Scope down the allowedIps so there are no conflicts

2025-05-13 05:40:38 +01:00 · 2025-04-22 22:18:50 -04:00 · 2025-04-22 22:18:50 -04:00 · 0c370e4299
commit 0c370e4299
parent 475a431859
2 changed files with 2 additions and 2 deletions
--- a/server/routers/newt/handleGetConfigMessage.ts
+++ b/server/routers/newt/handleGetConfigMessage.ts
@ -133,7 +133,7 @@ export const handleGetConfigMessage: MessageHandler = async (context) => {

                return {
                    publicKey: client.clients.pubKey!,
-                    allowedIps: [client.clients.subnet!],
+                    allowedIps: [`${client.clients.subnet.split('/')[0]}/32`], // we want to only allow from that client
                    endpoint: client.clientSites.isRelayed
                        ? ""
                        : client.clients.endpoint! // if its relayed it should be localhost
--- a/server/routers/olm/handleOlmRegisterMessage.ts
+++ b/server/routers/olm/handleOlmRegisterMessage.ts
@ -141,7 +141,7 @@ export const handleOlmRegisterMessage: MessageHandler = async (context) => {
            );
            await addPeer(site.siteId, {
                publicKey: publicKey,
-                allowedIps: [client.subnet],
+                allowedIps: [`${client.subnet.split('/')[0]}/32`], // we want to only allow from that client
                endpoint: client.endpoint
            });
        } else {