unxf 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. data/.document +6 -0
  2. data/.gitignore +8 -0
  3. data/.wrongdoc.yml +4 -0
  4. data/COPYING +674 -0
  5. data/GIT-VERSION-GEN +40 -0
  6. data/GNUmakefile +11 -0
  7. data/LICENSE +18 -0
  8. data/README +14 -0
  9. data/lib/unxf.rb +67 -0
  10. data/pkg.mk +175 -0
  11. data/setup.rb +1586 -0
  12. data/test/test_unxf.rb +85 -0
  13. data/unxf.gemspec +27 -0
  14. metadata +137 -0
data/test/test_unxf.rb ADDED
@@ -0,0 +1,85 @@
1
+ require "test/unit"
2
+ require "logger"
3
+ require "stringio"
4
+ require "rack"
5
+ require "rack/lobster"
6
+ require "unxf"
7
+
8
+ class TestUnXF < Test::Unit::TestCase
9
+
10
+ def setup
11
+ @env = nil
12
+ @io = StringIO.new
13
+ @req = { "rack.logger" => Logger.new(@io) }
14
+ app = lambda { |env| @env = env; [ 200, {}, [] ] }
15
+ @app = Rack::ContentLength.new(Rack::ContentType.new(app, 'text/plain'))
16
+ end
17
+
18
+ def test_single_proxy
19
+ req = Rack::MockRequest.new(UnXF.new(@app))
20
+ env = {
21
+ "HTTP_X_FORWARDED_FOR" => "0.6.6.6",
22
+ "REMOTE_ADDR" => "127.0.0.1",
23
+ }
24
+ r = req.get("http://example.com/", @req.merge(env))
25
+ assert_equal 200, r.status.to_i
26
+ assert_equal "0.6.6.6", @env["REMOTE_ADDR"]
27
+ assert ! @env.key?("HTTP_X_FORWARDED_FOR")
28
+ end
29
+
30
+ def test_multiple_proxies
31
+ req = Rack::MockRequest.new(UnXF.new(@app))
32
+ env = {
33
+ "HTTP_X_FORWARDED_FOR" => "0.6.6.6,192.168.1.1",
34
+ "REMOTE_ADDR" => "127.0.0.1",
35
+ }
36
+ r = req.get("http://example.com/", @req.merge(env))
37
+ assert_equal "0.6.6.6", @env["REMOTE_ADDR"]
38
+ assert_equal 200, r.status.to_i
39
+ assert ! @env.key?("HTTP_X_FORWARDED_FOR")
40
+ end
41
+
42
+ def test_spoofed
43
+ req = Rack::MockRequest.new(UnXF.new(@app))
44
+ env = {
45
+ "HTTP_X_FORWARDED_FOR" => "0.6.6.6",
46
+ "REMOTE_ADDR" => "227.0.0.1",
47
+ }
48
+ r = req.get("http://example.com/", @req.merge(env))
49
+ assert_equal r.status.to_i, 400
50
+ end
51
+
52
+ def test_trusted_chain
53
+ req = Rack::MockRequest.new(UnXF.new(@app))
54
+ env = {
55
+ "HTTP_X_FORWARDED_FOR" => "0.6.6.6,192.168.0.1",
56
+ "REMOTE_ADDR" => "127.0.0.1",
57
+ }
58
+ r = req.get("http://example.com/", @req.merge(env))
59
+ assert_equal 200, r.status.to_i
60
+ assert_equal "0.6.6.6", @env["REMOTE_ADDR"]
61
+ assert ! @env.key?("HTTP_X_FORWARDED_FOR")
62
+ end
63
+
64
+ def test_spoofed_in_chain
65
+ req = Rack::MockRequest.new(UnXF.new(@app))
66
+ env = {
67
+ "HTTP_X_FORWARDED_FOR" => "0.6.6.6,8.8.8.8",
68
+ "REMOTE_ADDR" => "127.0.0.1",
69
+ }
70
+ r = req.get("http://example.com/", @req.merge(env))
71
+ assert_equal r.status.to_i, 400
72
+ assert_match /0\.6\.6\.6,8\.8\.8\.8/, @io.string
73
+ end
74
+
75
+ def test_spoofed_null_safe
76
+ req = Rack::MockRequest.new(UnXF.new(@app))
77
+ env = {
78
+ "HTTP_X_FORWARDED_FOR" => "\0.6.6.6,8.8.8.8",
79
+ "REMOTE_ADDR" => "127.0.0.1",
80
+ }
81
+ r = req.get("http://example.com/", @req.merge(env))
82
+ assert_equal r.status.to_i, 400
83
+ assert_match /\\x00\.6\.6\.6,8\.8\.8\.8/, @io.string
84
+ end
85
+ end
data/unxf.gemspec ADDED
@@ -0,0 +1,27 @@
1
+ ENV["VERSION"] or abort "VERSION= must be specified"
2
+ manifest = File.readlines('.manifest').map! { |x| x.chomp! }
3
+ test_files = manifest.grep(%r{\Atest/test_.*\.rb\z})
4
+ require 'wrongdoc'
5
+ extend Wrongdoc::Gemspec
6
+ name, summary, title = readme_metadata
7
+
8
+ Gem::Specification.new do |s|
9
+ s.name = %q{unxf}
10
+ s.version = ENV["VERSION"].dup
11
+ s.homepage = Wrongdoc.config[:rdoc_url]
12
+ s.authors = ["#{name} hackers"]
13
+ s.date = Time.now.utc.strftime('%Y-%m-%d')
14
+ s.description = readme_description
15
+ s.email = %q{unxf@librelist.org}
16
+ s.extra_rdoc_files = extra_rdoc_files(manifest)
17
+ s.files = manifest
18
+ s.rdoc_options = rdoc_options
19
+ s.rubyforge_project = %q{rainbows}
20
+ s.summary = summary
21
+ s.test_files = test_files
22
+ s.add_dependency('rack', '~> 1.1')
23
+ s.add_development_dependency('wrongdoc', '~> 1.5')
24
+ s.add_development_dependency('rpatricia', '~> 0.07')
25
+
26
+ # s.license = %w(GPL) # disabled for compatibility with older RubyGems
27
+ end
metadata ADDED
@@ -0,0 +1,137 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: unxf
3
+ version: !ruby/object:Gem::Version
4
+ hash: 23
5
+ prerelease:
6
+ segments:
7
+ - 1
8
+ - 0
9
+ - 0
10
+ version: 1.0.0
11
+ platform: ruby
12
+ authors:
13
+ - UnXF hackers
14
+ autorequire:
15
+ bindir: bin
16
+ cert_chain: []
17
+
18
+ date: 2011-05-24 00:00:00 Z
19
+ dependencies:
20
+ - !ruby/object:Gem::Dependency
21
+ name: rack
22
+ prerelease: false
23
+ requirement: &id001 !ruby/object:Gem::Requirement
24
+ none: false
25
+ requirements:
26
+ - - ~>
27
+ - !ruby/object:Gem::Version
28
+ hash: 13
29
+ segments:
30
+ - 1
31
+ - 1
32
+ version: "1.1"
33
+ type: :runtime
34
+ version_requirements: *id001
35
+ - !ruby/object:Gem::Dependency
36
+ name: wrongdoc
37
+ prerelease: false
38
+ requirement: &id002 !ruby/object:Gem::Requirement
39
+ none: false
40
+ requirements:
41
+ - - ~>
42
+ - !ruby/object:Gem::Version
43
+ hash: 5
44
+ segments:
45
+ - 1
46
+ - 5
47
+ version: "1.5"
48
+ type: :development
49
+ version_requirements: *id002
50
+ - !ruby/object:Gem::Dependency
51
+ name: rpatricia
52
+ prerelease: false
53
+ requirement: &id003 !ruby/object:Gem::Requirement
54
+ none: false
55
+ requirements:
56
+ - - ~>
57
+ - !ruby/object:Gem::Version
58
+ hash: 5
59
+ segments:
60
+ - 0
61
+ - 7
62
+ version: "0.07"
63
+ type: :development
64
+ version_requirements: *id003
65
+ description: |-
66
+ Removes X-Forwarded-For in the Rack environment and replaces REMOTE_ADDR
67
+ with the correct value (assuming REMOTE_ADDR and the X-Forwarded-For
68
+ chain is provided).
69
+ email: unxf@librelist.org
70
+ executables: []
71
+
72
+ extensions: []
73
+
74
+ extra_rdoc_files:
75
+ - README
76
+ - NEWS
77
+ - ChangeLog
78
+ - LATEST
79
+ - lib/unxf.rb
80
+ - LICENSE
81
+ files:
82
+ - .document
83
+ - .gitignore
84
+ - .manifest
85
+ - .wrongdoc.yml
86
+ - COPYING
87
+ - ChangeLog
88
+ - GIT-VERSION-FILE
89
+ - GIT-VERSION-GEN
90
+ - GNUmakefile
91
+ - LATEST
92
+ - LICENSE
93
+ - NEWS
94
+ - README
95
+ - lib/unxf.rb
96
+ - pkg.mk
97
+ - setup.rb
98
+ - test/test_unxf.rb
99
+ - unxf.gemspec
100
+ homepage: http://bogomips.org/unxf/
101
+ licenses: []
102
+
103
+ post_install_message:
104
+ rdoc_options:
105
+ - -t
106
+ - UnXF - Un-X-Forward* the Rack environment
107
+ - -W
108
+ - http://bogomips.org/unxf.git/tree/%s
109
+ require_paths:
110
+ - lib
111
+ required_ruby_version: !ruby/object:Gem::Requirement
112
+ none: false
113
+ requirements:
114
+ - - ">="
115
+ - !ruby/object:Gem::Version
116
+ hash: 3
117
+ segments:
118
+ - 0
119
+ version: "0"
120
+ required_rubygems_version: !ruby/object:Gem::Requirement
121
+ none: false
122
+ requirements:
123
+ - - ">="
124
+ - !ruby/object:Gem::Version
125
+ hash: 3
126
+ segments:
127
+ - 0
128
+ version: "0"
129
+ requirements: []
130
+
131
+ rubyforge_project: rainbows
132
+ rubygems_version: 1.8.2
133
+ signing_key:
134
+ specification_version: 3
135
+ summary: Un-X-Forward* the Rack environment
136
+ test_files:
137
+ - test/test_unxf.rb