summaryrefslogtreecommitdiffstats
path: root/src/util/util.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/util/util.c')
-rw-r--r--src/util/util.c57
1 files changed, 57 insertions, 0 deletions
diff --git a/src/util/util.c b/src/util/util.c
index fb3bed14..9ab154db 100644
--- a/src/util/util.c
+++ b/src/util/util.c
@@ -22,6 +22,7 @@
#include <netdb.h>
#include <poll.h>
#include <sys/socket.h>
+#include <arpa/inet.h>
#include "talloc.h"
#include "util/util.h"
@@ -739,3 +740,59 @@ bool is_host_in_domain(const char *host, const char *domain)
return false;
}
+
+/* addr is in network order for both IPv4 and IPv6 versions */
+bool check_ipv4_addr(struct in_addr *addr, uint8_t flags)
+{
+ char straddr[INET_ADDRSTRLEN];
+
+ if (inet_ntop(AF_INET, addr, straddr, INET_ADDRSTRLEN) == NULL) {
+ DEBUG(SSSDBG_MINOR_FAILURE,
+ ("inet_ntop failed, won't log IP addresses\n"));
+ snprintf(straddr, INET_ADDRSTRLEN, "unknown");
+ }
+
+ if ((flags & SSS_NO_MULTICAST) && IN_MULTICAST(ntohl(addr->s_addr))) {
+ DEBUG(SSSDBG_FUNC_DATA, ("Multicast IPv4 address %s\n", straddr));
+ return false;
+ } else if ((flags & SSS_NO_LOOPBACK)
+ && inet_netof(*addr) == IN_LOOPBACKNET) {
+ DEBUG(SSSDBG_FUNC_DATA, ("Loopback IPv4 address %s\n", straddr));
+ return false;
+ } else if ((flags & SSS_NO_LINKLOCAL)
+ && (addr->s_addr & htonl(0xffff0000)) == htonl(0xa9fe0000)) {
+ /* 169.254.0.0/16 */
+ DEBUG(SSSDBG_FUNC_DATA, ("Link-local IPv4 address %s\n", straddr));
+ return false;
+ } else if ((flags & SSS_NO_BROADCAST)
+ && addr->s_addr == htonl(INADDR_BROADCAST)) {
+ DEBUG(SSSDBG_FUNC_DATA, ("Broadcast IPv4 address %s\n", straddr));
+ return false;
+ }
+
+ return true;
+}
+
+bool check_ipv6_addr(struct in6_addr *addr, uint8_t flags)
+{
+ char straddr[INET6_ADDRSTRLEN];
+
+ if (inet_ntop(AF_INET6, addr, straddr, INET6_ADDRSTRLEN) == NULL) {
+ DEBUG(SSSDBG_MINOR_FAILURE,
+ ("inet_ntop failed, won't log IP addresses\n"));
+ snprintf(straddr, INET6_ADDRSTRLEN, "unknown");
+ }
+
+ if ((flags & SSS_NO_LINKLOCAL) && IN6_IS_ADDR_LINKLOCAL(addr)) {
+ DEBUG(SSSDBG_FUNC_DATA, ("Link local IPv6 address %s\n", straddr));
+ return false;
+ } else if ((flags & SSS_NO_LOOPBACK) && IN6_IS_ADDR_LOOPBACK(addr)) {
+ DEBUG(SSSDBG_FUNC_DATA, ("Loopback IPv6 address %s\n", straddr));
+ return false;
+ } else if ((flags & SSS_NO_MULTICAST) && IN6_IS_ADDR_MULTICAST(addr)) {
+ DEBUG(SSSDBG_FUNC_DATA, ("Multicast IPv6 address %s\n", straddr));
+ return false;
+ }
+
+ return true;
+}
generated by cgit (git 2.34.1) at 2025-10-04 06:02:42 +0000