fix(machines): simplify complex if check

This should fix the performance issue with computation of `dst` variable. It's also easier to read now.
This commit is contained in:
Adrien Raffin-Caboisse 2022-02-21 09:02:27 +01:00
parent ecb3ee6bfa
commit 960412a335

View file

@ -132,8 +132,8 @@ func (h *Headscale) ListAllMachines() ([]Machine, error) {
return machines, nil return machines, nil
} }
func containsAddresses(inputs []string, addrs MachineAddresses) bool { func containsAddresses(inputs []string, addrs []string) bool {
for _, addr := range addrs.ToStringSlice() { for _, addr := range addrs {
if containsString(inputs, addr) { if containsString(inputs, addr) {
return true return true
} }
@ -142,6 +142,11 @@ func containsAddresses(inputs []string, addrs MachineAddresses) bool {
return false return false
} }
// matchSourceAndDestinationWithRule
func matchSourceAndDestinationWithRule(ruleSources []string, ruleDestinations []string, source []string, destination []string) bool {
return containsAddresses(ruleSources, source) && containsAddresses(ruleDestinations, destination)
}
// getFilteredByACLPeerss should return the list of peers authorized to be accessed from machine. // getFilteredByACLPeerss should return the list of peers authorized to be accessed from machine.
func (h *Headscale) getFilteredByACLPeers(machine *Machine) (Machines, error) { func (h *Headscale) getFilteredByACLPeers(machine *Machine) (Machines, error) {
log.Trace(). log.Trace().
@ -180,9 +185,9 @@ func (h *Headscale) getFilteredByACLPeers(machine *Machine) (Machines, error) {
for _, d := range rule.DstPorts { for _, d := range rule.DstPorts {
dst = append(dst, d.IP) dst = append(dst, d.IP)
} }
if (containsAddresses(rule.SrcIPs, machine.IPAddresses) && (containsAddresses(dst, peer.IPAddresses) || containsString(dst, "*"))) || ( if matchSourceAndDestinationWithRule(rule.SrcIPs, dst, machine.IPAddresses.ToStringSlice(), peer.IPAddresses.ToStringSlice()) || // match source and destination
// open return path matchSourceAndDestinationWithRule(rule.SrcIPs, dst, machine.IPAddresses.ToStringSlice(), []string{"*"}) || // match source and all destination
containsAddresses(rule.SrcIPs, peer.IPAddresses) && containsAddresses(dst, machine.IPAddresses)) { matchSourceAndDestinationWithRule(rule.SrcIPs, dst, peer.IPAddresses.ToStringSlice(), machine.IPAddresses.ToStringSlice()) { // match return path
peers[peer.ID] = peer peers[peer.ID] = peer
} }
} }