Add domain_blacklist and name_server_blacklist variables.
[openresolv] / resolvconf.in
1 #!/bin/sh
2 # Copyright (c) 2007-2012 Roy Marples
3 # All rights reserved
4
5 # Redistribution and use in source and binary forms, with or without
6 # modification, are permitted provided that the following conditions
7 # are met:
8 #     * Redistributions of source code must retain the above copyright
9 #       notice, this list of conditions and the following disclaimer.
10 #     * Redistributions in binary form must reproduce the above
11 #       copyright notice, this list of conditions and the following
12 #       disclaimer in the documentation and/or other materials provided
13 #       with the distribution.
14 #
15 # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
16 # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
17 # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
18 # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
19 # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
20 # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
21 # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
22 # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23 # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
25 # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26
27 RESOLVCONF="$0"
28 SYSCONFDIR=@SYSCONFDIR@
29 LIBEXECDIR=@LIBEXECDIR@
30 VARDIR=@VARDIR@
31 # Support original resolvconf configuration layout
32 # as well as the openresolv config file
33 if [ -f "$SYSCONFDIR"/resolvconf.conf ]; then
34         . "$SYSCONFDIR"/resolvconf.conf
35         [ -n "$state_dir" ] && VARDIR="$state_dir"
36 elif [ -d "$SYSCONFDIR/resolvconf" ]; then
37         SYSCONFDIR="$SYSCONFDIR/resolvconf"
38         if [ -f "$SYSCONFDIR"/interface-order ]; then
39                 interface_order="$(cat "$SYSCONFDIR"/interface-order)"
40         fi
41 fi
42 IFACEDIR="$VARDIR/interfaces"
43 METRICDIR="$VARDIR/metrics"
44 PRIVATEDIR="$VARDIR/private"
45
46 : ${dynamic_order:=tap[0-9]* tun[0-9]* vpn vpn[0-9]* ppp[0-9]* ippp[0-9]*}
47 : ${interface_order:=lo lo[0-9]*}
48 : ${name_server_blacklist:=0.0.0.0}
49
50 error_exit()
51 {
52         echo "$*" >&2
53         exit 1
54 }
55
56 usage()
57 {
58         cat <<-EOF
59         Usage: ${RESOLVCONF##*/} [options]
60
61         Inform the system about any DNS updates.
62
63         Options:
64           -a \$INTERFACE    Add DNS information to the specified interface
65                            (DNS supplied via stdin in resolv.conf format)
66           -m metric        Give the added DNS information a metric
67           -p               Mark the interface as private
68           -d \$INTERFACE    Delete DNS information from the specified interface
69           -f               Ignore non existant interfaces
70           -I               Init the state dir
71           -u               Run updates from our current DNS information
72           -l [\$PATTERN]    Show DNS information, optionally from interfaces
73                            that match the specified pattern
74           -i [\$PATTERN]    Show interfaces that have supplied DNS information
75                    optionally from interfaces that match the specified
76                    pattern
77           -v [\$PATTERN]    echo NEWDOMAIN, NEWSEARCH and NEWNS variables to
78                            the console
79           -h               Show this help cruft
80         EOF
81         [ -z "$1" ] && exit 0
82         echo
83         error_exit "$*"
84 }
85
86 echo_resolv()
87 {
88         local line= OIFS="$IFS"
89
90         [ -n "$1" -a -e "$IFACEDIR/$1" ] || return 1
91         echo "# resolv.conf from $1"
92         # Our variable maker works of the fact each resolv.conf per interface
93         # is separated by blank lines.
94         # So we remove them when echoing them.
95         while read -r line; do
96                 IFS="$OIFS"
97                 if [ -n "$line" ]; then
98                         # We need to set IFS here to preserve any whitespace
99                         IFS=''
100                         printf "%s\n" "$line"
101                 fi
102         done < "$IFACEDIR/$1"
103         echo
104         IFS="$OIFS"
105 }
106
107 # Parse resolv.conf's and make variables
108 # for domain name servers, search name servers and global nameservers
109 parse_resolv()
110 {
111         local line= ns= ds= search= d= n= newns=
112         local new=true iface= private=false p= domain=
113
114         echo "DOMAIN="
115         echo "DOMAINS="
116         echo "SEARCH=\"$search_domains\""
117         # let our subscribers know about global nameservers
118         for n in $name_servers; do
119                 case "$n" in
120                 127.*|0.0.0.0|255.255.255.255|::1) :;;
121                 *) newns="$newns${newns:+ }$n";;
122                 esac
123         done
124         echo "NAMESERVERS=\"$newns\""
125         echo "LOCALNAMESERVERS="
126         newns=
127
128         while read -r line; do
129                 case "$line" in
130                 "# resolv.conf from "*)
131                         if ${new}; then
132                                 iface="${line#\# resolv.conf from *}"
133                                 new=false
134                                 if [ -e "$PRIVATEDIR/$iface" ]; then
135                                         private=true
136                                 else
137                                         # Allow expansion
138                                         cd "$IFACEDIR"
139                                         private=false
140                                         for p in $private_interfaces; do
141                                                 if [ "$p" = "$iface" ]; then
142                                                         private=true
143                                                         break
144                                                 fi
145                                         done
146                                 fi
147                         fi
148                         ;;
149                 "nameserver "*)
150                         case "${line#* }" in
151                         127.*|0.0.0.0|255.255.255.255|::1)
152                                 echo "LOCALNAMESERVERS=\"\$LOCALNAMESERVERS ${line#* }\""
153                                 continue
154                                 ;;
155                         esac
156                         ns="$ns${line#* } "
157                         ;;
158                 "domain "*)
159                         if [ -z "$domain" ]; then
160                                 domain="${line#* }"
161                                 echo "DOMAIN=\"$domain\""
162                         fi
163                         search="${line#* }"
164                         ;;
165                 "search "*)
166                         search="${line#* }"
167                         ;;
168                 *)
169                         [ -n "$line" ] && continue
170                         if [ -n "$ns" -a -n "$search" ]; then
171                                 newns=
172                                 for n in $ns; do
173                                         newns="$newns${newns:+,}$n"
174                                 done
175                                 ds=
176                                 for d in $search; do
177                                         ds="$ds${ds:+ }$d:$newns"
178                                 done
179                                 echo "DOMAINS=\"\$DOMAINS $ds\""
180                         fi
181                         echo "SEARCH=\"\$SEARCH $search\""
182                         if ! $private; then
183                                 echo "NAMESERVERS=\"\$NAMESERVERS $ns\""
184                         fi
185                         ns=
186                         search=
187                         new=true
188                         ;;
189                 esac
190         done
191 }
192
193 uniqify()
194 {
195         local result=
196         while [ -n "$1" ]; do
197                 case " $result " in
198                 *" $1 "*);;
199                 *) result="$result $1";;
200                 esac
201                 shift
202         done
203         echo "${result# *}"
204 }
205
206 dirname()
207 {
208         local dir= OIFS="$IFS"
209         local IFS=/
210         set -- $@
211         IFS="$OIFS"
212         if [ -n "$1" ]; then
213                 printf %s .
214         else
215                 shift
216         fi
217         while [ -n "$2" ]; do
218                 printf "/%s" "$1"
219                 shift
220         done
221         printf "\n"
222 }
223
224 config_mkdirs()
225 {
226         local e=0 f d
227         for f; do
228                 [ -n "$f" ] || continue
229                 d="$(dirname "$f")"
230                 if [ ! -d "$d" ]; then
231                         if type install >/dev/null 2>&1; then
232                                 install -d "$d" || e=$?
233                         else
234                                 mkdir "$d" || e=$?
235                         fi
236                 fi
237         done
238         return $e
239 }
240
241 list_resolv()
242 {
243         [ -d "$IFACEDIR" ] || return 0
244
245         local report=false list= retval=0 cmd="$1"
246         shift
247
248         # If we have an interface ordering list, then use that.
249         # It works by just using pathname expansion in the interface directory.
250         if [ -n "$1" ]; then
251                 list="$*"
252                 $force || report=true
253         else
254                 cd "$IFACEDIR"
255                 for i in $interface_order; do
256                         [ -e "$i" ] && list="$list $i"
257                 done
258                 for i in $dynamic_order; do
259                         if [ -e "$i" -a ! -e "$METRICDIR/"*" $i" ]; then
260                                 list="$list $i"
261                         fi
262                 done
263                 if [ -d "$METRICDIR" ]; then
264                         cd "$METRICDIR"
265                         for i in *; do
266                                 list="$list ${i#* }"
267                         done
268                 fi
269                 list="$list *"
270         fi
271
272         cd "$IFACEDIR"
273         for i in $(uniqify $list); do
274                 # Only list interfaces which we really have
275                 if ! [ -e "$i" ]; then
276                         if $report; then
277                                 echo "No resolv.conf for interface $i" >&2
278                                 retval=$(($retval + 1))
279                         fi
280                         continue
281                 fi
282                 
283                 if [ "$cmd" = i -o "$cmd" = "-i" ]; then
284                         printf %s "$i "
285                 else
286                         echo_resolv "$i"
287                 fi
288         done
289         [ "$cmd" = i -o "$cmd" = "-i" ] && echo
290         return $retval
291 }
292
293 list_remove() {
294         local list= e= l= result= found= retval=0
295
296         [ -z "$2" ] && return 0
297         eval list=\"\$$1\"
298         shift
299
300         for e; do
301                 found=false
302                 for l in $list; do
303                         case "$e" in
304                         $l) found=true;;
305                         esac
306                         $found && break
307                 done
308                 if $found; then
309                         retval=$(($retval + 1))
310                 else
311                         result="$result $e"
312                 fi
313         done
314         echo "${result# *}"
315         return $retval
316 }
317
318 make_vars()
319 {
320         local newdomains= d= dn= newns= ns=
321         eval "$(list_resolv -l "$@" | parse_resolv)"
322
323         # Ensure that we only list each domain once
324         for d in $DOMAINS; do
325                 dn="${d%%:*}"
326                 list_remove domain_blacklist "$dn" >/dev/null || continue
327                 case " $newdomains" in
328                 *" ${dn}:"*) continue;;
329                 esac
330                 newns=
331                 for nd in $DOMAINS; do
332                         if [ "$dn" = "${nd%%:*}" ]; then
333                                 ns="${nd#*:}"
334                                 while [ -n "$ns" ]; do
335                                         case ",$newns," in
336                                         *,${ns%%,*},*) ;;
337                                         *) list_remove name_server_blacklist \
338                                                 "$ns" >/dev/null \
339                                         && newns="$newns${newns:+,}${ns%%,*}";;
340                                         esac
341                                         [ "$ns" = "${ns#*,}" ] && break
342                                         ns="${ns#*,}"
343                                 done
344                         fi
345                 done
346                 if [ -n "$newns" ]; then
347                         newdomains="$newdomains${newdomains:+ }$dn:$newns"
348                 fi
349         done
350         DOMAIN="$(list_remove domain_blacklist $DOMAIN)"
351         SEARCH="$(uniqify $SEARCH)"
352         SEARCH="$(list_remove domain_blacklist $SEARCH)"
353         NAMESERVERS="$(uniqify $NAMESERVERS)"
354         NAMESERVERS="$(list_remove name_server_blacklist $NAMESERVERS)"
355         LOCALNAMESERVERS="$(uniqify $LOCALNAMESERVERS)"
356         LOCALNAMESERVERS="$(list_remove name_server_blacklist $LOCALNAMESERVERS)"
357         echo "DOMAIN='$DOMAIN'"
358         echo "SEARCH='$SEARCH'"
359         echo "NAMESERVERS='$NAMESERVERS'"
360         echo "LOCALNAMESERVERS='$LOCALNAMESERVERS'"
361         echo "DOMAINS='$newdomains'"
362 }
363
364 force=false
365 while getopts a:Dd:fhIilm:puv OPT; do
366         case "$OPT" in
367         f) force=true;;
368         h) usage;;
369         m) IF_METRIC="$OPTARG";;
370         p) IF_PRIVATE=1;;
371         '?') ;;
372         *) cmd="$OPT"; iface="$OPTARG";;
373         esac
374 done
375 shift $(($OPTIND - 1))
376 args="$iface${iface:+ }$*"
377
378 # -I inits the state dir
379 if [ "$cmd" = I ]; then
380         if [ -d "$VARDIR" ]; then
381                 rm -rf "$VARDIR"/*
382         fi
383         exit $?
384 fi
385
386 # -D ensures that the listed config file base dirs exist
387 if [ "$cmd" = D ]; then
388         config_mkdirs "$@"
389         exit $?
390 fi
391
392 # -l lists our resolv files, optionally for a specific interface
393 if [ "$cmd" = l -o "$cmd" = i ]; then
394         list_resolv "$cmd" "$args"
395         exit $?
396 fi
397
398 # Not normally needed, but subscribers should be able to run independently
399 if [ "$cmd" = v ]; then
400         make_vars "$iface"
401         exit $?
402 fi
403
404 # Test that we have valid options
405 if [ "$cmd" = a -o "$cmd" = d ]; then
406         if [ -z "$iface" ]; then
407                 usage "Interface not specified"
408         fi
409 elif [ "$cmd" != u ]; then
410         [ -n "$cmd" -a "$cmd" != h ] && usage "Unknown option $cmd"
411         usage
412 fi
413 if [ "$cmd" = a ]; then
414         for x in '/' \\ ' ' '*'; do
415                 case "$iface" in
416                 *[$x]*) error_exit "$x not allowed in interface name";;
417                 esac
418         done
419         for x in '.' '-' '~'; do
420                 case "$iface" in
421                 [$x]*) error_exit \
422                         "$x not allowed at start of interface name";;
423                 esac
424         done
425         [ "$cmd" = a -a -t 0 ] && error_exit "No file given via stdin"
426 fi
427
428 if [ ! -d "$IFACEDIR" ]; then
429         if [ ! -d "$VARDIR" ]; then
430                 if [ -L "$VARDIR" ]; then
431                         dir="$(readlink "$VARDIR")"
432                         # link maybe relative
433                         cd "${VARDIR%/*}"
434                         if ! mkdir -m 0755 -p "$dir"; then
435                                 error_exit "Failed to create needed" \
436                                         "directory $dir"
437                         fi
438                 else
439                         if ! mkdir -m 0755 -p "$VARDIR"; then
440                                 error_exit "Failed to create needed" \
441                                         "directory $VARDIR"
442                         fi
443                 fi
444         fi
445         mkdir -m 0755 -p "$IFACEDIR" || \
446                 error_exit "Failed to create needed directory $IFACEDIR"
447 else
448         # Delete any existing information about the interface
449         if [ "$cmd" = d ]; then
450                 cd "$IFACEDIR"
451                 for i in $args; do
452                         if [ "$cmd" = d -a ! -e "$i" ]; then
453                                 $force && continue
454                                 error_exit "No resolv.conf for" \
455                                         "interface $i"
456                         fi
457                         rm -f "$i" "$METRICDIR/"*" $i" \
458                                 "$PRIVATEDIR/$i" || exit $?
459                 done
460         fi
461 fi
462
463 if [ "$cmd" = a ]; then
464         # Read resolv.conf from stdin
465         resolv="$(cat)"
466         changed=false
467         # If what we are given matches what we have, then do nothing
468         if [ -e "$IFACEDIR/$iface" ]; then
469                 if [ "$(echo "$resolv")" != \
470                         "$(cat "$IFACEDIR/$iface")" ]
471                 then
472                         rm "$IFACEDIR/$iface"
473                         changed=true
474                 fi
475         else
476                 changed=true
477         fi
478         if $changed; then
479                 echo "$resolv" >"$IFACEDIR/$iface" || exit $?
480         fi
481         [ ! -d "$METRICDIR" ] && mkdir "$METRICDIR"
482         oldmetric="$METRICDIR/"*" $iface"
483         newmetric=
484         if [ -n "$IF_METRIC" ]; then
485                 # Pad metric to 6 characters, so 5 is less than 10
486                 while [ ${#IF_METRIC} -le 6 ]; do
487                         IF_METRIC="0$IF_METRIC"
488                 done
489                 newmetric="$METRICDIR/$IF_METRIC $iface"
490         fi
491         rm -f "$METRICDIR/"*" $iface"
492         [ "$oldmetric" != "$newmetric" -a \
493             "$oldmetric" != "$METRICDIR/* $iface" ] &&
494                 changed=true
495         [ -n "$newmetric" ] && echo " " >"$newmetric"
496         case "$IF_PRIVATE" in
497         [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1)
498                 if [ ! -d "$PRIVATEDIR" ]; then
499                         [ -e "$PRIVATEDIR" ] && rm "$PRIVATEDIR"
500                         mkdir "$PRIVATEDIR"
501                 fi
502                 [ -e "$PRIVATEDIR/$iface" ] || changed=true
503                 [ -d "$PRIVATEDIR" ] && echo " " >"$PRIVATEDIR/$iface"
504                 ;;
505         *)
506                 if [ -e "$PRIVATEDIR/$iface" ]; then
507                         rm -f "$PRIVATEDIR/$iface"
508                         changed=true
509                 fi
510                 ;;
511         esac
512         $changed || exit 0
513         unset changed oldmetric newmetric
514 fi
515
516 eval "$(make_vars)"
517 export RESOLVCONF DOMAINS SEARCH NAMESERVERS LOCALNAMESERVERS
518 : ${list_resolv:=list_resolv -l}
519 retval=0
520 for script in "$LIBEXECDIR"/*; do
521         if [ -f "$script" ]; then
522                 if [ -x "$script" ]; then
523                         "$script" "$cmd" "$iface"
524                 else
525                         (set -- "$cmd" "$iface"; . "$script")
526                 fi
527                 retval=$(($retval + $?))
528         fi
529 done
530 exit $retval