blob: 7df6b220cd17e19699ccbc595bab7b66aec982ca (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
|
#!/bin/sh /etc/rc.common
# Startup before dnsmasq
START=18
USE_PROCD=1
PROG=/usr/sbin/dnscrypt-proxy
CONFIG_DIR=/var/etc
USER=nobody
boot() {
dnscrypt_boot=1
rc_procd start_service
}
dnscrypt_instance() {
local config_path="$CONFIG_DIR/dnscrypt-proxy-$1.conf"
create_config_file $1 "$config_path"
procd_open_instance
procd_set_param command $PROG "$config_path"
procd_close_instance
}
create_config_file() {
local address port resolver resolvers_list ephemeral_keys client_key log_level syslog syslog_prefix local_cache query_log_file block_ipv6 provider_name provider_key resolver_address
local config_path="$2"
local plugins_support_enabled=$(dnscrypt-proxy --version | grep 'Support for plugins: present' | wc -l)
[ ! -d "$CONFIG_DIR" ] && mkdir -p "$CONFIG_DIR"
[ -f "$config_path" ] && rm "$config_path"
config_get address $1 'address' '127.0.0.1'
config_get port $1 'port' '5353'
config_get resolver $1 'resolver' ''
config_get provider_name $1 'providername' ''
config_get provider_key $1 'providerkey' ''
config_get resolver_address $1 'resolveraddress' ''
config_get resolvers_list $1 'resolvers_list' '/usr/share/dnscrypt-proxy/dnscrypt-resolvers.csv'
config_get client_key $1 'client_key' ''
config_get syslog_prefix $1 'syslog_prefix' 'dnscrypt-proxy'
config_get query_log_file $1 'query_log_file' ''
config_get log_level $1 'log_level' '6'
config_get blacklist $1 'blacklist' ''
config_get_bool syslog $1 'syslog' '1'
config_get_bool ephemeral_keys $1 'ephemeral_keys' '0'
config_get_bool local_cache $1 'local_cache' '0'
config_get_bool block_ipv6 $1 'block_ipv6' '0'
append_param_not_empty "ResolverName" "$resolver" $config_path
append_param "ResolversList" "$resolvers_list" $config_path
append_param_not_empty "ProviderName" "$provider_name" $config_path
append_param_not_empty "ProviderKey" "$provider_key" $config_path
append_param_not_empty "ResolverAddress" "$resolver_address" $config_path
append_param "User" "$USER" $config_path
append_param "LocalAddress" "$address:$port" $config_path
append_param_not_empty "ClientKey" "$client_key" $config_path
append_on_off "EphemeralKeys" $ephemeral_keys $config_path
append_param "LogLevel" "$log_level" $config_path
append_on_off "Syslog" $syslog $config_path
append_param "SyslogPrefix" "$syslog_prefix" $config_path
append_on_off "LocalCache" $local_cache $config_path
append_param_not_empty "QueryLogFile" "$query_log_file" $config_path
if [ $plugins_support_enabled -ne 0 ] && [ $block_ipv6 -ne 0 ]
then
append_yes_no "BlockIPv6" $block_ipv6 $config_path
elif [ $block_ipv6 -ne 0 ]
then
log_ignored_param "block_ipv6"
fi
if [ $plugins_support_enabled -ne 0 ] && [ -n "$blacklist" ]
then
config_list_foreach $1 'blacklist' append_blacklists $config_path
elif [ -n "$blacklist" ]
then
log_ignored_param "blacklist"
fi
}
log_ignored_param() {
local param_name=$1
logger -t dnscrypt-proxy -p user.warn "dnscrypt-proxy plugins support not present, ignoring '$param_name' parameter."
}
append_on_off() {
local param_name=$1
local param_value=$2
local config_path=$3
local value
if [ $param_value -eq 1 ]
then
value="on"
else
value="off"
fi
echo "$param_name $value" >> $config_path
}
append_yes_no() {
local param_name=$1
local param_value=$2
local config_path=$3
local value
if [ $param_value -eq 1 ]
then
value="yes"
else
value="no"
fi
echo "$param_name $value" >> $config_path
}
append_param() {
local param_name=$1
local param_value=$2
local config_path=$3
echo "$param_name $param_value" >> $config_path
}
append_param_not_empty() {
local param_name=$1
local param_value=$2
local config_path=$3
if [ ! -z "$param_value" -a "$param_value" != " " ]
then
append_param "$param_name" "$param_value" "$config_path"
fi
}
append_blacklists() {
local value="$1"
local config_path="$2"
append_param_not_empty "BlackList" "$value" $config_path
}
start_service() {
if [ -n "${dnscrypt_boot}" ]
then
return 0
fi
config_load dnscrypt-proxy
config_foreach dnscrypt_instance dnscrypt-proxy
}
service_triggers() {
local trigger
local triggerlist="$(uci_get dnscrypt-proxy.@global[0].procd_trigger)"
PROCD_RELOAD_DELAY=2000
if [ -n "${triggerlist}" ]
then
for trigger in ${triggerlist}
do
procd_add_interface_trigger "interface.*.up" "${trigger}" /etc/init.d/dnscrypt-proxy reload
done
else
procd_add_raw_trigger "interface.*.up" 2000 /etc/init.d/dnscrypt-proxy reload
fi
procd_add_reload_trigger 'dnscrypt-proxy'
}
|