[Xfce4-commits] [www/forum.xfce.org] 30/79: Update to bad-behaviour 2.1.10.

noreply at xfce.org noreply at xfce.org
Tue May 21 14:48:25 CEST 2019 

This is an automated email from the git hooks/post-receive script.

s   k   u   n   n   y   k       p   u   s   h   e   d       a       c   o   m   m   i   t       t   o       b   r   a   n   c   h       o   l   d   f   o   r   u   m   
   in repository www/forum.xfce.org.

commit 35c4a05cff457b86ce4e2184018f19eaf59f0eec
Author: Nick Schermer <nick at xfce.org>
Date:   Sun Feb 13 11:15:36 2011 +0100

    Update to bad-behaviour 2.1.10.
---
 include/bad-behavior-fluxbb.php           | 34 +++++++++--------
 include/bad-behavior/banned.inc.php       |  2 -
 include/bad-behavior/blackhole.inc.php    |  5 ++-
 include/bad-behavior/blacklist.inc.php    |  2 -
 include/bad-behavior/browser.inc.php      |  2 -
 include/bad-behavior/cloudflare.inc.php   |  2 -
 include/bad-behavior/common_tests.inc.php |  2 -
 include/bad-behavior/core.inc.php         | 62 +++++++++++++++++++++++--------
 include/bad-behavior/functions.inc.php    |  3 +-
 include/bad-behavior/movabletype.inc.php  |  2 -
 include/bad-behavior/post.inc.php         |  4 +-
 include/bad-behavior/responses.inc.php    |  1 -
 include/bad-behavior/screener.inc.php     |  1 -
 include/bad-behavior/searchengine.inc.php |  2 -
 include/bad-behavior/whitelist.inc.php    |  2 -
 15 files changed, 71 insertions(+), 55 deletions(-)

diff --git a/include/bad-behavior-fluxbb.php b/include/bad-behavior-fluxbb.php
index a041590..8b33521 100644
--- a/include/bad-behavior-fluxbb.php
+++ b/include/bad-behavior-fluxbb.php
@@ -1,29 +1,30 @@
 <?php
 /*
-http://www.bad-behavior.ioerror.us/
-
 Bad Behavior - detects and blocks unwanted Web accesses
-Copyright (C) 2005 Michael Hampton
+Copyright (C) 2005,2006,2007,2008,2009,2010,2011 Michael Hampton
+
+Bad Behavior is free software; you can redistribute it and/or modify it under
+the terms of the GNU Lesser General Public License as published by the Free
+Software Foundation; either version 3 of the License, or (at your option) any
+later version.
 
-This program is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2 of the License, or
-(at your option) any later version.
+This program is distributed in the hope that it will be useful, but WITHOUT ANY
+WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
 
-This program is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-GNU General Public License for more details.
+You should have received a copy of the GNU Lesser General Public License along
+with this program. If not, see <http://www.gnu.org/licenses/>.
 
-You should have received a copy of the GNU General Public License
-along with this program; if not, write to the Free Software
-Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+Please report any problems to bad . bots AT ioerror DOT us
+http://www.bad-behavior.ioerror.us/
 */
 
 // This file is the entry point for Bad Behavior.
-
 if (!defined('PUN_ROOT')) exit;
 
+###############################################################################
+###############################################################################
+
 define('BB2_CWD', dirname(__FILE__));
 
 // Settings you can adjust for Bad Behavior.
@@ -38,6 +39,9 @@ $bb2_settings_defaults = array(
 	'httpbl_threat' => '25',
 	'httpbl_maxage' => '30',
 	'offsite_forms' => false,
+	'reverse_proxy' = false,
+	'reverse_proxy_header' => 'X-Forwarded-For',
+	'reverse_proxy_addresses' => array()
 );
 
 // Bad Behavior callback functions.
diff --git a/include/bad-behavior/banned.inc.php b/include/bad-behavior/banned.inc.php
index a92178a..476a366 100644
--- a/include/bad-behavior/banned.inc.php
+++ b/include/bad-behavior/banned.inc.php
@@ -61,5 +61,3 @@ function bb2_log_denial($settings, $package, $key, $previous_key=false)
 	if (!$settings['logging']) return;
 	bb2_db_query(bb2_insert($settings, $package, $key));
 }
-
-?>
diff --git a/include/bad-behavior/blackhole.inc.php b/include/bad-behavior/blackhole.inc.php
index f3bdff9..44e8d12 100644
--- a/include/bad-behavior/blackhole.inc.php
+++ b/include/bad-behavior/blackhole.inc.php
@@ -58,7 +58,10 @@ function bb2_httpbl($settings, $package) {
 		if ($ip[0] == 127 && ($ip[3] & 7) && $ip[2] >= $settings['httpbl_threat'] && $ip[1] <= $settings['httpbl_maxage']) {
 			return '2b021b1f';
 		}
+		// Check if search engine
+		if ($ip[3] == 0) {
+			return 1;
+		}
 	}
 	return false;
 }
-?>
diff --git a/include/bad-behavior/blacklist.inc.php b/include/bad-behavior/blacklist.inc.php
index 2b1c666..8b2723c 100644
--- a/include/bad-behavior/blacklist.inc.php
+++ b/include/bad-behavior/blacklist.inc.php
@@ -125,5 +125,3 @@ function bb2_blacklist($package) {
 
 	return FALSE;
 }
-
-?>
diff --git a/include/bad-behavior/browser.inc.php b/include/bad-behavior/browser.inc.php
index 773d6ef..b9c9aea 100644
--- a/include/bad-behavior/browser.inc.php
+++ b/include/bad-behavior/browser.inc.php
@@ -82,5 +82,3 @@ function bb2_safari($package)
 	}
 	return false;
 }
-
-?>
diff --git a/include/bad-behavior/cloudflare.inc.php b/include/bad-behavior/cloudflare.inc.php
index 99319f5..11f59ba 100644
--- a/include/bad-behavior/cloudflare.inc.php
+++ b/include/bad-behavior/cloudflare.inc.php
@@ -12,5 +12,3 @@ function bb2_cloudflare($package)
 #	}
 	return false;
 }
-
-?>
diff --git a/include/bad-behavior/common_tests.inc.php b/include/bad-behavior/common_tests.inc.php
index 2826ee5..abff3a3 100644
--- a/include/bad-behavior/common_tests.inc.php
+++ b/include/bad-behavior/common_tests.inc.php
@@ -146,5 +146,3 @@ function bb2_misc_headers($settings, $package)
 
 	return false;
 }
-
-?>
diff --git a/include/bad-behavior/core.inc.php b/include/bad-behavior/core.inc.php
index 663e44b..43205d1 100644
--- a/include/bad-behavior/core.inc.php
+++ b/include/bad-behavior/core.inc.php
@@ -1,5 +1,5 @@
 <?php if (!defined('BB2_CWD')) die("I said no cheating!");
-define('BB2_VERSION', "2.1.8");
+define('BB2_VERSION', "2.1.10");
 
 // Bad Behavior entry point is bb2_start()
 // If you're reading this, you are probably lost.
@@ -40,6 +40,19 @@ function bb2_approved($settings, $package)
 	}
 }
 
+// If this is reverse-proxied or load balanced, obtain the actual client IP
+function bb2_reverse_proxy($settings, $headers_mixed)
+{
+	$addrs = array_reverse(preg_split("/[\s,]+/", $headers_mixed[$settings['reverse_proxy_header']]));
+	if (!empty($settings['reverse_proxy_addresses'])) {
+		foreach ($addrs as $addr) {
+			if (!match_cidr($addr, $settings['reverse_proxy_addresses'])) {
+				return $addr;
+			}
+		}
+	}
+	return $addrs[0];
+}
 
 // Let God sort 'em out!
 function bb2_start($settings)
@@ -67,11 +80,15 @@ function bb2_start($settings)
 	$request_uri = $_SERVER["REQUEST_URI"];
 	if (!$request_uri) $request_uri = $_SERVER['SCRIPT_NAME'];	# IIS
 
-	# Nasty CloudFlare hack provided by butchs at simplemachines
-	$ip_temp = preg_replace("/^::ffff:/", "", (array_key_exists('Cf-Connecting-Ip', $headers_mixed)) ? $_SERVER['HTTP_CF_CONNECTING_IP'] : $_SERVER['REMOTE_ADDR']);
-	$cloudflare_ip = preg_replace("/^::ffff:/", "", $_SERVER['REMOTE_ADDR']);
+	if ($settings['reverse_proxy']) {
+		$headers['X-Bad-Behavior-Remote-Address'] = $_SERVER['REMOTE_ADDR'];
+		$headers_mixed['X-Bad-Behavior-Remote-Address'] = $_SERVER['REMOTE_ADDR'];
+		$ip = bb2_reverse_proxy($settings, $headers_mixed);
+	} else {
+		$ip = $_SERVER['REMOTE_ADDR'];
+	}
 
-	@$package = array('ip' => $ip_temp, 'headers' => $headers, 'headers_mixed' => $headers_mixed, 'request_method' => $_SERVER['REQUEST_METHOD'], 'request_uri' => $request_uri, 'server_protocol' => $_SERVER['SERVER_PROTOCOL'], 'request_entity' => $request_entity, 'user_agent' => $_SERVER['HTTP_USER_AGENT'], 'is_browser' => false, 'cloudflare' => $cloudflare_ip);
+	@$package = array('ip' => $ip, 'headers' => $headers, 'headers_mixed' => $headers_mixed, 'request_method' => $_SERVER['REQUEST_METHOD'], 'request_uri' => $request_uri, 'server_protocol' => $_SERVER['SERVER_PROTOCOL'], 'request_entity' => $request_entity, 'user_agent' => $_SERVER['HTTP_USER_AGENT'], 'is_browser' => false,);
 
 	$result = bb2_screen($settings, $package);
 	if ($result && !defined('BB2_TEST')) bb2_banned($settings, $package, $result);
@@ -104,7 +121,10 @@ function bb2_screen($settings, $package)
 
 		// Check the http:BL
 		require_once(BB2_CORE . "/blackhole.inc.php");
-		if ($r = bb2_httpbl($settings, $package)) return $r;
+		if ($r = bb2_httpbl($settings, $package)) {
+			if ($r == 1) return false;	# whitelisted
+			return $r;
+		}
 
 		// Check for common stuff
 		require_once(BB2_CORE . "/common_tests.inc.php");
@@ -114,6 +134,26 @@ function bb2_screen($settings, $package)
 
 		// Specific checks
 		@$ua = $package['user_agent'];
+		// Search engine checks come first
+		if (stripos($ua, "bingbot") !== FALSE || stripos($ua, "msnbot") !== FALSE || stripos($ua, "MS Search") !== FALSE) {
+			require_once(BB2_CORE . "/searchengine.inc.php");
+			if ($r = bb2_msnbot($package)) {
+				if ($r == 1) return false;	# whitelisted
+				return $r;
+			}
+		} elseif (stripos($ua, "Googlebot") !== FALSE || stripos($ua, "Mediapartners-Google") !== FALSE || stripos($ua, "Google Wireless") !== FALSE) {
+			require_once(BB2_CORE . "/searchengine.inc.php");
+			if ($r = bb2_google($package)) {
+				if ($r == 1) return false;	# whitelisted
+				return $r;
+			}
+		} elseif (stripos($ua, "Yahoo! Slurp") !== FALSE || stripos($ua, "Yahoo! SearchMonkey") !== FALSE) {
+			require_once(BB2_CORE . "/searchengine.inc.php");
+			if ($r = bb2_yahoo($package)) {
+				if ($r == 1) return false;	# whitelisted
+				return $r;
+			}
+		}
 		// MSIE checks
 		if (stripos($ua, "; MSIE") !== FALSE) {
 			$package['is_browser'] = true;
@@ -142,15 +182,6 @@ function bb2_screen($settings, $package)
 		} elseif (stripos($ua, "MovableType") !== FALSE) {
 			require_once(BB2_CORE . "/movabletype.inc.php");
 			if ($r = bb2_movabletype($package)) return $r;
-		} elseif (stripos($ua, "msnbot") !== FALSE || stripos($ua, "MS Search") !== FALSE) {
-			require_once(BB2_CORE . "/searchengine.inc.php");
-			if ($r = bb2_msnbot($package)) return $r;
-		} elseif (stripos($ua, "Googlebot") !== FALSE || stripos($ua, "Mediapartners-Google") !== FALSE || stripos($ua, "Google Wireless") !== FALSE) {
-			require_once(BB2_CORE . "/searchengine.inc.php");
-			if ($r = bb2_google($package)) return $r;
-		} elseif (stripos($ua, "Yahoo! Slurp") !== FALSE || stripos($ua, "Yahoo! SearchMonkey") !== FALSE) {
-			require_once(BB2_CORE . "/searchengine.inc.php");
-			if ($r = bb2_yahoo($package)) return $r;
 		} elseif (stripos($ua, "Mozilla") !== FALSE && stripos($ua, "Mozilla") == 0) {
 			$package['is_browser'] = true;
 			require_once(BB2_CORE . "/browser.inc.php");
@@ -172,4 +203,3 @@ function bb2_screen($settings, $package)
 	bb2_approved($settings, $package);
 	return false;
 }
-?>
diff --git a/include/bad-behavior/functions.inc.php b/include/bad-behavior/functions.inc.php
index 436cf6a..9833805 100644
--- a/include/bad-behavior/functions.inc.php
+++ b/include/bad-behavior/functions.inc.php
@@ -46,6 +46,7 @@ function match_cidr($addr, $cidr) {
 		foreach ($cidr as $cidrlet) {
 			if (match_cidr($addr, $cidrlet)) {
 				$output = true;
+				break;
 			}
 		}
 	} else {
@@ -71,5 +72,3 @@ function bb2_load_headers() {
 	}
 	return $headers;
 }
-
-?>
diff --git a/include/bad-behavior/movabletype.inc.php b/include/bad-behavior/movabletype.inc.php
index b15fe9c..04c4625 100644
--- a/include/bad-behavior/movabletype.inc.php
+++ b/include/bad-behavior/movabletype.inc.php
@@ -10,5 +10,3 @@ function bb2_movabletype($package)
 	}
 	return false;
 }
-
-?>
diff --git a/include/bad-behavior/post.inc.php b/include/bad-behavior/post.inc.php
index e1d8ffa..39f7d34 100644
--- a/include/bad-behavior/post.inc.php
+++ b/include/bad-behavior/post.inc.php
@@ -54,7 +54,7 @@ function bb2_post($settings, $package)
 	}
 
 	// If Referer exists, it should refer to a page on our site
-	if ($settings['offsite_forms'] && array_key_exists('Referer', $package['headers_mixed']) && stripos($package['headers_mixed']['Referer'], $package['headers_mixed']['Host']) === FALSE) {
+	if (!$settings['offsite_forms'] && array_key_exists('Referer', $package['headers_mixed']) && stripos($package['headers_mixed']['Referer'], $package['headers_mixed']['Host']) === FALSE) {
 		return "cd361abb";
 	}
 
@@ -100,5 +100,3 @@ function bb2_post($settings, $package)
 
 	return false;
 }
-
-?>
diff --git a/include/bad-behavior/responses.inc.php b/include/bad-behavior/responses.inc.php
index 48e9702..139641c 100644
--- a/include/bad-behavior/responses.inc.php
+++ b/include/bad-behavior/responses.inc.php
@@ -49,4 +49,3 @@ function bb2_get_response($key) {
 	if (array_key_exists($key, $bb2_responses)) return $bb2_responses[$key];
 	return array('00000000');
 }
-?>
diff --git a/include/bad-behavior/screener.inc.php b/include/bad-behavior/screener.inc.php
index 55da198..8f5a624 100644
--- a/include/bad-behavior/screener.inc.php
+++ b/include/bad-behavior/screener.inc.php
@@ -60,4 +60,3 @@ function bb2_screener($settings, $package)
 	bb2_screener_cookie($settings, $package, BB2_COOKIE, $cookie_value);
 	bb2_screener_javascript($settings, $package, BB2_COOKIE, $cookie_value);
 }
-?>
diff --git a/include/bad-behavior/searchengine.inc.php b/include/bad-behavior/searchengine.inc.php
index 582bf0f..9013dd7 100644
--- a/include/bad-behavior/searchengine.inc.php
+++ b/include/bad-behavior/searchengine.inc.php
@@ -43,5 +43,3 @@ function bb2_yahoo($package)
 #	}
 	return false;
 }
-
-?>
diff --git a/include/bad-behavior/whitelist.inc.php b/include/bad-behavior/whitelist.inc.php
index 6fa023f..ac35af6 100644
--- a/include/bad-behavior/whitelist.inc.php
+++ b/include/bad-behavior/whitelist.inc.php
@@ -26,5 +26,3 @@ function bb2_whitelist($package)
 	}
 	return false;
 }
-
-?>

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.

More information about the Xfce4-commits mailing list