aboutsummaryrefslogtreecommitdiff
path: root/Jellyfin.Networking
diff options
context:
space:
mode:
Diffstat (limited to 'Jellyfin.Networking')
-rw-r--r--Jellyfin.Networking/Constants/Network.cs75
-rw-r--r--Jellyfin.Networking/Extensions/NetworkExtensions.cs351
-rw-r--r--Jellyfin.Networking/Manager/NetworkManager.cs36
3 files changed, 445 insertions, 17 deletions
diff --git a/Jellyfin.Networking/Constants/Network.cs b/Jellyfin.Networking/Constants/Network.cs
new file mode 100644
index 000000000..7fadc74bb
--- /dev/null
+++ b/Jellyfin.Networking/Constants/Network.cs
@@ -0,0 +1,75 @@
+using System.Net;
+using Microsoft.AspNetCore.HttpOverrides;
+
+namespace Jellyfin.Networking.Constants;
+
+/// <summary>
+/// Networking constants.
+/// </summary>
+public static class Network
+{
+ /// <summary>
+ /// IPv4 mask bytes.
+ /// </summary>
+ public const int IPv4MaskBytes = 4;
+
+ /// <summary>
+ /// IPv6 mask bytes.
+ /// </summary>
+ public const int IPv6MaskBytes = 16;
+
+ /// <summary>
+ /// Minimum IPv4 prefix size.
+ /// </summary>
+ public const int MinimumIPv4PrefixSize = 32;
+
+ /// <summary>
+ /// Minimum IPv6 prefix size.
+ /// </summary>
+ public const int MinimumIPv6PrefixSize = 128;
+
+ /// <summary>
+ /// Whole IPv4 address space.
+ /// </summary>
+ public static readonly IPNetwork IPv4Any = new IPNetwork(IPAddress.Any, 0);
+
+ /// <summary>
+ /// Whole IPv6 address space.
+ /// </summary>
+ public static readonly IPNetwork IPv6Any = new IPNetwork(IPAddress.IPv6Any, 0);
+
+ /// <summary>
+ /// IPv4 Loopback as defined in RFC 5735.
+ /// </summary>
+ public static readonly IPNetwork IPv4RFC5735Loopback = new IPNetwork(IPAddress.Loopback, 8);
+
+ /// <summary>
+ /// IPv4 private class A as defined in RFC 1918.
+ /// </summary>
+ public static readonly IPNetwork IPv4RFC1918PrivateClassA = new IPNetwork(IPAddress.Parse("10.0.0.0"), 8);
+
+ /// <summary>
+ /// IPv4 private class B as defined in RFC 1918.
+ /// </summary>
+ public static readonly IPNetwork IPv4RFC1918PrivateClassB = new IPNetwork(IPAddress.Parse("172.16.0.0"), 12);
+
+ /// <summary>
+ /// IPv4 private class C as defined in RFC 1918.
+ /// </summary>
+ public static readonly IPNetwork IPv4RFC1918PrivateClassC = new IPNetwork(IPAddress.Parse("192.168.0.0"), 16);
+
+ /// <summary>
+ /// IPv6 loopback as defined in RFC 4291.
+ /// </summary>
+ public static readonly IPNetwork IPv6RFC4291Loopback = new IPNetwork(IPAddress.IPv6Loopback, 128);
+
+ /// <summary>
+ /// IPv6 site local as defined in RFC 4291.
+ /// </summary>
+ public static readonly IPNetwork IPv6RFC4291SiteLocal = new IPNetwork(IPAddress.Parse("fe80::"), 10);
+
+ /// <summary>
+ /// IPv6 unique local as defined in RFC 4193.
+ /// </summary>
+ public static readonly IPNetwork IPv6RFC4193UniqueLocal = new IPNetwork(IPAddress.Parse("fc00::"), 7);
+}
diff --git a/Jellyfin.Networking/Extensions/NetworkExtensions.cs b/Jellyfin.Networking/Extensions/NetworkExtensions.cs
new file mode 100644
index 000000000..2ad6bae62
--- /dev/null
+++ b/Jellyfin.Networking/Extensions/NetworkExtensions.cs
@@ -0,0 +1,351 @@
+using System;
+using System.Collections.Generic;
+using System.Diagnostics.CodeAnalysis;
+using System.Linq;
+using System.Net;
+using System.Net.Sockets;
+using System.Text.RegularExpressions;
+using Jellyfin.Extensions;
+using Jellyfin.Networking.Constants;
+using Microsoft.AspNetCore.HttpOverrides;
+
+namespace Jellyfin.Networking.Extensions;
+
+/// <summary>
+/// Defines the <see cref="NetworkExtensions" />.
+/// </summary>
+public static partial class NetworkExtensions
+{
+ // Use regular expression as CheckHostName isn't RFC5892 compliant.
+ // Modified from gSkinner's expression at https://stackoverflow.com/questions/11809631/fully-qualified-domain-name-validation
+ [GeneratedRegex(@"(?im)^(?!:\/\/)(?=.{1,255}$)((.{1,63}\.){0,127}(?![0-9]*$)[a-z0-9-]+\.?)(:(\d){1,5}){0,1}$", RegexOptions.IgnoreCase, "en-US")]
+ private static partial Regex fqdnGeneratedRegex();
+
+ /// <summary>
+ /// Returns true if the IPAddress contains an IP6 Local link address.
+ /// </summary>
+ /// <param name="address">IPAddress object to check.</param>
+ /// <returns>True if it is a local link address.</returns>
+ /// <remarks>
+ /// See https://stackoverflow.com/questions/6459928/explain-the-instance-properties-of-system-net-ipaddress
+ /// it appears that the IPAddress.IsIPv6LinkLocal is out of date.
+ /// </remarks>
+ public static bool IsIPv6LinkLocal(IPAddress address)
+ {
+ ArgumentNullException.ThrowIfNull(address);
+
+ if (address.IsIPv4MappedToIPv6)
+ {
+ address = address.MapToIPv4();
+ }
+
+ if (address.AddressFamily != AddressFamily.InterNetworkV6)
+ {
+ return false;
+ }
+
+ // GetAddressBytes
+ Span<byte> octet = stackalloc byte[16];
+ address.TryWriteBytes(octet, out _);
+ uint word = (uint)(octet[0] << 8) + octet[1];
+
+ return word >= 0xfe80 && word <= 0xfebf; // fe80::/10 :Local link.
+ }
+
+ /// <summary>
+ /// Convert a subnet mask in CIDR notation to a dotted decimal string value. IPv4 only.
+ /// </summary>
+ /// <param name="cidr">Subnet mask in CIDR notation.</param>
+ /// <param name="family">IPv4 or IPv6 family.</param>
+ /// <returns>String value of the subnet mask in dotted decimal notation.</returns>
+ public static IPAddress CidrToMask(byte cidr, AddressFamily family)
+ {
+ uint addr = 0xFFFFFFFF << ((family == AddressFamily.InterNetwork ? Network.MinimumIPv4PrefixSize : Network.MinimumIPv6PrefixSize) - cidr);
+ addr = ((addr & 0xff000000) >> 24)
+ | ((addr & 0x00ff0000) >> 8)
+ | ((addr & 0x0000ff00) << 8)
+ | ((addr & 0x000000ff) << 24);
+ return new IPAddress(addr);
+ }
+
+ /// <summary>
+ /// Convert a subnet mask in CIDR notation to a dotted decimal string value. IPv4 only.
+ /// </summary>
+ /// <param name="cidr">Subnet mask in CIDR notation.</param>
+ /// <param name="family">IPv4 or IPv6 family.</param>
+ /// <returns>String value of the subnet mask in dotted decimal notation.</returns>
+ public static IPAddress CidrToMask(int cidr, AddressFamily family)
+ {
+ uint addr = 0xFFFFFFFF << ((family == AddressFamily.InterNetwork ? Network.MinimumIPv4PrefixSize : Network.MinimumIPv6PrefixSize) - cidr);
+ addr = ((addr & 0xff000000) >> 24)
+ | ((addr & 0x00ff0000) >> 8)
+ | ((addr & 0x0000ff00) << 8)
+ | ((addr & 0x000000ff) << 24);
+ return new IPAddress(addr);
+ }
+
+ /// <summary>
+ /// Convert a subnet mask to a CIDR. IPv4 only.
+ /// https://stackoverflow.com/questions/36954345/get-cidr-from-netmask.
+ /// </summary>
+ /// <param name="mask">Subnet mask.</param>
+ /// <returns>Byte CIDR representing the mask.</returns>
+ public static byte MaskToCidr(IPAddress mask)
+ {
+ ArgumentNullException.ThrowIfNull(mask);
+
+ byte cidrnet = 0;
+ if (mask.Equals(IPAddress.Any))
+ {
+ return cidrnet;
+ }
+
+ // GetAddressBytes
+ Span<byte> bytes = stackalloc byte[mask.AddressFamily == AddressFamily.InterNetwork ? Network.IPv4MaskBytes : Network.IPv6MaskBytes];
+ if (!mask.TryWriteBytes(bytes, out var bytesWritten))
+ {
+ Console.WriteLine("Unable to write address bytes, only {bytesWritten} bytes written.");
+ }
+
+ var zeroed = false;
+ for (var i = 0; i < bytes.Length; i++)
+ {
+ for (int v = bytes[i]; (v & 0xFF) != 0; v <<= 1)
+ {
+ if (zeroed)
+ {
+ // Invalid netmask.
+ return (byte)~cidrnet;
+ }
+
+ if ((v & 0x80) == 0)
+ {
+ zeroed = true;
+ }
+ else
+ {
+ cidrnet++;
+ }
+ }
+ }
+
+ return cidrnet;
+ }
+
+ /// <summary>
+ /// Converts an IPAddress into a string.
+ /// IPv6 addresses are returned in [ ], with their scope removed.
+ /// </summary>
+ /// <param name="address">Address to convert.</param>
+ /// <returns>URI safe conversion of the address.</returns>
+ public static string FormatIPString(IPAddress? address)
+ {
+ if (address is null)
+ {
+ return string.Empty;
+ }
+
+ var str = address.ToString();
+ if (address.AddressFamily == AddressFamily.InterNetworkV6)
+ {
+ int i = str.IndexOf('%', StringComparison.Ordinal);
+ if (i != -1)
+ {
+ str = str.Substring(0, i);
+ }
+
+ return $"[{str}]";
+ }
+
+ return str;
+ }
+
+ /// <summary>
+ /// Try parsing an array of strings into <see cref="IPNetwork"/> objects, respecting exclusions.
+ /// Elements without a subnet mask will be represented as <see cref="IPNetwork"/> with a single IP.
+ /// </summary>
+ /// <param name="values">Input string array to be parsed.</param>
+ /// <param name="result">Collection of <see cref="IPNetwork"/>.</param>
+ /// <param name="negated">Boolean signaling if negated or not negated values should be parsed.</param>
+ /// <returns><c>True</c> if parsing was successful.</returns>
+ public static bool TryParseToSubnets(string[] values, [NotNullWhen(true)] out IReadOnlyList<IPNetwork>? result, bool negated = false)
+ {
+ if (values is null || values.Length == 0)
+ {
+ result = null;
+ return false;
+ }
+
+ var tmpResult = new List<IPNetwork>();
+ for (int a = 0; a < values.Length; a++)
+ {
+ if (TryParseToSubnet(values[a], out var innerResult, negated))
+ {
+ tmpResult.Add(innerResult);
+ }
+ }
+
+ result = tmpResult;
+ return tmpResult.Count > 0;
+ }
+
+ /// <summary>
+ /// Try parsing a string into an <see cref="IPNetwork"/>, respecting exclusions.
+ /// Inputs without a subnet mask will be represented as <see cref="IPNetwork"/> with a single IP.
+ /// </summary>
+ /// <param name="value">Input string to be parsed.</param>
+ /// <param name="result">An <see cref="IPNetwork"/>.</param>
+ /// <param name="negated">Boolean signaling if negated or not negated values should be parsed.</param>
+ /// <returns><c>True</c> if parsing was successful.</returns>
+ public static bool TryParseToSubnet(ReadOnlySpan<char> value, [NotNullWhen(true)] out IPNetwork? result, bool negated = false)
+ {
+ var splitString = value.Trim().Split('/');
+ if (splitString.MoveNext())
+ {
+ var ipBlock = splitString.Current;
+ var address = IPAddress.None;
+ if (negated && ipBlock.StartsWith<char>("!") && IPAddress.TryParse(ipBlock[1..], out var tmpAddress))
+ {
+ address = tmpAddress;
+ }
+ else if (!negated && IPAddress.TryParse(ipBlock, out tmpAddress))
+ {
+ address = tmpAddress;
+ }
+
+ if (address != IPAddress.None)
+ {
+ if (splitString.MoveNext())
+ {
+ var subnetBlock = splitString.Current;
+ if (int.TryParse(subnetBlock, out var netmask))
+ {
+ result = new IPNetwork(address, netmask);
+ return true;
+ }
+ else if (IPAddress.TryParse(subnetBlock, out var netmaskAddress))
+ {
+ result = new IPNetwork(address, NetworkExtensions.MaskToCidr(netmaskAddress));
+ return true;
+ }
+ }
+ else if (address.AddressFamily == AddressFamily.InterNetwork)
+ {
+ result = new IPNetwork(address, Network.MinimumIPv4PrefixSize);
+ return true;
+ }
+ else if (address.AddressFamily == AddressFamily.InterNetworkV6)
+ {
+ result = new IPNetwork(address, Network.MinimumIPv6PrefixSize);
+ return true;
+ }
+ }
+ }
+
+ result = null;
+ return false;
+ }
+
+ /// <summary>
+ /// Attempts to parse a host span.
+ /// </summary>
+ /// <param name="host">Host name to parse.</param>
+ /// <param name="addresses">Object representing the span, if it has successfully been parsed.</param>
+ /// <param name="isIPv4Enabled"><c>true</c> if IPv4 is enabled.</param>
+ /// <param name="isIPv6Enabled"><c>true</c> if IPv6 is enabled.</param>
+ /// <returns><c>true</c> if the parsing is successful, <c>false</c> if not.</returns>
+ public static bool TryParseHost(ReadOnlySpan<char> host, [NotNullWhen(true)] out IPAddress[]? addresses, bool isIPv4Enabled = true, bool isIPv6Enabled = false)
+ {
+ if (host.IsEmpty)
+ {
+ addresses = null;
+ return false;
+ }
+
+ host = host.Trim();
+
+ // See if it's an IPv6 with port address e.g. [::1] or [::1]:120.
+ if (host[0] == '[')
+ {
+ int i = host.IndexOf(']');
+ if (i != -1)
+ {
+ return TryParseHost(host[1..(i - 1)], out addresses);
+ }
+
+ addresses = Array.Empty<IPAddress>();
+ return false;
+ }
+
+ var hosts = new List<string>();
+ foreach (var splitSpan in host.Split(':'))
+ {
+ hosts.Add(splitSpan.ToString());
+ }
+
+ if (hosts.Count <= 2)
+ {
+ // Is hostname or hostname:port
+ if (fqdnGeneratedRegex().IsMatch(hosts[0]))
+ {
+ try
+ {
+ addresses = Dns.GetHostAddresses(hosts[0]);
+ return true;
+ }
+ catch (SocketException)
+ {
+ // Log and then ignore socket errors, as the result value will just be an empty array.
+ Console.WriteLine("GetHostAddresses failed.");
+ }
+ }
+
+ // Is an IPv4 or IPv4:port
+ if (IPAddress.TryParse(hosts[0].AsSpan().LeftPart('/'), out var address))
+ {
+ if (((address.AddressFamily == AddressFamily.InterNetwork) && (!isIPv4Enabled && isIPv6Enabled))
+ || ((address.AddressFamily == AddressFamily.InterNetworkV6) && (isIPv4Enabled && !isIPv6Enabled)))
+ {
+ addresses = Array.Empty<IPAddress>();
+ return false;
+ }
+
+ addresses = new[] { address };
+
+ // Host name is an IPv4 address, so fake resolve.
+ return true;
+ }
+ }
+ else if (hosts.Count > 0 && hosts.Count <= 9) // 8 octets + port
+ {
+ if (IPAddress.TryParse(host.LeftPart('/'), out var address))
+ {
+ addresses = new[] { address };
+ return true;
+ }
+ }
+
+ addresses = Array.Empty<IPAddress>();
+ return false;
+ }
+
+ /// <summary>
+ /// Gets the broadcast address for a <see cref="IPNetwork"/>.
+ /// </summary>
+ /// <param name="network">The <see cref="IPNetwork"/>.</param>
+ /// <returns>The broadcast address.</returns>
+ public static IPAddress GetBroadcastAddress(IPNetwork network)
+ {
+ var addressBytes = network.Prefix.GetAddressBytes();
+ if (BitConverter.IsLittleEndian)
+ {
+ addressBytes = addressBytes.Reverse().ToArray();
+ }
+
+ uint iPAddress = BitConverter.ToUInt32(addressBytes, 0);
+ uint ipMaskV4 = BitConverter.ToUInt32(CidrToMask(network.PrefixLength, AddressFamily.InterNetwork).GetAddressBytes(), 0);
+ uint broadCastIPAddress = iPAddress | ~ipMaskV4;
+
+ return new IPAddress(BitConverter.GetBytes(broadCastIPAddress));
+ }
+}
diff --git a/Jellyfin.Networking/Manager/NetworkManager.cs b/Jellyfin.Networking/Manager/NetworkManager.cs
index c80038e7d..f20e28526 100644
--- a/Jellyfin.Networking/Manager/NetworkManager.cs
+++ b/Jellyfin.Networking/Manager/NetworkManager.cs
@@ -8,6 +8,8 @@ using System.Net.NetworkInformation;
using System.Net.Sockets;
using System.Threading;
using Jellyfin.Networking.Configuration;
+using Jellyfin.Networking.Constants;
+using Jellyfin.Networking.Extensions;
using MediaBrowser.Common.Configuration;
using MediaBrowser.Common.Net;
using MediaBrowser.Model.Net;
@@ -316,17 +318,17 @@ namespace Jellyfin.Networking.Manager
var fallbackLanSubnets = new List<IPNetwork>();
if (IsIPv6Enabled)
{
- fallbackLanSubnets.Add(new IPNetwork(IPAddress.IPv6Loopback, 128)); // RFC 4291 (Loopback)
- fallbackLanSubnets.Add(new IPNetwork(IPAddress.Parse("fe80::"), 10)); // RFC 4291 (Site local)
- fallbackLanSubnets.Add(new IPNetwork(IPAddress.Parse("fc00::"), 7)); // RFC 4193 (Unique local)
+ fallbackLanSubnets.Add(Network.IPv6RFC4291Loopback); // RFC 4291 (Loopback)
+ fallbackLanSubnets.Add(Network.IPv6RFC4291SiteLocal); // RFC 4291 (Site local)
+ fallbackLanSubnets.Add(Network.IPv6RFC4193UniqueLocal); // RFC 4193 (Unique local)
}
if (IsIPv4Enabled)
{
- fallbackLanSubnets.Add(new IPNetwork(IPAddress.Loopback, 8)); // RFC 5735 (Loopback)
- fallbackLanSubnets.Add(new IPNetwork(IPAddress.Parse("10.0.0.0"), 8)); // RFC 1918 (private)
- fallbackLanSubnets.Add(new IPNetwork(IPAddress.Parse("172.16.0.0"), 12)); // RFC 1918 (private)
- fallbackLanSubnets.Add(new IPNetwork(IPAddress.Parse("192.168.0.0"), 16)); // RFC 1918 (private)
+ fallbackLanSubnets.Add(Network.IPv4RFC5735Loopback); // RFC 5735 (Loopback)
+ fallbackLanSubnets.Add(Network.IPv4RFC1918PrivateClassA); // RFC 1918 (private Class A)
+ fallbackLanSubnets.Add(Network.IPv4RFC1918PrivateClassB); // RFC 1918 (private Class B)
+ fallbackLanSubnets.Add(Network.IPv4RFC1918PrivateClassC); // RFC 1918 (private Class C)
}
_lanSubnets = fallbackLanSubnets;
@@ -369,12 +371,12 @@ namespace Jellyfin.Networking.Manager
if (bindAddresses.Contains(IPAddress.Loopback))
{
- interfaces.Add(new IPData(IPAddress.Loopback, new IPNetwork(IPAddress.Loopback, 8), "lo"));
+ interfaces.Add(new IPData(IPAddress.Loopback, Network.IPv4RFC5735Loopback, "lo"));
}
if (bindAddresses.Contains(IPAddress.IPv6Loopback))
{
- interfaces.Add(new IPData(IPAddress.IPv6Loopback, new IPNetwork(IPAddress.IPv6Loopback, 128), "lo"));
+ interfaces.Add(new IPData(IPAddress.IPv6Loopback, Network.IPv6RFC4291Loopback, "lo"));
}
}
@@ -437,7 +439,7 @@ namespace Jellyfin.Networking.Manager
{
if (IPAddress.TryParse(ip, out var ipp))
{
- remoteAddressFilter.Add(new IPNetwork(ipp, ipp.AddressFamily == AddressFamily.InterNetwork ? 32 : 128));
+ remoteAddressFilter.Add(new IPNetwork(ipp, ipp.AddressFamily == AddressFamily.InterNetwork ? Network.MinimumIPv4PrefixSize : Network.MinimumIPv6PrefixSize));
}
}
@@ -477,8 +479,8 @@ namespace Jellyfin.Networking.Manager
}
else if (string.Equals(identifier, "external", StringComparison.OrdinalIgnoreCase))
{
- publishedServerUrls[new IPData(IPAddress.Any, new IPNetwork(IPAddress.Any, 0))] = replacement;
- publishedServerUrls[new IPData(IPAddress.IPv6Any, new IPNetwork(IPAddress.IPv6Any, 0))] = replacement;
+ publishedServerUrls[new IPData(IPAddress.Any, Network.IPv4Any)] = replacement;
+ publishedServerUrls[new IPData(IPAddress.IPv6Any, Network.IPv6Any)] = replacement;
}
else if (string.Equals(identifier, "internal", StringComparison.OrdinalIgnoreCase))
{
@@ -656,12 +658,12 @@ namespace Jellyfin.Networking.Manager
var loopbackNetworks = new List<IPData>();
if (IsIPv4Enabled)
{
- loopbackNetworks.Add(new IPData(IPAddress.Loopback, new IPNetwork(IPAddress.Loopback, 8), "lo"));
+ loopbackNetworks.Add(new IPData(IPAddress.Loopback, Network.IPv4RFC5735Loopback, "lo"));
}
if (IsIPv6Enabled)
{
- loopbackNetworks.Add(new IPData(IPAddress.IPv6Loopback, new IPNetwork(IPAddress.IPv6Loopback, 128), "lo"));
+ loopbackNetworks.Add(new IPData(IPAddress.IPv6Loopback, Network.IPv6RFC4291Loopback, "lo"));
}
return loopbackNetworks;
@@ -687,11 +689,11 @@ namespace Jellyfin.Networking.Manager
if (IsIPv4Enabled && IsIPv6Enabled)
{
// Kestrel source code shows it uses Sockets.DualMode - so this also covers IPAddress.Any by default
- result.Add(new IPData(IPAddress.IPv6Any, new IPNetwork(IPAddress.IPv6Any, 0)));
+ result.Add(new IPData(IPAddress.IPv6Any, Network.IPv6Any));
}
else if (IsIPv4Enabled)
{
- result.Add(new IPData(IPAddress.Any, new IPNetwork(IPAddress.Any, 0)));
+ result.Add(new IPData(IPAddress.Any, Network.IPv4Any));
}
else if (IsIPv6Enabled)
{
@@ -1047,7 +1049,7 @@ namespace Jellyfin.Networking.Manager
}
// Fallback to first external interface.
- result = NetworkExtensions.FormatIPString(extResult.First().Address);
+ result = NetworkExtensions.FormatIPString(extResult[0].Address);
_logger.LogDebug("{Source}: Using first external interface as bind address: {Result}", source, result);
return true;
}
generated by cgit v1.2.3 (git 2.46.0) at 2026-01-05 22:14:57 +0000