Index: trunk/phase3/includes/GlobalFunctions.php |
— | — | @@ -2037,6 +2037,37 @@ |
2038 | 2038 | } |
2039 | 2039 | } |
2040 | 2040 | |
| 2041 | +/** |
| 2042 | + * Get the start and end of a range. |
| 2043 | + * @param $range The range to get the start and end for. |
| 2044 | + * @return array An array with the first element as the start of the range, as a long, and the second element as the end of the range, also as a long. |
| 2045 | + * |
| 2046 | + */ |
| 2047 | +function wfRangeStartEnd( $range ) { |
| 2048 | + list( $network, $bits ) = wfParseCIDR( $range ); |
| 2049 | + if ( $network !== false ) { |
| 2050 | + $start = sprintf( '%08X', $network ); |
| 2051 | + $end = sprintf( '%08X', $network + (1 << (32 - $bits)) - 1 ); |
| 2052 | + return array($start, $end); |
| 2053 | + } |
| 2054 | + return false; |
| 2055 | +} |
| 2056 | + |
| 2057 | +/** |
| 2058 | + * Determine if a given integer IPv4 address is in a given CIDR network |
| 2059 | + * @param $addr The address to check against the given range. |
| 2060 | + * @param $range The range to check the given address against. |
| 2061 | + * @return bool Whether or not the given address is in the given range. |
| 2062 | + */ |
| 2063 | +function wfIsAddressInRange( $addr, $range ) { |
| 2064 | + $unsignedIP = IP::toUnsigned($addr); |
| 2065 | + $startend = wfRangeStartEnd($range); |
| 2066 | + $start = $startend[0]; |
| 2067 | + $end = $startend[1]; |
| 2068 | + |
| 2069 | + return (($unsignedIP >= $start) && ($unsignedip <= $end)); |
| 2070 | +} |
| 2071 | + |
2041 | 2072 | /* |
2042 | 2073 | * Get a Database object |
2043 | 2074 | * @param integer $db Index of the connection to get. May be DB_MASTER for the |
Index: trunk/phase3/includes/Block.php |
— | — | @@ -241,10 +241,10 @@ |
242 | 242 | |
243 | 243 | /** |
244 | 244 | * Determine if a given integer IPv4 address is in a given CIDR network |
245 | | - * @deprecated Use IP::isAddressInRange |
| 245 | + * @deprecated Use wfIsAddressInRange |
246 | 246 | */ |
247 | 247 | function isAddressInRange( $addr, $range ) { |
248 | | - return IP::isAddressInRange( $addr, $range ); |
| 248 | + return wfIsAddressInRange( $addr, $range ); |
249 | 249 | } |
250 | 250 | |
251 | 251 | function initFromRow( $row ) |
— | — | @@ -275,7 +275,9 @@ |
276 | 276 | $this->mRangeEnd = ''; |
277 | 277 | |
278 | 278 | if ( $this->mUser == 0 ) { |
279 | | - list($this->mRangeStart, $this->mRangeEnd) = IP::parseRange($this->mAddress); |
| 279 | + $startend = wfRangeStartEnd($this->mAddress); |
| 280 | + $this->mRangeStart = $startend[0]; |
| 281 | + $this->mRangeEnd = $startend[1]; |
280 | 282 | } |
281 | 283 | } |
282 | 284 | |
— | — | @@ -428,19 +430,47 @@ |
429 | 431 | |
430 | 432 | /** |
431 | 433 | * Autoblocks the given IP, referring to this Block. |
432 | | - * @param string $autoblockip The IP to autoblock, dotted-quad. |
433 | | - * @return bool True if an autoblock was inserted OR redundant to preexisting block. |
| 434 | + * @param $autoblockip The IP to autoblock. |
| 435 | + * @return bool Whether or not an autoblock was inserted. |
434 | 436 | */ |
435 | | - public function doAutoblock( $autoblockip ) { |
| 437 | + function doAutoblock( $autoblockip ) { |
436 | 438 | # Check if this IP address is already blocked |
437 | 439 | $dbw =& wfGetDb( DB_MASTER ); |
438 | 440 | $dbw->begin(); |
439 | 441 | |
440 | | - # If autoblocks are disabled, or if this IP is whitelisted, go away. |
441 | | - if ( !$this->mEnableAutoblock || self::isWhitelistedIp( $autoblockip ) ) { |
442 | | - return false; |
| 442 | + # If autoblocks are disabled, go away. |
| 443 | + if ( !$this->mEnableAutoblock ) { |
| 444 | + return; |
443 | 445 | } |
444 | 446 | |
| 447 | + # Check for presence on the autoblock whitelist |
| 448 | + # TODO cache this? |
| 449 | + $lines = explode( "\n", wfMsgForContentNoTrans( 'autoblock_whitelist' ) ); |
| 450 | + |
| 451 | + $ip = wfGetIp(); |
| 452 | + |
| 453 | + wfDebug("Checking the autoblock whitelist..\n"); |
| 454 | + |
| 455 | + foreach( $lines as $line ) { |
| 456 | + # List items only |
| 457 | + if ( substr( $line, 0, 1 ) !== '*' ) { |
| 458 | + continue; |
| 459 | + } |
| 460 | + |
| 461 | + $wlEntry = substr($line, 1); |
| 462 | + $wlEntry = trim($wlEntry); |
| 463 | + |
| 464 | + wfDebug("Checking $wlEntry\n"); |
| 465 | + |
| 466 | + # Is the IP in this range? |
| 467 | + if (wfIsAddressInRange( $ip, $wlEntry )) { |
| 468 | + wfDebug("IP $ip matches $wlEntry, not autoblocking\n"); |
| 469 | + #$autoblockip = null; # Don't autoblock a whitelisted IP. |
| 470 | + return; #This /SHOULD/ introduce a dummy block - but |
| 471 | + # I don't know a safe way to do so. -werdna |
| 472 | + } |
| 473 | + } |
| 474 | + |
445 | 475 | # It's okay to autoblock. Go ahead and create/insert the block. |
446 | 476 | |
447 | 477 | $ipblock = Block::newFromDB( $autoblockip ); |
— | — | @@ -450,11 +480,11 @@ |
451 | 481 | # prolong block time |
452 | 482 | if ($this->mExpiry && |
453 | 483 | ($this->mExpiry < Block::getAutoblockExpiry($ipblock->mTimestamp))) { |
454 | | - return true; |
| 484 | + return; |
455 | 485 | } |
456 | 486 | # Just update the timestamp |
457 | 487 | $ipblock->updateTimestamp(); |
458 | | - return true; |
| 488 | + return; |
459 | 489 | } else { |
460 | 490 | $ipblock = new Block; |
461 | 491 | } |
— | — | @@ -480,38 +510,6 @@ |
481 | 511 | return $ipblock->insert(); |
482 | 512 | } |
483 | 513 | |
484 | | - /** |
485 | | - * Checks whether an IP is whitelisted in the autoblock_whitelist message. |
486 | | - * @todo Cache this? |
487 | | - * |
488 | | - * @param string $ip Dotted quad |
489 | | - * @return bool |
490 | | - */ |
491 | | - private static function isWhitelistedIp( $ip ) { |
492 | | - $lines = explode( "\n", wfMsgForContentNoTrans( 'autoblock_whitelist' ) ); |
493 | | - |
494 | | - wfDebug("Checking the autoblock whitelist..\n"); |
495 | | - |
496 | | - foreach( $lines as $line ) { |
497 | | - # Parse list items only |
498 | | - if ( substr( $line, 0, 1 ) !== '*' ) { |
499 | | - continue; |
500 | | - } |
501 | | - |
502 | | - $wlEntry = substr($line, 1); |
503 | | - $wlEntry = trim($wlEntry); |
504 | | - |
505 | | - wfDebug("Checking $wlEntry\n"); |
506 | | - |
507 | | - # Is the IP in this range? |
508 | | - if (IP::isAddressInRange( $ip, $wlEntry )) { |
509 | | - wfDebug("IP $ip matches $wlEntry, not autoblocking\n"); |
510 | | - return true; #This /SHOULD/ introduce a dummy block - but |
511 | | - # I don't know a safe way to do so. -werdna |
512 | | - } |
513 | | - } |
514 | | - return false; |
515 | | - } |
516 | 514 | function deleteIfExpired() |
517 | 515 | { |
518 | 516 | $fname = 'Block::deleteIfExpired'; |
Index: trunk/phase3/includes/IP.php |
— | — | @@ -20,7 +20,6 @@ |
21 | 21 | |
22 | 22 | /** |
23 | 23 | * Validate an IP address. |
24 | | - * @param string $ipblock Dotted quad |
25 | 24 | * @return boolean True if it is valid. |
26 | 25 | */ |
27 | 26 | public static function isValid( $ip ) { |
— | — | @@ -29,7 +28,6 @@ |
30 | 29 | |
31 | 30 | /** |
32 | 31 | * Validate an IP Block. |
33 | | - * @param string $ipblock Dotted quad |
34 | 32 | * @return boolean True if it is valid. |
35 | 33 | */ |
36 | 34 | public static function isValidBlock( $ipblock ) { |
— | — | @@ -40,9 +38,6 @@ |
41 | 39 | * Determine if an IP address really is an IP address, and if it is public, |
42 | 40 | * i.e. not RFC 1918 or similar |
43 | 41 | * Comes from ProxyTools.php |
44 | | - * |
45 | | - * @param string $ip Dotted quad |
46 | | - * @return bool |
47 | 42 | */ |
48 | 43 | public static function isPublic( $ip ) { |
49 | 44 | $n = IP::toUnsigned( $ip ); |
— | — | @@ -79,10 +74,10 @@ |
80 | 75 | |
81 | 76 | /** |
82 | 77 | * Split out an IP block as an array of 4 bytes and a mask, |
83 | | - * return false if it can't be determined |
| 78 | + * return false if it cant be determined |
84 | 79 | * |
85 | | - * @param string $ipblock A quad dotted IP address |
86 | | - * @return mixed Array or false |
| 80 | + * @parameter $ip string A quad dotted IP address |
| 81 | + * @return array |
87 | 82 | */ |
88 | 83 | public static function toArray( $ipblock ) { |
89 | 84 | if(! preg_match( '/^' . RE_IP_ADD . '(?:\/(?:'.RE_IP_PREFIX.'))?' . '$/', $ipblock, $matches ) ) { |
— | — | @@ -100,8 +95,7 @@ |
101 | 96 | * function for an IPv6 address will be prefixed with "v6-", a non- |
102 | 97 | * hexadecimal string which sorts after the IPv4 addresses. |
103 | 98 | * |
104 | | - * @param string $ip Quad dotted IP address. |
105 | | - * @return mixed String or false |
| 99 | + * @param $ip Quad dotted IP address. |
106 | 100 | */ |
107 | 101 | public static function toHex( $ip ) { |
108 | 102 | $n = self::toUnsigned( $ip ); |
— | — | @@ -116,7 +110,6 @@ |
117 | 111 | * Like ip2long() except that it actually works and has a consistent error return value. |
118 | 112 | * Comes from ProxyTools.php |
119 | 113 | * @param $ip Quad dotted IP address. |
120 | | - * @return mixed Int or false |
121 | 114 | */ |
122 | 115 | public static function toUnsigned( $ip ) { |
123 | 116 | if ( $ip == '255.255.255.255' ) { |
— | — | @@ -184,8 +177,6 @@ |
185 | 178 | * 1.2.3.4/24 CIDR |
186 | 179 | * 1.2.3.4 - 1.2.3.5 Explicit range |
187 | 180 | * 1.2.3.4 Single IP |
188 | | - * @param string $range |
189 | | - * @return array (hex string start, hex string end), or (false, false) if an error occurred |
190 | 181 | */ |
191 | 182 | public static function parseRange( $range ) { |
192 | 183 | if ( strpos( $range, '/' ) !== false ) { |
— | — | @@ -216,21 +207,5 @@ |
217 | 208 | return array( $start, $end ); |
218 | 209 | } |
219 | 210 | } |
220 | | - |
221 | | - /** |
222 | | - * Determine if a given IPv4 address is in a given range |
223 | | - * @param string $addr Dotted quad |
224 | | - * @param string $range (CIDR, hyphenated dotted-quad, or single dotted-quad) |
225 | | - * @return bool Whether or not the given address is in the given range. Returns false on error. |
226 | | - */ |
227 | | - public static function isAddressInRange( $addr, $range ) { |
228 | | - $unsignedIP = IP::toUnsigned($addr); |
229 | | - list($start, $end) = IP::parseRange($range); |
230 | | - |
231 | | - if ($start == false || $end == false) |
232 | | - return false; |
233 | | - else |
234 | | - return (($unsignedIP >= $start) && ($unsignedip <= $end)); // string comparison |
235 | | - } |
236 | 211 | } |
237 | 212 | ?> |
Index: trunk/phase3/languages/messages/MessagesEn.php |
— | — | @@ -2616,30 +2616,7 @@ |
2617 | 2617 | 'autosumm-shortnew' => 'New page: $1', |
2618 | 2618 | |
2619 | 2619 | # Autoblock whitelist |
2620 | | -'autoblock_whitelist' => "AOL http://webmaster.info.aol.com/proxyinfo.html |
2621 | | -*64.12.96.0/19 |
2622 | | -*149.174.160.0/20 |
2623 | | -*152.163.240.0/21 |
2624 | | -*152.163.248.0/22 |
2625 | | -*152.163.252.0/23 |
2626 | | -*152.163.96.0/22 |
2627 | | -*152.163.100.0/23 |
2628 | | -*195.93.32.0/22 |
2629 | | -*195.93.48.0/22 |
2630 | | -*195.93.64.0/19 |
2631 | | -*195.93.96.0/19 |
2632 | | -*195.93.16.0/20 |
2633 | | -*198.81.0.0/22 |
2634 | | -*198.81.16.0/20 |
2635 | | -*198.81.8.0/23 |
2636 | | -*202.67.64.128/25 |
2637 | | -*205.188.192.0/20 |
2638 | | -*205.188.208.0/23 |
2639 | | -*205.188.112.0/20 |
2640 | | -*205.188.146.144/30 |
2641 | | -*207.200.112.0/21 |
2642 | | -StarHub |
2643 | | -*202.156.6.54/32", |
| 2620 | +'autoblock_whitelist' => '', |
2644 | 2621 | |
2645 | 2622 | ); |
2646 | 2623 | |