* [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 041cd0f9bb3b0801eef390354d7470d16d2f667e
@ 2026-05-28 14:10 Michael Tremer
0 siblings, 0 replies; only message in thread
From: Michael Tremer @ 2026-05-28 14:10 UTC (permalink / raw)
To: ipfire-scm
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, next has been updated
via 041cd0f9bb3b0801eef390354d7470d16d2f667e (commit)
via ac3fc5987f549140cbee5c99c380dd909e8232a1 (commit)
via 93c626a18576aee135475d95c04ea047a7cb58de (commit)
via 815c306fdcf25b1de218062e42feb03d8f369321 (commit)
via 8d826a3e6504f95085840d86303f9b42eb9441b7 (commit)
via 4304995ec226ab0a450b246b7729a6530f6c525b (commit)
from 05dae1b7cba0839489abbda5b8ee101715568268 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 041cd0f9bb3b0801eef390354d7470d16d2f667e
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Thu May 28 16:09:47 2026 +0200
captive: Escape title and terms when shown to user
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit ac3fc5987f549140cbee5c99c380dd909e8232a1
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Thu May 28 16:02:23 2026 +0200
captive.cgi: Fix escaping of terms/title
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 93c626a18576aee135475d95c04ea047a7cb58de
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Thu May 28 15:57:46 2026 +0200
knot resolver: Don't overwrite the leases.db on update
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 815c306fdcf25b1de218062e42feb03d8f369321
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Thu May 28 15:57:06 2026 +0200
core203: Ship waitfordns script
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 8d826a3e6504f95085840d86303f9b42eb9441b7
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Thu May 28 15:56:01 2026 +0200
waitfordns: Make this a separate script so we can call it elsewhere
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 4304995ec226ab0a450b246b7729a6530f6c525b
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Thu May 28 15:51:07 2026 +0200
initscripts: waitfordns: Query localhost instead of .
There should never ever be any need for the resolver to be primed to the
root zone if we are only resolving this.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
-----------------------------------------------------------------------
Summary of changes:
config/rootfiles/common/aarch64/stage2 | 1 +
config/rootfiles/common/riscv64/stage2 | 1 +
config/rootfiles/common/x86_64/stage2 | 1 +
config/rootfiles/core/203/exclude | 1 +
config/rootfiles/core/203/filelists/files | 1 +
html/cgi-bin/captive.cgi | 9 ++++---
html/cgi-bin/captive/index.cgi | 7 ++++--
src/initscripts/system/waitfordns | 33 +-------------------------
src/{initscripts/system => scripts}/waitfordns | 27 ++++-----------------
9 files changed, 19 insertions(+), 62 deletions(-)
copy src/{initscripts/system => scripts}/waitfordns (84%)
Difference in files:
diff --git a/config/rootfiles/common/aarch64/stage2 b/config/rootfiles/common/aarch64/stage2
index 03f21cddf..4b79d96f6 100644
--- a/config/rootfiles/common/aarch64/stage2
+++ b/config/rootfiles/common/aarch64/stage2
@@ -110,6 +110,7 @@ usr/local/bin/update-ipblocklists
usr/local/bin/update-lang-cache
usr/local/bin/update-location-database
usr/local/bin/update-rpzs
+usr/local/bin/waitfordns
#usr/local/include
#usr/local/lib
#usr/local/sbin
diff --git a/config/rootfiles/common/riscv64/stage2 b/config/rootfiles/common/riscv64/stage2
index a9554741a..9c3621f62 100644
--- a/config/rootfiles/common/riscv64/stage2
+++ b/config/rootfiles/common/riscv64/stage2
@@ -111,6 +111,7 @@ usr/local/bin/update-ipblocklists
usr/local/bin/update-lang-cache
usr/local/bin/update-location-database
usr/local/bin/update-rpzs
+usr/local/bin/waitfordns
#usr/local/include
#usr/local/lib
#usr/local/sbin
diff --git a/config/rootfiles/common/x86_64/stage2 b/config/rootfiles/common/x86_64/stage2
index 899850ecd..e50df0494 100644
--- a/config/rootfiles/common/x86_64/stage2
+++ b/config/rootfiles/common/x86_64/stage2
@@ -110,6 +110,7 @@ usr/local/bin/update-ipblocklists
usr/local/bin/update-lang-cache
usr/local/bin/update-location-database
usr/local/bin/update-rpzs
+usr/local/bin/waitfordns
#usr/local/include
#usr/local/lib
#usr/local/sbin
diff --git a/config/rootfiles/core/203/exclude b/config/rootfiles/core/203/exclude
index 8ee1c3c2f..996163701 100644
--- a/config/rootfiles/core/203/exclude
+++ b/config/rootfiles/core/203/exclude
@@ -26,6 +26,7 @@ var/ipfire/ovpn
var/ipfire/urlfilter/blacklist
var/ipfire/urlfilter/settings
var/lib/alternatives
+var/lib/knot-resolver/leases.db
var/lib/location/database.db
var/lib/location/ipset
var/log/cache
diff --git a/config/rootfiles/core/203/filelists/files b/config/rootfiles/core/203/filelists/files
index ac40b5083..316e67e26 100644
--- a/config/rootfiles/core/203/filelists/files
+++ b/config/rootfiles/core/203/filelists/files
@@ -15,6 +15,7 @@ etc/rc.d/rc3.d/S17waitfordns
etc/rc.d/rc6.d/K86knot-resolver
usr/local/bin/settime
usr/local/bin/update-rpzs
+usr/local/bin/waitfordns
var/ipfire/backup/bin/backup.pl
var/ipfire/backup/include
var/ipfire/backup/exclude
diff --git a/html/cgi-bin/captive.cgi b/html/cgi-bin/captive.cgi
index 6face0bda..5f0e8c6c5 100644
--- a/html/cgi-bin/captive.cgi
+++ b/html/cgi-bin/captive.cgi
@@ -119,7 +119,7 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save'}) {
$settings{'ENABLE_GREEN'} = $cgiparams{'ENABLE_GREEN'};
$settings{'ENABLE_BLUE'} = $cgiparams{'ENABLE_BLUE'};
$settings{'AUTH'} = $cgiparams{'AUTH'};
- $settings{'TITLE'} = &Header::escape($cgiparams{'TITLE'});
+ $settings{'TITLE'} = $cgiparams{'TITLE'};
$settings{'COLOR'} = $cgiparams{'COLOR'};
$settings{'SESSION_TIME'} = $cgiparams{'SESSION_TIME'};
@@ -133,7 +133,6 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save'}) {
&General::writehash("$settingsfile", \%settings);
# Save terms
- $cgiparams{'TERMS'} = &Header::escape($cgiparams{'TERMS'});
open(FH, ">:utf8", "/var/ipfire/captive/terms.txt") or die("$!");
print FH $cgiparams{'TERMS'};
close(FH);
@@ -367,7 +366,7 @@ print<<END;
$Lang::tr{'Captive title'}
</td>
<td>
- <input type='text' name='TITLE' value="$settings{'TITLE'}" size='40'>
+ <input type='text' name='TITLE' value="@{[ &Header::escape($settings{'TITLE'}) ]}" size='40'>
</td>
</tr>
<tr>
@@ -404,7 +403,7 @@ print <<END;
<tr>
<td>$Lang::tr{'Captive terms'}</td>
<td>
- <textarea cols="50" rows="10" name="TERMS">$terms</textarea>
+ <textarea cols="50" rows="10" name="TERMS">@{[ &Header::escape($terms) ]}</textarea>
</td>
</tr>
<tr>
@@ -789,7 +788,7 @@ sub generate_pdf() {
$f_subheadline->translate($cx, ($y + $h - $cy) / 2.4 + $cy);
if ($settings{'TITLE'}) {
- $f_headline->text_center(decode("utf8", $settings{'TITLE'}));
+ $f_headline->text_center(decode("utf8", &Header::escape($settings{'TITLE'})));
$f_subheadline->text_center(decode("utf8", $Lang::tr{'Captive WiFi coupon'}));
} else {
$f_headline->text_center(decode("utf8", $Lang::tr{'Captive WiFi coupon'}));
diff --git a/html/cgi-bin/captive/index.cgi b/html/cgi-bin/captive/index.cgi
index e9606b1bf..5a1f9fbf1 100644
--- a/html/cgi-bin/captive/index.cgi
+++ b/html/cgi-bin/captive/index.cgi
@@ -30,6 +30,7 @@ use HTML::Template;
#use CGI::Carp 'fatalsToBrowser';
require '/var/ipfire/general-functions.pl';
+require "${General::swroot}/header.pl";
require "${General::swroot}/lang.pl";
# Load the most appropriate language from the browser configuration
@@ -167,7 +168,7 @@ if ($settings{'AUTH'} eq "COUPON") {
$tmpl->param(L_HEADING => $Lang::tr{'Captive terms'});
}
-$tmpl->param(TITLE => $settings{'TITLE'});
+$tmpl->param(TITLE => &Header::escape($settings{'TITLE'}));
$tmpl->param(COLOR => $settings{'COLOR'});
$tmpl->param(ERROR => $errormessage);
@@ -224,13 +225,15 @@ sub getterms() {
open(my $handle, "<:utf8", "/var/ipfire/captive/terms.txt");
while(<$handle>) {
- $_ = HTML::Entities::decode_entities($_);
push(@terms, $_);
}
close($handle);
my $terms = join("\n", @terms);
+ # Escape the string
+ $terms = &Header::escape($terms);
+
# Format paragraphs
$terms =~ s/\n\n/<\/p>\n<p>/g;
diff --git a/src/initscripts/system/waitfordns b/src/initscripts/system/waitfordns
index f353db778..edf233e72 100644
--- a/src/initscripts/system/waitfordns
+++ b/src/initscripts/system/waitfordns
@@ -22,43 +22,12 @@
. /etc/sysconfig/rc
. ${rc_functions}
-wait_for_dns() {
- local args=(
- # Wait for one second only
- "+timeout=1"
-
- # Don't retry
- "+retry=0"
-
- # Query the local DNS service
- "@127.0.0.1"
-
- # Query the nameservers for root
- "NS" "."
- )
-
- local timeout=120
- local i=0
-
- while [ "${i}" -lt "${timeout}" ]; do
- if kdig "${args[@]}" >/dev/null 2>&1; then
- return 0
- fi
-
- # Increment i
- (( i++ ))
- done
-
- # Fail
- return 1
-}
-
case "${1}" in
start)
boot_mesg "Waiting for DNS to become ready..."
# Check if the DNS service is responding
- if wait_for_dns; then
+ if /usr/local/bin/waitfordns; then
echo_ok
else
echo_failure
diff --git a/src/scripts/waitfordns b/src/scripts/waitfordns
new file mode 100644
index 000000000..93ea6dfb8
--- /dev/null
+++ b/src/scripts/waitfordns
@@ -0,0 +1,53 @@
+#!/bin/sh
+###############################################################################
+# #
+# IPFire.org - An Open Source Firewall #
+# Copyright (C) 2026 IPFire Team <info@ipfire.org> #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+main() {
+ local args=(
+ # Wait for one second only
+ "+timeout=1"
+
+ # Don't retry
+ "+retry=0"
+
+ # Query the local DNS service
+ "@127.0.0.1"
+
+ # Query for localhost
+ "A" "localhost."
+ )
+
+ local timeout=120
+ local i=0
+
+ while [ "${i}" -lt "${timeout}" ]; do
+ if kdig "${args[@]}" >/dev/null 2>&1; then
+ return 0
+ fi
+
+ # Increment i
+ (( i++ ))
+ done
+
+ # Fail
+ return 1
+}
+
+main "$@" || exit $?
hooks/post-receive
--
IPFire 2.x development tree
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2026-05-28 14:10 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2026-05-28 14:10 [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 041cd0f9bb3b0801eef390354d7470d16d2f667e Michael Tremer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox