From 468e87651a2ff2a426b9630a36d1c6bf2a38e329 Mon Sep 17 00:00:00 2001 From: Alexandre Emsenhuber Date: Wed, 30 Dec 2009 12:32:40 +0000 Subject: [PATCH] Per Tim Starling, fixes for r58061: * renamed $wgEnableSorbs to $wgEnableDnsBlacklist and $wgSorbsUrl to $wgDnsBlacklistUrls (backward compatibility kept) * renamed User::inSorbsBlacklist() to User::isDnsBlacklisted() --- RELEASE-NOTES | 5 ++++- includes/DefaultSettings.php | 20 +++++++++++++++++--- includes/User.php | 24 ++++++++++++++++-------- includes/specials/SpecialUserlogin.php | 5 +---- 4 files changed, 38 insertions(+), 16 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 97374de766..bee3cadc1a 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -68,7 +68,8 @@ it from source control: http://www.mediawiki.org/wiki/Download_from_SVN * $wgUploadMaintenance added to disable file deletions and restorations during maintenance * $wgCapitalLinkOverrides added to configure per-namespace capitalization -* (bug 21172) $wgSorbsUrl can now be an array with multiple DNSBL +* (bug 21172) $wgSorbsUrl can now be an array with multiple DNSBL and renamed + to $wgDnsBlacklistUrls (backward compatibility kept) * $wgEnableHtmlDiff has been removed * (bug 3340) $wgBlockCIDRLimit added (default: 16) to configure the low end of CIDR ranges for blocking @@ -78,6 +79,8 @@ it from source control: http://www.mediawiki.org/wiki/Download_from_SVN * $wgDBAhandler added to choose a DBA handler when using CACHE_DBA * $wgPreviewOnOpenNamespaces for extensions that create namespaces that behave similarly to the category namespace. +* $wgEnableSorbs renamed to $wgDnsBlacklistUrls ($wgEnableSorbs kept for + backward compatibility) === New features in 1.16 === diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php index 2e239d3592..51cccfdb16 100644 --- a/includes/DefaultSettings.php +++ b/includes/DefaultSettings.php @@ -3494,14 +3494,28 @@ $wgDisableHardRedirects = false; $wgEnableTooltipsAndAccesskeys = true; /** - * Whether to use DNS blacklists in $wgSorbsUrl to check for open proxies + * Whether to use DNS blacklists in $wgDnsBlacklistUrls to check for open proxies + * @since 1.16 + */ +$wgEnableDnsBlacklist = false; + +/** + * @deprecated Use $wgEnableDnsBlacklist instead, only kept for backward + * compatibility */ $wgEnableSorbs = false; /** - * List of DNS blacklists to use, if $wgEnableSorbs is true + * List of DNS blacklists to use, if $wgEnableDnsBlacklist is true + * @since 1.16 + */ +$wgDnsBlacklistUrls = array( 'http.dnsbl.sorbs.net.' ); + +/** + * @deprecated Use $wgDnsBlacklistUrls instead, only kept for backward + * compatibility */ -$wgSorbsUrl = array( 'http.dnsbl.sorbs.net.' ); +$wgSorbsUrl = array(); /** * Proxy whitelist, list of addresses that are assumed to be non-proxy despite diff --git a/includes/User.php b/includes/User.php index 20c0365f8b..68eb4b3d23 100644 --- a/includes/User.php +++ b/includes/User.php @@ -1100,7 +1100,7 @@ class User { * done against master. */ function getBlockedStatus( $bFromSlave = true ) { - global $wgEnableSorbs, $wgProxyWhitelist, $wgUser; + global $wgProxyWhitelist, $wgUser; if ( -1 != $this->mBlockedby ) { wfDebug( "User::getBlockedStatus: already loaded.\n" ); @@ -1168,8 +1168,8 @@ class User { } # DNSBL - if ( !$this->mBlockedby && $wgEnableSorbs && !$this->getID() ) { - if ( $this->inSorbsBlacklist( $ip ) ) { + if ( !$this->mBlockedby && !$this->getID() ) { + if ( $this->isDnsBlacklisted( $ip ) ) { $this->mBlockedby = wfMsg( 'sorbs' ); $this->mBlockreason = wfMsg( 'sorbsreason' ); } @@ -1183,16 +1183,24 @@ class User { } /** - * Whether the given IP is in the SORBS blacklist. + * Whether the given IP is in a DNS blacklist. * * @param $ip \string IP to check + * @param $checkWhitelist Boolean: whether to check the whitelist first * @return \bool True if blacklisted. */ - function inSorbsBlacklist( $ip ) { - global $wgEnableSorbs, $wgSorbsUrl; + function isDnsBlacklisted( $ip, $checkWhitelist = false ) { + global $wgEnableSorbs, $wgEnableDnsBlacklist, + $wgSorbsUrl, $wgDnsBlacklistUrls, $wgProxyWhitelist; - return $wgEnableSorbs && - $this->inDnsBlacklist( $ip, $wgSorbsUrl ); + if ( !$wgEnableDnsBlacklist && !$wgEnableSorbs ) + return false; + + if ( $checkWhitelist && in_array( $ip, $wgProxyWhitelist ) ) + return false; + + $urls = array_merge( $wgDnsBlacklistUrls, (array)$wgSorbsUrl ); + return $this->inDnsBlacklist( $ip, $urls ); } /** diff --git a/includes/specials/SpecialUserlogin.php b/includes/specials/SpecialUserlogin.php index 554e5f8321..1ba44d476d 100644 --- a/includes/specials/SpecialUserlogin.php +++ b/includes/specials/SpecialUserlogin.php @@ -219,7 +219,6 @@ class LoginForm { */ function addNewAccountInternal() { global $wgUser, $wgOut; - global $wgEnableSorbs, $wgProxyWhitelist; global $wgMemc, $wgAccountCreationThrottle; global $wgAuth, $wgMinimalPasswordLength; global $wgEmailConfirmToEdit; @@ -257,9 +256,7 @@ class LoginForm { } $ip = wfGetIP(); - if ( $wgEnableSorbs && !in_array( $ip, $wgProxyWhitelist ) && - $wgUser->inSorbsBlacklist( $ip ) ) - { + if ( $wgUser->isDnsBlacklisted( $ip, true /* check $wgProxyWhitelist */ ) ) { $this->mainLoginForm( wfMsg( 'sorbs_create_account_reason' ) . ' (' . htmlspecialchars( $ip ) . ')' ); return; } -- 2.20.1