1
0
mirror of https://github.com/pi-hole/pi-hole synced 2024-12-22 06:48:07 +00:00

No detour - use pihole-FTL.conf to get the API port number

Signed-off-by: Christian König <ckoenig@posteo.de>
This commit is contained in:
Christian König 2022-09-21 09:24:44 +02:00
parent 1b0b0ca445
commit 3d01e4d0cf
4 changed files with 42 additions and 58 deletions

View File

@ -32,8 +32,8 @@ addOrEditKeyValPair() {
local value="${3}" local value="${3}"
if grep -q "^${key}=" "${file}"; then if grep -q "^${key}=" "${file}"; then
# Key already exists in file, modify the value # Key already exists in file, modify the value
sed -i "/^${key}=/c\\${key}=${value}" "${file}" sed -i "/^${key}=/c\\${key}=${value}" "${file}"
else else
# Key does not already exist, add it and it's value # Key does not already exist, add it and it's value
echo "${key}=${value}" >> "${file}" echo "${key}=${value}" >> "${file}"
@ -52,8 +52,8 @@ addKey(){
local key="${2}" local key="${2}"
if ! grep -q "^${key}" "${file}"; then if ! grep -q "^${key}" "${file}"; then
# Key does not exist, add it. # Key does not exist, add it.
echo "${key}" >> "${file}" echo "${key}" >> "${file}"
fi fi
} }
@ -70,47 +70,32 @@ removeKey() {
sed -i "/^${key}/d" "${file}" sed -i "/^${key}/d" "${file}"
} }
#######################
# returns path of FTL's port file
#######################
getFTLAPIPortFile() {
local FTLCONFFILE="/etc/pihole/pihole-FTL.conf"
local DEFAULT_PORT_FILE="/run/pihole-FTL.port"
local FTL_APIPORT_FILE
if [ -s "${FTLCONFFILE}" ]; then
# if PORTFILE is not set in pihole-FTL.conf, use the default path
FTL_APIPORT_FILE="$({ grep '^PORTFILE=' "${FTLCONFFILE}" || echo "${DEFAULT_PORT_FILE}"; } | cut -d'=' -f2-)"
else
# if there is no pihole-FTL.conf, use the default path
FTL_APIPORT_FILE="${DEFAULT_PORT_FILE}"
fi
echo "${FTL_APIPORT_FILE}"
}
####################### #######################
# returns FTL's current telnet API port based on the content of the pihole-FTL.port file # returns FTL's current telnet API port based on the setting in /etc/pihole-FTL.conf
# #
# Takes one argument: path to pihole-FTL.port # Takes one argument: path to pihole-FTL.port
# Example getFTLAPIPort "/run/pihole-FTL.port" # Example getFTLAPIPort "/run/pihole-FTL.port"
####################### #######################
getFTLAPIPort(){ getFTLAPIPort(){
local PORTFILE="${1}" local FTLCONFFILE="/etc/pihole/pihole-FTL.conf"
local DEFAULT_FTL_PORT=4711 local DEFAULT_FTL_PORT=4711
local ftl_api_port local ftl_api_port
if [ -s "$PORTFILE" ]; then if [ -s "$FTLCONFFILE" ]; then
# -s: FILE exists and has a size greater than zero # if FTLPORT is not set in pihole-FTL.conf, use the default port
ftl_api_port=$(cat "${PORTFILE}") ftl_api_port="$({ grep '^FTLPORT=' "${FTLCONFFILE}" || echo "${DEFAULT_FTL_PORT}"; } | cut -d'=' -f2-)"
# Exploit prevention: unset the variable if there is malicious content # Exploit prevention: unset the variable if there is malicious content
# Verify that the value read from the file is numeric # Verify that the value read from the file is numeric
expr "$ftl_api_port" : "[^[:digit:]]" > /dev/null && unset ftl_api_port expr "${ftl_api_port}" : "[^[:digit:]]" > /dev/null && unset ftl_api_port
else
# if there is no pihole-FTL.conf, use the default port
ftl_api_port="${DEFAULT_FTL_PORT}"
fi fi
# echo the port found in the portfile or default to the default port # If the ftl_api_port contained malicious stuff, substitute with -1
echo "${ftl_api_port:=$DEFAULT_FTL_PORT}" ftl_api_port=${ftl_api_port:=-1}
echo "${ftl_api_port}"
} }
####################### #######################

View File

@ -9,7 +9,7 @@
# Description: Enable service provided by pihole-FTL daemon # Description: Enable service provided by pihole-FTL daemon
### END INIT INFO ### END INIT INFO
#source utils.sh for getFTLPIDFile(), getFTLPID (), getFTLAPIPortFile() #source utils.sh for getFTLPIDFile(), getFTLPID ()
PI_HOLE_SCRIPT_DIR="/opt/pihole" PI_HOLE_SCRIPT_DIR="/opt/pihole"
utilsfile="${PI_HOLE_SCRIPT_DIR}/utils.sh" utilsfile="${PI_HOLE_SCRIPT_DIR}/utils.sh"
. "${utilsfile}" . "${utilsfile}"
@ -31,7 +31,6 @@ start() {
# Touch files to ensure they exist (create if non-existing, preserve if existing) # Touch files to ensure they exist (create if non-existing, preserve if existing)
mkdir -pm 0755 /run/pihole /var/log/pihole mkdir -pm 0755 /run/pihole /var/log/pihole
[ ! -f "${FTL_PID_FILE}" ] && install -D -m 644 -o pihole -g pihole /dev/null "${FTL_PID_FILE}" [ ! -f "${FTL_PID_FILE}" ] && install -D -m 644 -o pihole -g pihole /dev/null "${FTL_PID_FILE}"
[ ! -f "${FTL_PORT_FILE}" ] && install -D -m 644 -o pihole -g pihole /dev/null "${FTL_PORT_FILE}"
[ ! -f /var/log/pihole/FTL.log ] && install -m 644 -o pihole -g pihole /dev/null /var/log/pihole/FTL.log [ ! -f /var/log/pihole/FTL.log ] && install -m 644 -o pihole -g pihole /dev/null /var/log/pihole/FTL.log
[ ! -f /var/log/pihole/pihole.log ] && install -m 640 -o pihole -g pihole /dev/null /var/log/pihole/pihole.log [ ! -f /var/log/pihole/pihole.log ] && install -m 640 -o pihole -g pihole /dev/null /var/log/pihole/pihole.log
[ ! -f /etc/pihole/dhcp.leases ] && install -m 644 -o pihole -g pihole /dev/null /etc/pihole/dhcp.leases [ ! -f /etc/pihole/dhcp.leases ] && install -m 644 -o pihole -g pihole /dev/null /etc/pihole/dhcp.leases
@ -91,7 +90,7 @@ stop() {
echo "Not running" echo "Not running"
fi fi
# Cleanup # Cleanup
rm -f /run/pihole/FTL.sock /dev/shm/FTL-* "${FTL_PID_FILE}" "${FTL_PORT_FILE}" rm -f /run/pihole/FTL.sock /dev/shm/FTL-* "${FTL_PID_FILE}"
echo echo
} }
@ -111,7 +110,6 @@ status() {
# Get file paths # Get file paths
FTL_PID_FILE="$(getFTLPIDFile)" FTL_PID_FILE="$(getFTLPIDFile)"
FTL_PORT_FILE="$(getFTLAPIPortFile)"
# Get FTL's current PID # Get FTL's current PID
FTL_PID="$(getFTLPID ${FTL_PID_FILE})" FTL_PID="$(getFTLPID ${FTL_PID_FILE})"

5
pihole
View File

@ -303,14 +303,13 @@ analyze_ports() {
statusFunc() { statusFunc() {
# Determine if there is pihole-FTL service is listening # Determine if there is pihole-FTL service is listening
local pid port ftl_api_port ftl_pid_file ftl_apiport_file local pid port ftl_api_port ftl_pid_file
ftl_pid_file="$(getFTLPIDFile)" ftl_pid_file="$(getFTLPIDFile)"
pid="$(getFTLPID ${ftl_pid_file})" pid="$(getFTLPID ${ftl_pid_file})"
ftl_apiport_file="${getFTLAPIPortFile}" ftl_api_port="$(getFTLAPIPort)"
ftl_api_port="$(getFTLAPIPort ${ftl_apiport_file})"
if [[ "$pid" -eq "-1" ]]; then if [[ "$pid" -eq "-1" ]]; then
case "${1}" in case "${1}" in
"web") echo "-1";; "web") echo "-1";;

View File

@ -62,50 +62,52 @@ def test_key_removal_works(host):
assert expected_stdout == output.stdout assert expected_stdout == output.stdout
def test_getFTLAPIPortFile_default(host):
"""Confirms getFTLAPIPortFile returns the default API port file path"""
output = host.run(
"""
source /opt/pihole/utils.sh
getFTLAPIPortFile
"""
)
expected_stdout = "/run/pihole-FTL.port\n"
assert expected_stdout == output.stdout
def test_getFTLAPIPort_default(host): def test_getFTLAPIPort_default(host):
"""Confirms getFTLAPIPort returns the default API port""" """Confirms getFTLAPIPort returns the default API port"""
output = host.run( output = host.run(
""" """
source /opt/pihole/utils.sh source /opt/pihole/utils.sh
getFTLAPIPort "/run/pihole-FTL.port" getFTLAPIPort
""" """
) )
expected_stdout = "4711\n" expected_stdout = "4711\n"
assert expected_stdout == output.stdout assert expected_stdout == output.stdout
def test_getFTLAPIPortFile_and_getFTLAPIPort_custom(host): def test_getFTLAPIPort_custom(host):
"""Confirms getFTLAPIPort returns a custom API port in a custom PORTFILE location""" """Confirms getFTLAPIPort returns a custom API port"""
host.run( host.run(
""" """
tmpfile=$(mktemp) echo "FTLPORT=1234" > /etc/pihole/pihole-FTL.conf
echo "PORTFILE=${tmpfile}" > /etc/pihole/pihole-FTL.conf
echo "1234" > ${tmpfile}
""" """
) )
output = host.run( output = host.run(
""" """
source /opt/pihole/utils.sh source /opt/pihole/utils.sh
FTL_API_PORT_FILE=$(getFTLAPIPortFile) getFTLAPIPort
getFTLAPIPort "${FTL_API_PORT_FILE}"
""" """
) )
expected_stdout = "1234\n" expected_stdout = "1234\n"
assert expected_stdout == output.stdout assert expected_stdout == output.stdout
def test_getFTLAPIPort_malicious(host):
"""Confirms getFTLAPIPort returns -1 if the setting in pihole-FTL.conf contains non-digits"""
host.run(
"""
echo "FTLPORT=*$ssdfsd" > /etc/pihole/pihole-FTL.conf
"""
)
output = host.run(
"""
source /opt/pihole/utils.sh
getFTLAPIPort
"""
)
expected_stdout = "-1\n"
assert expected_stdout == output.stdout
def test_getFTLPIDFile_default(host): def test_getFTLPIDFile_default(host):
"""Confirms getFTLPIDFile returns the default PID file path""" """Confirms getFTLPIDFile returns the default PID file path"""
output = host.run( output = host.run(