1f8369d7dSTobias Sarnowski<?php 2f8369d7dSTobias Sarnowski 3f8369d7dSTobias Sarnowskiclass common_clientIP_test extends DokuWikiTest { 4f8369d7dSTobias Sarnowski 5*445b9378SPhy function setup(){ 6*445b9378SPhy parent::setup(); 7*445b9378SPhy 8*445b9378SPhy global $conf; 9*445b9378SPhy $conf['trustedproxy'] = '^(::1|[fF][eE]80:|127\.|10\.|192\.168\.|172\.((1[6-9])|(2[0-9])|(3[0-1]))\.)'; 10*445b9378SPhy } 11*445b9378SPhy 12f8369d7dSTobias Sarnowski function test_simple_all(){ 13f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 14f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = ''; 15f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = ''; 16f8369d7dSTobias Sarnowski $out = '123.123.123.123'; 17*445b9378SPhy $this->assertEquals($out, clientIP()); 18f8369d7dSTobias Sarnowski } 19f8369d7dSTobias Sarnowski 20f8369d7dSTobias Sarnowski function test_proxy1_all(){ 21f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 22f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = '77.77.77.77'; 23f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = ''; 24f8369d7dSTobias Sarnowski $out = '123.123.123.123,77.77.77.77'; 25*445b9378SPhy $this->assertEquals($out, clientIP()); 26f8369d7dSTobias Sarnowski } 27f8369d7dSTobias Sarnowski 28f8369d7dSTobias Sarnowski function test_proxy2_all(){ 29f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 30f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = ''; 31f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = '77.77.77.77'; 32f8369d7dSTobias Sarnowski $out = '123.123.123.123,77.77.77.77'; 33*445b9378SPhy $this->assertEquals($out, clientIP()); 34f8369d7dSTobias Sarnowski } 35f8369d7dSTobias Sarnowski 36f8369d7dSTobias Sarnowski function test_proxyhops_all(){ 37f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 38f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = ''; 39f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = '77.77.77.77,66.66.66.66'; 40f8369d7dSTobias Sarnowski $out = '123.123.123.123,77.77.77.77,66.66.66.66'; 41*445b9378SPhy $this->assertEquals($out, clientIP()); 42f8369d7dSTobias Sarnowski } 43f8369d7dSTobias Sarnowski 44f8369d7dSTobias Sarnowski function test_simple_single(){ 45f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 46f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = ''; 47f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = ''; 48f8369d7dSTobias Sarnowski $out = '123.123.123.123'; 49*445b9378SPhy $this->assertEquals($out, clientIP(true)); 50f8369d7dSTobias Sarnowski } 51f8369d7dSTobias Sarnowski 52f8369d7dSTobias Sarnowski function test_proxy1_single(){ 53f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 54f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = '77.77.77.77'; 55f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = ''; 56*445b9378SPhy $out = '123.123.123.123'; 57*445b9378SPhy $this->assertEquals($out, clientIP(true)); 58f8369d7dSTobias Sarnowski } 59f8369d7dSTobias Sarnowski 60f8369d7dSTobias Sarnowski function test_proxy2_single(){ 61f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 62f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = ''; 63f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = '77.77.77.77'; 64*445b9378SPhy $out = '123.123.123.123'; 65*445b9378SPhy $this->assertEquals($out, clientIP(true)); 66f8369d7dSTobias Sarnowski } 67f8369d7dSTobias Sarnowski 68f8369d7dSTobias Sarnowski function test_proxyhops_single(){ 69f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 70f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = ''; 71f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = '77.77.77.77,66.66.66.66'; 72*445b9378SPhy $out = '123.123.123.123'; 73*445b9378SPhy $this->assertEquals($out, clientIP(true)); 74*445b9378SPhy } 75*445b9378SPhy 76*445b9378SPhy function test_proxy1_local_single(){ 77*445b9378SPhy $_SERVER['REMOTE_ADDR'] = '127.0.0.1'; 78*445b9378SPhy $_SERVER['HTTP_X_REAL_IP'] = '77.77.77.77'; 79*445b9378SPhy $_SERVER['HTTP_X_FORWARDED_FOR'] = ''; 80*445b9378SPhy $out = '77.77.77.77'; 81*445b9378SPhy $this->assertEquals($out, clientIP(true)); 82*445b9378SPhy } 83*445b9378SPhy 84*445b9378SPhy function test_proxy2_local_single(){ 85*445b9378SPhy $_SERVER['REMOTE_ADDR'] = '127.0.0.1'; 86*445b9378SPhy $_SERVER['HTTP_X_REAL_IP'] = ''; 87*445b9378SPhy $_SERVER['HTTP_X_FORWARDED_FOR'] = '77.77.77.77'; 88*445b9378SPhy $out = '77.77.77.77'; 89*445b9378SPhy $this->assertEquals($out, clientIP(true)); 90*445b9378SPhy } 91*445b9378SPhy 92*445b9378SPhy function test_proxyhops1_local_single(){ 93*445b9378SPhy $_SERVER['REMOTE_ADDR'] = '127.0.0.1'; 94*445b9378SPhy $_SERVER['HTTP_X_REAL_IP'] = ''; 95*445b9378SPhy $_SERVER['HTTP_X_FORWARDED_FOR'] = '77.77.77.77,66.66.66.66'; 96*445b9378SPhy $out = '77.77.77.77'; 97*445b9378SPhy $this->assertEquals($out, clientIP(true)); 98*445b9378SPhy } 99*445b9378SPhy 100*445b9378SPhy function test_proxyhops2_local_single(){ 101*445b9378SPhy $_SERVER['REMOTE_ADDR'] = '127.0.0.1'; 102*445b9378SPhy $_SERVER['HTTP_X_REAL_IP'] = ''; 103*445b9378SPhy $_SERVER['HTTP_X_FORWARDED_FOR'] = '10.0.0.1,66.66.66.66'; 104f8369d7dSTobias Sarnowski $out = '66.66.66.66'; 105*445b9378SPhy $this->assertEquals($out, clientIP(true)); 106f8369d7dSTobias Sarnowski } 107f8369d7dSTobias Sarnowski 108f8369d7dSTobias Sarnowski function test_local_all(){ 109f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 110f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = ''; 111f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = '127.0.0.1'; 112f8369d7dSTobias Sarnowski $out = '123.123.123.123,127.0.0.1'; 113*445b9378SPhy $this->assertEquals($out, clientIP()); 114f8369d7dSTobias Sarnowski } 115f8369d7dSTobias Sarnowski 116f8369d7dSTobias Sarnowski function test_local1_single(){ 117f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 118f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = ''; 119f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = '127.0.0.1'; 120f8369d7dSTobias Sarnowski $out = '123.123.123.123'; 121*445b9378SPhy $this->assertEquals($out, clientIP(true)); 122f8369d7dSTobias Sarnowski } 123f8369d7dSTobias Sarnowski 124f8369d7dSTobias Sarnowski function test_local2_single(){ 125f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = '127.0.0.1'; 126f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = ''; 127f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = '123.123.123.123'; 128f8369d7dSTobias Sarnowski $out = '123.123.123.123'; 129*445b9378SPhy $this->assertEquals($out, clientIP(true)); 130f8369d7dSTobias Sarnowski } 131f8369d7dSTobias Sarnowski 132f8369d7dSTobias Sarnowski function test_local3_single(){ 133f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 134f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = ''; 135f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = '127.0.0.1,10.0.0.1,192.168.0.2,172.17.1.1,172.21.1.1,172.31.1.1'; 136f8369d7dSTobias Sarnowski $out = '123.123.123.123'; 137*445b9378SPhy $this->assertEquals($out, clientIP(true)); 138f8369d7dSTobias Sarnowski } 139f8369d7dSTobias Sarnowski 140f8369d7dSTobias Sarnowski function test_local4_single(){ 141f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = '127.0.0.1'; 142f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = ''; 143f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = '192.168.0.5'; 144f8369d7dSTobias Sarnowski $out = '192.168.0.5'; 145*445b9378SPhy $this->assertEquals($out, clientIP(true)); 146f8369d7dSTobias Sarnowski } 147f8369d7dSTobias Sarnowski 148f8369d7dSTobias Sarnowski function test_garbage_all(){ 149f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 150f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = ''; 151f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = 'some garbage, or something, 222'; 152f8369d7dSTobias Sarnowski $out = '123.123.123.123'; 153*445b9378SPhy $this->assertEquals($out, clientIP()); 154f8369d7dSTobias Sarnowski } 155f8369d7dSTobias Sarnowski 156f8369d7dSTobias Sarnowski function test_garbage_single(){ 157f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 158f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = ''; 159f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = 'some garbage, or something, 222'; 160f8369d7dSTobias Sarnowski $out = '123.123.123.123'; 161*445b9378SPhy $this->assertEquals($out, clientIP(true)); 162f8369d7dSTobias Sarnowski } 163f8369d7dSTobias Sarnowski 164f8369d7dSTobias Sarnowski function test_garbageonly_all(){ 165f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = 'argh'; 166f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = ''; 167f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = 'some garbage, or something, 222'; 168f8369d7dSTobias Sarnowski $out = '0.0.0.0'; 169*445b9378SPhy $this->assertEquals($out, clientIP()); 170f8369d7dSTobias Sarnowski } 171f8369d7dSTobias Sarnowski 172f8369d7dSTobias Sarnowski function test_garbageonly_single(){ 173f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = 'argh'; 174f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = ''; 175f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = 'some garbage, or something, 222'; 176f8369d7dSTobias Sarnowski $out = '0.0.0.0'; 177*445b9378SPhy $this->assertEquals($out, clientIP(true)); 178f8369d7dSTobias Sarnowski } 179f8369d7dSTobias Sarnowski 180f8369d7dSTobias Sarnowski function test_malicious(){ 181f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = ''; 182f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = ''; 183f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = '<?php set_time_limit(0);echo \'my_delim\';passthru(123.123.123.123);die;?>'; 184f8369d7dSTobias Sarnowski $out = '0.0.0.0'; 185*445b9378SPhy $this->assertEquals($out, clientIP()); 186*445b9378SPhy } 187*445b9378SPhy 188*445b9378SPhy function test_malicious_with_remote_addr(){ 189*445b9378SPhy $_SERVER['REMOTE_ADDR'] = '8.8.8.8'; 190*445b9378SPhy $_SERVER['HTTP_X_REAL_IP'] = ''; 191*445b9378SPhy $_SERVER['HTTP_X_FORWARDED_FOR'] = '<?php set_time_limit(0);echo \'my_delim\';passthru(\',123.123.123.123,\');die;?>'; 192*445b9378SPhy $out = '8.8.8.8'; 193*445b9378SPhy $this->assertEquals($out, clientIP(true)); 194*445b9378SPhy } 195*445b9378SPhy 196*445b9378SPhy function test_proxied_malicious_with_remote_addr(){ 197*445b9378SPhy $_SERVER['REMOTE_ADDR'] = '127.0.0.1'; 198*445b9378SPhy $_SERVER['HTTP_X_REAL_IP'] = ''; 199*445b9378SPhy $_SERVER['HTTP_X_FORWARDED_FOR'] = '8.8.8.8,<?php set_time_limit(0);echo \'my_delim\';passthru(\',123.123.123.123,\');die;?>'; 200*445b9378SPhy $out = '8.8.8.8,123.123.123.123'; 201*445b9378SPhy $this->assertEquals($out, clientIP()); 202f8369d7dSTobias Sarnowski } 203f8369d7dSTobias Sarnowski 204f8369d7dSTobias Sarnowski} 205f8369d7dSTobias Sarnowski 206f8369d7dSTobias Sarnowski//Setup VIM: ex: et ts=4 : 207