Initial commit

plugins/jetpack/modules/protect/config-ui.php

@@ -0,0 +1,70 @@
+<?php if ( ! $this->api_key ) : // no api key, provide a button to get one ?>
+
+	<div class="protect-status attn">
+		<?php if( ! empty( $this->api_key_error ) ) : ?>
+			<p class="error"><?php echo $this->api_key_error; ?></p>
+			<p>
+				<a href="?page=jetpack-debugger"><?php echo __( 'Debug Jetpack for more information.', 'jetpack' ); ?></a>
+			</p>
+		<?php endif; ?>
+
+		<form method="post">
+			<?php wp_nonce_field( 'jetpack-protect' ); ?>
+			<input type='hidden' name='action' value='get_protect_key' />
+			<p class="submit">
+				<?php _e( 'An API key is needed for Protect.', 'jetpack' ); ?>
+				<br /><br /><input type='submit' class='button-primary' value='<?php echo esc_attr( __( 'Get an API Key', 'jetpack' ) ); ?>' />
+			</p>
+		</form>
+	</div>
+
+<?php else : // api key is good, show white list options ?>
+
+	<?php
+	global $current_user;
+	$whitelist = jetpack_protect_format_whitelist();
+	?>
+	<div class="protect-whitelist">
+
+		<form id="editable-whitelist" method="post">
+			<h3><?php _e( 'Whitelist Management', 'jetpack' ); ?></h3>
+
+			<?php if( ! empty( $this->whitelist_error ) ) : ?>
+				<p class="error"><?php  _e( 'One of your IP addresses was not valid.', 'jetpack' ); ?></p>
+			<?php endif; ?>
+
+			<?php if( $this->whitelist_saved === true ) : ?>
+				<p class="success"><?php  _e( 'Whitelist saved.', 'jetpack' ); ?></p>
+			<?php endif; ?>
+
+			<p>
+				<?php _e( 'Whitelisting an IP address prevents it from ever being blocked by Jetpack. ', 'jetpack' ); ?><br />
+
+				<?php if ( is_multisite() && current_user_can( 'manage_network' ) ) : ?>
+					<a href="<?php echo network_admin_url( 'admin.php?page=jetpack-settings' ); ?>">
+						<?php _e( 'You can manage your network-wide whitelist via the network admin.', 'jetpack' ); ?>
+					</a><br />
+				<?php endif; ?>
+
+				<small>
+					<?php _e( 'Make sure to add your most frequently used IP addresses as they can change between your home, office or other locations. Removing an IP address from the list below will remove it from your whitelist.', 'jetpack' ); ?>
+				</small>
+			</p>
+
+
+
+			<p><strong><?php printf( __( 'Your current IP: %s', 'jetpack' ), $this->user_ip ); ?></strong></p>
+			<?php wp_nonce_field( 'jetpack-protect' ); ?>
+			<input type='hidden' name='action' value='jetpack_protect_save_whitelist' />
+			<textarea name="whitelist"><?php echo implode( PHP_EOL, $whitelist['local'] ); ?></textarea>
+			<p>
+				<em><?php _e('IPv4 and IPv6 are acceptable. <br />To specify a range, enter the low value and high value separated by a dash. Example: 12.12.12.1-12.12.12.100', 'jetpack' ); ?></em>
+			</p>
+			<p>
+				<input type='submit' class='button-primary' value='<?php echo esc_attr( __( 'Save', 'jetpack' ) ); ?>' />
+			</p>
+		</form>
+
+	</div>
+
+<?php endif; ?>

plugins/jetpack/modules/protect/math-fallback.php

@@ -0,0 +1,127 @@
+<?php
+
+if ( ! class_exists( 'Jetpack_Protect_Math_Authenticate' ) ) {
+	/*
+	 * The math captcha fallback if we can't talk to the Protect API
+	 */
+	class Jetpack_Protect_Math_Authenticate {
+
+		static $loaded;
+
+		function __construct() {
+
+			if ( self::$loaded ) {
+				return;
+			}
+
+			self::$loaded = 1;
+
+			add_action( 'login_form', array( $this, 'math_form' ) );
+
+			if( isset( $_POST[ 'jetpack_protect_process_math_form' ] ) ) {
+				add_action( 'init', array( $this, 'process_generate_math_page' ) );
+			}
+		}
+
+		/**
+		 * Verifies that a user answered the math problem correctly while logging in.
+		 *
+		 * @return bool Returns true if the math is correct
+		 * @throws Error if insuffient $_POST variables are present.
+		 * @throws Error message if the math is wrong
+		 */
+		static function math_authenticate() {
+			$salt        = get_site_option( 'jetpack_protect_key' ) . get_site_option( 'admin_email' );
+			$ans         = isset( $_POST['jetpack_protect_num'] ) ? (int) $_POST['jetpack_protect_num'] : '' ;
+			$salted_ans  = sha1( $salt . $ans );
+			$correct_ans = isset( $_POST[ 'jetpack_protect_answer' ] ) ? $_POST[ 'jetpack_protect_answer' ] : '' ;
+
+			if( isset( $_COOKIE[ 'jpp_math_pass' ] ) ) {
+				$transient = Jetpack_Protect_Module::get_transient( 'jpp_math_pass_' . $_COOKIE[ 'jpp_math_pass' ] );
+				if( !$transient || $transient < 1 ) {
+					Jetpack_Protect_Math_Authenticate::generate_math_page();
+				}
+				return true;
+			}
+
+			if ( ! $correct_ans || !$_POST['jetpack_protect_num'] ) {
+				Jetpack_Protect_Math_Authenticate::generate_math_page();
+			} elseif ( $salted_ans != $correct_ans ) {
+				wp_die(
+				__( '<strong>You failed to correctly answer the math problem.</strong>  This is used to combat spam when the Protect API is unavailable.  Please use your browser\'s back button to return to the login form, press the "refresh" button to generate a new math problem, and try to log in again.', 'jetpack' ),
+				'',
+				401
+				);
+			} else {
+				return true;
+			}
+		}
+
+		/**
+		 * Creates an interim page to collect answers to a math captcha
+		 *
+		 * @return none, execution stopped
+		 */
+		static function generate_math_page( $error = false ) {
+			$salt = get_site_option( 'jetpack_protect_key' ) . get_site_option( 'admin_email' );
+			$num1 = rand( 0, 10 );
+			$num2 = rand( 1, 10 );
+			$sum  = $num1 + $num2;
+			$ans  = sha1( $salt . $sum );
+			ob_start();
+			?>
+			<h2><?php _e( 'Please solve this math problem to prove that you are not a bot.  Once you solve it, you will need to log in again.', 'jetpack' ); ?></h2>
+			<?php if ($error): ?>
+				<h3><?php _e( 'Your answer was incorrect, please try again.', 'jetpack' ); ?></h3>
+			<?php endif ?>
+
+			<form action="<?php echo wp_login_url(); ?>" method="post" accept-charset="utf-8">
+				<?php Jetpack_Protect_Math_Authenticate::math_form(); ?>
+				<input type="hidden" name="jetpack_protect_process_math_form" value="1" id="jetpack_protect_process_math_form" />
+				<p><input type="submit" value="<?php esc_html_e( 'Continue &rarr;', 'jetpack' ); ?>"></p>
+			</form>
+		<?php
+			$mathage = ob_get_contents();
+			ob_end_clean();
+			wp_die( $mathage );
+		}
+
+		public function process_generate_math_page() {
+			$salt        = get_site_option( 'jetpack_protect_key' ) . get_site_option( 'admin_email' );
+			$ans         = (int)$_POST['jetpack_protect_num'];
+			$salted_ans  = sha1( $salt . $ans );
+			$correct_ans = $_POST[ 'jetpack_protect_answer' ];
+
+			if ( $salted_ans != $correct_ans ) {
+				Jetpack_Protect_Math_Authenticate::generate_math_page(true);
+			} else {
+				$temp_pass = substr( sha1( rand( 1, 100000000 ) . get_site_option( 'jetpack_protect_key' ) ), 5, 25 );
+				Jetpack_Protect_Module::set_transient( 'jpp_math_pass_' . $temp_pass, 3, DAY_IN_SECONDS );
+				setcookie('jpp_math_pass', $temp_pass, time() + DAY_IN_SECONDS, COOKIEPATH, COOKIE_DOMAIN, false);
+				return true;
+			}
+		}
+
+		/**
+		 * Requires a user to solve a simple equation. Added to any WordPress login form.
+		 *
+		 * @return VOID outputs html
+		 */
+		static function math_form() {
+			$salt = get_site_option( 'jetpack_protect_key' ) . get_site_option( 'admin_email' );
+			$num1 = rand( 0, 10 );
+			$num2 = rand( 1, 10 );
+			$sum  = $num1 + $num2;
+			$ans  = sha1( $salt . $sum );
+			?>
+			<div style="margin: 5px 0 20px;">
+				<strong><?php esc_html_e( 'Prove your humanity:', 'jetpack' ); ?> </strong>
+				<?php echo $num1 ?> &nbsp; + &nbsp; <?php echo $num2 ?> &nbsp; = &nbsp;
+				<input type="input" name="jetpack_protect_num" value="" size="2" />
+				<input type="hidden" name="jetpack_protect_answer" value="<?php echo $ans; ?>" />
+			</div>
+		<?php
+		}
+
+	}
+}

plugins/jetpack/modules/protect/protect-dashboard-widget-rtl.css

@@ -0,0 +1,117 @@
+/* loads inline on wp-admin in order to reduce http requests */
+
+#protect_dashboard_widget .inside {
+	margin: 0;
+	padding: 0;
+	text-align: center;
+}
+
+.jetpack-security * {
+	box-sizing: border-box;
+}
+
+/* alert msgs */
+#protect_dashboard_widget .msg {
+	color: #fff;
+	text-align: center;
+	padding: 10px;
+}
+
+#protect_dashboard_widget .msg.working {
+	background: #7BAC48;
+}
+
+#protect_dashboard_widget .msg.attn {
+	background: #d94f4f;
+}
+
+#protect_dashboard_widget .msg a {
+	color: #fff;
+	text-decoration: underline;
+}
+
+#protect_dashboard_widget .msg a:hover {
+	text-decoration: none;
+}
+
+#protect_dashboard_widget .msg .dashicons {
+	float: left;
+	text-decoration: none;
+	border-radius: 2px;
+}
+
+#protect_dashboard_widget .msg.working .dashicons {
+	color: #609643;
+}
+
+#protect_dashboard_widget .msg.working .dashicons:hover {
+	background: #609643;
+	color: #7BAC48;
+}
+
+#protect_dashboard_widget .msg.attn .dashicons {
+	color: #a93838;
+}
+
+#protect_dashboard_widget .msg.attn .dashicons:hover {
+	background: #a93838;
+	color: #d94f4f;
+}
+
+.blocked-attacks,
+.file-scanning {
+	position: relative;
+}
+
+.blocked-attacks {
+	background: #fafafa;
+	border-bottom: 1px #eee solid;
+	padding-bottom: 35px;
+}
+
+.jetpack-security-sharing {
+	width: 60px;
+	display: inline-block;
+	position: absolute;
+	left: 0;
+	top: 10px;
+}
+
+.jetpack-security-sharing a {
+	color: #dcdcdc;
+}
+
+.jetpack-security-sharing a:hover {
+	color: #cdcbcb;
+}
+
+.blocked-attacks h2,
+.blocked-attacks h3 {
+	color: #7BAC48;
+	font-family: "proxima-nova", "Open Sans", Helvetica, Arial, sans-serif;
+	font-weight: 300;
+}
+
+.blocked-attacks h2 {
+	font-size: 4em;
+	line-height: 110%;
+	margin: 0;
+	padding: 10px 12px 10px 12px;
+}
+
+.blocked-attacks h3 {
+	font-size: 1.1em;
+	line-height: 110%;
+	padding: 0 12px 10px 12px;
+	margin: 0;
+}
+
+.jetpack-protect-logo {
+	width: 50px;
+	position: relative;
+}
+
+.file-scanning {
+	margin-top: -30px;
+	padding: 0 12px;
+}

plugins/jetpack/modules/protect/protect-dashboard-widget-rtl.min.css

@@ -0,0 +1 @@
+#protect_dashboard_widget .inside{margin:0;padding:0;text-align:center}.jetpack-security *{box-sizing:border-box}#protect_dashboard_widget .msg{color:#fff;text-align:center;padding:10px}#protect_dashboard_widget .msg.working{background:#7BAC48}#protect_dashboard_widget .msg.attn{background:#d94f4f}#protect_dashboard_widget .msg a{color:#fff;text-decoration:underline}#protect_dashboard_widget .msg a:hover{text-decoration:none}#protect_dashboard_widget .msg .dashicons{float:left;text-decoration:none;border-radius:2px}#protect_dashboard_widget .msg.working .dashicons{color:#609643}#protect_dashboard_widget .msg.working .dashicons:hover{background:#609643;color:#7BAC48}#protect_dashboard_widget .msg.attn .dashicons{color:#a93838}#protect_dashboard_widget .msg.attn .dashicons:hover{background:#a93838;color:#d94f4f}.blocked-attacks,.file-scanning{position:relative}.blocked-attacks{background:#fafafa;border-bottom:1px #eee solid;padding-bottom:35px}.jetpack-security-sharing{width:60px;display:inline-block;position:absolute;left:0;top:10px}.jetpack-security-sharing a{color:#dcdcdc}.jetpack-security-sharing a:hover{color:#cdcbcb}.blocked-attacks h2,.blocked-attacks h3{color:#7BAC48;font-family:proxima-nova,"Open Sans",Helvetica,Arial,sans-serif;font-weight:300}.blocked-attacks h2{font-size:4em;line-height:110%;margin:0;padding:10px 12px}.blocked-attacks h3{font-size:1.1em;line-height:110%;padding:0 12px 10px;margin:0}.jetpack-protect-logo{width:50px;position:relative}.file-scanning{margin-top:-30px;padding:0 12px}

plugins/jetpack/modules/protect/protect-dashboard-widget.css

@@ -0,0 +1,117 @@
+/* loads inline on wp-admin in order to reduce http requests */
+
+#protect_dashboard_widget .inside {
+	margin: 0;
+	padding: 0;
+	text-align: center;
+}
+
+.jetpack-security * {
+	box-sizing: border-box;
+}
+
+/* alert msgs */
+#protect_dashboard_widget .msg {
+	color: #fff;
+	text-align: center;
+	padding: 10px;
+}
+
+#protect_dashboard_widget .msg.working {
+	background: #7BAC48;
+}
+
+#protect_dashboard_widget .msg.attn {
+	background: #d94f4f;
+}
+
+#protect_dashboard_widget .msg a {
+	color: #fff;
+	text-decoration: underline;
+}
+
+#protect_dashboard_widget .msg a:hover {
+	text-decoration: none;
+}
+
+#protect_dashboard_widget .msg .dashicons {
+	float: right;
+	text-decoration: none;
+	border-radius: 2px;
+}
+
+#protect_dashboard_widget .msg.working .dashicons {
+	color: #609643;
+}
+
+#protect_dashboard_widget .msg.working .dashicons:hover {
+	background: #609643;
+	color: #7BAC48;
+}
+
+#protect_dashboard_widget .msg.attn .dashicons {
+	color: #a93838;
+}
+
+#protect_dashboard_widget .msg.attn .dashicons:hover {
+	background: #a93838;
+	color: #d94f4f;
+}
+
+.blocked-attacks,
+.file-scanning {
+	position: relative;
+}
+
+.blocked-attacks {
+	background: #fafafa;
+	border-bottom: 1px #eee solid;
+	padding-bottom: 35px;
+}
+
+.jetpack-security-sharing {
+	width: 60px;
+	display: inline-block;
+	position: absolute;
+	right: 0;
+	top: 10px;
+}
+
+.jetpack-security-sharing a {
+	color: #dcdcdc;
+}
+
+.jetpack-security-sharing a:hover {
+	color: #cdcbcb;
+}
+
+.blocked-attacks h2,
+.blocked-attacks h3 {
+	color: #7BAC48;
+	font-family: "proxima-nova", "Open Sans", Helvetica, Arial, sans-serif;
+	font-weight: 300;
+}
+
+.blocked-attacks h2 {
+	font-size: 4em;
+	line-height: 110%;
+	margin: 0;
+	padding: 10px 12px 10px 12px;
+}
+
+.blocked-attacks h3 {
+	font-size: 1.1em;
+	line-height: 110%;
+	padding: 0 12px 10px 12px;
+	margin: 0;
+}
+
+.jetpack-protect-logo {
+	width: 50px;
+	position: relative;
+}
+
+.file-scanning {
+	margin-top: -30px;
+	padding: 0 12px;
+}

plugins/jetpack/modules/protect/protect-dashboard-widget.min.css

@@ -0,0 +1 @@
+#protect_dashboard_widget .inside{margin:0;padding:0;text-align:center}.jetpack-security *{box-sizing:border-box}#protect_dashboard_widget .msg{color:#fff;text-align:center;padding:10px}#protect_dashboard_widget .msg.working{background:#7BAC48}#protect_dashboard_widget .msg.attn{background:#d94f4f}#protect_dashboard_widget .msg a{color:#fff;text-decoration:underline}#protect_dashboard_widget .msg a:hover{text-decoration:none}#protect_dashboard_widget .msg .dashicons{float:right;text-decoration:none;border-radius:2px}#protect_dashboard_widget .msg.working .dashicons{color:#609643}#protect_dashboard_widget .msg.working .dashicons:hover{background:#609643;color:#7BAC48}#protect_dashboard_widget .msg.attn .dashicons{color:#a93838}#protect_dashboard_widget .msg.attn .dashicons:hover{background:#a93838;color:#d94f4f}.blocked-attacks,.file-scanning{position:relative}.blocked-attacks{background:#fafafa;border-bottom:1px #eee solid;padding-bottom:35px}.jetpack-security-sharing{width:60px;display:inline-block;position:absolute;right:0;top:10px}.jetpack-security-sharing a{color:#dcdcdc}.jetpack-security-sharing a:hover{color:#cdcbcb}.blocked-attacks h2,.blocked-attacks h3{color:#7BAC48;font-family:proxima-nova,"Open Sans",Helvetica,Arial,sans-serif;font-weight:300}.blocked-attacks h2{font-size:4em;line-height:110%;margin:0;padding:10px 12px}.blocked-attacks h3{font-size:1.1em;line-height:110%;padding:0 12px 10px;margin:0}.jetpack-protect-logo{width:50px;position:relative}.file-scanning{margin-top:-30px;padding:0 12px}

plugins/jetpack/modules/protect/shared-functions.php

@@ -0,0 +1,317 @@
+<?php
+/**
+ * These functions are shared by the Protect module and its related json-endpoints
+ */
+
+/**
+ * Returns an array of IP objects that will never be blocked by the Protect module
+ *
+ * The array is segmented into a local whitelist which applies only to the current site
+ * and a global whitelist which, for multisite installs, applies to the entire networko
+ *
+ * @return array
+ */
+function jetpack_protect_format_whitelist() {
+
+	$local_whitelist = jetpack_protect_get_local_whitelist();
+
+	$formatted = array (
+		'local' => array (),
+	);
+
+	foreach ( $local_whitelist as $item ) {
+		if ( $item->range ) {
+			$formatted['local'][] = $item->range_low . ' - ' . $item->range_high;
+		} else {
+			$formatted['local'][] = $item->ip_address;
+		}
+	}
+
+	if ( is_multisite() && current_user_can( 'manage_network' ) ) {
+		$formatted['global'] = array ();
+		$global_whitelist    = jetpack_protect_get_global_whitelist();
+
+		if ( false === $global_whitelist ) {
+			// if the global whitelist has never been set, check for a legacy option set prior to 3.6
+			$global_whitelist = get_site_option( 'jetpack_protect_whitelist', array () );
+		}
+
+		foreach ( $global_whitelist as $item ) {
+			if ( $item->range ) {
+				$formatted['global'][] = $item->range_low . ' - ' . $item->range_high;
+			} else {
+				$formatted['global'][] = $item->ip_address;
+			}
+		}
+	}
+
+	return $formatted;
+}
+
+/**
+ * Gets the local Protect whitelist
+ *
+ * The 'local' part of the whitelist only really applies to multisite installs,
+ * which can have a network wide whitelist, as well as a local list that applies
+ * only to the current site. On single site installs, there will only be a local
+ * whitelist.
+ *
+ * @return array A list of IP Address objects or an empty array
+ */
+function jetpack_protect_get_local_whitelist() {
+	$whitelist = Jetpack_Options::get_option( 'protect_whitelist' );
+
+	if ( false === $whitelist ) {
+		// The local whitelist has never been set
+		if ( is_multisite() ) {
+			// On a multisite, we can check for a legacy site_option that existed prior to v 3.6, or default to an empty array
+			$whitelist = get_site_option( 'jetpack_protect_whitelist', array () );
+		} else {
+			// On a single site, we can just use an empty array
+			$whitelist = array ();
+		}
+	}
+
+	return $whitelist;
+}
+
+/**
+ * Get the global, network-wide whitelist
+ *
+ * It will revert to the legacy site_option if jetpack_protect_global_whitelist has never been set
+ *
+ * @return array
+ */
+function jetpack_protect_get_global_whitelist() {
+	$whitelist = get_site_option( 'jetpack_protect_global_whitelist' );
+
+	if ( false === $whitelist ) {
+		// The global whitelist has never been set. Check for legacy site_option, or default to an empty array
+		$whitelist = get_site_option( 'jetpack_protect_whitelist', array () );
+	}
+
+	return $whitelist;
+}
+
+function jetpack_protect_save_whitelist( $whitelist, $global = false ) {
+	$whitelist_error = false;
+	$new_items       = array ();
+
+	if ( ! is_array( $whitelist ) ) {
+		return new WP_Error( 'invalid_parameters', __( 'Expecting an array', 'jetpack' ) );
+	}
+
+	if ( $global && ! is_multisite() ) {
+		return new WP_Error( 'invalid_parameters', __( 'Cannot use global flag on non-multisites', 'jetpack' ) );
+	}
+
+	if ( $global && ! current_user_can( 'manage_network' ) ) {
+		return new WP_Error( 'permission_denied', __( 'Only super admins can edit the global whitelist', 'jetpack' ) );
+	}
+
+	// validate each item
+	foreach ( $whitelist as $item ) {
+
+		$item = trim( $item );
+
+		if ( empty( $item ) ) {
+			continue;
+		}
+
+		$range = false;
+		if ( strpos( $item, '-' ) ) {
+			$item  = explode( '-', $item );
+			$range = true;
+		}
+		$new_item        = new stdClass();
+		$new_item->range = $range;
+
+		if ( ! empty( $range ) ) {
+
+			$low  = trim( $item[0] );
+			$high = trim( $item[1] );
+
+			if ( ! filter_var( $low, FILTER_VALIDATE_IP ) || ! filter_var( $high, FILTER_VALIDATE_IP ) ) {
+				$whitelist_error = true;
+				break;
+			}
+
+			if ( ! jetpack_convert_ip_address( $low ) || ! jetpack_convert_ip_address( $high ) ) {
+				$whitelist_error = true;
+				break;
+			}
+
+			$new_item->range_low  = $low;
+			$new_item->range_high = $high;
+
+		} else {
+
+			if ( ! filter_var( $item, FILTER_VALIDATE_IP ) ) {
+				$whitelist_error = true;
+				break;
+			}
+
+			if ( ! jetpack_convert_ip_address( $item ) ) {
+				$whitelist_error = true;
+				break;
+			}
+			$new_item->ip_address = $item;
+		}
+
+		$new_items[] = $new_item;
+
+	} // end item loop
+
+	if ( ! empty( $whitelist_error ) ) {
+		return new WP_Error( 'invalid_ip', __( 'One of your IP addresses was not valid.', 'jetpack' ) );
+	}
+
+	if ( $global ) {
+		update_site_option( 'jetpack_protect_global_whitelist', $new_items );
+		// once a user has saved their global whitelist, we can permanently remove the legacy option
+		delete_site_option( 'jetpack_protect_whitelist' );
+	} else {
+		Jetpack_Options::update_option( 'protect_whitelist', $new_items );
+	}
+
+	return true;
+}
+
+function jetpack_protect_get_ip() {
+
+	$trusted_header_data = get_site_option( 'trusted_ip_header' );
+
+	if ( isset( $trusted_header_data->trusted_header ) && isset( $_SERVER[ $trusted_header_data->trusted_header ] ) ) {
+		$ip            = $_SERVER[ $trusted_header_data->trusted_header ];
+		$segments      = $trusted_header_data->segments;
+		$reverse_order = $trusted_header_data->reverse;
+	} else {
+		$ip = $_SERVER['REMOTE_ADDR'];
+	}
+
+	$ips = explode( ',', $ip );
+
+	if ( ! isset( $segments ) || ! $segments ) {
+		$segments = 1;
+	}
+	if ( isset( $reverse_order ) && $reverse_order ) {
+		$ips = array_reverse( $ips );
+	}
+
+
+
+	$ip_count = count( $ips );
+
+	if ( 1 == $ip_count ) {
+		return jetpack_clean_ip( $ips[0] );
+	} elseif ( $ip_count >= $segments ) {
+		$the_one = $ip_count - $segments;
+
+		return jetpack_clean_ip( $ips[ $the_one ] );
+	} else {
+		return jetpack_clean_ip( $_SERVER['REMOTE_ADDR'] );
+	}
+}
+
+function jetpack_clean_ip( $ip ) {
+	$ip = trim( $ip );
+
+	// Check for IPv4 IP cast as IPv6
+	if ( preg_match( '/^::ffff:(\d+\.\d+\.\d+\.\d+)$/', $ip, $matches ) ) {
+		$ip = $matches[1];
+	}
+
+	return $ip;
+}
+
+/**
+ * Checks an IP to see if it is within a private range
+ *
+ * @param int $ip
+ *
+ * @return bool
+ */
+function jetpack_protect_ip_is_private( $ip ) {
+
+	// we are dealing with ipv6, so we can simply rely on filter_var
+	if ( false === strpos( $ip, '.' ) ) {
+		return ! filter_var( $ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE );
+	}
+
+	// we are dealing with ipv4
+	$private_ip4_addresses = array (
+		'10.0.0.0|10.255.255.255',     // single class A network
+		'172.16.0.0|172.31.255.255',   // 16 contiguous class B network
+		'192.168.0.0|192.168.255.255', // 256 contiguous class C network
+		'169.254.0.0|169.254.255.255', // Link-local address also referred to as Automatic Private IP Addressing
+		'127.0.0.0|127.255.255.255'    // localhost
+	);
+	$long_ip               = ip2long( $ip );
+	if ( -1 != $long_ip ) {
+		foreach ( $private_ip4_addresses as $pri_addr ) {
+			list ( $start, $end ) = explode( '|', $pri_addr );
+			if ( $long_ip >= ip2long( $start ) && $long_ip <= ip2long( $end ) ) {
+				return true;
+			}
+		}
+	}
+
+	return false;
+}
+
+/**
+ * Uses inet_pton if available to convert an IP address to a binary string.
+ * If inet_pton is not available, ip2long will convert the address to an integer.
+ * Returns false if an invalid IP address is given.
+ *
+ * NOTE: ip2long will return false for any ipv6 address. servers that do not support
+ * inet_pton will not support ipv6
+ *
+ * @param $ip
+ *
+ * @return int|string|bool
+ */
+function jetpack_convert_ip_address( $ip ) {
+	if ( function_exists( 'inet_pton' ) ) {
+		return inet_pton( $ip );
+	}
+
+	return ip2long( $ip );
+}
+
+/**
+ * Checks that a given IP address is within a given low - high range.
+ * Servers that support inet_pton will use that function to convert the ip to number,
+ * while other servers will use ip2long.
+ *
+ * NOTE: servers that do not support inet_pton cannot support ipv6.
+ *
+ * @param $ip
+ * @param $range_low
+ * @param $range_high
+ *
+ * @return bool
+ */
+function jetpack_protect_ip_address_is_in_range( $ip, $range_low, $range_high ) {
+	// inet_pton will give us binary string of an ipv4 or ipv6
+	// we can then use strcmp to see if the address is in range
+	if ( function_exists( 'inet_pton' ) ) {
+		$ip_num  = inet_pton( $ip );
+		$ip_low  = inet_pton( $range_low );
+		$ip_high = inet_pton( $range_high );
+		if ( $ip_num && $ip_low && $ip_high && strcmp( $ip_num, $ip_low ) >= 0 && strcmp( $ip_num, $ip_high ) <= 0 ) {
+			return true;
+		}
+		// ip2long will give us an integer of an ipv4 address only. it will produce FALSE for ipv6
+	} else {
+		$ip_num  = ip2long( $ip );
+		$ip_low  = ip2long( $range_low );
+		$ip_high = ip2long( $range_high );
+		if ( $ip_num && $ip_low && $ip_high && $ip_num >= $ip_low && $ip_num <= $ip_high ) {
+			return true;
+		}
+	}
+
+	return false;
+
+}

plugins/jetpack/modules/protect/transient-cleanup.php

@@ -0,0 +1,56 @@
+<?php
+/*
+Adapted from Purge Transients by Seebz
+https://github.com/Seebz/Snippets/tree/master/Wordpress/plugins/purge-transients
+*/
+
+if ( ! function_exists('jp_purge_transients') ) {
+	function jp_purge_transients( $older_than = '1 hour' ) {
+		global $wpdb;
+
+		$older_than_time = strtotime( '-' . $older_than );
+		if ( $older_than_time > time() || $older_than_time < 1 ) {
+			return false;
+		}
+
+		$sql = $wpdb->prepare( "
+		SELECT REPLACE(option_name, '_transient_timeout_jpp_', '') AS transient_name
+		FROM {$wpdb->options}
+		WHERE option_name LIKE '\_transient\_timeout\_jpp\__%%'
+		AND option_value < %d
+		", $older_than_time );
+
+		$transients = $wpdb->get_col( $sql );
+
+		$options_names = array();
+
+		foreach( $transients as $transient ) {
+			$options_names[] = '_transient_jpp_' . $transient;
+			$options_names[] = '_transient_timeout_jpp_' . $transient;
+		}
+
+		if ($options_names) {
+			$option_names_string = implode( ', ', array_fill( 0, count( $options_names ), '%s') );
+			$delete_sql = "DELETE FROM {$wpdb->options} WHERE option_name IN ($option_names_string)";
+
+			$delete_sql = call_user_func_array( array($wpdb, 'prepare'), array_merge( array( $delete_sql ), $options_names ) );
+
+			$result = $wpdb->query( $delete_sql );
+			if ( !$result ) {
+				return false;
+			}
+		}
+
+		return;
+	}
+}
+
+
+function jp_purge_transients_activation() {
+	if ( !wp_next_scheduled( 'jp_purge_transients_cron' ) ) {
+		wp_schedule_event( time(), 'daily', 'jp_purge_transients_cron' );
+	}
+}
+add_action( 'admin_init', 'jp_purge_transients_activation' );
+
+add_action( 'jp_purge_transients_cron', 'jp_purge_transients' );