Start Profile Domain/Port/Endpoint revamp

2025-04-25 13:29:10 +00:00 · 2019-01-11 22:20:21 +01:00 · 2019-01-11 22:20:21 +01:00 · 4017de7dac
commit 4017de7dac
parent 7da7ebf183
5 changed files with 90 additions and 133 deletions
--- a/profile/domains.go
+++ b/profile/domains.go
@ -1,42 +0,0 @@
-package profile
-
-import "strings"
-
-// Domains is a list of permitted or denied domains.
-type Domains map[string]*DomainDecision
-
-// DomainDecision holds a decision about a domain.
-type DomainDecision struct {
-	Permit            bool
-	Created           int64
-	IncludeSubdomains bool
-}
-
-// IsSet returns whether the Domains object is "set".
-func (d Domains) IsSet() bool {
-	if d != nil {
-		return true
-	}
-	return false
-}
-
-// Check checks if the given domain is governed in the list of domains and returns whether it is permitted.
-func (d Domains) Check(domain string) (permit, ok bool) {
-	// check for exact domain
-	dd, ok := d[domain]
-	if ok {
-		return dd.Permit, true
-	}
-
-	// check if domain is a subdomain of any of the domains
-	for key, dd := range d {
-		if dd.IncludeSubdomains && strings.HasSuffix(domain, key) {
-			preDottedKey := "." + key
-			if strings.HasSuffix(domain, preDottedKey) {
-				return dd.Permit, true
-			}
-		}
-	}
-
-	return false, false
-}
--- a/profile/endpoints.go
+++ b/profile/endpoints.go
@ -0,0 +1,87 @@
+package profile
+
+import (
+	"fmt"
+	"strconv"
+)
+
+// Endpoints is a list of permitted or denied endpoints.
+type Endpoints []*EndpointPermission
+
+// EndpointPermission holds a decision about an endpoint.
+type EndpointPermission struct {
+	DomainOrIP        string
+	IncludeSubdomains bool
+	Protocol          uint8
+	PortStart         uint16
+	PortEnd           uint16
+	Permit            bool
+	Created           int64
+}
+
+// IsSet returns whether the Endpoints object is "set".
+func (e Endpoints) IsSet() bool {
+	if len(e) > 0 {
+		return true
+	}
+	return false
+}
+
+// Check checks if the given domain is governed in the list of domains and returns whether it is permitted.
+func (e Endpoints) Check(domainOrIP string, protocol uint8, port uint16) (permit, ok bool) {
+	// check for exact domain
+	ed, ok := d[domain]
+	if ok {
+		return ed.Permit, true
+	}
+
+	for _, entry := range e {
+		if entry.Matches(domainOrIP, protocol, port) {
+			return entry.Permit, true
+		}
+	}
+
+	return false, false
+}
+
+// Matches checks whether a port object matches the given port.
+func (ep EndpointPermission) Matches(domainOrIP string, protocol uint8, port uint16) bool {
+	if domainOrIP != ep.DomainOrIP {
+		return false
+	}
+
+	if ep.Protocol > 0 && protocol != ep.Protocol {
+		return false
+	}
+
+	if ep.PortStart > 0 && (port < ep.PortStart || port > ep.PortEnd) {
+		return false
+	}
+
+	return true
+}
+
+func (ep EndpointPermission) String() string {
+	s := ep.DomainOrIP
+
+	if ep.Protocol > 0 || ep.Start {
+		s += " "
+	}
+
+	if ep.Protocol > 0 {
+		s += strconv.Itoa(int(ep.Protocol))
+		if ep.Start > 0 {
+			s += "/"
+		}
+	}
+
+	if ep.Start > 0 {
+		if p.Start == p.End {
+			s += strconv.Itoa(int(ep.Start))
+		} else {
+			s += fmt.Sprintf("%d-%d", ep.Start, ep.End)
+		}
+	}
+
+	return s
+}
--- a/profile/endpoints_test.go
+++ b/profile/endpoints_test.go
--- a/profile/ports.go
+++ b/profile/ports.go
@ -1,88 +0,0 @@
-package profile
-
-import (
-	"fmt"
-	"strconv"
-	"strings"
-
-	"github.com/Safing/portmaster/network/reference"
-)
-
-// Ports is a list of permitted or denied ports
-type Ports map[int16][]*Port
-
-// Check returns whether listening/connecting to a certain port is allowed, if set.
-func (p Ports) Check(signedProtocol int16, port uint16) (permit, ok bool) {
-	if p == nil {
-		return false, false
-	}
-
-	portDefinitions, ok := p[signedProtocol]
-	if ok {
-		for _, portD := range portDefinitions {
-			if portD.Matches(port) {
-				return portD.Permit, true
-			}
-		}
-	}
-	return false, false
-}
-
-func formatSignedProtocol(sP int16) string {
-	if sP < 0 {
-		return fmt.Sprintf("<%s", reference.GetProtocolName(uint8(-1*sP)))
-	}
-	return reference.GetProtocolName(uint8(sP))
-}
-
-func (p Ports) String() string {
-	var s []string
-
-	for signedProtocol, ports := range p {
-		var portStrings []string
-		for _, port := range ports {
-			portStrings = append(portStrings, port.String())
-		}
-
-		s = append(s, fmt.Sprintf("%s:[%s]", formatSignedProtocol(signedProtocol), strings.Join(portStrings, ", ")))
-	}
-
-	if len(s) == 0 {
-		return "None"
-	}
-	return strings.Join(s, ", ")
-}
-
-// Port represents a port range and a verdict.
-type Port struct {
-	Permit  bool
-	Created int64
-	Start   uint16
-	End     uint16
-}
-
-// Matches checks whether a port object matches the given port.
-func (p Port) Matches(port uint16) bool {
-	if port >= p.Start && port <= p.End {
-		return true
-	}
-	return false
-}
-
-func (p Port) String() string {
-	var s string
-
-	if p.Permit {
-		s += "permit:"
-	} else {
-		s += "deny:"
-	}
-
-	if p.Start == p.End {
-		s += strconv.Itoa(int(p.Start))
-	} else {
-		s += fmt.Sprintf("%d-%d", p.Start, p.End)
-	}
-
-	return s
-}
--- a/profile/profile.go
+++ b/profile/profile.go
@ -29,9 +29,9 @@ type Profile struct {
 	Icon string

 	// User Profile Only
-	LinkedPath           string `json:",omitempty"`
-	StampProfileID       string `json:",omitempty"`
-	StampProfileAssigned int64  `json:",omitempty"`
+	LinkedPath           string
+	StampProfileID       string
+	StampProfileAssigned int64

 	// Fingerprints
 	Fingerprints []*Fingerprint