| /* SPDX-License-Identifier: LGPL-2.1+ */ |
| |
| #include <arpa/inet.h> |
| #include <endian.h> |
| #include <errno.h> |
| #include <net/if.h> |
| #include <stdint.h> |
| #include <stdio.h> |
| #include <stdlib.h> |
| |
| #include "alloc-util.h" |
| #include "errno-util.h" |
| #include "in-addr-util.h" |
| #include "macro.h" |
| #include "parse-util.h" |
| #include "random-util.h" |
| #include "strxcpyx.h" |
| #include "util.h" |
| |
| bool in4_addr_is_null(const struct in_addr *a) { |
| assert(a); |
| |
| return a->s_addr == 0; |
| } |
| |
| int in_addr_is_null(int family, const union in_addr_union *u) { |
| assert(u); |
| |
| if (family == AF_INET) |
| return in4_addr_is_null(&u->in); |
| |
| if (family == AF_INET6) |
| return IN6_IS_ADDR_UNSPECIFIED(&u->in6); |
| |
| return -EAFNOSUPPORT; |
| } |
| |
| bool in4_addr_is_link_local(const struct in_addr *a) { |
| assert(a); |
| |
| return (be32toh(a->s_addr) & UINT32_C(0xFFFF0000)) == (UINT32_C(169) << 24 | UINT32_C(254) << 16); |
| } |
| |
| int in_addr_is_link_local(int family, const union in_addr_union *u) { |
| assert(u); |
| |
| if (family == AF_INET) |
| return in4_addr_is_link_local(&u->in); |
| |
| if (family == AF_INET6) |
| return IN6_IS_ADDR_LINKLOCAL(&u->in6); |
| |
| return -EAFNOSUPPORT; |
| } |
| |
| int in_addr_is_multicast(int family, const union in_addr_union *u) { |
| assert(u); |
| |
| if (family == AF_INET) |
| return IN_MULTICAST(be32toh(u->in.s_addr)); |
| |
| if (family == AF_INET6) |
| return IN6_IS_ADDR_MULTICAST(&u->in6); |
| |
| return -EAFNOSUPPORT; |
| } |
| |
| bool in4_addr_is_localhost(const struct in_addr *a) { |
| assert(a); |
| |
| /* All of 127.x.x.x is localhost. */ |
| return (be32toh(a->s_addr) & UINT32_C(0xFF000000)) == UINT32_C(127) << 24; |
| } |
| |
| bool in4_addr_is_non_local(const struct in_addr *a) { |
| /* Whether the address is not null and not localhost. |
| * |
| * As such, it is suitable to configure as DNS/NTP server from DHCP. */ |
| return !in4_addr_is_null(a) && |
| !in4_addr_is_localhost(a); |
| } |
| |
| int in_addr_is_localhost(int family, const union in_addr_union *u) { |
| assert(u); |
| |
| if (family == AF_INET) |
| return in4_addr_is_localhost(&u->in); |
| |
| if (family == AF_INET6) |
| return IN6_IS_ADDR_LOOPBACK(&u->in6); |
| |
| return -EAFNOSUPPORT; |
| } |
| |
| bool in4_addr_equal(const struct in_addr *a, const struct in_addr *b) { |
| assert(a); |
| assert(b); |
| |
| return a->s_addr == b->s_addr; |
| } |
| |
| int in_addr_equal(int family, const union in_addr_union *a, const union in_addr_union *b) { |
| assert(a); |
| assert(b); |
| |
| if (family == AF_INET) |
| return in4_addr_equal(&a->in, &b->in); |
| |
| if (family == AF_INET6) |
| return |
| a->in6.s6_addr32[0] == b->in6.s6_addr32[0] && |
| a->in6.s6_addr32[1] == b->in6.s6_addr32[1] && |
| a->in6.s6_addr32[2] == b->in6.s6_addr32[2] && |
| a->in6.s6_addr32[3] == b->in6.s6_addr32[3]; |
| |
| return -EAFNOSUPPORT; |
| } |
| |
| int in_addr_prefix_intersect( |
| int family, |
| const union in_addr_union *a, |
| unsigned aprefixlen, |
| const union in_addr_union *b, |
| unsigned bprefixlen) { |
| |
| unsigned m; |
| |
| assert(a); |
| assert(b); |
| |
| /* Checks whether there are any addresses that are in both |
| * networks */ |
| |
| m = MIN(aprefixlen, bprefixlen); |
| |
| if (family == AF_INET) { |
| uint32_t x, nm; |
| |
| x = be32toh(a->in.s_addr ^ b->in.s_addr); |
| nm = (m == 0) ? 0 : 0xFFFFFFFFUL << (32 - m); |
| |
| return (x & nm) == 0; |
| } |
| |
| if (family == AF_INET6) { |
| unsigned i; |
| |
| if (m > 128) |
| m = 128; |
| |
| for (i = 0; i < 16; i++) { |
| uint8_t x, nm; |
| |
| x = a->in6.s6_addr[i] ^ b->in6.s6_addr[i]; |
| |
| if (m < 8) |
| nm = 0xFF << (8 - m); |
| else |
| nm = 0xFF; |
| |
| if ((x & nm) != 0) |
| return 0; |
| |
| if (m > 8) |
| m -= 8; |
| else |
| m = 0; |
| } |
| |
| return 1; |
| } |
| |
| return -EAFNOSUPPORT; |
| } |
| |
| int in_addr_prefix_next(int family, union in_addr_union *u, unsigned prefixlen) { |
| assert(u); |
| |
| /* Increases the network part of an address by one. Returns |
| * positive it that succeeds, or 0 if this overflows. */ |
| |
| if (prefixlen <= 0) |
| return 0; |
| |
| if (family == AF_INET) { |
| uint32_t c, n; |
| |
| if (prefixlen > 32) |
| prefixlen = 32; |
| |
| c = be32toh(u->in.s_addr); |
| n = c + (1UL << (32 - prefixlen)); |
| if (n < c) |
| return 0; |
| n &= 0xFFFFFFFFUL << (32 - prefixlen); |
| |
| u->in.s_addr = htobe32(n); |
| return 1; |
| } |
| |
| if (family == AF_INET6) { |
| struct in6_addr add = {}, result; |
| uint8_t overflow = 0; |
| unsigned i; |
| |
| if (prefixlen > 128) |
| prefixlen = 128; |
| |
| /* First calculate what we have to add */ |
| add.s6_addr[(prefixlen-1) / 8] = 1 << (7 - (prefixlen-1) % 8); |
| |
| for (i = 16; i > 0; i--) { |
| unsigned j = i - 1; |
| |
| result.s6_addr[j] = u->in6.s6_addr[j] + add.s6_addr[j] + overflow; |
| overflow = (result.s6_addr[j] < u->in6.s6_addr[j]); |
| } |
| |
| if (overflow) |
| return 0; |
| |
| u->in6 = result; |
| return 1; |
| } |
| |
| return -EAFNOSUPPORT; |
| } |
| |
| int in_addr_random_prefix( |
| int family, |
| union in_addr_union *u, |
| unsigned prefixlen_fixed_part, |
| unsigned prefixlen) { |
| |
| assert(u); |
| |
| /* Random network part of an address by one. */ |
| |
| if (prefixlen <= 0) |
| return 0; |
| |
| if (family == AF_INET) { |
| uint32_t c, n; |
| |
| if (prefixlen_fixed_part > 32) |
| prefixlen_fixed_part = 32; |
| if (prefixlen > 32) |
| prefixlen = 32; |
| if (prefixlen_fixed_part >= prefixlen) |
| return -EINVAL; |
| |
| c = be32toh(u->in.s_addr); |
| c &= ((UINT32_C(1) << prefixlen_fixed_part) - 1) << (32 - prefixlen_fixed_part); |
| |
| random_bytes(&n, sizeof(n)); |
| n &= ((UINT32_C(1) << (prefixlen - prefixlen_fixed_part)) - 1) << (32 - prefixlen); |
| |
| u->in.s_addr = htobe32(n | c); |
| return 1; |
| } |
| |
| if (family == AF_INET6) { |
| struct in6_addr n; |
| unsigned i, j; |
| |
| if (prefixlen_fixed_part > 128) |
| prefixlen_fixed_part = 128; |
| if (prefixlen > 128) |
| prefixlen = 128; |
| if (prefixlen_fixed_part >= prefixlen) |
| return -EINVAL; |
| |
| random_bytes(&n, sizeof(n)); |
| |
| for (i = 0; i < 16; i++) { |
| uint8_t mask_fixed_part = 0, mask = 0; |
| |
| if (i < (prefixlen_fixed_part + 7) / 8) { |
| if (i < prefixlen_fixed_part / 8) |
| mask_fixed_part = 0xffu; |
| else { |
| j = prefixlen_fixed_part % 8; |
| mask_fixed_part = ((UINT8_C(1) << (j + 1)) - 1) << (8 - j); |
| } |
| } |
| |
| if (i < (prefixlen + 7) / 8) { |
| if (i < prefixlen / 8) |
| mask = 0xffu ^ mask_fixed_part; |
| else { |
| j = prefixlen % 8; |
| mask = (((UINT8_C(1) << (j + 1)) - 1) << (8 - j)) ^ mask_fixed_part; |
| } |
| } |
| |
| u->in6.s6_addr[i] &= mask_fixed_part; |
| u->in6.s6_addr[i] |= n.s6_addr[i] & mask; |
| } |
| |
| return 1; |
| } |
| |
| return -EAFNOSUPPORT; |
| } |
| |
| int in_addr_to_string(int family, const union in_addr_union *u, char **ret) { |
| _cleanup_free_ char *x = NULL; |
| size_t l; |
| |
| assert(u); |
| assert(ret); |
| |
| if (family == AF_INET) |
| l = INET_ADDRSTRLEN; |
| else if (family == AF_INET6) |
| l = INET6_ADDRSTRLEN; |
| else |
| return -EAFNOSUPPORT; |
| |
| x = new(char, l); |
| if (!x) |
| return -ENOMEM; |
| |
| errno = 0; |
| if (!inet_ntop(family, u, x, l)) |
| return errno_or_else(EINVAL); |
| |
| *ret = TAKE_PTR(x); |
| return 0; |
| } |
| |
| int in_addr_prefix_to_string(int family, const union in_addr_union *u, unsigned prefixlen, char **ret) { |
| _cleanup_free_ char *x = NULL; |
| char *p; |
| size_t l; |
| |
| assert(u); |
| assert(ret); |
| |
| if (family == AF_INET) |
| l = INET_ADDRSTRLEN + 3; |
| else if (family == AF_INET6) |
| l = INET6_ADDRSTRLEN + 4; |
| else |
| return -EAFNOSUPPORT; |
| |
| if (prefixlen > FAMILY_ADDRESS_SIZE(family) * 8) |
| return -EINVAL; |
| |
| x = new(char, l); |
| if (!x) |
| return -ENOMEM; |
| |
| errno = 0; |
| if (!inet_ntop(family, u, x, l)) |
| return errno_or_else(EINVAL); |
| |
| p = x + strlen(x); |
| l -= strlen(x); |
| (void) strpcpyf(&p, l, "/%u", prefixlen); |
| |
| *ret = TAKE_PTR(x); |
| return 0; |
| } |
| |
| int in_addr_ifindex_to_string(int family, const union in_addr_union *u, int ifindex, char **ret) { |
| _cleanup_free_ char *x = NULL; |
| size_t l; |
| int r; |
| |
| assert(u); |
| assert(ret); |
| |
| /* Much like in_addr_to_string(), but optionally appends the zone interface index to the address, to properly |
| * handle IPv6 link-local addresses. */ |
| |
| if (family != AF_INET6) |
| goto fallback; |
| if (ifindex <= 0) |
| goto fallback; |
| |
| r = in_addr_is_link_local(family, u); |
| if (r < 0) |
| return r; |
| if (r == 0) |
| goto fallback; |
| |
| l = INET6_ADDRSTRLEN + 1 + DECIMAL_STR_MAX(ifindex) + 1; |
| x = new(char, l); |
| if (!x) |
| return -ENOMEM; |
| |
| errno = 0; |
| if (!inet_ntop(family, u, x, l)) |
| return errno_or_else(EINVAL); |
| |
| sprintf(strchr(x, 0), "%%%i", ifindex); |
| |
| *ret = TAKE_PTR(x); |
| return 0; |
| |
| fallback: |
| return in_addr_to_string(family, u, ret); |
| } |
| |
| int in_addr_from_string(int family, const char *s, union in_addr_union *ret) { |
| union in_addr_union buffer; |
| assert(s); |
| |
| if (!IN_SET(family, AF_INET, AF_INET6)) |
| return -EAFNOSUPPORT; |
| |
| errno = 0; |
| if (inet_pton(family, s, ret ?: &buffer) <= 0) |
| return errno_or_else(EINVAL); |
| |
| return 0; |
| } |
| |
| int in_addr_from_string_auto(const char *s, int *ret_family, union in_addr_union *ret) { |
| int r; |
| |
| assert(s); |
| |
| r = in_addr_from_string(AF_INET, s, ret); |
| if (r >= 0) { |
| if (ret_family) |
| *ret_family = AF_INET; |
| return 0; |
| } |
| |
| r = in_addr_from_string(AF_INET6, s, ret); |
| if (r >= 0) { |
| if (ret_family) |
| *ret_family = AF_INET6; |
| return 0; |
| } |
| |
| return -EINVAL; |
| } |
| |
| int in_addr_ifindex_from_string_auto(const char *s, int *family, union in_addr_union *ret, int *ifindex) { |
| _cleanup_free_ char *buf = NULL; |
| const char *suffix; |
| int r, ifi = 0; |
| |
| assert(s); |
| assert(family); |
| assert(ret); |
| |
| /* Similar to in_addr_from_string_auto() but also parses an optionally appended IPv6 zone suffix ("scope id") |
| * if one is found. */ |
| |
| suffix = strchr(s, '%'); |
| if (suffix) { |
| |
| if (ifindex) { |
| /* If we shall return the interface index, try to parse it */ |
| r = parse_ifindex(suffix + 1, &ifi); |
| if (r < 0) { |
| unsigned u; |
| |
| u = if_nametoindex(suffix + 1); |
| if (u <= 0) |
| return -errno; |
| |
| ifi = (int) u; |
| } |
| } |
| |
| buf = strndup(s, suffix - s); |
| if (!buf) |
| return -ENOMEM; |
| |
| s = buf; |
| } |
| |
| r = in_addr_from_string_auto(s, family, ret); |
| if (r < 0) |
| return r; |
| |
| if (ifindex) |
| *ifindex = ifi; |
| |
| return r; |
| } |
| |
| unsigned char in4_addr_netmask_to_prefixlen(const struct in_addr *addr) { |
| assert(addr); |
| |
| return 32U - u32ctz(be32toh(addr->s_addr)); |
| } |
| |
| struct in_addr* in4_addr_prefixlen_to_netmask(struct in_addr *addr, unsigned char prefixlen) { |
| assert(addr); |
| assert(prefixlen <= 32); |
| |
| /* Shifting beyond 32 is not defined, handle this specially. */ |
| if (prefixlen == 0) |
| addr->s_addr = 0; |
| else |
| addr->s_addr = htobe32((0xffffffff << (32 - prefixlen)) & 0xffffffff); |
| |
| return addr; |
| } |
| |
| int in4_addr_default_prefixlen(const struct in_addr *addr, unsigned char *prefixlen) { |
| uint8_t msb_octet = *(uint8_t*) addr; |
| |
| /* addr may not be aligned, so make sure we only access it byte-wise */ |
| |
| assert(addr); |
| assert(prefixlen); |
| |
| if (msb_octet < 128) |
| /* class A, leading bits: 0 */ |
| *prefixlen = 8; |
| else if (msb_octet < 192) |
| /* class B, leading bits 10 */ |
| *prefixlen = 16; |
| else if (msb_octet < 224) |
| /* class C, leading bits 110 */ |
| *prefixlen = 24; |
| else |
| /* class D or E, no default prefixlen */ |
| return -ERANGE; |
| |
| return 0; |
| } |
| |
| int in4_addr_default_subnet_mask(const struct in_addr *addr, struct in_addr *mask) { |
| unsigned char prefixlen; |
| int r; |
| |
| assert(addr); |
| assert(mask); |
| |
| r = in4_addr_default_prefixlen(addr, &prefixlen); |
| if (r < 0) |
| return r; |
| |
| in4_addr_prefixlen_to_netmask(mask, prefixlen); |
| return 0; |
| } |
| |
| int in_addr_mask(int family, union in_addr_union *addr, unsigned char prefixlen) { |
| assert(addr); |
| |
| if (family == AF_INET) { |
| struct in_addr mask; |
| |
| if (!in4_addr_prefixlen_to_netmask(&mask, prefixlen)) |
| return -EINVAL; |
| |
| addr->in.s_addr &= mask.s_addr; |
| return 0; |
| } |
| |
| if (family == AF_INET6) { |
| unsigned i; |
| |
| for (i = 0; i < 16; i++) { |
| uint8_t mask; |
| |
| if (prefixlen >= 8) { |
| mask = 0xFF; |
| prefixlen -= 8; |
| } else { |
| mask = 0xFF << (8 - prefixlen); |
| prefixlen = 0; |
| } |
| |
| addr->in6.s6_addr[i] &= mask; |
| } |
| |
| return 0; |
| } |
| |
| return -EAFNOSUPPORT; |
| } |
| |
| int in_addr_prefix_covers(int family, |
| const union in_addr_union *prefix, |
| unsigned char prefixlen, |
| const union in_addr_union *address) { |
| |
| union in_addr_union masked_prefix, masked_address; |
| int r; |
| |
| assert(prefix); |
| assert(address); |
| |
| masked_prefix = *prefix; |
| r = in_addr_mask(family, &masked_prefix, prefixlen); |
| if (r < 0) |
| return r; |
| |
| masked_address = *address; |
| r = in_addr_mask(family, &masked_address, prefixlen); |
| if (r < 0) |
| return r; |
| |
| return in_addr_equal(family, &masked_prefix, &masked_address); |
| } |
| |
| int in_addr_parse_prefixlen(int family, const char *p, unsigned char *ret) { |
| uint8_t u; |
| int r; |
| |
| if (!IN_SET(family, AF_INET, AF_INET6)) |
| return -EAFNOSUPPORT; |
| |
| r = safe_atou8(p, &u); |
| if (r < 0) |
| return r; |
| |
| if (u > FAMILY_ADDRESS_SIZE(family) * 8) |
| return -ERANGE; |
| |
| *ret = u; |
| return 0; |
| } |
| |
| int in_addr_prefix_from_string( |
| const char *p, |
| int family, |
| union in_addr_union *ret_prefix, |
| unsigned char *ret_prefixlen) { |
| |
| _cleanup_free_ char *str = NULL; |
| union in_addr_union buffer; |
| const char *e, *l; |
| unsigned char k; |
| int r; |
| |
| assert(p); |
| |
| if (!IN_SET(family, AF_INET, AF_INET6)) |
| return -EAFNOSUPPORT; |
| |
| e = strchr(p, '/'); |
| if (e) { |
| str = strndup(p, e - p); |
| if (!str) |
| return -ENOMEM; |
| |
| l = str; |
| } else |
| l = p; |
| |
| r = in_addr_from_string(family, l, &buffer); |
| if (r < 0) |
| return r; |
| |
| if (e) { |
| r = in_addr_parse_prefixlen(family, e+1, &k); |
| if (r < 0) |
| return r; |
| } else |
| k = FAMILY_ADDRESS_SIZE(family) * 8; |
| |
| if (ret_prefix) |
| *ret_prefix = buffer; |
| if (ret_prefixlen) |
| *ret_prefixlen = k; |
| |
| return 0; |
| } |
| |
| int in_addr_prefix_from_string_auto_internal( |
| const char *p, |
| InAddrPrefixLenMode mode, |
| int *ret_family, |
| union in_addr_union *ret_prefix, |
| unsigned char *ret_prefixlen) { |
| |
| _cleanup_free_ char *str = NULL; |
| union in_addr_union buffer; |
| const char *e, *l; |
| unsigned char k; |
| int family, r; |
| |
| assert(p); |
| |
| e = strchr(p, '/'); |
| if (e) { |
| str = strndup(p, e - p); |
| if (!str) |
| return -ENOMEM; |
| |
| l = str; |
| } else |
| l = p; |
| |
| r = in_addr_from_string_auto(l, &family, &buffer); |
| if (r < 0) |
| return r; |
| |
| if (e) { |
| r = in_addr_parse_prefixlen(family, e+1, &k); |
| if (r < 0) |
| return r; |
| } else |
| switch (mode) { |
| case PREFIXLEN_FULL: |
| k = FAMILY_ADDRESS_SIZE(family) * 8; |
| break; |
| case PREFIXLEN_REFUSE: |
| return -ENOANO; /* To distinguish this error from others. */ |
| case PREFIXLEN_LEGACY: |
| if (family == AF_INET) { |
| r = in4_addr_default_prefixlen(&buffer.in, &k); |
| if (r < 0) |
| return r; |
| } else |
| k = 0; |
| break; |
| default: |
| assert_not_reached("Invalid prefixlen mode"); |
| } |
| |
| if (ret_family) |
| *ret_family = family; |
| if (ret_prefix) |
| *ret_prefix = buffer; |
| if (ret_prefixlen) |
| *ret_prefixlen = k; |
| |
| return 0; |
| |
| } |
| |
| static void in_addr_data_hash_func(const struct in_addr_data *a, struct siphash *state) { |
| siphash24_compress(&a->family, sizeof(a->family), state); |
| siphash24_compress(&a->address, FAMILY_ADDRESS_SIZE(a->family), state); |
| } |
| |
| static int in_addr_data_compare_func(const struct in_addr_data *x, const struct in_addr_data *y) { |
| int r; |
| |
| r = CMP(x->family, y->family); |
| if (r != 0) |
| return r; |
| |
| return memcmp(&x->address, &y->address, FAMILY_ADDRESS_SIZE(x->family)); |
| } |
| |
| DEFINE_HASH_OPS(in_addr_data_hash_ops, struct in_addr_data, in_addr_data_hash_func, in_addr_data_compare_func); |
| |
| static void in6_addr_hash_func(const struct in6_addr *addr, struct siphash *state) { |
| assert(addr); |
| |
| siphash24_compress(addr, sizeof(*addr), state); |
| } |
| |
| static int in6_addr_compare_func(const struct in6_addr *a, const struct in6_addr *b) { |
| return memcmp(a, b, sizeof(*a)); |
| } |
| |
| DEFINE_HASH_OPS(in6_addr_hash_ops, struct in6_addr, in6_addr_hash_func, in6_addr_compare_func); |