From 7d1d1be98eb57727276e1216a0f1d12e62a1546e Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Fri, 1 Dec 2017 03:29:25 +0100
Subject: util.ip: Do CIDR matching by comparing all bits at once instead of
 using O(n) function

---
 util/ip.lua | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

(limited to 'util')

diff --git a/util/ip.lua b/util/ip.lua
index ebeaf1c0..b65f6b6e 100644
--- a/util/ip.lua
+++ b/util/ip.lua
@@ -228,11 +228,20 @@ local function parse_cidr(cidr)
 end
 
 function match(ipA, ipB, bits)
-	local common_bits = commonPrefixLength(ipA, ipB);
-	if bits and ipB.proto == "IPv4" then
-		common_bits = common_bits - 96; -- v6 mapped addresses always share these bits
+	if not bits then
+		return ipA == ipB;
+	elseif bits < 1 then
+		return true;
 	end
-	return common_bits >= (bits or 128);
+	if ipA.proto ~= ipB.proto then
+		if ipA.proto == "IPv4" then
+			ipA = ipA.toV4mapped;
+		elseif ipB.proto == "IPv4" then
+			ipB = ipA.toV4mapped;
+			bits = bits + (128 - 32);
+		end
+	end
+	return ipA.bits:sub(1, bits) == ipB.bits:sub(1, bits);
 end
 
 return {
-- 
cgit v1.2.3