1.\" $OpenBSD: X509v3_addr_get_range.3,v 1.2 2023/09/30 14:12:40 schwarze Exp $ 2.\" 3.\" Copyright (c) 2023 Theo Buehler <tb@openbsd.org> 4.\" 5.\" Permission to use, copy, modify, and distribute this software for any 6.\" purpose with or without fee is hereby granted, provided that the above 7.\" copyright notice and this permission notice appear in all copies. 8.\" 9.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16.\" 17.Dd $Mdocdate: September 30 2023 $ 18.Dt X509V3_ADDR_GET_RANGE 3 19.Os 20.Sh NAME 21.Nm X509v3_addr_get_afi , 22.Nm X509v3_addr_get_range 23.Nd parse helpers for the IP address delegation extension 24.Sh SYNOPSIS 25.In openssl/x509v3.h 26.Ft unsigned 27.Fn X509v3_addr_get_afi "const IPAddressFamily *af" 28.Ft int 29.Fo X509v3_addr_get_range 30.Fa "IPAddressOrRange *aor" 31.Fa "const unsigned afi" 32.Fa "unsigned char *min" 33.Fa "unsigned char *max" 34.Fa "const int length" 35.Fc 36.Sh DESCRIPTION 37.Fn X509v3_addr_get_afi 38returns the address family identifier (AFI) of 39.Fa af . 40.Pp 41.Fn X509v3_addr_get_range 42converts the minimum and maximum addresses in 43the address prefix or range 44.Fa aor 45from internal encoding to IP addresses in network byte order 46and places copies in the arrays 47.Fa min 48and 49.Fa max , 50of size 51.Fa length . 52The 53.Fa length 54must be large enough to accommodate an address for 55.Fa afi , 56which is at least 4 for 57.Dv IANA_AFI_IPV4 58and at least 16 for 59.Dv IANA_AFI_IPV6 . 60.Sh RETURN VALUES 61.Fn X509v3_addr_get_afi 62returns the AFI encoded in 63.Fa af 64or 0 if 65.Fa af 66does not contain a valid AFI, or if the AFI is not IPv4 or IPv6. 67.Pp 68.Fn X509v3_addr_get_range 69returns the number of bytes copied into 70.Fa min 71and 72.Fa max 73or 0 on error. 74An error occurs if 75.Fa aor 76is malformed, if 77.Fa afi 78is not 79.Dv IANA_AFI_IPV4 80or 81.Dv IANA_AFI_IPV6 , 82if either 83.Fa min 84or 85.Fa max 86is 87.Dv NULL , 88or if 89.Fa length 90is smaller than 4 or 16, respectively. 91.Sh SEE ALSO 92.Xr crypto 3 , 93.Xr inet_ntop 3 , 94.Xr IPAddressRange_new 3 , 95.Xr X509_new 3 , 96.Xr X509v3_addr_add_inherit 3 97.Sh STANDARDS 98RFC 3779: X.509 Extensions for IP Addresses and AS Identifiers: 99.Bl -dash -compact 100.It 101section 2: IP Address delegation extension 102.It 103section 2.2.3.3: Element addressFamily 104.It 105section 2.2.3.7: Type IPAddressOrRange 106.It 107section 2.2.3.8: Element addressPrefix and Type IPAddress 108.El 109.Pp 110.Rs 111.%T Address Family Numbers 112.%U https://www.iana.org/assignments/address-family-numbers 113.Re 114.Sh HISTORY 115These functions first appeared in OpenSSL 0.9.8e 116and have been available since 117.Ox 7.1 . 118.Sh BUGS 119There is no accessor for the SAFI of 120.Fa af . 121.Pp 122An error from 123.Fn X509v3_addr_get_afi 124is indistinguishable from the reserved AFI 0 being set on 125.Fa af . 126.Pp 127It is not entirely clear how a caller is supposed to obtain an 128.Vt IPAddressFamily 129object or an 130.Vt IPAddressOrRange 131object without reaching into various structs documented in 132.Xr IPAddressRange_new 3 . 133