diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2018-05-14 17:57:58 +0200 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2018-05-14 17:57:58 +0200 |
commit | 7a1a537f4344129b9a1fabb0c66c61963e605e45 (patch) | |
tree | 91df00e121735b60b757eaab33654b73db20172b | |
parent | a62c770a99e830f220314d1bc779e8818d4ecc7f (diff) |
Mask IPs when showing from trie
Otherwise intermediate nodes that get collapsed to real nodes will
display the wrong value.
-rw-r--r-- | allowedips.go | 22 |
1 files changed, 6 insertions, 16 deletions
diff --git a/allowedips.go b/allowedips.go index e700dc4..5b1565e 100644 --- a/allowedips.go +++ b/allowedips.go @@ -16,7 +16,7 @@ import ( type trieEntry struct { cidr uint child [2]*trieEntry - bits []byte + bits net.IP peer *Peer // index of "branching" bit @@ -181,21 +181,11 @@ func (node *trieEntry) entriesForPeer(p *Peer, results []net.IPNet) []net.IPNet return results } if node.peer == p { - var mask net.IPNet - mask.Mask = net.CIDRMask(int(node.cidr), len(node.bits)*8) - if len(node.bits) == net.IPv4len { - mask.IP = net.IPv4( - node.bits[0], - node.bits[1], - node.bits[2], - node.bits[3], - ) - } else if len(node.bits) == net.IPv6len { - mask.IP = node.bits - } else { - panic(errors.New("unexpected address length")) - } - results = append(results, mask) + mask := net.CIDRMask(int(node.cidr), len(node.bits)*8) + results = append(results, net.IPNet{ + Mask: mask, + IP: node.bits.Mask(mask), + }) } results = node.child[0].entriesForPeer(p, results) results = node.child[1].entriesForPeer(p, results) |