forked from jpvincent/WPT-server
/
check_installer.php
123 lines (115 loc) · 3.35 KB
/
check_installer.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
<?php
if(extension_loaded('newrelic')) {
newrelic_add_custom_tracer('ApcCheckIp');
newrelic_add_custom_tracer('CheckIp');
}
include 'common_lib.inc';
error_reporting(E_ERROR | E_PARSE);
$has_apc = function_exists('apc_fetch') && function_exists('apc_store');
$ok = false;
if (isset($_REQUEST['installer']) && isset($_SERVER['REMOTE_ADDR'])) {
$installer = $_REQUEST['installer'];
if (preg_match('/^(software|browsers\/[-_a-zA-Z0-9]+)\.dat$/', $installer)) {
$ok = $has_apc ? ApcCheckIp($installer) : CheckIp($installer);
}
}
if ($ok) {
$file = __DIR__ . '/installers/' . $installer;
$data = $has_apc ? apc_fetch("installer-$installer") : null;
if (!$data && is_file($file)) {
$data = file_get_contents($file);
if ($has_apc)
apc_store("installer-$installer", $data, 600);
}
if (isset($data) && strlen($data)) {
header("Content-type: text/plain");
header("Cache-Control: no-cache, must-revalidate");
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
echo $data;
} else {
header('HTTP/1.0 404 Not Found');
}
} else {
header('HTTP/1.0 403 Forbidden');
}
function ApcCheckIp($installer) {
$ok = true;
$ip = $_SERVER["REMOTE_ADDR"];
if (isset($ip) && strlen($ip)) {
$now = time();
$key = "inst-ip-$ip-$installer";
$history = apc_fetch($key);
if (!$history)
$history = array();
$history[] = $now;
apc_store($key, $history, 604800);
if (count($history) > 10)
array_shift($history);
$count = 0;
foreach ($history as $time) {
if ($now - $time < 3600)
$count++;
}
if ($count > 4) {
$ok = false;
}
}
return $ok;
}
/**
* For each IP/Installer pair, keep track of the last 4 checks and if they
* were within the last hour fail the request.
*
* @param mixed $installer
*/
function CheckIp($installer) {
$ok = true;
$ip = $_SERVER["REMOTE_ADDR"];
if (isset($ip) && strlen($ip)) {
$lock = Lock("Installers", true, 5);
if ($lock) {
$now = time();
$file = "./tmp/installers.dat";
if (gz_is_file($file))
$history = json_decode(gz_file_get_contents($file), true);
if (!isset($history) || !is_array($history))
$history = array();
if (isset($history[$ip])) {
if (isset($history[$ip][$installer])) {
$history[$ip][$installer][] = $now;
if (count($history[$ip][$installer]) > 10)
array_shift($history[$ip][$installer]);
if (isset($history[$ip]["last-$installer"]) &&
$now - $history[$ip]["last-$installer"] < 3600) {
$count = 0;
foreach ($history[$ip][$installer] as $time) {
if ($now - $time < 3600)
$count++;
}
if ($count > 4) {
$ok = false;
}
}
} else {
$history[$ip][$installer] = array($now);
}
} else {
$history[$ip] = array($installer => array($now));
}
$history[$ip]['last'] = $now;
if ($ok) {
$history[$ip]["last-$installer"] = $now;
}
// prune any agents that haven't connected in 7 days
foreach ($history as $agent => $info) {
if ($now - $info['last'] > 604800) {
unset($history[$agent]);
}
}
gz_file_put_contents($file, json_encode($history));
Unlock($lock);
}
}
return $ok;
}
?>