mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-11-24 01:07:21 +01:00
9af6c78cd4
openresolv: update to version 3.9.2 MFC after: 3 weeks
253 lines
6.6 KiB
Bash
253 lines
6.6 KiB
Bash
#!/bin/sh
|
|
# Copyright (c) 2007-2019 Roy Marples
|
|
# All rights reserved
|
|
|
|
# libc subscriber for resolvconf
|
|
|
|
# Redistribution and use in source and binary forms, with or without
|
|
# modification, are permitted provided that the following conditions
|
|
# are met:
|
|
# * Redistributions of source code must retain the above copyright
|
|
# notice, this list of conditions and the following disclaimer.
|
|
# * Redistributions in binary form must reproduce the above
|
|
# copyright notice, this list of conditions and the following
|
|
# disclaimer in the documentation and/or other materials provided
|
|
# with the distribution.
|
|
#
|
|
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
|
|
# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
SYSCONFDIR=@SYSCONFDIR@
|
|
LIBEXECDIR=@LIBEXECDIR@
|
|
VARDIR=@VARDIR@
|
|
IFACEDIR="$VARDIR/interfaces"
|
|
NL="
|
|
"
|
|
|
|
# sed may not be available, and this is faster on small files
|
|
key_get_value()
|
|
{
|
|
key="$1"
|
|
shift
|
|
|
|
if [ $# -eq 0 ]; then
|
|
while read -r line; do
|
|
case "$line" in
|
|
"$key"*) echo "${line##$key}";;
|
|
esac
|
|
done
|
|
else
|
|
for x do
|
|
while read -r line; do
|
|
case "$line" in
|
|
"$key"*) echo "${line##$key}";;
|
|
esac
|
|
done < "$x"
|
|
done
|
|
fi
|
|
}
|
|
|
|
keys_remove()
|
|
{
|
|
while read -r line; do
|
|
found=false
|
|
for key do
|
|
case "$line" in
|
|
"$key"*|"#"*|" "*|" "*|"") found=true;;
|
|
esac
|
|
$found && break
|
|
done
|
|
$found || echo "$line"
|
|
done
|
|
}
|
|
|
|
local_nameservers="127.* 0.0.0.0 255.255.255.255 ::1"
|
|
|
|
# Support original resolvconf configuration layout
|
|
# as well as the openresolv config file
|
|
if [ -f "$SYSCONFDIR"/resolvconf.conf ]; then
|
|
. "$SYSCONFDIR"/resolvconf.conf
|
|
elif [ -d "$SYSCONFDIR"/resolvconf ]; then
|
|
SYSCONFDIR="$SYSCONFDIR/resolvconf"
|
|
base="$SYSCONFDIR/resolv.conf.d/base"
|
|
if [ -f "$base" ]; then
|
|
prepend_nameservers="$(key_get_value "nameserver " "$base")"
|
|
domain="$(key_get_value "domain " "$base")"
|
|
prepend_search="$(key_get_value "search " "$base")"
|
|
resolv_conf_options="$(key_get_value "options " "$base")"
|
|
resolv_conf_sortlist="$(key_get_value "sortlist " "$base")"
|
|
fi
|
|
if [ -f "$SYSCONFDIR"/resolv.conf.d/head ]; then
|
|
resolv_conf_head="$(cat "${SYSCONFDIR}"/resolv.conf.d/head)"
|
|
fi
|
|
if [ -f "$SYSCONFDIR"/resolv.conf.d/tail ]; then
|
|
resolv_conf_tail="$(cat "$SYSCONFDIR"/resolv.conf.d/tail)"
|
|
fi
|
|
fi
|
|
: ${resolv_conf:=/etc/resolv.conf}
|
|
: ${libc_service:=nscd}
|
|
: ${list_resolv:=@SBINDIR@/resolvconf -l}
|
|
if [ "${resolv_conf_head-x}" = x ] && [ -f "$SYSCONFDIR"/resolv.conf.head ]
|
|
then
|
|
resolv_conf_head="$(cat "${SYSCONFDIR}"/resolv.conf.head)"
|
|
fi
|
|
if [ "${resolv_conf_tail-x}" = x ] && [ -f "$SYSCONFDIR"/resolv.conf.tail ]
|
|
then
|
|
resolv_conf_tail="$(cat "$SYSCONFDIR"/resolv.conf.tail)"
|
|
fi
|
|
|
|
backup=true
|
|
signature="# Generated by resolvconf"
|
|
|
|
uniqify()
|
|
{
|
|
result=
|
|
while [ -n "$1" ]; do
|
|
case " $result " in
|
|
*" $1 "*);;
|
|
*) result="$result $1";;
|
|
esac
|
|
shift
|
|
done
|
|
echo "${result# *}"
|
|
}
|
|
|
|
case "${resolv_conf_passthrough:-NO}" in
|
|
[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1)
|
|
backup=false
|
|
newest=
|
|
for conf in "$IFACEDIR"/*; do
|
|
if [ -z "$newest" ] || [ "$conf" -nt "$newest" ]; then
|
|
newest="$conf"
|
|
fi
|
|
done
|
|
[ -z "$newest" ] && exit 0
|
|
newconf="$(cat "$newest")$NL"
|
|
;;
|
|
/dev/null|[Nn][Uu][Ll][Ll])
|
|
: ${resolv_conf_local_only:=NO}
|
|
if [ "$local_nameservers" = "127.* 0.0.0.0 255.255.255.255 ::1" ]; then
|
|
local_nameservers=
|
|
fi
|
|
# Need to overwrite our variables.
|
|
eval "$(@SBINDIR@/resolvconf -V)"
|
|
;;
|
|
|
|
*)
|
|
[ -z "$RESOLVCONF" ] && eval "$(@SBINDIR@/resolvconf -v)"
|
|
;;
|
|
esac
|
|
case "${resolv_conf_passthrough:-NO}" in
|
|
[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) ;;
|
|
*)
|
|
: ${domain:=$DOMAIN}
|
|
newsearch="$(uniqify $prepend_search $SEARCH $append_search)"
|
|
NS="$LOCALNAMESERVERS $NAMESERVERS"
|
|
newns=
|
|
gotlocal=false
|
|
for n in $(uniqify $prepend_nameservers $NS $append_nameservers); do
|
|
add=true
|
|
islocal=false
|
|
for l in $local_nameservers; do
|
|
case "$n" in
|
|
$l) islocal=true; gotlocal=true; break;;
|
|
esac
|
|
done
|
|
if ! $islocal; then
|
|
case "${resolv_conf_local_only:-YES}" in
|
|
[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1)
|
|
$gotlocal && add=false;;
|
|
esac
|
|
fi
|
|
$add && newns="$newns $n"
|
|
done
|
|
|
|
# Hold our new resolv.conf in a variable to save on temporary files
|
|
newconf="$signature$NL"
|
|
if [ -n "$resolv_conf_head" ]; then
|
|
newconf="$newconf$resolv_conf_head$NL"
|
|
fi
|
|
|
|
[ -n "$domain" ] && newconf="${newconf}domain $domain$NL"
|
|
if [ -n "$newsearch" ] && [ "$newsearch" != "$domain" ]; then
|
|
newconf="${newconf}search $newsearch$NL"
|
|
fi
|
|
for n in $newns; do
|
|
newconf="${newconf}nameserver $n$NL"
|
|
done
|
|
|
|
# Now add anything we don't care about such as sortlist and options
|
|
stuff="$($list_resolv | keys_remove nameserver domain search)"
|
|
if [ -n "$stuff" ]; then
|
|
newconf="$newconf$stuff$NL"
|
|
fi
|
|
|
|
# Append any user defined ones
|
|
if [ -n "$resolv_conf_options" ]; then
|
|
newconf="${newconf}options $resolv_conf_options$NL"
|
|
fi
|
|
if [ -n "$resolv_conf_sortlist" ]; then
|
|
newconf="${newconf}sortlist $resolv_conf_sortlist$NL"
|
|
fi
|
|
|
|
if [ -n "$resolv_conf_tail" ]; then
|
|
newconf="$newconf$resolv_conf_tail$NL"
|
|
fi
|
|
;;
|
|
esac
|
|
|
|
# Check if the file has actually changed or not
|
|
if [ -e "$resolv_conf" ]; then
|
|
[ "$(cat "$resolv_conf")" = "$(printf %s "$newconf")" ] && exit 0
|
|
fi
|
|
|
|
# Change is good.
|
|
# If the old file does not have our signature, back it up.
|
|
# If the new file just has our signature, restore the backup.
|
|
if $backup; then
|
|
if [ "$newconf" = "$signature$NL" ]; then
|
|
if [ -e "$resolv_conf.bak" ]; then
|
|
newconf="$(cat "$resolv_conf.bak")$NL"
|
|
fi
|
|
elif [ -e "$resolv_conf" ]; then
|
|
read line <"$resolv_conf"
|
|
if [ "$line" != "$signature" ]; then
|
|
cp "$resolv_conf" "$resolv_conf.bak"
|
|
fi
|
|
fi
|
|
fi
|
|
|
|
# Create our resolv.conf now
|
|
(umask 022; echo "$newconf" >"$resolv_conf")
|
|
if [ -n "$libc_restart" ]; then
|
|
eval $libc_restart
|
|
elif [ -n "$RESTARTCMD" ]; then
|
|
set -- ${libc_service}
|
|
eval "$RESTARTCMD"
|
|
else
|
|
@SBINDIR@/resolvconf -r ${libc_service}
|
|
fi
|
|
|
|
retval=0
|
|
# Notify users of the resolver
|
|
for script in "$LIBEXECDIR"/libc.d/*; do
|
|
if [ -f "$script" ]; then
|
|
if [ -x "$script" ]; then
|
|
"$script" "$@"
|
|
else
|
|
(. "$script")
|
|
fi
|
|
retval=$(($retval + $?))
|
|
fi
|
|
done
|
|
exit $retval
|