From ee0911a6183f4d367719804e695039051851ef3f Mon Sep 17 00:00:00 2001
From: Matt Schwager <schwag09@gmail.com>
Date: Mon, 29 Oct 2012 13:35:59 -0400
Subject: CIDR notation working for IP based ACLs

---
 src/lib/Bcfg2/Server/Plugins/Acl.py | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

(limited to 'src/lib/Bcfg2/Server')

diff --git a/src/lib/Bcfg2/Server/Plugins/Acl.py b/src/lib/Bcfg2/Server/Plugins/Acl.py
index 1f7b27b53..cdfe9e181 100644
--- a/src/lib/Bcfg2/Server/Plugins/Acl.py
+++ b/src/lib/Bcfg2/Server/Plugins/Acl.py
@@ -35,10 +35,11 @@ class AclFile(Bcfg2.Server.Plugin.XMLFileBacked):
             [self.cidr_ips.append(i.get('name')) for i in entry.findall('CIDR')]
     
     def check_acl(self, ip):
-        if ('*' in self.ips or 
-            ip in self.ips  or
-            IP(ip) in [CIDR(cidr_ip) for cidr_ip in self.cidr_ips]):
+        if ip in self.ips:
             return True
+        for cidr_ip in self.cidr_ips:
+            if netaddr.IPAddress(ip) in netaddr.IPNetwork(cidr_ip):
+                return True
         return False
 
 class Acl(Bcfg2.Server.Plugin.Plugin,
-- 
cgit v1.2.3-1-g7c22