From f1037b97c5dc9e23299ffe2b198bf8cb7b5a6b4b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=B4me=20Chilliet?= <come.chilliet@nextcloud.com>
Date: Mon, 27 Jun 2022 16:48:58 +0200
Subject: [PATCH] Improve local IP detection
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
---
 lib/private/Http/Client/LocalAddressChecker.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/lib/private/Http/Client/LocalAddressChecker.php b/lib/private/Http/Client/LocalAddressChecker.php
index c69d1007a160e..b233f34b19c63 100644
--- a/lib/private/Http/Client/LocalAddressChecker.php
+++ b/lib/private/Http/Client/LocalAddressChecker.php
@@ -41,6 +41,12 @@ public function ThrowIfLocalIp(string $ip) : void {
 			throw new LocalServerException('Host violates local access rules');
 		}
 
+		$localIps = ['100.100.100.200'];
+		if ((bool)filter_var($ip, FILTER_VALIDATE_IP) && in_array($ip, $localIps)) {
+			$this->logger->warning("Host $ip was not connected to because it violates local access rules");
+			throw new LocalServerException('Host violates local access rules');
+		}
+
 		// Also check for IPv6 IPv4 nesting, because that's not covered by filter_var
 		if ((bool)filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) && substr_count($ip, '.') > 0) {
 			$delimiter = strrpos($ip, ':'); // Get last colon