u.updateDir, u.workDir) if err != nil { - return fmt.Errorf("copySupportingFiles(%s, %s) failed: %s", u.updateDir, u.workDir, err) + return fmt.Errorf("copySupportingFiles(%s, %s) failed: %w", u.updateDir, u.workDir, err) } log.Debug("updater: renaming: %s to %s", u.currentExeName, u.backupExeName) @@ -315,7 +315,7 @@ func (u *Updater) clean() { // MaxPackageFileSize is a maximum package file length in bytes. The largest // package whose size is limited by this constant currently has the size of // approximately 9 MiB. -const MaxPackageFileSize = 32 * 1024 * 1024 +const MaxPackageFileSize = 32 * 10 * 1024 // Download package file and save it to disk func (u *Updater) downloadPackageFile() (err error) { diff --git a/scripts/make/build-release.sh b/scripts/make/build-release.sh index 6194d87b096..2884f568b29 100644 --- a/scripts/make/build-release.sh +++ b/scripts/make/build-release.sh @@ -390,6 +390,16 @@ echo "{ \"selfupdate_min_version\": \"0.0\", " >> "$version_json" +# Add the MIPS* object keys without the "softfloat" part to mitigate the +# consequences of #5373. +# +# TODO(a.garipov): Remove this around fall 2023. +echo " + \"download_linux_mips64\": \"${version_download_url}/AdGuardHome_linux_mips64_softfloat.tar.gz\", + \"download_linux_mips64le\": \"${version_download_url}/AdGuardHome_linux_mips64le_softfloat.tar.gz\", + \"download_linux_mipsle\": \"${version_download_url}/AdGuardHome_linux_mipsle_softfloat.tar.gz\", +" >> "$version_json" + # Same as with checksums above, don't use ls, because files matching one of the # patterns may be absent. ar_files="$( find "./${dist}/" ! -name "${dist}" -prune \( -name '*.tar.gz' -o -name '*.zip' \) )" diff --git a/scripts/make/go-lint.sh b/scripts/make/go-lint.sh index 933d16a8fc7..55b2199b2de 100644 --- a/scripts/make/go-lint.sh +++ b/scripts/make/go-lint.sh @@ -161,7 +161,7 @@ run_linter "$GO" vet ./... run_linter govulncheck ./... # Apply more lax standards to the code we haven't properly refactored yet. -run_linter gocyclo --over 17 ./internal/querylog/ +run_linter gocyclo --over 14 ./internal/querylog/ run_linter gocyclo --over 13\ ./internal/dhcpd\ ./internal/filtering/\