Services: Kea DHCPv4/v6: Use KeaCtrl python lib for kea_prefix_watcher to switch to polling the socket instead of streaming the csv lease files. The running configuration has structured output, and we stay in memory without needing to read and parse any files. The tradeoff is that we always have to process the full set of leases, yet by using lease6-get-page which is especially made for efficient bulk operations, this should be rather cheap. The main benefit is we always work with structured json data, can filter for ID_PD better, and reprocess the full truth on every poll interval to ensure the whole setup is self-healing
MVC: add support for pluggable dynamic menu items and move some existing parts out of the MenuSystem class (#10113)
* MVC: add support for pluggable dynamic menu items and move some existing parts out of the MenuSystem class
In most cases we use static menu registartions, but there are exceptions which depend on interfaces for example.
While looking at https://github.com/opnsense/core/pull/10033, a longer standing wish came up again, which is the reason to add this support right now. It also helps in removing some legacy components for good via plugins.
To register new menu items, the following pattern may be used:
* In your model, derive a Menu class from MenuContainer
* implement a method collect() which should add new menu items via the appendItem() {bound to appendItem in MenuSystem}
Always try to minimize the amount of code inside these plugins as this code will be executed on each page load.
* menusystem: simplify class generation for links and add some support to be used for favorites.
This commit offers a couple of things, first of all it adds a unique class name on every traversable menu item so we can easily use javascript to pass a click event, for example:
$(".menu_ref_7e46272fe380827861cbaf5b484c43c9")[0].click()
[5 lines not shown]
ui: change generic error trap to exclude upgradestatus messages and prevent multiple instances being created, which prevents the user being spammed faster than he/she can close dialogs.
Services: Kea DHCPv4/v6: Remove depend constraint of ddns_reverse_zone (#10182)
Since ddns_forward_zone already depends on ddns_dns_server, and the config generator bails if either of these are empty we do not need to protect ddns_reverse_zone in any specific way right now.
It's a good idea to keep it this way, only populating a reverse zone is very uncommon, and ISC also tethered it to the forward zone being there.
Services: Kea DHCPv4/v6: Remove depend constraint of ddns_reverse_zone
Since ddns_forward_zone already depends on ddns_ddns_server, and the config generator bails if either of these are empty
we do not need to protect ddns_reverse_zone in any specific way right now.
ui: SimpleFileUploadDlg - add support for binary file uploads ( `SimpleFileUploadDlg({binary: true,...`), when set, files will be offered base64 encoded.
ui: SimpleFileUploadDlg - add support for binary file uploads ( `SimpleFileUploadDlg({binary: true,...`), when set, files will be offered base64 encoded.
Services: Unbound DNS: Overrides - One of the major disadvantages of asking for domains and hostnames seperately is that standard fqdn validations don't apply, which is the case here. Adding a dot at the end of a fqdn is valid, having an empty element isn't. We fix the latter by preventing a hostname ending with a dot here. closes https://github.com/opnsense/core/issues/10170
System: make LDAD auth adhere to bad login penalty as well (#10111)
Made remainder of modifications for GHSA-jpm7-f59c-mp54 which were previously discussed but deferred.
