1 /* Copyright (c) 2003-2004, Roger Dingledine
2 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
3 * Copyright (c) 2007-2008, The Tor Project, Inc. */
4 /* See LICENSE for licensing information */
6 const char address_c_id
[] =
11 * \brief Functions to use and manipulate the tor_addr_t structure.
25 #ifdef HAVE_SYS_TIME_H
34 #ifdef HAVE_NETINET_IN_H
35 #include <netinet/in.h>
37 #ifdef HAVE_ARPA_INET_H
38 #include <arpa/inet.h>
40 #ifdef HAVE_SYS_SOCKET_H
41 #include <sys/socket.h>
46 #ifdef HAVE_SYS_PARAM_H
47 #include <sys/param.h> /* FreeBSD needs this to know what version it is */
55 /** Convert the tor_addr_t in <b>a</b>, with port in <b>port</b>, into a
56 * socklen object in *<b>sa_out</b> of object size <b>len</b>. If not enough
57 * room is free, or on error, return -1. Else return the length of the
60 tor_addr_to_sockaddr(const tor_addr_t
*a
,
62 struct sockaddr
*sa_out
,
65 if (a
->family
== AF_INET
) {
66 struct sockaddr_in
*sin
;
67 if (len
< sizeof(struct sockaddr_in
))
69 sin
= (struct sockaddr_in
*)sa_out
;
70 sin
->sin_family
= AF_INET
;
71 sin
->sin_port
= htons(port
);
72 sin
->sin_addr
.s_addr
= tor_addr_to_ipv4n(a
);
73 return sizeof(struct sockaddr_in
);
74 } else if (a
->family
== AF_INET6
) {
75 struct sockaddr_in6
*sin6
;
76 if (len
< sizeof(struct sockaddr_in6
))
78 sin6
= (struct sockaddr_in6
*)sa_out
;
79 memset(sin6
, 0, sizeof(struct sockaddr_in6
));
80 sin6
->sin6_family
= AF_INET6
;
81 sin6
->sin6_port
= htons(port
);
82 memcpy(&sin6
->sin6_addr
, &a
->addr
.in6_addr
, sizeof(struct in6_addr
));
83 return sizeof(struct sockaddr_in6
);
89 /** Set the tor_addr_t in <b>a</b> to contain the socket address contained in
92 tor_addr_from_sockaddr(tor_addr_t
*a
, const struct sockaddr
*sa
,
97 memset(a
, 0, sizeof(tor_addr_t
));
98 if (sa
->sa_family
== AF_INET
) {
99 struct sockaddr_in
*sin
= (struct sockaddr_in
*) sa
;
101 a
->addr
.in_addr
.s_addr
= sin
->sin_addr
.s_addr
;
103 *port_out
= ntohs(sin
->sin_port
);
104 } else if (sa
->sa_family
== AF_INET6
) {
105 struct sockaddr_in6
*sin6
= (struct sockaddr_in6
*) sa
;
106 a
->family
= AF_INET6
;
107 memcpy(&a
->addr
.in6_addr
, &sin6
->sin6_addr
, sizeof(struct in6_addr
));
109 *port_out
= ntohs(sin6
->sin6_port
);
111 a
->family
= AF_UNSPEC
;
117 /** Set address <b>a</b> to the unspecified address. This address belongs to
120 tor_addr_make_unspec(tor_addr_t
*a
)
122 memset(a
, 0, sizeof(*a
));
123 a
->family
= AF_UNSPEC
;
126 /** Similar behavior to Unix gethostbyname: resolve <b>name</b>, and set
127 * *<b>addr</b> to the proper IP address and family. The <b>family</b>
128 * argument (which must be AF_INET, AF_INET6, or AF_UNSPEC) declares a
129 * <i>preferred</i> family, though another one may be returned if only one
130 * family is implemented for this address.
132 * Return 0 on success, -1 on failure; 1 on transient failure.
135 tor_addr_lookup(const char *name
, uint16_t family
, tor_addr_t
*addr
)
137 /* Perhaps eventually this should be replaced by a tor_getaddrinfo or
140 struct in_addr iaddr
;
141 struct in6_addr iaddr6
;
144 tor_assert(family
== AF_INET
|| family
== AF_INET6
|| family
== AF_UNSPEC
);
145 memset(addr
, 0, sizeof(addr
)); /* Clear the extraneous fields. */
147 /* Empty address is an error. */
149 } else if (tor_inet_pton(AF_INET
, name
, &iaddr
)) {
150 /* It's an IPv4 IP. */
151 if (family
== AF_INET6
)
153 addr
->family
= AF_INET
;
154 memcpy(&addr
->addr
.in_addr
, &iaddr
, sizeof(struct in_addr
));
156 } else if (tor_inet_pton(AF_INET6
, name
, &iaddr6
)) {
157 if (family
== AF_INET
)
159 addr
->family
= AF_INET6
;
160 memcpy(&addr
->addr
.in6_addr
, &iaddr6
, sizeof(struct in6_addr
));
163 #ifdef HAVE_GETADDRINFO
165 struct addrinfo
*res
=NULL
, *res_p
;
166 struct addrinfo
*best
=NULL
;
167 struct addrinfo hints
;
169 memset(&hints
, 0, sizeof(hints
));
170 hints
.ai_family
= family
;
171 hints
.ai_socktype
= SOCK_STREAM
;
172 err
= getaddrinfo(name
, NULL
, &hints
, &res
);
175 for (res_p
= res
; res_p
; res_p
= res_p
->ai_next
) {
176 if (family
== AF_UNSPEC
) {
177 if (res_p
->ai_family
== AF_INET
) {
180 } else if (res_p
->ai_family
== AF_INET6
&& !best
) {
183 } else if (family
== res_p
->ai_family
) {
190 if (best
->ai_family
== AF_INET
) {
191 addr
->family
= AF_INET
;
192 memcpy(&addr
->addr
.in_addr
,
193 &((struct sockaddr_in
*)best
->ai_addr
)->sin_addr
,
194 sizeof(struct in_addr
));
196 } else if (best
->ai_family
== AF_INET6
) {
197 addr
->family
= AF_INET6
;
198 memcpy(&addr
->addr
.in6_addr
,
199 &((struct sockaddr_in6
*)best
->ai_addr
)->sin6_addr
,
200 sizeof(struct in6_addr
));
206 return (err
== EAI_AGAIN
) ? 1 : -1;
210 #ifdef HAVE_GETHOSTBYNAME_R_6_ARG
212 struct hostent hostent
;
214 r
= gethostbyname_r(name
, &hostent
, buf
, sizeof(buf
), &ent
, &err
);
215 #elif defined(HAVE_GETHOSTBYNAME_R_5_ARG)
217 struct hostent hostent
;
218 ent
= gethostbyname_r(name
, &hostent
, buf
, sizeof(buf
), &err
);
219 #elif defined(HAVE_GETHOSTBYNAME_R_3_ARG)
220 struct hostent_data data
;
222 memset(&data
, 0, sizeof(data
));
223 err
= gethostbyname_r(name
, &hent
, &data
);
224 ent
= err
? NULL
: &hent
;
226 ent
= gethostbyname(name
);
228 err
= WSAGetLastError();
232 #endif /* endif HAVE_GETHOSTBYNAME_R_6_ARG. */
234 addr
->family
= ent
->h_addrtype
;
235 if (ent
->h_addrtype
== AF_INET
) {
236 memcpy(&addr
->addr
.in_addr
, ent
->h_addr
, sizeof(struct in_addr
));
237 } else if (ent
->h_addrtype
== AF_INET6
) {
238 memcpy(&addr
->addr
.in6_addr
, ent
->h_addr
, sizeof(struct in6_addr
));
240 tor_assert(0); /* gethostbyname() returned a bizarre addrtype */
245 return (err
== WSATRY_AGAIN
) ? 1 : -1;
247 return (err
== TRY_AGAIN
) ? 1 : -1;
253 /** Return true iff <b>ip</b> is an IP reserved to localhost or local networks
254 * in RFC1918 or RFC4193 or RFC4291. (fec0::/10, deprecated by RFC3879, is
255 * also treated as internal for now.)
258 tor_addr_is_internal(const tor_addr_t
*addr
, int for_listening
)
262 sa_family_t v_family
;
263 v_family
= tor_addr_family(addr
);
265 if (v_family
== AF_INET
) {
266 iph4
= tor_addr_to_ipv4h(addr
);
267 } else if (v_family
== AF_INET6
) {
268 if (tor_addr_is_v4(addr
)) { /* v4-mapped */
270 iph4
= ntohl(tor_addr_to_in6_addr32(addr
)[3]);
274 if (v_family
== AF_INET6
) {
275 const uint32_t *a32
= tor_addr_to_in6_addr32(addr
);
276 iph6
[0] = ntohl(a32
[0]);
277 iph6
[1] = ntohl(a32
[1]);
278 iph6
[2] = ntohl(a32
[2]);
279 iph6
[3] = ntohl(a32
[3]);
280 if (for_listening
&& !iph6
[0] && !iph6
[1] && !iph6
[2] && !iph6
[3]) /* :: */
283 if (((iph6
[0] & 0xfe000000) == 0xfc000000) || /* fc00/7 - RFC4193 */
284 ((iph6
[0] & 0xffc00000) == 0xfe800000) || /* fe80/10 - RFC4291 */
285 ((iph6
[0] & 0xffc00000) == 0xfec00000)) /* fec0/10 D- RFC3879 */
288 if (!iph6
[0] && !iph6
[1] && !iph6
[2] &&
289 ((iph6
[3] & 0xfffffffe) == 0x00000000)) /* ::/127 */
293 } else if (v_family
== AF_INET
) {
294 if (for_listening
&& !iph4
) /* special case for binding to 0.0.0.0 */
296 if (((iph4
& 0xff000000) == 0x0a000000) || /* 10/8 */
297 ((iph4
& 0xff000000) == 0x00000000) || /* 0/8 */
298 ((iph4
& 0xff000000) == 0x7f000000) || /* 127/8 */
299 ((iph4
& 0xffff0000) == 0xa9fe0000) || /* 169.254/16 */
300 ((iph4
& 0xfff00000) == 0xac100000) || /* 172.16/12 */
301 ((iph4
& 0xffff0000) == 0xc0a80000)) /* 192.168/16 */
306 /* unknown address family... assume it's not safe for external use */
307 /* rather than tor_assert(0) */
308 log_warn(LD_BUG
, "tor_addr_is_internal() called with a non-IP address.");
312 /** Convert a tor_addr_t <b>addr</b> into a string, and store it in
313 * <b>dest</b> of size <b>len</b>. Returns a pointer to dest on success,
314 * or NULL on failure. If <b>decorate</b>, surround IPv6 addresses with
318 tor_addr_to_str(char *dest
, const tor_addr_t
*addr
, int len
, int decorate
)
321 tor_assert(addr
&& dest
);
323 switch (tor_addr_family(addr
)) {
327 ptr
= tor_inet_ntop(AF_INET
, &addr
->addr
.in_addr
, dest
, len
);
331 ptr
= tor_inet_ntop(AF_INET6
, &addr
->addr
.in6_addr
, dest
+1, len
-2);
333 ptr
= tor_inet_ntop(AF_INET6
, &addr
->addr
.in6_addr
, dest
, len
);
334 if (ptr
&& decorate
) {
336 memcpy(dest
+strlen(dest
), "]", 2);
337 tor_assert(ptr
== dest
+1);
347 /** Parse a string <b>s</b> containing an IPv4/IPv6 address, and possibly
348 * a mask and port or port range. Store the parsed address in
349 * <b>addr_out</b>, a mask (if any) in <b>mask_out</b>, and port(s) (if any)
350 * in <b>port_min_out</b> and <b>port_max_out</b>.
353 * Address OptMask OptPortRange
354 * Address ::= IPv4Address / "[" IPv6Address "]" / "*"
355 * OptMask ::= "/" Integer /
356 * OptPortRange ::= ":*" / ":" Integer / ":" Integer "-" Integer /
358 * - If mask, minport, or maxport are NULL, we do not want these
359 * options to be set; treat them as an error if present.
360 * - If the string has no mask, the mask is set to /32 (IPv4) or /128 (IPv6).
361 * - If the string has one port, it is placed in both min and max port
363 * - If the string has no port(s), port_(min|max)_out are set to 1 and 65535.
365 * Return an address family on success, or -1 if an invalid address string is
369 tor_addr_parse_mask_ports(const char *s
, tor_addr_t
*addr_out
,
370 maskbits_t
*maskbits_out
,
371 uint16_t *port_min_out
, uint16_t *port_max_out
)
373 char *base
= NULL
, *address
, *mask
= NULL
, *port
= NULL
, *rbracket
= NULL
;
375 int any_flag
=0, v4map
=0;
378 tor_assert(addr_out
);
380 /* IP, [], /mask, ports */
381 #define MAX_ADDRESS_LENGTH (TOR_ADDR_BUF_LEN+2+(1+INET_NTOA_BUF_LEN)+12+1)
383 if (strlen(s
) > MAX_ADDRESS_LENGTH
) {
384 log_warn(LD_GENERAL
, "Impossibly long IP %s; rejecting", escaped(s
));
387 base
= tor_strdup(s
);
389 /* Break 'base' into separate strings. */
391 if (*address
== '[') { /* Probably IPv6 */
393 rbracket
= strchr(address
, ']');
396 "No closing IPv6 bracket in address pattern; rejecting.");
400 mask
= strchr((rbracket
?rbracket
:address
),'/');
401 port
= strchr((mask
?mask
:(rbracket
?rbracket
:address
)), ':');
409 tor_assert(port
> mask
);
410 if (mask
&& rbracket
)
411 tor_assert(mask
> rbracket
);
413 /* Now "address" is the a.b.c.d|'*'|abcd::1 part...
414 * "mask" is the Mask|Maskbits part...
415 * and "port" is the *|port|min-max part.
418 /* Process the address portion */
419 memset(addr_out
, 0, sizeof(tor_addr_t
));
421 if (!strcmp(address
, "*")) {
422 addr_out
->family
= AF_INET
; /* AF_UNSPEC ???? XXXX_IP6 */
424 } else if (tor_inet_pton(AF_INET6
, address
, &addr_out
->addr
.in6_addr
) > 0) {
425 addr_out
->family
= AF_INET6
;
426 } else if (tor_inet_pton(AF_INET
, address
, &addr_out
->addr
.in_addr
) > 0) {
427 addr_out
->family
= AF_INET
;
429 log_warn(LD_GENERAL
, "Malformed IP %s in address pattern; rejecting.",
434 v4map
= tor_addr_is_v4(addr_out
);
438 if (v_family == AF_INET) {
440 IN_ADDR6(addr_out).s6_addr32[3] = IN6_ADDRESS(addr_out).s_addr;
441 memset(&IN6_ADDRESS(addr_out), 0, 10);
442 IN_ADDR6(addr_out).s6_addr16[5] = 0xffff;
445 if (v_family == AF_INET6 && v4map) {
447 IN4_ADDRESS((addr_out).s_addr = IN6_ADDRESS(addr_out).s6_addr32[3];
455 struct in_addr v4mask
;
457 if (mask
) { /* the caller (tried to) specify a mask */
458 bits
= (int) strtol(mask
, &endptr
, 10);
459 if (!*endptr
) { /* strtol converted everything, so it was an integer */
460 if ((bits
<0 || bits
>128) ||
461 ((tor_addr_family(addr_out
) == AF_INET
) && bits
> 32)) {
463 "Bad number of mask bits (%d) on address range; rejecting.",
467 } else { /* mask might still be an address-style mask */
468 if (tor_inet_pton(AF_INET
, mask
, &v4mask
) > 0) {
469 bits
= addr_mask_get_bits(ntohl(v4mask
.s_addr
));
472 "IPv4-style mask %s is not a prefix address; rejecting.",
476 } else { /* Not IPv4; we don't do address-style IPv6 masks. */
478 "Malformed mask on address range %s; rejecting.",
483 if (tor_addr_family(addr_out
) == AF_INET6
&& v4map
) {
484 if (bits
> 32 && bits
< 96) { /* Crazy */
486 "Bad mask bits %i for V4-mapped V6 address; rejecting.",
490 /* XXXX_IP6 is this really what we want? */
491 bits
= 96 + bits
%32; /* map v4-mapped masks onto 96-128 bits */
493 } else { /* pick an appropriate mask, as none was given */
495 bits
= 0; /* This is okay whether it's V6 or V4 (FIX V4-mapped V6!) */
496 else if (tor_addr_family(addr_out
) == AF_INET
)
498 else if (tor_addr_family(addr_out
) == AF_INET6
)
501 *maskbits_out
= (maskbits_t
) bits
;
505 "Unexpected mask in addrss %s; rejecting", escaped(s
));
513 if (!port_max_out
) /* caller specified one port; fake the second one */
514 port_max_out
= &port2
;
516 if (parse_port_range(port
, port_min_out
, port_max_out
) < 0) {
518 } else if ((*port_min_out
!= *port_max_out
) && port_max_out
== &port2
) {
520 "Wanted one port from address range, but there are two.");
522 port_max_out
= NULL
; /* caller specified one port, so set this back */
528 "Unexpected ports in addrss %s; rejecting", escaped(s
));
534 return tor_addr_family(addr_out
);
540 /** Determine whether an address is IPv4, either native or ipv4-mapped ipv6.
541 * Note that this is about representation only, as any decent stack will
542 * reject ipv4-mapped addresses received on the wire (and won't use them
543 * on the wire either).
546 tor_addr_is_v4(const tor_addr_t
*addr
)
550 if (tor_addr_family(addr
) == AF_INET
)
553 if (tor_addr_family(addr
) == AF_INET6
) {
554 /* First two don't need to be ordered */
555 uint32_t *a32
= tor_addr_to_in6_addr32(addr
);
556 if (a32
[0] == 0 && a32
[1] == 0 && ntohl(a32
[2]) == 0x0000ffffu
)
560 return 0; /* Not IPv4 - unknown family or a full-blood IPv6 address */
563 /** Determine whether an address <b>addr</b> is null, either all zeroes or
564 * belonging to family AF_UNSPEC.
567 tor_addr_is_null(const tor_addr_t
*addr
)
571 switch (tor_addr_family(addr
)) {
573 uint32_t *a32
= tor_addr_to_in6_addr32(addr
);
574 return (a32
[0] == 0) && (a32
[1] == 0) && (a32
[2] == 0) && (a32
[3] == 0);
577 return (tor_addr_to_ipv4n(addr
) == 0);
581 log_warn(LD_BUG
, "Called with unknown address family %d",
582 (int)tor_addr_family(addr
));
588 /** Return true iff <b>addr</b> is a loopback address */
590 tor_addr_is_loopback(const tor_addr_t
*addr
)
593 switch (tor_addr_family(addr
)) {
596 uint32_t *a32
= tor_addr_to_in6_addr32(addr
);
597 return (a32
[0] == 0) && (a32
[1] == 0) && (a32
[2] == 0) && (a32
[3] == 1);
601 return (tor_addr_to_ipv4h(addr
) & 0xff000000) == 0x7f000000;
605 tor_fragile_assert();
610 /** Set <b>dest</b> to equal the IPv4 address in <b>v4addr</b> (given in
613 tor_addr_from_ipv4n(tor_addr_t
*dest
, uint32_t v4addr
)
616 memset(dest
, 0, sizeof(dest
));
617 dest
->family
= AF_INET
;
618 dest
->addr
.in_addr
.s_addr
= v4addr
;
621 /** Set <b>dest</b> to equal the IPv6 address in the 16 bytes at
622 * <b>ipv6_bytes</b>. */
624 tor_addr_from_ipv6_bytes(tor_addr_t
*dest
, const char *ipv6_bytes
)
627 tor_assert(ipv6_bytes
);
628 memset(dest
, 0, sizeof(dest
));
629 dest
->family
= AF_INET6
;
630 memcpy(dest
->addr
.in6_addr
.s6_addr
, ipv6_bytes
, 16);
635 tor_addr_from_in6(tor_addr_t
*dest
, const struct in6_addr
*in6
)
637 tor_addr_from_ipv6_bytes(dest
, (const char*)in6
->s6_addr
);
640 /** Copy a tor_addr_t from <b>src</b> to <b>dest</b>.
643 tor_addr_copy(tor_addr_t
*dest
, const tor_addr_t
*src
)
647 memcpy(dest
, src
, sizeof(tor_addr_t
));
650 /** Given two addresses <b>addr1</b> and <b>addr2</b>, return 0 if the two
651 * addresses are equivalent under the mask mbits, less than 0 if addr1
652 * preceeds addr2, and greater than 0 otherwise.
654 * Different address families (IPv4 vs IPv6) are always considered unequal.
655 * NOT QUITE XXXX DOCDOC.
658 tor_addr_compare(const tor_addr_t
*addr1
, const tor_addr_t
*addr2
,
659 tor_addr_comparison_t how
)
661 return tor_addr_compare_masked(addr1
, addr2
, 128, how
);
664 /** As tor_addr_compare(), but only looks at the first <b>mask</b> bits of
667 * Reduce over-specific masks (>128 for ipv6, >32 for ipv4) to 128 or 32.
670 tor_addr_compare_masked(const tor_addr_t
*addr1
, const tor_addr_t
*addr2
,
671 maskbits_t mbits
, tor_addr_comparison_t how
)
673 uint32_t ip4a
=0, ip4b
=0;
674 sa_family_t v_family
[2];
676 uint32_t masked_a
, masked_b
;
678 tor_assert(addr1
&& addr2
);
680 if (how
== CMP_EXACT
) {
681 int r
= ((int)addr2
->family
) - ((int)addr1
->family
);
683 switch (addr1
->family
) {
685 return 0; /* All unspecified addresses are equal */
687 uint32_t a1
= ntohl(addr1
->addr
.in_addr
.s_addr
);
688 uint32_t a2
= ntohl(addr2
->addr
.in_addr
.s_addr
);
691 return (a1
< a2
) ? -1 : (a1
== a2
) ? 0 : 1;
694 const uint8_t *a1
= addr1
->addr
.in6_addr
.s6_addr
;
695 const uint8_t *a2
= addr2
->addr
.in6_addr
.s6_addr
;
696 const int bytes
= mbits
>> 3;
697 const int leftover_bits
= mbits
& 7;
698 if (bytes
&& (r
= memcmp(a1
, a2
, bytes
))) {
700 } else if (leftover_bits
) {
701 uint8_t b1
= a1
[bytes
] >> (8-leftover_bits
);
702 uint8_t b2
= a2
[bytes
] >> (8-leftover_bits
);
703 return (b1
< b2
) ? -1 : (b1
== b2
) ? 0 : 1;
709 tor_fragile_assert();
714 /* XXXX021 this code doesn't handle mask bits right it's using v4-mapped v6
715 * addresses. If I ask whether ::ffff:1.2.3.4 and ::ffff:1.2.7.8 are the
716 * same in the first 16 bits, it will say "yes." That's not so intuitive.
718 * XXXX021 Also, it's way too complicated.
721 v_family
[0] = tor_addr_family(addr1
);
722 v_family
[1] = tor_addr_family(addr2
);
724 /* All UNSPEC addresses are equal; they are unequal to all other addresses.*/
725 if (v_family
[0] == AF_UNSPEC
) {
726 if (v_family
[1] == AF_UNSPEC
)
731 if (v_family
[1] == AF_UNSPEC
)
735 if (v_family
[0] == AF_INET
) { /* If this is native IPv4, note the address */
736 /* Later we risk overwriting a v4-mapped address */
737 ip4a
= tor_addr_to_ipv4h(addr1
);
738 } else if ((v_family
[0] == AF_INET6
) && tor_addr_is_v4(addr1
)) {
739 v_family
[0] = AF_INET
;
740 ip4a
= tor_addr_to_mapped_ipv4h(addr1
);
743 if (v_family
[1] == AF_INET
) { /* If this is native IPv4, note the address */
744 /* Later we risk overwriting a v4-mapped address */
745 ip4b
= tor_addr_to_ipv4h(addr2
);
746 } else if ((v_family
[1] == AF_INET6
) && tor_addr_is_v4(addr2
)) {
747 v_family
[1] = AF_INET
;
748 ip4b
= tor_addr_to_mapped_ipv4h(addr2
);
751 if (v_family
[0] > v_family
[1]) /* Comparison of virtual families */
753 else if (v_family
[0] < v_family
[1])
756 if (mbits
== 0) /* Under a complete wildcard mask, consider them equal */
759 if (v_family
[0] == AF_INET
) { /* Real or mapped IPv4 */
763 } else if (mbits
== 0) {
766 masked_a
= ip4a
>> (32-mbits
);
767 masked_b
= ip4b
>> (32-mbits
);
769 if (masked_a
< masked_b
)
771 else if (masked_a
> masked_b
)
774 } else if (v_family
[0] == AF_INET6
) { /* Real IPv6 */
775 const uint32_t *a1
= tor_addr_to_in6_addr32(addr1
);
776 const uint32_t *a2
= tor_addr_to_in6_addr32(addr2
);
777 for (idx
= 0; idx
< 4; ++idx
) {
778 uint32_t masked_a
= ntohl(a1
[idx
]);
779 uint32_t masked_b
= ntohl(a2
[idx
]);
781 return 0; /* Mask covers both addresses from here on */
782 } else if (mbits
< 32) {
783 masked_a
>>= (32-mbits
);
784 masked_b
>>= (32-mbits
);
787 if (masked_a
> masked_b
)
789 else if (masked_a
< masked_b
)
799 tor_assert(0); /* Unknown address family */
800 return -1; /* unknown address family, return unequal? */
804 /** Return a hash code based on the address addr */
806 tor_addr_hash(const tor_addr_t
*addr
)
808 switch (tor_addr_family(addr
)) {
810 return tor_addr_to_ipv4h(addr
);
814 const uint32_t *u
= tor_addr_to_in6_addr32(addr
);
815 return u
[0] + u
[1] + u
[2] + u
[3];
818 tor_fragile_assert();
823 /** Return a newly allocatd string with a representation of <b>addr</b>. */
825 tor_dup_addr(const tor_addr_t
*addr
)
827 char buf
[TOR_ADDR_BUF_LEN
];
828 tor_addr_to_str(buf
, addr
, sizeof(buf
), 0);
829 return tor_strdup(buf
);
832 /** Return a string representing the address <b>addr</b>. This string is
833 * statically allocated, and must not be freed. Each call to
834 * <b>fmt_addr</b> invalidates the last result of the function. This
835 * function is not thread-safe. */
837 fmt_addr(const tor_addr_t
*addr
)
839 static char buf
[TOR_ADDR_BUF_LEN
];
840 if (!addr
) return "<null>";
841 tor_addr_to_str(buf
, addr
, sizeof(buf
), 0);
845 /** Convert the string in <b>src</b> to a tor_addr_t <b>addr</b>. The string
846 * may be an IPv4 address, an IPv6 address, or an IPv6 address surrounded by
849 * Return an address family on success, or -1 if an invalid address string is
852 tor_addr_from_str(tor_addr_t
*addr
, const char *src
)
854 char *tmp
= NULL
; /* Holds substring if we got a dotted quad. */
856 tor_assert(addr
&& src
);
857 if (src
[0] == '[' && src
[1])
858 src
= tmp
= tor_strndup(src
+1, strlen(src
)-2);
860 if (tor_inet_pton(AF_INET6
, src
, &addr
->addr
.in6_addr
) > 0) {
861 result
= addr
->family
= AF_INET6
;
862 } else if (tor_inet_pton(AF_INET
, src
, &addr
->addr
.in_addr
) > 0) {
863 result
= addr
->family
= AF_INET
;
872 /** Parse an address or address-port combination from <b>s</b>, and put the
873 result in <b>addr_out</b? and (optionally) <b>port_out</b>. Return 0 on
874 success, negative on failure.*/
876 tor_addr_port_parse(const char *s
, tor_addr_t
*addr_out
, uint16_t *port_out
)
884 tor_assert(addr_out
);
886 s
= eat_whitespace(s
);
889 port
= strstr(s
, "]");
892 tmp
= tor_strndup(s
+1, port
-s
);
899 port
= strchr(s
, ':');
901 tmp
= tor_strndup(s
, port
-s
);
908 if (tor_addr_lookup(tmp
, AF_UNSPEC
, &addr
) < 0)
913 portval
= (int) tor_parse_long(port
, 10, 1, 65535, NULL
, NULL
);
922 tor_addr_copy(addr_out
, &addr
);
930 /** Set *<b>addr</b> to the IP address (if any) of whatever interface
931 * connects to the internet. This address should only be used in checking
932 * whether our address has changed. Return 0 on success, -1 on failure.
935 get_interface_address6(int severity
, sa_family_t family
, tor_addr_t
*addr
)
938 struct sockaddr_storage my_addr
, target_addr
;
939 socklen_t my_addr_len
;
943 memset(addr
, 0, sizeof(tor_addr_t
));
944 memset(&target_addr
, 0, sizeof(target_addr
));
945 my_addr_len
= (socklen_t
)sizeof(my_addr
);
946 /* Use the "discard" service port */
947 ((struct sockaddr_in
*)&target_addr
)->sin_port
= 9;
948 /* Don't worry: no packets are sent. We just need to use a real address
949 * on the actual internet. */
950 if (family
== AF_INET6
) {
951 struct sockaddr_in6
*sin6
= (struct sockaddr_in6
*)&target_addr
;
952 sock
= tor_open_socket(PF_INET6
,SOCK_DGRAM
,IPPROTO_UDP
);
953 my_addr_len
= (socklen_t
)sizeof(struct sockaddr_in6
);
954 sin6
->sin6_family
= AF_INET6
;
955 S6_ADDR16(sin6
->sin6_addr
)[0] = htons(0x2002); /* 2002:: */
956 } else if (family
== AF_INET
) {
957 struct sockaddr_in
*sin
= (struct sockaddr_in
*)&target_addr
;
958 sock
= tor_open_socket(PF_INET
,SOCK_DGRAM
,IPPROTO_UDP
);
959 my_addr_len
= (socklen_t
)sizeof(struct sockaddr_in
);
960 sin
->sin_family
= AF_INET
;
961 sin
->sin_addr
.s_addr
= htonl(0x12000001); /* 18.0.0.1 */
966 int e
= tor_socket_errno(-1);
967 log_fn(severity
, LD_NET
, "unable to create socket: %s",
968 tor_socket_strerror(e
));
972 if (connect(sock
,(struct sockaddr
*)&target_addr
,
973 (socklen_t
)sizeof(target_addr
))<0) {
974 int e
= tor_socket_errno(sock
);
975 log_fn(severity
, LD_NET
, "connect() failed: %s", tor_socket_strerror(e
));
979 if (getsockname(sock
,(struct sockaddr
*)&my_addr
, &my_addr_len
)) {
980 int e
= tor_socket_errno(sock
);
981 log_fn(severity
, LD_NET
, "getsockname() to determine interface failed: %s",
982 tor_socket_strerror(e
));
986 memcpy(addr
, &my_addr
, sizeof(tor_addr_t
));
990 tor_close_socket(sock
);
996 * XXXX021 IPv6 deprecate some of these.
999 /** Return true iff <b>ip</b> (in host order) is an IP reserved to localhost,
1000 * or reserved for local networks by RFC 1918.
1003 is_internal_IP(uint32_t ip
, int for_listening
)
1006 myaddr
.family
= AF_INET
;
1007 myaddr
.addr
.in_addr
.s_addr
= htonl(ip
);
1009 return tor_addr_is_internal(&myaddr
, for_listening
);
1012 /** Parse a string of the form "host[:port]" from <b>addrport</b>. If
1013 * <b>address</b> is provided, set *<b>address</b> to a copy of the
1014 * host portion of the string. If <b>addr</b> is provided, try to
1015 * resolve the host portion of the string and store it into
1016 * *<b>addr</b> (in host byte order). If <b>port_out</b> is provided,
1017 * store the port number into *<b>port_out</b>, or 0 if no port is given.
1018 * If <b>port_out</b> is NULL, then there must be no port number in
1020 * Return 0 on success, -1 on failure.
1023 parse_addr_port(int severity
, const char *addrport
, char **address
,
1024 uint32_t *addr
, uint16_t *port_out
)
1027 char *_address
= NULL
;
1031 tor_assert(addrport
);
1033 colon
= strchr(addrport
, ':');
1035 _address
= tor_strndup(addrport
, colon
-addrport
);
1036 _port
= (int) tor_parse_long(colon
+1,10,1,65535,NULL
,NULL
);
1038 log_fn(severity
, LD_GENERAL
, "Port %s out of range", escaped(colon
+1));
1042 char *esc_addrport
= esc_for_log(addrport
);
1043 log_fn(severity
, LD_GENERAL
,
1044 "Port %s given on %s when not required",
1045 escaped(colon
+1), esc_addrport
);
1046 tor_free(esc_addrport
);
1050 _address
= tor_strdup(addrport
);
1055 /* There's an addr pointer, so we need to resolve the hostname. */
1056 if (tor_lookup_hostname(_address
,addr
)) {
1057 log_fn(severity
, LD_NET
, "Couldn't look up %s", escaped(_address
));
1063 if (address
&& ok
) {
1064 *address
= _address
;
1071 *port_out
= ok
? ((uint16_t) _port
) : 0;
1076 /** If <b>mask</b> is an address mask for a bit-prefix, return the number of
1077 * bits. Otherwise, return -1. */
1079 addr_mask_get_bits(uint32_t mask
)
1084 if (mask
== 0xFFFFFFFFu
)
1086 for (i
=0; i
<=32; ++i
) {
1087 if (mask
== (uint32_t) ~((1u<<(32-i
))-1)) {
1094 /** Compare two addresses <b>a1</b> and <b>a2</b> for equality under a
1095 * netmask of <b>mbits</b> bits. Return -1, 0, or 1.
1097 * XXXX_IP6 Temporary function to allow masks as bitcounts everywhere. This
1098 * will be replaced with an IPv6-aware version as soon as 32-bit addresses are
1099 * no longer passed around.
1102 addr_mask_cmp_bits(uint32_t a1
, uint32_t a2
, maskbits_t bits
)
1120 /** Parse a string <b>s</b> in the format of (*|port(-maxport)?)?, setting the
1121 * various *out pointers as appropriate. Return 0 on success, -1 on failure.
1124 parse_port_range(const char *port
, uint16_t *port_min_out
,
1125 uint16_t *port_max_out
)
1127 int port_min
, port_max
, ok
;
1128 tor_assert(port_min_out
);
1129 tor_assert(port_max_out
);
1131 if (!port
|| *port
== '\0' || strcmp(port
, "*") == 0) {
1135 char *endptr
= NULL
;
1136 port_min
= (int)tor_parse_long(port
, 10, 0, 65535, &ok
, &endptr
);
1138 log_warn(LD_GENERAL
,
1139 "Malformed port %s on address range; rejecting.",
1142 } else if (endptr
&& *endptr
== '-') {
1145 port_max
= (int)tor_parse_long(port
, 10, 1, 65536, &ok
, &endptr
);
1147 log_warn(LD_GENERAL
,
1148 "Malformed port %s on address range; rejecting.",
1153 port_max
= port_min
;
1155 if (port_min
> port_max
) {
1156 log_warn(LD_GENERAL
, "Insane port range on address policy; rejecting.");
1163 if (port_max
> 65535)
1166 *port_min_out
= (uint16_t) port_min
;
1167 *port_max_out
= (uint16_t) port_max
;
1172 /** Parse a string <b>s</b> in the format of
1173 * (IP(/mask|/mask-bits)?|*)(:(*|port(-maxport))?)?, setting the various
1174 * *out pointers as appropriate. Return 0 on success, -1 on failure.
1177 parse_addr_and_port_range(const char *s
, uint32_t *addr_out
,
1178 maskbits_t
*maskbits_out
, uint16_t *port_min_out
,
1179 uint16_t *port_max_out
)
1182 char *mask
, *port
, *endptr
;
1187 tor_assert(addr_out
);
1188 tor_assert(maskbits_out
);
1189 tor_assert(port_min_out
);
1190 tor_assert(port_max_out
);
1192 address
= tor_strdup(s
);
1193 /* Break 'address' into separate strings.
1195 mask
= strchr(address
,'/');
1196 port
= strchr(mask
?mask
:address
,':');
1201 /* Now "address" is the IP|'*' part...
1202 * "mask" is the Mask|Maskbits part...
1203 * and "port" is the *|port|min-max part.
1206 if (strcmp(address
,"*")==0) {
1208 } else if (tor_inet_aton(address
, &in
) != 0) {
1209 *addr_out
= ntohl(in
.s_addr
);
1211 log_warn(LD_GENERAL
, "Malformed IP %s in address pattern; rejecting.",
1217 if (strcmp(address
,"*")==0)
1223 bits
= (int) strtol(mask
, &endptr
, 10);
1225 /* strtol handled the whole mask. */
1226 if (bits
< 0 || bits
> 32) {
1227 log_warn(LD_GENERAL
,
1228 "Bad number of mask bits on address range; rejecting.");
1231 *maskbits_out
= bits
;
1232 } else if (tor_inet_aton(mask
, &in
) != 0) {
1233 bits
= addr_mask_get_bits(ntohl(in
.s_addr
));
1235 log_warn(LD_GENERAL
,
1236 "Mask %s on address range isn't a prefix; dropping",
1240 *maskbits_out
= bits
;
1242 log_warn(LD_GENERAL
,
1243 "Malformed mask %s on address range; rejecting.",
1249 if (parse_port_range(port
, port_min_out
, port_max_out
)<0)
1259 /** Given an IPv4 in_addr struct *<b>in</b> (in network order, as usual),
1260 * write it as a string into the <b>buf_len</b>-byte buffer in
1264 tor_inet_ntoa(const struct in_addr
*in
, char *buf
, size_t buf_len
)
1266 uint32_t a
= ntohl(in
->s_addr
);
1267 return tor_snprintf(buf
, buf_len
, "%d.%d.%d.%d",
1268 (int)(uint8_t)((a
>>24)&0xff),
1269 (int)(uint8_t)((a
>>16)&0xff),
1270 (int)(uint8_t)((a
>>8 )&0xff),
1271 (int)(uint8_t)((a
)&0xff));
1274 /** Given a host-order <b>addr</b>, call tor_inet_ntop() on it
1275 * and return a strdup of the resulting address.
1278 tor_dup_ip(uint32_t addr
)
1280 char buf
[TOR_ADDR_BUF_LEN
];
1283 in
.s_addr
= htonl(addr
);
1284 tor_inet_ntop(AF_INET
, &in
, buf
, sizeof(buf
));
1285 return tor_strdup(buf
);
1289 * Set *<b>addr</b> to the host-order IPv4 address (if any) of whatever
1290 * interface connects to the internet. This address should only be used in
1291 * checking whether our address has changed. Return 0 on success, -1 on
1295 get_interface_address(int severity
, uint32_t *addr
)
1297 tor_addr_t local_addr
;
1300 r
= get_interface_address6(severity
, AF_INET
, &local_addr
);
1302 *addr
= tor_addr_to_ipv4h(&local_addr
);