[Git][NTPsec/ntpsec][master] 2 commits: Change netof() to netof6(). IPv6 only.

Gary E. Miller gitlab at mg.gitlab.com
Fri Jun 9 02:55:34 UTC 2017 

Gary E. Miller pushed to branch master at NTPsec / ntpsec


Commits:
5ea2eb15 by Gary E. Miller at 2017-06-08T17:40:12-07:00
Change netof() to netof6().  IPv6 only.

netof() never did anything useful with IPv4, and was never used
on IPv6.  Not really useful on IPv6, it just masks an IPv6 to /64.

- - - - -
1f40056d by Gary E. Miller at 2017-06-08T19:42:02-07:00
restrict: Ignore CIDR in restrict address.

One small step to accepting CIDR notation.

This is now accepted: restrict 10.169.0.0/16
But is is the same as: restrict 10.169.0.0 mask 255.255.255.255

- - - - -


6 changed files:

- include/ntp_stdlib.h
- libntp/netof.c
- ntpd/ntp_config.c
- ntpd/ntp_io.c
- tests/common/tests_main.c
- tests/libntp/netof.c


Changes:

=====================================
include/ntp_stdlib.h
=====================================
--- a/include/ntp_stdlib.h
+++ b/include/ntp_stdlib.h
@@ -120,7 +120,7 @@ extern	const char * res_access_flags(unsigned short);
 extern	const char * k_st_flags	(uint32_t);
 #endif
 extern	char *	statustoa	(int, int);
-extern	sockaddr_u * netof	(sockaddr_u *);
+extern	sockaddr_u * netof6	(sockaddr_u *);
 extern	char *	numtoa		(uint32_t);
 extern	const char * socktoa	(const sockaddr_u *);
 extern	const char * sockporttoa(const sockaddr_u *);


=====================================
libntp/netof.c
=====================================
--- a/libntp/netof.c
+++ b/libntp/netof.c
@@ -1,6 +1,12 @@
 /* 
- * netof - return the net address part of an ip address in a sockaddr_storage structure
- *         (zero out host part)
+ * netof6 - return the net address part of an IPv6 address
+ *  in a sockaddr_storage structure (zero out host part)
+ *
+ * expect it does not really do that, it ASSumes /64
+ *
+ * returns points to a 8 position static array.  Each
+ * position used in turn.
+ *
  */
 #include "config.h"
 #include <stdio.h>
@@ -11,13 +17,12 @@
 #include "ntp.h"
 
 sockaddr_u *
-netof(
+netof6(
 	sockaddr_u *hostaddr
 	)
 {
 	static sockaddr_u	netofbuf[8];
 	static int		next_netofbuf;
-	uint32_t		netnum;
 	sockaddr_u *		netaddr;
 
 	netaddr = &netofbuf[next_netofbuf];
@@ -25,27 +30,12 @@ netof(
 
 	memcpy(netaddr, hostaddr, sizeof(*netaddr));
 
-	if (IS_IPV4(netaddr)) {
-		netnum = SRCADR(netaddr);
-
-		/*
-		 * We live in a modern CIDR world where the basement nets, which
-		 * used to be class A, are now probably associated with each
-		 * host address. So, for class-A nets, all bits are significant.
-		 */
-		if (IN_CLASSC(netnum))
-			netnum &= IN_CLASSC_NET;
-		else if (IN_CLASSB(netnum))
-			netnum &= IN_CLASSB_NET;
-
-		SET_ADDR4(netaddr, netnum);
-
-	} else if (IS_IPV6(netaddr))
+	if (IS_IPV6(netaddr))
 		/* assume the typical /64 subnet size */
 		zero_mem(&NSRCADR6(netaddr)[8], 8);
 #ifdef DEBUG
 	else {
-		msyslog(LOG_ERR, "netof unknown AF %d", AF(netaddr));
+		msyslog(LOG_ERR, "Not IPv6, AF %d", AF(netaddr));
 		exit(1);
 	}
 #endif


=====================================
ntpd/ntp_config.c
=====================================
--- a/ntpd/ntp_config.c
+++ b/ntpd/ntp_config.c
@@ -1716,8 +1716,16 @@ config_access(
 				continue;
 			}
 		} else {
+                        char *mp;
+
 			/* Resolve the specified address */
 			AF(&addr) = (u_short)my_node->addr->type;
+                        /* CIDR notation? */
+                        mp = strrchr(my_node->addr->address, '/');
+                        if (mp) {
+                                *mp++ = '\0'; /* get rid of the '/' */
+                                /* someday convert CIDR to mask */
+                        }
 
 			if (getnetnum(my_node->addr->address,
 				      &addr) != 1) {


=====================================
ntpd/ntp_io.c
=====================================
--- a/ntpd/ntp_io.c
+++ b/ntpd/ntp_io.c
@@ -3002,7 +3002,7 @@ findbcastinter(
 			if (SOCK_EQ(&iface->bcast, addr))
 				break;
 
-			if (SOCK_EQ(netof(&iface->sin), netof(addr)))
+			if (SOCK_EQ(netof6(&iface->sin), netof6(addr)))
 				break;
 		}
 	}


=====================================
tests/common/tests_main.c
=====================================
--- a/tests/common/tests_main.c
+++ b/tests/common/tests_main.c
@@ -49,7 +49,7 @@ static void RunAllTests(void)
 	RUN_TEST_GROUP(lfptostr);
 	RUN_TEST_GROUP(macencrypt);
 	RUN_TEST_GROUP(msyslog);
-	RUN_TEST_GROUP(netof);
+	RUN_TEST_GROUP(netof6);
 	RUN_TEST_GROUP(numtoa);
 	RUN_TEST_GROUP(prettydate);
 	RUN_TEST_GROUP(recvbuff);


=====================================
tests/libntp/netof.c
=====================================
--- a/tests/libntp/netof.c
+++ b/tests/libntp/netof.c
@@ -4,50 +4,19 @@
 #include "unity.h"
 #include "unity_fixture.h"
 
-TEST_GROUP(netof);
+TEST_GROUP(netof6);
 
-TEST_SETUP(netof) {}
+TEST_SETUP(netof6) {}
 
-TEST_TEAR_DOWN(netof) {}
+TEST_TEAR_DOWN(netof6) {}
 
 #include "sockaddrtest.h"
 
 
-TEST(netof, ClassBAddress) {
-	sockaddr_u input = CreateSockaddr4("172.16.2.1", NTP_PORT);
-	sockaddr_u expected = CreateSockaddr4("172.16.0.0", NTP_PORT);
-
-	sockaddr_u* actual = netof(&input);
-
-	TEST_ASSERT_NOT_NULL(actual);
-	TEST_ASSERT_TRUE(IsEqualS(&expected, actual));
-}
-
-TEST(netof, ClassCAddress) {
-	sockaddr_u input = CreateSockaddr4("192.0.2.255", NTP_PORT);
-	sockaddr_u expected = CreateSockaddr4("192.0.2.0", NTP_PORT);
-
-	sockaddr_u* actual = netof(&input);
-
-	TEST_ASSERT_NOT_NULL(actual);
-	TEST_ASSERT_TRUE(IsEqualS(&expected, actual));
-}
-
-TEST(netof, ClassAAddress) {
-	/* Class A addresses are assumed to be classless,
-	 * thus the same address should be returned.
-	 */
-	sockaddr_u input = CreateSockaddr4("10.20.30.40", NTP_PORT);
-	sockaddr_u expected = CreateSockaddr4("10.20.30.40", NTP_PORT);
-
-	sockaddr_u* actual = netof(&input);
-
-	TEST_ASSERT_NOT_NULL(actual);
-	TEST_ASSERT_TRUE(IsEqualS(&expected, actual));
-}
-
-TEST(netof, IPv6Address) {
-	/* IPv6 addresses are assumed to have 64-bit host- and 64-bit network parts. */
+TEST(netof6, IPv6Address) {
+	/* IPv6 addresses are assumed to have 64-bit host
+         * and 64-bit network parts.
+         */
 	const struct in6_addr input_address = {{{
 		0x20, 0x01, 0x0d, 0xb8,
         0x85, 0xa3, 0x08, 0xd3,
@@ -72,15 +41,12 @@ TEST(netof, IPv6Address) {
 	SET_SOCK_ADDR6(&expected, expected_address);
 	SET_PORT(&expected, 3000);
 
-	sockaddr_u* actual = netof(&input);
+	sockaddr_u* actual = netof6(&input);
 
 	TEST_ASSERT_NOT_NULL(actual);
 	TEST_ASSERT_TRUE(IsEqualS(&expected, actual));
 }
 
-TEST_GROUP_RUNNER(netof) {
-	RUN_TEST_CASE(netof, ClassBAddress);
-	RUN_TEST_CASE(netof, ClassCAddress);
-	RUN_TEST_CASE(netof, ClassAAddress);
-	RUN_TEST_CASE(netof, IPv6Address);
+TEST_GROUP_RUNNER(netof6) {
+	RUN_TEST_CASE(netof6, IPv6Address);
 }



View it on GitLab: https://gitlab.com/NTPsec/ntpsec/compare/9e940cf11ec43879a337a08dd3423b519846588f...1f40056d7d1190b1732ad3f4b6db8f15f24334b6

---
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/compare/9e940cf11ec43879a337a08dd3423b519846588f...1f40056d7d1190b1732ad3f4b6db8f15f24334b6
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20170609/4df4ad2b/attachment.html>

More information about the vc mailing list