Improve local IP detection

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
author: Côme Chilliet <come.chilliet@nextcloud.com> 2022-06-27 16:48:58 +0200
committer: backportbot-nextcloud[bot] <backportbot-nextcloud[bot]@users.noreply.github.com> 2022-07-26 09:45:27 +0000
commit: 342934e9c230060ef8e9712bcb27b5047f9e3d62 (patch)
tree: 9176914c47440dd1c9e56dd86a3f477e210e0aec
parent: 339dfb871263106e68c5c077336d57d066e18087 (diff)
download: nextcloud-server-342934e9c230060ef8e9712bcb27b5047f9e3d62.tar.gz
nextcloud-server-342934e9c230060ef8e9712bcb27b5047f9e3d62.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/lib/private/Http/Client/LocalAddressChecker.php b/lib/private/Http/Client/LocalAddressChecker.php
index 4d5407d6641..cc916349ebd 100644
--- a/lib/private/Http/Client/LocalAddressChecker.php
+++ b/lib/private/Http/Client/LocalAddressChecker.php
@@ -42,6 +42,12 @@ class LocalAddressChecker {
 			throw new LocalServerException('Host violates local access rules');
 		}
 
+		$localIps = ['100.100.100.200'];
+		if ((bool)filter_var($ip, FILTER_VALIDATE_IP) && in_array($ip, $localIps)) {
+			$this->logger->warning("Host $ip was not connected to because it violates local access rules");
+			throw new LocalServerException('Host violates local access rules');
+		}
+
 		// Also check for IPv6 IPv4 nesting, because that's not covered by filter_var
 		if ((bool)filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) && substr_count($ip, '.') > 0) {
 			$delimiter = strrpos($ip, ':'); // Get last colon
author	Côme Chilliet <come.chilliet@nextcloud.com>	2022-06-27 16:48:58 +0200
committer	backportbot-nextcloud[bot] <backportbot-nextcloud[bot]@users.noreply.github.com>	2022-07-26 09:45:27 +0000
commit	342934e9c230060ef8e9712bcb27b5047f9e3d62 (patch)
tree	9176914c47440dd1c9e56dd86a3f477e210e0aec
parent	339dfb871263106e68c5c077336d57d066e18087 (diff)
download	nextcloud-server-342934e9c230060ef8e9712bcb27b5047f9e3d62.tar.gz nextcloud-server-342934e9c230060ef8e9712bcb27b5047f9e3d62.zip