From b66c4ea9c54780edd4a6016be31a7cb5227d11a9 Mon Sep 17 00:00:00 2001
From: Frank Denis <github@pureftpd.org>
Date: Thu, 3 May 2018 23:25:37 +0200
Subject: [PATCH] Add optional support for blacklists

---
 dnscrypt-wrapper.sh | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/dnscrypt-wrapper.sh b/dnscrypt-wrapper.sh
index d961998..fb778d9 100755
--- a/dnscrypt-wrapper.sh
+++ b/dnscrypt-wrapper.sh
@@ -2,6 +2,8 @@
 
 KEYS_DIR="/opt/dnscrypt-wrapper/etc/keys"
 STKEYS_DIR="${KEYS_DIR}/short-term"
+LISTS_DIR="/opt/dnscrypt-wrapper/etc/lists"
+BLACKLIST="${LISTS_DIR}/blacklist.txt"
 
 prune() {
     /usr/bin/find "$STKEYS_DIR" -type f -cmin +1440 -exec rm -f {} \;
@@ -54,10 +56,13 @@ mkdir -p "$STKEYS_DIR"
 prune
 [ $(rotation_needed) = true ] && new_key
 
+[ -r "$BLACKLIST" ] && blacklist_opt="--blacklist-file=${BLACKLIST}"
+
 exec /opt/dnscrypt-wrapper/sbin/dnscrypt-wrapper \
     --user=_dnscrypt-wrapper \
     --listen-address=0.0.0.0:443 \
     --resolver-address=127.0.0.1:553 \
     --provider-name="$provider_name" \
     --provider-cert-file="$(stcerts_files)" \
-    --crypt-secretkey-file=$(stkeys_files)
+    --crypt-secretkey-file=$(stkeys_files) \
+    $blacklist_opt