diff options
| author | Kim Alvefur <zash@zash.se> | 2017-12-01 03:29:25 +0100 |
|---|---|---|
| committer | Kim Alvefur <zash@zash.se> | 2017-12-01 03:29:25 +0100 |
| commit | 7d1d1be98eb57727276e1216a0f1d12e62a1546e (patch) | |
| tree | 7ef6cdd53ed6f3ed889be92a5ccc46a7b9a5903d | |
| parent | a4aa61fdb13a625e7bb9085aadc61a64b3bccd58 (diff) | |
| download | prosody-7d1d1be98eb57727276e1216a0f1d12e62a1546e.tar.gz prosody-7d1d1be98eb57727276e1216a0f1d12e62a1546e.zip | |
util.ip: Do CIDR matching by comparing all bits at once instead of using O(n) function
| -rw-r--r-- | util/ip.lua | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/util/ip.lua b/util/ip.lua index ebeaf1c0..b65f6b6e 100644 --- a/util/ip.lua +++ b/util/ip.lua @@ -228,11 +228,20 @@ local function parse_cidr(cidr) end function match(ipA, ipB, bits) - local common_bits = commonPrefixLength(ipA, ipB); - if bits and ipB.proto == "IPv4" then - common_bits = common_bits - 96; -- v6 mapped addresses always share these bits + if not bits then + return ipA == ipB; + elseif bits < 1 then + return true; end - return common_bits >= (bits or 128); + if ipA.proto ~= ipB.proto then + if ipA.proto == "IPv4" then + ipA = ipA.toV4mapped; + elseif ipB.proto == "IPv4" then + ipB = ipA.toV4mapped; + bits = bits + (128 - 32); + end + end + return ipA.bits:sub(1, bits) == ipB.bits:sub(1, bits); end return { |