mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-08 19:04:45 +00:00
Bug 1570104 - Add shared IPv4 range from RFC 6598 (100.64/10) to allowed list of IP addresses for testing. r=dragana
Differential Revision: https://phabricator.services.mozilla.com/D40167 --HG-- extra : moz-landing-system : lando
This commit is contained in:
parent
91d20d2982
commit
1803585259
@ -189,6 +189,14 @@ interface nsIIOService : nsISupports
|
||||
*/
|
||||
boolean hostnameIsLocalIPAddress(in nsIURI aURI);
|
||||
|
||||
/**
|
||||
* Checks if a URI host is a shared IPv4 address literal.
|
||||
*
|
||||
* @param nsIURI the URI that contains the hostname to check
|
||||
* @return true if the URI hostname is a shared IP address
|
||||
*/
|
||||
boolean hostnameIsSharedIPAddress(in nsIURI aURI);
|
||||
|
||||
/**
|
||||
* While this is set, IOService will monitor an nsINetworkLinkService
|
||||
* (if available) and set its offline status to "true" whenever
|
||||
|
@ -770,6 +770,34 @@ nsIOService::HostnameIsLocalIPAddress(nsIURI* aURI, bool* aResult) {
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsIOService::HostnameIsSharedIPAddress(nsIURI* aURI, bool* aResult) {
|
||||
NS_ENSURE_ARG_POINTER(aURI);
|
||||
|
||||
nsCOMPtr<nsIURI> innerURI = NS_GetInnermostURI(aURI);
|
||||
NS_ENSURE_ARG_POINTER(innerURI);
|
||||
|
||||
nsAutoCString host;
|
||||
nsresult rv = innerURI->GetAsciiHost(host);
|
||||
if (NS_FAILED(rv)) {
|
||||
return rv;
|
||||
}
|
||||
|
||||
*aResult = false;
|
||||
|
||||
PRNetAddr addr;
|
||||
PRStatus result = PR_StringToNetAddr(host.get(), &addr);
|
||||
if (result == PR_SUCCESS) {
|
||||
NetAddr netAddr;
|
||||
PRNetAddrToNetAddr(&addr, &netAddr);
|
||||
if (IsIPAddrShared(&netAddr)) {
|
||||
*aResult = true;
|
||||
}
|
||||
}
|
||||
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsIOService::GetProtocolFlags(const char* scheme, uint32_t* flags) {
|
||||
nsCOMPtr<nsIProtocolHandler> handler;
|
||||
|
@ -1269,7 +1269,8 @@ nsresult nsSocketTransport::InitiateSocket() {
|
||||
#endif
|
||||
|
||||
if (NS_SUCCEEDED(mCondition) && xpc::AreNonLocalConnectionsDisabled() &&
|
||||
!(IsIPAddrAny(&mNetAddr) || IsIPAddrLocal(&mNetAddr))) {
|
||||
!(IsIPAddrAny(&mNetAddr) || IsIPAddrLocal(&mNetAddr) ||
|
||||
IsIPAddrShared(&mNetAddr))) {
|
||||
nsAutoCString ipaddr;
|
||||
RefPtr<nsNetAddr> netaddr = new nsNetAddr(&mNetAddr);
|
||||
netaddr->GetAddress(ipaddr);
|
||||
|
@ -204,6 +204,21 @@ bool IsIPAddrLocal(const NetAddr* addr) {
|
||||
return false;
|
||||
}
|
||||
|
||||
bool IsIPAddrShared(const NetAddr* addr) {
|
||||
MOZ_ASSERT(addr);
|
||||
|
||||
// IPv4 RFC6598.
|
||||
if (addr->raw.family == AF_INET) {
|
||||
uint32_t addr32 = ntohl(addr->inet.ip);
|
||||
if (addr32 >> 22 == 0x644 >> 2) { // 100.64/10 prefix (RFC 6598).
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
// Not an IPv4 shared address.
|
||||
return false;
|
||||
}
|
||||
|
||||
nsresult GetPort(const NetAddr* aAddr, uint16_t* aResult) {
|
||||
uint16_t port;
|
||||
if (aAddr->raw.family == PR_AF_INET) {
|
||||
|
@ -177,6 +177,8 @@ bool IsIPAddrV4Mapped(const NetAddr* addr);
|
||||
|
||||
bool IsIPAddrLocal(const NetAddr* addr);
|
||||
|
||||
bool IsIPAddrShared(const NetAddr* addr);
|
||||
|
||||
nsresult GetPort(const NetAddr* aAddr, uint16_t* aResult);
|
||||
|
||||
} // namespace net
|
||||
|
@ -6,16 +6,25 @@ function run_test() {
|
||||
let testURIs = [
|
||||
["http://example.com", false],
|
||||
["about:robots", false],
|
||||
// 10/8 prefix (RFC 1918)
|
||||
["http://9.255.255.255", false],
|
||||
["http://10.0.0.0", true],
|
||||
["http://10.0.23.31", true],
|
||||
["http://10.255.255.255", true],
|
||||
["http://11.0.0.0", false],
|
||||
// 169.254/16 prefix (Link Local)
|
||||
["http://169.253.255.255", false],
|
||||
["http://169.254.0.0", true],
|
||||
["http://169.254.42.91", true],
|
||||
["http://169.254.255.255", true],
|
||||
["http://169.255.0.0", false],
|
||||
// 172.16/12 prefix (RFC 1918)
|
||||
["http://172.15.255.255", false],
|
||||
["http://172.16.0.0", true],
|
||||
["http://172.25.110.0", true],
|
||||
["http://172.31.255.255", true],
|
||||
["http://172.32.0.0", false],
|
||||
// 192.168/16 prefix (RFC 1918)
|
||||
["http://192.167.255.255", false],
|
||||
["http://192.168.0.0", true],
|
||||
["http://192.168.127.10", true],
|
||||
|
19
netwerk/test/unit/test_hostnameIsSharedIPAddress.js
Normal file
19
netwerk/test/unit/test_hostnameIsSharedIPAddress.js
Normal file
@ -0,0 +1,19 @@
|
||||
var ioService = Cc["@mozilla.org/network/io-service;1"].getService(
|
||||
Ci.nsIIOService
|
||||
);
|
||||
|
||||
function run_test() {
|
||||
let testURIs = [
|
||||
// 100.64/10 prefix (RFC 6598)
|
||||
["http://100.63.255.254", false],
|
||||
["http://100.64.0.0", true],
|
||||
["http://100.91.63.42", true],
|
||||
["http://100.127.255.254", true],
|
||||
["http://100.128.0.0", false],
|
||||
];
|
||||
|
||||
for (let [uri, isShared] of testURIs) {
|
||||
let nsuri = ioService.newURI(uri);
|
||||
equal(isShared, ioService.hostnameIsSharedIPAddress(nsuri));
|
||||
}
|
||||
}
|
@ -233,6 +233,7 @@ skip-if = true # Bug 863738
|
||||
[test_header_Accept-Language_case.js]
|
||||
[test_headers.js]
|
||||
[test_hostnameIsLocalIPAddress.js]
|
||||
[test_hostnameIsSharedIPAddress.js]
|
||||
[test_http_headers.js]
|
||||
[test_httpauth.js]
|
||||
[test_httpcancel.js]
|
||||
|
Loading…
Reference in New Issue
Block a user