Merge branch 'master' of github.com:simplesamlphp/simplesamlphp

c9559407 · Olav Morken · 08c8bbc9 · daf2696b · c9559407 · c9559407
Commit c9559407 authored 9 years ago by Olav Morken
--- a/lib/SimpleSAML/Utils/Net.php
+++ b/lib/SimpleSAML/Utils/Net.php
@@ -20,7 +20,7 @@ class Net
     *
     * @author Andreas Åkre Solberg, UNINETT AS <andreas.solberg@uninett.no>
     * @author Olav Morken, UNINETT AS <olav.morken@uninett.no>
-     * @author Brook Schofield, TERENA
+     * @author Brook Schofield, GÉANT
     * @author Jaime Perez, UNINETT AS <jaime.perez@uninett.no>
     */
    static function ipCIDRcheck($cidr, $ip = null)
@@ -38,11 +38,11 @@ class Net
            // Validate IPv6 with inet_pton, convert to hex with bin2hex
            // then store as a long with hexdec
-            $ip_pack = inet_pton($ip);
+            $ip_pack = @inet_pton($ip);
-            $net_pack = inet_pton($net);
+            $net_pack = @inet_pton($net);
            if ($ip_pack === false || $net_pack === false) {
-                // not valid IPv6 address (warning already issued)
+                // not valid IPv6 address (warning silenced)
                return false;
            }

--- a/tests/Utils/NetTest.php
+++ b/tests/Utils/NetTest.php
@@ -39,4 +39,39 @@ class Utils_Net_Test extends PHPUnit_Framework_TestCase
        $this->assertFalse(SimpleSAML\Utils\Net::ipCIDRcheck('127.0.0.0/23', '127.0.1.256'));
        $this->assertFalse(SimpleSAML\Utils\Net::ipCIDRcheck('127.0.0.0/23', '127.0.2.0'));
    }
-}
\ No newline at end of file
+    public function testIpv6CIDRcheck()
+    {
+        // check CIDR w/o mask
+        $this->assertFalse(SimpleSAML\Utils\Net::ipCIDRcheck('2001:0DB8::', '2001:0DB8::1'));
+        // check wrong CIDR w/ mask
+        $this->assertFalse(SimpleSAML\Utils\Net::ipCIDRcheck('2001:0DB8::/128', '2001:0DB8::1'));
+        // check wrong IP
+        $this->assertFalse(SimpleSAML\Utils\Net::ipCIDRcheck('2001:0DB8::/128', '2001:0DB8::Z'));
+        // check limits for standard classes
+        $this->assertTrue(SimpleSAML\Utils\Net::ipCIDRcheck('2001:0DB8::/128', '2001:0DB8:0000:0000:0000:0000:0000:0000'));
+        $this->assertTrue(SimpleSAML\Utils\Net::ipCIDRcheck('2001:0DB8::/128', '2001:0DB8::0'));
+        $this->assertFalse(SimpleSAML\Utils\Net::ipCIDRcheck('2001:0DB8::/128', '2001:0DB8::1'));
+        $this->assertTrue(SimpleSAML\Utils\Net::ipCIDRcheck('2001:0DB8::/112', '2001:0DB8::1'));
+        $this->assertFalse(SimpleSAML\Utils\Net::ipCIDRcheck('2001:0DB8::/112', '2001:0DB8::1:1'));
+        $this->assertTrue(SimpleSAML\Utils\Net::ipCIDRcheck('2001:0DB8::/112', '2001:0DB8::FFFF'));
+        $this->assertFalse(SimpleSAML\Utils\Net::ipCIDRcheck('2001:0DB8::/112', '2001:0DB8::1:FFFF'));
+        // check limits for non-standard classes
+        $this->assertTrue(SimpleSAML\Utils\Net::ipCIDRcheck('2001:0DB8::/108', '2001:0DB8::1:1'));
+        $this->assertTrue(SimpleSAML\Utils\Net::ipCIDRcheck('2001:0DB8::/108', '2001:0DB8::F:1'));
+        $this->assertFalse(SimpleSAML\Utils\Net::ipCIDRcheck('2001:0DB8::/108', '2001:0DB8::FF:1'));
+        $this->assertFalse(SimpleSAML\Utils\Net::ipCIDRcheck('2001:0DB8::/108', '2001:0DB8::1FF:1'));
+        $this->assertFalse(SimpleSAML\Utils\Net::ipCIDRcheck('2001:0DB8::/108', '2001:0DB8::FFFF:1'));
+        $this->assertTrue(SimpleSAML\Utils\Net::ipCIDRcheck('2001:0DB8::/104', '2001:0DB8::1:1'));
+        $this->assertTrue(SimpleSAML\Utils\Net::ipCIDRcheck('2001:0DB8::/104', '2001:0DB8::F:1'));
+        $this->assertTrue(SimpleSAML\Utils\Net::ipCIDRcheck('2001:0DB8::/104', '2001:0DB8::FF:1'));
+        $this->assertFalse(SimpleSAML\Utils\Net::ipCIDRcheck('2001:0DB8::/104', '2001:0DB8::1FF:1'));
+        $this->assertFalse(SimpleSAML\Utils\Net::ipCIDRcheck('2001:0DB8::/104', '2001:0DB8::FFFF:1'));
+     }
+}