summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--program/include/rcube_utils.php52
-rw-r--r--program/js/common.js4
-rw-r--r--tests/Utils.php17
3 files changed, 66 insertions, 7 deletions
diff --git a/program/include/rcube_utils.php b/program/include/rcube_utils.php
index 9f18b79c4..defb2aed1 100644
--- a/program/include/rcube_utils.php
+++ b/program/include/rcube_utils.php
@@ -92,9 +92,9 @@ class rcube_utils
return false;
}
- // Check domain part
- if (preg_match('/^\[*(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])(\.(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])){3}\]*$/', $domain_part)) {
- return true; // IP address
+ // Validate domain part
+ if (preg_match('/^\[((IPv6:[0-9a-f:.]+)|([0-9.]+))\]$/i', $domain_part, $matches)) {
+ return self::ip_check(preg_replace('/^IPv6:/i', '', $matches[1])); // valid IPv4 or IPv6 address
}
else {
// If not an IP address
@@ -146,6 +146,52 @@ class rcube_utils
return false;
}
+
+ /**
+ * Validates IPv4 or IPv6 address
+ *
+ * @param string $ip IP address in v4 or v6 format
+ *
+ * @return bool True if the address is valid
+ */
+ public static function ip_check($ip)
+ {
+ // IPv6, but there's no build-in IPv6 support
+ if (strpos($ip, ':') !== false && !defined('AF_INET6')) {
+ $parts = explode(':', $domain_part);
+ $count = count($parts);
+
+ if ($count > 8 || $count < 2) {
+ return false;
+ }
+
+ foreach ($parts as $idx => $part) {
+ $length = strlen($part);
+ if (!$length) {
+ // there can be only one ::
+ if ($found_empty) {
+ return false;
+ }
+ $found_empty = true;
+ }
+ // last part can be an IPv4 address
+ else if ($idx == $count - 1) {
+ if (!preg_match('/^[0-9a-f]{1,4}$/i', $part)) {
+ return @inet_pton($part) !== false;
+ }
+ }
+ else if (!preg_match('/^[0-9a-f]{1,4}$/i', $part)) {
+ return false;
+ }
+ }
+
+ return true;
+ }
+
+ return @inet_pton($ip) !== false;
+ }
+
+
/**
* Check whether the HTTP referer matches the current request
*
diff --git a/program/js/common.js b/program/js/common.js
index 2d8d9e176..f9e945c05 100644
--- a/program/js/common.js
+++ b/program/js/common.js
@@ -494,7 +494,9 @@ function rcube_check_email(input, inline)
atom = '[^\\x00-\\x20\\x22\\x28\\x29\\x2c\\x2e\\x3a-\\x3c\\x3e\\x40\\x5b-\\x5d\\x7f-\\xff]+',
quoted_pair = '\\x5c[\\x00-\\x7f]',
quoted_string = '\\x22('+qtext+'|'+quoted_pair+')*\\x22',
- ip_addr = '\\[*(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])(\.(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])){3}\\]*',
+ ipv4 = '\\[(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])(\.(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])){3}\\]',
+ ipv6 = '\\[IPv6:[0-9a-f:.]+\\]',
+ ip_addr = '(' + ipv4 + ')|(' + ipv6 + ')',
// Use simplified domain matching, because we need to allow Unicode characters here
// So, e-mail address should be validated also on server side after idn_to_ascii() use
//domain_literal = '\\x5b('+dtext+'|'+quoted_pair+')*\\x5d',
diff --git a/tests/Utils.php b/tests/Utils.php
index 648b39989..ad0aa1dde 100644
--- a/tests/Utils.php
+++ b/tests/Utils.php
@@ -18,8 +18,10 @@ class Utils extends PHPUnit_Framework_TestCase
array('firstname.lastname@domain.com', 'Email contains dot in the address field'),
array('email@subdomain.domain.com', 'Email contains dot with subdomain'),
array('firstname+lastname@domain.com', 'Plus sign is considered valid character'),
- array('email@123.123.123.123', 'Domain is valid IP address'),
- array('email@[123.123.123.123]', 'Square bracket around IP address is considered valid'),
+ array('email@[123.123.123.123]', 'Square bracket around IP address'),
+ array('email@[IPv6:::1]', 'Square bracket around IPv6 address (1)'),
+ array('email@[IPv6:::1.2.3.4]', 'Square bracket around IPv6 address (2)'),
+ array('email@[IPv6:2001:2d12:c4fe:5afe::1]', 'Square bracket around IPv6 address (3)'),
array('"email"@domain.com', 'Quotes around email is considered valid'),
array('1234567890@domain.com', 'Digits in address are valid'),
array('email@domain-one.com', 'Dash in domain name is valid'),
@@ -50,7 +52,16 @@ class Utils extends PHPUnit_Framework_TestCase
array('email@domain', 'Missing top level domain (.com/.net/.org/etc)'),
array('email@-domain.com', 'Leading dash in front of domain is invalid'),
// array('email@domain.web', '.web is not a valid top level domain'),
- array('email@111.222.333.44444', 'Invalid IP format'),
+ array('email@123.123.123.123', 'IP address without brackets'),
+ array('email@2001:2d12:c4fe:5afe::1', 'IPv6 address without brackets'),
+ array('email@IPv6:2001:2d12:c4fe:5afe::1', 'IPv6 address without brackets (2)'),
+ array('email@[111.222.333.44444]', 'Invalid IP format'),
+ array('email@[111.222.255.257]', 'Invalid IP format (2)'),
+ array('email@[.222.255.257]', 'Invalid IP format (3)'),
+ array('email@[::1]', 'Invalid IPv6 format (1)'),
+ array('email@[IPv6:2001:23x2:1]', 'Invalid IPv6 format (2)'),
+ array('email@[IPv6:1111:2222:33333::4444:5555]', 'Invalid IPv6 format (3)'),
+ array('email@[IPv6:1111::3333::4444:5555]', 'Invalid IPv6 format (4)'),
array('email@domain..com', 'Multiple dot in the domain portion is invalid'),
);
}