From 1e0873aa71849de9ffc6814b620dbbf920ffa9f8 Mon Sep 17 00:00:00 2001 From: Stanislav Chzhen Date: Wed, 19 Feb 2025 19:02:56 +0300 Subject: [PATCH] Pull request 2347: AGDNS-2690-global-context Merge in DNS/adguard-home from AGDNS-2690-global-context to master Squashed commit of the following: commit 58d5999e5d9112b3391f988ed76e87eff2919d6b Author: Stanislav Chzhen Date: Wed Feb 19 18:51:41 2025 +0300 home: imp naming commit cfb371df59c816be1022d499cc41ffaf2b72d124 Author: Stanislav Chzhen Date: Wed Feb 19 18:42:52 2025 +0300 home: global context --- internal/home/auth.go | 2 +- internal/home/authhttp.go | 18 +-- internal/home/authhttp_internal_test.go | 6 +- internal/home/config.go | 42 +++--- internal/home/control.go | 28 ++-- internal/home/controlinstall.go | 18 +-- internal/home/controlupdate.go | 2 +- internal/home/dns.go | 98 +++++++------- internal/home/dns_internal_test.go | 8 +- internal/home/home.go | 128 +++++++++--------- internal/home/httpclient.go | 6 +- internal/home/log.go | 2 +- ..._test.go => mobileconfig_internal_test.go} | 18 +-- internal/home/profilehttp.go | 2 +- internal/home/tls.go | 8 +- internal/home/web.go | 20 +-- 16 files changed, 203 insertions(+), 203 deletions(-) rename internal/home/{mobileconfig_test.go => mobileconfig_internal_test.go} (91%) diff --git a/internal/home/auth.go b/internal/home/auth.go index 969152af..460d7aa8 100644 --- a/internal/home/auth.go +++ b/internal/home/auth.go @@ -356,7 +356,7 @@ func (a *Auth) getCurrentUser(r *http.Request) (u webUser) { // There's no Cookie, check Basic authentication. user, pass, ok := r.BasicAuth() if ok { - u, _ = Context.auth.findUser(user, pass) + u, _ = globalContext.auth.findUser(user, pass) return u } diff --git a/internal/home/authhttp.go b/internal/home/authhttp.go index ff264393..3c9bba98 100644 --- a/internal/home/authhttp.go +++ b/internal/home/authhttp.go @@ -155,7 +155,7 @@ func handleLogin(w http.ResponseWriter, r *http.Request) { return } - if rateLimiter := Context.auth.rateLimiter; rateLimiter != nil { + if rateLimiter := globalContext.auth.rateLimiter; rateLimiter != nil { if left := rateLimiter.check(remoteIP); left > 0 { w.Header().Set(httphdr.RetryAfter, strconv.Itoa(int(left.Seconds()))) writeErrorWithIP( @@ -176,10 +176,10 @@ func handleLogin(w http.ResponseWriter, r *http.Request) { log.Error("auth: getting real ip from request with remote ip %s: %s", remoteIP, err) } - cookie, err := Context.auth.newCookie(req, remoteIP) + cookie, err := globalContext.auth.newCookie(req, remoteIP) if err != nil { logIP := remoteIP - if Context.auth.trustedProxies.Contains(ip.Unmap()) { + if globalContext.auth.trustedProxies.Contains(ip.Unmap()) { logIP = ip.String() } @@ -213,7 +213,7 @@ func handleLogout(w http.ResponseWriter, r *http.Request) { return } - Context.auth.removeSession(c.Value) + globalContext.auth.removeSession(c.Value) c = &http.Cookie{ Name: sessionCookieName, @@ -232,7 +232,7 @@ func handleLogout(w http.ResponseWriter, r *http.Request) { // RegisterAuthHandlers - register handlers func RegisterAuthHandlers() { - Context.mux.Handle("/control/login", postInstallHandler(ensureHandler(http.MethodPost, handleLogin))) + globalContext.mux.Handle("/control/login", postInstallHandler(ensureHandler(http.MethodPost, handleLogin))) httpRegister(http.MethodGet, "/control/logout", handleLogout) } @@ -254,13 +254,13 @@ func optionalAuthThird(w http.ResponseWriter, r *http.Request) (mustAuth bool) { // Check Basic authentication. user, pass, hasBasic := r.BasicAuth() if hasBasic { - _, isAuthenticated = Context.auth.findUser(user, pass) + _, isAuthenticated = globalContext.auth.findUser(user, pass) if !isAuthenticated { log.Info("%s: invalid basic authorization value", pref) } } } else { - res := Context.auth.checkSession(cookie.Value) + res := globalContext.auth.checkSession(cookie.Value) isAuthenticated = res == checkSessionOK if !isAuthenticated { log.Debug("%s: invalid cookie value: %q", pref, cookie) @@ -294,12 +294,12 @@ func optionalAuth( ) (wrapped func(http.ResponseWriter, *http.Request)) { return func(w http.ResponseWriter, r *http.Request) { p := r.URL.Path - authRequired := Context.auth != nil && Context.auth.authRequired() + authRequired := globalContext.auth != nil && globalContext.auth.authRequired() if p == "/login.html" { cookie, err := r.Cookie(sessionCookieName) if authRequired && err == nil { // Redirect to the dashboard if already authenticated. - res := Context.auth.checkSession(cookie.Value) + res := globalContext.auth.checkSession(cookie.Value) if res == checkSessionOK { http.Redirect(w, r, "", http.StatusFound) diff --git a/internal/home/authhttp_internal_test.go b/internal/home/authhttp_internal_test.go index db6ce34e..9819298a 100644 --- a/internal/home/authhttp_internal_test.go +++ b/internal/home/authhttp_internal_test.go @@ -39,7 +39,7 @@ func TestAuthHTTP(t *testing.T) { users := []webUser{ {Name: "name", PasswordHash: "$2y$05$..vyzAECIhJPfaQiOK17IukcQnqEgKJHy0iETyYqxn3YXJl8yZuo2"}, } - Context.auth = InitAuth(fn, users, 60, nil, nil) + globalContext.auth = InitAuth(fn, users, 60, nil, nil) handlerCalled := false handler := func(_ http.ResponseWriter, _ *http.Request) { @@ -68,7 +68,7 @@ func TestAuthHTTP(t *testing.T) { assert.True(t, handlerCalled) // perform login - cookie, err := Context.auth.newCookie(loginJSON{Name: "name", Password: "password"}, "") + cookie, err := globalContext.auth.newCookie(loginJSON{Name: "name", Password: "password"}, "") require.NoError(t, err) require.NotNil(t, cookie) @@ -114,7 +114,7 @@ func TestAuthHTTP(t *testing.T) { assert.True(t, handlerCalled) r.Header.Del(httphdr.Cookie) - Context.auth.Close() + globalContext.auth.Close() } func TestRealIP(t *testing.T) { diff --git a/internal/home/config.go b/internal/home/config.go index f8b09551..65da7ed1 100644 --- a/internal/home/config.go +++ b/internal/home/config.go @@ -486,9 +486,9 @@ var config = &configuration{ // configFilePath returns the absolute path to the symlink-evaluated path to the // current config file. func configFilePath() (confPath string) { - confPath, err := filepath.EvalSymlinks(Context.confFilePath) + confPath, err := filepath.EvalSymlinks(globalContext.confFilePath) if err != nil { - confPath = Context.confFilePath + confPath = globalContext.confFilePath logFunc := log.Error if errors.Is(err, os.ErrNotExist) { logFunc = log.Debug @@ -498,7 +498,7 @@ func configFilePath() (confPath string) { } if !filepath.IsAbs(confPath) { - confPath = filepath.Join(Context.workDir, confPath) + confPath = filepath.Join(globalContext.workDir, confPath) } return confPath @@ -530,8 +530,8 @@ func parseConfig() (err error) { } migrator := configmigrate.New(&configmigrate.Config{ - WorkingDir: Context.workDir, - DataDir: Context.getDataDir(), + WorkingDir: globalContext.workDir, + DataDir: globalContext.getDataDir(), }) var upgraded bool @@ -644,27 +644,27 @@ func (c *configuration) write() (err error) { c.Lock() defer c.Unlock() - if Context.auth != nil { - config.Users = Context.auth.usersList() + if globalContext.auth != nil { + config.Users = globalContext.auth.usersList() } - if Context.tls != nil { + if globalContext.tls != nil { tlsConf := tlsConfigSettings{} - Context.tls.WriteDiskConfig(&tlsConf) + globalContext.tls.WriteDiskConfig(&tlsConf) config.TLS = tlsConf } - if Context.stats != nil { + if globalContext.stats != nil { statsConf := stats.Config{} - Context.stats.WriteDiskConfig(&statsConf) + globalContext.stats.WriteDiskConfig(&statsConf) config.Stats.Interval = timeutil.Duration(statsConf.Limit) config.Stats.Enabled = statsConf.Enabled config.Stats.Ignored = statsConf.Ignored.Values() } - if Context.queryLog != nil { + if globalContext.queryLog != nil { dc := querylog.Config{} - Context.queryLog.WriteDiskConfig(&dc) + globalContext.queryLog.WriteDiskConfig(&dc) config.DNS.AnonymizeClientIP = dc.AnonymizeClientIP config.QueryLog.Enabled = dc.Enabled config.QueryLog.FileEnabled = dc.FileEnabled @@ -673,14 +673,14 @@ func (c *configuration) write() (err error) { config.QueryLog.Ignored = dc.Ignored.Values() } - if Context.filters != nil { - Context.filters.WriteDiskConfig(config.Filtering) + if globalContext.filters != nil { + globalContext.filters.WriteDiskConfig(config.Filtering) config.Filters = config.Filtering.Filters config.WhitelistFilters = config.Filtering.WhitelistFilters config.UserRules = config.Filtering.UserRules } - if s := Context.dnsServer; s != nil { + if s := globalContext.dnsServer; s != nil { c := dnsforward.Config{} s.WriteDiskConfig(&c) dns := &config.DNS @@ -695,11 +695,11 @@ func (c *configuration) write() (err error) { dns.UpstreamTimeout = timeutil.Duration(s.UpstreamTimeout()) } - if Context.dhcpServer != nil { - Context.dhcpServer.WriteDiskConfig(config.DHCP) + if globalContext.dhcpServer != nil { + globalContext.dhcpServer.WriteDiskConfig(config.DHCP) } - config.Clients.Persistent = Context.clients.forConfig() + config.Clients.Persistent = globalContext.clients.forConfig() confPath := configFilePath() log.Debug("writing config file %q", confPath) @@ -726,14 +726,14 @@ func setContextTLSCipherIDs() (err error) { if len(config.TLS.OverrideTLSCiphers) == 0 { log.Info("tls: using default ciphers") - Context.tlsCipherIDs = aghtls.SaferCipherSuites() + globalContext.tlsCipherIDs = aghtls.SaferCipherSuites() return nil } log.Info("tls: overriding ciphers: %s", config.TLS.OverrideTLSCiphers) - Context.tlsCipherIDs, err = aghtls.ParseCiphers(config.TLS.OverrideTLSCiphers) + globalContext.tlsCipherIDs, err = aghtls.ParseCiphers(config.TLS.OverrideTLSCiphers) if err != nil { return fmt.Errorf("parsing override ciphers: %w", err) } diff --git a/internal/home/control.go b/internal/home/control.go index 61028bd4..ebf5edec 100644 --- a/internal/home/control.go +++ b/internal/home/control.go @@ -129,10 +129,10 @@ func handleStatus(w http.ResponseWriter, r *http.Request) { protectionDisabledUntil *time.Time protectionEnabled bool ) - if Context.dnsServer != nil { + if globalContext.dnsServer != nil { fltConf = &dnsforward.Config{} - Context.dnsServer.WriteDiskConfig(fltConf) - protectionEnabled, protectionDisabledUntil = Context.dnsServer.UpdatedProtectionStatus() + globalContext.dnsServer.WriteDiskConfig(fltConf) + protectionEnabled, protectionDisabledUntil = globalContext.dnsServer.UpdatedProtectionStatus() } var resp statusResponse @@ -162,7 +162,7 @@ func handleStatus(w http.ResponseWriter, r *http.Request) { // IsDHCPAvailable field is now false by default for Windows. if runtime.GOOS != "windows" { - resp.IsDHCPAvailable = Context.dhcpServer != nil + resp.IsDHCPAvailable = globalContext.dhcpServer != nil } aghhttp.WriteJSONResponseOK(w, r, resp) @@ -172,7 +172,7 @@ func handleStatus(w http.ResponseWriter, r *http.Request) { // registration of handlers // ------------------------ func registerControlHandlers(web *webAPI) { - Context.mux.HandleFunc( + globalContext.mux.HandleFunc( "/control/version.json", postInstall(optionalAuth(web.handleVersionJSON)), ) @@ -185,19 +185,19 @@ func registerControlHandlers(web *webAPI) { httpRegister(http.MethodPut, "/control/profile/update", handlePutProfile) // No auth is necessary for DoH/DoT configurations - Context.mux.HandleFunc("/apple/doh.mobileconfig", postInstall(handleMobileConfigDoH)) - Context.mux.HandleFunc("/apple/dot.mobileconfig", postInstall(handleMobileConfigDoT)) + globalContext.mux.HandleFunc("/apple/doh.mobileconfig", postInstall(handleMobileConfigDoH)) + globalContext.mux.HandleFunc("/apple/dot.mobileconfig", postInstall(handleMobileConfigDoT)) RegisterAuthHandlers() } func httpRegister(method, url string, handler http.HandlerFunc) { if method == "" { // "/dns-query" handler doesn't need auth, gzip and isn't restricted by 1 HTTP method - Context.mux.HandleFunc(url, postInstall(handler)) + globalContext.mux.HandleFunc(url, postInstall(handler)) return } - Context.mux.Handle(url, postInstallHandler(optionalAuthHandler(gziphandler.GzipHandler(ensureHandler(method, handler))))) + globalContext.mux.Handle(url, postInstallHandler(optionalAuthHandler(gziphandler.GzipHandler(ensureHandler(method, handler))))) } // ensure returns a wrapped handler that makes sure that the request has the @@ -223,8 +223,8 @@ func ensure( return } - Context.controlLock.Lock() - defer Context.controlLock.Unlock() + globalContext.controlLock.Lock() + defer globalContext.controlLock.Unlock() } handler(w, r) @@ -293,7 +293,7 @@ func ensureHandler(method string, handler func(http.ResponseWriter, *http.Reques // preInstall lets the handler run only if firstRun is true, no redirects func preInstall(handler func(http.ResponseWriter, *http.Request)) func(http.ResponseWriter, *http.Request) { return func(w http.ResponseWriter, r *http.Request) { - if !Context.firstRun { + if !globalContext.firstRun { // if it's not first run, don't let users access it (for example /install.html when configuration is done) http.Error(w, http.StatusText(http.StatusForbidden), http.StatusForbidden) return @@ -320,7 +320,7 @@ func preInstallHandler(handler http.Handler) http.Handler { // HTTPS-related headers. If proceed is true, the middleware must continue // handling the request. func handleHTTPSRedirect(w http.ResponseWriter, r *http.Request) (proceed bool) { - web := Context.web + web := globalContext.web if web.httpsServer.server == nil { return true } @@ -409,7 +409,7 @@ func httpsURL(u *url.URL, host string, portHTTPS uint16) (redirectURL *url.URL) func postInstall(handler func(http.ResponseWriter, *http.Request)) func(http.ResponseWriter, *http.Request) { return func(w http.ResponseWriter, r *http.Request) { path := r.URL.Path - if Context.firstRun && !strings.HasPrefix(path, "/install.") && + if globalContext.firstRun && !strings.HasPrefix(path, "/install.") && !strings.HasPrefix(path, "/assets/") { http.Redirect(w, r, "install.html", http.StatusFound) diff --git a/internal/home/controlinstall.go b/internal/home/controlinstall.go index 9d7a96a0..52bd8b69 100644 --- a/internal/home/controlinstall.go +++ b/internal/home/controlinstall.go @@ -428,20 +428,20 @@ func (web *webAPI) handleInstallConfigure(w http.ResponseWriter, r *http.Request curConfig := &configuration{} copyInstallSettings(curConfig, config) - Context.firstRun = false + globalContext.firstRun = false config.DNS.BindHosts = []netip.Addr{req.DNS.IP} config.DNS.Port = req.DNS.Port config.Filtering.SafeFSPatterns = []string{ - filepath.Join(Context.workDir, userFilterDataDir, "*"), + filepath.Join(globalContext.workDir, userFilterDataDir, "*"), } config.HTTPConfig.Address = netip.AddrPortFrom(req.Web.IP, req.Web.Port) u := &webUser{ Name: req.Username, } - err = Context.auth.addUser(u, req.Password) + err = globalContext.auth.addUser(u, req.Password) if err != nil { - Context.firstRun = true + globalContext.firstRun = true copyInstallSettings(config, curConfig) aghhttp.Error(r, w, http.StatusUnprocessableEntity, "%s", err) @@ -454,7 +454,7 @@ func (web *webAPI) handleInstallConfigure(w http.ResponseWriter, r *http.Request // functions potentially restart the HTTPS server. err = startMods(web.baseLogger) if err != nil { - Context.firstRun = true + globalContext.firstRun = true copyInstallSettings(config, curConfig) aghhttp.Error(r, w, http.StatusInternalServerError, "%s", err) @@ -463,7 +463,7 @@ func (web *webAPI) handleInstallConfigure(w http.ResponseWriter, r *http.Request err = config.write() if err != nil { - Context.firstRun = true + globalContext.firstRun = true copyInstallSettings(config, curConfig) aghhttp.Error(r, w, http.StatusInternalServerError, "Couldn't write config: %s", err) @@ -528,7 +528,7 @@ func decodeApplyConfigReq(r io.Reader) (req *applyConfigReq, restartHTTP bool, e } func (web *webAPI) registerInstallHandlers() { - Context.mux.HandleFunc("/control/install/get_addresses", preInstall(ensureGET(web.handleInstallGetAddresses))) - Context.mux.HandleFunc("/control/install/check_config", preInstall(ensurePOST(web.handleInstallCheckConfig))) - Context.mux.HandleFunc("/control/install/configure", preInstall(ensurePOST(web.handleInstallConfigure))) + globalContext.mux.HandleFunc("/control/install/get_addresses", preInstall(ensureGET(web.handleInstallGetAddresses))) + globalContext.mux.HandleFunc("/control/install/check_config", preInstall(ensurePOST(web.handleInstallCheckConfig))) + globalContext.mux.HandleFunc("/control/install/configure", preInstall(ensurePOST(web.handleInstallConfigure))) } diff --git a/internal/home/controlupdate.go b/internal/home/controlupdate.go index bdecc4e9..96891ad2 100644 --- a/internal/home/controlupdate.go +++ b/internal/home/controlupdate.go @@ -165,7 +165,7 @@ func (vr *versionResponse) setAllowedToAutoUpdate() (err error) { } tlsConf := &tlsConfigSettings{} - Context.tls.WriteDiskConfig(tlsConf) + globalContext.tls.WriteDiskConfig(tlsConf) canUpdate := true if tlsConfUsesPrivilegedPorts(tlsConf) || diff --git a/internal/home/dns.go b/internal/home/dns.go index af174b45..7b2815f1 100644 --- a/internal/home/dns.go +++ b/internal/home/dns.go @@ -45,9 +45,9 @@ func onConfigModified() { } } -// initDNS updates all the fields of the [Context] needed to initialize the DNS +// initDNS updates all the fields of the [globalContext] needed to initialize the DNS // server and initializes it at last. It also must not be called unless -// [config] and [Context] are initialized. baseLogger must not be nil. +// [config] and [globalContext] are initialized. baseLogger must not be nil. func initDNS(baseLogger *slog.Logger, statsDir, querylogDir string) (err error) { anonymizer := config.anonymizer() @@ -58,7 +58,7 @@ func initDNS(baseLogger *slog.Logger, statsDir, querylogDir string) (err error) ConfigModified: onConfigModified, HTTPRegister: httpRegister, Enabled: config.Stats.Enabled, - ShouldCountClient: Context.clients.shouldCountClient, + ShouldCountClient: globalContext.clients.shouldCountClient, } engine, err := aghnet.NewIgnoreEngine(config.Stats.Ignored) @@ -67,7 +67,7 @@ func initDNS(baseLogger *slog.Logger, statsDir, querylogDir string) (err error) } statsConf.Ignored = engine - Context.stats, err = stats.New(statsConf) + globalContext.stats, err = stats.New(statsConf) if err != nil { return fmt.Errorf("init stats: %w", err) } @@ -77,7 +77,7 @@ func initDNS(baseLogger *slog.Logger, statsDir, querylogDir string) (err error) Anonymizer: anonymizer, ConfigModified: onConfigModified, HTTPRegister: httpRegister, - FindClient: Context.clients.findMultiple, + FindClient: globalContext.clients.findMultiple, BaseDir: querylogDir, AnonymizeClientIP: config.DNS.AnonymizeClientIP, RotationIvl: time.Duration(config.QueryLog.Interval), @@ -92,25 +92,25 @@ func initDNS(baseLogger *slog.Logger, statsDir, querylogDir string) (err error) } conf.Ignored = engine - Context.queryLog, err = querylog.New(conf) + globalContext.queryLog, err = querylog.New(conf) if err != nil { return fmt.Errorf("init querylog: %w", err) } - Context.filters, err = filtering.New(config.Filtering, nil) + globalContext.filters, err = filtering.New(config.Filtering, nil) if err != nil { // Don't wrap the error, since it's informative enough as is. return err } tlsConf := &tlsConfigSettings{} - Context.tls.WriteDiskConfig(tlsConf) + globalContext.tls.WriteDiskConfig(tlsConf) return initDNSServer( - Context.filters, - Context.stats, - Context.queryLog, - Context.dhcpServer, + globalContext.filters, + globalContext.stats, + globalContext.queryLog, + globalContext.dhcpServer, anonymizer, httpRegister, tlsConf, @@ -121,7 +121,7 @@ func initDNS(baseLogger *slog.Logger, statsDir, querylogDir string) (err error) // initDNSServer initializes the [context.dnsServer]. To only use the internal // proxy, none of the arguments are required, but tlsConf and l still must not // be nil, in other cases all the arguments also must not be nil. It also must -// not be called unless [config] and [Context] are initialized. +// not be called unless [config] and [globalContext] are initialized. // // TODO(e.burkov): Use [dnsforward.DNSCreateParams] as a parameter. func initDNSServer( @@ -134,7 +134,7 @@ func initDNSServer( tlsConf *tlsConfigSettings, l *slog.Logger, ) (err error) { - Context.dnsServer, err = dnsforward.NewServer(dnsforward.DNSCreateParams{ + globalContext.dnsServer, err = dnsforward.NewServer(dnsforward.DNSCreateParams{ Logger: l, DNSFilter: filters, Stats: sts, @@ -142,7 +142,7 @@ func initDNSServer( PrivateNets: parseSubnetSet(config.DNS.PrivateNets), Anonymizer: anonymizer, DHCPServer: dhcpSrv, - EtcHosts: Context.etcHosts, + EtcHosts: globalContext.etcHosts, LocalDomain: config.DHCP.LocalDomainName, }) defer func() { @@ -154,7 +154,7 @@ func initDNSServer( return fmt.Errorf("dnsforward.NewServer: %w", err) } - Context.clients.clientChecker = Context.dnsServer + globalContext.clients.clientChecker = globalContext.dnsServer dnsConf, err := newServerConfig(&config.DNS, config.Clients.Sources, tlsConf, httpReg) if err != nil { @@ -163,12 +163,12 @@ func initDNSServer( // Try to prepare the server with disabled private RDNS resolution if it // failed to prepare as is. See TODO on [dnsforward.PrivateRDNSError]. - err = Context.dnsServer.Prepare(dnsConf) + err = globalContext.dnsServer.Prepare(dnsConf) if privRDNSErr := (&dnsforward.PrivateRDNSError{}); errors.As(err, &privRDNSErr) { log.Info("WARNING: %s; trying to disable private RDNS resolution", err) dnsConf.UsePrivateRDNS = false - err = Context.dnsServer.Prepare(dnsConf) + err = globalContext.dnsServer.Prepare(dnsConf) } if err != nil { @@ -194,7 +194,7 @@ func parseSubnetSet(nets []netutil.Prefix) (s netutil.SubnetSet) { } func isRunning() bool { - return Context.dnsServer != nil && Context.dnsServer.IsRunning() + return globalContext.dnsServer != nil && globalContext.dnsServer.IsRunning() } func ipsToTCPAddrs(ips []netip.Addr, port uint16) (tcpAddrs []*net.TCPAddr) { @@ -235,7 +235,7 @@ func newServerConfig( fwdConf := dnsConf.Config fwdConf.FilterHandler = applyAdditionalFiltering - fwdConf.ClientsContainer = &Context.clients + fwdConf.ClientsContainer = &globalContext.clients newConf = &dnsforward.ServerConfig{ UDPListenAddrs: ipsToUDPAddrs(hosts, dnsConf.Port), @@ -244,7 +244,7 @@ func newServerConfig( TLSConfig: newDNSTLSConfig(tlsConf, hosts), TLSAllowUnencryptedDoH: tlsConf.AllowUnencryptedDoH, UpstreamTimeout: time.Duration(dnsConf.UpstreamTimeout), - TLSv12Roots: Context.tlsRoots, + TLSv12Roots: globalContext.tlsRoots, ConfigModified: onConfigModified, HTTPRegister: httpReg, LocalPTRResolvers: dnsConf.PrivateRDNSResolvers, @@ -259,16 +259,16 @@ func newServerConfig( var initialAddresses []netip.Addr // Context.stats may be nil here if initDNSServer is called from // [cmdlineUpdate]. - if sts := Context.stats; sts != nil { + if sts := globalContext.stats; sts != nil { const initialClientsNum = 100 - initialAddresses = Context.stats.TopClientsIP(initialClientsNum) + initialAddresses = globalContext.stats.TopClientsIP(initialClientsNum) } // Do not set DialContext, PrivateSubnets, and UsePrivateRDNS, because they // are set by [dnsforward.Server.Prepare]. newConf.AddrProcConf = &client.DefaultAddrProcConfig{ - Exchanger: Context.dnsServer, - AddressUpdater: &Context.clients, + Exchanger: globalContext.dnsServer, + AddressUpdater: &globalContext.clients, InitialAddresses: initialAddresses, CatchPanics: true, UseRDNS: clientSrcConf.RDNS, @@ -359,7 +359,7 @@ type dnsEncryption struct { func getDNSEncryption() (de dnsEncryption) { tlsConf := tlsConfigSettings{} - Context.tls.WriteDiskConfig(&tlsConf) + globalContext.tls.WriteDiskConfig(&tlsConf) if !tlsConf.Enabled || len(tlsConf.ServerName) == 0 { return dnsEncryption{} @@ -402,7 +402,7 @@ func applyAdditionalFiltering(clientIP netip.Addr, clientID string, setts *filte // pref is a prefix for logging messages around the scope. const pref = "applying filters" - Context.filters.ApplyBlockedServices(setts) + globalContext.filters.ApplyBlockedServices(setts) log.Debug("%s: looking for client with ip %s and clientid %q", pref, clientIP, clientID) @@ -412,9 +412,9 @@ func applyAdditionalFiltering(clientIP netip.Addr, clientID string, setts *filte setts.ClientIP = clientIP - c, ok := Context.clients.storage.Find(clientID) + c, ok := globalContext.clients.storage.Find(clientID) if !ok { - c, ok = Context.clients.storage.Find(clientIP.String()) + c, ok = globalContext.clients.storage.Find(clientIP.String()) if !ok { log.Debug("%s: no clients with ip %s and clientid %q", pref, clientIP, clientID) @@ -429,7 +429,7 @@ func applyAdditionalFiltering(clientIP netip.Addr, clientID string, setts *filte setts.ServicesRules = nil svcs := c.BlockedServices.IDs if !c.BlockedServices.Schedule.Contains(time.Now()) { - Context.filters.ApplyBlockedServicesList(setts, svcs) + globalContext.filters.ApplyBlockedServicesList(setts, svcs) log.Debug("%s: services for client %q set: %s", pref, c.Name, svcs) } } @@ -455,24 +455,24 @@ func startDNSServer() error { return fmt.Errorf("unable to start forwarding DNS server: Already running") } - Context.filters.EnableFilters(false) + globalContext.filters.EnableFilters(false) // TODO(s.chzhen): Pass context. ctx := context.TODO() - err := Context.clients.Start(ctx) + err := globalContext.clients.Start(ctx) if err != nil { return fmt.Errorf("starting clients container: %w", err) } - err = Context.dnsServer.Start() + err = globalContext.dnsServer.Start() if err != nil { return fmt.Errorf("starting dns server: %w", err) } - Context.filters.Start() - Context.stats.Start() + globalContext.filters.Start() + globalContext.stats.Start() - err = Context.queryLog.Start(ctx) + err = globalContext.queryLog.Start(ctx) if err != nil { return fmt.Errorf("starting query log: %w", err) } @@ -482,14 +482,14 @@ func startDNSServer() error { func reconfigureDNSServer() (err error) { tlsConf := &tlsConfigSettings{} - Context.tls.WriteDiskConfig(tlsConf) + globalContext.tls.WriteDiskConfig(tlsConf) newConf, err := newServerConfig(&config.DNS, config.Clients.Sources, tlsConf, httpRegister) if err != nil { return fmt.Errorf("generating forwarding dns server config: %w", err) } - err = Context.dnsServer.Reconfigure(newConf) + err = globalContext.dnsServer.Reconfigure(newConf) if err != nil { return fmt.Errorf("starting forwarding dns server: %w", err) } @@ -502,12 +502,12 @@ func stopDNSServer() (err error) { return nil } - err = Context.dnsServer.Stop() + err = globalContext.dnsServer.Stop() if err != nil { return fmt.Errorf("stopping forwarding dns server: %w", err) } - err = Context.clients.close(context.TODO()) + err = globalContext.clients.close(context.TODO()) if err != nil { return fmt.Errorf("closing clients container: %w", err) } @@ -519,25 +519,25 @@ func stopDNSServer() (err error) { func closeDNSServer() { // DNS forward module must be closed BEFORE stats or queryLog because it depends on them - if Context.dnsServer != nil { - Context.dnsServer.Close() - Context.dnsServer = nil + if globalContext.dnsServer != nil { + globalContext.dnsServer.Close() + globalContext.dnsServer = nil } - if Context.filters != nil { - Context.filters.Close() + if globalContext.filters != nil { + globalContext.filters.Close() } - if Context.stats != nil { - err := Context.stats.Close() + if globalContext.stats != nil { + err := globalContext.stats.Close() if err != nil { log.Error("closing stats: %s", err) } } - if Context.queryLog != nil { + if globalContext.queryLog != nil { // TODO(s.chzhen): Pass context. - err := Context.queryLog.Shutdown(context.TODO()) + err := globalContext.queryLog.Shutdown(context.TODO()) if err != nil { log.Error("closing query log: %s", err) } diff --git a/internal/home/dns_internal_test.go b/internal/home/dns_internal_test.go index b04ee648..d7c627f7 100644 --- a/internal/home/dns_internal_test.go +++ b/internal/home/dns_internal_test.go @@ -37,14 +37,14 @@ func newStorage(tb testing.TB, clients []*client.Persistent) (s *client.Storage) func TestApplyAdditionalFiltering(t *testing.T) { var err error - Context.filters, err = filtering.New(&filtering.Config{ + globalContext.filters, err = filtering.New(&filtering.Config{ BlockedServices: &filtering.BlockedServices{ Schedule: schedule.EmptyWeekly(), }, }, nil) require.NoError(t, err) - Context.clients.storage = newStorage(t, []*client.Persistent{{ + globalContext.clients.storage = newStorage(t, []*client.Persistent{{ Name: "default", ClientIDs: []string{"default"}, UseOwnSettings: false, @@ -124,7 +124,7 @@ func TestApplyAdditionalFiltering_blockedServices(t *testing.T) { err error ) - Context.filters, err = filtering.New(&filtering.Config{ + globalContext.filters, err = filtering.New(&filtering.Config{ BlockedServices: &filtering.BlockedServices{ Schedule: schedule.EmptyWeekly(), IDs: globalBlockedServices, @@ -132,7 +132,7 @@ func TestApplyAdditionalFiltering_blockedServices(t *testing.T) { }, nil) require.NoError(t, err) - Context.clients.storage = newStorage(t, []*client.Persistent{{ + globalContext.clients.storage = newStorage(t, []*client.Persistent{{ Name: "default", ClientIDs: []string{"default"}, UseOwnBlockedServices: false, diff --git a/internal/home/home.go b/internal/home/home.go index 07f91ac4..3cd3b27d 100644 --- a/internal/home/home.go +++ b/internal/home/home.go @@ -91,10 +91,10 @@ func (c *homeContext) getDataDir() string { return filepath.Join(c.workDir, dataDir) } -// Context - a global context object +// globalContext is a global context object. // // TODO(a.garipov): Refactor. -var Context homeContext +var globalContext homeContext // Main is the entry point func Main(clientBuildFS fs.FS) { @@ -120,8 +120,8 @@ func Main(clientBuildFS fs.FS) { log.Info("Received signal %q", sig) switch sig { case syscall.SIGHUP: - Context.clients.storage.ReloadARP(ctx) - Context.tls.reload() + globalContext.clients.storage.ReloadARP(ctx) + globalContext.tls.reload() default: cleanup(ctx) cleanupAlways() @@ -140,13 +140,13 @@ func Main(clientBuildFS fs.FS) { run(opts, clientBuildFS, done) } -// setupContext initializes [Context] fields. It also reads and upgrades +// setupContext initializes [globalContext] fields. It also reads and upgrades // config file if necessary. func setupContext(opts options) (err error) { - Context.firstRun = detectFirstRun() + globalContext.firstRun = detectFirstRun() - Context.tlsRoots = aghtls.SystemRootCAs() - Context.mux = http.NewServeMux() + globalContext.tlsRoots = aghtls.SystemRootCAs() + globalContext.mux = http.NewServeMux() if !opts.noEtcHosts { err = setupHostsContainer() @@ -156,7 +156,7 @@ func setupContext(opts options) (err error) { } } - if Context.firstRun { + if globalContext.firstRun { log.Info("This is the first time AdGuard Home is launched") checkNetworkPermissions() @@ -247,7 +247,7 @@ func setupHostsContainer() (err error) { return fmt.Errorf("getting default system hosts paths: %w", err) } - Context.etcHosts, err = aghnet.NewHostsContainer(osutil.RootDirFS(), hostsWatcher, paths...) + globalContext.etcHosts, err = aghnet.NewHostsContainer(osutil.RootDirFS(), hostsWatcher, paths...) if err != nil { closeErr := hostsWatcher.Close() if errors.Is(err, aghnet.ErrNoHostsPaths) { @@ -271,7 +271,7 @@ func setupOpts(opts options) (err error) { } if len(opts.pidFile) != 0 && writePIDFile(opts.pidFile) { - Context.pidFileName = opts.pidFile + globalContext.pidFileName = opts.pidFile } return nil @@ -286,13 +286,13 @@ func initContextClients(ctx context.Context, logger *slog.Logger) (err error) { } //lint:ignore SA1019 Migration is not over. - config.DHCP.WorkDir = Context.workDir - config.DHCP.DataDir = Context.getDataDir() + config.DHCP.WorkDir = globalContext.workDir + config.DHCP.DataDir = globalContext.getDataDir() config.DHCP.HTTPRegister = httpRegister config.DHCP.ConfigModified = onConfigModified - Context.dhcpServer, err = dhcpd.Create(config.DHCP) - if Context.dhcpServer == nil || err != nil { + globalContext.dhcpServer, err = dhcpd.Create(config.DHCP) + if globalContext.dhcpServer == nil || err != nil { // TODO(a.garipov): There are a lot of places in the code right // now which assume that the DHCP server can be nil despite this // condition. Inspect them and perhaps rewrite them to use @@ -305,12 +305,12 @@ func initContextClients(ctx context.Context, logger *slog.Logger) (err error) { arpDB = arpdb.New(logger.With(slogutil.KeyError, "arpdb")) } - return Context.clients.Init( + return globalContext.clients.Init( ctx, logger, config.Clients.Persistent, - Context.dhcpServer, - Context.etcHosts, + globalContext.dhcpServer, + globalContext.etcHosts, arpDB, config.Filtering, ) @@ -374,15 +374,15 @@ func setupDNSFilteringConf( pcTXTSuffix = `pc.dns.adguard.com.` ) - conf.EtcHosts = Context.etcHosts + conf.EtcHosts = globalContext.etcHosts // TODO(s.chzhen): Use empty interface. - if Context.etcHosts == nil || !config.DNS.HostsFileEnabled { + if globalContext.etcHosts == nil || !config.DNS.HostsFileEnabled { conf.EtcHosts = nil } conf.ConfigModified = onConfigModified conf.HTTPRegister = httpRegister - conf.DataDir = Context.getDataDir() + conf.DataDir = globalContext.getDataDir() conf.Filters = slices.Clone(config.Filters) conf.WhitelistFilters = slices.Clone(config.WhitelistFilters) conf.UserRules = slices.Clone(config.UserRules) @@ -560,7 +560,7 @@ func initWeb( ReadHeaderTimeout: readHdrTimeout, WriteTimeout: writeTimeout, - firstRun: Context.firstRun, + firstRun: globalContext.firstRun, disableUpdate: disableUpdate, runningAsService: opts.runningAsService, serveHTTP3: config.DNS.ServeHTTP3, @@ -602,7 +602,7 @@ func run(opts options, clientBuildFS fs.FS, done chan struct{}) { // Print the first message after logger is configured. log.Info(version.Full()) - log.Debug("current working directory is %s", Context.workDir) + log.Debug("current working directory is %s", globalContext.workDir) if opts.runningAsService { log.Info("AdGuard Home is running as a service") } @@ -632,13 +632,13 @@ func run(opts options, clientBuildFS fs.FS, done chan struct{}) { confPath := configFilePath() - upd, customURL := newUpdater(ctx, slogLogger, Context.workDir, confPath, execPath, config) + upd, customURL := newUpdater(ctx, slogLogger, globalContext.workDir, confPath, execPath, config) // TODO(e.burkov): This could be made earlier, probably as the option's // effect. cmdlineUpdate(ctx, slogLogger, opts, upd) - if !Context.firstRun { + if !globalContext.firstRun { // Save the updated config. err = config.write() fatalOnError(err) @@ -648,33 +648,33 @@ func run(opts options, clientBuildFS fs.FS, done chan struct{}) { } } - dataDir := Context.getDataDir() + dataDir := globalContext.getDataDir() err = os.MkdirAll(dataDir, aghos.DefaultPermDir) fatalOnError(errors.Annotate(err, "creating DNS data dir at %s: %w", dataDir)) GLMode = opts.glinetMode // Init auth module. - Context.auth, err = initUsers() + globalContext.auth, err = initUsers() fatalOnError(err) - Context.tls, err = newTLSManager(config.TLS, config.DNS.ServePlainDNS) + globalContext.tls, err = newTLSManager(config.TLS, config.DNS.ServePlainDNS) if err != nil { log.Error("initializing tls: %s", err) onConfigModified() } - Context.web, err = initWeb(ctx, opts, clientBuildFS, upd, slogLogger, customURL) + globalContext.web, err = initWeb(ctx, opts, clientBuildFS, upd, slogLogger, customURL) fatalOnError(err) - statsDir, querylogDir, err := checkStatsAndQuerylogDirs(&Context, config) + statsDir, querylogDir, err := checkStatsAndQuerylogDirs(&globalContext, config) fatalOnError(err) - if !Context.firstRun { + if !globalContext.firstRun { err = initDNS(slogLogger, statsDir, querylogDir) fatalOnError(err) - Context.tls.start() + globalContext.tls.start() go func() { startErr := startDNSServer() @@ -684,8 +684,8 @@ func run(opts options, clientBuildFS fs.FS, done chan struct{}) { } }() - if Context.dhcpServer != nil { - err = Context.dhcpServer.Start() + if globalContext.dhcpServer != nil { + err = globalContext.dhcpServer.Start() if err != nil { log.Error("starting dhcp server: %s", err) } @@ -693,10 +693,10 @@ func run(opts options, clientBuildFS fs.FS, done chan struct{}) { } if !opts.noPermCheck { - checkPermissions(ctx, slogLogger, Context.workDir, confPath, dataDir, statsDir, querylogDir) + checkPermissions(ctx, slogLogger, globalContext.workDir, confPath, dataDir, statsDir, querylogDir) } - Context.web.start(ctx) + globalContext.web.start(ctx) // Wait for other goroutines to complete their job. <-done @@ -775,7 +775,7 @@ func checkPermissions( // initUsers initializes context auth module. Clears config users field. func initUsers() (auth *Auth, err error) { - sessFilename := filepath.Join(Context.getDataDir(), "sessions.db") + sessFilename := filepath.Join(globalContext.getDataDir(), "sessions.db") var rateLimiter *authRateLimiter if config.AuthAttempts > 0 && config.AuthBlockMin > 0 { @@ -810,7 +810,7 @@ func (c *configuration) anonymizer() (ipmut *aghnet.IPMut) { // startMods initializes and starts the DNS server after installation. // baseLogger must not be nil. func startMods(baseLogger *slog.Logger) (err error) { - statsDir, querylogDir, err := checkStatsAndQuerylogDirs(&Context, config) + statsDir, querylogDir, err := checkStatsAndQuerylogDirs(&globalContext, config) if err != nil { return err } @@ -820,7 +820,7 @@ func startMods(baseLogger *slog.Logger) (err error) { return err } - Context.tls.start() + globalContext.tls.start() err = startDNSServer() if err != nil { @@ -883,14 +883,14 @@ func writePIDFile(fn string) bool { func initConfigFilename(opts options) { confPath := opts.confFilename if confPath == "" { - Context.confFilePath = filepath.Join(Context.workDir, "AdGuardHome.yaml") + globalContext.confFilePath = filepath.Join(globalContext.workDir, "AdGuardHome.yaml") return } log.Debug("config path overridden to %q from cmdline", confPath) - Context.confFilePath = confPath + globalContext.confFilePath = confPath } // initWorkingDir initializes the workDir. If no command-line arguments are @@ -904,18 +904,18 @@ func initWorkingDir(opts options) (err error) { if opts.workDir != "" { // If there is a custom config file, use it's directory as our working dir - Context.workDir = opts.workDir + globalContext.workDir = opts.workDir } else { - Context.workDir = filepath.Dir(execPath) + globalContext.workDir = filepath.Dir(execPath) } - workDir, err := filepath.EvalSymlinks(Context.workDir) + workDir, err := filepath.EvalSymlinks(globalContext.workDir) if err != nil { // Don't wrap the error, because it's informative enough as is. return err } - Context.workDir = workDir + globalContext.workDir = workDir return nil } @@ -924,13 +924,13 @@ func initWorkingDir(opts options) (err error) { func cleanup(ctx context.Context) { log.Info("stopping AdGuard Home") - if Context.web != nil { - Context.web.close(ctx) - Context.web = nil + if globalContext.web != nil { + globalContext.web.close(ctx) + globalContext.web = nil } - if Context.auth != nil { - Context.auth.Close() - Context.auth = nil + if globalContext.auth != nil { + globalContext.auth.Close() + globalContext.auth = nil } err := stopDNSServer() @@ -938,28 +938,28 @@ func cleanup(ctx context.Context) { log.Error("stopping dns server: %s", err) } - if Context.dhcpServer != nil { - err = Context.dhcpServer.Stop() + if globalContext.dhcpServer != nil { + err = globalContext.dhcpServer.Stop() if err != nil { log.Error("stopping dhcp server: %s", err) } } - if Context.etcHosts != nil { - if err = Context.etcHosts.Close(); err != nil { + if globalContext.etcHosts != nil { + if err = globalContext.etcHosts.Close(); err != nil { log.Error("closing hosts container: %s", err) } } - if Context.tls != nil { - Context.tls = nil + if globalContext.tls != nil { + globalContext.tls = nil } } // This function is called before application exits func cleanupAlways() { - if len(Context.pidFileName) != 0 { - _ = os.Remove(Context.pidFileName) + if len(globalContext.pidFileName) != 0 { + _ = os.Remove(globalContext.pidFileName) } log.Info("stopped") @@ -1007,8 +1007,8 @@ func printWebAddrs(proto, addr string, port uint16) { // admin interface. proto is either schemeHTTP or schemeHTTPS. func printHTTPAddresses(proto string) { tlsConf := tlsConfigSettings{} - if Context.tls != nil { - Context.tls.WriteDiskConfig(&tlsConf) + if globalContext.tls != nil { + globalContext.tls.WriteDiskConfig(&tlsConf) } port := config.HTTPConfig.Address.Port() @@ -1050,9 +1050,9 @@ func printHTTPAddresses(proto string) { // detectFirstRun returns true if this is the first run of AdGuard Home. func detectFirstRun() (ok bool) { - confPath := Context.confFilePath + confPath := globalContext.confFilePath if !filepath.IsAbs(confPath) { - confPath = filepath.Join(Context.workDir, Context.confFilePath) + confPath = filepath.Join(globalContext.workDir, globalContext.confFilePath) } _, err := os.Stat(confPath) @@ -1105,7 +1105,7 @@ func cmdlineUpdate(ctx context.Context, l *slog.Logger, opts options, upd *updat os.Exit(osutil.ExitCodeSuccess) } - err = upd.Update(Context.firstRun) + err = upd.Update(globalContext.firstRun) fatalOnError(err) err = restartService() diff --git a/internal/home/httpclient.go b/internal/home/httpclient.go index cfcb1bc6..5e39c864 100644 --- a/internal/home/httpclient.go +++ b/internal/home/httpclient.go @@ -17,7 +17,7 @@ func httpClient() (c *http.Client) { // Do not use Context.dnsServer.DialContext directly in the struct literal // below, since Context.dnsServer may be nil when this function is called. dialContext := func(ctx context.Context, network, addr string) (conn net.Conn, err error) { - return Context.dnsServer.DialContext(ctx, network, addr) + return globalContext.dnsServer.DialContext(ctx, network, addr) } return &http.Client{ @@ -27,8 +27,8 @@ func httpClient() (c *http.Client) { DialContext: dialContext, Proxy: httpProxy, TLSClientConfig: &tls.Config{ - RootCAs: Context.tlsRoots, - CipherSuites: Context.tlsCipherIDs, + RootCAs: globalContext.tlsRoots, + CipherSuites: globalContext.tlsCipherIDs, MinVersion: tls.VersionTLS12, }, }, diff --git a/internal/home/log.go b/internal/home/log.go index b8bf156a..9ac863c2 100644 --- a/internal/home/log.go +++ b/internal/home/log.go @@ -66,7 +66,7 @@ func configureLogger(ls *logSettings) (err error) { logFilePath := ls.File if !filepath.IsAbs(logFilePath) { - logFilePath = filepath.Join(Context.workDir, logFilePath) + logFilePath = filepath.Join(globalContext.workDir, logFilePath) } log.SetOutput(&lumberjack.Logger{ diff --git a/internal/home/mobileconfig_test.go b/internal/home/mobileconfig_internal_test.go similarity index 91% rename from internal/home/mobileconfig_test.go rename to internal/home/mobileconfig_internal_test.go index 3587154f..cc4564e9 100644 --- a/internal/home/mobileconfig_test.go +++ b/internal/home/mobileconfig_internal_test.go @@ -19,10 +19,10 @@ func setupDNSIPs(t testing.TB) { t.Helper() prevConfig := config - prevTLS := Context.tls + prevTLS := globalContext.tls t.Cleanup(func() { config = prevConfig - Context.tls = prevTLS + globalContext.tls = prevTLS }) config = &configuration{ @@ -32,7 +32,7 @@ func setupDNSIPs(t testing.TB) { }, } - Context.tls = &tlsManager{} + globalContext.tls = &tlsManager{} } func TestHandleMobileConfigDoH(t *testing.T) { @@ -62,10 +62,10 @@ func TestHandleMobileConfigDoH(t *testing.T) { }) t.Run("error_no_host", func(t *testing.T) { - oldTLSConf := Context.tls - t.Cleanup(func() { Context.tls = oldTLSConf }) + oldTLSConf := globalContext.tls + t.Cleanup(func() { globalContext.tls = oldTLSConf }) - Context.tls = &tlsManager{conf: tlsConfigSettings{}} + globalContext.tls = &tlsManager{conf: tlsConfigSettings{}} r, err := http.NewRequest(http.MethodGet, "https://example.com:12345/apple/doh.mobileconfig", nil) require.NoError(t, err) @@ -134,10 +134,10 @@ func TestHandleMobileConfigDoT(t *testing.T) { }) t.Run("error_no_host", func(t *testing.T) { - oldTLSConf := Context.tls - t.Cleanup(func() { Context.tls = oldTLSConf }) + oldTLSConf := globalContext.tls + t.Cleanup(func() { globalContext.tls = oldTLSConf }) - Context.tls = &tlsManager{conf: tlsConfigSettings{}} + globalContext.tls = &tlsManager{conf: tlsConfigSettings{}} r, err := http.NewRequest(http.MethodGet, "https://example.com:12345/apple/dot.mobileconfig", nil) require.NoError(t, err) diff --git a/internal/home/profilehttp.go b/internal/home/profilehttp.go index 8c7394f1..0b1dcf99 100644 --- a/internal/home/profilehttp.go +++ b/internal/home/profilehttp.go @@ -47,7 +47,7 @@ type profileJSON struct { // handleGetProfile is the handler for GET /control/profile endpoint. func handleGetProfile(w http.ResponseWriter, r *http.Request) { - u := Context.auth.getCurrentUser(r) + u := globalContext.auth.getCurrentUser(r) var resp profileJSON func() { diff --git a/internal/home/tls.go b/internal/home/tls.go index 7bd573dd..f434a204 100644 --- a/internal/home/tls.go +++ b/internal/home/tls.go @@ -112,7 +112,7 @@ func (m *tlsManager) start() { // The background context is used because the TLSConfigChanged wraps context // with timeout on its own and shuts down the server, which handles current // request. - Context.web.tlsConfigChanged(context.Background(), tlsConf) + globalContext.web.tlsConfigChanged(context.Background(), tlsConf) } // reload updates the configuration and restarts t. @@ -160,7 +160,7 @@ func (m *tlsManager) reload() { // The background context is used because the TLSConfigChanged wraps context // with timeout on its own and shuts down the server, which handles current // request. - Context.web.tlsConfigChanged(context.Background(), tlsConf) + globalContext.web.tlsConfigChanged(context.Background(), tlsConf) } // loadTLSConf loads and validates the TLS configuration. The returned error is @@ -463,7 +463,7 @@ func (m *tlsManager) handleTLSConfigure(w http.ResponseWriter, r *http.Request) // same reason. if restartHTTPS { go func() { - Context.web.tlsConfigChanged(context.Background(), req.tlsConfigSettings) + globalContext.web.tlsConfigChanged(context.Background(), req.tlsConfigSettings) }() } } @@ -539,7 +539,7 @@ func validateCertChain(certs []*x509.Certificate, srvName string) (err error) { opts := x509.VerifyOptions{ DNSName: srvName, - Roots: Context.tlsRoots, + Roots: globalContext.tlsRoots, Intermediates: pool, } _, err = main.Verify(opts) diff --git a/internal/home/web.go b/internal/home/web.go index 0ea0272b..c402dcfe 100644 --- a/internal/home/web.go +++ b/internal/home/web.go @@ -129,7 +129,7 @@ func newWebAPI(ctx context.Context, conf *webConfig) (w *webAPI) { clientFS := http.FileServer(http.FS(conf.clientFS)) // if not configured, redirect / to /install.html, otherwise redirect /install.html to / - Context.mux.Handle("/", withMiddlewares(clientFS, gziphandler.GzipHandler, optionalAuthHandler, postInstallHandler)) + globalContext.mux.Handle("/", withMiddlewares(clientFS, gziphandler.GzipHandler, optionalAuthHandler, postInstallHandler)) // add handlers for /install paths, we only need them when we're not configured yet if conf.firstRun { @@ -138,7 +138,7 @@ func newWebAPI(ctx context.Context, conf *webConfig) (w *webAPI) { "This is the first launch of AdGuard Home, redirecting everything to /install.html", ) - Context.mux.Handle("/install.html", preInstallHandler(clientFS)) + globalContext.mux.Handle("/install.html", preInstallHandler(clientFS)) w.registerInstallHandlers() } else { registerControlHandlers(w) @@ -154,7 +154,7 @@ func newWebAPI(ctx context.Context, conf *webConfig) (w *webAPI) { // // TODO(a.garipov): Adapt for HTTP/3. func webCheckPortAvailable(port uint16) (ok bool) { - if Context.web.httpsServer.server != nil { + if globalContext.web.httpsServer.server != nil { return true } @@ -224,7 +224,7 @@ func (web *webAPI) start(ctx context.Context) { errs := make(chan error, 2) // Use an h2c handler to support unencrypted HTTP/2, e.g. for proxies. - hdlr := h2c.NewHandler(withMiddlewares(Context.mux, limitRequestBody), &http2.Server{}) + hdlr := h2c.NewHandler(withMiddlewares(globalContext.mux, limitRequestBody), &http2.Server{}) logger := web.baseLogger.With(loggerKeyServer, "plain") @@ -307,11 +307,11 @@ func (web *webAPI) tlsServerLoop(ctx context.Context) { web.httpsServer.server = &http.Server{ Addr: addr, - Handler: withMiddlewares(Context.mux, limitRequestBody), + Handler: withMiddlewares(globalContext.mux, limitRequestBody), TLSConfig: &tls.Config{ Certificates: []tls.Certificate{web.httpsServer.cert}, - RootCAs: Context.tlsRoots, - CipherSuites: Context.tlsCipherIDs, + RootCAs: globalContext.tlsRoots, + CipherSuites: globalContext.tlsCipherIDs, MinVersion: tls.VersionTLS12, }, ReadTimeout: web.conf.ReadTimeout, @@ -344,11 +344,11 @@ func (web *webAPI) mustStartHTTP3(ctx context.Context, address string) { Addr: address, TLSConfig: &tls.Config{ Certificates: []tls.Certificate{web.httpsServer.cert}, - RootCAs: Context.tlsRoots, - CipherSuites: Context.tlsCipherIDs, + RootCAs: globalContext.tlsRoots, + CipherSuites: globalContext.tlsCipherIDs, MinVersion: tls.VersionTLS12, }, - Handler: withMiddlewares(Context.mux, limitRequestBody), + Handler: withMiddlewares(globalContext.mux, limitRequestBody), } web.logger.DebugContext(ctx, "starting http/3 server")