#endif
bool MatchCIDRBits(unsigned char* address, unsigned char* mask, unsigned int mask_bits);
+bool MatchCIDR(const char* address, const char* cidr_mask);
const char* insp_ntoa(insp_inaddr n);
int insp_aton(const char* a, insp_inaddr* n);
#include "inspircd_config.h"
bool match(const char* str, const char* mask);
+bool match(const char *str, const char *mask, bool use_cidr_match);
extern FactoryList factory;
extern time_t TIME;
-bool OneOfMatches(const char* host, const char* hostlist)
+bool OneOfMatches(const char* host, const char* ip, const char* hostlist)
{
std::stringstream hl(hostlist);
std::string xhost;
while (hl >> xhost)
{
log(DEBUG,"Oper: Matching host %s",xhost.c_str());
- if (match(host,xhost.c_str()))
+ if (match(host,xhost.c_str()) || match(ip,xhost.c_str(),true))
{
return true;
}
Config->ConfValue(Config->config_data, "oper", "type", i, OperType, MAXBUF);
Config->ConfValue(Config->config_data, "oper", "host", i, HostName, MAXBUF);
- if ((!strcmp(LoginName,parameters[0])) && (!operstrcmp(Password,parameters[1])) && (OneOfMatches(TheHost,HostName)))
+ if ((!strcmp(LoginName,parameters[0])) && (!operstrcmp(Password,parameters[1])) && (OneOfMatches(TheHost,user->GetIPString(),HostName)))
{
fail2 = true;
for (j =0; j < Config->ConfValueEnum(Config->config_data, "type"); j++)
for (user_hash::iterator u = clientlist.begin(); u != clientlist.end(); u++)
{
- if (match(u->second->GetIPString(),ip.c_str()))
+ if (match(u->second->GetIPString(),ip.c_str(),true))
matches++;
}
{
for (ClassVector::iterator i = Config->Classes.begin(); i != Config->Classes.end(); i++)
{
- if ((match(user->GetIPString(),i->host.c_str())) || (match(user->host,i->host.c_str())))
+ if ((match(user->GetIPString(),i->host.c_str(),true)) || (match(user->host,i->host.c_str())))
{
return *i;
}
int main(int argc, char** argv)
{
-
- unsigned char addr[] = {0xCC,0xAA,0xCC,0xAA};
- unsigned char mask[] = {0xCC,0xAA,0xC0,0xAA};
-
- printf("%d",MatchCIDRBits(addr, mask, 20));
-
- exit(0);
+ /* This is a MatchCIDR() test suite -
+ printf("Should be 0: %d\n",MatchCIDR("127.0.0.1","1.2.3.4/8"));
+ printf("Should be 1: %d\n",MatchCIDR("127.0.0.1","127.0.0.0/8"));
+ printf("Should be 1: %d\n",MatchCIDR("127.0.0.1","127.0.0.0/18"));
+ printf("Should be 0: %d\n",MatchCIDR("3ffe::0","2fc9::0/16"));
+ printf("Should be 1: %d\n",MatchCIDR("3ffe:1:3::0", "3ffe:1::0/32"));
+ exit(0); */
try
{
std::string hostname(user->ident);
hostname.append("@").append(user->host);
- if((tname == type) && OneOfMatches(hostname.c_str(), pattern.c_str()))
+ if((tname == type) && OneOfMatches(hostname.c_str(), user->GetIPString(), pattern.c_str()))
{
/* Opertype and host match, looks like this is it. */
- log(DEBUG, "Host (%s matched %s) and type (%s)", pattern.c_str(), hostname.c_str(), type.c_str());
+ log(DEBUG, "Host (%s matched %s OR %s) and type (%s)", pattern.c_str(), hostname.c_str(), user->GetIPString(), type.c_str());
std::string operhost = Conf.ReadValue("type", "host", j);
bool MatchCIDRBits(unsigned char* address, unsigned char* mask, unsigned int mask_bits)
{
- unsigned int modulus = mask_bits & 0x07; /* Number of whole bytes in the mask */
- unsigned int divisor = mask_bits >> 0x04; /* Remaining bits in the mask after whole bytes are dealt with */
+ unsigned int modulus = mask_bits % 8; /* Number of whole bytes in the mask */
+ unsigned int divisor = mask_bits / 8; /* Remaining bits in the mask after whole bytes are dealt with */
/* First compare the whole bytes, if they dont match, return false */
if (memcmp(address, mask, divisor))
return true;
}
+bool MatchCIDR(const char* address, const char* cidr_mask)
+{
+ unsigned char addr_raw[16];
+ unsigned char mask_raw[16];
+ unsigned int bits = 0;
+ char* mask = strdup(cidr_mask);
+
+ in_addr address_in4;
+ in_addr mask_in4;
+
+ char* bits_chars = strchr(mask,'/');
+
+ if (bits_chars)
+ {
+ bits = atoi(bits_chars + 1);
+ *bits_chars = 0;
+ }
+
+#ifdef SUPPORT_IP6LINKS
+ in6_addr address_in6;
+ in6_addr mask_in6;
+
+ if (inet_pton(AF_INET6, address, &address_in6) > 0)
+ {
+ if (inet_pton(AF_INET6, mask, &mask_in6) > 0)
+ {
+ memcpy(&addr_raw, &address_in6.s6_addr, 16);
+ memcpy(&mask_raw, &mask_in6.s6_addr, 16);
+ }
+ else
+ {
+ free(mask);
+ return false;
+ }
+ }
+ else
+#endif
+ if (inet_pton(AF_INET, address, &address_in4) > 0)
+ {
+ if (inet_pton(AF_INET, mask, &mask_in4) > 0)
+ {
+ memcpy(&addr_raw, &address_in4.s_addr, 4);
+ memcpy(&mask_raw, &mask_in4.s_addr, 4);
+ }
+ else
+ {
+ free(mask);
+ return false;
+ }
+ }
+ else
+ {
+ free(mask);
+ return false;
+ }
+
+ free(mask);
+ return MatchCIDRBits(addr_raw, mask_raw, bits);
+}
+
/** This will bind a socket to a port. It works for UDP/TCP.
* It can only bind to IP addresses, if you wish to bind to hostnames
* you should first resolve them using class 'Resolver'.
for (ClassVector::iterator i = Config->Classes.begin(); i != Config->Classes.end(); i++)
{
- if ((i->type == CC_ALLOW) && (match(ipaddr,i->host.c_str())))
+ if ((i->type == CC_ALLOW) && (match(ipaddr,i->host.c_str(),true)))
{
class_regtimeout = (unsigned long)i->registration_timeout;
class_flood = i->flood;
return !*wild;
}
+/* Overloaded function that has the option of using cidr */
+bool match(const char *str, const char *mask, bool use_cidr_match)
+{
+ if (use_cidr_match && MatchCIDR(str, mask))
+ return true;
+ return match(str, mask);
+}
if ((zlines.empty()) && (pzlines.empty()))
return NULL;
for (std::vector<ZLine>::iterator i = zlines.begin(); i != zlines.end(); i++)
- if (match(ipaddr,i->ipaddr))
+ if (match(ipaddr,i->ipaddr,true))
return i->reason;
for (std::vector<ZLine>::iterator i = pzlines.begin(); i != pzlines.end(); i++)
- if (match(ipaddr,i->ipaddr))
+ if (match(ipaddr,i->ipaddr,true))
return i->reason;
return NULL;
}