From 4ef36a124407ba5d077a2db81581f0fbbdc4fb14 Mon Sep 17 00:00:00 2001 From: Bjoern Sikora Date: Mon, 7 Sep 2009 18:37:50 +0200 Subject: [PATCH] Added regex tests to test if given IP is within a private range. --- src/iphelper.cpp | 72 +++++++++++++++++++++++++++++++++++++++++++++++++++++- src/iphelper.h | 16 +++++------ src/logger.cpp | 35 +++++++++++++++++++++++++- src/logger.h | 4 +++ 4 files changed, 116 insertions(+), 11 deletions(-) diff --git a/src/iphelper.cpp b/src/iphelper.cpp index a5ed2e5..f06dcc4 100644 --- a/src/iphelper.cpp +++ b/src/iphelper.cpp @@ -51,6 +51,71 @@ IPHelper::~IPHelper() /** + * Tests if a given IP is a local address + * @param ip The IP to test + * @return true if given IP is local, false if not. + */ +bool IPHelper::is_local(const string ip) const +{ + // 127.0.0.1 + boost::regex expr_loopback("127\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}"); + + // 192.168.x.x + boost::regex expr_192("192\\.168\\.[0-9]{1,3}\\.[0-9]{1,3}"); + + // 10.x.x.x + boost::regex expr_10("10\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}"); + + // 169.254.x.x + boost::regex expr_169_254("169\\.254\\.[0-9]{1,3}\\.[0-9]{1,3}"); + + // 172.16.x.x -> 172.31.x.x + boost::regex expr_172_1("172\\.1[6-9]{1}\\.[0-9]{1,3}\\.[0-9]{1,3}"); + boost::regex expr_172_2("172\\.2[0-9]{1}\\.[0-9]{1,3}\\.[0-9]{1,3}"); + boost::regex expr_172_3("172\\.3[0-1]{1}\\.[0-9]{1,3}\\.[0-9]{1,3}"); + + // It's time to test against the regex patterns + if ( boost::regex_search(ip,expr_loopback) ) + { + Log->print_regex_match(expr_loopback.str(),ip); + return true; + } + else if ( boost::regex_search(ip,expr_192) ) + { + Log->print_regex_match(expr_192.str(),ip); + return true; + } + else if ( boost::regex_search(ip,expr_10) ) + { + Log->print_regex_match(expr_10.str(),ip); + return true; + } + else if ( boost::regex_search(ip,expr_169_254) ) + { + Log->print_regex_match(expr_169_254.str(),ip); + return true; + } + else if ( boost::regex_search(ip,expr_172_1) ) + { + Log->print_regex_match(expr_172_1.str(),ip); + return true; + } + else if ( boost::regex_search(ip,expr_172_2) ) + { + Log->print_regex_match(expr_172_2.str(),ip); + return true; + } + else if ( boost::regex_search(ip,expr_172_3) ) + { + Log->print_regex_match(expr_172_3.str(),ip); + return true; + } + + return false; +} + + +/** * Get the actual IP of this host through a conventional DNS query or through a IP webcheck URL if configured so. * @return A string representation of the actual IP in dotted format or an empty string if something went wrong. */ @@ -66,7 +131,12 @@ string IPHelper::get_actual_ip() const ip = webcheck_ip(); } - // TODO IF IP is local, then return "" + // If IP is within a private range then return "" + if ( is_local(ip) ) + { + Log->print_ip_is_local(ip); + return ""; + } return ip; } diff --git a/src/iphelper.h b/src/iphelper.h index 439268c..c1ff7f6 100644 --- a/src/iphelper.h +++ b/src/iphelper.h @@ -28,6 +28,12 @@ private: bool UseIPv6; std::string Hostname; + bool is_local(const std::string ip) const; + std::string webcheck_ip() const; + CURL * init_curl(std::string& curl_writedata_buff, char* curl_err_buff) const; + int perform_curl_operation(CURL * curl_easy_handle, char* curl_err_buff, const std::string& actual_url) const; + std::string parse_ip(const std::string& data) const; + public: typedef boost::shared_ptr Ptr; @@ -38,22 +44,14 @@ public: ~IPHelper(); - std::string get_actual_ip() const; - std::string dns_query(const std::string& _hostname) const; - std::string webcheck_ip() const; + std::string get_actual_ip() const; // libcurl is a C library, so we have to make the callback member function static :-( static int http_receive(char *inBuffer, size_t size, size_t nmemb, std::string *outBuffer); - CURL * init_curl(std::string& curl_writedata_buff, char* curl_err_buff) const; - void set_curl_url(CURL * curl_easy_handle, const std::string& url) const; - - int perform_curl_operation(CURL * curl_easy_handle, char* curl_err_buff, const std::string& actual_url) const; - - std::string parse_ip(const std::string& data) const; }; #endif diff --git a/src/logger.cpp b/src/logger.cpp index a5689cc..6c6185a 100644 --- a/src/logger.cpp +++ b/src/logger.cpp @@ -1326,7 +1326,7 @@ void Logger::print_update_failure(const string& url, const long http_status_code * Hostname is invalid, contains no or only one domain part. * @param hostname The full qualified host name. */ -void Logger::print_invalid_hostname(const std::string& hostname) const +void Logger::print_invalid_hostname(const string& hostname) const { int level = 0; if ( (level <= Loglevel) || ((level <= ExternalWarningLevel) && (!ExternalWarningLog.empty())) ) @@ -1336,3 +1336,36 @@ void Logger::print_invalid_hostname(const std::string& hostname) const log_warning(msg.str(),level); } } + + +/** + * An IP in a private range was detected + * @param ip The private IP + */ +void Logger::print_ip_is_local(const string& ip) const +{ + int level = 0; + if ( (level <= Loglevel) || ((level <= ExternalWarningLevel) && (!ExternalWarningLog.empty())) ) + { + ostringstream msg; + msg << "The detected IP is within a private IP range: " << ip << endl; + log_warning(msg.str(),level); + } +} + + +/** + * Regex is matching in string + * @param regex The regex pattern + * @param matching_string The string + */ +void Logger::print_regex_match(const std::string& regex, const std::string& matching_string) const +{ + int level = 1; + if ( (level <= Loglevel) || ((level <= ExternalWarningLevel) && (!ExternalWarningLog.empty())) ) + { + ostringstream msg; + msg << "Regex: " << regex << " is matching in: " << matching_string << endl; + log_notice(msg.str(),level); + } +} diff --git a/src/logger.h b/src/logger.h index e8f4052..9a6fb43 100644 --- a/src/logger.h +++ b/src/logger.h @@ -195,6 +195,10 @@ public: void print_update_failure(const std::string& url, const long http_status_code) const; void print_invalid_hostname(const std::string& hostname) const; + + void print_ip_is_local(const std::string& ip) const; + + void print_regex_match(const std::string& regex, const std::string& matching_string) const; }; #endif -- 1.7.1