From eaf522532324f9155d2d038e27006e5caaf9874a Mon Sep 17 00:00:00 2001 From: Rosen Penev Date: Fri, 21 Feb 2020 15:26:34 -0800 Subject: [PATCH] stubby: makefile and init script cleanup Reordered Makefile according to https://github.com/openwrt/packages/pull/9399#issuecomment-508727872 . Added PKG_BUILD_PARALLEL for faster compilation. Remove duplicated conffiles section. Install /etc/config/stubby using INSTALL_CONF, as is done elsewhere Run init script through shellcheck and clean it up. Added chmod for the stubby config file, to fix a LuCI issue. Signed-off-by: Rosen Penev --- net/stubby/Makefile | 44 ++++++++++------------ net/stubby/files/stubby.init | 71 ++++++++++++++++++------------------ 2 files changed, 55 insertions(+), 60 deletions(-) diff --git a/net/stubby/Makefile b/net/stubby/Makefile index 97a17ae61..ca3b16472 100644 --- a/net/stubby/Makefile +++ b/net/stubby/Makefile @@ -6,46 +6,46 @@ include $(TOPDIR)/rules.mk PKG_NAME:=stubby PKG_VERSION:=0.2.6 -PKG_RELEASE:=2 - -PKG_LICENSE:=BSD-3-Clause -PKG_LICENSE_FILES:=COPYING -PKG_MAINTAINER:=Jonathan Underwood +PKG_RELEASE:=3 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL:=https://github.com/getdnsapi/$(PKG_NAME) PKG_SOURCE_VERSION:=v$(PKG_VERSION) PKG_MIRROR_HASH:=af896c471ac67b31c2263d11fcdfcdb32a213621c2f8789f4b0a4ceca4437108 -PKG_FIXUP:=autoreconf +PKG_MAINTAINER:=Jonathan Underwood +PKG_LICENSE:=BSD-3-Clause +PKG_LICENSE_FILES:=COPYING +PKG_FIXUP:=autoreconf PKG_INSTALL:=1 +PKG_BUILD_PARALLEL:=1 include $(INCLUDE_DIR)/package.mk define Package/stubby/Default - TITLE:=stubby - URL:=https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Daemon+-+Stubby + TITLE:=stubby + URL:=https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Daemon+-+Stubby endef define Package/stubby - $(call Package/stubby/Default) - SECTION:=net - CATEGORY:=Network - SUBMENU:=IP Addresses and Names - TITLE+= - (daemon that uses getdns) - USERID:=stubby=410:stubby=410 - DEPENDS:= +libyaml +getdns +ca-certs + $(call Package/stubby/Default) + SECTION:=net + CATEGORY:=Network + SUBMENU:=IP Addresses and Names + TITLE+= - (daemon that uses getdns) + USERID:=stubby=410:stubby=410 + DEPENDS:= +libyaml +getdns +ca-certs endef define Package/stubby/description - This package contains the Stubby daemon (which utilizes the getdns library). - - See https://github.com/openwrt/packages/blob/master/net/stubby/files/README.md for more details. + This package contains the Stubby daemon (which utilizes the getdns library). + See https://github.com/openwrt/packages/blob/master/net/stubby/files/README.md for more details. endef define Package/stubby/conffiles /etc/stubby/stubby.yml +/etc/config/stubby endef define Package/stubby/install @@ -57,13 +57,7 @@ define Package/stubby/install $(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/stubby/stubby.yml $(1)/etc/stubby/stubby.yml.default $(INSTALL_DATA) ./files/stubby.yml $(1)/etc/stubby/stubby.yml $(INSTALL_DIR) $(1)/etc/config - $(INSTALL_DATA) ./files/stubby.conf $(1)/etc/config/stubby -endef - - -define Package/stubby/conffiles - /etc/stubby/stubby.yml - /etc/config/stubby + $(INSTALL_CONF) ./files/stubby.conf $(1)/etc/config/stubby endef $(eval $(call BuildPackage,stubby)) diff --git a/net/stubby/files/stubby.init b/net/stubby/files/stubby.init index cf051a140..2f9d73102 100755 --- a/net/stubby/files/stubby.init +++ b/net/stubby/files/stubby.init @@ -44,77 +44,77 @@ generate_config() local tls_max_version # Generate configuration. See: https://github.com/getdnsapi/stubby/blob/develop/stubby.yml.example - echo "# Autogenerated configuration from uci data" > "$config_file" - echo "resolution_type: GETDNS_RESOLUTION_STUB" >> "$config_file" + echo "# Autogenerated configuration from uci data" + echo "resolution_type: GETDNS_RESOLUTION_STUB" config_get round_robin "global" round_robin_upstreams "1" - echo "round_robin_upstreams: $round_robin" >> "$config_file" + echo "round_robin_upstreams: $round_robin" config_get appdata_dir "global" appdata_dir "/var/lib/stubby" - echo "appdata_dir: \"$appdata_dir\"" >> "$config_file" + echo "appdata_dir: \"$appdata_dir\"" config_get trust_anchors_backoff_time "global" trust_anchors_backoff_time "2500" - echo "trust_anchors_backoff_time: $trust_anchors_backoff_time" >> "$config_file" + echo "trust_anchors_backoff_time: $trust_anchors_backoff_time" config_get tls_connection_retries "global" tls_connection_retries "" if [ -n "$tls_connection_retries" ]; then - echo "tls_connection_retries: $tls_connection_retries" >> "$config_file" + echo "tls_connection_retries: $tls_connection_retries" fi config_get tls_backoff_time "global" tls_backoff_time "" if [ -n "$tls_backoff_time" ]; then - echo "tls_backoff_time: $tls_backoff_time" >> "$config_file" + echo "tls_backoff_time: $tls_backoff_time" fi config_get timeout "global" timeout "" if [ -n "$timeout" ]; then - echo "timeout: $timeout" >> "$config_file" + echo "timeout: $timeout" fi config_get_bool tls_authentication "global" tls_authentication "1" if [ "$tls_authentication" = "1" ]; then - echo "tls_authentication: GETDNS_AUTHENTICATION_REQUIRED" >> "$config_file" + echo "tls_authentication: GETDNS_AUTHENTICATION_REQUIRED" else - echo "tls_authentication: GETDNS_AUTHENTICATION_NONE" >> "$config_file" + echo "tls_authentication: GETDNS_AUTHENTICATION_NONE" fi config_get_bool dnssec_return_status "global" dnssec_return_status "0" if [ "$dnssec_return_status" = "1" ]; then - echo "dnssec_return_status: GETDNS_EXTENSION_TRUE" >> "$config_file" + echo "dnssec_return_status: GETDNS_EXTENSION_TRUE" fi config_get dnssec_trust_anchors "global" dnssec_trust_anchors "" if [ -n "$dnssec_trust_anchors" ]; then - echo "dnssec_trust_anchors: \"$dnssec_trust_anchors\"" >> "$config_file" + echo "dnssec_trust_anchors: \"$dnssec_trust_anchors\"" fi config_get tls_query_padding_blocksize "global" tls_query_padding_blocksize "128" - echo "tls_query_padding_blocksize: $tls_query_padding_blocksize" >> "$config_file" + echo "tls_query_padding_blocksize: $tls_query_padding_blocksize" config_get_bool edns_client_subnet_private "global" edns_client_subnet_private "1" - echo "edns_client_subnet_private: $edns_client_subnet_private" >> "$config_file" + echo "edns_client_subnet_private: $edns_client_subnet_private" config_get idle_timeout "global" idle_timeout "10000" - echo "idle_timeout: $idle_timeout" >> "$config_file" + echo "idle_timeout: $idle_timeout" config_get tls_cipher_list "global" tls_cipher_list "" if [ -n "$tls_cipher_list" ]; then - echo "tls_cipher_list: \"$tls_cipher_list\"" >> "$config_file" + echo "tls_cipher_list: \"$tls_cipher_list\"" fi config_get tls_ciphersuites "global" tls_ciphersuites "" if [ -n "$tls_ciphersuites" ]; then - echo "tls_ciphersuites: \"$tls_ciphersuites\"" >> "$config_file" + echo "tls_ciphersuites: \"$tls_ciphersuites\"" fi config_get tls_min_version "global" tls_min_version "" if [ -n "$tls_min_version" ]; then - echo "tls_min_version: GETDNS_TLS${tls_min_version/\./_}" >> "$config_file" + echo "tls_min_version: GETDNS_TLS${tls_min_version/\./_}" fi config_get tls_max_version "global" tls_max_version "" if [ -n "$tls_max_version" ]; then - echo "tls_max_version: GETDNS_TLS${tls_max_version/\./_}" >> "$config_file" + echo "tls_max_version: GETDNS_TLS${tls_max_version/\./_}" fi handle_listen_address_value() @@ -122,10 +122,10 @@ generate_config() local value="$1" if [ "$listen_addresses_section" = 0 ]; then - echo "listen_addresses:" >> "$config_file" + echo "listen_addresses:" listen_addresses_section=1 fi - echo " - $value" >> "$config_file" + echo " - $value" } config_list_foreach "global" listen_address handle_listen_address_value @@ -134,10 +134,10 @@ generate_config() local value="$1" if [ "$dns_transport_list_section" = 0 ]; then - echo "dns_transport_list:" >> "$config_file" + echo "dns_transport_list:" dns_transport_list_section=1 fi - echo " - $value" >> "$config_file" + echo " - $value" } config_list_foreach "global" dns_transport handle_dns_transport_list_value @@ -154,38 +154,38 @@ generate_config() local tls_max_version if [ "$upstream_recursive_servers_section" = 0 ]; then - echo "upstream_recursive_servers:" >> "$config_file" + echo "upstream_recursive_servers:" upstream_recursive_servers_section=1 fi config_get address "$config" address - echo " - address_data: $address" >> "$config_file" + echo " - address_data: $address" config_get tls_auth_name "$config" tls_auth_name - echo " tls_auth_name: \"$tls_auth_name\"" >> "$config_file" + echo " tls_auth_name: \"$tls_auth_name\"" config_get tls_auth_port "$config" tls_port "" if [ -n "$tls_port" ]; then - echo " tls_port: $tls_port" >> "$config_file" + echo " tls_port: $tls_port" fi config_get tls_cipher_list "$config" tls_cipher_list "" if [ -n "$tls_cipher_list" ]; then - echo " tls_cipher_list: \"$tls_cipher_list\"" >> "$config_file" + echo " tls_cipher_list: \"$tls_cipher_list\"" fi config_get tls_ciphersuites "$config" tls_ciphersuites "" if [ -n "$tls_ciphersuites" ]; then - echo " tls_ciphersuites: \"$tls_ciphersuites\"" >> "$config_file" + echo " tls_ciphersuites: \"$tls_ciphersuites\"" fi config_get tls_min_version "$config" tls_min_version "" if [ -n "$tls_min_version" ]; then - echo " tls_min_version: GETDNS_TLS${tls_min_version/\./_}" >> "$config_file" + echo " tls_min_version: GETDNS_TLS${tls_min_version/\./_}" fi config_get tls_max_version "$config" tls_max_version "" if [ -n "$tls_max_version" ]; then - echo " tls_max_version: GETDNS_TLS${tls_max_version/\./_}" >> "$config_file" + echo " tls_max_version: GETDNS_TLS${tls_max_version/\./_}" fi handle_resolver_spki() @@ -195,17 +195,17 @@ generate_config() local value="${val#*/}" if [ "$tls_pubkey_pinset_section" = 0 ]; then - echo " tls_pubkey_pinset:" >> "$config_file" + echo " tls_pubkey_pinset:" tls_pubkey_pinset_section=1 fi - echo " - digest: \"$digest\"" >> "$config_file" - echo " value: $value" >> "$config_file" + echo " - digest: \"$digest\"" + echo " value: $value" } config_list_foreach "$config" spki handle_resolver_spki } config_foreach handle_resolver resolver -} +} > "$config_file" start_service() { local config_file_tmp @@ -226,6 +226,7 @@ start_service() { generate_config "$config_file_tmp" mv "$config_file_tmp" "$stubby_config" fi + chmod 0644 "$stubby_config" config_get command_line_arguments "global" command_line_arguments ""