summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorOndrej Zajicek (work) <santiago@crfreenet.org>2017-04-05 16:16:04 +0200
committerOndrej Zajicek (work) <santiago@crfreenet.org>2017-04-18 13:56:40 +0200
commit4278abfe272de64556c4d6df19efc0c853527851 (patch)
treec5797a702855412fc88c04c9f1a14f73c9c71555 /lib
parent3484cb9a654cab9bd2c2b1164528d3000a22a79e (diff)
Check validity of dest w.r.t. net_type
Allow to define static roa/flow routes without dest.
Diffstat (limited to 'lib')
-rw-r--r--lib/net.c34
-rw-r--r--lib/net.h44
2 files changed, 52 insertions, 26 deletions
diff --git a/lib/net.c b/lib/net.c
index e6053812..a00ff272 100644
--- a/lib/net.c
+++ b/lib/net.c
@@ -177,33 +177,29 @@ net_hash(const net_addr *n)
case NET_ROA6: return NET_HASH(n, roa6);
case NET_FLOW4: return NET_HASH(n, flow4);
case NET_FLOW6: return NET_HASH(n, flow6);
+ case NET_MPLS: return NET_HASH(n, mpls);
default: bug("invalid type");
}
}
+#define NET_VALIDATE(a,t) net_validate_##t((const net_addr_##t *) a)
+
int
-net_validate(const net_addr *N)
+net_validate(const net_addr *n)
{
- switch (N->type)
+ switch (n->type)
{
- case NET_IP4:
- case NET_VPN4:
- case NET_ROA4:
- case NET_FLOW4:
- return net_validate_ip4((net_addr_ip4 *) N);
-
- case NET_IP6:
- case NET_VPN6:
- case NET_ROA6:
- case NET_FLOW6:
- return net_validate_ip6((net_addr_ip6 *) N);
-
- case NET_MPLS:
- return net_validate_mpls((net_addr_mpls *) N);
-
- default:
- return 0;
+ case NET_IP4: return NET_VALIDATE(n, ip4);
+ case NET_IP6: return NET_VALIDATE(n, ip6);
+ case NET_VPN4: return NET_VALIDATE(n, vpn4);
+ case NET_VPN6: return NET_VALIDATE(n, vpn6);
+ case NET_ROA4: return NET_VALIDATE(n, roa4);
+ case NET_ROA6: return NET_VALIDATE(n, roa6);
+ case NET_FLOW4: return NET_VALIDATE(n, flow4);
+ case NET_FLOW6: return NET_VALIDATE(n, flow6);
+ case NET_MPLS: return NET_VALIDATE(n, mpls);
+ default: return 0;
}
}
diff --git a/lib/net.h b/lib/net.h
index ff889e99..332f4c9a 100644
--- a/lib/net.h
+++ b/lib/net.h
@@ -37,6 +37,7 @@
#define NB_IP (NB_IP4 | NB_IP6)
#define NB_VPN (NB_VPN4 | NB_VPN6)
#define NB_FLOW (NB_FLOW4 | NB_FLOW6)
+#define NB_DEST (NB_IP | NB_VPN | NB_MPLS)
#define NB_ANY 0xffffffff
@@ -457,23 +458,52 @@ static inline u32 net_hash_mpls(const net_addr_mpls *n)
u32 net_hash(const net_addr *a);
-static inline int net_validate_ip4(const net_addr_ip4 *n)
+static inline int net_validate_px4(const ip4_addr prefix, uint pxlen)
+{
+ return (pxlen <= IP4_MAX_PREFIX_LENGTH) &&
+ ip4_zero(ip4_and(prefix, ip4_not(ip4_mkmask(pxlen))));
+}
+
+static inline int net_validate_px6(const ip6_addr prefix, uint pxlen)
{
- return (n->pxlen <= IP4_MAX_PREFIX_LENGTH) &&
- ip4_zero(ip4_and(n->prefix, ip4_not(ip4_mkmask(n->pxlen))));
+ return (pxlen <= IP6_MAX_PREFIX_LENGTH) &&
+ ip6_zero(ip6_and(prefix, ip6_not(ip6_mkmask(pxlen))));
}
+static inline int net_validate_ip4(const net_addr_ip4 *n)
+{ return net_validate_px4(n->prefix, n->pxlen); }
+
static inline int net_validate_ip6(const net_addr_ip6 *n)
+{ return net_validate_px6(n->prefix, n->pxlen); }
+
+static inline int net_validate_vpn4(const net_addr_vpn4 *n)
+{ return net_validate_px4(n->prefix, n->pxlen); }
+
+static inline int net_validate_vpn6(const net_addr_vpn6 *n)
+{ return net_validate_px6(n->prefix, n->pxlen); }
+
+static inline int net_validate_roa4(const net_addr_roa4 *n)
{
- return (n->pxlen <= IP6_MAX_PREFIX_LENGTH) &&
- ip6_zero(ip6_and(n->prefix, ip6_not(ip6_mkmask(n->pxlen))));
+ return net_validate_px4(n->prefix, n->pxlen) &&
+ (n->pxlen <= n->max_pxlen) && (n->max_pxlen <= IP4_MAX_PREFIX_LENGTH);
}
-static inline int net_validate_mpls(const net_addr_mpls *n)
+static inline int net_validate_roa6(const net_addr_roa6 *n)
{
- return n->label < (1 << 20);
+ return net_validate_px6(n->prefix, n->pxlen) &&
+ (n->pxlen <= n->max_pxlen) && (n->max_pxlen <= IP6_MAX_PREFIX_LENGTH);
}
+// FIXME: Better check, call flow_validate?
+static inline int net_validate_flow4(const net_addr_flow4 *n)
+{ return net_validate_px4(n->prefix, n->pxlen); }
+
+static inline int net_validate_flow6(const net_addr_flow6 *n)
+{ return net_validate_px6(n->prefix, n->pxlen); }
+
+static inline int net_validate_mpls(const net_addr_mpls *n)
+{ return n->label < (1 << 20); }
+
int net_validate(const net_addr *N);