From 69dd5fed2cba847c263b19e06de9a976df80896f Mon Sep 17 00:00:00 2001 From: kim <89579420+NyaaaWhatsUpDoc@users.noreply.github.com> Date: Wed, 14 Dec 2022 09:55:36 +0000 Subject: [feature] domain block wildcarding (#1178) * for domain block lookups, lookup along subdomain parts Signed-off-by: kim * only lookup up to a max of 5 domain parts to prevent DOS, limit inserted domains to max of 5 subdomains Signed-off-by: kim * add test for domain block wildcarding Signed-off-by: kim * check cached status first, increase cached domain time Signed-off-by: kim * fix domain wildcard part building logic Signed-off-by: kim * create separate domain.BlockCache{} type to hold all domain blocks in memory Signed-off-by: kim * remove unused variable Signed-off-by: kim * add docs and test to domain block cache, check for domain == host in domain block getter funcs Signed-off-by: kim * add license text Signed-off-by: kim * check order in which we check primary cache Signed-off-by: kim * add better documentation of how domain block checking is performed Signed-off-by: kim * change Signed-off-by: kim Signed-off-by: kim --- internal/db/bundb/domain_test.go | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) (limited to 'internal/db/bundb/domain_test.go') diff --git a/internal/db/bundb/domain_test.go b/internal/db/bundb/domain_test.go index 41a73ff80..8091e6585 100644 --- a/internal/db/bundb/domain_test.go +++ b/internal/db/bundb/domain_test.go @@ -56,6 +56,38 @@ func (suite *DomainTestSuite) TestIsDomainBlocked() { suite.WithinDuration(time.Now(), domainBlock.CreatedAt, 10*time.Second) } +func (suite *DomainTestSuite) TestIsDomainBlockedWildcard() { + ctx := context.Background() + + domainBlock := >smodel.DomainBlock{ + ID: "01G204214Y9TNJEBX39C7G88SW", + Domain: "bad.apples", + CreatedByAccountID: suite.testAccounts["admin_account"].ID, + CreatedByAccount: suite.testAccounts["admin_account"], + } + + // no domain block exists for the given domain yet + blocked, err := suite.db.IsDomainBlocked(ctx, domainBlock.Domain) + suite.NoError(err) + suite.False(blocked) + + err = suite.db.CreateDomainBlock(ctx, domainBlock) + suite.NoError(err) + + // Start with the base block domain + domain := domainBlock.Domain + + for _, part := range []string{"extra", "domain", "parts"} { + // Prepend the next domain part + domain = part + "." + domain + + // Check that domain block is wildcarded for this subdomain + blocked, err = suite.db.IsDomainBlocked(ctx, domainBlock.Domain) + suite.NoError(err) + suite.True(blocked) + } +} + func (suite *DomainTestSuite) TestIsDomainBlockedNonASCII() { ctx := context.Background() -- cgit v1.2.3