forked from uncloud/uncloud
[wireguard] verify key length
This commit is contained in:
parent
a0fbe2d6ed
commit
663d72269a
1 changed files with 4 additions and 5 deletions
|
@ -38,17 +38,16 @@ class WireGuardVPNSerializer(serializers.ModelSerializer):
|
|||
msg = _("Supplied key is not a valid wireguard public key")
|
||||
|
||||
"""
|
||||
FIXME: verify that this does not create broken wireguard config files,
|
||||
i.e. contains \n or similar!
|
||||
We might even need to be more strict to not break wireguard...
|
||||
Verify wireguard key.
|
||||
See https://lists.zx2c4.com/pipermail/wireguard/2020-December/006221.html
|
||||
"""
|
||||
|
||||
try:
|
||||
base64.standard_b64decode(value)
|
||||
decoded_key = base64.standard_b64decode(value)
|
||||
except Exception as e:
|
||||
raise serializers.ValidationError(msg)
|
||||
|
||||
if '\n' in value:
|
||||
if not len(decoded_key) == 32:
|
||||
raise serializers.ValidationError(msg)
|
||||
|
||||
return value
|
||||
|
|
Loading…
Reference in a new issue