diff options
author | Daniel Kesselberg <mail@danielkesselberg.de> | 2021-07-05 10:52:18 +0200 |
---|---|---|
committer | backportbot[bot] <backportbot[bot]@users.noreply.github.com> | 2021-07-06 16:58:15 +0000 |
commit | a626792e15ae33138ddac793a50ea29364482e5f (patch) | |
tree | 23722d0fe8dc2969294df3f72acb8bcade084f73 /lib/private | |
parent | c67e1420c8f741bfa43db08fcc295ec3b156fff8 (diff) | |
download | nextcloud-server-a626792e15ae33138ddac793a50ea29364482e5f.tar.gz nextcloud-server-a626792e15ae33138ddac793a50ea29364482e5f.zip |
Ignore subdomain for soa queries
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
Diffstat (limited to 'lib/private')
-rw-r--r-- | lib/private/Http/Client/DnsPinMiddleware.php | 41 |
1 files changed, 28 insertions, 13 deletions
diff --git a/lib/private/Http/Client/DnsPinMiddleware.php b/lib/private/Http/Client/DnsPinMiddleware.php index 900173bb506..135ae52f4bd 100644 --- a/lib/private/Http/Client/DnsPinMiddleware.php +++ b/lib/private/Http/Client/DnsPinMiddleware.php @@ -41,6 +41,28 @@ class DnsPinMiddleware { $this->localAddressChecker = $localAddressChecker; } + /** + * Fetch soa record for a target + * + * @param string $target + * @return array|null + */ + private function soaRecord(string $target): ?array { + $labels = explode('.', $target); + + $top = count($labels) >= 2 ? array_pop($labels) : ''; + $second = array_pop($labels); + + $hostname = $second . '.' . $top; + $responses = dns_get_record($hostname, DNS_SOA); + + if ($responses === false || count($responses) === 0) { + return null; + } + + return reset($responses); + } + private function dnsResolve(string $target, int $recursionCount) : array { if ($recursionCount >= 10) { return []; @@ -49,24 +71,19 @@ class DnsPinMiddleware { $recursionCount = $recursionCount++; $targetIps = []; - $soaDnsEntry = dns_get_record($target, DNS_SOA); - if (isset($soaDnsEntry[0]) && isset($soaDnsEntry[0]['minimum-ttl'])) { - $dnsNegativeTtl = $soaDnsEntry[0]['minimum-ttl']; - } else { - $dnsNegativeTtl = null; - } + $soaDnsEntry = $this->soaRecord($target); + $dnsNegativeTtl = $soaDnsEntry['minimum-ttl'] ?? null; $dnsTypes = [DNS_A, DNS_AAAA, DNS_CNAME]; - foreach ($dnsTypes as $key => $dnsType) { + foreach ($dnsTypes as $dnsType) { if ($this->negativeDnsCache->isNegativeCached($target, $dnsType)) { - unset($dnsTypes[$key]); continue; } $dnsResponses = dns_get_record($target, $dnsType); $canHaveCnameRecord = true; if (count($dnsResponses) > 0) { - foreach ($dnsResponses as $key => $dnsResponse) { + foreach ($dnsResponses as $dnsResponse) { if (isset($dnsResponse['ip'])) { $targetIps[] = $dnsResponse['ip']; $canHaveCnameRecord = false; @@ -78,10 +95,8 @@ class DnsPinMiddleware { $canHaveCnameRecord = true; } } - } else { - if ($dnsNegativeTtl !== null) { - $this->negativeDnsCache->setNegativeCacheForDnsType($target, $dnsType, $dnsNegativeTtl); - } + } elseif ($dnsNegativeTtl !== null) { + $this->negativeDnsCache->setNegativeCacheForDnsType($target, $dnsType, $dnsNegativeTtl); } } |