Project

General

Profile

« Previous | Next » 

Revision 0321fa1b

Added by Jim Pingle about 15 years ago

Wrap the dns rebind check in a test to see if our error function exists. If it doesn't, it's probably being called from captive portal, so skip the check. Fixes #721

View differences:

etc/inc/auth.inc
49 49 

  		




  50
  50
  
    
require_once("config.gui.inc");


  		




  51
  51
  
    

  		




  52
  
  
    
/* DNS ReBinding attack prevention.  http://redmine.pfsense.org/issues/708 */


  		




  53
  
  
    
$found_host = false;


  		




  54
  
  
    
if($config['dyndnses']['dyndns'])


  		




  55
  
  
    
	foreach($config['dyndnses']['dyndns'] as $dyndns)


  		




  56
  
  
    
		if($dyndns['host'] == $_SERVER['HTTP_HOST'] or $dyndns['host'] == $_SERVER['SERVER_ADDR'])


  		




  57
  
  
    
			$found_host = true;


  		




  58
  
  
    
if($found_host == false) {


  		




  59
  
  
    
	if ($_SERVER['HTTP_HOST'] != $config['system']['hostname'] . "." . $config['system']['domain'] and


  		




  60
  
  
    
		$_SERVER['HTTP_HOST'] != $_SERVER['SERVER_ADDR'] and 


  		




  61
  
  
    
		$_SERVER['HTTP_HOST'] != $config['system']['hostname']) {


  		




  62
  
  
    
		display_error_form("501", "Potential DNS Rebind attack detected, see http://en.wikipedia.org/wiki/DNS_rebinding");


  		




  63
  
  
    
		exit;


  		




  
  52
  
    
/* If this function doesn't exist, we're being called from Captive Portal or 


  		




  
  53
  
    
   another internal subsystem which does not include authgui.inc */


  		




  
  54
  
    
if (function_exists("display_error_form")) {


  		




  
  55
  
    
	/* DNS ReBinding attack prevention.  http://redmine.pfsense.org/issues/708 */


  		




  
  56
  
    
	$found_host = false;


  		




  
  57
  
    
	if($config['dyndnses']['dyndns'])


  		




  
  58
  
    
		foreach($config['dyndnses']['dyndns'] as $dyndns)


  		




  
  59
  
    
			if($dyndns['host'] == $_SERVER['HTTP_HOST'] or $dyndns['host'] == $_SERVER['SERVER_ADDR'])


  		




  
  60
  
    
				$found_host = true;


  		




  
  61
  
    
	if($found_host == false) {


  		




  
  62
  
    
		if ($_SERVER['HTTP_HOST'] != $config['system']['hostname'] . "." . $config['system']['domain'] and


  		




  
  63
  
    
			$_SERVER['HTTP_HOST'] != $_SERVER['SERVER_ADDR'] and 


  		




  
  64
  
    
			$_SERVER['HTTP_HOST'] != $config['system']['hostname']) {


  		




  
  65
  
    
			display_error_form("501", "Potential DNS Rebind attack detected, see http://en.wikipedia.org/wiki/DNS_rebinding");


  		




  
  66
  
    
			exit;


  		




  
  67
  
    
		}


  		




  64
  68
  
    
	}


  		




  65
  69
  
    
}


  		




  66
  70
  
    

  		












Also available in:  Unified diff