Mirrors/juanfont.headscale
1
0
Fork 0
mirror of https://github.com/juanfont/headscale.git synced 2025-11-10 01:20:58 +01:00
Code Issues Projects Releases Wiki Activity

policy/v2: simplify, use slices.Contains

Browse Source 
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
This commit is contained in:
Kristoffer Dalby 2025-04-16 11:17:06 +02:00
parent 7aed2e8468
commit b5bb3bfc9d
No known key found for this signature in database
1 changed files with 8 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
hscontrol/policy/v2/policy.go
View File

@ -7,6 +7,8 @@ import (
"strings" "strings"
"sync" "sync"
"slices"
"github.com/juanfont/headscale/hscontrol/types" "github.com/juanfont/headscale/hscontrol/types"
"go4.org/netipx" "go4.org/netipx"
"tailscale.com/net/tsaddr" "tailscale.com/net/tsaddr"
@ -174,12 +176,10 @@ func (pm *PolicyManager) NodeCanHaveTag(node *types.Node, tag string) bool {
defer pm.mu.Unlock() defer pm.mu.Unlock()
if ips, ok := pm.tagOwnerMap[Tag(tag)]; ok { if ips, ok := pm.tagOwnerMap[Tag(tag)]; ok {
for _, nodeAddr := range node.IPs() { if slices.ContainsFunc(node.IPs(), ips.Contains) {
if ips.Contains(nodeAddr) {
return true return true
} }
} }
}
return false return false
} }
@ -196,12 +196,10 @@ func (pm *PolicyManager) NodeCanApproveRoute(node *types.Node, route netip.Prefi
// where there is an exact entry, e.g. 10.0.0.0/8, then // where there is an exact entry, e.g. 10.0.0.0/8, then
// check and return quickly // check and return quickly
if _, ok := pm.autoApproveMap[route]; ok { if _, ok := pm.autoApproveMap[route]; ok {
for _, nodeAddr := range node.IPs() { if slices.ContainsFunc(node.IPs(), pm.autoApproveMap[route].Contains) {
if pm.autoApproveMap[route].Contains(nodeAddr) {
return true return true
} }
} }
}
// The slow path is that the node tries to approve // The slow path is that the node tries to approve
// 10.0.10.0/24, which is a part of 10.0.0.0/8, then we // 10.0.10.0/24, which is a part of 10.0.0.0/8, then we
@ -220,13 +218,11 @@ func (pm *PolicyManager) NodeCanApproveRoute(node *types.Node, route netip.Prefi
// Check if prefix is larger (so containing) and then overlaps // Check if prefix is larger (so containing) and then overlaps
// the route to see if the node can approve a subset of an autoapprover // the route to see if the node can approve a subset of an autoapprover
if prefix.Bits() <= route.Bits() && prefix.Overlaps(route) { if prefix.Bits() <= route.Bits() && prefix.Overlaps(route) {
for _, nodeAddr := range node.IPs() { if slices.ContainsFunc(node.IPs(), approveAddrs.Contains) {
if approveAddrs.Contains(nodeAddr) {
return true return true
} }
} }
} }
}
return false return false
} }