From 16b0383c4fb2fba9edd201e7e77933452bb3f60d Mon Sep 17 00:00:00 2001
From: "Jean-Marc Pigeon (Delson)" <jmp@safe.ca>
Date: Thu, 15 Aug 2024 19:59:00 -0400
Subject: [PATCH] checking ipV4 and IPV6 with SPF seems to be working

---
 lib/subafn.c | 99 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 lib/subafn.h |  3 ++
 lib/subrou.c |  2 +-
 lib/unidns.c | 20 +++++++++--
 4 files changed, 121 insertions(+), 3 deletions(-)

diff --git a/lib/subafn.c b/lib/subafn.c
index c7e57ef..e5b16c2 100644
--- a/lib/subafn.c
+++ b/lib/subafn.c
@@ -21,6 +21,43 @@ static  _Bool modopen;          //module open/close status
 */
 /********************************************************/
 /*                                                      */
+/*	Routine to compare 2 IP num, can be 	        */
+/*	IPV4 or IPV6 IP number.			        */
+/*      return true if match within mask.               */
+/*                                                      */
+/********************************************************/
+static _Bool cmpip(AFNTYP *ipnum1,AFNTYP *ipnum2,int mask)
+
+{
+_Bool areequal;
+int maskbyt;
+
+areequal=false;
+if (mask>128)
+  mask=128;
+maskbyt=mask/8;
+if (memcmp(ipnum1->ip,ipnum2->ip,maskbyt)==0) {
+  areequal=true;
+  mask%=8;
+  if (mask!=0) {
+    int maskbit;
+    int b1;
+    int b2;
+
+    maskbit=(~0U<<(8-mask)); 
+    b1=((int)ipnum1->ip[maskbyt])&maskbit;
+    b2=((int)ipnum2->ip[maskbyt])&maskbit;
+    if (b1!=b2)
+      areequal=false;
+    }
+  }
+return areequal;
+}
+/*
+
+*/
+/********************************************************/
+/*                                                      */
 /*	Routine to fee memory used by an AFNTYP         */
 /*                                                      */
 /********************************************************/
@@ -170,6 +207,68 @@ return afnnum;
 */
 /********************************************************/
 /*                                                      */
+/*	Routine to compare two ipnum by taking	        */
+/*	mask ip_ipbits, return true if ipbits	        */
+/*	are identical, false otherwise.		        */
+/*	return -1 if unexpected type		        */
+/*                                                      */
+/********************************************************/
+int afn_cmpipnum(AFNTYP *afnnum1,AFNTYP *afnnum2,int mask)
+
+{
+int areequal;
+int phase;
+int proceed;
+
+areequal=false;
+phase=0;
+proceed=true;
+while (proceed==true) {
+  switch (phase) {
+    case 0	:	/*two ipnum really	*/
+      if ((afnnum1==(AFNTYP *)0)||(afnnum2==(AFNTYP *)0))
+	proceed=false;	/*no need to go further	*/
+      break;
+    case 1	:	/*is mask 0, all IP ok	*/
+      if (mask==0) {
+	areequal=true;
+	proceed=false;
+	}
+      break;
+    case 2	:	/*two ipnum same type	*/
+      if (afnnum1->afntype!=afnnum2->afntype)
+	proceed=false;	/*no need to go further	*/
+      break;
+    case 3	:	/*lets compare ip	*/
+      if (mask>128)
+	mask=128;
+      switch(afnnum1->afntype) {
+	case AF_INET	:
+	  if (mask>32)
+	    mask=32;
+          // fall through
+	case AF_INET6	:
+	  areequal=(int)cmpip(afnnum1,afnnum2,mask);
+	  break;
+	default		:
+	  errno=EAFNOSUPPORT;
+	  areequal=-1;
+	  break;
+	}
+      break;
+    default	:	/*SAFE guard		*/
+      proceed=false;
+      break;
+    }
+  phase++;
+  }
+return areequal;
+}
+/*
+^L
+*/
+/********************************************************/
+/*                                                      */
 /*	Procedure to "open/close" module and do         */
 /*      homework purpose                                */
 /*      return zero if everything right                 */
diff --git a/lib/subafn.h b/lib/subafn.h
index bd5b160..119dff1 100644
--- a/lib/subafn.h
+++ b/lib/subafn.h
@@ -33,6 +33,9 @@ extern char *afn_stripnum(AFNTYP *afnnum);
 //procedure to convert a IP as string to an AFNTYP structure
 extern AFNTYP *afn_getipnum(char *cleanipstr);
 
+//procedure to compare 2 same class IP according a mask value
+extern int afn_cmpipnum(AFNTYP *afnnum1,AFNTYP *afnnum2,int mask);
+
 //homework to be done before starting/stoping module.
 extern int afn_modesubafn(_Bool mode);
 
diff --git a/lib/subrou.c b/lib/subrou.c
index c75ff11..50b71db 100644
--- a/lib/subrou.c
+++ b/lib/subrou.c
@@ -21,7 +21,7 @@
 
 //version definition 
 #define VERSION "0.4.2"
-#define RELEASE "11"
+#define RELEASE "12"
 
 //Public variables
 PUBLIC  int debug=0;            //debug level
diff --git a/lib/unidns.c b/lib/unidns.c
index d76f1b0..2fd72de 100644
--- a/lib/unidns.c
+++ b/lib/unidns.c
@@ -10,6 +10,7 @@
 #include        <resolv.h>
 #include        <stdbool.h>
 #include        <stdio.h>
+#include        <stdlib.h>
 #include        <string.h>
 #include        <unistd.h>
 
@@ -168,9 +169,23 @@ static _Bool checkip(AFNTYP *afnnum,char *seq)
 
 {
 _Bool bingo;
+AFNTYP *target;
+char *ptr;
+int cidr;
+char *got;
 
 bingo=false;
-(void) printf("JMPDBG checkip peerip=<%s> seq=<%s>\n",afnnum->strnumip,seq);
+cidr=128;
+if ((seq!=(char *)0)&&((ptr=strchr(seq,'/'))!=(char *)0)) {
+  *ptr='\000'; 
+  cidr=atoi(ptr+1);
+  }
+(void) printf("JMPDBG seq=<%s> cidr='%d'\n",seq,cidr);
+target=afn_getipnum(seq);
+got=afn_stripnum(target);
+bingo=(_Bool)afn_cmpipnum(afnnum,target,cidr);
+(void) printf("JMPDBG checkip bingo='%d' peerip=<%s> seq=<%s> got=<%s>\n",
+              bingo,afnnum->strnumip,seq,got);
 return bingo;
 }
 /*
@@ -224,7 +239,8 @@ while (proceed==true) {
         case mch_all            :       //usually last in sequence
           spf=locspf;
           break;
-        case mch_ip4            :       //include sub domain
+        case mch_ip4            :       //This is IPV4 number
+        case mch_ip6            :       //This is IPV6 number
           if (checkip(afnnum,seq+1)==true)
             spf=locspf;
           break;
-- 
2.47.3