+
+ /* Secondly (this is slower) compare the whole bytes */
+ if (memcmp(address, mask, divisor))
+ return false;
+
+ /* The address matches the mask, to mask_bits bits of mask */
+ return true;
+}
+
+/* Match CIDR, but dont attempt to match() against leading *!*@ sections */
+bool irc::sockets::MatchCIDR(const char* address, const char* cidr_mask)
+{
+ return MatchCIDR(address, cidr_mask, false);
+}
+
+/* Match CIDR strings, e.g. 127.0.0.1 to 127.0.0.0/8 or 3ffe:1:5:6::8 to 3ffe:1::0/32
+ * If you have a lot of hosts to match, youre probably better off building your mask once
+ * and then using the lower level MatchCIDRBits directly.
+ *
+ * This will also attempt to match any leading usernames or nicknames on the mask, using
+ * match(), when match_with_username is true.
+ */
+bool irc::sockets::MatchCIDR(const char* address, const char* cidr_mask, bool match_with_username)
+{
+ unsigned char addr_raw[16];
+ unsigned char mask_raw[16];
+ unsigned int bits = 0;
+ char* mask = NULL;
+
+ /* The caller is trying to match ident@<mask>/bits.
+ * Chop off the ident@ portion, use match() on it
+ * seperately.
+ */
+ if (match_with_username)
+ {
+ /* Duplicate the strings, and try to find the position
+ * of the @ symbol in each */
+ char* address_dupe = strdup(address);
+ char* cidr_dupe = strdup(cidr_mask);
+
+ /* Use strchr not strrchr, because its going to be nearer to the left */
+ char* username_mask_pos = strrchr(cidr_dupe, '@');
+ char* username_addr_pos = strrchr(address_dupe, '@');
+
+ /* Both strings have an @ symbol in them */
+ if (username_mask_pos && username_addr_pos)
+ {
+ /* Zero out the location of the @ symbol */
+ *username_mask_pos = *username_addr_pos = 0;
+
+ /* Try and match() the strings before the @
+ * symbols, and recursively call MatchCIDR without
+ * username matching enabled to match the host part.
+ */
+ bool result = (match(address_dupe, cidr_dupe) && MatchCIDR(username_addr_pos + 1, username_mask_pos + 1, false));
+
+ /* Free the stuff we created */
+ free(address_dupe);
+ free(cidr_dupe);
+
+ /* Return a result */
+ return result;
+ }
+ else
+ {
+ /* One or both didnt have an @ in,
+ * just match as CIDR
+ */
+ free(address_dupe);
+ free(cidr_dupe);
+ mask = strdup(cidr_mask);