From f831d54d90602e627b736d928af9f7fd9cf95887 Mon Sep 17 00:00:00 2001
From: Dirk Brenken <dev@brenken.org>
Date: Sat, 2 Dec 2017 18:39:03 +0100
Subject: [PATCH] adblock: update 3.1.1

* new function to set/delete options in external uci config files
  * kresd: automated 'rpz_file' handling in /etc/config/resolver
  * firewall: automated 'force_dns' handling if you
              enable or disable adblock
* support sha256sum (default) and md5sum for blocklist
  comparison & conditional dns restarts
* cosmetics

Signed-off-by: Dirk Brenken <dev@brenken.org>
---
 net/adblock/Makefile         |   4 +-
 net/adblock/files/README.md  |   7 ++-
 net/adblock/files/adblock.sh | 102 ++++++++++++++++++++++++-----------
 3 files changed, 78 insertions(+), 35 deletions(-)

diff --git a/net/adblock/Makefile b/net/adblock/Makefile
index d8d5a8726..28a7feeff 100644
--- a/net/adblock/Makefile
+++ b/net/adblock/Makefile
@@ -6,8 +6,8 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=adblock
-PKG_VERSION:=3.1.0
-PKG_RELEASE:=2
+PKG_VERSION:=3.1.1
+PKG_RELEASE:=1
 PKG_LICENSE:=GPL-3.0+
 PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org>
 
diff --git a/net/adblock/files/README.md b/net/adblock/files/README.md
index 50e13843f..6b373da52 100644
--- a/net/adblock/files/README.md
+++ b/net/adblock/files/README.md
@@ -76,6 +76,7 @@ A lot of people already use adblocker plugins within their desktop browsers, but
 * minimal status & error logging to syslog, enable debug logging to receive more output
 * procd based init system support (start/stop/restart/reload/suspend/resume/query/status)
 * procd network interface trigger support or classic time based startup
+* conditional dns backend restarts by old/new blocklist comparison with sha256sum (default) or md5sum
 * suspend & resume adblock actions temporarily without blocklist reloading
 * output comprehensive runtime information via LuCI or via 'status' init command
 * query function to quickly identify blocked (sub-)domains, e.g. for whitelisting
@@ -235,7 +236,8 @@ This entry does not remove:
   www.adwhere.com
 </code></pre>
   
-**query the active blocklist for a certain (sub-)domain, e.g. for whitelisting:**
+**query the active blocklist for a certain (sub-)domain, e.g. for whitelisting:**  
+
 The query function checks against the submitted (sub-)domain and recurses automatically to the upper top level domain. For every (sub-)domain it returns the first ten relevant results.
 <pre><code>
 /etc/init.d/adblock query www.example.google.com
@@ -253,7 +255,8 @@ The query function checks against the submitted (sub-)domain and recurses automa
   + www-google-analytics.l.google.com
 </code></pre>
   
-**add a new blocklist source:**
+**add a new blocklist source:**  
+
 1. the easy way ...  
 example: https://easylist-downloads.adblockplus.org/rolist+easylist.txt  
 Adblock already supports an easylist source, called 'reg_ru'. To add the additional local easylist as a new source, copy the existing config source section and change only
diff --git a/net/adblock/files/adblock.sh b/net/adblock/files/adblock.sh
index e628637a7..209fc00fe 100755
--- a/net/adblock/files/adblock.sh
+++ b/net/adblock/files/adblock.sh
@@ -10,7 +10,7 @@
 #
 LC_ALL=C
 PATH="/usr/sbin:/usr/bin:/sbin:/bin"
-adb_ver="3.1.0"
+adb_ver="3.1.1"
 adb_sysver="unknown"
 adb_enabled=0
 adb_debug=0
@@ -28,6 +28,7 @@ adb_dnsprefix="adb_list"
 adb_dnsfile="${adb_dnsprefix}.overall"
 adb_whitelist="/etc/adblock/adblock.whitelist"
 adb_rtfile="/tmp/adb_runtime.json"
+adb_hashsum="$(command -v sha256sum)"
 adb_action="${1:-"start"}"
 adb_cnt=0
 adb_rc=0
@@ -154,13 +155,16 @@ f_envload()
             ;;
     esac
 
-    if [ ${adb_enabled} -ne 1 ]
+    # check adblock status
+    #
+    if [ ${adb_enabled} -eq 0 ]
     then
         if [ -s "${adb_dnsdir}/${adb_dnsfile}" ]
         then
             f_rmdns
             f_dnsrestart
         fi
+        f_extconf
         f_jsnupdate
         f_log "info " "adblock is currently disabled, please set adb_enabled to '1' to use this service"
         exit 0
@@ -196,30 +200,6 @@ f_envload()
     then
         f_log "error" "'${adb_dns}' not running, DNS backend not found"
     fi
-
-    # force dns to local resolver
-    #
-    if [ ${adb_forcedns} -eq 1 ] && [ -z "$(uci -q get firewall.adblock_dns)" ]
-    then
-        uci -q set firewall.adblock_dns="redirect"
-        uci -q set firewall.adblock_dns.name="Adblock DNS"
-        uci -q set firewall.adblock_dns.src="lan"
-        uci -q set firewall.adblock_dns.proto="tcp udp"
-        uci -q set firewall.adblock_dns.src_dport="53"
-        uci -q set firewall.adblock_dns.dest_port="53"
-        uci -q set firewall.adblock_dns.target="DNAT"
-    elif [ ${adb_forcedns} -eq 0 ] && [ -n "$(uci -q get firewall.adblock_dns)" ]
-    then
-        uci -q delete firewall.adblock_dns
-    fi
-    if [ -n "$(uci -q changes firewall)" ]
-    then
-        uci -q commit firewall
-        if [ $(/etc/init.d/firewall enabled; printf "%u" ${?}) -eq 0 ]
-        then
-            /etc/init.d/firewall reload >/dev/null 2>&1
-        fi
-    fi
 }
 
 # f_envcheck: check/set environment prerequisites
@@ -228,6 +208,10 @@ f_envcheck()
 {
     local ssl_lib
 
+    # check external uci config files
+    #
+    f_extconf
+
     # check fetch utility
     #
     ssl_lib="-"
@@ -262,6 +246,13 @@ f_envcheck()
     fi
     adb_fetchinfo="${adb_fetch##*/} (${ssl_lib})"
 
+    # check hashsum utility
+    #
+    if [ ! -x "${adb_hashsum}" ]
+    then
+        adb_hashsum="$(command -v md5sum)"
+    fi
+
     # initialize temp files and directories
     #
     adb_tmpload="$(mktemp -tu)"
@@ -270,6 +261,52 @@ f_envcheck()
     > "${adb_tmpdir}/tmp.whitelist"
 }
 
+# f_extconf: set external config options
+#
+f_extconf()
+{
+    # kresd related options
+    #
+    if [ "${adb_dns}" = "kresd" ]
+    then
+        if [ ${adb_enabled} -eq 1 ] && [ -z "$(uci -q get resolver.kresd.rpz_file | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
+        then
+            uci -q add_list resolver.kresd.rpz_file="${adb_dnsdir}/${adb_dnsfile}"
+        elif [ ${adb_enabled} -eq 0 ] && [ -n "$(uci -q get resolver.kresd.rpz_file | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
+        then
+            uci -q del_list resolver.kresd.rpz_file="${adb_dnsdir}/${adb_dnsfile}"
+        fi
+        if [ -n "$(uci -q changes resolver)" ]
+        then
+            uci -q commit resolver
+        fi
+    fi
+
+    # firewall related options
+    #
+    if [ ${adb_enabled} -eq 1 ] && [ ${adb_forcedns} -eq 1 ] && [ -z "$(uci -q get firewall.adblock_dns)" ]
+    then
+        uci -q set firewall.adblock_dns="redirect"
+        uci -q set firewall.adblock_dns.name="Adblock DNS"
+        uci -q set firewall.adblock_dns.src="lan"
+        uci -q set firewall.adblock_dns.proto="tcp udp"
+        uci -q set firewall.adblock_dns.src_dport="53"
+        uci -q set firewall.adblock_dns.dest_port="53"
+        uci -q set firewall.adblock_dns.target="DNAT"
+    elif [ -n "$(uci -q get firewall.adblock_dns)" ] && ([ ${adb_enabled} -eq 0 ] || [ ${adb_forcedns} -eq 0 ])
+    then
+        uci -q delete firewall.adblock_dns
+    fi
+    if [ -n "$(uci -q changes firewall)" ]
+    then
+        uci -q commit firewall
+        if [ $(/etc/init.d/firewall enabled; printf "%u" ${?}) -eq 0 ]
+        then
+            /etc/init.d/firewall reload >/dev/null 2>&1
+        fi
+    fi
+}
+
 # f_rmtemp: remove temporary files & directories
 #
 f_rmtemp()
@@ -452,7 +489,7 @@ f_jsnupdate()
     if [ ${adb_rc} -gt 0 ]
     then
         status="error"
-    elif [ ${adb_enabled} -ne 1 ]
+    elif [ ${adb_enabled} -eq 0 ]
     then
         status="disabled"
     elif [ -s "${adb_dnsdir}/.${adb_dnsfile}" ]
@@ -544,7 +581,7 @@ f_main()
     local mem_total="$(awk '/^MemTotal/ {print int($2/1000)}' "/proc/meminfo")"
 
     f_log "info " "start adblock processing ..."
-    f_log "debug" "action: ${adb_action}, dns: ${adb_dns}, fetch: ${adb_fetchinfo}, backup: ${adb_backup}, backup_mode: ${adb_backup_mode}, whitelist_mode: ${adb_whitelist_mode}, force_srt/_dns: ${adb_forcesrt}/${adb_forcedns}, mem_total: ${mem_total}"
+    f_log "debug" "action: ${adb_action}, dns: ${adb_dns}, fetch: ${adb_fetchinfo}, hashsum: ${adb_hashsum}, backup: ${adb_backup}, backup_mode: ${adb_backup_mode}, whitelist_mode: ${adb_whitelist_mode}, force_srt/_dns: ${adb_forcesrt}/${adb_forcedns}, mem_total: ${mem_total}"
     > "${adb_rtfile}"
     > "${adb_dnsdir}/.${adb_dnsfile}"
 
@@ -681,9 +718,9 @@ f_main()
 
     # hash preparation, whitelist removal and overall sort
     #
-    if [ -f "${adb_dnsdir}/${adb_dnsfile}" ]
+    if [ -x "${adb_hashsum}" ] && [ -f "${adb_dnsdir}/${adb_dnsfile}" ]
     then
-        hash_old="$(sha256sum "${adb_dnsdir}/${adb_dnsfile}" 2>/dev/null | awk '{print $1}')"
+        hash_old="$(${adb_hashsum} "${adb_dnsdir}/${adb_dnsfile}" 2>/dev/null | awk '{print $1}')"
     fi
     if [ -s "${adb_tmpdir}/${adb_dnsfile}" ]
     then
@@ -700,7 +737,10 @@ f_main()
 
     # conditional restart of the dns backend and runtime information export
     #
-    hash_new="$(sha256sum "${adb_dnsdir}/${adb_dnsfile}" 2>/dev/null | awk '{print $1}')"
+    if [ -x "${adb_hashsum}" ] && [ -f "${adb_dnsdir}/${adb_dnsfile}" ]
+    then
+        hash_new="$(${adb_hashsum} "${adb_dnsdir}/${adb_dnsfile}" 2>/dev/null | awk '{print $1}')"
+    fi
     if [ -z "${hash_old}" ] || [ -z "${hash_new}" ] || [ "${hash_old}" != "${hash_new}" ]
     then
         f_dnsrestart