Mercurial > hg > isophonics-drupal-site
comparison vendor/symfony/http-foundation/IpUtils.php @ 12:7a779792577d
Update Drupal core to v8.4.5 (via Composer)
| author | Chris Cannam |
|---|---|
| date | Fri, 23 Feb 2018 15:52:07 +0000 |
| parents | 4c8ae668cc8c |
| children | 1fec387a4317 |
comparison
equal
deleted
inserted
replaced
| 11:bfffd8d7479a | 12:7a779792577d |
|---|---|
| 16 * | 16 * |
| 17 * @author Fabien Potencier <fabien@symfony.com> | 17 * @author Fabien Potencier <fabien@symfony.com> |
| 18 */ | 18 */ |
| 19 class IpUtils | 19 class IpUtils |
| 20 { | 20 { |
| 21 private static $checkedIps = array(); | |
| 22 | |
| 21 /** | 23 /** |
| 22 * This class should not be instantiated. | 24 * This class should not be instantiated. |
| 23 */ | 25 */ |
| 24 private function __construct() | 26 private function __construct() |
| 25 { | 27 { |
| 59 * | 61 * |
| 60 * @return bool Whether the request IP matches the IP, or whether the request IP is within the CIDR subnet | 62 * @return bool Whether the request IP matches the IP, or whether the request IP is within the CIDR subnet |
| 61 */ | 63 */ |
| 62 public static function checkIp4($requestIp, $ip) | 64 public static function checkIp4($requestIp, $ip) |
| 63 { | 65 { |
| 66 $cacheKey = $requestIp.'-'.$ip; | |
| 67 if (isset(self::$checkedIps[$cacheKey])) { | |
| 68 return self::$checkedIps[$cacheKey]; | |
| 69 } | |
| 70 | |
| 64 if (!filter_var($requestIp, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) { | 71 if (!filter_var($requestIp, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) { |
| 65 return false; | 72 return self::$checkedIps[$cacheKey] = false; |
| 66 } | 73 } |
| 67 | 74 |
| 68 if (false !== strpos($ip, '/')) { | 75 if (false !== strpos($ip, '/')) { |
| 69 list($address, $netmask) = explode('/', $ip, 2); | 76 list($address, $netmask) = explode('/', $ip, 2); |
| 70 | 77 |
| 71 if ($netmask === '0') { | 78 if ($netmask === '0') { |
| 72 return filter_var($address, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4); | 79 return self::$checkedIps[$cacheKey] = filter_var($address, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4); |
| 73 } | 80 } |
| 74 | 81 |
| 75 if ($netmask < 0 || $netmask > 32) { | 82 if ($netmask < 0 || $netmask > 32) { |
| 76 return false; | 83 return self::$checkedIps[$cacheKey] = false; |
| 77 } | 84 } |
| 78 } else { | 85 } else { |
| 79 $address = $ip; | 86 $address = $ip; |
| 80 $netmask = 32; | 87 $netmask = 32; |
| 81 } | 88 } |
| 82 | 89 |
| 83 return 0 === substr_compare(sprintf('%032b', ip2long($requestIp)), sprintf('%032b', ip2long($address)), 0, $netmask); | 90 return self::$checkedIps[$cacheKey] = 0 === substr_compare(sprintf('%032b', ip2long($requestIp)), sprintf('%032b', ip2long($address)), 0, $netmask); |
| 84 } | 91 } |
| 85 | 92 |
| 86 /** | 93 /** |
| 87 * Compares two IPv6 addresses. | 94 * Compares two IPv6 addresses. |
| 88 * In case a subnet is given, it checks if it contains the request IP. | 95 * In case a subnet is given, it checks if it contains the request IP. |
| 98 * | 105 * |
| 99 * @throws \RuntimeException When IPV6 support is not enabled | 106 * @throws \RuntimeException When IPV6 support is not enabled |
| 100 */ | 107 */ |
| 101 public static function checkIp6($requestIp, $ip) | 108 public static function checkIp6($requestIp, $ip) |
| 102 { | 109 { |
| 110 $cacheKey = $requestIp.'-'.$ip; | |
| 111 if (isset(self::$checkedIps[$cacheKey])) { | |
| 112 return self::$checkedIps[$cacheKey]; | |
| 113 } | |
| 114 | |
| 103 if (!((extension_loaded('sockets') && defined('AF_INET6')) || @inet_pton('::1'))) { | 115 if (!((extension_loaded('sockets') && defined('AF_INET6')) || @inet_pton('::1'))) { |
| 104 throw new \RuntimeException('Unable to check Ipv6. Check that PHP was not compiled with option "disable-ipv6".'); | 116 throw new \RuntimeException('Unable to check Ipv6. Check that PHP was not compiled with option "disable-ipv6".'); |
| 105 } | 117 } |
| 106 | 118 |
| 107 if (false !== strpos($ip, '/')) { | 119 if (false !== strpos($ip, '/')) { |
| 108 list($address, $netmask) = explode('/', $ip, 2); | 120 list($address, $netmask) = explode('/', $ip, 2); |
| 109 | 121 |
| 110 if ($netmask < 1 || $netmask > 128) { | 122 if ($netmask < 1 || $netmask > 128) { |
| 111 return false; | 123 return self::$checkedIps[$cacheKey] = false; |
| 112 } | 124 } |
| 113 } else { | 125 } else { |
| 114 $address = $ip; | 126 $address = $ip; |
| 115 $netmask = 128; | 127 $netmask = 128; |
| 116 } | 128 } |
| 117 | 129 |
| 118 $bytesAddr = unpack('n*', @inet_pton($address)); | 130 $bytesAddr = unpack('n*', @inet_pton($address)); |
| 119 $bytesTest = unpack('n*', @inet_pton($requestIp)); | 131 $bytesTest = unpack('n*', @inet_pton($requestIp)); |
| 120 | 132 |
| 121 if (!$bytesAddr || !$bytesTest) { | 133 if (!$bytesAddr || !$bytesTest) { |
| 122 return false; | 134 return self::$checkedIps[$cacheKey] = false; |
| 123 } | 135 } |
| 124 | 136 |
| 125 for ($i = 1, $ceil = ceil($netmask / 16); $i <= $ceil; ++$i) { | 137 for ($i = 1, $ceil = ceil($netmask / 16); $i <= $ceil; ++$i) { |
| 126 $left = $netmask - 16 * ($i - 1); | 138 $left = $netmask - 16 * ($i - 1); |
| 127 $left = ($left <= 16) ? $left : 16; | 139 $left = ($left <= 16) ? $left : 16; |
| 128 $mask = ~(0xffff >> $left) & 0xffff; | 140 $mask = ~(0xffff >> $left) & 0xffff; |
| 129 if (($bytesAddr[$i] & $mask) != ($bytesTest[$i] & $mask)) { | 141 if (($bytesAddr[$i] & $mask) != ($bytesTest[$i] & $mask)) { |
| 130 return false; | 142 return self::$checkedIps[$cacheKey] = false; |
| 131 } | 143 } |
| 132 } | 144 } |
| 133 | 145 |
| 134 return true; | 146 return self::$checkedIps[$cacheKey] = true; |
| 135 } | 147 } |
| 136 } | 148 } |