RubyGems - faraday-restrict-ip-addresses - Versions diffs - 0.0.2 → 0.1.1 - Mend

faraday-restrict-ip-addresses 0.0.2 → 0.1.1

Files changed (7) hide show

checksums.yaml +4 -4
data/README.md +1 -1
data/faraday-restrict-ip-addresses.gemspec +2 -2
data/lib/faraday/restrict_ip_addresses.rb +7 -6
data/lib/faraday/restrict_ip_addresses/version.rb +6 -0
data/spec/restrict_ip_addresses_spec.rb +31 -8
metadata +7 -12

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 9f59a971b3f267be404539a95d9b7feda50211b7
-  data.tar.gz: f85376e90f9fb7ff8b483e176afb2884a3010db3
+  metadata.gz: 1871dc387a015770b7430ad24a714b444b49d5a2
+  data.tar.gz: 1279fa86ad652c4bd6f89f069e711e433ca9848c
 SHA512:
-  metadata.gz: 9b97db3e5b0a806db906853175767c7a92c0c28e39af3a4606d4d0d6654bbff1d1479c38db8f87c2dab5e533e58b491219e6f9d4909db112e324700de2acfc6d
-  data.tar.gz: 46e04a74e074757bebbfef126d24deb0bcf05ee42467bbc0f66ac68ae381e4de84a85ed32763d6fea6a7eff78ffb5b2fceca51d907f76b10e30d4a140f4ab976
+  metadata.gz: bafcae7575b7fe850f6f63de7a84f60fdee1e9049794a569282bda081c9c84c7bc513ccd9d1ccea860e873d8b4716eb0b269bea0a67c5397eb0b7113554c290f
+  data.tar.gz: a7b797a8fb5aa51ed2ff856e57c2220a40ff81fc6da8c44bdde17447a25a4142fddd017cce9a9a6d190dafec0513844a85390cba2e8c04e333c01f96d7597cd5

data/README.md CHANGED

@@ -14,7 +14,7 @@ Usage
 ```ruby
 faraday = Faraday.new do |builder|
   builder.request :url_encoded
-  builder.use     :restrict_ip_addresses, deny_rfc6890: true,
+  builder.request :restrict_ip_addresses, deny_rfc6890: true,
                                           allow_localhost: true,
                                           deny: ['8.0.0.0/8',
                                                  '224.0.0.0/7'],

data/faraday-restrict-ip-addresses.gemspec CHANGED

@@ -1,7 +1,7 @@
-require_relative 'lib/faraday/restrict_ip_addresses'
+require_relative 'lib/faraday/restrict_ip_addresses/version'
 Gem::Specification.new do |spec|
-  spec.add_dependency 'faraday', ['>= 0.8', '< 0.9']
+  spec.add_dependency 'faraday', '~>0.9.0'
   spec.add_development_dependency 'bundler', '~> 1.0'
   spec.authors = ["Ben Lavender"]
   spec.description = %q{Restrict the IP addresses Faraday will connect to}

data/lib/faraday/restrict_ip_addresses.rb CHANGED

@@ -1,10 +1,9 @@
-require 'faraday'
+require 'faraday/restrict_ip_addresses/version'
 require 'ipaddr'
 module Faraday
   class RestrictIPAddresses < Faraday::Middleware
     class AddressNotAllowed < Faraday::Error::ClientError ; end
-    VERSION = '0.0.2'
     RFC_1918_NETWORKS = %w(
       127.0.0.0/8
@@ -48,7 +47,7 @@ module Faraday
     end
     def denied?(env)
-      addresses(env[:url].host).any? { |a| denied_ip?(a) }
+      addresses(env[:url].hostname).any? { |a| denied_ip?(a) }
     end
     def denied_ip?(address)
@@ -60,9 +59,11 @@ module Faraday
     end
     def addresses(hostname)
-      Socket.gethostbyname(hostname).map { |a| IPAddr.new_ntoh(a) rescue nil }.compact
+      Addrinfo.getaddrinfo(hostname, nil, :UNSPEC, :STREAM).map { |a| IPAddr.new(a.ip_address) }
+    rescue SocketError => e
+      # In case of invalid hostname, return an empty list of addresses
+      []
     end
   end
-  register_middleware restrict_ip_addresses: lambda { RestrictIPAddresses }
+  Request.register_middleware restrict_ip_addresses: lambda { RestrictIPAddresses }
 end

data/lib/faraday/restrict_ip_addresses/version.rb ADDED

@@ -0,0 +1,6 @@
+require 'faraday'
+module Faraday
+  class RestrictIPAddresses < Faraday::Middleware
+    VERSION = '0.1.1'
+  end
+end

data/spec/restrict_ip_addresses_spec.rb CHANGED

@@ -8,15 +8,9 @@ describe Faraday::RestrictIPAddresses do
   def allowed(*addresses)
     url = URI.parse("http://test.com")
-    ips  = addresses.map { |add| IPAddr.new(add).hton }
+    ips = addresses.map { |add| Addrinfo.tcp(add, nil) }
-    # Socket returns a bunch of other stuff with gethostbyname. ipv6 addresses,
-    # other socket information, whatever. We ignore it all internally and return
-    # only valid ipv4 addresses, so just append what we're checking to some
-    # garbage data like we expect.
-    return_addresses = ['garbage', [], 30]
-    return_addresses += ips
-    Socket.expects(:gethostbyname).with(url.host).returns(return_addresses)
+    Addrinfo.expects(:getaddrinfo).with(url.host, nil, :UNSPEC, :STREAM).returns(ips)
     env = { url: url }
     @rip.call(env)
@@ -92,4 +86,33 @@ describe Faraday::RestrictIPAddresses do
       denied  '192.168.13.14'
     end
+    it "blacklists normalized values" do
+      middleware deny_rfc6890: true,
+                 allow_localhost: false
+      denied '0'
+      denied '0x0'
+      denied '0x00.0'
+      denied '00.0'
+      denied '127.0.0.1'
+      denied '0x7f.1'
+      denied '0177.1'
+    end
+    it "allows addresses for which DNS fails" do
+      middleware deny_rfc1918: true,
+                 deny: ['8.0.0.0/8'],
+                 allow: ['8.5.0.0/24', '192.168.14.0/24']
+      url = URI.parse("http://thisisanonexistinghostname.com")
+      Addrinfo.expects(:getaddrinfo).with(url.host, nil, :UNSPEC, :STREAM).raises(SocketError)
+      @rip.call(url: url)
+    end
+    it "works for IPV6 localhost addresses" do
+      middleware allow_localhost: false,
+                 deny: ['::1']
+      denied '::1'
+      denied '0:0:0:0:0:0:0:1'
+    end
 end

metadata CHANGED

@@ -1,35 +1,29 @@
 --- !ruby/object:Gem::Specification
 name: faraday-restrict-ip-addresses
 version: !ruby/object:Gem::Version
-  version: 0.0.2
+  version: 0.1.1
 platform: ruby
 authors:
 - Ben Lavender
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2014-03-24 00:00:00.000000000 Z
+date: 2017-01-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: faraday
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0.8'
-    - - "<"
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.9'
+        version: 0.9.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0.8'
-    - - "<"
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.9'
+        version: 0.9.0
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -55,6 +49,7 @@ files:
 - UNLICENSE
 - faraday-restrict-ip-addresses.gemspec
 - lib/faraday/restrict_ip_addresses.rb
+- lib/faraday/restrict_ip_addresses/version.rb
 - spec/restrict_ip_addresses_spec.rb
 - spec/spec_helper.rb
 homepage: https://github.com/bhuga/faraday-restrict-ip-addresses