npm - mybase - Versions diffs - 1.0.48 → 1.0.49 - Mend

mybase 1.0.48 → 1.0.49

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/README.md +3 -0
package/jest/isLANIp.test.js +36 -0
package/jest/isLoopbackIP.test.js +32 -0
package/mybase.js +84 -1
package/package.json +5 -1

package/README.md CHANGED Viewed

@@ -43,6 +43,9 @@ var { isLocal } = require('mybase')
 ### decryptAES_CBC_NOIV(encryptedHex, encryptionKey)
 ### encryptAES_CBC_NOIV(plainString, encryptionKey)
 ### hash_sha512(plain)
+### isReservedLANIP(address4_or_6)
+### isLANIp(address4_or_6)
+### isLoopbackIP(address4_or_6)
 ```
     var handle = await maxmindOpen(config.geoip.country)
 ```

package/jest/isLANIp.test.js ADDED Viewed

@@ -0,0 +1,36 @@
+const { isLANIp } = require('./../mybase');
+test('should return true for private IPv4', () => {
+    const ip = '192.168.1.1';
+    expect(isLANIp(ip)).toBe(true);
+});
+test('should return true for private IPv6', () => {
+    const ip = 'fd00::';
+    expect(isLANIp(ip)).toBe(true);
+});
+test('should return null for public IPv4', () => {
+    const ip = '8.8.8.8';
+    expect(isLANIp(ip)).toBe(null);
+});
+test('should return null for public IPv6', () => {
+    const ip = '2001:4860:4860::8888';
+    expect(isLANIp(ip)).toBe(null);
+});
+test('should return false for invalid IP', () => {
+    const ip = 'invalid';
+    expect(isLANIp(ip)).toBe(false);
+});
+test('should return false for invalid IP', () => {
+    const ip = '1.2.3';
+    expect(isLANIp(ip)).toBe(false);
+});
+test('should return null for non private IPv6', () => {
+    const ip = '::2';
+    expect(isLANIp(ip)).toBe(null);
+});

package/jest/isLoopbackIP.test.js ADDED Viewed

@@ -0,0 +1,32 @@
+const { isLoopbackIP } = require('./../mybase'); // adjust the path to mybase.js
+test('should return true for local IPv4', () => {
+    const ip = '127.0.0.1';
+    expect(isLoopbackIP(ip)).toBe(true);
+});
+test('should return true for local IPv4', () => {
+    const ip = '127.127.127.127';
+    expect(isLoopbackIP(ip)).toBe(true);
+});
+test('should return true for local IPv6', () => {
+    const ip = '::1';
+    expect(isLoopbackIP(ip)).toBe(true);
+});
+test('should return null for non-local IPv4', () => {
+    const ip = '8.8.8.8';
+    expect(isLoopbackIP(ip)).toBe(null);
+});
+test('should return null for non-local IPv6', () => {
+    const ip = '2001:4860:4860::8888';
+    expect(isLoopbackIP(ip)).toBe(null);
+});
+test('should return false for invalid IP', () => {
+    const ip = 'invalid';
+    expect(isLoopbackIP(ip)).toBe(false);
+});

package/mybase.js CHANGED Viewed

@@ -10,6 +10,15 @@ const _validURL = require('@7c/validurl')
 const { match } = require('assert');
 const validator = require('validator')
 const sha512 = require('js-sha512')
+const ip6addr = require('ip6addr')
+const private_network_cidrs = [ip6addr.createCIDR('10.0.0.0/8')
+            ,ip6addr.createCIDR('172.16.0.0/12')
+            ,ip6addr.createCIDR('192.168.0.0/16')
+            ,ip6addr.createCIDR('fd00::/8')
+        ]
+const local_network_cidrs = [ip6addr.createCIDR('127.0.0.0/8')
+        ,ip6addr.createCIDR('::1/128')]
 // create cache folder if not exists
 let vault_cache_folder = '/var/tmp/vault-cache'
@@ -31,6 +40,52 @@ function hash_sha512(plain) {
     return false
 }
+function normalizeIp(ip) {
+    // also support ipv6
+    if (net.isIP(ip) === 0) return false;
+    if (net.isIPv6(ip)) return ip.toLowerCase().replace(/^::ffff:/, '');
+    return ip;
+}
+function isLoopbackIP(ip) {
+    ip=normalizeIp(ip)
+    if (net.isIP(ip) === 0) return false
+    try {
+        // speed optimized
+        let ipVersion = net.isIPv4(ip) ? 'ipv4' : 'ipv6'
+        for (let cidr of local_network_cidrs) {
+            let first = cidr.first()
+            if (first.kind() !== ipVersion) continue
+            if (cidr.contains(ip))
+                return true
+        }
+        return null
+    } catch (err) {
+        console.log(err)
+    }
+    return false
+}
+function isLANIp(ip) {
+    ip=normalizeIp(ip)
+    if (net.isIP(ip) === 0) return false
+    try {
+        // speed optimized
+        let ipVersion = net.isIPv4(ip) ? 'ipv4' : 'ipv6'
+        for (let cidr of private_network_cidrs) {
+            let first = cidr.first()
+            if (first.kind() !== ipVersion) continue
+            if (cidr.contains(ip))
+                return true
+        }
+        return null
+    } catch (err) {
+        console.log(err)
+    }
+    return false
+}
 function validHPassword(hpassword) { return (hpassword && hpassword.length === 128 && hpassword.search(/^[a-f0-9]+$/) == 0) }
 function randomHPassword(length=10) {
     let plain = randomString(length)
@@ -589,6 +644,7 @@ function int2ip (ipInt) {
 function ip2int(ip) {
     return ip.split('.').reduce(function(ipInt, octet) { return (ipInt<<8) + parseInt(octet, 10)}, 0) >>> 0;
 }
 function encryptAES_CBC_NOIV(plainString, encryptionKey) {
     try {
         const key = aesjs.utils.utf8.toBytes(encryptionKey); // 16,32 Bytes = 128,256 bits = AES128,AES256
@@ -602,6 +658,10 @@ function encryptAES_CBC_NOIV(plainString, encryptionKey) {
     }
 }
 function decryptAES_CBC_NOIV(encryptedHex, encryptionKey) {
     try {
         const key = aesjs.utils.utf8.toBytes(encryptionKey); // 16,32 Bytes = 128,256 bits = AES128,AES256
@@ -616,6 +676,26 @@ function decryptAES_CBC_NOIV(encryptedHex, encryptionKey) {
     }
 }
+function isReservedLANIP(address) {
+    // Define the reserved LAN IP ranges for IPv4 and IPv6.
+    const reservedLANIPRanges = [
+      '127.0.0.0/8',      // Private IPv4 network
+      '10.0.0.0/8',      // Private IPv4 network
+      '172.16.0.0/12',   // Private IPv4 network
+      '192.168.0.0/16',  // Private IPv4 network
+      '100.64.0.0/10',   // Carrier-Grade NAT (CGN)
+      'fd00::/8',        // Unique local address for IPv6
+    ];
+    // Normalize the IP address to expand any IPv6 shorthand notation.
+    if (net.isIPv6(address))
+        normalizedAddress = ip6.normalize(address);
+    else normalizedAddress = address;
+    // Check if the IP address is in the reserved LAN IP range.
+    return ipRangeCheck(normalizedAddress, reservedLANIPRanges);
+  }
 module.exports = {
     encryptAES_CBC_NOIV,
     decryptAES_CBC_NOIV,
@@ -657,5 +737,8 @@ module.exports = {
     Geoip2Paths,
     randomHPassword,
     isURL,
-    hash_sha512
+    hash_sha512,
+    isReservedLANIP,
+    isLANIp,
+    isLoopbackIP
 }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "mybase",
-  "version": "1.0.48",
+  "version": "1.0.49",
   "description": "",
   "main": "mybase.js",
   "scripts": {
@@ -13,12 +13,16 @@
     "aes-js": "^3.1.2",
     "chalk": "^3.0.0",
     "debug": "^4.3.1",
+    "ip-range-check": "^0.2.0",
+    "ip6": "=0.2.7",
+    "ip6addr": "^0.2.5",
     "js-sha512": "^0.8.0",
     "punycode": "^2.1.1",
     "validator": "^13.7.0"
   },
   "devDependencies": {
     "chai": "^4.2.0",
+    "jest": "^29.7.0",
     "mocha": "^8.2.1",
     "should": "^13.2.3"
   }