/*

 * Copyright (C) 2014-2016 Free Software Foundation, Inc.

 * Copyright (C) 2016 Red Hat, Inc.

 *

 * Authors: Nikos Mavrogiannopoulos, Daiki Ueno, Martin Ukrop

 *

 * This file is part of GnuTLS.

 *

 * The GnuTLS is free software; you can redistribute it and/or

 * modify it under the terms of the GNU Lesser General Public License

 * as published by the Free Software Foundation; either version 2.1 of

 * the License, or (at your option) any later version.

 *

 * This library is distributed in the hope that it will be useful, but

 * WITHOUT ANY WARRANTY; without even the implied warranty of

 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

 * Lesser General Public License for more details.

 *

 * You should have received a copy of the GNU Lesser General Public License

 * along with this program.  If not, see <https://www.gnu.org/licenses/>

 *

 */

#ifndef GNUTLS_LIB_X509_IP_IN_CIDR_H

#define GNUTLS_LIB_X509_IP_IN_CIDR_H

/*-

 * ip_in_cidr:

 * @ip: IP datum (IPv4 or IPv6)

 * @cidr: CIDR datum (IPv4 or IPv6)

 *

 * Check if @ip lies in the given @cidr range.

 * The @ip version must match the @cidr version (v4/v6),

 * (this is not checked).

 *

 * Returns: 1 if @ip lies within @cidr, 0 otherwise

 -*/

static unsigned ip_in_cidr(const gnutls_datum_t *ip, const gnutls_datum_t *cidr)

{

  unsigned byte;

#ifndef BUILD_IN_TESTS

  char str_ip[48];

  char str_cidr[97];

  _gnutls_hard_log("matching %.*s with CIDR constraint %.*s\n",

       (int)sizeof(str_ip),

       _gnutls_ip_to_string(ip->data, ip->size, str_ip,

                sizeof(str_ip)),

       (int)sizeof(str_cidr),

       _gnutls_cidr_to_string(cidr->data, cidr->size,

            str_cidr, sizeof(str_cidr)));

#endif

  for (byte = 0; byte < ip->size; byte++)

    if (((ip->data[byte] ^ cidr->data[byte]) &

         cidr->data[ip->size + byte]) != 0)

      return 0;

  return 1; /* match */

}

#endif /* GNUTLS_LIB_X509_IP_IN_CIDR_H */