mirror of
https://github.com/juanfont/headscale.git
synced 2025-01-19 10:20:05 +09:00
fix(machines): simplify complex if check
This should fix the performance issue with computation of `dst` variable. It's also easier to read now.
This commit is contained in:
parent
ecb3ee6bfa
commit
960412a335
1 changed files with 10 additions and 5 deletions
15
machine.go
15
machine.go
|
@ -132,8 +132,8 @@ func (h *Headscale) ListAllMachines() ([]Machine, error) {
|
||||||
return machines, nil
|
return machines, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func containsAddresses(inputs []string, addrs MachineAddresses) bool {
|
func containsAddresses(inputs []string, addrs []string) bool {
|
||||||
for _, addr := range addrs.ToStringSlice() {
|
for _, addr := range addrs {
|
||||||
if containsString(inputs, addr) {
|
if containsString(inputs, addr) {
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
@ -142,6 +142,11 @@ func containsAddresses(inputs []string, addrs MachineAddresses) bool {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// matchSourceAndDestinationWithRule
|
||||||
|
func matchSourceAndDestinationWithRule(ruleSources []string, ruleDestinations []string, source []string, destination []string) bool {
|
||||||
|
return containsAddresses(ruleSources, source) && containsAddresses(ruleDestinations, destination)
|
||||||
|
}
|
||||||
|
|
||||||
// getFilteredByACLPeerss should return the list of peers authorized to be accessed from machine.
|
// getFilteredByACLPeerss should return the list of peers authorized to be accessed from machine.
|
||||||
func (h *Headscale) getFilteredByACLPeers(machine *Machine) (Machines, error) {
|
func (h *Headscale) getFilteredByACLPeers(machine *Machine) (Machines, error) {
|
||||||
log.Trace().
|
log.Trace().
|
||||||
|
@ -180,9 +185,9 @@ func (h *Headscale) getFilteredByACLPeers(machine *Machine) (Machines, error) {
|
||||||
for _, d := range rule.DstPorts {
|
for _, d := range rule.DstPorts {
|
||||||
dst = append(dst, d.IP)
|
dst = append(dst, d.IP)
|
||||||
}
|
}
|
||||||
if (containsAddresses(rule.SrcIPs, machine.IPAddresses) && (containsAddresses(dst, peer.IPAddresses) || containsString(dst, "*"))) || (
|
if matchSourceAndDestinationWithRule(rule.SrcIPs, dst, machine.IPAddresses.ToStringSlice(), peer.IPAddresses.ToStringSlice()) || // match source and destination
|
||||||
// open return path
|
matchSourceAndDestinationWithRule(rule.SrcIPs, dst, machine.IPAddresses.ToStringSlice(), []string{"*"}) || // match source and all destination
|
||||||
containsAddresses(rule.SrcIPs, peer.IPAddresses) && containsAddresses(dst, machine.IPAddresses)) {
|
matchSourceAndDestinationWithRule(rule.SrcIPs, dst, peer.IPAddresses.ToStringSlice(), machine.IPAddresses.ToStringSlice()) { // match return path
|
||||||
peers[peer.ID] = peer
|
peers[peer.ID] = peer
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue