diff options
author | Nick Mathewson <nickm@torproject.org> | 2007-07-19 18:46:09 +0000 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2007-07-19 18:46:09 +0000 |
commit | bbbf50428102156359974e33bbcb70537132ace9 (patch) | |
tree | b044617b7528202e88808a67b3acfaae503d638e /src/common | |
parent | 70aef18db1b0b712416a92389d30ad2548f0d499 (diff) | |
download | tor-bbbf50428102156359974e33bbcb70537132ace9.tar.gz tor-bbbf50428102156359974e33bbcb70537132ace9.zip |
r13827@catbus: nickm | 2007-07-19 14:42:25 -0400
Merge in some generic address manipulation code from croup. Needs some work.
svn:r10880
Diffstat (limited to 'src/common')
-rw-r--r-- | src/common/compat.c | 85 | ||||
-rw-r--r-- | src/common/compat.h | 91 | ||||
-rw-r--r-- | src/common/util.c | 583 | ||||
-rw-r--r-- | src/common/util.h | 16 |
4 files changed, 721 insertions, 54 deletions
diff --git a/src/common/compat.c b/src/common/compat.c index cefba439fe..6d68c2daca 100644 --- a/src/common/compat.c +++ b/src/common/compat.c @@ -1004,7 +1004,7 @@ tor_inet_pton(int af, const char *src, void *dst) } /** Similar behavior to Unix gethostbyname: resolve <b>name</b>, and set - * *addr to the proper IP address, in network byte order. Returns 0 + * *<b>addr</b> to the proper IP address, in host byte order. Returns 0 * on success, -1 on failure; 1 on transient failure. * * (This function exists because standard windows gethostbyname @@ -1013,38 +1013,90 @@ tor_inet_pton(int af, const char *src, void *dst) int tor_lookup_hostname(const char *name, uint32_t *addr) { + tor_addr_t myaddr; + int ret; + + if ((ret = tor_addr_lookup(name, AF_INET, &myaddr))) + return ret; + + if (IN_FAMILY(&myaddr) == AF_INET) { + *addr = IPV4IPh(&myaddr); + return ret; + } + + return -1; +} + +/** Similar behavior to Unix gethostbyname: resolve <b>name</b>, and set + * *<b>addr</b> to the proper IP address and family. + * Return 0 on success, -1 on failure; 1 on transient failure. + * DOCDOC family argument. + */ +int +tor_addr_lookup(const char *name, uint16_t family, tor_addr_t *addr) +{ /* Perhaps eventually this should be replaced by a tor_getaddrinfo or * something. */ struct in_addr iaddr; + struct in6_addr iaddr6; tor_assert(name); tor_assert(addr); + tor_assert(family == AF_INET || family == AF_UNSPEC); + memset(addr, 0, sizeof(addr)); /* Clear the extraneous fields. */ if (!*name) { /* Empty address is an error. */ return -1; - } else if (tor_inet_aton(name, &iaddr)) { - /* It's an IP. */ - memcpy(addr, &iaddr.s_addr, 4); + } else if (tor_inet_pton(AF_INET, name, &iaddr)) { + /* It's an IPv4 IP. */ + addr->sa.sin_family = AF_INET; + memcpy(&addr->sa.sin_addr, &iaddr, sizeof(struct in_addr)); + return 0; + } else if (tor_inet_pton(AF_INET6, name, &iaddr6)) { + addr->sa6.sin6_family = AF_INET6; + memcpy(&addr->sa6.sin6_addr, &iaddr6, sizeof(struct in6_addr)); return 0; } else { #ifdef HAVE_GETADDRINFO int err; struct addrinfo *res=NULL, *res_p; + struct addrinfo *best=NULL; struct addrinfo hints; int result = -1; memset(&hints, 0, sizeof(hints)); - hints.ai_family = PF_INET; + hints.ai_family = family; hints.ai_socktype = SOCK_STREAM; err = getaddrinfo(name, NULL, &hints, &res); if (!err) { + best = NULL; for (res_p = res; res_p; res_p = res_p->ai_next) { - if (res_p->ai_family == AF_INET) { - struct sockaddr_in *sin = (struct sockaddr_in *)res_p->ai_addr; - memcpy(addr, &sin->sin_addr, 4); - result = 0; + if (family == AF_UNSPEC) { + if (res_p->ai_family == AF_INET) { + best = res_p; + break; + } else if (res_p->ai_family == AF_INET6 && !best) { + best = res_p; + } + } else if (family == res_p->ai_family) { + best = res_p; break; } } + if (!best) + best = res; + if (best->ai_family == AF_INET) { + addr->sa.sin_family = AF_INET; + memcpy(&addr->sa.sin_addr, + &((struct sockaddr_in*)best->ai_addr)->sin_addr, + sizeof(struct in_addr)); + result = 0; + } else if (best->ai_family == AF_INET6) { + addr->sa6.sin6_family = AF_INET6; + memcpy(&addr->sa6.sin6_addr, + &((struct sockaddr_in6*)best->ai_addr)->sin6_addr, + sizeof(struct in6_addr)); + result = 0; + } freeaddrinfo(res); return result; } @@ -1074,14 +1126,19 @@ tor_lookup_hostname(const char *name, uint32_t *addr) #else err = h_errno; #endif -#endif +#endif /* endif HAVE_GETHOSTBYNAME_R_6_ARG. */ if (ent) { - /* break to remind us if we move away from IPv4 */ - tor_assert(ent->h_length == 4); - memcpy(addr, ent->h_addr, 4); + addr->sa.sin_family = ent->h_addrtype; + if (ent->h_addrtype == AF_INET) { + memcpy(addr->sa.sin_addr, ent->h_addr, sizeof(struct in_addr)); + } else if (ent->h_addrtype == AF_INET6) { + memcpy(addr->sa.sin6_addr, ent->h_addr, sizeof(struct in6_addr)); + } else { + tor_assert(0) /* gethostbyname() returned a bizarre addrtype */ + } return 0; } - memset(addr, 0, 4); + memset(addr, 0, sizeof(tor_addr_t)); /* XXXX020 is this redundant? */ #ifdef MS_WINDOWS return (err == WSATRY_AGAIN) ? 1 : -1; #else diff --git a/src/common/compat.h b/src/common/compat.h index e75c98a0c2..ad791b9bf0 100644 --- a/src/common/compat.h +++ b/src/common/compat.h @@ -36,6 +36,15 @@ #include <ctype.h> #endif #include <stdarg.h> +#ifdef HAVE_SYS_SOCKET_H +#include <sys/socket.h> +#endif +#ifdef HAVE_NETINET_IN_H +#include <netinet/in.h> +#endif +#ifdef HAVE_NETINET_IN6_H +#include <netinet/in6.h> +#endif #ifndef NULL_REP_IS_ZERO_BYTES #error "It seems your platform does not represent NULL as zero. We can't cope." @@ -263,11 +272,88 @@ typedef int socklen_t; #if !defined(HAVE_STRUCT_IN6_ADDR) && !defined(MS_WINDOWS) struct in6_addr { - uint8_t s6_addr[16]; + union { + uint8_t u6_addr8[16]; + uint16_t u6_addr16[8]; + uint32_t u6_addr32[4]; + } in6_u; +#define s6_addr in6_u.u6_addr8 +#define s6_addr16 in6_u.u6_addr16 +#define s6_addr32 in6_u.u6_addr32 }; #endif +#if !defined(HAVE_STRUCT_SOCKADDR_IN6) +struct sockaddr_in6 { + uint16_t sin6_family; /* XXXX020 right size???? */ + uint16_t sin6_port; + // uint32_t sin6_flowinfo; + struct in6_addr sin6_addr; + // uint32_t sin6_scope_id; +}; +#endif + +typedef uint8_t maskbits_t; struct in_addr; +typedef union tor_addr_t +{ + /* XXXX020 There are extra fields in sockaddr_in and sockaddr_in6 that + * make this union waste space. Do we care? */ + struct sockaddr_in sa; + struct sockaddr_in6 sa6; +} tor_addr_t; + +/* XXXX020 rename these. */ +static INLINE uint32_t IPV4IP(const tor_addr_t *a); +static INLINE uint32_t IPV4IPh(const tor_addr_t *a); +static INLINE uint32_t IPV4MAPh(const tor_addr_t *a); +static INLINE uint16_t IN_FAMILY(const tor_addr_t *a); +static INLINE const struct in_addr *IN_ADDR(const tor_addr_t *a); +static INLINE const struct in6_addr *IN6_ADDR(const tor_addr_t *a); +static INLINE uint16_t IN_PORT(const tor_addr_t *a); + +static INLINE uint32_t +IPV4IP(const tor_addr_t *a) +{ + return a->sa.sin_addr.s_addr; +} +static INLINE uint32_t IPV4IPh(const tor_addr_t *a) +{ + /*XXXX020 remove this function */ + return ntohl(IPV4IP(a)); +} +static INLINE uint32_t +IPV4MAPh(const tor_addr_t *a) +{ + return ntohl(a->sa6.sin6_addr.s6_addr32[3]); +} +static INLINE uint16_t +IN_FAMILY(const tor_addr_t *a) +{ + return a->sa.sin_family; +} +static INLINE const struct in_addr * +IN_ADDR(const tor_addr_t *a) +{ + return &a->sa.sin_addr; +} +static INLINE const struct in6_addr * +IN6_ADDR(const tor_addr_t *a) +{ + return &a->sa6.sin6_addr; +} +static INLINE uint16_t +IN_PORT(const tor_addr_t *a) +{ + if (IN_FAMILY(a) == AF_INET) + return a->sa.sin_port; + else + return a->sa6.sin6_port; +} + +#define INET_NTOA_BUF_LEN 16 /* 255.255.255.255 */ +#define TOR_ADDR_BUF_LEN 46 /* ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255 */ + int tor_inet_aton(const char *cp, struct in_addr *addr) ATTR_NONNULL((1,2)); const char *tor_inet_ntop(int af, const void *src, char *dst, size_t len); int tor_inet_pton(int af, const char *src, void *dst); @@ -275,6 +361,9 @@ int tor_lookup_hostname(const char *name, uint32_t *addr) ATTR_NONNULL((1,2)); void set_socket_nonblocking(int socket); int tor_socketpair(int family, int type, int protocol, int fd[2]); int network_init(void); + +int tor_addr_lookup(const char *name, uint16_t family, tor_addr_t *addr_out); + /* For stupid historical reasons, windows sockets have an independent * set of errnos, and an independent way to get them. Also, you can't * always believe WSAEWOULDBLOCK. Use the macros below to compare diff --git a/src/common/util.c b/src/common/util.c index 10c3cb8476..230acabe55 100644 --- a/src/common/util.c +++ b/src/common/util.c @@ -1828,17 +1828,95 @@ path_is_relative(const char *filename) int is_internal_IP(uint32_t ip, int for_listening) { - if (for_listening && !ip) /* special case for binding to 0.0.0.0 */ + tor_addr_t myaddr; + myaddr.sa.sin_family = AF_INET; + myaddr.sa.sin_addr.s_addr = htonl(ip); + + return tor_addr_is_internal(&myaddr, for_listening); +} + +/** Return true iff <b>ip</b> is an IP reserved to localhost or local networks + * in RFC1918 or RFC4193 or RFC4291. (fec0::/10, deprecated by RFC3879, is + * also treated as internal for now.) + */ +int +tor_addr_is_internal(const tor_addr_t *addr, int for_listening) +{ + uint32_t iph4; + uint32_t iph6[4]; + sa_family_t v_family; + v_family = IN_FAMILY(addr); + + if (v_family == AF_INET) { + iph4 = IPV4IPh(addr); + } else if (v_family == AF_INET6) { + if (tor_addr_is_v4(addr)) { /* v4-mapped */ + v_family = AF_INET; + iph4 = ntohl(IN6_ADDR(addr)->s6_addr32[3]); + } + } + + if (v_family == AF_INET6) { + iph6[0] = ntohl(IN6_ADDR(addr)->s6_addr32[0]); + iph6[1] = ntohl(IN6_ADDR(addr)->s6_addr32[1]); + iph6[2] = ntohl(IN6_ADDR(addr)->s6_addr32[2]); + iph6[3] = ntohl(IN6_ADDR(addr)->s6_addr32[3]); + if (for_listening && !iph6[0] && !iph6[1] && !iph6[2] && !iph6[3]) /* :: */ + return 0; + + if (((iph6[0] & 0xfe000000) == 0xfc000000) || /* fc00/7 - RFC4193 */ + ((iph6[0] & 0xffc00000) == 0xfe800000) || /* fe80/10 - RFC4291 */ + ((iph6[0] & 0xffc00000) == 0xfec00000)) /* fec0/10 D- RFC3879 */ + return 1; + + if (!iph6[0] && !iph6[1] && !iph6[2] && + ((iph6[3] & 0xfffffffe) == 0x00000000)) /* ::/127 */ + return 1; + return 0; - if (((ip & 0xff000000) == 0x0a000000) || /* 10/8 */ - ((ip & 0xff000000) == 0x00000000) || /* 0/8 */ - ((ip & 0xff000000) == 0x7f000000) || /* 127/8 */ - ((ip & 0xffff0000) == 0xa9fe0000) || /* 169.254/16 */ - ((ip & 0xfff00000) == 0xac100000) || /* 172.16/12 */ - ((ip & 0xffff0000) == 0xc0a80000)) /* 192.168/16 */ - return 1; - return 0; + } else if (v_family == AF_INET) { + if (for_listening && !iph4) /* special case for binding to 0.0.0.0 */ + return 0; + if (((iph4 & 0xff000000) == 0x0a000000) || /* 10/8 */ + ((iph4 & 0xff000000) == 0x00000000) || /* 0/8 */ + ((iph4 & 0xff000000) == 0x7f000000) || /* 127/8 */ + ((iph4 & 0xffff0000) == 0xa9fe0000) || /* 169.254/16 */ + ((iph4 & 0xfff00000) == 0xac100000) || /* 172.16/12 */ + ((iph4 & 0xffff0000) == 0xc0a80000)) /* 192.168/16 */ + return 1; + return 0; + } + + /* unknown address family... assume it's not safe for external use */ + /* rather than tor_assert(0) */ + log_warn(LD_BUG, "tor_addr_is_internal() called with a non-IP address."); + return 1; +} + +#if 0 +/** Convert a tor_addr_t <b>addr</b> into a string, and store it in + * <b>dest</b> of size <b>len</b>. Returns a pointer to dest on success, + * or NULL on failure. + */ +void +tor_addr_to_str(char *dest, const tor_addr_t *addr, int len) +{ + const char *ptr; + tor_assert(addr && dest); + + switch (IN_FAMILY(addr)) { + case AF_INET: + ptr = tor_inet_ntop(AF_INET, &addr->sa.sin_addr, dest, len); + break; + case AF_INET6: + ptr = tor_inet_ntop(AF_INET6, &addr->sa6.sin6_addr, dest, len); + break; + default: + return NULL; + } + return ptr; } +#endif /** Parse a string of the form "host[:port]" from <b>addrport</b>. If * <b>address</b> is provided, set *<b>address</b> to a copy of the @@ -1889,7 +1967,6 @@ parse_addr_port(int severity, const char *addrport, char **address, ok = 0; *addr = 0; } - *addr = ntohl(*addr); } if (address && ok) { @@ -2055,9 +2132,244 @@ parse_addr_and_port_range(const char *s, uint32_t *addr_out, return -1; } -/** Given an IPv4 address <b>in</b> (in network order, as usual), - * write it as a string into the <b>buf_len</b>-byte buffer in - * <b>buf</b>. +/** Parse a string <b>s</b> containing an IPv4/IPv6 address, and possibly + * a mask and port or port range. Store the parsed address in + * <b>addr_out</b>, a mask (if any) in <b>mask_out</b>, and port(s) (if any) + * in <b>port_min_out</b> and <b>port_max_out</b>. + * + * DOCDOC exact syntax. + * + * - If mask, minport, or maxport are NULL, avoid storing those elements. + * - If the string has no mask, the mask is set to /32 (IPv4) or /128 (IPv6). + * - If the string has one port, it is placed in both min and max port + * variables. + * - If the string has no port(s), port_(min|max)_out are set to 1 and 65535. + * + * Return an address family on success, or -1 if an invalid address string is + * provided. + */ +int +tor_addr_parse_mask_ports(const char *s, tor_addr_t *addr_out, + maskbits_t *maskbits_out, + uint16_t *port_min_out, uint16_t *port_max_out) +{ + char *base = NULL, *address, *mask = NULL, *port = NULL, *rbracket = NULL; + char *endptr; + int any_flag=0, v4map=0; + + tor_assert(s); + tor_assert(addr_out); + + /* IP, [], /mask, ports */ +#define MAX_ADDRESS_LENGTH (TOR_ADDR_BUF_LEN+2+(1+INET_NTOA_BUF_LEN)+12+1) + + if (strlen(s) > MAX_ADDRESS_LENGTH) { + log_warn(LD_GENERAL, "Impossibly long IP %s; rejecting", escaped(s)); + goto err; + } + base = tor_strdup(s); + + /* Break 'base' into separate strings. */ + address = base; + if (*address == '[') { /* Probably IPv6 */ + address++; + rbracket = strchr(address, ']'); + if (!rbracket) { + log_warn(LD_GENERAL, + "No closing IPv6 bracket in address pattern; rejecting."); + goto err; + } + } + mask = strchr((rbracket?rbracket:address),'/'); + port = strchr((mask?mask:(rbracket?rbracket:address)), ':'); + if (port) + *port++ = '\0'; + if (mask) + *mask++ = '\0'; + if (rbracket) + *rbracket = '\0'; + if (port && mask) + tor_assert(port > mask); + if (mask && rbracket) + tor_assert(mask > rbracket); + + /* Now "address" is the a.b.c.d|'*'|abcd::1 part... + * "mask" is the Mask|Maskbits part... + * and "port" is the *|port|min-max part. + */ + + /* Process the address portion */ + memset(addr_out, 0, sizeof(tor_addr_t)); + + if (!strcmp(address, "*")) { + addr_out->sa.sin_family = AF_INET; /* AF_UNSPEC ???? XXXXX020 */ + any_flag = 1; + } else if (tor_inet_pton(AF_INET6, address, &addr_out->sa6.sin6_addr) > 0) { + addr_out->sa6.sin6_family = AF_INET6; + } else if (tor_inet_pton(AF_INET, address, &addr_out->sa.sin_addr) > 0) { + addr_out->sa.sin_family = AF_INET; + } else { + log_warn(LD_GENERAL, "Malformed IP %s in address pattern; rejecting.", + escaped(address)); + goto err; + } + + v4map = tor_addr_is_v4(addr_out); + +/* +#ifdef ALWAYS_V6_MAP + if (v_family == AF_INET) { + v_family = AF_INET6; + IN_ADDR6(addr_out).s6_addr32[3] = IN6_ADDR(addr_out).s_addr; + memset(&IN6_ADDR(addr_out), 0, 10); + IN_ADDR6(addr_out).s6_addr16[5] = 0xffff; + } +#else + if (v_family == AF_INET6 && v4map) { + v_family = AF_INET; + IN_ADDR(addr_out).s_addr = IN6_ADDR(addr_out).s6_addr32[3]; + } +#endif +*/ + + /* Parse mask */ + if (maskbits_out) { + int bits = 0; + struct in_addr v4mask; + + if (mask) { /* the caller (tried to) specify a mask */ + bits = (int) strtol(mask, &endptr, 10); + if (!*endptr) { /* strtol converted everything, so it was an integer */ + if ((bits<0 || bits>128) || + ((IN_FAMILY(addr_out) == AF_INET) && bits > 32)) { + log_warn(LD_GENERAL, + "Bad number of mask bits (%d) on address range; rejecting.", + bits); + goto err; + } + } else { /* mask might still be an address-style mask */ + if (tor_inet_pton(AF_INET, mask, &v4mask) > 0) { + bits = addr_mask_get_bits(ntohl(v4mask.s_addr)); + if (bits < 0) { + log_warn(LD_GENERAL, + "IPv4-style mask %s is not a prefix address; rejecting.", + escaped(mask)); + goto err; + } + } else { /* Not IPv4; we don't do address-style IPv6 masks. */ + log_warn(LD_GENERAL, + "Malformed mask on address range %s; rejecting.", + escaped(s)); + goto err; + } + } + if (IN_FAMILY(addr_out) == AF_INET6 && v4map) { + if (bits > 32 && bits < 96) { /* Crazy */ + log_warn(LD_GENERAL, + "Bad mask bits %i for V4-mapped V6 address; rejecting.", + bits); + goto err; + } + /* XXXX020 is this really what we want? */ + bits = 96 + bits%32; /* map v4-mapped masks onto 96-128 bits */ + } + } else { /* pick an appropriate mask, as none was given */ + if (any_flag) + bits = 0; /* This is okay whether it's V6 or V4 (FIX V4-mapped V6!) */ + else if (IN_FAMILY(addr_out) == AF_INET) + bits = 32; + else if (IN_FAMILY(addr_out) == AF_INET6) + bits = 128; + } + *maskbits_out = (maskbits_t) bits; + } else { + if (mask) { + log_warn(LD_GENERAL, + "Unexpected mask in addrss %s; rejecting", escaped(s)); + goto err; + } + } + + /* Parse port(s) */ + if (port_min_out) { + uint16_t port2; + if (!port_max_out) /* caller specified one port; fake the second one */ + port_max_out = &port2; + + if (parse_port_range(port, port_min_out, port_max_out) < 0) { + goto err; + } else if ((*port_min_out != *port_max_out) && port_max_out == &port2) { + log_warn(LD_GENERAL, + "Wanted one port from address range, but there are two."); + + port_max_out = NULL; /* caller specified one port, so set this back */ + goto err; + } + } else { + if (port) { + log_warn(LD_GENERAL, + "Unexpected ports in addrss %s; rejecting", escaped(s)); + goto err; + } + } + + tor_free(base); + return IN_FAMILY(addr_out); + err: + tor_free(base); + return -1; +} + +/** Determine whether an address is IPv4, either native or ipv4-mapped ipv6. + * Note that this is about representation only, as any decent stack will + * reject ipv4-mapped addresses received on the wire (and won't use them + * on the wire either). + */ +int +tor_addr_is_v4(const tor_addr_t *addr) +{ + tor_assert(addr); + + if (IN_FAMILY(addr) == AF_INET) + return 1; + + if (IN_FAMILY(addr) == AF_INET6) { /* First two don't need to be ordered */ + if ((IN6_ADDR(addr)->s6_addr32[0] == 0) && + (IN6_ADDR(addr)->s6_addr32[1] == 0) && + (ntohl(IN6_ADDR(addr)->s6_addr32[2]) == 0x0000ffffu)) + return 1; + } + + return 0; /* Not IPv4 - unknown family or a full-blood IPv6 address */ +} + +/** Determine whether an address <b>addr</b> is null, either all zeroes or + * belonging to family AF_UNSPEC. + */ +int +tor_addr_is_null(const tor_addr_t *addr) +{ + tor_assert(addr); + + switch(IN_FAMILY(addr)) { + case AF_INET6: + if (!IN6_ADDR(addr)->s6_addr32[0] && !IN6_ADDR(addr)->s6_addr32[1] && + !IN6_ADDR(addr)->s6_addr32[2] && !IN6_ADDR(addr)->s6_addr32[3]) + return 1; + return 0; + case AF_INET: + if (!IN_ADDR(addr)->s_addr) + return 1; + return 0; + default: + return 1; + } + //return 1; +} + +/** Given an IPv4 in_addr struct *<b>in</b> (in network order, as usual), + * write it as a string into the <b>buf_len</b>-byte buffer in + * <b>buf</b>. */ int tor_inet_ntoa(const struct in_addr *in, char *buf, size_t buf_len) @@ -2070,37 +2382,223 @@ tor_inet_ntoa(const struct in_addr *in, char *buf, size_t buf_len) (int)(uint8_t)((a )&0xff)); } -/** Given a host-order <b>addr</b>, call tor_inet_ntoa() on it - * and return a strdup of the resulting address. +/** Take a 32-bit host-order ipv4 address <b>v4addr</b> and store it in the + * tor_addr *<b>dest</b>. + * + * XXXX020 Temporary, for use while 32-bit int addresses are still being + * passed around. + */ +void +tor_addr_from_ipv4(tor_addr_t *dest, uint32_t v4addr) +{ + tor_assert(dest); + memset(dest, 0, sizeof(dest)); + dest->sa.sin_family = AF_INET; + dest->sa.sin_addr.s_addr = htonl(v4addr); +} + +/** Copy a tor_addr_t from <b>src</b> to <b>dest</b>. + */ +void +tor_addr_copy(tor_addr_t *dest, const tor_addr_t *src) +{ + tor_assert(src && dest); + memcpy(dest, src, sizeof(tor_addr_t)); +} + +/** DOCDOC */ +int +tor_addr_compare(const tor_addr_t *addr1, const tor_addr_t *addr2) +{ + return tor_addr_compare_masked(addr1, addr2, 128); +} + +/** Given two addresses <b>addr1</b> and <b>addr2</b>, return 0 if the two + * addresses are equivalent under the mask mbits, or nonzero if not. + * + * Different address families (IPv4 vs IPv6) are always considered unequal. + * + * Reduce over-specific masks (>128 for ipv6, >32 for ipv4) to 128 or 32. + */ +int +tor_addr_compare_masked(const tor_addr_t *addr1, const tor_addr_t *addr2, + maskbits_t mbits) +{ + uint32_t ip4a=0, ip4b=0; + sa_family_t v_family[2]; + int idx; + uint32_t masked_a, masked_b; + + tor_assert(addr1 && addr2); + + v_family[0] = IN_FAMILY(addr1); + v_family[1] = IN_FAMILY(addr2); + + if (v_family[0] == AF_INET) { /* If this is native IPv4, note the address */ + ip4a = IPV4IPh(addr1); /* Later we risk overwriting a v4-mapped address */ + } else if ((v_family[0] == AF_INET6) && tor_addr_is_v4(addr1)) { + v_family[0] = AF_INET; + ip4a = IPV4MAPh(addr1); + } + + if (v_family[1] == AF_INET) { /* If this is native IPv4, note the address */ + ip4b = IPV4IPh(addr2); /* Later we risk overwriting a v4-mapped address */ + } else if ((v_family[1] == AF_INET6) && tor_addr_is_v4(addr2)) { + v_family[1] = AF_INET; + ip4b = IPV4MAPh(addr2); + } + + if (v_family[0] > v_family[1]) /* Comparison of virtual families */ + return 1; + else if (v_family[0] < v_family[1]) + return -1; + + if (mbits == 0) /* Under a complete wildcard mask, consider them equal */ + return 0; + + if (v_family[0] == AF_INET) { /* Real or mapped IPv4 */ +#if 0 + if (mbits >= 32) { + masked_a = ip4a; + masked_b = ip4b; + } else { + masked_a = ip4a & (0xfffffffful << (32-mbits)); + masked_b = ip4b & (0xfffffffful << (32-mbits)); + } +#endif + if (mbits > 32) + mbits = 32; + masked_a = ip4a >> (32-mbits); + masked_b = ip4b >> (32-mbits); + if (masked_a < masked_b) + return -1; + else if (masked_a > masked_b) + return 1; + return 0; + } else if (v_family[0] == AF_INET6) { /* Real IPv6 */ + maskbits_t lmbits; + const uint32_t *a1 = IN6_ADDR(addr1)->s6_addr32; + const uint32_t *a2 = IN6_ADDR(addr2)->s6_addr32; + for (idx = 0; idx < 4; ++idx) { + if (!mbits) + return 0; /* Mask covers both addresses from here on */ + else if (mbits > 32) + lmbits = 32; + else + lmbits = mbits; + + masked_a = ntohl(a1[idx]) >> (32-lmbits); + masked_b = ntohl(a2[idx]) >> (32-lmbits); + + if (masked_a > masked_b) + return 1; + else if (masked_a < masked_b) + return -1; + + if (mbits < 32) + return 0; + mbits -= 32; + } +#if 0 + for (idx = 0; idx < 4; ++idx) { + if (mbits <= 32*idx) /* Mask covers both addresses from here on */ + return 0; + if (mbits >= 32*(idx+1)) { /* Mask doesn't affect these 32 bits */ + lmbits = 32; + } else { + lmbits = mbits % 32; + } + masked_a = ntohl(IN6_ADDR(addr1).s6_addr32[idx]) & + (0xfffffffful << (32-lmbits)); + masked_b = ntohl(IN6_ADDR(addr2).s6_addr32[idx]) & + (0xfffffffful << (32-lmbits)); + if (masked_a > masked_b) + return 1; + if (masked_a < masked_b) + return -1; + } +#endif + return 0; + } + + tor_assert(0); /* Unknown address family */ + return -1; /* unknown address family, return unequal? */ +} + +/** Given a host-order <b>addr</b>, call tor_inet_ntop() on it + * and return a strdup of the resulting address. */ char * tor_dup_addr(uint32_t addr) { - char buf[INET_NTOA_BUF_LEN]; + char buf[TOR_ADDR_BUF_LEN]; struct in_addr in; in.s_addr = htonl(addr); - tor_inet_ntoa(&in, buf, sizeof(buf)); + tor_inet_ntop(AF_INET, &in, buf, sizeof(buf)); return tor_strdup(buf); } -/** - * Set *<b>addr</b> to the host-order IPv4 address (if any) of whatever - * interface connects to the internet. This address should only be used in - * checking whether our address has changed. Return 0 on success, -1 on - * failure. +/** Convert the tor_addr_t *<b>addr</b> into string form and store it in + * <b>dest</b> (no more than <b>len</b> bytes). DOCDOC return value. + */ +const char * +tor_addr_to_str(char *dest, const tor_addr_t *addr, int len) +{ + tor_assert(addr && dest); + + if (IN_FAMILY(addr) == AF_INET) { + return tor_inet_ntop(AF_INET, IN_ADDR(addr), dest, len); + } else if (IN_FAMILY(addr) == AF_INET6) { + return tor_inet_ntop(AF_INET6, IN6_ADDR(addr), dest, len); + } else { + return NULL; + } +} + +/** Convert the string in <b>src</b> to a tor_addr_t <b>addr</b>. */ int -get_interface_address(int severity, uint32_t *addr) +tor_addr_from_str(tor_addr_t *addr, const char *src) +{ + tor_assert(addr && src); + return tor_addr_parse_mask_ports(src, addr, NULL, NULL, NULL); +} + +/** Set *<b>addr</b> to the IP address (if any) of whatever interface + * connects to the internet. This address should only be used in checking + * whether our address has changed. Return 0 on success, -1 on failure. + */ +int +get_interface_address6(int severity, sa_family_t family, tor_addr_t *addr) { int sock=-1, r=-1; - struct sockaddr_in target_addr, my_addr; - socklen_t my_addr_len = sizeof(my_addr); + struct sockaddr_storage my_addr, target_addr; + socklen_t my_addr_len; tor_assert(addr); - *addr = 0; - sock = tor_open_socket(PF_INET,SOCK_DGRAM,IPPROTO_UDP); + memset(addr, 0, sizeof(tor_addr_t)); + memset(&target_addr, 0, sizeof(target_addr)); + my_addr_len = sizeof(my_addr); + ((struct sockaddr_in*)&target_addr)->sin_port = 9; /* DISGARD port */ + /* Don't worry: no packets are sent. We just need to use a real address + * on the actual internet. */ + if (family == AF_INET6) { + struct sockaddr_in6 *sin6 = (struct sockaddr_in6*)&target_addr; + sock = tor_open_socket(PF_INET6,SOCK_DGRAM,IPPROTO_UDP); + my_addr_len = sizeof(struct sockaddr_in6); + sin6->sin6_family = AF_INET6; + sin6->sin6_addr.s6_addr16[0] = htons(0x2002); /* 2002:: */ + } else if (family == AF_INET) { + struct sockaddr_in *sin = (struct sockaddr_in*)&target_addr; + sock = tor_open_socket(PF_INET,SOCK_DGRAM,IPPROTO_UDP); + my_addr_len = sizeof(struct sockaddr_in); + sin->sin_family = AF_INET; + sin->sin_addr.s_addr = htonl(0x12000001); /* 18.0.0.1 */ + } else { + return -1; + } if (sock < 0) { int e = tor_socket_errno(-1); log_fn(severity, LD_NET, "unable to create socket: %s", @@ -2108,29 +2606,20 @@ get_interface_address(int severity, uint32_t *addr) goto err; } - memset(&target_addr, 0, sizeof(target_addr)); - target_addr.sin_family = AF_INET; - /* discard port */ - target_addr.sin_port = 9; - /* 18.0.0.1 (Don't worry: no packets are sent. We just need a real address - * on the internet.) */ - target_addr.sin_addr.s_addr = htonl(0x12000001); - if (connect(sock,(struct sockaddr *)&target_addr,sizeof(target_addr))<0) { int e = tor_socket_errno(sock); log_fn(severity, LD_NET, "connect() failed: %s", tor_socket_strerror(e)); goto err; } - if (getsockname(sock, (struct sockaddr*)&my_addr, &my_addr_len)) { + if (getsockname(sock,(struct sockaddr*)&my_addr, &my_addr_len)) { int e = tor_socket_errno(sock); log_fn(severity, LD_NET, "getsockname() to determine interface failed: %s", tor_socket_strerror(e)); goto err; } - *addr = ntohl(my_addr.sin_addr.s_addr); - + memcpy(addr, &my_addr, sizeof(tor_addr_t)); r=0; err: if (sock >= 0) @@ -2138,6 +2627,24 @@ get_interface_address(int severity, uint32_t *addr) return r; } +/** + * Set *<b>addr</b> to the host-order IPv4 address (if any) of whatever + * interface connects to the internet. This address should only be used in + * checking whether our address has changed. Return 0 on success, -1 on + * failure. + */ +int +get_interface_address(int severity, uint32_t *addr) +{ + tor_addr_t local_addr; + int r; + + r = get_interface_address6(severity, AF_INET, &local_addr); + if (r>=0) + *addr = IPV4IPh(&local_addr); + return r; +} + /* ===== * Process helpers * ===== */ diff --git a/src/common/util.h b/src/common/util.h index de7245c259..0165661fb6 100644 --- a/src/common/util.h +++ b/src/common/util.h @@ -254,11 +254,25 @@ int parse_addr_and_port_range(const char *s, uint32_t *addr_out, uint32_t *mask_out, uint16_t *port_min_out, uint16_t *port_max_out); int addr_mask_get_bits(uint32_t mask); -#define INET_NTOA_BUF_LEN 16 int tor_inet_ntoa(const struct in_addr *in, char *buf, size_t buf_len); char *tor_dup_addr(uint32_t addr) ATTR_MALLOC; int get_interface_address(int severity, uint32_t *addr); +int get_interface_address6(int severity, sa_family_t family, tor_addr_t *addr); +int tor_addr_compare(const tor_addr_t *addr1, const tor_addr_t *addr2); +int tor_addr_compare_masked(const tor_addr_t *addr1, const tor_addr_t *addr2, + maskbits_t mask); +int tor_addr_is_v4(const tor_addr_t *addr); +int tor_addr_is_internal(const tor_addr_t *ip, int for_listening) ATTR_PURE; +int tor_addr_parse_mask_ports(const char *s, + tor_addr_t *addr_out, maskbits_t *mask_out, + uint16_t *port_min_out, uint16_t *port_max_out); +const char * tor_addr_to_str(char *dest, const tor_addr_t *addr, int len); +int tor_addr_from_str(tor_addr_t *addr, const char *src); +void tor_addr_copy(tor_addr_t *dest, const tor_addr_t *src); +void tor_addr_from_ipv4(tor_addr_t *dest, uint32_t v4addr); +int tor_addr_is_null(const tor_addr_t *addr); + /* Process helpers */ void start_daemon(void); void finish_daemon(const char *desired_cwd); |