244 lines
6.7 KiB
PHP
244 lines
6.7 KiB
PHP
<?php
|
|
/* vim: set expandtab sw=4 ts=4 sts=4: */
|
|
/**
|
|
* tests for ip_allow_deny.lib.php
|
|
*
|
|
* @package PhpMyAdmin-test
|
|
*/
|
|
|
|
/*
|
|
* Include to test.
|
|
*/
|
|
|
|
require_once 'libraries/database_interface.inc.php';
|
|
|
|
require_once 'libraries/ip_allow_deny.lib.php';
|
|
|
|
/**
|
|
* PMA_Ip_Allow_Deny_Test class
|
|
*
|
|
* this class is for testing ip_allow_deny.lib.php
|
|
*
|
|
* @package PhpMyAdmin-test
|
|
*/
|
|
class PMA_Ip_Allow_Deny_Test extends PHPUnit_Framework_TestCase
|
|
{
|
|
/**
|
|
* Prepares environment for the test.
|
|
*
|
|
* @return void
|
|
*/
|
|
public function setUp()
|
|
{
|
|
$GLOBALS['cfg']['Server']['user'] = "pma_username";
|
|
$GLOBALS['cfg']['Server']['AllowDeny']['rules'][]
|
|
= "allow % 255.255.255.0/4";
|
|
$GLOBALS['cfg']['Server']['AllowDeny']['rules'][]
|
|
= "allow % from 255.255.2.0/4";
|
|
$GLOBALS['cfg']['Server']['AllowDeny']['rules'][]
|
|
= "allow % from 2001:4998:c:a0d:0000:0000:4998:1020";
|
|
$GLOBALS['cfg']['Server']['AllowDeny']['rules'][]
|
|
= "allow % from 2001:4998:c:a0d:0000:0000:4998:[1001-2010]";
|
|
$GLOBALS['cfg']['Server']['AllowDeny']['rules'][]
|
|
= "allow % from 2001:4998:c:a0d:0000:0000:4998:3020/24";
|
|
$GLOBALS['cfg']['Server']['AllowDeny']['rules'][] = "deny % 255.255.0.0/8";
|
|
$GLOBALS['cfg']['Server']['AllowDeny']['rules'][]
|
|
= "deny % from 255.255.0.0/8";
|
|
include_once 'libraries/ip_allow_deny.lib.php';
|
|
}
|
|
|
|
/**
|
|
* Test for PMA_getIp
|
|
*
|
|
* @return void
|
|
*
|
|
* @dataProvider proxyIPs
|
|
*/
|
|
public function testGetIp($remote, $header, $expected, $proxyip = null)
|
|
{
|
|
unset($_SERVER['REMOTE_ADDR']);
|
|
unset($_SERVER['TEST_FORWARDED_HEADER']);
|
|
$GLOBALS['cfg']['TrustedProxies'] = array();
|
|
|
|
if (!is_null($remote)) {
|
|
$_SERVER['REMOTE_ADDR'] = $remote;
|
|
}
|
|
|
|
if (!is_null($header)) {
|
|
if (is_null($proxyip)) {
|
|
$proxyip = $remote;
|
|
}
|
|
$GLOBALS['cfg']['TrustedProxies'][$proxyip] = 'TEST_FORWARDED_HEADER';
|
|
$_SERVER['TEST_FORWARDED_HEADER'] = $header;
|
|
}
|
|
|
|
$this->assertEquals(
|
|
$expected,
|
|
PMA_getIp()
|
|
);
|
|
|
|
unset($_SERVER['REMOTE_ADDR']);
|
|
unset($_SERVER['TEST_FORWARDED_HEADER']);
|
|
$GLOBALS['cfg']['TrustedProxies'] = array();
|
|
}
|
|
|
|
/**
|
|
* Data provider for PMA_getIp tests
|
|
*
|
|
* @return array
|
|
*/
|
|
public function proxyIPs()
|
|
{
|
|
return array(
|
|
// Nothing set
|
|
array(null, null, false),
|
|
// Remote IP set
|
|
array('101.0.0.25', null, '101.0.0.25'),
|
|
// Proxy
|
|
array('101.0.0.25', '192.168.10.10', '192.168.10.10'),
|
|
// Several proxies
|
|
array('101.0.0.25', '192.168.10.1, 192.168.100.100', '192.168.10.1'),
|
|
// Invalid proxy
|
|
array('101.0.0.25', 'invalid', false),
|
|
// Direct IP with proxy enabled
|
|
array('101.0.0.25', '192.168.10.10', '101.0.0.25', '10.10.10.10'),
|
|
);
|
|
}
|
|
|
|
/**
|
|
* Test for PMA_ipMaskTest
|
|
*
|
|
* @return void
|
|
*/
|
|
public function testIpMaskTest()
|
|
{
|
|
//IPV4 testing
|
|
$testRange = "255.255.0.0/8";
|
|
$ipToTest = "10.0.0.0";
|
|
$this->assertEquals(
|
|
false,
|
|
PMA_ipMaskTest($testRange, $ipToTest)
|
|
);
|
|
|
|
$testRange = "255.255.0.0/4";
|
|
$ipToTest = "255.3.0.0";
|
|
$this->assertEquals(
|
|
true,
|
|
PMA_ipMaskTest($testRange, $ipToTest)
|
|
);
|
|
|
|
$testRange = "255.255.0.[0-10]";
|
|
$ipToTest = "255.3.0.3";
|
|
$this->assertEquals(
|
|
false,
|
|
PMA_ipMaskTest($testRange, $ipToTest)
|
|
);
|
|
$ipToTest = "255.3.0.12";
|
|
$this->assertEquals(
|
|
false,
|
|
PMA_ipMaskTest($testRange, $ipToTest)
|
|
);
|
|
|
|
//IPV6 testing
|
|
//not range
|
|
$ipToTest = "2001:4998:c:a0d:0000:0000:4998:1020";
|
|
$testRange = "2001:4998:c:a0d:0000:0000:4998:1020";
|
|
$this->assertEquals(
|
|
true,
|
|
PMA_ipMaskTest($testRange, $ipToTest)
|
|
);
|
|
$ipToTest = "2001:4998:c:a0d:0000:0000:4998:1020";
|
|
$testRange = "2001:4998:c:a0d:0000:0000:4998:2020";
|
|
$this->assertEquals(
|
|
false,
|
|
PMA_ipMaskTest($testRange, $ipToTest)
|
|
);
|
|
|
|
//range
|
|
$ipToTest = "2001:4998:c:a0d:0000:0000:4998:1020";
|
|
$testRange = "2001:4998:c:a0d:0000:0000:4998:[1001-2010]";
|
|
$this->assertEquals(
|
|
true,
|
|
PMA_ipMaskTest($testRange, $ipToTest)
|
|
);
|
|
$ipToTest = "2001:4998:c:a0d:0000:0000:4998:3020";
|
|
$testRange = "2001:4998:c:a0d:0000:0000:4998:[1001-2010]";
|
|
$this->assertEquals(
|
|
false,
|
|
PMA_ipMaskTest($testRange, $ipToTest)
|
|
);
|
|
|
|
//CDIR
|
|
$ipToTest = "2001:4998:c:a0d:0000:0000:4998:1020";
|
|
$testRange = "2001:4998:c:a0d:0000:0000:4998:[1001-2010]";
|
|
$this->assertEquals(
|
|
true,
|
|
PMA_ipMaskTest($testRange, $ipToTest)
|
|
);
|
|
$ipToTest = "2001:4998:c:a0d:0000:0000:4998:1000";
|
|
$testRange = "2001:4998:c:a0d:0000:0000:4998:3020/24";
|
|
$this->assertEquals(
|
|
false,
|
|
PMA_ipMaskTest($testRange, $ipToTest)
|
|
);
|
|
}
|
|
|
|
/**
|
|
* Test for PMA_allowDeny
|
|
*
|
|
* @return void
|
|
*/
|
|
public function testAllowDeny()
|
|
{
|
|
$_SERVER['REMOTE_ADDR'] = "";
|
|
$this->assertEquals(
|
|
false,
|
|
PMA_allowDeny("allow")
|
|
);
|
|
|
|
$_SERVER['REMOTE_ADDR'] = "255.0.1.0";
|
|
$this->assertEquals(
|
|
true,
|
|
PMA_allowDeny("allow")
|
|
);
|
|
$_SERVER['REMOTE_ADDR'] = "10.0.0.0";
|
|
$this->assertEquals(
|
|
false,
|
|
PMA_allowDeny("allow")
|
|
);
|
|
|
|
$_SERVER['REMOTE_ADDR'] = "255.255.0.1";
|
|
$this->assertEquals(
|
|
true,
|
|
PMA_allowDeny("deny")
|
|
);
|
|
$_SERVER['REMOTE_ADDR'] = "255.124.0.5";
|
|
$this->assertEquals(
|
|
true,
|
|
PMA_allowDeny("deny")
|
|
);
|
|
$_SERVER['REMOTE_ADDR'] = "122.124.0.5";
|
|
$this->assertEquals(
|
|
false,
|
|
PMA_allowDeny("deny")
|
|
);
|
|
|
|
//IPV6
|
|
$_SERVER['REMOTE_ADDR'] = "2001:4998:c:a0d:0000:0000:4998:1020";
|
|
$this->assertEquals(
|
|
true,
|
|
PMA_allowDeny("allow")
|
|
);
|
|
$_SERVER['REMOTE_ADDR'] = "2001:4998:c:a0d:0000:0000:4998:1000";
|
|
$this->assertEquals(
|
|
false,
|
|
PMA_allowDeny("allow")
|
|
);
|
|
$_SERVER['REMOTE_ADDR'] = "2001:4998:c:a0d:0000:0000:4998:1020";
|
|
$this->assertEquals(
|
|
true,
|
|
PMA_allowDeny("allow")
|
|
);
|
|
}
|
|
}
|