unbound: clean up marker and size files, closes #9489 (#9491)

* unbound: clean up marker and size files, closes #9489 * unbound: ditch dnsbl_available and bind around self.dnsbl * unbound: ditch chained comparison
2025-12-10 00:32:09 -06:00 · 2025-12-09 15:40:28 +01:00 · 2025-12-09 15:40:28 +01:00 · efe726f841
commit efe726f841
parent 972433b4d0
1 changed files with 29 additions and 28 deletions
--- a/src/opnsense/scripts/unbound-dnsbl/lib/dnsbl.py
+++ b/src/opnsense/scripts/unbound-dnsbl/lib/dnsbl.py
@ -50,7 +50,6 @@ class DNSBL:
        self.size_file = size_file
        self.dnsbl_mtime_cache = 0
        self.dnsbl_update_time = 0
-        self.dnsbl_available = False
        self.dnsbl = None
        self.warn_file = "/data/dnsbl_format_warning"
        self._context = context
@ -64,40 +63,42 @@ class DNSBL:
        t = time.time()
        if (t - self.dnsbl_update_time) > 60:
            self.dnsbl_update_time = t
+            self._load_dnsbl()
+
+    def _load_dnsbl(self):
+        last_state = (self.dnsbl is not None)
+
        if not self._dnsbl_exists():
-                self.dnsbl_available = False
-                return
+            self.dnsbl = None
+        else:
            fstat = os.stat(self.dnsbl_path).st_mtime
            if fstat != self.dnsbl_mtime_cache:
                self.dnsbl_mtime_cache = fstat
                log_info("dnsbl_module: updating blocklist.")
-                self._load_dnsbl()
-
-    def _load_dnsbl(self):
                with open(self.dnsbl_path, 'r') as f:
                    try:
                        self.dnsbl = json.load(f)
                        if self._context and type(self.dnsbl.get('config')) is dict:
                            if not self.dnsbl['config'].get('general'):
                                # old format, needs blocklist reload
+                                self.dnsbl = None
                                raise ValueError("incompatible blocklist")
                            self._context.set_config(self.dnsbl['config'])
                        log_info('dnsbl_module: blocklist loaded. length is %d' % len(self.dnsbl['data']))
-                with open(self.size_file, 'w') as sfile:
-                    sfile.write(str(len(self.dnsbl['data'])))
                    except (json.decoder.JSONDecodeError, KeyError, ValueError) as e:
                        if not self.dnsbl or isinstance(e, ValueError):
                            log_err("dnsbl_module: unable to parse blocklist file: %s. Please re-apply the blocklist settings." % e)
-                    self.dnsbl_available = False
                            open(self.warn_file, "a").close()
                            return
                        else:
-                    log_err("dnsbl_module: error parsing blocklist: %s, reusing last known list" % e)
+                            log_err("dnsbl_module: error parsing blocklist: %s, reusing last known state" % e)

        if os.path.exists(self.warn_file):
            os.remove(self.warn_file)

-        self.dnsbl_available = True
+        if last_state != (self.dnsbl is not None):
+            with open(self.size_file, 'w') as sfile:
+                sfile.write(str(len(self.dnsbl['data'])) if self.dnsbl else '0')

    def _in_network(self, client, networks):
        if not networks:
@ -118,7 +119,7 @@ class DNSBL:
    def policy_match(self, query: Query, qstate=None, orig=None):
        self._update_dnsbl()

-        if not self.dnsbl_available:
+        if not self.dnsbl:
            return False

        if not query.type in ('A', 'AAAA', 'CNAME', 'HTTPS'):