nathanwoodburn/Nathanwoodburn.github.io
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Astra Security

Browse Source
This commit is contained in:
Nathanwoodburn
2021-08-30 15:06:36 +10:00
parent 9dc1cdddca
commit 9f437f9588
547 changed files with 65968 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

284
libraries/plugins/ip_address/src/Range/Pattern.php Normal file
View File

@@ -0,0 +1,284 @@
<?php
namespace IPLib\Range;
use IPLib\Address\AddressInterface;
use IPLib\Address\IPv4;
use IPLib\Address\IPv6;
use IPLib\Address\Type as AddressType;
use IPLib\Factory;
/**
* Represents an address range in pattern format (only ending asterisks are supported).
*
* @example 127.0.*.*
* @example ::/8
*/
class Pattern implements RangeInterface
{
/**
* Starting address of the range.
*
* @var AddressInterface
*/
protected $fromAddress;
/**
* Final address of the range.
*
* @var AddressInterface
*/
protected $toAddress;
/**
* Number of ending asterisks.
*
* @var int
*/
protected $asterisksCount;
/**
* The type of the range of this IP range.
*
* @var int|null|false false if this range crosses multiple range types, null if yet to be determined
*/
protected $rangeType;
/**
* Initializes the instance.
*
* @param AddressInterface $fromAddress
* @param AddressInterface $toAddress
* @param int $asterisksCount
*/
public function __construct(AddressInterface $fromAddress, AddressInterface $toAddress, $asterisksCount)
{
$this->fromAddress = $fromAddress;
$this->toAddress = $toAddress;
$this->asterisksCount = $asterisksCount;
}
/**
* Try get the range instance starting from its string representation.
*
* @param string|mixed $range
*
* @return static|null
*/
public static function fromString($range)
{
$result = null;
if (is_string($range) && strpos($range, '*') !== false) {
if ($range === '*.*.*.*') {
$result = new static(IPv4::fromString('0.0.0.0'), IPv4::fromString('255.255.255.255'), 4);
} elseif (strpos($range, '.') !== false && preg_match('/^[^*]+((?:\.\*)+)$/', $range, $matches)) {
$asterisksCount = strlen($matches[1]) >> 1;
if ($asterisksCount > 0) {
$missingDots = 3 - substr_count($range, '.');
if ($missingDots > 0) {
$range .= str_repeat('.*', $missingDots);
$asterisksCount += $missingDots;
}
}
$fromAddress = IPv4::fromString(str_replace('*', '0', $range));
if ($fromAddress !== null) {
$fixedBytes = array_slice($fromAddress->getBytes(), 0, -$asterisksCount);
$otherBytes = array_fill(0, $asterisksCount, 255);
$toAddress = IPv4::fromBytes(array_merge($fixedBytes, $otherBytes));
$result = new static($fromAddress, $toAddress, $asterisksCount);
}
} elseif ($range === '*:*:*:*:*:*:*:*') {
$result = new static(IPv6::fromString('::'), IPv6::fromString('ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff'), 8);
} elseif (strpos($range, ':') !== false && preg_match('/^[^*]+((?::\*)+)$/', $range, $matches)) {
$asterisksCount = strlen($matches[1]) >> 1;
$fromAddress = IPv6::fromString(str_replace('*', '0', $range));
if ($fromAddress !== null) {
$fixedWords = array_slice($fromAddress->getWords(), 0, -$asterisksCount);
$otherWords = array_fill(0, $asterisksCount, 0xffff);
$toAddress = IPv6::fromWords(array_merge($fixedWords, $otherWords));
$result = new static($fromAddress, $toAddress, $asterisksCount);
}
}
}
return $result;
}
/**
* {@inheritdoc}
*
* @see \IPLib\Range\RangeInterface::toString()
*/
public function toString($long = false)
{
switch (true) {
case $this->fromAddress instanceof \IPLib\Address\IPv4:
$chunks = explode('.', $this->fromAddress->toString());
$chunks = array_slice($chunks, 0, -$this->asterisksCount);
$chunks = array_pad($chunks, 4, '*');
$result = implode('.', $chunks);
break;
case $this->fromAddress instanceof \IPLib\Address\IPv6:
if ($long) {
$chunks = explode(':', $this->fromAddress->toString(true));
$chunks = array_slice($chunks, 0, -$this->asterisksCount);
$chunks = array_pad($chunks, 8, '*');
$result = implode(':', $chunks);
} else {
$chunks = explode(':', $this->toAddress->toString(false));
$chunkCount = count($chunks);
$chunks = array_slice($chunks, 0, -$this->asterisksCount);
$chunks = array_pad($chunks, $chunkCount, '*');
$result = implode(':', $chunks);
}
break;
default:
throw new \Exception('@todo'); // @codeCoverageIgnore
}
return $result;
}
/**
* {@inheritdoc}
*
* @see RangeInterface::__toString()
*/
public function __toString()
{
return $this->toString();
}
/**
* {@inheritdoc}
*
* @see RangeInterface::getAddressType()
*/
public function getAddressType()
{
return $this->fromAddress->getAddressType();
}
/**
* {@inheritdoc}
*
* @see RangeInterface::getRangeType()
*/
public function getRangeType()
{
if ($this->rangeType === null) {
$addressType = $this->getAddressType();
if ($addressType === AddressType::T_IPv6 && Subnet::get6to4()->containsRange($this)) {
$this->rangeType = Factory::rangeFromBoundaries($this->fromAddress->toIPv4(), $this->toAddress->toIPv4())->getRangeType();
} else {
switch ($addressType) {
case AddressType::T_IPv4:
$defaultType = IPv4::getDefaultReservedRangeType();
$reservedRanges = IPv4::getReservedRanges();
break;
case AddressType::T_IPv6:
$defaultType = IPv6::getDefaultReservedRangeType();
$reservedRanges = IPv6::getReservedRanges();
break;
default:
throw new \Exception('@todo'); // @codeCoverageIgnore
}
$rangeType = null;
foreach ($reservedRanges as $reservedRange) {
$rangeType = $reservedRange->getRangeType($this);
if ($rangeType !== null) {
break;
}
}
$this->rangeType = $rangeType === null ? $defaultType : $rangeType;
}
}
return $this->rangeType === false ? null : $this->rangeType;
}
/**
* {@inheritdoc}
*
* @see RangeInterface::contains()
*/
public function contains(AddressInterface $address)
{
$result = false;
if ($address->getAddressType() === $this->getAddressType()) {
$cmp = $address->getComparableString();
$from = $this->getComparableStartString();
if ($cmp >= $from) {
$to = $this->getComparableEndString();
if ($cmp <= $to) {
$result = true;
}
}
}
return $result;
}
/**
* {@inheritdoc}
*
* @see RangeInterface::containsRange()
*/
public function containsRange(RangeInterface $range)
{
$result = false;
if ($range->getAddressType() === $this->getAddressType()) {
$myStart = $this->getComparableStartString();
$itsStart = $range->getComparableStartString();
if ($itsStart >= $myStart) {
$myEnd = $this->getComparableEndString();
$itsEnd = $range->getComparableEndString();
if ($itsEnd <= $myEnd) {
$result = true;
}
}
}
return $result;
}
/**
* {@inheritdoc}
*
* @see RangeInterface::getStartAddress()
*/
public function getStartAddress()
{
return $this->fromAddress;
}
/**
* {@inheritdoc}
*
* @see RangeInterface::getEndAddress()
*/
public function getEndAddress()
{
return $this->toAddress;
}
/**
* {@inheritdoc}
*
* @see RangeInterface::getComparableStartString()
*/
public function getComparableStartString()
{
return $this->fromAddress->getComparableString();
}
/**
* {@inheritdoc}
*
* @see RangeInterface::getComparableEndString()
*/
public function getComparableEndString()
{
return $this->toAddress->getComparableString();
}
}

89
libraries/plugins/ip_address/src/Range/RangeInterface.php Normal file
View File

@@ -0,0 +1,89 @@
<?php
namespace IPLib\Range;
use IPLib\Address\AddressInterface;
/**
* Interface of all the range types.
*/
interface RangeInterface
{
/**
* Get the string representation of this address.
*
* @param bool $long set to true to have a long/full representation, false otherwise
*
* @return string
*
* @example If $long is true, you'll get '0000:0000:0000:0000:0000:0000:0000:0001/128', '::1/128' otherwise.
*/
public function toString($long = false);
/**
* Get the short string representation of this address.
*
* @return string
*/
public function __toString();
/**
* Get the type of the IP addresses contained in this range.
*
* @return int One of the \IPLib\Address\Type::T_... constants
*/
public function getAddressType();
/**
* Get the type of range of the IP address.
*
* @return int One of the \IPLib\Range\Type::T_... constants
*/
public function getRangeType();
/**
* Check if this range contains an IP address.
*
* @param AddressInterface $address
*
* @return bool
*/
public function contains(AddressInterface $address);
/**
* Check if this range contains another range.
*
* @param RangeInterface $address
*
* @return bool
*/
public function containsRange(RangeInterface $range);
/**
* Get the initial address contained in this range.
*
* @return AddressInterface
*/
public function getStartAddress();
/**
* Get the final address contained in this range.
*
* @return AddressInterface
*/
public function getEndAddress();
/**
* Get a string representation of the starting address of this range than can be used when comparing addresses and ranges.
*
* @return string
*/
public function getComparableStartString();
/**
* Get a string representation of the final address of this range than can be used when comparing addresses and ranges.
*
* @return string
*/
public function getComparableEndString();
}

174
libraries/plugins/ip_address/src/Range/Single.php Normal file
View File

@@ -0,0 +1,174 @@
<?php
namespace IPLib\Range;
use IPLib\Address\AddressInterface;
use IPLib\Factory;
/**
* Represents a single address (eg a range that contains just one address).
*
* @example 127.0.0.1
* @example ::1
*/
class Single implements RangeInterface
{
/**
* @var AddressInterface
*/
protected $address;
/**
* Initializes the instance.
*
* @param AddressInterface $address
*/
protected function __construct(AddressInterface $address)
{
$this->address = $address;
}
/**
* Try get the range instance starting from its string representation.
*
* @param string|mixed $range
*
* @return static|null
*/
public static function fromString($range)
{
$result = null;
$address = Factory::addressFromString($range);
if ($address !== null) {
$result = new static($address);
}
return $result;
}
/**
* Create the range instance starting from an address instance.
*
* @param AddressInterface $address
*
* @return static
*/
public static function fromAddress(AddressInterface $address)
{
return new static($address);
}
/**
* {@inheritdoc}
*
* @see RangeInterface::toString()
*/
public function toString($long = false)
{
return $this->address->toString($long);
}
/**
* {@inheritdoc}
*
* @see RangeInterface::__toString()
*/
public function __toString()
{
return $this->address->__toString();
}
/**
* {@inheritdoc}
*
* @see RangeInterface::getAddressType()
*/
public function getAddressType()
{
return $this->address->getAddressType();
}
/**
* {@inheritdoc}
*
* @see RangeInterface::getRangeType()
*/
public function getRangeType()
{
return $this->address->getRangeType();
}
/**
* {@inheritdoc}
*
* @see RangeInterface::contains()
*/
public function contains(AddressInterface $address)
{
$result = false;
if ($address->getAddressType() === $this->getAddressType()) {
if ($address->toString(false) === $this->address->toString(false)) {
$result = true;
}
}
return $result;
}
/**
* {@inheritdoc}
*
* @see RangeInterface::containsRange()
*/
public function containsRange(RangeInterface $range)
{
$result = false;
if ($range->getAddressType() === $this->getAddressType()) {
if ($range->toString(false) === $this->toString(false)) {
$result = true;
}
}
return $result;
}
/**
* {@inheritdoc}
*
* @see RangeInterface::getStartAddress()
*/
public function getStartAddress()
{
return $this->address;
}
/**
* {@inheritdoc}
*
* @see RangeInterface::getEndAddress()
*/
public function getEndAddress()
{
return $this->address;
}
/**
* {@inheritdoc}
*
* @see RangeInterface::getComparableStartString()
*/
public function getComparableStartString()
{
return $this->address->getComparableString();
}
/**
* {@inheritdoc}
*
* @see RangeInterface::getComparableEndString()
*/
public function getComparableEndString()
{
return $this->address->getComparableString();
}
}

281
libraries/plugins/ip_address/src/Range/Subnet.php Normal file
View File

@@ -0,0 +1,281 @@
<?php
namespace IPLib\Range;
use IPLib\Address\AddressInterface;
use IPLib\Address\IPv4;
use IPLib\Address\IPv6;
use IPLib\Address\Type as AddressType;
use IPLib\Factory;
/**
* Represents an address range in subnet format (eg CIDR).
*
* @example 127.0.0.1/32
* @example ::/8
*/
class Subnet implements RangeInterface
{
/**
* Starting address of the range.
*
* @var AddressInterface
*/
protected $fromAddress;
/**
* Final address of the range.
*
* @var AddressInterface
*/
protected $toAddress;
/**
* Number of the same bits of the range.
*
* @var int
*/
protected $networkPrefix;
/**
* The type of the range of this IP range.
*
* @var int|null
*/
protected $rangeType;
/**
* The 6to4 address IPv6 address range.
*
* @var self|null
*/
private static $sixToFour;
/**
* Initializes the instance.
*
* @param AddressInterface $fromAddress
* @param AddressInterface $toAddress
* @param int $networkPrefix
*/
protected function __construct(AddressInterface $fromAddress, AddressInterface $toAddress, $networkPrefix)
{
$this->fromAddress = $fromAddress;
$this->toAddress = $toAddress;
$this->networkPrefix = $networkPrefix;
}
/**
* Try get the range instance starting from its string representation.
*
* @param string|mixed $range
*
* @return static|null
*/
public static function fromString($range)
{
$result = null;
if (is_string($range)) {
$parts = explode('/', $range);
if (count($parts) === 2) {
$address = Factory::addressFromString($parts[0]);
if ($address !== null) {
if (preg_match('/^[0-9]{1,9}$/', $parts[1])) {
$networkPrefix = (int) $parts[1];
if ($networkPrefix >= 0) {
$addressBytes = $address->getBytes();
$totalBytes = count($addressBytes);
$numDifferentBits = $totalBytes * 8 - $networkPrefix;
if ($numDifferentBits >= 0) {
$numSameBytes = $networkPrefix >> 3;
$sameBytes = array_slice($addressBytes, 0, $numSameBytes);
$differentBytesStart = ($totalBytes === $numSameBytes) ? array() : array_fill(0, $totalBytes - $numSameBytes, 0);
$differentBytesEnd = ($totalBytes === $numSameBytes) ? array() : array_fill(0, $totalBytes - $numSameBytes, 255);
$startSameBits = $networkPrefix % 8;
if ($startSameBits !== 0) {
$varyingByte = $addressBytes[$numSameBytes];
$differentBytesStart[0] = $varyingByte & bindec(str_pad(str_repeat('1', $startSameBits), 8, '0', STR_PAD_RIGHT));
$differentBytesEnd[0] = $differentBytesStart[0] + bindec(str_repeat('1', 8 - $startSameBits));
}
$result = new static(
Factory::addressFromBytes(array_merge($sameBytes, $differentBytesStart)),
Factory::addressFromBytes(array_merge($sameBytes, $differentBytesEnd)),
$networkPrefix
);
}
}
}
}
}
}
return $result;
}
/**
* {@inheritdoc}
*
* @see RangeInterface::toString()
*/
public function toString($long = false)
{
return $this->fromAddress->toString($long).'/'.$this->networkPrefix;
}
/**
* {@inheritdoc}
*
* @see RangeInterface::__toString()
*/
public function __toString()
{
return $this->toString();
}
/**
* {@inheritdoc}
*
* @see RangeInterface::getAddressType()
*/
public function getAddressType()
{
return $this->fromAddress->getAddressType();
}
/**
* {@inheritdoc}
*
* @see RangeInterface::getRangeType()
*/
public function getRangeType()
{
if ($this->rangeType === null) {
$addressType = $this->getAddressType();
if ($addressType === AddressType::T_IPv6 && static::get6to4()->containsRange($this)) {
$this->rangeType = Factory::rangeFromBoundaries($this->fromAddress->toIPv4(), $this->toAddress->toIPv4())->getRangeType();
} else {
switch ($addressType) {
case AddressType::T_IPv4:
$defaultType = IPv4::getDefaultReservedRangeType();
$reservedRanges = IPv4::getReservedRanges();
break;
case AddressType::T_IPv6:
$defaultType = IPv6::getDefaultReservedRangeType();
$reservedRanges = IPv6::getReservedRanges();
break;
default:
throw new \Exception('@todo'); // @codeCoverageIgnore
}
$rangeType = null;
foreach ($reservedRanges as $reservedRange) {
$rangeType = $reservedRange->getRangeType($this);
if ($rangeType !== null) {
break;
}
}
$this->rangeType = $rangeType === null ? $defaultType : $rangeType;
}
}
return $this->rangeType === false ? null : $this->rangeType;
}
/**
* {@inheritdoc}
*
* @see RangeInterface::contains()
*/
public function contains(AddressInterface $address)
{
$result = false;
if ($address->getAddressType() === $this->getAddressType()) {
$cmp = $address->getComparableString();
$from = $this->getComparableStartString();
if ($cmp >= $from) {
$to = $this->getComparableEndString();
if ($cmp <= $to) {
$result = true;
}
}
}
return $result;
}
/**
* {@inheritdoc}
*
* @see RangeInterface::containsRange()
*/
public function containsRange(RangeInterface $range)
{
$result = false;
if ($range->getAddressType() === $this->getAddressType()) {
$myStart = $this->getComparableStartString();
$itsStart = $range->getComparableStartString();
if ($itsStart >= $myStart) {
$myEnd = $this->getComparableEndString();
$itsEnd = $range->getComparableEndString();
if ($itsEnd <= $myEnd) {
$result = true;
}
}
}
return $result;
}
/**
* {@inheritdoc}
*
* @see RangeInterface::getStartAddress()
*/
public function getStartAddress()
{
return $this->fromAddress;
}
/**
* {@inheritdoc}
*
* @see RangeInterface::getEndAddress()
*/
public function getEndAddress()
{
return $this->toAddress;
}
/**
* {@inheritdoc}
*
* @see RangeInterface::getComparableStartString()
*/
public function getComparableStartString()
{
return $this->fromAddress->getComparableString();
}
/**
* {@inheritdoc}
*
* @see RangeInterface::getComparableEndString()
*/
public function getComparableEndString()
{
return $this->toAddress->getComparableString();
}
/**
* Get the 6to4 address IPv6 address range.
*
* @return self
*/
public static function get6to4()
{
if (self::$sixToFour === null) {
self::$sixToFour = self::fromString('2002::/16');
}
return self::$sixToFour;
}
}

141
libraries/plugins/ip_address/src/Range/Type.php Normal file
View File

@@ -0,0 +1,141 @@
<?php
namespace IPLib\Range;
/**
* Types of IP address classes.
*/
class Type
{
/**
* Unspecified/unknown address.
*
* @var int
*/
const T_UNSPECIFIED = 1;
/**
* Reserved/internal use only.
*
* @var int
*/
const T_RESERVED = 2;
/**
* Refer to source hosts on "this" network.
*
* @var int
*/
const T_THISNETWORK = 3;
/**
* Internet host loopback address.
*
* @var int
*/
const T_LOOPBACK = 4;
/**
* Relay anycast address.
*
* @var int
*/
const T_ANYCASTRELAY = 5;
/**
* "Limited broadcast" destination address.
*
* @var int
*/
const T_LIMITEDBROADCAST = 6;
/**
* Multicast address assignments - Indentify a group of interfaces.
*
* @var int
*/
const T_MULTICAST = 7;
/**
* "Link local" address, allocated for communication between hosts on a single link.
*
* @var int
*/
const T_LINKLOCAL = 8;
/**
* Link local unicast / Linked-scoped unicast.
*
* @var int
*/
const T_LINKLOCAL_UNICAST = 9;
/**
* Discard-Only address.
*
* @var int
*/
const T_DISCARDONLY = 10;
/**
* Discard address.
*
* @var int
*/
const T_DISCARD = 11;
/**
* For use in private networks.
*
* @var int
*/
const T_PRIVATENETWORK = 12;
/**
* Public address.
*
* @var int
*/
const T_PUBLIC = 13;
/**
* Get the name of a type.
*
* @param int $type
*
* @return string
*/
public static function getName($type)
{
switch ($type) {
case static::T_UNSPECIFIED:
return 'Unspecified/unknown address';
case static::T_RESERVED:
return 'Reserved/internal use only';
case static::T_THISNETWORK:
return 'Refer to source hosts on "this" network';
case static::T_LOOPBACK:
return 'Internet host loopback address';
case static::T_ANYCASTRELAY:
return 'Relay anycast address';
case static::T_LIMITEDBROADCAST:
return '"Limited broadcast" destination address';
case static::T_MULTICAST:
return 'Multicast address assignments - Indentify a group of interfaces';
case static::T_LINKLOCAL:
return '"Link local" address, allocated for communication between hosts on a single link';
case static::T_LINKLOCAL_UNICAST:
return 'Link local unicast / Linked-scoped unicast';
case static::T_DISCARDONLY:
return 'Discard only';
case static::T_DISCARD:
return 'Discard';
case static::T_PRIVATENETWORK:
return 'For use in private networks';
case static::T_PUBLIC:
return 'Public address';
default:
return $type === null ? 'Unknown type' : sprintf('Unknown type (%s)', $type);
}
}
}