ncd: modules: add net_ipv4_addr_in_network and net_ipv6_addr_in_network

blog_channels.txt

@@ -127,3 +127,5 @@ NCDPlaceholderDb 4
 NCDVal 4
 ncd_net_ipv6_addr 4
 ncd_net_ipv6_route 4
+ncd_net_ipv4_addr_in_network 4
+ncd_net_ipv6_addr_in_network 4

generated/blog_channel_ncd_net_ipv4_addr_in_network.h

@@ -0,0 +1,4 @@
+#ifdef BLOG_CURRENT_CHANNEL
+#undef BLOG_CURRENT_CHANNEL
+#endif
+#define BLOG_CURRENT_CHANNEL BLOG_CHANNEL_ncd_net_ipv4_addr_in_network

generated/blog_channel_ncd_net_ipv6_addr_in_network.h

@@ -0,0 +1,4 @@
+#ifdef BLOG_CURRENT_CHANNEL
+#undef BLOG_CURRENT_CHANNEL
+#endif
+#define BLOG_CURRENT_CHANNEL BLOG_CHANNEL_ncd_net_ipv6_addr_in_network

generated/blog_channels_defines.h

@@ -127,4 +127,6 @@
 #define BLOG_CHANNEL_NCDVal 126
 #define BLOG_CHANNEL_ncd_net_ipv6_addr 127
 #define BLOG_CHANNEL_ncd_net_ipv6_route 128
-#define BLOG_NUM_CHANNELS 129
+#define BLOG_CHANNEL_ncd_net_ipv4_addr_in_network 129
+#define BLOG_CHANNEL_ncd_net_ipv6_addr_in_network 130
+#define BLOG_NUM_CHANNELS 131

generated/blog_channels_list.h

@@ -127,3 +127,5 @@
 {"NCDVal", 4},
 {"ncd_net_ipv6_addr", 4},
 {"ncd_net_ipv6_route", 4},
+{"ncd_net_ipv4_addr_in_network", 4},
+{"ncd_net_ipv6_addr_in_network", 4},

ncd/CMakeLists.txt

@@ -151,6 +151,8 @@ add_executable(badvpn-ncd
     modules/explode.c
     modules/net_ipv6_addr.c
     modules/net_ipv6_route.c
+    modules/net_ipv4_addr_in_network.c
+    modules/net_ipv6_addr_in_network.c
     ${NCD_ADDITIONAL_SOURCES}
 )
 target_link_libraries(badvpn-ncd system flow flowextra dhcpclient arpprobe ncdvalue ncdval ncdvalcompat ncdvaluegenerator ncdvalueparser ncdconfigparser ncdsugar udevmonitor ncdinterfacemonitor ncdrequest)

ncd/modules/modules.h

@@ -106,6 +106,8 @@ extern const struct NCDModuleGroup ncdmodule_reboot;
 extern const struct NCDModuleGroup ncdmodule_explode;
 extern const struct NCDModuleGroup ncdmodule_net_ipv6_addr;
 extern const struct NCDModuleGroup ncdmodule_net_ipv6_route;
+extern const struct NCDModuleGroup ncdmodule_net_ipv4_addr_in_network;
+extern const struct NCDModuleGroup ncdmodule_net_ipv6_addr_in_network;
 
 static const struct NCDModuleGroup *ncd_modules[] = {
     &ncdmodule_var,
@@ -180,6 +182,8 @@ static const struct NCDModuleGroup *ncd_modules[] = {
     &ncdmodule_explode,
     &ncdmodule_net_ipv6_addr,
     &ncdmodule_net_ipv6_route,
+    &ncdmodule_net_ipv4_addr_in_network,
+    &ncdmodule_net_ipv6_addr_in_network,
     NULL
 };
 

ncd/modules/net_ipv4_addr_in_network.c

@@ -0,0 +1,172 @@
+/**
+ * @file net_ipv4_addr_in_network.c
+ * @author Ambroz Bizjak <ambrop7@gmail.com>
+ * 
+ * @section LICENSE
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the author nor the
+ *    names of its contributors may be used to endorse or promote products
+ *    derived from this software without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * 
+ * @section DESCRIPTION
+ * 
+ * Synopsis:
+ *   net.ipv4.addr_in_network(string addr, string net_addr, string net_prefix)
+ *   net.ipv4.addr_in_network(string addr, string cidr_net_addr)
+ *   net.ipv4.ifnot_addr_in_network(string addr, string net_addr, string net_prefix)
+ *   net.ipv4.ifnot_addr_in_network(string addr, string cidr_net_addr)
+ * 
+ * Description:
+ *   Checks if two IPv4 addresses belong to the same subnet.
+ *   The prefix length is given either in the a separate argument or along with
+ *   the second address in CIDR notation (address/prefix).
+ *   This can be used to check whether an address belongs to a certain
+ *   subnet, hence the name.
+ * 
+ * Variables:
+ *   (empty) - "true" if addresses belong to the same subnet, "false" if not
+ */
+
+#include <string.h>
+
+#include <misc/ipaddr.h>
+#include <ncd/NCDModule.h>
+
+#include <generated/blog_channel_ncd_net_ipv4_addr_in_network.h>
+
+#define ModuleLog(i, ...) NCDModuleInst_Backend_Log((i), BLOG_CURRENT_CHANNEL, __VA_ARGS__)
+
+struct instance {
+    NCDModuleInst *i;
+    int value;
+};
+
+static void func_new_common (void *vo, NCDModuleInst *i, int is_ifnot)
+{
+    struct instance *o = vo;
+    o->i = i;
+    
+    // read arguments
+    NCDValRef arg_addr;
+    NCDValRef arg_net_addr;
+    NCDValRef arg_net_prefix = NCDVal_NewInvalid();
+    if (!NCDVal_ListRead(i->args, 2, &arg_addr, &arg_net_addr) &&
+        !NCDVal_ListRead(i->args, 3, &arg_addr, &arg_net_addr, &arg_net_prefix) 
+    ) {
+        ModuleLog(o->i, BLOG_ERROR, "wrong arity");
+        goto fail0;
+    }
+    if (!NCDVal_IsString(arg_addr) || !NCDVal_IsString(arg_net_addr) ||
+        (!NCDVal_IsInvalid(arg_net_prefix) && !NCDVal_IsString(arg_net_prefix))
+    ) {
+        ModuleLog(o->i, BLOG_ERROR, "wrong type");
+        goto fail0;
+    }
+    
+    // parse addr
+    uint32_t addr;
+    if (!ipaddr_parse_ipv4_addr_bin(NCDVal_StringValue(arg_addr), NCDVal_StringLength(arg_addr), &addr)) {
+        ModuleLog(o->i, BLOG_ERROR, "bad address");
+        goto fail0;
+    }
+    
+    // parse network
+    struct ipv4_ifaddr network;
+    if (NCDVal_IsInvalid(arg_net_prefix)) {
+        if (!ipaddr_parse_ipv4_ifaddr_bin(NCDVal_StringValue(arg_net_addr), NCDVal_StringLength(arg_net_addr), &network)) {
+            ModuleLog(o->i, BLOG_ERROR, "bad network in CIDR notation");
+            goto fail0;
+        }
+    } else {
+        if (!ipaddr_parse_ipv4_addr_bin(NCDVal_StringValue(arg_net_addr), NCDVal_StringLength(arg_net_addr), &network.addr)) {
+            ModuleLog(o->i, BLOG_ERROR, "bad network address");
+            goto fail0;
+        }
+        if (!ipaddr_parse_ipv4_prefix_bin(NCDVal_StringValue(arg_net_prefix), NCDVal_StringLength(arg_net_prefix), &network.prefix)) {
+            ModuleLog(o->i, BLOG_ERROR, "bad network prefix");
+            goto fail0;
+        }
+    }
+    
+    // test
+    o->value = ipaddr_ipv4_addrs_in_network(addr, network.addr, network.prefix);
+    
+    if (is_ifnot && o->value) {
+        ModuleLog(o->i, BLOG_ERROR, "addresses belong to same subnet, not proceeding");
+    }
+    
+    // signal up
+    if (!is_ifnot || !o->value) {
+        NCDModuleInst_Backend_Up(o->i);
+    }
+    
+    return;
+    
+fail0:
+    NCDModuleInst_Backend_SetError(i);
+    NCDModuleInst_Backend_Dead(i);
+}
+
+static void func_new_normal (void *vo, NCDModuleInst *i)
+{
+    func_new_common(vo, i, 0);
+}
+
+static void func_new_ifnot (void *vo, NCDModuleInst *i)
+{
+    func_new_common(vo, i, 1);
+}
+
+static int func_getvar (void *vo, const char *name, NCDValMem *mem, NCDValRef *out)
+{
+    struct instance *o = vo;
+    
+    if (!strcmp(name, "")) {
+        const char *v = (o->value ? "true" : "false");
+        *out = NCDVal_NewString(mem, v);
+        if (NCDVal_IsInvalid(*out)) {
+            ModuleLog(o->i, BLOG_ERROR, "NCDVal_NewString failed");
+        }
+        return 1;
+    }
+    
+    return 0;
+}
+
+static const struct NCDModule modules[] = {
+    {
+        .type = "net.ipv4.addr_in_network",
+        .func_new2 = func_new_normal,
+        .func_getvar = func_getvar,
+        .alloc_size = sizeof(struct instance)
+    }, {
+        .type = "net.ipv4.ifnot_addr_in_network",
+        .func_new2 = func_new_ifnot,
+        .func_getvar = func_getvar,
+        .alloc_size = sizeof(struct instance)
+    }, {
+        .type = NULL
+    }
+};
+
+const struct NCDModuleGroup ncdmodule_net_ipv4_addr_in_network = {
+    .modules = modules
+};

ncd/modules/net_ipv6_addr_in_network.c

@@ -0,0 +1,172 @@
+/**
+ * @file net_ipv6_addr_in_network.c
+ * @author Ambroz Bizjak <ambrop7@gmail.com>
+ * 
+ * @section LICENSE
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the author nor the
+ *    names of its contributors may be used to endorse or promote products
+ *    derived from this software without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * 
+ * @section DESCRIPTION
+ * 
+ * Synopsis:
+ *   net.ipv6.addr_in_network(string addr, string net_addr, string net_prefix)
+ *   net.ipv6.addr_in_network(string addr, string cidr_net_addr)
+ *   net.ipv6.ifnot_addr_in_network(string addr, string net_addr, string net_prefix)
+ *   net.ipv6.ifnot_addr_in_network(string addr, string cidr_net_addr)
+ * 
+ * Description:
+ *   Checks if two IPv6 addresses belong to the same subnet.
+ *   The prefix length is given either in the a separate argument or along with
+ *   the second address in CIDR notation (address/prefix).
+ *   This can be used to check whether an address belongs to a certain
+ *   subnet, hence the name.
+ * 
+ * Variables:
+ *   (empty) - "true" if addresses belong to the same subnet, "false" if not
+ */
+
+#include <string.h>
+
+#include <misc/ipaddr6.h>
+#include <ncd/NCDModule.h>
+
+#include <generated/blog_channel_ncd_net_ipv6_addr_in_network.h>
+
+#define ModuleLog(i, ...) NCDModuleInst_Backend_Log((i), BLOG_CURRENT_CHANNEL, __VA_ARGS__)
+
+struct instance {
+    NCDModuleInst *i;
+    int value;
+};
+
+static void func_new_common (void *vo, NCDModuleInst *i, int is_ifnot)
+{
+    struct instance *o = vo;
+    o->i = i;
+    
+    // read arguments
+    NCDValRef arg_addr;
+    NCDValRef arg_net_addr;
+    NCDValRef arg_net_prefix = NCDVal_NewInvalid();
+    if (!NCDVal_ListRead(i->args, 2, &arg_addr, &arg_net_addr) &&
+        !NCDVal_ListRead(i->args, 3, &arg_addr, &arg_net_addr, &arg_net_prefix) 
+    ) {
+        ModuleLog(o->i, BLOG_ERROR, "wrong arity");
+        goto fail0;
+    }
+    if (!NCDVal_IsString(arg_addr) || !NCDVal_IsString(arg_net_addr) ||
+        (!NCDVal_IsInvalid(arg_net_prefix) && !NCDVal_IsString(arg_net_prefix))
+    ) {
+        ModuleLog(o->i, BLOG_ERROR, "wrong type");
+        goto fail0;
+    }
+    
+    // parse addr
+    struct ipv6_addr addr;
+    if (!ipaddr6_parse_ipv6_addr_bin(NCDVal_StringValue(arg_addr), NCDVal_StringLength(arg_addr), &addr)) {
+        ModuleLog(o->i, BLOG_ERROR, "bad address");
+        goto fail0;
+    }
+    
+    // parse network
+    struct ipv6_ifaddr network;
+    if (NCDVal_IsInvalid(arg_net_prefix)) {
+        if (!ipaddr6_parse_ipv6_ifaddr_bin(NCDVal_StringValue(arg_net_addr), NCDVal_StringLength(arg_net_addr), &network)) {
+            ModuleLog(o->i, BLOG_ERROR, "bad network in CIDR notation");
+            goto fail0;
+        }
+    } else {
+        if (!ipaddr6_parse_ipv6_addr_bin(NCDVal_StringValue(arg_net_addr), NCDVal_StringLength(arg_net_addr), &network.addr)) {
+            ModuleLog(o->i, BLOG_ERROR, "bad network address");
+            goto fail0;
+        }
+        if (!ipaddr6_parse_ipv6_prefix_bin(NCDVal_StringValue(arg_net_prefix), NCDVal_StringLength(arg_net_prefix), &network.prefix)) {
+            ModuleLog(o->i, BLOG_ERROR, "bad network prefix");
+            goto fail0;
+        }
+    }
+    
+    // test
+    o->value = ipaddr6_ipv6_addrs_in_network(addr, network.addr, network.prefix);
+    
+    if (is_ifnot && o->value) {
+        ModuleLog(o->i, BLOG_ERROR, "addresses belong to same subnet, not proceeding");
+    }
+    
+    // signal up
+    if (!is_ifnot || !o->value) {
+        NCDModuleInst_Backend_Up(o->i);
+    }
+    
+    return;
+    
+fail0:
+    NCDModuleInst_Backend_SetError(i);
+    NCDModuleInst_Backend_Dead(i);
+}
+
+static void func_new_normal (void *vo, NCDModuleInst *i)
+{
+    func_new_common(vo, i, 0);
+}
+
+static void func_new_ifnot (void *vo, NCDModuleInst *i)
+{
+    func_new_common(vo, i, 1);
+}
+
+static int func_getvar (void *vo, const char *name, NCDValMem *mem, NCDValRef *out)
+{
+    struct instance *o = vo;
+    
+    if (!strcmp(name, "")) {
+        const char *v = (o->value ? "true" : "false");
+        *out = NCDVal_NewString(mem, v);
+        if (NCDVal_IsInvalid(*out)) {
+            ModuleLog(o->i, BLOG_ERROR, "NCDVal_NewString failed");
+        }
+        return 1;
+    }
+    
+    return 0;
+}
+
+static const struct NCDModule modules[] = {
+    {
+        .type = "net.ipv6.addr_in_network",
+        .func_new2 = func_new_normal,
+        .func_getvar = func_getvar,
+        .alloc_size = sizeof(struct instance)
+    }, {
+        .type = "net.ipv6.ifnot_addr_in_network",
+        .func_new2 = func_new_ifnot,
+        .func_getvar = func_getvar,
+        .alloc_size = sizeof(struct instance)
+    }, {
+        .type = NULL
+    }
+};
+
+const struct NCDModuleGroup ncdmodule_net_ipv6_addr_in_network = {
+    .modules = modules
+};

ncd/tests/addr_in_network.ncd

@@ -0,0 +1,60 @@
+process main {
+    net.ipv4.addr_in_network("192.168.6.0", "192.168.6.0", "24") r;
+    assert(r);
+    
+    net.ipv4.addr_in_network("192.168.6.0", "192.168.6.0/24") r;
+    assert(r);
+    
+    net.ipv4.addr_in_network("192.168.6.1", "192.168.6.0", "24") r;
+    assert(r);
+    
+    net.ipv4.addr_in_network("192.168.6.255", "192.168.6.0", "24") r;
+    assert(r);
+    
+    net.ipv4.addr_in_network("192.168.5.255", "192.168.6.0", "24") r;
+    not(r) r;
+    assert(r);
+    
+    net.ipv4.addr_in_network("192.168.7.0", "192.168.6.0", "24") r;
+    not(r) r;
+    assert(r);
+    
+    net.ipv4.addr_in_network("192.168.7.0", "192.168.6.0/24") r;
+    not(r) r;
+    assert(r);
+    
+    net.ipv4.addr_in_network("0.0.0.0", "192.168.6.0", "0") r;
+    assert(r);
+    
+    net.ipv4.addr_in_network("0.0.0.0", "0.0.0.0", "0") r;
+    assert(r);
+    
+    net.ipv4.addr_in_network("255.255.255.255", "0.0.0.0", "0") r;
+    assert(r);
+    
+    net.ipv6.addr_in_network("::123:0", "::123:0/112") r;
+    assert(r);
+    
+    net.ipv6.addr_in_network("::123:1", "::123:0/112") r;
+    assert(r);
+    
+    net.ipv6.addr_in_network("::123:ffff", "::123:0/112") r;
+    assert(r);
+    
+    net.ipv6.addr_in_network("::123:ffff", "::123:ffff/128") r;
+    assert(r);
+    
+    net.ipv6.addr_in_network("::122:ffff", "::123:0/112") r;
+    not(r) r;
+    assert(r);
+    
+    net.ipv6.addr_in_network("::124:0", "::123:0/112") r;
+    not(r) r;
+    assert(r);
+    
+    net.ipv6.addr_in_network("::123:fffe", "::123:ffff/128") r;
+    not(r) r;
+    assert(r);
+    
+    exit("0");
+}