wireguard-apple/Sources/WireGuardKit/IPAddressRange.swift

// SPDX-License-Identifier: MIT
// Copyright © 2018-2020 WireGuard LLC. All Rights Reserved.

import Foundation
import Network

public struct IPAddressRange {
    public let address: IPAddress
    public let networkPrefixLength: UInt8

    init(address: IPAddress, networkPrefixLength: UInt8) {
        self.address = address
        self.networkPrefixLength = networkPrefixLength
    }
}

extension IPAddressRange: Equatable {
    public static func == (lhs: IPAddressRange, rhs: IPAddressRange) -> Bool {
        return lhs.address.rawValue == rhs.address.rawValue && lhs.networkPrefixLength == rhs.networkPrefixLength
    }
}

extension IPAddressRange: Hashable {
    public func hash(into hasher: inout Hasher) {
        hasher.combine(address.rawValue)
        hasher.combine(networkPrefixLength)
    }
}

extension IPAddressRange {
    public var stringRepresentation: String {
        return "\(address)/\(networkPrefixLength)"
    }

    public init?(from string: String) {
        guard let parsed = IPAddressRange.parseAddressString(string) else { return nil }
        address = parsed.0
        networkPrefixLength = parsed.1
    }

    private static func parseAddressString(_ string: String) -> (IPAddress, UInt8)? {
        let endOfIPAddress = string.lastIndex(of: "/") ?? string.endIndex
        let addressString = String(string[string.startIndex ..< endOfIPAddress])
        let address: IPAddress
        if let addr = IPv4Address(addressString) {
            address = addr
        } else if let addr = IPv6Address(addressString) {
            address = addr
        } else {
            return nil
        }

        let maxNetworkPrefixLength: UInt8 = address is IPv4Address ? 32 : 128
        var networkPrefixLength: UInt8
        if endOfIPAddress < string.endIndex { // "/" was located
            let indexOfNetworkPrefixLength = string.index(after: endOfIPAddress)
            guard indexOfNetworkPrefixLength < string.endIndex else { return nil }
            let networkPrefixLengthSubstring = string[indexOfNetworkPrefixLength ..< string.endIndex]
            guard let npl = UInt8(networkPrefixLengthSubstring) else { return nil }
            networkPrefixLength = min(npl, maxNetworkPrefixLength)
        } else {
            networkPrefixLength = maxNetworkPrefixLength
        }

        return (address, networkPrefixLength)
    }

    public func subnetMask() -> IPAddress {
        if address is IPv4Address {
            let mask = networkPrefixLength > 0 ? ~UInt32(0) << (32 - networkPrefixLength) : UInt32(0)
            let bytes = Data([
                UInt8(truncatingIfNeeded: mask >> 24),
                UInt8(truncatingIfNeeded: mask >> 16),
                UInt8(truncatingIfNeeded: mask >> 8),
                UInt8(truncatingIfNeeded: mask >> 0)
            ])
            return IPv4Address(bytes)!
        }
        if address is IPv6Address {
            var bytes = Data(repeating: 0, count: 16)
            for i in 0..<Int(networkPrefixLength/8) {
                bytes[i] = 0xff
            }
            let nibble = networkPrefixLength % 32
            if nibble != 0 {
                let mask = ~UInt32(0) << (32 - nibble)
                let i = Int(networkPrefixLength / 32 * 4)
                bytes[i + 0] = UInt8(truncatingIfNeeded: mask >> 24)
                bytes[i + 1] = UInt8(truncatingIfNeeded: mask >> 16)
                bytes[i + 2] = UInt8(truncatingIfNeeded: mask >> 8)
                bytes[i + 3] = UInt8(truncatingIfNeeded: mask >> 0)
            }
            return IPv6Address(bytes)!
        }
        fatalError()
    }

    public func maskedAddress() -> IPAddress {
        let subnet = subnetMask().rawValue
        var masked = Data(address.rawValue)
        if subnet.count != masked.count {
            fatalError()
        }
        for i in 0..<subnet.count {
            masked[i] &= subnet[i]
        }
        if subnet.count == 4 {
            return IPv4Address(masked)!
        }
        if subnet.count == 16 {
            return IPv6Address(masked)!
        }
        fatalError()
    }
}
Smaller copyright headers Signed-off-by: Roopesh Chander <roop@roopc.net> 2018-10-24 01:37:28 +00:00			`// SPDX-License-Identifier: MIT`
global: bump year in header A bit overdue, but better late than never. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> 2020-12-04 11:15:29 +00:00			`// Copyright © 2018-2020 WireGuard LLC. All Rights Reserved.`
Model for an IP Address range Signed-off-by: Roopesh Chander <roop@roopc.net> 2018-10-13 13:29:42 +00:00
			`import Foundation`
			`import Network`

WireGuardKit: Set public access level for shared structs Signed-off-by: Andrej Mihajlov <and@mullvad.net> 2020-11-05 11:23:06 +00:00			`public struct IPAddressRange {`
			`public let address: IPAddress`
			`public let networkPrefixLength: UInt8`
Nuke trailing spaces Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> 2018-12-21 22:34:56 +00:00
Updated NETunnelProvider save format Signed-off-by: Eric Kuck <eric@bluelinelabs.com> 2018-12-21 04:52:45 +00:00			`init(address: IPAddress, networkPrefixLength: UInt8) {`
			`self.address = address`
			`self.networkPrefixLength = networkPrefixLength`
			`}`
Model for an IP Address range Signed-off-by: Roopesh Chander <roop@roopc.net> 2018-10-13 13:29:42 +00:00			`}`

All models now Equatable Signed-off-by: Eric Kuck <eric@bluelinelabs.com> 2018-12-22 04:41:54 +00:00			`extension IPAddressRange: Equatable {`
WireGuardKit: Set public access level for shared structs Signed-off-by: Andrej Mihajlov <and@mullvad.net> 2020-11-05 11:23:06 +00:00			`public static func == (lhs: IPAddressRange, rhs: IPAddressRange) -> Bool {`
All models now Equatable Signed-off-by: Eric Kuck <eric@bluelinelabs.com> 2018-12-22 04:41:54 +00:00			`return lhs.address.rawValue == rhs.address.rawValue && lhs.networkPrefixLength == rhs.networkPrefixLength`
			`}`
			`}`

			`extension IPAddressRange: Hashable {`
WireGuardKit: Set public access level for shared structs Signed-off-by: Andrej Mihajlov <and@mullvad.net> 2020-11-05 11:23:06 +00:00			`public func hash(into hasher: inout Hasher) {`
All models now Equatable Signed-off-by: Eric Kuck <eric@bluelinelabs.com> 2018-12-22 04:41:54 +00:00			`hasher.combine(address.rawValue)`
			`hasher.combine(networkPrefixLength)`
			`}`
			`}`

Model: IPAddressRange: Converting to and from String Signed-off-by: Roopesh Chander <roop@roopc.net> 2018-10-19 03:45:37 +00:00			`extension IPAddressRange {`
WireGuardKit: Set public access level for shared structs Signed-off-by: Andrej Mihajlov <and@mullvad.net> 2020-11-05 11:23:06 +00:00			`public var stringRepresentation: String {`
Updated NETunnelProvider save format Signed-off-by: Eric Kuck <eric@bluelinelabs.com> 2018-12-21 04:52:45 +00:00			`return "\(address)/\(networkPrefixLength)"`
			`}`
Nuke trailing spaces Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> 2018-12-21 22:34:56 +00:00
WireGuardKit: Set public access level for shared structs Signed-off-by: Andrej Mihajlov <and@mullvad.net> 2020-11-05 11:23:06 +00:00			`public init?(from string: String) {`
Updated NETunnelProvider save format Signed-off-by: Eric Kuck <eric@bluelinelabs.com> 2018-12-21 04:52:45 +00:00			`guard let parsed = IPAddressRange.parseAddressString(string) else { return nil }`
			`address = parsed.0`
			`networkPrefixLength = parsed.1`
			`}`
Nuke trailing spaces Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> 2018-12-21 22:34:56 +00:00
Updated NETunnelProvider save format Signed-off-by: Eric Kuck <eric@bluelinelabs.com> 2018-12-21 04:52:45 +00:00			`private static func parseAddressString(_ string: String) -> (IPAddress, UInt8)? {`
Model: IP address can be specified without '/cidr' Signed-off-by: Roopesh Chander <roop@roopc.net> 2018-10-30 08:15:16 +00:00			`let endOfIPAddress = string.lastIndex(of: "/") ?? string.endIndex`
			`let addressString = String(string[string.startIndex ..< endOfIPAddress])`
			`let address: IPAddress`
Model: IPAddressRange: Converting to and from String Signed-off-by: Roopesh Chander <roop@roopc.net> 2018-10-19 03:45:37 +00:00			`if let addr = IPv4Address(addressString) {`
Global: swiftlint autocorrect --format Signed-off-by: Roopesh Chander <roop@roopc.net> 2018-11-06 17:12:53 +00:00			`address = addr`
Model: IPAddressRange: Converting to and from String Signed-off-by: Roopesh Chander <roop@roopc.net> 2018-10-19 03:45:37 +00:00			`} else if let addr = IPv6Address(addressString) {`
			`address = addr`
			`} else {`
			`return nil`
			`}`
Nuke trailing spaces Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> 2018-12-21 22:34:56 +00:00
Updated NETunnelProvider save format Signed-off-by: Eric Kuck <eric@bluelinelabs.com> 2018-12-21 04:52:45 +00:00			`let maxNetworkPrefixLength: UInt8 = address is IPv4Address ? 32 : 128`
Model: IP address can be specified without '/cidr' Signed-off-by: Roopesh Chander <roop@roopc.net> 2018-10-30 08:15:16 +00:00			`var networkPrefixLength: UInt8`
Added swiftlint and fixed all errors (and a bunch, but not all, warnings) Signed-off-by: Eric Kuck <eric@bluelinelabs.com> 2018-12-12 17:40:57 +00:00			`if endOfIPAddress < string.endIndex { // "/" was located`
Model: IP address can be specified without '/cidr' Signed-off-by: Roopesh Chander <roop@roopc.net> 2018-10-30 08:15:16 +00:00			`let indexOfNetworkPrefixLength = string.index(after: endOfIPAddress)`
Added swiftlint and fixed all errors (and a bunch, but not all, warnings) Signed-off-by: Eric Kuck <eric@bluelinelabs.com> 2018-12-12 17:40:57 +00:00			`guard indexOfNetworkPrefixLength < string.endIndex else { return nil }`
Model: IP address can be specified without '/cidr' Signed-off-by: Roopesh Chander <roop@roopc.net> 2018-10-30 08:15:16 +00:00			`let networkPrefixLengthSubstring = string[indexOfNetworkPrefixLength ..< string.endIndex]`
			`guard let npl = UInt8(networkPrefixLengthSubstring) else { return nil }`
			`networkPrefixLength = min(npl, maxNetworkPrefixLength)`
Model: IPAddressRange: Converting to and from String Signed-off-by: Roopesh Chander <roop@roopc.net> 2018-10-19 03:45:37 +00:00			`} else {`
Model: IP address can be specified without '/cidr' Signed-off-by: Roopesh Chander <roop@roopc.net> 2018-10-30 08:15:16 +00:00			`networkPrefixLength = maxNetworkPrefixLength`
Model: IPAddressRange: Converting to and from String Signed-off-by: Roopesh Chander <roop@roopc.net> 2018-10-19 03:45:37 +00:00			`}`
Nuke trailing spaces Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> 2018-12-21 22:34:56 +00:00
Updated NETunnelProvider save format Signed-off-by: Eric Kuck <eric@bluelinelabs.com> 2018-12-21 04:52:45 +00:00			`return (address, networkPrefixLength)`
Model: IPAddressRange: Converting to and from String Signed-off-by: Roopesh Chander <roop@roopc.net> 2018-10-19 03:45:37 +00:00			`}`
Kit: netcfg: add explicit IP mask routes macOS will use the wrong source address unless we add explicit routes that mention the self-pointing gateway. Actually, it won't add any implicit routes on its own, so in order to route the masks of the addresses, we have to add our own routes explicitly. However, this still doesn't fix the problem while inside of the network extension, even though it works outside it. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> 2021-01-01 17:26:49 +00:00
			`public func subnetMask() -> IPAddress {`
			`if address is IPv4Address {`
			`let mask = networkPrefixLength > 0 ? ~UInt32(0) << (32 - networkPrefixLength) : UInt32(0)`
			`let bytes = Data([`
			`UInt8(truncatingIfNeeded: mask >> 24),`
			`UInt8(truncatingIfNeeded: mask >> 16),`
			`UInt8(truncatingIfNeeded: mask >> 8),`
			`UInt8(truncatingIfNeeded: mask >> 0)`
			`])`
			`return IPv4Address(bytes)!`
			`}`
			`if address is IPv6Address {`
			`var bytes = Data(repeating: 0, count: 16)`
			`for i in 0..<Int(networkPrefixLength/8) {`
			`bytes[i] = 0xff`
			`}`
			`let nibble = networkPrefixLength % 32`
			`if nibble != 0 {`
			`let mask = ~UInt32(0) << (32 - nibble)`
			`let i = Int(networkPrefixLength / 32 * 4)`
			`bytes[i + 0] = UInt8(truncatingIfNeeded: mask >> 24)`
			`bytes[i + 1] = UInt8(truncatingIfNeeded: mask >> 16)`
			`bytes[i + 2] = UInt8(truncatingIfNeeded: mask >> 8)`
			`bytes[i + 3] = UInt8(truncatingIfNeeded: mask >> 0)`
			`}`
			`return IPv6Address(bytes)!`
			`}`
			`fatalError()`
			`}`

			`public func maskedAddress() -> IPAddress {`
			`let subnet = subnetMask().rawValue`
			`var masked = Data(address.rawValue)`
			`if subnet.count != masked.count {`
			`fatalError()`
			`}`
			`for i in 0..<subnet.count {`
			`masked[i] &= subnet[i]`
			`}`
			`if subnet.count == 4 {`
			`return IPv4Address(masked)!`
			`}`
			`if subnet.count == 16 {`
			`return IPv6Address(masked)!`
			`}`
			`fatalError()`
			`}`
Model: IPAddressRange: Converting to and from String Signed-off-by: Roopesh Chander <roop@roopc.net> 2018-10-19 03:45:37 +00:00			`}`