| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
|
| |
|
|
| |
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
|
| |
|
| |
Signed-off-by: Robin Kluth <Commifreak@users.noreply.github.com>
|
| |
|
| |
Signed-off-by: Robin Kluth <Commifreak@users.noreply.github.com>
|
| |
|
|
| |
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
|
| |
|
|
| |
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
|
| |
|
|
| |
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |
|
|
| |
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |
|
|
| |
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |
|
|
|
|
| |
The call to idn_to_utf8 call is actually to apply normalization
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
|
| |
|
| |
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
|
| |
|
|
|
|
|
| |
`dns_get_record` can return false which results in exceptions such as
the ones shown in https://github.com/nextcloud/server/issues/27870.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
|
| |
|
|
| |
Signed-off-by: Sanpi <sanpi@homecomputing.fr>
|
| |\
| |
| | |
Ignore subdomain for soa queries
|
| | |
| |
| |
| | |
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Libcurl expects the value of the CURLOPT_RESOLVE configurations to be an
array of strings, those strings containing a comma delimited list of
resolved IPs for each host:port combination.
The original code here does create that array with the host:port:ip
combination, but multiple ips for a single host:port result in
additional array entries, rather than adding them to the end of the
string with a comma. Per the libcurl docs, the `CURLOPT_RESOLVE` array
entries should match the syntax `host:port:address[,address]`.
This creates a function-scoped associative array which uses `host:port`
as the key (which are supposed to be unique and this ensures that), and
the value is an array containing IP strings (ipv4 or ipv6). Once the
associative array is populated, it is then set to the CURLOPT_RESOLVE
array, imploding the ip arrays using a comma delimiter so the array
syntax matches the expected by libcurl.
Note that this reorders the "foreach ip" and "foreach port" loops.
Rather than looping over ips then ports, we now loop over ports then
ips, since ports are part of the unique host:port map, and multiple ips
can exist therein.
Signed-off-by: Aaron Ball <nullspoon@oper.io>
|
| |
|
|
| |
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
|
| |
|
|
| |
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
|
|
|
Whilst we currently state that SSRF is generally outside of our threat model, this is something where we should invest to improve this.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
|
