Sanitize dns config (#321)

Sanitize dns config for misconfigurations
2024-09-20 06:46:12 +08:00 · 2024-03-24 18:51:07 +01:00 · 2024-03-24 18:51:07 +01:00 · 1c4ea24da1
parent f277460b9d
commit 1c4ea24da1
4 changed files with 44 additions and 2 deletions
--- a/4
+++ b/4
@ -124,10 +124,10 @@ kind-test:

 model: oapi-codegen
 	@mkdir -p tmp
-	go run openapi/main.go v0.107.44
+	go run openapi/main.go v0.107.46
 	$(OAPI_CODEGEN) -package model -generate types,client -config .oapi-codegen.yaml tmp/schema.yaml > pkg/client/model/model_generated.go

 model-diff:
-	go run openapi/main.go v0.107.44
+	go run openapi/main.go v0.107.46
 	go run openapi/main.go
 	diff tmp/schema.yaml tmp/schema-master.yaml
--- a/pkg/client/model/model-functions.go
+++ b/pkg/client/model/model-functions.go
@ -7,6 +7,7 @@ import (

 	"github.com/bakito/adguardhome-sync/pkg/utils"
 	"github.com/jinzhu/copier"
+	"go.uber.org/zap"
 )

 // Clone the config
@ -401,3 +402,12 @@ func ArrayString(a *[]string) string {
 	sort.Strings(sorted)
 	return fmt.Sprintf("[%s]", strings.Join(sorted, ","))
 }
+
+func (c *DNSConfig) Sanitize(l *zap.SugaredLogger) {
+	// disable UsePrivatePtrResolvers if not configured
+	if c.UsePrivatePtrResolvers != nil && *c.UsePrivatePtrResolvers &&
+		(c.LocalPtrUpstreams == nil || len(*c.LocalPtrUpstreams) == 0) {
+		l.Warn("disabling replica 'Use private reverse DNS resolvers' as no 'Private reverse DNS servers' are configured on origin")
+		c.UsePrivatePtrResolvers = utils.Ptr(false)
+	}
+}
--- a/pkg/client/model/model_private_test.go
+++ b/pkg/client/model/model_private_test.go
@ -1,9 +1,11 @@
 package model

 import (
+	"github.com/bakito/adguardhome-sync/pkg/log"
 	"github.com/bakito/adguardhome-sync/pkg/utils"
 	. "github.com/onsi/ginkgo/v2"
 	"github.com/onsi/gomega"
+	"go.uber.org/zap"
 )

 var _ = Describe("Types", func() {
@ -71,4 +73,31 @@ var _ = Describe("Types", func() {
 			Entry(`When SubnetMask is ""`, DhcpConfigV6{RangeStart: utils.Ptr("")}),
 		)
 	})
+	Context("DNSConfig", func() {
+		var (
+			cfg *DNSConfig
+			l   *zap.SugaredLogger
+		)
+
+		BeforeEach(func() {
+			cfg = &DNSConfig{
+				UsePrivatePtrResolvers: utils.Ptr(true),
+			}
+			l = log.GetLogger("test")
+		})
+		Context("Sanitize", func() {
+			It("should disable UsePrivatePtrResolvers resolvers is nil ", func() {
+				cfg.LocalPtrUpstreams = nil
+				cfg.Sanitize(l)
+				gomega.Ω(cfg.UsePrivatePtrResolvers).ShouldNot(gomega.BeNil())
+				gomega.Ω(*cfg.UsePrivatePtrResolvers).Should(gomega.Equal(false))
+			})
+			It("should disable UsePrivatePtrResolvers resolvers is empty ", func() {
+				cfg.LocalPtrUpstreams = utils.Ptr([]string{})
+				cfg.Sanitize(l)
+				gomega.Ω(cfg.UsePrivatePtrResolvers).ShouldNot(gomega.BeNil())
+				gomega.Ω(*cfg.UsePrivatePtrResolvers).Should(gomega.Equal(false))
+			})
+		})
+	})
 })
--- a/pkg/sync/action-general.go
+++ b/pkg/sync/action-general.go
@ -186,6 +186,9 @@ var (
 		if err != nil {
 			return err
 		}
+
+		dc.Sanitize(ac.rl)
+
 		if !dc.Equals(ac.origin.dnsConfig) {
 			if err = ac.client.SetDNSConfig(ac.origin.dnsConfig); err != nil {
 				return err