a/badguardhome
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
279350e4a3
badguardhome/CHANGELOG.md
Eugene Burkov 7afc692632 Pull request: 2889 internal hosts restriction 
Merge in DNS/adguard-home from 2889-imp-autohosts to master

Closes #2889.

Squashed commit of the following:

commit 1d3b649364f991c092851c02d99827769cce8b70
Merge: abc6e1c8 1a214eaa
Author: Eugene Burkov <e.burkov@adguard.com>
Date:   Thu Apr 8 17:59:51 2021 +0300

    Merge branch 'master' into 2889-imp-autohosts

commit abc6e1c8830e41a774c6d239ddd7b722b29df93e
Author: Eugene Burkov <e.burkov@adguard.com>
Date:   Thu Apr 8 17:34:56 2021 +0300

    dnsforward: imp code

commit 4b2b9140d3e2526a935216ba42faba9b86b9ef3f
Author: Eugene Burkov <e.burkov@adguard.com>
Date:   Thu Apr 8 17:31:34 2021 +0300

    dnsforward: respond with nxdomain

commit 814667417a1b02c152a034852858b96412874f85
Author: Eugene Burkov <e.burkov@adguard.com>
Date:   Tue Apr 6 19:16:14 2021 +0300

    dnsforward: restrict the access to intl hosts for ext clients
2021-04-08 18:07:29 +03:00

12 KiB
Raw Blame History

AdGuard Home Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

Unreleased

Added

  • The ability to set up custom upstreams to resolve PTR queries for local addresses and to disable the automatic resolving of clients' addresses (#2704).
  • Logging of the client's IP address after failed login attempts (#2824).
  • Search by clients' names in the query log (#1273).
  • Verbose version output with -v --version (#2416).
  • The ability to set a custom TLD for known local-network hosts (#2393).
  • The ability to serve DNS queries on multiple hosts and interfaces (#1401).
  • ips and text DHCP server options (#2385).
  • SRV records support in $dnsrewrite filters (#2533).

Changed

  • The access to the private hosts is now forbidden for users from external networks (#2889).
  • The reverse lookup for local addresses is now performed via local resolvers (#2704).
  • Stricter validation of the IP addresses of static leases in the DHCP server with regards to the netmask (#2838).
  • Stricter validation of $dnsrewrite filter modifier parameters (#2498).
  • New, more correct versioning scheme (#2412).

Deprecated

  • Go 1.15 support. v0.107.0 will require at least Go 1.16 to build.

Fixed

  • Overwriting of DHCPv4 options when using the HTTP API (#2927).
  • Assumption that MAC addresses always have the length of 6 octets (#2828).
  • Support for more than one /24 subnet in DHCP (#2541).
  • Invalid filenames in the mobileconfig API responses (#2835).

Removed

  • Go 1.14 support.

v0.105.2 - 2021-03-10

Fixed

  • Incomplete hostnames with trailing zero-bytes handling (#2582).
  • Wrong DNS-over-TLS ALPN configuration (#2681).
  • Inconsistent responses for messages with EDNS0 and AD when DNS caching is enabled (#2600).
  • Incomplete OpenWrt detection (#2757).
  • DHCP lease's expired field incorrect time format (#2692).
  • Incomplete DNS upstreams validation (#2674).
  • Wrong parsing of DHCP options of the ip type (#2688).

Security

  • Session token doesn't contain user's information anymore (#2470).

v0.105.1 - 2021-02-15

Changed

  • Increased HTTP API timeouts (#2671, #2682).
  • "Permission denied" errors when checking if the machine has a static IP no longer prevent the DHCP server from starting (#2667).
  • The server name sent by clients of TLS APIs is not only checked when strict_sni_check is enabled (#2664).
  • HTTP API request body size limit for the POST /control/access/set and POST /control/filtering/set_rules HTTP APIs is increased (#2666, #2675).

Fixed

  • Error when enabling the DHCP server when AdGuard Home couldn't determine if the machine has a static IP.
  • Optical issue on custom rules (#2641).
  • Occasional crashes during startup.
  • The field "range_start" in the GET /control/dhcp/status HTTP API response is now correctly named again (#2678).
  • DHCPv6 server's ra_slaac_only and ra_allow_slaac settings aren't reset to false on update any more (#2653).
  • The Vary header is now added along with Access-Control-Allow-Origin to prevent cache-related and other issues in browsers (#2658).
  • The request body size limit is now set for HTTPS requests as well.
  • Incorrect version tag in the Docker release (#2663).
  • DNSCrypt queries weren't marked as such in logs (#2662).

v0.105.0 - 2021-02-10

Added

  • Added more services to the "Blocked services" list (#2224, #2401).
  • ipset subdomain matching, just like dnsmasq does (#2179).
  • Client ID support for DNS-over-HTTPS, DNS-over-QUIC, and DNS-over-TLS (#1383).
  • $dnsrewrite modifier for filters (#2102).
  • The host checking API and the query logs API can now return multiple matched rules (#2102).
  • Detecting of network interface configured to have static IP address via /etc/network/interfaces (#2302).
  • DNSCrypt protocol support (#1361).
  • A 5 second wait period until a DHCP server's network interface gets an IP address (#2304).
  • $dnstype modifier for filters (#2337).
  • HTTP API request body size limit (#2305).

Changed

  • Access-Control-Allow-Origin is now only set to the same origin as the domain, but with an HTTP scheme as opposed to * (#2484).
  • workDir now supports symlinks.
  • Stopped mounting together the directories /opt/adguardhome/conf and /opt/adguardhome/work in our Docker images (#2589).
  • When dns.bogus_nxdomain option is used, the server will now transform responses if there is at least one bogus address instead of all of them (#2394). The new behavior is the same as in dnsmasq.
  • Post-updating relaunch possibility is now determined OS-dependently (#2231, #2391).
  • Made the mobileconfig HTTP API more robust and predictable, add parameters and improve error response (#2358).
  • Improved HTTP requests handling and timeouts (#2343).
  • Our snap package now uses the core20 image as its base (#2306).
  • New build system and various internal improvements (#2271, #2276, #2297, #2509, #2552, #2639, #2646).

Deprecated

  • Go 1.14 support. v0.106.0 will require at least Go 1.15 to build.
  • The darwin/386 port. It will be removed in v0.106.0.
  • The "rule" and "filter_id" fields in GET /filtering/check_host and GET /querylog responses. They will be removed in v0.106.0 (#2102).

Fixed

  • Autoupdate bug in the Darwin (macOS) version (#2630).
  • Unnecessary conversions from string to net.IP, and vice versa (#2508).
  • Inability to set DNS cache TTL limits (#2459).
  • Possible freezes on slower machines (#2225).
  • A mitigation against records being shown in the wrong order on the query log page (#2293).
  • A JSON parsing error in query log (#2345).
  • Incorrect detection of the IPv6 address of an interface as well as another infinite loop in the /dhcp/find_active_dhcp HTTP API (#2355).

Removed

  • The undocumented ability to use hostnames as any of bind_host values in configuration. Documentation requires them to be valid IP addresses, and now the implementation makes sure that that is the case (#2508).
  • Dockerfile (#2276). Replaced with the script scripts/make/build-docker.sh which uses scripts/make/Dockerfile.
  • Support for pre-v0.99.3 format of query logs (#2102).

v0.104.3 - 2020-11-19

Fixed

  • The accidentally exposed profiler HTTP API (#2336).

v0.104.2 - 2020-11-19

Added

  • This changelog :-) (#2294).
  • HACKING.md, a guide for developers.

Changed

  • Improved tests output (#2273).

Fixed

  • Query logs from file not loading after the ones buffered in memory (#2325).
  • Unnecessary errors in query logs when switching between log files (#2324).
  • 404 Not Found errors on the DHCP settings page on Windows. The page now correctly shows that DHCP is not currently available on that OS (#2295).
  • Infinite loop in /dhcp/find_active_dhcp (#2301).