1// Copyright 2009 The Go Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style 3// license that can be found in the LICENSE file. 4 5// IP address manipulations 6// 7// IPv4 addresses are 4 bytes; IPv6 addresses are 16 bytes. 8// An IPv4 address can be converted to an IPv6 address by 9// adding a canonical prefix (10 zeros, 2 0xFFs). 10// This library accepts either size of byte slice but always 11// returns 16-byte addresses. 12 13package net 14 15import _ "unsafe" // for go:linkname 16 17// IP address lengths (bytes). 18const ( 19 IPv4len = 4 20 IPv6len = 16 21) 22 23// An IP is a single IP address, a slice of bytes. 24// Functions in this package accept either 4-byte (IPv4) 25// or 16-byte (IPv6) slices as input. 26// 27// Note that in this documentation, referring to an 28// IP address as an IPv4 address or an IPv6 address 29// is a semantic property of the address, not just the 30// length of the byte slice: a 16-byte slice can still 31// be an IPv4 address. 32type IP []byte 33 34// An IP mask is an IP address. 35type IPMask []byte 36 37// An IPNet represents an IP network. 38type IPNet struct { 39 IP IP // network number 40 Mask IPMask // network mask 41} 42 43// IPv4 returns the IP address (in 16-byte form) of the 44// IPv4 address a.b.c.d. 45func IPv4(a, b, c, d byte) IP { 46 p := make(IP, IPv6len) 47 copy(p, v4InV6Prefix) 48 p[12] = a 49 p[13] = b 50 p[14] = c 51 p[15] = d 52 return p 53} 54 55var v4InV6Prefix = []byte{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xff, 0xff} 56 57// IPv4Mask returns the IP mask (in 4-byte form) of the 58// IPv4 mask a.b.c.d. 59func IPv4Mask(a, b, c, d byte) IPMask { 60 p := make(IPMask, IPv4len) 61 p[0] = a 62 p[1] = b 63 p[2] = c 64 p[3] = d 65 return p 66} 67 68// CIDRMask returns an IPMask consisting of `ones' 1 bits 69// followed by 0s up to a total length of `bits' bits. 70// For a mask of this form, CIDRMask is the inverse of IPMask.Size. 71func CIDRMask(ones, bits int) IPMask { 72 if bits != 8*IPv4len && bits != 8*IPv6len { 73 return nil 74 } 75 if ones < 0 || ones > bits { 76 return nil 77 } 78 l := bits / 8 79 m := make(IPMask, l) 80 n := uint(ones) 81 for i := 0; i < l; i++ { 82 if n >= 8 { 83 m[i] = 0xff 84 n -= 8 85 continue 86 } 87 m[i] = ^byte(0xff >> n) 88 n = 0 89 } 90 return m 91} 92 93// Well-known IPv4 addresses 94var ( 95 IPv4bcast = IPv4(255, 255, 255, 255) // limited broadcast 96 IPv4allsys = IPv4(224, 0, 0, 1) // all systems 97 IPv4allrouter = IPv4(224, 0, 0, 2) // all routers 98 IPv4zero = IPv4(0, 0, 0, 0) // all zeros 99) 100 101// Well-known IPv6 addresses 102var ( 103 IPv6zero = IP{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} 104 IPv6unspecified = IP{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} 105 IPv6loopback = IP{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1} 106 IPv6interfacelocalallnodes = IP{0xff, 0x01, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x01} 107 IPv6linklocalallnodes = IP{0xff, 0x02, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x01} 108 IPv6linklocalallrouters = IP{0xff, 0x02, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x02} 109) 110 111// IsUnspecified reports whether ip is an unspecified address, either 112// the IPv4 address "0.0.0.0" or the IPv6 address "::". 113func (ip IP) IsUnspecified() bool { 114 return ip.Equal(IPv4zero) || ip.Equal(IPv6unspecified) 115} 116 117// IsLoopback reports whether ip is a loopback address. 118func (ip IP) IsLoopback() bool { 119 if ip4 := ip.To4(); ip4 != nil { 120 return ip4[0] == 127 121 } 122 return ip.Equal(IPv6loopback) 123} 124 125// IsMulticast reports whether ip is a multicast address. 126func (ip IP) IsMulticast() bool { 127 if ip4 := ip.To4(); ip4 != nil { 128 return ip4[0]&0xf0 == 0xe0 129 } 130 return len(ip) == IPv6len && ip[0] == 0xff 131} 132 133// IsInterfaceLocalMulticast reports whether ip is 134// an interface-local multicast address. 135func (ip IP) IsInterfaceLocalMulticast() bool { 136 return len(ip) == IPv6len && ip[0] == 0xff && ip[1]&0x0f == 0x01 137} 138 139// IsLinkLocalMulticast reports whether ip is a link-local 140// multicast address. 141func (ip IP) IsLinkLocalMulticast() bool { 142 if ip4 := ip.To4(); ip4 != nil { 143 return ip4[0] == 224 && ip4[1] == 0 && ip4[2] == 0 144 } 145 return len(ip) == IPv6len && ip[0] == 0xff && ip[1]&0x0f == 0x02 146} 147 148// IsLinkLocalUnicast reports whether ip is a link-local 149// unicast address. 150func (ip IP) IsLinkLocalUnicast() bool { 151 if ip4 := ip.To4(); ip4 != nil { 152 return ip4[0] == 169 && ip4[1] == 254 153 } 154 return len(ip) == IPv6len && ip[0] == 0xfe && ip[1]&0xc0 == 0x80 155} 156 157// IsGlobalUnicast reports whether ip is a global unicast 158// address. 159// 160// The identification of global unicast addresses uses address type 161// identification as defined in RFC 1122, RFC 4632 and RFC 4291 with 162// the exception of IPv4 directed broadcast addresses. 163// It returns true even if ip is in IPv4 private address space or 164// local IPv6 unicast address space. 165func (ip IP) IsGlobalUnicast() bool { 166 return (len(ip) == IPv4len || len(ip) == IPv6len) && 167 !ip.Equal(IPv4bcast) && 168 !ip.IsUnspecified() && 169 !ip.IsLoopback() && 170 !ip.IsMulticast() && 171 !ip.IsLinkLocalUnicast() 172} 173 174// Is p all zeros? 175func isZeros(p IP) bool { 176 for i := 0; i < len(p); i++ { 177 if p[i] != 0 { 178 return false 179 } 180 } 181 return true 182} 183 184// To4 converts the IPv4 address ip to a 4-byte representation. 185// If ip is not an IPv4 address, To4 returns nil. 186func (ip IP) To4() IP { 187 if len(ip) == IPv4len { 188 return ip 189 } 190 if len(ip) == IPv6len && 191 isZeros(ip[0:10]) && 192 ip[10] == 0xff && 193 ip[11] == 0xff { 194 return ip[12:16] 195 } 196 return nil 197} 198 199// To16 converts the IP address ip to a 16-byte representation. 200// If ip is not an IP address (it is the wrong length), To16 returns nil. 201func (ip IP) To16() IP { 202 if len(ip) == IPv4len { 203 return IPv4(ip[0], ip[1], ip[2], ip[3]) 204 } 205 if len(ip) == IPv6len { 206 return ip 207 } 208 return nil 209} 210 211// Default route masks for IPv4. 212var ( 213 classAMask = IPv4Mask(0xff, 0, 0, 0) 214 classBMask = IPv4Mask(0xff, 0xff, 0, 0) 215 classCMask = IPv4Mask(0xff, 0xff, 0xff, 0) 216) 217 218// DefaultMask returns the default IP mask for the IP address ip. 219// Only IPv4 addresses have default masks; DefaultMask returns 220// nil if ip is not a valid IPv4 address. 221func (ip IP) DefaultMask() IPMask { 222 if ip = ip.To4(); ip == nil { 223 return nil 224 } 225 switch true { 226 case ip[0] < 0x80: 227 return classAMask 228 case ip[0] < 0xC0: 229 return classBMask 230 default: 231 return classCMask 232 } 233} 234 235func allFF(b []byte) bool { 236 for _, c := range b { 237 if c != 0xff { 238 return false 239 } 240 } 241 return true 242} 243 244// Mask returns the result of masking the IP address ip with mask. 245func (ip IP) Mask(mask IPMask) IP { 246 if len(mask) == IPv6len && len(ip) == IPv4len && allFF(mask[:12]) { 247 mask = mask[12:] 248 } 249 if len(mask) == IPv4len && len(ip) == IPv6len && bytesEqual(ip[:12], v4InV6Prefix) { 250 ip = ip[12:] 251 } 252 n := len(ip) 253 if n != len(mask) { 254 return nil 255 } 256 out := make(IP, n) 257 for i := 0; i < n; i++ { 258 out[i] = ip[i] & mask[i] 259 } 260 return out 261} 262 263// String returns the string form of the IP address ip. 264// It returns one of 4 forms: 265// - "<nil>", if ip has length 0 266// - dotted decimal ("192.0.2.1"), if ip is an IPv4 or IP4-mapped IPv6 address 267// - IPv6 ("2001:db8::1"), if ip is a valid IPv6 address 268// - the hexadecimal form of ip, without punctuation, if no other cases apply 269func (ip IP) String() string { 270 p := ip 271 272 if len(ip) == 0 { 273 return "<nil>" 274 } 275 276 // If IPv4, use dotted notation. 277 if p4 := p.To4(); len(p4) == IPv4len { 278 return uitoa(uint(p4[0])) + "." + 279 uitoa(uint(p4[1])) + "." + 280 uitoa(uint(p4[2])) + "." + 281 uitoa(uint(p4[3])) 282 } 283 if len(p) != IPv6len { 284 return "?" + hexString(ip) 285 } 286 287 // Find longest run of zeros. 288 e0 := -1 289 e1 := -1 290 for i := 0; i < IPv6len; i += 2 { 291 j := i 292 for j < IPv6len && p[j] == 0 && p[j+1] == 0 { 293 j += 2 294 } 295 if j > i && j-i > e1-e0 { 296 e0 = i 297 e1 = j 298 i = j 299 } 300 } 301 // The symbol "::" MUST NOT be used to shorten just one 16 bit 0 field. 302 if e1-e0 <= 2 { 303 e0 = -1 304 e1 = -1 305 } 306 307 const maxLen = len("ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff") 308 b := make([]byte, 0, maxLen) 309 310 // Print with possible :: in place of run of zeros 311 for i := 0; i < IPv6len; i += 2 { 312 if i == e0 { 313 b = append(b, ':', ':') 314 i = e1 315 if i >= IPv6len { 316 break 317 } 318 } else if i > 0 { 319 b = append(b, ':') 320 } 321 b = appendHex(b, (uint32(p[i])<<8)|uint32(p[i+1])) 322 } 323 return string(b) 324} 325 326func hexString(b []byte) string { 327 s := make([]byte, len(b)*2) 328 for i, tn := range b { 329 s[i*2], s[i*2+1] = hexDigit[tn>>4], hexDigit[tn&0xf] 330 } 331 return string(s) 332} 333 334// ipEmptyString is like ip.String except that it returns 335// an empty string when ip is unset. 336func ipEmptyString(ip IP) string { 337 if len(ip) == 0 { 338 return "" 339 } 340 return ip.String() 341} 342 343// MarshalText implements the encoding.TextMarshaler interface. 344// The encoding is the same as returned by String, with one exception: 345// When len(ip) is zero, it returns an empty slice. 346func (ip IP) MarshalText() ([]byte, error) { 347 if len(ip) == 0 { 348 return []byte(""), nil 349 } 350 if len(ip) != IPv4len && len(ip) != IPv6len { 351 return nil, &AddrError{Err: "invalid IP address", Addr: hexString(ip)} 352 } 353 return []byte(ip.String()), nil 354} 355 356// UnmarshalText implements the encoding.TextUnmarshaler interface. 357// The IP address is expected in a form accepted by ParseIP. 358func (ip *IP) UnmarshalText(text []byte) error { 359 if len(text) == 0 { 360 *ip = nil 361 return nil 362 } 363 s := string(text) 364 x := ParseIP(s) 365 if x == nil { 366 return &ParseError{Type: "IP address", Text: s} 367 } 368 *ip = x 369 return nil 370} 371 372// Equal reports whether ip and x are the same IP address. 373// An IPv4 address and that same address in IPv6 form are 374// considered to be equal. 375func (ip IP) Equal(x IP) bool { 376 if len(ip) == len(x) { 377 return bytesEqual(ip, x) 378 } 379 if len(ip) == IPv4len && len(x) == IPv6len { 380 return bytesEqual(x[0:12], v4InV6Prefix) && bytesEqual(ip, x[12:]) 381 } 382 if len(ip) == IPv6len && len(x) == IPv4len { 383 return bytesEqual(ip[0:12], v4InV6Prefix) && bytesEqual(ip[12:], x) 384 } 385 return false 386} 387 388// bytes.Equal is implemented in runtime/asm_$goarch.s 389//go:linkname bytesEqual bytes.Equal 390func bytesEqual(x, y []byte) bool 391 392func (ip IP) matchAddrFamily(x IP) bool { 393 return ip.To4() != nil && x.To4() != nil || ip.To16() != nil && ip.To4() == nil && x.To16() != nil && x.To4() == nil 394} 395 396// If mask is a sequence of 1 bits followed by 0 bits, 397// return the number of 1 bits. 398func simpleMaskLength(mask IPMask) int { 399 var n int 400 for i, v := range mask { 401 if v == 0xff { 402 n += 8 403 continue 404 } 405 // found non-ff byte 406 // count 1 bits 407 for v&0x80 != 0 { 408 n++ 409 v <<= 1 410 } 411 // rest must be 0 bits 412 if v != 0 { 413 return -1 414 } 415 for i++; i < len(mask); i++ { 416 if mask[i] != 0 { 417 return -1 418 } 419 } 420 break 421 } 422 return n 423} 424 425// Size returns the number of leading ones and total bits in the mask. 426// If the mask is not in the canonical form--ones followed by zeros--then 427// Size returns 0, 0. 428func (m IPMask) Size() (ones, bits int) { 429 ones, bits = simpleMaskLength(m), len(m)*8 430 if ones == -1 { 431 return 0, 0 432 } 433 return 434} 435 436// String returns the hexadecimal form of m, with no punctuation. 437func (m IPMask) String() string { 438 if len(m) == 0 { 439 return "<nil>" 440 } 441 return hexString(m) 442} 443 444func networkNumberAndMask(n *IPNet) (ip IP, m IPMask) { 445 if ip = n.IP.To4(); ip == nil { 446 ip = n.IP 447 if len(ip) != IPv6len { 448 return nil, nil 449 } 450 } 451 m = n.Mask 452 switch len(m) { 453 case IPv4len: 454 if len(ip) != IPv4len { 455 return nil, nil 456 } 457 case IPv6len: 458 if len(ip) == IPv4len { 459 m = m[12:] 460 } 461 default: 462 return nil, nil 463 } 464 return 465} 466 467// Contains reports whether the network includes ip. 468func (n *IPNet) Contains(ip IP) bool { 469 nn, m := networkNumberAndMask(n) 470 if x := ip.To4(); x != nil { 471 ip = x 472 } 473 l := len(ip) 474 if l != len(nn) { 475 return false 476 } 477 for i := 0; i < l; i++ { 478 if nn[i]&m[i] != ip[i]&m[i] { 479 return false 480 } 481 } 482 return true 483} 484 485// Network returns the address's network name, "ip+net". 486func (n *IPNet) Network() string { return "ip+net" } 487 488// String returns the CIDR notation of n like "192.0.2.1/24" 489// or "2001:db8::/48" as defined in RFC 4632 and RFC 4291. 490// If the mask is not in the canonical form, it returns the 491// string which consists of an IP address, followed by a slash 492// character and a mask expressed as hexadecimal form with no 493// punctuation like "198.51.100.1/c000ff00". 494func (n *IPNet) String() string { 495 nn, m := networkNumberAndMask(n) 496 if nn == nil || m == nil { 497 return "<nil>" 498 } 499 l := simpleMaskLength(m) 500 if l == -1 { 501 return nn.String() + "/" + m.String() 502 } 503 return nn.String() + "/" + uitoa(uint(l)) 504} 505 506// Parse IPv4 address (d.d.d.d). 507func parseIPv4(s string) IP { 508 var p [IPv4len]byte 509 for i := 0; i < IPv4len; i++ { 510 if len(s) == 0 { 511 // Missing octets. 512 return nil 513 } 514 if i > 0 { 515 if s[0] != '.' { 516 return nil 517 } 518 s = s[1:] 519 } 520 n, c, ok := dtoi(s) 521 if !ok || n > 0xFF { 522 return nil 523 } 524 s = s[c:] 525 p[i] = byte(n) 526 } 527 if len(s) != 0 { 528 return nil 529 } 530 return IPv4(p[0], p[1], p[2], p[3]) 531} 532 533// parseIPv6 parses s as a literal IPv6 address described in RFC 4291 534// and RFC 5952. It can also parse a literal scoped IPv6 address with 535// zone identifier which is described in RFC 4007 when zoneAllowed is 536// true. 537func parseIPv6(s string, zoneAllowed bool) (ip IP, zone string) { 538 ip = make(IP, IPv6len) 539 ellipsis := -1 // position of ellipsis in ip 540 541 if zoneAllowed { 542 s, zone = splitHostZone(s) 543 } 544 545 // Might have leading ellipsis 546 if len(s) >= 2 && s[0] == ':' && s[1] == ':' { 547 ellipsis = 0 548 s = s[2:] 549 // Might be only ellipsis 550 if len(s) == 0 { 551 return ip, zone 552 } 553 } 554 555 // Loop, parsing hex numbers followed by colon. 556 i := 0 557 for i < IPv6len { 558 // Hex number. 559 n, c, ok := xtoi(s) 560 if !ok || n > 0xFFFF { 561 return nil, zone 562 } 563 564 // If followed by dot, might be in trailing IPv4. 565 if c < len(s) && s[c] == '.' { 566 if ellipsis < 0 && i != IPv6len-IPv4len { 567 // Not the right place. 568 return nil, zone 569 } 570 if i+IPv4len > IPv6len { 571 // Not enough room. 572 return nil, zone 573 } 574 ip4 := parseIPv4(s) 575 if ip4 == nil { 576 return nil, zone 577 } 578 ip[i] = ip4[12] 579 ip[i+1] = ip4[13] 580 ip[i+2] = ip4[14] 581 ip[i+3] = ip4[15] 582 s = "" 583 i += IPv4len 584 break 585 } 586 587 // Save this 16-bit chunk. 588 ip[i] = byte(n >> 8) 589 ip[i+1] = byte(n) 590 i += 2 591 592 // Stop at end of string. 593 s = s[c:] 594 if len(s) == 0 { 595 break 596 } 597 598 // Otherwise must be followed by colon and more. 599 if s[0] != ':' || len(s) == 1 { 600 return nil, zone 601 } 602 s = s[1:] 603 604 // Look for ellipsis. 605 if s[0] == ':' { 606 if ellipsis >= 0 { // already have one 607 return nil, zone 608 } 609 ellipsis = i 610 s = s[1:] 611 if len(s) == 0 { // can be at end 612 break 613 } 614 } 615 } 616 617 // Must have used entire string. 618 if len(s) != 0 { 619 return nil, zone 620 } 621 622 // If didn't parse enough, expand ellipsis. 623 if i < IPv6len { 624 if ellipsis < 0 { 625 return nil, zone 626 } 627 n := IPv6len - i 628 for j := i - 1; j >= ellipsis; j-- { 629 ip[j+n] = ip[j] 630 } 631 for j := ellipsis + n - 1; j >= ellipsis; j-- { 632 ip[j] = 0 633 } 634 } else if ellipsis >= 0 { 635 // Ellipsis must represent at least one 0 group. 636 return nil, zone 637 } 638 return ip, zone 639} 640 641// ParseIP parses s as an IP address, returning the result. 642// The string s can be in dotted decimal ("192.0.2.1") 643// or IPv6 ("2001:db8::68") form. 644// If s is not a valid textual representation of an IP address, 645// ParseIP returns nil. 646func ParseIP(s string) IP { 647 for i := 0; i < len(s); i++ { 648 switch s[i] { 649 case '.': 650 return parseIPv4(s) 651 case ':': 652 ip, _ := parseIPv6(s, false) 653 return ip 654 } 655 } 656 return nil 657} 658 659// ParseCIDR parses s as a CIDR notation IP address and prefix length, 660// like "192.0.2.0/24" or "2001:db8::/32", as defined in 661// RFC 4632 and RFC 4291. 662// 663// It returns the IP address and the network implied by the IP and 664// prefix length. 665// For example, ParseCIDR("192.0.2.1/24") returns the IP address 666// 192.0.2.1 and the network 192.0.2.0/24. 667func ParseCIDR(s string) (IP, *IPNet, error) { 668 i := byteIndex(s, '/') 669 if i < 0 { 670 return nil, nil, &ParseError{Type: "CIDR address", Text: s} 671 } 672 addr, mask := s[:i], s[i+1:] 673 iplen := IPv4len 674 ip := parseIPv4(addr) 675 if ip == nil { 676 iplen = IPv6len 677 ip, _ = parseIPv6(addr, false) 678 } 679 n, i, ok := dtoi(mask) 680 if ip == nil || !ok || i != len(mask) || n < 0 || n > 8*iplen { 681 return nil, nil, &ParseError{Type: "CIDR address", Text: s} 682 } 683 m := CIDRMask(n, 8*iplen) 684 return ip, &IPNet{IP: ip.Mask(m), Mask: m}, nil 685} 686