Skip to content

Commit

Permalink
Merge pull request #49278 from nextcloud/backport/48675/stable29
Browse files Browse the repository at this point in the history
[stable29] DNS: do not query CNAME if A succeeded already
  • Loading branch information
come-nc authored Nov 14, 2024
2 parents eedf7c4 + c559f62 commit 0696ec1
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 4 deletions.
7 changes: 5 additions & 2 deletions lib/private/Http/Client/DnsPinMiddleware.php
Original file line number Diff line number Diff line change
Expand Up @@ -74,17 +74,21 @@ private function dnsResolve(string $target, int $recursionCount) : array {

$soaDnsEntry = $this->soaRecord($target);
$dnsNegativeTtl = $soaDnsEntry['minimum-ttl'] ?? null;
$canHaveCnameRecord = true;

$dnsTypes = \defined('AF_INET6') || @inet_pton('::1')
? [DNS_A, DNS_AAAA, DNS_CNAME]
: [DNS_A, DNS_CNAME];
foreach ($dnsTypes as $dnsType) {
if ($canHaveCnameRecord === false && $dnsType === DNS_CNAME) {
continue;
}

if ($this->negativeDnsCache->isNegativeCached($target, $dnsType)) {
continue;
}

$dnsResponses = $this->dnsGetRecord($target, $dnsType);
$canHaveCnameRecord = true;
if ($dnsResponses !== false && count($dnsResponses) > 0) {
foreach ($dnsResponses as $dnsResponse) {
if (isset($dnsResponse['ip'])) {
Expand All @@ -95,7 +99,6 @@ private function dnsResolve(string $target, int $recursionCount) : array {
$canHaveCnameRecord = false;
} elseif (isset($dnsResponse['target']) && $canHaveCnameRecord) {
$targetIps = array_merge($targetIps, $this->dnsResolve($dnsResponse['target'], $recursionCount));
$canHaveCnameRecord = true;
}
}
} elseif ($dnsNegativeTtl !== null) {
Expand Down
5 changes: 3 additions & 2 deletions tests/lib/Http/Client/DnsPinMiddlewareTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -554,10 +554,11 @@ static function (RequestInterface $request, array $options) {
['nextcloud' => ['allow_local_address' => false]]
);

$this->assertCount(4, $dnsQueries);
$this->assertCount(3, $dnsQueries);
$this->assertContains('example.com' . DNS_SOA, $dnsQueries);
$this->assertContains('subsubdomain.subdomain.example.com' . DNS_A, $dnsQueries);
$this->assertContains('subsubdomain.subdomain.example.com' . DNS_AAAA, $dnsQueries);
$this->assertContains('subsubdomain.subdomain.example.com' . DNS_CNAME, $dnsQueries);
// CNAME should not be queried if A or AAAA succeeded already
$this->assertNotContains('subsubdomain.subdomain.example.com' . DNS_CNAME, $dnsQueries);
}
}

0 comments on commit 0696ec1

Please sign in to comment.