mod_rest allowing ip range (#175)

This commit is contained in:
Badlop 2016-07-25 16:57:34 +02:00
parent d3f0218dc4
commit 065ab08592
1 changed files with 7 additions and 14 deletions

View File

@ -127,17 +127,7 @@ check_stanza(Stanza, _From, To, Host) ->
check_member_option(Host, ClientIp, allowed_ips) -> check_member_option(Host, ClientIp, allowed_ips) ->
true = case try_get_option(Host, allowed_ips, all) of true = case try_get_option(Host, allowed_ips, all) of
all -> true; all -> true;
AllowedValues -> AllowedValues -> ip_matches(ClientIp, AllowedValues)
case lists:all(fun(El) -> is_binary(El) end, AllowedValues) of
true ->
AllowedIps = lists:map(fun(El) ->
binary_to_ip_tuple(El)
end,
AllowedValues),
lists:member(ClientIp, AllowedIps);
false ->
lists:member(ClientIp, AllowedValues)
end
end; end;
check_member_option(Host, Element, Option) -> check_member_option(Host, Element, Option) ->
true = case try_get_option(Host, Option, all) of true = case try_get_option(Host, Option, all) of
@ -145,9 +135,12 @@ check_member_option(Host, Element, Option) ->
AllowedValues -> lists:member(Element, AllowedValues) AllowedValues -> lists:member(Element, AllowedValues)
end. end.
binary_to_ip_tuple(IpAddress) when is_binary(IpAddress) -> ip_matches(ClientIp, AllowedValues) ->
{ok, IpTuple} = inet_parse:address(binary_to_list(IpAddress)), lists:any(fun(El) ->
IpTuple. {ok, Net, Mask} = acl:parse_ip_netmask(El),
acl:acl_rule_matches({ip,{Net,Mask}}, #{ip => {ClientIp,port}}, host)
end,
AllowedValues).
post_request(Stanza, From, To) -> post_request(Stanza, From, To) ->
case ejabberd_router:route(From, To, Stanza) of case ejabberd_router:route(From, To, Stanza) of