Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sync: master to development #1

Open
wants to merge 237 commits into
base: development
Choose a base branch
from
Open

sync: master to development #1

wants to merge 237 commits into from

Conversation

github-actions[bot]
Copy link

sync-branches: New code has just landed in master, so let's bring development up to speed!

PromoFaux and others added 30 commits February 12, 2022 19:58
@PromoFaux
Merge pull request pi-hole#1300 from pi-hole/development
52e6b95 
Pi-hole FTL v5.14
@PromoFaux
remove the CONTENT_COMPARISON setting (defaults to false)
13ea3c6
@PromoFaux
add dco.yml to ignore requirement from Org members (it's already impl…
53bff37 
…ied!)
@PromoFaux
Merge pull request pi-hole#1304 from pi-hole/master
9b087b1 
sync: master to development
@DL6ER
Fix how we compute the total number of DNS packets (not queries)
da62df2 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@yubiuser
Merge pull request pi-hole#1305 from pi-hole/fix/negative_others
08de9d0 
Fix negative "others" in Upstream Servers pie chart
@DL6ER
Update SQLite to v3.38.0
8ff5b0a 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@yubiuser
Merge pull request pi-hole#1307 from pi-hole/update/sqlite_3.38.0
cb0d42d 
Update SQLite to v3.38.0
@DL6ER
Reload blocking mode independently of incoming queries
7f7dc2e 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@icyflame
Replace reference to hard-coded default GCinterval value
2d1e7ad 
This hard-coded GCinterval value makes any change to the macro defining the GCinterval ineffective
when the GC runs.

For e.g., if I reduce the GC from once an hour to once every 3 minutes, the GC runs every 3 minutes,
but the mintime is set to the start of the next hour, which wipes everything from the overTime data.

I believe that this change is safe and can be merged and shipped to existing users because the
GCinterval value is not configurable and users who don't build the PiHole version that they are
running will not be affected by this change.

Signed-off-by: Siddharth Kannan <mail@siddharthkannan.in>
@yubiuser
Change blocking mode to blocking status in comment
29cc882 
Signed-off-by: Christian König <ckoenig@posteo.de>
@yubiuser
Merge pull request pi-hole#1310 from pi-hole/tweak/blockind_status
e62063a 
Reload blocking mode independently of incoming queries
@abesnier
Added support for compilation on MIPS platform
f140518 
Compiling FTL on MIPS platform would fail with the following error:
/home/git/FTL/src/database/../shmem.h:57:41: error: expected declaration specifiers or ‘...’ before numeric constant
   57 | ASSERT_SIZEOF(countersStruct, 240, 240, 240);
This error originates from static_assert.h, where there are no definition of ASSERT_SIZEOF and STATIC_ASSERT for the mips architecture.
Support added in this commit.
@abesnier
Updated for simplication
a68908c 
Signed-off-by: abesnier <besnier_antoine@yahoo.fr>
@abesnier
Updated for simplication
d6e19bd 
Signed-off-by: abesnier <besnier_antoine@yahoo.fr>
@abesnier
Merge branch 'patch-1' of https://github.com/abesnier/FTL into patch-1
9262fb9
@DL6ER
Adjust query type counters when importing from the database
213b7eb 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@DL6ER
Merge pull request pi-hole#1313 from icyflame/update-gc-remove-hardco…
f527e73 
…ded-gc-interval

 Replace reference to hard-coded default GCinterval value
@yubiuser
Be more precise about escaping invalid characters in queries
4cf9129 
Signed-off-by: Christian König <ckoenig@posteo.de>
@DL6ER
Merge pull request pi-hole#1318 from pi-hole/tweak/escape
7383842 
Be more precise about escaping invalid characters in queries
@yubiuser
Merge pull request pi-hole#1317 from pi-hole/fix/negative_replies
7e45549 
Adjust query type counters when importing from the database
@DL6ER
Update SQLite to v3.38.1
fbe28c9 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@yubiuser
Merge pull request pi-hole#1320 from pi-hole/update/sqlite_3.38.1
9ba75b7 
Update SQLite to 3.38.1
@DL6ER
Merge pull request pi-hole#1316 from abesnier/patch-1
5ac2ed2 
Added support for compilation on MIPS platform
@DL6ER
Add individual reply counters as well as their sum to the API + ensur…
a24e187 
…e we subtract from the previous reply counter when setting a new status

Signed-off-by: DL6ER <dl6er@dl6er.de>
@DL6ER
Ensure we subtract from the old reply counter when reply type changes
8734b60 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@DL6ER
Update SQLite to v3.38.2
77c5665 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@yubiuser
Merge pull request pi-hole#1323 from pi-hole/update/sqlite_3.38.2
6576eb6 
Update SQLite to v3.38.2
@icyflame
Fix initOverTime's calculation of last slot timestamp
06b0606 
initOverTime calculate's the last slot timestamp with the assumption that `OVERTIME_INTERVAL` will
allow atleast `OVERTIME_SLOTS` number of slots between now and the last slot in the current
hour. This leads it to calculate the timestamp of the last slot, and then assign timestamps to each
slot counting down from that timestamp.

This logic is not compatible with changes in the OVERTIME_INTERVAL and the MAXLOGAGE variables. Here
is a demonstration of a case where this can be shown clearly:

```
OVERTIME_INTERVAL = 60s (Each slot stores 1 minute of data)
MAXLOGAGE = 600s (Store date for only 10 minutes)
OVERTIME_SLOTS = 11 (MAXLOGAGE/OVERTIME_INTERVAL)
```

- Current time: 10:35
- Last slot time: 10:59:30
- First slot time: 10:48:30

Note that this logic *does* work as expected with the default minimum of 1 hour for the MAXLOGAGE
configuration variable.

Signed-off-by: Siddharth Kannan <mail@siddharthkannan.in>
@DL6ER
Merge pull request pi-hole#1312 from icyflame/update-init-overtime
392ff15 
Fix initOverTime's calculation of last slot timestamp
simonkelley and others added 29 commits September 11, 2022 10:55
@simonkelley @DL6ER
Fix write-after-free error in DHCPv6 code. CVE-2022-0934 refers.
73faa6c 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@DL6ER
Add inode compare while checking resolv file change
20ef05b 
Fix a bug found on OpenWrt when IPv4/6 dual stack enabled:

The resolv file is located on tmpfs whose mtime resolution
is 1 second. If the resolv file is updated twice within one
second dnsmasq may can't notice the second update.

netifd updates the resolv file with method: write temp then move,
so adding an inode check fixes this bug.

Signed-off-by: DL6ER <dl6er@dl6er.de>
@DL6ER
Also log upstream port for dnssec-retry
52540ef 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@simonkelley @DL6ER
Fix outdated comment.
0619aca 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@simonkelley @DL6ER
Add the ability to specify destination port in DHCP-relay mode.
6417ff3 
This change also removes a previous bug
where --dhcp-alternate-port would affect the port used
to relay _to_ as well as the port being listened on.
The new feature allows configuration to provide bug-for-bug
compatibility, if required. Thanks to Damian Kaczkowski
for the feature suggestion.

Signed-off-by: DL6ER <dl6er@dl6er.de>
@bengal @DL6ER
Fix parsing of IPv6 addresses with peer from netlink.
1aa4087 
In the most common case, an IPv6 address doesn't have a peer and the
IFA_ADDRESS netlink attribute contains the address itself.

But if the address has a peer (typically for point to point links),
then IFA_ADDRESS contains the peer address and IFA_LOCAL contains the
address [1].

[1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/net/ipv6/addrconf.c?h=v5.17#n5030

Fix the parsing of IPv6 addresses with peers, as currently dnsmasq
unsuccessfully tries to bind on the peer address.

A simple reproducer is:

  dnsmasq --conf-file=/dev/null -i dummy1 -d --bind-dynamic &
  sleep 2
  ip link add dummy1 type dummy
  ip link set dummy1 up
  ip addr add dev dummy1 fd01::1/64 peer fd01::2/64
  ip addr add dev dummy1 fd01::42/64
  sleep 2
  ss -lnp | grep dnsmasq | grep fd01

Before the patch:
  dnsmasq: failed to create listening socket for fd01::2: Cannot assign requested address
  dnsmasq: failed to create listening socket for fd01::2: Cannot assign requested address
  udp   UNCONN 0   [fd01::42]:53   [::]:*    users:(("dnsmasq",pid=23947,fd=14))
  tcp   LISTEN 0   [fd01::42]:53   [::]:*    users:(("dnsmasq",pid=23947,fd=15

After:
  udp   UNCONN 0   [fd01::42]:53   [::]:*    users:(("dnsmasq",pid=23973,fd=16))
  udp   UNCONN 0    [fd01::1]:53   [::]:*    users:(("dnsmasq",pid=23973,fd=14))
  tcp   LISTEN 0   [fd01::42]:53   [::]:*    users:(("dnsmasq",pid=23973,fd=17))
  tcp   LISTEN 0    [fd01::1]:53   [::]:*    users:(("dnsmasq",pid=23973,fd=15))
Signed-off-by: DL6ER <dl6er@dl6er.de>
@simonkelley @DL6ER
Fix comment typo.
195d67a 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@pulsastrix @jwhb @DL6ER
Pass MUD URLs (RFC 8520) supplied via DHCPv6 to DHCP scripts
ff92410 
Extract Manufacturer Usage Description (MUD) URL from DHCP Option 112
and make it available to DHCP scripts as DNSMASQ_MUD_URL.

This expands on the initial support for Manufacturer Usage Description
URLs that has been added in the previous commit for DHCPv4 by also
supporting MUD URLs supplied using DHCPv6.

See https://datatracker.ietf.org/doc/html/rfc8520#section-17.3
and https://datatracker.ietf.org/doc/html/rfc8520#section-10

Co-authored-by: Jasper Wiegratz <wiegratz@uni-bremen.de>
Signed-off-by: DL6ER <dl6er@dl6er.de>
@kyeich @jwhb @DL6ER
Pass MUD URLs (RFC 8520) supplied via DHCPv4 to DHCP scripts
08e9d2d 
Extract Manufacturer Usage Description (MUD) URL from DHCP Option 161
and make it available to DHCP scripts as DNSMASQ_MUD_URL.

See https://datatracker.ietf.org/doc/html/rfc8520#section-17.3
and https://datatracker.ietf.org/doc/html/rfc8520#section-10

Co-authored-by: Jasper Wiegratz <wiegratz@uni-bremen.de>
Signed-off-by: DL6ER <dl6er@dl6er.de>
@simonkelley @DL6ER
Tidy last two commits.
bb35e18 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@simonkelley @DL6ER
Fix bit-rotted data handling code for LUA scripts.
6e73951 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@simonkelley @DL6ER
Update man page on DHCP data provided to scripts. Provide requested o…
48efc98 
…ptions for DHCPv6 also.

Signed-off-by: DL6ER <dl6er@dl6er.de>
@taylorb-syd @DL6ER
Bound the value of UDP packet size in the EDNS0 header of forwarded q…
c13654f 
…ueries to the configured or default value of edns-packet-max. There's no point letting a client set a larger value if we're unable to return the answer.

Signed-off-by: DL6ER <dl6er@dl6er.de>
@simonkelley @DL6ER
Fix bad interaction between --address=/#/<ip> and --server=/some.doma…
92efa12 
…in/#

This would return <ip> for queries in some.domain, rather than
forwarding the query via the default server(s) read from /etc/resolv.conf.

Signed-off-by: DL6ER <dl6er@dl6er.de>
@pemensik @DL6ER
Introduce whine_realloc
6635d5d 
Move few patters with whine_malloc, if (successful) copy+free, to a new
whine_realloc. It should do the same thing, but with a help from OS it
can avoid unnecessary copy and free if allocation of more data after
current data is possible.

Added few setting remanining space to 0, because realloc does not use
calloc like whine_malloc does. There is no advantage of zeroing what we
will immediately overwrite. Zero only remaining space.

Signed-off-by: DL6ER <dl6er@dl6er.de>
@simonkelley @DL6ER
Simplify realloc use in poll.c
e29c3b6 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@simonkelley @DL6ER
Tweak packet dump code to make port numbers more accurate.
a95263f 
Also add query-ids with log-queries=extra.

Signed-off-by: DL6ER <dl6er@dl6er.de>
@simonkelley @DL6ER
Free sockets awaiting upstream DNS replies ASAP.
fbfbd64 
Once we have a good answer, close the socket so that the fd can
be reused during DNSSEC validation and we don't have to read and
discard more replies from other servers.

Signed-off-by: DL6ER <dl6er@dl6er.de>
@simonkelley @DL6ER
Fix DHCPv6 relay to use a more sensble source address.
5d921ce 
Tweak things so that packets relayed towards a server
have source address on the server-facing network, not the
client-facing network. Thanks to Luis Thomas for spotting this
and initial patch.

Signed-off-by: DL6ER <dl6er@dl6er.de>
@simonkelley @DL6ER
Add source address to RA packet dumps.
07bf141 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@simonkelley @DL6ER
Fix logic when a SERVFAIL reply is received after good replt for DNSSEC.
bd4e2b2 
If we get a SERVFAIL or REFUSED answer to a DNSSEC query for which
we already have a good answer, just ignore it.

Signed-off-by: DL6ER <dl6er@dl6er.de>
@simonkelley @DL6ER
Add DHCPv4 option 108 "ipv6-only" to the options table.
8e0b867 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@DL6ER
Update dnsmasq version to v2.87rc1
4dfc8d6 
Signed-off-by: DL6ER <dl6er@dl6er.de>
@DL6ER @yubiuser
Apply suggestions from code review
bea9630 
Co-authored-by: yubiuser <ckoenig@posteo.de>
Signed-off-by: DL6ER <DL6ER@users.noreply.github.com>
@DL6ER
Merge pull request pi-hole#1429 from pi-hole/update/dnsmasq
3a76ee2 
Update embedded dnsmasq to v2.87rc1
@DL6ER
Merge pull request pi-hole#1409 from pi-hole/tweak/white_regex_id
4cd6809 
Store domainlist IDs for blocked/permitted queries
@a1346054
Replace nonstandard which
8035ae4 
`command -v` is the standardized replacement for `which`

Signed-off-by: a1346054 <36859588+a1346054@users.noreply.github.com>
@DL6ER
Merge pull request pi-hole#1430 from a1346054/fixes
f7e15ea 
Replace nonstandard `which`
@PromoFaux
Merge pull request pi-hole#1431 from pi-hole/development
f95464d 
v5.18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
internal
Projects
None yet
Milestone
No milestone