From 3b94eef9905e9b8daecefce076e86388610380c6 Mon Sep 17 00:00:00 2001 From: Franco Fichtner Date: Wed, 29 Mar 2023 09:07:36 +0200 Subject: [PATCH] dns/dnscrypt-proxy: change this like bind All DNS ports that listen on localhost for both IPv4 and IPv6 are reported to the service framework to be picked up by the core in search of a DNS service to use. --- dns/dnscrypt-proxy/Makefile | 3 +-- dns/dnscrypt-proxy/pkg-descr | 4 ++++ .../src/etc/inc/plugins.inc.d/dnscryptproxy.inc | 17 ++++++++++++++--- 3 files changed, 19 insertions(+), 5 deletions(-) diff --git a/dns/dnscrypt-proxy/Makefile b/dns/dnscrypt-proxy/Makefile index 630f1aef2..39d70dd46 100644 --- a/dns/dnscrypt-proxy/Makefile +++ b/dns/dnscrypt-proxy/Makefile @@ -1,6 +1,5 @@ PLUGIN_NAME= dnscrypt-proxy -PLUGIN_VERSION= 1.12 -PLUGIN_REVISION= 2 +PLUGIN_VERSION= 1.13 PLUGIN_COMMENT= Flexible DNS proxy supporting DNSCrypt and DoH PLUGIN_DEPENDS= dnscrypt-proxy2 PLUGIN_MAINTAINER= m.muenz@gmail.com diff --git a/dns/dnscrypt-proxy/pkg-descr b/dns/dnscrypt-proxy/pkg-descr index 0be7fb48e..14035109a 100644 --- a/dns/dnscrypt-proxy/pkg-descr +++ b/dns/dnscrypt-proxy/pkg-descr @@ -5,6 +5,10 @@ such as DNSCrypt v2 and DNS-over-HTTPS. Plugin Changelog ================ +1.13 + +* Add necessary hooks to allow the plugin to be used as a standalone core DNS server + 1.12 * Support specifying relays for anonymous DNS diff --git a/dns/dnscrypt-proxy/src/etc/inc/plugins.inc.d/dnscryptproxy.inc b/dns/dnscrypt-proxy/src/etc/inc/plugins.inc.d/dnscryptproxy.inc index 070b46289..e022baec1 100644 --- a/dns/dnscrypt-proxy/src/etc/inc/plugins.inc.d/dnscryptproxy.inc +++ b/dns/dnscrypt-proxy/src/etc/inc/plugins.inc.d/dnscryptproxy.inc @@ -50,13 +50,25 @@ function dnscryptproxy_services() $model = new \OPNsense\Dnscryptproxy\General(); $ports = []; + /* + * DNS service is eligable for core use when both 127.0.0.1 and ::1 are set. + * In order to provide dual stack ports we need to intersect the resulting + * ports for each address family. + */ + $localhost4 = []; + $localhost6 = []; + foreach (explode(',', (string)$model->listen_addresses) as $addrport) { - if (preg_match('/^(\[.+\]|[\d\.]+):([\d]+)$/', $addrport, $matches)) { - $ports[$matches[2]] = 1; + if (preg_match('/^127\.0\.0\.1:([\d]+)$/', $addrport, $matches)) { + $localhost4[$matches[1]] = 1; + } elseif (preg_match('/^\[::1\]:([\d]+)$/', $addrport, $matches)) { + $localhost6[$matches[1]] = 1; } } $services[] = [ + /* the port may still be something other than 53, but it's safe to register a conflict for it */ + 'ports' => array_keys(array_intersect_key($localhost4, $localhost6)), 'description' => gettext('DNSCrypt-Proxy'), 'configd' => [ 'restart' => ['dnscryptproxy restart'], @@ -64,7 +76,6 @@ function dnscryptproxy_services() 'stop' => ['dnscryptproxy stop'], ], 'pid' => '/var/run/dnscrypt-proxy.pid', - 'ports' => array_keys($ports), 'name' => 'dnscrypt-proxy', ];