1 /* +------------------------------------+
2 * | Inspire Internet Relay Chat Daemon |
3 * +------------------------------------+
5 * InspIRCd: (C) 2002-2010 InspIRCd Development Team
6 * See: http://wiki.inspircd.org/Credits
8 * This program is free but copyrighted software; see
9 * the file COPYING for details.
11 * ---------------------------------------------------
18 /* Used when comparing CIDR masks for the modulus bits left over.
19 * A lot of ircd's seem to do this:
20 * ((-1) << (8 - (mask % 8)))
21 * But imho, it sucks in comparison to a nice neat lookup table.
23 const unsigned char inverted_bits[8] = { 0x00, /* 00000000 - 0 bits - never actually used */
24 0x80, /* 10000000 - 1 bits */
25 0xC0, /* 11000000 - 2 bits */
26 0xE0, /* 11100000 - 3 bits */
27 0xF0, /* 11110000 - 4 bits */
28 0xF8, /* 11111000 - 5 bits */
29 0xFC, /* 11111100 - 6 bits */
30 0xFE /* 11111110 - 7 bits */
34 /* Match CIDR strings, e.g. 127.0.0.1 to 127.0.0.0/8 or 3ffe:1:5:6::8 to 3ffe:1::0/32
35 * If you have a lot of hosts to match, youre probably better off building your mask once
36 * and then using the lower level MatchCIDRBits directly.
38 * This will also attempt to match any leading usernames or nicknames on the mask, using
39 * match(), when match_with_username is true.
41 bool irc::sockets::MatchCIDR(const std::string &address, const std::string &cidr_mask, bool match_with_username)
43 std::string address_copy;
44 std::string cidr_copy;
46 /* The caller is trying to match ident@<mask>/bits.
47 * Chop off the ident@ portion, use match() on it
50 if (match_with_username)
52 /* Use strchr not strrchr, because its going to be nearer to the left */
53 std::string::size_type username_mask_pos = cidr_mask.rfind('@');
54 std::string::size_type username_addr_pos = address.rfind('@');
56 /* Both strings have an @ symbol in them */
57 if (username_mask_pos != std::string::npos && username_addr_pos != std::string::npos)
59 /* Try and match() the strings before the @
60 * symbols, and recursively call MatchCIDR without
61 * username matching enabled to match the host part.
63 return (InspIRCd::Match(address.substr(0, username_addr_pos), cidr_mask.substr(0, username_mask_pos), ascii_case_insensitive_map) &&
64 MatchCIDR(address.substr(username_addr_pos + 1), cidr_mask.substr(username_mask_pos + 1), false));
68 address_copy = address.substr(username_addr_pos + 1);
69 cidr_copy = cidr_mask.substr(username_mask_pos + 1);
74 address_copy.assign(address);
75 cidr_copy.assign(cidr_mask);
78 if (cidr_copy.find('/') == std::string::npos)
81 irc::sockets::sockaddrs addr;
82 irc::sockets::aptosa(address_copy, 0, addr);
84 irc::sockets::cidr_mask mask(cidr_copy);
85 irc::sockets::cidr_mask mask2(addr, mask.length);