2
* Copyright (c) 1996, 1998-2005, 2007-2011
3
* Todd C. Miller <Todd.Miller@courtesan.com>
5
* Permission to use, copy, modify, and distribute this software for any
6
* purpose with or without fee is hereby granted, provided that the above
7
* copyright notice and this permission notice appear in all copies.
9
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16
* OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
17
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
19
* Sponsored in part by the Defense Advanced Research Projects
20
* Agency (DARPA) and Air Force Research Laboratory, Air Force
21
* Materiel Command, USAF, under agreement number F39502-99-1-0512.
26
#include <sys/types.h>
27
#include <sys/socket.h>
36
#endif /* STDC_HEADERS */
39
#endif /* HAVE_STRING_H */
42
#endif /* HAVE_STRINGS_H */
45
#endif /* HAVE_UNISTD_H */
46
#include <netinet/in.h>
47
#include <arpa/inet.h>
51
#include "interfaces.h"
54
addr_matches_if(char *n)
56
union sudo_in_addr_un addr;
57
struct interface *ifp;
64
if (inet_pton(AF_INET6, n, &addr.ip6) > 0) {
70
addr.ip4.s_addr = inet_addr(n);
73
for (ifp = interfaces; ifp != NULL; ifp = ifp->next) {
74
if (ifp->family != family)
78
if (ifp->addr.ip4.s_addr == addr.ip4.s_addr ||
79
(ifp->addr.ip4.s_addr & ifp->netmask.ip4.s_addr)
85
if (memcmp(ifp->addr.ip6.s6_addr, addr.ip6.s6_addr,
86
sizeof(addr.ip6.s6_addr)) == 0)
88
for (j = 0; j < sizeof(addr.ip6.s6_addr); j++) {
89
if ((ifp->addr.ip6.s6_addr[j] & ifp->netmask.ip6.s6_addr[j]) != addr.ip6.s6_addr[j])
92
if (j == sizeof(addr.ip6.s6_addr))
102
addr_matches_if_netmask(char *n, char *m)
105
union sudo_in_addr_un addr, mask;
106
struct interface *ifp;
113
if (inet_pton(AF_INET6, n, &addr.ip6) > 0)
119
addr.ip4.s_addr = inet_addr(n);
122
if (family == AF_INET) {
123
if (strchr(m, '.')) {
124
mask.ip4.s_addr = inet_addr(m);
130
mask.ip4.s_addr = 0xffffffff;
132
mask.ip4.s_addr = 0xffffffff - (1 << (32 - i)) + 1;
133
mask.ip4.s_addr = htonl(mask.ip4.s_addr);
135
addr.ip4.s_addr &= mask.ip4.s_addr;
139
if (inet_pton(AF_INET6, m, &mask.ip6) <= 0) {
141
for (i = 0; i < sizeof(addr.ip6.s6_addr); i++) {
143
mask.ip6.s6_addr[i] = 0;
144
else if (i * 8 + 8 <= j)
145
mask.ip6.s6_addr[i] = 0xff;
147
mask.ip6.s6_addr[i] = 0xff00 >> (j - i * 8);
148
addr.ip6.s6_addr[i] &= mask.ip6.s6_addr[i];
152
#endif /* HAVE_IN6_ADDR */
154
for (ifp = interfaces; ifp != NULL; ifp = ifp->next) {
155
if (ifp->family != family)
159
if ((ifp->addr.ip4.s_addr & mask.ip4.s_addr) == addr.ip4.s_addr)
163
for (j = 0; j < sizeof(addr.ip6.s6_addr); j++) {
164
if ((ifp->addr.ip6.s6_addr[j] & mask.ip6.s6_addr[j]) != addr.ip6.s6_addr[j])
167
if (j == sizeof(addr.ip6.s6_addr))
169
#endif /* HAVE_IN6_ADDR */
177
* Returns TRUE if "n" is one of our ip addresses or if
178
* "n" is a network that we are on, else returns FALSE.
181
addr_matches(char *n)
186
/* If there's an explicit netmask, use it. */
187
if ((m = strchr(n, '/'))) {
189
retval = addr_matches_if_netmask(n, m);
192
retval = addr_matches_if(n);