RubyGems - faraday-restrict-ip-addresses - Versions diffs - 0.0.2 → 0.1.1 - Mend

faraday-restrict-ip-addresses 0.0.2 → 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +4 -4
data/README.md +1 -1
data/faraday-restrict-ip-addresses.gemspec +2 -2
data/lib/faraday/restrict_ip_addresses.rb +7 -6
data/lib/faraday/restrict_ip_addresses/version.rb +6 -0
data/spec/restrict_ip_addresses_spec.rb +31 -8
metadata +7 -12

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 9f59a971b3f267be404539a95d9b7feda50211b7
-  data.tar.gz: f85376e90f9fb7ff8b483e176afb2884a3010db3
+  metadata.gz: 1871dc387a015770b7430ad24a714b444b49d5a2
+  data.tar.gz: 1279fa86ad652c4bd6f89f069e711e433ca9848c
 SHA512:
-  metadata.gz: 9b97db3e5b0a806db906853175767c7a92c0c28e39af3a4606d4d0d6654bbff1d1479c38db8f87c2dab5e533e58b491219e6f9d4909db112e324700de2acfc6d
-  data.tar.gz: 46e04a74e074757bebbfef126d24deb0bcf05ee42467bbc0f66ac68ae381e4de84a85ed32763d6fea6a7eff78ffb5b2fceca51d907f76b10e30d4a140f4ab976
+  metadata.gz: bafcae7575b7fe850f6f63de7a84f60fdee1e9049794a569282bda081c9c84c7bc513ccd9d1ccea860e873d8b4716eb0b269bea0a67c5397eb0b7113554c290f
+  data.tar.gz: a7b797a8fb5aa51ed2ff856e57c2220a40ff81fc6da8c44bdde17447a25a4142fddd017cce9a9a6d190dafec0513844a85390cba2e8c04e333c01f96d7597cd5

data/README.md CHANGED

@@ -14,7 +14,7 @@ Usage
 ```ruby
 faraday = Faraday.new do |builder|
   builder.request :url_encoded
-  builder.use     :restrict_ip_addresses, deny_rfc6890: true,
+  builder.request :restrict_ip_addresses, deny_rfc6890: true,
                                           allow_localhost: true,
                                           deny: ['8.0.0.0/8',
                                                  '224.0.0.0/7'],

data/faraday-restrict-ip-addresses.gemspec CHANGED

@@ -1,7 +1,7 @@
-require_relative 'lib/faraday/restrict_ip_addresses'
+require_relative 'lib/faraday/restrict_ip_addresses/version'
 Gem::Specification.new do |spec|
-  spec.add_dependency 'faraday', ['>= 0.8', '< 0.9']
+  spec.add_dependency 'faraday', '~>0.9.0'
   spec.add_development_dependency 'bundler', '~> 1.0'
   spec.authors = ["Ben Lavender"]
   spec.description = %q{Restrict the IP addresses Faraday will connect to}

data/lib/faraday/restrict_ip_addresses.rb CHANGED

@@ -1,10 +1,9 @@
-require 'faraday'
+require 'faraday/restrict_ip_addresses/version'
 require 'ipaddr'
 module Faraday
   class RestrictIPAddresses < Faraday::Middleware
     class AddressNotAllowed < Faraday::Error::ClientError ; end
-    VERSION = '0.0.2'
     RFC_1918_NETWORKS = %w(
       127.0.0.0/8
@@ -48,7 +47,7 @@ module Faraday
     end
     def denied?(env)
-      addresses(env[:url].host).any? { |a| denied_ip?(a) }
+      addresses(env[:url].hostname).any? { |a| denied_ip?(a) }
     end
     def denied_ip?(address)
@@ -60,9 +59,11 @@ module Faraday
     end
     def addresses(hostname)
-      Socket.gethostbyname(hostname).map { |a| IPAddr.new_ntoh(a) rescue nil }.compact
+      Addrinfo.getaddrinfo(hostname, nil, :UNSPEC, :STREAM).map { |a| IPAddr.new(a.ip_address) }
+    rescue SocketError => e
+      # In case of invalid hostname, return an empty list of addresses
+      []
     end
   end
-  register_middleware restrict_ip_addresses: lambda { RestrictIPAddresses }
+  Request.register_middleware restrict_ip_addresses: lambda { RestrictIPAddresses }
 end

data/lib/faraday/restrict_ip_addresses/version.rb ADDED

@@ -0,0 +1,6 @@
+require 'faraday'
+module Faraday
+  class RestrictIPAddresses < Faraday::Middleware
+    VERSION = '0.1.1'
+  end
+end

data/spec/restrict_ip_addresses_spec.rb CHANGED

@@ -8,15 +8,9 @@ describe Faraday::RestrictIPAddresses do
   def allowed(*addresses)
     url = URI.parse("http://test.com")
-    ips  = addresses.map { |add| IPAddr.new(add).hton }
+    ips = addresses.map { |add| Addrinfo.tcp(add, nil) }
-    # Socket returns a bunch of other stuff with gethostbyname. ipv6 addresses,
-    # other socket information, whatever. We ignore it all internally and return
-    # only valid ipv4 addresses, so just append what we're checking to some
-    # garbage data like we expect.
-    return_addresses = ['garbage', [], 30]
-    return_addresses += ips
-    Socket.expects(:gethostbyname).with(url.host).returns(return_addresses)
+    Addrinfo.expects(:getaddrinfo).with(url.host, nil, :UNSPEC, :STREAM).returns(ips)
     env = { url: url }
     @rip.call(env)
@@ -92,4 +86,33 @@ describe Faraday::RestrictIPAddresses do
       denied  '192.168.13.14'
     end
+    it "blacklists normalized values" do
+      middleware deny_rfc6890: true,
+                 allow_localhost: false
+      denied '0'
+      denied '0x0'
+      denied '0x00.0'
+      denied '00.0'
+      denied '127.0.0.1'
+      denied '0x7f.1'
+      denied '0177.1'
+    end
+    it "allows addresses for which DNS fails" do
+      middleware deny_rfc1918: true,
+                 deny: ['8.0.0.0/8'],
+                 allow: ['8.5.0.0/24', '192.168.14.0/24']
+      url = URI.parse("http://thisisanonexistinghostname.com")
+      Addrinfo.expects(:getaddrinfo).with(url.host, nil, :UNSPEC, :STREAM).raises(SocketError)
+      @rip.call(url: url)
+    end
+    it "works for IPV6 localhost addresses" do
+      middleware allow_localhost: false,
+                 deny: ['::1']
+      denied '::1'
+      denied '0:0:0:0:0:0:0:1'
+    end
 end

metadata CHANGED

@@ -1,35 +1,29 @@
 --- !ruby/object:Gem::Specification
 name: faraday-restrict-ip-addresses
 version: !ruby/object:Gem::Version
-  version: 0.0.2
+  version: 0.1.1
 platform: ruby
 authors:
 - Ben Lavender
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2014-03-24 00:00:00.000000000 Z
+date: 2017-01-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: faraday
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0.8'
-    - - "<"
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.9'
+        version: 0.9.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0.8'
-    - - "<"
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.9'
+        version: 0.9.0
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -55,6 +49,7 @@ files:
 - UNLICENSE
 - faraday-restrict-ip-addresses.gemspec
 - lib/faraday/restrict_ip_addresses.rb
+- lib/faraday/restrict_ip_addresses/version.rb
 - spec/restrict_ip_addresses_spec.rb
 - spec/spec_helper.rb
 homepage: https://github.com/bhuga/faraday-restrict-ip-addresses