Thijs/wiki.techinc.nl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
wiki.techinc.nl/includes/ProxyTools.php

184 lines
4.6 KiB
PHP
Raw Normal View History

Adding some validation for IP determination via XFF headers, in preparation for adding ISP proxies to the trusted proxy list, which may occasionally give invalid XFF headers
2005-03-31 09:10:25 +00:00
<?php
/**
* Functions for dealing with proxies
* Standardised file description headers * Added some descriptions * Added @file where needed
2010-08-14 17:42:40 +00:00
*
WARNING: HUGE COMMIT Doxygen documentation update: * Changed alls @addtogroup to @ingroup. @addtogroup adds the comment to the group description, but doesn't add the file, class, function, ... to the group like @ingroup does. See for example http://svn.wikimedia.org/doc/group__SpecialPage.html where it's impossible to see related files, classes, ... that should belong to that group. * Added @file to file description, it seems that it should be explicitely decalred for file descriptions, otherwise doxygen will think that the comment document the first class, variabled, function, ... that is in that file. * Removed some empty comments * Removed some ?> Added following groups: * ExternalStorage * JobQueue * MaintenanceLanguage One more thing: there are still a lot of warnings when generating the doc.
2008-05-20 17:13:28 +00:00
* @file
Adding some validation for IP determination via XFF headers, in preparation for adding ISP proxies to the trusted proxy list, which may occasionally give invalid XFF headers
2005-03-31 09:10:25 +00:00
*/
*Document some older functions
2007-04-23 18:06:37 +00:00
/**
* Extracts the XFF string from the request header
* Note: headers are spoofable
* @return string
*/
Revert to r14512; domas introduced massive breakage with incomplete experimental changes. They will be recommitted when they work. :)
2006-06-01 08:19:02 +00:00
function wfGetForwardedFor() {
Fix some Notices: * LanguageKaa.php: Fix ucfirst and lcfirst for empty strings. * SkinTemplate.php: Fix undefined array access. * ProxyTools.php: When running hiphop in cli mode, apache_request_headers() returns null. Fix wfGetForwardedFor() to account for that.
2011-04-11 16:49:36 +00:00
$apacheHeaders = function_exists( 'apache_request_headers' ) ? apache_request_headers() : null;
if( is_array( $apacheHeaders ) ) {
Revert to r14512; domas introduced massive breakage with incomplete experimental changes. They will be recommitted when they work. :)
2006-06-01 08:19:02 +00:00
// More reliable than $_SERVER due to case and -/_ folding
Type hinting Braces Remove extra whitespace
2011-04-25 21:25:45 +00:00
$set = array();
Fix some Notices: * LanguageKaa.php: Fix ucfirst and lcfirst for empty strings. * SkinTemplate.php: Fix undefined array access. * ProxyTools.php: When running hiphop in cli mode, apache_request_headers() returns null. Fix wfGetForwardedFor() to account for that.
2011-04-11 16:49:36 +00:00
foreach ( $apacheHeaders as $tempName => $tempValue ) {
Withespaces fixes.
2008-03-08 16:22:05 +00:00
$set[ strtoupper( $tempName ) ] = $tempValue;
Fix for 13281: Normalize header names as per RFC 2616
2008-03-07 22:12:34 +00:00
}
$index = strtoupper ( 'X-Forwarded-For' );
Revert to r14512; domas introduced massive breakage with incomplete experimental changes. They will be recommitted when they work. :)
2006-06-01 08:19:02 +00:00
} else {
// Subject to spoofing with headers like X_Forwarded_For
$set = $_SERVER;
$index = 'HTTP_X_FORWARDED_FOR';
* Added useragent and an xff function and header
2007-02-12 01:02:35 +00:00
}
* remove end of line whitespace * remove empty lines at end of file * remove "?>" where still present
2008-04-14 07:45:50 +00:00
* Revert r94487 and r19889 to an extent -- ONLY check for the X-Forwarded-For header when we are behind a proxy, as mostly every properly configured proxy software sets it, and attempting to support those that do not opens up the ability to spoof IP addresses by setting arbitrary headers.
2011-08-15 05:25:56 +00:00
#Try to see if XFF is set
* Added useragent and an xff function and header
2007-02-12 01:02:35 +00:00
if( isset( $set[$index] ) ) {
return $set[$index];
} else {
return null;
}
}
*Document some older functions
2007-04-23 18:06:37 +00:00
/**
* Returns the browser/OS data from the request header
* Note: headers are spoofable
Deprecated wfGetAgent(), use $wgRequest->getHeader( 'User-Agent' ) instead
2011-06-03 10:41:53 +00:00
*
Update code comments that point to 1.18 to point to 1.19
2011-07-18 23:01:08 +00:00
* @deprecated in 1.18; use $wgRequest->getHeader( 'User-Agent' ) instead.
*Document some older functions
2007-04-23 18:06:37 +00:00
* @return string
*/
* Added useragent and an xff function and header
2007-02-12 01:02:35 +00:00
function wfGetAgent() {
Deprecated wfGetAgent(), use $wgRequest->getHeader( 'User-Agent' ) instead
2011-06-03 10:41:53 +00:00
wfDeprecated( __FUNCTION__ );
* Added useragent and an xff function and header
2007-02-12 01:02:35 +00:00
if( function_exists( 'apache_request_headers' ) ) {
// More reliable than $_SERVER due to case and -/_ folding
Type hinting Braces Remove extra whitespace
2011-04-25 21:25:45 +00:00
$set = array();
Fix for 13281: Normalize header names as per RFC 2616
2008-03-07 22:12:34 +00:00
foreach ( apache_request_headers() as $tempName => $tempValue ) {
Withespaces fixes.
2008-03-08 16:22:05 +00:00
$set[ strtoupper( $tempName ) ] = $tempValue;
Fix for 13281: Normalize header names as per RFC 2616
2008-03-07 22:12:34 +00:00
}
$index = strtoupper ( 'User-Agent' );
* Added useragent and an xff function and header
2007-02-12 01:02:35 +00:00
} else {
// Subject to spoofing with headers like X_Forwarded_For
$set = $_SERVER;
$index = 'HTTP_USER_AGENT';
* Protect against spoofing of X-Forwarded-For header
2006-01-07 21:44:10 +00:00
}
Revert to r14512; domas introduced massive breakage with incomplete experimental changes. They will be recommitted when they work. :)
2006-06-01 08:19:02 +00:00
if( isset( $set[$index] ) ) {
return $set[$index];
} else {
*Have user agent return '' rather than NULL
2007-03-09 22:57:25 +00:00
return '';
Revert to r14512; domas introduced massive breakage with incomplete experimental changes. They will be recommitted when they work. :)
2006-06-01 08:19:02 +00:00
}
}
* Protect against spoofing of X-Forwarded-For header
2006-01-07 21:44:10 +00:00
*Document some older functions
2007-04-23 18:06:37 +00:00
/**
* Work out the IP address based on various globals
* For trusted proxies, use the XFF client IP (first of the chain)
Tests for wfGetIP() follow up r89407 * wfGetIP() now support resetting its internal static variable. Thanks to Platonides which introduced this trick with r92960. * Various tests for $_SERVER['REMOTE_ADDR'] and $wgCommandLineMode. revert r94575: - reenable testGetFromServerRemoteAddr() which was not an issue reintroduce r94558: - per CR on r94558 by Aaron use meaningful parameter to wfGetIP() when resetting the static variable ( 'reset' instead of true). - keep testLackOfRemoteAddrThrowAnException() test in the broken group with a comment for later fixing. TODO: - implements tests for XFF headers. TEST PLAN: $ ./phpunit.php --filter wfGetIP --testdox PHPUnit 3.5.14 by Sebastian Bergmann. wfGetIP [x] Get loopback address when in command line [x] Get from server remote addr [x] Lack of remote addr throw an exception $
2011-08-16 14:15:07 +00:00
* @param $reset boolean Used to reset the internal static variable
* tracking the IP address. Set to anything non empty to reset it, for
* example: wfGetIP( 'reset' ); (default: false).
*Document some older functions
2007-04-23 18:06:37 +00:00
* @return string
*/
Tests for wfGetIP() follow up r89407 * wfGetIP() now support resetting its internal static variable. Thanks to Platonides which introduced this trick with r92960. * Various tests for $_SERVER['REMOTE_ADDR'] and $wgCommandLineMode. revert r94575: - reenable testGetFromServerRemoteAddr() which was not an issue reintroduce r94558: - per CR on r94558 by Aaron use meaningful parameter to wfGetIP() when resetting the static variable ( 'reset' instead of true). - keep testLackOfRemoteAddrThrowAnException() test in the broken group with a comment for later fixing. TODO: - implements tests for XFF headers. TEST PLAN: $ ./phpunit.php --filter wfGetIP --testdox PHPUnit 3.5.14 by Sebastian Bergmann. wfGetIP [x] Get loopback address when in command line [x] Get from server remote addr [x] Lack of remote addr throw an exception $
2011-08-16 14:15:07 +00:00
function wfGetIP( $reset = false ) {
Remove $wgIP global, but add a hook instead. This allows extensions to "make mediawiki ignore ips completely", as requested earlier today in #mediawiki
2010-09-11 13:45:51 +00:00
global $wgUsePrivateIPs, $wgCommandLineMode;
static $ip = false;
Deferred initialisation of $wgIP, because it's potentially slow, especially if and when we add the 200 NTL proxies to the trusted XFF list. I was hoping to avoid initialisation altogether for anonymous page views, but that turns out to be difficult because of user_newtalk. It is, however, avoided for action=raw. Tested page view, newtalk, IP registration in history and recentchanges, IP block, autoblock and Special:Version. Also moved the old proxy scan code from EditPage.php to a more appropriate location in ProxyTools.php.
2005-09-05 02:22:20 +00:00
Tests for wfGetIP() follow up r89407 * wfGetIP() now support resetting its internal static variable. Thanks to Platonides which introduced this trick with r92960. * Various tests for $_SERVER['REMOTE_ADDR'] and $wgCommandLineMode. revert r94575: - reenable testGetFromServerRemoteAddr() which was not an issue reintroduce r94558: - per CR on r94558 by Aaron use meaningful parameter to wfGetIP() when resetting the static variable ( 'reset' instead of true). - keep testLackOfRemoteAddrThrowAnException() test in the broken group with a comment for later fixing. TODO: - implements tests for XFF headers. TEST PLAN: $ ./phpunit.php --filter wfGetIP --testdox PHPUnit 3.5.14 by Sebastian Bergmann. wfGetIP [x] Get loopback address when in command line [x] Get from server remote addr [x] Lack of remote addr throw an exception $
2011-08-16 14:15:07 +00:00
if( $reset ) {
$ip = false;
}
Revert to r14512; domas introduced massive breakage with incomplete experimental changes. They will be recommitted when they work. :)
2006-06-01 08:19:02 +00:00
# Return cached result
Remove $wgIP global, but add a hook instead. This allows extensions to "make mediawiki ignore ips completely", as requested earlier today in #mediawiki
2010-09-11 13:45:51 +00:00
if ( !empty( $ip ) ) {
return $ip;
Revert to r14512; domas introduced massive breakage with incomplete experimental changes. They will be recommitted when they work. :)
2006-06-01 08:19:02 +00:00
}
Adding some validation for IP determination via XFF headers, in preparation for adding ISP proxies to the trusted proxy list, which may occasionally give invalid XFF headers
2005-03-31 09:10:25 +00:00
Revert to r14512; domas introduced massive breakage with incomplete experimental changes. They will be recommitted when they work. :)
2006-06-01 08:19:02 +00:00
/* collect the originating ips */
# Client connecting to this webserver
Revert r51725 (fall back to 127.0.0.1 when IP cannot be determined). On further discussion, it's best if we don't make up a fake IP. Tweak the logic here a bit (per Tim) to let XFF attempt to determine the actual IP. Throw an exception if we can't.
2009-06-12 01:34:44 +00:00
if ( isset( $_SERVER['REMOTE_ADDR'] ) ) {
$ip = IP::canonicalize( $_SERVER['REMOTE_ADDR'] );
Fix for r51774, r51784: set '127.0.0.1' as IP for CLI, but with explicit check for $wgCommandLineMode so that the exception "Unable to determine IP" is not thrown in this case.
2009-06-12 09:34:49 +00:00
} elseif( $wgCommandLineMode ) {
$ip = '127.0.0.1';
Revert r51725 (fall back to 127.0.0.1 when IP cannot be determined). On further discussion, it's best if we don't make up a fake IP. Tweak the logic here a bit (per Tim) to let XFF attempt to determine the actual IP. Throw an exception if we can't.
2009-06-12 01:34:44 +00:00
}
Revert to r14512; domas introduced massive breakage with incomplete experimental changes. They will be recommitted when they work. :)
2006-06-01 08:19:02 +00:00
Don't execute the loop if there's no X-Forwarded-For header, also don't use isset() to check only for null
2011-06-03 10:55:38 +00:00
# Append XFF
* Added temporary special-case AOL proxy detection, they're automatically counted as trusted proxies for now. * Removed wfRangeStartEnd() and wfIsAddressInRange() -- avoid proliferation of global functions.
2006-11-25 16:24:44 +00:00
$forwardedFor = wfGetForwardedFor();
Don't execute the loop if there's no X-Forwarded-For header, also don't use isset() to check only for null
2011-06-03 10:55:38 +00:00
if ( $forwardedFor !== null ) {
$ipchain = array_map( 'trim', explode( ',', $forwardedFor ) );
$ipchain = array_reverse( $ipchain );
if ( $ip ) {
array_unshift( $ipchain, $ip );
}
* remove end of line whitespace * remove empty lines at end of file * remove "?>" where still present
2008-04-14 07:45:50 +00:00
Don't execute the loop if there's no X-Forwarded-For header, also don't use isset() to check only for null
2011-06-03 10:55:38 +00:00
# Step through XFF list and find the last address in the list which is a trusted server
# Set $ip to the IP address given by that trusted server, unless the address is not sensible (e.g. private)
foreach ( $ipchain as $i => $curIP ) {
$curIP = IP::canonicalize( $curIP );
if ( wfIsTrustedProxy( $curIP ) ) {
if ( isset( $ipchain[$i + 1] ) ) {
if( $wgUsePrivateIPs || IP::isPublic( $ipchain[$i + 1 ] ) ) {
$ip = $ipchain[$i + 1];
}
Added a new configuration option ($wgUsePrivateIPs) to force MediaWiki to use forwarded Private IPs from a Proxy server
2008-11-20 23:30:08 +00:00
}
Don't execute the loop if there's no X-Forwarded-For header, also don't use isset() to check only for null
2011-06-03 10:55:38 +00:00
} else {
break;
Adding some validation for IP determination via XFF headers, in preparation for adding ISP proxies to the trusted proxy list, which may occasionally give invalid XFF headers
2005-03-31 09:10:25 +00:00
}
}
Revert to r14512; domas introduced massive breakage with incomplete experimental changes. They will be recommitted when they work. :)
2006-06-01 08:19:02 +00:00
}
Adding some validation for IP determination via XFF headers, in preparation for adding ISP proxies to the trusted proxy list, which may occasionally give invalid XFF headers
2005-03-31 09:10:25 +00:00
Remove $wgIP global, but add a hook instead. This allows extensions to "make mediawiki ignore ips completely", as requested earlier today in #mediawiki
2010-09-11 13:45:51 +00:00
# Allow extensions to improve our guess
wfRunHooks( 'GetIP', array( &$ip ) );
Fixes for r51774: * declare $ip and $ipchain so that it doesn't throw notices and warnings * don't set $ip to false after getting it from $_SERVER['REMOTE_ADDR'], otherwise it won't work when there's no XFF header * fix logic when throwing the exception: throw it when there's no IP
2009-06-12 09:17:21 +00:00
if( !$ip ) {
Revert r51725 (fall back to 127.0.0.1 when IP cannot be determined). On further discussion, it's best if we don't make up a fake IP. Tweak the logic here a bit (per Tim) to let XFF attempt to determine the actual IP. Throw an exception if we can't.
2009-06-12 01:34:44 +00:00
throw new MWException( "Unable to determine IP" );
}
Revert to r14512; domas introduced massive breakage with incomplete experimental changes. They will be recommitted when they work. :)
2006-06-01 08:19:02 +00:00
wfDebug( "IP: $ip\n" );
return $ip;
}
*Document some older functions
2007-04-23 18:06:37 +00:00
/**
* Checks if an IP is a trusted proxy providor
* Useful to tell if X-Fowarded-For data is possibly bogus
* Squid cache servers for the site and AOL are whitelisted
fix some doxygen errors
2009-12-11 22:19:37 +00:00
* @param $ip String
*Document some older functions
2007-04-23 18:06:37 +00:00
* @return bool
*/
* Added temporary special-case AOL proxy detection, they're automatically counted as trusted proxies for now. * Removed wfRangeStartEnd() and wfIsAddressInRange() -- avoid proliferation of global functions.
2006-11-25 16:24:44 +00:00
function wfIsTrustedProxy( $ip ) {
global $wgSquidServers, $wgSquidServersNoPurge;
Type hinting Braces Remove extra whitespace
2011-04-25 21:25:45 +00:00
$trusted = in_array( $ip, $wgSquidServers ) ||
in_array( $ip, $wgSquidServersNoPurge );
* Added temporary special-case AOL proxy detection, they're automatically counted as trusted proxies for now. * Removed wfRangeStartEnd() and wfIsAddressInRange() -- avoid proliferation of global functions.
2006-11-25 16:24:44 +00:00
wfRunHooks( 'IsTrustedProxy', array( &$ip, &$trusted ) );
return $trusted;
}
Revert to r14512; domas introduced massive breakage with incomplete experimental changes. They will be recommitted when they work. :)
2006-06-01 08:19:02 +00:00
/**
* Forks processes to scan the originating IP for an open proxy server
* MemCached can be used to skip IPs that have already been scanned
*/
function wfProxyCheck() {
global $wgBlockOpenProxies, $wgProxyPorts, $wgProxyScriptPath;
* Update docs/memcached.txt * Kill call to $wgUseMemCached in includes/ProxyTools.php
2008-03-01 15:08:49 +00:00
global $wgMemc, $wgProxyMemcExpiry;
Reverting r40323, as per comments on wikitech-l. Deprecated doesn't mean removed. It doesn't even mean it'll be removed in the future. It just means you shouldn't use it.
2008-09-03 02:28:41 +00:00
global $wgProxyKey;
* s~\t+$~~
2006-01-07 13:31:29 +00:00
Revert to r14512; domas introduced massive breakage with incomplete experimental changes. They will be recommitted when they work. :)
2006-06-01 08:19:02 +00:00
if ( !$wgBlockOpenProxies ) {
return;
}
Deferred initialisation of $wgIP, because it's potentially slow, especially if and when we add the 200 NTL proxies to the trusted XFF list. I was hoping to avoid initialisation altogether for anonymous page views, but that turns out to be difficult because of user_newtalk. It is, however, avoided for action=raw. Tested page view, newtalk, IP registration in history and recentchanges, IP block, autoblock and Special:Version. Also moved the old proxy scan code from EditPage.php to a more appropriate location in ProxyTools.php.
2005-09-05 02:22:20 +00:00
Revert to r14512; domas introduced massive breakage with incomplete experimental changes. They will be recommitted when they work. :)
2006-06-01 08:19:02 +00:00
$ip = wfGetIP();
Use AutoLoader to load classes: * remove require_once() throughout whole code, yet left in few places * move global functions in HttpUtils, ProxyTools, Credits to class methods * php5 only: __autoload() now used, combined with class->file map and require() * move initialization of $wgValidSkinNames to Skin::getSkinNames() * few more changes that will surely break stuff.
2006-06-01 07:22:49 +00:00
Revert to r14512; domas introduced massive breakage with incomplete experimental changes. They will be recommitted when they work. :)
2006-06-01 08:19:02 +00:00
# Get MemCached key
* Update docs/memcached.txt * Kill call to $wgUseMemCached in includes/ProxyTools.php
2008-03-01 15:08:49 +00:00
$mcKey = wfMemcKey( 'proxy', 'ip', $ip );
$mcValue = $wgMemc->get( $mcKey );
$skip = (bool)$mcValue;
Deferred initialisation of $wgIP, because it's potentially slow, especially if and when we add the 200 NTL proxies to the trusted XFF list. I was hoping to avoid initialisation altogether for anonymous page views, but that turns out to be difficult because of user_newtalk. It is, however, avoided for action=raw. Tested page view, newtalk, IP registration in history and recentchanges, IP block, autoblock and Special:Version. Also moved the old proxy scan code from EditPage.php to a more appropriate location in ProxyTools.php.
2005-09-05 02:22:20 +00:00
Revert to r14512; domas introduced massive breakage with incomplete experimental changes. They will be recommitted when they work. :)
2006-06-01 08:19:02 +00:00
# Fork the processes
if ( !$skip ) {
* Made special page names case-insensitive and localisable. Care has been taken to maintain backwards compatibility. * Used special page subpages in a few more places, instead of query parameters
2006-10-30 06:25:31 +00:00
$title = SpecialPage::getTitleFor( 'Blockme' );
Reverting r40323, as per comments on wikitech-l. Deprecated doesn't mean removed. It doesn't even mean it'll be removed in the future. It just means you shouldn't use it.
2008-09-03 02:28:41 +00:00
$iphash = md5( $ip . $wgProxyKey );
Revert to r14512; domas introduced massive breakage with incomplete experimental changes. They will be recommitted when they work. :)
2006-06-01 08:19:02 +00:00
$url = $title->getFullURL( 'ip='.$iphash );
foreach ( $wgProxyPorts as $port ) {
$params = implode( ' ', array(
escapeshellarg( $wgProxyScriptPath ),
escapeshellarg( $ip ),
escapeshellarg( $port ),
escapeshellarg( $url )
));
Followup to r52671, fix redirection syntax to work with windows as well.
2009-08-25 15:47:46 +00:00
exec( "php $params >" . wfGetNull() . " 2>&1 &" );
Revert to r14512; domas introduced massive breakage with incomplete experimental changes. They will be recommitted when they work. :)
2006-06-01 08:19:02 +00:00
}
# Set MemCached key
* Update docs/memcached.txt * Kill call to $wgUseMemCached in includes/ProxyTools.php
2008-03-01 15:08:49 +00:00
$wgMemc->set( $mcKey, 1, $wgProxyMemcExpiry );
Faster IP blocks. Requires schema change.
2005-12-01 10:37:47 +00:00
}
Revert to r14512; domas introduced massive breakage with incomplete experimental changes. They will be recommitted when they work. :)
2006-06-01 08:19:02 +00:00
}
Reference in a new issue Copy permalink