aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEl RIDO <[email protected]>2022-02-28 19:21:45 +0100
committerGitHub <[email protected]>2022-02-28 19:21:45 +0100
commit389b07bd2dbddaca237e585f029067b6dfd306e1 (patch)
tree96f0e9e9ab015b7d6a593ed13f227b9789ee2761
parent2b46fdd6260558f1c38b301cb5c9cf4240c9a9ba (diff)
parent3e028183358b0241301df1b9925a32ace6c23f66 (diff)
downloadprivatebin-389b07bd2dbddaca237e585f029067b6dfd306e1.tar.gz
privatebin-389b07bd2dbddaca237e585f029067b6dfd306e1.tar.bz2
privatebin-389b07bd2dbddaca237e585f029067b6dfd306e1.zip
Merge pull request #901 from PrivateBin/trafficlimit-short-subnets
Allow short subnet notation
-rw-r--r--cfg/conf.sample.php2
-rw-r--r--lib/Persistence/TrafficLimiter.php5
-rw-r--r--tst/Persistence/TrafficLimiterTest.php4
3 files changed, 7 insertions, 4 deletions
diff --git a/cfg/conf.sample.php b/cfg/conf.sample.php
index 005f83be..4d21dc3e 100644
--- a/cfg/conf.sample.php
+++ b/cfg/conf.sample.php
@@ -135,7 +135,7 @@ markdown = "Markdown"
; Set this to 0 to disable rate limiting.
limit = 10
-; (optional) Set IPs adresses (v4 or v6) or subnets (CIDR) which are exempted
+; (optional) Set IPs addresses (v4 or v6) or subnets (CIDR) which are exempted
; from the rate-limit. Invalid IPs will be ignored. If multiple values are to
; be exempted, the list needs to be comma separated. Leave unset to disable
; exemptions.
diff --git a/lib/Persistence/TrafficLimiter.php b/lib/Persistence/TrafficLimiter.php
index f071562b..93f91d23 100644
--- a/lib/Persistence/TrafficLimiter.php
+++ b/lib/Persistence/TrafficLimiter.php
@@ -146,7 +146,10 @@ class TrafficLimiter extends AbstractPersistence
$ipRange = trim($ipRange);
}
$address = Factory::parseAddressString($_SERVER[self::$_ipKey]);
- $range = Factory::parseRangeString($ipRange, ParseStringFlag::IPV4_MAYBE_NON_DECIMAL);
+ $range = Factory::parseRangeString(
+ $ipRange,
+ ParseStringFlag::IPV4_MAYBE_NON_DECIMAL | ParseStringFlag::IPV4SUBNET_MAYBE_COMPACT | ParseStringFlag::IPV4ADDRESS_MAYBE_NON_QUAD_DOTTED
+ );
// address could not be parsed, we might not be in IP space and try a string comparison instead
if (is_null($address)) {
diff --git a/tst/Persistence/TrafficLimiterTest.php b/tst/Persistence/TrafficLimiterTest.php
index a8b8040c..84e0bae8 100644
--- a/tst/Persistence/TrafficLimiterTest.php
+++ b/tst/Persistence/TrafficLimiterTest.php
@@ -57,7 +57,7 @@ class TrafficLimiterTest extends PHPUnit_Framework_TestCase
public function testTrafficLimitExempted()
{
- TrafficLimiter::setExempted('1.2.3.4,10.10.10.0/24,2001:1620:2057::/48');
+ TrafficLimiter::setExempted('1.2.3.4,10.10.10/24,2001:1620:2057::/48');
$_SERVER['REMOTE_ADDR'] = '127.0.0.1';
$this->assertTrue(TrafficLimiter::canPass(), 'first request may pass');
try {
@@ -85,7 +85,7 @@ class TrafficLimiterTest extends PHPUnit_Framework_TestCase
public function testTrafficLimitCreators()
{
- TrafficLimiter::setCreators('1.2.3.4,10.10.10.0/24,2001:1620:2057::/48');
+ TrafficLimiter::setCreators('1.2.3.4,10.10.10/24,2001:1620:2057::/48');
$_SERVER['REMOTE_ADDR'] = '127.0.0.1';
try {
$this->assertFalse(TrafficLimiter::canPass(), 'expected an exception');