Line data Source code
1 : /* 2 : * Copyright (C) 2014-2016 Free Software Foundation, Inc. 3 : * Copyright (C) 2016 Red Hat, Inc. 4 : * 5 : * Authors: Nikos Mavrogiannopoulos, Daiki Ueno, Martin Ukrop 6 : * 7 : * This file is part of GnuTLS. 8 : * 9 : * The GnuTLS is free software; you can redistribute it and/or 10 : * modify it under the terms of the GNU Lesser General Public License 11 : * as published by the Free Software Foundation; either version 2.1 of 12 : * the License, or (at your option) any later version. 13 : * 14 : * This library is distributed in the hope that it will be useful, but 15 : * WITHOUT ANY WARRANTY; without even the implied warranty of 16 : * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 17 : * Lesser General Public License for more details. 18 : * 19 : * You should have received a copy of the GNU Lesser General Public License 20 : * along with this program. If not, see <https://www.gnu.org/licenses/> 21 : * 22 : */ 23 : 24 : #ifndef GNUTLS_LIB_X509_IP_IN_CIDR_H 25 : #define GNUTLS_LIB_X509_IP_IN_CIDR_H 26 : 27 : /*- 28 : * ip_in_cidr: 29 : * @ip: IP datum (IPv4 or IPv6) 30 : * @cidr: CIDR datum (IPv4 or IPv6) 31 : * 32 : * Check if @ip lies in the given @cidr range. 33 : * The @ip version must match the @cidr version (v4/v6), 34 : * (this is not checked). 35 : * 36 : * Returns: 1 if @ip lies within @cidr, 0 otherwise 37 : -*/ 38 74 : static unsigned ip_in_cidr(const gnutls_datum_t *ip, const gnutls_datum_t *cidr) 39 : { 40 74 : unsigned byte; 41 : #ifndef BUILD_IN_TESTS 42 74 : char str_ip[48]; 43 74 : char str_cidr[97]; 44 : 45 74 : _gnutls_hard_log("matching %.*s with CIDR constraint %.*s\n", 46 : (int) sizeof(str_ip), 47 : _gnutls_ip_to_string(ip->data, ip->size, str_ip, sizeof(str_ip)), 48 : (int) sizeof(str_cidr), 49 : _gnutls_cidr_to_string(cidr->data, cidr->size, str_cidr, sizeof(str_cidr))); 50 : #endif 51 443 : for (byte = 0; byte < ip->size; byte++) 52 407 : if (((ip->data[byte] ^ cidr->data[byte]) & cidr->data[ip->size+byte]) != 0) 53 : return 0; 54 : 55 : return 1; /* match */ 56 : } 57 : 58 : #endif /* GNUTLS_LIB_X509_IP_IN_CIDR_H */