From 2f0a95645ae58f273e55667cb266d16e4d329f11 Mon Sep 17 00:00:00 2001
From: Alexandre Aubin <alex.aubin@mailoo.org>
Date: Sat, 11 Apr 2020 03:25:03 +0200
Subject: [PATCH] Hmpf boring resolvconf shit

---
 data/hooks/conf_regen/43-dnsmasq | 15 +++++++++++++++
 data/hooks/diagnosis/10-ip.py    | 15 +++++++--------
 2 files changed, 22 insertions(+), 8 deletions(-)

diff --git a/data/hooks/conf_regen/43-dnsmasq b/data/hooks/conf_regen/43-dnsmasq
index 90e96a04c..d6ab8648c 100755
--- a/data/hooks/conf_regen/43-dnsmasq
+++ b/data/hooks/conf_regen/43-dnsmasq
@@ -50,6 +50,21 @@ do_pre_regen() {
 do_post_regen() {
   regen_conf_files=$1
 
+  # Fuck it, those domain/search entries from dhclient are usually annoying
+  # lying shit from the ISP trying to MiTM
+  if grep -q -E "^ *(domain|search)" /run/resolvconf/resolv.conf
+  then
+      if grep -q -E "^ *(domain|search)" /run/resolvconf/interface/*.dhclient 2>/dev/null
+      then
+        sed -E "s/^(domain|search)/#\1/g" -i /run/resolvconf/interface/*.dhclient
+      fi
+
+      grep -q '^supersede domain-name "";' /etc/dhcp/dhclient.conf 2>/dev/null || echo '^supersede domain-name "";' >> /etc/dhcp/dhclient.conf
+      grep -q '^supersede domain-search "";' /etc/dhcp/dhclient.conf 2>/dev/null || echo '^supersede domain-search "";' >> /etc/dhcp/dhclient.conf
+      grep -q '^supersede name "";' /etc/dhcp/dhclient.conf 2>/dev/null || echo '^supersede name "";' >> /etc/dhcp/dhclient.conf
+      systemctl restart resolvconf
+  fi
+
   [[ -z "$regen_conf_files" ]] \
     || service dnsmasq restart
 }
diff --git a/data/hooks/diagnosis/10-ip.py b/data/hooks/diagnosis/10-ip.py
index 70a5c9594..7d0aa8da2 100644
--- a/data/hooks/diagnosis/10-ip.py
+++ b/data/hooks/diagnosis/10-ip.py
@@ -41,7 +41,7 @@ class IPDiagnoser(Diagnoser):
 
         # In every case, we can check that resolvconf seems to be okay
         # (symlink managed by resolvconf service + pointing to dnsmasq)
-        good_resolvconf = self.resolvconf_is_symlink() and self.resolvconf_points_to_localhost()
+        good_resolvconf = self.good_resolvconf()
 
         # If we can't resolve domain names at all, that's a pretty big issue ...
         # If it turns out that at the same time, resolvconf is bad, that's probably
@@ -131,13 +131,12 @@ class IPDiagnoser(Diagnoser):
     def can_resolve_dns(self):
         return os.system("dig +short ip.yunohost.org >/dev/null 2>/dev/null") == 0
 
-    def resolvconf_is_symlink(self):
-        return os.path.realpath("/etc/resolv.conf") == "/run/resolvconf/resolv.conf"
-
-    def resolvconf_points_to_localhost(self):
-        file_ = "/etc/resolv.conf"
-        resolvers = [r.split(" ")[1] for r in read_file(file_).split("\n") if r.startswith("nameserver")]
-        return resolvers == ["127.0.0.1"]
+    def good_resolvconf(self):
+        content = read_file(file_).strip().split("\n")
+        # Ignore comments and empty lines
+        content = [l.strip() for l in content if l.strip() and not l.strip().startswith("#")]
+        # We should only find a "nameserver 127.0.0.1"
+        return len(content) == 1 and content.split() == ["nameserver", "127.0.0.1"]
 
     def get_public_ip(self, protocol=4):