static void
match_addr(krb5_context context, const char *range_addr,
const char *one_addr, int match)
{
krb5_addresses range, one;
krb5_error_code ret;
ret = krb5_parse_address(context, range_addr, &range);
if (ret)
krb5_err(context, 1, ret, "krb5_parse_address");
if (range.len != 1)
krb5_err(context, 1, ret, "wrong num of addresses");
ret = krb5_parse_address(context, one_addr, &one);
if (ret)
krb5_err(context, 1, ret, "krb5_parse_address");
if (one.len != 1)
krb5_err(context, 1, ret, "wrong num of addresses");
if (krb5_address_order(context, &range.val[0], &one.val[0]) == 0) {
if (!match)
krb5_errx(context, 1, "match when one shouldn't be");
} else {
if (match)
krb5_errx(context, 1, "no match when one should be");
}
krb5_free_addresses(context, &range);
krb5_free_addresses(context, &one);
}
krb5_boolean KRB5_LIB_FUNCTION
krb5_address_compare(krb5_context context,
const krb5_address *addr1,
const krb5_address *addr2)
{
return krb5_address_order (context, addr1, addr2) == 0;
}
static int
arange_order_addr(krb5_context context,
const krb5_address *addr1,
const krb5_address *addr2)
{
int tmp1, tmp2, sign;
struct arange *a;
const krb5_address *a2;
if(addr1->addr_type == KRB5_ADDRESS_ARANGE) {
a = addr1->address.data;
a2 = addr2;
sign = 1;
} else if(addr2->addr_type == KRB5_ADDRESS_ARANGE) {
a = addr2->address.data;
a2 = addr1;
sign = -1;
} else
abort();
if(a2->addr_type == KRB5_ADDRESS_ARANGE) {
struct arange *b = a2->address.data;
tmp1 = krb5_address_order(context, &a->low, &b->low);
if(tmp1 != 0)
return sign * tmp1;
return sign * krb5_address_order(context, &a->high, &b->high);
} else if(a2->addr_type == a->low.addr_type) {
tmp1 = krb5_address_order(context, &a->low, a2);
if(tmp1 > 0)
return sign;
tmp2 = krb5_address_order(context, &a->high, a2);
if(tmp2 < 0)
return -sign;
return 0;
} else {
return sign * (addr1->addr_type - addr2->addr_type);
}
}
static int
arange_parse_addr (krb5_context context,
const char *address, krb5_address *addr)
{
char buf[1024], *p;
krb5_address low0, high0;
struct arange *a;
krb5_error_code ret;
if(strncasecmp(address, "RANGE:", 6) != 0)
return -1;
address += 6;
p = strrchr(address, '/');
if (p) {
krb5_addresses addrmask;
char *q;
long num;
if (strlcpy(buf, address, sizeof(buf)) > sizeof(buf))
return -1;
buf[p - address] = '\0';
ret = krb5_parse_address(context, buf, &addrmask);
if (ret)
return ret;
if(addrmask.len != 1) {
krb5_free_addresses(context, &addrmask);
return -1;
}
address += p - address + 1;
num = strtol(address, &q, 10);
if (q == address || *q != '\0' || num < 0) {
krb5_free_addresses(context, &addrmask);
return -1;
}
ret = krb5_address_prefixlen_boundary(context, &addrmask.val[0], num,
&low0, &high0);
krb5_free_addresses(context, &addrmask);
if (ret)
return ret;
} else {
krb5_addresses low, high;
strsep_copy(&address, "-", buf, sizeof(buf));
ret = krb5_parse_address(context, buf, &low);
if(ret)
return ret;
if(low.len != 1) {
krb5_free_addresses(context, &low);
return -1;
}
strsep_copy(&address, "-", buf, sizeof(buf));
ret = krb5_parse_address(context, buf, &high);
if(ret) {
krb5_free_addresses(context, &low);
return ret;
}
if(high.len != 1 && high.val[0].addr_type != low.val[0].addr_type) {
krb5_free_addresses(context, &low);
krb5_free_addresses(context, &high);
return -1;
}
ret = krb5_copy_address(context, &high.val[0], &high0);
if (ret == 0) {
ret = krb5_copy_address(context, &low.val[0], &low0);
if (ret)
krb5_free_address(context, &high0);
}
krb5_free_addresses(context, &low);
krb5_free_addresses(context, &high);
if (ret)
return ret;
}
krb5_data_alloc(&addr->address, sizeof(*a));
addr->addr_type = KRB5_ADDRESS_ARANGE;
a = addr->address.data;
if(krb5_address_order(context, &low0, &high0) < 0) {
a->low = low0;
a->high = high0;
} else {
a->low = high0;
a->high = low0;
}
return 0;
}