From 354be95608aac6c1a5d638208b5e6ddc7ad95c96 Mon Sep 17 00:00:00 2001 From: Bryan Davis Date: Wed, 13 Nov 2013 09:38:58 -0700 Subject: [PATCH] Skip IP::isInRange() test if input is not in CIDR notation IP:isInRange() performs several moderately expensive tests via regular expression matching that can cause unwanted load with a sufficiently complicated runtime configuration. Check the $wgSquidServersNoPurge value to see if it includes the CIDR mask separator token ('/') before continuing on to perform those more expensive tests. Follows up Ia81bed7d8b42a2d2b200a3ce45a74e3784cdca2a Bug: 52829 Change-Id: Ia557cb54f3a1bf67c8282140ab748369faa83028 --- includes/DefaultSettings.php | 1 + includes/ProxyTools.php | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php index 2d1ddcb2c4..5a1e82fa1a 100644 --- a/includes/DefaultSettings.php +++ b/includes/DefaultSettings.php @@ -2287,6 +2287,7 @@ $wgSquidServers = array(); * As above, except these servers aren't purged on page changes; use to set a * list of trusted proxies, etc. Supports both individual IP addresses and * CIDR blocks. + * @since 1.23 Supports CIDR ranges */ $wgSquidServersNoPurge = array(); diff --git a/includes/ProxyTools.php b/includes/ProxyTools.php index ae7e9531f4..a0f9e5f6dd 100644 --- a/includes/ProxyTools.php +++ b/includes/ProxyTools.php @@ -77,6 +77,7 @@ function wfIsTrustedProxy( $ip ) { * Checks if an IP matches a proxy we've configured. * @param $ip String * @return bool + * @since 1.23 Supports CIDR ranges in $wgSquidServersNoPurge */ function wfIsConfiguredProxy( $ip ) { global $wgSquidServers, $wgSquidServersNoPurge; @@ -89,7 +90,7 @@ function wfIsConfiguredProxy( $ip ) { // slightly slower check to see if the ip is listed directly or in a CIDR // block in $wgSquidServersNoPurge foreach ( $wgSquidServersNoPurge as $block ) { - if ( IP::isInRange( $ip, $block ) ) { + if ( strpos( $block, '/' ) !== false && IP::isInRange( $ip, $block ) ) { $trusted = true; break; } -- 2.20.1