luci-app-https-dns-proxy: decrease reliance on shell commands; proper acl.d file... 4118/head
authorStan Grishin <stangri@melmac.net>
Sat, 30 May 2020 11:41:12 +0000 (11:41 +0000)
committerStan Grishin <stangri@melmac.net>
Sat, 30 May 2020 11:41:12 +0000 (11:41 +0000)
Signed-off-by: Stan Grishin <stangri@melmac.net>
applications/luci-app-https-dns-proxy/Makefile
applications/luci-app-https-dns-proxy/luasrc/https-dns-proxy/providers/com.cloudflare-dns.family.lua [new file with mode: 0644]
applications/luci-app-https-dns-proxy/luasrc/https-dns-proxy/providers/com.cloudflare-dns.lua
applications/luci-app-https-dns-proxy/luasrc/https-dns-proxy/providers/com.cloudflare-dns.security.lua [new file with mode: 0644]
applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua
applications/luci-app-https-dns-proxy/po/templates/https-dns-proxy.pot
applications/luci-app-https-dns-proxy/root/usr/share/rpcd/acl.d/luci-app-https-dns-proxy.json

index 6a1ac29841659fbfeec0004c9dcc8b1a13ef9981..e04e73208f6fe3347e46ee64bc20c9a563c6fded 100644 (file)
@@ -10,7 +10,7 @@ LUCI_TITLE:=DNS Over HTTPS Proxy Web UI
 LUCI_DESCRIPTION:=Provides Web UI for DNS Over HTTPS Proxy
 LUCI_DEPENDS:=+luci-compat +luci-mod-admin-full +https-dns-proxy
 LUCI_PKGARCH:=all
-PKG_RELEASE:=6
+PKG_RELEASE:=8
 
 include ../../luci.mk
 
diff --git a/applications/luci-app-https-dns-proxy/luasrc/https-dns-proxy/providers/com.cloudflare-dns.family.lua b/applications/luci-app-https-dns-proxy/luasrc/https-dns-proxy/providers/com.cloudflare-dns.family.lua
new file mode 100644 (file)
index 0000000..8bad0a0
--- /dev/null
@@ -0,0 +1,8 @@
+return {
+       name = "Cloudflare-Family",
+       label = _("Cloudflare (Family Protection)"),
+       resolver_url = "https://family.cloudflare-dns.com/dns-query",
+       bootstrap_dns = "1.1.1.3,1.0.0.3,2606:4700:4700::1113,2606:4700:4700::1003",
+       help_link = "https://one.one.one.one/family/",
+       help_link_text = "Cloudflare"
+}
index e8673d5d58f717cc87389abae3e8995981f36745..7e30c125c87dcf701867bb7566eace74a3cf18a6 100644 (file)
@@ -2,5 +2,7 @@ return {
        name = "Cloudflare",
        label = _("Cloudflare"),
        resolver_url = "https://cloudflare-dns.com/dns-query",
-       bootstrap_dns = "1.1.1.1,1.0.0.1"
+       bootstrap_dns = "1.1.1.1,1.0.0.1,2606:4700:4700::1111,2606:4700:4700::1001",
+       help_link = "https://one.one.one.one/family/",
+       help_link_text = "Cloudflare"
 }
diff --git a/applications/luci-app-https-dns-proxy/luasrc/https-dns-proxy/providers/com.cloudflare-dns.security.lua b/applications/luci-app-https-dns-proxy/luasrc/https-dns-proxy/providers/com.cloudflare-dns.security.lua
new file mode 100644 (file)
index 0000000..a862f43
--- /dev/null
@@ -0,0 +1,8 @@
+return {
+       name = "Cloudflare-Security",
+       label = _("Cloudflare (Security Protection)"),
+       resolver_url = "https://security.cloudflare-dns.com/dns-query",
+       bootstrap_dns = "1.1.1.1,1.0.0.1,2606:4700:4700::1111,2606:4700:4700::1001",
+       help_link = "https://one.one.one.one/family/",
+       help_link_text = "Cloudflare"
+}
index c57de38724c03ce0f69ec0d60f3dd161f4772a81..a1da93b2f24ecf906d58ca588fa38fe7b9795edd 100644 (file)
@@ -9,7 +9,21 @@ local packageName = "https-dns-proxy"
 local providers_dir = "/usr/lib/lua/luci/" .. packageName .. "/providers/"
 local helperText = ""
 
-function create_helper_text()
+function getPackageVersion()
+       local opkgFile = "/usr/lib/opkg/status"
+       local line
+       local flag = false
+       for line in io.lines(opkgFile) do
+               if flag then
+                       return line:match('[%d%.$-]+') or ""
+               elseif line:find("Package: " .. packageName:gsub("%-", "%%%-")) then
+                       flag = true
+               end
+       end
+       return ""
+end
+
+function createHelperText()
        local initText = "<br />" .. translate("For more information on different options check") .. " "
        for filename in fs.dir(providers_dir) do
                local p_func = loadfile(providers_dir .. filename)
@@ -25,7 +39,7 @@ function create_helper_text()
                                else
                                        helperText = helperText .. ", "
                                end
-                               helperText = helperText .. [[<a href="]] .. url .. [[">]] .. domain .. [[</a>]]
+                               helperText = helperText .. [[<a href="]] .. url .. [[" target="_blank">]] .. domain .. [[</a>]]
                        end
                end
        end
@@ -35,7 +49,7 @@ function create_helper_text()
        end
 end
 
-function get_provider_name(value)
+function getProviderName(value)
        for filename in fs.dir(providers_dir) do
                local p_func = loadfile(providers_dir .. filename)
                setfenv(p_func, { _ = i18n.translate })
@@ -51,7 +65,7 @@ end
 
 local packageStatus, packageStatusCode
 local ubusStatus = util.ubus("service", "list", { name = packageName })
-local packageVersion = tostring(util.trim(sys.exec("opkg list-installed " .. packageName .. " | awk '{print $3}'"))) or ""
+local packageVersion = getPackageVersion()
 
 if packageVersion == "" then
        packageStatusCode = -1
@@ -81,7 +95,7 @@ else
                                end
                                la = la or "127.0.0.1"
                                lp = lp or n + 5053
-                               packageStatus = packageStatus .. translatef("Running: %s DoH at %s:%s", get_provider_name(url), la, lp) .. "\n"
+                               packageStatus = packageStatus .. translatef("Running: %s DoH at %s:%s", getProviderName(url), la, lp) .. "\n"
                        else
                                break
                        end
@@ -108,7 +122,7 @@ else
        buttons.template = packageName .. "/buttons"
 end
 
-create_helper_text()
+createHelperText()
 s3 = m:section(TypedSection, "https-dns-proxy", translate("Instances"), 
        translatef("When you add/remove any instances below, they will be used to override the 'DNS forwardings' section of %sDHCP and DNS%s.", "<a href=\"" .. dispatcher.build_url("admin/network/dhcp") .. "\">", "</a>") .. helperText)
 s3.template = "cbi/tblsection"
index f4dde25764cb5a7b79d36f5e147cb9aba5aead76..a9694e59134c5c85878570a10823304fd20c7602 100644 (file)
@@ -1,7 +1,7 @@
 msgid ""
 msgstr "Content-Type: text/plain; charset=UTF-8"
 
-#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:58
+#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:72
 msgid "%s is not installed or not found"
 msgstr ""
 
@@ -41,11 +41,19 @@ msgstr ""
 msgid "Cloudflare"
 msgstr ""
 
+#: applications/luci-app-https-dns-proxy/luasrc/https-dns-proxy/providers/com.cloudflare-dns.family.lua:3
+msgid "Cloudflare (Family Protection)"
+msgstr ""
+
+#: applications/luci-app-https-dns-proxy/luasrc/https-dns-proxy/providers/com.cloudflare-dns.security.lua:3
+msgid "Cloudflare (Security Protection)"
+msgstr ""
+
 #: applications/luci-app-https-dns-proxy/luasrc/controller/https-dns-proxy.lua:4
 msgid "DNS HTTPS Proxy"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:92
+#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:106
 msgid "DNS HTTPS Proxy Settings"
 msgstr ""
 
@@ -61,7 +69,7 @@ msgstr ""
 msgid "Disable"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:163
+#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:177
 msgid "EDNS client subnet"
 msgstr ""
 
@@ -69,7 +77,7 @@ msgstr ""
 msgid "Enable"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:13
+#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:27
 msgid "For more information on different options check"
 msgstr ""
 
@@ -77,7 +85,7 @@ msgstr ""
 msgid "Google"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:112
+#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:126
 msgid "Instances"
 msgstr ""
 
@@ -89,11 +97,11 @@ msgstr ""
 msgid "LibreDNS (No Ads)"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:146
+#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:160
 msgid "Listen address"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:159
+#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:173
 msgid "Listen port"
 msgstr ""
 
@@ -105,7 +113,7 @@ msgstr ""
 msgid "ODVR (nic.cz)"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:166
+#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:180
 msgid "Proxy server"
 msgstr ""
 
@@ -129,19 +137,19 @@ msgstr ""
 msgid "Reload"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:119
+#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:133
 msgid "Resolver"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:84
+#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:98
 msgid "Running: %s DoH at %s:%s"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:96
+#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:110
 msgid "Service Status"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:94
+#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:108
 msgid "Service Status [%s %s]"
 msgstr ""
 
@@ -153,25 +161,25 @@ msgstr ""
 msgid "Stop"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:62
+#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:76
 msgid "Stopped"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:49
+#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:63
 msgid "Unknown Provider"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:113
+#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:127
 msgid ""
 "When you add/remove any instances below, they will be used to override the "
 "'DNS forwardings' section of %sDHCP and DNS%s."
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:34
+#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:48
 msgid "and"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:64
+#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:78
 msgid "disabled"
 msgstr ""
 
index 0886cc885a643dc0f38d1bc4737a84042cc3d167..bcd4c5fd7d09ff2e9576a4e3ab333fe0f7ef6e0b 100644 (file)
@@ -1,11 +1,32 @@
 {
        "luci-app-https-dns-proxy": {
-               "description": "Grant UCI access for luci-app-https-dns-proxy",
+               "description": "Grant UCI and file access for luci-app-https-dns-proxy",
                "read": {
-                       "uci": [ "https-dns-proxy" ]
+                       "cgi-io": [
+                               "exec"
+                       ],
+                       "file": {
+                               "/usr/lib/opkg/status": [
+                                       "read"
+                               ],
+                               "/usr/lib/lua/luci/https-dns-proxy/providers/*": [
+                                       "read"
+                               ],
+                               "/etc/init.d/dnsmasq *": [
+                                       "exec"
+                               ],
+                               "/etc/init.d/https-dns-proxy *": [
+                                       "exec"
+                               ]
+                       },
+                       "uci": [
+                               "https-dns-proxy"
+                       ]
                },
                "write": {
-                       "uci": [ "https-dns-proxy" ]
+                       "uci": [
+                               "https-dns-proxy"
+                       ]
                }
        }
 }