From 4df2bc45eae7b681ae8e7e95ac2b60453664dc75 Mon Sep 17 00:00:00 2001
From: Oliver Gorwits <oliver@cpan.org>
Date: Wed, 10 May 2017 21:13:03 +0100
Subject: [PATCH] use check_acl for dns->no acl

---
 lib/App/Netdisco/Util/DNS.pm        | 34 +++++------------------------
 lib/App/Netdisco/Util/Permission.pm |  3 ++-
 2 files changed, 7 insertions(+), 30 deletions(-)

diff --git a/lib/App/Netdisco/Util/DNS.pm b/lib/App/Netdisco/Util/DNS.pm
index a5147e6f..fe823742 100644
--- a/lib/App/Netdisco/Util/DNS.pm
+++ b/lib/App/Netdisco/Util/DNS.pm
@@ -8,6 +8,8 @@ use Net::DNS;
 use AnyEvent::DNS;
 use NetAddr::IP::Lite ':lower';
 
+use App::Netdisco::Util::Permission 'check_acl';
+
 use base 'Exporter';
 our @EXPORT = ();
 our @EXPORT_OK = qw/
@@ -118,7 +120,8 @@ addresses which resolved.
 =cut
 
 sub hostnames_resolve_async {
-  my $ips = shift;
+  my $ips  = shift;
+  my $skip = setting('dns')->{'no'};
 
   # Set up the condvar
   my $done = AE::cv;
@@ -126,7 +129,7 @@ sub hostnames_resolve_async {
 
   IP: foreach my $hash_ref (@$ips) {
     my $ip = $hash_ref->{'ip'} || $hash_ref->{'alias'};
-    next IP if no_resolve($ip);
+    next IP if check_acl($ip, $skip);
 
     # check /etc/hosts file and short-circuit if found
     foreach my $name (reverse sort keys %HOSTS) {
@@ -153,31 +156,4 @@ sub hostnames_resolve_async {
   return $ips;
 }
 
-=head2 no_resolve( $ip )
-
-Given an IP address, returns true if excluded from DNS resolution by the
-"C<< dns -> no >>" configuration directive, otherwise returns false.
-
-=cut
-
-sub no_resolve {
-    my $ip = shift;
-
-    my $config = setting('dns')->{no} || [];
-    return 0 if not scalar @$config;
-
-    my $addr = NetAddr::IP::Lite->new($ip)
-      or return 1;
-
-    foreach my $item (@$config) {
-        my $c_ip = NetAddr::IP::Lite->new($item)
-            or next;
-        next unless $c_ip->bits == $addr->bits;
-
-        return 1 if ($c_ip->contains($addr));
-    }
-    return 0;
-}
-
 1;
-
diff --git a/lib/App/Netdisco/Util/Permission.pm b/lib/App/Netdisco/Util/Permission.pm
index 06e72e77..763fa642 100644
--- a/lib/App/Netdisco/Util/Permission.pm
+++ b/lib/App/Netdisco/Util/Permission.pm
@@ -86,13 +86,14 @@ sub check_acl {
 
   $config  = [$config] if ref [] ne ref $config;
   my $addr = NetAddr::IP::Lite->new($real_ip);
-  my $name = hostname_from_ip($addr->addr) || '!!NO_HOSTNAME!!';
   my $all  = (scalar grep {m/^op:and$/} @$config);
+  my $name = undef; # only look up once, and only if qr// is used
 
   INLIST: foreach my $item (@$config) {
       next INLIST if $item eq 'op:and';
 
       if (ref qr// eq ref $item) {
+          $name = ($name || hostname_from_ip($addr->addr) || '!!none!!');
           if ($name =~ $item) {
             return 1 if not $all;
           }