From 99ea80e0e0f88720dcb39877423c6ec796975bd2 Mon Sep 17 00:00:00 2001 From: Luke Bratch Date: Sun, 28 Dec 2025 02:19:32 +0000 Subject: Ensure secret IDs are set and are at least 10 characters long. --- dns.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/dns.php b/dns.php index 7ca8174..2f93759 100644 --- a/dns.php +++ b/dns.php @@ -139,7 +139,7 @@ function writezone($domain, $zonetext, $password = null) { // Main entry point -if (isset($_GET['mode']) && isset($_GET['zone']) && isset($_GET['hash'])) { +if (isset($_GET['mode']) && isset($_GET['zone']) && isset($_GET['hash']) && strlen($_GET['hash']) > 10) { // Some sort of mode (at the moment only "update" is supported if ($_GET['mode'] == "update") { // An auto update is being requested. This is where one or more zone records @@ -213,7 +213,7 @@ if (isset($_GET['mode']) && isset($_GET['zone']) && isset($_GET['hash'])) { echo "

record(s) updated :)

"; } - } else if ($_GET['mode'] == "txt" && isset($_POST['record'])) { + } else if ($_GET['mode'] == "txt" && isset($_POST['record']) && isset($_GET['hash']) && strlen($_GET['hash']) > 10) { $zonetext = getzone($_GET['zone']); // Only use \n for newlines $zonetext = str_replace("\r", "", $zonetext); @@ -281,7 +281,7 @@ if (isset($_GET['mode']) && isset($_GET['zone']) && isset($_GET['hash'])) { ?>

1. Your zonefile is below.

2. Ensure the first line always ends with a SHA-256 hash of your chosen password.

-

3. To automatically update a particular A or AAAA record with the source IP address of your request, give the line a comment ending with a secret ID (e.g. a SHA-256 hash), e.g.:

+

3. To automatically update a particular A or AAAA record with the source IP address of your request, give the line a comment ending with a secret ID at least 10 characters long (e.g. a SHA-256 hash), e.g.:

 test    300     IN      A       192.168.0.1 ; sha256 = 7f480e744a79953eb916b68f540e0eeec6f9cf23edf4aa08cc1cdf5f077c0f6f
 test    300     IN      AAAA    ::1 ; sha256 = b493d48364afe44d11c0165cf470a4164d1e2609911ef998be868d46ade3de4e
-- 
cgit v1.2.3