diff options
author | Daniel Kesselberg <mail@danielkesselberg.de> | 2021-07-05 10:52:18 +0200 |
---|---|---|
committer | Daniel Kesselberg <mail@danielkesselberg.de> | 2021-07-05 20:29:06 +0200 |
commit | b6530e5e822ee635eeb5a54e6630efcf6129c8c1 (patch) | |
tree | 3c304740671da0e19b16ca87cc8ab50fd8771ae9 /lib/private | |
parent | bb22d38aa10e58de0103aa57ecbdf60b167c59bb (diff) | |
download | nextcloud-server-b6530e5e822ee635eeb5a54e6630efcf6129c8c1.tar.gz nextcloud-server-b6530e5e822ee635eeb5a54e6630efcf6129c8c1.zip |
Ignore subdomain for soa queries
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
Diffstat (limited to 'lib/private')
-rw-r--r-- | lib/private/Http/Client/DnsPinMiddleware.php | 41 |
1 files changed, 28 insertions, 13 deletions
diff --git a/lib/private/Http/Client/DnsPinMiddleware.php b/lib/private/Http/Client/DnsPinMiddleware.php index 019fde23723..5d8c32e3a28 100644 --- a/lib/private/Http/Client/DnsPinMiddleware.php +++ b/lib/private/Http/Client/DnsPinMiddleware.php @@ -41,6 +41,28 @@ class DnsPinMiddleware { $this->localAddressChecker = $localAddressChecker; } + /** + * Fetch soa record for a target + * + * @param string $target + * @return array|null + */ + private function soaRecord(string $target): ?array { + $labels = explode('.', $target); + + $top = count($labels) >= 2 ? array_pop($labels) : ''; + $second = array_pop($labels); + + $hostname = $second . '.' . $top; + $responses = dns_get_record($hostname, DNS_SOA); + + if ($responses === false || count($responses) === 0) { + return null; + } + + return reset($responses); + } + private function dnsResolve(string $target, int $recursionCount) : array { if ($recursionCount >= 10) { return []; @@ -49,24 +71,19 @@ class DnsPinMiddleware { $recursionCount = $recursionCount++; $targetIps = []; - $soaDnsEntry = dns_get_record($target, DNS_SOA); - if (isset($soaDnsEntry[0]) && isset($soaDnsEntry[0]['minimum-ttl'])) { - $dnsNegativeTtl = $soaDnsEntry[0]['minimum-ttl']; - } else { - $dnsNegativeTtl = null; - } + $soaDnsEntry = $this->soaRecord($target); + $dnsNegativeTtl = $soaDnsEntry['minimum-ttl'] ?? null; $dnsTypes = [DNS_A, DNS_AAAA, DNS_CNAME]; - foreach ($dnsTypes as $key => $dnsType) { + foreach ($dnsTypes as $dnsType) { if ($this->negativeDnsCache->isNegativeCached($target, $dnsType)) { - unset($dnsTypes[$key]); continue; } $dnsResponses = dns_get_record($target, $dnsType); $canHaveCnameRecord = true; if (count($dnsResponses) > 0) { - foreach ($dnsResponses as $key => $dnsResponse) { + foreach ($dnsResponses as $dnsResponse) { if (isset($dnsResponse['ip'])) { $targetIps[] = $dnsResponse['ip']; $canHaveCnameRecord = false; @@ -78,10 +95,8 @@ class DnsPinMiddleware { $canHaveCnameRecord = true; } } - } else { - if ($dnsNegativeTtl !== null) { - $this->negativeDnsCache->setNegativeCacheForDnsType($target, $dnsType, $dnsNegativeTtl); - } + } elseif ($dnsNegativeTtl !== null) { + $this->negativeDnsCache->setNegativeCacheForDnsType($target, $dnsType, $dnsNegativeTtl); } } |