Pi-Hole/FTL
1
0
Fork 0
mirror of https://github.com/pi-hole/FTL.git synced 2025-12-20 02:28:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2667 from pi-hole/fix/ntp_sync_server_ip_domain

Browse Source 
Add validation for ntp.sync.server
This commit is contained in:
Dominik
2025-10-31 20:12:39 +01:00
committed by GitHub
parent bfa8f89aec 5929bfd8c1
commit dab21075e7
4 changed files with 33 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/config/config.c
View File

@@ -897,7 +897,7 @@ void initConfig(struct config *conf)
conf->ntp.sync.server.a = cJSON_CreateStringReference("A valid NTP upstream server");
conf->ntp.sync.server.t = CONF_STRING;
conf->ntp.sync.server.d.s = (char*)"pool.ntp.org";
conf->ntp.sync.server.c = validate_stub; // Only type-based checking
conf->ntp.sync.server.c = validate_dns_domain_or_ip;
conf->ntp.sync.interval.k = "ntp.sync.interval";
conf->ntp.sync.interval.h = "Interval in seconds between successive synchronization attempts with the NTP server";

23
src/config/validator.c
View File

@@ -676,3 +676,26 @@ void sanitize_dns_hosts(union conf_value *val)
free(str);
}
}
// Validate a single domain or IP address
bool validate_dns_domain_or_ip(union conf_value *val, const char *key, char err[VALIDATOR_ERRBUF_LEN])
{
// Check if it's a valid domain
if(valid_domain(val->s, strlen(val->s), false))
{
return true;
}
// Check if IP is valid
struct in_addr addr;
struct in6_addr addr6;
int ip4 = 0, ip6 = 0;
if((ip4 = inet_pton(AF_INET, val->s, &addr) == 1) || (ip6 = inet_pton(AF_INET6, val->s, &addr6)) == 1)
{
return true;
}
// If neither, return an error
snprintf(err, VALIDATOR_ERRBUF_LEN, "%s: neither a valid domain nor IP address", key);
return false;
}

1
src/config/validator.h
View File

@@ -28,5 +28,6 @@ bool validate_regex_array(union conf_value *val, const char *key, char err[VALID
bool validate_dns_revServers(union conf_value *val, const char *key, char err[VALIDATOR_ERRBUF_LEN]);
bool validate_ui_min_7_or_0(union conf_value *val, const char *key, char err[VALIDATOR_ERRBUF_LEN]);
void sanitize_dns_hosts(union conf_value *val);
bool validate_dns_domain_or_ip(union conf_value *val, const char *key, char err[VALIDATOR_ERRBUF_LEN]);
#endif // CONFIG_VALIDATOR_H

10
src/ntp/client.c
View File

@@ -768,9 +768,15 @@ bool ntp_start_sync_thread(pthread_attr_t *attr)
}
// Return early if a clock disciplining NTP client is detected
// Checks chrony, the ntp family (ntp, ntpsec and openntpd), and ntpd-rs
if(search_proc("chronyd") > 0 || search_proc("ntpd") > 0 || search_proc("ntp-daemon") > 0)
const int chronyd_found = search_proc("chronyd");
const int ntpd_found = search_proc("ntpd");
const int ntp_daemon_found = search_proc("ntp-daemon");
if(chronyd_found > 0 || ntpd_found > 0 || ntp_daemon_found > 0)
{
log_info("Clock disciplining NTP client detected, not starting embedded NTP client/server");
log_info("Clock disciplining NTP client detected ( %s%s%s), not starting embedded NTP client/server",
chronyd_found > 0 ? "chronyd " : "",
ntpd_found > 0 ? "ntpd " : "",
ntp_daemon_found > 0 ? "ntp-daemon " : "");
return false;
}