vikarti.anatra/safing-portmaster
1
0
Fork 0
mirror of https://github.com/safing/portmaster synced 2025-09-04 11:39:29 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Add support for search-only resolvers

Browse source
This commit is contained in:
Daniel 2022-03-16 10:30:48 +01:00
parent 25ce4b7c84
commit 2a930b6362
3 changed files with 21 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
resolver/resolver.go
View file

@ -63,6 +63,7 @@ type Resolver struct {
// Special Options // Special Options
VerifyDomain string VerifyDomain string
Search []string Search []string
SearchOnly bool
// logic interface // logic interface
Conn ResolverConn `json:"-"` Conn ResolverConn `json:"-"`

14
resolver/resolvers.go
View file

@ -1,6 +1,7 @@
package resolver package resolver
import ( import (
"errors"
"fmt" "fmt"
"net" "net"
"net/url" "net/url"
@ -157,6 +158,7 @@ func createResolver(resolverURL, source string) (*Resolver, bool, error) {
UpstreamBlockDetection: blockType, UpstreamBlockDetection: blockType,
} }
// Parse search domains.
searchDomains := query.Get("search") searchDomains := query.Get("search")
if searchDomains != "" { if searchDomains != "" {
err = configureSearchDomains(newResolver, strings.Split(searchDomains, ","), true) err = configureSearchDomains(newResolver, strings.Split(searchDomains, ","), true)
@ -165,6 +167,18 @@ func createResolver(resolverURL, source string) (*Resolver, bool, error) {
} }
} }
// Check if searchOnly is set and valid.
if query.Has("searchOnly") {
newResolver.SearchOnly = true
if query.Get("searchOnly") != "" {
return nil, false, errors.New("searchOnly may only be used as an empty parameter")
}
if len(newResolver.Search) == 0 {
return nil, false, errors.New("cannot use searchOnly without search scopes")
}
}
newResolver.Conn = resolverConnFactory(newResolver) newResolver.Conn = resolverConnFactory(newResolver)
return newResolver, false, nil return newResolver, false, nil
} }

6
resolver/scopes.go
View file

@ -179,6 +179,7 @@ var (
errInsecureProtocol = errors.New("insecure protocols disabled") errInsecureProtocol = errors.New("insecure protocols disabled")
errAssignedServer = errors.New("assigned (dhcp) nameservers disabled") errAssignedServer = errors.New("assigned (dhcp) nameservers disabled")
errMulticastDNS = errors.New("multicast DNS disabled") errMulticastDNS = errors.New("multicast DNS disabled")
errOutOfScope = errors.New("query out of scope for resolver")
) )
func (q *Query) checkCompliance() error { func (q *Query) checkCompliance() error {
@ -236,5 +237,10 @@ func (resolver *Resolver) checkCompliance(_ context.Context, q *Query) error {
} }
} }
// Check if the resolver should only be used for the search scopes.
if resolver.SearchOnly && !domainInScope(q.dotPrefixedFQDN, resolver.Search) {
return errOutOfScope
}
return nil return nil
} }