From patchwork Fri Jul 11 10:08:53 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Frank Lichtenheld X-Patchwork-Id: 4301 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:3846:b0:671:5a2c:6455 with SMTP id n6csp9634403mal; Fri, 11 Jul 2025 03:18:05 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCXNqxD1AoASKAhZlslh1GRCupqsObnvtiRUkVCl5iHIkohKN72mc5smoK4oXsIIxuYgnKu5ah/u3X4=@openvpn.net X-Google-Smtp-Source: AGHT+IElmqsniJsLFI0LV+L3bw1C4ASKAPRQ4EWsUHMNXHRUiS5vg1wui5amNUGKP4ahbdD5SGKZ X-Received: by 2002:a05:6808:13d3:b0:401:ea99:537 with SMTP id 5614622812f47-4150de26f7emr1798519b6e.16.1752229085597; Fri, 11 Jul 2025 03:18:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1752229085; cv=none; d=google.com; s=arc-20240605; b=hhZGORRz0iovPRKjiAQcSHOEwQUYCuE0Plo3Y1A4KOL76TyQIM1WrVct5sJi0X6e9Y 6RGsnnl4pZ2L3dQkVlXVrCgXOrXVAGafgu1U3N8gwC4F9s8R2WL0TWv+YjSNcVPT4Fhi mjzpgK6TldfqUuLuAdwfSWLnEUZcQyqnWmuEFsny6Cfikeu5lOhyULHOMSRV3RXbW8fq jWe68Ic/Xwvh4j+PVzE7zFKs0678ApDNR3suRMfvb/zS93HL1ZGn1Y55w4bh/uB4zApK GM4+BU2RMG+gWHH/EOpBCf8P/05hM6fHl/W/Xpk6sI5KH84HLDr8qWd0QQCp5U3rL6Rr HTRA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature:dkim-signature:dkim-signature; bh=Rki/uPd33tbMEgCKqFSh649Mp5YHF2/YmP6TqaBMuM4=; fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=; b=HK+aalMZYg3vy2KL4sTSZdsQlRs/nCBdqYZKevDWr9nnycKq1qHZPv8uFKQ3vA17ly ccmYG6NPY5kf9X6as1aP2BgtakZxkJl/yAF3HN5PfMKL7PeReXrI6/+uGRel4AoNEnVO oO/9Wt7KhE9sEgj0+2wSbxIc5im6t/sDWcSxmK8o1XYVxS0jHqgOQrXe//R+DnhfypG9 QUFTGnVP9UMcl4ckyYWcKG2YS9OHfXp66yVNAM/pCQUZuoTwBRP/A6uoNyteBQ+DIa42 FOFJmWF0IXxadgPxrKNAv47p/w6hq25zV8Tv4hiK5/40o1KX+SizQBHRJ58C8+WwbNks J2mw==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=Gs4e7KuN; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b="eZ/GJW5v"; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=h+uumnbM; dkim=neutral (body hash did not verify) header.i=@lichtenheld.com header.s=MBO0001 header.b=qYnzSDTp; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id 5614622812f47-4141bbd925csi1715740b6e.142.2025.07.11.03.18.05 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 11 Jul 2025 03:18:05 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=Gs4e7KuN; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b="eZ/GJW5v"; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=h+uumnbM; dkim=neutral (body hash did not verify) header.i=@lichtenheld.com header.s=MBO0001 header.b=qYnzSDTp; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type: List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id: Subject:MIME-Version:References:In-Reply-To:Message-Id:Date:To:From:Sender: Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=Rki/uPd33tbMEgCKqFSh649Mp5YHF2/YmP6TqaBMuM4=; b=Gs4e7KuNEpv9M6doXnk6iXklcf KGCCv4Pl0hUtssYFSFR7WT/lvElFfLqe/zl5I+K+VHAFfeaXDa4pxvdi9Z//TumuBUaAXwD5ieHV8 gieInIbhABfQwZSyPorIfcmkjqI6KG6ehJIY26Ua6Rg8hOUm/j0wA/FS5JDeFrTW55zU=; Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1uaApN-00051s-0z; Fri, 11 Jul 2025 10:18:01 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1uaApJ-00051h-Or for openvpn-devel@lists.sourceforge.net; Fri, 11 Jul 2025 10:17:59 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=xHsx9UA9LnIVlpjdFTUlyw/ZeSfnWW8zMpPcci+sXm0=; b=eZ/GJW5vecpuIRMVCrgEkjRknb wW48tIDYnZwwX6fzbaMqbyPWq6891ZeouSf1Lt+s7O7DAa/BFFrm/26qO6Aiouhv4T9D3gj65Sdc0 rc0f/OW2WzbNc8k7ozzA5bOQkTNkjAfIy4EsvjgzSnQQ3dGAPwGgj6nEVgn6dX3Hr0gM=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=xHsx9UA9LnIVlpjdFTUlyw/ZeSfnWW8zMpPcci+sXm0=; b=h+uumnbMIgp7DmbOhqQ18pYlch qsao4pcAv7d38n1yD4bASnEk088FHhgFotDK2QDjlzAgmqHXfOLF7IYBOdETrI32hS/2QvLyvCpeY qYSjMpM7SC/8K1ERzxP3p0wFMU5c7pXtvC+sT/0aN0RiArv8f6kaDsJi/N/l9uxjjnmI=; Received: from mout-p-102.mailbox.org ([80.241.56.152]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1uaApI-0004ZP-NK for openvpn-devel@lists.sourceforge.net; Fri, 11 Jul 2025 10:17:57 +0000 Received: from smtp1.mailbox.org (smtp1.mailbox.org [IPv6:2001:67c:2050:b231:465::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mout-p-102.mailbox.org (Postfix) with ESMTPS id 4bdnVZ3sHfz9slT; Fri, 11 Jul 2025 12:08:54 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lichtenheld.com; s=MBO0001; t=1752228534; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=xHsx9UA9LnIVlpjdFTUlyw/ZeSfnWW8zMpPcci+sXm0=; b=qYnzSDTpiL7dGIp5JS7oWhe5B8oNvGKOj5yG2VcXSwqW/d0c+Zilgf3zbeeXiYp9izFo1I nlvC7HUcZdPgnUtRgHKYf0ioNR2OXJRdNfbWgkTpnxCBskkg2sUkpFGU1pMjxRRCwwFEGz NGg7n4NXXx+vrdqxlDZIECnWmEnj/bBWjrbTjvdZQX4/i8bUTinPHiEnK2GfSr330H9J5x lo1qV57L2LxYCJeIWxZXWv/laurBKYyN7ZGow/E6hA+TiEsLAKdK/TmNx8z0GI3jBcysaF vSRsuUFFTwLh8lWEL9GBQtyeaQ7R1EfOrlek4ywB96Q1wCiJXh4344QoueFk4g== Authentication-Results: outgoing_mbo_mout; dkim=none; spf=pass (outgoing_mbo_mout: domain of frank@lichtenheld.com designates 2001:67c:2050:b231:465::1 as permitted sender) smtp.mailfrom=frank@lichtenheld.com From: Frank Lichtenheld To: openvpn-devel@lists.sourceforge.net Date: Fri, 11 Jul 2025 12:08:53 +0200 Message-Id: <20250711100853.242102-1-frank@lichtenheld.com> In-Reply-To: References: MIME-Version: 1.0 X-Rspamd-Queue-Id: 4bdnVZ3sHfz9slT X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "sfi-spamd-2.hosts.colo.sdot.me", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Heiko Hund Change-Id: Id6f70237c7205063b001528a40391678b0d093ac Signed-off-by: Heiko Hund Acked-by: Frank Lichtenheld --- Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1uaApI-0004ZP-NK Subject: [Openvpn-devel] [PATCH v3] move macOS dns-updown common code into functions X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1837345365671573131?= X-GMAIL-MSGID: =?utf-8?q?1837345365671573131?= From: Heiko Hund Change-Id: Id6f70237c7205063b001528a40391678b0d093ac Signed-off-by: Heiko Hund Acked-by: Frank Lichtenheld --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1074 This mail reflects revision 3 of this Change. Acked-by according to Gerrit (reflected above): Frank Lichtenheld diff --git a/distro/dns-scripts/macos-dns-updown.sh b/distro/dns-scripts/macos-dns-updown.sh index f0640ee..56f1009 100644 --- a/distro/dns-scripts/macos-dns-updown.sh +++ b/distro/dns-scripts/macos-dns-updown.sh @@ -104,7 +104,7 @@ n=$((n+1)) done - return $n + echo $n } function get_search_domains { @@ -157,41 +157,23 @@ echo -e "${cmds}" | /usr/sbin/scutil } -function set_dns { - find_compat_profile - local n=$? - +function addresses_string { + local n=$1 local i=1 - local addrs="" + local addresses="" while :; do local addr_var=dns_server_${n}_address_${i} local addr="${!addr_var}" [ -n "$addr" ] || break - - local port_var=dns_server_${n}_port_${i} - if [ -n "${!port_var}" ]; then - if [[ "$addr" =~ : ]]; then - addr="[$addr]" - fi - addrs+="${addr}:${!port_var}${sni} " - else - addrs+="${addr}${sni} " - fi + addresses+="${addr} " i=$((i+1)) done + echo "$addresses" +} - i=1 - local match_domains="" - while :; do - domain_var=dns_server_${n}_resolve_domain_${i} - [ -n "${!domain_var}" ] || break - # Add as match domain, if it doesn't already exist - [[ "$match_domains" =~ (^| )${!domain_var}( |$) ]] \ - || match_domains+="${!domain_var} " - i=$((i+1)) - done - - i=1 +function search_domains_string { + local n=$1 + local i=1 local search_domains="" while :; do domain_var=dns_search_domain_${i} @@ -201,11 +183,34 @@ || search_domains+="${!domain_var} " i=$((i+1)) done + echo "$search_domains" +} + +function match_domains_string { + local n=$1 + local i=1 + local match_domains="" + while :; do + domain_var=dns_server_${n}_resolve_domain_${i} + [ -n "${!domain_var}" ] || break + # Add as match domain, if it doesn't already exist + [[ "$match_domains" =~ (^| )${!domain_var}( |$) ]] \ + || match_domains+="${!domain_var} " + i=$((i+1)) + done + echo "$match_domains" +} + +function set_dns { + local n="$(find_compat_profile)" + local addresses="$(addresses_string $n)" + local search_domains="$(search_domains_string $n)" + local match_domains="$(match_domains_string $n)" if [ -n "$match_domains" ]; then local cmds="" cmds+="d.init\n" - cmds+="d.add ServerAddresses * ${addrs}\n" + cmds+="d.add ServerAddresses * ${addresses}\n" cmds+="d.add SupplementalMatchDomains * ${match_domains}\n" cmds+="d.add SupplementalMatchDomainsNoSearch # 1\n" cmds+="add ${itf_dns_key}\n" @@ -222,7 +227,7 @@ cmds+="get $(primary_dns_key)\n" cmds+="set ${dns_backup_key}\n" cmds+="d.init\n" - cmds+="d.add ServerAddresses * ${addrs}\n" + cmds+="d.add ServerAddresses * ${addresses}\n" cmds+="d.add SearchDomains * ${search_domains}\n" cmds+="d.add SearchOrder # 5000\n" cmds+="set $(primary_dns_key)\n" @@ -233,22 +238,12 @@ } function unset_dns { - find_compat_profile - local n=$? + local n="$(find_compat_profile)" + local addresses="$(addresses_string $n)" + local search_domains="$(search_domains_string $n)" + local match_domains="$(match_domains_string $n)" - local i=1 - local search_domains="" - while :; do - domain_var=dns_search_domain_${i} - [ -n "${!domain_var}" ] || break - # Add as search domain, if it doesn't already exist - [[ "$search_domains" =~ (^| )${!domain_var}( |$) ]] \ - || search_domains+="${!domain_var} " - i=$((i+1)) - done - - domain_var=dns_server_${n}_resolve_domain_1 - if [ -n "${!domain_var}" ]; then + if [ -n "$match_domains" ]; then echo "remove ${itf_dns_key}" | /usr/sbin/scutil unset_search_domains "$search_domains" else