aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorgithub-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>2022-02-28 18:22:17 +0000
committergithub-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>2022-02-28 18:22:17 +0000
commitbda1ab23b836e33e99dbce8f01e8ef26bd19ec20 (patch)
tree76874b19f03989e4ec8ed25e040360552837321c
parent50fb12e3b327155395d9b44b2d6b0f7b4e7b08f3 (diff)
parent389b07bd2dbddaca237e585f029067b6dfd306e1 (diff)
downloadprivatebin-bda1ab23b836e33e99dbce8f01e8ef26bd19ec20.tar.gz
privatebin-bda1ab23b836e33e99dbce8f01e8ef26bd19ec20.tar.bz2
privatebin-bda1ab23b836e33e99dbce8f01e8ef26bd19ec20.zip
Merge remote-tracking branch 'origin/master' into php8
-rw-r--r--cfg/conf.sample.php2
-rw-r--r--lib/Persistence/TrafficLimiter.php5
-rw-r--r--tst/Persistence/TrafficLimiterTest.php4
3 files changed, 7 insertions, 4 deletions
diff --git a/cfg/conf.sample.php b/cfg/conf.sample.php
index 005f83be..4d21dc3e 100644
--- a/cfg/conf.sample.php
+++ b/cfg/conf.sample.php
@@ -135,7 +135,7 @@ markdown = "Markdown"
; Set this to 0 to disable rate limiting.
limit = 10
-; (optional) Set IPs adresses (v4 or v6) or subnets (CIDR) which are exempted
+; (optional) Set IPs addresses (v4 or v6) or subnets (CIDR) which are exempted
; from the rate-limit. Invalid IPs will be ignored. If multiple values are to
; be exempted, the list needs to be comma separated. Leave unset to disable
; exemptions.
diff --git a/lib/Persistence/TrafficLimiter.php b/lib/Persistence/TrafficLimiter.php
index f071562b..93f91d23 100644
--- a/lib/Persistence/TrafficLimiter.php
+++ b/lib/Persistence/TrafficLimiter.php
@@ -146,7 +146,10 @@ class TrafficLimiter extends AbstractPersistence
$ipRange = trim($ipRange);
}
$address = Factory::parseAddressString($_SERVER[self::$_ipKey]);
- $range = Factory::parseRangeString($ipRange, ParseStringFlag::IPV4_MAYBE_NON_DECIMAL);
+ $range = Factory::parseRangeString(
+ $ipRange,
+ ParseStringFlag::IPV4_MAYBE_NON_DECIMAL | ParseStringFlag::IPV4SUBNET_MAYBE_COMPACT | ParseStringFlag::IPV4ADDRESS_MAYBE_NON_QUAD_DOTTED
+ );
// address could not be parsed, we might not be in IP space and try a string comparison instead
if (is_null($address)) {
diff --git a/tst/Persistence/TrafficLimiterTest.php b/tst/Persistence/TrafficLimiterTest.php
index 681c7831..c9bb6d7d 100644
--- a/tst/Persistence/TrafficLimiterTest.php
+++ b/tst/Persistence/TrafficLimiterTest.php
@@ -58,7 +58,7 @@ class TrafficLimiterTest extends TestCase
public function testTrafficLimitExempted()
{
- TrafficLimiter::setExempted('1.2.3.4,10.10.10.0/24,2001:1620:2057::/48');
+ TrafficLimiter::setExempted('1.2.3.4,10.10.10/24,2001:1620:2057::/48');
$_SERVER['REMOTE_ADDR'] = '127.0.0.1';
$this->assertTrue(TrafficLimiter::canPass(), 'first request may pass');
try {
@@ -86,7 +86,7 @@ class TrafficLimiterTest extends TestCase
public function testTrafficLimitCreators()
{
- TrafficLimiter::setCreators('1.2.3.4,10.10.10.0/24,2001:1620:2057::/48');
+ TrafficLimiter::setCreators('1.2.3.4,10.10.10/24,2001:1620:2057::/48');
$_SERVER['REMOTE_ADDR'] = '127.0.0.1';
try {
$this->assertFalse(TrafficLimiter::canPass(), 'expected an exception');