Skip to content

Better test if server has public address #2010

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Alkarex merged 2 commits into from
Sep 8, 2018
Merged

Better test if server has public address #2010

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
1beaa6b
Better test if server has public address
Alkarex Sep 8, 2018
f5b8def
Wrong trailing slash in documentation
Alkarex Sep 8, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion cli/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ cd /usr/share/FreshRSS
./cli/prepare.php
# Ensure the needed directories in ./data/

./cli/do-install.php --default_user admin ( --auth_type form --environment production --base_url https://rss.example.net/ --language en --title FreshRSS --allow_anonymous --api_enabled --db-type mysql --db-host localhost:3306 --db-user freshrss --db-password dbPassword123 --db-base freshrss --db-prefix freshrss )
./cli/do-install.php --default_user admin ( --auth_type form --environment production --base_url https://rss.example.net --language en --title FreshRSS --allow_anonymous --api_enabled --db-type mysql --db-host localhost:3306 --db-user freshrss --db-password dbPassword123 --db-base freshrss --db-prefix freshrss )
# --auth_type can be: 'form' (default), 'http_auth' (using the Web server access control), 'none' (dangerous)
# --db-type can be: 'sqlite' (default), 'mysql' (MySQL or MariaDB), 'pgsql' (PostgreSQL)
# --base_url should be a public (routable) URL if possible, and is used for push (PubSubHubbub), for some API functions (e.g. favicons), and external URLs in FreshRSS.
Expand Down
2 changes: 1 addition & 1 deletion cli/do-install.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@

if (empty($options['default_user'])) {
fail('Usage: ' . basename(__FILE__) . " --default_user admin ( --auth_type form" .
" --environment production --base_url https://rss.example.net/" .
" --environment production --base_url https://rss.example.net" .
" --language en --title FreshRSS --allow_anonymous --api_enabled" .
" --db-type mysql --db-host localhost:3306 --db-user freshrss --db-password dbPassword123" .
" --db-base freshrss --db-prefix freshrss_ --disable_update )");
Expand Down
13 changes: 9 additions & 4 deletions lib/lib_rss.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -109,24 +109,29 @@ function safe_ascii($text) {
* localhost address.
*
* @param $address the address to test, can be an IP or a URL.
* @return true if server is accessible, false else.
* @return true if server is accessible, false otherwise.
* @todo improve test with a more valid technique (e.g. test with an external server?)
*/
function server_is_public($address) {
$host = parse_url($address, PHP_URL_HOST);

$is_public = !in_array($host, array(
'127.0.0.1',
'localhost',
'localhost.localdomain',
'[::1]',
'ip6-localhost',
'localhost6',
'localhost6.localdomain6',
));

return $is_public;
}
if ($is_public) {
$ip = gethostbyname($host);
Copy link
Copy Markdown
Member Author

@Alkarex Alkarex Oct 27, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This does not work as expected when FreshRSS is in a container (e.g. Træfik + Docker). Will fix.

Copy link
Copy Markdown
Member Author

@Alkarex Alkarex Oct 27, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed with #2084

$is_public &= !preg_match('/^(10|127|172[.]16|192[.]168)[.]/', $ip);
$is_public &= !preg_match('/^(\[)?(::1$|fc00::|fe80::)/i', $ip);
}

return (bool)$is_public;
}

function format_number($n, $precision = 0) {
// number_format does not seem to be Unicode-compatible
Expand Down