Import openresolv-3.9.2 to vendor branch. vendor/OPENRESOLV
authorRoy Marples <roy@marples.name>
Sun, 8 Sep 2019 21:11:05 +0000 (22:11 +0100)
committerRoy Marples <roy@marples.name>
Sun, 8 Sep 2019 21:11:05 +0000 (22:11 +0100)
12 files changed:
contrib/openresolv/LICENSE [new file with mode: 0644]
contrib/openresolv/README [deleted file]
contrib/openresolv/README.md [new file with mode: 0644]
contrib/openresolv/dnsmasq.in
contrib/openresolv/libc.in
contrib/openresolv/named.in
contrib/openresolv/pdns_recursor.in
contrib/openresolv/pdnsd.in
contrib/openresolv/resolvconf.conf
contrib/openresolv/resolvconf.conf.5.in
contrib/openresolv/resolvconf.in
contrib/openresolv/unbound.in

diff --git a/contrib/openresolv/LICENSE b/contrib/openresolv/LICENSE
new file mode 100644 (file)
index 0000000..758aec3
--- /dev/null
@@ -0,0 +1,23 @@
+Copyright (c) 2007-2019 Roy Marples <roy@marples.name>
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+1. Redistributions of source code must retain the above copyright
+   notice, this list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright
+   notice, this list of conditions and the following disclaimer in the
+   documentation and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGE.
diff --git a/contrib/openresolv/README b/contrib/openresolv/README
deleted file mode 100644 (file)
index b4042b0..0000000
+++ /dev/null
@@ -1,11 +0,0 @@
-openresolv is a resolvconf implementation which manages resolv.conf
-You can find the latest version at http://roy.marples.name/projects/openresolv
-It is written and maintained by Roy Marples <roy@marples.name>
-
-This resolvconf implementation, along with its subscribers, work with a
-POSIX compliant shell and userland utilities. It is designed to work without
-tools such as sed as it *has* to work without /usr being available.
-
-On systems where resolvconf is expected to be used before /var/run is available
-for writing, you can configure openresolv to write somewhere else, like say a
-ramdisk.
diff --git a/contrib/openresolv/README.md b/contrib/openresolv/README.md
new file mode 100644 (file)
index 0000000..739cc73
--- /dev/null
@@ -0,0 +1,64 @@
+# openresolv
+
+openresolv is a [resolvconf](https://en.wikipedia.org/wiki/Resolvconf)
+implementation which manages `/etc/resolv.conf`.
+
+`/etc/resolv.conf` is a file that holds the configuration for the local
+resolution of domain names.
+Normally this file is either static or maintained by a local daemon,
+normally a DHCP daemon. But what happens if more than one thing wants to
+control the file?
+Say you have wired and wireless interfaces to different subnets and run a VPN
+or two on top of that, how do you say which one controls the file?
+It's also not as easy as just adding and removing the nameservers each client
+knows about as different clients could add the same nameservers.
+
+Enter resolvconf, the middleman between the network configuration services and
+`/etc/resolv.conf`.
+resolvconf itself is just a script that stores, removes and lists a full
+`resolv.conf` generated for the interface. It then calls all the helper scripts
+it knows about so it can configure the real `/etc/resolv.conf` and optionally
+any local nameservers other than libc.
+
+## Reasons for using openresolv
+
+Why openresolv over the
+[Debian implementation](http://qref.sourceforge.net/Debian/reference/ch-gateway.en.html#s-dns-resolvconf)?
+Here's some reasons:
+  *  Works with
+  [POSIX shell and userland](http://www.opengroup.org/onlinepubs/009695399)
+  *  Does not need awk, grep or sed which means we can work without `/usr`
+  mounted
+  *  Works with other init systems than Debians' out of the box
+  *  Available as a 2 clause
+  [BSD license](http://www.freebsd.org/copyright/freebsd-license.html)
+  *  Prefer configs via IF_METRIC for dynamic ordering
+  *  Configures zones for local resolvers other than libc
+
+The last point is quite important, especially when running VPN systems.
+Take the following resolv.conf files which have been generated by a
+[DHCP client](../dhcpcd) and sent to resolvconf:
+
+```
+# resolv.conf from bge0
+search foo.com
+nameserver 1.2.3.4
+
+# resolv.conf from tap0
+domain bar.org
+nameserver 5.6.7.8
+```
+
+In this instance, queries for foo.com will go to 1.2.3.4 and queries for
+bar.org will go to 5.6.7.8.
+This does require the resolvers to be configured to pickup the resolvconf
+generated configuration for them though.
+openresolv ships with helpers for:
+  *  [unbound](http://www.unbound.net/)
+  *  [dnsmasq](http://www.thekelleys.org.uk/dnsmasq/doc.html)
+  *  [ISC BIND](http://www.isc.org/software/bind)
+  *  [PowerDNS Recursor](http://wiki.powerdns.com/trac)
+
+See the
+[configuration section](https://roy.marples.name/projects/openresolv/config)
+for more details.
index b1a2c74..8b51866 100644 (file)
@@ -1,5 +1,5 @@
 #!/bin/sh
-# Copyright (c) 2007-2016 Roy Marples
+# Copyright (c) 2007-2019 Roy Marples
 # All rights reserved
 
 # dnsmasq subscriber for resolvconf
@@ -28,7 +28,7 @@
 
 [ -f "@SYSCONFDIR@"/resolvconf.conf ] || exit 0
 . "@SYSCONFDIR@/resolvconf.conf" || exit 1
-[ -z "$dnsmasq_conf" -a -z "$dnsmasq_resolv" ] && exit 0
+[ -z "${dnsmasq_conf}${dnsmasq_resolv}" ] && exit 0
 [ -z "$RESOLVCONF" ] && eval "$(@SBINDIR@/resolvconf -v)"
 NL="
 "
@@ -98,7 +98,7 @@ for d in $DOMAINS; do
                                empty=false i=0
                                IFS=:
                                set -- $n
-                               while [ -n "$1" -o -n "$2" ]; do
+                               while [ -n "$1" ] || [ -n "$2" ]; do
                                        addr="$1"
                                        shift
                                        if [ -z "$addr" ]; then
@@ -184,7 +184,7 @@ if $changed; then
                eval $dnsmasq_restart
        elif [ -n "$RESTARTCMD" ]; then
                set -- ${dnsmasq_service}
-               eval $RESTARTCMD
+               eval "$RESTARTCMD"
        else
                @SBINDIR@/resolvconf -r ${dnsmasq_service}
        fi
@@ -206,4 +206,6 @@ if $dbus; then
        dbus-send --system --dest=uk.org.thekelleys.dnsmasq \
                /uk/org/thekelleys/dnsmasq uk.org.thekelleys.$method \
                $dbusdest
+       dbus-send --system --dest=uk.org.thekelleys.dnsmasq \
+               /uk/org/thekelleys/dnsmasq uk.org.thekelleys.ClearCache
 fi
index d49be65..f44f61b 100644 (file)
@@ -1,5 +1,5 @@
 #!/bin/sh
-# Copyright (c) 2007-2016 Roy Marples
+# Copyright (c) 2007-2019 Roy Marples
 # All rights reserved
 
 # libc subscriber for resolvconf
@@ -36,9 +36,9 @@ NL="
 # sed may not be available, and this is faster on small files
 key_get_value()
 {
-       local key="$1" x= line=
-
+       key="$1"
        shift
+
        if [ $# -eq 0 ]; then
                while read -r line; do
                        case "$line" in
@@ -58,8 +58,6 @@ key_get_value()
 
 keys_remove()
 {
-       local key x line found
-
        while read -r line; do
                found=false
                for key do
@@ -79,7 +77,7 @@ local_nameservers="127.* 0.0.0.0 255.255.255.255 ::1"
 if [ -f "$SYSCONFDIR"/resolvconf.conf ]; then
        . "$SYSCONFDIR"/resolvconf.conf
 elif [ -d "$SYSCONFDIR"/resolvconf ]; then
-       SYSCONFDIR="$SYSCONFDIR/resolvconf/resolv.conf.d"
+       SYSCONFDIR="$SYSCONFDIR/resolvconf"
        base="$SYSCONFDIR/resolv.conf.d/base"
        if [ -f "$base" ]; then
                prepend_nameservers="$(key_get_value "nameserver " "$base")"
@@ -98,10 +96,12 @@ fi
 : ${resolv_conf:=/etc/resolv.conf}
 : ${libc_service:=nscd}
 : ${list_resolv:=@SBINDIR@/resolvconf -l}
-if [ "${resolv_conf_head-x}" = x -a -f "$SYSCONFDIR"/resolv.conf.head ]; then
+if [ "${resolv_conf_head-x}" = x ] && [ -f "$SYSCONFDIR"/resolv.conf.head ]
+then
        resolv_conf_head="$(cat "${SYSCONFDIR}"/resolv.conf.head)"
 fi
-if [ "${resolv_conf_tail-x}" = x -a -f "$SYSCONFDIR"/resolv.conf.tail ]; then
+if [ "${resolv_conf_tail-x}" = x ] && [ -f "$SYSCONFDIR"/resolv.conf.tail ]
+then
        resolv_conf_tail="$(cat "$SYSCONFDIR"/resolv.conf.tail)"
 fi
 
@@ -110,7 +110,7 @@ signature="# Generated by resolvconf"
  
 uniqify()
 {
-       local result=
+       result=
        while [ -n "$1" ]; do
                case " $result " in
                *" $1 "*);;
@@ -126,7 +126,7 @@ case "${resolv_conf_passthrough:-NO}" in
        backup=false
        newest=
        for conf in "$IFACEDIR"/*; do
-               if [ -z "$newest" -o "$conf" -nt "$newest" ]; then
+               if [ -z "$newest" ] || [ "$conf" -nt "$newest" ]; then
                        newest="$conf"
                fi
        done
@@ -178,7 +178,7 @@ case "${resolv_conf_passthrough:-NO}" in
        fi
 
        [ -n "$domain" ] && newconf="${newconf}domain $domain$NL"
-       if [ -n "$newsearch" -a "$newsearch" != "$domain" ]; then
+       if [ -n "$newsearch" ] && [ "$newsearch" != "$domain" ]; then
                newconf="${newconf}search $newsearch$NL"
        fi
        for n in $newns; do
@@ -232,7 +232,7 @@ if [ -n "$libc_restart" ]; then
        eval $libc_restart
 elif [ -n "$RESTARTCMD" ]; then
        set -- ${libc_service}
-       eval $RESTARTCMD
+       eval "$RESTARTCMD"
 else
        @SBINDIR@/resolvconf -r ${libc_service}
 fi
index 2083ea5..e5b5a91 100644 (file)
 
 [ -f "@SYSCONFDIR@"/resolvconf.conf ] || exit 0
 . "@SYSCONFDIR@/resolvconf.conf" || exit 1
-[ -z "$named_zones" -a -z "$named_options" ] && exit 0
+[ -z "${named_zones}${named_options}" ] && exit 0
 [ -z "$RESOLVCONF" ] && eval "$(@SBINDIR@/resolvconf -v)"
 NL="
 "
 
 # Platform specific kludges
-if [ -z "$named_service" -a -z "$named_restart" -a \
-       -d "$RCDIR" -a ! -x "$RCDIR"/named ]
+if [ -z "${named_service}${named_restart}" ] &&
+   [ -d "$RCDIR" ] && ! [ -x "$RCDIR"/named ]
 then
        if [ -x "$RCDIR"/bind9 ]; then
                # Debian and derivatives
@@ -111,7 +111,7 @@ if $changed; then
                eval $named_restart
        elif [ -n "$RESTARTCMD" ]; then
                set -- ${named_service}
-               eval $RESTARTCMD
+               eval "$RESTARTCMD"
        else
                @SBINDIR@/resolvconf -r ${named_service}
        fi
index ad2d922..f3632e0 100644 (file)
@@ -1,5 +1,5 @@
 #!/bin/sh
-# Copyright (c) 2009-2011 Roy Marples
+# Copyright (c) 2009-2019 Roy Marples
 # All rights reserved
 
 # PowerDNS Recursor subscriber for resolvconf
 NL="
 "
 
-: ${pdns_service:=pdns_recursor}
+: ${pdns_service:=pdns-recursor}
 
 newzones=
 
-# pds_recursor does not present support global forward servers, which
-# does limit it's usefulness somewhat.
-# If it did, the below code can be enabled, or something like it.
-#for n in $NAMESERVERS; do
-#      newzones="$newzones${newzones:+,}$n"
-#done
-#[ -n "$newzones" ] && newzones=".=$newzones$NL"
+for n in $NAMESERVERS; do
+       newzones="$newzones${newzones:+,}$n"
+done
+[ -n "$newzones" ] && newzones="+.=$newzones$NL"
 
 for d in $DOMAINS; do
        newns=
@@ -71,7 +68,7 @@ then
                eval $pdns_restart
        elif [ -n "$RESTARTCMD" ]; then
                set -- ${pdns_service}
-               eval $RESTARTCMD
+               eval "$RESTARTCMD"
        else
                @SBINDIR@/resolvconf -r ${pdns_service}
        fi
index 59a4755..971d90d 100644 (file)
@@ -1,5 +1,5 @@
 #!/bin/sh
-# Copyright (c) 2010-2013 Roy Marples
+# Copyright (c) 2010-2018 Roy Marples
 # All rights reserved
 
 # pdnsd subscriber for resolvconf
@@ -28,7 +28,7 @@
 
 [ -f "@SYSCONFDIR@"/resolvconf.conf ] || exit 0
 . "@SYSCONFDIR@/resolvconf.conf" || exit 1
-[ -z "$pdnsd_conf" -a -z "$pdnsd_resolv" ] && exit 0
+[ -z "${pdnsd_conf}${pdnsd_resolv}" ] && exit 0
 [ -z "$RESOLVCONF" ] && eval "$(@SBINDIR@/resolvconf -v)"
 NL="
 "
@@ -41,14 +41,16 @@ signature_end="# End of resolvconf"
 # but sed may not always be available at the time.
 remove_markers()
 {
-       local m1="$1" m2="$2" x= line= in_marker=0
+       m1="$1"
+       m2="$2"
+       in_marker=0
 
        shift; shift
        if type sed >/dev/null 2>&1; then
                sed "/^$m1/,/^$m2/d" $@
        else
-               for x; do
-                       while read -r line; do
+               for x do
+                       while read line; do
                                case "$line" in
                                "$m1"*) in_marker=1;;
                                "$m2"*) in_marker=0;;
index 607f6af..4f5f2e6 100644 (file)
@@ -4,4 +4,4 @@
 resolv_conf=/etc/resolv.conf
 # If you run a local name server, you should uncomment the below line and
 # configure your subscribers configuration files below.
-#name_servers=127.0.0.1
\ No newline at end of file
+#name_servers=127.0.0.1
index fcebd86..1b0c471 100644 (file)
@@ -22,7 +22,7 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.Dd December 29, 2016
+.Dd September 8, 2019
 .Dt RESOLVCONF.CONF 5
 .Os
 .Sh NAME
@@ -64,19 +64,25 @@ Defaults to YES.
 .It Sy interface_order
 These interfaces will always be processed first.
 If unset, defaults to the following:-
-.D1 lo lo[0-9]*
+.Bd -compact -literal -offset indent
+lo lo[0-9]*
+.Ed
 .It Sy dynamic_order
 These interfaces will be processed next, unless they have a metric.
 If unset, defaults to the following:-
-.D1 tap[0-9]* tun[0-9]* vpn vpn[0-9]* ppp[0-9]* ippp[0-9]*
+.Bd -compact -literal -offset indent
+tap[0-9]* tun[0-9]* vpn vpn[0-9]* ppp[0-9]* ippp[0-9]*
+.Ed
 .It Sy inclusive_interfaces
-Ignore any exlcusive marking for these interfaces.
+Ignore any exclusive marking for these interfaces.
 This is handy when 3rd party integrations force the
 .Nm resolvconf -x
 option and you want to disable it easily.
 .It Sy local_nameservers
 If unset, defaults to the following:-
-.D1 127.* 0.0.0.0 255.255.255.255 ::1
+.Bd -compact -literal -offset indent
+127.* 0.0.0.0 255.255.255.255 ::1
+.Ed
 .It Sy search_domains
 Prepend search domains to the dynamically generated list.
 .It Sy search_domains_append
@@ -118,16 +124,24 @@ The syntax is this:
 .Va $keyword Ns / Ns Va $match Ns / Ns Va $replacement
 .Pp
 Example, given this resolv.conf:
-.D1 domain foo.org
-.D1 search foo.org dead.beef
-.D1 nameserver 1.2.3.4
-.D1 nameserver 2.3.4.5
+.Bd -compact -literal -offset indent
+domain foo.org
+search foo.org dead.beef
+nameserver 1.2.3.4
+nameserver 2.3.4.5
+.Ed
 and this configuaration:
-.D1 replace="search/foo*/bar.com nameserver/1.2.3.4/5.6.7.8 nameserver/2.3.4.5/"
+.Bd -compact -literal -offset indent
+replace="search/foo*/bar.com"
+replace="$replace nameserver/1.2.3.4/5.6.7.8"
+replace="$replace nameserver/2.3.4.5/"
+.Ed
 you would get this resolv.conf instead:
-.D1 domain foo.org
-.D1 search bar.com
-.D1 nameserver 5.6.7.8
+.Bd -compact -literal -offset indent
+domain foo.org
+search bar.com
+nameserver 5.6.7.8
+.Ed
 .It Sy replace_sub
 Works the same way as
 .Sy replace
@@ -138,9 +152,11 @@ Using the same example resolv.conf and changing
 to
 .Sy replace_sub ,
 you would get this resolv.conf instead:
-.D1 domain foo.org
-.D1 search bar.com dead.beef
-.D1 nameserver 5.6.7.8
+.Bd -compact -literal -offset indent
+domain foo.org
+search bar.com dead.beef
+nameserver 5.6.7.8
+.Ed
 .It Sy state_dir
 Override the default state directory of
 .Pa @VARDIR@ .
@@ -195,7 +211,8 @@ Prepend search domains to the dynamically generated list.
 openresolv ships with subscribers for the name servers
 .Xr dnsmasq 8 ,
 .Xr named 8 ,
-.Xr pdnsd 8
+.Xr pdnsd 8 ,
+.Xr pdns_recursor 8 ,
 and
 .Xr unbound 8 .
 Each subscriber can create configuration files which should be included in
@@ -203,7 +220,9 @@ in the subscribers main configuration file.
 .Pp
 To disable a subscriber, simply set it's name to NO.
 For example, to disable the libc subscriber you would set:
-.D1 libc=NO
+.Bd -compact -literal -offset indent
+libc=NO
+.Ed
 .Bl -tag -width indent
 .It Sy dnsmasq_conf
 This file tells dnsmasq which name servers to use for specific domains.
@@ -211,17 +230,21 @@ This file tells dnsmasq which name servers to use for specific domains.
 This file tells dnsmasq which name servers to use for global lookups.
 .Pp
 Example resolvconf.conf for dnsmasq:
-.D1 name_servers=127.0.0.1
-.D1 dnsmasq_conf=/etc/dnsmasq-conf.conf
-.D1 dnsmasq_resolv=/etc/dnsmasq-resolv.conf
+.Bd -compact -literal -offset indent
+name_servers=127.0.0.1
+dnsmasq_conf=/etc/dnsmasq-conf.conf
+dnsmasq_resolv=/etc/dnsmasq-resolv.conf
+.Ed
 .Pp
 Example dnsmasq.conf:
-.D1 listen-address=127.0.0.1
-.D1 # If dnsmasq is compiled for DBus then we can take
-.D1 # advantage of not having to restart dnsmasq.
-.D1 enable-dbus
-.D1 conf-file=/etc/dnsmasq-conf.conf
-.D1 resolv-file=/etc/dnsmasq-resolv.conf
+.Bd -compact -literal -offset indent
+listen-address=127.0.0.1
+# If dnsmasq is compiled for DBus then we can take
+# advantage of not having to restart dnsmasq.
+enable-dbus
+conf-file=/etc/dnsmasq-conf.conf
+resolv-file=/etc/dnsmasq-resolv.conf
+.Ed
 .It Sy named_options
 Include this file in the named options block.
 This file tells named which name servers to use for global lookups.
@@ -230,16 +253,21 @@ Include this file in the named global scope, after the options block.
 This file tells named which name servers to use for specific domains.
 .Pp
 Example resolvconf.conf for named:
-.D1 name_servers=127.0.0.1
-.D1 named_options=/etc/named-options.conf
-.D1 named_zones=/etc/named-zones.conf
+.Bd -compact -literal -offset indent
+name_servers=127.0.0.1
+named_options=/etc/named-options.conf
+named_zones=/etc/named-zones.conf
+.Ed
 .Pp
 Example named.conf:
-.D1 options {
-.D1    listen-on { 127.0.0.1; };
-.D1    include "/etc/named-options.conf";
-.D1 };
-.D1 include "/etc/named-zones.conf";
+.Bd -compact -literal -offset indent
+options {
+       listen-on { 127.0.0.1; };
+       include "/etc/named-options.conf";
+};
+
+include "/etc/named-zones.conf";
+.Ed
 .It Sy pdnsd_conf
 This is the main pdnsd configuration file which we modify to add our
 forward domains to.
@@ -253,32 +281,54 @@ If this variable is not set then it's written to
 .Pa pdnsd_conf .
 .Pp
 Example resolvconf.conf for pdnsd:
-.D1 name_servers=127.0.0.1
-.D1 pdnsd_conf=/etc/pdnsd.conf
-.D1 # pdnsd_resolv=/etc/pdnsd-resolv.conf
+.Bd -compact -literal -offset indent
+name_servers=127.0.0.1
+pdnsd_conf=/etc/pdnsd.conf
+# pdnsd_resolv=/etc/pdnsd-resolv.conf
+.Ed
 .Pp
 Example pdnsd.conf:
-.D1 global {
-.D1    server_ip = 127.0.0.1;
-.D1    status_ctl = on;
-.D1 }
-.D1 server {
-.D1    # A server definition is required, even if emtpy.
-.D1    label="empty";
-.D1    proxy_only=on;
-.D1    # file="/etc/pdnsd-resolv.conf";
-.D1 }
+.Bd -compact -literal -offset indent
+global {
+       server_ip = 127.0.0.1;
+       status_ctl = on;
+}
+server {
+       # A server definition is required, even if empty.
+       label="empty";
+       proxy_only=on;
+       # file="/etc/pdnsd-resolv.conf";
+}
+.Ed
+.It Sy pdns_zones
+This file tells pdns_recursor about specific and global name servers.
+.Pp
+Example resolvconf.conf for pdns_recursor:
+.Bd -compact -literal -offset indent
+name_servers=127.0.0.1
+pdns_zones=/etc/pdns/recursor-zones.conf
+.Ed
+.Pp
+Example recursor.conf:
+.Bd -compact -literal -offset indent
+allow-from=127.0.0.0/8, ::1/128
+forward-zones-file=/etc/pdns/recursor-zones.conf
+.Ed
 .It Sy unbound_conf
 This file tells unbound about specific and global name servers.
 .It Sy unbound_insecure
 When set to YES, unbound marks the domains as insecure, thus ignoring DNSSEC.
 .Pp
 Example resolvconf.conf for unbound:
-.D1 name_servers=127.0.0.1
-.D1 unbound_conf=/etc/unbound-resolvconf.conf
+.Bd -compact -literal -offset indent
+name_servers=127.0.0.1
+unbound_conf=/etc/unbound-resolvconf.conf
+.Ed
 .Pp
 Example unbound.conf:
-.D1 include: /etc/unbound-resolvconf.conf
+.Bd -compact -literal -offset indent
+include: /etc/unbound-resolvconf.conf
+.Ed
 .El
 .Sh SUBSCRIBER INTEGRATION
 Not all distributions store the files the subscribers need in the same
@@ -292,7 +342,6 @@ Also, users could equally want to use a different version from the one
 installed by default, such as bind8 and bind9.
 To accommodate this, the subscribers have these files in configurable
 variables, documented below.
-.Pp
 .Bl -tag -width indent
 .It Sy dnsmasq_service
 Name of the dnsmasq service.
@@ -310,6 +359,10 @@ Name of the named service.
 Command to restart the named service.
 .It Sy pdnsd_restart
 Command to restart the pdnsd service.
+.It Sy pdns_service
+Command to restart the pdns_recursor service.
+.It Sy pdns_restart
+Command to restart the pdns_recursor service.
 .It Sy unbound_service
 Name of the unbound service.
 .It Sy unbound_restart
index 7353cfc..e7d3821 100644 (file)
@@ -1,5 +1,5 @@
 #!/bin/sh
-# Copyright (c) 2007-2016 Roy Marples
+# Copyright (c) 2007-2019 Roy Marples
 # All rights reserved
 
 # Redistribution and use in source and binary forms, with or without
@@ -25,7 +25,7 @@
 # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
 RESOLVCONF="$0"
-OPENRESOLV_VERSION="3.9.0"
+OPENRESOLV_VERSION="3.9.2"
 SYSCONFDIR=@SYSCONFDIR@
 LIBEXECDIR=@LIBEXECDIR@
 VARDIR=@VARDIR@
@@ -125,21 +125,22 @@ usage()
 # If you think otherwise, capture a DNS trace and you'll see libc
 # will strip it regardless.
 # This also solves setting up duplicate zones in our subscribers.
-strip_trailing_dots()
+# Also strip any comments denoted by #.
+resolv_strip()
 {
-       local n= d=
-
-       for n; do
-               printf "$d%s" "${n%.}"
-               d=" "
+       space=
+       for word; do
+               case "$word" in
+               \#*) break;;
+               esac
+               printf "%s%s" "$space${word%.}"
+               space=" "
        done
        printf "\n"
 }
 
 private_iface()
 {
-       local p
-
        # Allow expansion
        cd "$IFACEDIR"
 
@@ -168,12 +169,15 @@ private_iface()
 # for domain name servers, search name servers and global nameservers
 parse_resolv()
 {
-       local line= ns= ds= search= d= n= newns=
-       local new=true iface= private=false p= domain= l= islocal=
-
+       domain=
+       new=true
        newns=
+       ns=
+       private=false
+       search=
 
        while read -r line; do
+               stripped_line="$(resolv_strip ${line#* })"
                case "$line" in
                "# resolv.conf from "*)
                        if ${new}; then
@@ -189,29 +193,32 @@ parse_resolv()
                "nameserver "*)
                        islocal=false
                        for l in $local_nameservers; do
-                               case "${line#* }" in
+                               case "$stripped_line" in
                                $l)
                                        islocal=true
-                                       echo "LOCALNAMESERVERS=\"\$LOCALNAMESERVERS ${line#* }\""
                                        break
                                        ;;
                                esac
                        done
-                       $islocal || ns="$ns${line#* } "
+                       if $islocal; then
+                               echo "LOCALNAMESERVERS=\"\$LOCALNAMESERVERS $stripped_line\""
+                       else
+                               ns="$ns$stripped_line "
+                       fi
                        ;;
                "domain "*)
-                       search="$(strip_trailing_dots ${line#* })"
+                       search="$stripped_line"
                        if [ -z "$domain" ]; then
                                domain="$search"
                                echo "DOMAIN=\"$domain\""
                        fi
                        ;;
                "search "*)
-                       search="$(strip_trailing_dots ${line#* })"
+                       search="$stripped_line"
                        ;;
                *)
                        [ -n "$line" ] && continue
-                       if [ -n "$ns" -a -n "$search" ]; then
+                       if [ -n "$ns" ] && [ -n "$search" ]; then
                                newns=
                                for n in $ns; do
                                        newns="$newns${newns:+,}$n"
@@ -236,7 +243,7 @@ parse_resolv()
 
 uniqify()
 {
-       local result=
+       result=
        while [ -n "$1" ]; do
                case " $result " in
                *" $1 "*);;
@@ -249,8 +256,8 @@ uniqify()
 
 dirname()
 {
-       local dir= OIFS="$IFS"
-       local IFS=/
+       OIFS="$IFS"
+       IFS=/
        set -- $@
        IFS="$OIFS"
        if [ -n "$1" ]; then
@@ -267,7 +274,7 @@ dirname()
 
 config_mkdirs()
 {
-       local e=0 f d
+       e=0
        for f; do
                [ -n "$f" ] || continue
                d="$(dirname "$f")"
@@ -295,66 +302,86 @@ detect_init()
        # Detect the running init system.
        # As systemd and OpenRC can be installed on top of legacy init
        # systems we try to detect them first.
-       local status="@STATUSARG@"
+       status="@STATUSARG@"
        : ${status:=status}
-       if [ -x /bin/systemctl -a -S /run/systemd/private ]; then
-               RESTARTCMD="if /bin/systemctl --quiet is-active \$1.service; then
-       /bin/systemctl restart \$1.service;
-fi"
-       elif [ -x /usr/bin/systemctl -a -S /run/systemd/private ]; then
-               RESTARTCMD="if /usr/bin/systemctl --quiet is-active \$1.service; then
-       /usr/bin/systemctl restart \$1.service;
-fi"
-       elif [ -x /sbin/rc-service -a \
-           -s /libexec/rc/init.d/softlevel -o -s /run/openrc/softlevel ]
+       if [ -x /bin/systemctl ] && [ -S /run/systemd/private ]; then
+               RESTARTCMD='
+                       if /bin/systemctl --quiet is-active $1.service
+                       then
+                               /bin/systemctl restart $1.service
+                       fi'
+       elif [ -x /usr/bin/systemctl ] && [ -S /run/systemd/private ]; then
+               RESTARTCMD='
+                       if /usr/bin/systemctl --quiet is-active $1.service
+                       then
+                               /usr/bin/systemctl restart $1.service
+                       fi'
+       elif [ -x /sbin/rc-service ] &&
+            { [ -s /libexec/rc/init.d/softlevel ] ||
+            [ -s /run/openrc/softlevel ]; }
        then
-               RESTARTCMD="/sbin/rc-service -i \$1 -- -Ds restart"
+               RESTARTCMD='/sbin/rc-service -i $1 -- -Ds restart'
        elif [ -x /usr/sbin/invoke-rc.d ]; then
                RCDIR=/etc/init.d
-               RESTARTCMD="if /usr/sbin/invoke-rc.d --quiet \$1 status 1>/dev/null 2>&1; then
-       /usr/sbin/invoke-rc.d \$1 restart;
-fi"
+               RESTARTCMD='
+                  if /usr/sbin/invoke-rc.d --quiet $1 status >/dev/null 2>&1
+                  then
+                       /usr/sbin/invoke-rc.d $1 restart
+                  fi'
        elif [ -x /sbin/service ]; then
                # Old RedHat
                RCDIR=/etc/init.d
-               RESTARTCMD="if /sbin/service \$1; then
-       /sbin/service \$1 restart;
-fi"
+               RESTARTCMD='
+                       if /sbin/service $1; then
+                               /sbin/service $1 restart
+                       fi'
        elif [ -x /usr/sbin/service ]; then
                # Could be FreeBSD
-               RESTARTCMD="if /usr/sbin/service \$1 $status 1>/dev/null 2>&1; then
-       /usr/sbin/service \$1 restart;
-fi"
+               RESTARTCMD="
+                       if /usr/sbin/service \$1 $status >/dev/null 2>&1
+                       then
+                               /usr/sbin/service \$1 restart
+                       fi"
        elif [ -x /bin/sv ]; then
-               RESTARTCMD="/bin/sv status \$1 >/dev/null 2>&1 && /bin/sv try-restart \$1"
+               RESTARTCMD='/bin/sv status $1 >/dev/null 2>&1 &&
+                           /bin/sv try-restart $1'
        elif [ -x /usr/bin/sv ]; then
-               RESTARTCMD="/usr/bin/sv status \$1 >/dev/null 2>&1 && /usr/bin/sv try-restart \$1"
-       elif [ -e /etc/arch-release -a -d /etc/rc.d ]; then
+               RESTARTCMD='/usr/bin/sv status $1 >/dev/null 2>&1 &&
+                           /usr/bin/sv try-restart $1'
+       elif [ -e /etc/arch-release ] && [ -d /etc/rc.d ]; then
                RCDIR=/etc/rc.d
-               RESTARTCMD="if [ -e /var/run/daemons/\$1 ]; then
-       /etc/rc.d/\$1 restart;
-fi"
-       elif [ -e /etc/slackware-version -a -d /etc/rc.d ]; then
-               RESTARTCMD="if /etc/rc.d/rc.\$1 status 1>/dev/null 2>&1; then
-       /etc/rc.d/rc.\$1 restart;
-fi"
-       elif [ -e /etc/rc.d/rc.subr -a -d /etc/rc.d ]; then
+               RESTARTCMD='
+                       if [ -e /var/run/daemons/$1 ]
+                       then
+                               /etc/rc.d/$1 restart
+                       fi'
+       elif [ -e /etc/slackware-version ] && [ -d /etc/rc.d ]; then
+               RESTARTCMD='
+                       if /etc/rc.d/rc.$1 status >/dev/null 2>&1
+                       then
+                               /etc/rc.d/rc.$1 restart
+                       fi'
+       elif [ -e /etc/rc.d/rc.subr ] && [ -d /etc/rc.d ]; then
                # OpenBSD
-               RESTARTCMD="if /etc/rc.d/\$1 check 1>/dev/null 2>&1; then
-       /etc/rc.d/\$1 restart;
-fi"
+               RESTARTCMD='
+                       if /etc/rc.d/$1 check >/dev/null 2>&1
+                       then
+                               /etc/rc.d/$1 restart
+                       fi'
        else
                for x in /etc/init.d/rc.d /etc/rc.d /etc/init.d; do
                        [ -d $x ] || continue
-                       RESTARTCMD="if $x/\$1 $status 1>/dev/null 2>&1; then
-       $x/\$1 restart;
-fi"
+                       RESTARTCMD="
+                               if $x/\$1 $status >/dev/null 2>&1
+                               then
+                                       $x/\$1 restart
+                               fi"
                        break
                done
        fi
 
        if [ -z "$RESTARTCMD" ]; then
-               if [ "$NOINIT_WARNED" != true ]; then
+               if [ "$_NOINIT_WARNED" != true ]; then
                        warn "could not detect a useable init system"
                        _NOINIT_WARNED=true
                fi
@@ -366,9 +393,9 @@ fi"
 
 echo_resolv()
 {
-       local line= OIFS="$IFS"
+       OIFS="$IFS"
 
-       [ -n "$1" -a -f "$IFACEDIR/$1" ] || return 1
+       [ -n "$1" ] && [ -f "$IFACEDIR/$1" ] || return 1
        echo "# resolv.conf from $1"
        # Our variable maker works of the fact each resolv.conf per interface
        # is separated by blank lines.
@@ -388,11 +415,16 @@ list_resolv()
 {
        [ -d "$IFACEDIR" ] || return 0
 
-       local report=false list= retval=0 cmd="$1" excl=
+       cmd="$1"
        shift
+       excl=false
+       list=
+       report=false
+       retval=0
 
        case "$IF_EXCLUSIVE" in
        [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1)
+               excl=true
                if [ -d "$EXCLUSIVEDIR" ]; then
                        cd "$EXCLUSIVEDIR"
                        for i in *; do
@@ -402,19 +434,15 @@ list_resolv()
                                fi
                        done
                fi
-               excl=true
                cd "$IFACEDIR"
                for i in $inclusive_interfaces; do
-                       if [ -f "$i" -a "$list" = "$i" ]; then
+                       if [ -f "$i" ] && [ "$list" = "$i" ]; then
                                list=
                                excl=false
                                break
                        fi
                done
                ;;
-       *)
-               excl=false
-               ;;
        esac
 
        # If we have an interface ordering list, then use that.
@@ -431,22 +459,28 @@ list_resolv()
                        done
                done
                for i in $dynamic_order; do
-                       if [ -e "$i" -a ! -e "$METRICDIR/"*" $i" ]; then
+                       if [ -e "$i" ] && ! [ -e "$METRICDIR/"*" $i" ]; then
                                list="$list $i"
                        fi
                        for ii in "$i":* "$i".*; do
-                               if [ -f "$ii" -a ! -e "$METRICDIR/"*" $ii" ]; then
+                               if [ -f "$ii" ] && ! [ -e "$METRICDIR/"*" $ii" ]
+                               then
                                        list="$list $ii"
                                fi
                        done
                done
+               # Interfaces have an implicit metric of 0 if not specified.
+               for i in *; do
+                       if [ -f "$i" ] && ! [ -e "$METRICDIR/"*" $i" ]; then
+                               list="$list $i"
+                       fi
+               done
                if [ -d "$METRICDIR" ]; then
                        cd "$METRICDIR"
                        for i in *; do
                                [ -f "$i" ] && list="$list ${i#* }"
                        done
                fi
-               list="$list *"
        fi
 
        cd "$IFACEDIR"
@@ -461,23 +495,24 @@ list_resolv()
                        continue
                fi
                
-               if [ "$cmd" = i -o "$cmd" = "-i" ]; then
+               if [ "$cmd" = i ] || [ "$cmd" = "-i" ]; then
                        printf %s "$i "
                else
                        echo_resolv "$i" && echo
                fi
-               [ $? = 0 -a "$retval" = 1 ] && retval=0
+               [ $? = 0 ] && [ "$retval" = 1 ] && retval=0
        done
-       [ "$cmd" = i -o "$cmd" = "-i" ] && echo
+       [ "$cmd" = i ] || [ "$cmd" = "-i" ] && echo
        return $retval
 }
 
-list_remove() {
-       local list= e= l= result= found= retval=0
-
+list_remove()
+{
        [ -z "$2" ] && return 0
        eval list=\"\$$1\"
        shift
+       result=
+       retval=0
 
        set -f
        for e; do
@@ -525,8 +560,6 @@ echo_append()
 
 replace()
 {
-       local r= k= f= v= val= sub=
-
        while read -r keyword value; do
                for r in $replace; do
                        k="${r%%/*}"
@@ -566,8 +599,6 @@ replace()
 
 make_vars()
 {
-       local newdomains= d= dn= newns= ns=
-
        # Clear variables
        DOMAIN=
        DOMAINS=
@@ -575,7 +606,7 @@ make_vars()
        NAMESERVERS=
        LOCALNAMESERVERS=
        
-       if [ -n "$name_servers" -o -n "$search_domains" ]; then
+       if [ -n "${name_servers}${search_domains}" ]; then
                eval "$(echo_prepend | parse_resolv)"
        fi
        if [ -z "$VFLAG" ]; then
@@ -583,11 +614,12 @@ make_vars()
                list_resolv -i "$@" >/dev/null || IF_EXCLUSIVE=0
                eval "$(list_resolv -l "$@" | replace | parse_resolv)"
        fi
-       if [ -n "$name_servers_append" -o -n "$search_domains_append" ]; then
+       if [ -n "${name_servers_append}${search_domains_append}" ]; then
                eval "$(echo_append | parse_resolv)"
        fi
 
        # Ensure that we only list each domain once
+       newdomains=
        for d in $DOMAINS; do
                dn="${d%%:*}"
                list_remove domain_blacklist "$dn" >/dev/null || continue
@@ -667,36 +699,37 @@ if [ "$cmd" = D ]; then
 fi
 
 # -l lists our resolv files, optionally for a specific interface
-if [ "$cmd" = l -o "$cmd" = i ]; then
+if [ "$cmd" = l ] || [ "$cmd" = i ]; then
        list_resolv "$cmd" "$args"
        exit $?
 fi
 
 # Restart a service or echo the command to restart a service
-if [ "$cmd" = r -o "$cmd" = R ]; then
+if [ "$cmd" = r ] || [ "$cmd" = R ]; then
        detect_init || exit 1
        if [ "$cmd" = r ]; then
                set -- $args
-               eval $RESTARTCMD
+               eval "$RESTARTCMD"
        else
-               echo "$RESTARTCMD"
+               echo "$RESTARTCMD" |
+                       sed -e '/^$/d' -e 's/^                  //g'
        fi
        exit $?
 fi
 
 # Not normally needed, but subscribers should be able to run independently
-if [ "$cmd" = v -o -n "$VFLAG" ]; then
+if [ "$cmd" = v ] || [ -n "$VFLAG" ]; then
        make_vars "$iface"
        exit $?
 fi
 
 # Test that we have valid options
-if [ "$cmd" = a -o "$cmd" = d ]; then
+if [ "$cmd" = a ] || [ "$cmd" = d ]; then
        if [ -z "$iface" ]; then
                usage "Interface not specified"
        fi
 elif [ "$cmd" != u ]; then
-       [ -n "$cmd" -a "$cmd" != h ] && usage "Unknown option $cmd"
+       [ -n "$cmd" ] && [ "$cmd" != h ] && usage "Unknown option $cmd"
        usage
 fi
 
@@ -712,7 +745,7 @@ if [ "$cmd" = a ]; then
                        "$x not allowed at start of interface name";;
                esac
        done
-       [ "$cmd" = a -a -t 0 ] && error_exit "No file given via stdin"
+       [ "$cmd" = a ] && [ -t 0 ] && error_exit "No file given via stdin"
 fi
 
 if [ ! -d "$VARDIR" ]; then
@@ -808,8 +841,8 @@ a)
                newmetric="$METRICDIR/$IF_METRIC $iface"
        fi
        rm -f "$METRICDIR/"*" $iface"
-       [ "$oldmetric" != "$newmetric" -a \
-           "$oldmetric" != "$METRICDIR/* $iface" ] &&
+       [ "$oldmetric" != "$newmetric" ] &&
+           "$oldmetric" != "$METRICDIR/* $iface" ] &&
                changed=true
        [ -n "$newmetric" ] && echo " " >"$newmetric"
 
index 46d4524..34cb401 100644 (file)
@@ -76,7 +76,7 @@ restart_unbound()
                eval $unbound_restart
        elif [ -n "$RESTARTCMD" ]; then
                set -- ${unbound_service}
-               eval $RESTARTCMD
+               eval "$RESTARTCMD"
        else
                @SBINDIR@/resolvconf -r ${unbound_service}
        fi