function run() { if (count(RedirectWhenBlockedFull::getAltBaseUrls()) == 0) { $this->messages[] = 'Empty alt base urls'; return; } $domains = array(); foreach (RedirectWhenBlockedFull::getAltBaseUrls() as $url) { // Test DNS poisoning. $domain = parse_url($url, PHP_URL_HOST); $domains[] = $domain; } if (!Conf::$china_ip_for_dns_poisoning_test) { $this->messages[] = 'china_ip_for_dns_poisoning_test not set'; $this->n_failed++; } else { $command = ''; foreach ($domains as $domain) { $command .= '(dig +time=5 +tries=1 @' . Conf::$china_ip_for_dns_poisoning_test . ' ' . $domain . ' > /dev/null ; echo "' . $domain . ':"$?) & '; } $command = trim($command) . '& wait'; exec($command, $output); $n_domains_not_poisoned = 0; foreach ($output as $line) { $line_chunks = explode(':', $line, 2); if (count($line_chunks) == 2 && $line_chunks[0] && $line_chunks[1] >= 0) { list($domain, $dig_exit_code) = $line_chunks; if ($dig_exit_code == 0) { $this->messages[] = $domain . ' is poisoned (' . $dig_exit_code . ')'; } else { $this->messages[] = $domain . ' is not poisoned (' . $dig_exit_code . ')'; $n_domains_not_poisoned++; } } else { $this->messages[] = 'unknown dig result (' . $line . ')'; } } if (!$n_domains_not_poisoned) { $this->messages[] = 'no unpoisoned domains available'; $this->n_failed++; } } $alt_base_urls_file = dirname(dirname(__DIR__)) . '/rwb/conf/alt_base_urls.txt'; $alt_base_urls_modified_ago = time() - filemtime($alt_base_urls_file); $this->messages[] = "{$alt_base_urls_file} modified {$alt_base_urls_modified_ago} seconds ago"; if ($alt_base_urls_modified_ago > Conf::$alt_base_urls_modified_ago_max) { $this->messages[] = "{$alt_base_urls_file} expired"; return false; } return true; }
function getDownstreamOrigin() { static $downstream_origin_verified; if (!isset($downstream_origin_verified)) { $downstream_origin_verified = NULL; if (isset($_SERVER['HTTP_ORIGIN'])) { $downstream_origin = $_SERVER['HTTP_ORIGIN']; } elseif (isset($_SERVER['HTTP_REFERER'])) { $downstream_origin = http_build_scheme_host($_SERVER['HTTP_REFERER']); } if (isset($downstream_origin)) { foreach (RedirectWhenBlockedFull::getAltBaseUrls() as $alt_url_base) { if ($downstream_origin == http_build_scheme_host($alt_url_base)) { $downstream_origin_verified = $downstream_origin; break; } } } } return $downstream_origin_verified; }
public static function applyReverse(&$body) { foreach (RedirectWhenBlockedFull::getAltBaseUrls() as $alt_base_url) { $searches = array($alt_base_url . 'http://' => 'http://', $alt_base_url . 'https://' => 'https://', $alt_base_url => Conf::getDefaultUpstreamBaseUrlComponent('scheme') . '://' . Conf::getDefaultUpstreamBaseUrlComponent('host') . '/'); // Add url-encoded versions. foreach ($searches as $search => $replace) { $search = urlencode($search); if (!isset($searches[$search])) { $searches[$search] = urlencode($replace); } } // Special case when only first colon is encoded. // Should be moved to site-specific config. foreach ($searches as $search => $replace) { $search = str_replace('://', urlencode(':') . '//', $search); if (!isset($searches[$search])) { $searches[$search] = str_replace('://', urlencode(':') . '//', $replace); } } foreach ($searches as $search => $replace) { $body = str_replace($search, $replace, $body); } } }
exit; } if ($_GET[RedirectWhenBlockedFull::QUERY_STRING_PARAM_NAME] == Conf::OUTPUT_TYPE_APK_URLS) { header('Content-Type: application/javascript'); $urls = array(); foreach (RedirectWhenBlockedFull::getAltBaseUrls() as $url) { $url .= '?' . RedirectWhenBlockedFull::QUERY_STRING_PARAM_NAME . '=' . Conf::OUTPUT_TYPE_APK; $urls[] = $url; } print json_encode($urls); exit; } if ($_GET[RedirectWhenBlockedFull::QUERY_STRING_PARAM_NAME] == Conf::OUTPUT_TYPE_APP_URLS) { header('Content-Type: application/javascript'); $urls = array(); foreach (RedirectWhenBlockedFull::getAltBaseUrls() as $url) { $url .= '?' . RedirectWhenBlockedFull::QUERY_STRING_PARAM_NAME . '=' . Conf::OUTPUT_TYPE_APP; $urls[] = $url; } print json_encode($urls); exit; } if ($_GET[RedirectWhenBlockedFull::QUERY_STRING_PARAM_NAME] == Conf::OUTPUT_TYPE_STATUS) { header('Cache-Control: max-age=0'); header('Content-Type: text/plain'); require 'status_tests/StatusTest.inc'; foreach (scandir('status_tests/enabled') as $file) { if ($file[0] == '.') { continue; } require 'status_tests/enabled/' . $file;