53 lines
1.4 KiB
Rust
53 lines
1.4 KiB
Rust
use std::net::{IpAddr, Ipv4Addr, Ipv6Addr};
|
|
|
|
use crate::error::Error;
|
|
use tokio::net::lookup_host;
|
|
|
|
// Resolve domain and see if it points to private IP
|
|
// TODO: Use is_global() once stabilized
|
|
// https://doc.rust-lang.org/std/net/enum.IpAddr.html#method.is_global
|
|
pub(crate) async fn is_invalid_ip(domain: &str) -> Result<bool, Error> {
|
|
let mut ips = lookup_host((domain, 80)).await?;
|
|
Ok(ips.any(|addr| match addr.ip() {
|
|
IpAddr::V4(addr) => v4_is_invalid(addr),
|
|
IpAddr::V6(addr) => v6_is_invalid(addr),
|
|
}))
|
|
}
|
|
|
|
fn v4_is_invalid(v4: Ipv4Addr) -> bool {
|
|
v4.is_private()
|
|
|| v4.is_loopback()
|
|
|| v4.is_link_local()
|
|
|| v4.is_multicast()
|
|
|| v4.is_documentation()
|
|
}
|
|
|
|
fn v6_is_invalid(v6: Ipv6Addr) -> bool {
|
|
v6.is_loopback()
|
|
|| v6.is_multicast()
|
|
|| v6.is_unique_local()
|
|
|| v6.is_unicast_link_local()
|
|
|| v6.is_unspecified()
|
|
|| v6_is_documentation(v6)
|
|
|| v6.to_ipv4_mapped().is_some_and(v4_is_invalid)
|
|
}
|
|
|
|
fn v6_is_documentation(v6: std::net::Ipv6Addr) -> bool {
|
|
matches!(
|
|
v6.segments(),
|
|
[0x2001, 0xdb8, ..] | [0x3fff, 0..=0x0fff, ..]
|
|
)
|
|
}
|
|
|
|
#[cfg(test)]
|
|
#[allow(clippy::unwrap_used)]
|
|
mod test {
|
|
use super::*;
|
|
|
|
#[tokio::test]
|
|
async fn test_is_valid_ip() -> Result<(), Error> {
|
|
assert!(!is_invalid_ip("example.com").await?);
|
|
assert!(is_invalid_ip("localhost").await?);
|
|
Ok(())
|
|
}
|
|
}
|