mravi
/
uncloud
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

[wireguard] verify key length

This commit is contained in:
Nico Schottelius 2020-12-25 10:08:34 +01:00
parent a0fbe2d6ed
commit 663d72269a
1 changed files with 4 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
uncloud_net/serializers.py
View File

@ -38,17 +38,16 @@ class WireGuardVPNSerializer(serializers.ModelSerializer):
msg = _("Supplied key is not a valid wireguard public key")
"""
FIXME: verify that this does not create broken wireguard config files,
i.e. contains \n or similar!
We might even need to be more strict to not break wireguard...
Verify wireguard key.
See https://lists.zx2c4.com/pipermail/wireguard/2020-December/006221.html
"""
try:
base64.standard_b64decode(value)
decoded_key = base64.standard_b64decode(value)
except Exception as e:
raise serializers.ValidationError(msg)
if '\n' in value:
if not len(decoded_key) == 32:
raise serializers.ValidationError(msg)
return value