Change config compat to use auto, rename blacklist

10 months ago · aaf61dc117
5 changed files with 29 additions and 31 deletions
--- a/.env.template
+++ b/.env.template
@ -320,15 +320,15 @@
 ## The default is 10 seconds, but this could be to low on slower network connections
 # ICON_DOWNLOAD_TIMEOUT=10
-## HTTP blacklist Regex
+## Block HTTP domains/IPs by Regex
 ## Any domains or IPs that match this regex won't be fetched by the internal HTTP client.
 ## Useful to hide other servers in the local network. Check the WIKI for more details
 ## NOTE: Always enclose this regex withing single quotes!
-# HTTP_REQUEST_BLACKLIST_REGEX='^(192\.168\.0\.[0-9]+|192\.168\.1\.[0-9]+)$'
+# HTTP_REQUEST_BLOCK_REGEX='^(192\.168\.0\.[0-9]+|192\.168\.1\.[0-9]+)$'
 ## Enabling this will cause the internal HTTP client to refuse to connect to any non global IP address.
 ## Useful to secure your internal environment: See https://en.wikipedia.org/wiki/Reserved_IP_addresses for a list of IPs which it will block
-# HTTP_REQUEST_BLACKLIST_NON_GLOBAL_IPS=true
+# HTTP_REQUEST_BLOCK_NON_GLOBAL_IPS=true
 ## Client Settings
 ## Enable experimental feature flags for clients.
--- a/src/api/icons.rs
+++ b/src/api/icons.rs
@ -181,7 +181,7 @@ async fn get_icon(domain: &str) -> Option<(Vec<u8>, String)> {
            Some((icon.to_vec(), icon_type.unwrap_or("x-icon").to_string()))
        }
        Err(e) => {
-            // If this error comes from the custom resolver, this means this is a blacklisted domain
+            // If this error comes from the custom resolver, this means this is a blocked domain
            // or non global IP, don't save the miss file in this case to avoid leaking it
            if let Some(error) = CustomHttpClientError::downcast_ref(&e) {
                warn!("{error}");
--- a/src/config.rs
+++ b/src/config.rs
@ -148,9 +148,8 @@ macro_rules! make_config {
                // Copy the values from the deprecated flags to the new ones
-                if config.http_request_blacklist_regex.is_none() {
+                if config.http_request_block_regex.is_none() {
-                    config.http_request_blacklist_non_global_ips = config.icon_blacklist_non_global_ips;
+                    config.http_request_block_regex = config.icon_blacklist_regex.clone();
                    config.http_request_blacklist_regex = config.icon_blacklist_regex.clone();
                }
                config
@ -544,12 +543,12 @@ make_config! {
        /// [Deprecated] Icon blacklist non global IPs |> Use `http_request_blacklist_non_global_ips` instead
        icon_blacklist_non_global_ips:  bool,   false,   def, true;
-        /// HTTP blacklist Regex |> Any domains or IPs that match this regex won't be fetched by the internal HTTP client.
+        /// Block HTTP domains/IPs by Regex |> Any domains or IPs that match this regex won't be fetched by the internal HTTP client.
        /// Useful to hide other servers in the local network. Check the WIKI for more details
-        http_request_blacklist_regex:   String, true,   option;
+        http_request_block_regex:   String, true,   option;
-        /// Blacklist non global IPs |> Enabling this will cause the internal HTTP client to refuse to connect to any non global IP address.
+        /// Block non global IPs |> Enabling this will cause the internal HTTP client to refuse to connect to any non global IP address.
        /// Useful to secure your internal environment: See https://en.wikipedia.org/wiki/Reserved_IP_addresses for a list of IPs which it will block
-        http_request_blacklist_non_global_ips:  bool,   true,   def, true;
+        http_request_block_non_global_ips:  bool,   true,   auto, |c| c.icon_blacklist_non_global_ips;
        /// Disable Two-Factor remember |> Enabling this would force the users to use a second factor to login every time.
        /// Note that the checkbox would still be present, but ignored.
@ -912,12 +911,12 @@ fn validate_config(cfg: &ConfigItems) -> Result<(), Error> {
        err!("To use email 2FA as automatic fallback, email 2fa has to be enabled!");
    }
-    // Check if the icon blacklist regex is valid
+    // Check if the HTTP request block regex is valid
-    if let Some(ref r) = cfg.http_request_blacklist_regex {
+    if let Some(ref r) = cfg.http_request_block_regex {
        let validate_regex = regex::Regex::new(r);
        match validate_regex {
            Ok(_) => (),
-            Err(e) => err!(format!("`HTTP_REQUEST_BLACKLIST_REGEX` is invalid: {e:#?}")),
+            Err(e) => err!(format!("`HTTP_REQUEST_BLOCK_REGEX` is invalid: {e:#?}")),
        }
    }
--- a/src/error.rs
+++ b/src/error.rs
@ -70,7 +70,7 @@ make_error! {
    // Used to represent err! calls
    Simple(String):  _no_source,  _api_error,
-    // Used in our custom http client to handle non-global IPs and blacklisted domains
+    // Used in our custom http client to handle non-global IPs and blocked domains
    CustomHttpClient(CustomHttpClientError): _has_source, _api_error,
    // Used for special return values, like 2FA errors
--- a/src/http_client.rs
+++ b/src/http_client.rs
@ -66,37 +66,36 @@ pub fn should_block_address(domain_or_ip: &str) -> bool {
        }
    }
-    should_block_address_blacklist(domain_or_ip)
+    should_block_address_regex(domain_or_ip)
 }
 fn should_block_ip(ip: IpAddr) -> bool {
-    if !CONFIG.http_request_blacklist_non_global_ips() {
+    if !CONFIG.http_request_block_non_global_ips() {
        return false;
    }
    !is_global(ip)
 }
-fn should_block_address_blacklist(domain_or_ip: &str) -> bool {
+fn should_block_address_regex(domain_or_ip: &str) -> bool {
-    let Some(config_blacklist) = CONFIG.http_request_blacklist_regex() else {
+    let Some(block_regex) = CONFIG.http_request_block_regex() else {
        return false;
    };
-    // Compiled domain blacklist
+    static COMPILED_REGEX: Mutex<Option<(String, Regex)>> = Mutex::new(None);
-    static COMPILED_BLACKLIST: Mutex<Option<(String, Regex)>> = Mutex::new(None);
+    let mut guard = COMPILED_REGEX.lock().unwrap();
    let mut guard = COMPILED_BLACKLIST.lock().unwrap();
    // If the stored regex is up to date, use it
    if let Some((value, regex)) = &*guard {
-        if value == &config_blacklist {
+        if value == &block_regex {
            return regex.is_match(domain_or_ip);
        }
    }
    // If we don't have a regex stored, or it's not up to date, recreate it
-    let regex = Regex::new(&config_blacklist).unwrap();
+    let regex = Regex::new(&block_regex).unwrap();
    let is_match = regex.is_match(domain_or_ip);
-    *guard = Some((config_blacklist, regex));
+    *guard = Some((block_regex, regex));
    is_match
 }
@ -117,8 +116,8 @@ fn should_block_host(host: Host<&str>) -> Result<(), CustomHttpClientError> {
        }
    }
-    if should_block_address_blacklist(&host_str) {
+    if should_block_address_regex(&host_str) {
-        return Err(CustomHttpClientError::Blacklist {
+        return Err(CustomHttpClientError::Blocked {
            domain: host_str,
        });
    }
@ -128,7 +127,7 @@ fn should_block_host(host: Host<&str>) -> Result<(), CustomHttpClientError> {
 #[derive(Debug, Clone)]
 pub enum CustomHttpClientError {
-    Blacklist {
+    Blocked {
        domain: String,
    },
    NonGlobalIp {
@ -154,9 +153,9 @@ impl CustomHttpClientError {
 impl fmt::Display for CustomHttpClientError {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        match self {
-            Self::Blacklist {
+            Self::Blocked {
                domain,
-            } => write!(f, "Blacklisted domain: {domain} matched HTTP_REQUEST_BLACKLIST_REGEX"),
+            } => write!(f, "Blocked domain: {domain} matched HTTP_REQUEST_BLOCK_REGEX"),
            Self::NonGlobalIp {
                domain: Some(domain),
                ip,
@ -216,7 +215,7 @@ impl CustomDnsResolver {
 fn pre_resolve(name: &str) -> Result<(), CustomHttpClientError> {
    if should_block_address(name) {
-        return Err(CustomHttpClientError::Blacklist {
+        return Err(CustomHttpClientError::Blocked {
            domain: name.to_string(),
        });
    }