Pi-hole FTL v6.6#2825
Merged
Merged
Conversation
…ing. This to prevent being stuck in a situation where FTL has shut down 99% and cannot serve DNS until pihole -g finished running Signed-off-by: DL6ER <dl6er@dl6er.de>
…ost every 30 seconds Signed-off-by: DL6ER <dl6er@dl6er.de>
Signed-off-by: Dominik <dl6er@dl6er.de>
Signed-off-by: Dominik <dl6er@dl6er.de>
Signed-off-by: Dominik <dl6er@dl6er.de>
Signed-off-by: Dominik <dl6er@dl6er.de>
Sync master back into development
…es on armv5tel Signed-off-by: Dominik <dl6er@dl6er.de>
…r signals sent to the parent's process group won't reach it causing a possible premature disruption Signed-off-by: Dominik <dl6er@dl6er.de>
Fix possible resolver issue on armv5tel
…pdates Bumps the github_action-dependencies group with 2 updates in the / directory: [github/codeql-action](https://github.com/github/codeql-action) and [actions/stale](https://github.com/actions/stale). Updates `github/codeql-action` from 4.32.3 to 4.32.4 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@9e907b5...89a39a4) Updates `actions/stale` from 10.1.1 to 10.2.0 - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](actions/stale@9971854...b5d41d4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.32.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github_action-dependencies - dependency-name: actions/stale dependency-version: 10.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github_action-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
…opment-github_action-dependencies-799a582e97 Bump the github_action-dependencies group across 1 directory with 2 updates
…se or on database errors. Otherwise, garbage collection will never run, causing the memory allocation to always grow and overtime information to be incorrect (handled in GC code as well) Signed-off-by: Dominik <dl6er@dl6er.de>
…her FTL tries to resolve host names via MAC addresses. This may not work in special network configurations where clients aren't all on the same link (Lay2 but not Layer 3 connection) Signed-off-by: Dominik <dl6er@dl6er.de>
Signed-off-by: Dominik <dl6er@dl6er.de>
…pdates Bumps the github_action-dependencies group with 3 updates in the / directory: [actions/upload-artifact](https://github.com/actions/upload-artifact), [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) and [actions/download-artifact](https://github.com/actions/download-artifact). Updates `actions/upload-artifact` from 6.0.0 to 7.0.0 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@b7c566a...bbbca2d) Updates `actions/attest-build-provenance` from 3.2.0 to 4.1.0 - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](actions/attest-build-provenance@96278af...a2bbfa2) Updates `actions/download-artifact` from 7.0.0 to 8.0.0 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@37930b1...70fc10c) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github_action-dependencies - dependency-name: actions/attest-build-provenance dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github_action-dependencies - dependency-name: actions/download-artifact dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github_action-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
…tually created and VSCode knows about the defines used during compilation Signed-off-by: Dominik <dl6er@dl6er.de>
Signed-off-by: Dominik <dl6er@dl6er.de>
Signed-off-by: yubiuser <github@yubiuser.dev>
…opment-github_action-dependencies-7b65cbaeec Bump the github_action-dependencies group across 1 directory with 3 updates
Fix compile defintion sourcing for VSCode
Readline and Mbed TLS support are optional dependencies. CMake detects them, and automatically includes them if they are found. If this is not intended, currently the only way is to manually delete these liraries from the build system. While the default behaviour is beneficial, a more resilient method is looked for to exclude dependencies from the build. Introduce CMake options for both dependencies, that allow controlling build inclusion by setting a build variable. Signed-off-by: Andreas Ziegler <15275159+aeolio@users.noreply.github.com>
Introduce CMake options for optional dependencies
Commit 3b45213 (Implement automatic TLS/SSL certificate renewals) [1] introduced functionality that requires mbedtls, but mbedtls is an optional dependency. This leads to the following compilation error: pihole-ftl-6.5/src/webserver/webserver.c:36:10: fatal error: mbedtls/ssl_ciphersuites.h: No such file or directory 36 | #include <mbedtls/ssl_ciphersuites.h> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~ compilation terminated. Use the HAVE_MBEDTLS preprocessor symbol to assert that certificate related code is only included if mbedtls is present in the build. [1] 3b45213 Signed-off-by: Andreas Ziegler <15275159+aeolio@users.noreply.github.com>
Fix build without mbedtls [v2]
Fix overTime data when database.DBimport = false
Fix client count inflation for rate-limited queries
…opment-github_action-dependencies-287f6cd3ff Bump the github_action-dependencies group across 1 directory with 3 updates
…kill setsid() was already added to detach the child from the parent's process group, but systemd's default KillMode=control-group sends SIGTERM to ALL processes in the cgroup, not just the process group. After execv(), custom signal handlers are reset to SIG_DFL, so the gravity child was still killed immediately. Set SIG_IGN for SIGTERM before execv() since SIG_IGN (unlike custom handlers) is preserved across exec. This lets gravity run to completion even when FTL receives SIGTERM from systemd. Signed-off-by: Dominik <dl6er@dl6er.de>
readlink() was called with PROC_PATH_SIZ (32) as the buffer size limit, allowing it to fill all 32 bytes. The subsequent null-termination `name[len] = '\0'` then wrote one byte past the buffer end when the symlink target was >= 32 characters, corrupting the stack canary and causing a SIGSEGV via __stack_chk_fail. This was triggered in set_dnsmasq_debug() which allocates exactly PROC_PATH_SIZ bytes for the name buffer. The housekeeper thread would crash immediately when a debugger (gdb/valgrind) was attached, because it tries to read the debugger's process name via /proc/<pid>/exe. This is not the root cause of #2786 (heap corruption in civetweb-worker threads) but it blocks anyone from debugging that issue under gdb. Fix: pass PROC_PATH_SIZ - 1 to readlink(), reserving one byte for the null terminator. See #2786 Signed-off-by: Dominik <dl6er@dl6er.de>
Signed-off-by: Dominik <dl6er@dl6er.de>
Bumps the github_action-dependencies group with 1 update in the / directory: [github/codeql-action](https://github.com/github/codeql-action). Updates `github/codeql-action` from 4.34.1 to 4.35.1 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@3869755...c10b806) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.35.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github_action-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
…name Fix stack buffer overflow in get_process_name()
…opment-github_action-dependencies-fd00acb19b Bump github/codeql-action from 4.34.1 to 4.35.1 in the github_action-dependencies group across 1 directory
…avity_run Do not restart FTL while `pihole -g` is still ongoing
yubiuser
previously approved these changes
Apr 2, 2026
rdwebdesign
previously approved these changes
Apr 3, 2026
Add validation for config items that shouldn't have newlines
Sync master back into development
dschaper
approved these changes
Apr 3, 2026
dschaper
approved these changes
Apr 3, 2026
yubiuser
approved these changes
Apr 3, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What's Changed
pihole -gis still ongoing by @DL6ER in Do not restart FTL whilepihole -gis still ongoing #2419Security Advisories
New Contributors
Full Changelog: v6.5...v6.6