halbebruno/cloudflare_ddns
1
0
Fork 0
mirror of https://github.com/timothymiller/cloudflare-ddns.git synced 2026-03-21 22:48:57 -03:00
Code Issues Packages Projects Releases Wiki Activity

Only set Host header for literal-IP trace URLs

Browse Source 
The fallback hostname-based URL and custom URLs resolve correctly
without a Host override, so restrict the header to the cases that
need it (direct IP connections to 1.1.1.1 / [2606:4700:4700::1111]).
This commit is contained in:
Timothy Miller
2026-03-18 18:19:55 -04:00
parent 7e96816740
commit 94ce10fccc
1 changed files with 14 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
src/provider.rs
View File

@@ -164,14 +164,17 @@ pub fn parse_trace_ip(body: &str) -> Option<String> {
None None
} }
async fn fetch_trace_ip(client: &Client, url: &str, timeout: Duration) -> Option<IpAddr> { async fn fetch_trace_ip(
let resp = client client: &Client,
.get(url) url: &str,
.header("Host", "one.one.one.one") timeout: Duration,
.timeout(timeout) host_override: Option<&str>,
.send() ) -> Option<IpAddr> {
.await let mut req = client.get(url).timeout(timeout);
.ok()?; if let Some(host) = host_override {
req = req.header("Host", host);
}
let resp = req.send().await.ok()?;
let body = resp.text().await.ok()?; let body = resp.text().await.ok()?;
let ip_str = parse_trace_ip(&body)?; let ip_str = parse_trace_ip(&body)?;
ip_str.parse::<IpAddr>().ok() ip_str.parse::<IpAddr>().ok()
@@ -203,7 +206,7 @@ async fn detect_cloudflare_trace(
let client = build_split_client(ip_type, timeout); let client = build_split_client(ip_type, timeout);
if let Some(url) = custom_url { if let Some(url) = custom_url {
if let Some(ip) = fetch_trace_ip(&client, url, timeout).await { if let Some(ip) = fetch_trace_ip(&client, url, timeout, None).await {
if validate_detected_ip(&ip, ip_type, ppfmt) { if validate_detected_ip(&ip, ip_type, ppfmt) {
return vec![ip]; return vec![ip];
} }
@@ -221,7 +224,7 @@ async fn detect_cloudflare_trace(
}; };
// Try primary (literal IP — guarantees correct address family) // Try primary (literal IP — guarantees correct address family)
if let Some(ip) = fetch_trace_ip(&client, primary, timeout).await { if let Some(ip) = fetch_trace_ip(&client, primary, timeout, Some("one.one.one.one")).await {
if validate_detected_ip(&ip, ip_type, ppfmt) { if validate_detected_ip(&ip, ip_type, ppfmt) {
return vec![ip]; return vec![ip];
} }
@@ -232,7 +235,7 @@ async fn detect_cloudflare_trace(
); );
// Try fallback (hostname-based — works when literal IPs are intercepted by WARP/Zero Trust) // Try fallback (hostname-based — works when literal IPs are intercepted by WARP/Zero Trust)
if let Some(ip) = fetch_trace_ip(&client, CF_TRACE_FALLBACK, timeout).await { if let Some(ip) = fetch_trace_ip(&client, CF_TRACE_FALLBACK, timeout, None).await {
if validate_detected_ip(&ip, ip_type, ppfmt) { if validate_detected_ip(&ip, ip_type, ppfmt) {
return vec![ip]; return vec![ip];
} }