Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix deadlocks and process username issue #1738

Merged
merged 3 commits into from
Nov 12, 2024
Merged

Fix deadlocks and process username issue #1738

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
a99b68e
Warn instead of failing when process username cannot be found
dhaavi Nov 12, 2024
07acb9b
Notify packet issues asynchronously
dhaavi Nov 12, 2024
f4b96e1
Make saving IP and CNAMEs more defensive
dhaavi Nov 12, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 9 additions & 2 deletions service/compat/callbacks.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ package compat
import (
"net"

"github.com/safing/portmaster/service/mgr"
"github.com/safing/portmaster/service/network/packet"
"github.com/safing/portmaster/service/process"
)
Expand Down Expand Up @@ -31,10 +32,16 @@ func SubmitDNSCheckDomain(subdomain string) (respondWith net.IP) {

// ReportSecureDNSBypassIssue reports a DNS bypassing issue for the given process.
func ReportSecureDNSBypassIssue(p *process.Process) {
secureDNSBypassIssue.notify(p)
module.mgr.Go("report secure dns bypass issue", func(w *mgr.WorkerCtx) error {
secureDNSBypassIssue.notify(p)
return nil
})
}

// ReportMultiPeerUDPTunnelIssue reports a multi-peer UDP tunnel for the given process.
func ReportMultiPeerUDPTunnelIssue(p *process.Process) {
multiPeerUDPTunnelIssue.notify(p)
module.mgr.Go("report multi-peer udp tunnel issue", func(w *mgr.WorkerCtx) error {
multiPeerUDPTunnelIssue.notify(p)
return nil
})
}
6 changes: 3 additions & 3 deletions service/firewall/dns.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -302,11 +302,11 @@ func UpdateIPsAndCNAMEs(q *resolver.Query, rrCache *resolver.RRCache, conn *netw
Expires: rrCache.Expires,
}

// Resolve all CNAMEs in the correct order and add the to the record.
// Resolve all CNAMEs in the correct order and add the to the record - up to max 50 layers.
domain := q.FQDN
for {
for range 50 {
nextDomain, isCNAME := cnames[domain]
if !isCNAME {
if !isCNAME || nextDomain == domain {
break
}

Expand Down
2 changes: 1 addition & 1 deletion service/nameserver/nameserver.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -224,8 +224,8 @@ func handleRequest(ctx context.Context, w dns.ResponseWriter, request *dns.Msg)
}

// Save the request as open, as we don't know if there will be a connection or not.
network.SaveOpenDNSRequest(q, rrCache, conn)
firewall.UpdateIPsAndCNAMEs(q, rrCache, conn)
network.SaveOpenDNSRequest(q, rrCache, conn)

case network.VerdictUndeterminable:
fallthrough
Expand Down
2 changes: 1 addition & 1 deletion service/process/process.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -256,7 +256,7 @@ func loadProcess(ctx context.Context, key string, pInfo *processInfo.Process) (*
// Username
process.UserName, err = pInfo.UsernameWithContext(ctx)
if err != nil {
return nil, fmt.Errorf("process: failed to get Username for p%d: %w", pInfo.Pid, err)
log.Tracer(ctx).Warningf("process: failed to get username (PID %d): %s", pInfo.Pid, err)
}

// TODO: User Home
Expand Down
Loading