PageRenderTime 41ms CodeModel.GetById 13ms RepoModel.GetById 0ms app.codeStats 0ms

/mediawiki-integration/source/php/mediawiki/includes/IP.php

https://code.google.com/
PHP | 260 lines | 150 code | 23 blank | 87 comment | 47 complexity | 148bb51a5f354ddc157fee2353c56337 MD5 | raw file
Possible License(s): GPL-2.0, LGPL-3.0 
    

  1. <?php
    2. 

  2. /*
    3. 

  3.  * Collection of public static functions to play with IP address
    4. 

  4.  * and IP blocks.
    5. 

  5.  *
    6. 

  6.  * @Author "Ashar Voultoiz" <hashar@altern.org>
    7. 

  7.  * @License GPL v2 or later
    8. 

  8.  */
    9. 

  9. 

  10. // Some regex definition to "play" with IP address and IP address blocks
    11. 

  11. 

  12. // An IP is made of 4 bytes from x00 to xFF which is d0 to d255
    13. 

  13. define( 'RE_IP_BYTE', '(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|0?[0-9]?[0-9])');
    14. 

  14. define( 'RE_IP_ADD' , RE_IP_BYTE . '\.' . RE_IP_BYTE . '\.' . RE_IP_BYTE . '\.' . RE_IP_BYTE );
    15. 

  15. // An IP block is an IP address and a prefix (d1 to d32)
    16. 

  16. define( 'RE_IP_PREFIX', '(3[0-2]|[12]?\d)');
    17. 

  17. define( 'RE_IP_BLOCK', RE_IP_ADD . '\/' . RE_IP_PREFIX);
    18. 

  18. // For IPv6 canonicalization (NOT for strict validation; these are quite lax!)
    19. 

  19. define( 'RE_IPV6_WORD', '([0-9A-Fa-f]{1,4})' );
    20. 

  20. define( 'RE_IPV6_GAP', ':(?:0+:)*(?::(?:0+:)*)?' );
    21. 

  21. define( 'RE_IPV6_V4_PREFIX', '0*' . RE_IPV6_GAP . '(?:ffff:)?' );
    22. 

  22. 

  23. class IP {
    24. 

  24. 

  25. 	/**
    26. 

  26. 	 * Validate an IP address.
    27. 

  27. 	 * @return boolean True if it is valid.
    28. 

  28. 	 */
    29. 

  29. 	public static function isValid( $ip ) {
    30. 

  30. 		return preg_match( '/^' . RE_IP_ADD . '$/', $ip) ;
    31. 

  31. 	}
    32. 

  32. 

  33. 	/**
    34. 

  34. 	 * Validate an IP Block.
    35. 

  35. 	 * @return boolean True if it is valid.
    36. 

  36. 	 */
    37. 

  37. 	public static function isValidBlock( $ipblock ) {
    38. 

  38. 		return ( count(self::toArray($ipblock)) == 1 + 5 );
    39. 

  39. 	}
    40. 

  40. 

  41. 	/**
    42. 

  42. 	 * Determine if an IP address really is an IP address, and if it is public,
    43. 

  43. 	 * i.e. not RFC 1918 or similar
    44. 

  44. 	 * Comes from ProxyTools.php
    45. 

  45. 	 */
    46. 

  46. 	public static function isPublic( $ip ) {
    47. 

  47. 		$n = IP::toUnsigned( $ip );
    48. 

  48. 		if ( !$n ) {
    49. 

  49. 			return false;
    50. 

  50. 		}
    51. 

  51. 

  52. 		// ip2long accepts incomplete addresses, as well as some addresses
    53. 

  53. 		// followed by garbage characters. Check that it's really valid.
    54. 

  54. 		if( $ip != long2ip( $n ) ) {
    55. 

  55. 			return false;
    56. 

  56. 		}
    57. 

  57. 

  58. 		static $privateRanges = false;
    59. 

  59. 		if ( !$privateRanges ) {
    60. 

  60. 			$privateRanges = array(
    61. 

  61. 				array( '10.0.0.0',    '10.255.255.255' ),   # RFC 1918 (private)
    62. 

  62. 				array( '172.16.0.0',  '172.31.255.255' ),   #     "
    63. 

  63. 				array( '192.168.0.0', '192.168.255.255' ),  #     "
    64. 

  64. 				array( '0.0.0.0',     '0.255.255.255' ),    # this network
    65. 

  65. 				array( '127.0.0.0',   '127.255.255.255' ),  # loopback
    66. 

  66. 			);
    67. 

  67. 		}
    68. 

  68. 

  69. 		foreach ( $privateRanges as $r ) {
    70. 

  70. 			$start = IP::toUnsigned( $r[0] );
    71. 

  71. 			$end = IP::toUnsigned( $r[1] );
    72. 

  72. 			if ( $n >= $start && $n <= $end ) {
    73. 

  73. 				return false;
    74. 

  74. 			}
    75. 

  75. 		}
    76. 

  76. 		return true;
    77. 

  77. 	}
    78. 

  78. 

  79. 	/**
    80. 

  80. 	 * Split out an IP block as an array of 4 bytes and a mask,
    81. 

  81. 	 * return false if it can't be determined
    82. 

  82. 	 *
    83. 

  83. 	 * @parameter $ip string A quad dotted IP address
    84. 

  84. 	 * @return array
    85. 

  85. 	 */
    86. 

  86. 	public static function toArray( $ipblock ) {
    87. 

  87. 		$matches = array();
    88. 

  88. 		if(! preg_match( '/^' . RE_IP_ADD . '(?:\/(?:'.RE_IP_PREFIX.'))?' . '$/', $ipblock, $matches ) ) {
    89. 

  89. 			return false;
    90. 

  90. 		} else {
    91. 

  91. 			return $matches;
    92. 

  92. 		}
    93. 

  93. 	}
    94. 

  94. 

  95. 	/**
    96. 

  96. 	 * Return a zero-padded hexadecimal representation of an IP address.
    97. 

  97. 	 *
    98. 

  98. 	 * Hexadecimal addresses are used because they can easily be extended to
    99. 

  99. 	 * IPv6 support. To separate the ranges, the return value from this 
    100. 

  100. 	 * function for an IPv6 address will be prefixed with "v6-", a non-
    101. 

  101. 	 * hexadecimal string which sorts after the IPv4 addresses.
    102. 

  102. 	 *
    103. 

  103. 	 * @param $ip Quad dotted IP address.
    104. 

  104. 	 */
    105. 

  105. 	public static function toHex( $ip ) {
    106. 

  106. 		$n = self::toUnsigned( $ip );
    107. 

  107. 		if ( $n !== false ) {
    108. 

  108. 			$n = sprintf( '%08X', $n );
    109. 

  109. 		}
    110. 

  110. 		return $n;
    111. 

  111. 	}
    112. 

  112. 

  113. 	/**
    114. 

  114. 	 * Given an IP address in dotted-quad notation, returns an unsigned integer.
    115. 

  115. 	 * Like ip2long() except that it actually works and has a consistent error return value.
    116. 

  116. 	 * Comes from ProxyTools.php
    117. 

  117. 	 * @param $ip Quad dotted IP address.
    118. 

  118. 	 */
    119. 

  119. 	public static function toUnsigned( $ip ) {
    120. 

  120. 		if ( $ip == '255.255.255.255' ) {
    121. 

  121. 			$n = -1;
    122. 

  122. 		} else {
    123. 

  123. 			$n = ip2long( $ip );
    124. 

  124. 			if ( $n == -1 || $n === false ) { # Return value on error depends on PHP version
    125. 

  125. 				$n = false;
    126. 

  126. 			}
    127. 

  127. 		}
    128. 

  128. 		if ( $n < 0 ) {
    129. 

  129. 			$n += pow( 2, 32 );
    130. 

  130. 		}
    131. 

  131. 		return $n;
    132. 

  132. 	}
    133. 

  133. 

  134. 	/**
    135. 

  135. 	 * Convert a dotted-quad IP to a signed integer
    136. 

  136. 	 * Returns false on failure
    137. 

  137. 	 */
    138. 

  138. 	public static function toSigned( $ip ) {
    139. 

  139. 		if ( $ip == '255.255.255.255' ) {
    140. 

  140. 			$n = -1;
    141. 

  141. 		} else {
    142. 

  142. 			$n = ip2long( $ip );
    143. 

  143. 			if ( $n == -1 ) {
    144. 

  144. 				$n = false;
    145. 

  145. 			}
    146. 

  146. 		}
    147. 

  147. 		return $n;
    148. 

  148. 	}
    149. 

  149. 

  150. 	/**
    151. 

  151. 	 * Convert a network specification in CIDR notation to an integer network and a number of bits
    152. 

  152. 	 */
    153. 

  153. 	public static function parseCIDR( $range ) {
    154. 

  154. 		$parts = explode( '/', $range, 2 );
    155. 

  155. 		if ( count( $parts ) != 2 ) {
    156. 

  156. 			return array( false, false );
    157. 

  157. 		}
    158. 

  158. 		$network = IP::toSigned( $parts[0] );
    159. 

  159. 		if ( $network !== false && is_numeric( $parts[1] ) && $parts[1] >= 0 && $parts[1] <= 32 ) {
    160. 

  160. 			$bits = $parts[1];
    161. 

  161. 			if ( $bits == 0 ) {
    162. 

  162. 				$network = 0;
    163. 

  163. 			} else {
    164. 

  164. 				$network &= ~((1 << (32 - $bits)) - 1);
    165. 

  165. 			}
    166. 

  166. 			# Convert to unsigned
    167. 

  167. 			if ( $network < 0 ) {
    168. 

  168. 				$network += pow( 2, 32 );
    169. 

  169. 			}
    170. 

  170. 		} else {
    171. 

  171. 			$network = false;
    172. 

  172. 			$bits = false;
    173. 

  173. 		}
    174. 

  174. 		return array( $network, $bits );
    175. 

  175. 	}
    176. 

  176. 

  177. 	/**
    178. 

  178. 	 * Given a string range in a number of formats, return the start and end of 
    179. 

  179. 	 * the range in hexadecimal.
    180. 

  180. 	 *
    181. 

  181. 	 * Formats are:
    182. 

  182. 	 *     1.2.3.4/24          CIDR
    183. 

  183. 	 *     1.2.3.4 - 1.2.3.5   Explicit range
    184. 

  184. 	 *     1.2.3.4             Single IP
    185. 

  185. 	 */
    186. 

  186. 	public static function parseRange( $range ) {
    187. 

  187. 		if ( strpos( $range, '/' ) !== false ) {
    188. 

  188. 			# CIDR
    189. 

  189. 			list( $network, $bits ) = IP::parseCIDR( $range );
    190. 

  190. 			if ( $network === false ) {
    191. 

  191. 				$start = $end = false;
    192. 

  192. 			} else {
    193. 

  193. 				$start = sprintf( '%08X', $network );
    194. 

  194. 				$end = sprintf( '%08X', $network + pow( 2, (32 - $bits) ) - 1 );
    195. 

  195. 			}
    196. 

  196. 		} elseif ( strpos( $range, '-' ) !== false ) {
    197. 

  197. 			# Explicit range
    198. 

  198. 			list( $start, $end ) = array_map( 'trim', explode( '-', $range, 2 ) );
    199. 

  199. 			if ( $start > $end ) {
    200. 

  200. 				$start = $end = false;
    201. 

  201. 			} else {
    202. 

  202. 				$start = IP::toHex( $start );
    203. 

  203. 				$end = IP::toHex( $end );
    204. 

  204. 			}
    205. 

  205. 		} else {
    206. 

  206. 			# Single IP
    207. 

  207. 			$start = $end = IP::toHex( $range );
    208. 

  208. 		}
    209. 

  209. 		if ( $start === false || $end === false ) {
    210. 

  210. 			return array( false, false );
    211. 

  211. 		} else {				
    212. 

  212. 			return array( $start, $end );
    213. 

  213. 		}
    214. 

  214.     }
    215. 

  215. 

  216.     /**
    217. 

  217.      * Determine if a given integer IPv4 address is in a given CIDR network
    218. 

  218.      * @param $addr The address to check against the given range.
    219. 

  219.      * @param $range The range to check the given address against.
    220. 

  220.      * @return bool Whether or not the given address is in the given range.
    221. 

  221.      */
    222. 

  222.     public static function isInRange( $addr, $range ) {
    223. 

  223.         $unsignedIP = IP::toUnsigned($addr);
    224. 

  224.         list( $start, $end ) = IP::parseRange($range);
    225. 

  225. 

  226. 		$start = hexdec($start);
    227. 

  227. 		$end   = hexdec($end);
    228. 

  228. 

  229.         return (($unsignedIP >= $start) && ($unsignedIP <= $end));
    230. 

  230.     }
    231. 

  231. 

  232.     /**
    233. 

  233.      * Convert some unusual representations of IPv4 addresses to their
    234. 

  234.      * canonical dotted quad representation.
    235. 

  235.      *
    236. 

  236.      * This currently only checks a few IPV4-to-IPv6 related cases.  More
    237. 

  237.      * unusual representations may be added later.
    238. 

  238.      *
    239. 

  239.      * @param $addr something that might be an IP address
    240. 

  240.      * @return valid dotted quad IPv4 address or null
    241. 

  241.      */
    242. 

  242.     public static function canonicalize( $addr ) {
    243. 

  243. 	if ( IP::isValid( $addr ) )
    244. 

  244. 	    return $addr;
    245. 

  245. 

  246. 	// IPv6 loopback address
    247. 

  247. 	if ( preg_match( '/^0*' . RE_IPV6_GAP . '1$/', $addr, $m ) )
    248. 

  248. 	    return '127.0.0.1';
    249. 

  249. 

  250. 	// IPv4-mapped and IPv4-compatible IPv6 addresses
    251. 

  251. 	if ( preg_match( '/^' . RE_IPV6_V4_PREFIX . '(' . RE_IP_ADD . ')$/i', $addr, $m ) )
    252. 

  252. 	    return $m[1];
    253. 

  253. 	if ( preg_match( '/^' . RE_IPV6_V4_PREFIX . RE_IPV6_WORD . ':' . RE_IPV6_WORD . '$/i', $addr, $m ) )
    254. 

  254. 	    return long2ip( ( hexdec( $m[1] ) << 16 ) + hexdec( $m[2] ) );
    255. 

  255. 

  256. 	return null;  // give up
    257. 

  257.     }
    258. 

  258. }
    259. 

  259. 

  260. ?>
    261. 

  261.