Merge pull request #1160 from pi-hole/release/v5.9

Pi-hole FTL v5.9

.gitignore

@@ -13,6 +13,7 @@ version*
 .idea/
 *.sw*
 .vscode/
+/.vscode/
 /build/
 
 # MAC->Vendor database files

CMakeLists.txt

@@ -11,6 +11,6 @@
 cmake_minimum_required(VERSION 2.8.12)
 project(PIHOLE_FTL C)
 
-set(DNSMASQ_VERSION pi-hole-2.85)
+set(DNSMASQ_VERSION pi-hole-2.86)
 
 add_subdirectory(src)

src/CMakeLists.txt

@@ -26,7 +26,9 @@ set(CMAKE_RUNTIME_OUTPUT_DIRECTORY ${PROJECT_BINARY_DIR})
 # SQLITE_OMIT_PROGRESS_CALLBACK: The progress handler callback counter must be checked in the inner loop of the bytecode engine. By omitting this interface, a single conditional is removed from the inner loop of the bytecode engine, helping SQL statements to run slightly faster.
 # SQLITE_DEFAULT_FOREIGN_KEYS=1: This macro determines whether enforcement of foreign key constraints is enabled or disabled by default for new database connections.
 # SQLITE_DQS=0: This setting disables the double-quoted string literal misfeature.
-set(SQLITE_DEFINES "-DSQLITE_OMIT_LOAD_EXTENSION -DSQLITE_DEFAULT_MEMSTATUS=0 -DSQLITE_OMIT_DEPRECATED -DSQLITE_OMIT_PROGRESS_CALLBACK -DSQLITE_DEFAULT_FOREIGN_KEYS=1 -DSQLITE_DQS=0")
+# SQLITE_ENABLE_DBPAGE_VTAB: Enables the SQLITE_DBPAGE virtual table. Warning: writing to the SQLITE_DBPAGE virtual table can very easily cause unrecoverably database corruption.
+# SQLITE_OMIT_DESERIALIZE: This option causes the the sqlite3_serialize() and sqlite3_deserialize() interfaces to be omitted from the build (was the default before 3.36.0)
+set(SQLITE_DEFINES "-DSQLITE_OMIT_LOAD_EXTENSION -DSQLITE_DEFAULT_MEMSTATUS=0 -DSQLITE_OMIT_DEPRECATED -DSQLITE_OMIT_PROGRESS_CALLBACK -DSQLITE_DEFAULT_FOREIGN_KEYS=1 -DSQLITE_DQS=0 -DSQLITE_ENABLE_DBPAGE_VTAB -DSQLITE_OMIT_DESERIALIZE")
 
 # Code hardening and debugging improvements
 # -fstack-protector-strong: The program will be resistant to having its stack overflowed
@@ -185,7 +187,6 @@ else()
     find_library(LIBMATH m)
     target_link_libraries(pihole-FTL ${LIBMATH})
 endif()
-target_compile_definitions(pihole-FTL PRIVATE DNSMASQ_VERSION=\"${DNSMASQ_VERSION}\")
 set(CMAKE_THREAD_PREFER_PTHREAD TRUE)
 set(THREADS_PREFER_PTHREAD_FLAG TRUE)
 find_package(Threads REQUIRED)

src/api/api.c

@@ -38,6 +38,8 @@
 #include "../regex_r.h"
 // get_aliasclient_list()
 #include "../database/aliasclients.h"
+// get_edestr()
+#include "api_helper.h"
 
 #define min(a,b) ({ __typeof__ (a) _a = (a); __typeof__ (b) _b = (b); _a < _b ? _a : _b; })
 
@@ -493,24 +495,25 @@ void getTopClients(const char *client_message, const int *sock)
 void getUpstreamDestinations(const char *client_message, const int *sock)
 {
 	bool sort = true;
-	int temparray[counters->upstreams][2], totalqueries = 0;
+	int temparray[counters->upstreams][2], totalqueries = 0, totalcount = 0;
 
 	if(command(client_message, "unsorted"))
 		sort = false;
 
 	for(int upstreamID = 0; upstreamID < counters->upstreams; upstreamID++)
 	{
-		// If we want to print a sorted output, we fill the temporary array with
-		// the values we will use for sorting afterwards
-		if(sort) {
-			// Get forward pointer
-			const upstreamsData* forward = getUpstream(upstreamID, true);
-			if(forward == NULL)
-				continue;
+		// Get upstream pointer
+		const upstreamsData* upstream = getUpstream(upstreamID, true);
+		if(upstream == NULL)
+			continue;
 
-			temparray[upstreamID][0] = upstreamID;
-			temparray[upstreamID][1] = forward->count;
-		}
+		temparray[upstreamID][0] = upstreamID;
+
+		int count = 0;
+		for(unsigned i = 0; i < (sizeof(upstream->overTime)/sizeof(*upstream->overTime)); i++)
+			count += upstream->overTime[i];
+		temparray[upstreamID][1] = count;
+		totalcount += count;
 	}
 
 	if(sort)
@@ -519,13 +522,13 @@ void getUpstreamDestinations(const char *client_message, const int *sock)
 		qsort(temparray, counters->upstreams, sizeof(int[2]), cmpdesc);
 	}
 
-	totalqueries = forwarded_queries() + cached_queries() + blocked_queries();
+	totalqueries = totalcount + cached_queries() + blocked_queries();
 
 	// Loop over available forward destinations
 	for(int i = -2; i < min(counters->upstreams, 8); i++)
 	{
 		float percentage = 0.0f;
-		const char* ip, *name;
+		const char *ip, *name;
 		in_port_t upstream_port = 0;
 
 		if(i == -2)
@@ -551,12 +554,8 @@ void getUpstreamDestinations(const char *client_message, const int *sock)
 		else
 		{
 			// Regular upstream destination
-			// Get sorted indices
-			int upstreamID;
-			if(sort)
-				upstreamID = temparray[i][0];
-			else
-				upstreamID = i;
+			const int upstreamID = temparray[i][0];
+			const int count = temparray[i][1];
 
 			// Get upstream pointer
 			const upstreamsData* upstream = getUpstream(upstreamID, true);
@@ -573,7 +572,7 @@ void getUpstreamDestinations(const char *client_message, const int *sock)
 
 			// Get percentage
 			if(totalqueries > 0)
-				percentage = 1e2f * upstream->count / totalqueries;
+				percentage = 1e2f * count / totalqueries;
 		}
 
 		// Send data:
@@ -1021,7 +1020,7 @@ void getAllQueries(const char *client_message, const int *sock)
 
 		if(istelnet[*sock])
 		{
-			ssend(*sock,"%lli %s %s %s %i %i %i %lu %s %i %s",
+			ssend(*sock,"%lli %s %s %s %i %i %i %lu %s %i %s#%u \"%s\"",
 				(long long)query->timestamp,
 				qtype,
 				domain,
@@ -1032,12 +1031,12 @@ void getAllQueries(const char *client_message, const int *sock)
 				delay,
 				CNAME_domain,
 				regex_idx,
-				upstream_name);
-			if(upstream_port != 0)
-				ssend(*sock, "#%u", upstream_port);
+				upstream_name,
+				upstream_port,
+				query->ede == -1 ? "" : get_edestr(query->ede));
 
 			if(config.debug & DEBUG_API)
-				ssend(*sock, " %i", queryID);
+				ssend(*sock, " \"%i\"", queryID);
 			ssend(*sock, "\n");
 		}
 		else

src/api/api_helper.h

@@ -0,0 +1,15 @@
+/* Pi-hole: A black hole for Internet advertisements
+*  (c) 2021 Pi-hole, LLC (https://pi-hole.net)
+*  Network-wide ad blocking via your own hardware.
+*
+*  FTL Engine
+*  API helper routines
+*
+*  This file is copyright under the latest version of the EUPL.
+*  Please see LICENSE file for your rights under this license. */
+#ifndef API_HELPER_H
+#define API_HELPER_H
+
+const char *get_edestr(const int ede);
+
+#endif // API_HELPER_H

src/api/socket.c

@@ -16,6 +16,9 @@
 #include "../config.h"
 // global variable killed
 #include "../signals.h"
+// API thread storage
+#include "../daemon.h"
+#include "../shmem.h"
 
 // The backlog argument defines the maximum length
 // to which the queue of pending connections for
@@ -312,10 +315,29 @@ static void *telnet_connection_handler_thread(void *socket_desc)
 	char client_message[SOCKETBUFFERLEN] = "";
 
 	// Set thread name
-	char threadname[16];
+	char threadname[16] = { 0 };
 	sprintf(threadname, "telnet-%i", sock);
 	prctl(PR_SET_NAME, threadname, 0, 0, 0);
-	//Receive from client
+
+	// Store TID of this thread
+	lock_shm();
+	unsigned int tid;
+	for(tid = 0; tid < MAX_API_THREADS; tid++)
+	{
+		if(api_threads[tid] == 0)
+		{
+			api_threads[tid] = pthread_self();
+			break;
+		}
+	}
+	unlock_shm();
+	if(tid == MAX_API_THREADS)
+	{
+		logg("Not able to spawn new API thread, limit of " str(MAX_API_THREADS) " threads reached.");
+		return NULL;
+	}
+
+	// Receive from client
 	ssize_t n;
 	while((n = recv(sock,client_message,SOCKETBUFFERLEN-1, 0)))
 	{
@@ -343,12 +365,15 @@ static void *telnet_connection_handler_thread(void *socket_desc)
 		}
 	}
 
-	//Free the socket pointer
+	// Free the socket pointer
 	if(sock != 0)
 		close(sock);
 	free(socket_desc);
 
-	return false;
+	// Release thread from list
+	api_threads[tid] = 0;
+
+	return NULL;
 }
 
 
@@ -367,6 +392,29 @@ static void *socket_connection_handler_thread(void *socket_desc)
 	sprintf(threadname, "socket-%i", sock);
 	prctl(PR_SET_NAME, threadname, 0, 0, 0);
 
+	// Ensure this thread can be canceled at any time (not only at
+	// cancellation points)
+	pthread_setcanceltype(PTHREAD_CANCEL_ASYNCHRONOUS, NULL);
+
+	// Store TID of this thread
+	lock_shm();
+	unsigned int tid;
+	for(tid = 0; tid < MAX_API_THREADS; tid++)
+	{
+		if(api_threads[tid] == 0)
+		{
+			api_threads[tid] = pthread_self();
+			api_tids[tid] = gettid();
+			break;
+		}
+	}
+	unlock_shm();
+	if(tid == MAX_API_THREADS)
+	{
+		logg("Not able to spawn new API thread, limit of " str(MAX_API_THREADS) " threads reached.");
+		return NULL;
+	}
+
 	// Receive from client
 	ssize_t n;
 	while((n = recv(sock,client_message,SOCKETBUFFERLEN-1, 0)))
@@ -395,12 +443,16 @@ static void *socket_connection_handler_thread(void *socket_desc)
 		}
 	}
 
-	//Free the socket pointer
+	// Free the socket pointer
 	if(sock != 0)
 		close(sock);
 	free(socket_desc);
 
-	return false;
+	// Release thread from list
+	api_threads[tid] = 0;
+	api_tids[tid] = 0;
+
+	return NULL;
 }
 
 void *telnet_listening_thread_IPv4(void *args)

src/capabilities.c

@@ -78,33 +78,37 @@ bool check_capabilities(void)
 	if (!(data->permitted & (1 << CAP_NET_ADMIN)))
 	{
 		// Needed for ARP-injection (used when we're the DHCP server)
-		logg("*************************************************************************");
-		logg("* WARNING: Required Linux capability CAP_NET_ADMIN not available        *");
-		logg("*************************************************************************");
+		logg("WARNING: Required Linux capability CAP_NET_ADMIN not available");
 		capabilities_okay = false;
 	}
 	if (!(data->permitted & (1 << CAP_NET_RAW)))
 	{
 		// Needed for raw socket access (necessary for ICMP)
-		logg("*************************************************************************");
-		logg("* WARNING: Required Linux capability CAP_NET_RAW not available          *");
-		logg("*************************************************************************");
+		logg("WARNING: Required Linux capability CAP_NET_RAW not available");
 		capabilities_okay = false;
 	}
 	if (!(data->permitted & (1 << CAP_NET_BIND_SERVICE)))
 	{
 		// Necessary for dynamic port binding
-		logg("*************************************************************************");
-		logg("* WARNING: Required Linux capability CAP_NET_BIND_SERVICE not available *");
-		logg("*************************************************************************");
+		logg("WARNING: Required Linux capability CAP_NET_BIND_SERVICE not available");
 		capabilities_okay = false;
 	}
 	if (!(data->permitted & (1 << CAP_SYS_NICE)))
 	{
 		// Necessary for dynamic port binding
-		logg("*************************************************************************");
-		logg("* WARNING: Required Linux capability CAP_SYS_NICE not available         *");
-		logg("*************************************************************************");
+		logg("WARNING: Required Linux capability CAP_SYS_NICE not available");
+		capabilities_okay = false;
+	}
+	if (!(data->permitted & (1 << CAP_IPC_LOCK)))
+	{
+		// Necessary for mmap() to work correctly
+		logg("WARNING: Required Linux capability CAP_IPC_LOCK not available");
+		capabilities_okay = false;
+	}
+	if (!(data->permitted & (1 << CAP_CHOWN)))
+	{
+		// Necessary for chown() to work correctly
+		logg("WARNING: Required Linux capability CAP_CHOWN not available");
 		capabilities_okay = false;
 	}