SimpleSAML\Utils\Net Class Reference

Collaboration diagram for SimpleSAML\Utils\Net:

Static Public Member Functions
static	ipCIDRcheck ($cidr, $ip=null)
	Check whether an IP address is part of a CIDR. More...

Detailed Description

Definition at line 9 of file Net.php.

Member Function Documentation

ipCIDRcheck()

static SimpleSAML\Utils\Net::ipCIDRcheck (   $cidr,   $ip = null  )

static

Check whether an IP address is part of a CIDR.

Parameters

string	$cidr	The network CIDR address.
string	$ip	The IP address to check. Optional. Current remote address will be used if none specified. Do not rely on default parameter if running behind load balancers.

Returns

boolean True if the IP address belongs to the specified CIDR, false otherwise.

Author

Andreas Åkre Solberg, UNINETT AS andre.nosp@m.as.s.nosp@m.olber.nosp@m.g@un.nosp@m.inett.nosp@m..no

Olav Morken, UNINETT AS olav..nosp@m.mork.nosp@m.en@un.nosp@m.inet.nosp@m.t.no

Brook Schofield, GÉANT

Jaime Perez, UNINETT AS jaime.nosp@m..per.nosp@m.ez@un.nosp@m.inet.nosp@m.t.no

Definition at line 26 of file Net.php.

References $_SERVER, $i, and $mask.

Referenced by sspmod_negotiate_Auth_Source_Negotiate\checkMask(), and SimpleSAML_Utilities\ipCIDRcheck().

    {
        if ($ip === null) {
            $ip = $_SERVER['REMOTE_ADDR'];
        }
        if (strpos($cidr, '/') === false) {
            return false;
        }

        list ($net, $mask) = explode('/', $cidr);
        $mask = intval($mask);

        $ip_ip = array();
        $ip_net = array();
        if (strstr($ip, ':') || strstr($net, ':')) {
            // Validate IPv6 with inet_pton, convert to hex with bin2hex
            // then store as a long with hexdec

            $ip_pack = @inet_pton($ip);
            $net_pack = @inet_pton($net);

            if ($ip_pack === false || $net_pack === false) {
                // not valid IPv6 address (warning silenced)
                return false;
            }

            $ip_ip = str_split(bin2hex($ip_pack), 8);
            foreach ($ip_ip as &$value) {
                $value = hexdec($value);
            }

            $ip_net = str_split(bin2hex($net_pack), 8);
            foreach ($ip_net as &$value) {
                $value = hexdec($value);
            }
        } else {
            $ip_ip[0] = ip2long($ip);
            $ip_net[0] = ip2long($net);
        }

        for ($i = 0; $mask > 0 && $i < sizeof($ip_ip); $i++) {
            if ($mask > 32) {
                $iteration_mask = 32;
            } else {
                $iteration_mask = $mask;
            }
            $mask -= 32;

            $ip_mask = ~((1 << (32 - $iteration_mask)) - 1);

            $ip_net_mask = $ip_net[$i] & $ip_mask;
            $ip_ip_mask = $ip_ip[$i] & $ip_mask;

            if ($ip_ip_mask != $ip_net_mask) {
                return false;
            }
        }
        return true;
    }

Here is the caller graph for this function:

---

The documentation for this class was generated from the following file:

• libs/composer/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Utils/Net.php