Browse code
Allow route_ipv6_match_host to be used outside of route.c
Also adjust style a bit to C99
Change-Id: Ief1495b52ea81cac35d78e40264372d3869423f1
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1191
Message-Id: <20251007160826.4614-1-gert@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59243387/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Arne Schwabe authored on 2025/10/08 01:08:18Showing 2 changed files
| ... | ... |
@@ -710,25 +710,20 @@ init_route_list(struct route_list *rl, const struct route_option_list *opt, |
| 710 | 710 |
return ret; |
| 711 | 711 |
} |
| 712 | 712 |
|
| 713 |
-/* check whether an IPv6 host address is covered by a given route_ipv6 |
|
| 714 |
- * (not the most beautiful implementation in the world, but portable and |
|
| 715 |
- * "good enough") |
|
| 716 |
- */ |
|
| 717 |
-static bool |
|
| 718 |
-route_ipv6_match_host(const struct route_ipv6 *r6, const struct in6_addr *host) |
|
| 713 |
+bool |
|
| 714 |
+ipv6_net_contains_host(const struct in6_addr *network, unsigned int bits, const struct in6_addr *host) |
|
| 719 | 715 |
{
|
| 720 |
- unsigned int bits = r6->netbits; |
|
| 721 |
- int i; |
|
| 722 |
- unsigned int mask; |
|
| 723 |
- |
|
| 716 |
+ /* not the most beautiful implementation in the world, but portable and |
|
| 717 |
+ * "good enough" */ |
|
| 724 | 718 |
if (bits > 128) |
| 725 | 719 |
{
|
| 726 | 720 |
return false; |
| 727 | 721 |
} |
| 728 | 722 |
|
| 723 |
+ int i; |
|
| 729 | 724 |
for (i = 0; bits >= 8; i++, bits -= 8) |
| 730 | 725 |
{
|
| 731 |
- if (r6->network.s6_addr[i] != host->s6_addr[i]) |
|
| 726 |
+ if (network->s6_addr[i] != host->s6_addr[i]) |
|
| 732 | 727 |
{
|
| 733 | 728 |
return false; |
| 734 | 729 |
} |
| ... | ... |
@@ -739,9 +734,9 @@ route_ipv6_match_host(const struct route_ipv6 *r6, const struct in6_addr *host) |
| 739 | 739 |
return true; |
| 740 | 740 |
} |
| 741 | 741 |
|
| 742 |
- mask = 0xff << (8 - bits); |
|
| 742 |
+ unsigned int mask = 0xff << (8 - bits); |
|
| 743 | 743 |
|
| 744 |
- if ((r6->network.s6_addr[i] & mask) == (host->s6_addr[i] & mask)) |
|
| 744 |
+ if ((network->s6_addr[i] & mask) == (host->s6_addr[i] & mask)) |
|
| 745 | 745 |
{
|
| 746 | 746 |
return true; |
| 747 | 747 |
} |
| ... | ... |
@@ -830,7 +825,8 @@ init_route_ipv6_list(struct route_ipv6_list *rl6, const struct route_ipv6_option |
| 830 | 830 |
* avoiding routing loops, so ignore this part and let |
| 831 | 831 |
* need_remote_ipv6_route always evaluate to false |
| 832 | 832 |
*/ |
| 833 |
- if (remote_host_ipv6 && route_ipv6_match_host(r6, remote_host_ipv6)) |
|
| 833 |
+ if (remote_host_ipv6 |
|
| 834 |
+ && ipv6_net_contains_host(&r6->network, r6->netbits, remote_host_ipv6)) |
|
| 834 | 835 |
{
|
| 835 | 836 |
need_remote_ipv6_route = true; |
| 836 | 837 |
msg(D_ROUTE, |
| ... | ... |
@@ -426,4 +426,17 @@ route_did_redirect_default_gateway(const struct route_list *rl) |
| 426 | 426 |
return rl && BOOL_CAST(rl->iflags & RL_DID_REDIRECT_DEFAULT_GATEWAY); |
| 427 | 427 |
} |
| 428 | 428 |
|
| 429 |
+ |
|
| 430 |
+/** |
|
| 431 |
+ * check whether an IPv6 host address is covered by a given network/bits |
|
| 432 |
+ * @param network the network address |
|
| 433 |
+ * @param bits the network mask |
|
| 434 |
+ * @param host the host address to be checked if it is contained by the network |
|
| 435 |
+ * |
|
| 436 |
+ * @return true if the host address is covered by the network with the given |
|
| 437 |
+ * network mask by bits |
|
| 438 |
+ */ |
|
| 439 |
+bool |
|
| 440 |
+ipv6_net_contains_host(const struct in6_addr *network, unsigned int bits, const struct in6_addr *host); |
|
| 441 |
+ |
|
| 429 | 442 |
#endif /* ifndef ROUTE_H */ |