adblock: release 1.3.0

* revised hotplug script * remove wget package dependency * support uclient-fetch or wget with ssl support * documentation update Signed-off-by: Dirk Brenken <dev@brenken.org>
2016-06-28 21:22:44 +02:00 · 2016-06-28 21:22:44 +02:00 · f96f354ad1
parent fbd4a7c746
commit f96f354ad1
5 changed files with 102 additions and 64 deletions
--- a/net/adblock/Makefile
+++ b/net/adblock/Makefile
@ -7,7 +7,7 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=adblock
-PKG_VERSION:=1.2.8
+PKG_VERSION:=1.3.0
 PKG_RELEASE:=1
 PKG_LICENSE:=GPL-3.0+
 PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org>
@ -18,7 +18,6 @@ define Package/$(PKG_NAME)
 	SECTION:=net
 	CATEGORY:=Network
 	TITLE:=Powerful adblock script to block ad/abuse domains
-	DEPENDS:=+wget
 	PKGARCH:=all
 endef

--- a/net/adblock/files/README.md
+++ b/net/adblock/files/README.md
@ -69,7 +69,7 @@ A lot of people already use adblocker plugins within their desktop browsers, but
 * [LEDE project](https://www.lede-project.org), tested with trunk > r98
 * usual setup with enabled 'iptables', 'dnsmasq' and 'uhttpd' - dump AP modes without these basics are _not_ supported!
 * additional required software packages:
-    * wget
+    * a download utility: 'uclient-fetch' and 'wget' (full versions with ssl support) are supported. Normally you should use 'wget', it's quite stable and supports the online timestamp checks. If you need a smaller memory footprint try 'uclient-fetch' without openssl dependency. The default ustream ssl backend 'libustream-polarssl' has issues with certain https sites and is currently not supported. To change the ssl backend see example below.
    * optional: 'kmod-ipt-nat6' for IPv6 support
 * the above dependencies and requirements will be checked during package installation & script runtime

@ -123,6 +123,13 @@ A lot of people already use adblocker plugins within their desktop browsers, but

 ## Examples

+**example to change the ssl backend for 'uclient-fetch':**
+<pre><code>
+opkg update
+opkg remove --force-depends libustream-polarssl
+opkg install libustream-mbedtls
+</code></pre>
+  
 **example cronjob for a regular block list update:**
 <pre><code>
 # configuration found in /etc/crontabs/root
--- a/net/adblock/files/adblock-helper.sh
+++ b/net/adblock/files/adblock-helper.sh
@ -21,7 +21,6 @@ adb_minspace=12000
 adb_forcedns=1
 adb_fetchttl=5
 adb_restricted=0
-adb_fetch="$(which wget)"
 adb_uci="$(which uci)"
 unset adb_revsrclist

@ -135,7 +134,7 @@ f_envcheck()
        f_exit
    elif [ "${adb_cfgver#*.}" != "${adb_mincfgver#*.}" ]
    then
-        outdate_ok="true"
+        outdated_ok="true"
    fi
    if [ "${adb_enabled}" != "1" ]
    then
@ -212,13 +211,76 @@ f_envcheck()
        fi
    fi

+    # check general package dependencies
+    #
+    f_depend "busybox"
+    f_depend "uci"
+    f_depend "uhttpd"
+    f_depend "iptables"
+    f_depend "kmod-ipt-nat"
+
+    # check ipv6 related package dependencies
+    #
+    if [ -n "${adb_wanif6}" ]
+    then
+        f_depend "ip6tables" "true"
+        if [ "${package_ok}" = "false" ]
+        then
+            f_log "package 'ip6tables' not found, IPv6 support will be disabled"
+            unset adb_wanif6
+        else
+            f_depend "kmod-ipt-nat6" "true"
+            if [ "${package_ok}" = "false" ]
+            then
+                f_log "package 'kmod-ipt-nat6' not found, IPv6 support will be disabled"
+                unset adb_wanif6
+            fi
+        fi
+    fi
+
+    # check uclient-fetch/wget dependencies
+    #
+    f_depend "uclient-fetch" "true"
+    if [ "${package_ok}" = "true" ]
+    then
+        f_depend "libustream-polarssl" "true"
+        if [ "${package_ok}" = "false" ]
+        then
+            adb_fetch="$(which uclient-fetch)"
+            fetch_parm="-q --timeout=${adb_fetchttl}"
+            response_parm="--spider"
+        fi
+    fi
+    if [ -z "${adb_fetch}" ]
+    then
+        f_depend "wget" "true"
+        if [ "${package_ok}" = "true" ]
+        then
+            adb_fetch="$(which wget)"
+            fetch_parm="--no-config --quiet --tries=1 --no-cache --no-cookies --max-redirect=0 --dns-timeout=${adb_fetchttl} --connect-timeout=${adb_fetchttl} --read-timeout=${adb_fetchttl}"
+            response_parm="--spider --server-response"
+        else
+            rc=-1
+            f_log "please install 'uclient-fetch' or 'wget' with ssl support to use adblock"
+            f_exit
+        fi
+    fi
+
+    # check ca-certificate package and set fetch parm accordingly
+    #
+    f_depend "ca-certificates" "true"
+    if [ "${package_ok}" = "false" ]
+    then
+        fetch_parm="${fetch_parm} --no-check-certificate"
+    fi
+
    # start normal processing/logging
    #
    f_log "domain adblock processing started (${adb_scriptver}, ${adb_sysver}, $(/bin/date "+%d.%m.%Y %H:%M:%S"))"

    # log partially outdated config
    #
-    if [ "${outdate_ok}" = "true" ]
+    if [ "${outdated_ok}" = "true" ]
    then
        f_log "partially outdated adblock config (${adb_mincfgver} vs. ${adb_cfgver}), please run '/etc/init.d/adblock cfgup' to update your configuration"
    fi
@ -237,34 +299,6 @@ f_envcheck()
        f_log "Restricted mode enabled"
    fi

-    # check general package dependencies
-    #
-    f_depend "busybox"
-    f_depend "uci"
-    f_depend "uhttpd"
-    f_depend "wget"
-    f_depend "iptables"
-    f_depend "kmod-ipt-nat"
-
-    # check ipv6 related package dependencies
-    #
-    if [ -n "${adb_wanif6}" ]
-    then
-        check="$(printf "${pkg_list}" | grep "^ip6tables -")"
-        if [ -z "${check}" ]
-        then
-            f_log "package 'ip6tables' not found, IPv6 support will be disabled"
-            unset adb_wanif6
-        else
-            check="$(printf "${pkg_list}" | grep "^kmod-ipt-nat6 -")"
-            if [ -z "${check}" ]
-            then
-                f_log "package 'kmod-ipt-nat6' not found, IPv6 support will be disabled"
-                unset adb_wanif6
-            fi
-        fi
-    fi
-
    # check dns hideout directory
    #
    if [ -d "${adb_dnshidedir}" ]
@ -274,15 +308,6 @@ f_envcheck()
        mkdir -p -m 660 "${adb_dnshidedir}"
    fi

-    # check ca-certificates package and set fetch parms accordingly
-    #
-    fetch_parm="--no-config --quiet --tries=1 --no-cache --no-cookies --max-redirect=0 --dns-timeout=${adb_fetchttl} --connect-timeout=${adb_fetchttl} --read-timeout=${adb_fetchttl}"
-    check="$(printf "${pkg_list}" | grep "^ca-certificates -")"
-    if [ -z "${check}" ]
-    then
-        fetch_parm="${fetch_parm} --no-check-certificate"
-    fi
-
    # check adblock temp directory
    #
    adb_tmpfile="$(mktemp -tu)"
@ -386,10 +411,9 @@ f_envcheck()
        f_firewall "IPv6" "nat" "PREROUTING" "adb-nat" "1" "nat" "-p tcp --dport 80 -j DNAT --to-destination [${adb_ipv6}]:${adb_nullport}"
        f_firewall "IPv6" "nat" "PREROUTING" "adb-nat" "2" "nat" "-p tcp --dport 443 -j DNAT --to-destination [${adb_ipv6}]:${adb_nullportssl}"
    fi
-    if [ "${fw_done}" = "true" ]
+    if [ "${firewall_ok}" = "true" ]
    then
        f_log "created volatile firewall rulesets"
-        fw_done="false"
    fi

    # check volatile uhttpd instance configuration
@ -409,10 +433,9 @@ f_envcheck()
            f_uhttpd "adbIPv6_80" "1" "-p [${adb_ipv6}]:${adb_nullport}"
            f_uhttpd "adbIPv6_443" "0" "-p [${adb_ipv6}]:${adb_nullportssl}"
        fi
-        if [ "${uhttpd_done}" = "true" ]
+        if [ "${uhttpd_ok}" = "true" ]
        then
            f_log "created volatile uhttpd instances"
-            uhttpd_done="false"
        fi
    fi

@ -434,11 +457,17 @@ f_depend()
 {
    local check
    local package="${1}"
+    local check_only="${2}"
+    package_ok="true"

    check="$(printf "${pkg_list}" | grep "^${package} -")"
-    if [ -z "${check}" ]
+    if [ "${check_only}" = "true" ] && [ -z "${check}" ]
    then
-        rc=115
+        package_ok="false"
+    elif [ -z "${check}" ]
+    then
+        rc=-1
+        package_ok="false"
        f_log "package '${package}' not found"
        f_exit
    fi
@ -457,6 +486,7 @@ f_firewall()
    local chpos="${5}"
    local notes="adb-${6}"
    local rules="${7}"
+    firewall_ok="true"

    # select appropriate iptables executable for IPv6
    #
@ -494,10 +524,9 @@ f_firewall()
    then
        "${ipt}" -w -t "${table}" -I "${chain}" "${chpos}" -m comment --comment "${notes}" ${rules}
        rc=${?}
-        if [ $((rc)) -eq 0 ]
+        if [ $((rc)) -ne 0 ]
        then
-            fw_done="true"
-        else
+            firewall_ok="false"
            f_log "failed to initialize volatile ${proto} firewall rule '${notes}'"
            f_exit
        fi
@ -511,12 +540,13 @@ f_uhttpd()
    local realm="${1}"
    local timeout="${2}"
    local ports="${3}"
+    uhttpd_ok="true"
+
    uhttpd -h "/www/adblock" -N 25 -T "${timeout}" -r "${realm}" -k 0 -t 0 -R -D -S -E "/index.html" ${ports}
    rc=${?}
-    if [ $((rc)) -eq 0 ]
+    if [ $((rc)) -ne 0 ]
    then
-        uhttpd_done="true"
-    else
+        uhttpd_ok="false"
        f_log "failed to initialize volatile uhttpd instance (${realm})"
        f_exit
    fi
@ -527,6 +557,7 @@ f_uhttpd()
 f_space()
 {
    local mp="${1}"
+    space_ok="true"

    if [ -d "${mp}" ]
    then
@ -535,6 +566,8 @@ f_space()
        then
            space_ok="false"
        fi
+    else
+        space_ok="false"
    fi
 }

--- a/net/adblock/files/adblock-update.sh
+++ b/net/adblock/files/adblock-update.sh
@ -10,7 +10,7 @@
 #
 adb_pid="${$}"
 adb_pidfile="/var/run/adblock.pid"
-adb_scriptver="1.2.8"
+adb_scriptver="1.3.0"
 adb_mincfgver="2.2"
 adb_scriptdir="${0%/*}"
 if [ -r "${adb_pidfile}" ]
@ -85,7 +85,7 @@ do
    then
        url_time="$(date -r "${url}")"
    else
-        url_time="$(${adb_fetch} ${fetch_parm} --server-response --spider "${url}" 2>&1 | awk '$0 ~ /Last-Modified/ {printf substr($0,18)}')"
+        url_time="$(${adb_fetch} ${fetch_parm} ${response_parm} "${url}" 2>&1 | awk '$0 ~ /Last-Modified/ {printf substr($0,18)}')"
    fi
    if [ -z "${url_time}" ]
    then
@ -102,7 +102,7 @@ do
        then
            shalla_archive="${adb_tmpdir}/shallalist.tar.gz"
            shalla_file="${adb_tmpdir}/shallalist.txt"
-            "${adb_fetch}" ${fetch_parm} --output-document="${shalla_archive}" "${url}"
+            "${adb_fetch}" ${fetch_parm} -O "${shalla_archive}" "${url}"
            rc=${?}
            if [ $((rc)) -eq 0 ]
            then
@ -123,7 +123,7 @@ do
                rm -f "${shalla_file}"
            fi
        else
-            tmp_domains="$(${adb_fetch} ${fetch_parm} --output-document=- "${url}")"
+            tmp_domains="$(${adb_fetch} ${fetch_parm} -O- "${url}")"
        fi
        rc=${?}
    else
--- a/net/adblock/files/adblock.hotplug
+++ b/net/adblock/files/adblock.hotplug
@ -2,20 +2,19 @@
 #

 adb_pid="${$}"
+adb_helper="/usr/bin/adblock-helper.sh"
 adb_pidfile="/var/run/adblock.pid"
-adb_logger="/usr/bin/logger"

 if [ -f "${adb_pidfile}" ] || [ "${ACTION}" != "ifup" ]
 then
    exit 0
 fi

-. /lib/functions/network.sh
-network_find_wan adb_wanif4
-network_find_wan6 adb_wanif6
+. "${adb_helper}"
+f_envload

 if [ "${INTERFACE}" = "${adb_wanif4}" ] || [ "${INTERFACE}" = "${adb_wanif6}" ]
 then
    /etc/init.d/adblock start
-    "${adb_logger}" -t "adblock[${adb_pid}] info " "adblock service started due to '${ACTION}' of '${INTERFACE}' interface"
+    f_log "adblock service started due to '${ACTION}' of '${INTERFACE}' interface"
 fi