mirror of
https://github.com/pi-hole/pi-hole.git
synced 2024-11-15 02:42:58 +00:00
Remove pihole-FTL.port file (#4945)
This commit is contained in:
commit
9dd51b79b5
6 changed files with 46 additions and 67 deletions
|
@ -14,7 +14,9 @@ LC_NUMERIC=C
|
|||
# Retrieve stats from FTL engine
|
||||
pihole-FTL() {
|
||||
local ftl_port LINE
|
||||
ftl_port=$(cat /run/pihole-FTL.port 2> /dev/null)
|
||||
# shellcheck disable=SC1091
|
||||
. /opt/pihole/utils.sh
|
||||
ftl_port=$(getFTLAPIPort)
|
||||
if [[ -n "$ftl_port" ]]; then
|
||||
# Open connection to FTL
|
||||
exec 3<>"/dev/tcp/127.0.0.1/$ftl_port"
|
||||
|
|
|
@ -126,7 +126,6 @@ PIHOLE_COMMAND="${BIN_DIRECTORY}/pihole"
|
|||
PIHOLE_COLTABLE_FILE="${BIN_DIRECTORY}/COL_TABLE"
|
||||
|
||||
FTL_PID="${RUN_DIRECTORY}/pihole-FTL.pid"
|
||||
FTL_PORT="${RUN_DIRECTORY}/pihole-FTL.port"
|
||||
|
||||
PIHOLE_LOG="${LOG_DIRECTORY}/pihole.log"
|
||||
PIHOLE_LOG_GZIPS="${LOG_DIRECTORY}/pihole.log.[0-9].*"
|
||||
|
@ -155,7 +154,6 @@ REQUIRED_FILES=("${PIHOLE_CRON_FILE}"
|
|||
"${PIHOLE_COMMAND}"
|
||||
"${PIHOLE_COLTABLE_FILE}"
|
||||
"${FTL_PID}"
|
||||
"${FTL_PORT}"
|
||||
"${PIHOLE_LOG}"
|
||||
"${PIHOLE_LOG_GZIPS}"
|
||||
"${PIHOLE_DEBUG_LOG}"
|
||||
|
|
|
@ -70,47 +70,27 @@ removeKey() {
|
|||
sed -i "/^${key}/d" "${file}"
|
||||
}
|
||||
|
||||
#######################
|
||||
# returns path of FTL's port file
|
||||
#######################
|
||||
getFTLAPIPortFile() {
|
||||
local FTLCONFFILE="/etc/pihole/pihole-FTL.conf"
|
||||
local DEFAULT_PORT_FILE="/run/pihole-FTL.port"
|
||||
local FTL_APIPORT_FILE
|
||||
|
||||
if [ -s "${FTLCONFFILE}" ]; then
|
||||
# if PORTFILE is not set in pihole-FTL.conf, use the default path
|
||||
FTL_APIPORT_FILE="$({ grep '^PORTFILE=' "${FTLCONFFILE}" || echo "${DEFAULT_PORT_FILE}"; } | cut -d'=' -f2-)"
|
||||
else
|
||||
# if there is no pihole-FTL.conf, use the default path
|
||||
FTL_APIPORT_FILE="${DEFAULT_PORT_FILE}"
|
||||
fi
|
||||
|
||||
echo "${FTL_APIPORT_FILE}"
|
||||
}
|
||||
|
||||
|
||||
#######################
|
||||
# returns FTL's current telnet API port based on the content of the pihole-FTL.port file
|
||||
#
|
||||
# Takes one argument: path to pihole-FTL.port
|
||||
# Example getFTLAPIPort "/run/pihole-FTL.port"
|
||||
#######################
|
||||
# returns FTL's current telnet API port based on the setting in /etc/pihole-FTL.conf
|
||||
########################
|
||||
getFTLAPIPort(){
|
||||
local PORTFILE="${1}"
|
||||
local FTLCONFFILE="/etc/pihole/pihole-FTL.conf"
|
||||
local DEFAULT_FTL_PORT=4711
|
||||
local ftl_api_port
|
||||
|
||||
if [ -s "$PORTFILE" ]; then
|
||||
# -s: FILE exists and has a size greater than zero
|
||||
ftl_api_port=$(cat "${PORTFILE}")
|
||||
# Exploit prevention: unset the variable if there is malicious content
|
||||
# Verify that the value read from the file is numeric
|
||||
expr "$ftl_api_port" : "[^[:digit:]]" > /dev/null && unset ftl_api_port
|
||||
if [ -s "$FTLCONFFILE" ]; then
|
||||
# if FTLPORT is not set in pihole-FTL.conf, use the default port
|
||||
ftl_api_port="$({ grep '^FTLPORT=' "${FTLCONFFILE}" || echo "${DEFAULT_FTL_PORT}"; } | cut -d'=' -f2-)"
|
||||
# Exploit prevention: set the port to the default port if there is malicious (non-numeric)
|
||||
# content set in pihole-FTL.conf
|
||||
expr "${ftl_api_port}" : "[^[:digit:]]" > /dev/null && ftl_api_port="${DEFAULT_FTL_PORT}"
|
||||
else
|
||||
# if there is no pihole-FTL.conf, use the default port
|
||||
ftl_api_port="${DEFAULT_FTL_PORT}"
|
||||
fi
|
||||
|
||||
# echo the port found in the portfile or default to the default port
|
||||
echo "${ftl_api_port:=$DEFAULT_FTL_PORT}"
|
||||
echo "${ftl_api_port}"
|
||||
}
|
||||
|
||||
#######################
|
||||
|
|
|
@ -9,7 +9,7 @@
|
|||
# Description: Enable service provided by pihole-FTL daemon
|
||||
### END INIT INFO
|
||||
|
||||
#source utils.sh for getFTLPIDFile(), getFTLPID (), getFTLAPIPortFile()
|
||||
#source utils.sh for getFTLPIDFile(), getFTLPID ()
|
||||
PI_HOLE_SCRIPT_DIR="/opt/pihole"
|
||||
utilsfile="${PI_HOLE_SCRIPT_DIR}/utils.sh"
|
||||
. "${utilsfile}"
|
||||
|
@ -31,7 +31,6 @@ start() {
|
|||
# Touch files to ensure they exist (create if non-existing, preserve if existing)
|
||||
mkdir -pm 0755 /run/pihole /var/log/pihole
|
||||
[ ! -f "${FTL_PID_FILE}" ] && install -D -m 644 -o pihole -g pihole /dev/null "${FTL_PID_FILE}"
|
||||
[ ! -f "${FTL_PORT_FILE}" ] && install -D -m 644 -o pihole -g pihole /dev/null "${FTL_PORT_FILE}"
|
||||
[ ! -f /var/log/pihole/FTL.log ] && install -m 644 -o pihole -g pihole /dev/null /var/log/pihole/FTL.log
|
||||
[ ! -f /var/log/pihole/pihole.log ] && install -m 640 -o pihole -g pihole /dev/null /var/log/pihole/pihole.log
|
||||
[ ! -f /etc/pihole/dhcp.leases ] && install -m 644 -o pihole -g pihole /dev/null /etc/pihole/dhcp.leases
|
||||
|
@ -91,7 +90,7 @@ stop() {
|
|||
echo "Not running"
|
||||
fi
|
||||
# Cleanup
|
||||
rm -f /run/pihole/FTL.sock /dev/shm/FTL-* "${FTL_PID_FILE}" "${FTL_PORT_FILE}"
|
||||
rm -f /run/pihole/FTL.sock /dev/shm/FTL-* "${FTL_PID_FILE}"
|
||||
echo
|
||||
}
|
||||
|
||||
|
@ -111,7 +110,6 @@ status() {
|
|||
|
||||
# Get file paths
|
||||
FTL_PID_FILE="$(getFTLPIDFile)"
|
||||
FTL_PORT_FILE="$(getFTLAPIPortFile)"
|
||||
|
||||
# Get FTL's current PID
|
||||
FTL_PID="$(getFTLPID ${FTL_PID_FILE})"
|
||||
|
|
5
pihole
5
pihole
|
@ -303,14 +303,13 @@ analyze_ports() {
|
|||
|
||||
statusFunc() {
|
||||
# Determine if there is pihole-FTL service is listening
|
||||
local pid port ftl_api_port ftl_pid_file ftl_apiport_file
|
||||
local pid port ftl_api_port ftl_pid_file
|
||||
|
||||
ftl_pid_file="$(getFTLPIDFile)"
|
||||
|
||||
pid="$(getFTLPID ${ftl_pid_file})"
|
||||
|
||||
ftl_apiport_file="${getFTLAPIPortFile}"
|
||||
ftl_api_port="$(getFTLAPIPort ${ftl_apiport_file})"
|
||||
ftl_api_port="$(getFTLAPIPort)"
|
||||
if [[ "$pid" -eq "-1" ]]; then
|
||||
case "${1}" in
|
||||
"web") echo "-1";;
|
||||
|
|
|
@ -62,50 +62,52 @@ def test_key_removal_works(host):
|
|||
assert expected_stdout == output.stdout
|
||||
|
||||
|
||||
def test_getFTLAPIPortFile_default(host):
|
||||
"""Confirms getFTLAPIPortFile returns the default API port file path"""
|
||||
output = host.run(
|
||||
"""
|
||||
source /opt/pihole/utils.sh
|
||||
getFTLAPIPortFile
|
||||
"""
|
||||
)
|
||||
expected_stdout = "/run/pihole-FTL.port\n"
|
||||
assert expected_stdout == output.stdout
|
||||
|
||||
|
||||
def test_getFTLAPIPort_default(host):
|
||||
"""Confirms getFTLAPIPort returns the default API port"""
|
||||
output = host.run(
|
||||
"""
|
||||
source /opt/pihole/utils.sh
|
||||
getFTLAPIPort "/run/pihole-FTL.port"
|
||||
getFTLAPIPort
|
||||
"""
|
||||
)
|
||||
expected_stdout = "4711\n"
|
||||
assert expected_stdout == output.stdout
|
||||
|
||||
|
||||
def test_getFTLAPIPortFile_and_getFTLAPIPort_custom(host):
|
||||
"""Confirms getFTLAPIPort returns a custom API port in a custom PORTFILE location"""
|
||||
def test_getFTLAPIPort_custom(host):
|
||||
"""Confirms getFTLAPIPort returns a custom API port"""
|
||||
host.run(
|
||||
"""
|
||||
tmpfile=$(mktemp)
|
||||
echo "PORTFILE=${tmpfile}" > /etc/pihole/pihole-FTL.conf
|
||||
echo "1234" > ${tmpfile}
|
||||
echo "FTLPORT=1234" > /etc/pihole/pihole-FTL.conf
|
||||
"""
|
||||
)
|
||||
output = host.run(
|
||||
"""
|
||||
source /opt/pihole/utils.sh
|
||||
FTL_API_PORT_FILE=$(getFTLAPIPortFile)
|
||||
getFTLAPIPort "${FTL_API_PORT_FILE}"
|
||||
getFTLAPIPort
|
||||
"""
|
||||
)
|
||||
expected_stdout = "1234\n"
|
||||
assert expected_stdout == output.stdout
|
||||
|
||||
|
||||
def test_getFTLAPIPort_malicious(host):
|
||||
"""Confirms getFTLAPIPort returns 4711 if the setting in pihole-FTL.conf contains non-digits"""
|
||||
host.run(
|
||||
"""
|
||||
echo "FTLPORT=*$ssdfsd" > /etc/pihole/pihole-FTL.conf
|
||||
"""
|
||||
)
|
||||
output = host.run(
|
||||
"""
|
||||
source /opt/pihole/utils.sh
|
||||
getFTLAPIPort
|
||||
"""
|
||||
)
|
||||
expected_stdout = "4711\n"
|
||||
assert expected_stdout == output.stdout
|
||||
|
||||
|
||||
def test_getFTLPIDFile_default(host):
|
||||
"""Confirms getFTLPIDFile returns the default PID file path"""
|
||||
output = host.run(
|
||||
|
|
Loading…
Reference in a new issue