Search in sources :

Example 51 with Ipv6Address

use of org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Ipv6Address in project OpenAM by OpenRock.

the class Adaptive method checkIPRange.

/**
     * Check to see if the IP address is within the ranges specified
     *
     * Range can be in the form of:
     * x.x.x.x/YY
     * or
     * x.x.x.x-y.y.y.y.
     * or
     * x:x:x:x:x:x:x:x/YY
     * or
     * x:x:x:x:x:x:x:x-y:y:y:y:y:y:y:y
     *
     * There can be multiple ranges passed in
     *
     * @return score achieved with this test
     */
protected int checkIPRange() {
    int retVal = 0;
    String ipVersion;
    String ipType;
    Map<String, String> holdDetails;
    for (String nextIP : IPRangeRange) {
        try {
            holdDetails = checkIPVersion(nextIP);
        } catch (IllegalArgumentException e) {
            if (debug.warningEnabled()) {
                debug.warning("{}.checkIPRange: IP type could not be validated. IP={}", ADAPTIVE, nextIP, e);
            }
            continue;
        }
        ipVersion = holdDetails.get(IP_Version);
        ipType = holdDetails.get(IP_TYPE);
        if (ipVersion.equalsIgnoreCase(IP_V6) && ValidateIPaddress.isIPv6(clientIP)) {
            if (debug.messageEnabled()) {
                debug.message("{}.checkIPRange: {} --> {}", ADAPTIVE, clientIP, nextIP);
                debug.message("IP version is: {}", IP_V6);
                debug.message("Client IP is: {}", IPv6Address.fromString(clientIP));
            }
            if (ipType.equalsIgnoreCase("Range")) {
                // Do range IPv6
                String first = holdDetails.get(IP_START);
                String last = holdDetails.get(IP_END);
                IPv6AddressRange iPv6AddressRange = IPv6AddressRange.fromFirstAndLast(IPv6Address.fromString(first), IPv6Address.fromString(last));
                if (iPv6AddressRange.contains(IPv6Address.fromString(clientIP))) {
                    retVal = IPRangeScore;
                }
            } else if (ipType.equalsIgnoreCase("CIDR")) {
                // Subnet mask ip
                IPv6Network iPv6Network = IPv6Network.fromString(nextIP);
                if (iPv6Network.contains(IPv6Address.fromString(clientIP))) {
                    retVal = IPRangeScore;
                }
            } else {
                // treat as single ip address
                IPv6Address iPv6AddressNextIP = IPv6Address.fromString(nextIP);
                if (iPv6AddressNextIP.compareTo(IPv6Address.fromString(clientIP)) == 0) {
                    retVal = IPRangeScore;
                }
            }
        } else if (ipVersion.equalsIgnoreCase(IP_V4) && ValidateIPaddress.isIPv4(clientIP)) {
            // treat as IPv4
            if (debug.messageEnabled()) {
                debug.message("{}.checkIPRange: {} --> {}", ADAPTIVE, clientIP, nextIP);
                debug.message("IP version is: {}", IP_V4);
                debug.message("Client IP is: {}", clientIP);
            }
            IPRange theRange = new IPRange(nextIP);
            if (theRange.inRange(clientIP)) {
                retVal = IPRangeScore;
            }
        }
    }
    if (!IPRangeInvert) {
        retVal = IPRangeScore - retVal;
    }
    return retVal;
}
Also used : IPv6AddressRange(com.googlecode.ipv6.IPv6AddressRange) IPv6Address(com.googlecode.ipv6.IPv6Address) IPv6Network(com.googlecode.ipv6.IPv6Network) IPRange(org.forgerock.openam.utils.IPRange)

Example 52 with Ipv6Address

use of org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Ipv6Address in project OpenAM by OpenRock.

the class IPv6Condition method isAllowedByIp.

/**
     *  Checks of the ip falls in the valid range between
     * start and end IP addresses.
     * @see #START_IP
     * @see #END_IP
     */
private boolean isAllowedByIp(String ip) throws PolicyException {
    boolean allowed = false;
    IPv6AddressRange iPv6AddressRange = IPv6AddressRange.fromFirstAndLast(startIP, endIP);
    IPv6Address requestIP = IPv6Address.fromString(ip);
    if (iPv6AddressRange.contains(requestIP)) {
        allowed = true;
    }
    return allowed;
}
Also used : IPv6AddressRange(com.googlecode.ipv6.IPv6AddressRange) IPv6Address(com.googlecode.ipv6.IPv6Address)

Example 53 with Ipv6Address

use of org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Ipv6Address in project OpenAM by OpenRock.

the class ResourceEnvIPCondition method matchEnvironment.

/**
     * Returns the environment condition that satisfies or matches for the client
     * environment parameter, including client's IP Address.
     */
@SuppressWarnings("unchecked")
private EnvironmentCondition matchEnvironment(Map env, SSOToken token) throws EntitlementException, SSOException {
    if (debug.messageEnabled()) {
        localDebugName = debugName + ".matchEnvironment(): ";
    }
    EnvironmentCondition matchingCondition = null;
    final List<EnvironmentCondition> conditions = parseConditions(resourceEnvIPConditionValue);
    //Check if all the keys are valid
    for (EnvironmentCondition condition : conditions) {
        final String envParamName = condition.paramName;
        final String envParamValue = condition.paramValue;
        Set<String> envSet = (Set<String>) env.get(envParamName);
        if (!Utils.isEmpty(envSet)) {
            for (String strEnv : envSet) {
                if ((strEnv != null) && (strEnv.equalsIgnoreCase(envParamValue))) {
                    matchingCondition = condition;
                    break;
                }
            }
        } else {
            String strIP = null;
            Object object = env.get(REQUEST_IP);
            if (object instanceof Set) {
                Set ipSet = (Set) object;
                if (ipSet.isEmpty()) {
                    if (token != null) {
                        strIP = token.getIPAddress().getHostAddress();
                    } else {
                        throw new EntitlementException(CLIENT_IP_EMPTY);
                    }
                } else {
                    Iterator names = ipSet.iterator();
                    strIP = (String) names.next();
                }
            } else if (object instanceof String) {
                strIP = (String) object;
                if (StringUtils.isBlank(strIP)) {
                    if (token != null) {
                        strIP = token.getIPAddress().getHostAddress();
                    } else {
                        throw new EntitlementException(CLIENT_IP_EMPTY);
                    }
                }
            }
            long requestIpV4 = 0;
            IPv6Address requestIpV6 = null;
            if (ValidateIPaddress.isIPv4(strIP)) {
                requestIpV4 = stringToIp(strIP);
            } else if (ValidateIPaddress.isIPv6(strIP)) {
                requestIpV6 = IPv6Address.fromString(strIP);
            } else {
                if (debug.messageEnabled()) {
                    debug.message(localDebugName + "invalid strIP : " + strIP);
                }
                continue;
            }
            int bIndex = envParamValue.indexOf("[");
            int lIndex = envParamValue.indexOf("]");
            String ipVal = envParamValue.substring(bIndex + 1, lIndex);
            if (ipVal.contains("-")) {
                StringTokenizer stIP = new StringTokenizer(ipVal, "-");
                int tokenCnt = stIP.countTokens();
                if (tokenCnt > 2) {
                    throw new EntitlementException(INVALID_PROPERTY_VALUE, new String[] { ipVal });
                }
                String startIp = stIP.nextToken();
                String endIp = startIp;
                if (tokenCnt == 2) {
                    endIp = stIP.nextToken();
                }
                if (ValidateIPaddress.isIPv4(strIP) && ValidateIPaddress.isIPv4(startIp) && ValidateIPaddress.isIPv4(endIp)) {
                    long lStartIP = stringToIp(startIp);
                    long lEndIP = stringToIp(endIp);
                    if ((requestIpV4 >= lStartIP) && (requestIpV4 <= lEndIP)) {
                        matchingCondition = condition;
                        break;
                    }
                } else if (ValidateIPaddress.isIPv6(strIP) && ValidateIPaddress.isIPv6(startIp) && ValidateIPaddress.isIPv6(endIp)) {
                    IPv6AddressRange ipv6Range = IPv6AddressRange.fromFirstAndLast(IPv6Address.fromString(startIp), IPv6Address.fromString(endIp));
                    if (requestIpV6 != null && ipv6Range.contains(requestIpV6)) {
                        matchingCondition = condition;
                        break;
                    }
                } else {
                    if (debug.errorEnabled()) {
                        debug.error(debugName + ".matchEnvironment(): invalid property value, " + strIP);
                    }
                    throw new EntitlementException(INVALID_PROPERTY_VALUE, new String[] { strIP });
                }
            } else if (requestIpV4 != 0 && ValidateIPaddress.isIPv4(ipVal)) {
                long longIp = stringToIp(ipVal);
                if (requestIpV4 == longIp) {
                    matchingCondition = condition;
                    break;
                }
            } else if (requestIpV6 != null && ValidateIPaddress.isIPv6(ipVal)) {
                // treat as single ip address
                IPv6Address iPv6AddressIpVal = IPv6Address.fromString(ipVal);
                if (iPv6AddressIpVal.compareTo(requestIpV6) == 0) {
                    matchingCondition = condition;
                    break;
                }
            } else if (ipVal.contains("*")) {
                matchingCondition = condition;
                break;
            } else {
                throw new EntitlementException(RESOURCE_ENV_NOT_KNOWN, new String[] { ipVal });
            }
        }
    }
    return matchingCondition;
}
Also used : Set(java.util.Set) HashSet(java.util.HashSet) IPv6AddressRange(com.googlecode.ipv6.IPv6AddressRange) IPv6Address(com.googlecode.ipv6.IPv6Address) EntitlementException(com.sun.identity.entitlement.EntitlementException) StringTokenizer(java.util.StringTokenizer) Iterator(java.util.Iterator) JSONObject(org.json.JSONObject)

Example 54 with Ipv6Address

use of org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Ipv6Address in project cloudstack by apache.

the class NetUtils method isIp6InNetwork.

public static boolean isIp6InNetwork(final String ip6, final String ip6Cidr) {
    IPv6Network network = null;
    try {
        network = IPv6Network.fromString(ip6Cidr);
    } catch (final IllegalArgumentException ex) {
        return false;
    }
    final IPv6Address ip = IPv6Address.fromString(ip6);
    return network.contains(ip);
}
Also used : IPv6Address(com.googlecode.ipv6.IPv6Address) IPv6Network(com.googlecode.ipv6.IPv6Network)

Example 55 with Ipv6Address

use of org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Ipv6Address in project bgpcep by opendaylight.

the class ByteBufWriteUtilTest method testWriteIpv6Address.

@Test
public void testWriteIpv6Address() {
    final byte[] result = { 0x20, (byte) 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 };
    final ByteBuf output = Unpooled.buffer(Ipv6Util.IPV6_LENGTH);
    writeIpv6Address(new Ipv6Address("2001::1"), output);
    assertArrayEquals(result, output.array());
    output.clear();
    final byte[] zeroResult = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
    writeIpv6Address(null, output);
    assertArrayEquals(zeroResult, output.array());
}
Also used : ByteBuf(io.netty.buffer.ByteBuf) ByteBufWriteUtil.writeIpv6Address(org.opendaylight.protocol.util.ByteBufWriteUtil.writeIpv6Address) Ipv6Address(org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Ipv6Address) Test(org.junit.Test)

Aggregations

Ipv6Address (org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Ipv6Address)83 Test (org.junit.Test)67 IpAddress (org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IpAddress)23 ByteBuf (io.netty.buffer.ByteBuf)21 ArrayList (java.util.ArrayList)21 IPv6Address (com.googlecode.ipv6.IPv6Address)18 MacAddress (org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.MacAddress)17 BigInteger (java.math.BigInteger)16 Ipv6Prefix (org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Ipv6Prefix)16 MatchEntry (org.opendaylight.yang.gen.v1.urn.opendaylight.openflow.oxm.rev150225.match.entries.grouping.MatchEntry)15 Ipv4Address (org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Ipv4Address)14 MatchBuilder (org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.flow.MatchBuilder)13 Ipv6MatchBuilder (org.opendaylight.yang.gen.v1.urn.opendaylight.model.match.types.rev131026.match.layer._3.match.Ipv6MatchBuilder)12 MatchEntryBuilder (org.opendaylight.yang.gen.v1.urn.opendaylight.openflow.oxm.rev150225.match.entries.grouping.MatchEntryBuilder)12 Ipv6SrcCaseBuilder (org.opendaylight.yang.gen.v1.urn.opendaylight.openflow.oxm.rev150225.match.entry.value.grouping.match.entry.value.Ipv6SrcCaseBuilder)11 Ipv6SrcBuilder (org.opendaylight.yang.gen.v1.urn.opendaylight.openflow.oxm.rev150225.match.entry.value.grouping.match.entry.value.ipv6.src._case.Ipv6SrcBuilder)11 Ipv6DstCaseBuilder (org.opendaylight.yang.gen.v1.urn.opendaylight.openflow.oxm.rev150225.match.entry.value.grouping.match.entry.value.Ipv6DstCaseBuilder)9 Ipv6DstBuilder (org.opendaylight.yang.gen.v1.urn.opendaylight.openflow.oxm.rev150225.match.entry.value.grouping.match.entry.value.ipv6.dst._case.Ipv6DstBuilder)9 Match (org.opendaylight.yang.gen.v1.urn.opendaylight.openflow.oxm.rev150225.match.grouping.Match)9 MatchBuilder (org.opendaylight.yang.gen.v1.urn.opendaylight.openflow.oxm.rev150225.match.grouping.MatchBuilder)9