diff options
Diffstat (limited to 'go/security/guard.go')
| -rw-r--r-- | go/security/guard.go | 39 |
1 files changed, 19 insertions, 20 deletions
diff --git a/go/security/guard.go b/go/security/guard.go index b93845448..696b79d69 100644 --- a/go/security/guard.go +++ b/go/security/guard.go @@ -4,8 +4,8 @@ import ( "errors" "fmt" "net" - "regexp" "net/http" + "regexp" "github.com/chrislusf/seaweedfs/go/glog" ) @@ -90,25 +90,24 @@ func (g *Guard) checkWhiteList(w http.ResponseWriter, r *http.Request) error { if err == nil { for _, ip := range g.whiteList { - // If the whitelist entry contains a "/" it - // is a CIDR range, and we should check the - // remote host is within it - match, _ := regexp.MatchString("/", ip) - if ( match ) { - _, cidrnet, err := net.ParseCIDR(ip) - if err != nil { - panic(err) - } - remote := net.ParseIP(host) - if cidrnet.Contains(remote) { - return nil - } - } - - - // - // Otherwise we're looking for a literal match. - // + // If the whitelist entry contains a "/" it + // is a CIDR range, and we should check the + // remote host is within it + match, _ := regexp.MatchString("/", ip) + if match { + _, cidrnet, err := net.ParseCIDR(ip) + if err != nil { + panic(err) + } + remote := net.ParseIP(host) + if cidrnet.Contains(remote) { + return nil + } + } + + // + // Otherwise we're looking for a literal match. + // if ip == host { return nil } |