From 0077a63e4eebc890fad8d80e306ca9b5fcebea85 Mon Sep 17 00:00:00 2001 From: Timofey Koolin Date: Wed, 6 Mar 2024 10:10:59 +0300 Subject: [PATCH] Better explain whitelist config --- cmd/static/default-config.toml | 5 +++-- internal/domain_checker/config_test.go | 30 ++++++++++++++++++++++++++ 2 files changed, 33 insertions(+), 2 deletions(-) diff --git a/cmd/static/default-config.toml b/cmd/static/default-config.toml index b8152088..1ec3cce8 100644 --- a/cmd/static/default-config.toml +++ b/cmd/static/default-config.toml @@ -161,8 +161,9 @@ IPWhiteList = "" BlackList = "" # Regexp in golang syntax of whitelist domains for issue certificate. -# Whitelist need for allow part of domains, which excluded by blacklist. -# +# # Whitelist need only for allow part of domains, which excluded by blacklist. +# If you want work by whitelist domains only - you have to add BlackList rule: ".*" (deny all) +# Then allow what you want. WhiteList = "" # Comma separated dns server, used for resolve ip:port address of domains while check it. diff --git a/internal/domain_checker/config_test.go b/internal/domain_checker/config_test.go index f019dd36..0d2a7515 100644 --- a/internal/domain_checker/config_test.go +++ b/internal/domain_checker/config_test.go @@ -10,6 +10,7 @@ import ( "github.com/gojuno/minimock/v3" "github.com/maxatome/go-testdeep" + "github.com/rekby/lets-proxy2/internal/th" ) @@ -93,6 +94,35 @@ func TestConfig_CreateDomainCheckerWhiteListOnly(t *testing.T) { td.CmpNoError(err) } +func TestConfig_CreateDomainCheckerBlackAndWhiteLists(t *testing.T) { + ctx, cancel := th.TestContext(t) + defer cancel() + + td := testdeep.NewT(t) + cfg := Config{ + BlackList: `.*\.com$`, + WhiteList: `^(www\.)?test\.com$`, + } + checker, err := cfg.CreateDomainChecker(ctx) + td.CmpNoError(err) + + res, err := checker.IsDomainAllowed(ctx, "denied.com") + td.False(res) + td.CmpNoError(err) + + res, err = checker.IsDomainAllowed(ctx, "test.com") + td.True(res) + td.CmpNoError(err) + + res, err = checker.IsDomainAllowed(ctx, "www.test.com") + td.True(res) + td.CmpNoError(err) + + res, err = checker.IsDomainAllowed(ctx, "bad.test.com") + td.False(res) + td.CmpNoError(err) +} + func TestConfig_CreateDomainCheckerSelfIPOnly(t *testing.T) { ctx, cancel := th.TestContext(t) defer cancel()