tinc-vpn.org Git - tinc/blob - src/subnet_parse.c

   1 /*
   2     subnet_parse.c -- handle subnet parsing
   3     Copyright (C) 2000-2021 Guus Sliepen <guus@tinc-vpn.org>,
   4                   2000-2005 Ivo Timmermans
   5
   6     This program is free software; you can redistribute it and/or modify
   7     it under the terms of the GNU General Public License as published by
   8     the Free Software Foundation; either version 2 of the License, or
   9     (at your option) any later version.
  10
  11     This program is distributed in the hope that it will be useful,
  12     but WITHOUT ANY WARRANTY; without even the implied warranty of
  13     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14     GNU General Public License for more details.
  15
  16     You should have received a copy of the GNU General Public License along
  17     with this program; if not, write to the Free Software Foundation, Inc.,
  18     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  19 */
  20
  21 #include "system.h"
  22
  23 #include "logger.h"
  24 #include "net.h"
  25 #include "netutl.h"
  26 #include "subnet.h"
  27 #include "utils.h"
  28 #include "xalloc.h"
  29
  30 /* Changing this default will affect ADD_SUBNET messages - beware of inconsistencies between versions */
  31 static const int DEFAULT_WEIGHT = 10;
  32
  33 /* Subnet mask handling */
  34
  35 int maskcmp(const void *va, const void *vb, int masklen) {
  36         int i, m, result;
  37         const char *a = va;
  38         const char *b = vb;
  39
  40         for(m = masklen, i = 0; m >= 8; m -= 8, i++) {
  41                 result = a[i] - b[i];
  42
  43                 if(result) {
  44                         return result;
  45                 }
  46         }
  47
  48         if(m)
  49                 return (a[i] & (0x100 - (1 << (8 - m)))) -
  50                        (b[i] & (0x100 - (1 << (8 - m))));
  51
  52         return 0;
  53 }
  54
  55 void mask(void *va, int masklen, int len) {
  56         int i;
  57         char *a = va;
  58
  59         i = masklen / 8;
  60         masklen %= 8;
  61
  62         if(masklen) {
  63                 a[i++] &= (0x100 - (1 << (8 - masklen)));
  64         }
  65
  66         for(; i < len; i++) {
  67                 a[i] = 0;
  68         }
  69 }
  70
  71 void maskcpy(void *va, const void *vb, int masklen, int len) {
  72         int i, m;
  73         char *a = va;
  74         const char *b = vb;
  75
  76         for(m = masklen, i = 0; m >= 8; m -= 8, i++) {
  77                 a[i] = b[i];
  78         }
  79
  80         if(m) {
  81                 a[i] = b[i] & (0x100 - (1 << (8 - m)));
  82                 i++;
  83         }
  84
  85         for(; i < len; i++) {
  86                 a[i] = 0;
  87         }
  88 }
  89
  90 bool subnetcheck(const subnet_t subnet) {
  91         if(((subnet.type == SUBNET_IPV4)
  92                         && !maskcheck(&subnet.net.ipv4.address, subnet.net.ipv4.prefixlength, sizeof(subnet.net.ipv4.address)))
  93                         || ((subnet.type == SUBNET_IPV6)
  94                             && !maskcheck(&subnet.net.ipv6.address, subnet.net.ipv6.prefixlength, sizeof(subnet.net.ipv6.address)))) {
  95                 return false;
  96         }
  97
  98         return true;
  99 }
 100
 101 bool maskcheck(const void *va, int masklen, int len) {
 102         int i;
 103         const char *a = va;
 104
 105         i = masklen / 8;
 106         masklen %= 8;
 107
 108         if(masklen && a[i++] & (0xff >> masklen)) {
 109                 return false;
 110         }
 111
 112         for(; i < len; i++)
 113                 if(a[i] != 0) {
 114                         return false;
 115                 }
 116
 117         return true;
 118 }
 119
 120 /* Subnet comparison */
 121
 122 static int subnet_compare_mac(const subnet_t *a, const subnet_t *b) {
 123         int result;
 124
 125         result = memcmp(&a->net.mac.address, &b->net.mac.address, sizeof(a->net.mac.address));
 126
 127         if(result) {
 128                 return result;
 129         }
 130
 131         result = a->weight - b->weight;
 132
 133         if(result || !a->owner || !b->owner) {
 134                 return result;
 135         }
 136
 137         return strcmp(a->owner->name, b->owner->name);
 138 }
 139
 140 static int subnet_compare_ipv4(const subnet_t *a, const subnet_t *b) {
 141         int result;
 142
 143         result = b->net.ipv4.prefixlength - a->net.ipv4.prefixlength;
 144
 145         if(result) {
 146                 return result;
 147         }
 148
 149         result = memcmp(&a->net.ipv4.address, &b->net.ipv4.address, sizeof(ipv4_t));
 150
 151         if(result) {
 152                 return result;
 153         }
 154
 155         result = a->weight - b->weight;
 156
 157         if(result || !a->owner || !b->owner) {
 158                 return result;
 159         }
 160
 161         return strcmp(a->owner->name, b->owner->name);
 162 }
 163
 164 static int subnet_compare_ipv6(const subnet_t *a, const subnet_t *b) {
 165         int result;
 166
 167         result = b->net.ipv6.prefixlength - a->net.ipv6.prefixlength;
 168
 169         if(result) {
 170                 return result;
 171         }
 172
 173         result = memcmp(&a->net.ipv6.address, &b->net.ipv6.address, sizeof(ipv6_t));
 174
 175         if(result) {
 176                 return result;
 177         }
 178
 179         result = a->weight - b->weight;
 180
 181         if(result || !a->owner || !b->owner) {
 182                 return result;
 183         }
 184
 185         return strcmp(a->owner->name, b->owner->name);
 186 }
 187
 188 int subnet_compare(const subnet_t *a, const subnet_t *b) {
 189         int result = (int)a->type - (int)b->type;
 190
 191         if(result) {
 192                 return result;
 193         }
 194
 195         switch(a->type) {
 196         case SUBNET_MAC:
 197                 return subnet_compare_mac(a, b);
 198
 199         case SUBNET_IPV4:
 200                 return subnet_compare_ipv4(a, b);
 201
 202         case SUBNET_IPV6:
 203                 return subnet_compare_ipv6(a, b);
 204
 205         default:
 206                 logger(DEBUG_ALWAYS, LOG_ERR, "subnet_compare() was called with unknown subnet type %d, exitting!", a->type);
 207                 exit(1);
 208         }
 209
 210         return 0;
 211 }
 212
 213 /* Ascii representation of subnets */
 214
 215 bool str2net(subnet_t *subnet, const char *subnetstr) {
 216         char str[64];
 217         strncpy(str, subnetstr, sizeof(str));
 218         str[sizeof(str) - 1] = 0;
 219         int consumed;
 220
 221         int weight = DEFAULT_WEIGHT;
 222         char *weight_separator = strchr(str, '#');
 223
 224         if(weight_separator) {
 225                 char *weight_str = weight_separator + 1;
 226
 227                 if(sscanf(weight_str, "%d%n", &weight, &consumed) < 1) {
 228                         return false;
 229                 }
 230
 231                 if(weight_str[consumed]) {
 232                         return false;
 233                 }
 234
 235                 *weight_separator = 0;
 236         }
 237
 238         int prefixlength = -1;
 239         char *prefixlength_separator = strchr(str, '/');
 240
 241         if(prefixlength_separator) {
 242                 char *prefixlength_str = prefixlength_separator + 1;
 243
 244                 if(sscanf(prefixlength_str, "%d%n", &prefixlength, &consumed) < 1) {
 245                         return false;
 246                 }
 247
 248                 if(prefixlength_str[consumed]) {
 249                         return false;
 250                 }
 251
 252                 *prefixlength_separator = 0;
 253
 254                 if(prefixlength < 0) {
 255                         return false;
 256                 }
 257         }
 258
 259         uint16_t x[8];
 260
 261         if(sscanf(str, "%hx:%hx:%hx:%hx:%hx:%hx%n", &x[0], &x[1], &x[2], &x[3], &x[4], &x[5], &consumed) >= 6 && !str[consumed]) {
 262                 /*
 263                    Normally we should check that each part has two digits to prevent ambiguities.
 264                    However, in old tinc versions net2str() will aggressively return MAC addresses with one-digit parts,
 265                    so we have to accept them otherwise we would be unable to parse ADD_SUBNET messages.
 266                 */
 267                 if(prefixlength >= 0) {
 268                         return false;
 269                 }
 270
 271                 subnet->type = SUBNET_MAC;
 272                 subnet->weight = weight;
 273
 274                 for(int i = 0; i < 6; i++) {
 275                         subnet->net.mac.address.x[i] = x[i];
 276                 }
 277
 278                 return true;
 279         }
 280
 281         if(inet_pton(AF_INET, str, &subnet->net.ipv4.address)) {
 282                 if(prefixlength == -1) {
 283                         prefixlength = 32;
 284                 }
 285
 286                 if(prefixlength > 32) {
 287                         return false;
 288                 }
 289
 290                 subnet->type = SUBNET_IPV4;
 291                 subnet->net.ipv4.prefixlength = prefixlength;
 292                 subnet->weight = weight;
 293
 294                 return true;
 295         }
 296
 297         if(inet_pton(AF_INET6, str, &subnet->net.ipv6.address)) {
 298                 if(prefixlength == -1) {
 299                         prefixlength = 128;
 300                 }
 301
 302                 if(prefixlength > 128) {
 303                         return false;
 304                 }
 305
 306                 subnet->type = SUBNET_IPV6;
 307                 subnet->net.ipv6.prefixlength = prefixlength;
 308                 subnet->weight = weight;
 309
 310                 return true;
 311         }
 312
 313         return false;
 314 }
 315
 316 bool net2str(char *netstr, int len, const subnet_t *subnet) {
 317         if(!netstr || !subnet) {
 318                 logger(DEBUG_ALWAYS, LOG_ERR, "net2str() was called with netstr=%p, subnet=%p!", (void *)netstr, (void *)subnet);
 319                 return false;
 320         }
 321
 322         int result;
 323         int prefixlength = -1;
 324
 325         switch(subnet->type) {
 326         case SUBNET_MAC:
 327                 snprintf(netstr, len, "%02x:%02x:%02x:%02x:%02x:%02x",
 328                          subnet->net.mac.address.x[0],
 329                          subnet->net.mac.address.x[1],
 330                          subnet->net.mac.address.x[2],
 331                          subnet->net.mac.address.x[3],
 332                          subnet->net.mac.address.x[4],
 333                          subnet->net.mac.address.x[5]);
 334                 break;
 335
 336         case SUBNET_IPV4:
 337                 inet_ntop(AF_INET, &subnet->net.ipv4.address, netstr, len);
 338                 prefixlength = subnet->net.ipv4.prefixlength;
 339
 340                 if(prefixlength == 32) {
 341                         prefixlength = -1;
 342                 }
 343
 344                 break;
 345
 346         case SUBNET_IPV6: {
 347                 inet_ntop(AF_INET6, &subnet->net.ipv6.address, netstr, len);
 348                 prefixlength = subnet->net.ipv6.prefixlength;
 349
 350                 if(prefixlength == 128) {
 351                         prefixlength = -1;
 352                 }
 353
 354                 break;
 355         }
 356
 357         default:
 358                 logger(DEBUG_ALWAYS, LOG_ERR, "net2str() was called with unknown subnet type %d, exiting!", subnet->type);
 359                 exit(1);
 360         }
 361
 362         size_t used = strlen(netstr);
 363         netstr += used;
 364         len -= used;
 365
 366         if(prefixlength >= 0) {
 367                 result = snprintf(netstr, len, "/%d", prefixlength);
 368                 netstr += result;
 369                 len -= result;
 370         }
 371
 372         if(subnet->weight != DEFAULT_WEIGHT) {
 373                 snprintf(netstr, len, "#%d", subnet->weight);
 374         }
 375
 376         return true;
 377 }