Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Development v6 #1950

Open
wants to merge 1,845 commits into
base: development
Choose a base branch
from
Open

Development v6 #1950

wants to merge 1,845 commits into from

Conversation

PromoFaux
Copy link
Member

Holding PR

DL6ER and others added 30 commits January 13, 2024 10:08
@DL6ER
Only free API data when the API was started
e35aa78 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@DL6ER
Adjust webserver.api.exclude{Clients,Domains} description
55339f0 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@DL6ER
Merge branch 'development-v6' into tweak/limit_history_clients
5863759
@DL6ER
Add webserver.api.maxClients setting to set default number of clients…
0346646 
… to be returned for the client activity graph. This setting can be overwritten at run-time

Signed-off-by: DL6ER <dl6er@dl6er.de>
@DL6ER
Merge pull request #1831 from pi-hole/update/ftl-build
dfde994 
Update ftl-build container to v2.5
@DL6ER
Merge pull request #1752 from pi-hole/remove/local.list
8332913 
Remove obsolet local.list
@DL6ER
Merge branch 'development-v6' into tweak/env_vars_list
b05fe82
@DL6ER
Add new config option to API
4e5521f 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@dependabot
Bump the github_action-dependencies group with 2 updates
82f7986 
Bumps the github_action-dependencies group with 2 updates: [actions/upload-artifact](https://github.com/actions/upload-artifact) and [actions/download-artifact](https://github.com/actions/download-artifact).


Updates `actions/upload-artifact` from 4.0.0 to 4.1.0
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@v4.0.0...v4.1.0)

Updates `actions/download-artifact` from 4.1.0 to 4.1.1
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](actions/download-artifact@v4.1.0...v4.1.1)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github_action-dependencies
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github_action-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@yubiuser
Merge pull request #1856 from pi-hole/dependabot-github_actions-devel…
806d608 
…opment-v6-github_action-dependencies-515e419fdb

Bump the github_action-dependencies group with 2 updates
@simonkelley @DL6ER
Fix problem with domains associated with DHCP hosts at startup.
6ce28da 
At startup, the leases file is read by lease_init(), and
in lease_init() undecorated hostnames are expanded into
FQDNs by adding the domain associated with the address
of the lease.

lease_init() happens relavtively early in the startup, party because
if it calls  the dhcp-lease helper script, we don't want that to inherit
a load of sensitive file descriptors. This has implications if domains
are defined using the --domain=example.com,eth0 format since it's long
before we call enumerate_interfaces(), so get_domain fails for such domains.

The patch just moves the hostname expansion function to a seperate
subroutine that gets called later, after enumerate_interfaces().

Signed-off-by: DL6ER <dl6er@dl6er.de>
@simonkelley @DL6ER
Fix --synth-domain NXDOMAIN responses.
da901cb 
By design, dnsmasq forwards queries for RR-types it has no data
on, even if it has data for the same domain and other RR-types.

This can lead to an inconsitent view of the DNS when an upstream
server returns NXDOMAIN for an RR-type and domain but the same domain
but a different RR-type gets an answer from dnsmasq. To avoid this,
dnsmasq converts NXDOMAIN answer from upstream to NODATA answers if
it would answer a query for the domain and a different RR-type.

An oversight missed out --synth-domain from the code to do this, so
--synth-domain=thekelleys.org.uk,192.168.0.0/24
would result in the correct answer to an A query for
192-168.0.1.thekelleys.org.uk and an AAAA query for the same domain
would be forwarded upstream and the resulting NXDOMAIN reply
returned.

After the fix, the reply gets converted to NODATA.

Thanks to Matt Wong for spotting the bug.

Signed-off-by: DL6ER <dl6er@dl6er.de>
@pemensik @DL6ER
Introduce new --local-service=host parameter
18bf4fd 
Similar to local-service, but more strict. Listen only on localhost
unless other interface is specified. Has no effect when interface is
provided explicitly. I had multiple bugs fillen on Fedora, because I have
changed default configuration to:

interface=lo
bind-interfaces

People just adding configuration parts to /etc/dnsmasq.d or appending to
existing configuration often fail to see some defaults are already there.
Give them auto-ignored configuration as smart default.

Signed-off-by: Petr Menšík <pemensik@redhat.com>

Do not add a new parameter on command line. Instead add just parameter
for behaviour modification of existing local-service option. Now it
accepts two optional values:
- net: exactly the same as before
- host: bind only to lo interface, do not listen on any other addresses
  than loopback.

Signed-off-by: DL6ER <dl6er@dl6er.de>
@simonkelley @DL6ER
Bump copyright to 2024.
9eb920a 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@DL6ER
Merge branch 'development-v6' into update/dnsmasq
edc4da9
@DL6ER
Update embedded SQLite 3 to 3.45.0
1bf26f0 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@DL6ER
Return null as version in /api/info/version if not available
12e7f44 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@DL6ER
Merge pull request #1858 from pi-hole/update/sqlite_3.45.0
9fc4a50 
Update embedded SQLite3 to 3.45.0
@DL6ER
Merge pull request #1859 from pi-hole/fix/remote_version
ff452fc 
Return null as version in /api/info/version if not available
@DL6ER
Change order of objects in documentation (small nit pick)
3c58e30 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@DL6ER
Compile exclude regexes only once, not N^2 times
5c4355f 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@DL6ER
Merge pull request #1832 from pi-hole/tweak/limit_history_clients
c392611 
Limit number of clients returned by /api/history/clients
@DL6ER
Merge branch 'development-v6' into new/queryLogRegex
862d492 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@DL6ER
Change how Pi-hole generates from self-signing our certificate to fir…
0a48d7a 
…st creating a self-signed root certificate authority (CA) and then using this CA to ordinarily sign the server's certificate. This has the advantage of being able to import the CA in places where importing a self-signed certificate is discouraged or not possible (e.g. Firefox browser)

Signed-off-by: DL6ER <dl6er@dl6er.de>
@DL6ER
Reduce code duplication by factoring out filter regex compilation
24b6df4 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@DL6ER
Apply review comments
bafbc78 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@DL6ER
Fix pointer magic going wrong
619a8b1 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@dependabot
Bump the github_action-dependencies group with 1 update
d30901b 
Bumps the github_action-dependencies group with 1 update: [actions/upload-artifact](https://github.com/actions/upload-artifact).


Updates `actions/upload-artifact` from 4.1.0 to 4.2.0
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@v4.1.0...v4.2.0)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github_action-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@DL6ER
Merge pull request #1863 from pi-hole/dependabot-github_actions-devel…
3341f0e 
…opment-v6-github_action-dependencies-4550b9f164

Bump the github_action-dependencies group with 1 update
@DL6ER
Merge pull request #1611 from pi-hole/new/queryLogRegex
8f4272b 
Add regex filtering support for domains on the Query Log
oliv3r and others added 30 commits May 10, 2024 19:17
@oliv3r
FTL_lua: Properly guard readline
7de24a0 
Readline support should only be used when we know it is available. Lets
properly use a ifdef guard like we do in `shell.c`.

Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
@oliv3r
FTL: Avoid hidden HAVE_READLINE define
be3d4cd 
We should set `HAVE_READLINE` based on whether it was actually
detected/found, not via a hidden fixed, as that contains compile errors
when readline is actually not available.

Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
@DL6ER
Merge pull request #1955 from pi-hole/fix/FTL_db_read_perms
bf0c8cd 
Change database permissions to -rw-r----- (640)
@dependabot
Bump the github_action-dependencies group with 2 updates
ede7340 
Bumps the github_action-dependencies group with 2 updates: [actions/checkout](https://github.com/actions/checkout) and [eps1lon/actions-label-merge-conflict](https://github.com/eps1lon/actions-label-merge-conflict).


Updates `actions/checkout` from 4.1.4 to 4.1.5
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v4.1.4...v4.1.5)

Updates `eps1lon/actions-label-merge-conflict` from 3.0.0 to 3.0.1
- [Release notes](https://github.com/eps1lon/actions-label-merge-conflict/releases)
- [Changelog](https://github.com/eps1lon/actions-label-merge-conflict/blob/main/CHANGELOG.md)
- [Commits](eps1lon/actions-label-merge-conflict@v3.0.0...v3.0.1)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github_action-dependencies
- dependency-name: eps1lon/actions-label-merge-conflict
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github_action-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@yubiuser
Merge pull request #1958 from pi-hole/dependabot-github_actions-devel…
30215fc 
…opment-v6-github_action-dependencies-220eae05df

Bump the github_action-dependencies group with 2 updates
@DL6ER
Update bundled cJSON from 1.7.17 -> 1.7.18 released earlier today
d4a89f3 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@DL6ER
Merge pull request #1959 from pi-hole/update/cJSON_1.7.18
bccfa22 
Update bundled cJSON
@DL6ER
Improve query storing algorithm to better cope with bursts of queries…
688a551 
… of arbitrary size and frequency

Signed-off-by: DL6ER <dl6er@dl6er.de>
@DL6ER
Use new constant also as back-off factor for exporting into the database
30cade6 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@DL6ER
Merge pull request #1960 from pi-hole/fix/database_queries
3d4cc1b 
Fix spilled queries in database
@jacklul
Fix error message mentioning wrong file
ecd2e81 
Signed-off-by: Jack'lul <jacklulcat@gmail.com>
@DL6ER
Merge pull request #1961 from jacklul/v6-patch-1
12bebfb 
Fix error message mentioning wrong file
@DL6ER
Merge pull request #1956 from oliv3r/readline_detection
4628219 
Readline detection
@DL6ER
Merge pull request #1964 from pi-hole/new/artifact_attestations
95b1dc1 
Add artifact attestation
@DL6ER
Update DNS records after pruning DHCP leases
98407e3 
Not doing so can result in a use after free since the name for DHCP
derived DNS records is represented as a pointer into the DHCP lease
table. Update will only happen when necessary since lease_update_dns
tests internally on dns_dirty and the force argument is zero.

Signed-off-by: Erik Karlsson <erik.karlsson@iopsys.eu>
Signed-off-by: DL6ER <dl6er@dl6er.de>
@DL6ER
Update custom dnsmasq version
ebc195a 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@DL6ER
Merge pull request #1965 from pi-hole/fix/dhcp_names
a078106 
Update DNS records after pruning DHCP leases
@dependabot
Bump actions/checkout in the github_action-dependencies group
6fed81a 
Bumps the github_action-dependencies group with 1 update: [actions/checkout](https://github.com/actions/checkout).


Updates `actions/checkout` from 4.1.5 to 4.1.6
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v4.1.5...v4.1.6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github_action-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@DL6ER
Merge pull request #1968 from pi-hole/dependabot-github_actions-devel…
6de3d81 
…opment-v6-github_action-dependencies-edf2abb101

Bump actions/checkout from 4.1.5 to 4.1.6 in the github_action-dependencies group
@DL6ER
Properly guard X.509 functions to allow compiling FTL without mbedTLS…
e286d4b 
… library being available, also improve how definitions are done in src/CMakeLists.txt and reduce instruction-duplication on the way

Signed-off-by: DL6ER <dl6er@dl6er.de>
@DL6ER
Enforce minimum version of mbedTLS (3.5.0)
4b2cb98 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@DL6ER
Ensure we also change ownership of the WAL database files
e3346ff 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@DL6ER
Merge pull request #1969 from pi-hole/fix/mbedtls
139facd 
Fix compiling without mbedTLS
@DL6ER
Merge pull request #1970 from pi-hole/fix/wal-ownership
5243083 
Ensure we also change ownership of the WAL database files
@DL6ER
Skip attestation and deployment steps for fork-based PRs having no ac…
f88d96a 
…cess to secrets

Signed-off-by: DL6ER <dl6er@dl6er.de>
@DL6ER
Merge pull request #1972 from pi-hole/fix/fork_pr
2a1ae11 
actions: fix fork PR runs
@DL6ER
Always try to chown auxiliary database files, not only when chown of …
be9fe87 
…the database files itself failed

Signed-off-by: DL6ER <dl6er@dl6er.de>
@DL6ER
Merge pull request #1973 from pi-hole/fix/database_aux_files
0f48ea8 
Fix chown of aux. database files
@DL6ER
Update embedded SQLite3 to 3.46.0
3afd9f0 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@DL6ER
Merge pull request #1974 from pi-hole/update/sqlite_3.46.0
825a14a 
Update embedded SQLite3 to 3.46.0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
10 participants
@PromoFaux @pralor-bot @DL6ER @yubiuser @simonkelley @pemensik @mbooth101 @bungh0l10 @oliv3r @jacklul