#include "inspstring.h"
#include "helperfuncs.h"
#include "socketengine.h"
+#include "wildcard.h"
#include "message.h"
extern InspIRCd* ServerInstance;
0xFE /* 11111110 - 7 bits */
};
+/* Match raw bytes using CIDR bit matching, used by higher level MatchCIDR() */
bool MatchCIDRBits(unsigned char* address, unsigned char* mask, unsigned int mask_bits)
{
- unsigned int modulus = mask_bits & 0x07; /* Number of whole bytes in the mask */
- unsigned int divisor = mask_bits >> 0x04; /* Remaining bits in the mask after whole bytes are dealt with */
+ unsigned int modulus = mask_bits % 8; /* Number of whole bytes in the mask */
+ unsigned int divisor = mask_bits / 8; /* Remaining bits in the mask after whole bytes are dealt with */
+
+ /* We shouldnt match anything, /0 is always valid */
+ if (!mask_bits)
+ return true;
/* First compare the whole bytes, if they dont match, return false */
if (memcmp(address, mask, divisor))
return true;
}
+bool MatchCIDR(const char* address, const char* cidr_mask)
+{
+ return MatchCIDR(address, cidr_mask, false);
+}
+
+/* Match CIDR strings, e.g. 127.0.0.1 to 127.0.0.0/8 or 3ffe:1:5:6::8 to 3ffe:1::0/32
+ * If you have a lot of hosts to match, youre probably better off building your mask once
+ * and then using the lower level MatchCIDRBits directly.
+ */
+bool MatchCIDR(const char* address, const char* cidr_mask, bool match_with_username)
+{
+ unsigned char addr_raw[16];
+ unsigned char mask_raw[16];
+ unsigned int bits = 0;
+ char* mask = NULL;
+
+ /* The caller is trying to match ident@<mask>/bits.
+ * Chop off the ident@ portion, use match() on it
+ * seperately.
+ */
+ if (match_with_username)
+ {
+ /* Duplicate the strings, and try to find the position
+ * of the @ symbol in each */
+ char* address_dupe = strdup(address);
+ char* cidr_dupe = strdup(cidr_mask);
+
+ char* username_mask_pos = strchr(cidr_dupe, '@');
+ char* username_addr_pos = strchr(address_dupe, '@');
+
+ if (username_mask_pos && username_addr_pos)
+ {
+ *username_mask_pos = *username_addr_pos = 0;
+
+ bool result = (match(address_dupe, cidr_dupe) && MatchCIDR(username_addr_pos + 1, username_mask_pos + 1));
+
+ free(address_dupe);
+ free(cidr_dupe);
+
+ return result;
+ }
+ else
+ {
+ free(address_dupe);
+ free(cidr_dupe);
+ mask = strdup(cidr_mask);
+ }
+ }
+ else
+ {
+ mask = strdup(cidr_mask);
+ }
+
+ in_addr address_in4;
+ in_addr mask_in4;
+
+
+ char* bits_chars = strchr(mask,'/');
+
+ if (bits_chars)
+ {
+ bits = atoi(bits_chars + 1);
+ *bits_chars = 0;
+ }
+ else
+ {
+ /* No 'number of bits' field! */
+ return false;
+ }
+
+#ifdef SUPPORT_IP6LINKS
+ in6_addr address_in6;
+ in6_addr mask_in6;
+
+ if (inet_pton(AF_INET6, address, &address_in6) > 0)
+ {
+ if (inet_pton(AF_INET6, mask, &mask_in6) > 0)
+ {
+ memcpy(&addr_raw, &address_in6.s6_addr, 16);
+ memcpy(&mask_raw, &mask_in6.s6_addr, 16);
+
+ if (bits > 128)
+ bits = 128;
+ }
+ else
+ {
+ free(mask);
+ return false;
+ }
+ }
+ else
+#endif
+ if (inet_pton(AF_INET, address, &address_in4) > 0)
+ {
+ if (inet_pton(AF_INET, mask, &mask_in4) > 0)
+ {
+ memcpy(&addr_raw, &address_in4.s_addr, 4);
+ memcpy(&mask_raw, &mask_in4.s_addr, 4);
+
+ if (bits > 32)
+ bits = 32;
+ }
+ else
+ {
+ free(mask);
+ return false;
+ }
+ }
+ else
+ {
+ free(mask);
+ return false;
+ }
+
+ free(mask);
+ return MatchCIDRBits(addr_raw, mask_raw, bits);
+}
+
/** This will bind a socket to a port. It works for UDP/TCP.
* It can only bind to IP addresses, if you wish to bind to hostnames
* you should first resolve them using class 'Resolver'.