juanfont/headscale
1
1
Fork 0
mirror of https://github.com/juanfont/headscale.git synced 2024-09-20 15:26:35 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix(machines): simplify complex if check

Browse source 
This should fix the performance issue with computation of `dst` variable. It's also easier to read now.
This commit is contained in:
Adrien Raffin-Caboisse 2022-02-21 09:02:27 +01:00
parent ecb3ee6bfa
commit 960412a335
1 changed files with 10 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
machine.go
View file

@ -132,8 +132,8 @@ func (h *Headscale) ListAllMachines() ([]Machine, error) {
return machines, nil
}
func containsAddresses(inputs []string, addrs MachineAddresses) bool {
for _, addr := range addrs.ToStringSlice() {
func containsAddresses(inputs []string, addrs []string) bool {
for _, addr := range addrs {
if containsString(inputs, addr) {
return true
}
@ -142,6 +142,11 @@ func containsAddresses(inputs []string, addrs MachineAddresses) bool {
return false
}
// matchSourceAndDestinationWithRule
func matchSourceAndDestinationWithRule(ruleSources []string, ruleDestinations []string, source []string, destination []string) bool {
return containsAddresses(ruleSources, source) && containsAddresses(ruleDestinations, destination)
}
// getFilteredByACLPeerss should return the list of peers authorized to be accessed from machine.
func (h *Headscale) getFilteredByACLPeers(machine *Machine) (Machines, error) {
log.Trace().
@ -180,9 +185,9 @@ func (h *Headscale) getFilteredByACLPeers(machine *Machine) (Machines, error) {
for _, d := range rule.DstPorts {
dst = append(dst, d.IP)
}
if (containsAddresses(rule.SrcIPs, machine.IPAddresses) && (containsAddresses(dst, peer.IPAddresses) || containsString(dst, "*"))) || (
// open return path
containsAddresses(rule.SrcIPs, peer.IPAddresses) && containsAddresses(dst, machine.IPAddresses)) {
if matchSourceAndDestinationWithRule(rule.SrcIPs, dst, machine.IPAddresses.ToStringSlice(), peer.IPAddresses.ToStringSlice()) || // match source and destination
matchSourceAndDestinationWithRule(rule.SrcIPs, dst, machine.IPAddresses.ToStringSlice(), []string{"*"}) || // match source and all destination
matchSourceAndDestinationWithRule(rule.SrcIPs, dst, peer.IPAddresses.ToStringSlice(), machine.IPAddresses.ToStringSlice()) { // match return path
peers[peer.ID] = peer
}
}