blockcheck: fix brokern http3 test

blockcheck.sh

@@ -278,44 +278,45 @@ mdig_cache()
 mdig_resolve()
 {
 	# $1 - ip version 4/6
-	# $2 - hostname, possibly with uri : rutracker.org/xxx/xxxx
+	# $2 - var to receive result
-	local hostvar cachevar countvar count ip n sdom
+	# $3 - hostname, possibly with uri : rutracker.org/xxx/xxxx
+	local hostvar cachevar countvar count n sdom
 
-	split_by_separator "$2" / sdom
+	split_by_separator "$3" / sdom
 	mdig_vars "$1" "$sdom"
 	if [ -n "$count" ]; then
 		n=$(random 0 $(($count-1)))
-		eval ip=\$${cachevar}_$n
+		eval $2=\$${cachevar}_$n
-		echo $ip
 		return 0
 	else
-		mdig_cache "$1" "$sdom" && mdig_resolve "$1" "$sdom"
+		mdig_cache "$1" "$sdom" && mdig_resolve "$1" "$2" "$sdom"
 	fi
 }
 mdig_resolve_all()
 {
 	# $1 - ip version 4/6
-	# $2 - hostname
+	# $2 - var to receive result
+	# $3 - hostname
 
-	local hostvar cachevar countvar count ip ips n sdom
+	local hostvar cachevar countvar count ip__ ips__ n sdom
 
-	split_by_separator "$2" / sdom
+	split_by_separator "$3" / sdom
 	mdig_vars "$1" "$sdom"
 	if [ -n "$count" ]; then
 		n=0
 		while [ "$n" -le $count ]; do
-			eval ip=\$${cachevar}_$n
+			eval ip__=\$${cachevar}_$n
-			if [ -n "$ips" ]; then
+			if [ -n "$ips__" ]; then
-				ips="$ips $ip"
+				ips__="$ips__ $ip__"
 			else
-				ips="$ip"
+				ips__="$ip__"
 			fi
 			n=$(($n + 1))
 		done
-		echo "$ips"
+		eval $2="\$ips__"
 		return 0
 	else
-		mdig_cache "$1" "$sdom" && mdig_resolve_all "$1" "$sdom"
+		mdig_cache "$1" "$sdom" && mdig_resolve_all "$1" "$2" "$sdom"
 	fi
 }
 
@@ -482,7 +483,7 @@ check_prerequisites()
 		exitp 6
 	}
 
-	local prog progs='curl'
+	local prog progs="$CURL"
 	[ "$SKIP_PKTWS" = 1 ] || {
 		case "$UNAME" in
 			Linux)
@@ -671,7 +672,7 @@ curl_with_dig()
 	local sdom suri ip
 
 	split_by_separator "$dom" / sdom suri
-	ip=$(mdig_resolve $1 $sdom)
+	mdig_resolve $1 ip $sdom
 	shift ; shift ; shift
 	if [ -n "$ip" ]; then
 		curl_with_subst_ip "$sdom" "$port" "$ip" "$@"
@@ -1005,7 +1006,7 @@ check_domain_port_block()
 	echo
 	echo \* port block tests ipv$IPV $1:$2
 	if netcat_setup; then
-		ips=$(mdig_resolve_all $IPV $1)
+		mdig_resolve_all $IPV ips $1
 		if [ -n "$ips" ]; then
 			for ip in $ips; do
 				if netcat_test $ip $2; then
@@ -1705,7 +1706,7 @@ check_dpi_ip_block()
 
 	echo "> testing $UNBLOCKED_DOM on it's original ip"
 	if curl_test $1 $UNBLOCKED_DOM; then
-		unblocked_ip=$(mdig_resolve $IPV $UNBLOCKED_DOM)
+		mdig_resolve $IPV unblocked_ip $UNBLOCKED_DOM
 		[ -n "$unblocked_ip" ] || {
 			echo $UNBLOCKED_DOM does not resolve. tests not possible.
 			return 1
@@ -1714,7 +1715,7 @@ check_dpi_ip_block()
 		echo "> testing $blocked_dom on $unblocked_ip ($UNBLOCKED_DOM)"
 		curl_test $1 $blocked_dom $unblocked_ip detail
 
-		blocked_ips=$(mdig_resolve_all $IPV $blocked_dom)
+		mdig_resolve_all $IPV blocked_ips $blocked_dom
 		for blocked_ip in $blocked_ips; do
 			echo "> testing $UNBLOCKED_DOM on $blocked_ip ($blocked_dom)"
 			curl_test $1 $UNBLOCKED_DOM $blocked_ip detail
@@ -1765,6 +1766,8 @@ check_domain_http_tcp()
 	# $3 - encrypted test : 0 = plain, 1 - encrypted with server reply risk, 2 - encrypted without server reply risk
 	# $4 - domain
 
+	local ips
+
 	# in case was interrupted before
 	pktws_ipt_unprepare_tcp $2
 	ws_kill
@@ -1773,15 +1776,11 @@ check_domain_http_tcp()
 
 	[ "$SKIP_IPBLOCK" = 1 ] || check_dpi_ip_block $1 $4
 
-	[ "$SKIP_TPWS" = 1 ] || {
-		echo
-		tpws_check_domain_http_bypass $1 $3 $4
-	}
-
 	[ "$SKIP_PKTWS" = 1 ] || {
 		echo
 	        echo preparing $PKTWSD redirection
-		pktws_ipt_prepare_tcp $2 "$(mdig_resolve_all $IPV $4)"
+		mdig_resolve_all $IPV ips $4
+		pktws_ipt_prepare_tcp $2 "$ips"
 
 		pktws_check_domain_http_bypass $1 $3 $4
 
@@ -1795,6 +1794,8 @@ check_domain_http_udp()
 	# $2 - port
 	# $3 - domain
 
+	local ips
+
 	# in case was interrupted before
 	pktws_ipt_unprepare_udp $2
 	ws_kill
@@ -1804,7 +1805,8 @@ check_domain_http_udp()
 	[ "$SKIP_PKTWS" = 1 ] || {
 		echo
 	        echo preparing $PKTWSD redirection
-		pktws_ipt_prepare_udp $2 "$(mdig_resolve_all $IPV $3)"
+		mdig_resolve_all $IPV ips $3
+		pktws_ipt_prepare_udp $2 "$ips"
 
 		pktws_check_domain_http3_bypass $1 $3
 

common/base.sh

@@ -4,6 +4,10 @@ which()
 	# 'command -v' replacement does not work exactly the same way. it outputs shell aliases if present
 	# $1 - executable name
 	local IFS=:
+	[ "$1" != "${1#/}" ] && [ -x "$1" ] && {
+		echo "$1"
+		return 0
+	}
 	for p in $PATH; do
 	    [ -x "$p/$1" ] && {
 		echo "$p/$1"

common/queue.sh

@@ -1,85 +0,0 @@
-apply_unspecified_desync_modes()
-{
-	NFQWS_OPT_DESYNC_HTTP="${NFQWS_OPT_DESYNC_HTTP:-$NFQWS_OPT_DESYNC}"
-	NFQWS_OPT_DESYNC_HTTP_SUFFIX="${NFQWS_OPT_DESYNC_HTTP_SUFFIX:-$NFQWS_OPT_DESYNC_SUFFIX}"
-	NFQWS_OPT_DESYNC_HTTPS="${NFQWS_OPT_DESYNC_HTTPS:-$NFQWS_OPT_DESYNC}"
-	NFQWS_OPT_DESYNC_HTTPS_SUFFIX="${NFQWS_OPT_DESYNC_HTTPS_SUFFIX:-$NFQWS_OPT_DESYNC_SUFFIX}"
-	NFQWS_OPT_DESYNC_HTTP6="${NFQWS_OPT_DESYNC_HTTP6:-$NFQWS_OPT_DESYNC_HTTP}"
-	NFQWS_OPT_DESYNC_HTTP6_SUFFIX="${NFQWS_OPT_DESYNC_HTTP6_SUFFIX:-$NFQWS_OPT_DESYNC_HTTP_SUFFIX}"
-	NFQWS_OPT_DESYNC_HTTPS6="${NFQWS_OPT_DESYNC_HTTPS6:-$NFQWS_OPT_DESYNC_HTTPS}"
-	NFQWS_OPT_DESYNC_HTTPS6_SUFFIX="${NFQWS_OPT_DESYNC_HTTPS6_SUFFIX:-$NFQWS_OPT_DESYNC_HTTPS_SUFFIX}"
-	NFQWS_OPT_DESYNC_QUIC6="${NFQWS_OPT_DESYNC_QUIC6:-$NFQWS_OPT_DESYNC_QUIC}"
-	NFQWS_OPT_DESYNC_QUIC6_SUFFIX="${NFQWS_OPT_DESYNC_QUIC6_SUFFIX:-$NFQWS_OPT_DESYNC_QUIC_SUFFIX}"
-}
-
-get_nfqws_qnums()
-{
-	# $1 - var name for ipv4 http
-	# $2 - var name for ipv4 https
-	# $3 - var name for ipv6 http
-	# $4 - var name for ipv6 https
-	local _qn _qns _qn6 _qns6
-
-	[ "$DISABLE_IPV4" = "1" ] || {
-		_qn=$QNUM
-		_qns=$_qn
-		[ "$NFQWS_OPT_DESYNC_HTTP $NFQWS_OPT_DESYNC_HTTP_SUFFIX" = "$NFQWS_OPT_DESYNC_HTTPS $NFQWS_OPT_DESYNC_HTTPS_SUFFIX" ] || _qns=$(($QNUM+1))
-	}
-	[ "$DISABLE_IPV6" = "1" ] || {
-		_qn6=$(($QNUM+2))
-		_qns6=$(($QNUM+3))
-		[ "$DISABLE_IPV4" = "1" ] || {
-			if [ "$NFQWS_OPT_DESYNC_HTTP6 $NFQWS_OPT_DESYNC_HTTP6_SUFFIX" = "$NFQWS_OPT_DESYNC_HTTP $NFQWS_OPT_DESYNC_HTTP_SUFFIX" ]; then
-				_qn6=$_qn;
-			elif [ "$NFQWS_OPT_DESYNC_HTTP6 $NFQWS_OPT_DESYNC_HTTP6_SUFFIX" = "$NFQWS_OPT_DESYNC_HTTPS $NFQWS_OPT_DESYNC_HTTPS_SUFFIX" ]; then
-				_qn6=$_qns;
-			fi
-			if [ "$NFQWS_OPT_DESYNC_HTTPS6 $NFQWS_OPT_DESYNC_HTTPS6_SUFFIX" = "$NFQWS_OPT_DESYNC_HTTP $NFQWS_OPT_DESYNC_HTTP_SUFFIX" ]; then
-				_qns6=$_qn;
-			elif [ "$NFQWS_OPT_DESYNC_HTTPS6 $NFQWS_OPT_DESYNC_HTTPS6_SUFFIX" = "$NFQWS_OPT_DESYNC_HTTPS $NFQWS_OPT_DESYNC_HTTPS_SUFFIX" ]; then
-				_qns6=$_qns;
-			fi
-		}
-		[ "$NFQWS_OPT_DESYNC_HTTPS6 $NFQWS_OPT_DESYNC_HTTPS6_SUFFIX" = "$NFQWS_OPT_DESYNC_HTTP6 $NFQWS_OPT_DESYNC_HTTP6_SUFFIX" ] && _qns6=$_qn6;
-	}
-	if [ "$MODE_HTTP" = 1 ]; then
-		eval $1=$_qn
-		eval $3=$_qn6
-	else
-		eval $1=
-		eval $3=
-	fi
-	if [ "$MODE_HTTPS" = 1 ]; then
-		eval $2=$_qns
-		eval $4=$_qns6
-	else
-		eval $2=
-		eval $4=
-	fi
-}
-
-get_nfqws_qnums_quic()
-{
-	# $1 - var name for ipv4 quic
-	# $2 - var name for ipv6 quic
-	local _qn _qn6
-
-	[ "$DISABLE_IPV4" = "1" ] || {
-		_qn=$(($QNUM+10))
-	}
-	[ "$DISABLE_IPV6" = "1" ] || {
-		_qn6=$(($QNUM+11))
-		[ "$DISABLE_IPV4" = "1" ] || {
-			if [ "$NFQWS_OPT_DESYNC_QUIC $NFQWS_OPT_DESYNC_QUIC_SUFFIX" = "$NFQWS_OPT_DESYNC_QUIC6 $NFQWS_OPT_DESYNC_QUIC6_SUFFIX" ]; then
-				_qn6=$_qn;
-			fi
-		}
-	}
-	if [ "$MODE_QUIC" = 1 ]; then
-		eval $1=$_qn
-		eval $2=$_qn6
-	else
-		eval $1=
-		eval $2=
-	fi
-}

docs/changes.txt

@@ -572,3 +572,7 @@ nfqws: --dup-ip-id
 
 blockcheck: support URIs
 blockcheck: CURL_HTTPS_GET=1 suppresses -I curl option for https (HEAD -> GET)
+
+73.4
+
+blockcheck: fix broken dns cache

nfq/params.c

@@ -219,6 +219,9 @@ void dp_init(struct desync_profile *dp)
 	LIST_INIT(&dp->ips_collection_exclude);
 	LIST_INIT(&dp->pf_tcp);
 	LIST_INIT(&dp->pf_udp);
+#ifdef HAS_FILTER_SSID
+	LIST_INIT(&dp->filter_ssid);
+#endif
 
 	memcpy(dp->hostspell, "host", 4); // default hostspell
 	dp->desync_skip_nosni = true;