vikarti.anatra/safing-portmaster
1
0
Fork 0
mirror of https://github.com/safing/portmaster synced 2025-09-02 02:29:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Fix reverse domain resolving

Browse source
This commit is contained in:
Daniel 2020-10-15 11:31:46 +02:00
parent 9e8b763428
commit 3818718180
2 changed files with 21 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
intel/entity.go
View file

@ -43,6 +43,10 @@ type Entity struct {
// Domain is the target domain of the connection. // Domain is the target domain of the connection.
Domain string Domain string
// ReverseDomain is the domain the IP address points to. This is only
// resolved and populated when needed.
ReverseDomain string
// CNAME is a list of domain names that have been // CNAME is a list of domain names that have been
// resolved for Domain. // resolved for Domain.
CNAME []string CNAME []string
@ -150,11 +154,6 @@ func (e *Entity) EnableReverseResolving() {
func (e *Entity) reverseResolve(ctx context.Context) { func (e *Entity) reverseResolve(ctx context.Context) {
e.reverseResolveOnce.Do(func() { e.reverseResolveOnce.Do(func() {
// check if we should resolve
if !e.reverseResolveEnabled {
return
}
// need IP! // need IP!
if e.IP == nil { if e.IP == nil {
return return
@ -170,13 +169,20 @@ func (e *Entity) reverseResolve(ctx context.Context) {
log.Tracer(ctx).Warningf("intel: failed to resolve IP %s: %s", e.IP, err) log.Tracer(ctx).Warningf("intel: failed to resolve IP %s: %s", e.IP, err)
return return
} }
e.Domain = domain e.ReverseDomain = domain
}) })
} }
// GetDomain returns the domain and whether it is set. // GetDomain returns the domain and whether it is set.
func (e *Entity) GetDomain() (string, bool) { func (e *Entity) GetDomain(ctx context.Context, mayUseReverseDomain bool) (string, bool) {
e.reverseResolve() if mayUseReverseDomain && e.reverseResolveEnabled {
e.reverseResolve(ctx)
if e.ReverseDomain == "" {
return "", false
}
return e.ReverseDomain, true
}
if e.Domain == "" { if e.Domain == "" {
return "", false return "", false
@ -268,7 +274,7 @@ func (e *Entity) getDomainLists(ctx context.Context) {
return return
} }
domain, ok := e.GetDomain() domain, ok := e.GetDomain(ctx, false /* mayUseReverseDomain */)
if !ok { if !ok {
return return
} }

11
profile/endpoints/endpoint-domain.go
View file

@ -63,19 +63,20 @@ func (ep *EndpointDomain) check(entity *intel.Entity, domain string) (EPResult,
} }
// Matches checks whether the given entity matches this endpoint definition. // Matches checks whether the given entity matches this endpoint definition.
func (ep *EndpointDomain) Matches(entity *intel.Entity) (EPResult, Reason) { func (ep *EndpointDomain) Matches(ctx context.Context, entity *intel.Entity) (EPResult, Reason) {
if entity.Domain == "" { domain, ok := entity.GetDomain(ctx, true /* mayUseReverseDomain */)
if !ok {
return NoMatch, nil return NoMatch, nil
} }
result, reason := ep.check(entity, entity.Domain) result, reason := ep.check(entity, domain)
if result != NoMatch { if result != NoMatch {
return result, reason return result, reason
} }
if entity.CNAMECheckEnabled() { if entity.CNAMECheckEnabled() {
for _, domain := range entity.CNAME { for _, cname := range entity.CNAME {
result, reason = ep.check(entity, domain) result, reason = ep.check(entity, cname)
if result == Denied { if result == Denied {
return result, reason return result, reason
} }