Unverified Commit f9a66bc3 authored by Sukun's avatar Sukun Committed by GitHub

net: consider /dns/localhost as private address (#221)

* manet: consider /dns/localhost as private address

* fix naming
parent a1249543
......@@ -69,13 +69,14 @@ var privateUseDomains = []string{
// MDNS
".local",
// RFC 6761: Users may assume that IPv4 and IPv6 address queries for localhost names will
// always resolve to the respective IP loopback address
".localhost",
// RFC 6761: No central authority for .test names
".test",
}
// RFC 6761: Users may assume that IPv4 and IPv6 address queries for localhost names will
// always resolve to the respective IP loopback address
const localHostDomain = ".localhost"
func init() {
Private4 = parseCIDR(privateCIDR4)
Private6 = parseCIDR(privateCIDR6)
......@@ -112,14 +113,18 @@ func IsPublicAddr(a ma.Multiaddr) bool {
case ma.P_DNS, ma.P_DNS4, ma.P_DNS6, ma.P_DNSADDR:
dnsAddr := c.Value()
isPublic = true
if isSubdomain(dnsAddr, localHostDomain) {
isPublic = false
return false
}
for _, ud := range unResolvableDomains {
if strings.HasSuffix(dnsAddr, ud) {
if isSubdomain(dnsAddr, ud) {
isPublic = false
return false
}
}
for _, pd := range privateUseDomains {
if strings.HasSuffix(dnsAddr, pd) {
if isSubdomain(dnsAddr, pd) {
isPublic = false
break
}
......@@ -130,6 +135,13 @@ func IsPublicAddr(a ma.Multiaddr) bool {
return isPublic
}
// isSubdomain checks if child is sub domain of parent. It also returns true if child and parent are
// the same domain.
// Parent must have a "." prefix.
func isSubdomain(child, parent string) bool {
return strings.HasSuffix(child, parent) || child == parent[1:]
}
// IsPrivateAddr returns true if the IP part of the mutiaddr is in a private network
func IsPrivateAddr(a ma.Multiaddr) bool {
isPrivate := false
......@@ -141,6 +153,13 @@ func IsPrivateAddr(a ma.Multiaddr) bool {
isPrivate = inAddrRange(net.IP(c.RawValue()), Private4)
case ma.P_IP6:
isPrivate = inAddrRange(net.IP(c.RawValue()), Private6)
case ma.P_DNS, ma.P_DNS4, ma.P_DNS6, ma.P_DNSADDR:
dnsAddr := c.Value()
if isSubdomain(dnsAddr, localHostDomain) {
isPrivate = true
}
// We don't check for privateUseDomains because private use domains can
// resolve to public IP addresses
}
return false
})
......
......@@ -43,6 +43,16 @@ func TestIsPublicAddr(t *testing.T) {
isPublic: false,
isPrivate: false, // You can configure .local domains in local networks to return public addrs
},
{
addr: ma.StringCast("/dns/localhost/udp/1/quic-v1"),
isPublic: false,
isPrivate: true,
},
{
addr: ma.StringCast("/dns/a.localhost/tcp/1"),
isPublic: false,
isPrivate: true,
},
}
for i, tt := range tests {
t.Run(fmt.Sprintf("%d", i), func(t *testing.T) {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment