Skip to content

Commit 26ad11d

Browse files
sukunrtsukunrt
committed
fix private domains list
1 parent c0880b5 commit 26ad11d

File tree

1 file changed

+33
-49
lines changed

1 file changed

+33
-49
lines changed

net/private.go

+33-49
Original file line numberDiff line numberDiff line change
@@ -47,53 +47,31 @@ var unroutableCIDR6 = []string{
4747
"ff00::/8",
4848
}
4949

50-
// specialUseDomains are reserved for various purposes and do not have a central authority
51-
// for consistent resolution in different networks.
52-
// see: https://en.wikipedia.org/wiki/Special-use_domain_name#Reserved_domain_names
53-
// This list doesn't contain `.onion` addresses as they are consistently resolved everywhere.
54-
var specialUseDomains = []string{
55-
"6tisch.arpa",
56-
"10.in-addr.arpa",
57-
"16.172.in-addr.arpa",
58-
"17.172.in-addr.arpa",
59-
"18.172.in-addr.arpa",
60-
"19.172.in-addr.arpa",
61-
"20.172.in-addr.arpa",
62-
"21.172.in-addr.arpa",
63-
"22.172.in-addr.arpa",
64-
"23.172.in-addr.arpa",
65-
"24.172.in-addr.arpa",
66-
"25.172.in-addr.arpa",
67-
"26.172.in-addr.arpa",
68-
"27.172.in-addr.arpa",
69-
"28.172.in-addr.arpa",
70-
"29.172.in-addr.arpa",
71-
"30.172.in-addr.arpa",
72-
"31.172.in-addr.arpa",
73-
"168.192.in-addr.arpa",
74-
"170.0.0.192.in-addr.arpa",
75-
"171.0.0.192.in-addr.arpa",
76-
"ipv4only.arpa",
77-
"254.169.in-addr.arpa",
78-
"8.e.f.ip6.arpa",
79-
"9.e.f.ip6.arpa",
80-
"a.e.f.ip6.arpa",
81-
"b.e.f.ip6.arpa",
82-
"home.arpa",
83-
"example",
84-
"example.com",
85-
"example.net",
86-
"example.org",
87-
"invalid",
88-
"intranet",
89-
"internal",
90-
"private",
91-
"corp",
92-
"home",
93-
"lan",
94-
"local",
95-
"localhost",
96-
"test",
50+
// unResolvableDomains do not resolve to an IP address.
51+
var unResolvableDomains = []string{
52+
// Reverse DNS Lookup
53+
".in-addr.arpa",
54+
".ip6.arpa",
55+
56+
// RFC 6761: Users MAY assume that queries for "invalid" names will always return NXDOMAIN
57+
// responses
58+
".invalid",
59+
}
60+
61+
// privateUseDomains are reserved for private use and have no central authority for consistent
62+
// address resolution
63+
var privateUseDomains = []string{
64+
// RFC 8375: Reserved for home networks
65+
".home.arpa",
66+
67+
// MDNS
68+
".local",
69+
70+
// RFC 6761: Users may assume that IPv4 and IPv6 address queries for localhost names will
71+
// always resolve to the respective IP loopback address
72+
".localhost",
73+
// RFC 6761: No central authority for .test names
74+
".test",
9775
}
9876

9977
func init() {
@@ -132,8 +110,14 @@ func IsPublicAddr(a ma.Multiaddr) bool {
132110
case ma.P_DNS, ma.P_DNS4, ma.P_DNS6, ma.P_DNSADDR:
133111
dnsAddr := c.Value()
134112
isPublic = true
135-
for _, sd := range specialUseDomains {
136-
if strings.HasSuffix(dnsAddr, sd) {
113+
for _, ud := range unResolvableDomains {
114+
if strings.HasSuffix(dnsAddr, ud) {
115+
isPublic = false
116+
break
117+
}
118+
}
119+
for _, pd := range privateUseDomains {
120+
if strings.HasSuffix(dnsAddr, pd) {
137121
isPublic = false
138122
break
139123
}

0 commit comments

Comments
 (0)