ssl_scan 0.0.1

data/lib/ssl_scan/socket/range_walker.rb

@@ -0,0 +1,470 @@
+# -*- coding: binary -*-
+require 'ssl_scan/socket'
+
+module SSLScan
+module Socket
+
+###
+#
+# This class provides an interface to enumerating an IP range
+#
+# This class uses start,stop pairs to represent ranges of addresses.  This
+# is very efficient for large numbers of consecutive addresses, and not
+# show-stoppingly inefficient when storing a bunch of non-consecutive
+# addresses, which should be a somewhat unusual case.
+#
+# @example
+#   r = RangeWalker.new("10.1,3.1-7.1-255")
+#   r.include?("10.3.7.255") #=> true
+#   r.length #=> 3570
+#   r.each do |addr|
+#     # do something with the address
+#   end
+###
+class RangeWalker
+
+  # The total number of IPs within the range
+  #
+  # @return [Fixnum]
+  attr_reader :length
+
+  # for backwards compatibility
+  alias :num_ips :length
+
+  # A list of the {Range ranges} held in this RangeWalker
+  # @return [Array]
+  attr_reader :ranges
+
+  # Initializes a walker instance using the supplied range
+  #
+  # @param parseme [RangeWalker,String]
+  def initialize(parseme)
+    if parseme.is_a? RangeWalker
+      @ranges = parseme.ranges.dup
+    else
+      @ranges = parse(parseme)
+    end
+    reset
+  end
+
+  #
+  # Calls the instance method
+  #
+  # This is basically only useful for determining if a range can be parsed
+  #
+  # @return (see #parse)
+  def self.parse(parseme)
+    self.new.parse(parseme)
+  end
+
+  #
+  # Turn a human-readable range string into ranges we can step through one address at a time.
+  #
+  # Allow the following formats:
+  #   "a.b.c.d e.f.g.h"
+  #   "a.b.c.d, e.f.g.h"
+  # where each chunk is CIDR notation, (e.g. '10.1.1.0/24') or a range in nmap format (see {#expand_nmap})
+  #
+  # OR this format
+  #   "a.b.c.d-e.f.g.h"
+  # where a.b.c.d and e.f.g.h are single IPs and the second must be
+  # bigger than the first.
+  #
+  # @param parseme [String]
+  # @return [self]
+  # @return [false] if +parseme+ cannot be parsed
+  def parse(parseme)
+    return nil if not parseme
+    ranges = []
+    parseme.split(', ').map{ |a| a.split(' ') }.flatten.each do |arg|
+      opts = {}
+
+      # Handle IPv6 first (support ranges, but not CIDR)
+      if arg.include?(":")
+        addrs = arg.split('-', 2)
+
+        # Handle a single address
+        if addrs.length == 1
+          addr, scope_id = addrs[0].split('%')
+          opts[:scope_id] = scope_id if scope_id
+          opts[:ipv6] = true
+
+          return false unless SSLScan::Socket.is_ipv6?(addr)
+          addr = SSLScan::Socket.addr_atoi(addr)
+          ranges.push(Range.new(addr, addr, opts))
+          next
+        end
+
+        addr1, scope_id = addrs[0].split('%')
+        opts[:scope_id] = scope_id if scope_id
+
+        addr2, scope_id = addrs[0].split('%')
+        ( opts[:scope_id] ||= scope_id ) if scope_id
+
+        # Both have to be IPv6 for this to work
+        return false unless (SSLScan::Socket.is_ipv6?(addr1) && SSLScan::Socket.is_ipv6?(addr2))
+
+        # Handle IPv6 ranges in the form of 2001::1-2001::10
+        addr1 = SSLScan::Socket.addr_atoi(addr1)
+        addr2 = SSLScan::Socket.addr_atoi(addr2)
+
+        ranges.push(Range.new(addr1, addr2, opts))
+        next
+
+      # Handle IPv4 CIDR
+      elsif arg.include?("/")
+        # Then it's CIDR notation and needs special case
+        return false if arg =~ /[,-]/ # Improper CIDR notation (can't mix with 1,3 or 1-3 style IP ranges)
+        return false if arg.scan("/").size > 1 # ..but there are too many slashes
+        ip_part,mask_part = arg.split("/")
+        return false if ip_part.nil? or ip_part.empty? or mask_part.nil? or mask_part.empty?
+        return false if mask_part !~ /^[0-9]{1,2}$/ # Illegal mask -- numerals only
+        return false if mask_part.to_i > 32 # This too -- between 0 and 32.
+        if ip_part =~ /^\d{1,3}(\.\d{1,3}){1,3}$/
+          return false unless ip_part =~ SSLScan::Socket::MATCH_IPV4
+        end
+        begin
+          SSLScan::Socket.getaddress(ip_part) # This allows for "www.metasploit.com/24" which is fun.
+        rescue Resolv::ResolvError, ::SocketError, Errno::ENOENT
+          return false # Can't resolve the ip_part, so bail.
+        end
+
+        expanded = expand_cidr(arg)
+        if expanded
+          ranges.push(expanded)
+        else
+          return false
+        end
+
+      # Handle hostnames
+      elsif arg =~ /[^-0-9,.*]/
+        # Then it's a domain name and we should send it on to addr_atoi
+        # unmolested to force a DNS lookup.
+        begin
+          ranges += SSLScan::Socket.addr_atoi_list(arg).map { |a| Range.new(a, a, opts) }
+        rescue Resolv::ResolvError, ::SocketError, Errno::ENOENT
+          return false
+        end
+
+      # Handle IPv4 ranges
+      elsif arg =~ /^([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})-([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})$/
+
+        # Then it's in the format of 1.2.3.4-5.6.7.8
+        # Note, this will /not/ deal with DNS names, or the fancy/obscure 10...1-10...2
+        begin
+          start, stop = SSLScan::Socket.addr_atoi($1), SSLScan::Socket.addr_atoi($2)
+          return false if start > stop # The end is greater than the beginning.
+          ranges.push(Range.new(start, stop, opts))
+        rescue Resolv::ResolvError, ::SocketError, Errno::ENOENT
+          return false
+        end
+      else
+        # Returns an array of ranges
+        expanded = expand_nmap(arg)
+        if expanded
+          expanded.each { |r| ranges.push(r) }
+        end
+      end
+    end
+
+    # Remove any duplicate ranges
+    ranges = ranges.uniq
+
+    return ranges
+  end
+
+  #
+  # Resets the subnet walker back to its original state.
+  #
+  # @return [self]
+  def reset
+    return false if not valid?
+    @curr_range_index = 0
+    @curr_addr = @ranges.first.start
+    @length = 0
+    @ranges.each { |r| @length += r.length }
+
+    self
+  end
+
+  # Returns the next IP address.
+  #
+  # @return [String] The next address in the range
+  def next_ip
+    return false if not valid?
+    if (@curr_addr > @ranges[@curr_range_index].stop)
+      # Then we are at the end of this range. Grab the next one.
+
+      # Bail if there are no more ranges
+      return nil if (@ranges[@curr_range_index+1].nil?)
+
+      @curr_range_index += 1
+
+      @curr_addr = @ranges[@curr_range_index].start
+    end
+    addr = SSLScan::Socket.addr_itoa(@curr_addr, @ranges[@curr_range_index].ipv6?)
+
+    if @ranges[@curr_range_index].options[:scope_id]
+      addr = addr + '%' + @ranges[@curr_range_index].options[:scope_id]
+    end
+
+    @curr_addr += 1
+    return addr
+  end
+
+  alias :next :next_ip
+
+  # Whether this RangeWalker's ranges are valid
+  def valid?
+    (@ranges && !@ranges.empty?)
+  end
+
+  # Returns true if the argument is an ip address that falls within any of
+  # the stored ranges.
+  #
+  # @return [true] if this RangeWalker contains +addr+
+  # @return [false] if not
+  def include?(addr)
+    return false if not @ranges
+    if (addr.is_a? String)
+      addr = SSLScan::Socket.addr_atoi(addr)
+    end
+    @ranges.map { |r|
+      if addr.between?(r.start, r.stop)
+        return true
+      end
+    }
+    return false
+  end
+
+  #
+  # Returns true if this RangeWalker includes *all* of the addresses in the
+  # given RangeWalker
+  #
+  # @param other [RangeWalker]
+  def include_range?(other)
+    return false if (!@ranges || @ranges.empty?)
+    return false if !other.ranges || other.ranges.empty?
+
+    # Check that all the ranges in +other+ fall within at least one of
+    # our ranges.
+    other.ranges.all? do |other_range|
+      ranges.any? do |range|
+        other_range.start.between?(range.start, range.stop) && other_range.stop.between?(range.start, range.stop)
+      end
+    end
+  end
+
+  #
+  # Calls the given block with each address. This is basically a wrapper for
+  # {#next_ip}
+  #
+  # @return [self]
+  def each(&block)
+    while (ip = next_ip)
+      block.call(ip)
+    end
+    reset
+
+    self
+  end
+
+  #
+  # Returns an Array with one element, a {Range} defined by the given CIDR
+  # block.
+  #
+  # @see SSLScan::Socket.cidr_crack
+  # @param arg [String] A CIDR range
+  # @return [Range]
+  # @return [false] if +arg+ is not valid CIDR notation
+  def expand_cidr(arg)
+    start,stop = SSLScan::Socket.cidr_crack(arg)
+    if !start or !stop
+      return false
+    end
+    range = Range.new
+    range.start = SSLScan::Socket.addr_atoi(start)
+    range.stop = SSLScan::Socket.addr_atoi(stop)
+    range.options = { :ipv6 => (arg.include?(":")) }
+
+    return range
+  end
+
+  #
+  # Expands an nmap-style host range x.x.x.x where x can be simply "*" which
+  # means 0-255 or any combination and repitition of:
+  #    i,n
+  #    n-m
+  #    i,n-m
+  #    n-m,i
+  # ensuring that n is never greater than m.
+  #
+  # non-unique elements will be removed
+  #  e.g.:
+  #    10.1.1.1-3,2-2,2 =>  ["10.1.1.1", "10.1.1.2", "10.1.1.3"]
+  #    10.1.1.1-3,7 =>  ["10.1.1.1", "10.1.1.2", "10.1.1.3", "10.1.1.7"]
+  #
+  # Returns an array of Ranges
+  #
+  def expand_nmap(arg)
+    # Can't really do anything with IPv6
+    return false if arg.include?(":")
+
+    # nmap calls these errors, but it's hard to catch them with our
+    # splitting below, so short-cut them here
+    return false if arg.include?(",-") or arg.include?("-,")
+
+    bytes = []
+    sections = arg.split('.')
+    if sections.length != 4
+      # Too many or not enough dots
+      return false
+    end
+    sections.each { |section|
+      if section.empty?
+        # pretty sure this is an unintentional artifact of the C
+        # functions that turn strings into ints, but it sort of makes
+        # sense, so why not
+        #   "10...1" => "10.0.0.1"
+        section = "0"
+      end
+
+      if section == "*"
+        # I think this ought to be 1-254, but this is how nmap does it.
+        section = "0-255"
+      elsif section.include?("*")
+        return false
+      end
+
+      # Break down the sections into ranges like so
+      # "1-3,5-7" => ["1-3", "5-7"]
+      ranges = section.split(',', -1)
+      sets = []
+      ranges.each { |r|
+        bounds = []
+        if r.include?('-')
+          # Then it's an actual range, break it down into start,stop
+          # pairs:
+          #   "1-3" => [ 1, 3 ]
+          # if the lower bound is empty, start at 0
+          # if the upper bound is empty, stop at 255
+          #
+          bounds = r.split('-', -1)
+          return false if (bounds.length > 2)
+
+          bounds[0] = 0   if bounds[0].nil? or bounds[0].empty?
+          bounds[1] = 255 if bounds[1].nil? or bounds[1].empty?
+          bounds.map!{|b| b.to_i}
+          return false if bounds[0] > bounds[1]
+        else
+          # Then it's a single value
+          bounds[0] = r.to_i
+        end
+        return false if bounds[0] > 255 or (bounds[1] and bounds[1] > 255)
+        return false if bounds[1] and bounds[0] > bounds[1]
+        if bounds[1]
+          bounds[0].upto(bounds[1]) do |i|
+            sets.push(i)
+          end
+        elsif bounds[0]
+          sets.push(bounds[0])
+        end
+      }
+      bytes.push(sets.sort.uniq)
+    }
+
+    #
+    # Combinitorically squish all of the quads together into a big list of
+    # ip addresses, stored as ints
+    #
+    # e.g.:
+    #  [[1],[1],[1,2],[1,2]]
+    #  =>
+    #  [atoi("1.1.1.1"),atoi("1.1.1.2"),atoi("1.1.2.1"),atoi("1.1.2.2")]
+    addrs = []
+    for a in bytes[0]
+      for b in bytes[1]
+        for c in bytes[2]
+          for d in bytes[3]
+            ip = (a << 24) + (b << 16) + (c << 8) + d
+            addrs.push ip
+          end
+        end
+      end
+    end
+
+    addrs.sort!
+    addrs.uniq!
+
+    rng = Range.new
+    rng.options = { :ipv6 => false }
+    rng.start = addrs[0]
+
+    ranges = []
+    1.upto(addrs.length - 1) do |idx|
+      if addrs[idx - 1] + 1 == addrs[idx]
+        # Then this address is contained in the current range
+        next
+      else
+        # Then this address is the upper bound for the current range
+        rng.stop = addrs[idx - 1]
+        ranges.push(rng.dup)
+        rng.start = addrs[idx]
+      end
+    end
+    rng.stop = addrs[addrs.length - 1]
+    ranges.push(rng.dup)
+    return ranges
+  end
+
+end
+
+# A range of IP addresses
+class Range
+
+  #@!attribute start
+  #   The first address in this range, as a number
+  #   @return [Fixnum]
+  attr_accessor :start
+  #@!attribute stop
+  #   The last address in this range, as a number
+  #   @return [Fixnum]
+  attr_accessor :stop
+  #@!attribute options
+  #   @return [Hash]
+  attr_accessor :options
+
+  # @param start [Fixnum]
+  # @param stop  [Fixnum]
+  # @param options [Hash] Recognized keys are:
+  #   * +:ipv6+
+  #   * +:scope_id+
+  def initialize(start=nil, stop=nil, options=nil)
+    @start = start
+    @stop = stop
+    @options = options
+  end
+
+  # Compare attributes with +other+
+  # @param other [Range]
+  # @return [Boolean]
+  def ==(other)
+    (other.start == start && other.stop == stop && other.ipv6? == ipv6? && other.options == options)
+  end
+
+  # The number of addresses in this Range
+  # @return [Fixnum]
+  def length
+    stop - start + 1
+  end
+  alias :count :length
+
+  # Whether this Range contains IPv6 or IPv4 addresses
+  # @return [Boolean]
+  def ipv6?
+    options[:ipv6]
+  end
+end
+
+end
+end