From 30a7c55e844a40468b93acc78de3b73ddffd1e44 Mon Sep 17 00:00:00 2001 From: Alejandro Celaya Date: Sun, 12 Dec 2021 13:30:18 +0100 Subject: [PATCH] Migrated to a new lib to match IP addresses with ranges --- composer.json | 4 +-- module/Core/src/Visit/RequestTracker.php | 37 ++++++++++++------------ 2 files changed, 20 insertions(+), 21 deletions(-) diff --git a/composer.json b/composer.json index 7064a2b3..8a6651c8 100644 --- a/composer.json +++ b/composer.json @@ -38,6 +38,7 @@ "mezzio/mezzio-fastroute": "^3.3", "mezzio/mezzio-problem-details": "^1.5", "mezzio/mezzio-swoole": "^3.5", + "mlocati/ip-lib": "^1.17", "monolog/monolog": "^2.3", "nikolaposa/monolog-factory": "^3.1", "ocramius/proxy-manager": "^2.11", @@ -47,14 +48,13 @@ "predis/predis": "^1.1", "pugx/shortid-php": "^1.0", "ramsey/uuid": "^4.2", - "rlanvin/php-ip": "dev-master#6b3a785 as 3.0", "shlinkio/shlink-common": "dev-main#e7fdff3 as 4.2", "shlinkio/shlink-config": "^1.4", "shlinkio/shlink-event-dispatcher": "dev-main#3925299 as 2.3", "shlinkio/shlink-importer": "dev-main#d099072 as 2.5", "shlinkio/shlink-installer": "^6.3", "shlinkio/shlink-ip-geolocation": "^2.2", - "symfony/console": "^6.0 || ^5.4", + "symfony/console": "^5.4", "symfony/filesystem": "^6.0 || ^5.4", "symfony/lock": "^6.0 || ^5.4", "symfony/mercure": "^0.6", diff --git a/module/Core/src/Visit/RequestTracker.php b/module/Core/src/Visit/RequestTracker.php index eee75ea4..7cefa8a2 100644 --- a/module/Core/src/Visit/RequestTracker.php +++ b/module/Core/src/Visit/RequestTracker.php @@ -5,9 +5,10 @@ declare(strict_types=1); namespace Shlinkio\Shlink\Core\Visit; use Fig\Http\Message\RequestMethodInterface; -use InvalidArgumentException; +use IPLib\Address\IPv4; +use IPLib\Factory; +use IPLib\Range\RangeInterface; use Mezzio\Router\Middleware\ImplicitHeadMiddleware; -use PhpIP\IP; use Psr\Http\Message\ServerRequestInterface; use Shlinkio\Shlink\Common\Middleware\IpAddressMiddlewareFactory; use Shlinkio\Shlink\Core\Entity\ShortUrl; @@ -73,9 +74,8 @@ class RequestTracker implements RequestTrackerInterface, RequestMethodInterface return false; } - try { - $ip = IP::create($remoteAddr); - } catch (InvalidArgumentException) { + $ip = IPv4::parseString($remoteAddr); + if ($ip === null) { return false; } @@ -83,24 +83,23 @@ class RequestTracker implements RequestTrackerInterface, RequestMethodInterface $disableTrackingFrom = $this->trackingOptions->disableTrackingFrom(); return some($disableTrackingFrom, function (string $value) use ($ip, $remoteAddrParts): bool { - try { - return match (true) { - str_contains($value, '*') => $ip->matches($this->parseValueWithWildcards($value, $remoteAddrParts)), - str_contains($value, '/') => $ip->isIn($value), - default => $ip->matches($value), - }; - } catch (InvalidArgumentException) { - return false; - } + $range = match (true) { + str_contains($value, '*') => $this->parseValueWithWildcards($value, $remoteAddrParts), + default => Factory::parseRangeString($value), + }; + + return $range !== null && $ip->matches($range); }); } - private function parseValueWithWildcards(string $value, array $remoteAddrParts): string + private function parseValueWithWildcards(string $value, array $remoteAddrParts): ?RangeInterface { // Replace wildcard parts with the corresponding ones from the remote address - return implode('.', map( - explode('.', $value), - fn (string $part, int $index) => $part === '*' ? $remoteAddrParts[$index] : $part, - )); + return Factory::parseRangeString( + implode('.', map( + explode('.', $value), + fn (string $part, int $index) => $part === '*' ? $remoteAddrParts[$index] : $part, + )), + ); } }