diff options
Diffstat (limited to 'etc/inc/auth.inc')
| -rw-r--r-- | etc/inc/auth.inc | 17 |
1 files changed, 12 insertions, 5 deletions
diff --git a/etc/inc/auth.inc b/etc/inc/auth.inc index 4793b3a..fd597ab 100644 --- a/etc/inc/auth.inc +++ b/etc/inc/auth.inc @@ -50,11 +50,18 @@ require_once("config.gui.inc"); /* DNS ReBinding attack prevention. http://redmine.pfsense.org/issues/708 */ -if ($_SERVER['HTTP_HOST'] != $config['system']['hostname'] . "." . $config['system']['domain'] and - $_SERVER['HTTP_HOST'] != $_SERVER['SERVER_ADDR'] and - $_SERVER['HTTP_HOST'] != $config['system']['hostname']) { - display_error_form("501", "Potential DNS Rebind attack detected, see http://en.wikipedia.org/wiki/DNS_rebinding"); - exit; +$found_host = false; +if($config['dyndns']) + foreach($config['dyndns'] as $dyndns) + if($dyndns['host'] == $_SERVER['HTTP_HOST'] or $dyndns['host'] == $_SERVER['SERVER_ADDR']) + $found_host = true; +if($found_host == false) { + if ($_SERVER['HTTP_HOST'] != $config['system']['hostname'] . "." . $config['system']['domain'] and + $_SERVER['HTTP_HOST'] != $_SERVER['SERVER_ADDR'] and + $_SERVER['HTTP_HOST'] != $config['system']['hostname']) { + display_error_form("501", "Potential DNS Rebind attack detected, see http://en.wikipedia.org/wiki/DNS_rebinding"); + exit; + } } $groupindex = index_groups(); |
