summaryrefslogtreecommitdiffstats
path: root/lib/x509/ip-in-cidr.h
diff options
context:
space:
mode:
Diffstat (limited to 'lib/x509/ip-in-cidr.h')
-rw-r--r--lib/x509/ip-in-cidr.h58
1 files changed, 58 insertions, 0 deletions
diff --git a/lib/x509/ip-in-cidr.h b/lib/x509/ip-in-cidr.h
new file mode 100644
index 0000000..d5e26eb
--- /dev/null
+++ b/lib/x509/ip-in-cidr.h
@@ -0,0 +1,58 @@
+/*
+ * Copyright (C) 2014-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2016 Red Hat, Inc.
+ *
+ * Authors: Nikos Mavrogiannopoulos, Daiki Ueno, Martin Ukrop
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_X509_IP_IN_CIDR_H
+#define GNUTLS_LIB_X509_IP_IN_CIDR_H
+
+/*-
+ * ip_in_cidr:
+ * @ip: IP datum (IPv4 or IPv6)
+ * @cidr: CIDR datum (IPv4 or IPv6)
+ *
+ * Check if @ip lies in the given @cidr range.
+ * The @ip version must match the @cidr version (v4/v6),
+ * (this is not checked).
+ *
+ * Returns: 1 if @ip lies within @cidr, 0 otherwise
+ -*/
+static unsigned ip_in_cidr(const gnutls_datum_t *ip, const gnutls_datum_t *cidr)
+{
+ unsigned byte;
+#ifndef BUILD_IN_TESTS
+ char str_ip[48];
+ char str_cidr[97];
+
+ _gnutls_hard_log("matching %.*s with CIDR constraint %.*s\n",
+ (int) sizeof(str_ip),
+ _gnutls_ip_to_string(ip->data, ip->size, str_ip, sizeof(str_ip)),
+ (int) sizeof(str_cidr),
+ _gnutls_cidr_to_string(cidr->data, cidr->size, str_cidr, sizeof(str_cidr)));
+#endif
+ for (byte = 0; byte < ip->size; byte++)
+ if (((ip->data[byte] ^ cidr->data[byte]) & cidr->data[ip->size+byte]) != 0)
+ return 0;
+
+ return 1; /* match */
+}
+
+#endif /* GNUTLS_LIB_X509_IP_IN_CIDR_H */
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-08 18:22:38 +0000