dnsmasq: strict hostname and domain validation (#9232)
* Strict hostname validation in Hosts tab using legal_hostname() function of upstream source code as baseline.
* Use HostnameField for "host", "domain", "cnames" and "aliases" field, merge former AliasesField logic into HostnameField for LegacyXML configs
* Remove AliasesField
* Add php unit test for HostnameField
diagnostics/packetcapture: Fix permission of capture zip file for wwwonly strict security mode (#9255)
* diagnostics/packetcapture: Fix permission of capture zip file when wwwonly strict security mode is enabled
* Unconditionally set wwwonly:wheel
* Also set permissions to 640
vpn/wireguard: Add debug flag to instances, can be set without restarting service, send logs to wireguard log (#9236)
* vpn/wireguard: Add debug flag to instances, can be set without restarting service, send logs to wireguard log
* Add debug as comment into wireguard-server.conf, so the file hash changes and wg_start() is triggered
* Update src/opnsense/mvc/app/controllers/OPNsense/Wireguard/forms/dialogEditWireguardServer.xml
Co-authored-by: Franco Fichtner <franco at opnsense.org>
---------
Co-authored-by: Franco Fichtner <franco at opnsense.org>
configd: add ! operator to execute and flush cache when it exists, closes https://github.com/opnsense/core/issues/9170
Fix a small unnoticed bug in ActionHandler.find_action(), which flushed the action parameter after use.
Refactor HandlerClient so it extracts "preludes" like spaces, &, ! which it will then use to determine command operation mode.
Leading spaces are removed on purpose so we support actions like "&!cmd" "& ! cmd", since the first parameter is always a file on disk, leading spaces can't exist in current callers.
(cherry picked from commit 27bd8125c3868be56f11a7d91b00f6ec5b187abe)