I can rework the patch to also allow blacklisting networks, but would like to see some feeback first, whether the patch is acceptable at all.
Zash
on
Hi. Sorry about the delay, I went and reviewed your patches but then forgot to post the feedback here.
Anyways:
The feature in itself is desirable.
Can you explain why undozerocompression() is needed?
The function in_network_list() has a loop. I believe we have some unwritten policy against that, so that should be in mod_register instead.
Also please run luacheck over the changed files, there are some style issues like inconsistent whitespace.
Changes
owner Zash
tags Patch
Michael Bunk
on
Thank you for reviewing my patch. No problem about the delay.
I made a new version at
https://www.iat.uni-leipzig.de/~bunk/prosody-whitelist-networks-v2.hg
It is against current tip and has the style issues removed.
undozerocompression() is required because otherwise toBits() is broken. It converts a zero compressed IPv6 address like ::1, where :: is equivalent to a variable number of zeroes into the full, uncompressed representation including all the zeroes, which is later converted to a bitstring.
I don't understand the problem with the loop. Checking whether an IP address is contained in a network is a useful functionality and so belongs into util/ip.lua...
Zash
on
Went with a simpler approach in https://hg.prosody.im/trunk/rev/4796fdcb7146
Thanks anyways.
toBits has since been replaced, but I'm still qurious if you can show an input that produces the wrong output. It seemed to work correctly in my testing, including expansion of ::
Description of feature: Previously only concrete IP addresses could be whitelisted, now also CIDR style networks.
https://www.iat.uni-leipzig.de/~bunk/prosody-whitelist-networks.hg
I can rework the patch to also allow blacklisting networks, but would like to see some feeback first, whether the patch is acceptable at all.
Hi. Sorry about the delay, I went and reviewed your patches but then forgot to post the feedback here. Anyways: The feature in itself is desirable. Can you explain why undozerocompression() is needed? The function in_network_list() has a loop. I believe we have some unwritten policy against that, so that should be in mod_register instead. Also please run luacheck over the changed files, there are some style issues like inconsistent whitespace.
ChangesThank you for reviewing my patch. No problem about the delay. I made a new version at https://www.iat.uni-leipzig.de/~bunk/prosody-whitelist-networks-v2.hg It is against current tip and has the style issues removed. undozerocompression() is required because otherwise toBits() is broken. It converts a zero compressed IPv6 address like ::1, where :: is equivalent to a variable number of zeroes into the full, uncompressed representation including all the zeroes, which is later converted to a bitstring. I don't understand the problem with the loop. Checking whether an IP address is contained in a network is a useful functionality and so belongs into util/ip.lua...
Went with a simpler approach in https://hg.prosody.im/trunk/rev/4796fdcb7146 Thanks anyways. toBits has since been replaced, but I'm still qurious if you can show an input that produces the wrong output. It seemed to work correctly in my testing, including expansion of ::
Changes